1
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2
/* ***** BEGIN LICENSE BLOCK *****
3
* Version: NPL 1.1/GPL 2.0/LGPL 2.1
5
* The contents of this file are subject to the Netscape Public License
6
* Version 1.1 (the "License"); you may not use this file except in
7
* compliance with the License. You may obtain a copy of the License at
8
* http://www.mozilla.org/NPL/
10
* Software distributed under the License is distributed on an "AS IS" basis,
11
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
12
* for the specific language governing rights and limitations under the
15
* The Original Code is mozilla.org code.
17
* The Initial Developer of the Original Code is
18
* Netscape Communications Corporation.
19
* Portions created by the Initial Developer are Copyright (C) 1998
20
* the Initial Developer. All Rights Reserved.
25
* Alternatively, the contents of this file may be used under the terms of
26
* either the GNU General Public License Version 2 or later (the "GPL"), or
27
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
28
* in which case the provisions of the GPL or the LGPL are applicable instead
29
* of those above. If you wish to allow use of your version of this file only
30
* under the terms of either the GPL or the LGPL, and not to allow others to
31
* use your version of this file under the terms of the NPL, indicate your
32
* decision by deleting the provisions above and replace them with the notice
33
* and other provisions required by the GPL or the LGPL. If you do not delete
34
* the provisions above, a recipient may use your version of this file under
35
* the terms of any one of the NPL, the GPL or the LGPL.
37
* ***** END LICENSE BLOCK ***** */
39
#include "nsImgManager.h"
40
#include "nsIDocument.h"
41
#include "nsIContent.h"
42
#include "nsINodeInfo.h"
44
#include "nsIServiceManager.h"
45
#include "nsIScriptGlobalObject.h"
46
#include "nsIDOMDocument.h"
47
#include "nsIDocShellTreeItem.h"
48
#include "nsIPrefService.h"
49
#include "nsIPrefBranch.h"
50
#include "nsIPrefBranchInternal.h"
51
#include "nsIDocShell.h"
53
#include "nsContentPolicyUtils.h"
55
// Possible behavior pref values
56
#define IMAGE_ACCEPT 0
57
#define IMAGE_NOFOREIGN 1
60
static const char kImageBehaviorPrefName[] = "network.image.imageBehavior";
61
static const char kImageWarningPrefName[] = "network.image.warnAboutImages";
62
static const char kImageBlockImageInMailNewsPrefName[] = "mailnews.message_display.disable_remote_image";
64
static const PRUint8 kImageBehaviorPrefDefault = IMAGE_ACCEPT;
65
static const PRPackedBool kImageWarningPrefDefault = PR_FALSE;
66
static const PRPackedBool kImageBlockImageInMailNewsPrefDefault = PR_FALSE;
68
////////////////////////////////////////////////////////////////////////////////
69
// nsImgManager Implementation
70
////////////////////////////////////////////////////////////////////////////////
72
NS_IMPL_ISUPPORTS4(nsImgManager,
76
nsSupportsWeakReference)
78
nsImgManager::nsImgManager()
79
: mBehaviorPref(kImageBehaviorPrefDefault)
80
, mWarningPref(kImageWarningPrefDefault)
81
, mBlockInMailNewsPref(kImageBlockImageInMailNewsPrefDefault)
85
nsImgManager::~nsImgManager()
89
nsresult nsImgManager::Init()
91
// On error, just don't use the host based lookup anymore. We can do the
92
// other things, like mailnews blocking
93
mPermissionManager = do_GetService(NS_PERMISSIONMANAGER_CONTRACTID);
95
nsCOMPtr<nsIPrefBranchInternal> prefBranch = do_GetService(NS_PREFSERVICE_CONTRACTID);
97
prefBranch->AddObserver(kImageBehaviorPrefName, this, PR_TRUE);
99
// We don't do anything with it yet, but let it be. (bug 110112, 146513)
100
prefBranch->AddObserver(kImageWarningPrefName, this, PR_TRUE);
102
prefBranch->AddObserver(kImageBlockImageInMailNewsPrefName, this, PR_TRUE);
104
PrefChanged(prefBranch, nsnull);
111
nsImgManager::PrefChanged(nsIPrefBranch *aPrefBranch,
116
#define PREF_CHANGED(_P) (!aPref || !strcmp(aPref, _P))
118
if (PREF_CHANGED(kImageBehaviorPrefName) &&
119
NS_SUCCEEDED(aPrefBranch->GetIntPref(kImageBehaviorPrefName, &val)) &&
120
val >= 0 && val <= 2)
123
if (PREF_CHANGED(kImageWarningPrefName) &&
124
NS_SUCCEEDED(aPrefBranch->GetBoolPref(kImageWarningPrefName, &val)))
127
if (PREF_CHANGED(kImageBlockImageInMailNewsPrefName) &&
128
NS_SUCCEEDED(aPrefBranch->GetBoolPref(kImageBlockImageInMailNewsPrefName, &val)))
129
mBlockInMailNewsPref = val;
133
* Helper function to get the root DocShell given a context
135
* @param aContext The context (can be null)
136
* @return the root DocShell containing aContext, if found
138
static inline already_AddRefed<nsIDocShell>
139
GetRootDocShell(nsISupports *context)
141
nsIDocShell *docshell = NS_CP_GetDocShellFromContext(context);
146
nsCOMPtr<nsIDocShellTreeItem> docshellTreeItem(do_QueryInterface(docshell, &rv));
150
nsCOMPtr<nsIDocShellTreeItem> rootItem;
151
// we want the app docshell, so don't use GetSameTypeRootTreeItem
152
rv = docshellTreeItem->GetRootTreeItem(getter_AddRefs(rootItem));
157
CallQueryInterface(rootItem, &result);
161
// nsIContentPolicy Implementation
162
NS_IMETHODIMP nsImgManager::ShouldLoad(PRUint32 aContentType,
163
nsIURI *aContentLocation,
164
nsIURI *aRequestingLocation,
165
nsISupports *aRequestingContext,
166
const nsACString &aMimeGuess,
170
*aDecision = nsIContentPolicy::ACCEPT;
173
// we can't do anything w/ out this
174
if (!aContentLocation)
177
if (aContentType == nsIContentPolicy::TYPE_IMAGE) {
178
// we only want to check http, https, ftp
179
// remember ftp for a later check (disabling ftp images from mailnews)
181
rv = aContentLocation->SchemeIs("ftp", &isFtp);
182
NS_ENSURE_SUCCESS(rv,rv);
184
PRBool needToCheck = isFtp;
186
rv = aContentLocation->SchemeIs("http", &needToCheck);
187
NS_ENSURE_SUCCESS(rv,rv);
190
rv = aContentLocation->SchemeIs("https", &needToCheck);
191
NS_ENSURE_SUCCESS(rv,rv);
195
// for chrome:// and resources and others, no need to check.
199
nsCOMPtr<nsIDocShell> docshell(GetRootDocShell(aRequestingContext));
202
rv = docshell->GetAppType(&appType);
203
if (NS_SUCCEEDED(rv) && appType == nsIDocShell::APP_TYPE_MAIL) {
204
// never allow ftp for mail messages,
205
// because we don't want to send the users email address
206
// as the anonymous password
207
if (mBlockInMailNewsPref || isFtp) {
208
*aDecision = nsIContentPolicy::REJECT_REQUEST;
215
rv = TestPermission(aContentLocation, aRequestingLocation, &shouldLoad);
216
NS_ENSURE_SUCCESS(rv, rv);
218
*aDecision = nsIContentPolicy::REJECT_REQUEST;
223
NS_IMETHODIMP nsImgManager::ShouldProcess(PRUint32 aContentType,
224
nsIURI *aContentLocation,
225
nsIURI *aRequestingLocation,
226
nsISupports *aRequestingContext,
227
const nsACString &aMimeGuess,
231
//TODO: implement this to check images loaded into a raw document (as in,
232
//outside of a web page)
234
*aDecision = nsIContentPolicy::ACCEPT;
239
nsImgManager::TestPermission(nsIURI *aCurrentURI,
244
*aPermission = PR_TRUE;
246
// check the permission list first; if we find an entry, it overrides
247
// default prefs. this is new behavior, see bug 184059.
248
if (mPermissionManager) {
250
mPermissionManager->TestPermission(aCurrentURI, "image", &temp);
252
// if we found an entry, use it
253
if (temp != nsIPermissionManager::UNKNOWN_ACTION) {
254
*aPermission = (temp != nsIPermissionManager::DENY_ACTION);
259
if (mBehaviorPref == IMAGE_DENY) {
260
*aPermission = PR_FALSE;
264
// Third party checking
265
if (mBehaviorPref == IMAGE_NOFOREIGN) {
266
// We need a requesting uri for third party checks to work.
270
PRBool noNeedToCheck = PR_FALSE;
271
rv = aFirstURI->SchemeIs("chrome", &noNeedToCheck);
272
NS_ENSURE_SUCCESS(rv,rv);
276
// compare tails of names checking to see if they have a common domain
277
// we do this by comparing the tails of both names where each tail
278
// includes at least one dot
280
// A more generic method somewhere would be nice
282
nsCAutoString currentHost;
283
rv = aCurrentURI->GetAsciiHost(currentHost);
284
if (NS_FAILED(rv)) return rv;
286
// Search for two dots, starting at the end.
287
// If there are no two dots found, ++dot will turn to zero,
288
// that will return the entire string.
289
PRInt32 dot = currentHost.RFindChar('.');
290
dot = currentHost.RFindChar('.', dot-1);
293
// Get the domain, ie the last part of the host (www.domain.com -> domain.com)
294
// This will break on co.uk
295
const nsACString &tail = Substring(currentHost, dot, currentHost.Length() - dot);
297
nsCAutoString firstHost;
298
rv = aFirstURI->GetAsciiHost(firstHost);
299
if (NS_FAILED(rv)) return rv;
301
// If the tail is longer then the whole firstHost, it will never match
302
if (firstHost.Length() < tail.Length()) {
303
*aPermission = PR_FALSE;
307
// Get the last part of the firstUri with the same length as |tail|
308
const nsACString &firstTail = Substring(firstHost, firstHost.Length() - tail.Length(), tail.Length());
310
// Check that both tails are the same, and that just before the tail in
311
// |firstUri| there is a dot. That means both url are in the same domain
312
if ((firstHost.Length() > tail.Length() &&
313
firstHost.CharAt(firstHost.Length() - tail.Length() - 1) != '.') ||
314
!tail.Equals(firstTail)) {
315
*aPermission = PR_FALSE;
323
nsImgManager::Observe(nsISupports *aSubject,
325
const PRUnichar *aData)
327
nsCOMPtr<nsIPrefBranch> prefBranch = do_QueryInterface(aSubject);
328
NS_ASSERTION(!nsCRT::strcmp(NS_PREFBRANCH_PREFCHANGE_TOPIC_ID, aTopic),
329
"unexpected topic - we only deal with pref changes!");
332
PrefChanged(prefBranch, NS_LossyConvertUTF16toASCII(aData).get());