Back to index

lightning-sunbird  0.9+nobinonly
nsIScriptSecurityManager.idl
Go to the documentation of this file.
00001 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
00002 /* ***** BEGIN LICENSE BLOCK *****
00003  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
00004  *
00005  * The contents of this file are subject to the Mozilla Public License Version
00006  * 1.1 (the "License"); you may not use this file except in compliance with
00007  * the License. You may obtain a copy of the License at
00008  * http://www.mozilla.org/MPL/
00009  *
00010  * Software distributed under the License is distributed on an "AS IS" basis,
00011  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
00012  * for the specific language governing rights and limitations under the
00013  * License.
00014  *
00015  * The Original Code is mozilla.org code.
00016  *
00017  * The Initial Developer of the Original Code is
00018  * Netscape Communications Corporation.
00019  * Portions created by the Initial Developer are Copyright (C) 1999
00020  * the Initial Developer. All Rights Reserved.
00021  *
00022  * Contributor(s):
00023  *
00024  * Alternatively, the contents of this file may be used under the terms of
00025  * either of the GNU General Public License Version 2 or later (the "GPL"),
00026  * or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
00027  * in which case the provisions of the GPL or the LGPL are applicable instead
00028  * of those above. If you wish to allow use of your version of this file only
00029  * under the terms of either the GPL or the LGPL, and not to allow others to
00030  * use your version of this file under the terms of the MPL, indicate your
00031  * decision by deleting the provisions above and replace them with the notice
00032  * and other provisions required by the GPL or the LGPL. If you do not delete
00033  * the provisions above, a recipient may use your version of this file under
00034  * the terms of any one of the MPL, the GPL or the LGPL.
00035  *
00036  * ***** END LICENSE BLOCK ***** */
00037 
00038 #include "nsISupports.idl"
00039 #include "nsIPrincipal.idl"
00040 #include "nsIXPCSecurityManager.idl"
00041 interface nsIURI;
00042 
00043 
00044 [scriptable, uuid(f4d74511-2b2d-4a14-a3e4-a392ac5ac3ff)]
00045 interface nsIScriptSecurityManager : nsIXPCSecurityManager
00046 {
00048 
00051     [noscript] void checkPropertyAccess(in JSContextPtr aJSContext,
00052                                         in JSObjectPtr aJSObject,
00053                                         in string aClassName,
00054                                         in JSVal aProperty,
00055                                         in PRUint32 aAction);
00056 
00060     [noscript] void checkConnect(in JSContextPtr aJSContext,
00061                                  in nsIURI aTargetURI,
00062                                  in string aClassName,
00063                                  in string aProperty);
00064 
00074     [noscript] void checkLoadURIFromScript(in JSContextPtr cx, in nsIURI uri);
00075 
00079     // Default permissions
00080     const unsigned long STANDARD = 0;
00081 
00082     // If the source is mail, disallow the load
00083     const unsigned long DISALLOW_FROM_MAIL = 1 << 0;
00084 
00085     // Allow the loading of chrome URLs by non-chrome URLs
00086     const unsigned long ALLOW_CHROME = 1 << 1;
00087 
00088     // Don't allow javascript: and data: URLs to load
00089     const unsigned long DISALLOW_SCRIPT_OR_DATA = 1 << 2;
00090 
00091     // Don't allow javascript: URLs to load
00092     //   WARNING: Support for this value was added in Mozilla 1.7.8 and
00093     //   Firefox 1.0.4.  Use in prior versions WILL BE IGNORED.
00094     const unsigned long DISALLOW_SCRIPT = 1 << 3;
00095 
00106     [noscript] void checkLoadURIWithPrincipal(in nsIPrincipal aPrincipal,
00107                                               in nsIURI uri, 
00108                                               in unsigned long flags);
00109 
00120     void checkLoadURI(in nsIURI from, in nsIURI uri, 
00121                       in unsigned long flags);
00122 
00127     void checkLoadURIStr(in AUTF8String from, in AUTF8String uri, 
00128                          in unsigned long flags);
00129 
00140     [noscript] void checkFunctionAccess(in JSContextPtr cx, in voidPtr funObj,
00141                                         in voidPtr targetObj);
00142 
00147     [noscript] boolean canExecuteScripts(in JSContextPtr cx,
00148                                          in nsIPrincipal principal);
00149 
00151 
00156     [noscript] nsIPrincipal getSubjectPrincipal();
00157 
00161     [noscript] nsIPrincipal getSystemPrincipal();
00162 
00171     [noscript] nsIPrincipal
00172          getCertificatePrincipal(in AUTF8String aCertFingerprint,
00173                                  in AUTF8String aSubjectName,
00174                                  in AUTF8String aPrettyName,
00175                                  in nsISupports aCert,
00176                                  in nsIURI aURI);
00177 
00181     [noscript] nsIPrincipal getCodebasePrincipal(in nsIURI aURI);
00182 
00184 
00190     [noscript] short requestCapability(in nsIPrincipal principal,
00191                                        in string capability);
00192     
00196     boolean isCapabilityEnabled(in string capability);
00197     
00202     void enableCapability(in string capability);
00203 
00209     void revertCapability(in string capability);
00210 
00215     void disableCapability(in string capability);
00216 
00218 
00222     // XXXbz Capabilities can't have non-ascii chars?
00223     // XXXbz ideally we'd pass a subjectName here too, and the nsISupports
00224     // cert we're enabling for...
00225     void setCanEnableCapability(in AUTF8String certificateFingerprint,
00226                                 in string capability, 
00227                                 in short canEnable);
00228 
00230 
00233     [noscript] nsIPrincipal getObjectPrincipal(in JSContextPtr cx,
00234                                                in JSObjectPtr obj);
00235 
00240     [noscript] boolean subjectPrincipalIsSystem();
00241 
00246     [noscript] void checkSameOrigin(in JSContextPtr aJSContext,
00247                                     in nsIURI aTargetURI);
00248 
00253     void checkSameOriginURI(in nsIURI aSourceURI,
00254                             in nsIURI aTargetURI);
00255 
00260     [noscript] void checkSameOriginPrincipal(in nsIPrincipal aSourcePrincipal,
00261                                              in nsIPrincipal aTargetPrincipal);
00262 
00267     [noscript] nsIPrincipal getPrincipalFromContext(in JSContextPtr cx);
00268 
00275     [noscript] boolean securityCompareURIs(in nsIURI aSubjectURI,
00276                                            in nsIURI aObjectURI);
00277 };
00278 
00279 %{C++
00280 #define NS_SCRIPTSECURITYMANAGER_CONTRACTID "@mozilla.org/scriptsecuritymanager;1"
00281 #define NS_SCRIPTSECURITYMANAGER_CLASSNAME "scriptsecuritymanager"
00282 %}