Line data Source code
1 : /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 : /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 : /* This Source Code Form is subject to the terms of the Mozilla Public
4 : * License, v. 2.0. If a copy of the MPL was not distributed with this
5 : * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6 :
7 : #ifndef nsCSPContext_h___
8 : #define nsCSPContext_h___
9 :
10 : #include "mozilla/dom/nsCSPUtils.h"
11 : #include "nsDataHashtable.h"
12 : #include "nsIChannel.h"
13 : #include "nsIChannelEventSink.h"
14 : #include "nsIClassInfo.h"
15 : #include "nsIContentSecurityPolicy.h"
16 : #include "nsIInterfaceRequestor.h"
17 : #include "nsISerializable.h"
18 : #include "nsIStreamListener.h"
19 : #include "nsWeakReference.h"
20 : #include "nsXPCOM.h"
21 :
22 : #define NS_CSPCONTEXT_CONTRACTID "@mozilla.org/cspcontext;1"
23 : // 09d9ed1a-e5d4-4004-bfe0-27ceb923d9ac
24 : #define NS_CSPCONTEXT_CID \
25 : { 0x09d9ed1a, 0xe5d4, 0x4004, \
26 : { 0xbf, 0xe0, 0x27, 0xce, 0xb9, 0x23, 0xd9, 0xac } }
27 :
28 : class nsINetworkInterceptController;
29 : class nsIEventTarget;
30 : struct ConsoleMsgQueueElem;
31 :
32 : class nsCSPContext : public nsIContentSecurityPolicy
33 : {
34 : public:
35 : NS_DECL_ISUPPORTS
36 : NS_DECL_NSICONTENTSECURITYPOLICY
37 : NS_DECL_NSISERIALIZABLE
38 :
39 : protected:
40 : virtual ~nsCSPContext();
41 :
42 : public:
43 : nsCSPContext();
44 :
45 : /**
46 : * SetRequestContext() needs to be called before the innerWindowID
47 : * is initialized on the document. Use this function to call back to
48 : * flush queued up console messages and initalize the innerWindowID.
49 : */
50 : void flushConsoleMessages();
51 :
52 : void logToConsole(const char16_t* aName,
53 : const char16_t** aParams,
54 : uint32_t aParamsLength,
55 : const nsAString& aSourceName,
56 : const nsAString& aSourceLine,
57 : uint32_t aLineNumber,
58 : uint32_t aColumnNumber,
59 : uint32_t aSeverityFlag);
60 :
61 : nsresult SendReports(nsISupports* aBlockedContentSource,
62 : nsIURI* aOriginalURI,
63 : nsAString& aViolatedDirective,
64 : uint32_t aViolatedPolicyIndex,
65 : nsAString& aSourceFile,
66 : nsAString& aScriptSample,
67 : uint32_t aLineNum);
68 :
69 : nsresult AsyncReportViolation(nsISupports* aBlockedContentSource,
70 : nsIURI* aOriginalURI,
71 : const nsAString& aViolatedDirective,
72 : uint32_t aViolatedPolicyIndex,
73 : const nsAString& aObserverSubject,
74 : const nsAString& aSourceFile,
75 : const nsAString& aScriptSample,
76 : uint32_t aLineNum);
77 :
78 : // Hands off! Don't call this method unless you know what you
79 : // are doing. It's only supposed to be called from within
80 : // the principal destructor to avoid a tangling pointer.
81 0 : void clearLoadingPrincipal() {
82 0 : mLoadingPrincipal = nullptr;
83 0 : }
84 :
85 0 : nsWeakPtr GetLoadingContext(){
86 0 : return mLoadingContext;
87 : }
88 :
89 : private:
90 : bool permitsInternal(CSPDirective aDir,
91 : nsIURI* aContentLocation,
92 : nsIURI* aOriginalURI,
93 : const nsAString& aNonce,
94 : bool aWasRedirected,
95 : bool aIsPreload,
96 : bool aSpecific,
97 : bool aSendViolationReports,
98 : bool aSendContentLocationInViolationReports,
99 : bool aParserCreated);
100 :
101 : // helper to report inline script/style violations
102 : void reportInlineViolation(nsContentPolicyType aContentType,
103 : const nsAString& aNonce,
104 : const nsAString& aContent,
105 : const nsAString& aViolatedDirective,
106 : uint32_t aViolatedPolicyIndex,
107 : uint32_t aLineNumber);
108 :
109 : nsString mReferrer;
110 : uint64_t mInnerWindowID; // used for web console logging
111 : nsTArray<nsCSPPolicy*> mPolicies;
112 : nsCOMPtr<nsIURI> mSelfURI;
113 : nsDataHashtable<nsCStringHashKey, int16_t> mShouldLoadCache;
114 : nsCOMPtr<nsILoadGroup> mCallingChannelLoadGroup;
115 : nsWeakPtr mLoadingContext;
116 : // The CSP hangs off the principal, so let's store a raw pointer of the principal
117 : // to avoid memory leaks. Within the destructor of the principal we explicitly
118 : // set mLoadingPrincipal to null.
119 : nsIPrincipal* mLoadingPrincipal;
120 :
121 : // helper members used to queue up web console messages till
122 : // the windowID becomes available. see flushConsoleMessages()
123 : nsTArray<ConsoleMsgQueueElem> mConsoleMsgQueue;
124 : bool mQueueUpMessages;
125 : nsCOMPtr<nsIEventTarget> mEventTarget;
126 : };
127 :
128 : // Class that listens to violation report transmission and logs errors.
129 : class CSPViolationReportListener : public nsIStreamListener
130 : {
131 : public:
132 : NS_DECL_NSISTREAMLISTENER
133 : NS_DECL_NSIREQUESTOBSERVER
134 : NS_DECL_ISUPPORTS
135 :
136 : public:
137 : CSPViolationReportListener();
138 :
139 : protected:
140 : virtual ~CSPViolationReportListener();
141 : };
142 :
143 : // The POST of the violation report (if it happens) should not follow
144 : // redirects, per the spec. hence, we implement an nsIChannelEventSink
145 : // with an object so we can tell XHR to abort if a redirect happens.
146 : class CSPReportRedirectSink final : public nsIChannelEventSink,
147 : public nsIInterfaceRequestor
148 : {
149 : public:
150 : NS_DECL_NSICHANNELEVENTSINK
151 : NS_DECL_NSIINTERFACEREQUESTOR
152 : NS_DECL_ISUPPORTS
153 :
154 : public:
155 : CSPReportRedirectSink();
156 :
157 : void SetInterceptController(nsINetworkInterceptController* aInterceptController);
158 :
159 : protected:
160 : virtual ~CSPReportRedirectSink();
161 :
162 : private:
163 : nsCOMPtr<nsINetworkInterceptController> mInterceptController;
164 : };
165 :
166 : #endif /* nsCSPContext_h___ */
|
