1 : /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 : /* ***** BEGIN LICENSE BLOCK *****
3 : * Version: MPL 1.1/GPL 2.0/LGPL 2.1
4 : *
5 : * The contents of this file are subject to the Mozilla Public License Version
6 : * 1.1 (the "License"); you may not use this file except in compliance with
7 : * the License. You may obtain a copy of the License at
8 : * http://www.mozilla.org/MPL/
9 : *
10 : * Software distributed under the License is distributed on an "AS IS" basis,
11 : * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
12 : * for the specific language governing rights and limitations under the
13 : * License.
14 : *
15 : * The Original Code is mozilla.org code.
16 : *
17 : * The Initial Developer of the Original Code is
18 : * the Mozilla Corporation.
19 : * Portions created by the Initial Developer are Copyright (C) 2006
20 : * the Initial Developer. All Rights Reserved.
21 : *
22 : * Contributor(s):
23 : * Boris Zbarsky <bzbarsky@mit.edu> (Original author)
24 : *
25 : * Alternatively, the contents of this file may be used under the terms of
26 : * either of the GNU General Public License Version 2 or later (the "GPL"),
27 : * or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
28 : * in which case the provisions of the GPL or the LGPL are applicable instead
29 : * of those above. If you wish to allow use of your version of this file only
30 : * under the terms of either the GPL or the LGPL, and not to allow others to
31 : * use your version of this file under the terms of the MPL, indicate your
32 : * decision by deleting the provisions above and replace them with the notice
33 : * and other provisions required by the GPL or the LGPL. If you do not delete
34 : * the provisions above, a recipient may use your version of this file under
35 : * the terms of any one of the MPL, the GPL or the LGPL.
36 : *
37 : * ***** END LICENSE BLOCK ***** */
38 :
39 : /**
40 : * This is the principal that has no rights and can't be accessed by
41 : * anything other than itself and chrome; null principals are not
42 : * same-origin with anything but themselves.
43 : */
44 :
45 : #include "mozilla/Util.h"
46 :
47 : #include "nsNullPrincipal.h"
48 : #include "nsNullPrincipalURI.h"
49 : #include "nsMemory.h"
50 : #include "nsIUUIDGenerator.h"
51 : #include "nsID.h"
52 : #include "nsNetUtil.h"
53 : #include "nsIClassInfoImpl.h"
54 : #include "nsNetCID.h"
55 : #include "nsDOMError.h"
56 : #include "nsScriptSecurityManager.h"
57 :
58 : using namespace mozilla;
59 :
60 : NS_IMPL_CLASSINFO(nsNullPrincipal, NULL, nsIClassInfo::MAIN_THREAD_ONLY,
61 : NS_NULLPRINCIPAL_CID)
62 11142 : NS_IMPL_QUERY_INTERFACE2_CI(nsNullPrincipal,
63 : nsIPrincipal,
64 1 : nsISerializable)
65 1 : NS_IMPL_CI_INTERFACE_GETTER2(nsNullPrincipal,
66 : nsIPrincipal,
67 1 : nsISerializable)
68 :
69 : NS_IMETHODIMP_(nsrefcnt)
70 33107 : nsNullPrincipal::AddRef()
71 : {
72 33107 : NS_PRECONDITION(PRInt32(refcount) >= 0, "illegal refcnt");
73 33107 : nsrefcnt count = PR_ATOMIC_INCREMENT(&refcount);
74 33107 : NS_LOG_ADDREF(this, count, "nsNullPrincipal", sizeof(*this));
75 33107 : return count;
76 : }
77 :
78 : NS_IMETHODIMP_(nsrefcnt)
79 33096 : nsNullPrincipal::Release()
80 : {
81 33096 : NS_PRECONDITION(0 != refcount, "dup release");
82 33096 : nsrefcnt count = PR_ATOMIC_DECREMENT(&refcount);
83 33096 : NS_LOG_RELEASE(this, count, "nsNullPrincipal");
84 33096 : if (count == 0) {
85 4072 : delete this;
86 : }
87 :
88 33096 : return count;
89 : }
90 :
91 4076 : nsNullPrincipal::nsNullPrincipal()
92 : {
93 4076 : }
94 :
95 8144 : nsNullPrincipal::~nsNullPrincipal()
96 : {
97 16288 : }
98 :
99 : #define NS_NULLPRINCIPAL_PREFIX NS_NULLPRINCIPAL_SCHEME ":"
100 :
101 : nsresult
102 4076 : nsNullPrincipal::Init()
103 : {
104 : // FIXME: bug 327161 -- make sure the uuid generator is reseeding-resistant.
105 : nsresult rv;
106 : nsCOMPtr<nsIUUIDGenerator> uuidgen =
107 8152 : do_GetService("@mozilla.org/uuid-generator;1", &rv);
108 4076 : NS_ENSURE_SUCCESS(rv, rv);
109 :
110 : nsID id;
111 4076 : rv = uuidgen->GenerateUUIDInPlace(&id);
112 4076 : NS_ENSURE_SUCCESS(rv, rv);
113 :
114 : char chars[NSID_LENGTH];
115 4076 : id.ToProvidedString(chars);
116 :
117 4076 : PRUint32 suffixLen = NSID_LENGTH - 1;
118 4076 : PRUint32 prefixLen = ArrayLength(NS_NULLPRINCIPAL_PREFIX) - 1;
119 :
120 : // Use an nsCString so we only do the allocation once here and then share
121 : // with nsJSPrincipals
122 8152 : nsCString str;
123 4076 : str.SetCapacity(prefixLen + suffixLen);
124 :
125 4076 : str.Append(NS_NULLPRINCIPAL_PREFIX);
126 4076 : str.Append(chars);
127 :
128 4076 : if (str.Length() != prefixLen + suffixLen) {
129 0 : NS_WARNING("Out of memory allocating null-principal URI");
130 0 : return NS_ERROR_OUT_OF_MEMORY;
131 : }
132 :
133 4076 : mURI = new nsNullPrincipalURI(str);
134 4076 : NS_ENSURE_TRUE(mURI, NS_ERROR_OUT_OF_MEMORY);
135 :
136 4076 : return NS_OK;
137 : }
138 :
139 : void
140 6 : nsNullPrincipal::GetScriptLocation(nsACString &aStr)
141 : {
142 6 : mURI->GetSpec(aStr);
143 6 : }
144 :
145 : #ifdef DEBUG
146 0 : void nsNullPrincipal::dumpImpl()
147 : {
148 0 : nsCAutoString str;
149 0 : mURI->GetSpec(str);
150 0 : fprintf(stderr, "nsNullPrincipal (%p) = %s\n", this, str.get());
151 0 : }
152 : #endif
153 :
154 : /**
155 : * nsIPrincipal implementation
156 : */
157 :
158 : NS_IMETHODIMP
159 0 : nsNullPrincipal::GetPreferences(char** aPrefName, char** aID,
160 : char** aSubjectName,
161 : char** aGrantedList, char** aDeniedList,
162 : bool* aIsTrusted)
163 : {
164 : // The null principal should never be written to preferences.
165 0 : *aPrefName = nsnull;
166 0 : *aID = nsnull;
167 0 : *aSubjectName = nsnull;
168 0 : *aGrantedList = nsnull;
169 0 : *aDeniedList = nsnull;
170 0 : *aIsTrusted = false;
171 :
172 0 : return NS_ERROR_FAILURE;
173 : }
174 :
175 : NS_IMETHODIMP
176 0 : nsNullPrincipal::Equals(nsIPrincipal *aOther, bool *aResult)
177 : {
178 : // Just equal to ourselves. Note that nsPrincipal::Equals will return false
179 : // for us since we have a unique domain/origin/etc.
180 0 : *aResult = (aOther == this);
181 0 : return NS_OK;
182 : }
183 :
184 : NS_IMETHODIMP
185 0 : nsNullPrincipal::EqualsIgnoringDomain(nsIPrincipal *aOther, bool *aResult)
186 : {
187 0 : return Equals(aOther, aResult);
188 : }
189 :
190 : NS_IMETHODIMP
191 0 : nsNullPrincipal::GetHashValue(PRUint32 *aResult)
192 : {
193 0 : *aResult = (NS_PTR_TO_INT32(this) >> 2);
194 0 : return NS_OK;
195 : }
196 :
197 : NS_IMETHODIMP
198 0 : nsNullPrincipal::GetSecurityPolicy(void** aSecurityPolicy)
199 : {
200 : // We don't actually do security policy caching. And it's not like anyone
201 : // can set a security policy for us anyway.
202 0 : *aSecurityPolicy = nsnull;
203 0 : return NS_OK;
204 : }
205 :
206 : NS_IMETHODIMP
207 0 : nsNullPrincipal::SetSecurityPolicy(void* aSecurityPolicy)
208 : {
209 : // We don't actually do security policy caching. And it's not like anyone
210 : // can set a security policy for us anyway.
211 0 : return NS_OK;
212 : }
213 :
214 : NS_IMETHODIMP
215 0 : nsNullPrincipal::CanEnableCapability(const char *aCapability,
216 : PRInt16 *aResult)
217 : {
218 : // Null principal can enable no capabilities.
219 0 : *aResult = nsIPrincipal::ENABLE_DENIED;
220 0 : return NS_OK;
221 : }
222 :
223 : NS_IMETHODIMP
224 0 : nsNullPrincipal::SetCanEnableCapability(const char *aCapability,
225 : PRInt16 aCanEnable)
226 : {
227 0 : return NS_ERROR_NOT_AVAILABLE;
228 : }
229 :
230 :
231 : NS_IMETHODIMP
232 0 : nsNullPrincipal::IsCapabilityEnabled(const char *aCapability,
233 : void *aAnnotation,
234 : bool *aResult)
235 : {
236 : // Nope. No capabilities, I say!
237 0 : *aResult = false;
238 0 : return NS_OK;
239 : }
240 :
241 : NS_IMETHODIMP
242 0 : nsNullPrincipal::EnableCapability(const char *aCapability, void **aAnnotation)
243 : {
244 0 : NS_NOTREACHED("Didn't I say it? NO CAPABILITIES!");
245 0 : *aAnnotation = nsnull;
246 0 : return NS_OK;
247 : }
248 :
249 : NS_IMETHODIMP
250 0 : nsNullPrincipal::RevertCapability(const char *aCapability, void **aAnnotation)
251 : {
252 0 : *aAnnotation = nsnull;
253 0 : return NS_OK;
254 : }
255 :
256 : NS_IMETHODIMP
257 0 : nsNullPrincipal::DisableCapability(const char *aCapability, void **aAnnotation)
258 : {
259 : // Just a no-op. They're all disabled anyway.
260 0 : *aAnnotation = nsnull;
261 0 : return NS_OK;
262 : }
263 :
264 : NS_IMETHODIMP
265 4637 : nsNullPrincipal::GetURI(nsIURI** aURI)
266 : {
267 4637 : return NS_EnsureSafeToReturn(mURI, aURI);
268 : }
269 :
270 : NS_IMETHODIMP
271 8 : nsNullPrincipal::GetCsp(nsIContentSecurityPolicy** aCsp)
272 : {
273 : // CSP on a null principal makes no sense
274 8 : *aCsp = nsnull;
275 8 : return NS_OK;
276 : }
277 :
278 : NS_IMETHODIMP
279 0 : nsNullPrincipal::SetCsp(nsIContentSecurityPolicy* aCsp)
280 : {
281 : // CSP on a null principal makes no sense
282 0 : return NS_ERROR_NOT_AVAILABLE;
283 : }
284 :
285 : NS_IMETHODIMP
286 0 : nsNullPrincipal::GetDomain(nsIURI** aDomain)
287 : {
288 0 : return NS_EnsureSafeToReturn(mURI, aDomain);
289 : }
290 :
291 : NS_IMETHODIMP
292 0 : nsNullPrincipal::SetDomain(nsIURI* aDomain)
293 : {
294 : // I think the right thing to do here is to just throw... Silently failing
295 : // seems counterproductive.
296 0 : return NS_ERROR_NOT_AVAILABLE;
297 : }
298 :
299 : NS_IMETHODIMP
300 0 : nsNullPrincipal::GetOrigin(char** aOrigin)
301 : {
302 0 : *aOrigin = nsnull;
303 :
304 0 : nsCAutoString str;
305 0 : nsresult rv = mURI->GetSpec(str);
306 0 : NS_ENSURE_SUCCESS(rv, rv);
307 :
308 0 : *aOrigin = ToNewCString(str);
309 0 : NS_ENSURE_TRUE(*aOrigin, NS_ERROR_OUT_OF_MEMORY);
310 :
311 0 : return NS_OK;
312 : }
313 :
314 : NS_IMETHODIMP
315 0 : nsNullPrincipal::GetHasCertificate(bool* aResult)
316 : {
317 0 : *aResult = false;
318 0 : return NS_OK;
319 : }
320 :
321 : NS_IMETHODIMP
322 0 : nsNullPrincipal::GetFingerprint(nsACString& aID)
323 : {
324 0 : return NS_ERROR_NOT_AVAILABLE;
325 : }
326 :
327 : NS_IMETHODIMP
328 0 : nsNullPrincipal::GetPrettyName(nsACString& aName)
329 : {
330 0 : return NS_ERROR_NOT_AVAILABLE;
331 : }
332 :
333 : NS_IMETHODIMP
334 0 : nsNullPrincipal::Subsumes(nsIPrincipal *aOther, bool *aResult)
335 : {
336 : // We don't subsume anything except ourselves. Note that nsPrincipal::Equals
337 : // will return false for us, since we're not about:blank and not Equals to
338 : // reasonable nsPrincipals.
339 0 : *aResult = (aOther == this);
340 0 : return NS_OK;
341 : }
342 :
343 : NS_IMETHODIMP
344 0 : nsNullPrincipal::SubsumesIgnoringDomain(nsIPrincipal *aOther, bool *aResult)
345 : {
346 0 : return Subsumes(aOther, aResult);
347 : }
348 :
349 : NS_IMETHODIMP
350 0 : nsNullPrincipal::CheckMayLoad(nsIURI* aURI, bool aReport)
351 : {
352 0 : if (aReport) {
353 : nsScriptSecurityManager::ReportError(
354 0 : nsnull, NS_LITERAL_STRING("CheckSameOriginError"), mURI, aURI);
355 : }
356 :
357 0 : return NS_ERROR_DOM_BAD_URI;
358 : }
359 :
360 : NS_IMETHODIMP
361 0 : nsNullPrincipal::GetSubjectName(nsACString& aName)
362 : {
363 0 : return NS_ERROR_NOT_AVAILABLE;
364 : }
365 :
366 : NS_IMETHODIMP
367 0 : nsNullPrincipal::GetCertificate(nsISupports** aCertificate)
368 : {
369 0 : *aCertificate = nsnull;
370 0 : return NS_OK;
371 : }
372 :
373 : /**
374 : * nsISerializable implementation
375 : */
376 : NS_IMETHODIMP
377 0 : nsNullPrincipal::Read(nsIObjectInputStream* aStream)
378 : {
379 : // no-op: CID is sufficient to create a useful nsNullPrincipal, since the URI
380 : // is not really relevant.
381 0 : return NS_OK;
382 : }
383 :
384 : NS_IMETHODIMP
385 0 : nsNullPrincipal::Write(nsIObjectOutputStream* aStream)
386 : {
387 : // no-op: CID is sufficient to create a useful nsNullPrincipal, since the URI
388 : // is not really relevant.
389 0 : return NS_OK;
390 : }
391 :
|