embedding/browser/activex/src/plugin/nsAxSecurityPolicy.js

   1 /* ***** BEGIN LICENSE BLOCK *****
   2  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
   3  *
   4  * The contents of this file are subject to the Mozilla Public License Version
   5  * 1.1 (the "License"); you may not use this file except in compliance with
   6  * the License. You may obtain a copy of the License at
   7  * http://www.mozilla.org/MPL/
   8  *
   9  * Software distributed under the License is distributed on an "AS IS" basis,
  10  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
  11  * for the specific language governing rights and limitations under the
  12  * License.
  13  *
  14  * The Original Code is mozilla.org code.
  15  *
  16  * The Initial Developer of the Original Code is
  17  * Netscape Communications Corporation.
  18  * Portions created by the Initial Developer are Copyright (C) 1998
  19  * the Initial Developer. All Rights Reserved.
  20  *
  21  * Contributor(s):
  22  *
  23  * Alternatively, the contents of this file may be used under the terms of
  24  * either the GNU General Public License Version 2 or later (the "GPL"), or
  25  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
  26  * in which case the provisions of the GPL or the LGPL are applicable instead
  27  * of those above. If you wish to allow use of your version of this file only
  28  * under the terms of either the GPL or the LGPL, and not to allow others to
  29  * use your version of this file under the terms of the MPL, indicate your
  30  * decision by deleting the provisions above and replace them with the notice
  31  * and other provisions required by the GPL or the LGPL. If you do not delete
  32  * the provisions above, a recipient may use your version of this file under
  33  * the terms of any one of the MPL, the GPL or the LGPL.
  34  *
  35  * ***** END LICENSE BLOCK ***** */
  36
  37 const NS_IACTIVEXSECURITYPOLICY_CONTRACTID =
  38     "@mozilla.org/nsactivexsecuritypolicy;1";
  39 const NS_IACTIVEXSECURITYPOLICY_CID =
  40     Components.ID("{B9BDB43B-109E-44b8-858C-B68C6C3DF86F}");
  41
  42 const nsISupports               = Components.interfaces.nsISupports;
  43 const nsIObserver               = Components.interfaces.nsIObserver;
  44 const nsIActiveXSecurityPolicy  = Components.interfaces.nsIActiveXSecurityPolicy;
  45
  46 ///////////////////////////////////////////////////////////////////////////////
  47 // Constants representing some default flag combinations of varying degrees
  48 // of safety.
  49
  50 // No controls at all
  51 const kTotalSecurityHostingFlags =
  52     nsIActiveXSecurityPolicy.HOSTING_FLAGS_HOST_NOTHING;
  53
  54 // Host only safe controls, no downloading or scripting
  55 const kHighSecurityHostingFlags =
  56     nsIActiveXSecurityPolicy.HOSTING_FLAGS_HOST_SAFE_OBJECTS;
  57
  58 // Host and script safe controls and allow downloads
  59 const kMediumSecurityGlobalHostingFlags =
  60     nsIActiveXSecurityPolicy.HOSTING_FLAGS_HOST_SAFE_OBJECTS |
  61     nsIActiveXSecurityPolicy.HOSTING_FLAGS_DOWNLOAD_CONTROLS |
  62     nsIActiveXSecurityPolicy.HOSTING_FLAGS_SCRIPT_SAFE_OBJECTS;
  63
  64 // Host any control and script safe controls
  65 const kLowSecurityHostFlags =
  66     nsIActiveXSecurityPolicy.HOSTING_FLAGS_HOST_SAFE_OBJECTS |
  67     nsIActiveXSecurityPolicy.HOSTING_FLAGS_DOWNLOAD_CONTROLS |
  68     nsIActiveXSecurityPolicy.HOSTING_FLAGS_SCRIPT_SAFE_OBJECTS |
  69     nsIActiveXSecurityPolicy.HOSTING_FLAGS_HOST_ALL_OBJECTS;
  70
  71 // Goodbye cruel world
  72 const kNoSecurityHostingFlags =
  73     nsIActiveXSecurityPolicy.HOSTING_FLAGS_HOST_SAFE_OBJECTS |
  74     nsIActiveXSecurityPolicy.HOSTING_FLAGS_DOWNLOAD_CONTROLS |
  75     nsIActiveXSecurityPolicy.HOSTING_FLAGS_SCRIPT_SAFE_OBJECTS |
  76     nsIActiveXSecurityPolicy.HOSTING_FLAGS_SCRIPT_ALL_OBJECTS |
  77     nsIActiveXSecurityPolicy.HOSTING_FLAGS_HOST_ALL_OBJECTS;
  78
  79 ///////////////////////////////////////////////////////////////////////////////
  80 // Constants representing the default hosting flag values when there is
  81 // no pref value. Note that these should be as tight as possible except for
  82 // testing purposes.
  83
  84 const kDefaultGlobalHostingFlags = kMediumSecurityGlobalHostingFlags;
  85 const kDefaultOtherHostingFlags  = kMediumSecurityGlobalHostingFlags;
  86
  87 // Preferences security policy reads from
  88 const kHostingPrefPart1 = "security.xpconnect.activex.";
  89 const kHostingPrefPart2 = ".hosting_flags";
  90 const kGlobalHostingFlagsPref = kHostingPrefPart1 + "global" + kHostingPrefPart2;
  91
  92 var gPref = null;
  93
  94 function addPrefListener(observer, prefStr)
  95 {
  96     try {
  97         if (gPref == null) {
  98             var prefService = Components.classes["@mozilla.org/preferences-service;1"]
  99                                         .getService(Components.interfaces.nsIPrefService);
 100             gPref = prefService.getBranch(null);
 101         }
 102         var pbi = gPref.QueryInterface(Components.interfaces.nsIPrefBranch2);
 103         pbi.addObserver(prefStr, observer, false);
 104     } catch(ex) {
 105         dump("Failed to observe prefs: " + ex + "\n");
 106     }
 107 }
 108
 109 function AxSecurityPolicy()
 110 {
 111     addPrefListener(this, kGlobalHostingFlagsPref);
 112     this.syncPrefs();
 113     this.globalHostingFlags = kDefaultGlobalHostingFlags;
 114 }
 115
 116 AxSecurityPolicy.prototype = {
 117     syncPrefs: function()
 118     {
 119         var hostingFlags = this.globalHostingFlags;
 120         try {
 121             if (gPref == null) {
 122                 var prefService = Components.classes["@mozilla.org/preferences-service;1"]
 123                                             .getService(Components.interfaces.nsIPrefService);
 124                 gPref = prefService.getBranch(null);
 125             }
 126             hostingFlags = gPref.getIntPref(kGlobalHostingFlagsPref);
 127         }
 128         catch (ex) {
 129             dump("Failed to read control hosting flags from \"" + kGlobalHostingFlagsPref + "\"\n");
 130             hostingFlags = kDefaultGlobalHostingFlags;
 131         }
 132         if (hostingFlags != this.globalHostingFlags)
 133         {
 134             dump("Global activex hosting flags have changed value to " + hostingFlags + "\n");
 135             this.globalHostingFlags = hostingFlags
 136         }
 137     },
 138
 139     // nsIActiveXSecurityPolicy
 140     getHostingFlags: function(context)
 141     {
 142         var hostingFlags;
 143         if (context == null || context == "global") {
 144             hostingFlags = this.globalHostingFlags;
 145         }
 146         else {
 147             try {
 148                 var prefName = kHostingPrefPart1 + context + kHostingPrefPart2;
 149                 hostingFlags = gPref.getIntPref(prefName);
 150             }
 151             catch (ex) {
 152                 dump("Failed to read control hosting prefs for \"" + context + "\" from \"" + prefName + "\" pref\n");
 153                 hostingFlags = kDefaultOtherHostingFlags;
 154             }
 155             hostingFlags = kDefaultOtherHostingFlags;
 156         }
 157         return hostingFlags;
 158     },
 159     // nsIObserver
 160     observe: function(subject, topic, prefName)
 161     {
 162         if (topic != "nsPref:changed")
 163             return;
 164         this.syncPrefs();
 165
 166     },
 167     // nsISupports
 168     QueryInterface: function(iid) {
 169         if (iid.equals(nsISupports) ||
 170             iid.equals(nsIActiveXSecurityPolicy) ||
 171             iid.equals(nsIObserver))
 172             return this;
 173
 174         Components.returnCode = Components.results.NS_ERROR_NO_INTERFACE;
 175         return null;
 176     }
 177 };
 178
 179 /* factory for AxSecurityPolicy */
 180 var AxSecurityPolicyFactory = {
 181     createInstance: function (outer, iid)
 182     {
 183         if (outer != null)
 184             throw Components.results.NS_ERROR_NO_AGGREGATION;
 185         if (!iid.equals(nsISupports) &&
 186             !iid.equals(nsIActiveXSecurityPolicy) &&
 187             !iid.equals(nsIObserver))
 188             throw Components.results.NS_ERROR_INVALID_ARG;
 189         return new AxSecurityPolicy();
 190     }
 191 };
 192
 193
 194 var AxSecurityPolicyModule = {
 195     registerSelf: function (compMgr, fileSpec, location, type)
 196     {
 197         debug("*** Registering axsecurity policy.\n");
 198         compMgr = compMgr.QueryInterface(Components.interfaces.nsIComponentRegistrar);
 199         compMgr.registerFactoryLocation(
 200             NS_IACTIVEXSECURITYPOLICY_CID ,
 201             "ActiveX Security Policy Service",
 202             NS_IACTIVEXSECURITYPOLICY_CONTRACTID,
 203             fileSpec,
 204             location,
 205             type);
 206     },
 207     unregisterSelf: function(compMgr, fileSpec, location)
 208     {
 209         compMgr = compMgr.QueryInterface(Components.interfaces.nsIComponentRegistrar);
 210         compMgr.unregisterFactoryLocation(NS_IACTIVEXSECURITYPOLICY_CID, fileSpec);
 211     },
 212     getClassObject: function(compMgr, cid, iid)
 213     {
 214         if (cid.equals(NS_IACTIVEXSECURITYPOLICY_CID))
 215             return AxSecurityPolicyFactory;
 216
 217         if (!iid.equals(Components.interfaces.nsIFactory))
 218             throw Components.results.NS_ERROR_NOT_IMPLEMENTED;
 219
 220         throw Components.results.NS_ERROR_NO_INTERFACE;
 221     },
 222     canUnload: function(compMgr)
 223     {
 224         return true;
 225     }
 226 };
 227
 228 /* entrypoint */
 229 function NSGetModule(compMgr, fileSpec) {
 230     return AxSecurityPolicyModule;
 231 }
 232
 233