1 : /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 : /* ***** BEGIN LICENSE BLOCK *****
3 : * Version: MPL 1.1/GPL 2.0/LGPL 2.1
4 : *
5 : * The contents of this file are subject to the Mozilla Public License Version
6 : * 1.1 (the "License"); you may not use this file except in compliance with
7 : * the License. You may obtain a copy of the License at
8 : * http://www.mozilla.org/MPL/
9 : *
10 : * Software distributed under the License is distributed on an "AS IS" basis,
11 : * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
12 : * for the specific language governing rights and limitations under the
13 : * License.
14 : *
15 : * The Original Code is mozilla.org code.
16 : *
17 : * The Initial Developer of the Original Code is
18 : * Netscape Communications Corporation.
19 : * Portions created by the Initial Developer are Copyright (C) 1998-2000
20 : * the Initial Developer. All Rights Reserved.
21 : *
22 : * Contributor(s):
23 : * Norris Boyd <nboyd@atg.com>
24 : * Mitch Stoltz <mstoltz@netscape.com>
25 : * Christopher A. Aillon <christopher@aillon.com>
26 : * Giorgio Maone <g.maone@informaction.com>
27 : *
28 : * Alternatively, the contents of this file may be used under the terms of
29 : * either of the GNU General Public License Version 2 or later (the "GPL"),
30 : * or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
31 : * in which case the provisions of the GPL or the LGPL are applicable instead
32 : * of those above. If you wish to allow use of your version of this file only
33 : * under the terms of either the GPL or the LGPL, and not to allow others to
34 : * use your version of this file under the terms of the MPL, indicate your
35 : * decision by deleting the provisions above and replace them with the notice
36 : * and other provisions required by the GPL or the LGPL. If you do not delete
37 : * the provisions above, a recipient may use your version of this file under
38 : * the terms of any one of the MPL, the GPL or the LGPL.
39 : *
40 : * ***** END LICENSE BLOCK ***** */
41 :
42 : #ifndef nsScriptSecurityManager_h__
43 : #define nsScriptSecurityManager_h__
44 :
45 : #include "nsIScriptSecurityManager.h"
46 : #include "nsIPrincipal.h"
47 : #include "jsapi.h"
48 : #include "jsdbgapi.h"
49 : #include "nsIXPCSecurityManager.h"
50 : #include "nsInterfaceHashtable.h"
51 : #include "nsHashtable.h"
52 : #include "nsCOMPtr.h"
53 : #include "nsIChannelEventSink.h"
54 : #include "nsIJSContextStack.h"
55 : #include "nsIObserver.h"
56 : #include "pldhash.h"
57 : #include "plstr.h"
58 : #include "nsIScriptExternalNameSet.h"
59 :
60 : class nsIDocShell;
61 : class nsString;
62 : class nsIClassInfo;
63 : class nsIIOService;
64 : class nsIXPConnect;
65 : class nsIStringBundle;
66 : class nsSystemPrincipal;
67 : struct ClassPolicy;
68 : class ClassInfoData;
69 : class DomainPolicy;
70 :
71 : #if defined(DEBUG_mstoltz) || defined(DEBUG_caillon)
72 : #define DEBUG_CAPS_HACKER
73 : #endif
74 :
75 : #ifdef DEBUG_CAPS_HACKER
76 : #define DEBUG_CAPS_CheckPropertyAccessImpl
77 : #define DEBUG_CAPS_LookupPolicy
78 : #define DEBUG_CAPS_CheckComponentPermissions
79 : #endif
80 :
81 : #if 0
82 : #define DEBUG_CAPS_CanCreateWrapper
83 : #define DEBUG_CAPS_CanCreateInstance
84 : #define DEBUG_CAPS_CanGetService
85 : #define DEBUG_CAPS_DomainPolicyLifeCycle
86 : #endif
87 :
88 : /////////////////////
89 : // PrincipalKey //
90 : /////////////////////
91 :
92 : class PrincipalKey : public PLDHashEntryHdr
93 : {
94 : public:
95 : typedef const nsIPrincipal* KeyType;
96 : typedef const nsIPrincipal* KeyTypePointer;
97 :
98 0 : PrincipalKey(const nsIPrincipal* key)
99 0 : : mKey(const_cast<nsIPrincipal*>(key))
100 : {
101 0 : }
102 :
103 : PrincipalKey(const PrincipalKey& toCopy)
104 : : mKey(toCopy.mKey)
105 : {
106 : }
107 :
108 0 : ~PrincipalKey()
109 0 : {
110 0 : }
111 :
112 : KeyType GetKey() const
113 : {
114 : return mKey;
115 : }
116 :
117 0 : bool KeyEquals(KeyTypePointer aKey) const
118 : {
119 : bool eq;
120 0 : mKey->Equals(const_cast<nsIPrincipal*>(aKey),
121 0 : &eq);
122 0 : return eq;
123 : }
124 :
125 0 : static KeyTypePointer KeyToPointer(KeyType aKey)
126 : {
127 0 : return aKey;
128 : }
129 :
130 0 : static PLDHashNumber HashKey(KeyTypePointer aKey)
131 : {
132 : PRUint32 hash;
133 0 : const_cast<nsIPrincipal*>(aKey)->GetHashValue(&hash);
134 0 : return PLDHashNumber(hash);
135 : }
136 :
137 : enum { ALLOW_MEMMOVE = true };
138 :
139 : private:
140 : nsCOMPtr<nsIPrincipal> mKey;
141 : };
142 :
143 : ////////////////////
144 : // Policy Storage //
145 : ////////////////////
146 :
147 : // Property Policy
148 : union SecurityLevel
149 : {
150 : PRWord level;
151 : char* capability;
152 : };
153 :
154 : // Security levels
155 : // These values all have the low bit set (except UNDEFINED_ACCESS)
156 : // to distinguish them from pointer values, because no pointer
157 : // to allocated memory ever has the low bit set. A SecurityLevel
158 : // contains either one of these constants or a pointer to a string
159 : // representing the name of a capability.
160 :
161 : #define SCRIPT_SECURITY_UNDEFINED_ACCESS 0
162 : #define SCRIPT_SECURITY_ACCESS_IS_SET_BIT 1
163 : #define SCRIPT_SECURITY_NO_ACCESS \
164 : ((1 << 0) | SCRIPT_SECURITY_ACCESS_IS_SET_BIT)
165 : #define SCRIPT_SECURITY_SAME_ORIGIN_ACCESS \
166 : ((1 << 1) | SCRIPT_SECURITY_ACCESS_IS_SET_BIT)
167 : #define SCRIPT_SECURITY_ALL_ACCESS \
168 : ((1 << 2) | SCRIPT_SECURITY_ACCESS_IS_SET_BIT)
169 :
170 : #define SECURITY_ACCESS_LEVEL_FLAG(_sl) \
171 : ((_sl.level == 0) || \
172 : (_sl.level & SCRIPT_SECURITY_ACCESS_IS_SET_BIT))
173 :
174 :
175 : struct PropertyPolicy : public PLDHashEntryHdr
176 : {
177 : JSString *key; // interned string
178 : SecurityLevel mGet;
179 : SecurityLevel mSet;
180 : };
181 :
182 : static bool
183 149 : InitPropertyPolicyEntry(PLDHashTable *table,
184 : PLDHashEntryHdr *entry,
185 : const void *key)
186 : {
187 149 : PropertyPolicy* pp = (PropertyPolicy*)entry;
188 149 : pp->key = (JSString *)key;
189 149 : pp->mGet.level = SCRIPT_SECURITY_UNDEFINED_ACCESS;
190 149 : pp->mSet.level = SCRIPT_SECURITY_UNDEFINED_ACCESS;
191 149 : return true;
192 : }
193 :
194 : static void
195 149 : ClearPropertyPolicyEntry(PLDHashTable *table, PLDHashEntryHdr *entry)
196 : {
197 149 : PropertyPolicy* pp = (PropertyPolicy*)entry;
198 149 : pp->key = NULL;
199 149 : }
200 :
201 : // Class Policy
202 : #define NO_POLICY_FOR_CLASS (ClassPolicy*)1
203 :
204 : struct ClassPolicy : public PLDHashEntryHdr
205 : {
206 : char* key;
207 : PLDHashTable* mPolicy;
208 :
209 : // Note: the DomainPolicy owns us, so if if dies we will too. Hence no
210 : // need to refcount it here (and in fact, we'd probably leak if we tried).
211 : DomainPolicy* mDomainWeAreWildcardFor;
212 : };
213 :
214 : static void
215 30 : ClearClassPolicyEntry(PLDHashTable *table, PLDHashEntryHdr *entry)
216 : {
217 30 : ClassPolicy* cp = (ClassPolicy *)entry;
218 30 : if (cp->key)
219 : {
220 30 : PL_strfree(cp->key);
221 30 : cp->key = nsnull;
222 : }
223 30 : PL_DHashTableDestroy(cp->mPolicy);
224 30 : }
225 :
226 : // Note: actual impl is going to be after the DomainPolicy class definition,
227 : // since we need to access members of DomainPolicy in the impl
228 : static void
229 : MoveClassPolicyEntry(PLDHashTable *table,
230 : const PLDHashEntryHdr *from,
231 : PLDHashEntryHdr *to);
232 :
233 : static bool
234 30 : InitClassPolicyEntry(PLDHashTable *table,
235 : PLDHashEntryHdr *entry,
236 : const void *key)
237 : {
238 : static PLDHashTableOps classPolicyOps =
239 : {
240 : PL_DHashAllocTable,
241 : PL_DHashFreeTable,
242 : PL_DHashVoidPtrKeyStub,
243 : PL_DHashMatchEntryStub,
244 : PL_DHashMoveEntryStub,
245 : ClearPropertyPolicyEntry,
246 : PL_DHashFinalizeStub,
247 : InitPropertyPolicyEntry
248 : };
249 :
250 30 : ClassPolicy* cp = (ClassPolicy*)entry;
251 30 : cp->mDomainWeAreWildcardFor = nsnull;
252 30 : cp->key = PL_strdup((const char*)key);
253 30 : if (!cp->key)
254 0 : return false;
255 : cp->mPolicy = PL_NewDHashTable(&classPolicyOps, nsnull,
256 30 : sizeof(PropertyPolicy), 16);
257 30 : if (!cp->mPolicy) {
258 0 : PL_strfree(cp->key);
259 0 : cp->key = nsnull;
260 0 : return false;
261 : }
262 30 : return true;
263 : }
264 :
265 : // Domain Policy
266 : class DomainPolicy : public PLDHashTable
267 : {
268 : public:
269 2 : DomainPolicy() : mWildcardPolicy(nsnull),
270 2 : mRefCount(0)
271 : {
272 2 : mGeneration = sGeneration;
273 :
274 : #ifdef DEBUG_CAPS_DomainPolicyLifeCycle
275 : ++sObjects;
276 : _printPopulationInfo();
277 : #endif
278 :
279 2 : }
280 :
281 2 : bool Init()
282 : {
283 : static const PLDHashTableOps domainPolicyOps =
284 : {
285 : PL_DHashAllocTable,
286 : PL_DHashFreeTable,
287 : PL_DHashStringKey,
288 : PL_DHashMatchStringKey,
289 : MoveClassPolicyEntry,
290 : ClearClassPolicyEntry,
291 : PL_DHashFinalizeStub,
292 : InitClassPolicyEntry
293 : };
294 :
295 : return PL_DHashTableInit(this, &domainPolicyOps, nsnull,
296 2 : sizeof(ClassPolicy), 16);
297 : }
298 :
299 2 : ~DomainPolicy()
300 : {
301 2 : PL_DHashTableFinish(this);
302 2 : NS_ASSERTION(mRefCount == 0, "Wrong refcount in DomainPolicy dtor");
303 : #ifdef DEBUG_CAPS_DomainPolicyLifeCycle
304 : printf("DomainPolicy deleted with mRefCount = %d\n", mRefCount);
305 : --sObjects;
306 : _printPopulationInfo();
307 : #endif
308 :
309 2 : }
310 :
311 6 : void Hold()
312 : {
313 6 : mRefCount++;
314 6 : }
315 :
316 6 : void Drop()
317 : {
318 6 : if (--mRefCount == 0)
319 2 : delete this;
320 6 : }
321 :
322 1 : static void InvalidateAll()
323 : {
324 1 : sGeneration++;
325 1 : }
326 :
327 0 : bool IsInvalid()
328 : {
329 0 : return mGeneration != sGeneration;
330 : }
331 :
332 : ClassPolicy* mWildcardPolicy;
333 :
334 : private:
335 : PRUint32 mRefCount;
336 : PRUint32 mGeneration;
337 : static PRUint32 sGeneration;
338 :
339 : #ifdef DEBUG_CAPS_DomainPolicyLifeCycle
340 : static PRUint32 sObjects;
341 : static void _printPopulationInfo();
342 : #endif
343 :
344 : };
345 :
346 : static void
347 12 : MoveClassPolicyEntry(PLDHashTable *table,
348 : const PLDHashEntryHdr *from,
349 : PLDHashEntryHdr *to)
350 : {
351 12 : memcpy(to, from, table->entrySize);
352 :
353 : // Now update the mDefaultPolicy pointer that points to us, if any.
354 12 : ClassPolicy* cp = static_cast<ClassPolicy*>(to);
355 12 : if (cp->mDomainWeAreWildcardFor) {
356 1 : NS_ASSERTION(cp->mDomainWeAreWildcardFor->mWildcardPolicy ==
357 : static_cast<const ClassPolicy*>(from),
358 : "Unexpected wildcard policy on mDomainWeAreWildcardFor");
359 1 : cp->mDomainWeAreWildcardFor->mWildcardPolicy = cp;
360 : }
361 12 : }
362 :
363 : /////////////////////////////
364 : // nsScriptSecurityManager //
365 : /////////////////////////////
366 : #define NS_SCRIPTSECURITYMANAGER_CID \
367 : { 0x7ee2a4c0, 0x4b93, 0x17d3, \
368 : { 0xba, 0x18, 0x00, 0x60, 0xb0, 0xf1, 0x99, 0xa2 }}
369 :
370 : class nsScriptSecurityManager : public nsIScriptSecurityManager,
371 : public nsIChannelEventSink,
372 : public nsIObserver
373 : {
374 : public:
375 : static void Shutdown();
376 :
377 : NS_DEFINE_STATIC_CID_ACCESSOR(NS_SCRIPTSECURITYMANAGER_CID)
378 :
379 : NS_DECL_ISUPPORTS
380 : NS_DECL_NSISCRIPTSECURITYMANAGER
381 : NS_DECL_NSIXPCSECURITYMANAGER
382 : NS_DECL_NSICHANNELEVENTSINK
383 : NS_DECL_NSIOBSERVER
384 :
385 : static nsScriptSecurityManager*
386 : GetScriptSecurityManager();
387 :
388 : static nsSystemPrincipal*
389 : SystemPrincipalSingletonConstructor();
390 :
391 : JSContext* GetCurrentJSContext();
392 :
393 : JSContext* GetSafeJSContext();
394 :
395 : /**
396 : * Utility method for comparing two URIs. For security purposes, two URIs
397 : * are equivalent if their schemes, hosts, and ports (if any) match. This
398 : * method returns true if aSubjectURI and aObjectURI have the same origin,
399 : * false otherwise.
400 : */
401 : static bool SecurityCompareURIs(nsIURI* aSourceURI, nsIURI* aTargetURI);
402 : static PRUint32 SecurityHashURI(nsIURI* aURI);
403 :
404 : static nsresult
405 : ReportError(JSContext* cx, const nsAString& messageTag,
406 : nsIURI* aSource, nsIURI* aTarget);
407 :
408 : static nsresult
409 : CheckSameOriginPrincipal(nsIPrincipal* aSubject,
410 : nsIPrincipal* aObject);
411 : static PRUint32
412 : HashPrincipalByOrigin(nsIPrincipal* aPrincipal);
413 :
414 : static bool
415 1 : GetStrictFileOriginPolicy()
416 : {
417 1 : return sStrictFileOriginPolicy;
418 : }
419 :
420 : private:
421 :
422 : // GetScriptSecurityManager is the only call that can make one
423 : nsScriptSecurityManager();
424 : virtual ~nsScriptSecurityManager();
425 :
426 : static JSBool
427 : CheckObjectAccess(JSContext *cx, JSObject *obj,
428 : jsid id, JSAccessMode mode,
429 : jsval *vp);
430 :
431 : static JSPrincipals *
432 : ObjectPrincipalFinder(JSObject *obj);
433 :
434 : // Decides, based on CSP, whether or not eval() and stuff can be executed.
435 : static JSBool
436 : ContentSecurityPolicyPermitsJSAction(JSContext *cx);
437 :
438 : // Returns null if a principal cannot be found; generally callers
439 : // should error out at that point.
440 : static nsIPrincipal*
441 : doGetObjectPrincipal(JSObject *obj
442 : #ifdef DEBUG
443 : , bool aAllowShortCircuit = true
444 : #endif
445 : );
446 :
447 : // Returns null if a principal cannot be found. Note that rv can be NS_OK
448 : // when this happens -- this means that there was no JS running.
449 : nsIPrincipal*
450 : doGetSubjectPrincipal(nsresult* rv);
451 :
452 : nsresult
453 : CheckPropertyAccessImpl(PRUint32 aAction,
454 : nsAXPCNativeCallContext* aCallContext,
455 : JSContext* cx, JSObject* aJSObject,
456 : nsISupports* aObj, nsIURI* aTargetURI,
457 : nsIClassInfo* aClassInfo,
458 : const char* aClassName, jsid aProperty,
459 : void** aCachedClassPolicy);
460 :
461 : nsresult
462 : CheckSameOriginDOMProp(nsIPrincipal* aSubject,
463 : nsIPrincipal* aObject,
464 : PRUint32 aAction);
465 :
466 : nsresult
467 : LookupPolicy(nsIPrincipal* principal,
468 : ClassInfoData& aClassData, jsid aProperty,
469 : PRUint32 aAction,
470 : ClassPolicy** aCachedClassPolicy,
471 : SecurityLevel* result);
472 :
473 : nsresult
474 : CreateCodebasePrincipal(nsIURI* aURI, nsIPrincipal** result);
475 :
476 : // This is just like the API method, but it doesn't check that the subject
477 : // name is non-empty or aCertificate is non-null, and it doesn't change the
478 : // certificate in the table (if any) in any way if aModifyTable is false.
479 : nsresult
480 : DoGetCertificatePrincipal(const nsACString& aCertFingerprint,
481 : const nsACString& aSubjectName,
482 : const nsACString& aPrettyName,
483 : nsISupports* aCertificate,
484 : nsIURI* aURI,
485 : bool aModifyTable,
486 : nsIPrincipal **result);
487 :
488 : // Returns null if a principal cannot be found. Note that rv can be NS_OK
489 : // when this happens -- this means that there was no script for the
490 : // context. Callers MUST pass in a non-null rv here.
491 : nsIPrincipal*
492 : GetSubjectPrincipal(JSContext* cx, nsresult* rv);
493 :
494 : // Returns null if a principal cannot be found. Note that rv can be NS_OK
495 : // when this happens -- this means that there was no script for the frame.
496 : // Callers MUST pass in a non-null rv here.
497 : nsIPrincipal*
498 : GetFramePrincipal(JSContext* cx, JSStackFrame* fp, nsresult* rv);
499 :
500 : // Returns null if a principal cannot be found. Note that rv can be NS_OK
501 : // when this happens -- this means that there was no script. Callers MUST
502 : // pass in a non-null rv here.
503 : static nsIPrincipal*
504 : GetScriptPrincipal(JSContext* cx, JSScript* script, nsresult* rv);
505 :
506 : // Returns null if a principal cannot be found. Note that rv can be NS_OK
507 : // when this happens -- this means that there was no script associated
508 : // with the function object, and no global object associated with the scope
509 : // of obj (the last object on its parent chain). If the caller is walking
510 : // the JS stack, fp must point to the current frame in the stack iteration.
511 : // Callers MUST pass in a non-null rv here.
512 : static nsIPrincipal*
513 : GetFunctionObjectPrincipal(JSContext* cx, JSObject* obj, JSStackFrame *fp,
514 : nsresult* rv);
515 :
516 : // Returns null if a principal cannot be found. Note that rv can be NS_OK
517 : // when this happens -- this means that there was no script
518 : // running. Callers MUST pass in a non-null rv here.
519 : nsIPrincipal*
520 : GetPrincipalAndFrame(JSContext *cx,
521 : JSStackFrame** frameResult,
522 : nsresult* rv);
523 :
524 : static bool
525 : CheckConfirmDialog(JSContext* cx, nsIPrincipal* aPrincipal,
526 : const char* aCapability, bool *checkValue);
527 :
528 : static void
529 : FormatCapabilityString(nsAString& aCapability);
530 :
531 : nsresult
532 : SavePrincipal(nsIPrincipal* aToSave);
533 :
534 : /**
535 : * Check capability levels for an |aObj| that implements
536 : * nsISecurityCheckedComponent.
537 : *
538 : * NB: This function also checks to see if aObj is a plugin and the user
539 : * has set the "security.xpconnect.plugin.unrestricted" pref to allow
540 : * anybody to script plugin objects from anywhere.
541 : *
542 : * @param cx The context we're running on.
543 : * NB: If null, "sameOrigin" does not have any effect.
544 : * @param aObj The nsISupports representation of the object in question
545 : * object, possibly null.
546 : * @param aJSObject The JSObject representation of the object in question
547 : * if |cx| is non-null and |aObjectSecurityLevel| is
548 : * "sameOrigin". If null will be calculated from aObj (if
549 : * non-null) if and only if aObj is an XPCWrappedJS. The
550 : * rationale behind this is that if we're creating a JS
551 : * wrapper for an XPCWrappedJS, this object definitely
552 : * expects to be exposed to JS.
553 : * @param aSubjectPrincipal The nominal subject principal used when
554 : * aObjectSecurityLevel is "sameOrigin". If null,
555 : * this is calculated if it's needed.
556 : * @param aObjectSecurityLevel Can be one of three values:
557 : * - allAccess: Allow access no matter what.
558 : * - noAccess: Deny access no matter what.
559 : * - sameOrigin: If |cx| is null, behave like noAccess.
560 : * Otherwise, possibly compute a subject
561 : * and object principal and return true if
562 : * and only if the subject has greater than
563 : * or equal privileges to the object.
564 : */
565 : nsresult
566 : CheckXPCPermissions(JSContext* cx,
567 : nsISupports* aObj, JSObject* aJSObject,
568 : nsIPrincipal* aSubjectPrincipal,
569 : const char* aObjectSecurityLevel);
570 :
571 : nsresult
572 : Init();
573 :
574 : nsresult
575 : InitPrefs();
576 :
577 : static nsresult
578 : GetPrincipalPrefNames(const char* prefBase,
579 : nsCString& grantedPref,
580 : nsCString& deniedPref,
581 : nsCString& subjectNamePref);
582 :
583 : nsresult
584 : InitPolicies();
585 :
586 : nsresult
587 : InitDomainPolicy(JSContext* cx, const char* aPolicyName,
588 : DomainPolicy* aDomainPolicy);
589 :
590 : nsresult
591 : InitPrincipals(PRUint32 prefCount, const char** prefNames);
592 :
593 : #ifdef DEBUG_CAPS_HACKER
594 : void
595 : PrintPolicyDB();
596 : #endif
597 :
598 1225909 : struct ContextPrincipal {
599 1225909 : ContextPrincipal(ContextPrincipal *next, JSContext *cx,
600 : JSStackFrame *fp, nsIPrincipal *principal)
601 1225909 : : mNext(next), mCx(cx), mFp(fp), mPrincipal(principal) {}
602 :
603 : ContextPrincipal *mNext;
604 : JSContext *mCx;
605 : JSStackFrame *mFp;
606 : nsCOMPtr<nsIPrincipal> mPrincipal;
607 : };
608 :
609 : // JS strings we need to clean up on shutdown
610 : static jsid sEnabledID;
611 :
612 : inline void
613 : ScriptSecurityPrefChanged();
614 :
615 : nsObjectHashtable* mOriginToPolicyMap;
616 : DomainPolicy* mDefaultPolicy;
617 : nsObjectHashtable* mCapabilities;
618 :
619 : nsCOMPtr<nsIPrincipal> mSystemPrincipal;
620 : nsCOMPtr<nsIPrincipal> mSystemCertificate;
621 : ContextPrincipal *mContextPrincipals;
622 : nsInterfaceHashtable<PrincipalKey, nsIPrincipal> mPrincipals;
623 : bool mPrefInitialized;
624 : bool mIsJavaScriptEnabled;
625 : bool mIsWritingPrefs;
626 : bool mPolicyPrefsChanged;
627 :
628 : static bool sStrictFileOriginPolicy;
629 :
630 : static nsIIOService *sIOService;
631 : static nsIXPConnect *sXPConnect;
632 : static nsIThreadJSContextStack* sJSContextStack;
633 : static nsIStringBundle *sStrBundle;
634 : static JSRuntime *sRuntime;
635 : };
636 :
637 : #define NS_SECURITYNAMESET_CID \
638 : { 0x7c02eadc, 0x76, 0x4d03, \
639 : { 0x99, 0x8d, 0x80, 0xd7, 0x79, 0xc4, 0x85, 0x89 } }
640 : #define NS_SECURITYNAMESET_CONTRACTID "@mozilla.org/security/script/nameset;1"
641 :
642 : class nsSecurityNameSet : public nsIScriptExternalNameSet
643 : {
644 : public:
645 : nsSecurityNameSet();
646 : virtual ~nsSecurityNameSet();
647 :
648 : NS_DECL_ISUPPORTS
649 :
650 : NS_IMETHOD InitializeNameSet(nsIScriptContext* aScriptContext);
651 : };
652 :
653 : #endif // nsScriptSecurityManager_h__
|