/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #ifndef mozilla_BasePrincipal_h #define mozilla_BasePrincipal_h #include "nsIPrincipal.h" #include "nsIScriptSecurityManager.h" #include "nsJSPrincipals.h" #include "mozilla/Attributes.h" #include "mozilla/dom/ChromeUtilsBinding.h" class nsIContentSecurityPolicy; class nsIObjectOutputStream; class nsIObjectInputStream; class nsIURI; class nsExpandedPrincipal; namespace mozilla { class GenericOriginAttributes; // Base OriginAttributes class. This has several subclass flavors, and is not // directly constructable itself. class OriginAttributes : public dom::OriginAttributesDictionary { public: bool operator==(const OriginAttributes& aOther) const { return mAppId == aOther.mAppId && mInIsolatedMozBrowser == aOther.mInIsolatedMozBrowser && mAddonId == aOther.mAddonId && mUserContextId == aOther.mUserContextId && mPrivateBrowsingId == aOther.mPrivateBrowsingId && mFirstPartyDomain == aOther.mFirstPartyDomain; } bool operator!=(const OriginAttributes& aOther) const { return !(*this == aOther); } // Serializes/Deserializes non-default values into the suffix format, i.e. // |!key1=value1&key2=value2|. If there are no non-default attributes, this // returns an empty string. void CreateSuffix(nsACString& aStr) const; // Don't use this method for anything else than debugging! void CreateAnonymizedSuffix(nsACString& aStr) const; [[nodiscard]] bool PopulateFromSuffix(const nsACString& aStr); // Populates the attributes from a string like // |uri!key1=value1&key2=value2| and returns the uri without the suffix. [[nodiscard]] bool PopulateFromOrigin(const nsACString& aOrigin, nsACString& aOriginNoSuffix); // Helper function to match mIsPrivateBrowsing to existing private browsing // flags. Once all other flags are removed, this can be removed too. void SyncAttributesWithPrivateBrowsing(bool aInPrivateBrowsing); void SetFromGenericAttributes(const GenericOriginAttributes& aAttrs); // check if "privacy.firstparty.isolate" is enabled. static bool IsFirstPartyEnabled(); protected: OriginAttributes() {} explicit OriginAttributes(const OriginAttributesDictionary& aOther) : OriginAttributesDictionary(aOther) {} }; class PrincipalOriginAttributes; class DocShellOriginAttributes; class NeckoOriginAttributes; // Various classes in Gecko contain OriginAttributes members, and those // OriginAttributes get propagated to other classes according to certain rules. // For example, the OriginAttributes on the docshell affect the OriginAttributes // for the principal of a document loaded inside it, whose OriginAttributes in // turn affect those of network loads and child docshells. To codify and // centralize these rules, we introduce separate subclasses for the different // flavors, and a variety of InheritFrom* methods to implement the transfer // behavior. // For OriginAttributes stored on principals. class PrincipalOriginAttributes : public OriginAttributes { public: PrincipalOriginAttributes() {} PrincipalOriginAttributes(uint32_t aAppId, bool aInIsolatedMozBrowser) { mAppId = aAppId; mInIsolatedMozBrowser = aInIsolatedMozBrowser; } // Inheriting OriginAttributes from docshell to document when user navigates. // // @param aAttrs Origin Attributes of the docshell. // @param aURI The URI of the document. void InheritFromDocShellToDoc(const DocShellOriginAttributes& aAttrs, const nsIURI* aURI); // Inherit OriginAttributes from Necko. void InheritFromNecko(const NeckoOriginAttributes& aAttrs); void StripUserContextIdAndFirstPartyDomain(); }; // For OriginAttributes stored on docshells / loadcontexts / browsing contexts. class DocShellOriginAttributes : public OriginAttributes { public: DocShellOriginAttributes() {} DocShellOriginAttributes(uint32_t aAppId, bool aInIsolatedMozBrowser) { mAppId = aAppId; mInIsolatedMozBrowser = aInIsolatedMozBrowser; } // Inheriting OriginAttributes from document to child docshell when an //