52
52
#include "nsIScriptSecurityManager.h"
53
53
#include "nsIPrincipal.h"
54
54
#include "nsContentPolicyUtils.h"
55
#include "nsIDOMWindow.h"
55
#include "nsPIDOMWindow.h"
56
56
#include "nsIHttpChannel.h"
57
57
#include "nsIScriptElement.h"
58
58
#include "nsIDOMHTMLScriptElement.h"
67
67
static NS_DEFINE_CID(kCharsetConverterManagerCID, NS_ICHARSETCONVERTERMANAGER_CID);
69
69
//////////////////////////////////////////////////////////////
71
//////////////////////////////////////////////////////////////
73
static already_AddRefed<nsIPrincipal>
74
IntersectPrincipalCerts(nsIPrincipal *aOld, nsIPrincipal *aNew)
76
NS_PRECONDITION(aOld, "Null old principal!");
77
NS_PRECONDITION(aNew, "Null new principal!");
79
nsIPrincipal *principal = aOld;
82
aOld->GetHasCertificate(&hasCert);
85
aOld->Equals(aNew, &equal);
87
nsCOMPtr<nsIURI> uri, domain;
88
aOld->GetURI(getter_AddRefs(uri));
89
aOld->GetDomain(getter_AddRefs(domain));
91
nsContentUtils::GetSecurityManager()->GetCodebasePrincipal(uri, &principal);
92
if (principal && domain) {
93
principal->SetDomain(domain);
100
NS_ADDREF(principal);
105
//////////////////////////////////////////////////////////////
106
70
// Per-request data structure
107
71
//////////////////////////////////////////////////////////////
765
729
nsIScriptGlobalObject *globalObject = mDocument->GetScriptGlobalObject();
766
NS_ENSURE_TRUE(globalObject, NS_ERROR_FAILURE);
731
nsCOMPtr<nsPIDOMWindow> pwin(do_QueryInterface(globalObject));
732
NS_ENSURE_TRUE(pwin && pwin->IsInnerWindow(), NS_ERROR_FAILURE);
768
734
// Make sure context is a strong reference since we access it after
769
735
// we've executed a script, which may cause all other references to
1057
//-- Merge the principal of the script file with that of the document
1059
nsCOMPtr<nsISupports> owner;
1060
channel->GetOwner(getter_AddRefs(owner));
1061
nsCOMPtr<nsIPrincipal> principal = do_QueryInterface(owner);
1064
nsIPrincipal *docPrincipal = mDocument->GetPrincipal();
1066
nsCOMPtr<nsIPrincipal> newPrincipal =
1067
IntersectPrincipalCerts(docPrincipal, principal);
1069
mDocument->SetPrincipal(newPrincipal);
1071
mPendingRequests.RemoveObject(request);
1072
FireScriptAvailable(rv, request, EmptyString());
1073
ProcessPendingReqests();
1023
if (!ShouldExecuteScript(mDocument, channel)) {
1024
return NS_ERROR_NOT_AVAILABLE;
1047
* Get the "final" URI for a channel. This is either the same as GetURI or
1048
* GetOriginalURI, depending on whether this channel has
1049
* nsIChanel::LOAD_REPLACE set. For channels without that flag set, the final
1050
* URI is the original URI, while for ones with the flag the final URI is the
1054
NS_GetFinalChannelURI(nsIChannel* channel, nsIURI** uri)
1057
nsLoadFlags loadFlags = 0;
1058
nsresult rv = channel->GetLoadFlags(&loadFlags);
1059
NS_ENSURE_SUCCESS(rv, rv);
1061
if (loadFlags & nsIChannel::LOAD_REPLACE) {
1062
return channel->GetURI(uri);
1065
return channel->GetOriginalURI(uri);
1069
GetChannelPrincipal(nsIChannel* aChannel, nsIPrincipal** aPrincipal)
1071
NS_PRECONDITION(aChannel, "Must have channel!");
1072
nsCOMPtr<nsISupports> owner;
1073
aChannel->GetOwner(getter_AddRefs(owner));
1075
CallQueryInterface(owner, aPrincipal);
1081
// OK, get the principal from the URI. Make sure this does the same thing
1082
// as nsDocument::Reset and nsXULDocument::StartDocumentLoad.
1083
nsCOMPtr<nsIURI> uri;
1084
nsresult rv = NS_GetFinalChannelURI(aChannel, getter_AddRefs(uri));
1085
NS_ENSURE_SUCCESS(rv, rv);
1087
return nsContentUtils::GetSecurityManager()->
1088
GetCodebasePrincipal(uri, aPrincipal);
1093
nsScriptLoader::ShouldExecuteScript(nsIDocument* aDocument,
1094
nsIChannel* aChannel)
1101
nsIPrincipal *docPrincipal = aDocument->GetPrincipal();
1102
docPrincipal->GetHasCertificate(&hasCert);
1107
nsCOMPtr<nsIPrincipal> channelPrincipal;
1108
nsresult rv = GetChannelPrincipal(aChannel,
1109
getter_AddRefs(channelPrincipal));
1110
NS_ENSURE_SUCCESS(rv, PR_FALSE);
1112
NS_ASSERTION(channelPrincipal, "Gotta have a principal here!");
1114
// If the document principal is a cert principal and is not the same
1115
// as the channel principal, then we don't execute the script.
1117
rv = docPrincipal->Equals(channelPrincipal, &equal);
1118
return NS_SUCCEEDED(rv) && equal;
1099
1122
nsScriptLoader::GetEnabled(PRBool *aEnabled)