Line data Source code
1 : /* -*- Mode: C++; tab-width: 20; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 : /* This Source Code Form is subject to the terms of the Mozilla Public
3 : * License, v. 2.0. If a copy of the MPL was not distributed with this
4 : * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
5 :
6 : #include <stdlib.h>
7 : #include <stdarg.h>
8 :
9 : #include "nsIServiceManager.h"
10 :
11 : #include "nsIConsoleService.h"
12 : #include "nsIDOMCanvasRenderingContext2D.h"
13 : #include "nsICanvasRenderingContextInternal.h"
14 : #include "nsIHTMLCollection.h"
15 : #include "mozilla/dom/HTMLCanvasElement.h"
16 : #include "nsIPrincipal.h"
17 :
18 : #include "nsGfxCIID.h"
19 :
20 : #include "nsTArray.h"
21 :
22 : #include "CanvasUtils.h"
23 : #include "mozilla/gfx/Matrix.h"
24 : #include "WebGL2Context.h"
25 :
26 : using namespace mozilla::gfx;
27 :
28 : namespace mozilla {
29 : namespace CanvasUtils {
30 :
31 : bool
32 0 : GetCanvasContextType(const nsAString& str, dom::CanvasContextType* const out_type)
33 : {
34 0 : if (str.EqualsLiteral("2d")) {
35 0 : *out_type = dom::CanvasContextType::Canvas2D;
36 0 : return true;
37 : }
38 :
39 0 : if (str.EqualsLiteral("webgl") ||
40 0 : str.EqualsLiteral("experimental-webgl"))
41 : {
42 0 : *out_type = dom::CanvasContextType::WebGL1;
43 0 : return true;
44 : }
45 :
46 0 : if (WebGL2Context::IsSupported()) {
47 0 : if (str.EqualsLiteral("webgl2")) {
48 0 : *out_type = dom::CanvasContextType::WebGL2;
49 0 : return true;
50 : }
51 : }
52 :
53 0 : if (str.EqualsLiteral("bitmaprenderer")) {
54 0 : *out_type = dom::CanvasContextType::ImageBitmap;
55 0 : return true;
56 : }
57 :
58 0 : return false;
59 : }
60 :
61 : /**
62 : * This security check utility might be called from an source that never taints
63 : * others. For example, while painting a CanvasPattern, which is created from an
64 : * ImageBitmap, onto a canvas. In this case, the caller could set the CORSUsed
65 : * true in order to pass this check and leave the aPrincipal to be a nullptr
66 : * since the aPrincipal is not going to be used.
67 : */
68 : void
69 0 : DoDrawImageSecurityCheck(dom::HTMLCanvasElement *aCanvasElement,
70 : nsIPrincipal *aPrincipal,
71 : bool forceWriteOnly,
72 : bool CORSUsed)
73 : {
74 : // Callers should ensure that mCanvasElement is non-null before calling this
75 0 : if (!aCanvasElement) {
76 0 : NS_WARNING("DoDrawImageSecurityCheck called without canvas element!");
77 0 : return;
78 : }
79 :
80 0 : if (aCanvasElement->IsWriteOnly())
81 0 : return;
82 :
83 : // If we explicitly set WriteOnly just do it and get out
84 0 : if (forceWriteOnly) {
85 0 : aCanvasElement->SetWriteOnly();
86 0 : return;
87 : }
88 :
89 : // No need to do a security check if the image used CORS for the load
90 0 : if (CORSUsed)
91 0 : return;
92 :
93 0 : NS_PRECONDITION(aPrincipal, "Must have a principal here");
94 :
95 0 : if (aCanvasElement->NodePrincipal()->Subsumes(aPrincipal)) {
96 : // This canvas has access to that image anyway
97 0 : return;
98 : }
99 :
100 0 : aCanvasElement->SetWriteOnly();
101 : }
102 :
103 : bool
104 0 : CoerceDouble(const JS::Value& v, double* d)
105 : {
106 0 : if (v.isDouble()) {
107 0 : *d = v.toDouble();
108 0 : } else if (v.isInt32()) {
109 0 : *d = double(v.toInt32());
110 0 : } else if (v.isUndefined()) {
111 0 : *d = 0.0;
112 : } else {
113 0 : return false;
114 : }
115 0 : return true;
116 : }
117 :
118 : bool
119 0 : HasDrawWindowPrivilege(JSContext* aCx, JSObject* /* unused */)
120 : {
121 0 : return nsContentUtils::CallerHasPermission(aCx, NS_LITERAL_STRING("<all_urls>"));
122 : }
123 :
124 : } // namespace CanvasUtils
125 : } // namespace mozilla
|
