1 : /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 : /* ***** BEGIN LICENSE BLOCK *****
3 : * Version: MPL 1.1/GPL 2.0/LGPL 2.1
4 : *
5 : * The contents of this file are subject to the Mozilla Public License Version
6 : * 1.1 (the "License"); you may not use this file except in compliance with
7 : * the License. You may obtain a copy of the License at
8 : * http://www.mozilla.org/MPL/
9 : *
10 : * Software distributed under the License is distributed on an "AS IS" basis,
11 : * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
12 : * for the specific language governing rights and limitations under the
13 : * License.
14 : *
15 : * The Original Code is mozilla.org code.
16 : *
17 : * The Initial Developer of the Original Code is
18 : * Netscape Communications Corporation.
19 : * Portions created by the Initial Developer are Copyright (C) 1998
20 : * the Initial Developer. All Rights Reserved.
21 : *
22 : * Contributor(s):
23 : * Gagan Saksena (original author)
24 : * Ryan Flint <rflint@mozilla.com>
25 : *
26 : * Alternatively, the contents of this file may be used under the terms of
27 : * either the GNU General Public License Version 2 or later (the "GPL"), or
28 : * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
29 : * in which case the provisions of the GPL or the LGPL are applicable instead
30 : * of those above. If you wish to allow use of your version of this file only
31 : * under the terms of either the GPL or the LGPL, and not to allow others to
32 : * use your version of this file under the terms of the MPL, indicate your
33 : * decision by deleting the provisions above and replace them with the notice
34 : * and other provisions required by the GPL or the LGPL. If you do not delete
35 : * the provisions above, a recipient may use your version of this file under
36 : * the terms of any one of the MPL, the GPL or the LGPL.
37 : *
38 : * ***** END LICENSE BLOCK ***** */
39 :
40 : // See also: docshell/base/nsAboutRedirector.cpp
41 :
42 : #include "AboutRedirector.h"
43 : #include "nsNetUtil.h"
44 : #include "nsIScriptSecurityManager.h"
45 :
46 : namespace mozilla {
47 : namespace browser {
48 :
49 100 : NS_IMPL_ISUPPORTS1(AboutRedirector, nsIAboutModule)
50 :
51 : struct RedirEntry {
52 : const char* id;
53 : const char* url;
54 : PRUint32 flags; // See nsIAboutModule. The URI_SAFE_FOR_UNTRUSTED_CONTENT
55 : // flag does double duty here -- if it's not set, we don't
56 : // drop chrome privileges.
57 : };
58 :
59 : /*
60 : Entries which do not have URI_SAFE_FOR_UNTRUSTED_CONTENT will run with chrome
61 : privileges. This is potentially dangerous. Please use
62 : URI_SAFE_FOR_UNTRUSTED_CONTENT in the third argument to each map item below
63 : unless your about: page really needs chrome privileges. Security review is
64 : required before adding new map entries without
65 : URI_SAFE_FOR_UNTRUSTED_CONTENT. Also note, however, that adding
66 : URI_SAFE_FOR_UNTRUSTED_CONTENT will allow random web sites to link to that
67 : URI. Perhaps we should separate the two concepts out...
68 : */
69 : static RedirEntry kRedirMap[] = {
70 : #ifdef MOZ_SAFE_BROWSING
71 : { "blocked", "chrome://browser/content/safebrowsing/blockedSite.xhtml",
72 : nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
73 : nsIAboutModule::ALLOW_SCRIPT |
74 : nsIAboutModule::HIDE_FROM_ABOUTABOUT },
75 : #endif
76 : { "certerror", "chrome://browser/content/certerror/aboutCertError.xhtml",
77 : nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
78 : nsIAboutModule::ALLOW_SCRIPT |
79 : nsIAboutModule::HIDE_FROM_ABOUTABOUT },
80 : { "feeds", "chrome://browser/content/feeds/subscribe.xhtml",
81 : nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
82 : nsIAboutModule::ALLOW_SCRIPT |
83 : nsIAboutModule::HIDE_FROM_ABOUTABOUT },
84 : { "privatebrowsing", "chrome://browser/content/aboutPrivateBrowsing.xhtml",
85 : nsIAboutModule::ALLOW_SCRIPT },
86 : { "rights",
87 : #ifdef MOZ_OFFICIAL_BRANDING
88 : "chrome://global/content/aboutRights.xhtml",
89 : #else
90 : "chrome://global/content/aboutRights-unbranded.xhtml",
91 : #endif
92 : nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
93 : nsIAboutModule::ALLOW_SCRIPT },
94 : { "robots", "chrome://browser/content/aboutRobots.xhtml",
95 : nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
96 : nsIAboutModule::ALLOW_SCRIPT },
97 : { "sessionrestore", "chrome://browser/content/aboutSessionRestore.xhtml",
98 : nsIAboutModule::ALLOW_SCRIPT },
99 : #ifdef MOZ_SERVICES_SYNC
100 : { "sync-progress", "chrome://browser/content/sync/progress.xhtml",
101 : nsIAboutModule::ALLOW_SCRIPT },
102 : { "sync-tabs", "chrome://browser/content/sync/aboutSyncTabs.xul",
103 : nsIAboutModule::ALLOW_SCRIPT },
104 : #endif
105 : { "home", "chrome://browser/content/abouthome/aboutHome.xhtml",
106 : nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
107 : nsIAboutModule::ALLOW_SCRIPT },
108 : { "newtab", "chrome://browser/content/newtab/newTab.xul",
109 : nsIAboutModule::ALLOW_SCRIPT },
110 : { "permissions", "chrome://browser/content/preferences/aboutPermissions.xul",
111 : nsIAboutModule::ALLOW_SCRIPT },
112 : };
113 : static const int kRedirTotal = NS_ARRAY_LENGTH(kRedirMap);
114 :
115 : static nsCAutoString
116 12 : GetAboutModuleName(nsIURI *aURI)
117 : {
118 12 : nsCAutoString path;
119 12 : aURI->GetPath(path);
120 :
121 12 : PRInt32 f = path.FindChar('#');
122 12 : if (f >= 0)
123 0 : path.SetLength(f);
124 :
125 12 : f = path.FindChar('?');
126 12 : if (f >= 0)
127 0 : path.SetLength(f);
128 :
129 12 : ToLowerCase(path);
130 : return path;
131 : }
132 :
133 : NS_IMETHODIMP
134 6 : AboutRedirector::NewChannel(nsIURI *aURI, nsIChannel **result)
135 : {
136 6 : NS_ENSURE_ARG_POINTER(aURI);
137 6 : NS_ASSERTION(result, "must not be null");
138 :
139 12 : nsCAutoString path = GetAboutModuleName(aURI);
140 :
141 : nsresult rv;
142 12 : nsCOMPtr<nsIIOService> ioService = do_GetIOService(&rv);
143 6 : NS_ENSURE_SUCCESS(rv, rv);
144 :
145 24 : for (int i = 0; i < kRedirTotal; i++) {
146 24 : if (!strcmp(path.get(), kRedirMap[i].id)) {
147 12 : nsCOMPtr<nsIChannel> tempChannel;
148 12 : rv = ioService->NewChannel(nsDependentCString(kRedirMap[i].url),
149 12 : nsnull, nsnull, getter_AddRefs(tempChannel));
150 6 : NS_ENSURE_SUCCESS(rv, rv);
151 :
152 6 : tempChannel->SetOriginalURI(aURI);
153 :
154 : // Keep the page from getting unnecessary privileges unless it needs them
155 6 : if (kRedirMap[i].flags & nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT) {
156 : nsCOMPtr<nsIScriptSecurityManager> securityManager =
157 0 : do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
158 0 : NS_ENSURE_SUCCESS(rv, rv);
159 :
160 0 : nsCOMPtr<nsIPrincipal> principal;
161 0 : rv = securityManager->GetCodebasePrincipal(aURI, getter_AddRefs(principal));
162 0 : NS_ENSURE_SUCCESS(rv, rv);
163 :
164 0 : rv = tempChannel->SetOwner(principal);
165 0 : NS_ENSURE_SUCCESS(rv, rv);
166 : }
167 :
168 6 : NS_ADDREF(*result = tempChannel);
169 6 : return rv;
170 : }
171 : }
172 :
173 0 : return NS_ERROR_ILLEGAL_VALUE;
174 : }
175 :
176 : NS_IMETHODIMP
177 6 : AboutRedirector::GetURIFlags(nsIURI *aURI, PRUint32 *result)
178 : {
179 6 : NS_ENSURE_ARG_POINTER(aURI);
180 :
181 12 : nsCAutoString name = GetAboutModuleName(aURI);
182 :
183 24 : for (int i = 0; i < kRedirTotal; i++) {
184 24 : if (name.Equals(kRedirMap[i].id)) {
185 6 : *result = kRedirMap[i].flags;
186 6 : return NS_OK;
187 : }
188 : }
189 :
190 0 : return NS_ERROR_ILLEGAL_VALUE;
191 : }
192 :
193 : nsresult
194 1 : AboutRedirector::Create(nsISupports *aOuter, REFNSIID aIID, void **result)
195 : {
196 1 : AboutRedirector* about = new AboutRedirector();
197 1 : if (about == nsnull)
198 0 : return NS_ERROR_OUT_OF_MEMORY;
199 1 : NS_ADDREF(about);
200 1 : nsresult rv = about->QueryInterface(aIID, result);
201 1 : NS_RELEASE(about);
202 1 : return rv;
203 : }
204 :
205 : } // namespace browser
206 : } // namespace mozilla
|