File gecko-lockdown.patch of Package mozilla-xulrunner192
From: various contributors
Subject: lockdown hooks for Gecko
diff --git a/extensions/cookie/nsCookiePermission.cpp b/extensions/cookie/nsCookiePermission.cpp
--- a/extensions/cookie/nsCookiePermission.cpp
+++ b/extensions/cookie/nsCookiePermission.cpp
@@ -1,10 +1,10 @@
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* vim:ts=2:sw=2:et: */
+/* vim: set ts=2 sw=2 et: */
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
@@ -81,16 +81,17 @@ static const PRBool kDefaultPolicy = PR_
static const char kCookiesLifetimePolicy[] = "network.cookie.lifetimePolicy";
static const char kCookiesLifetimeDays[] = "network.cookie.lifetime.days";
static const char kCookiesAlwaysAcceptSession[] = "network.cookie.alwaysAcceptSessionCookies";
static const char kCookiesPrefsMigrated[] = "network.cookie.prefsMigrated";
// obsolete pref names for migration
static const char kCookiesLifetimeEnabled[] = "network.cookie.lifetime.enabled";
static const char kCookiesLifetimeBehavior[] = "network.cookie.lifetime.behavior";
+static const char kCookiesHonorExceptions[] = "network.cookie.honorExceptions";
static const char kCookiesAskPermission[] = "network.cookie.warnAboutCookies";
static const char kPermissionType[] = "cookie";
#ifdef MOZ_MAIL_NEWS
// returns PR_TRUE if URI appears to be the URI of a mailnews protocol
// XXXbz this should be a protocol flag, not a scheme list, dammit!
static PRBool
@@ -120,16 +121,17 @@ nsCookiePermission::Init()
// failure to access the pref service is non-fatal...
nsCOMPtr<nsIPrefBranch2> prefBranch =
do_GetService(NS_PREFSERVICE_CONTRACTID);
if (prefBranch) {
prefBranch->AddObserver(kCookiesLifetimePolicy, this, PR_FALSE);
prefBranch->AddObserver(kCookiesLifetimeDays, this, PR_FALSE);
prefBranch->AddObserver(kCookiesAlwaysAcceptSession, this, PR_FALSE);
+ prefBranch->AddObserver(kCookiesHonorExceptions, this, PR_FALSE);
PrefChanged(prefBranch, nsnull);
// migration code for original cookie prefs
PRBool migrated;
rv = prefBranch->GetBoolPref(kCookiesPrefsMigrated, &migrated);
if (NS_FAILED(rv) || !migrated) {
PRBool warnAboutCookies = PR_FALSE;
prefBranch->GetBoolPref(kCookiesAskPermission, &warnAboutCookies);
@@ -173,16 +175,20 @@ nsCookiePermission::PrefChanged(nsIPrefB
if (PREF_CHANGED(kCookiesLifetimeDays) &&
NS_SUCCEEDED(aPrefBranch->GetIntPref(kCookiesLifetimeDays, &val)))
// save cookie lifetime in seconds instead of days
mCookiesLifetimeSec = val * 24 * 60 * 60;
if (PREF_CHANGED(kCookiesAlwaysAcceptSession) &&
NS_SUCCEEDED(aPrefBranch->GetBoolPref(kCookiesAlwaysAcceptSession, &val)))
mCookiesAlwaysAcceptSession = val;
+
+ if (PREF_CHANGED(kCookiesHonorExceptions) &&
+ NS_SUCCEEDED(aPrefBranch->GetBoolPref(kCookiesHonorExceptions, &val)))
+ mCookiesHonorExceptions = val;
}
NS_IMETHODIMP
nsCookiePermission::SetAccess(nsIURI *aURI,
nsCookieAccess aAccess)
{
//
// NOTE: nsCookieAccess values conveniently match up with
@@ -202,16 +208,21 @@ nsCookiePermission::CanAccess(nsIURI
// it.
if (IsFromMailNews(aURI)) {
*aResult = ACCESS_DENY;
return NS_OK;
}
#endif // MOZ_MAIL_NEWS
// finally, check with permission manager...
+ if (!mCookiesHonorExceptions) {
+ *aResult = ACCESS_DEFAULT;
+ return NS_OK;
+ }
+
nsresult rv = mPermMgr->TestPermission(aURI, kPermissionType, (PRUint32 *) aResult);
if (NS_SUCCEEDED(rv)) {
switch (*aResult) {
// if we have one of the publicly-available values, just return it
case nsIPermissionManager::UNKNOWN_ACTION: // ACCESS_DEFAULT
case nsIPermissionManager::ALLOW_ACTION: // ACCESS_ALLOW
case nsIPermissionManager::DENY_ACTION: // ACCESS_DENY
break;
diff --git a/extensions/cookie/nsCookiePermission.h b/extensions/cookie/nsCookiePermission.h
--- a/extensions/cookie/nsCookiePermission.h
+++ b/extensions/cookie/nsCookiePermission.h
@@ -54,30 +54,32 @@ public:
NS_DECL_ISUPPORTS
NS_DECL_NSICOOKIEPERMISSION
NS_DECL_NSIOBSERVER
nsCookiePermission()
: mCookiesLifetimeSec(LL_MAXINT)
, mCookiesLifetimePolicy(0) // ACCEPT_NORMALLY
, mCookiesAlwaysAcceptSession(PR_FALSE)
+ , mCookiesHonorExceptions(PR_TRUE)
{}
virtual ~nsCookiePermission() {}
nsresult Init();
void PrefChanged(nsIPrefBranch *, const char *);
private:
PRBool InPrivateBrowsing();
nsCOMPtr<nsIPermissionManager> mPermMgr;
nsCOMPtr<nsIPrivateBrowsingService> mPBService;
PRInt64 mCookiesLifetimeSec; // lifetime limit specified in seconds
PRUint8 mCookiesLifetimePolicy; // pref for how long cookies are stored
PRPackedBool mCookiesAlwaysAcceptSession; // don't prompt for session cookies
+ PRPackedBool mCookiesHonorExceptions;
};
// {EF565D0A-AB9A-4A13-9160-0644CDFD859A}
#define NS_COOKIEPERMISSION_CID \
{0xEF565D0A, 0xAB9A, 0x4A13, {0x91, 0x60, 0x06, 0x44, 0xcd, 0xfd, 0x85, 0x9a }}
#endif
diff --git a/extensions/permissions/nsContentBlocker.cpp b/extensions/permissions/nsContentBlocker.cpp
--- a/extensions/permissions/nsContentBlocker.cpp
+++ b/extensions/permissions/nsContentBlocker.cpp
@@ -71,32 +71,38 @@ static const char *kTypeString[NUMBER_OF
NS_IMPL_ISUPPORTS3(nsContentBlocker,
nsIContentPolicy,
nsIObserver,
nsSupportsWeakReference)
nsContentBlocker::nsContentBlocker()
{
memset(mBehaviorPref, BEHAVIOR_ACCEPT, NUMBER_OF_TYPES);
+ memset(mHonorExceptions, PR_TRUE, NUMBER_OF_TYPES);
}
nsresult
nsContentBlocker::Init()
{
nsresult rv;
mPermissionManager = do_GetService(NS_PERMISSIONMANAGER_CONTRACTID, &rv);
NS_ENSURE_SUCCESS(rv, rv);
nsCOMPtr<nsIPrefService> prefService = do_GetService(NS_PREFSERVICE_CONTRACTID, &rv);
NS_ENSURE_SUCCESS(rv, rv);
nsCOMPtr<nsIPrefBranch> prefBranch;
rv = prefService->GetBranch("permissions.default.", getter_AddRefs(prefBranch));
NS_ENSURE_SUCCESS(rv, rv);
+ nsCOMPtr<nsIPrefBranch> honorExceptionsPrefBranch;
+ rv = prefService->GetBranch("permissions.honorExceptions.",
+ getter_AddRefs(honorExceptionsPrefBranch));
+ NS_ENSURE_SUCCESS(rv, rv);
+
// Migrate old image blocker pref
nsCOMPtr<nsIPrefBranch> oldPrefBranch;
oldPrefBranch = do_QueryInterface(prefService);
PRInt32 oldPref;
rv = oldPrefBranch->GetIntPref("network.image.imageBehavior", &oldPref);
if (NS_SUCCEEDED(rv) && oldPref) {
PRInt32 newPref;
switch (oldPref) {
@@ -116,39 +122,49 @@ nsContentBlocker::Init()
// The branch is not a copy of the prefservice, but a new object, because
// it is a non-default branch. Adding obeservers to it will only work if
// we make sure that the object doesn't die. So, keep a reference to it.
mPrefBranchInternal = do_QueryInterface(prefBranch, &rv);
NS_ENSURE_SUCCESS(rv, rv);
+ mHonorExceptionsPrefBranchInternal =
+ do_QueryInterface(honorExceptionsPrefBranch, &rv);
+ NS_ENSURE_SUCCESS(rv, rv);
+
rv = mPrefBranchInternal->AddObserver("", this, PR_TRUE);
- PrefChanged(prefBranch, nsnull);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ rv = mHonorExceptionsPrefBranchInternal->AddObserver("", this, PR_TRUE);
+ PrefChanged(nsnull);
return rv;
}
#undef LIMIT
#define LIMIT(x, low, high, default) ((x) >= (low) && (x) <= (high) ? (x) : (default))
void
-nsContentBlocker::PrefChanged(nsIPrefBranch *aPrefBranch,
- const char *aPref)
+nsContentBlocker::PrefChanged(const char *aPref)
{
- PRInt32 val;
-
-#define PREF_CHANGED(_P) (!aPref || !strcmp(aPref, _P))
-
- for(PRUint32 i = 0; i < NUMBER_OF_TYPES; ++i) {
- if (PREF_CHANGED(kTypeString[i]) &&
- NS_SUCCEEDED(aPrefBranch->GetIntPref(kTypeString[i], &val)))
- mBehaviorPref[i] = LIMIT(val, 1, 3, 1);
+ for (PRUint32 i = 0; i < NUMBER_OF_TYPES; ++i) {
+ if (!aPref || !strcmp(kTypeString[i], aPref)) {
+ PRInt32 val;
+ PRBool b;
+ if (mPrefBranchInternal &&
+ NS_SUCCEEDED(mPrefBranchInternal->GetIntPref(kTypeString[i], &val))) {
+ mBehaviorPref[i] = LIMIT(val, 1, 3, 1);
+ }
+ if (mHonorExceptionsPrefBranchInternal &&
+ NS_SUCCEEDED(mHonorExceptionsPrefBranchInternal->GetBoolPref(kTypeString[i], &b))) {
+ mHonorExceptions[i] = b;
+ }
+ }
}
-
}
// nsIContentPolicy Implementation
NS_IMETHODIMP
nsContentBlocker::ShouldLoad(PRUint32 aContentType,
nsIURI *aContentLocation,
nsIURI *aRequestingLocation,
nsISupports *aRequestingContext,
@@ -264,21 +280,23 @@ nsContentBlocker::TestPermission(nsIURI
// This default will also get used if there is an unknown value in the
// permission list, or if the permission manager returns unknown values.
*aPermission = PR_TRUE;
// check the permission list first; if we find an entry, it overrides
// default prefs.
// Don't forget the aContentType ranges from 1..8, while the
// array is indexed 0..7
- PRUint32 permission;
- nsresult rv = mPermissionManager->TestPermission(aCurrentURI,
- kTypeString[aContentType - 1],
- &permission);
- NS_ENSURE_SUCCESS(rv, rv);
+ PRUint32 permission = 0;
+ if (mHonorExceptions[aContentType - 1]) {
+ nsresult rv = mPermissionManager->TestPermission(aCurrentURI,
+ kTypeString[aContentType - 1],
+ &permission);
+ NS_ENSURE_SUCCESS(rv, rv);
+ }
// If there is nothing on the list, use the default.
if (!permission) {
permission = mBehaviorPref[aContentType - 1];
*aFromPrefs = PR_TRUE;
}
// Use the fact that the nsIPermissionManager values map to
@@ -294,17 +312,17 @@ nsContentBlocker::TestPermission(nsIURI
case BEHAVIOR_NOFOREIGN:
// Third party checking
// Need a requesting uri for third party checks to work.
if (!aFirstURI)
return NS_OK;
PRBool trustedSource = PR_FALSE;
- rv = aFirstURI->SchemeIs("chrome", &trustedSource);
+ nsresult rv = aFirstURI->SchemeIs("chrome", &trustedSource);
NS_ENSURE_SUCCESS(rv,rv);
if (!trustedSource) {
rv = aFirstURI->SchemeIs("resource", &trustedSource);
NS_ENSURE_SUCCESS(rv,rv);
}
if (trustedSource)
return NS_OK;
@@ -360,12 +378,11 @@ nsContentBlocker::TestPermission(nsIURI
NS_IMETHODIMP
nsContentBlocker::Observe(nsISupports *aSubject,
const char *aTopic,
const PRUnichar *aData)
{
NS_ASSERTION(!strcmp(NS_PREFBRANCH_PREFCHANGE_TOPIC_ID, aTopic),
"unexpected topic - we only deal with pref changes!");
- if (mPrefBranchInternal)
- PrefChanged(mPrefBranchInternal, NS_LossyConvertUTF16toASCII(aData).get());
+ PrefChanged(NS_LossyConvertUTF16toASCII(aData).get());
return NS_OK;
}
diff --git a/extensions/permissions/nsContentBlocker.h b/extensions/permissions/nsContentBlocker.h
--- a/extensions/permissions/nsContentBlocker.h
+++ b/extensions/permissions/nsContentBlocker.h
@@ -61,26 +61,28 @@ public:
NS_DECL_NSIOBSERVER
nsContentBlocker();
nsresult Init();
private:
~nsContentBlocker() {}
- void PrefChanged(nsIPrefBranch *, const char *);
+ void PrefChanged(const char *);
nsresult TestPermission(nsIURI *aCurrentURI,
nsIURI *aFirstURI,
PRInt32 aContentType,
PRBool *aPermission,
PRBool *aFromPrefs);
nsCOMPtr<nsIPermissionManager> mPermissionManager;
nsCOMPtr<nsIPrefBranch2> mPrefBranchInternal;
+ nsCOMPtr<nsIPrefBranch2> mHonorExceptionsPrefBranchInternal;
PRUint8 mBehaviorPref[NUMBER_OF_TYPES];
+ PRPackedBool mHonorExceptions[NUMBER_OF_TYPES];
};
#define NS_CONTENTBLOCKER_CID \
{ 0x4ca6b67b, 0x5cc7, 0x4e71, \
{ 0xa9, 0x8a, 0x97, 0xaf, 0x1c, 0x13, 0x48, 0x62 } }
#define NS_CONTENTBLOCKER_CONTRACTID "@mozilla.org/permissions/contentblocker;1"
diff --git a/modules/libpref/src/init/all.js b/modules/libpref/src/init/all.js
--- a/modules/libpref/src/init/all.js
+++ b/modules/libpref/src/init/all.js
@@ -853,16 +853,17 @@ pref("network.automatic-ntlm-auth.truste
// response to a NTLM challenge. By default, this is disabled since servers
// should almost never need the LM hash, and the LM hash is what makes NTLM
// authentication less secure. See bug 250691 for further details.
// NOTE: automatic-ntlm-auth which leverages the OS-provided NTLM
// implementation will not be affected by this preference.
pref("network.ntlm.send-lm-response", false);
pref("permissions.default.image", 1); // 1-Accept, 2-Deny, 3-dontAcceptForeign
+pref("permissions.honorExceptions.image", true);
pref("network.proxy.type", 5);
pref("network.proxy.ftp", "");
pref("network.proxy.ftp_port", 0);
pref("network.proxy.gopher", "");
pref("network.proxy.gopher_port", 0);
pref("network.proxy.http", "");
@@ -872,16 +873,17 @@ pref("network.proxy.ssl_port",
pref("network.proxy.socks", "");
pref("network.proxy.socks_port", 0);
pref("network.proxy.socks_version", 5);
pref("network.proxy.socks_remote_dns", false);
pref("network.proxy.no_proxies_on", "localhost, 127.0.0.1");
pref("network.proxy.failover_timeout", 1800); // 30 minutes
pref("network.online", true); //online/offline
pref("network.cookie.cookieBehavior", 0); // 0-Accept, 1-dontAcceptForeign, 2-dontUse
+pref("network.cookie.honorExceptions", true);
pref("network.cookie.lifetimePolicy", 0); // accept normally, 1-askBeforeAccepting, 2-acceptForSession,3-acceptForNDays
pref("network.cookie.alwaysAcceptSessionCookies", false);
pref("network.cookie.prefsMigrated", false);
pref("network.cookie.lifetime.days", 90);
// The PAC file to load. Ignored unless network.proxy.type is 2.
pref("network.proxy.autoconfig_url", "");
diff --git a/xpinstall/src/nsXPInstallManager.cpp b/xpinstall/src/nsXPInstallManager.cpp
--- a/xpinstall/src/nsXPInstallManager.cpp
+++ b/xpinstall/src/nsXPInstallManager.cpp
@@ -300,36 +300,46 @@ nsXPInstallManager::InitManagerInternal(
packageList[j++] = item->GetSafeURLString();
packageList[j++] = item->mIconURL.get();
packageList[j++] = item->mCertName.get();
}
//-----------------------------------------------------
// Get permission to install
//-----------------------------------------------------
+ nsCOMPtr<nsIPrefBranch> pref(do_GetService(NS_PREFSERVICE_CONTRACTID));
#ifdef ENABLE_SKIN_SIMPLE_INSTALLATION_UI
if ( mChromeType == CHROME_SKIN )
{
// We may want to enable the simple installation UI once
// bug 343037 is fixed
// skins get a simpler/friendlier dialog
// XXX currently not embeddable
- OKtoInstall = ConfirmChromeInstall( mParentWindow, packageList );
+ PRBool themesDisabled = PR_FALSE;
+ if (pref)
+ pref->GetBoolPref("config.lockdown.disable_themes", &themesDisabled);
+ OKtoInstall = !themesDisabled &&
+ ConfirmChromeInstall( mParentWindow, packageList );
}
else
{
#endif
+ PRBool extensionsDisabled = PR_FALSE;
+ if (pref)
+ pref->GetBoolPref("config.lockdown.disable_extensions", &extensionsDisabled);
+ if (!extensionsDisabled) {
rv = dlgSvc->ConfirmInstall( mParentWindow,
packageList,
numStrings,
&OKtoInstall );
if (NS_FAILED(rv))
OKtoInstall = PR_FALSE;
+ }
#ifdef ENABLE_SKIN_SIMPLE_INSTALLATION_UI
}
#endif
if (OKtoInstall)
{
//-----------------------------------------------------
// Open the progress dialog
