LCOV - code coverage report
Current view: directory - content/base/src - nsDataDocumentContentPolicy.cpp (source / functions) Found Hit Coverage
Test: app.info Lines: 47 11 23.4 %
Date: 2012-06-02 Functions: 6 4 66.7 %

       1                 : /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
       2                 : /* ***** BEGIN LICENSE BLOCK *****
       3                 :  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
       4                 :  *
       5                 :  * The contents of this file are subject to the Mozilla Public License Version
       6                 :  * 1.1 (the "License"); you may not use this file except in compliance with
       7                 :  * the License. You may obtain a copy of the License at
       8                 :  * http://www.mozilla.org/MPL/
       9                 :  *
      10                 :  * Software distributed under the License is distributed on an "AS IS" basis,
      11                 :  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
      12                 :  * for the specific language governing rights and limitations under the
      13                 :  * License.
      14                 :  *
      15                 :  * The Original Code is mozilla.org code.
      16                 :  *
      17                 :  * The Initial Developer of the Original Code is
      18                 :  * Boris Zbarsky <bzbarsky@mit.edu>.
      19                 :  * Portions created by the Initial Developer are Copyright (C) 2004
      20                 :  * the Initial Developer. All Rights Reserved.
      21                 :  *
      22                 :  * Contributor(s):
      23                 :  *
      24                 :  * Alternatively, the contents of this file may be used under the terms of
      25                 :  * either of the GNU General Public License Version 2 or later (the "GPL"),
      26                 :  * or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
      27                 :  * in which case the provisions of the GPL or the LGPL are applicable instead
      28                 :  * of those above. If you wish to allow use of your version of this file only
      29                 :  * under the terms of either the GPL or the LGPL, and not to allow others to
      30                 :  * use your version of this file under the terms of the MPL, indicate your
      31                 :  * decision by deleting the provisions above and replace them with the notice
      32                 :  * and other provisions required by the GPL or the LGPL. If you do not delete
      33                 :  * the provisions above, a recipient may use your version of this file under
      34                 :  * the terms of any one of the MPL, the GPL or the LGPL.
      35                 :  *
      36                 :  * ***** END LICENSE BLOCK ***** */
      37                 : 
      38                 : /*
      39                 :  * Content policy implementation that prevents all loads of images,
      40                 :  * subframes, etc from documents loaded as data (eg documents loaded
      41                 :  * via XMLHttpRequest).
      42                 :  */
      43                 : 
      44                 : #include "nsDataDocumentContentPolicy.h"
      45                 : #include "nsNetUtil.h"
      46                 : #include "nsScriptSecurityManager.h"
      47                 : #include "nsIDocument.h"
      48                 : #include "nsINode.h"
      49                 : #include "nsIDOMWindow.h"
      50                 : #include "nsIDOMDocument.h"
      51                 : 
      52              36 : NS_IMPL_ISUPPORTS1(nsDataDocumentContentPolicy, nsIContentPolicy)
      53                 : 
      54                 : // Helper method for ShouldLoad()
      55                 : // Checks a URI for the given flags.  Returns true if the URI has the flags,
      56                 : // and false if not (or if we weren't able to tell).
      57                 : static bool
      58               0 : HasFlags(nsIURI* aURI, PRUint32 aURIFlags)
      59                 : {
      60                 :   bool hasFlags;
      61               0 :   nsresult rv = NS_URIChainHasFlags(aURI, aURIFlags, &hasFlags);
      62               0 :   return NS_SUCCEEDED(rv) && hasFlags;
      63                 : }
      64                 : 
      65                 : NS_IMETHODIMP
      66              10 : nsDataDocumentContentPolicy::ShouldLoad(PRUint32 aContentType,
      67                 :                                         nsIURI *aContentLocation,
      68                 :                                         nsIURI *aRequestingLocation,
      69                 :                                         nsISupports *aRequestingContext,
      70                 :                                         const nsACString &aMimeGuess,
      71                 :                                         nsISupports *aExtra,
      72                 :                                         PRInt16 *aDecision)
      73                 : {
      74              10 :   *aDecision = nsIContentPolicy::ACCEPT;
      75                 :   // Look for the document.  In most cases, aRequestingContext is a node.
      76              20 :   nsCOMPtr<nsIDocument> doc;
      77              20 :   nsCOMPtr<nsINode> node = do_QueryInterface(aRequestingContext);
      78              10 :   if (node) {
      79               8 :     doc = node->OwnerDoc();
      80                 :   } else {
      81               4 :     nsCOMPtr<nsIDOMWindow> window = do_QueryInterface(aRequestingContext);
      82               2 :     if (window) {
      83               0 :       nsCOMPtr<nsIDOMDocument> domDoc;
      84               0 :       window->GetDocument(getter_AddRefs(domDoc));
      85               0 :       doc = do_QueryInterface(domDoc);
      86                 :     }
      87                 :   }
      88                 : 
      89                 :   // DTDs are always OK to load
      90              10 :   if (!doc || aContentType == nsIContentPolicy::TYPE_DTD) {
      91              10 :     return NS_OK;
      92                 :   }
      93                 : 
      94                 :   // Nothing else is OK to load for data documents
      95               0 :   if (doc->IsLoadedAsData()) {
      96               0 :     *aDecision = nsIContentPolicy::REJECT_TYPE;
      97               0 :     return NS_OK;
      98                 :   }
      99                 : 
     100               0 :   if (doc->IsBeingUsedAsImage()) {
     101                 :     // We only allow SVG images to load content from URIs that are local and
     102                 :     // also satisfy one of the following conditions:
     103                 :     //  - URI inherits security context, e.g. data URIs
     104                 :     //   OR
     105                 :     //  - URI loadable by subsumers, e.g. blob URIs
     106                 :     // Any URI that doesn't meet these requirements will be rejected below.
     107               0 :     if (!HasFlags(aContentLocation,
     108               0 :                   nsIProtocolHandler::URI_IS_LOCAL_RESOURCE) ||
     109                 :         (!HasFlags(aContentLocation,
     110               0 :                    nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT) &&
     111                 :          !HasFlags(aContentLocation,
     112               0 :                    nsIProtocolHandler::URI_LOADABLE_BY_SUBSUMERS))) {
     113               0 :       *aDecision = nsIContentPolicy::REJECT_TYPE;
     114                 : 
     115                 :       // Report error, if we can.
     116               0 :       if (node) {
     117               0 :         nsIPrincipal* requestingPrincipal = node->NodePrincipal();
     118               0 :         nsRefPtr<nsIURI> principalURI;
     119                 :         nsresult rv =
     120               0 :           requestingPrincipal->GetURI(getter_AddRefs(principalURI));
     121               0 :         if (NS_SUCCEEDED(rv) && principalURI) {
     122                 :           nsScriptSecurityManager::ReportError(
     123               0 :             nsnull, NS_LITERAL_STRING("CheckSameOriginError"), principalURI,
     124               0 :             aContentLocation);
     125                 :         }
     126                 :       }
     127               0 :     } else if (aContentType == nsIContentPolicy::TYPE_IMAGE &&
     128               0 :                doc->GetDocumentURI()) {
     129                 :       // Check for (& disallow) recursive image-loads
     130                 :       bool isRecursiveLoad;
     131                 :       nsresult rv = aContentLocation->EqualsExceptRef(doc->GetDocumentURI(),
     132               0 :                                                       &isRecursiveLoad);
     133               0 :       if (NS_FAILED(rv) || isRecursiveLoad) {
     134               0 :         NS_WARNING("Refusing to recursively load image");
     135               0 :         *aDecision = nsIContentPolicy::REJECT_TYPE;
     136                 :       }
     137                 :     }
     138               0 :     return NS_OK;
     139                 :   }
     140                 : 
     141                 :   // Allow all loads for non-resource documents
     142               0 :   if (!doc->IsResourceDoc()) {
     143               0 :     return NS_OK;
     144                 :   }
     145                 : 
     146                 :   // For resource documents, blacklist some load types
     147               0 :   if (aContentType == nsIContentPolicy::TYPE_OBJECT ||
     148                 :       aContentType == nsIContentPolicy::TYPE_DOCUMENT ||
     149                 :       aContentType == nsIContentPolicy::TYPE_SUBDOCUMENT ||
     150                 :       aContentType == nsIContentPolicy::TYPE_SCRIPT) {
     151               0 :     *aDecision = nsIContentPolicy::REJECT_TYPE;
     152                 :   }
     153                 : 
     154               0 :   return NS_OK;
     155                 : }
     156                 : 
     157                 : NS_IMETHODIMP
     158               0 : nsDataDocumentContentPolicy::ShouldProcess(PRUint32 aContentType,
     159                 :                                            nsIURI *aContentLocation,
     160                 :                                            nsIURI *aRequestingLocation,
     161                 :                                            nsISupports *aRequestingContext,
     162                 :                                            const nsACString &aMimeGuess,
     163                 :                                            nsISupports *aExtra,
     164                 :                                            PRInt16 *aDecision)
     165                 : {
     166                 :   return ShouldLoad(aContentType, aContentLocation, aRequestingLocation,
     167               0 :                     aRequestingContext, aMimeGuess, aExtra, aDecision);
     168                 : }

Generated by: LCOV version 1.7