1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef nsContentSecurityManager_h___
#define nsContentSecurityManager_h___
#include "nsIContentSecurityManager.h"
#include "nsIChannel.h"
#include "nsIChannelEventSink.h"
class nsIStreamListener;
#define NS_CONTENTSECURITYMANAGER_CONTRACTID \
"@mozilla.org/contentsecuritymanager;1"
// cdcc1ab8-3cea-4e6c-a294-a651fa35227f
#define NS_CONTENTSECURITYMANAGER_CID \
{ \
0xcdcc1ab8, 0x3cea, 0x4e6c, { \
0xa2, 0x94, 0xa6, 0x51, 0xfa, 0x35, 0x22, 0x7f \
} \
}
class nsContentSecurityManager : public nsIContentSecurityManager,
public nsIChannelEventSink {
public:
NS_DECL_ISUPPORTS
NS_DECL_NSICONTENTSECURITYMANAGER
NS_DECL_NSICHANNELEVENTSINK
nsContentSecurityManager() = default;
static nsresult doContentSecurityCheck(
nsIChannel* aChannel, nsCOMPtr<nsIStreamListener>& aInAndOutListener);
static bool AllowTopLevelNavigationToDataURI(nsIChannel* aChannel);
static bool AllowInsecureRedirectToDataURI(nsIChannel* aNewChannel);
static void MeasureUnexpectedPrivilegedLoads(
nsIURI* aFinalURI, ExtContentPolicyType aContentPolicyType,
const nsACString& aRemoteType);
private:
static nsresult CheckChannel(nsIChannel* aChannel);
static nsresult CheckFTPSubresourceLoad(nsIChannel* aChannel);
static nsresult CheckAllowLoadInSystemPrivilegedContext(nsIChannel* aChannel);
static nsresult CheckChannelHasProtocolSecurityFlag(nsIChannel* aChannel);
virtual ~nsContentSecurityManager() = default;
};
#endif /* nsContentSecurityManager_h___ */
|
