Back to index

lightning-sunbird  0.9+nobinonly
Classes | Defines | Functions | Variables
nsScriptSecurityManager.cpp File Reference
#include "nsScriptSecurityManager.h"
#include "nsIServiceManager.h"
#include "nsIScriptObjectPrincipal.h"
#include "nsIScriptContext.h"
#include "nsIURL.h"
#include "nsIJARURI.h"
#include "nspr.h"
#include "nsJSPrincipals.h"
#include "nsSystemPrincipal.h"
#include "nsPrincipal.h"
#include "nsXPIDLString.h"
#include "nsCRT.h"
#include "nsIJSContextStack.h"
#include "nsDOMError.h"
#include "nsDOMCID.h"
#include "jsdbgapi.h"
#include "nsIXPConnect.h"
#include "nsIXPCSecurityManager.h"
#include "nsTextFormatter.h"
#include "nsIStringBundle.h"
#include "nsNetUtil.h"
#include "nsIProperties.h"
#include "nsDirectoryServiceDefs.h"
#include "nsIFile.h"
#include "nsIZipReader.h"
#include "nsIJAR.h"
#include "nsIPluginInstance.h"
#include "nsIScriptGlobalObject.h"
#include "nsIDOMWindowInternal.h"
#include "nsIDocShell.h"
#include "nsIDocShellTreeItem.h"
#include "nsIPrompt.h"
#include "nsIWindowWatcher.h"
#include "nsIConsoleService.h"
#include "nsISecurityCheckedComponent.h"
#include "nsIPrefBranch2.h"
#include "nsIJSRuntimeService.h"
#include "nsIObserverService.h"
#include "nsIContent.h"
#include "nsAutoPtr.h"
#include "nsAboutProtocolUtils.h"
#include "nsIURIFixup.h"
#include "nsCDefaultURIFixup.h"

Go to the source code of this file.

Classes

class  ClassInfoData
struct  DomainEntry

Defines

#define GRANTED   "granted"
#define DENIED   "denied"
#define SUBJECTNAME   "subjectName"

Functions

static NS_DEFINE_CID (kZipReaderCID, NS_ZIPREADER_CID)
static const PRUnicharJSValIDToString (JSContext *cx, const jsval idval)
static nsIScriptContextGetScriptContext (JSContext *cx)
void SetPendingException (JSContext *cx, const char *aMsg)
void SetPendingException (JSContext *cx, const PRUnichar *aMsg)
static nsresult MaybeFixupURIAndScheme (nsCOMPtr< nsIURI > &aURI, nsCString &aScheme)
 DeleteCapability (nsHashKey *aKey, void *aData, void *closure)
 DeleteDomainEntry (nsHashKey *aKey, void *aData, void *closure)
 NS_IMPL_ISUPPORTS4 (nsScriptSecurityManager, nsIScriptSecurityManager, nsIXPCSecurityManager, nsIPrefSecurityCheck, nsIObserver) JSBool JS_DLL_CALLBACK nsScriptSecurityManager
static nsresult GetPrincipalDomainOrigin (nsIPrincipal *aPrincipal, nsACString &aOrigin)

Variables

static const char sPrincipalPrefix [] = "capability.principal"
static const char sPolicyPrefix [] = "capability.policy."
static nsScriptSecurityManagergScriptSecMan = nsnull

Define Documentation

#define DENIED   "denied"
#define GRANTED   "granted"
#define SUBJECTNAME   "subjectName"

Function Documentation

DeleteCapability ( nsHashKey *  aKey,
void aData,
void closure 
)

Definition at line 405 of file nsScriptSecurityManager.cpp.

{
    nsMemory::Free(aData);
    return PR_TRUE;
}

Here is the caller graph for this function:

DeleteDomainEntry ( nsHashKey *  aKey,
void aData,
void closure 
)

Definition at line 455 of file nsScriptSecurityManager.cpp.

{
    DomainEntry *entry = (DomainEntry*) aData;
    do
    {
        DomainEntry *next = entry->mNext;
        delete entry;
        entry = next;
    } while (entry);
    return PR_TRUE;
}

Here is the caller graph for this function:

static nsresult GetPrincipalDomainOrigin ( nsIPrincipal aPrincipal,
nsACString &  aOrigin 
) [static]

Definition at line 983 of file nsScriptSecurityManager.cpp.

{
    aOrigin.Truncate();

    nsCOMPtr<nsIURI> uri;
    aPrincipal->GetDomain(getter_AddRefs(uri));
    if (!uri) {
        aPrincipal->GetURI(getter_AddRefs(uri));
    }

    // de-nest jar: origins
    nsCOMPtr<nsIJARURI> jarURI;
    while((jarURI = do_QueryInterface(uri)))
    {
        jarURI->GetJARFile(getter_AddRefs(uri));
    }
    NS_ENSURE_TRUE(uri, NS_ERROR_UNEXPECTED);

    nsCAutoString hostPort;

    nsresult rv = uri->GetHostPort(hostPort);
    if (NS_SUCCEEDED(rv)) {
        nsCAutoString scheme;
        rv = uri->GetScheme(scheme);
        NS_ENSURE_SUCCESS(rv, rv);
        aOrigin = scheme + NS_LITERAL_CSTRING("://") + hostPort;
    }
    else {
        // Some URIs (e.g., nsSimpleURI) don't support host. Just
        // get the full spec.
        rv = uri->GetSpec(aOrigin);
        NS_ENSURE_SUCCESS(rv, rv);
    }

    return NS_OK;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsIScriptContext* GetScriptContext ( JSContext cx) [static]

Definition at line 108 of file nsScriptSecurityManager.cpp.

Here is the call graph for this function:

Here is the caller graph for this function:

static const PRUnichar* JSValIDToString ( JSContext cx,
const jsval  idval 
) [inline, static]

Definition at line 99 of file nsScriptSecurityManager.cpp.

{
    JSString *str = JS_ValueToString(cx, idval);
    if(!str)
        return nsnull;
    return NS_REINTERPRET_CAST(PRUnichar*, JS_GetStringChars(str));
}

Here is the call graph for this function:

Here is the caller graph for this function:

static nsresult MaybeFixupURIAndScheme ( nsCOMPtr< nsIURI > &  aURI,
nsCString aScheme 
) [static]

Definition at line 245 of file nsScriptSecurityManager.cpp.

{
    nsresult rv = NS_OK;
    if (aScheme.EqualsLiteral("wyciwyg")) {
        // Need to dig out the real URI
        nsCOMPtr<nsIURIFixup> fixup = do_GetService(NS_URIFIXUP_CONTRACTID);
        if (fixup) {
            nsCOMPtr<nsIURI> newURI;
            rv = fixup->CreateExposableURI(aURI, getter_AddRefs(newURI));
            if (NS_SUCCEEDED(rv) && newURI != aURI) {
                aURI = newURI;
                rv = aURI->GetScheme(aScheme);
            }
        }
    }
    return rv;
}

Here is the call graph for this function:

static NS_DEFINE_CID ( kZipReaderCID  ,
NS_ZIPREADER_CID   
) [static]

Definition at line 474 of file nsScriptSecurityManager.cpp.

{
    // Get the security manager
    nsScriptSecurityManager *ssm =
        nsScriptSecurityManager::GetScriptSecurityManager();

    NS_ASSERTION(ssm, "Failed to get security manager service");
    if (!ssm)
        return JS_FALSE;

    // Get the object being accessed.  We protect these cases:
    // 1. The Function.prototype.caller property's value, which might lead
    //    an attacker up a call-stack to a function or another object from
    //    a different trust domain.
    // 2. A user-defined getter or setter function accessible on another
    //    trust domain's window or document object.
    // *vp can be a primitive, in that case, we use obj as the target
    // object.
    JSObject* target = JSVAL_IS_PRIMITIVE(*vp) ? obj : JSVAL_TO_OBJECT(*vp);

    // Do the same-origin check -- this sets a JS exception if the check fails.
    // Pass the parent object's class name, as we have no class-info for it.
    nsresult rv =
        ssm->CheckPropertyAccess(cx, target, JS_GetClass(cx, obj)->name, id,
                                 (mode & JSACC_WRITE) ?
                                 nsIXPCSecurityManager::ACCESS_SET_PROPERTY :
                                 nsIXPCSecurityManager::ACCESS_GET_PROPERTY);

    if (NS_FAILED(rv))
        return JS_FALSE; // Security check failed (XXX was an error reported?)

    return JS_TRUE;
}

Here is the call graph for this function:

void SetPendingException ( JSContext cx,
const char *  aMsg 
) [inline]

Definition at line 113 of file nsScriptSecurityManager.cpp.

Here is the call graph for this function:

Here is the caller graph for this function:

void SetPendingException ( JSContext cx,
const PRUnichar aMsg 
) [inline]

Definition at line 120 of file nsScriptSecurityManager.cpp.

Here is the call graph for this function:


Variable Documentation

Definition at line 3143 of file nsScriptSecurityManager.cpp.

const char sPolicyPrefix[] = "capability.policy." [static]

Definition at line 3044 of file nsScriptSecurityManager.cpp.

const char sPrincipalPrefix[] = "capability.principal" [static]

Definition at line 3043 of file nsScriptSecurityManager.cpp.