1
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2
/* ***** BEGIN LICENSE BLOCK *****
3
* Version: NPL 1.1/GPL 2.0/LGPL 2.1
5
* The contents of this file are subject to the Netscape Public License
6
* Version 1.1 (the "License"); you may not use this file except in
7
* compliance with the License. You may obtain a copy of the License at
8
* http://www.mozilla.org/NPL/
10
* Software distributed under the License is distributed on an "AS IS" basis,
11
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
12
* for the specific language governing rights and limitations under the
15
* The Original Code is mozilla.org code.
17
* The Initial Developer of the Original Code is
18
* Netscape Communications Corporation.
19
* Portions created by the Initial Developer are Copyright (C) 1999
20
* the Initial Developer. All Rights Reserved.
25
* Alternatively, the contents of this file may be used under the terms of
26
* either the GNU General Public License Version 2 or later (the "GPL"), or
27
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
28
* in which case the provisions of the GPL or the LGPL are applicable instead
29
* of those above. If you wish to allow use of your version of this file only
30
* under the terms of either the GPL or the LGPL, and not to allow others to
31
* use your version of this file under the terms of the NPL, indicate your
32
* decision by deleting the provisions above and replace them with the notice
33
* and other provisions required by the GPL or the LGPL. If you do not delete
34
* the provisions above, a recipient may use your version of this file under
35
* the terms of any one of the NPL, the GPL or the LGPL.
37
* ***** END LICENSE BLOCK ***** */
39
#include "nsISupports.idl"
40
#include "nsIPrincipal.idl"
41
#include "nsIXPCSecurityManager.idl"
44
[scriptable, uuid(18158378-b632-436a-9ced-c52ded350bde)]
45
interface nsIScriptSecurityManager : nsIXPCSecurityManager
47
///////////////// Security Checks //////////////////
49
* Checks whether the running script is allowed to access aProperty.
51
[noscript] void checkPropertyAccess(in JSContextPtr aJSContext,
52
in JSObjectPtr aJSObject,
58
* Checks whether the running script is allowed to connect to aTargetURI
60
[noscript] void checkConnect(in JSContextPtr aJSContext,
66
* Check that the script currently running in context "cx" can load "uri".
68
* Will return error code NS_ERROR_DOM_BAD_URI if the load request
71
* @param cx the JSContext of the script causing the load
72
* @param uri the URI that is being loaded
74
[noscript] void checkLoadURIFromScript(in JSContextPtr cx, in nsIURI uri);
77
* Default CheckLoadURI permissions
79
// Default permissions
80
const unsigned long STANDARD = 0;
82
// If the source is mail, disallow the load
83
const unsigned long DISALLOW_FROM_MAIL = 1 << 0;
85
// Allow the loading of chrome URLs by non-chrome URLs
86
const unsigned long ALLOW_CHROME = 1 << 1;
88
// Don't allow javascript: (and data:) URLs to load
89
const unsigned long DISALLOW_SCRIPT_OR_DATA = 1 << 2;
92
* Check that content from "from" can load "uri".
94
* Will return error code NS_ERROR_DOM_BAD_URI if the load request
97
* @param from the URI causing the load
98
* @param uri the URI that is being loaded
99
* @param flags the permission set, see above
101
void checkLoadURI(in nsIURI from, in nsIURI uri,
102
in unsigned long flags);
105
* Same as CheckLoadURI but takes string arguments for ease of use
108
void checkLoadURIStr(in string from, in string uri,
109
in unsigned long flags);
112
* Check that the function 'funObj' is allowed to run on 'targetObj'
114
* Will return error code NS_ERROR_DOM_SECURITY_ERR if the function
117
* @param cx The current active JavaScript context.
118
* @param funObj The function trying to run..
119
* @param targetObj The object the function will run on.
121
[noscript] void checkFunctionAccess(in JSContextPtr cx, in voidPtr funObj,
122
in voidPtr targetObj);
125
* Return true if content from the given principal is allowed to
128
[noscript] boolean canExecuteScripts(in JSContextPtr cx,
129
in nsIPrincipal principal);
131
///////////////// Principals ///////////////////////
133
* Return the principal of the innermost frame of the currently
134
* executing script. Will return null if there is no script
135
* currently executing.
137
[noscript] nsIPrincipal getSubjectPrincipal();
140
* Return the all-powerful system principal.
142
[noscript] nsIPrincipal getSystemPrincipal();
145
* Return a principal with the specified certificate ID and codebase URI.
147
[noscript] nsIPrincipal getCertificatePrincipal(in string CertID, in nsIURI aURI);
150
* Return a principal that has the same origin as aURI.
152
[noscript] nsIPrincipal getCodebasePrincipal(in nsIURI aURI);
154
///////////////// Capabilities API /////////////////////
156
* Request that 'capability' can be enabled by scripts or applets
157
* running with 'principal'. Will prompt user if
158
* necessary. Returns nsIPrincipal::ENABLE_GRANTED or
159
* nsIPrincipal::ENABLE_DENIED based on user's choice.
161
[noscript] short requestCapability(in nsIPrincipal principal,
162
in string capability);
165
* Return true if the currently executing script has 'capability' enabled.
167
boolean isCapabilityEnabled(in string capability);
170
* Enable 'capability' in the innermost frame of the currently executing
173
void enableCapability(in string capability);
176
* Remove 'capability' from the innermost frame of the currently
177
* executing script. Any setting of 'capability' from enclosing
178
* frames thus comes into effect.
180
void revertCapability(in string capability);
183
* Disable 'capability' in the innermost frame of the currently executing
186
void disableCapability(in string capability);
188
//////////////// Master Certificate Functions ////////////////////
190
* Allow 'certificateID' to enable 'capability.' Can only be performed
191
* by code signed by the system certificate.
193
void setCanEnableCapability(in string certificateID, in string capability,
196
///////////////////////
198
* Return the principal of the specified object in the specified context.
200
[noscript] nsIPrincipal getObjectPrincipal(in JSContextPtr cx,
204
* Returns true if the principal of the currently running script is the
205
* system principal, false otherwise.
207
[noscript] boolean subjectPrincipalIsSystem();
210
* Returns OK if aJSContext and target have the same "origin"
211
* (scheme, host, and port).
213
[noscript] void checkSameOrigin(in JSContextPtr aJSContext,
214
in nsIURI aTargetURI);
217
* Returns OK if aSourceURI and target have the same "origin"
218
* (scheme, host, and port).
220
void checkSameOriginURI(in nsIURI aSourceURI,
221
in nsIURI aTargetURI);
224
* Returns OK if aSourcePrincipal and aTargetPrincipal
225
* have the same "origin" (scheme, host, and port).
227
[noscript] void checkSameOriginPrincipal(in nsIPrincipal aSourcePrincipal,
228
in nsIPrincipal aTargetPrincipal);
231
* Returns the principal of the global object of the given context, or null
232
* if no global or no principal.
234
[noscript] nsIPrincipal getPrincipalFromContext(in JSContextPtr cx);
237
* Utility method for comparing two URIs. For security purposes, two URIs
238
* are equivalent if their schemes, hosts, and ports (if any) match. This
239
* method returns true if aSubjectURI and aObjectURI have the same origin,
242
[noscript] boolean securityCompareURIs(in nsIURI aSubjectURI,
243
in nsIURI aObjectURI);
247
#define NS_SCRIPTSECURITYMANAGER_CONTRACTID "@mozilla.org/scriptsecuritymanager;1"
248
#define NS_SCRIPTSECURITYMANAGER_CLASSNAME "scriptsecuritymanager"