nagai/fune
3
0
Fork 0
forked from mirrors/gecko-dev
Code Pull requests Activity
fune/dom/base/nsContentUtils.cpp
Frédéric Wang b005b82248 Bug 1872657 - Add fetchpriority support for <link rel=preload as=image>. r=valentin,smaug,manuel 
This patch adds fetchpriority support for `<link rel=preload as=image>`
and equivalent HTTP Link header. The fetchpriority value is passed from
where the link is parsed down to `NewImageChannel` where the priority
is initially set. Currently, the default equals PRIORITY_LOW, but is
decreased a bit if LOAD_BACKGROUND flag is set (this is always the case
for link preload images, see `imgLoader::LoadImage`). Later, the
priority can be increased again depending on the category (see
`imgRequest::BoostPriority`).

In order to minimize the changes, the new calculation is to keep the
initial setting to PRIORITY_LOW, adjust it using a new
`network.fetchpriority.adjustments.*` preference depending on the
fetchpriority attributes, and then preserve further adjustments for
LOAD_BACKGROUND and `BoostPriority`.

For the default value `fetchpriority=auto`, there is no adjustment
i.e. we continue to start with PRIORITY_LOW. `fetchpriority=low/high`
are respectively mapped to PRIORITY_LOW/PRIORITY_HIGH which is simple
and consistent with the "Image" cases from Google's web.dev article
https://web.dev/articles/fetch-priority. These values could of course
be revised in the future after more experiments.

This change is covered by the following tests below. The expectations
is modified to match what is described above (i.e. map to PRIORITY_LOW
or PRIORITY_HIGH with adjustment due to LOAD_BACKGROUND):
- `link-initial-preload-image.h2.html`
- `link-dynamic-preload-image.h2.html`
- `kPipeHeaderPreloadImageLinks`

Based on a patch by Mirko Brodesser (mbrodesser@igalia.com)

Differential Revision: https://phabricator.services.mozilla.com/D197493
2024-02-27 06:33:48 +00:00

11472 lines
375 KiB
C++
Raw Blame History

/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/* A namespace class for static layout utilities. */
#include "nsContentUtils.h"
#include <algorithm>
#include <cstddef>
#include <cstdint>
#include <cstdlib>
#include <cstring>
#include <functional>
#include <new>
#include <utility>
#include "BrowserChild.h"
#include "DecoderTraits.h"
#include "ErrorList.h"
#include "HTMLSplitOnSpacesTokenizer.h"
#include "ImageOps.h"
#include "InProcessBrowserChildMessageManager.h"
#include "MainThreadUtils.h"
#include "PLDHashTable.h"
#include "ReferrerInfo.h"
#include "ScopedNSSTypes.h"
#include "ThirdPartyUtil.h"
#include "Units.h"
#include "chrome/common/ipc_message.h"
#include "gfxDrawable.h"
#include "harfbuzz/hb.h"
#include "imgICache.h"
#include "imgIContainer.h"
#include "imgILoader.h"
#include "imgIRequest.h"
#include "imgLoader.h"
#include "js/Array.h"
#include "js/ArrayBuffer.h"
#include "js/BuildId.h"
#include "js/GCAPI.h"
#include "js/Id.h"
#include "js/JSON.h"
#include "js/PropertyAndElement.h" // JS_DefineElement, JS_GetProperty
#include "js/PropertyDescriptor.h"
#include "js/Realm.h"
#include "js/RegExp.h"
#include "js/RegExpFlags.h"
#include "js/RootingAPI.h"
#include "js/TypeDecls.h"
#include "js/Value.h"
#include "js/Wrapper.h"
#include "jsapi.h"
#include "jsfriendapi.h"
#include "mozAutoDocUpdate.h"
#include "mozIDOMWindow.h"
#include "nsIOService.h"
#include "nsObjectLoadingContent.h"
#include "mozilla/AlreadyAddRefed.h"
#include "mozilla/ArrayIterator.h"
#include "mozilla/ArrayUtils.h"
#include "mozilla/AsyncEventDispatcher.h"
#include "mozilla/AtomArray.h"
#include "mozilla/Atomics.h"
#include "mozilla/Attributes.h"
#include "mozilla/AutoRestore.h"
#include "mozilla/BackgroundHangMonitor.h"
#include "mozilla/Base64.h"
#include "mozilla/BasePrincipal.h"
#include "mozilla/BasicEvents.h"
#include "mozilla/BloomFilter.h"
#include "mozilla/CORSMode.h"
#include "mozilla/CallState.h"
#include "mozilla/CheckedInt.h"
#include "mozilla/ClearOnShutdown.h"
#include "mozilla/Components.h"
#include "mozilla/ContentBlockingAllowList.h"
#include "mozilla/CycleCollectedJSContext.h"
#include "mozilla/DOMEventTargetHelper.h"
#include "mozilla/DebugOnly.h"
#include "mozilla/ErrorResult.h"
#include "mozilla/EventDispatcher.h"
#include "mozilla/EventListenerManager.h"
#include "mozilla/EventQueue.h"
#include "mozilla/EventStateManager.h"
#include "mozilla/FlushType.h"
#include "mozilla/FOGIPC.h"
#include "mozilla/HTMLEditor.h"
#include "mozilla/HangAnnotations.h"
#include "mozilla/IMEStateManager.h"
#include "mozilla/InputEventOptions.h"
#include "mozilla/InternalMutationEvent.h"
#include "mozilla/Latin1.h"
#include "mozilla/Likely.h"
#include "mozilla/LoadInfo.h"
#include "mozilla/Logging.h"
#include "mozilla/MacroForEach.h"
#include "mozilla/ManualNAC.h"
#include "mozilla/Maybe.h"
#include "mozilla/MediaFeatureChange.h"
#include "mozilla/MouseEvents.h"
#include "mozilla/NotNull.h"
#include "mozilla/NullPrincipal.h"
#include "mozilla/OriginAttributes.h"
#include "mozilla/Preferences.h"
#include "mozilla/PresShell.h"
#include "mozilla/ProfilerRunnable.h"
#include "mozilla/RangeBoundary.h"
#include "mozilla/RefPtr.h"
#include "mozilla/Result.h"
#include "mozilla/ResultExtensions.h"
#include "mozilla/ScrollbarPreferences.h"
#include "mozilla/ShutdownPhase.h"
#include "mozilla/Span.h"
#include "mozilla/StaticAnalysisFunctions.h"
#include "mozilla/StaticPrefs_browser.h"
#include "mozilla/StaticPrefs_dom.h"
#ifdef FUZZING
# include "mozilla/StaticPrefs_fuzzing.h"
#endif
#include "mozilla/StaticPrefs_nglayout.h"
#include "mozilla/StaticPrefs_privacy.h"
#include "mozilla/StaticPrefs_test.h"
#include "mozilla/StaticPrefs_ui.h"
#include "mozilla/StaticPtr.h"
#include "mozilla/TextControlState.h"
#include "mozilla/TextEditor.h"
#include "mozilla/TextEvents.h"
#include "mozilla/UniquePtr.h"
#include "mozilla/Unused.h"
#include "mozilla/Variant.h"
#include "mozilla/ViewportUtils.h"
#include "mozilla/dom/AncestorIterator.h"
#include "mozilla/dom/AutoEntryScript.h"
#include "mozilla/dom/AutocompleteInfoBinding.h"
#include "mozilla/dom/AutoSuppressEventHandlingAndSuspend.h"
#include "mozilla/dom/BindingDeclarations.h"
#include "mozilla/dom/BindingUtils.h"
#include "mozilla/dom/BlobImpl.h"
#include "mozilla/dom/BlobURLProtocolHandler.h"
#include "mozilla/dom/BorrowedAttrInfo.h"
#include "mozilla/dom/BrowserBridgeParent.h"
#include "mozilla/dom/BrowserParent.h"
#include "mozilla/dom/BrowsingContext.h"
#include "mozilla/dom/BrowsingContextGroup.h"
#include "mozilla/dom/CallbackFunction.h"
#include "mozilla/dom/CallbackObject.h"
#include "mozilla/dom/ChromeMessageBroadcaster.h"
#include "mozilla/dom/ContentChild.h"
#include "mozilla/dom/ContentFrameMessageManager.h"
#include "mozilla/dom/ContentParent.h"
#include "mozilla/dom/CustomElementRegistry.h"
#include "mozilla/dom/CustomElementRegistryBinding.h"
#include "mozilla/dom/CustomElementTypes.h"
#include "mozilla/dom/DOMArena.h"
#include "mozilla/dom/DOMException.h"
#include "mozilla/dom/DOMExceptionBinding.h"
#include "mozilla/dom/DOMSecurityMonitor.h"
#include "mozilla/dom/DOMTypes.h"
#include "mozilla/dom/DataTransfer.h"
#include "mozilla/dom/DocGroup.h"
#include "mozilla/dom/Document.h"
#include "mozilla/dom/DocumentFragment.h"
#include "mozilla/dom/DocumentInlines.h"
#include "mozilla/dom/Element.h"
#include "mozilla/dom/ElementBinding.h"
#include "mozilla/dom/ElementInlines.h"
#include "mozilla/dom/Event.h"
#include "mozilla/dom/EventTarget.h"
#include "mozilla/dom/FileBlobImpl.h"
#include "mozilla/dom/FileSystemSecurity.h"
#include "mozilla/dom/FilteredNodeIterator.h"
#include "mozilla/dom/FormData.h"
#include "mozilla/dom/FragmentOrElement.h"
#include "mozilla/dom/FromParser.h"
#include "mozilla/dom/HTMLElement.h"
#include "mozilla/dom/HTMLFormElement.h"
#include "mozilla/dom/HTMLImageElement.h"
#include "mozilla/dom/HTMLInputElement.h"
#include "mozilla/dom/HTMLTextAreaElement.h"
#include "mozilla/dom/IPCBlob.h"
#include "mozilla/dom/IPCBlobUtils.h"
#include "mozilla/dom/MessageBroadcaster.h"
#include "mozilla/dom/MessageListenerManager.h"
#include "mozilla/dom/MessagePort.h"
#include "mozilla/dom/MouseEventBinding.h"
#include "mozilla/dom/NameSpaceConstants.h"
#include "mozilla/dom/NodeBinding.h"
#include "mozilla/dom/NodeInfo.h"
#include "mozilla/dom/PBrowser.h"
#include "mozilla/dom/PContentChild.h"
#include "mozilla/dom/PrototypeList.h"
#include "mozilla/dom/ReferrerPolicyBinding.h"
#include "mozilla/dom/ScriptSettings.h"
#include "mozilla/dom/Selection.h"
#include "mozilla/dom/ShadowRoot.h"
#include "mozilla/dom/Text.h"
#include "mozilla/dom/UserActivation.h"
#include "mozilla/dom/WindowContext.h"
#include "mozilla/dom/WorkerCommon.h"
#include "mozilla/dom/WorkerPrivate.h"
#include "mozilla/dom/WorkerRunnable.h"
#include "mozilla/dom/XULCommandEvent.h"
#include "mozilla/glean/GleanPings.h"
#include "mozilla/fallible.h"
#include "mozilla/gfx/2D.h"
#include "mozilla/gfx/BaseMargin.h"
#include "mozilla/gfx/BasePoint.h"
#include "mozilla/gfx/BaseSize.h"
#include "mozilla/gfx/DataSurfaceHelpers.h"
#include "mozilla/gfx/Point.h"
#include "mozilla/gfx/Rect.h"
#include "mozilla/gfx/Types.h"
#include "mozilla/ipc/ProtocolUtils.h"
#include "mozilla/ipc/SharedMemory.h"
#include "mozilla/net/UrlClassifierCommon.h"
#include "mozilla/Tokenizer.h"
#include "mozilla/widget/IMEData.h"
#include "nsAboutProtocolUtils.h"
#include "nsAlgorithm.h"
#include "nsArrayUtils.h"
#include "nsAtomHashKeys.h"
#include "nsAttrName.h"
#include "nsAttrValue.h"
#include "nsAttrValueInlines.h"
#include "nsBaseHashtable.h"
#include "nsCCUncollectableMarker.h"
#include "nsCOMPtr.h"
#include "nsCRT.h"
#include "nsCRTGlue.h"
#include "nsCanvasFrame.h"
#include "nsCaseTreatment.h"
#include "nsCharSeparatedTokenizer.h"
#include "nsCharTraits.h"
#include "nsCompatibility.h"
#include "nsComponentManagerUtils.h"
#include "nsContainerFrame.h"
#include "nsContentCreatorFunctions.h"
#include "nsContentDLF.h"
#include "nsContentList.h"
#include "nsContentListDeclarations.h"
#include "nsContentPolicyUtils.h"
#include "nsCoord.h"
#include "nsCycleCollectionNoteChild.h"
#include "nsDOMMutationObserver.h"
#include "nsDOMString.h"
#include "nsTHashMap.h"
#include "nsDebug.h"
#include "nsDocShell.h"
#include "nsDocShellCID.h"
#include "nsError.h"
#include "nsFocusManager.h"
#include "nsFrameList.h"
#include "nsFrameLoader.h"
#include "nsFrameLoaderOwner.h"
#include "nsGenericHTMLElement.h"
#include "nsGkAtoms.h"
#include "nsGlobalWindowInner.h"
#include "nsGlobalWindowOuter.h"
#include "nsHTMLDocument.h"
#include "nsHTMLTags.h"
#include "nsHashKeys.h"
#include "nsHtml5StringParser.h"
#include "nsIAboutModule.h"
#include "nsIAnonymousContentCreator.h"
#include "nsIAppShell.h"
#include "nsIArray.h"
#include "nsIAsyncVerifyRedirectCallback.h"
#include "nsIBidiKeyboard.h"
#include "nsIBrowser.h"
#include "nsICacheInfoChannel.h"
#include "nsICategoryManager.h"
#include "nsIChannel.h"
#include "nsIChannelEventSink.h"
#include "nsIClassifiedChannel.h"
#include "nsIConsoleService.h"
#include "nsIContent.h"
#include "nsIContentInlines.h"
#include "nsIContentPolicy.h"
#include "nsIContentSecurityPolicy.h"
#include "nsIContentSink.h"
#include "nsIDOMWindowUtils.h"
#include "nsIDocShell.h"
#include "nsIDocShellTreeItem.h"
#include "nsIDocumentEncoder.h"
#include "nsIDocumentLoaderFactory.h"
#include "nsIDocumentViewer.h"
#include "nsIDragService.h"
#include "nsIDragSession.h"
#include "nsIFile.h"
#include "nsIFocusManager.h"
#include "nsIFormControl.h"
#include "nsIFragmentContentSink.h"
#include "nsIFrame.h"
#include "nsIGlobalObject.h"
#include "nsIHttpChannel.h"
#include "nsIHttpChannelInternal.h"
#include "nsIIOService.h"
#include "nsIImageLoadingContent.h"
#include "nsIInputStream.h"
#include "nsIInterfaceRequestor.h"
#include "nsIInterfaceRequestorUtils.h"
#include "nsILoadContext.h"
#include "nsILoadGroup.h"
#include "nsILoadInfo.h"
#include "nsIMIMEService.h"
#include "nsIMemoryReporter.h"
#include "nsINetUtil.h"
#include "nsINode.h"
#include "nsIObjectLoadingContent.h"
#include "nsIObserver.h"
#include "nsIObserverService.h"
#include "nsIParserUtils.h"
#include "nsIPermissionManager.h"
#include "nsIPrincipal.h"
#include "nsIProperties.h"
#include "nsIProtocolHandler.h"
#include "nsIRequest.h"
#include "nsIRunnable.h"
#include "nsIScreen.h"
#include "nsIScriptError.h"
#include "nsIScriptGlobalObject.h"
#include "nsIScriptObjectPrincipal.h"
#include "nsIScriptSecurityManager.h"
#include "nsISerialEventTarget.h"
#include "nsIStreamConverter.h"
#include "nsIStreamConverterService.h"
#include "nsIStringBundle.h"
#include "nsISupports.h"
#include "nsISupportsPrimitives.h"
#include "nsISupportsUtils.h"
#include "nsITransferable.h"
#include "nsIURI.h"
#include "nsIURIMutator.h"
#if defined(MOZ_THUNDERBIRD) || defined(MOZ_SUITE)
# include "nsIURIWithSpecialOrigin.h"
#endif
#include "nsIUserIdleServiceInternal.h"
#include "nsIWeakReferenceUtils.h"
#include "nsIWebNavigation.h"
#include "nsIWebNavigationInfo.h"
#include "nsIWidget.h"
#include "nsIWindowMediator.h"
#include "nsIXPConnect.h"
#include "nsJSPrincipals.h"
#include "nsJSUtils.h"
#include "nsLayoutUtils.h"
#include "nsLiteralString.h"
#include "nsMargin.h"
#include "nsMimeTypes.h"
#include "nsNameSpaceManager.h"
#include "nsNetCID.h"
#include "nsNetUtil.h"
#include "nsNodeInfoManager.h"
#include "nsPIDOMWindow.h"
#include "nsPIDOMWindowInlines.h"
#include "nsParser.h"
#include "nsParserConstants.h"
#include "nsPoint.h"
#include "nsPointerHashKeys.h"
#include "nsPresContext.h"
#include "nsQueryFrame.h"
#include "nsQueryObject.h"
#include "nsRange.h"
#include "nsRefPtrHashtable.h"
#include "nsSandboxFlags.h"
#include "nsScriptSecurityManager.h"
#include "nsServiceManagerUtils.h"
#include "nsStreamUtils.h"
#include "nsString.h"
#include "nsStringBuffer.h"
#include "nsStringBundle.h"
#include "nsStringFlags.h"
#include "nsStringFwd.h"
#include "nsStringIterator.h"
#include "nsStringStream.h"
#include "nsTArray.h"
#include "nsTLiteralString.h"
#include "nsTPromiseFlatString.h"
#include "nsTStringRepr.h"
#include "nsTextFragment.h"
#include "nsTextNode.h"
#include "nsThreadManager.h"
#include "nsThreadUtils.h"
#include "nsTreeSanitizer.h"
#include "nsUGenCategory.h"
#include "nsURLHelper.h"
#include "nsUnicodeProperties.h"
#include "nsVariant.h"
#include "nsWidgetsCID.h"
#include "nsView.h"
#include "nsViewManager.h"
#include "nsXPCOM.h"
#include "nsXPCOMCID.h"
#include "nsXULAppAPI.h"
#include "nsXULElement.h"
#include "nsXULPopupManager.h"
#include "nscore.h"
#include "prinrval.h"
#include "xpcprivate.h"
#include "xpcpublic.h"
#if defined(XP_WIN)
// Undefine LoadImage to prevent naming conflict with Windows.
# undef LoadImage
#endif
extern "C" int MOZ_XMLTranslateEntity(const char* ptr, const char* end,
const char** next, char16_t* result);
extern "C" int MOZ_XMLCheckQName(const char* ptr, const char* end, int ns_aware,
const char** colon);
using namespace mozilla::dom;
using namespace mozilla::ipc;
using namespace mozilla::gfx;
using namespace mozilla::layers;
using namespace mozilla::widget;
using namespace mozilla;
const char kLoadAsData[] = "loadAsData";
nsIXPConnect* nsContentUtils::sXPConnect;
nsIScriptSecurityManager* nsContentUtils::sSecurityManager;
nsIPrincipal* nsContentUtils::sSystemPrincipal;
nsIPrincipal* nsContentUtils::sNullSubjectPrincipal;
nsIConsoleService* nsContentUtils::sConsoleService;
static nsTHashMap<RefPtr<nsAtom>, EventNameMapping>* sAtomEventTable;
static nsTHashMap<nsStringHashKey, EventNameMapping>* sStringEventTable;
static nsTArray<RefPtr<nsAtom>>* sUserDefinedEvents;
nsIStringBundleService* nsContentUtils::sStringBundleService;
static StaticRefPtr<nsIStringBundle>
sStringBundles[nsContentUtils::PropertiesFile_COUNT];
nsIContentPolicy* nsContentUtils::sContentPolicyService;
bool nsContentUtils::sTriedToGetContentPolicy = false;
StaticRefPtr<nsIBidiKeyboard> nsContentUtils::sBidiKeyboard;
uint32_t nsContentUtils::sScriptBlockerCount = 0;
uint32_t nsContentUtils::sDOMNodeRemovedSuppressCount = 0;
AutoTArray<nsCOMPtr<nsIRunnable>, 8>* nsContentUtils::sBlockedScriptRunners =
nullptr;
uint32_t nsContentUtils::sRunnersCountAtFirstBlocker = 0;
nsIInterfaceRequestor* nsContentUtils::sSameOriginChecker = nullptr;
bool nsContentUtils::sIsHandlingKeyBoardEvent = false;
nsString* nsContentUtils::sShiftText = nullptr;
nsString* nsContentUtils::sControlText = nullptr;
nsString* nsContentUtils::sCommandOrWinText = nullptr;
nsString* nsContentUtils::sAltText = nullptr;
nsString* nsContentUtils::sModifierSeparator = nullptr;
bool nsContentUtils::sInitialized = false;
#ifndef RELEASE_OR_BETA
bool nsContentUtils::sBypassCSSOMOriginCheck = false;
#endif
nsCString* nsContentUtils::sJSScriptBytecodeMimeType = nullptr;
nsCString* nsContentUtils::sJSModuleBytecodeMimeType = nullptr;
nsContentUtils::UserInteractionObserver*
nsContentUtils::sUserInteractionObserver = nullptr;
nsHtml5StringParser* nsContentUtils::sHTMLFragmentParser = nullptr;
nsParser* nsContentUtils::sXMLFragmentParser = nullptr;
nsIFragmentContentSink* nsContentUtils::sXMLFragmentSink = nullptr;
bool nsContentUtils::sFragmentParsingActive = false;
bool nsContentUtils::sMayHaveFormCheckboxStateChangeListeners = false;
bool nsContentUtils::sMayHaveFormRadioStateChangeListeners = false;
mozilla::LazyLogModule nsContentUtils::gResistFingerprintingLog(
"nsResistFingerprinting");
mozilla::LazyLogModule nsContentUtils::sDOMDumpLog("Dump");
int32_t nsContentUtils::sInnerOrOuterWindowCount = 0;
uint32_t nsContentUtils::sInnerOrOuterWindowSerialCounter = 0;
template Maybe<int32_t> nsContentUtils::ComparePoints(
const RangeBoundary& aFirstBoundary, const RangeBoundary& aSecondBoundary);
template Maybe<int32_t> nsContentUtils::ComparePoints(
const RangeBoundary& aFirstBoundary,
const RawRangeBoundary& aSecondBoundary);
template Maybe<int32_t> nsContentUtils::ComparePoints(
const RawRangeBoundary& aFirstBoundary,
const RangeBoundary& aSecondBoundary);
template Maybe<int32_t> nsContentUtils::ComparePoints(
const RawRangeBoundary& aFirstBoundary,
const RawRangeBoundary& aSecondBoundary);
template int32_t nsContentUtils::ComparePoints_Deprecated(
const RangeBoundary& aFirstBoundary, const RangeBoundary& aSecondBoundary,
bool* aDisconnected);
template int32_t nsContentUtils::ComparePoints_Deprecated(
const RangeBoundary& aFirstBoundary,
const RawRangeBoundary& aSecondBoundary, bool* aDisconnected);
template int32_t nsContentUtils::ComparePoints_Deprecated(
const RawRangeBoundary& aFirstBoundary,
const RangeBoundary& aSecondBoundary, bool* aDisconnected);
template int32_t nsContentUtils::ComparePoints_Deprecated(
const RawRangeBoundary& aFirstBoundary,
const RawRangeBoundary& aSecondBoundary, bool* aDisconnected);
// Subset of
// http://www.whatwg.org/specs/web-apps/current-work/#autofill-field-name
enum AutocompleteUnsupportedFieldName : uint8_t {
#define AUTOCOMPLETE_UNSUPPORTED_FIELD_NAME(name_, value_) \
eAutocompleteUnsupportedFieldName_##name_,
#include "AutocompleteFieldList.h"
#undef AUTOCOMPLETE_UNSUPPORTED_FIELD_NAME
};
enum AutocompleteNoPersistFieldName : uint8_t {
#define AUTOCOMPLETE_NO_PERSIST_FIELD_NAME(name_, value_) \
eAutocompleteNoPersistFieldName_##name_,
#include "AutocompleteFieldList.h"
#undef AUTOCOMPLETE_NO_PERSIST_FIELD_NAME
};
enum AutocompleteUnsupportFieldContactHint : uint8_t {
#define AUTOCOMPLETE_UNSUPPORTED_FIELD_CONTACT_HINT(name_, value_) \
eAutocompleteUnsupportedFieldContactHint_##name_,
#include "AutocompleteFieldList.h"
#undef AUTOCOMPLETE_UNSUPPORTED_FIELD_CONTACT_HINT
};
enum AutocompleteFieldName : uint8_t {
#define AUTOCOMPLETE_FIELD_NAME(name_, value_) eAutocompleteFieldName_##name_,
#define AUTOCOMPLETE_CONTACT_FIELD_NAME(name_, value_) \
AUTOCOMPLETE_FIELD_NAME(name_, value_)
#include "AutocompleteFieldList.h"
#undef AUTOCOMPLETE_FIELD_NAME
#undef AUTOCOMPLETE_CONTACT_FIELD_NAME
};
enum AutocompleteFieldHint : uint8_t {
#define AUTOCOMPLETE_FIELD_HINT(name_, value_) eAutocompleteFieldHint_##name_,
#include "AutocompleteFieldList.h"
#undef AUTOCOMPLETE_FIELD_HINT
};
enum AutocompleteFieldContactHint : uint8_t {
#define AUTOCOMPLETE_FIELD_CONTACT_HINT(name_, value_) \
eAutocompleteFieldContactHint_##name_,
#include "AutocompleteFieldList.h"
#undef AUTOCOMPLETE_FIELD_CONTACT_HINT
};
enum AutocompleteCredentialType : uint8_t {
#define AUTOCOMPLETE_CREDENTIAL_TYPE(name_, value_) \
eAutocompleteCredentialType_##name_,
#include "AutocompleteFieldList.h"
#undef AUTOCOMPLETE_CREDENTIAL_TYPE
};
enum AutocompleteCategory {
#define AUTOCOMPLETE_CATEGORY(name_, value_) eAutocompleteCategory_##name_,
#include "AutocompleteFieldList.h"
#undef AUTOCOMPLETE_CATEGORY
};
static const nsAttrValue::EnumTable kAutocompleteUnsupportedFieldNameTable[] = {
#define AUTOCOMPLETE_UNSUPPORTED_FIELD_NAME(name_, value_) \
{value_, eAutocompleteUnsupportedFieldName_##name_},
#include "AutocompleteFieldList.h"
#undef AUTOCOMPLETE_UNSUPPORTED_FIELD_NAME
{nullptr, 0}};
static const nsAttrValue::EnumTable kAutocompleteNoPersistFieldNameTable[] = {
#define AUTOCOMPLETE_NO_PERSIST_FIELD_NAME(name_, value_) \
{value_, eAutocompleteNoPersistFieldName_##name_},
#include "AutocompleteFieldList.h"
#undef AUTOCOMPLETE_NO_PERSIST_FIELD_NAME
{nullptr, 0}};
static const nsAttrValue::EnumTable
kAutocompleteUnsupportedContactFieldHintTable[] = {
#define AUTOCOMPLETE_UNSUPPORTED_FIELD_CONTACT_HINT(name_, value_) \
{value_, eAutocompleteUnsupportedFieldContactHint_##name_},
#include "AutocompleteFieldList.h"
#undef AUTOCOMPLETE_UNSUPPORTED_FIELD_CONTACT_HINT
{nullptr, 0}};
static const nsAttrValue::EnumTable kAutocompleteFieldNameTable[] = {
#define AUTOCOMPLETE_FIELD_NAME(name_, value_) \
{value_, eAutocompleteFieldName_##name_},
#include "AutocompleteFieldList.h"
#undef AUTOCOMPLETE_FIELD_NAME
{nullptr, 0}};
static const nsAttrValue::EnumTable kAutocompleteContactFieldNameTable[] = {
#define AUTOCOMPLETE_CONTACT_FIELD_NAME(name_, value_) \
{value_, eAutocompleteFieldName_##name_},
#include "AutocompleteFieldList.h"
#undef AUTOCOMPLETE_CONTACT_FIELD_NAME
{nullptr, 0}};
static const nsAttrValue::EnumTable kAutocompleteFieldHintTable[] = {
#define AUTOCOMPLETE_FIELD_HINT(name_, value_) \
{value_, eAutocompleteFieldHint_##name_},
#include "AutocompleteFieldList.h"
#undef AUTOCOMPLETE_FIELD_HINT
{nullptr, 0}};
static const nsAttrValue::EnumTable kAutocompleteContactFieldHintTable[] = {
#define AUTOCOMPLETE_FIELD_CONTACT_HINT(name_, value_) \
{value_, eAutocompleteFieldContactHint_##name_},
#include "AutocompleteFieldList.h"
#undef AUTOCOMPLETE_FIELD_CONTACT_HINT
{nullptr, 0}};
static const nsAttrValue::EnumTable kAutocompleteCredentialTypeTable[] = {
#define AUTOCOMPLETE_CREDENTIAL_TYPE(name_, value_) \
{value_, eAutocompleteCredentialType_##name_},
#include "AutocompleteFieldList.h"
#undef AUTOCOMPLETE_CREDENTIAL_TYPE
{nullptr, 0}};
namespace {
static PLDHashTable* sEventListenerManagersHash;
// A global hashtable to for keeping the arena alive for cross docGroup node
// adoption.
static nsRefPtrHashtable<nsPtrHashKey<const nsINode>, mozilla::dom::DOMArena>*
sDOMArenaHashtable;
class DOMEventListenerManagersHashReporter final : public nsIMemoryReporter {
MOZ_DEFINE_MALLOC_SIZE_OF(MallocSizeOf)
~DOMEventListenerManagersHashReporter() = default;
public:
NS_DECL_ISUPPORTS
NS_IMETHOD CollectReports(nsIHandleReportCallback* aHandleReport,
nsISupports* aData, bool aAnonymize) override {
// We don't measure the |EventListenerManager| objects pointed to by the
// entries because those references are non-owning.
int64_t amount =
sEventListenerManagersHash
? sEventListenerManagersHash->ShallowSizeOfIncludingThis(
MallocSizeOf)
: 0;
MOZ_COLLECT_REPORT(
"explicit/dom/event-listener-managers-hash", KIND_HEAP, UNITS_BYTES,
amount, "Memory used by the event listener manager's hash table.");
return NS_OK;
}
};
NS_IMPL_ISUPPORTS(DOMEventListenerManagersHashReporter, nsIMemoryReporter)
class EventListenerManagerMapEntry : public PLDHashEntryHdr {
public:
explicit EventListenerManagerMapEntry(const void* aKey) : mKey(aKey) {}
~EventListenerManagerMapEntry() {
NS_ASSERTION(!mListenerManager, "caller must release and disconnect ELM");
}
protected: // declared protected to silence clang warnings
const void* mKey; // must be first, to look like PLDHashEntryStub
public:
RefPtr<EventListenerManager> mListenerManager;
};
static void EventListenerManagerHashInitEntry(PLDHashEntryHdr* entry,
const void* key) {
// Initialize the entry with placement new
new (entry) EventListenerManagerMapEntry(key);
}
static void EventListenerManagerHashClearEntry(PLDHashTable* table,
PLDHashEntryHdr* entry) {
EventListenerManagerMapEntry* lm =
static_cast<EventListenerManagerMapEntry*>(entry);
// Let the EventListenerManagerMapEntry clean itself up...
lm->~EventListenerManagerMapEntry();
}
class SameOriginCheckerImpl final : public nsIChannelEventSink,
public nsIInterfaceRequestor {
~SameOriginCheckerImpl() = default;
NS_DECL_ISUPPORTS
NS_DECL_NSICHANNELEVENTSINK
NS_DECL_NSIINTERFACEREQUESTOR
};
} // namespace
void AutoSuppressEventHandling::SuppressDocument(Document* aDoc) {
// Note: Document::SuppressEventHandling will also automatically suppress
// event handling for any in-process sub-documents. However, since we need
// to deal with cases where remote BrowsingContexts may be interleaved
// with in-process ones, we still need to walk the entire tree ourselves.
// This may be slightly redundant in some cases, but since event handling
// suppressions maintain a count of current blockers, it does not cause
// any problems.
aDoc->SuppressEventHandling();
}
void AutoSuppressEventHandling::UnsuppressDocument(Document* aDoc) {
aDoc->UnsuppressEventHandlingAndFireEvents(true);
}
AutoSuppressEventHandling::~AutoSuppressEventHandling() {
UnsuppressDocuments();
}
void AutoSuppressEventHandlingAndSuspend::SuppressDocument(Document* aDoc) {
AutoSuppressEventHandling::SuppressDocument(aDoc);
if (nsCOMPtr<nsPIDOMWindowInner> win = aDoc->GetInnerWindow()) {
win->Suspend();
mWindows.AppendElement(win);
}
}
AutoSuppressEventHandlingAndSuspend::~AutoSuppressEventHandlingAndSuspend() {
for (const auto& win : mWindows) {
win->Resume();
}
}
/**
* This class is used to determine whether or not the user is currently
* interacting with the browser. It listens to observer events to toggle the
* value of the sUserActive static.
*
* This class is an internal implementation detail.
* nsContentUtils::GetUserIsInteracting() should be used to access current
* user interaction status.
*/
class nsContentUtils::UserInteractionObserver final
: public nsIObserver,
public BackgroundHangAnnotator {
public:
NS_DECL_ISUPPORTS
NS_DECL_NSIOBSERVER
void Init();
void Shutdown();
void AnnotateHang(BackgroundHangAnnotations& aAnnotations) override;
static Atomic<bool> sUserActive;
private:
~UserInteractionObserver() = default;
};
static constexpr nsLiteralCString kRfpPrefs[] = {
"privacy.resistFingerprinting"_ns,
"privacy.resistFingerprinting.pbmode"_ns,
"privacy.fingerprintingProtection"_ns,
"privacy.fingerprintingProtection.pbmode"_ns,
"privacy.fingerprintingProtection.overrides"_ns,
};
static void RecomputeResistFingerprintingAllDocs(const char*, void*) {
AutoTArray<RefPtr<BrowsingContextGroup>, 5> bcGroups;
BrowsingContextGroup::GetAllGroups(bcGroups);
for (auto& bcGroup : bcGroups) {
AutoTArray<DocGroup*, 5> docGroups;
bcGroup->GetDocGroups(docGroups);
for (auto* docGroup : docGroups) {
for (Document* doc : *docGroup) {
if (doc->RecomputeResistFingerprinting()) {
if (auto* pc = doc->GetPresContext()) {
pc->MediaFeatureValuesChanged(
{MediaFeatureChangeReason::PreferenceChange},
MediaFeatureChangePropagation::JustThisDocument);
}
}
}
}
}
}
// static
nsresult nsContentUtils::Init() {
if (sInitialized) {
NS_WARNING("Init() called twice");
return NS_OK;
}
nsHTMLTags::AddRefTable();
sXPConnect = nsXPConnect::XPConnect();
// We hold a strong ref to sXPConnect to ensure that it does not go away until
// nsLayoutStatics::Shutdown is happening. Otherwise ~nsXPConnect can be
// triggered by xpcModuleDtor late in shutdown and cause crashes due to
// various stuff already being torn down by then. Note that this means that
// we are effectively making sure that if we leak nsLayoutStatics then we also
// leak nsXPConnect.
NS_ADDREF(sXPConnect);
sSecurityManager = nsScriptSecurityManager::GetScriptSecurityManager();
if (!sSecurityManager) return NS_ERROR_FAILURE;
NS_ADDREF(sSecurityManager);
sSecurityManager->GetSystemPrincipal(&sSystemPrincipal);
MOZ_ASSERT(sSystemPrincipal);
RefPtr<NullPrincipal> nullPrincipal =
NullPrincipal::CreateWithoutOriginAttributes();
if (!nullPrincipal) {
return NS_ERROR_FAILURE;
}
nullPrincipal.forget(&sNullSubjectPrincipal);
if (!InitializeEventTable()) return NS_ERROR_FAILURE;
if (!sEventListenerManagersHash) {
static const PLDHashTableOps hash_table_ops = {
PLDHashTable::HashVoidPtrKeyStub, PLDHashTable::MatchEntryStub,
PLDHashTable::MoveEntryStub, EventListenerManagerHashClearEntry,
EventListenerManagerHashInitEntry};
sEventListenerManagersHash =
new PLDHashTable(&hash_table_ops, sizeof(EventListenerManagerMapEntry));
RegisterStrongMemoryReporter(new DOMEventListenerManagersHashReporter());
}
sBlockedScriptRunners = new AutoTArray<nsCOMPtr<nsIRunnable>, 8>;
#ifndef RELEASE_OR_BETA
sBypassCSSOMOriginCheck = getenv("MOZ_BYPASS_CSSOM_ORIGIN_CHECK");
#endif
Element::InitCCCallbacks();
RefPtr<nsRFPService> rfpService = nsRFPService::GetOrCreate();
MOZ_ASSERT(rfpService);
if (XRE_IsParentProcess()) {
AsyncPrecreateStringBundles();
#if defined(MOZ_WIDGET_ANDROID)
// On Android, at-shutdown ping submission isn't reliable
// (( because, on Android, we usually get killed, not shut down )).
// To have a chance at submitting the ping, aim for idle after startup.
nsresult rv = NS_DispatchToCurrentThreadQueue(
NS_NewRunnableFunction(
"AndroidUseCounterPingSubmitter",
[]() { glean_pings::UseCounters.Submit("idle_startup"_ns); }),
EventQueuePriority::Idle);
// This is mostly best-effort, so if it goes awry, just log.
Unused << NS_WARN_IF(NS_FAILED(rv));
#endif // defined(MOZ_WIDGET_ANDROID)
RunOnShutdown(
[&] { glean_pings::UseCounters.Submit("app_shutdown_confirmed"_ns); },
ShutdownPhase::AppShutdownConfirmed);
}
RefPtr<UserInteractionObserver> uio = new UserInteractionObserver();
uio->Init();
uio.forget(&sUserInteractionObserver);
for (const auto& pref : kRfpPrefs) {
Preferences::RegisterCallback(RecomputeResistFingerprintingAllDocs, pref);
}
sInitialized = true;
return NS_OK;
}
bool nsContentUtils::InitJSBytecodeMimeType() {
MOZ_ASSERT(NS_IsMainThread());
MOZ_ASSERT(!sJSScriptBytecodeMimeType);
MOZ_ASSERT(!sJSModuleBytecodeMimeType);
JS::BuildIdCharVector jsBuildId;
if (!JS::GetScriptTranscodingBuildId(&jsBuildId)) {
return false;
}
nsDependentCSubstring jsBuildIdStr(jsBuildId.begin(), jsBuildId.length());
sJSScriptBytecodeMimeType =
new nsCString("javascript/moz-script-bytecode-"_ns + jsBuildIdStr);
sJSModuleBytecodeMimeType =
new nsCString("javascript/moz-module-bytecode-"_ns + jsBuildIdStr);
return true;
}
void nsContentUtils::GetShiftText(nsAString& text) {
if (!sShiftText) InitializeModifierStrings();
text.Assign(*sShiftText);
}
void nsContentUtils::GetControlText(nsAString& text) {
if (!sControlText) InitializeModifierStrings();
text.Assign(*sControlText);
}
void nsContentUtils::GetCommandOrWinText(nsAString& text) {
if (!sCommandOrWinText) {
InitializeModifierStrings();
}
text.Assign(*sCommandOrWinText);
}
void nsContentUtils::GetAltText(nsAString& text) {
if (!sAltText) InitializeModifierStrings();
text.Assign(*sAltText);
}
void nsContentUtils::GetModifierSeparatorText(nsAString& text) {
if (!sModifierSeparator) InitializeModifierStrings();
text.Assign(*sModifierSeparator);
}
void nsContentUtils::InitializeModifierStrings() {
// load the display strings for the keyboard accelerators
nsCOMPtr<nsIStringBundleService> bundleService =
mozilla::components::StringBundle::Service();
nsCOMPtr<nsIStringBundle> bundle;
DebugOnly<nsresult> rv = NS_OK;
if (bundleService) {
rv = bundleService->CreateBundle(
"chrome://global-platform/locale/platformKeys.properties",
getter_AddRefs(bundle));
}
NS_ASSERTION(
NS_SUCCEEDED(rv) && bundle,
"chrome://global/locale/platformKeys.properties could not be loaded");
nsAutoString shiftModifier;
nsAutoString commandOrWinModifier;
nsAutoString altModifier;
nsAutoString controlModifier;
nsAutoString modifierSeparator;
if (bundle) {
// macs use symbols for each modifier key, so fetch each from the bundle,
// which also covers i18n
bundle->GetStringFromName("VK_SHIFT", shiftModifier);
bundle->GetStringFromName("VK_COMMAND_OR_WIN", commandOrWinModifier);
bundle->GetStringFromName("VK_ALT", altModifier);
bundle->GetStringFromName("VK_CONTROL", controlModifier);
bundle->GetStringFromName("MODIFIER_SEPARATOR", modifierSeparator);
}
// if any of these don't exist, we get an empty string
sShiftText = new nsString(shiftModifier);
sCommandOrWinText = new nsString(commandOrWinModifier);
sAltText = new nsString(altModifier);
sControlText = new nsString(controlModifier);
sModifierSeparator = new nsString(modifierSeparator);
}
mozilla::EventClassID nsContentUtils::GetEventClassIDFromMessage(
EventMessage aEventMessage) {
switch (aEventMessage) {
#define MESSAGE_TO_EVENT(name_, message_, type_, struct_) \
case message_: \
return struct_;
#include "mozilla/EventNameList.h"
#undef MESSAGE_TO_EVENT
default:
MOZ_ASSERT_UNREACHABLE("Invalid event message?");
return eBasicEventClass;
}
}
bool nsContentUtils::IsExternalProtocol(nsIURI* aURI) {
bool doesNotReturnData = false;
nsresult rv = NS_URIChainHasFlags(
aURI, nsIProtocolHandler::URI_DOES_NOT_RETURN_DATA, &doesNotReturnData);
return NS_SUCCEEDED(rv) && doesNotReturnData;
}
/* static */
nsAtom* nsContentUtils::GetEventTypeFromMessage(EventMessage aEventMessage) {
switch (aEventMessage) {
#define MESSAGE_TO_EVENT(name_, message_, type_, struct_) \
case message_: \
return nsGkAtoms::on##name_;
#include "mozilla/EventNameList.h"
#undef MESSAGE_TO_EVENT
default:
return nullptr;
}
}
bool nsContentUtils::InitializeEventTable() {
NS_ASSERTION(!sAtomEventTable, "EventTable already initialized!");
NS_ASSERTION(!sStringEventTable, "EventTable already initialized!");
static const EventNameMapping eventArray[] = {
#define EVENT(name_, _message, _type, _class) \
{nsGkAtoms::on##name_, _type, _message, _class},
#define WINDOW_ONLY_EVENT EVENT
#define DOCUMENT_ONLY_EVENT EVENT
#define NON_IDL_EVENT EVENT
#include "mozilla/EventNameList.h"
#undef WINDOW_ONLY_EVENT
#undef NON_IDL_EVENT
#undef EVENT
{nullptr}};
sAtomEventTable =
new nsTHashMap<RefPtr<nsAtom>, EventNameMapping>(ArrayLength(eventArray));
sStringEventTable = new nsTHashMap<nsStringHashKey, EventNameMapping>(
ArrayLength(eventArray));
sUserDefinedEvents = new nsTArray<RefPtr<nsAtom>>(64);
// Subtract one from the length because of the trailing null
for (uint32_t i = 0; i < ArrayLength(eventArray) - 1; ++i) {
MOZ_ASSERT(!sAtomEventTable->Contains(eventArray[i].mAtom),
"Double-defining event name; fix your EventNameList.h");
sAtomEventTable->InsertOrUpdate(eventArray[i].mAtom, eventArray[i]);
sStringEventTable->InsertOrUpdate(
Substring(nsDependentAtomString(eventArray[i].mAtom), 2),
eventArray[i]);
}
return true;
}
void nsContentUtils::InitializeTouchEventTable() {
static bool sEventTableInitialized = false;
if (!sEventTableInitialized && sAtomEventTable && sStringEventTable) {
sEventTableInitialized = true;
static const EventNameMapping touchEventArray[] = {
#define EVENT(name_, _message, _type, _class)
#define TOUCH_EVENT(name_, _message, _type, _class) \
{nsGkAtoms::on##name_, _type, _message, _class},
#include "mozilla/EventNameList.h"
#undef TOUCH_EVENT
#undef EVENT
{nullptr}};
// Subtract one from the length because of the trailing null
for (uint32_t i = 0; i < ArrayLength(touchEventArray) - 1; ++i) {
sAtomEventTable->InsertOrUpdate(touchEventArray[i].mAtom,
touchEventArray[i]);
sStringEventTable->InsertOrUpdate(
Substring(nsDependentAtomString(touchEventArray[i].mAtom), 2),
touchEventArray[i]);
}
}
}
static bool Is8bit(const nsAString& aString) {
static const char16_t EIGHT_BIT = char16_t(~0x00FF);
for (nsAString::const_char_iterator start = aString.BeginReading(),
end = aString.EndReading();
start != end; ++start) {
if (*start & EIGHT_BIT) {
return false;
}
}
return true;
}
nsresult nsContentUtils::Btoa(const nsAString& aBinaryData,
nsAString& aAsciiBase64String) {
if (!Is8bit(aBinaryData)) {
aAsciiBase64String.Truncate();
return NS_ERROR_DOM_INVALID_CHARACTER_ERR;
}
return Base64Encode(aBinaryData, aAsciiBase64String);
}
nsresult nsContentUtils::Atob(const nsAString& aAsciiBase64String,
nsAString& aBinaryData) {
if (!Is8bit(aAsciiBase64String)) {
aBinaryData.Truncate();
return NS_ERROR_DOM_INVALID_CHARACTER_ERR;
}
const char16_t* start = aAsciiBase64String.BeginReading();
const char16_t* cur = start;
const char16_t* end = aAsciiBase64String.EndReading();
bool hasWhitespace = false;
while (cur < end) {
if (nsContentUtils::IsHTMLWhitespace(*cur)) {
hasWhitespace = true;
break;
}
cur++;
}
nsresult rv;
if (hasWhitespace) {
nsString trimmedString;
if (!trimmedString.SetCapacity(aAsciiBase64String.Length(), fallible)) {
return NS_ERROR_DOM_INVALID_CHARACTER_ERR;
}
trimmedString.Append(start, cur - start);
while (cur < end) {
if (!nsContentUtils::IsHTMLWhitespace(*cur)) {
trimmedString.Append(*cur);
}
cur++;
}
rv = Base64Decode(trimmedString, aBinaryData);
} else {
rv = Base64Decode(aAsciiBase64String, aBinaryData);
}
if (NS_FAILED(rv) && rv == NS_ERROR_INVALID_ARG) {
return NS_ERROR_DOM_INVALID_CHARACTER_ERR;
}
return rv;
}
bool nsContentUtils::IsAutocompleteEnabled(
mozilla::dom::HTMLInputElement* aInput) {
MOZ_ASSERT(aInput, "aInput should not be null!");
nsAutoString autocomplete;
aInput->GetAutocomplete(autocomplete);
if (autocomplete.IsEmpty()) {
auto* form = aInput->GetForm();
if (!form) {
return true;
}
form->GetAutocomplete(autocomplete);
}
return !autocomplete.EqualsLiteral("off");
}
nsContentUtils::AutocompleteAttrState
nsContentUtils::SerializeAutocompleteAttribute(
const nsAttrValue* aAttr, nsAString& aResult,
AutocompleteAttrState aCachedState) {
if (!aAttr ||
aCachedState == nsContentUtils::eAutocompleteAttrState_Invalid) {
return aCachedState;
}
if (aCachedState == nsContentUtils::eAutocompleteAttrState_Valid) {
uint32_t atomCount = aAttr->GetAtomCount();
for (uint32_t i = 0; i < atomCount; i++) {
if (i != 0) {
aResult.Append(' ');
}
aResult.Append(nsDependentAtomString(aAttr->AtomAt(i)));
}
nsContentUtils::ASCIIToLower(aResult);
return aCachedState;
}
aResult.Truncate();
mozilla::dom::AutocompleteInfo info;
AutocompleteAttrState state =
InternalSerializeAutocompleteAttribute(aAttr, info);
if (state == eAutocompleteAttrState_Valid) {
// Concatenate the info fields.
aResult = info.mSection;
if (!info.mAddressType.IsEmpty()) {
if (!aResult.IsEmpty()) {
aResult += ' ';
}
aResult += info.mAddressType;
}
if (!info.mContactType.IsEmpty()) {
if (!aResult.IsEmpty()) {
aResult += ' ';
}
aResult += info.mContactType;
}
if (!info.mFieldName.IsEmpty()) {
if (!aResult.IsEmpty()) {
aResult += ' ';
}
aResult += info.mFieldName;
}
// The autocomplete attribute value "webauthn" is interpreted as both a
// field name and a credential type. The corresponding IDL-exposed autofill
// value is "webauthn", not "webauthn webauthn".
if (!info.mCredentialType.IsEmpty() &&
!(info.mCredentialType.Equals(u"webauthn"_ns) &&
info.mCredentialType.Equals(aResult))) {
if (!aResult.IsEmpty()) {
aResult += ' ';
}
aResult += info.mCredentialType;
}
}
return state;
}
nsContentUtils::AutocompleteAttrState
nsContentUtils::SerializeAutocompleteAttribute(
const nsAttrValue* aAttr, mozilla::dom::AutocompleteInfo& aInfo,
AutocompleteAttrState aCachedState, bool aGrantAllValidValue) {
if (!aAttr ||
aCachedState == nsContentUtils::eAutocompleteAttrState_Invalid) {
return aCachedState;
}
return InternalSerializeAutocompleteAttribute(aAttr, aInfo,
aGrantAllValidValue);
}
/**
* Helper to validate the @autocomplete tokens.
*
* @return {AutocompleteAttrState} The state of the attribute (invalid/valid).
*/
nsContentUtils::AutocompleteAttrState
nsContentUtils::InternalSerializeAutocompleteAttribute(
const nsAttrValue* aAttrVal, mozilla::dom::AutocompleteInfo& aInfo,
bool aGrantAllValidValue) {
// No autocomplete attribute so we are done
if (!aAttrVal) {
return eAutocompleteAttrState_Invalid;
}
uint32_t numTokens = aAttrVal->GetAtomCount();
if (!numTokens || numTokens > INT32_MAX) {
return eAutocompleteAttrState_Invalid;
}
uint32_t index = numTokens - 1;
nsString tokenString = nsDependentAtomString(aAttrVal->AtomAt(index));
AutocompleteCategory category;
nsAttrValue enumValue;
nsAutoString credentialTypeStr;
bool result = enumValue.ParseEnumValue(
tokenString, kAutocompleteCredentialTypeTable, false);
if (result) {
if (!enumValue.Equals(u"webauthn"_ns, eIgnoreCase) || numTokens > 5) {
return eAutocompleteAttrState_Invalid;
}
enumValue.ToString(credentialTypeStr);
ASCIIToLower(credentialTypeStr);
// category is Credential and the indexth token is "webauthn"
if (index == 0) {
aInfo.mFieldName.Assign(credentialTypeStr);
aInfo.mCredentialType.Assign(credentialTypeStr);
return eAutocompleteAttrState_Valid;
}
--index;
tokenString = nsDependentAtomString(aAttrVal->AtomAt(index));
// Only the Normal and Contact categories are allowed with webauthn
// - disallow Credential
if (enumValue.ParseEnumValue(tokenString, kAutocompleteCredentialTypeTable,
false)) {
return eAutocompleteAttrState_Invalid;
}
// - disallow Off and Automatic
if (enumValue.ParseEnumValue(tokenString, kAutocompleteFieldNameTable,
false)) {
if (enumValue.Equals(u"off"_ns, eIgnoreCase) ||
enumValue.Equals(u"on"_ns, eIgnoreCase)) {
return eAutocompleteAttrState_Invalid;
}
}
// Proceed to process the remaining tokens as if "webauthn" was not present.
// We need to decrement numTokens to enforce the correct per-category limits
// on the maximum number of tokens.
--numTokens;
}
bool unsupported = false;
if (!aGrantAllValidValue) {
unsupported = enumValue.ParseEnumValue(
tokenString, kAutocompleteUnsupportedFieldNameTable, false);
if (unsupported) {
return eAutocompleteAttrState_Invalid;
}
}
nsAutoString fieldNameStr;
result =
enumValue.ParseEnumValue(tokenString, kAutocompleteFieldNameTable, false);
if (result) {
// Off/Automatic/Normal categories.
if (enumValue.Equals(u"off"_ns, eIgnoreCase) ||
enumValue.Equals(u"on"_ns, eIgnoreCase)) {
if (numTokens > 1) {
return eAutocompleteAttrState_Invalid;
}
enumValue.ToString(fieldNameStr);
ASCIIToLower(fieldNameStr);
aInfo.mFieldName.Assign(fieldNameStr);
aInfo.mCredentialType.Assign(credentialTypeStr);
aInfo.mCanAutomaticallyPersist =
!enumValue.Equals(u"off"_ns, eIgnoreCase);
return eAutocompleteAttrState_Valid;
}
// Only allow on/off if form autofill @autocomplete values aren't enabled
// and it doesn't grant all valid values.
if (!StaticPrefs::dom_forms_autocomplete_formautofill() &&
!aGrantAllValidValue) {
return eAutocompleteAttrState_Invalid;
}
// Normal category
if (numTokens > 3) {
return eAutocompleteAttrState_Invalid;
}
category = eAutocompleteCategory_NORMAL;
} else { // Check if the last token is of the contact category instead.
// Only allow on/off if form autofill @autocomplete values aren't enabled
// and it doesn't grant all valid values.
if (!StaticPrefs::dom_forms_autocomplete_formautofill() &&
!aGrantAllValidValue) {
return eAutocompleteAttrState_Invalid;
}
result = enumValue.ParseEnumValue(
tokenString, kAutocompleteContactFieldNameTable, false);
if (!result || numTokens > 4) {
return eAutocompleteAttrState_Invalid;
}
category = eAutocompleteCategory_CONTACT;
}
enumValue.ToString(fieldNameStr);
ASCIIToLower(fieldNameStr);
aInfo.mFieldName.Assign(fieldNameStr);
aInfo.mCredentialType.Assign(credentialTypeStr);
aInfo.mCanAutomaticallyPersist = !enumValue.ParseEnumValue(
tokenString, kAutocompleteNoPersistFieldNameTable, false);
// We are done if this was the only token.
if (numTokens == 1) {
return eAutocompleteAttrState_Valid;
}
--index;
tokenString = nsDependentAtomString(aAttrVal->AtomAt(index));
if (category == eAutocompleteCategory_CONTACT) {
if (!aGrantAllValidValue) {
unsupported = enumValue.ParseEnumValue(
tokenString, kAutocompleteUnsupportedContactFieldHintTable, false);
if (unsupported) {
return eAutocompleteAttrState_Invalid;
}
}
nsAttrValue contactFieldHint;
result = contactFieldHint.ParseEnumValue(
tokenString, kAutocompleteContactFieldHintTable, false);
if (result) {
nsAutoString contactFieldHintString;
contactFieldHint.ToString(contactFieldHintString);
ASCIIToLower(contactFieldHintString);
aInfo.mContactType.Assign(contactFieldHintString);
if (index == 0) {
return eAutocompleteAttrState_Valid;
}
--index;
tokenString = nsDependentAtomString(aAttrVal->AtomAt(index));
}
}
// Check for billing/shipping tokens
nsAttrValue fieldHint;
if (fieldHint.ParseEnumValue(tokenString, kAutocompleteFieldHintTable,
false)) {
nsString fieldHintString;
fieldHint.ToString(fieldHintString);
ASCIIToLower(fieldHintString);
aInfo.mAddressType.Assign(fieldHintString);
if (index == 0) {
return eAutocompleteAttrState_Valid;
}
--index;
tokenString = nsDependentAtomString(aAttrVal->AtomAt(index));
}
// Check for section-* token
const nsDependentSubstring& section = Substring(tokenString, 0, 8);
if (section.LowerCaseEqualsASCII("section-")) {
ASCIIToLower(tokenString);
aInfo.mSection.Assign(tokenString);
if (index == 0) {
return eAutocompleteAttrState_Valid;
}
}
// Clear the fields as the autocomplete attribute is invalid.
aInfo.mSection.Truncate();
aInfo.mAddressType.Truncate();
aInfo.mContactType.Truncate();
aInfo.mFieldName.Truncate();
aInfo.mCredentialType.Truncate();
return eAutocompleteAttrState_Invalid;
}
// Parse an integer according to HTML spec
template <class CharT>
int32_t nsContentUtils::ParseHTMLIntegerImpl(
const CharT* aStart, const CharT* aEnd,
ParseHTMLIntegerResultFlags* aResult) {
int result = eParseHTMLInteger_NoFlags;
const CharT* iter = aStart;
while (iter != aEnd && nsContentUtils::IsHTMLWhitespace(*iter)) {
result |= eParseHTMLInteger_NonStandard;
++iter;
}
if (iter == aEnd) {
result |= eParseHTMLInteger_Error | eParseHTMLInteger_ErrorNoValue;
*aResult = (ParseHTMLIntegerResultFlags)result;
return 0;
}
int sign = 1;
if (*iter == CharT('-')) {
sign = -1;
result |= eParseHTMLInteger_Negative;
++iter;
} else if (*iter == CharT('+')) {
result |= eParseHTMLInteger_NonStandard;
++iter;
}
bool foundValue = false;
CheckedInt32 value = 0;
// Check for leading zeros first.
uint64_t leadingZeros = 0;
while (iter != aEnd) {
if (*iter != CharT('0')) {
break;
}
++leadingZeros;
foundValue = true;
++iter;
}
while (iter != aEnd) {
if (*iter >= CharT('0') && *iter <= CharT('9')) {
value = (value * 10) + (*iter - CharT('0')) * sign;
++iter;
if (!value.isValid()) {
result |= eParseHTMLInteger_Error | eParseHTMLInteger_ErrorOverflow;
break;
}
foundValue = true;
} else {
break;
}
}
if (!foundValue) {
result |= eParseHTMLInteger_Error | eParseHTMLInteger_ErrorNoValue;
}
if (value.isValid() &&
((leadingZeros > 1 || (leadingZeros == 1 && !(value == 0))) ||
(sign == -1 && value == 0))) {
result |= eParseHTMLInteger_NonStandard;
}
if (iter != aEnd) {
result |= eParseHTMLInteger_DidNotConsumeAllInput;
}
*aResult = (ParseHTMLIntegerResultFlags)result;
return value.isValid() ? value.value() : 0;
}
// Parse an integer according to HTML spec
int32_t nsContentUtils::ParseHTMLInteger(const char16_t* aStart,
const char16_t* aEnd,
ParseHTMLIntegerResultFlags* aResult) {
return ParseHTMLIntegerImpl(aStart, aEnd, aResult);
}
int32_t nsContentUtils::ParseHTMLInteger(const char* aStart, const char* aEnd,
ParseHTMLIntegerResultFlags* aResult) {
return ParseHTMLIntegerImpl(aStart, aEnd, aResult);
}
#define SKIP_WHITESPACE(iter, end_iter, end_res) \
while ((iter) != (end_iter) && nsCRT::IsAsciiSpace(*(iter))) { \
++(iter); \
} \
if ((iter) == (end_iter)) { \
return (end_res); \
}
#define SKIP_ATTR_NAME(iter, end_iter) \
while ((iter) != (end_iter) && !nsCRT::IsAsciiSpace(*(iter)) && \
*(iter) != '=') { \
++(iter); \
}
bool nsContentUtils::GetPseudoAttributeValue(const nsString& aSource,
nsAtom* aName, nsAString& aValue) {
aValue.Truncate();
const char16_t* start = aSource.get();
const char16_t* end = start + aSource.Length();
const char16_t* iter;
while (start != end) {
SKIP_WHITESPACE(start, end, false)
iter = start;
SKIP_ATTR_NAME(iter, end)
if (start == iter) {
return false;
}
// Remember the attr name.
const nsDependentSubstring& attrName = Substring(start, iter);
// Now check whether this is a valid name="value" pair.
start = iter;
SKIP_WHITESPACE(start, end, false)
if (*start != '=') {
// No '=', so this is not a name="value" pair. We don't know
// what it is, and we have no way to handle it.
return false;
}
// Have to skip the value.
++start;
SKIP_WHITESPACE(start, end, false)
char16_t q = *start;
if (q != kQuote && q != kApostrophe) {
// Not a valid quoted value, so bail.
return false;
}
++start; // Point to the first char of the value.
iter = start;
while (iter != end && *iter != q) {
++iter;
}
if (iter == end) {
// Oops, unterminated quoted string.
return false;
}
// At this point attrName holds the name of the "attribute" and
// the value is between start and iter.
if (aName->Equals(attrName)) {
// We'll accumulate as many characters as possible (until we hit either
// the end of the string or the beginning of an entity). Chunks will be
// delimited by start and chunkEnd.
const char16_t* chunkEnd = start;
while (chunkEnd != iter) {
if (*chunkEnd == kLessThan) {
aValue.Truncate();
return false;
}
if (*chunkEnd == kAmpersand) {
aValue.Append(start, chunkEnd - start);
const char16_t* afterEntity = nullptr;
char16_t result[2];
uint32_t count = MOZ_XMLTranslateEntity(
reinterpret_cast<const char*>(chunkEnd),
reinterpret_cast<const char*>(iter),
reinterpret_cast<const char**>(&afterEntity), result);
if (count == 0) {
aValue.Truncate();
return false;
}
aValue.Append(result, count);
// Advance to after the entity and begin a new chunk.
start = chunkEnd = afterEntity;
} else {
++chunkEnd;
}
}
// Append remainder.
aValue.Append(start, iter - start);
return true;
}
// Resume scanning after the end of the attribute value (past the quote
// char).
start = iter + 1;
}
return false;
}
bool nsContentUtils::IsJavaScriptLanguage(const nsString& aName) {
// Create MIME type as "text/" + given input
nsAutoString mimeType(u"text/");
mimeType.Append(aName);
return IsJavascriptMIMEType(mimeType);
}
void nsContentUtils::SplitMimeType(const nsAString& aValue, nsString& aType,
nsString& aParams) {
aType.Truncate();
aParams.Truncate();
int32_t semiIndex = aValue.FindChar(char16_t(';'));
if (-1 != semiIndex) {
aType = Substring(aValue, 0, semiIndex);
aParams =
Substring(aValue, semiIndex + 1, aValue.Length() - (semiIndex + 1));
aParams.StripWhitespace();
} else {
aType = aValue;
}
aType.StripWhitespace();
}
/**
* A helper function that parses a sandbox attribute (of an <iframe> or a CSP
* directive) and converts it to the set of flags used internally.
*
* @param aSandboxAttr the sandbox attribute
* @return the set of flags (SANDBOXED_NONE if aSandboxAttr is
* null)
*/
uint32_t nsContentUtils::ParseSandboxAttributeToFlags(
const nsAttrValue* aSandboxAttr) {
if (!aSandboxAttr) {
return SANDBOXED_NONE;
}
uint32_t out = SANDBOX_ALL_FLAGS;
#define SANDBOX_KEYWORD(string, atom, flags) \
if (aSandboxAttr->Contains(nsGkAtoms::atom, eIgnoreCase)) { \
out &= ~(flags); \
}
#include "IframeSandboxKeywordList.h"
#undef SANDBOX_KEYWORD
return out;
}
/**
* A helper function that checks if a string matches a valid sandbox flag.
*
* @param aFlag the potential sandbox flag.
* @return true if the flag is a sandbox flag.
*/
bool nsContentUtils::IsValidSandboxFlag(const nsAString& aFlag) {
#define SANDBOX_KEYWORD(string, atom, flags) \
if (EqualsIgnoreASCIICase(nsDependentAtomString(nsGkAtoms::atom), aFlag)) { \
return true; \
}
#include "IframeSandboxKeywordList.h"
#undef SANDBOX_KEYWORD
return false;
}
/**
* A helper function that returns a string attribute corresponding to the
* sandbox flags.
*
* @param aFlags the sandbox flags
* @param aString the attribute corresponding to the flags (null if aFlags
* is zero)
*/
void nsContentUtils::SandboxFlagsToString(uint32_t aFlags, nsAString& aString) {
if (!aFlags) {
SetDOMStringToNull(aString);
return;
}
aString.Truncate();
#define SANDBOX_KEYWORD(string, atom, flags) \
if (!(aFlags & (flags))) { \
if (!aString.IsEmpty()) { \
aString.AppendLiteral(u" "); \
} \
aString.Append(nsDependentAtomString(nsGkAtoms::atom)); \
}
#include "IframeSandboxKeywordList.h"
#undef SANDBOX_KEYWORD
}
nsIBidiKeyboard* nsContentUtils::GetBidiKeyboard() {
if (!sBidiKeyboard) {
sBidiKeyboard = nsIWidget::CreateBidiKeyboard();
}
return sBidiKeyboard;
}
/**
* This is used to determine whether a character is in one of the classes
* which CSS says should be part of the first-letter. Currently, that is
* all punctuation classes (P*). Note that this is a change from CSS2
* which excluded Pc and Pd.
*
* https://www.w3.org/TR/css-pseudo-4/#first-letter-pseudo
* "Punctuation (i.e, characters that belong to the Punctuation (P*) Unicode
* general category [UAX44]) [...]"
*/
// static
bool nsContentUtils::IsFirstLetterPunctuation(uint32_t aChar) {
switch (mozilla::unicode::GetGeneralCategory(aChar)) {
case HB_UNICODE_GENERAL_CATEGORY_CONNECT_PUNCTUATION: /* Pc */
case HB_UNICODE_GENERAL_CATEGORY_DASH_PUNCTUATION: /* Pd */
case HB_UNICODE_GENERAL_CATEGORY_CLOSE_PUNCTUATION: /* Pe */
case HB_UNICODE_GENERAL_CATEGORY_FINAL_PUNCTUATION: /* Pf */
case HB_UNICODE_GENERAL_CATEGORY_INITIAL_PUNCTUATION: /* Pi */
case HB_UNICODE_GENERAL_CATEGORY_OTHER_PUNCTUATION: /* Po */
case HB_UNICODE_GENERAL_CATEGORY_OPEN_PUNCTUATION: /* Ps */
return true;
default:
return false;
}
}
// static
bool nsContentUtils::IsAlphanumeric(uint32_t aChar) {
nsUGenCategory cat = mozilla::unicode::GetGenCategory(aChar);
return (cat == nsUGenCategory::kLetter || cat == nsUGenCategory::kNumber);
}
// static
bool nsContentUtils::IsAlphanumericOrSymbol(uint32_t aChar) {
nsUGenCategory cat = mozilla::unicode::GetGenCategory(aChar);
return cat == nsUGenCategory::kLetter || cat == nsUGenCategory::kNumber ||
cat == nsUGenCategory::kSymbol;
}
/* static */
bool nsContentUtils::IsHTMLWhitespace(char16_t aChar) {
return aChar == char16_t(0x0009) || aChar == char16_t(0x000A) ||
aChar == char16_t(0x000C) || aChar == char16_t(0x000D) ||
aChar == char16_t(0x0020);
}
/* static */
bool nsContentUtils::IsHTMLWhitespaceOrNBSP(char16_t aChar) {
return IsHTMLWhitespace(aChar) || aChar == char16_t(0xA0);
}
/* static */
bool nsContentUtils::IsHTMLBlockLevelElement(nsIContent* aContent) {
return aContent->IsAnyOfHTMLElements(
nsGkAtoms::address, nsGkAtoms::article, nsGkAtoms::aside,
nsGkAtoms::blockquote, nsGkAtoms::center, nsGkAtoms::dir, nsGkAtoms::div,
nsGkAtoms::dl, // XXX why not dt and dd?
nsGkAtoms::fieldset,
nsGkAtoms::figure, // XXX shouldn't figcaption be on this list
nsGkAtoms::footer, nsGkAtoms::form, nsGkAtoms::h1, nsGkAtoms::h2,
nsGkAtoms::h3, nsGkAtoms::h4, nsGkAtoms::h5, nsGkAtoms::h6,
nsGkAtoms::header, nsGkAtoms::hgroup, nsGkAtoms::hr, nsGkAtoms::li,
nsGkAtoms::listing, nsGkAtoms::menu, nsGkAtoms::nav, nsGkAtoms::ol,
nsGkAtoms::p, nsGkAtoms::pre, nsGkAtoms::section, nsGkAtoms::table,
nsGkAtoms::ul, nsGkAtoms::xmp);
}
/* static */
bool nsContentUtils::ParseIntMarginValue(const nsAString& aString,
nsIntMargin& result) {
nsAutoString marginStr(aString);
marginStr.CompressWhitespace(true, true);
if (marginStr.IsEmpty()) {
return false;
}
int32_t start = 0, end = 0;
for (int count = 0; count < 4; count++) {
if ((uint32_t)end >= marginStr.Length()) return false;
// top, right, bottom, left
if (count < 3)
end = Substring(marginStr, start).FindChar(',');
else
end = Substring(marginStr, start).Length();
if (end <= 0) return false;
nsresult ec;
int32_t val = nsString(Substring(marginStr, start, end)).ToInteger(&ec);
if (NS_FAILED(ec)) return false;
switch (count) {
case 0:
result.top = val;
break;
case 1:
result.right = val;
break;
case 2:
result.bottom = val;
break;
case 3:
result.left = val;
break;
}
start += end + 1;
}
return true;
}
// static
int32_t nsContentUtils::ParseLegacyFontSize(const nsAString& aValue) {
nsAString::const_iterator iter, end;
aValue.BeginReading(iter);
aValue.EndReading(end);
while (iter != end && nsContentUtils::IsHTMLWhitespace(*iter)) {
++iter;
}
if (iter == end) {
return 0;
}
bool relative = false;
bool negate = false;
if (*iter == char16_t('-')) {
relative = true;
negate = true;
++iter;
} else if (*iter == char16_t('+')) {
relative = true;
++iter;
}
if (iter == end || *iter < char16_t('0') || *iter > char16_t('9')) {
return 0;
}
// We don't have to worry about overflow, since we can bail out as soon as
// we're bigger than 7.
int32_t value = 0;
while (iter != end && *iter >= char16_t('0') && *iter <= char16_t('9')) {
value = 10 * value + (*iter - char16_t('0'));
if (value >= 7) {
break;
}
++iter;
}
if (relative) {
if (negate) {
value = 3 - value;
} else {
value = 3 + value;
}
}
return clamped(value, 1, 7);
}
/* static */
void nsContentUtils::GetOfflineAppManifest(Document* aDocument, nsIURI** aURI) {
MOZ_ASSERT(NS_IsMainThread());
MOZ_ASSERT(aDocument);
*aURI = nullptr;
if (aDocument->GetController().isSome()) {
return;
}
Element* docElement = aDocument->GetRootElement();
if (!docElement) {
return;
}
nsAutoString manifestSpec;
docElement->GetAttr(nsGkAtoms::manifest, manifestSpec);
// Manifest URIs can't have fragment identifiers.
if (manifestSpec.IsEmpty() || manifestSpec.Contains('#')) {
return;
}
nsContentUtils::NewURIWithDocumentCharset(aURI, manifestSpec, aDocument,
aDocument->GetDocBaseURI());
}
/* static */
bool nsContentUtils::OfflineAppAllowed(nsIURI* aURI) { return false; }
/* static */
bool nsContentUtils::OfflineAppAllowed(nsIPrincipal* aPrincipal) {
return false;
}
// Static
bool nsContentUtils::IsErrorPage(nsIURI* aURI) {
if (!aURI) {
return false;
}
if (!aURI->SchemeIs("about")) {
return false;
}
nsAutoCString name;
nsresult rv = NS_GetAboutModuleName(aURI, name);
NS_ENSURE_SUCCESS(rv, false);
return name.EqualsLiteral("certerror") || name.EqualsLiteral("neterror") ||
name.EqualsLiteral("blocked");
}
// static
void nsContentUtils::Shutdown() {
sInitialized = false;
nsHTMLTags::ReleaseTable();
NS_IF_RELEASE(sContentPolicyService);
sTriedToGetContentPolicy = false;
for (StaticRefPtr<nsIStringBundle>& bundle : sStringBundles) {
bundle = nullptr;
}
NS_IF_RELEASE(sStringBundleService);
NS_IF_RELEASE(sConsoleService);
NS_IF_RELEASE(sXPConnect);
NS_IF_RELEASE(sSecurityManager);
NS_IF_RELEASE(sSystemPrincipal);
NS_IF_RELEASE(sNullSubjectPrincipal);
sBidiKeyboard = nullptr;
delete sAtomEventTable;
sAtomEventTable = nullptr;
delete sStringEventTable;
sStringEventTable = nullptr;
delete sUserDefinedEvents;
sUserDefinedEvents = nullptr;
if (sEventListenerManagersHash) {
NS_ASSERTION(sEventListenerManagersHash->EntryCount() == 0,
"Event listener manager hash not empty at shutdown!");
// See comment above.
// However, we have to handle this table differently. If it still
// has entries, we want to leak it too, so that we can keep it alive
// in case any elements are destroyed. Because if they are, we need
// their event listener managers to be destroyed too, or otherwise
// it could leave dangling references in DOMClassInfo's preserved
// wrapper table.
if (sEventListenerManagersHash->EntryCount() == 0) {
delete sEventListenerManagersHash;
sEventListenerManagersHash = nullptr;
}
}
if (sDOMArenaHashtable) {
MOZ_ASSERT(sDOMArenaHashtable->Count() == 0);
MOZ_ASSERT(StaticPrefs::dom_arena_allocator_enabled_AtStartup());
delete sDOMArenaHashtable;
sDOMArenaHashtable = nullptr;
}
NS_ASSERTION(!sBlockedScriptRunners || sBlockedScriptRunners->Length() == 0,
"How'd this happen?");
delete sBlockedScriptRunners;
sBlockedScriptRunners = nullptr;
delete sShiftText;
sShiftText = nullptr;
delete sControlText;
sControlText = nullptr;
delete sCommandOrWinText;
sCommandOrWinText = nullptr;
delete sAltText;
sAltText = nullptr;
delete sModifierSeparator;
sModifierSeparator = nullptr;
delete sJSScriptBytecodeMimeType;
sJSScriptBytecodeMimeType = nullptr;
delete sJSModuleBytecodeMimeType;
sJSModuleBytecodeMimeType = nullptr;
NS_IF_RELEASE(sSameOriginChecker);
if (sUserInteractionObserver) {
sUserInteractionObserver->Shutdown();
NS_RELEASE(sUserInteractionObserver);
}
for (const auto& pref : kRfpPrefs) {
Preferences::UnregisterCallback(RecomputeResistFingerprintingAllDocs, pref);
}
TextControlState::Shutdown();
}
/**
* Checks whether two nodes come from the same origin. aTrustedNode is
* considered 'safe' in that a user can operate on it.
*/
// static
nsresult nsContentUtils::CheckSameOrigin(const nsINode* aTrustedNode,
const nsINode* unTrustedNode) {
MOZ_ASSERT(aTrustedNode);
MOZ_ASSERT(unTrustedNode);
/*
* Get hold of each node's principal
*/
nsIPrincipal* trustedPrincipal = aTrustedNode->NodePrincipal();
nsIPrincipal* unTrustedPrincipal = unTrustedNode->NodePrincipal();
if (trustedPrincipal == unTrustedPrincipal) {
return NS_OK;
}
bool equal;
// XXXbz should we actually have a Subsumes() check here instead? Or perhaps
// a separate method for that, with callers using one or the other?
if (NS_FAILED(trustedPrincipal->Equals(unTrustedPrincipal, &equal)) ||
!equal) {
return NS_ERROR_DOM_PROP_ACCESS_DENIED;
}
return NS_OK;
}
// static
bool nsContentUtils::CanCallerAccess(nsIPrincipal* aSubjectPrincipal,
nsIPrincipal* aPrincipal) {
bool subsumes;
nsresult rv = aSubjectPrincipal->Subsumes(aPrincipal, &subsumes);
NS_ENSURE_SUCCESS(rv, false);
if (subsumes) {
return true;
}
// The subject doesn't subsume aPrincipal. Allow access only if the subject
// is chrome.
return IsCallerChrome();
}
// static
bool nsContentUtils::CanCallerAccess(const nsINode* aNode) {
nsIPrincipal* subject = SubjectPrincipal();
if (subject->IsSystemPrincipal()) {
return true;
}
if (aNode->ChromeOnlyAccess()) {
return false;
}
return CanCallerAccess(subject, aNode->NodePrincipal());
}
// static
bool nsContentUtils::CanCallerAccess(nsPIDOMWindowInner* aWindow) {
nsCOMPtr<nsIScriptObjectPrincipal> scriptObject = do_QueryInterface(aWindow);
NS_ENSURE_TRUE(scriptObject, false);
return CanCallerAccess(SubjectPrincipal(), scriptObject->GetPrincipal());
}
// static
bool nsContentUtils::PrincipalHasPermission(nsIPrincipal& aPrincipal,
const nsAtom* aPerm) {
// Chrome gets access by default.
if (aPrincipal.IsSystemPrincipal()) {
return true;
}
// Otherwise, only allow if caller is an addon with the permission.
return BasePrincipal::Cast(aPrincipal).AddonHasPermission(aPerm);
}
// static
bool nsContentUtils::CallerHasPermission(JSContext* aCx, const nsAtom* aPerm) {
return PrincipalHasPermission(*SubjectPrincipal(aCx), aPerm);
}
// static
nsIPrincipal* nsContentUtils::GetAttrTriggeringPrincipal(
nsIContent* aContent, const nsAString& aAttrValue,
nsIPrincipal* aSubjectPrincipal) {
nsIPrincipal* contentPrin = aContent ? aContent->NodePrincipal() : nullptr;
// If the subject principal is the same as the content principal, or no
// explicit subject principal was provided, we don't need to do any further
// checks. Just return the content principal.
if (contentPrin == aSubjectPrincipal || !aSubjectPrincipal) {
return contentPrin;
}
// Only use the subject principal if the URL string we are going to end up
// fetching is under the control of that principal, which is never the case
// for relative URLs.
if (aAttrValue.IsEmpty() ||
!IsAbsoluteURL(NS_ConvertUTF16toUTF8(aAttrValue))) {
return contentPrin;
}
// Only use the subject principal as the attr triggering principal if it
// should override the CSP of the node's principal.
if (BasePrincipal::Cast(aSubjectPrincipal)->OverridesCSP(contentPrin)) {
return aSubjectPrincipal;
}
return contentPrin;
}
// static
bool nsContentUtils::IsAbsoluteURL(const nsACString& aURL) {
nsAutoCString scheme;
if (NS_FAILED(net_ExtractURLScheme(aURL, scheme))) {
// If we can't extract a scheme, it's not an absolute URL.
return false;
}
// If it parses as an absolute StandardURL, it's definitely an absolute URL,
// so no need to check with the IO service.
if (net_IsAbsoluteURL(aURL)) {
return true;
}
nsresult rv = NS_OK;
nsCOMPtr<nsIIOService> io = mozilla::components::IO::Service(&rv);
MOZ_DIAGNOSTIC_ASSERT(NS_SUCCEEDED(rv));
if (NS_FAILED(rv)) {
return false;
}
uint32_t flags;
if (NS_SUCCEEDED(io->GetProtocolFlags(scheme.get(), &flags))) {
return flags & nsIProtocolHandler::URI_NORELATIVE;
}
return false;
}
// static
bool nsContentUtils::InProlog(nsINode* aNode) {
MOZ_ASSERT(aNode, "missing node to nsContentUtils::InProlog");
nsINode* parent = aNode->GetParentNode();
if (!parent || !parent->IsDocument()) {
return false;
}
const Document* doc = parent->AsDocument();
const nsIContent* root = doc->GetRootElement();
if (!root) {
return true;
}
const Maybe<uint32_t> indexOfNode = doc->ComputeIndexOf(aNode);
const Maybe<uint32_t> indexOfRoot = doc->ComputeIndexOf(root);
if (MOZ_LIKELY(indexOfNode.isSome() && indexOfRoot.isSome())) {
return *indexOfNode < *indexOfRoot;
}
// XXX Keep the odd traditional behavior for now.
return indexOfNode.isNothing() && indexOfRoot.isSome();
}
bool nsContentUtils::IsCallerChrome() {
MOZ_ASSERT(NS_IsMainThread());
return SubjectPrincipal() == sSystemPrincipal;
}
#ifdef FUZZING
bool nsContentUtils::IsFuzzingEnabled() {
return StaticPrefs::fuzzing_enabled();
}
#endif
/* static */
bool nsContentUtils::IsCallerChromeOrElementTransformGettersEnabled(
JSContext* aCx, JSObject*) {
return ThreadsafeIsSystemCaller(aCx) ||
StaticPrefs::dom_element_transform_getters_enabled();
}
// Older Should RFP Functions ----------------------------------
/* static */
bool nsContentUtils::ShouldResistFingerprinting(bool aIsPrivateMode,
RFPTarget aTarget) {
return nsRFPService::IsRFPEnabledFor(aIsPrivateMode, aTarget, Nothing());
}
/* static */
bool nsContentUtils::ShouldResistFingerprinting(nsIGlobalObject* aGlobalObject,
RFPTarget aTarget) {
if (!aGlobalObject) {
return ShouldResistFingerprinting("Null Object", aTarget);
}
return aGlobalObject->ShouldResistFingerprinting(aTarget);
}
// Newer Should RFP Functions ----------------------------------
// Utilities ---------------------------------------------------
inline void LogDomainAndPrefList(const char* urlType,
const char* exemptedDomainsPrefName,
nsAutoCString& url, bool isExemptDomain) {
nsAutoCString list;
Preferences::GetCString(exemptedDomainsPrefName, list);
MOZ_LOG(nsContentUtils::ResistFingerprintingLog(), LogLevel::Debug,
("%s \"%s\" is %s the exempt list \"%s\"", urlType,
PromiseFlatCString(url).get(), isExemptDomain ? "in" : "NOT in",
PromiseFlatCString(list).get()));
}
inline already_AddRefed<nsICookieJarSettings> GetCookieJarSettings(
nsILoadInfo* aLoadInfo) {
nsCOMPtr<nsICookieJarSettings> cookieJarSettings;
nsresult rv =
aLoadInfo->GetCookieJarSettings(getter_AddRefs(cookieJarSettings));
if (rv == NS_ERROR_NOT_IMPLEMENTED) {
// The TRRLoadInfo in particular does not implement this method
// In that instance. We will return false and let other code decide if
// we shouldRFP for this connection
return nullptr;
}
if (NS_WARN_IF(NS_FAILED(rv))) {
MOZ_LOG(nsContentUtils::ResistFingerprintingLog(), LogLevel::Info,
("Called CookieJarSettingsSaysShouldResistFingerprinting but the "
"loadinfo's CookieJarSettings couldn't be retrieved"));
return nullptr;
}
MOZ_ASSERT(cookieJarSettings);
return cookieJarSettings.forget();
}
bool ETPSaysShouldNotResistFingerprinting(nsIChannel* aChannel,
nsILoadInfo* aLoadInfo) {
// A positive return from this function should always be obeyed.
// A negative return means we should keep checking things.
bool isPBM = NS_UsePrivateBrowsing(aChannel);
// We do not want this check to apply to RFP, only to FPP
// There is one problematic combination of prefs; however:
// If RFP is enabled in PBMode only and FPP is enabled globally
// (so, in non-PBM mode) - we need to know if we're in PBMode or not.
// But that's kind of expensive and we'd like to avoid it if we
// don't have to, so special-case that scenario
if (StaticPrefs::privacy_fingerprintingProtection_DoNotUseDirectly() &&
!StaticPrefs::privacy_resistFingerprinting_DoNotUseDirectly() &&
StaticPrefs::privacy_resistFingerprinting_pbmode_DoNotUseDirectly()) {
if (isPBM) {
// In PBM (where RFP is enabled) do not exempt based on the ETP toggle
return false;
}
} else if (StaticPrefs::privacy_resistFingerprinting_DoNotUseDirectly() ||
(isPBM &&
StaticPrefs::
privacy_resistFingerprinting_pbmode_DoNotUseDirectly())) {
// In RFP, never use the ETP toggle to exempt.
// We can safely return false here even if we are not in PBM mode
// and RFP_pbmode is enabled because we will later see that and
// return false from the ShouldRFP function entirely.
return false;
}
nsCOMPtr<nsICookieJarSettings> cookieJarSettings =
GetCookieJarSettings(aLoadInfo);
if (!cookieJarSettings) {
return false;
}
return ContentBlockingAllowList::Check(cookieJarSettings);
}
inline bool CookieJarSettingsSaysShouldResistFingerprinting(
nsILoadInfo* aLoadInfo) {
// A positive return from this function should always be obeyed.
// A negative return means we should keep checking things.
nsCOMPtr<nsICookieJarSettings> cookieJarSettings =
GetCookieJarSettings(aLoadInfo);
if (!cookieJarSettings) {
return false;
}
return cookieJarSettings->GetShouldResistFingerprinting();
}
inline bool SchemeSaysShouldNotResistFingerprinting(nsIURI* aURI) {
return aURI->SchemeIs("chrome") || aURI->SchemeIs("resource") ||
aURI->SchemeIs("view-source") || aURI->SchemeIs("moz-extension") ||
(aURI->SchemeIs("about") && !NS_IsContentAccessibleAboutURI(aURI));
}
inline bool SchemeSaysShouldNotResistFingerprinting(nsIPrincipal* aPrincipal) {
if (aPrincipal->SchemeIs("chrome") || aPrincipal->SchemeIs("resource") ||
aPrincipal->SchemeIs("view-source") ||
aPrincipal->SchemeIs("moz-extension")) {
return true;
}
if (!aPrincipal->SchemeIs("about")) {
return false;
}
bool isContentAccessibleAboutURI;
Unused << aPrincipal->IsContentAccessibleAboutURI(
&isContentAccessibleAboutURI);
return !isContentAccessibleAboutURI;
}
const char* kExemptedDomainsPrefName =
"privacy.resistFingerprinting.exemptedDomains";
inline bool PartionKeyIsAlsoExempted(
const mozilla::OriginAttributes& aOriginAttributes) {
// If we've gotten here we have (probably) passed the CookieJarSettings
// check that would tell us that if we _are_ a subdocument, then we are on
// an exempted top-level domain and we should see if we ourselves are
// exempted. But we may have gotten here because we directly called the
// _dangerous function and we haven't done that check, but we _were_
// instatiated from a state where we could have been partitioned.
// So perform this last-ditch check for that scenario.
// We arbitrarily use https as the scheme, but it doesn't matter.
nsresult rv = NS_ERROR_NOT_INITIALIZED;
nsCOMPtr<nsIURI> uri;
if (StaticPrefs::privacy_firstparty_isolate() &&
!aOriginAttributes.mFirstPartyDomain.IsEmpty()) {
rv = NS_NewURI(getter_AddRefs(uri),
u"https://"_ns + aOriginAttributes.mFirstPartyDomain);
} else if (!aOriginAttributes.mPartitionKey.IsEmpty()) {
rv = NS_NewURI(getter_AddRefs(uri),
u"https://"_ns + aOriginAttributes.mPartitionKey);
}
if (!NS_FAILED(rv)) {
bool isExemptPartitionKey =
nsContentUtils::IsURIInPrefList(uri, kExemptedDomainsPrefName);
if (MOZ_LOG_TEST(nsContentUtils::ResistFingerprintingLog(),
mozilla::LogLevel::Debug)) {
nsAutoCString url;
uri->GetHost(url);
LogDomainAndPrefList("Partition Key", kExemptedDomainsPrefName, url,
isExemptPartitionKey);
}
return isExemptPartitionKey;
}
return true;
}
// Functions ---------------------------------------------------
/* static */
bool nsContentUtils::ShouldResistFingerprinting(const char* aJustification,
RFPTarget aTarget) {
// See comment in header file for information about usage
// We hardcode PBM to true to be the more restrictive option.
return nsContentUtils::ShouldResistFingerprinting(true, aTarget);
}
namespace {
// This function is only called within this file for Positive Return Checks
bool ShouldResistFingerprinting_(const char* aJustification,
bool aIsPrivateMode, RFPTarget aTarget) {
// See comment in header file for information about usage
return nsContentUtils::ShouldResistFingerprinting(aIsPrivateMode, aTarget);
}
} // namespace
/* static */
bool nsContentUtils::ShouldResistFingerprinting(CallerType aCallerType,
nsIGlobalObject* aGlobalObject,
RFPTarget aTarget) {
if (aCallerType == CallerType::System) {
return false;
}
return ShouldResistFingerprinting(aGlobalObject, aTarget);
}
bool nsContentUtils::ShouldResistFingerprinting(nsIDocShell* aDocShell,
RFPTarget aTarget) {
if (!aDocShell) {
MOZ_LOG(nsContentUtils::ResistFingerprintingLog(), LogLevel::Info,
("Called nsContentUtils::ShouldResistFingerprinting(nsIDocShell*) "
"with NULL docshell"));
return ShouldResistFingerprinting("Null Object", aTarget);
}
Document* doc = aDocShell->GetDocument();
if (!doc) {
MOZ_LOG(nsContentUtils::ResistFingerprintingLog(), LogLevel::Info,
("Called nsContentUtils::ShouldResistFingerprinting(nsIDocShell*) "
"with NULL doc"));
return ShouldResistFingerprinting("Null Object", aTarget);
}
return doc->ShouldResistFingerprinting(aTarget);
}
/* static */
bool nsContentUtils::ShouldResistFingerprinting(nsIChannel* aChannel,
RFPTarget aTarget) {
if (!aChannel) {
MOZ_LOG(nsContentUtils::ResistFingerprintingLog(), LogLevel::Info,
("Called nsContentUtils::ShouldResistFingerprinting(nsIChannel* "
"aChannel) with NULL channel"));
return ShouldResistFingerprinting("Null Object", aTarget);
}
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
if (!loadInfo) {
MOZ_LOG(nsContentUtils::ResistFingerprintingLog(), LogLevel::Info,
("Called nsContentUtils::ShouldResistFingerprinting(nsIChannel* "
"aChannel) but the channel's loadinfo was NULL"));
return ShouldResistFingerprinting("Null Object", aTarget);
}
// With this check, we can ensure that the prefs and target say yes, so only
// an exemption would cause us to return false.
bool isPBM = NS_UsePrivateBrowsing(aChannel);
if (!ShouldResistFingerprinting_("Positive return check", isPBM, aTarget)) {
MOZ_LOG(nsContentUtils::ResistFingerprintingLog(), LogLevel::Debug,
("Inside ShouldResistFingerprinting(nsIChannel*)"
" Positive return check said false (PBM: %s)",
isPBM ? "Yes" : "No"));
return false;
}
if (ETPSaysShouldNotResistFingerprinting(aChannel, loadInfo)) {
MOZ_LOG(nsContentUtils::ResistFingerprintingLog(), LogLevel::Debug,
("Inside ShouldResistFingerprinting(nsIChannel*)"
" ETPSaysShouldNotResistFingerprinting said false"));
return false;
}
if (CookieJarSettingsSaysShouldResistFingerprinting(loadInfo)) {
MOZ_LOG(nsContentUtils::ResistFingerprintingLog(), LogLevel::Debug,
("Inside ShouldResistFingerprinting(nsIChannel*)"
" CookieJarSettingsSaysShouldResistFingerprinting said true"));
return true;
}
// Document types have no loading principal. Subdocument types do have a
// loading principal, but it is the loading principal of the parent
// document; not the subdocument.
auto contentType = loadInfo->GetExternalContentPolicyType();
// Case 1: Document or Subdocument load
if (contentType == ExtContentPolicy::TYPE_DOCUMENT ||
contentType == ExtContentPolicy::TYPE_SUBDOCUMENT) {
nsCOMPtr<nsIURI> channelURI;
nsresult rv = NS_GetFinalChannelURI(aChannel, getter_AddRefs(channelURI));
MOZ_ASSERT(
NS_SUCCEEDED(rv),
"Failed to get URI in "
"nsContentUtils::ShouldResistFingerprinting(nsIChannel* aChannel)");
// this check is to ensure that we do not crash in non-debug builds.
if (NS_FAILED(rv)) {
return true;
}
#if 0
if (loadInfo->GetExternalContentPolicyType() == ExtContentPolicy::TYPE_SUBDOCUMENT) {
nsCOMPtr<nsIURI> channelURI;
nsresult rv = NS_GetFinalChannelURI(aChannel, getter_AddRefs(channelURI));
nsAutoCString channelSpec;
channelURI->GetSpec(channelSpec);
if (!loadInfo->GetLoadingPrincipal()) {
MOZ_LOG(nsContentUtils::ResistFingerprintingLog(), LogLevel::Info,
("Sub Document Type. FinalChannelURI is %s, Loading Principal is NULL\n",
channelSpec.get()));
} else {
nsAutoCString loadingPrincipalSpec;
loadInfo->GetLoadingPrincipal()->GetOrigin(loadingPrincipalSpec);
MOZ_LOG(nsContentUtils::ResistFingerprintingLog(), LogLevel::Info,
("Sub Document Type. FinalChannelURI is %s, Loading Principal Origin is %s\n",
channelSpec.get(), loadingPrincipalSpec.get()));
}
}
#endif
return ShouldResistFingerprinting_dangerous(
channelURI, loadInfo->GetOriginAttributes(), "Internal Call", aTarget);
}
// Case 2: Subresource Load
// Because this code is only used for subresource loads, this
// will check the parent's principal
nsIPrincipal* principal = loadInfo->GetLoadingPrincipal();
MOZ_ASSERT_IF(principal && !principal->IsSystemPrincipal() &&
!principal->GetIsAddonOrExpandedAddonPrincipal(),
BasePrincipal::Cast(principal)->OriginAttributesRef() ==
loadInfo->GetOriginAttributes());
return ShouldResistFingerprinting_dangerous(principal, "Internal Call",
aTarget);
}
/* static */
bool nsContentUtils::ShouldResistFingerprinting_dangerous(
nsIURI* aURI, const mozilla::OriginAttributes& aOriginAttributes,
const char* aJustification, RFPTarget aTarget) {
// With this check, we can ensure that the prefs and target say yes, so only
// an exemption would cause us to return false.
bool isPBM = aOriginAttributes.mPrivateBrowsingId !=
nsIScriptSecurityManager::DEFAULT_PRIVATE_BROWSING_ID;
if (!ShouldResistFingerprinting_("Positive return check", isPBM, aTarget)) {
MOZ_LOG(nsContentUtils::ResistFingerprintingLog(), LogLevel::Debug,
("Inside ShouldResistFingerprinting_dangerous(nsIURI*,"
" OriginAttributes) Positive return check said false (PBM: %s)",
isPBM ? "Yes" : "No"));
return false;
}
MOZ_LOG(nsContentUtils::ResistFingerprintingLog(), LogLevel::Debug,
("Inside ShouldResistFingerprinting_dangerous(nsIURI*,"
" OriginAttributes) and the URI is %s",
aURI->GetSpecOrDefault().get()));
if (!StaticPrefs::privacy_resistFingerprinting_DoNotUseDirectly() &&
!StaticPrefs::privacy_fingerprintingProtection_DoNotUseDirectly()) {
// If neither of the 'regular' RFP prefs are set, then one (or both)
// of the PBM-Only prefs are set (or we would have failed the
// Positive return check.) Therefore, if we are not in PBM, return false
if (aOriginAttributes.mPrivateBrowsingId ==
nsIScriptSecurityManager::DEFAULT_PRIVATE_BROWSING_ID) {
MOZ_LOG(nsContentUtils::ResistFingerprintingLog(), LogLevel::Debug,
("Inside ShouldResistFingerprinting_dangerous(nsIURI*,"
" OriginAttributes) OA PBM Check said false"));
return false;
}
}
// Exclude internal schemes and web extensions
if (SchemeSaysShouldNotResistFingerprinting(aURI)) {
MOZ_LOG(nsContentUtils::ResistFingerprintingLog(), LogLevel::Debug,
("Inside ShouldResistFingerprinting(nsIURI*)"
" SchemeSaysShouldNotResistFingerprinting said false"));
return false;
}
bool isExemptDomain = false;
nsAutoCString list;
Preferences::GetCString(kExemptedDomainsPrefName, list);
ToLowerCase(list);
isExemptDomain = IsURIInList(aURI, list);
if (MOZ_LOG_TEST(nsContentUtils::ResistFingerprintingLog(),
mozilla::LogLevel::Debug)) {
nsAutoCString url;
aURI->GetHost(url);
LogDomainAndPrefList("URI", kExemptedDomainsPrefName, url, isExemptDomain);
}
if (isExemptDomain) {
isExemptDomain &= PartionKeyIsAlsoExempted(aOriginAttributes);
}
return !isExemptDomain;
}
/* static */
bool nsContentUtils::ShouldResistFingerprinting_dangerous(
nsIPrincipal* aPrincipal, const char* aJustification, RFPTarget aTarget) {
if (!aPrincipal) {
MOZ_LOG(nsContentUtils::ResistFingerprintingLog(), LogLevel::Info,
("Called nsContentUtils::ShouldResistFingerprinting(nsILoadInfo* "
"aChannel) but the loadinfo's loadingprincipal was NULL"));
return ShouldResistFingerprinting("Null object", aTarget);
}
auto originAttributes =
BasePrincipal::Cast(aPrincipal)->OriginAttributesRef();
// With this check, we can ensure that the prefs and target say yes, so only
// an exemption would cause us to return false.
bool isPBM = originAttributes.mPrivateBrowsingId ==
nsIScriptSecurityManager::DEFAULT_PRIVATE_BROWSING_ID;
if (!ShouldResistFingerprinting_("Positive return check", isPBM, aTarget)) {
MOZ_LOG(nsContentUtils::ResistFingerprintingLog(), LogLevel::Debug,
("Inside ShouldResistFingerprinting(nsIPrincipal*) Positive return "
"check said false (PBM: %s)",
isPBM ? "Yes" : "No"));
return false;
}
if (aPrincipal->IsSystemPrincipal()) {
MOZ_LOG(nsContentUtils::ResistFingerprintingLog(), LogLevel::Debug,
("Inside ShouldResistFingerprinting(nsIPrincipal*) System "
"Principal said false"));
return false;
}
// Exclude internal schemes and web extensions
if (SchemeSaysShouldNotResistFingerprinting(aPrincipal)) {
MOZ_LOG(nsContentUtils::ResistFingerprintingLog(), LogLevel::Debug,
("Inside ShouldResistFingerprinting(nsIPrincipal*)"
" SchemeSaysShouldNotResistFingerprinting said false"));
return false;
}
// Web extension principals are also excluded
if (BasePrincipal::Cast(aPrincipal)->AddonPolicy()) {
MOZ_LOG(nsContentUtils::ResistFingerprintingLog(), LogLevel::Debug,
("Inside ShouldResistFingerprinting(nsIPrincipal*)"
" and AddonPolicy said false"));
return false;
}
bool isExemptDomain = false;
aPrincipal->IsURIInPrefList(kExemptedDomainsPrefName, &isExemptDomain);
if (MOZ_LOG_TEST(nsContentUtils::ResistFingerprintingLog(),
mozilla::LogLevel::Debug)) {
nsAutoCString origin;
aPrincipal->GetOrigin(origin);
LogDomainAndPrefList("URI", kExemptedDomainsPrefName, origin,
isExemptDomain);
}
if (isExemptDomain) {
isExemptDomain &= PartionKeyIsAlsoExempted(originAttributes);
}
return !isExemptDomain;
}
// --------------------------------------------------------------------
/* static */
void nsContentUtils::CalcRoundedWindowSizeForResistingFingerprinting(
int32_t aChromeWidth, int32_t aChromeHeight, int32_t aScreenWidth,
int32_t aScreenHeight, int32_t aInputWidth, int32_t aInputHeight,
bool aSetOuterWidth, bool aSetOuterHeight, int32_t* aOutputWidth,
int32_t* aOutputHeight) {
MOZ_ASSERT(aOutputWidth);
MOZ_ASSERT(aOutputHeight);
int32_t availContentWidth = 0;
int32_t availContentHeight = 0;
availContentWidth = std::min(StaticPrefs::privacy_window_maxInnerWidth(),
aScreenWidth - aChromeWidth);
#ifdef MOZ_WIDGET_GTK
// In the GTK window, it will not report outside system decorations
// when we get available window size, see Bug 581863. So, we leave a
// 40 pixels space for them when calculating the available content
// height. It is not necessary for the width since the content width
// is usually pretty much the same as the chrome width.
availContentHeight = std::min(StaticPrefs::privacy_window_maxInnerHeight(),
(-40 + aScreenHeight) - aChromeHeight);
#else
availContentHeight = std::min(StaticPrefs::privacy_window_maxInnerHeight(),
aScreenHeight - aChromeHeight);
#endif
// Ideally, we'd like to round window size to 1000x1000, but the
// screen space could be too small to accommodate this size in some
// cases. If it happens, we would round the window size to the nearest
// 200x100.
availContentWidth = availContentWidth - (availContentWidth % 200);
availContentHeight = availContentHeight - (availContentHeight % 100);
// If aIsOuter is true, we are setting the outer window. So we
// have to consider the chrome UI.
int32_t chromeOffsetWidth = aSetOuterWidth ? aChromeWidth : 0;
int32_t chromeOffsetHeight = aSetOuterHeight ? aChromeHeight : 0;
int32_t resultWidth = 0, resultHeight = 0;
// if the original size is greater than the maximum available size, we set
// it to the maximum size. And if the original value is less than the
// minimum rounded size, we set it to the minimum 200x100.
if (aInputWidth > (availContentWidth + chromeOffsetWidth)) {
resultWidth = availContentWidth + chromeOffsetWidth;
} else if (aInputWidth < (200 + chromeOffsetWidth)) {
resultWidth = 200 + chromeOffsetWidth;
} else {
// Otherwise, we round the window to the nearest upper rounded 200x100.
resultWidth = NSToIntCeil((aInputWidth - chromeOffsetWidth) / 200.0) * 200 +
chromeOffsetWidth;
}
if (aInputHeight > (availContentHeight + chromeOffsetHeight)) {
resultHeight = availContentHeight + chromeOffsetHeight;
} else if (aInputHeight < (100 + chromeOffsetHeight)) {
resultHeight = 100 + chromeOffsetHeight;
} else {
resultHeight =
NSToIntCeil((aInputHeight - chromeOffsetHeight) / 100.0) * 100 +
chromeOffsetHeight;
}
*aOutputWidth = resultWidth;
*aOutputHeight = resultHeight;
}
bool nsContentUtils::ThreadsafeIsCallerChrome() {
return NS_IsMainThread() ? IsCallerChrome()
: IsCurrentThreadRunningChromeWorker();
}
bool nsContentUtils::IsCallerUAWidget() {
JSContext* cx = GetCurrentJSContext();
if (!cx) {
return false;
}
JS::Realm* realm = JS::GetCurrentRealmOrNull(cx);
if (!realm) {
return false;
}
return xpc::IsUAWidgetScope(realm);
}
bool nsContentUtils::IsSystemCaller(JSContext* aCx) {
// Note that SubjectPrincipal() assumes we are in a compartment here.
return SubjectPrincipal(aCx) == sSystemPrincipal;
}
bool nsContentUtils::ThreadsafeIsSystemCaller(JSContext* aCx) {
CycleCollectedJSContext* ccjscx = CycleCollectedJSContext::Get();
MOZ_ASSERT(ccjscx->Context() == aCx);
return ccjscx->IsSystemCaller();
}
// static
bool nsContentUtils::LookupBindingMember(
JSContext* aCx, nsIContent* aContent, JS::Handle<jsid> aId,
JS::MutableHandle<JS::PropertyDescriptor> aDesc) {
return true;
}
nsINode* nsContentUtils::GetNearestInProcessCrossDocParentNode(
nsINode* aChild) {
if (aChild->IsDocument()) {
for (BrowsingContext* bc = aChild->AsDocument()->GetBrowsingContext(); bc;
bc = bc->GetParent()) {
if (bc->GetEmbedderElement()) {
return bc->GetEmbedderElement();
}
}
return nullptr;
}
nsINode* parent = aChild->GetParentNode();
if (parent && parent->IsContent() && aChild->IsContent()) {
parent = aChild->AsContent()->GetFlattenedTreeParent();
}
return parent;
}
bool nsContentUtils::ContentIsHostIncludingDescendantOf(
const nsINode* aPossibleDescendant, const nsINode* aPossibleAncestor) {
MOZ_ASSERT(aPossibleDescendant, "The possible descendant is null!");
MOZ_ASSERT(aPossibleAncestor, "The possible ancestor is null!");
do {
if (aPossibleDescendant == aPossibleAncestor) return true;
if (aPossibleDescendant->IsDocumentFragment()) {
aPossibleDescendant =
aPossibleDescendant->AsDocumentFragment()->GetHost();
} else {
aPossibleDescendant = aPossibleDescendant->GetParentNode();
}
} while (aPossibleDescendant);
return false;
}
// static
bool nsContentUtils::ContentIsCrossDocDescendantOf(nsINode* aPossibleDescendant,
nsINode* aPossibleAncestor) {
MOZ_ASSERT(aPossibleDescendant, "The possible descendant is null!");
MOZ_ASSERT(aPossibleAncestor, "The possible ancestor is null!");
do {
if (aPossibleDescendant == aPossibleAncestor) {
return true;
}
aPossibleDescendant =
GetNearestInProcessCrossDocParentNode(aPossibleDescendant);
} while (aPossibleDescendant);
return false;
}
// static
bool nsContentUtils::ContentIsFlattenedTreeDescendantOf(
const nsINode* aPossibleDescendant, const nsINode* aPossibleAncestor) {
MOZ_ASSERT(aPossibleDescendant, "The possible descendant is null!");
MOZ_ASSERT(aPossibleAncestor, "The possible ancestor is null!");
do {
if (aPossibleDescendant == aPossibleAncestor) {
return true;
}
aPossibleDescendant = aPossibleDescendant->GetFlattenedTreeParentNode();
} while (aPossibleDescendant);
return false;
}
// static
bool nsContentUtils::ContentIsFlattenedTreeDescendantOfForStyle(
const nsINode* aPossibleDescendant, const nsINode* aPossibleAncestor) {
MOZ_ASSERT(aPossibleDescendant, "The possible descendant is null!");
MOZ_ASSERT(aPossibleAncestor, "The possible ancestor is null!");
do {
if (aPossibleDescendant == aPossibleAncestor) {
return true;
}
aPossibleDescendant =
aPossibleDescendant->GetFlattenedTreeParentNodeForStyle();
} while (aPossibleDescendant);
return false;
}
// static
nsINode* nsContentUtils::Retarget(nsINode* aTargetA, nsINode* aTargetB) {
while (true && aTargetA) {
// If A's root is not a shadow root...
nsINode* root = aTargetA->SubtreeRoot();
if (!root->IsShadowRoot()) {
// ...then return A.
return aTargetA;
}
// or A's root is a shadow-including inclusive ancestor of B...
if (aTargetB->IsShadowIncludingInclusiveDescendantOf(root)) {
// ...then return A.
return aTargetA;
}
aTargetA = ShadowRoot::FromNode(root)->GetHost();
}
return nullptr;
}
// static
Element* nsContentUtils::GetAnElementForTiming(Element* aTarget,
const Document* aDocument,
nsIGlobalObject* aGlobal) {
if (!aTarget->IsInComposedDoc()) {
return nullptr;
}
if (!aDocument) {
nsCOMPtr<nsPIDOMWindowInner> inner = do_QueryInterface(aGlobal);
if (!inner) {
return nullptr;
}
aDocument = inner->GetExtantDoc();
}
MOZ_ASSERT(aDocument);
if (aTarget->GetUncomposedDocOrConnectedShadowRoot() != aDocument ||
!aDocument->IsCurrentActiveDocument()) {
return nullptr;
}
return aTarget;
}
// static
nsresult nsContentUtils::GetInclusiveAncestors(nsINode* aNode,
nsTArray<nsINode*>& aArray) {
while (aNode) {
aArray.AppendElement(aNode);
aNode = aNode->GetParentNode();
}
return NS_OK;
}
// static
nsresult nsContentUtils::GetInclusiveAncestorsAndOffsets(
nsINode* aNode, uint32_t aOffset, nsTArray<nsIContent*>* aAncestorNodes,
nsTArray<Maybe<uint32_t>>* aAncestorOffsets) {
NS_ENSURE_ARG_POINTER(aNode);
if (!aNode->IsContent()) {
return NS_ERROR_FAILURE;
}
nsIContent* content = aNode->AsContent();
if (!aAncestorNodes->IsEmpty()) {
NS_WARNING("aAncestorNodes is not empty");
aAncestorNodes->Clear();
}
if (!aAncestorOffsets->IsEmpty()) {
NS_WARNING("aAncestorOffsets is not empty");
aAncestorOffsets->Clear();
}
// insert the node itself
aAncestorNodes->AppendElement(content);
aAncestorOffsets->AppendElement(Some(aOffset));
// insert all the ancestors
nsIContent* child = content;
nsIContent* parent = child->GetParent();
while (parent) {
aAncestorNodes->AppendElement(parent);
aAncestorOffsets->AppendElement(parent->ComputeIndexOf(child));
child = parent;
parent = parent->GetParent();
}
return NS_OK;
}
template <typename Node, typename GetParentFunc>
static Node* GetCommonAncestorInternal(Node* aNode1, Node* aNode2,
GetParentFunc aGetParentFunc) {
MOZ_ASSERT(aNode1 != aNode2);
// Build the chain of parents
AutoTArray<Node*, 30> parents1, parents2;
do {
parents1.AppendElement(aNode1);
aNode1 = aGetParentFunc(aNode1);
} while (aNode1);
do {
parents2.AppendElement(aNode2);
aNode2 = aGetParentFunc(aNode2);
} while (aNode2);
// Find where the parent chain differs
uint32_t pos1 = parents1.Length();
uint32_t pos2 = parents2.Length();
Node** data1 = parents1.Elements();
Node** data2 = parents2.Elements();
Node* parent = nullptr;
uint32_t len;
for (len = std::min(pos1, pos2); len > 0; --len) {
Node* child1 = data1[--pos1];
Node* child2 = data2[--pos2];
if (child1 != child2) {
break;
}
parent = child1;
}
return parent;
}
/* static */
nsINode* nsContentUtils::GetCommonAncestorHelper(nsINode* aNode1,
nsINode* aNode2) {
return GetCommonAncestorInternal(
aNode1, aNode2, [](nsINode* aNode) { return aNode->GetParentNode(); });
}
/* static */
nsIContent* nsContentUtils::GetCommonFlattenedTreeAncestorHelper(
nsIContent* aContent1, nsIContent* aContent2) {
return GetCommonAncestorInternal(
aContent1, aContent2,
[](nsIContent* aContent) { return aContent->GetFlattenedTreeParent(); });
}
/* static */
Element* nsContentUtils::GetCommonFlattenedTreeAncestorForStyle(
Element* aElement1, Element* aElement2) {
return GetCommonAncestorInternal(aElement1, aElement2, [](Element* aElement) {
return aElement->GetFlattenedTreeParentElementForStyle();
});
}
/* static */
bool nsContentUtils::PositionIsBefore(nsINode* aNode1, nsINode* aNode2,
Maybe<uint32_t>* aNode1Index,
Maybe<uint32_t>* aNode2Index) {
// Note, CompareDocumentPosition takes the latter params in different order.
return (aNode2->CompareDocumentPosition(*aNode1, aNode2Index, aNode1Index) &
(Node_Binding::DOCUMENT_POSITION_PRECEDING |
Node_Binding::DOCUMENT_POSITION_DISCONNECTED)) ==
Node_Binding::DOCUMENT_POSITION_PRECEDING;
}
/* static */
Maybe<int32_t> nsContentUtils::ComparePoints(
const nsINode* aParent1, uint32_t aOffset1, const nsINode* aParent2,
uint32_t aOffset2, ComparePointsCache* aParent1Cache) {
bool disconnected{false};
const int32_t order = ComparePoints_Deprecated(
aParent1, aOffset1, aParent2, aOffset2, &disconnected, aParent1Cache);
if (disconnected) {
return Nothing();
}
return Some(order);
}
/* static */
int32_t nsContentUtils::ComparePoints_Deprecated(
const nsINode* aParent1, uint32_t aOffset1, const nsINode* aParent2,
uint32_t aOffset2, bool* aDisconnected, ComparePointsCache* aParent1Cache) {
if (aParent1 == aParent2) {
return aOffset1 < aOffset2 ? -1 : aOffset1 > aOffset2 ? 1 : 0;
}
AutoTArray<const nsINode*, 32> parents1, parents2;
const nsINode* node1 = aParent1;
const nsINode* node2 = aParent2;
do {
parents1.AppendElement(node1);
node1 = node1->GetParentOrShadowHostNode();
} while (node1);
do {
parents2.AppendElement(node2);
node2 = node2->GetParentOrShadowHostNode();
} while (node2);
uint32_t pos1 = parents1.Length() - 1;
uint32_t pos2 = parents2.Length() - 1;
bool disconnected = parents1.ElementAt(pos1) != parents2.ElementAt(pos2);
if (aDisconnected) {
*aDisconnected = disconnected;
}
if (disconnected) {
NS_ASSERTION(aDisconnected, "unexpected disconnected nodes");
return 1;
}
// Find where the parent chains differ
const nsINode* parent = parents1.ElementAt(pos1);
uint32_t len;
for (len = std::min(pos1, pos2); len > 0; --len) {
const nsINode* child1 = parents1.ElementAt(--pos1);
const nsINode* child2 = parents2.ElementAt(--pos2);
if (child1 != child2) {
if (MOZ_UNLIKELY(child1->IsShadowRoot())) {
// Shadow roots come before light DOM per
// https://dom.spec.whatwg.org/#concept-shadow-including-tree-order
MOZ_ASSERT(!child2->IsShadowRoot(), "Two shadow roots?");
return -1;
}
if (MOZ_UNLIKELY(child2->IsShadowRoot())) {
return 1;
}
const Maybe<uint32_t> child1Index =
aParent1Cache ? aParent1Cache->ComputeIndexOf(parent, child1)
: parent->ComputeIndexOf(child1);
const Maybe<uint32_t> child2Index = parent->ComputeIndexOf(child2);
if (MOZ_LIKELY(child1Index.isSome() && child2Index.isSome())) {
return *child1Index < *child2Index ? -1 : 1;
}
// XXX Keep the odd traditional behavior for now.
return child1Index.isNothing() && child2Index.isSome() ? -1 : 1;
}
parent = child1;
}
// The parent chains never differed, so one of the nodes is an ancestor of
// the other
NS_ASSERTION(!pos1 || !pos2,
"should have run out of parent chain for one of the nodes");
if (!pos1) {
const nsINode* child2 = parents2.ElementAt(--pos2);
const Maybe<uint32_t> child2Index = parent->ComputeIndexOf(child2);
if (MOZ_UNLIKELY(NS_WARN_IF(child2Index.isNothing()))) {
return 1;
}
return aOffset1 <= *child2Index ? -1 : 1;
}
const nsINode* child1 = parents1.ElementAt(--pos1);
const Maybe<uint32_t> child1Index =
aParent1Cache ? aParent1Cache->ComputeIndexOf(parent, child1)
: parent->ComputeIndexOf(child1);
if (MOZ_UNLIKELY(NS_WARN_IF(child1Index.isNothing()))) {
return -1;
}
return *child1Index < aOffset2 ? -1 : 1;
}
/* static */
BrowserParent* nsContentUtils::GetCommonBrowserParentAncestor(
BrowserParent* aBrowserParent1, BrowserParent* aBrowserParent2) {
return GetCommonAncestorInternal(
aBrowserParent1, aBrowserParent2, [](BrowserParent* aBrowserParent) {
return aBrowserParent->GetBrowserBridgeParent()
? aBrowserParent->GetBrowserBridgeParent()->Manager()
: nullptr;
});
}
/* static */
Element* nsContentUtils::GetTargetElement(Document* aDocument,
const nsAString& aAnchorName) {
MOZ_ASSERT(aDocument);
if (aAnchorName.IsEmpty()) {
return nullptr;
}
// 1. If there is an element in the document tree that has an ID equal to
// fragment, then return the first such element in tree order.
if (Element* el = aDocument->GetElementById(aAnchorName)) {
return el;
}
// 2. If there is an a element in the document tree that has a name
// attribute whose value is equal to fragment, then return the first such
// element in tree order.
//
// FIXME(emilio): Why the different code-paths for HTML and non-HTML docs?
if (aDocument->IsHTMLDocument()) {
nsCOMPtr<nsINodeList> list = aDocument->GetElementsByName(aAnchorName);
// Loop through the named nodes looking for the first anchor
uint32_t length = list->Length();
for (uint32_t i = 0; i < length; i++) {
nsIContent* node = list->Item(i);
if (node->IsHTMLElement(nsGkAtoms::a)) {
return node->AsElement();
}
}
} else {
constexpr auto nameSpace = u"http://www.w3.org/1999/xhtml"_ns;
// Get the list of anchor elements
nsCOMPtr<nsINodeList> list =
aDocument->GetElementsByTagNameNS(nameSpace, u"a"_ns);
// Loop through the anchors looking for the first one with the given name.
for (uint32_t i = 0; true; i++) {
nsIContent* node = list->Item(i);
if (!node) { // End of list
break;
}
// Compare the name attribute
if (node->AsElement()->AttrValueIs(kNameSpaceID_None, nsGkAtoms::name,
aAnchorName, eCaseMatters)) {
return node->AsElement();
}
}
}
// 3. Return null.
return nullptr;
}
/* static */
template <typename FPT, typename FRT, typename SPT, typename SRT>
Maybe<int32_t> nsContentUtils::ComparePoints(
const RangeBoundaryBase<FPT, FRT>& aFirstBoundary,
const RangeBoundaryBase<SPT, SRT>& aSecondBoundary) {
if (!aFirstBoundary.IsSet() || !aSecondBoundary.IsSet()) {
return Nothing{};
}
bool disconnected{false};
const int32_t order =
ComparePoints_Deprecated(aFirstBoundary, aSecondBoundary, &disconnected);
if (disconnected) {
return Nothing{};
}
return Some(order);
}
/* static */
template <typename FPT, typename FRT, typename SPT, typename SRT>
int32_t nsContentUtils::ComparePoints_Deprecated(
const RangeBoundaryBase<FPT, FRT>& aFirstBoundary,
const RangeBoundaryBase<SPT, SRT>& aSecondBoundary, bool* aDisconnected) {
if (NS_WARN_IF(!aFirstBoundary.IsSet()) ||
NS_WARN_IF(!aSecondBoundary.IsSet())) {
return -1;
}
// XXX Re-implement this without calling `Offset()` as far as possible,
// and the other overload should be an alias of this.
return ComparePoints_Deprecated(
aFirstBoundary.Container(),
*aFirstBoundary.Offset(
RangeBoundaryBase<FPT, FRT>::OffsetFilter::kValidOrInvalidOffsets),
aSecondBoundary.Container(),
*aSecondBoundary.Offset(
RangeBoundaryBase<SPT, SRT>::OffsetFilter::kValidOrInvalidOffsets),
aDisconnected);
}
inline bool IsCharInSet(const char* aSet, const char16_t aChar) {
char16_t ch;
while ((ch = *aSet)) {
if (aChar == char16_t(ch)) {
return true;
}
++aSet;
}
return false;
}
/**
* This method strips leading/trailing chars, in given set, from string.
*/
// static
const nsDependentSubstring nsContentUtils::TrimCharsInSet(
const char* aSet, const nsAString& aValue) {
nsAString::const_iterator valueCurrent, valueEnd;
aValue.BeginReading(valueCurrent);
aValue.EndReading(valueEnd);
// Skip characters in the beginning
while (valueCurrent != valueEnd) {
if (!IsCharInSet(aSet, *valueCurrent)) {
break;
}
++valueCurrent;
}
if (valueCurrent != valueEnd) {
for (;;) {
--valueEnd;
if (!IsCharInSet(aSet, *valueEnd)) {
break;
}
}
++valueEnd; // Step beyond the last character we want in the value.
}
// valueEnd should point to the char after the last to copy
return Substring(valueCurrent, valueEnd);
}
/**
* This method strips leading and trailing whitespace from a string.
*/
// static
template <bool IsWhitespace(char16_t)>
const nsDependentSubstring nsContentUtils::TrimWhitespace(const nsAString& aStr,
bool aTrimTrailing) {
nsAString::const_iterator start, end;
aStr.BeginReading(start);
aStr.EndReading(end);
// Skip whitespace characters in the beginning
while (start != end && IsWhitespace(*start)) {
++start;
}
if (aTrimTrailing) {
// Skip whitespace characters in the end.
while (end != start) {
--end;
if (!IsWhitespace(*end)) {
// Step back to the last non-whitespace character.
++end;
break;
}
}
}
// Return a substring for the string w/o leading and/or trailing
// whitespace
return Substring(start, end);
}
// Declaring the templates we are going to use avoid linking issues without
// inlining the method. Considering there is not so much spaces checking
// methods we can consider this to be better than inlining.
template const nsDependentSubstring
nsContentUtils::TrimWhitespace<nsCRT::IsAsciiSpace>(const nsAString&, bool);
template const nsDependentSubstring nsContentUtils::TrimWhitespace<
nsContentUtils::IsHTMLWhitespace>(const nsAString&, bool);
template const nsDependentSubstring nsContentUtils::TrimWhitespace<
nsContentUtils::IsHTMLWhitespaceOrNBSP>(const nsAString&, bool);
static inline void KeyAppendSep(nsACString& aKey) {
if (!aKey.IsEmpty()) {
aKey.Append('>');
}
}
static inline void KeyAppendString(const nsAString& aString, nsACString& aKey) {
KeyAppendSep(aKey);
// Could escape separator here if collisions happen. > is not a legal char
// for a name or type attribute, so we should be safe avoiding that extra
// work.
AppendUTF16toUTF8(aString, aKey);
}
static inline void KeyAppendString(const nsACString& aString,
nsACString& aKey) {
KeyAppendSep(aKey);
// Could escape separator here if collisions happen. > is not a legal char
// for a name or type attribute, so we should be safe avoiding that extra
// work.
aKey.Append(aString);
}
static inline void KeyAppendInt(int32_t aInt, nsACString& aKey) {
KeyAppendSep(aKey);
aKey.AppendInt(aInt);
}
static inline bool IsAutocompleteOff(const nsIContent* aContent) {
return aContent->IsElement() &&
aContent->AsElement()->AttrValueIs(kNameSpaceID_None,
nsGkAtoms::autocomplete, u"off"_ns,
eIgnoreCase);
}
/*static*/
void nsContentUtils::GenerateStateKey(nsIContent* aContent, Document* aDocument,
nsACString& aKey) {
MOZ_ASSERT(aContent);
aKey.Truncate();
uint32_t partID = aDocument ? aDocument->GetPartID() : 0;
// Don't capture state for anonymous content
if (aContent->IsInNativeAnonymousSubtree()) {
return;
}
if (IsAutocompleteOff(aContent)) {
return;
}
RefPtr<Document> doc = aContent->GetUncomposedDoc();
KeyAppendInt(partID, aKey); // first append a partID
bool generatedUniqueKey = false;
if (doc && doc->IsHTMLOrXHTML()) {
nsHTMLDocument* htmlDoc = doc->AsHTMLDocument();
// If we have a form control and can calculate form information, use that
// as the key - it is more reliable than just recording position in the
// DOM.
// XXXbz Is it, really? We have bugs on this, I think...
// Important to have a unique key, and tag/type/name may not be.
//
// The format of the key depends on whether the control has a form,
// and whether the element was parser inserted:
//
// [Has Form, Parser Inserted]:
// fp>type>FormNum>IndOfControlInForm>FormName>name
//
// [No Form, Parser Inserted]:
// dp>type>ControlNum>name
//
// [Has Form, Not Parser Inserted]:
// fn>type>IndOfFormInDoc>IndOfControlInForm>FormName>name
//
// [No Form, Not Parser Inserted]:
// dn>type>IndOfControlInDoc>name
//
// XXX We don't need to use index if name is there
// XXXbz We don't? Why not? I don't follow.
//
nsCOMPtr<nsIFormControl> control(do_QueryInterface(aContent));
if (control) {
// Get the control number if this was a parser inserted element from the
// network.
int32_t controlNumber =
control->GetParserInsertedControlNumberForStateKey();
bool parserInserted = controlNumber != -1;
RefPtr<nsContentList> htmlForms;
RefPtr<nsContentList> htmlFormControls;
if (!parserInserted) {
// Getting these lists is expensive, as we need to keep them up to date
// as the document loads, so we avoid it if we don't need them.
htmlDoc->GetFormsAndFormControls(getter_AddRefs(htmlForms),
getter_AddRefs(htmlFormControls));
}
// Append the control type
KeyAppendInt(int32_t(control->ControlType()), aKey);
// If in a form, add form name / index of form / index in form
HTMLFormElement* formElement = control->GetForm();
if (formElement) {
if (IsAutocompleteOff(formElement)) {
aKey.Truncate();
return;
}
// Append the form number, if this is a parser inserted control, or
// the index of the form in the document otherwise.
bool appendedForm = false;
if (parserInserted) {
MOZ_ASSERT(formElement->GetFormNumberForStateKey() != -1,
"when generating a state key for a parser inserted form "
"control we should have a parser inserted <form> element");
KeyAppendString("fp"_ns, aKey);
KeyAppendInt(formElement->GetFormNumberForStateKey(), aKey);
appendedForm = true;
} else {
KeyAppendString("fn"_ns, aKey);
int32_t index = htmlForms->IndexOf(formElement, false);
if (index <= -1) {
//
// XXX HACK this uses some state that was dumped into the document
// specifically to fix bug 138892. What we are trying to do is
// *guess* which form this control's state is found in, with the
// highly likely guess that the highest form parsed so far is the
// one. This code should not be on trunk, only branch.
//
index = htmlDoc->GetNumFormsSynchronous() - 1;
}
if (index > -1) {
KeyAppendInt(index, aKey);
appendedForm = true;
}
}
if (appendedForm) {
// Append the index of the control in the form
int32_t index = formElement->IndexOfContent(aContent);
if (index > -1) {
KeyAppendInt(index, aKey);
generatedUniqueKey = true;
}
}
// Append the form name
nsAutoString formName;
formElement->GetAttr(nsGkAtoms::name, formName);
KeyAppendString(formName, aKey);
} else {
// Not in a form. Append the control number, if this is a parser
// inserted control, or the index of the control in the document
// otherwise.
if (parserInserted) {
KeyAppendString("dp"_ns, aKey);
KeyAppendInt(control->GetParserInsertedControlNumberForStateKey(),
aKey);
generatedUniqueKey = true;
} else {
KeyAppendString("dn"_ns, aKey);
int32_t index = htmlFormControls->IndexOf(aContent, true);
if (index > -1) {
KeyAppendInt(index, aKey);
generatedUniqueKey = true;
}
}
// Append the control name
nsAutoString name;
aContent->AsElement()->GetAttr(nsGkAtoms::name, name);
KeyAppendString(name, aKey);
}
}
}
if (!generatedUniqueKey) {
// Either we didn't have a form control or we aren't in an HTML document so
// we can't figure out form info. Append the tag name if it's an element
// to avoid restoring state for one type of element on another type.
if (aContent->IsElement()) {
KeyAppendString(nsDependentAtomString(aContent->NodeInfo()->NameAtom()),
aKey);
} else {
// Append a character that is not "d" or "f" to disambiguate from
// the case when we were a form control in an HTML document.
KeyAppendString("o"_ns, aKey);
}
// Now start at aContent and append the indices of it and all its ancestors
// in their containers. That should at least pin down its position in the
// DOM...
nsINode* parent = aContent->GetParentNode();
nsINode* content = aContent;
while (parent) {
KeyAppendInt(parent->ComputeIndexOf_Deprecated(content), aKey);
content = parent;
parent = content->GetParentNode();
}
}
}
// static
nsIPrincipal* nsContentUtils::SubjectPrincipal(JSContext* aCx) {
MOZ_ASSERT(NS_IsMainThread());
// As opposed to SubjectPrincipal(), we do in fact assume that
// we're in a realm here; anyone who calls this function in
// situations where that's not the case is doing it wrong.
JS::Realm* realm = js::GetContextRealm(aCx);
MOZ_ASSERT(realm);
JSPrincipals* principals = JS::GetRealmPrincipals(realm);
return nsJSPrincipals::get(principals);
}
// static
nsIPrincipal* nsContentUtils::SubjectPrincipal() {
MOZ_ASSERT(IsInitialized());
MOZ_ASSERT(NS_IsMainThread());
JSContext* cx = GetCurrentJSContext();
if (!cx) {
MOZ_CRASH(
"Accessing the Subject Principal without an AutoJSAPI on the stack is "
"forbidden");
}
JS::Realm* realm = js::GetContextRealm(cx);
// When an AutoJSAPI is instantiated, we are in a null realm until the
// first JSAutoRealm, which is kind of a purgatory as far as permissions
// go. It would be nice to just hard-abort if somebody does a security check
// in this purgatory zone, but that would be too fragile, since it could be
// triggered by random IsCallerChrome() checks 20-levels deep.
//
// So we want to return _something_ here - and definitely not the System
// Principal, since that would make an AutoJSAPI a very dangerous thing to
// instantiate.
//
// The natural thing to return is a null principal. Ideally, we'd return a
// different null principal each time, to avoid any unexpected interactions
// when the principal accidentally gets inherited somewhere. But
// SubjectPrincipal doesn't return strong references, so there's no way to
// sanely manage the lifetime of multiple null principals.
//
// So we use a singleton null principal. To avoid it being accidentally
// inherited and becoming a "real" subject or object principal, we do a
// release-mode assert during realm creation against using this principal on
// an actual global.
if (!realm) {
return sNullSubjectPrincipal;
}
return SubjectPrincipal(cx);
}
// static
nsIPrincipal* nsContentUtils::ObjectPrincipal(JSObject* aObj) {
#ifdef DEBUG
JS::AssertObjectBelongsToCurrentThread(aObj);
#endif
MOZ_DIAGNOSTIC_ASSERT(!js::IsCrossCompartmentWrapper(aObj));
JS::Realm* realm = js::GetNonCCWObjectRealm(aObj);
JSPrincipals* principals = JS::GetRealmPrincipals(realm);
return nsJSPrincipals::get(principals);
}
// static
nsresult nsContentUtils::NewURIWithDocumentCharset(nsIURI** aResult,
const nsAString& aSpec,
Document* aDocument,
nsIURI* aBaseURI) {
if (aDocument) {
return NS_NewURI(aResult, aSpec, aDocument->GetDocumentCharacterSet(),
aBaseURI);
}
return NS_NewURI(aResult, aSpec, nullptr, aBaseURI);
}
// static
bool nsContentUtils::IsNameWithDash(nsAtom* aName) {
// A valid custom element name is a sequence of characters name which
// must match the PotentialCustomElementName production:
// PotentialCustomElementName ::= [a-z] (PCENChar)* '-' (PCENChar)*
const char16_t* name = aName->GetUTF16String();
uint32_t len = aName->GetLength();
bool hasDash = false;
if (!len || name[0] < 'a' || name[0] > 'z') {
return false;
}
uint32_t i = 1;
while (i < len) {
if (i + 1 < len && NS_IS_SURROGATE_PAIR(name[i], name[i + 1])) {
// Merged two 16-bit surrogate pairs into code point.
char32_t code = SURROGATE_TO_UCS4(name[i], name[i + 1]);
if (code < 0x10000 || code > 0xEFFFF) {
return false;
}
i += 2;
} else {
if (name[i] == '-') {
hasDash = true;
}
if (name[i] != '-' && name[i] != '.' && name[i] != '_' &&
name[i] != 0xB7 && (name[i] < '0' || name[i] > '9') &&
(name[i] < 'a' || name[i] > 'z') &&
(name[i] < 0xC0 || name[i] > 0xD6) &&
(name[i] < 0xF8 || name[i] > 0x37D) &&
(name[i] < 0x37F || name[i] > 0x1FFF) &&
(name[i] < 0x200C || name[i] > 0x200D) &&
(name[i] < 0x203F || name[i] > 0x2040) &&
(name[i] < 0x2070 || name[i] > 0x218F) &&
(name[i] < 0x2C00 || name[i] > 0x2FEF) &&
(name[i] < 0x3001 || name[i] > 0xD7FF) &&
(name[i] < 0xF900 || name[i] > 0xFDCF) &&
(name[i] < 0xFDF0 || name[i] > 0xFFFD)) {
return false;
}
i++;
}
}
return hasDash;
}
// static
bool nsContentUtils::IsCustomElementName(nsAtom* aName, uint32_t aNameSpaceID) {
// Allow non-dashed names in XUL for XBL to Custom Element migrations.
if (aNameSpaceID == kNameSpaceID_XUL) {
return true;
}
bool hasDash = IsNameWithDash(aName);
if (!hasDash) {
return false;
}
// The custom element name must not be one of the following values:
// annotation-xml
// color-profile
// font-face
// font-face-src
// font-face-uri
// font-face-format
// font-face-name
// missing-glyph
return aName != nsGkAtoms::annotation_xml_ &&
aName != nsGkAtoms::colorProfile && aName != nsGkAtoms::font_face &&
aName != nsGkAtoms::font_face_src &&
aName != nsGkAtoms::font_face_uri &&
aName != nsGkAtoms::font_face_format &&
aName != nsGkAtoms::font_face_name && aName != nsGkAtoms::missingGlyph;
}
// static
nsresult nsContentUtils::CheckQName(const nsAString& aQualifiedName,
bool aNamespaceAware,
const char16_t** aColon) {
const char* colon = nullptr;
const char16_t* begin = aQualifiedName.BeginReading();
const char16_t* end = aQualifiedName.EndReading();
int result = MOZ_XMLCheckQName(reinterpret_cast<const char*>(begin),
reinterpret_cast<const char*>(end),
aNamespaceAware, &colon);
if (!result) {
if (aColon) {
*aColon = reinterpret_cast<const char16_t*>(colon);
}
return NS_OK;
}
return NS_ERROR_DOM_INVALID_CHARACTER_ERR;
}
// static
nsresult nsContentUtils::SplitQName(const nsIContent* aNamespaceResolver,
const nsString& aQName, int32_t* aNamespace,
nsAtom** aLocalName) {
const char16_t* colon;
nsresult rv = nsContentUtils::CheckQName(aQName, true, &colon);
NS_ENSURE_SUCCESS(rv, rv);
if (colon) {
const char16_t* end;
aQName.EndReading(end);
nsAutoString nameSpace;
rv = aNamespaceResolver->LookupNamespaceURIInternal(
Substring(aQName.get(), colon), nameSpace);
NS_ENSURE_SUCCESS(rv, rv);
*aNamespace = nsNameSpaceManager::GetInstance()->GetNameSpaceID(
nameSpace, nsContentUtils::IsChromeDoc(aNamespaceResolver->OwnerDoc()));
if (*aNamespace == kNameSpaceID_Unknown) return NS_ERROR_FAILURE;
*aLocalName = NS_AtomizeMainThread(Substring(colon + 1, end)).take();
} else {
*aNamespace = kNameSpaceID_None;
*aLocalName = NS_AtomizeMainThread(aQName).take();
}
NS_ENSURE_TRUE(aLocalName, NS_ERROR_OUT_OF_MEMORY);
return NS_OK;
}
// static
nsresult nsContentUtils::GetNodeInfoFromQName(
const nsAString& aNamespaceURI, const nsAString& aQualifiedName,
nsNodeInfoManager* aNodeInfoManager, uint16_t aNodeType,
mozilla::dom::NodeInfo** aNodeInfo) {
const nsString& qName = PromiseFlatString(aQualifiedName);
const char16_t* colon;
nsresult rv = nsContentUtils::CheckQName(qName, true, &colon);
NS_ENSURE_SUCCESS(rv, rv);
int32_t nsID;
nsNameSpaceManager::GetInstance()->RegisterNameSpace(aNamespaceURI, nsID);
if (colon) {
const char16_t* end;
qName.EndReading(end);
RefPtr<nsAtom> prefix = NS_AtomizeMainThread(Substring(qName.get(), colon));
rv = aNodeInfoManager->GetNodeInfo(Substring(colon + 1, end), prefix, nsID,
aNodeType, aNodeInfo);
} else {
rv = aNodeInfoManager->GetNodeInfo(aQualifiedName, nullptr, nsID, aNodeType,
aNodeInfo);
}
NS_ENSURE_SUCCESS(rv, rv);
return nsContentUtils::IsValidNodeName((*aNodeInfo)->NameAtom(),
(*aNodeInfo)->GetPrefixAtom(),
(*aNodeInfo)->NamespaceID())
? NS_OK
: NS_ERROR_DOM_NAMESPACE_ERR;
}
// static
void nsContentUtils::SplitExpatName(const char16_t* aExpatName,
nsAtom** aPrefix, nsAtom** aLocalName,
int32_t* aNameSpaceID) {
/**
* Expat can send the following:
* localName
* namespaceURI<separator>localName
* namespaceURI<separator>localName<separator>prefix
*
* and we use 0xFFFF for the <separator>.
*
*/
const char16_t* uriEnd = nullptr;
const char16_t* nameEnd = nullptr;
const char16_t* pos;
for (pos = aExpatName; *pos; ++pos) {
if (*pos == 0xFFFF) {
if (uriEnd) {
nameEnd = pos;
} else {
uriEnd = pos;
}
}
}
const char16_t* nameStart;
if (uriEnd) {
nsNameSpaceManager::GetInstance()->RegisterNameSpace(
nsDependentSubstring(aExpatName, uriEnd), *aNameSpaceID);
nameStart = (uriEnd + 1);
if (nameEnd) {
const char16_t* prefixStart = nameEnd + 1;
*aPrefix = NS_AtomizeMainThread(Substring(prefixStart, pos)).take();
} else {
nameEnd = pos;
*aPrefix = nullptr;
}
} else {
*aNameSpaceID = kNameSpaceID_None;
nameStart = aExpatName;
nameEnd = pos;
*aPrefix = nullptr;
}
*aLocalName = NS_AtomizeMainThread(Substring(nameStart, nameEnd)).take();
}
// static
PresShell* nsContentUtils::GetPresShellForContent(const nsIContent* aContent) {
Document* doc = aContent->GetComposedDoc();
if (!doc) {
return nullptr;
}
return doc->GetPresShell();
}
// static
nsPresContext* nsContentUtils::GetContextForContent(
const nsIContent* aContent) {
PresShell* presShell = GetPresShellForContent(aContent);
if (!presShell) {
return nullptr;
}
return presShell->GetPresContext();
}
// static
bool nsContentUtils::CanLoadImage(nsIURI* aURI, nsINode* aNode,
Document* aLoadingDocument,
nsIPrincipal* aLoadingPrincipal) {
MOZ_ASSERT(aURI, "Must have a URI");
MOZ_ASSERT(aLoadingDocument, "Must have a document");
MOZ_ASSERT(aLoadingPrincipal, "Must have a loading principal");
nsresult rv;
auto appType = nsIDocShell::APP_TYPE_UNKNOWN;
{
nsCOMPtr<nsIDocShellTreeItem> docShellTreeItem =
aLoadingDocument->GetDocShell();
if (docShellTreeItem) {
nsCOMPtr<nsIDocShellTreeItem> root;
docShellTreeItem->GetInProcessRootTreeItem(getter_AddRefs(root));
nsCOMPtr<nsIDocShell> docShell(do_QueryInterface(root));
if (docShell) {
appType = docShell->GetAppType();
}
}
}
if (appType != nsIDocShell::APP_TYPE_EDITOR) {
// Editor apps get special treatment here, editors can load images
// from anywhere. This allows editor to insert images from file://
// into documents that are being edited.
rv = sSecurityManager->CheckLoadURIWithPrincipal(
aLoadingPrincipal, aURI, nsIScriptSecurityManager::ALLOW_CHROME,
aLoadingDocument->InnerWindowID());
if (NS_FAILED(rv)) {
return false;
}
}
nsCOMPtr<nsILoadInfo> secCheckLoadInfo = new mozilla::net::LoadInfo(
aLoadingPrincipal,
aLoadingPrincipal, // triggering principal
aNode, nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK,
nsIContentPolicy::TYPE_INTERNAL_IMAGE);
int16_t decision = nsIContentPolicy::ACCEPT;
rv = NS_CheckContentLoadPolicy(aURI, secCheckLoadInfo, &decision,
GetContentPolicy());
return NS_SUCCEEDED(rv) && NS_CP_ACCEPTED(decision);
}
// static
bool nsContentUtils::IsInPrivateBrowsing(const Document* aDoc) {
if (!aDoc) {
return false;
}
nsCOMPtr<nsILoadGroup> loadGroup = aDoc->GetDocumentLoadGroup();
// See duplicated code below in IsInPrivateBrowsing(nsILoadGroup*)
// and Document::Reset/ResetToURI
if (loadGroup) {
nsCOMPtr<nsIInterfaceRequestor> callbacks;
loadGroup->GetNotificationCallbacks(getter_AddRefs(callbacks));
if (callbacks) {
nsCOMPtr<nsILoadContext> loadContext = do_GetInterface(callbacks);
if (loadContext) {
return loadContext->UsePrivateBrowsing();
}
}
}
nsCOMPtr<nsIChannel> channel = aDoc->GetChannel();
return channel && NS_UsePrivateBrowsing(channel);
}
// static
bool nsContentUtils::IsInPrivateBrowsing(nsILoadGroup* aLoadGroup) {
if (!aLoadGroup) {
return false;
}
bool isPrivate = false;
nsCOMPtr<nsIInterfaceRequestor> callbacks;
aLoadGroup->GetNotificationCallbacks(getter_AddRefs(callbacks));
if (callbacks) {
nsCOMPtr<nsILoadContext> loadContext = do_GetInterface(callbacks);
isPrivate = loadContext && loadContext->UsePrivateBrowsing();
}
return isPrivate;
}
// FIXME(emilio): This is (effectively) almost but not quite the same as
// Document::ShouldLoadImages(), which one is right?
bool nsContentUtils::DocumentInactiveForImageLoads(Document* aDocument) {
if (!aDocument) {
return false;
}
if (IsChromeDoc(aDocument) || aDocument->IsResourceDoc() ||
aDocument->IsStaticDocument()) {
return false;
}
nsCOMPtr<nsPIDOMWindowInner> win =
do_QueryInterface(aDocument->GetScopeObject());
return !win || !win->GetDocShell();
}
imgLoader* nsContentUtils::GetImgLoaderForDocument(Document* aDoc) {
NS_ENSURE_TRUE(!DocumentInactiveForImageLoads(aDoc), nullptr);
if (!aDoc) {
return imgLoader::NormalLoader();
}
bool isPrivate = IsInPrivateBrowsing(aDoc);
return isPrivate ? imgLoader::PrivateBrowsingLoader()
: imgLoader::NormalLoader();
}
// static
imgLoader* nsContentUtils::GetImgLoaderForChannel(nsIChannel* aChannel,
Document* aContext) {
NS_ENSURE_TRUE(!DocumentInactiveForImageLoads(aContext), nullptr);
if (!aChannel) {
return imgLoader::NormalLoader();
}
nsCOMPtr<nsILoadContext> context;
NS_QueryNotificationCallbacks(aChannel, context);
return context && context->UsePrivateBrowsing()
? imgLoader::PrivateBrowsingLoader()
: imgLoader::NormalLoader();
}
// static
int32_t nsContentUtils::CORSModeToLoadImageFlags(mozilla::CORSMode aMode) {
switch (aMode) {
case CORS_ANONYMOUS:
return imgILoader::LOAD_CORS_ANONYMOUS;
case CORS_USE_CREDENTIALS:
return imgILoader::LOAD_CORS_USE_CREDENTIALS;
default:
return 0;
}
}
// static
nsresult nsContentUtils::LoadImage(
nsIURI* aURI, nsINode* aContext, Document* aLoadingDocument,
nsIPrincipal* aLoadingPrincipal, uint64_t aRequestContextID,
nsIReferrerInfo* aReferrerInfo, imgINotificationObserver* aObserver,
int32_t aLoadFlags, const nsAString& initiatorType,
imgRequestProxy** aRequest, nsContentPolicyType aContentPolicyType,
bool aUseUrgentStartForChannel, bool aLinkPreload,
uint64_t aEarlyHintPreloaderId,
mozilla::dom::FetchPriority aFetchPriority) {
MOZ_ASSERT(aURI, "Must have a URI");
MOZ_ASSERT(aContext, "Must have a context");
MOZ_ASSERT(aLoadingDocument, "Must have a document");
MOZ_ASSERT(aLoadingPrincipal, "Must have a principal");
MOZ_ASSERT(aRequest, "Null out param");
imgLoader* imgLoader = GetImgLoaderForDocument(aLoadingDocument);
if (!imgLoader) {
// nothing we can do here
return NS_ERROR_FAILURE;
}
nsCOMPtr<nsILoadGroup> loadGroup = aLoadingDocument->GetDocumentLoadGroup();
nsIURI* documentURI = aLoadingDocument->GetDocumentURI();
NS_ASSERTION(loadGroup || aLoadingDocument->IsSVGGlyphsDocument(),
"Could not get loadgroup; onload may fire too early");
// XXXbz using "documentURI" for the initialDocumentURI is not quite
// right, but the best we can do here...
return imgLoader->LoadImage(aURI, /* uri to load */
documentURI, /* initialDocumentURI */
aReferrerInfo, /* referrerInfo */
aLoadingPrincipal, /* loading principal */
aRequestContextID, /* request context ID */
loadGroup, /* loadgroup */
aObserver, /* imgINotificationObserver */
aContext, /* loading context */
aLoadingDocument, /* uniquification key */
aLoadFlags, /* load flags */
nullptr, /* cache key */
aContentPolicyType, /* content policy type */
initiatorType, /* the load initiator */
aUseUrgentStartForChannel, /* urgent-start flag */
aLinkPreload, /* <link preload> initiator */
aEarlyHintPreloaderId, aFetchPriority, aRequest);
}
// static
already_AddRefed<imgIContainer> nsContentUtils::GetImageFromContent(
nsIImageLoadingContent* aContent, imgIRequest** aRequest) {
if (aRequest) {
*aRequest = nullptr;
}
NS_ENSURE_TRUE(aContent, nullptr);
nsCOMPtr<imgIRequest> imgRequest;
aContent->GetRequest(nsIImageLoadingContent::CURRENT_REQUEST,
getter_AddRefs(imgRequest));
if (!imgRequest) {
return nullptr;
}
nsCOMPtr<imgIContainer> imgContainer;
imgRequest->GetImage(getter_AddRefs(imgContainer));
if (!imgContainer) {
return nullptr;
}
if (aRequest) {
// If the consumer wants the request, verify it has actually loaded
// successfully.
uint32_t imgStatus;
imgRequest->GetImageStatus(&imgStatus);
if (imgStatus & imgIRequest::STATUS_FRAME_COMPLETE &&
!(imgStatus & imgIRequest::STATUS_ERROR)) {
imgRequest.swap(*aRequest);
}
}
return imgContainer.forget();
}
static bool IsLinkWithURI(const nsIContent& aContent) {
const auto* element = Element::FromNode(aContent);
if (!element || !element->IsLink()) {
return false;
}
nsCOMPtr<nsIURI> absURI = element->GetHrefURI();
return !!absURI;
}
static bool HasImageRequest(nsIContent& aContent) {
nsCOMPtr<nsIImageLoadingContent> imageContent(do_QueryInterface(&aContent));
if (!imageContent) {
return false;
}
nsCOMPtr<imgIRequest> imgRequest;
imageContent->GetRequest(nsIImageLoadingContent::CURRENT_REQUEST,
getter_AddRefs(imgRequest));
// XXXbz It may be draggable even if the request resulted in an error. Why?
// Not sure; that's what the old nsContentAreaDragDrop/nsFrame code did.
return !!imgRequest;
}
static Maybe<bool> DraggableOverride(const nsIContent& aContent) {
if (auto* el = nsGenericHTMLElement::FromNode(aContent)) {
if (el->Draggable()) {
return Some(true);
}
if (el->AttrValueIs(kNameSpaceID_None, nsGkAtoms::draggable,
nsGkAtoms::_false, eIgnoreCase)) {
return Some(false);
}
}
if (aContent.IsSVGElement()) {
return Some(false);
}
return Nothing();
}
// static
bool nsContentUtils::ContentIsDraggable(nsIContent* aContent) {
MOZ_ASSERT(aContent);
if (auto draggable = DraggableOverride(*aContent)) {
return *draggable;
}
// special handling for content area image and link dragging
return HasImageRequest(*aContent) || IsLinkWithURI(*aContent);
}
// static
bool nsContentUtils::IsDraggableImage(nsIContent* aContent) {
MOZ_ASSERT(aContent);
return HasImageRequest(*aContent) &&
DraggableOverride(*aContent).valueOr(true);
}
// static
bool nsContentUtils::IsDraggableLink(const nsIContent* aContent) {
MOZ_ASSERT(aContent);
return IsLinkWithURI(*aContent) && DraggableOverride(*aContent).valueOr(true);
}
// static
nsresult nsContentUtils::QNameChanged(mozilla::dom::NodeInfo* aNodeInfo,
nsAtom* aName,
mozilla::dom::NodeInfo** aResult) {
nsNodeInfoManager* niMgr = aNodeInfo->NodeInfoManager();
*aResult = niMgr
->GetNodeInfo(aName, nullptr, aNodeInfo->NamespaceID(),
aNodeInfo->NodeType(), aNodeInfo->GetExtraName())
.take();
return NS_OK;
}
static bool TestSitePerm(nsIPrincipal* aPrincipal, const nsACString& aType,
uint32_t aPerm, bool aExactHostMatch) {
if (!aPrincipal) {
// We always deny (i.e. don't allow) the permission if we don't have a
// principal.
return aPerm != nsIPermissionManager::ALLOW_ACTION;
}
nsCOMPtr<nsIPermissionManager> permMgr =
components::PermissionManager::Service();
NS_ENSURE_TRUE(permMgr, false);
uint32_t perm;
nsresult rv;
if (aExactHostMatch) {
rv = permMgr->TestExactPermissionFromPrincipal(aPrincipal, aType, &perm);
} else {
rv = permMgr->TestPermissionFromPrincipal(aPrincipal, aType, &perm);
}
NS_ENSURE_SUCCESS(rv, false);
return perm == aPerm;
}
bool nsContentUtils::IsSitePermAllow(nsIPrincipal* aPrincipal,
const nsACString& aType) {
return TestSitePerm(aPrincipal, aType, nsIPermissionManager::ALLOW_ACTION,
false);
}
bool nsContentUtils::IsSitePermDeny(nsIPrincipal* aPrincipal,
const nsACString& aType) {
return TestSitePerm(aPrincipal, aType, nsIPermissionManager::DENY_ACTION,
false);
}
bool nsContentUtils::IsExactSitePermAllow(nsIPrincipal* aPrincipal,
const nsACString& aType) {
return TestSitePerm(aPrincipal, aType, nsIPermissionManager::ALLOW_ACTION,
true);
}
bool nsContentUtils::IsExactSitePermDeny(nsIPrincipal* aPrincipal,
const nsACString& aType) {
return TestSitePerm(aPrincipal, aType, nsIPermissionManager::DENY_ACTION,
true);
}
bool nsContentUtils::HasSitePerm(nsIPrincipal* aPrincipal,
const nsACString& aType) {
if (!aPrincipal) {
return false;
}
nsCOMPtr<nsIPermissionManager> permMgr =
components::PermissionManager::Service();
NS_ENSURE_TRUE(permMgr, false);
uint32_t perm;
nsresult rv = permMgr->TestPermissionFromPrincipal(aPrincipal, aType, &perm);
NS_ENSURE_SUCCESS(rv, false);
return perm != nsIPermissionManager::UNKNOWN_ACTION;
}
static const char* gEventNames[] = {"event"};
static const char* gSVGEventNames[] = {"evt"};
// for b/w compat, the first name to onerror is still 'event', even though it
// is actually the error message
static const char* gOnErrorNames[] = {"event", "source", "lineno", "colno",
"error"};
// static
void nsContentUtils::GetEventArgNames(int32_t aNameSpaceID, nsAtom* aEventName,
bool aIsForWindow, uint32_t* aArgCount,
const char*** aArgArray) {
#define SET_EVENT_ARG_NAMES(names) \
*aArgCount = sizeof(names) / sizeof(names[0]); \
*aArgArray = names;
// JSEventHandler is what does the arg magic for onerror, and it does
// not seem to take the namespace into account. So we let onerror in all
// namespaces get the 3 arg names.
if (aEventName == nsGkAtoms::onerror && aIsForWindow) {
SET_EVENT_ARG_NAMES(gOnErrorNames);
} else if (aNameSpaceID == kNameSpaceID_SVG) {
SET_EVENT_ARG_NAMES(gSVGEventNames);
} else {
SET_EVENT_ARG_NAMES(gEventNames);
}
}
// Note: The list of content bundles in nsStringBundle.cpp should be updated
// whenever entries are added or removed from this list.
static const char* gPropertiesFiles[nsContentUtils::PropertiesFile_COUNT] = {
// Must line up with the enum values in |PropertiesFile| enum.
"chrome://global/locale/css.properties",
"chrome://global/locale/xul.properties",
"chrome://global/locale/layout_errors.properties",
"chrome://global/locale/layout/HtmlForm.properties",
"chrome://global/locale/printing.properties",
"chrome://global/locale/dom/dom.properties",
"chrome://global/locale/layout/htmlparser.properties",
"chrome://global/locale/svg/svg.properties",
"chrome://branding/locale/brand.properties",
"chrome://global/locale/commonDialogs.properties",
"chrome://global/locale/mathml/mathml.properties",
"chrome://global/locale/security/security.properties",
"chrome://necko/locale/necko.properties",
"resource://gre/res/locale/layout/HtmlForm.properties",
"resource://gre/res/locale/dom/dom.properties"};
/* static */
nsresult nsContentUtils::EnsureStringBundle(PropertiesFile aFile) {
MOZ_DIAGNOSTIC_ASSERT(NS_IsMainThread(),
"Should not create bundles off main thread.");
if (!sStringBundles[aFile]) {
if (!sStringBundleService) {
nsresult rv =
CallGetService(NS_STRINGBUNDLE_CONTRACTID, &sStringBundleService);
NS_ENSURE_SUCCESS(rv, rv);
}
RefPtr<nsIStringBundle> bundle;
MOZ_TRY(sStringBundleService->CreateBundle(gPropertiesFiles[aFile],
getter_AddRefs(bundle)));
sStringBundles[aFile] = bundle.forget();
}
return NS_OK;
}
/* static */
void nsContentUtils::AsyncPrecreateStringBundles() {
// We only ever want to pre-create bundles in the parent process.
//
// All nsContentUtils bundles are shared between the parent and child
// precesses, and the shared memory regions that back them *must* be created
// in the parent, and then sent to all children.
//
// If we attempt to create a bundle in the child before its memory region is
// available, we need to create a temporary non-shared bundle, and later
// replace that with the shared memory copy. So attempting to pre-load in the
// child is wasteful and unnecessary.
MOZ_ASSERT(XRE_IsParentProcess());
for (uint32_t bundleIndex = 0; bundleIndex < PropertiesFile_COUNT;
++bundleIndex) {
nsresult rv = NS_DispatchToCurrentThreadQueue(
NS_NewRunnableFunction("AsyncPrecreateStringBundles",
[bundleIndex]() {
PropertiesFile file =
static_cast<PropertiesFile>(bundleIndex);
EnsureStringBundle(file);
nsIStringBundle* bundle = sStringBundles[file];
bundle->AsyncPreload();
}),
EventQueuePriority::Idle);
Unused << NS_WARN_IF(NS_FAILED(rv));
}
}
/* static */
bool nsContentUtils::SpoofLocaleEnglish() {
// 0 - will prompt
// 1 - don't spoof
// 2 - spoof
return StaticPrefs::privacy_spoof_english() == 2;
}
static nsContentUtils::PropertiesFile GetMaybeSpoofedPropertiesFile(
nsContentUtils::PropertiesFile aFile, const char* aKey,
Document* aDocument) {
// When we spoof English, use en-US properties in strings that are accessible
// by content.
bool spoofLocale = nsContentUtils::SpoofLocaleEnglish() &&
(!aDocument || !aDocument->AllowsL10n());
if (spoofLocale) {
switch (aFile) {
case nsContentUtils::eFORMS_PROPERTIES:
return nsContentUtils::eFORMS_PROPERTIES_en_US;
case nsContentUtils::eDOM_PROPERTIES:
return nsContentUtils::eDOM_PROPERTIES_en_US;
default:
break;
}
}
return aFile;
}
/* static */
nsresult nsContentUtils::GetMaybeLocalizedString(PropertiesFile aFile,
const char* aKey,
Document* aDocument,
nsAString& aResult) {
return GetLocalizedString(
GetMaybeSpoofedPropertiesFile(aFile, aKey, aDocument), aKey, aResult);
}
/* static */
nsresult nsContentUtils::GetLocalizedString(PropertiesFile aFile,
const char* aKey,
nsAString& aResult) {
return FormatLocalizedString(aFile, aKey, {}, aResult);
}
/* static */
nsresult nsContentUtils::FormatMaybeLocalizedString(
PropertiesFile aFile, const char* aKey, Document* aDocument,
const nsTArray<nsString>& aParams, nsAString& aResult) {
return FormatLocalizedString(
GetMaybeSpoofedPropertiesFile(aFile, aKey, aDocument), aKey, aParams,
aResult);
}
class FormatLocalizedStringRunnable final : public WorkerMainThreadRunnable {
public:
FormatLocalizedStringRunnable(WorkerPrivate* aWorkerPrivate,
nsContentUtils::PropertiesFile aFile,
const char* aKey,
const nsTArray<nsString>& aParams,
nsAString& aLocalizedString)
: WorkerMainThreadRunnable(aWorkerPrivate,
"FormatLocalizedStringRunnable"_ns),
mFile(aFile),
mKey(aKey),
mParams(aParams),
mLocalizedString(aLocalizedString) {
MOZ_ASSERT(aWorkerPrivate);
aWorkerPrivate->AssertIsOnWorkerThread();
}
bool MainThreadRun() override {
AssertIsOnMainThread();
mResult = nsContentUtils::FormatLocalizedString(mFile, mKey, mParams,
mLocalizedString);
Unused << NS_WARN_IF(NS_FAILED(mResult));
return true;
}
nsresult GetResult() const { return mResult; }
private:
const nsContentUtils::PropertiesFile mFile;
const char* mKey;
const nsTArray<nsString>& mParams;
nsresult mResult = NS_ERROR_FAILURE;
nsAString& mLocalizedString;
};
/* static */
nsresult nsContentUtils::FormatLocalizedString(
PropertiesFile aFile, const char* aKey, const nsTArray<nsString>& aParams,
nsAString& aResult) {
if (!NS_IsMainThread()) {
// nsIStringBundle is thread-safe but its creation is not, and in particular
// we don't create and store nsIStringBundle objects in a thread-safe way.
//
// TODO(emilio): Maybe if we already have the right bundle created we could
// just call into it, but we should make sure that Shutdown() doesn't get
// called on the main thread when that happens which is a bit tricky to
// prove?
WorkerPrivate* workerPrivate = GetCurrentThreadWorkerPrivate();
if (NS_WARN_IF(!workerPrivate)) {
return NS_ERROR_UNEXPECTED;
}
auto runnable = MakeRefPtr<FormatLocalizedStringRunnable>(
workerPrivate, aFile, aKey, aParams, aResult);
runnable->Dispatch(Canceling, IgnoreErrors());
return runnable->GetResult();
}
MOZ_TRY(EnsureStringBundle(aFile));
nsIStringBundle* bundle = sStringBundles[aFile];
if (aParams.IsEmpty()) {
return bundle->GetStringFromName(aKey, aResult);
}
return bundle->FormatStringFromName(aKey, aParams, aResult);
}
/* static */
void nsContentUtils::LogSimpleConsoleError(const nsAString& aErrorText,
const nsACString& aCategory,
bool aFromPrivateWindow,
bool aFromChromeContext,
uint32_t aErrorFlags) {
nsCOMPtr<nsIScriptError> scriptError =
do_CreateInstance(NS_SCRIPTERROR_CONTRACTID);
if (scriptError) {
nsCOMPtr<nsIConsoleService> console =
do_GetService(NS_CONSOLESERVICE_CONTRACTID);
if (console && NS_SUCCEEDED(scriptError->Init(
aErrorText, u""_ns, u""_ns, 0, 0, aErrorFlags, aCategory,
aFromPrivateWindow, aFromChromeContext))) {
console->LogMessage(scriptError);
}
}
}
/* static */
nsresult nsContentUtils::ReportToConsole(
uint32_t aErrorFlags, const nsACString& aCategory,
const Document* aDocument, PropertiesFile aFile, const char* aMessageName,
const nsTArray<nsString>& aParams, nsIURI* aURI,
const nsString& aSourceLine, uint32_t aLineNumber, uint32_t aColumnNumber) {
nsresult rv;
nsAutoString errorText;
if (!aParams.IsEmpty()) {
rv = FormatLocalizedString(aFile, aMessageName, aParams, errorText);
} else {
rv = GetLocalizedString(aFile, aMessageName, errorText);
}
NS_ENSURE_SUCCESS(rv, rv);
return ReportToConsoleNonLocalized(errorText, aErrorFlags, aCategory,
aDocument, aURI, aSourceLine, aLineNumber,
aColumnNumber);
}
/* static */
void nsContentUtils::ReportEmptyGetElementByIdArg(const Document* aDoc) {
ReportToConsole(nsIScriptError::warningFlag, "DOM"_ns, aDoc,
nsContentUtils::eDOM_PROPERTIES, "EmptyGetElementByIdParam");
}
/* static */
nsresult nsContentUtils::ReportToConsoleNonLocalized(
const nsAString& aErrorText, uint32_t aErrorFlags,
const nsACString& aCategory, const Document* aDocument, nsIURI* aURI,
const nsString& aSourceLine, uint32_t aLineNumber, uint32_t aColumnNumber,
MissingErrorLocationMode aLocationMode) {
uint64_t innerWindowID = 0;
if (aDocument) {
if (!aURI) {
aURI = aDocument->GetDocumentURI();
}
innerWindowID = aDocument->InnerWindowID();
}
return ReportToConsoleByWindowID(aErrorText, aErrorFlags, aCategory,
innerWindowID, aURI, aSourceLine,
aLineNumber, aColumnNumber, aLocationMode);
}
/* static */
nsresult nsContentUtils::ReportToConsoleByWindowID(
const nsAString& aErrorText, uint32_t aErrorFlags,
const nsACString& aCategory, uint64_t aInnerWindowID, nsIURI* aURI,
const nsString& aSourceLine, uint32_t aLineNumber, uint32_t aColumnNumber,
MissingErrorLocationMode aLocationMode) {
nsresult rv;
if (!sConsoleService) { // only need to bother null-checking here
rv = CallGetService(NS_CONSOLESERVICE_CONTRACTID, &sConsoleService);
NS_ENSURE_SUCCESS(rv, rv);
}
nsAutoString spec;
if (!aLineNumber && aLocationMode == eUSE_CALLING_LOCATION) {
JSContext* cx = GetCurrentJSContext();
if (cx) {
nsJSUtils::GetCallingLocation(cx, spec, &aLineNumber, &aColumnNumber);
}
}
nsCOMPtr<nsIScriptError> errorObject =
do_CreateInstance(NS_SCRIPTERROR_CONTRACTID, &rv);
NS_ENSURE_SUCCESS(rv, rv);
if (!spec.IsEmpty()) {
rv = errorObject->InitWithWindowID(aErrorText,
spec, // file name
aSourceLine, aLineNumber, aColumnNumber,
aErrorFlags, aCategory, aInnerWindowID);
} else {
rv = errorObject->InitWithSourceURI(aErrorText, aURI, aSourceLine,
aLineNumber, aColumnNumber, aErrorFlags,
aCategory, aInnerWindowID);
}
NS_ENSURE_SUCCESS(rv, rv);
return sConsoleService->LogMessage(errorObject);
}
void nsContentUtils::LogMessageToConsole(const char* aMsg) {
if (!sConsoleService) { // only need to bother null-checking here
CallGetService(NS_CONSOLESERVICE_CONTRACTID, &sConsoleService);
if (!sConsoleService) {
return;
}
}
sConsoleService->LogStringMessage(NS_ConvertUTF8toUTF16(aMsg).get());
}
bool nsContentUtils::IsChromeDoc(const Document* aDocument) {
return aDocument && aDocument->NodePrincipal() == sSystemPrincipal;
}
bool nsContentUtils::IsChildOfSameType(Document* aDoc) {
if (BrowsingContext* bc = aDoc->GetBrowsingContext()) {
return bc->GetParent();
}
return false;
}
bool nsContentUtils::IsPlainTextType(const nsACString& aContentType) {
// NOTE: if you add a type here, add it to the CONTENTDLF_CATEGORIES
// define in nsContentDLF.h as well.
return aContentType.EqualsLiteral(TEXT_PLAIN) ||
aContentType.EqualsLiteral(TEXT_CSS) ||
aContentType.EqualsLiteral(TEXT_CACHE_MANIFEST) ||
aContentType.EqualsLiteral(TEXT_VTT) ||
aContentType.EqualsLiteral(APPLICATION_JAVASCRIPT) ||
aContentType.EqualsLiteral(APPLICATION_XJAVASCRIPT) ||
aContentType.EqualsLiteral(TEXT_ECMASCRIPT) ||
aContentType.EqualsLiteral(APPLICATION_ECMASCRIPT) ||
aContentType.EqualsLiteral(TEXT_JAVASCRIPT) ||
aContentType.EqualsLiteral(APPLICATION_JSON) ||
aContentType.EqualsLiteral(TEXT_JSON);
}
bool nsContentUtils::IsUtf8OnlyPlainTextType(const nsACString& aContentType) {
// NOTE: This must be a subset of the list in IsPlainTextType().
return aContentType.EqualsLiteral(TEXT_CACHE_MANIFEST) ||
aContentType.EqualsLiteral(APPLICATION_JSON) ||
aContentType.EqualsLiteral(TEXT_JSON) ||
aContentType.EqualsLiteral(TEXT_VTT);
}
bool nsContentUtils::IsInChromeDocshell(const Document* aDocument) {
return aDocument && aDocument->IsInChromeDocShell();
}
// static
nsIContentPolicy* nsContentUtils::GetContentPolicy() {
if (!sTriedToGetContentPolicy) {
CallGetService(NS_CONTENTPOLICY_CONTRACTID, &sContentPolicyService);
// It's OK to not have a content policy service
sTriedToGetContentPolicy = true;
}
return sContentPolicyService;
}
// static
bool nsContentUtils::IsEventAttributeName(nsAtom* aName, int32_t aType) {
const char16_t* name = aName->GetUTF16String();
if (name[0] != 'o' || name[1] != 'n') {
return false;
}
EventNameMapping mapping;
return (sAtomEventTable->Get(aName, &mapping) && mapping.mType & aType);
}
// static
EventMessage nsContentUtils::GetEventMessage(nsAtom* aName) {
MOZ_ASSERT(NS_IsMainThread(), "sAtomEventTable is not threadsafe");
if (aName) {
EventNameMapping mapping;
if (sAtomEventTable->Get(aName, &mapping)) {
return mapping.mMessage;
}
}
return eUnidentifiedEvent;
}
// static
mozilla::EventClassID nsContentUtils::GetEventClassID(const nsAString& aName) {
EventNameMapping mapping;
if (sStringEventTable->Get(aName, &mapping)) return mapping.mEventClassID;
return eBasicEventClass;
}
nsAtom* nsContentUtils::GetEventMessageAndAtom(
const nsAString& aName, mozilla::EventClassID aEventClassID,
EventMessage* aEventMessage) {
MOZ_ASSERT(NS_IsMainThread(), "Our hashtables are not threadsafe");
EventNameMapping mapping;
if (sStringEventTable->Get(aName, &mapping)) {
*aEventMessage = mapping.mEventClassID == aEventClassID
? mapping.mMessage
: eUnidentifiedEvent;
return mapping.mAtom;
}
// If we have cached lots of user defined event names, clear some of them.
if (sUserDefinedEvents->Length() > 127) {
while (sUserDefinedEvents->Length() > 64) {
nsAtom* first = sUserDefinedEvents->ElementAt(0);
sStringEventTable->Remove(Substring(nsDependentAtomString(first), 2));
sUserDefinedEvents->RemoveElementAt(0);
}
}
*aEventMessage = eUnidentifiedEvent;
RefPtr<nsAtom> atom = NS_AtomizeMainThread(u"on"_ns + aName);
sUserDefinedEvents->AppendElement(atom);
mapping.mAtom = atom;
mapping.mMessage = eUnidentifiedEvent;
mapping.mType = EventNameType_None;
mapping.mEventClassID = eBasicEventClass;
sStringEventTable->InsertOrUpdate(aName, mapping);
return mapping.mAtom;
}
// static
EventMessage nsContentUtils::GetEventMessageAndAtomForListener(
const nsAString& aName, nsAtom** aOnName) {
MOZ_ASSERT(NS_IsMainThread(), "Our hashtables are not threadsafe");
// Check sStringEventTable for a matching entry. This will only fail for
// user-defined event types.
EventNameMapping mapping;
if (sStringEventTable->Get(aName, &mapping)) {
RefPtr<nsAtom> atom = mapping.mAtom;
atom.forget(aOnName);
return mapping.mMessage;
}
// sStringEventTable did not contain an entry for this event type string.
// Call GetEventMessageAndAtom, which will create an event type atom and
// cache it in sStringEventTable for future calls.
EventMessage msg = eUnidentifiedEvent;
RefPtr<nsAtom> atom = GetEventMessageAndAtom(aName, eBasicEventClass, &msg);
atom.forget(aOnName);
return msg;
}
static already_AddRefed<Event> GetEventWithTarget(
Document* aDoc, EventTarget* aTarget, const nsAString& aEventName,
CanBubble aCanBubble, Cancelable aCancelable, Composed aComposed,
Trusted aTrusted, ErrorResult& aErrorResult) {
RefPtr<Event> event =
aDoc->CreateEvent(u"Events"_ns, CallerType::System, aErrorResult);
if (aErrorResult.Failed()) {
return nullptr;
}
event->InitEvent(aEventName, aCanBubble, aCancelable, aComposed);
event->SetTrusted(aTrusted == Trusted::eYes);
event->SetTarget(aTarget);
return event.forget();
}
// static
nsresult nsContentUtils::DispatchTrustedEvent(
Document* aDoc, EventTarget* aTarget, const nsAString& aEventName,
CanBubble aCanBubble, Cancelable aCancelable, Composed aComposed,
bool* aDefaultAction) {
MOZ_ASSERT(!aEventName.EqualsLiteral("input") &&
!aEventName.EqualsLiteral("beforeinput"),
"Use DispatchInputEvent() instead");
return DispatchEvent(aDoc, aTarget, aEventName, aCanBubble, aCancelable,
aComposed, Trusted::eYes, aDefaultAction);
}
// static
nsresult nsContentUtils::DispatchUntrustedEvent(
Document* aDoc, EventTarget* aTarget, const nsAString& aEventName,
CanBubble aCanBubble, Cancelable aCancelable, bool* aDefaultAction) {
return DispatchEvent(aDoc, aTarget, aEventName, aCanBubble, aCancelable,
Composed::eDefault, Trusted::eNo, aDefaultAction);
}
// static
nsresult nsContentUtils::DispatchEvent(Document* aDoc, EventTarget* aTarget,
const nsAString& aEventName,
CanBubble aCanBubble,
Cancelable aCancelable,
Composed aComposed, Trusted aTrusted,
bool* aDefaultAction,
ChromeOnlyDispatch aOnlyChromeDispatch) {
if (!aDoc || !aTarget) {
return NS_ERROR_INVALID_ARG;
}
ErrorResult err;
RefPtr<Event> event =
GetEventWithTarget(aDoc, aTarget, aEventName, aCanBubble, aCancelable,
aComposed, aTrusted, err);
if (err.Failed()) {
return err.StealNSResult();
}
event->WidgetEventPtr()->mFlags.mOnlyChromeDispatch =
aOnlyChromeDispatch == ChromeOnlyDispatch::eYes;
bool doDefault = aTarget->DispatchEvent(*event, CallerType::System, err);
if (aDefaultAction) {
*aDefaultAction = doDefault;
}
return err.StealNSResult();
}
// static
nsresult nsContentUtils::DispatchEvent(Document* aDoc, EventTarget* aTarget,
WidgetEvent& aEvent,
EventMessage aEventMessage,
CanBubble aCanBubble,
Cancelable aCancelable, Trusted aTrusted,
bool* aDefaultAction,
ChromeOnlyDispatch aOnlyChromeDispatch) {
MOZ_ASSERT_IF(aOnlyChromeDispatch == ChromeOnlyDispatch::eYes,
aTrusted == Trusted::eYes);
aEvent.mSpecifiedEventType = GetEventTypeFromMessage(aEventMessage);
aEvent.SetDefaultComposed();
aEvent.SetDefaultComposedInNativeAnonymousContent();
aEvent.mFlags.mBubbles = aCanBubble == CanBubble::eYes;
aEvent.mFlags.mCancelable = aCancelable == Cancelable::eYes;
aEvent.mFlags.mOnlyChromeDispatch =
aOnlyChromeDispatch == ChromeOnlyDispatch::eYes;
aEvent.mTarget = aTarget;
nsEventStatus status = nsEventStatus_eIgnore;
nsresult rv = EventDispatcher::DispatchDOMEvent(aTarget, &aEvent, nullptr,
nullptr, &status);
if (aDefaultAction) {
*aDefaultAction = (status != nsEventStatus_eConsumeNoDefault);
}
return rv;
}
// static
nsresult nsContentUtils::DispatchInputEvent(Element* aEventTarget) {
return DispatchInputEvent(aEventTarget, mozilla::eEditorInput,
mozilla::EditorInputType::eUnknown, nullptr,
InputEventOptions());
}
// static
nsresult nsContentUtils::DispatchInputEvent(
Element* aEventTargetElement, EventMessage aEventMessage,
EditorInputType aEditorInputType, EditorBase* aEditorBase,
InputEventOptions&& aOptions, nsEventStatus* aEventStatus /* = nullptr */) {
MOZ_ASSERT(aEventMessage == eEditorInput ||
aEventMessage == eEditorBeforeInput);
if (NS_WARN_IF(!aEventTargetElement)) {
return NS_ERROR_INVALID_ARG;
}
// If this is called from editor, the instance should be set to aEditorBase.
// Otherwise, we need to look for an editor for aEventTargetElement.
// However, we don't need to do it for HTMLEditor since nobody shouldn't
// dispatch "beforeinput" nor "input" event for HTMLEditor except HTMLEditor
// itself.
bool useInputEvent = false;
if (aEditorBase) {
useInputEvent = true;
} else if (HTMLTextAreaElement* textAreaElement =
HTMLTextAreaElement::FromNode(aEventTargetElement)) {
aEditorBase = textAreaElement->GetTextEditorWithoutCreation();
useInputEvent = true;
} else if (HTMLInputElement* inputElement =
HTMLInputElement::FromNode(aEventTargetElement)) {
if (inputElement->IsInputEventTarget()) {
aEditorBase = inputElement->GetTextEditorWithoutCreation();
useInputEvent = true;
}
}
#ifdef DEBUG
else {
MOZ_ASSERT(!aEventTargetElement->IsTextControlElement(),
"The event target may have editor, but we've not known it yet.");
}
#endif // #ifdef DEBUG
if (!useInputEvent) {
MOZ_ASSERT(aEventMessage == eEditorInput);
MOZ_ASSERT(aEditorInputType == EditorInputType::eUnknown);
MOZ_ASSERT(!aOptions.mNeverCancelable);
// Dispatch "input" event with Event instance.
WidgetEvent widgetEvent(true, eUnidentifiedEvent);
widgetEvent.mSpecifiedEventType = nsGkAtoms::oninput;
widgetEvent.mFlags.mCancelable = false;
widgetEvent.mFlags.mComposed = true;
return AsyncEventDispatcher::RunDOMEventWhenSafe(*aEventTargetElement,
widgetEvent, aEventStatus);
}
MOZ_ASSERT_IF(aEventMessage != eEditorBeforeInput,
!aOptions.mNeverCancelable);
MOZ_ASSERT_IF(
aEventMessage == eEditorBeforeInput && aOptions.mNeverCancelable,
aEditorInputType == EditorInputType::eInsertReplacementText);
nsCOMPtr<nsIWidget> widget;
if (aEditorBase) {
widget = aEditorBase->GetWidget();
if (NS_WARN_IF(!widget)) {
return NS_ERROR_FAILURE;
}
} else {
Document* document = aEventTargetElement->OwnerDoc();
if (NS_WARN_IF(!document)) {
return NS_ERROR_FAILURE;
}
// If we're running xpcshell tests, we fail to get presShell here.
// Even in such case, we need to dispatch "input" event without widget.
PresShell* presShell = document->GetPresShell();
if (presShell) {
nsPresContext* presContext = presShell->GetPresContext();
if (NS_WARN_IF(!presContext)) {
return NS_ERROR_FAILURE;
}
widget = presContext->GetRootWidget();
if (NS_WARN_IF(!widget)) {
return NS_ERROR_FAILURE;
}
}
}
// Dispatch "input" event with InputEvent instance.
InternalEditorInputEvent inputEvent(true, aEventMessage, widget);
inputEvent.mFlags.mCancelable =
!aOptions.mNeverCancelable && aEventMessage == eEditorBeforeInput &&
IsCancelableBeforeInputEvent(aEditorInputType);
MOZ_ASSERT(!inputEvent.mFlags.mCancelable || aEventStatus);
// If there is an editor, set isComposing to true when it has composition.
// Note that EditorBase::IsIMEComposing() may return false even when we
// need to set it to true.
// Otherwise, i.e., editor hasn't been created for the element yet,
// we should set isComposing to false since the element can never has
// composition without editor.
inputEvent.mIsComposing = aEditorBase && aEditorBase->GetComposition();
if (!aEditorBase || aEditorBase->IsTextEditor()) {
if (IsDataAvailableOnTextEditor(aEditorInputType)) {
inputEvent.mData = std::move(aOptions.mData);
MOZ_ASSERT(!inputEvent.mData.IsVoid(),
"inputEvent.mData shouldn't be void");
}
#ifdef DEBUG
else {
MOZ_ASSERT(inputEvent.mData.IsVoid(), "inputEvent.mData should be void");
}
#endif // #ifdef DEBUG
MOZ_ASSERT(
aOptions.mTargetRanges.IsEmpty(),
"Target ranges for <input> and <textarea> should always be empty");
} else {
MOZ_ASSERT(aEditorBase->IsHTMLEditor());
if (IsDataAvailableOnHTMLEditor(aEditorInputType)) {
inputEvent.mData = std::move(aOptions.mData);
MOZ_ASSERT(!inputEvent.mData.IsVoid(),
"inputEvent.mData shouldn't be void");
} else {
MOZ_ASSERT(inputEvent.mData.IsVoid(), "inputEvent.mData should be void");
if (IsDataTransferAvailableOnHTMLEditor(aEditorInputType)) {
inputEvent.mDataTransfer = std::move(aOptions.mDataTransfer);
MOZ_ASSERT(inputEvent.mDataTransfer,
"inputEvent.mDataTransfer shouldn't be nullptr");
MOZ_ASSERT(inputEvent.mDataTransfer->IsReadOnly(),
"inputEvent.mDataTransfer should be read only");
}
#ifdef DEBUG
else {
MOZ_ASSERT(!inputEvent.mDataTransfer,
"inputEvent.mDataTransfer should be nullptr");
}
#endif // #ifdef DEBUG
}
if (aEventMessage == eEditorBeforeInput &&
MayHaveTargetRangesOnHTMLEditor(aEditorInputType)) {
inputEvent.mTargetRanges = std::move(aOptions.mTargetRanges);
}
#ifdef DEBUG
else {
MOZ_ASSERT(aOptions.mTargetRanges.IsEmpty(),
"Target ranges shouldn't be set for the dispatching event");
}
#endif // #ifdef DEBUG
}
inputEvent.mInputType = aEditorInputType;
// If we cannot dispatch an event right now, we cannot make it cancelable.
if (!nsContentUtils::IsSafeToRunScript()) {
NS_ASSERTION(
!inputEvent.mFlags.mCancelable,
"Cancelable beforeinput event dispatcher should run when it's safe");
inputEvent.mFlags.mCancelable = false;
}
return AsyncEventDispatcher::RunDOMEventWhenSafe(*aEventTargetElement,
inputEvent, aEventStatus);
}
nsresult nsContentUtils::DispatchChromeEvent(
Document* aDoc, EventTarget* aTarget, const nsAString& aEventName,
CanBubble aCanBubble, Cancelable aCancelable, bool* aDefaultAction) {
if (!aDoc || !aTarget) {
return NS_ERROR_INVALID_ARG;
}
if (!aDoc->GetWindow()) {
return NS_ERROR_INVALID_ARG;
}
EventTarget* piTarget = aDoc->GetWindow()->GetParentTarget();
if (!piTarget) {
return NS_ERROR_INVALID_ARG;
}
ErrorResult err;
RefPtr<Event> event =
GetEventWithTarget(aDoc, aTarget, aEventName, aCanBubble, aCancelable,
Composed::eDefault, Trusted::eYes, err);
if (err.Failed()) {
return err.StealNSResult();
}
bool defaultActionEnabled =
piTarget->DispatchEvent(*event, CallerType::System, err);
if (aDefaultAction) {
*aDefaultAction = defaultActionEnabled;
}
return err.StealNSResult();
}
void nsContentUtils::RequestFrameFocus(Element& aFrameElement, bool aCanRaise,
CallerType aCallerType) {
RefPtr<Element> target = &aFrameElement;
bool defaultAction = true;
if (aCanRaise) {
DispatchEventOnlyToChrome(target->OwnerDoc(), target,
u"framefocusrequested"_ns, CanBubble::eYes,
Cancelable::eYes, &defaultAction);
}
if (!defaultAction) {
return;
}
RefPtr<nsFocusManager> fm = nsFocusManager::GetFocusManager();
if (!fm) {
return;
}
uint32_t flags = nsIFocusManager::FLAG_NOSCROLL;
if (aCanRaise) {
flags |= nsIFocusManager::FLAG_RAISE;
}
if (aCallerType == CallerType::NonSystem) {
flags |= nsIFocusManager::FLAG_NONSYSTEMCALLER;
}
fm->SetFocus(target, flags);
}
nsresult nsContentUtils::DispatchEventOnlyToChrome(
Document* aDoc, EventTarget* aTarget, const nsAString& aEventName,
CanBubble aCanBubble, Cancelable aCancelable, Composed aComposed,
bool* aDefaultAction) {
return DispatchEvent(aDoc, aTarget, aEventName, aCanBubble, aCancelable,
aComposed, Trusted::eYes, aDefaultAction,
ChromeOnlyDispatch::eYes);
}
/* static */
Element* nsContentUtils::MatchElementId(nsIContent* aContent,
const nsAtom* aId) {
for (nsIContent* cur = aContent; cur; cur = cur->GetNextNode(aContent)) {
if (aId == cur->GetID()) {
return cur->AsElement();
}
}
return nullptr;
}
/* static */
Element* nsContentUtils::MatchElementId(nsIContent* aContent,
const nsAString& aId) {
MOZ_ASSERT(!aId.IsEmpty(), "Will match random elements");
// ID attrs are generally stored as atoms, so just atomize this up front
RefPtr<nsAtom> id(NS_Atomize(aId));
if (!id) {
// OOM, so just bail
return nullptr;
}
return MatchElementId(aContent, id);
}
/* static */
void nsContentUtils::RegisterShutdownObserver(nsIObserver* aObserver) {
nsCOMPtr<nsIObserverService> observerService =
mozilla::services::GetObserverService();
if (observerService) {
observerService->AddObserver(aObserver, NS_XPCOM_SHUTDOWN_OBSERVER_ID,
false);
}
}
/* static */
void nsContentUtils::UnregisterShutdownObserver(nsIObserver* aObserver) {
nsCOMPtr<nsIObserverService> observerService =
mozilla::services::GetObserverService();
if (observerService) {
observerService->RemoveObserver(aObserver, NS_XPCOM_SHUTDOWN_OBSERVER_ID);
}
}
/* static */
bool nsContentUtils::HasNonEmptyAttr(const nsIContent* aContent,
int32_t aNameSpaceID, nsAtom* aName) {
static AttrArray::AttrValuesArray strings[] = {nsGkAtoms::_empty, nullptr};
return aContent->IsElement() &&
aContent->AsElement()->FindAttrValueIn(aNameSpaceID, aName, strings,
eCaseMatters) ==
AttrArray::ATTR_VALUE_NO_MATCH;
}
/* static */
bool nsContentUtils::HasMutationListeners(nsINode* aNode, uint32_t aType,
nsINode* aTargetForSubtreeModified) {
Document* doc = aNode->OwnerDoc();
// global object will be null for documents that don't have windows.
nsPIDOMWindowInner* window = doc->GetInnerWindow();
// This relies on EventListenerManager::AddEventListener, which sets
// all mutation bits when there is a listener for DOMSubtreeModified event.
if (window && !window->HasMutationListeners(aType)) {
return false;
}
if (aNode->ChromeOnlyAccess() || aNode->IsInShadowTree()) {
return false;
}
doc->MayDispatchMutationEvent(aTargetForSubtreeModified);
// If we have a window, we can check it for mutation listeners now.
if (aNode->IsInUncomposedDoc()) {
nsCOMPtr<EventTarget> piTarget(do_QueryInterface(window));
if (piTarget) {
EventListenerManager* manager = piTarget->GetExistingListenerManager();
if (manager && manager->HasMutationListeners()) {
return true;
}
}
}
// If we have a window, we know a mutation listener is registered, but it
// might not be in our chain. If we don't have a window, we might have a
// mutation listener. Check quickly to see.
while (aNode) {
EventListenerManager* manager = aNode->GetExistingListenerManager();
if (manager && manager->HasMutationListeners()) {
return true;
}
aNode = aNode->GetParentNode();
}
return false;
}
/* static */
bool nsContentUtils::HasMutationListeners(Document* aDocument, uint32_t aType) {
nsPIDOMWindowInner* window =
aDocument ? aDocument->GetInnerWindow() : nullptr;
// This relies on EventListenerManager::AddEventListener, which sets
// all mutation bits when there is a listener for DOMSubtreeModified event.
return !window || window->HasMutationListeners(aType);
}
void nsContentUtils::MaybeFireNodeRemoved(nsINode* aChild, nsINode* aParent) {
MOZ_ASSERT(aChild, "Missing child");
MOZ_ASSERT(aChild->GetParentNode() == aParent, "Wrong parent");
MOZ_ASSERT(aChild->OwnerDoc() == aParent->OwnerDoc(), "Wrong owner-doc");
// Having an explicit check here since it's an easy mistake to fall into,
// and there might be existing code with problems. We'd rather be safe
// than fire DOMNodeRemoved in all corner cases. We also rely on it for
// nsAutoScriptBlockerSuppressNodeRemoved.
if (!IsSafeToRunScript()) {
// This checks that IsSafeToRunScript is true since we don't want to fire
// events when that is false. We can't rely on EventDispatcher to assert
// this in this situation since most of the time there are no mutation
// event listeners, in which case we won't even attempt to dispatch events.
// However this also allows for two exceptions. First off, we don't assert
// if the mutation happens to native anonymous content since we never fire
// mutation events on such content anyway.
// Second, we don't assert if sDOMNodeRemovedSuppressCount is true since
// that is a know case when we'd normally fire a mutation event, but can't
// make that safe and so we suppress it at this time. Ideally this should
// go away eventually.
if (!aChild->IsInNativeAnonymousSubtree() &&
!sDOMNodeRemovedSuppressCount) {
NS_ERROR("Want to fire DOMNodeRemoved event, but it's not safe");
WarnScriptWasIgnored(aChild->OwnerDoc());
}
return;
}
{
Document* doc = aParent->OwnerDoc();
if (MOZ_UNLIKELY(doc->DevToolsWatchingDOMMutations()) &&
aChild->IsInComposedDoc() && !aChild->ChromeOnlyAccess()) {
DispatchChromeEvent(doc, aChild, u"devtoolschildremoved"_ns,
CanBubble::eNo, Cancelable::eNo);
}
}
if (HasMutationListeners(aChild, NS_EVENT_BITS_MUTATION_NODEREMOVED,
aParent)) {
InternalMutationEvent mutation(true, eLegacyNodeRemoved);
mutation.mRelatedNode = aParent;
mozAutoSubtreeModified subtree(aParent->OwnerDoc(), aParent);
EventDispatcher::Dispatch(aChild, nullptr, &mutation);
}
}
void nsContentUtils::UnmarkGrayJSListenersInCCGenerationDocuments() {
if (!sEventListenerManagersHash) {
return;
}
for (auto i = sEventListenerManagersHash->Iter(); !i.Done(); i.Next()) {
auto entry = static_cast<EventListenerManagerMapEntry*>(i.Get());
nsINode* n = static_cast<nsINode*>(entry->mListenerManager->GetTarget());
if (n && n->IsInComposedDoc() &&
nsCCUncollectableMarker::InGeneration(
n->OwnerDoc()->GetMarkedCCGeneration())) {
entry->mListenerManager->MarkForCC();
}
}
}
/* static */
void nsContentUtils::TraverseListenerManager(
nsINode* aNode, nsCycleCollectionTraversalCallback& cb) {
if (!sEventListenerManagersHash) {
// We're already shut down, just return.
return;
}
auto entry = static_cast<EventListenerManagerMapEntry*>(
sEventListenerManagersHash->Search(aNode));
if (entry) {
CycleCollectionNoteChild(cb, entry->mListenerManager.get(),
"[via hash] mListenerManager");
}
}
EventListenerManager* nsContentUtils::GetListenerManagerForNode(
nsINode* aNode) {
if (!sEventListenerManagersHash) {
// We're already shut down, don't bother creating an event listener
// manager.
return nullptr;
}
auto entry = static_cast<EventListenerManagerMapEntry*>(
sEventListenerManagersHash->Add(aNode, fallible));
if (!entry) {
return nullptr;
}
if (!entry->mListenerManager) {
entry->mListenerManager = new EventListenerManager(aNode);
aNode->SetFlags(NODE_HAS_LISTENERMANAGER);
}
return entry->mListenerManager;
}
EventListenerManager* nsContentUtils::GetExistingListenerManagerForNode(
const nsINode* aNode) {
if (!aNode->HasFlag(NODE_HAS_LISTENERMANAGER)) {
return nullptr;
}
if (!sEventListenerManagersHash) {
// We're already shut down, don't bother creating an event listener
// manager.
return nullptr;
}
auto entry = static_cast<EventListenerManagerMapEntry*>(
sEventListenerManagersHash->Search(aNode));
if (entry) {
return entry->mListenerManager;
}
return nullptr;
}
void nsContentUtils::AddEntryToDOMArenaTable(nsINode* aNode,
DOMArena* aDOMArena) {
MOZ_ASSERT(StaticPrefs::dom_arena_allocator_enabled_AtStartup());
MOZ_ASSERT_IF(sDOMArenaHashtable, !sDOMArenaHashtable->Contains(aNode));
MOZ_ASSERT(!aNode->HasFlag(NODE_KEEPS_DOMARENA));
if (!sDOMArenaHashtable) {
sDOMArenaHashtable =
new nsRefPtrHashtable<nsPtrHashKey<const nsINode>, dom::DOMArena>();
}
aNode->SetFlags(NODE_KEEPS_DOMARENA);
sDOMArenaHashtable->InsertOrUpdate(aNode, RefPtr<DOMArena>(aDOMArena));
}
already_AddRefed<DOMArena> nsContentUtils::TakeEntryFromDOMArenaTable(
const nsINode* aNode) {
MOZ_ASSERT(sDOMArenaHashtable->Contains(aNode));
MOZ_ASSERT(StaticPrefs::dom_arena_allocator_enabled_AtStartup());
RefPtr<DOMArena> arena;
sDOMArenaHashtable->Remove(aNode, getter_AddRefs(arena));
return arena.forget();
}
/* static */
void nsContentUtils::RemoveListenerManager(nsINode* aNode) {
if (sEventListenerManagersHash) {
auto entry = static_cast<EventListenerManagerMapEntry*>(
sEventListenerManagersHash->Search(aNode));
if (entry) {
RefPtr<EventListenerManager> listenerManager;
listenerManager.swap(entry->mListenerManager);
// Remove the entry and *then* do operations that could cause further
// modification of sEventListenerManagersHash. See bug 334177.
sEventListenerManagersHash->RawRemove(entry);
if (listenerManager) {
listenerManager->Disconnect();
}
}
}
}
/* static */
bool nsContentUtils::IsValidNodeName(nsAtom* aLocalName, nsAtom* aPrefix,
int32_t aNamespaceID) {
if (aNamespaceID == kNameSpaceID_Unknown) {
return false;
}
if (!aPrefix) {
// If the prefix is null, then either the QName must be xmlns or the
// namespace must not be XMLNS.
return (aLocalName == nsGkAtoms::xmlns) ==
(aNamespaceID == kNameSpaceID_XMLNS);
}
// If the prefix is non-null then the namespace must not be null.
if (aNamespaceID == kNameSpaceID_None) {
return false;
}
// If the namespace is the XMLNS namespace then the prefix must be xmlns,
// but the localname must not be xmlns.
if (aNamespaceID == kNameSpaceID_XMLNS) {
return aPrefix == nsGkAtoms::xmlns && aLocalName != nsGkAtoms::xmlns;
}
// If the namespace is not the XMLNS namespace then the prefix must not be
// xmlns.
// If the namespace is the XML namespace then the prefix can be anything.
// If the namespace is not the XML namespace then the prefix must not be xml.
return aPrefix != nsGkAtoms::xmlns &&
(aNamespaceID == kNameSpaceID_XML || aPrefix != nsGkAtoms::xml);
}
already_AddRefed<DocumentFragment> nsContentUtils::CreateContextualFragment(
nsINode* aContextNode, const nsAString& aFragment,
bool aPreventScriptExecution, ErrorResult& aRv) {
if (!aContextNode) {
aRv.Throw(NS_ERROR_INVALID_ARG);
return nullptr;
}
// If we don't have a document here, we can't get the right security context
// for compiling event handlers... so just bail out.
RefPtr<Document> document = aContextNode->OwnerDoc();
bool isHTML = document->IsHTMLDocument();
if (isHTML) {
RefPtr<DocumentFragment> frag = new (document->NodeInfoManager())
DocumentFragment(document->NodeInfoManager());
Element* element = aContextNode->GetAsElementOrParentElement();
if (element && !element->IsHTMLElement(nsGkAtoms::html)) {
aRv = ParseFragmentHTML(
aFragment, frag, element->NodeInfo()->NameAtom(),
element->GetNameSpaceID(),
(document->GetCompatibilityMode() == eCompatibility_NavQuirks),
aPreventScriptExecution);
} else {
aRv = ParseFragmentHTML(
aFragment, frag, nsGkAtoms::body, kNameSpaceID_XHTML,
(document->GetCompatibilityMode() == eCompatibility_NavQuirks),
aPreventScriptExecution);
}
return frag.forget();
}
AutoTArray<nsString, 32> tagStack;
nsAutoString uriStr, nameStr;
for (Element* element : aContextNode->InclusiveAncestorsOfType<Element>()) {
nsString& tagName = *tagStack.AppendElement();
// It mostly doesn't actually matter what tag name we use here: XML doesn't
// have parsing that depends on the open tag stack, apart from namespace
// declarations. So this whole tagStack bit is just there to get the right
// namespace declarations to the XML parser. That said, the parser _is_
// going to create elements with the tag names we provide here, so we need
// to make sure they are not names that can trigger custom element
// constructors. Just make up a name that is never going to be a valid
// custom element name.
//
// The principled way to do this would probably be to add a new FromParser
// value and make sure we use it when creating the context elements, then
// make sure we teach all FromParser consumers (and in particular the custom
// element code) about it as needed. But right now the XML parser never
// actually uses FromParser values other than NOT_FROM_PARSER, and changing
// that is pretty complicated.
tagName.AssignLiteral("notacustomelement");
// see if we need to add xmlns declarations
uint32_t count = element->GetAttrCount();
bool setDefaultNamespace = false;
if (count > 0) {
uint32_t index;
for (index = 0; index < count; index++) {
const BorrowedAttrInfo info = element->GetAttrInfoAt(index);
const nsAttrName* name = info.mName;
if (name->NamespaceEquals(kNameSpaceID_XMLNS)) {
info.mValue->ToString(uriStr);
// really want something like nsXMLContentSerializer::SerializeAttr
tagName.AppendLiteral(" xmlns"); // space important
if (name->GetPrefix()) {
tagName.Append(char16_t(':'));
name->LocalName()->ToString(nameStr);
tagName.Append(nameStr);
} else {
setDefaultNamespace = true;
}
tagName.AppendLiteral(R"(=")");
tagName.Append(uriStr);
tagName.Append('"');
}
}
}
if (!setDefaultNamespace) {
mozilla::dom::NodeInfo* info = element->NodeInfo();
if (!info->GetPrefixAtom() && info->NamespaceID() != kNameSpaceID_None) {
// We have no namespace prefix, but have a namespace ID. Push
// default namespace attr in, so that our kids will be in our
// namespace.
info->GetNamespaceURI(uriStr);
tagName.AppendLiteral(R"( xmlns=")");
tagName.Append(uriStr);
tagName.Append('"');
}
}
}
RefPtr<DocumentFragment> frag;
aRv = ParseFragmentXML(aFragment, document, tagStack, aPreventScriptExecution,
-1, getter_AddRefs(frag));
return frag.forget();
}
/* static */
void nsContentUtils::DropFragmentParsers() {
NS_IF_RELEASE(sHTMLFragmentParser);
NS_IF_RELEASE(sXMLFragmentParser);
NS_IF_RELEASE(sXMLFragmentSink);
}
/* static */
void nsContentUtils::XPCOMShutdown() { nsContentUtils::DropFragmentParsers(); }
/* Helper function to compuate Sanitization Flags for ParseFramentHTML/XML */
uint32_t computeSanitizationFlags(nsIPrincipal* aPrincipal, int32_t aFlags) {
uint32_t sanitizationFlags = 0;
if (aPrincipal->IsSystemPrincipal()) {
if (aFlags < 0) {
// if this is a chrome-privileged document and no explicit flags
// were passed, then use this sanitization flags.
sanitizationFlags = nsIParserUtils::SanitizerAllowStyle |
nsIParserUtils::SanitizerAllowComments |
nsIParserUtils::SanitizerDropForms |
nsIParserUtils::SanitizerLogRemovals;
} else {
// if the caller explicitly passes flags, then we use those
// flags but additionally drop forms.
sanitizationFlags = aFlags | nsIParserUtils::SanitizerDropForms;
}
} else if (aFlags >= 0) {
// aFlags by default is -1 and is only ever non equal to -1 if the
// caller of ParseFragmentHTML/ParseFragmentXML is
// ParserUtils::ParseFragment(). Only in that case we should use
// the sanitization flags passed within aFlags.
sanitizationFlags = aFlags;
}
return sanitizationFlags;
}
/* static */
void nsContentUtils::SetHTMLUnsafe(FragmentOrElement* aTarget,
Element* aContext,
const nsAString& aSource) {
RefPtr<DocumentFragment> fragment;
{
MOZ_ASSERT(!sFragmentParsingActive,
"Re-entrant fragment parsing attempted.");
mozilla::AutoRestore<bool> guard(sFragmentParsingActive);
sFragmentParsingActive = true;
if (!sHTMLFragmentParser) {
NS_ADDREF(sHTMLFragmentParser = new nsHtml5StringParser());
// Now sHTMLFragmentParser owns the object
}
nsAtom* contextLocalName = aContext->NodeInfo()->NameAtom();
int32_t contextNameSpaceID = aContext->GetNameSpaceID();
RefPtr<Document> doc = aTarget->OwnerDoc();
fragment = doc->CreateDocumentFragment();
nsresult rv = sHTMLFragmentParser->ParseFragment(
aSource, fragment, contextLocalName, contextNameSpaceID,
fragment->OwnerDoc()->GetCompatibilityMode() ==
eCompatibility_NavQuirks,
true, true);
if (NS_FAILED(rv)) {
NS_WARNING("Failed to parse fragment for SetHTMLUnsafe");
}
}
aTarget->ReplaceChildren(fragment, IgnoreErrors());
}
/* static */
nsresult nsContentUtils::ParseFragmentHTML(
const nsAString& aSourceBuffer, nsIContent* aTargetNode,
nsAtom* aContextLocalName, int32_t aContextNamespace, bool aQuirks,
bool aPreventScriptExecution, int32_t aFlags) {
if (nsContentUtils::sFragmentParsingActive) {
MOZ_ASSERT_UNREACHABLE("Re-entrant fragment parsing attempted.");
return NS_ERROR_DOM_INVALID_STATE_ERR;
}
mozilla::AutoRestore<bool> guard(nsContentUtils::sFragmentParsingActive);
nsContentUtils::sFragmentParsingActive = true;
if (!sHTMLFragmentParser) {
NS_ADDREF(sHTMLFragmentParser = new nsHtml5StringParser());
// Now sHTMLFragmentParser owns the object
}
nsCOMPtr<nsIPrincipal> nodePrincipal = aTargetNode->NodePrincipal();
#ifdef DEBUG
// aFlags should always be -1 unless the caller of ParseFragmentHTML
// is ParserUtils::ParseFragment() which is the only caller that intends
// sanitization. For all other callers we need to ensure to call
// AuditParsingOfHTMLXMLFragments.
if (aFlags < 0) {
DOMSecurityMonitor::AuditParsingOfHTMLXMLFragments(nodePrincipal,
aSourceBuffer);
}
#endif
nsIContent* target = aTargetNode;
RefPtr<Document> doc = aTargetNode->OwnerDoc();
RefPtr<DocumentFragment> fragment;
// We sanitize if the fragment occurs in a system privileged
// context, an about: page, or if there are explicit sanitization flags.
// Please note that about:blank and about:srcdoc inherit the security
// context from the embedding context and hence are not loaded using
// an about: scheme principal.
bool shouldSanitize = nodePrincipal->IsSystemPrincipal() ||
nodePrincipal->SchemeIs("about") || aFlags >= 0;
if (shouldSanitize) {
if (!doc->IsLoadedAsData()) {
doc = nsContentUtils::CreateInertHTMLDocument(doc);
if (!doc) {
return NS_ERROR_FAILURE;
}
}
fragment =
new (doc->NodeInfoManager()) DocumentFragment(doc->NodeInfoManager());
target = fragment;
}
nsresult rv = sHTMLFragmentParser->ParseFragment(
aSourceBuffer, target, aContextLocalName, aContextNamespace, aQuirks,
aPreventScriptExecution, false);
NS_ENSURE_SUCCESS(rv, rv);
if (fragment) {
uint32_t sanitizationFlags =
computeSanitizationFlags(nodePrincipal, aFlags);
// Don't fire mutation events for nodes removed by the sanitizer.
nsAutoScriptBlockerSuppressNodeRemoved scriptBlocker;
nsTreeSanitizer sanitizer(sanitizationFlags);
sanitizer.Sanitize(fragment);
ErrorResult error;
aTargetNode->AppendChild(*fragment, error);
rv = error.StealNSResult();
}
return rv;
}
/* static */
nsresult nsContentUtils::ParseDocumentHTML(
const nsAString& aSourceBuffer, Document* aTargetDocument,
bool aScriptingEnabledForNoscriptParsing) {
if (nsContentUtils::sFragmentParsingActive) {
MOZ_ASSERT_UNREACHABLE("Re-entrant fragment parsing attempted.");
return NS_ERROR_DOM_INVALID_STATE_ERR;
}
mozilla::AutoRestore<bool> guard(nsContentUtils::sFragmentParsingActive);
nsContentUtils::sFragmentParsingActive = true;
if (!sHTMLFragmentParser) {
NS_ADDREF(sHTMLFragmentParser = new nsHtml5StringParser());
// Now sHTMLFragmentParser owns the object
}
nsresult rv = sHTMLFragmentParser->ParseDocument(
aSourceBuffer, aTargetDocument, aScriptingEnabledForNoscriptParsing);
return rv;
}
/* static */
nsresult nsContentUtils::ParseFragmentXML(const nsAString& aSourceBuffer,
Document* aDocument,
nsTArray<nsString>& aTagStack,
bool aPreventScriptExecution,
int32_t aFlags,
DocumentFragment** aReturn) {
if (nsContentUtils::sFragmentParsingActive) {
MOZ_ASSERT_UNREACHABLE("Re-entrant fragment parsing attempted.");
return NS_ERROR_DOM_INVALID_STATE_ERR;
}
mozilla::AutoRestore<bool> guard(nsContentUtils::sFragmentParsingActive);
nsContentUtils::sFragmentParsingActive = true;
if (!sXMLFragmentParser) {
RefPtr<nsParser> parser = new nsParser();
parser.forget(&sXMLFragmentParser);
// sXMLFragmentParser now owns the parser
}
if (!sXMLFragmentSink) {
NS_NewXMLFragmentContentSink(&sXMLFragmentSink);
// sXMLFragmentSink now owns the sink
}
nsCOMPtr<nsIContentSink> contentsink = do_QueryInterface(sXMLFragmentSink);
MOZ_ASSERT(contentsink, "Sink doesn't QI to nsIContentSink!");
sXMLFragmentParser->SetContentSink(contentsink);
RefPtr<Document> doc;
nsCOMPtr<nsIPrincipal> nodePrincipal = aDocument->NodePrincipal();
#ifdef DEBUG
// aFlags should always be -1 unless the caller of ParseFragmentXML
// is ParserUtils::ParseFragment() which is the only caller that intends
// sanitization. For all other callers we need to ensure to call
// AuditParsingOfHTMLXMLFragments.
if (aFlags < 0) {
DOMSecurityMonitor::AuditParsingOfHTMLXMLFragments(nodePrincipal,
aSourceBuffer);
}
#endif
// We sanitize if the fragment occurs in a system privileged
// context, an about: page, or if there are explicit sanitization flags.
// Please note that about:blank and about:srcdoc inherit the security
// context from the embedding context and hence are not loaded using
// an about: scheme principal.
bool shouldSanitize = nodePrincipal->IsSystemPrincipal() ||
nodePrincipal->SchemeIs("about") || aFlags >= 0;
if (shouldSanitize && !aDocument->IsLoadedAsData()) {
doc = nsContentUtils::CreateInertXMLDocument(aDocument);
} else {
doc = aDocument;
}
sXMLFragmentSink->SetTargetDocument(doc);
sXMLFragmentSink->SetPreventScriptExecution(aPreventScriptExecution);
nsresult rv = sXMLFragmentParser->ParseFragment(aSourceBuffer, aTagStack);
if (NS_FAILED(rv)) {
// Drop the fragment parser and sink that might be in an inconsistent state
NS_IF_RELEASE(sXMLFragmentParser);
NS_IF_RELEASE(sXMLFragmentSink);
return rv;
}
rv = sXMLFragmentSink->FinishFragmentParsing(aReturn);
sXMLFragmentParser->Reset();
NS_ENSURE_SUCCESS(rv, rv);
if (shouldSanitize) {
uint32_t sanitizationFlags =
computeSanitizationFlags(nodePrincipal, aFlags);
// Don't fire mutation events for nodes removed by the sanitizer.
nsAutoScriptBlockerSuppressNodeRemoved scriptBlocker;
nsTreeSanitizer sanitizer(sanitizationFlags);
sanitizer.Sanitize(*aReturn);
}
return rv;
}
/* static */
nsresult nsContentUtils::ConvertToPlainText(const nsAString& aSourceBuffer,
nsAString& aResultBuffer,
uint32_t aFlags,
uint32_t aWrapCol) {
RefPtr<Document> document = nsContentUtils::CreateInertHTMLDocument(nullptr);
if (!document) {
return NS_ERROR_FAILURE;
}
nsresult rv = nsContentUtils::ParseDocumentHTML(
aSourceBuffer, document,
!(aFlags & nsIDocumentEncoder::OutputNoScriptContent));
NS_ENSURE_SUCCESS(rv, rv);
nsCOMPtr<nsIDocumentEncoder> encoder = do_createDocumentEncoder("text/plain");
rv = encoder->Init(document, u"text/plain"_ns, aFlags);
NS_ENSURE_SUCCESS(rv, rv);
encoder->SetWrapColumn(aWrapCol);
return encoder->EncodeToString(aResultBuffer);
}
static already_AddRefed<Document> CreateInertDocument(const Document* aTemplate,
DocumentFlavor aFlavor) {
if (aTemplate) {
bool hasHad = true;
nsIScriptGlobalObject* sgo = aTemplate->GetScriptHandlingObject(hasHad);
NS_ENSURE_TRUE(sgo || !hasHad, nullptr);
nsCOMPtr<Document> doc;
nsresult rv = NS_NewDOMDocument(
getter_AddRefs(doc), u""_ns, u""_ns, nullptr,
aTemplate->GetDocumentURI(), aTemplate->GetDocBaseURI(),
aTemplate->NodePrincipal(), true, sgo, aFlavor);
if (NS_FAILED(rv)) {
return nullptr;
}
return doc.forget();
}
nsCOMPtr<nsIURI> uri;
NS_NewURI(getter_AddRefs(uri), "about:blank"_ns);
if (!uri) {
return nullptr;
}
RefPtr<NullPrincipal> nullPrincipal =
NullPrincipal::CreateWithoutOriginAttributes();
if (!nullPrincipal) {
return nullptr;
}
nsCOMPtr<Document> doc;
nsresult rv =
NS_NewDOMDocument(getter_AddRefs(doc), u""_ns, u""_ns, nullptr, uri, uri,
nullPrincipal, true, nullptr, aFlavor);
if (NS_FAILED(rv)) {
return nullptr;
}
return doc.forget();
}
/* static */
already_AddRefed<Document> nsContentUtils::CreateInertXMLDocument(
const Document* aTemplate) {
return CreateInertDocument(aTemplate, DocumentFlavorXML);
}
/* static */
already_AddRefed<Document> nsContentUtils::CreateInertHTMLDocument(
const Document* aTemplate) {
return CreateInertDocument(aTemplate, DocumentFlavorHTML);
}
/* static */
nsresult nsContentUtils::SetNodeTextContent(nsIContent* aContent,
const nsAString& aValue,
bool aTryReuse) {
// Fire DOMNodeRemoved mutation events before we do anything else.
nsCOMPtr<nsIContent> owningContent;
// Batch possible DOMSubtreeModified events.
mozAutoSubtreeModified subtree(nullptr, nullptr);
// Scope firing mutation events so that we don't carry any state that
// might be stale
{
// We're relying on mozAutoSubtreeModified to keep a strong reference if
// needed.
Document* doc = aContent->OwnerDoc();
// Optimize the common case of there being no observers
if (HasMutationListeners(doc, NS_EVENT_BITS_MUTATION_NODEREMOVED)) {
subtree.UpdateTarget(doc, nullptr);
owningContent = aContent;
nsCOMPtr<nsINode> child;
bool skipFirst = aTryReuse;
for (child = aContent->GetFirstChild();
child && child->GetParentNode() == aContent;
child = child->GetNextSibling()) {
if (skipFirst && child->IsText()) {
skipFirst = false;
continue;
}
nsContentUtils::MaybeFireNodeRemoved(child, aContent);
}
}
}
// Might as well stick a batch around this since we're performing several
// mutations.
mozAutoDocUpdate updateBatch(aContent->GetComposedDoc(), true);
nsAutoMutationBatch mb;
if (aTryReuse && !aValue.IsEmpty()) {
// Let's remove nodes until we find a eTEXT.
while (aContent->HasChildren()) {
nsIContent* child = aContent->GetFirstChild();
if (child->IsText()) {
break;
}
aContent->RemoveChildNode(child, true);
}
// If we have a node, it must be a eTEXT and we reuse it.
if (aContent->HasChildren()) {
nsIContent* child = aContent->GetFirstChild();
nsresult rv = child->AsText()->SetText(aValue, true);
NS_ENSURE_SUCCESS(rv, rv);
// All the following nodes, if they exist, must be deleted.
while (nsIContent* nextChild = child->GetNextSibling()) {
aContent->RemoveChildNode(nextChild, true);
}
}
if (aContent->HasChildren()) {
return NS_OK;
}
} else {
mb.Init(aContent, true, false);
while (aContent->HasChildren()) {
aContent->RemoveChildNode(aContent->GetFirstChild(), true);
}
}
mb.RemovalDone();
if (aValue.IsEmpty()) {
return NS_OK;
}
RefPtr<nsTextNode> textContent = new (aContent->NodeInfo()->NodeInfoManager())
nsTextNode(aContent->NodeInfo()->NodeInfoManager());
textContent->SetText(aValue, true);
ErrorResult rv;
aContent->AppendChildTo(textContent, true, rv);
mb.NodesAdded();
return rv.StealNSResult();
}
static bool AppendNodeTextContentsRecurse(const nsINode* aNode,
nsAString& aResult,
const fallible_t& aFallible) {
for (nsIContent* child = aNode->GetFirstChild(); child;
child = child->GetNextSibling()) {
if (child->IsElement()) {
bool ok = AppendNodeTextContentsRecurse(child, aResult, aFallible);
if (!ok) {
return false;
}
} else if (Text* text = child->GetAsText()) {
bool ok = text->AppendTextTo(aResult, aFallible);
if (!ok) {
return false;
}
}
}
return true;
}
/* static */
bool nsContentUtils::AppendNodeTextContent(const nsINode* aNode, bool aDeep,
nsAString& aResult,
const fallible_t& aFallible) {
if (const Text* text = aNode->GetAsText()) {
return text->AppendTextTo(aResult, aFallible);
}
if (aDeep) {
return AppendNodeTextContentsRecurse(aNode, aResult, aFallible);
}
for (nsIContent* child = aNode->GetFirstChild(); child;
child = child->GetNextSibling()) {
if (Text* text = child->GetAsText()) {
bool ok = text->AppendTextTo(aResult, fallible);
if (!ok) {
return false;
}
}
}
return true;
}
bool nsContentUtils::HasNonEmptyTextContent(
nsINode* aNode, TextContentDiscoverMode aDiscoverMode) {
for (nsIContent* child = aNode->GetFirstChild(); child;
child = child->GetNextSibling()) {
if (child->IsText() && child->TextLength() > 0) {
return true;
}
if (aDiscoverMode == eRecurseIntoChildren &&
HasNonEmptyTextContent(child, aDiscoverMode)) {
return true;
}
}
return false;
}
/* static */
bool nsContentUtils::IsInSameAnonymousTree(const nsINode* aNode,
const nsINode* aOtherNode) {
MOZ_ASSERT(aNode, "Must have a node to work with");
MOZ_ASSERT(aOtherNode, "Must have a content to work with");
const bool anon = aNode->IsInNativeAnonymousSubtree();
if (anon != aOtherNode->IsInNativeAnonymousSubtree()) {
return false;
}
if (anon) {
return aOtherNode->GetClosestNativeAnonymousSubtreeRoot() ==
aNode->GetClosestNativeAnonymousSubtreeRoot();
}
// FIXME: This doesn't deal with disconnected nodes whatsoever, but it didn't
// use to either. Maybe that's fine.
return aNode->GetContainingShadow() == aOtherNode->GetContainingShadow();
}
/* static */
bool nsContentUtils::IsInInteractiveHTMLContent(const Element* aElement,
const Element* aStop) {
const Element* element = aElement;
while (element && element != aStop) {
if (element->IsInteractiveHTMLContent()) {
return true;
}
element = element->GetFlattenedTreeParentElement();
}
return false;
}
/* static */
void nsContentUtils::NotifyInstalledMenuKeyboardListener(bool aInstalling) {
IMEStateManager::OnInstalledMenuKeyboardListener(aInstalling);
}
/* static */
bool nsContentUtils::SchemeIs(nsIURI* aURI, const char* aScheme) {
nsCOMPtr<nsIURI> baseURI = NS_GetInnermostURI(aURI);
NS_ENSURE_TRUE(baseURI, false);
return baseURI->SchemeIs(aScheme);
}
bool nsContentUtils::IsExpandedPrincipal(nsIPrincipal* aPrincipal) {
return aPrincipal && aPrincipal->GetIsExpandedPrincipal();
}
bool nsContentUtils::IsSystemOrExpandedPrincipal(nsIPrincipal* aPrincipal) {
return (aPrincipal && aPrincipal->IsSystemPrincipal()) ||
IsExpandedPrincipal(aPrincipal);
}
nsIPrincipal* nsContentUtils::GetSystemPrincipal() {
MOZ_ASSERT(IsInitialized());
return sSystemPrincipal;
}
bool nsContentUtils::CombineResourcePrincipals(
nsCOMPtr<nsIPrincipal>* aResourcePrincipal, nsIPrincipal* aExtraPrincipal) {
if (!aExtraPrincipal) {
return false;
}
if (!*aResourcePrincipal) {
*aResourcePrincipal = aExtraPrincipal;
return true;
}
if (*aResourcePrincipal == aExtraPrincipal) {
return false;
}
bool subsumes;
if (NS_SUCCEEDED(
(*aResourcePrincipal)->Subsumes(aExtraPrincipal, &subsumes)) &&
subsumes) {
return false;
}
*aResourcePrincipal = sSystemPrincipal;
return true;
}
/* static */
void nsContentUtils::TriggerLink(nsIContent* aContent, nsIURI* aLinkURI,
const nsString& aTargetSpec, bool aClick,
bool aIsTrusted) {
MOZ_ASSERT(aLinkURI, "No link URI");
if (aContent->IsEditable() || !aContent->OwnerDoc()->LinkHandlingEnabled()) {
return;
}
nsCOMPtr<nsIDocShell> docShell = aContent->OwnerDoc()->GetDocShell();
if (!docShell) {
return;
}
if (!aClick) {
nsDocShell::Cast(docShell)->OnOverLink(aContent, aLinkURI, aTargetSpec);
return;
}
// Check that this page is allowed to load this URI.
nsresult proceed = NS_OK;
if (sSecurityManager) {
uint32_t flag = static_cast<uint32_t>(nsIScriptSecurityManager::STANDARD);
proceed = sSecurityManager->CheckLoadURIWithPrincipal(
aContent->NodePrincipal(), aLinkURI, flag,
aContent->OwnerDoc()->InnerWindowID());
}
// Only pass off the click event if the script security manager says it's ok.
// We need to rest aTargetSpec for forced downloads.
if (NS_SUCCEEDED(proceed)) {
// A link/area element with a download attribute is allowed to set
// a pseudo Content-Disposition header.
// For security reasons we only allow websites to declare same-origin
// resources as downloadable. If this check fails we will just do the normal
// thing (i.e. navigate to the resource).
nsAutoString fileName;
if ((!aContent->IsHTMLElement(nsGkAtoms::a) &&
!aContent->IsHTMLElement(nsGkAtoms::area) &&
!aContent->IsSVGElement(nsGkAtoms::a)) ||
!aContent->AsElement()->GetAttr(nsGkAtoms::download, fileName) ||
NS_FAILED(aContent->NodePrincipal()->CheckMayLoad(aLinkURI, true))) {
fileName.SetIsVoid(true); // No actionable download attribute was found.
}
nsCOMPtr<nsIPrincipal> triggeringPrincipal = aContent->NodePrincipal();
nsCOMPtr<nsIContentSecurityPolicy> csp = aContent->GetCsp();
// Sanitize fileNames containing null characters by replacing them with
// underscores.
if (!fileName.IsVoid()) {
fileName.ReplaceChar(char16_t(0), '_');
}
nsDocShell::Cast(docShell)->OnLinkClick(
aContent, aLinkURI, fileName.IsVoid() ? aTargetSpec : u""_ns, fileName,
nullptr, nullptr, UserActivation::IsHandlingUserInput(), aIsTrusted,
triggeringPrincipal, csp);
}
}
/* static */
void nsContentUtils::GetLinkLocation(Element* aElement,
nsString& aLocationString) {
nsCOMPtr<nsIURI> hrefURI = aElement->GetHrefURI();
if (hrefURI) {
nsAutoCString specUTF8;
nsresult rv = hrefURI->GetSpec(specUTF8);
if (NS_SUCCEEDED(rv)) CopyUTF8toUTF16(specUTF8, aLocationString);
}
}
/* static */
nsIWidget* nsContentUtils::GetTopLevelWidget(nsIWidget* aWidget) {
if (!aWidget) return nullptr;
return aWidget->GetTopLevelWidget();
}
/* static */
const nsDependentString nsContentUtils::GetLocalizedEllipsis() {
static char16_t sBuf[4] = {0, 0, 0, 0};
if (!sBuf[0]) {
if (!SpoofLocaleEnglish()) {
nsAutoString tmp;
Preferences::GetLocalizedString("intl.ellipsis", tmp);
uint32_t len =
std::min(uint32_t(tmp.Length()), uint32_t(ArrayLength(sBuf) - 1));
CopyUnicodeTo(tmp, 0, sBuf, len);
}
if (!sBuf[0]) sBuf[0] = char16_t(0x2026);
}
return nsDependentString(sBuf);
}
/* static */
void nsContentUtils::AddScriptBlocker() {
MOZ_ASSERT(NS_IsMainThread());
if (!sScriptBlockerCount) {
MOZ_ASSERT(sRunnersCountAtFirstBlocker == 0,
"Should not already have a count");
sRunnersCountAtFirstBlocker =
sBlockedScriptRunners ? sBlockedScriptRunners->Length() : 0;
}
++sScriptBlockerCount;
}
#ifdef DEBUG
static bool sRemovingScriptBlockers = false;
#endif
/* static */
void nsContentUtils::RemoveScriptBlocker() {
MOZ_ASSERT(NS_IsMainThread());
MOZ_ASSERT(!sRemovingScriptBlockers);
NS_ASSERTION(sScriptBlockerCount != 0, "Negative script blockers");
--sScriptBlockerCount;
if (sScriptBlockerCount) {
return;
}
if (!sBlockedScriptRunners) {
return;
}
uint32_t firstBlocker = sRunnersCountAtFirstBlocker;
uint32_t lastBlocker = sBlockedScriptRunners->Length();
uint32_t originalFirstBlocker = firstBlocker;
uint32_t blockersCount = lastBlocker - firstBlocker;
sRunnersCountAtFirstBlocker = 0;
NS_ASSERTION(firstBlocker <= lastBlocker, "bad sRunnersCountAtFirstBlocker");
while (firstBlocker < lastBlocker) {
nsCOMPtr<nsIRunnable> runnable;
runnable.swap((*sBlockedScriptRunners)[firstBlocker]);
++firstBlocker;
// Calling the runnable can reenter us
{
AUTO_PROFILE_FOLLOWING_RUNNABLE(runnable);
runnable->Run();
}
// So can dropping the reference to the runnable
runnable = nullptr;
NS_ASSERTION(sRunnersCountAtFirstBlocker == 0, "Bad count");
NS_ASSERTION(!sScriptBlockerCount, "This is really bad");
}
#ifdef DEBUG
AutoRestore<bool> removingScriptBlockers(sRemovingScriptBlockers);
sRemovingScriptBlockers = true;
#endif
sBlockedScriptRunners->RemoveElementsAt(originalFirstBlocker, blockersCount);
}
/* static */
already_AddRefed<nsPIDOMWindowOuter>
nsContentUtils::GetMostRecentNonPBWindow() {
nsCOMPtr<nsIWindowMediator> wm = do_GetService(NS_WINDOWMEDIATOR_CONTRACTID);
nsCOMPtr<mozIDOMWindowProxy> window;
wm->GetMostRecentNonPBWindow(u"navigator:browser", getter_AddRefs(window));
nsCOMPtr<nsPIDOMWindowOuter> pwindow;
pwindow = do_QueryInterface(window);
return pwindow.forget();
}
/* static */
void nsContentUtils::WarnScriptWasIgnored(Document* aDocument) {
nsAutoString msg;
bool privateBrowsing = false;
bool chromeContext = false;
if (aDocument) {
nsCOMPtr<nsIURI> uri = aDocument->GetDocumentURI();
if (uri) {
msg.Append(NS_ConvertUTF8toUTF16(uri->GetSpecOrDefault()));
msg.AppendLiteral(" : ");
}
privateBrowsing =
!!aDocument->NodePrincipal()->OriginAttributesRef().mPrivateBrowsingId;
chromeContext = aDocument->NodePrincipal()->IsSystemPrincipal();
}
msg.AppendLiteral(
"Unable to run script because scripts are blocked internally.");
LogSimpleConsoleError(msg, "DOM"_ns, privateBrowsing, chromeContext);
}
/* static */
void nsContentUtils::AddScriptRunner(already_AddRefed<nsIRunnable> aRunnable) {
nsCOMPtr<nsIRunnable> runnable = aRunnable;
if (!runnable) {
return;
}
if (sScriptBlockerCount) {
sBlockedScriptRunners->AppendElement(runnable.forget());
return;
}
AUTO_PROFILE_FOLLOWING_RUNNABLE(runnable);
runnable->Run();
}
/* static */
void nsContentUtils::AddScriptRunner(nsIRunnable* aRunnable) {
nsCOMPtr<nsIRunnable> runnable = aRunnable;
AddScriptRunner(runnable.forget());
}
/* static */ bool nsContentUtils::IsSafeToRunScript() {
MOZ_ASSERT(NS_IsMainThread(),
"This static variable only makes sense on the main thread!");
return sScriptBlockerCount == 0;
}
/* static */
void nsContentUtils::RunInStableState(already_AddRefed<nsIRunnable> aRunnable) {
MOZ_ASSERT(CycleCollectedJSContext::Get(), "Must be on a script thread!");
CycleCollectedJSContext::Get()->RunInStableState(std::move(aRunnable));
}
/* static */
void nsContentUtils::AddPendingIDBTransaction(
already_AddRefed<nsIRunnable> aTransaction) {
MOZ_ASSERT(CycleCollectedJSContext::Get(), "Must be on a script thread!");
CycleCollectedJSContext::Get()->AddPendingIDBTransaction(
std::move(aTransaction));
}
/* static */
bool nsContentUtils::IsInStableOrMetaStableState() {
MOZ_ASSERT(CycleCollectedJSContext::Get(), "Must be on a script thread!");
return CycleCollectedJSContext::Get()->IsInStableOrMetaStableState();
}
/* static */
void nsContentUtils::HidePopupsInDocument(Document* aDocument) {
RefPtr<nsXULPopupManager> pm = nsXULPopupManager::GetInstance();
if (!pm || !aDocument) {
return;
}
nsCOMPtr<nsIDocShellTreeItem> docShellToHide = aDocument->GetDocShell();
if (docShellToHide) {
pm->HidePopupsInDocShell(docShellToHide);
}
}
/* static */
already_AddRefed<nsIDragSession> nsContentUtils::GetDragSession() {
nsCOMPtr<nsIDragSession> dragSession;
nsCOMPtr<nsIDragService> dragService =
do_GetService("@mozilla.org/widget/dragservice;1");
if (dragService) dragService->GetCurrentSession(getter_AddRefs(dragSession));
return dragSession.forget();
}
/* static */
nsresult nsContentUtils::SetDataTransferInEvent(WidgetDragEvent* aDragEvent) {
if (aDragEvent->mDataTransfer || !aDragEvent->IsTrusted()) {
return NS_OK;
}
// For dragstart events, the data transfer object is
// created before the event fires, so it should already be set. For other
// drag events, get the object from the drag session.
NS_ASSERTION(aDragEvent->mMessage != eDragStart,
"draggesture event created without a dataTransfer");
nsCOMPtr<nsIDragSession> dragSession = GetDragSession();
NS_ENSURE_TRUE(dragSession, NS_OK); // no drag in progress
RefPtr<DataTransfer> initialDataTransfer = dragSession->GetDataTransfer();
if (!initialDataTransfer) {
// A dataTransfer won't exist when a drag was started by some other
// means, for instance calling the drag service directly, or a drag
// from another application. In either case, a new dataTransfer should
// be created that reflects the data.
initialDataTransfer =
new DataTransfer(aDragEvent->mTarget, aDragEvent->mMessage, true, -1);
// now set it in the drag session so we don't need to create it again
dragSession->SetDataTransfer(initialDataTransfer);
}
bool isCrossDomainSubFrameDrop = false;
if (aDragEvent->mMessage == eDrop) {
isCrossDomainSubFrameDrop = CheckForSubFrameDrop(dragSession, aDragEvent);
}
// each event should use a clone of the original dataTransfer.
initialDataTransfer->Clone(
aDragEvent->mTarget, aDragEvent->mMessage, aDragEvent->mUserCancelled,
isCrossDomainSubFrameDrop, getter_AddRefs(aDragEvent->mDataTransfer));
if (NS_WARN_IF(!aDragEvent->mDataTransfer)) {
return NS_ERROR_OUT_OF_MEMORY;
}
// for the dragenter and dragover events, initialize the drop effect
// from the drop action, which platform specific widget code sets before
// the event is fired based on the keyboard state.
if (aDragEvent->mMessage == eDragEnter || aDragEvent->mMessage == eDragOver) {
uint32_t action;
dragSession->GetDragAction(&action);
uint32_t effectAllowed = aDragEvent->mDataTransfer->EffectAllowedInt();
aDragEvent->mDataTransfer->SetDropEffectInt(
FilterDropEffect(action, effectAllowed));
} else if (aDragEvent->mMessage == eDrop ||
aDragEvent->mMessage == eDragEnd) {
// For the drop and dragend events, set the drop effect based on the
// last value that the dropEffect had. This will have been set in
// EventStateManager::PostHandleEvent for the last dragenter or
// dragover event.
aDragEvent->mDataTransfer->SetDropEffectInt(
initialDataTransfer->DropEffectInt());
}
return NS_OK;
}
/* static */
uint32_t nsContentUtils::FilterDropEffect(uint32_t aAction,
uint32_t aEffectAllowed) {
// It is possible for the drag action to include more than one action, but
// the widget code which sets the action from the keyboard state should only
// be including one. If multiple actions were set, we just consider them in
// the following order:
// copy, link, move
if (aAction & nsIDragService::DRAGDROP_ACTION_COPY)
aAction = nsIDragService::DRAGDROP_ACTION_COPY;
else if (aAction & nsIDragService::DRAGDROP_ACTION_LINK)
aAction = nsIDragService::DRAGDROP_ACTION_LINK;
else if (aAction & nsIDragService::DRAGDROP_ACTION_MOVE)
aAction = nsIDragService::DRAGDROP_ACTION_MOVE;
// Filter the action based on the effectAllowed. If the effectAllowed
// doesn't include the action, then that action cannot be done, so adjust
// the action to something that is allowed. For a copy, adjust to move or
// link. For a move, adjust to copy or link. For a link, adjust to move or
// link. Otherwise, use none.
if (aAction & aEffectAllowed ||
aEffectAllowed == nsIDragService::DRAGDROP_ACTION_UNINITIALIZED)
return aAction;
if (aEffectAllowed & nsIDragService::DRAGDROP_ACTION_MOVE)
return nsIDragService::DRAGDROP_ACTION_MOVE;
if (aEffectAllowed & nsIDragService::DRAGDROP_ACTION_COPY)
return nsIDragService::DRAGDROP_ACTION_COPY;
if (aEffectAllowed & nsIDragService::DRAGDROP_ACTION_LINK)
return nsIDragService::DRAGDROP_ACTION_LINK;
return nsIDragService::DRAGDROP_ACTION_NONE;
}
/* static */
bool nsContentUtils::CheckForSubFrameDrop(nsIDragSession* aDragSession,
WidgetDragEvent* aDropEvent) {
nsCOMPtr<nsIContent> target =
nsIContent::FromEventTargetOrNull(aDropEvent->mOriginalTarget);
if (!target) {
return true;
}
// Always allow dropping onto chrome shells.
BrowsingContext* targetBC = target->OwnerDoc()->GetBrowsingContext();
if (targetBC->IsChrome()) {
return false;
}
WindowContext* targetWC = target->OwnerDoc()->GetWindowContext();
// If there is no source browsing context, then this is a drag from another
// application, which should be allowed.
RefPtr<WindowContext> sourceWC;
aDragSession->GetSourceWindowContext(getter_AddRefs(sourceWC));
if (sourceWC) {
// Get each successive parent of the source document and compare it to
// the drop document. If they match, then this is a drag from a child frame.
for (sourceWC = sourceWC->GetParentWindowContext(); sourceWC;
sourceWC = sourceWC->GetParentWindowContext()) {
// If the source and the target match, then the drag started in a
// descendant frame. If the source is discarded, err on the side of
// caution and treat it as a subframe drag.
if (sourceWC == targetWC || sourceWC->IsDiscarded()) {
return true;
}
}
}
return false;
}
/* static */
bool nsContentUtils::URIIsLocalFile(nsIURI* aURI) {
bool isFile;
nsCOMPtr<nsINetUtil> util = mozilla::components::IO::Service();
// Important: we do NOT test the entire URI chain here!
return util &&
NS_SUCCEEDED(util->ProtocolHasFlags(
aURI, nsIProtocolHandler::URI_IS_LOCAL_FILE, &isFile)) &&
isFile;
}
/* static */
JSContext* nsContentUtils::GetCurrentJSContext() {
MOZ_ASSERT(IsInitialized());
if (!IsJSAPIActive()) {
return nullptr;
}
return danger::GetJSContext();
}
template <typename StringType, typename CharType>
void _ASCIIToLowerInSitu(StringType& aStr) {
CharType* iter = aStr.BeginWriting();
CharType* end = aStr.EndWriting();
MOZ_ASSERT(iter && end);
while (iter != end) {
CharType c = *iter;
if (c >= 'A' && c <= 'Z') {
*iter = c + ('a' - 'A');
}
++iter;
}
}
/* static */
void nsContentUtils::ASCIIToLower(nsAString& aStr) {
return _ASCIIToLowerInSitu<nsAString, char16_t>(aStr);
}
/* static */
void nsContentUtils::ASCIIToLower(nsACString& aStr) {
return _ASCIIToLowerInSitu<nsACString, char>(aStr);
}
template <typename StringType, typename CharType>
void _ASCIIToLowerCopy(const StringType& aSource, StringType& aDest) {
uint32_t len = aSource.Length();
aDest.SetLength(len);
MOZ_ASSERT(aDest.Length() == len);
CharType* dest = aDest.BeginWriting();
MOZ_ASSERT(dest);
const CharType* iter = aSource.BeginReading();
const CharType* end = aSource.EndReading();
while (iter != end) {
CharType c = *iter;
*dest = (c >= 'A' && c <= 'Z') ? c + ('a' - 'A') : c;
++iter;
++dest;
}
}
/* static */
void nsContentUtils::ASCIIToLower(const nsAString& aSource, nsAString& aDest) {
return _ASCIIToLowerCopy<nsAString, char16_t>(aSource, aDest);
}
/* static */
void nsContentUtils::ASCIIToLower(const nsACString& aSource,
nsACString& aDest) {
return _ASCIIToLowerCopy<nsACString, char>(aSource, aDest);
}
template <typename StringType, typename CharType>
void _ASCIIToUpperInSitu(StringType& aStr) {
CharType* iter = aStr.BeginWriting();
CharType* end = aStr.EndWriting();
MOZ_ASSERT(iter && end);
while (iter != end) {
CharType c = *iter;
if (c >= 'a' && c <= 'z') {
*iter = c + ('A' - 'a');
}
++iter;
}
}
/* static */
void nsContentUtils::ASCIIToUpper(nsAString& aStr) {
return _ASCIIToUpperInSitu<nsAString, char16_t>(aStr);
}
/* static */
void nsContentUtils::ASCIIToUpper(nsACString& aStr) {
return _ASCIIToUpperInSitu<nsACString, char>(aStr);
}
template <typename StringType, typename CharType>
void _ASCIIToUpperCopy(const StringType& aSource, StringType& aDest) {
uint32_t len = aSource.Length();
aDest.SetLength(len);
MOZ_ASSERT(aDest.Length() == len);
CharType* dest = aDest.BeginWriting();
MOZ_ASSERT(dest);
const CharType* iter = aSource.BeginReading();
const CharType* end = aSource.EndReading();
while (iter != end) {
CharType c = *iter;
*dest = (c >= 'a' && c <= 'z') ? c + ('A' - 'a') : c;
++iter;
++dest;
}
}
/* static */
void nsContentUtils::ASCIIToUpper(const nsAString& aSource, nsAString& aDest) {
return _ASCIIToUpperCopy<nsAString, char16_t>(aSource, aDest);
}
/* static */
void nsContentUtils::ASCIIToUpper(const nsACString& aSource,
nsACString& aDest) {
return _ASCIIToUpperCopy<nsACString, char>(aSource, aDest);
}
/* static */
bool nsContentUtils::EqualsIgnoreASCIICase(nsAtom* aAtom1, nsAtom* aAtom2) {
if (aAtom1 == aAtom2) {
return true;
}
// If both are ascii lowercase already, we know that the slow comparison
// below is going to return false.
if (aAtom1->IsAsciiLowercase() && aAtom2->IsAsciiLowercase()) {
return false;
}
return EqualsIgnoreASCIICase(nsDependentAtomString(aAtom1),
nsDependentAtomString(aAtom2));
}
/* static */
bool nsContentUtils::EqualsIgnoreASCIICase(const nsAString& aStr1,
const nsAString& aStr2) {
uint32_t len = aStr1.Length();
if (len != aStr2.Length()) {
return false;
}
const char16_t* str1 = aStr1.BeginReading();
const char16_t* str2 = aStr2.BeginReading();
const char16_t* end = str1 + len;
while (str1 < end) {
char16_t c1 = *str1++;
char16_t c2 = *str2++;
// First check if any bits other than the 0x0020 differs
if ((c1 ^ c2) & 0xffdf) {
return false;
}
// We know they can only differ in the 0x0020 bit.
// Likely the two chars are the same, so check that first
if (c1 != c2) {
// They do differ, but since it's only in the 0x0020 bit, check if it's
// the same ascii char, but just differing in case
char16_t c1Upper = c1 & 0xffdf;
if (!('A' <= c1Upper && c1Upper <= 'Z')) {
return false;
}
}
}
return true;
}
/* static */
bool nsContentUtils::StringContainsASCIIUpper(const nsAString& aStr) {
const char16_t* iter = aStr.BeginReading();
const char16_t* end = aStr.EndReading();
while (iter != end) {
char16_t c = *iter;
if (c >= 'A' && c <= 'Z') {
return true;
}
++iter;
}
return false;
}
/* static */
nsIInterfaceRequestor* nsContentUtils::SameOriginChecker() {
if (!sSameOriginChecker) {
sSameOriginChecker = new SameOriginCheckerImpl();
NS_ADDREF(sSameOriginChecker);
}
return sSameOriginChecker;
}
/* static */
nsresult nsContentUtils::CheckSameOrigin(nsIChannel* aOldChannel,
nsIChannel* aNewChannel) {
if (!nsContentUtils::GetSecurityManager()) return NS_ERROR_NOT_AVAILABLE;
nsCOMPtr<nsIPrincipal> oldPrincipal;
nsContentUtils::GetSecurityManager()->GetChannelResultPrincipal(
aOldChannel, getter_AddRefs(oldPrincipal));
nsCOMPtr<nsIURI> newURI;
aNewChannel->GetURI(getter_AddRefs(newURI));
nsCOMPtr<nsIURI> newOriginalURI;
aNewChannel->GetOriginalURI(getter_AddRefs(newOriginalURI));
NS_ENSURE_STATE(oldPrincipal && newURI && newOriginalURI);
nsresult rv = oldPrincipal->CheckMayLoad(newURI, false);
if (NS_SUCCEEDED(rv) && newOriginalURI != newURI) {
rv = oldPrincipal->CheckMayLoad(newOriginalURI, false);
}
return rv;
}
NS_IMPL_ISUPPORTS(SameOriginCheckerImpl, nsIChannelEventSink,
nsIInterfaceRequestor)
NS_IMETHODIMP
SameOriginCheckerImpl::AsyncOnChannelRedirect(
nsIChannel* aOldChannel, nsIChannel* aNewChannel, uint32_t aFlags,
nsIAsyncVerifyRedirectCallback* cb) {
MOZ_ASSERT(aNewChannel, "Redirecting to null channel?");
nsresult rv = nsContentUtils::CheckSameOrigin(aOldChannel, aNewChannel);
if (NS_SUCCEEDED(rv)) {
cb->OnRedirectVerifyCallback(NS_OK);
}
return rv;
}
NS_IMETHODIMP
SameOriginCheckerImpl::GetInterface(const nsIID& aIID, void** aResult) {
return QueryInterface(aIID, aResult);
}
/* static */
nsresult nsContentUtils::GetWebExposedOriginSerialization(nsIURI* aURI,
nsACString& aOrigin) {
nsresult rv;
MOZ_ASSERT(aURI, "missing uri");
// For Blob URI, the path is the URL of the owning page.
if (aURI->SchemeIs(BLOBURI_SCHEME)) {
nsAutoCString path;
rv = aURI->GetPathQueryRef(path);
NS_ENSURE_SUCCESS(rv, rv);
nsCOMPtr<nsIURI> uri;
rv = NS_NewURI(getter_AddRefs(uri), path);
if (NS_FAILED(rv)) {
aOrigin.AssignLiteral("null");
return NS_OK;
}
return GetWebExposedOriginSerialization(uri, aOrigin);
}
nsAutoCString scheme;
aURI->GetScheme(scheme);
// If the protocol doesn't have URI_HAS_WEB_EXPOSED_ORIGIN, then
// return "null" as the origin serialization.
// We make an exception for "ftp" since we don't have a protocol handler
// for this scheme
uint32_t flags = 0;
nsCOMPtr<nsIIOService> io = mozilla::components::IO::Service(&rv);
if (!scheme.Equals("ftp") && NS_SUCCEEDED(rv) &&
NS_SUCCEEDED(io->GetProtocolFlags(scheme.get(), &flags))) {
if (!(flags & nsIProtocolHandler::URI_HAS_WEB_EXPOSED_ORIGIN)) {
aOrigin.AssignLiteral("null");
return NS_OK;
}
}
aOrigin.Truncate();
nsCOMPtr<nsIURI> uri = NS_GetInnermostURI(aURI);
NS_ENSURE_TRUE(uri, NS_ERROR_UNEXPECTED);
nsAutoCString host;
rv = uri->GetAsciiHost(host);
if (NS_SUCCEEDED(rv) && !host.IsEmpty()) {
nsAutoCString userPass;
uri->GetUserPass(userPass);
nsAutoCString prePath;
if (!userPass.IsEmpty()) {
rv = NS_MutateURI(uri).SetUserPass(""_ns).Finalize(uri);
NS_ENSURE_SUCCESS(rv, rv);
}
rv = uri->GetPrePath(prePath);
NS_ENSURE_SUCCESS(rv, rv);
aOrigin = prePath;
} else {
aOrigin.AssignLiteral("null");
}
return NS_OK;
}
/* static */
nsresult nsContentUtils::GetWebExposedOriginSerialization(
nsIPrincipal* aPrincipal, nsAString& aOrigin) {
MOZ_ASSERT(aPrincipal, "missing principal");
aOrigin.Truncate();
nsAutoCString webExposedOriginSerialization;
nsresult rv = aPrincipal->GetWebExposedOriginSerialization(
webExposedOriginSerialization);
if (NS_FAILED(rv)) {
webExposedOriginSerialization.AssignLiteral("null");
}
CopyUTF8toUTF16(webExposedOriginSerialization, aOrigin);
return NS_OK;
}
/* static */
nsresult nsContentUtils::GetWebExposedOriginSerialization(nsIURI* aURI,
nsAString& aOrigin) {
MOZ_ASSERT(aURI, "missing uri");
nsresult rv;
#if defined(MOZ_THUNDERBIRD) || defined(MOZ_SUITE)
// Check if either URI has a special origin.
nsCOMPtr<nsIURIWithSpecialOrigin> uriWithSpecialOrigin =
do_QueryInterface(aURI);
if (uriWithSpecialOrigin) {
nsCOMPtr<nsIURI> origin;
rv = uriWithSpecialOrigin->GetOrigin(getter_AddRefs(origin));
NS_ENSURE_SUCCESS(rv, rv);
return GetWebExposedOriginSerialization(origin, aOrigin);
}
#endif
nsAutoCString webExposedOriginSerialization;
rv = GetWebExposedOriginSerialization(aURI, webExposedOriginSerialization);
NS_ENSURE_SUCCESS(rv, rv);
CopyUTF8toUTF16(webExposedOriginSerialization, aOrigin);
return NS_OK;
}
/* static */
bool nsContentUtils::CheckMayLoad(nsIPrincipal* aPrincipal,
nsIChannel* aChannel,
bool aAllowIfInheritsPrincipal) {
nsCOMPtr<nsIURI> channelURI;
nsresult rv = NS_GetFinalChannelURI(aChannel, getter_AddRefs(channelURI));
NS_ENSURE_SUCCESS(rv, false);
return NS_SUCCEEDED(
aPrincipal->CheckMayLoad(channelURI, aAllowIfInheritsPrincipal));
}
/* static */
bool nsContentUtils::CanAccessNativeAnon() {
return LegacyIsCallerChromeOrNativeCode();
}
/* static */
nsresult nsContentUtils::DispatchXULCommand(nsIContent* aTarget, bool aTrusted,
Event* aSourceEvent,
PresShell* aPresShell, bool aCtrl,
bool aAlt, bool aShift, bool aMeta,
uint16_t aInputSource,
int16_t aButton) {
NS_ENSURE_STATE(aTarget);
Document* doc = aTarget->OwnerDoc();
nsPresContext* presContext = doc->GetPresContext();
RefPtr<XULCommandEvent> xulCommand =
new XULCommandEvent(doc, presContext, nullptr);
xulCommand->InitCommandEvent(u"command"_ns, true, true,
nsGlobalWindowInner::Cast(doc->GetInnerWindow()),
0, aCtrl, aAlt, aShift, aMeta, aButton,
aSourceEvent, aInputSource, IgnoreErrors());
if (aPresShell) {
nsEventStatus status = nsEventStatus_eIgnore;
return aPresShell->HandleDOMEventWithTarget(aTarget, xulCommand, &status);
}
ErrorResult rv;
aTarget->DispatchEvent(*xulCommand, rv);
return rv.StealNSResult();
}
// static
nsresult nsContentUtils::WrapNative(JSContext* cx, nsISupports* native,
nsWrapperCache* cache, const nsIID* aIID,
JS::MutableHandle<JS::Value> vp,
bool aAllowWrapping) {
MOZ_ASSERT(cx == GetCurrentJSContext());
if (!native) {
vp.setNull();
return NS_OK;
}
JSObject* wrapper = xpc_FastGetCachedWrapper(cx, cache, vp);
if (wrapper) {
return NS_OK;
}
NS_ENSURE_TRUE(sXPConnect, NS_ERROR_UNEXPECTED);
if (!NS_IsMainThread()) {
MOZ_CRASH();
}
JS::Rooted<JSObject*> scope(cx, JS::CurrentGlobalOrNull(cx));
nsresult rv = sXPConnect->WrapNativeToJSVal(cx, scope, native, cache, aIID,
aAllowWrapping, vp);
return rv;
}
void nsContentUtils::StripNullChars(const nsAString& aInStr,
nsAString& aOutStr) {
// In common cases where we don't have nulls in the
// string we can simple simply bypass the checking code.
int32_t firstNullPos = aInStr.FindChar('\0');
if (firstNullPos == kNotFound) {
aOutStr.Assign(aInStr);
return;
}
aOutStr.SetCapacity(aInStr.Length() - 1);
nsAString::const_iterator start, end;
aInStr.BeginReading(start);
aInStr.EndReading(end);
while (start != end) {
if (*start != '\0') aOutStr.Append(*start);
++start;
}
}
struct ClassMatchingInfo {
AtomArray mClasses;
nsCaseTreatment mCaseTreatment;
};
// static
bool nsContentUtils::MatchClassNames(Element* aElement, int32_t aNamespaceID,
nsAtom* aAtom, void* aData) {
// We can't match if there are no class names
const nsAttrValue* classAttr = aElement->GetClasses();
if (!classAttr) {
return false;
}
// need to match *all* of the classes
ClassMatchingInfo* info = static_cast<ClassMatchingInfo*>(aData);
uint32_t length = info->mClasses.Length();
if (!length) {
// If we actually had no classes, don't match.
return false;
}
uint32_t i;
for (i = 0; i < length; ++i) {
if (!classAttr->Contains(info->mClasses[i], info->mCaseTreatment)) {
return false;
}
}
return true;
}
// static
void nsContentUtils::DestroyClassNameArray(void* aData) {
ClassMatchingInfo* info = static_cast<ClassMatchingInfo*>(aData);
delete info;
}
// static
void* nsContentUtils::AllocClassMatchingInfo(nsINode* aRootNode,
const nsString* aClasses) {
nsAttrValue attrValue;
attrValue.ParseAtomArray(*aClasses);
// nsAttrValue::Equals is sensitive to order, so we'll send an array
auto* info = new ClassMatchingInfo;
if (attrValue.Type() == nsAttrValue::eAtomArray) {
info->mClasses = attrValue.GetAtomArrayValue()->mArray.Clone();
} else if (attrValue.Type() == nsAttrValue::eAtom) {
info->mClasses.AppendElement(attrValue.GetAtomValue());
}
info->mCaseTreatment =
aRootNode->OwnerDoc()->GetCompatibilityMode() == eCompatibility_NavQuirks
? eIgnoreCase
: eCaseMatters;
return info;
}
// static
bool nsContentUtils::IsFocusedContent(const nsIContent* aContent) {
nsFocusManager* fm = nsFocusManager::GetFocusManager();
return fm && fm->GetFocusedElement() == aContent;
}
bool nsContentUtils::HasScrollgrab(nsIContent* aContent) {
// If we ever standardize this feature we'll want to hook this up properly
// again. For now we're removing all the DOM-side code related to it but
// leaving the layout and APZ handling for it in place.
return false;
}
void nsContentUtils::FlushLayoutForTree(nsPIDOMWindowOuter* aWindow) {
if (!aWindow) {
return;
}
// Note that because FlushPendingNotifications flushes parents, this
// is O(N^2) in docshell tree depth. However, the docshell tree is
// usually pretty shallow.
if (RefPtr<Document> doc = aWindow->GetDoc()) {
doc->FlushPendingNotifications(FlushType::Layout);
}
if (nsCOMPtr<nsIDocShell> docShell = aWindow->GetDocShell()) {
int32_t i = 0, i_end;
docShell->GetInProcessChildCount(&i_end);
for (; i < i_end; ++i) {
nsCOMPtr<nsIDocShellTreeItem> item;
if (docShell->GetInProcessChildAt(i, getter_AddRefs(item)) == NS_OK &&
item) {
if (nsCOMPtr<nsPIDOMWindowOuter> win = item->GetWindow()) {
FlushLayoutForTree(win);
}
}
}
}
}
void nsContentUtils::RemoveNewlines(nsString& aString) { aString.StripCRLF(); }
void nsContentUtils::PlatformToDOMLineBreaks(nsString& aString) {
if (!PlatformToDOMLineBreaks(aString, fallible)) {
aString.AllocFailed(aString.Length());
}
}
bool nsContentUtils::PlatformToDOMLineBreaks(nsString& aString,
const fallible_t& aFallible) {
if (aString.FindChar(char16_t('\r')) != -1) {
// Windows linebreaks: Map CRLF to LF:
if (!aString.ReplaceSubstring(u"\r\n", u"\n", aFallible)) {
return false;
}
// Mac linebreaks: Map any remaining CR to LF:
if (!aString.ReplaceSubstring(u"\r", u"\n", aFallible)) {
return false;
}
}
return true;
}
void nsContentUtils::PopulateStringFromStringBuffer(nsStringBuffer* aBuf,
nsAString& aResultString) {
MOZ_ASSERT(aBuf, "Expecting a non-null string buffer");
uint32_t stringLen = NS_strlen(static_cast<char16_t*>(aBuf->Data()));
// SANITY CHECK: In case the nsStringBuffer isn't correctly
// null-terminated, let's clamp its length using the allocated size, to be
// sure the resulting string doesn't sample past the end of the the buffer.
// (Note that StorageSize() is in units of bytes, so we have to convert that
// to units of PRUnichars, and subtract 1 for the null-terminator.)
uint32_t allocStringLen = (aBuf->StorageSize() / sizeof(char16_t)) - 1;
MOZ_ASSERT(stringLen <= allocStringLen,
"string buffer lacks null terminator!");
stringLen = std::min(stringLen, allocStringLen);
aBuf->ToString(stringLen, aResultString);
}
already_AddRefed<nsContentList> nsContentUtils::GetElementsByClassName(
nsINode* aRootNode, const nsAString& aClasses) {
MOZ_ASSERT(aRootNode, "Must have root node");
return GetFuncStringContentList<nsCacheableFuncStringHTMLCollection>(
aRootNode, MatchClassNames, DestroyClassNameArray, AllocClassMatchingInfo,
aClasses);
}
PresShell* nsContentUtils::FindPresShellForDocument(const Document* aDocument) {
const Document* doc = aDocument;
Document* displayDoc = doc->GetDisplayDocument();
if (displayDoc) {
doc = displayDoc;
}
PresShell* presShell = doc->GetPresShell();
if (presShell) {
return presShell;
}
nsCOMPtr<nsIDocShellTreeItem> docShellTreeItem = doc->GetDocShell();
while (docShellTreeItem) {
// We may be in a display:none subdocument, or we may not have a presshell
// created yet.
// Walk the docshell tree to find the nearest container that has a
// presshell, and return that.
nsCOMPtr<nsIDocShell> docShell = do_QueryInterface(docShellTreeItem);
if (PresShell* presShell = docShell->GetPresShell()) {
return presShell;
}
nsCOMPtr<nsIDocShellTreeItem> parent;
docShellTreeItem->GetInProcessParent(getter_AddRefs(parent));
docShellTreeItem = parent;
}
return nullptr;
}
/* static */
nsPresContext* nsContentUtils::FindPresContextForDocument(
const Document* aDocument) {
if (PresShell* presShell = FindPresShellForDocument(aDocument)) {
return presShell->GetPresContext();
}
return nullptr;
}
nsIWidget* nsContentUtils::WidgetForDocument(const Document* aDocument) {
PresShell* presShell = FindPresShellForDocument(aDocument);
if (!presShell) {
return nullptr;
}
nsViewManager* vm = presShell->GetViewManager();
if (!vm) {
return nullptr;
}
nsView* rootView = vm->GetRootView();
if (!rootView) {
return nullptr;
}
nsView* displayRoot = nsViewManager::GetDisplayRootFor(rootView);
if (!displayRoot) {
return nullptr;
}
return displayRoot->GetNearestWidget(nullptr);
}
nsIWidget* nsContentUtils::WidgetForContent(const nsIContent* aContent) {
nsIFrame* frame = aContent->GetPrimaryFrame();
if (frame) {
frame = nsLayoutUtils::GetDisplayRootFrame(frame);
nsView* view = frame->GetView();
if (view) {
return view->GetWidget();
}
}
return nullptr;
}
WindowRenderer* nsContentUtils::WindowRendererForContent(
const nsIContent* aContent) {
nsIWidget* widget = nsContentUtils::WidgetForContent(aContent);
if (widget) {
return widget->GetWindowRenderer();
}
return nullptr;
}
WindowRenderer* nsContentUtils::WindowRendererForDocument(
const Document* aDoc) {
nsIWidget* widget = nsContentUtils::WidgetForDocument(aDoc);
if (widget) {
return widget->GetWindowRenderer();
}
return nullptr;
}
bool nsContentUtils::AllowXULXBLForPrincipal(nsIPrincipal* aPrincipal) {
if (!aPrincipal) {
return false;
}
if (aPrincipal->IsSystemPrincipal()) {
return true;
}
return xpc::IsInAutomation() && IsSitePermAllow(aPrincipal, "allowXULXBL"_ns);
}
bool nsContentUtils::IsPDFJSEnabled() {
nsCOMPtr<nsIStreamConverter> conv = do_CreateInstance(
"@mozilla.org/streamconv;1?from=application/pdf&to=text/html");
return conv;
}
bool nsContentUtils::IsPDFJS(nsIPrincipal* aPrincipal) {
if (!aPrincipal || !aPrincipal->SchemeIs("resource")) {
return false;
}
nsAutoCString spec;
nsresult rv = aPrincipal->GetAsciiSpec(spec);
NS_ENSURE_SUCCESS(rv, false);
return spec.EqualsLiteral("resource://pdf.js/web/viewer.html");
}
bool nsContentUtils::IsSystemOrPDFJS(JSContext* aCx, JSObject*) {
nsIPrincipal* principal = SubjectPrincipal(aCx);
return principal && (principal->IsSystemPrincipal() || IsPDFJS(principal));
}
bool nsContentUtils::IsSecureContextOrWebExtension(JSContext* aCx,
JSObject* aGlobal) {
nsIPrincipal* principal = SubjectPrincipal(aCx);
return mozilla::dom::IsSecureContextOrObjectIsFromSecureContext(aCx,
aGlobal) ||
(principal && principal->GetIsAddonOrExpandedAddonPrincipal());
}
already_AddRefed<nsIDocumentLoaderFactory>
nsContentUtils::FindInternalDocumentViewer(const nsACString& aType,
DocumentViewerType* aLoaderType) {
if (aLoaderType) {
*aLoaderType = TYPE_UNSUPPORTED;
}
// one helper factory, please
nsCOMPtr<nsICategoryManager> catMan(
do_GetService(NS_CATEGORYMANAGER_CONTRACTID));
if (!catMan) return nullptr;
nsCOMPtr<nsIDocumentLoaderFactory> docFactory;
nsCString contractID;
nsresult rv =
catMan->GetCategoryEntry("Gecko-Content-Viewers", aType, contractID);
if (NS_SUCCEEDED(rv)) {
docFactory = do_GetService(contractID.get());
if (docFactory && aLoaderType) {
if (contractID.EqualsLiteral(CONTENT_DLF_CONTRACTID))
*aLoaderType = TYPE_CONTENT;
else if (contractID.EqualsLiteral(PLUGIN_DLF_CONTRACTID))
*aLoaderType = TYPE_FALLBACK;
else
*aLoaderType = TYPE_UNKNOWN;
}
return docFactory.forget();
}
if (DecoderTraits::IsSupportedInVideoDocument(aType)) {
docFactory =
do_GetService("@mozilla.org/content/document-loader-factory;1");
if (docFactory && aLoaderType) {
*aLoaderType = TYPE_CONTENT;
}
return docFactory.forget();
}
return nullptr;
}
static void ReportPatternCompileFailure(nsAString& aPattern,
const Document* aDocument,
JS::MutableHandle<JS::Value> error,
JSContext* cx) {
JS::AutoSaveExceptionState savedExc(cx);
JS::Rooted<JSObject*> exnObj(cx, &error.toObject());
JS::Rooted<JS::Value> messageVal(cx);
if (!JS_GetProperty(cx, exnObj, "message", &messageVal)) {
return;
}
JS::Rooted<JSString*> messageStr(cx, messageVal.toString());
MOZ_ASSERT(messageStr);
AutoTArray<nsString, 2> strings;
strings.AppendElement(aPattern);
if (!AssignJSString(cx, *strings.AppendElement(), messageStr)) {
return;
}
nsContentUtils::ReportToConsole(nsIScriptError::errorFlag, "DOM"_ns,
aDocument, nsContentUtils::eDOM_PROPERTIES,
"PatternAttributeCompileFailure", strings);
savedExc.drop();
}
// static
Maybe<bool> nsContentUtils::IsPatternMatching(const nsAString& aValue,
nsString&& aPattern,
const Document* aDocument,
bool aHasMultiple,
JS::RegExpFlags aFlags) {
NS_ASSERTION(aDocument, "aDocument should be a valid pointer (not null)");
// The fact that we're using a JS regexp under the hood should not be visible
// to things like window onerror handlers, so we don't initialize our JSAPI
// with the document's window (which may not exist anyway).
AutoJSAPI jsapi;
jsapi.Init();
JSContext* cx = jsapi.cx();
AutoDisableJSInterruptCallback disabler(cx);
// We can use the junk scope here, because we're just using it for regexp
// evaluation, not actual script execution, and we disable statics so that the
// evaluation does not interact with the execution global.
JSAutoRealm ar(cx, xpc::PrivilegedJunkScope());
// Check if the pattern by itself is valid first, and not that it only becomes
// valid once we add ^(?: and )$.
JS::Rooted<JS::Value> error(cx);
if (!JS::CheckRegExpSyntax(cx, aPattern.BeginReading(), aPattern.Length(),
aFlags, &error)) {
return Nothing();
}
if (!error.isUndefined()) {
ReportPatternCompileFailure(aPattern, aDocument, &error, cx);
return Some(true);
}
// The pattern has to match the entire value.
aPattern.InsertLiteral(u"^(?:", 0);
aPattern.AppendLiteral(")$");
JS::Rooted<JSObject*> re(
cx, JS::NewUCRegExpObject(cx, aPattern.BeginReading(), aPattern.Length(),
aFlags));
if (!re) {
return Nothing();
}
JS::Rooted<JS::Value> rval(cx, JS::NullValue());
if (!aHasMultiple) {
size_t idx = 0;
if (!JS::ExecuteRegExpNoStatics(cx, re, aValue.BeginReading(),
aValue.Length(), &idx, true, &rval)) {
return Nothing();
}
return Some(!rval.isNull());
}
HTMLSplitOnSpacesTokenizer tokenizer(aValue, ',');
while (tokenizer.hasMoreTokens()) {
const nsAString& value = tokenizer.nextToken();
size_t idx = 0;
if (!JS::ExecuteRegExpNoStatics(cx, re, value.BeginReading(),
value.Length(), &idx, true, &rval)) {
return Nothing();
}
if (rval.isNull()) {
return Some(false);
}
}
return Some(true);
}
// static
nsresult nsContentUtils::URIInheritsSecurityContext(nsIURI* aURI,
bool* aResult) {
// Note: about:blank URIs do NOT inherit the security context from the
// current document, which is what this function tests for...
return NS_URIChainHasFlags(
aURI, nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT, aResult);
}
// static
bool nsContentUtils::ChannelShouldInheritPrincipal(
nsIPrincipal* aLoadingPrincipal, nsIURI* aURI, bool aInheritForAboutBlank,
bool aForceInherit) {
MOZ_ASSERT(aLoadingPrincipal,
"Can not check inheritance without a principal");
// Only tell the channel to inherit if it can't provide its own security
// context.
//
// XXX: If this is ever changed, check all callers for what owners
// they're passing in. In particular, see the code and
// comments in nsDocShell::LoadURI where we fall back on
// inheriting the owner if called from chrome. That would be
// very wrong if this code changed anything but channels that
// can't provide their own security context!
//
// If aForceInherit is true, we will inherit, even for a channel that
// can provide its own security context. This is used for srcdoc loads.
bool inherit = aForceInherit;
if (!inherit) {
bool uriInherits;
// We expect URIInheritsSecurityContext to return success for an
// about:blank URI, so don't call NS_IsAboutBlank() if this call fails.
// This condition needs to match the one in nsDocShell::InternalLoad where
// we're checking for things that will use the owner.
inherit =
(NS_SUCCEEDED(URIInheritsSecurityContext(aURI, &uriInherits)) &&
(uriInherits || (aInheritForAboutBlank && NS_IsAboutBlank(aURI)))) ||
//
// file: uri special-casing
//
// If this is a file: load opened from another file: then it may need
// to inherit the owner from the referrer so they can script each other.
// If we don't set the owner explicitly then each file: gets an owner
// based on its own codebase later.
//
(URIIsLocalFile(aURI) &&
NS_SUCCEEDED(aLoadingPrincipal->CheckMayLoad(aURI, false)) &&
// One more check here. CheckMayLoad will always return true for the
// system principal, but we do NOT want to inherit in that case.
!aLoadingPrincipal->IsSystemPrincipal());
}
return inherit;
}
/* static */
bool nsContentUtils::IsCutCopyAllowed(Document* aDocument,
nsIPrincipal& aSubjectPrincipal) {
if (StaticPrefs::dom_allow_cut_copy() && aDocument &&
aDocument->HasValidTransientUserGestureActivation()) {
return true;
}
return PrincipalHasPermission(aSubjectPrincipal, nsGkAtoms::clipboardWrite);
}
/* static */
bool nsContentUtils::HaveEqualPrincipals(Document* aDoc1, Document* aDoc2) {
if (!aDoc1 || !aDoc2) {
return false;
}
bool principalsEqual = false;
aDoc1->NodePrincipal()->Equals(aDoc2->NodePrincipal(), &principalsEqual);
return principalsEqual;
}
/* static */
void nsContentUtils::FireMutationEventsForDirectParsing(
Document* aDoc, nsIContent* aDest, int32_t aOldChildCount) {
// Fire mutation events. Optimize for the case when there are no listeners
int32_t newChildCount = aDest->GetChildCount();
if (newChildCount && nsContentUtils::HasMutationListeners(
aDoc, NS_EVENT_BITS_MUTATION_NODEINSERTED)) {
AutoTArray<nsCOMPtr<nsIContent>, 50> childNodes;
NS_ASSERTION(newChildCount - aOldChildCount >= 0,
"What, some unexpected dom mutation has happened?");
childNodes.SetCapacity(newChildCount - aOldChildCount);
for (nsIContent* child = aDest->GetFirstChild(); child;
child = child->GetNextSibling()) {
childNodes.AppendElement(child);
}
FragmentOrElement::FireNodeInserted(aDoc, aDest, childNodes);
}
}
/* static */
const Document* nsContentUtils::GetInProcessSubtreeRootDocument(
const Document* aDoc) {
if (!aDoc) {
return nullptr;
}
const Document* doc = aDoc;
while (doc->GetInProcessParentDocument()) {
doc = doc->GetInProcessParentDocument();
}
return doc;
}
// static
int32_t nsContentUtils::GetAdjustedOffsetInTextControl(nsIFrame* aOffsetFrame,
int32_t aOffset) {
// The structure of the anonymous frames within a text control frame is
// an optional block frame, followed by an optional br frame.
// If the offset frame has a child, then this frame is the block which
// has the text frames (containing the content) as its children. This will
// be the case if we click to the right of any of the text frames, or at the
// bottom of the text area.
nsIFrame* firstChild = aOffsetFrame->PrincipalChildList().FirstChild();
if (firstChild) {
// In this case, the passed-in offset is incorrect, and we want the length
// of the entire content in the text control frame.
return firstChild->GetContent()->Length();
}
if (aOffsetFrame->GetPrevSibling() && !aOffsetFrame->GetNextSibling()) {
// In this case, we're actually within the last frame, which is a br
// frame. Our offset should therefore be the length of the first child of
// our parent.
int32_t aOutOffset = aOffsetFrame->GetParent()
->PrincipalChildList()
.FirstChild()
->GetContent()
->Length();
return aOutOffset;
}
// Otherwise, we're within one of the text frames, in which case our offset
// has already been correctly calculated.
return aOffset;
}
// static
bool nsContentUtils::IsPointInSelection(
const mozilla::dom::Selection& aSelection, const nsINode& aNode,
const uint32_t aOffset) {
if (aSelection.IsCollapsed()) {
return false;
}
const uint32_t rangeCount = aSelection.RangeCount();
for (const uint32_t i : IntegerRange(rangeCount)) {
MOZ_ASSERT(aSelection.RangeCount() == rangeCount);
RefPtr<const nsRange> range = aSelection.GetRangeAt(i);
if (NS_WARN_IF(!range)) {
// Don't bail yet, iterate through them all
continue;
}
// Done when we find a range that we are in
if (range->IsPointInRange(aNode, aOffset, IgnoreErrors())) {
return true;
}
}
return false;
}
// static
void nsContentUtils::GetSelectionInTextControl(Selection* aSelection,
Element* aRoot,
uint32_t& aOutStartOffset,
uint32_t& aOutEndOffset) {
MOZ_ASSERT(aSelection && aRoot);
// We don't care which end of this selection is anchor and which is focus. In
// fact, we explicitly want to know which is the _start_ and which is the
// _end_, not anchor vs focus.
const nsRange* range = aSelection->GetAnchorFocusRange();
if (!range) {
// Nothing selected
aOutStartOffset = aOutEndOffset = 0;
return;
}
// All the node pointers here are raw pointers for performance. We shouldn't
// be doing anything in this function that invalidates the node tree.
nsINode* startContainer = range->GetStartContainer();
uint32_t startOffset = range->StartOffset();
nsINode* endContainer = range->GetEndContainer();
uint32_t endOffset = range->EndOffset();
// We have at most two children, consisting of an optional text node followed
// by an optional <br>.
NS_ASSERTION(aRoot->GetChildCount() <= 2, "Unexpected children");
nsIContent* firstChild = aRoot->GetFirstChild();
#ifdef DEBUG
nsCOMPtr<nsIContent> lastChild = aRoot->GetLastChild();
NS_ASSERTION(startContainer == aRoot || startContainer == firstChild ||
startContainer == lastChild,
"Unexpected startContainer");
NS_ASSERTION(endContainer == aRoot || endContainer == firstChild ||
endContainer == lastChild,
"Unexpected endContainer");
// firstChild is either text or a <br> (hence an element).
MOZ_ASSERT_IF(firstChild, firstChild->IsText() || firstChild->IsElement());
#endif
if (!firstChild || firstChild->IsElement()) {
// No text node, so everything is 0
startOffset = endOffset = 0;
} else {
// First child is text. If the start/end is already in the text node,
// or the start of the root node, no change needed. If it's in the root
// node but not the start, or in the trailing <br>, we need to set the
// offset to the end.
if ((startContainer == aRoot && startOffset != 0) ||
(startContainer != aRoot && startContainer != firstChild)) {
startOffset = firstChild->Length();
}
if ((endContainer == aRoot && endOffset != 0) ||
(endContainer != aRoot && endContainer != firstChild)) {
endOffset = firstChild->Length();
}
}
MOZ_ASSERT(startOffset <= endOffset);
aOutStartOffset = startOffset;
aOutEndOffset = endOffset;
}
// static
HTMLEditor* nsContentUtils::GetHTMLEditor(nsPresContext* aPresContext) {
if (!aPresContext) {
return nullptr;
}
return GetHTMLEditor(aPresContext->GetDocShell());
}
// static
HTMLEditor* nsContentUtils::GetHTMLEditor(nsDocShell* aDocShell) {
bool isEditable;
if (!aDocShell || NS_FAILED(aDocShell->GetEditable(&isEditable)) ||
!isEditable) {
return nullptr;
}
return aDocShell->GetHTMLEditor();
}
// static
EditorBase* nsContentUtils::GetActiveEditor(nsPresContext* aPresContext) {
if (!aPresContext) {
return nullptr;
}
return GetActiveEditor(aPresContext->Document()->GetWindow());
}
// static
EditorBase* nsContentUtils::GetActiveEditor(nsPIDOMWindowOuter* aWindow) {
if (!aWindow || !aWindow->GetExtantDoc()) {
return nullptr;
}
// If it's in designMode, nobody can have focus. Therefore, the HTMLEditor
// handles all events. I.e., it's focused editor in this case.
if (aWindow->GetExtantDoc()->IsInDesignMode()) {
return GetHTMLEditor(nsDocShell::Cast(aWindow->GetDocShell()));
}
// If focused element is associated with TextEditor, it must be <input>
// element or <textarea> element. Let's return it even if it's in a
// contenteditable element.
nsCOMPtr<nsPIDOMWindowOuter> focusedWindow;
if (Element* focusedElement = nsFocusManager::GetFocusedDescendant(
aWindow, nsFocusManager::SearchRange::eOnlyCurrentWindow,
getter_AddRefs(focusedWindow))) {
if (TextEditor* textEditor = focusedElement->GetTextEditorInternal()) {
return textEditor;
}
}
// Otherwise, HTMLEditor may handle inputs even non-editable element has
// focus or nobody has focus.
return GetHTMLEditor(nsDocShell::Cast(aWindow->GetDocShell()));
}
// static
TextEditor* nsContentUtils::GetTextEditorFromAnonymousNodeWithoutCreation(
const nsIContent* aAnonymousContent) {
if (!aAnonymousContent) {
return nullptr;
}
nsIContent* parent = aAnonymousContent->FindFirstNonChromeOnlyAccessContent();
if (!parent || parent == aAnonymousContent) {
return nullptr;
}
if (HTMLInputElement* inputElement =
HTMLInputElement::FromNodeOrNull(parent)) {
return inputElement->GetTextEditorWithoutCreation();
}
if (HTMLTextAreaElement* textareaElement =
HTMLTextAreaElement::FromNodeOrNull(parent)) {
return textareaElement->GetTextEditorWithoutCreation();
}
return nullptr;
}
// static
bool nsContentUtils::IsNodeInEditableRegion(nsINode* aNode) {
while (aNode) {
if (aNode->IsEditable()) {
return true;
}
aNode = aNode->GetParent();
}
return false;
}
// static
bool nsContentUtils::IsForbiddenRequestHeader(const nsACString& aHeader,
const nsACString& aValue) {
if (IsForbiddenSystemRequestHeader(aHeader)) {
return true;
}
if ((nsContentUtils::IsOverrideMethodHeader(aHeader) &&
nsContentUtils::ContainsForbiddenMethod(aValue))) {
return true;
}
if (StringBeginsWith(aHeader, "proxy-"_ns,
nsCaseInsensitiveCStringComparator) ||
StringBeginsWith(aHeader, "sec-"_ns,
nsCaseInsensitiveCStringComparator)) {
return true;
}
return false;
}
// static
bool nsContentUtils::IsForbiddenSystemRequestHeader(const nsACString& aHeader) {
static const char* kInvalidHeaders[] = {"accept-charset",
"accept-encoding",
"access-control-request-headers",
"access-control-request-method",
"connection",
"content-length",
"cookie",
"cookie2",
"date",
"dnt",
"expect",
"host",
"keep-alive",
"origin",
"referer",
"set-cookie",
"te",
"trailer",
"transfer-encoding",
"upgrade",
"via"};
for (auto& kInvalidHeader : kInvalidHeaders) {
if (aHeader.LowerCaseEqualsASCII(kInvalidHeader)) {
return true;
}
}
return false;
}
// static
bool nsContentUtils::IsForbiddenResponseHeader(const nsACString& aHeader) {
return (aHeader.LowerCaseEqualsASCII("set-cookie") ||
aHeader.LowerCaseEqualsASCII("set-cookie2"));
}
// static
bool nsContentUtils::IsOverrideMethodHeader(const nsACString& headerName) {
return headerName.EqualsIgnoreCase("x-http-method-override") ||
headerName.EqualsIgnoreCase("x-http-method") ||
headerName.EqualsIgnoreCase("x-method-override");
}
// static
bool nsContentUtils::ContainsForbiddenMethod(const nsACString& headerValue) {
bool hasInsecureMethod = false;
nsCCharSeparatedTokenizer tokenizer(headerValue, ',');
while (tokenizer.hasMoreTokens()) {
const nsDependentCSubstring& value = tokenizer.nextToken();
if (value.EqualsIgnoreCase("connect") || value.EqualsIgnoreCase("trace") ||
value.EqualsIgnoreCase("track")) {
hasInsecureMethod = true;
break;
}
}
return hasInsecureMethod;
}
Maybe<nsContentUtils::ParsedRange> nsContentUtils::ParseSingleRangeRequest(
const nsACString& aHeaderValue, bool aAllowWhitespace) {
// See https://fetch.spec.whatwg.org/#simple-range-header-value
mozilla::Tokenizer p(aHeaderValue);
Maybe<uint64_t> rangeStart;
Maybe<uint64_t> rangeEnd;
// Step 2 and 3
if (!p.CheckWord("bytes")) {
return Nothing();
}
// Step 4
if (aAllowWhitespace) {
p.SkipWhites();
}
// Step 5 and 6
if (!p.CheckChar('=')) {
return Nothing();
}
// Step 7
if (aAllowWhitespace) {
p.SkipWhites();
}
// Step 8 and 9
uint64_t res;
if (p.ReadInteger(&res)) {
rangeStart = Some(res);
}
// Step 10
if (aAllowWhitespace) {
p.SkipWhites();
}
// Step 11
if (!p.CheckChar('-')) {
return Nothing();
}
// Step 13
if (aAllowWhitespace) {
p.SkipWhites();
}
// Step 14 and 15
if (p.ReadInteger(&res)) {
rangeEnd = Some(res);
}
// Step 16
if (!p.CheckEOF()) {
return Nothing();
}
// Step 17
if (!rangeStart && !rangeEnd) {
return Nothing();
}
// Step 18
if (rangeStart && rangeEnd && *rangeStart > *rangeEnd) {
return Nothing();
}
return Some(ParsedRange(rangeStart, rangeEnd));
}
// static
bool nsContentUtils::IsCorsUnsafeRequestHeaderValue(
const nsACString& aHeaderValue) {
const char* cur = aHeaderValue.BeginReading();
const char* end = aHeaderValue.EndReading();
while (cur != end) {
// Implementation of
// https://fetch.spec.whatwg.org/#cors-unsafe-request-header-byte Is less
// than a space but not a horizontal tab
if ((*cur < ' ' && *cur != '\t') || *cur == '"' || *cur == '(' ||
*cur == ')' || *cur == ':' || *cur == '<' || *cur == '>' ||
*cur == '?' || *cur == '@' || *cur == '[' || *cur == '\\' ||
*cur == ']' || *cur == '{' || *cur == '}' ||
*cur == 0x7F) { // 0x75 is DEL
return true;
}
cur++;
}
return false;
}
// static
bool nsContentUtils::IsAllowedNonCorsAccept(const nsACString& aHeaderValue) {
if (IsCorsUnsafeRequestHeaderValue(aHeaderValue)) {
return false;
}
return true;
}
// static
bool nsContentUtils::IsAllowedNonCorsContentType(
const nsACString& aHeaderValue) {
nsAutoCString contentType;
nsAutoCString unused;
if (IsCorsUnsafeRequestHeaderValue(aHeaderValue)) {
return false;
}
nsresult rv = NS_ParseRequestContentType(aHeaderValue, contentType, unused);
if (NS_FAILED(rv)) {
return false;
}
return contentType.LowerCaseEqualsLiteral("text/plain") ||
contentType.LowerCaseEqualsLiteral(
"application/x-www-form-urlencoded") ||
contentType.LowerCaseEqualsLiteral("multipart/form-data");
}
// static
bool nsContentUtils::IsAllowedNonCorsLanguage(const nsACString& aHeaderValue) {
const char* cur = aHeaderValue.BeginReading();
const char* end = aHeaderValue.EndReading();
while (cur != end) {
if ((*cur >= '0' && *cur <= '9') || (*cur >= 'A' && *cur <= 'Z') ||
(*cur >= 'a' && *cur <= 'z') || *cur == ' ' || *cur == '*' ||
*cur == ',' || *cur == '-' || *cur == '.' || *cur == ';' ||
*cur == '=') {
cur++;
continue;
}
return false;
}
return true;
}
bool nsContentUtils::IsAllowedNonCorsRange(const nsACString& aHeaderValue) {
Maybe<ParsedRange> parsedRange = ParseSingleRangeRequest(aHeaderValue, false);
if (!parsedRange) {
return false;
}
if (!parsedRange->Start()) {
return false;
}
return true;
}
// static
bool nsContentUtils::IsCORSSafelistedRequestHeader(const nsACString& aName,
const nsACString& aValue) {
// see https://fetch.spec.whatwg.org/#cors-safelisted-request-header
if (aValue.Length() > 128) {
return false;
}
return (aName.LowerCaseEqualsLiteral("accept") &&
nsContentUtils::IsAllowedNonCorsAccept(aValue)) ||
(aName.LowerCaseEqualsLiteral("accept-language") &&
nsContentUtils::IsAllowedNonCorsLanguage(aValue)) ||
(aName.LowerCaseEqualsLiteral("content-language") &&
nsContentUtils::IsAllowedNonCorsLanguage(aValue)) ||
(aName.LowerCaseEqualsLiteral("content-type") &&
nsContentUtils::IsAllowedNonCorsContentType(aValue)) ||
(aName.LowerCaseEqualsLiteral("range") &&
nsContentUtils::IsAllowedNonCorsRange(aValue));
}
mozilla::LogModule* nsContentUtils::ResistFingerprintingLog() {
return gResistFingerprintingLog;
}
mozilla::LogModule* nsContentUtils::DOMDumpLog() { return sDOMDumpLog; }
bool nsContentUtils::GetNodeTextContent(const nsINode* aNode, bool aDeep,
nsAString& aResult,
const fallible_t& aFallible) {
aResult.Truncate();
return AppendNodeTextContent(aNode, aDeep, aResult, aFallible);
}
void nsContentUtils::GetNodeTextContent(const nsINode* aNode, bool aDeep,
nsAString& aResult) {
if (!GetNodeTextContent(aNode, aDeep, aResult, fallible)) {
NS_ABORT_OOM(0); // Unfortunately we don't know the allocation size
}
}
void nsContentUtils::DestroyMatchString(void* aData) {
if (aData) {
nsString* matchString = static_cast<nsString*>(aData);
delete matchString;
}
}
bool nsContentUtils::IsJavascriptMIMEType(const nsAString& aMIMEType) {
// Table ordered from most to least likely JS MIME types.
static const char* jsTypes[] = {"text/javascript",
"text/ecmascript",
"application/javascript",
"application/ecmascript",
"application/x-javascript",
"application/x-ecmascript",
"text/javascript1.0",
"text/javascript1.1",
"text/javascript1.2",
"text/javascript1.3",
"text/javascript1.4",
"text/javascript1.5",
"text/jscript",
"text/livescript",
"text/x-ecmascript",
"text/x-javascript",
nullptr};
for (uint32_t i = 0; jsTypes[i]; ++i) {
if (aMIMEType.LowerCaseEqualsASCII(jsTypes[i])) {
return true;
}
}
return false;
}
bool nsContentUtils::PrefetchPreloadEnabled(nsIDocShell* aDocShell) {
//
// SECURITY CHECK: disable prefetching and preloading from mailnews!
//
// walk up the docshell tree to see if any containing
// docshell are of type MAIL.
//
if (!aDocShell) {
return false;
}
nsCOMPtr<nsIDocShell> docshell = aDocShell;
nsCOMPtr<nsIDocShellTreeItem> parentItem;
do {
auto appType = docshell->GetAppType();
if (appType == nsIDocShell::APP_TYPE_MAIL) {
return false; // do not prefetch, preload, preconnect from mailnews
}
docshell->GetInProcessParent(getter_AddRefs(parentItem));
if (parentItem) {
docshell = do_QueryInterface(parentItem);
if (!docshell) {
NS_ERROR("cannot get a docshell from a treeItem!");
return false;
}
}
} while (parentItem);
return true;
}
uint64_t nsContentUtils::GetInnerWindowID(nsIRequest* aRequest) {
// can't do anything if there's no nsIRequest!
if (!aRequest) {
return 0;
}
nsCOMPtr<nsILoadGroup> loadGroup;
nsresult rv = aRequest->GetLoadGroup(getter_AddRefs(loadGroup));
if (NS_FAILED(rv) || !loadGroup) {
return 0;
}
return GetInnerWindowID(loadGroup);
}
uint64_t nsContentUtils::GetInnerWindowID(nsILoadGroup* aLoadGroup) {
if (!aLoadGroup) {
return 0;
}
nsCOMPtr<nsIInterfaceRequestor> callbacks;
nsresult rv = aLoadGroup->GetNotificationCallbacks(getter_AddRefs(callbacks));
if (NS_FAILED(rv) || !callbacks) {
return 0;
}
nsCOMPtr<nsILoadContext> loadContext = do_GetInterface(callbacks);
if (!loadContext) {
return 0;
}
nsCOMPtr<mozIDOMWindowProxy> window;
rv = loadContext->GetAssociatedWindow(getter_AddRefs(window));
if (NS_FAILED(rv) || !window) {
return 0;
}
auto* pwindow = nsPIDOMWindowOuter::From(window);
if (!pwindow) {
return 0;
}
nsPIDOMWindowInner* inner = pwindow->GetCurrentInnerWindow();
return inner ? inner->WindowID() : 0;
}
// static
void nsContentUtils::MaybeFixIPv6Host(nsACString& aHost) {
if (aHost.FindChar(':') != -1) { // Escape IPv6 address
MOZ_ASSERT(!aHost.Length() ||
(aHost[0] != '[' && aHost[aHost.Length() - 1] != ']'));
aHost.Insert('[', 0);
aHost.Append(']');
}
}
nsresult nsContentUtils::GetHostOrIPv6WithBrackets(nsIURI* aURI,
nsACString& aHost) {
aHost.Truncate();
nsresult rv = aURI->GetHost(aHost);
if (NS_FAILED(rv)) { // Some URIs do not have a host
return rv;
}
MaybeFixIPv6Host(aHost);
return NS_OK;
}
nsresult nsContentUtils::GetHostOrIPv6WithBrackets(nsIURI* aURI,
nsAString& aHost) {
nsAutoCString hostname;
nsresult rv = GetHostOrIPv6WithBrackets(aURI, hostname);
if (NS_FAILED(rv)) {
return rv;
}
CopyUTF8toUTF16(hostname, aHost);
return NS_OK;
}
nsresult nsContentUtils::GetHostOrIPv6WithBrackets(nsIPrincipal* aPrincipal,
nsACString& aHost) {
nsresult rv = aPrincipal->GetAsciiHost(aHost);
if (NS_FAILED(rv)) { // Some URIs do not have a host
return rv;
}
MaybeFixIPv6Host(aHost);
return NS_OK;
}
CallState nsContentUtils::CallOnAllRemoteChildren(
MessageBroadcaster* aManager,
const std::function<CallState(BrowserParent*)>& aCallback) {
uint32_t browserChildCount = aManager->ChildCount();
for (uint32_t j = 0; j < browserChildCount; ++j) {
RefPtr<MessageListenerManager> childMM = aManager->GetChildAt(j);
if (!childMM) {
continue;
}
RefPtr<MessageBroadcaster> nonLeafMM = MessageBroadcaster::From(childMM);
if (nonLeafMM) {
if (CallOnAllRemoteChildren(nonLeafMM, aCallback) == CallState::Stop) {
return CallState::Stop;
}
continue;
}
mozilla::dom::ipc::MessageManagerCallback* cb = childMM->GetCallback();
if (cb) {
nsFrameLoader* fl = static_cast<nsFrameLoader*>(cb);
BrowserParent* remote = BrowserParent::GetFrom(fl);
if (remote && aCallback) {
if (aCallback(remote) == CallState::Stop) {
return CallState::Stop;
}
}
}
}
return CallState::Continue;
}
void nsContentUtils::CallOnAllRemoteChildren(
nsPIDOMWindowOuter* aWindow,
const std::function<CallState(BrowserParent*)>& aCallback) {
nsGlobalWindowOuter* window = nsGlobalWindowOuter::Cast(aWindow);
if (window->IsChromeWindow()) {
RefPtr<MessageBroadcaster> windowMM = window->GetMessageManager();
if (windowMM) {
CallOnAllRemoteChildren(windowMM, aCallback);
}
}
}
bool nsContentUtils::IPCTransferableDataItemHasKnownFlavor(
const IPCTransferableDataItem& aItem) {
// Unknown types are converted to kCustomTypesMime.
if (aItem.flavor().EqualsASCII(kCustomTypesMime)) {
return true;
}
for (const char* format : DataTransfer::kKnownFormats) {
if (aItem.flavor().EqualsASCII(format)) {
return true;
}
}
return false;
}
nsresult nsContentUtils::IPCTransferableDataToTransferable(
const IPCTransferableData& aTransferableData, bool aAddDataFlavor,
nsITransferable* aTransferable, const bool aFilterUnknownFlavors) {
nsresult rv;
const nsTArray<IPCTransferableDataItem>& items = aTransferableData.items();
for (const auto& item : items) {
if (aFilterUnknownFlavors && !IPCTransferableDataItemHasKnownFlavor(item)) {
NS_WARNING(
"Ignoring unknown flavor in "
"nsContentUtils::IPCTransferableDataToTransferable");
continue;
}
if (aAddDataFlavor) {
aTransferable->AddDataFlavor(item.flavor().get());
}
nsCOMPtr<nsISupports> transferData;
switch (item.data().type()) {
case IPCTransferableDataType::TIPCTransferableDataString: {
const auto& data = item.data().get_IPCTransferableDataString();
nsCOMPtr<nsISupportsString> dataWrapper =
do_CreateInstance(NS_SUPPORTS_STRING_CONTRACTID, &rv);
NS_ENSURE_SUCCESS(rv, rv);
rv = dataWrapper->SetData(nsDependentSubstring(
reinterpret_cast<const char16_t*>(data.data().Data()),
data.data().Size() / sizeof(char16_t)));
NS_ENSURE_SUCCESS(rv, rv);
transferData = dataWrapper;
break;
}
case IPCTransferableDataType::TIPCTransferableDataCString: {
const auto& data = item.data().get_IPCTransferableDataCString();
nsCOMPtr<nsISupportsCString> dataWrapper =
do_CreateInstance(NS_SUPPORTS_CSTRING_CONTRACTID, &rv);
NS_ENSURE_SUCCESS(rv, rv);
rv = dataWrapper->SetData(nsDependentCSubstring(
reinterpret_cast<const char*>(data.data().Data()),
data.data().Size()));
NS_ENSURE_SUCCESS(rv, rv);
transferData = dataWrapper;
break;
}
case IPCTransferableDataType::TIPCTransferableDataInputStream: {
const auto& data = item.data().get_IPCTransferableDataInputStream();
nsCOMPtr<nsIInputStream> stream;
rv = NS_NewByteInputStream(getter_AddRefs(stream),
AsChars(data.data().AsSpan()),
NS_ASSIGNMENT_COPY);
NS_ENSURE_SUCCESS(rv, rv);
transferData = stream.forget();
break;
}
case IPCTransferableDataType::TIPCTransferableDataImageContainer: {
const auto& data = item.data().get_IPCTransferableDataImageContainer();
nsCOMPtr<imgIContainer> container;
rv = DeserializeTransferableDataImageContainer(
data, getter_AddRefs(container));
NS_ENSURE_SUCCESS(rv, rv);
transferData = container;
break;
}
case IPCTransferableDataType::TIPCTransferableDataBlob: {
const auto& data = item.data().get_IPCTransferableDataBlob();
transferData = IPCBlobUtils::Deserialize(data.blob());
break;
}
case IPCTransferableDataType::T__None:
MOZ_ASSERT_UNREACHABLE();
return NS_ERROR_FAILURE;
}
rv = aTransferable->SetTransferData(item.flavor().get(), transferData);
NS_ENSURE_SUCCESS(rv, rv);
}
return NS_OK;
}
nsresult nsContentUtils::IPCTransferableToTransferable(
const IPCTransferable& aIPCTransferable, bool aAddDataFlavor,
nsITransferable* aTransferable, const bool aFilterUnknownFlavors) {
// Note that we need to set privacy status of transferable before adding any
// data into it.
aTransferable->SetIsPrivateData(aIPCTransferable.isPrivateData());
nsresult rv =
IPCTransferableDataToTransferable(aIPCTransferable.data(), aAddDataFlavor,
aTransferable, aFilterUnknownFlavors);
NS_ENSURE_SUCCESS(rv, rv);
if (aIPCTransferable.cookieJarSettings().isSome()) {
nsCOMPtr<nsICookieJarSettings> cookieJarSettings;
net::CookieJarSettings::Deserialize(
aIPCTransferable.cookieJarSettings().ref(),
getter_AddRefs(cookieJarSettings));
aTransferable->SetCookieJarSettings(cookieJarSettings);
}
aTransferable->SetReferrerInfo(aIPCTransferable.referrerInfo());
aTransferable->SetRequestingPrincipal(aIPCTransferable.requestingPrincipal());
aTransferable->SetContentPolicyType(aIPCTransferable.contentPolicyType());
return NS_OK;
}
nsresult nsContentUtils::IPCTransferableDataItemToVariant(
const IPCTransferableDataItem& aItem, nsIWritableVariant* aVariant) {
MOZ_ASSERT(aVariant);
switch (aItem.data().type()) {
case IPCTransferableDataType::TIPCTransferableDataString: {
const auto& data = aItem.data().get_IPCTransferableDataString();
return aVariant->SetAsAString(nsDependentSubstring(
reinterpret_cast<const char16_t*>(data.data().Data()),
data.data().Size() / sizeof(char16_t)));
}
case IPCTransferableDataType::TIPCTransferableDataCString: {
const auto& data = aItem.data().get_IPCTransferableDataCString();
return aVariant->SetAsACString(nsDependentCSubstring(
reinterpret_cast<const char*>(data.data().Data()),
data.data().Size()));
}
case IPCTransferableDataType::TIPCTransferableDataInputStream: {
const auto& data = aItem.data().get_IPCTransferableDataInputStream();
nsCOMPtr<nsIInputStream> stream;
nsresult rv = NS_NewByteInputStream(getter_AddRefs(stream),
AsChars(data.data().AsSpan()),
NS_ASSIGNMENT_COPY);
NS_ENSURE_SUCCESS(rv, rv);
return aVariant->SetAsISupports(stream);
}
case IPCTransferableDataType::TIPCTransferableDataImageContainer: {
const auto& data = aItem.data().get_IPCTransferableDataImageContainer();
nsCOMPtr<imgIContainer> container;
nsresult rv = DeserializeTransferableDataImageContainer(
data, getter_AddRefs(container));
NS_ENSURE_SUCCESS(rv, rv);
return aVariant->SetAsISupports(container);
}
case IPCTransferableDataType::TIPCTransferableDataBlob: {
const auto& data = aItem.data().get_IPCTransferableDataBlob();
RefPtr<BlobImpl> blobImpl = IPCBlobUtils::Deserialize(data.blob());
return aVariant->SetAsISupports(blobImpl);
}
case IPCTransferableDataType::T__None:
break;
}
MOZ_ASSERT_UNREACHABLE();
return NS_ERROR_UNEXPECTED;
}
void nsContentUtils::TransferablesToIPCTransferableDatas(
nsIArray* aTransferables, nsTArray<IPCTransferableData>& aIPC,
bool aInSyncMessage, mozilla::dom::ContentParent* aParent) {
aIPC.Clear();
if (aTransferables) {
uint32_t transferableCount = 0;
aTransferables->GetLength(&transferableCount);
for (uint32_t i = 0; i < transferableCount; ++i) {
IPCTransferableData* dt = aIPC.AppendElement();
nsCOMPtr<nsITransferable> transferable =
do_QueryElementAt(aTransferables, i);
TransferableToIPCTransferableData(transferable, dt, aInSyncMessage,
aParent);
}
}
}
nsresult nsContentUtils::CalculateBufferSizeForImage(
const uint32_t& aStride, const IntSize& aImageSize,
const SurfaceFormat& aFormat, size_t* aMaxBufferSize,
size_t* aUsedBufferSize) {
CheckedInt32 requiredBytes =
CheckedInt32(aStride) * CheckedInt32(aImageSize.height);
CheckedInt32 usedBytes =
requiredBytes - aStride +
(CheckedInt32(aImageSize.width) * BytesPerPixel(aFormat));
if (!usedBytes.isValid()) {
return NS_ERROR_FAILURE;
}
MOZ_ASSERT(requiredBytes.isValid(), "usedBytes valid but not required?");
*aMaxBufferSize = requiredBytes.value();
*aUsedBufferSize = usedBytes.value();
return NS_OK;
}
static already_AddRefed<DataSourceSurface> BigBufferToDataSurface(
BigBuffer& aData, uint32_t aStride, const IntSize& aImageSize,
SurfaceFormat aFormat) {
if (!aData.Size() || !aImageSize.width || !aImageSize.height) {
return nullptr;
}
// Validate shared memory buffer size
size_t imageBufLen = 0;
size_t maxBufLen = 0;
if (NS_FAILED(nsContentUtils::CalculateBufferSizeForImage(
aStride, aImageSize, aFormat, &maxBufLen, &imageBufLen))) {
return nullptr;
}
if (imageBufLen > aData.Size()) {
return nullptr;
}
return CreateDataSourceSurfaceFromData(aImageSize, aFormat, aData.Data(),
aStride);
}
nsresult nsContentUtils::DeserializeTransferableDataImageContainer(
const IPCTransferableDataImageContainer& aData,
imgIContainer** aContainer) {
const IntSize size(aData.width(), aData.height());
size_t maxBufferSize = 0;
size_t usedBufferSize = 0;
nsresult rv = CalculateBufferSizeForImage(
aData.stride(), size, aData.format(), &maxBufferSize, &usedBufferSize);
NS_ENSURE_SUCCESS(rv, rv);
if (usedBufferSize > aData.data().Size()) {
return NS_ERROR_FAILURE;
}
RefPtr<DataSourceSurface> surface =
CreateDataSourceSurfaceFromData(size, aData.format(), aData.data().Data(),
static_cast<int32_t>(aData.stride()));
if (!surface) {
return NS_ERROR_FAILURE;
}
RefPtr<gfxDrawable> drawable = new gfxSurfaceDrawable(surface, size);
nsCOMPtr<imgIContainer> imageContainer =
image::ImageOps::CreateFromDrawable(drawable);
imageContainer.forget(aContainer);
return NS_OK;
}
bool nsContentUtils::IsFlavorImage(const nsACString& aFlavor) {
return aFlavor.EqualsLiteral(kNativeImageMime) ||
aFlavor.EqualsLiteral(kJPEGImageMime) ||
aFlavor.EqualsLiteral(kJPGImageMime) ||
aFlavor.EqualsLiteral(kPNGImageMime) ||
aFlavor.EqualsLiteral(kGIFImageMime);
}
// FIXME: This can probably be removed once bug 1783240 lands, as `nsString`
// will be implicitly serialized in shmem when sent over IPDL directly.
static IPCTransferableDataString AsIPCTransferableDataString(
Span<const char16_t> aInput) {
return IPCTransferableDataString{BigBuffer(AsBytes(aInput))};
}
// FIXME: This can probably be removed once bug 1783240 lands, as `nsCString`
// will be implicitly serialized in shmem when sent over IPDL directly.
static IPCTransferableDataCString AsIPCTransferableDataCString(
Span<const char> aInput) {
return IPCTransferableDataCString{BigBuffer(AsBytes(aInput))};
}
void nsContentUtils::TransferableToIPCTransferableData(
nsITransferable* aTransferable, IPCTransferableData* aTransferableData,
bool aInSyncMessage, mozilla::dom::ContentParent* aParent) {
MOZ_ASSERT_IF(XRE_IsParentProcess(), aParent);
if (aTransferable) {
nsTArray<nsCString> flavorList;
aTransferable->FlavorsTransferableCanExport(flavorList);
for (uint32_t j = 0; j < flavorList.Length(); ++j) {
nsCString& flavorStr = flavorList[j];
if (!flavorStr.Length()) {
continue;
}
nsCOMPtr<nsISupports> data;
nsresult rv =
aTransferable->GetTransferData(flavorStr.get(), getter_AddRefs(data));
if (NS_FAILED(rv) || !data) {
if (aInSyncMessage) {
// Can't do anything.
// FIXME: This shouldn't be the case anymore!
continue;
}
// This is a hack to support kFilePromiseMime.
// On Windows there just needs to be an entry for it,
// and for OSX we need to create
// nsContentAreaDragDropDataProvider as nsIFlavorDataProvider.
if (flavorStr.EqualsLiteral(kFilePromiseMime)) {
IPCTransferableDataItem* item =
aTransferableData->items().AppendElement();
item->flavor() = flavorStr;
item->data() =
AsIPCTransferableDataString(NS_ConvertUTF8toUTF16(flavorStr));
continue;
}
// Empty element, transfer only the flavor
IPCTransferableDataItem* item =
aTransferableData->items().AppendElement();
item->flavor() = flavorStr;
item->data() = AsIPCTransferableDataString(EmptyString());
continue;
}
// We need to handle nsIInputStream before nsISupportsCString, otherwise
// nsStringInputStream would be converted into a wrong type.
if (nsCOMPtr<nsIInputStream> stream = do_QueryInterface(data)) {
IPCTransferableDataItem* item =
aTransferableData->items().AppendElement();
item->flavor() = flavorStr;
nsCString imageData;
DebugOnly<nsresult> rv =
NS_ConsumeStream(stream, UINT32_MAX, imageData);
MOZ_ASSERT(
rv != NS_BASE_STREAM_WOULD_BLOCK,
"cannot use async input streams in nsITransferable right now");
// FIXME: This can probably be simplified once bug 1783240 lands, as
// `nsCString` will be implicitly serialized in shmem when sent over
// IPDL directly.
item->data() =
IPCTransferableDataInputStream(BigBuffer(AsBytes(Span(imageData))));
continue;
}
if (nsCOMPtr<nsISupportsString> text = do_QueryInterface(data)) {
nsAutoString dataAsString;
MOZ_ALWAYS_SUCCEEDS(text->GetData(dataAsString));
IPCTransferableDataItem* item =
aTransferableData->items().AppendElement();
item->flavor() = flavorStr;
item->data() = AsIPCTransferableDataString(dataAsString);
continue;
}
if (nsCOMPtr<nsISupportsCString> ctext = do_QueryInterface(data)) {
nsAutoCString dataAsString;
MOZ_ALWAYS_SUCCEEDS(ctext->GetData(dataAsString));
IPCTransferableDataItem* item =
aTransferableData->items().AppendElement();
item->flavor() = flavorStr;
item->data() = AsIPCTransferableDataCString(dataAsString);
continue;
}
if (nsCOMPtr<imgIContainer> image = do_QueryInterface(data)) {
// Images to be placed on the clipboard are imgIContainers.
RefPtr<mozilla::gfx::SourceSurface> surface = image->GetFrame(
imgIContainer::FRAME_CURRENT,
imgIContainer::FLAG_SYNC_DECODE | imgIContainer::FLAG_ASYNC_NOTIFY);
if (!surface) {
continue;
}
RefPtr<mozilla::gfx::DataSourceSurface> dataSurface =
surface->GetDataSurface();
if (!dataSurface) {
continue;
}
size_t length;
int32_t stride;
Maybe<BigBuffer> surfaceData =
GetSurfaceData(*dataSurface, &length, &stride);
if (surfaceData.isNothing()) {
continue;
}
IPCTransferableDataItem* item =
aTransferableData->items().AppendElement();
item->flavor() = flavorStr;
mozilla::gfx::IntSize size = dataSurface->GetSize();
item->data() = IPCTransferableDataImageContainer(
std::move(*surfaceData), size.width, size.height, stride,
dataSurface->GetFormat());
continue;
}
// Otherwise, handle this as a file.
nsCOMPtr<BlobImpl> blobImpl;
if (nsCOMPtr<nsIFile> file = do_QueryInterface(data)) {
if (aParent) {
bool isDir = false;
if (NS_SUCCEEDED(file->IsDirectory(&isDir)) && isDir) {
nsAutoString path;
if (NS_WARN_IF(NS_FAILED(file->GetPath(path)))) {
continue;
}
RefPtr<FileSystemSecurity> fss = FileSystemSecurity::GetOrCreate();
fss->GrantAccessToContentProcess(aParent->ChildID(), path);
}
}
blobImpl = new FileBlobImpl(file);
IgnoredErrorResult rv;
// Ensure that file data is cached no that the content process
// has this data available to it when passed over:
blobImpl->GetSize(rv);
if (NS_WARN_IF(rv.Failed())) {
continue;
}
blobImpl->GetLastModified(rv);
if (NS_WARN_IF(rv.Failed())) {
continue;
}
} else {
if (aInSyncMessage) {
// Can't do anything.
// FIXME: This shouldn't be the case anymore!
continue;
}
blobImpl = do_QueryInterface(data);
}
if (blobImpl) {
// If we failed to create the blob actor, then this blob probably
// can't get the file size for the underlying file, ignore it for
// now. TODO pass this through anyway.
IPCBlob ipcBlob;
nsresult rv = IPCBlobUtils::Serialize(blobImpl, ipcBlob);
if (NS_WARN_IF(NS_FAILED(rv))) {
continue;
}
IPCTransferableDataItem* item =
aTransferableData->items().AppendElement();
item->flavor() = flavorStr;
item->data() = IPCTransferableDataBlob(ipcBlob);
}
}
}
}
void nsContentUtils::TransferableToIPCTransferable(
nsITransferable* aTransferable, IPCTransferable* aIPCTransferable,
bool aInSyncMessage, mozilla::dom::ContentParent* aParent) {
IPCTransferableData ipcTransferableData;
TransferableToIPCTransferableData(aTransferable, &ipcTransferableData,
aInSyncMessage, aParent);
Maybe<net::CookieJarSettingsArgs> cookieJarSettingsArgs;
if (nsCOMPtr<nsICookieJarSettings> cookieJarSettings =
aTransferable->GetCookieJarSettings()) {
net::CookieJarSettingsArgs args;
net::CookieJarSettings::Cast(cookieJarSettings)->Serialize(args);
cookieJarSettingsArgs = Some(std::move(args));
}
aIPCTransferable->data() = std::move(ipcTransferableData);
aIPCTransferable->isPrivateData() = aTransferable->GetIsPrivateData();
aIPCTransferable->requestingPrincipal() =
aTransferable->GetRequestingPrincipal();
aIPCTransferable->cookieJarSettings() = std::move(cookieJarSettingsArgs);
aIPCTransferable->contentPolicyType() = aTransferable->GetContentPolicyType();
aIPCTransferable->referrerInfo() = aTransferable->GetReferrerInfo();
}
Maybe<BigBuffer> nsContentUtils::GetSurfaceData(DataSourceSurface& aSurface,
size_t* aLength,
int32_t* aStride) {
mozilla::gfx::DataSourceSurface::MappedSurface map;
if (!aSurface.Map(mozilla::gfx::DataSourceSurface::MapType::READ, &map)) {
return Nothing();
}
size_t bufLen = 0;
size_t maxBufLen = 0;
nsresult rv = nsContentUtils::CalculateBufferSizeForImage(
map.mStride, aSurface.GetSize(), aSurface.GetFormat(), &maxBufLen,
&bufLen);
if (NS_FAILED(rv)) {
aSurface.Unmap();
return Nothing();
}
BigBuffer surfaceData(maxBufLen);
memcpy(surfaceData.Data(), map.mData, bufLen);
memset(surfaceData.Data() + bufLen, 0, maxBufLen - bufLen);
*aLength = maxBufLen;
*aStride = map.mStride;
aSurface.Unmap();
return Some(std::move(surfaceData));
}
Maybe<IPCImage> nsContentUtils::SurfaceToIPCImage(DataSourceSurface& aSurface) {
size_t len = 0;
int32_t stride = 0;
auto mem = GetSurfaceData(aSurface, &len, &stride);
if (!mem) {
return Nothing();
}
return Some(IPCImage{std::move(*mem), uint32_t(stride), aSurface.GetFormat(),
ImageIntSize::FromUnknownSize(aSurface.GetSize())});
}
already_AddRefed<DataSourceSurface> nsContentUtils::IPCImageToSurface(
IPCImage&& aImage) {
return BigBufferToDataSurface(aImage.data(), aImage.stride(),
aImage.size().ToUnknownSize(), aImage.format());
}
Modifiers nsContentUtils::GetWidgetModifiers(int32_t aModifiers) {
Modifiers result = 0;
if (aModifiers & nsIDOMWindowUtils::MODIFIER_SHIFT) {
result |= mozilla::MODIFIER_SHIFT;
}
if (aModifiers & nsIDOMWindowUtils::MODIFIER_CONTROL) {
result |= mozilla::MODIFIER_CONTROL;
}
if (aModifiers & nsIDOMWindowUtils::MODIFIER_ALT) {
result |= mozilla::MODIFIER_ALT;
}
if (aModifiers & nsIDOMWindowUtils::MODIFIER_META) {
result |= mozilla::MODIFIER_META;
}
if (aModifiers & nsIDOMWindowUtils::MODIFIER_ALTGRAPH) {
result |= mozilla::MODIFIER_ALTGRAPH;
}
if (aModifiers & nsIDOMWindowUtils::MODIFIER_CAPSLOCK) {
result |= mozilla::MODIFIER_CAPSLOCK;
}
if (aModifiers & nsIDOMWindowUtils::MODIFIER_FN) {
result |= mozilla::MODIFIER_FN;
}
if (aModifiers & nsIDOMWindowUtils::MODIFIER_FNLOCK) {
result |= mozilla::MODIFIER_FNLOCK;
}
if (aModifiers & nsIDOMWindowUtils::MODIFIER_NUMLOCK) {
result |= mozilla::MODIFIER_NUMLOCK;
}
if (aModifiers & nsIDOMWindowUtils::MODIFIER_SCROLLLOCK) {
result |= mozilla::MODIFIER_SCROLLLOCK;
}
if (aModifiers & nsIDOMWindowUtils::MODIFIER_SYMBOL) {
result |= mozilla::MODIFIER_SYMBOL;
}
if (aModifiers & nsIDOMWindowUtils::MODIFIER_SYMBOLLOCK) {
result |= mozilla::MODIFIER_SYMBOLLOCK;
}
return result;
}
nsIWidget* nsContentUtils::GetWidget(PresShell* aPresShell, nsPoint* aOffset) {
if (!aPresShell) {
return nullptr;
}
nsIFrame* frame = aPresShell->GetRootFrame();
if (!frame) {
return nullptr;
}
return frame->GetView()->GetNearestWidget(aOffset);
}
int16_t nsContentUtils::GetButtonsFlagForButton(int32_t aButton) {
switch (aButton) {
case -1:
return MouseButtonsFlag::eNoButtons;
case MouseButton::ePrimary:
return MouseButtonsFlag::ePrimaryFlag;
case MouseButton::eMiddle:
return MouseButtonsFlag::eMiddleFlag;
case MouseButton::eSecondary:
return MouseButtonsFlag::eSecondaryFlag;
case 3:
return MouseButtonsFlag::e4thFlag;
case 4:
return MouseButtonsFlag::e5thFlag;
case MouseButton::eEraser:
return MouseButtonsFlag::eEraserFlag;
default:
NS_ERROR("Button not known.");
return 0;
}
}
LayoutDeviceIntPoint nsContentUtils::ToWidgetPoint(
const CSSPoint& aPoint, const nsPoint& aOffset,
nsPresContext* aPresContext) {
nsPoint layoutRelative = CSSPoint::ToAppUnits(aPoint) + aOffset;
nsPoint visualRelative =
ViewportUtils::LayoutToVisual(layoutRelative, aPresContext->PresShell());
return LayoutDeviceIntPoint::FromAppUnitsRounded(
visualRelative, aPresContext->AppUnitsPerDevPixel());
}
nsView* nsContentUtils::GetViewToDispatchEvent(nsPresContext* aPresContext,
PresShell** aPresShell) {
if (!aPresContext || !aPresShell) {
return nullptr;
}
RefPtr<PresShell> presShell = aPresContext->PresShell();
if (NS_WARN_IF(!presShell)) {
*aPresShell = nullptr;
return nullptr;
}
nsViewManager* viewManager = presShell->GetViewManager();
if (!viewManager) {
presShell.forget(aPresShell); // XXX Is this intentional?
return nullptr;
}
presShell.forget(aPresShell);
return viewManager->GetRootView();
}
nsresult nsContentUtils::SendMouseEvent(
mozilla::PresShell* aPresShell, const nsAString& aType, float aX, float aY,
int32_t aButton, int32_t aButtons, int32_t aClickCount, int32_t aModifiers,
bool aIgnoreRootScrollFrame, float aPressure,
unsigned short aInputSourceArg, uint32_t aIdentifier, bool aToWindow,
PreventDefaultResult* aPreventDefault, bool aIsDOMEventSynthesized,
bool aIsWidgetEventSynthesized) {
nsPoint offset;
nsCOMPtr<nsIWidget> widget = GetWidget(aPresShell, &offset);
if (!widget) return NS_ERROR_FAILURE;
EventMessage msg;
Maybe<WidgetMouseEvent::ExitFrom> exitFrom;
bool contextMenuKey = false;
if (aType.EqualsLiteral("mousedown")) {
msg = eMouseDown;
} else if (aType.EqualsLiteral("mouseup")) {
msg = eMouseUp;
} else if (aType.EqualsLiteral("mousemove")) {
msg = eMouseMove;
} else if (aType.EqualsLiteral("mouseover")) {
msg = eMouseEnterIntoWidget;
} else if (aType.EqualsLiteral("mouseout")) {
msg = eMouseExitFromWidget;
exitFrom = Some(WidgetMouseEvent::ePlatformChild);
} else if (aType.EqualsLiteral("mousecancel")) {
msg = eMouseExitFromWidget;
exitFrom = Some(XRE_IsParentProcess() ? WidgetMouseEvent::ePlatformTopLevel
: WidgetMouseEvent::ePuppet);
} else if (aType.EqualsLiteral("mouselongtap")) {
msg = eMouseLongTap;
} else if (aType.EqualsLiteral("contextmenu")) {
msg = eContextMenu;
contextMenuKey = (aButton == 0);
} else if (aType.EqualsLiteral("MozMouseHittest")) {
msg = eMouseHitTest;
} else if (aType.EqualsLiteral("MozMouseExploreByTouch")) {
msg = eMouseExploreByTouch;
} else {
return NS_ERROR_FAILURE;
}
if (aInputSourceArg == MouseEvent_Binding::MOZ_SOURCE_UNKNOWN) {
aInputSourceArg = MouseEvent_Binding::MOZ_SOURCE_MOUSE;
}
WidgetMouseEvent event(true, msg, widget,
aIsWidgetEventSynthesized
? WidgetMouseEvent::eSynthesized
: WidgetMouseEvent::eReal,
contextMenuKey ? WidgetMouseEvent::eContextMenuKey
: WidgetMouseEvent::eNormal);
event.pointerId = aIdentifier;
event.mModifiers = GetWidgetModifiers(aModifiers);
event.mButton = aButton;
event.mButtons = aButtons != nsIDOMWindowUtils::MOUSE_BUTTONS_NOT_SPECIFIED
? aButtons
: msg == eMouseUp ? 0
: GetButtonsFlagForButton(aButton);
event.mPressure = aPressure;
event.mInputSource = aInputSourceArg;
event.mClickCount = aClickCount;
event.mFlags.mIsSynthesizedForTests = aIsDOMEventSynthesized;
event.mExitFrom = exitFrom;
nsPresContext* presContext = aPresShell->GetPresContext();
if (!presContext) return NS_ERROR_FAILURE;
event.mRefPoint = ToWidgetPoint(CSSPoint(aX, aY), offset, presContext);
event.mIgnoreRootScrollFrame = aIgnoreRootScrollFrame;
nsEventStatus status = nsEventStatus_eIgnore;
if (aToWindow) {
RefPtr<PresShell> presShell;
nsView* view =
GetViewToDispatchEvent(presContext, getter_AddRefs(presShell));
if (!presShell || !view) {
return NS_ERROR_FAILURE;
}
return presShell->HandleEvent(view->GetFrame(), &event, false, &status);
}
if (StaticPrefs::test_events_async_enabled()) {
status = widget->DispatchInputEvent(&event).mContentStatus;
} else {
nsresult rv = widget->DispatchEvent(&event, status);
NS_ENSURE_SUCCESS(rv, rv);
}
if (aPreventDefault) {
if (status == nsEventStatus_eConsumeNoDefault) {
if (event.mFlags.mDefaultPreventedByContent) {
*aPreventDefault = PreventDefaultResult::ByContent;
} else {
*aPreventDefault = PreventDefaultResult::ByChrome;
}
} else {
*aPreventDefault = PreventDefaultResult::No;
}
}
return NS_OK;
}
/* static */
void nsContentUtils::FirePageHideEventForFrameLoaderSwap(
nsIDocShellTreeItem* aItem, EventTarget* aChromeEventHandler,
bool aOnlySystemGroup) {
MOZ_DIAGNOSTIC_ASSERT(aItem);
MOZ_DIAGNOSTIC_ASSERT(aChromeEventHandler);
RefPtr<Document> doc = aItem->GetDocument();
NS_ASSERTION(doc, "What happened here?");
doc->OnPageHide(true, aChromeEventHandler, aOnlySystemGroup);
int32_t childCount = 0;
aItem->GetInProcessChildCount(&childCount);
AutoTArray<nsCOMPtr<nsIDocShellTreeItem>, 8> kids;
kids.AppendElements(childCount);
for (int32_t i = 0; i < childCount; ++i) {
aItem->GetInProcessChildAt(i, getter_AddRefs(kids[i]));
}
for (uint32_t i = 0; i < kids.Length(); ++i) {
if (kids[i]) {
FirePageHideEventForFrameLoaderSwap(kids[i], aChromeEventHandler,
aOnlySystemGroup);
}
}
}
// The pageshow event is fired for a given document only if IsShowing() returns
// the same thing as aFireIfShowing. This gives us a way to fire pageshow only
// on documents that are still loading or only on documents that are already
// loaded.
/* static */
void nsContentUtils::FirePageShowEventForFrameLoaderSwap(
nsIDocShellTreeItem* aItem, EventTarget* aChromeEventHandler,
bool aFireIfShowing, bool aOnlySystemGroup) {
int32_t childCount = 0;
aItem->GetInProcessChildCount(&childCount);
AutoTArray<nsCOMPtr<nsIDocShellTreeItem>, 8> kids;
kids.AppendElements(childCount);
for (int32_t i = 0; i < childCount; ++i) {
aItem->GetInProcessChildAt(i, getter_AddRefs(kids[i]));
}
for (uint32_t i = 0; i < kids.Length(); ++i) {
if (kids[i]) {
FirePageShowEventForFrameLoaderSwap(kids[i], aChromeEventHandler,
aFireIfShowing, aOnlySystemGroup);
}
}
RefPtr<Document> doc = aItem->GetDocument();
if (doc && doc->IsShowing() == aFireIfShowing) {
doc->OnPageShow(true, aChromeEventHandler, aOnlySystemGroup);
}
}
/* static */
already_AddRefed<nsPIWindowRoot> nsContentUtils::GetWindowRoot(Document* aDoc) {
if (aDoc) {
if (nsPIDOMWindowOuter* win = aDoc->GetWindow()) {
return win->GetTopWindowRoot();
}
}
return nullptr;
}
/* static */
bool nsContentUtils::LinkContextIsURI(const nsAString& aAnchor,
nsIURI* aDocURI) {
if (aAnchor.IsEmpty()) {
// anchor parameter not present or empty -> same document reference
return true;
}
// the document URI might contain a fragment identifier ("#...')
// we want to ignore that because it's invisible to the server
// and just affects the local interpretation in the recipient
nsCOMPtr<nsIURI> contextUri;
nsresult rv = NS_GetURIWithoutRef(aDocURI, getter_AddRefs(contextUri));
if (NS_FAILED(rv)) {
// copying failed
return false;
}
// resolve anchor against context
nsCOMPtr<nsIURI> resolvedUri;
rv = NS_NewURI(getter_AddRefs(resolvedUri), aAnchor, nullptr, contextUri);
if (NS_FAILED(rv)) {
// resolving failed
return false;
}
bool same;
rv = contextUri->Equals(resolvedUri, &same);
if (NS_FAILED(rv)) {
// comparison failed
return false;
}
return same;
}
/* static */
bool nsContentUtils::IsPreloadType(nsContentPolicyType aType) {
return (aType == nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD ||
aType == nsIContentPolicy::TYPE_INTERNAL_MODULE_PRELOAD ||
aType == nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD ||
aType == nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD ||
aType == nsIContentPolicy::TYPE_INTERNAL_FONT_PRELOAD ||
aType == nsIContentPolicy::TYPE_INTERNAL_FETCH_PRELOAD);
}
// static
ReferrerPolicy nsContentUtils::GetReferrerPolicyFromChannel(
nsIChannel* aChannel) {
nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel);
if (!httpChannel) {
return ReferrerPolicy::_empty;
}
nsresult rv;
nsAutoCString headerValue;
rv = httpChannel->GetResponseHeader("referrer-policy"_ns, headerValue);
if (NS_FAILED(rv) || headerValue.IsEmpty()) {
return ReferrerPolicy::_empty;
}
return ReferrerInfo::ReferrerPolicyFromHeaderString(
NS_ConvertUTF8toUTF16(headerValue));
}
// static
bool nsContentUtils::IsNonSubresourceRequest(nsIChannel* aChannel) {
nsLoadFlags loadFlags = 0;
aChannel->GetLoadFlags(&loadFlags);
if (loadFlags & nsIChannel::LOAD_DOCUMENT_URI) {
return true;
}
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
nsContentPolicyType type = loadInfo->InternalContentPolicyType();
return IsNonSubresourceInternalPolicyType(type);
}
// static
bool nsContentUtils::IsNonSubresourceInternalPolicyType(
nsContentPolicyType aType) {
return aType == nsIContentPolicy::TYPE_DOCUMENT ||
aType == nsIContentPolicy::TYPE_INTERNAL_IFRAME ||
aType == nsIContentPolicy::TYPE_INTERNAL_FRAME ||
aType == nsIContentPolicy::TYPE_INTERNAL_WORKER ||
aType == nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER;
}
// static public
bool nsContentUtils::IsThirdPartyTrackingResourceWindow(
nsPIDOMWindowInner* aWindow) {
MOZ_ASSERT(aWindow);
Document* document = aWindow->GetExtantDoc();
if (!document) {
return false;
}
nsCOMPtr<nsIClassifiedChannel> classifiedChannel =
do_QueryInterface(document->GetChannel());
if (!classifiedChannel) {
return false;
}
return classifiedChannel->IsThirdPartyTrackingResource();
}
// static public
bool nsContentUtils::IsFirstPartyTrackingResourceWindow(
nsPIDOMWindowInner* aWindow) {
MOZ_ASSERT(aWindow);
Document* document = aWindow->GetExtantDoc();
if (!document) {
return false;
}
nsCOMPtr<nsIClassifiedChannel> classifiedChannel =
do_QueryInterface(document->GetChannel());
if (!classifiedChannel) {
return false;
}
uint32_t classificationFlags =
classifiedChannel->GetFirstPartyClassificationFlags();
return mozilla::net::UrlClassifierCommon::IsTrackingClassificationFlag(
classificationFlags, NS_UsePrivateBrowsing(document->GetChannel()));
}
namespace {
// We put StringBuilder in the anonymous namespace to prevent anything outside
// this file from accidentally being linked against it.
class BulkAppender {
using size_type = typename nsAString::size_type;
public:
explicit BulkAppender(BulkWriteHandle<char16_t>&& aHandle)
: mHandle(std::move(aHandle)), mPosition(0) {}
~BulkAppender() = default;
template <int N>
void AppendLiteral(const char16_t (&aStr)[N]) {
size_t len = N - 1;
MOZ_ASSERT(mPosition + len <= mHandle.Length());
memcpy(mHandle.Elements() + mPosition, aStr, len * sizeof(char16_t));
mPosition += len;
}
void Append(Span<const char16_t> aStr) {
size_t len = aStr.Length();
MOZ_ASSERT(mPosition + len <= mHandle.Length());
// Both mHandle.Elements() and aStr.Elements() are guaranteed
// to be non-null (by the string implementation and by Span,
// respectively), so not checking the pointers for null before
// memcpy does not lead to UB even if len was zero.
memcpy(mHandle.Elements() + mPosition, aStr.Elements(),
len * sizeof(char16_t));
mPosition += len;
}
void Append(Span<const char> aStr) {
size_t len = aStr.Length();
MOZ_ASSERT(mPosition + len <= mHandle.Length());
ConvertLatin1toUtf16(aStr, mHandle.AsSpan().From(mPosition));
mPosition += len;
}
void Finish() { mHandle.Finish(mPosition, false); }
private:
BulkWriteHandle<char16_t> mHandle;
size_type mPosition;
};
class StringBuilder {
private:
class Unit {
public:
Unit() : mAtom(nullptr) { MOZ_COUNT_CTOR(StringBuilder::Unit); }
~Unit() {
if (mType == Type::String || mType == Type::StringWithEncode) {
mString.~nsString();
}
MOZ_COUNT_DTOR(StringBuilder::Unit);
}
enum class Type : uint8_t {
Unknown,
Atom,
String,
StringWithEncode,
Literal,
TextFragment,
TextFragmentWithEncode,
};
struct LiteralSpan {
const char16_t* mData;
uint32_t mLength;
Span<const char16_t> AsSpan() { return Span(mData, mLength); }
};
union {
nsAtom* mAtom;
LiteralSpan mLiteral;
nsString mString;
const nsTextFragment* mTextFragment;
};
Type mType = Type::Unknown;
};
static_assert(sizeof(void*) != 8 || sizeof(Unit) <= 3 * sizeof(void*),
"Unit should remain small");
public:
// Try to keep the size of StringBuilder close to a jemalloc bucket size (the
// 16kb one in this case).
static constexpr uint32_t TARGET_SIZE = 16 * 1024;
// The number of units we need to remove from the inline buffer so that the
// rest of the builder members fit. A more precise approach would be to
// calculate that extra size and use (TARGET_SIZE - OTHER_SIZE) / sizeof(Unit)
// or so, but this is simpler.
static constexpr uint32_t PADDING_UNITS = sizeof(void*) == 8 ? 1 : 2;
static constexpr uint32_t STRING_BUFFER_UNITS =
TARGET_SIZE / sizeof(Unit) - PADDING_UNITS;
StringBuilder() : mLast(this), mLength(0) { MOZ_COUNT_CTOR(StringBuilder); }
MOZ_COUNTED_DTOR(StringBuilder)
void Append(nsAtom* aAtom) {
Unit* u = AddUnit();
u->mAtom = aAtom;
u->mType = Unit::Type::Atom;
uint32_t len = aAtom->GetLength();
mLength += len;
}
template <int N>
void Append(const char16_t (&aLiteral)[N]) {
constexpr uint32_t len = N - 1;
Unit* u = AddUnit();
u->mLiteral = {aLiteral, len};
u->mType = Unit::Type::Literal;
mLength += len;
}
void Append(nsString&& aString) {
Unit* u = AddUnit();
uint32_t len = aString.Length();
new (&u->mString) nsString(std::move(aString));
u->mType = Unit::Type::String;
mLength += len;
}
// aLen can be !isValid(), which will get propagated into mLength.
void AppendWithAttrEncode(nsString&& aString, CheckedInt<uint32_t> aLen) {
Unit* u = AddUnit();
new (&u->mString) nsString(std::move(aString));
u->mType = Unit::Type::StringWithEncode;
mLength += aLen;
}
void Append(const nsTextFragment* aTextFragment) {
Unit* u = AddUnit();
u->mTextFragment = aTextFragment;
u->mType = Unit::Type::TextFragment;
uint32_t len = aTextFragment->GetLength();
mLength += len;
}
// aLen can be !isValid(), which will get propagated into mLength.
void AppendWithEncode(const nsTextFragment* aTextFragment,
CheckedInt<uint32_t> aLen) {
Unit* u = AddUnit();
u->mTextFragment = aTextFragment;
u->mType = Unit::Type::TextFragmentWithEncode;
mLength += aLen;
}
bool ToString(nsAString& aOut) {
if (!mLength.isValid()) {
return false;
}
auto appenderOrErr = aOut.BulkWrite(mLength.value(), 0, true);
if (appenderOrErr.isErr()) {
return false;
}
BulkAppender appender{appenderOrErr.unwrap()};
for (StringBuilder* current = this; current;
current = current->mNext.get()) {
uint32_t len = current->mUnits.Length();
for (uint32_t i = 0; i < len; ++i) {
Unit& u = current->mUnits[i];
switch (u.mType) {
case Unit::Type::Atom:
appender.Append(*(u.mAtom));
break;
case Unit::Type::String:
appender.Append(u.mString);
break;
case Unit::Type::StringWithEncode:
EncodeAttrString(u.mString, appender);
break;
case Unit::Type::Literal:
appender.Append(u.mLiteral.AsSpan());
break;
case Unit::Type::TextFragment:
if (u.mTextFragment->Is2b()) {
appender.Append(
Span(u.mTextFragment->Get2b(), u.mTextFragment->GetLength()));
} else {
appender.Append(
Span(u.mTextFragment->Get1b(), u.mTextFragment->GetLength()));
}
break;
case Unit::Type::TextFragmentWithEncode:
if (u.mTextFragment->Is2b()) {
EncodeTextFragment(
Span(u.mTextFragment->Get2b(), u.mTextFragment->GetLength()),
appender);
} else {
EncodeTextFragment(
Span(u.mTextFragment->Get1b(), u.mTextFragment->GetLength()),
appender);
}
break;
default:
MOZ_CRASH("Unknown unit type?");
}
}
}
appender.Finish();
return true;
}
private:
Unit* AddUnit() {
if (mLast->mUnits.Length() == STRING_BUFFER_UNITS) {
new StringBuilder(this);
}
return mLast->mUnits.AppendElement();
}
explicit StringBuilder(StringBuilder* aFirst) : mLast(nullptr), mLength(0) {
MOZ_COUNT_CTOR(StringBuilder);
aFirst->mLast->mNext = WrapUnique(this);
aFirst->mLast = this;
}
void EncodeAttrString(Span<const char16_t> aStr, BulkAppender& aAppender) {
size_t flushedUntil = 0;
size_t currentPosition = 0;
for (char16_t c : aStr) {
switch (c) {
case '"':
aAppender.Append(aStr.FromTo(flushedUntil, currentPosition));
aAppender.AppendLiteral(u"&quot;");
flushedUntil = currentPosition + 1;
break;
case '&':
aAppender.Append(aStr.FromTo(flushedUntil, currentPosition));
aAppender.AppendLiteral(u"&amp;");
flushedUntil = currentPosition + 1;
break;
case 0x00A0:
aAppender.Append(aStr.FromTo(flushedUntil, currentPosition));
aAppender.AppendLiteral(u"&nbsp;");
flushedUntil = currentPosition + 1;
break;
default:
break;
}
currentPosition++;
}
if (currentPosition > flushedUntil) {
aAppender.Append(aStr.FromTo(flushedUntil, currentPosition));
}
}
template <class T>
void EncodeTextFragment(Span<const T> aStr, BulkAppender& aAppender) {
size_t flushedUntil = 0;
size_t currentPosition = 0;
for (T c : aStr) {
switch (c) {
case '<':
aAppender.Append(aStr.FromTo(flushedUntil, currentPosition));
aAppender.AppendLiteral(u"&lt;");
flushedUntil = currentPosition + 1;
break;
case '>':
aAppender.Append(aStr.FromTo(flushedUntil, currentPosition));
aAppender.AppendLiteral(u"&gt;");
flushedUntil = currentPosition + 1;
break;
case '&':
aAppender.Append(aStr.FromTo(flushedUntil, currentPosition));
aAppender.AppendLiteral(u"&amp;");
flushedUntil = currentPosition + 1;
break;
case T(0xA0):
aAppender.Append(aStr.FromTo(flushedUntil, currentPosition));
aAppender.AppendLiteral(u"&nbsp;");
flushedUntil = currentPosition + 1;
break;
default:
break;
}
currentPosition++;
}
if (currentPosition > flushedUntil) {
aAppender.Append(aStr.FromTo(flushedUntil, currentPosition));
}
}
AutoTArray<Unit, STRING_BUFFER_UNITS> mUnits;
UniquePtr<StringBuilder> mNext;
StringBuilder* mLast;
// mLength is used only in the first StringBuilder object in the linked list.
CheckedInt<uint32_t> mLength;
};
static_assert(sizeof(StringBuilder) <= StringBuilder::TARGET_SIZE,
"StringBuilder should fit in the target bucket");
} // namespace
static void AppendEncodedCharacters(const nsTextFragment* aText,
StringBuilder& aBuilder) {
uint32_t numEncodedChars = 0;
uint32_t len = aText->GetLength();
if (aText->Is2b()) {
const char16_t* data = aText->Get2b();
for (uint32_t i = 0; i < len; ++i) {
const char16_t c = data[i];
switch (c) {
case '<':
case '>':
case '&':
case 0x00A0:
++numEncodedChars;
break;
default:
break;
}
}
} else {
const char* data = aText->Get1b();
for (uint32_t i = 0; i < len; ++i) {
const unsigned char c = data[i];
switch (c) {
case '<':
case '>':
case '&':
case 0x00A0:
++numEncodedChars;
break;
default:
break;
}
}
}
if (numEncodedChars) {
// For simplicity, conservatively estimate the size of the string after
// encoding. This will result in reserving more memory than we actually
// need, but that should be fine unless the string has an enormous number of
// eg < in it. We subtract 1 for the null terminator, then 1 more for the
// existing character that will be replaced.
constexpr uint32_t maxCharExtraSpace =
std::max({ArrayLength("&lt;"), ArrayLength("&gt;"),
ArrayLength("&amp;"), ArrayLength("&nbsp;")}) -
2;
static_assert(maxCharExtraSpace < 100, "Possible underflow");
CheckedInt<uint32_t> maxExtraSpace =
CheckedInt<uint32_t>(numEncodedChars) * maxCharExtraSpace;
aBuilder.AppendWithEncode(aText, maxExtraSpace + len);
} else {
aBuilder.Append(aText);
}
}
static CheckedInt<uint32_t> ExtraSpaceNeededForAttrEncoding(
const nsAString& aValue) {
const char16_t* c = aValue.BeginReading();
const char16_t* end = aValue.EndReading();
uint32_t numEncodedChars = 0;
while (c < end) {
switch (*c) {
case '"':
case '&':
case 0x00A0:
++numEncodedChars;
break;
default:
break;
}
++c;
}
if (!numEncodedChars) {
return 0;
}
// For simplicity, conservatively estimate the size of the string after
// encoding. This will result in reserving more memory than we actually
// need, but that should be fine unless the string has an enormous number of
// & in it. We subtract 1 for the null terminator, then 1 more for the
// existing character that will be replaced.
constexpr uint32_t maxCharExtraSpace =
std::max({ArrayLength("&quot;"), ArrayLength("&amp;"),
ArrayLength("&nbsp;")}) -
2;
static_assert(maxCharExtraSpace < 100, "Possible underflow");
return CheckedInt<uint32_t>(numEncodedChars) * maxCharExtraSpace;
}
static void AppendEncodedAttributeValue(const nsAttrValue& aValue,
StringBuilder& aBuilder) {
if (nsAtom* atom = aValue.GetStoredAtom()) {
nsDependentAtomString atomStr(atom);
auto space = ExtraSpaceNeededForAttrEncoding(atomStr);
if (space.isValid() && !space.value()) {
aBuilder.Append(atom);
} else {
aBuilder.AppendWithAttrEncode(nsString(atomStr),
space + atomStr.Length());
}
return;
}
// NOTE(emilio): In most cases this will just be a reference to the stored
// nsStringBuffer.
nsString str;
aValue.ToString(str);
auto space = ExtraSpaceNeededForAttrEncoding(str);
if (!space.isValid() || space.value()) {
aBuilder.AppendWithAttrEncode(std::move(str), space + str.Length());
} else {
aBuilder.Append(std::move(str));
}
}
static void StartElement(Element* aElement, StringBuilder& aBuilder) {
nsAtom* localName = aElement->NodeInfo()->NameAtom();
const int32_t tagNS = aElement->GetNameSpaceID();
aBuilder.Append(u"<");
if (tagNS == kNameSpaceID_XHTML || tagNS == kNameSpaceID_SVG ||
tagNS == kNameSpaceID_MathML) {
aBuilder.Append(localName);
} else {
aBuilder.Append(nsString(aElement->NodeName()));
}
if (CustomElementData* ceData = aElement->GetCustomElementData()) {
nsAtom* isAttr = ceData->GetIs(aElement);
if (isAttr && !aElement->HasAttr(nsGkAtoms::is)) {
aBuilder.Append(uR"( is=")");
aBuilder.Append(isAttr);
aBuilder.Append(uR"(")");
}
}
uint32_t i = 0;
while (BorrowedAttrInfo info = aElement->GetAttrInfoAt(i++)) {
const nsAttrName* name = info.mName;
int32_t attNs = name->NamespaceID();
nsAtom* attName = name->LocalName();
// Filter out any attribute starting with [-|_]moz
// FIXME(emilio): Do we still need this?
nsDependentAtomString attrNameStr(attName);
if (StringBeginsWith(attrNameStr, u"_moz"_ns) ||
StringBeginsWith(attrNameStr, u"-moz"_ns)) {
continue;
}
aBuilder.Append(u" ");
if (MOZ_LIKELY(attNs == kNameSpaceID_None) ||
(attNs == kNameSpaceID_XMLNS && attName == nsGkAtoms::xmlns)) {
// Nothing else required
} else if (attNs == kNameSpaceID_XML) {
aBuilder.Append(u"xml:");
} else if (attNs == kNameSpaceID_XMLNS) {
aBuilder.Append(u"xmlns:");
} else if (attNs == kNameSpaceID_XLink) {
aBuilder.Append(u"xlink:");
} else if (nsAtom* prefix = name->GetPrefix()) {
aBuilder.Append(prefix);
aBuilder.Append(u":");
}
aBuilder.Append(attName);
aBuilder.Append(uR"(=")");
AppendEncodedAttributeValue(*info.mValue, aBuilder);
aBuilder.Append(uR"(")");
}
aBuilder.Append(u">");
/*
// Per HTML spec we should append one \n if the first child of
// pre/textarea/listing is a textnode and starts with a \n.
// But because browsers haven't traditionally had that behavior,
// we're not changing our behavior either - yet.
if (aContent->IsHTMLElement()) {
if (localName == nsGkAtoms::pre || localName == nsGkAtoms::textarea ||
localName == nsGkAtoms::listing) {
nsIContent* fc = aContent->GetFirstChild();
if (fc &&
(fc->NodeType() == nsINode::TEXT_NODE ||
fc->NodeType() == nsINode::CDATA_SECTION_NODE)) {
const nsTextFragment* text = fc->GetText();
if (text && text->GetLength() && text->CharAt(0) == char16_t('\n')) {
aBuilder.Append("\n");
}
}
}
}*/
}
static inline bool ShouldEscape(nsIContent* aParent) {
if (!aParent || !aParent->IsHTMLElement()) {
return true;
}
static const nsAtom* nonEscapingElements[] = {
nsGkAtoms::style, nsGkAtoms::script, nsGkAtoms::xmp,
nsGkAtoms::iframe, nsGkAtoms::noembed, nsGkAtoms::noframes,
nsGkAtoms::plaintext, nsGkAtoms::noscript};
static mozilla::BitBloomFilter<12, nsAtom> sFilter;
static bool sInitialized = false;
if (!sInitialized) {
sInitialized = true;
for (auto& nonEscapingElement : nonEscapingElements) {
sFilter.add(nonEscapingElement);
}
}
nsAtom* tag = aParent->NodeInfo()->NameAtom();
if (sFilter.mightContain(tag)) {
for (auto& nonEscapingElement : nonEscapingElements) {
if (tag == nonEscapingElement) {
if (MOZ_UNLIKELY(tag == nsGkAtoms::noscript) &&
MOZ_UNLIKELY(!aParent->OwnerDoc()->IsScriptEnabled())) {
return true;
}
return false;
}
}
}
return true;
}
static inline bool IsVoidTag(Element* aElement) {
if (!aElement->IsHTMLElement()) {
return false;
}
return FragmentOrElement::IsHTMLVoid(aElement->NodeInfo()->NameAtom());
}
bool nsContentUtils::SerializeNodeToMarkup(nsINode* aRoot,
bool aDescendantsOnly,
nsAString& aOut) {
// If you pass in a DOCUMENT_NODE, you must pass aDescendentsOnly as true
MOZ_ASSERT(aDescendantsOnly || aRoot->NodeType() != nsINode::DOCUMENT_NODE);
nsINode* current =
aDescendantsOnly ? aRoot->GetFirstChildOfTemplateOrNode() : aRoot;
if (!current) {
return true;
}
StringBuilder builder;
nsIContent* next;
while (true) {
bool isVoid = false;
switch (current->NodeType()) {
case nsINode::ELEMENT_NODE: {
Element* elem = current->AsElement();
StartElement(elem, builder);
isVoid = IsVoidTag(elem);
if (!isVoid && (next = current->GetFirstChildOfTemplateOrNode())) {
current = next;
continue;
}
break;
}
case nsINode::TEXT_NODE:
case nsINode::CDATA_SECTION_NODE: {
const nsTextFragment* text = &current->AsText()->TextFragment();
nsIContent* parent = current->GetParent();
if (ShouldEscape(parent)) {
AppendEncodedCharacters(text, builder);
} else {
builder.Append(text);
}
break;
}
case nsINode::COMMENT_NODE: {
builder.Append(u"<!--");
builder.Append(static_cast<nsIContent*>(current)->GetText());
builder.Append(u"-->");
break;
}
case nsINode::DOCUMENT_TYPE_NODE: {
builder.Append(u"<!DOCTYPE ");
builder.Append(nsString(current->NodeName()));
builder.Append(u">");
break;
}
case nsINode::PROCESSING_INSTRUCTION_NODE: {
builder.Append(u"<?");
builder.Append(nsString(current->NodeName()));
builder.Append(u" ");
builder.Append(static_cast<nsIContent*>(current)->GetText());
builder.Append(u">");
break;
}
}
while (true) {
if (!isVoid && current->NodeType() == nsINode::ELEMENT_NODE) {
builder.Append(u"</");
nsIContent* elem = static_cast<nsIContent*>(current);
if (elem->IsHTMLElement() || elem->IsSVGElement() ||
elem->IsMathMLElement()) {
builder.Append(elem->NodeInfo()->NameAtom());
} else {
builder.Append(nsString(current->NodeName()));
}
builder.Append(u">");
}
isVoid = false;
if (current == aRoot) {
return builder.ToString(aOut);
}
if ((next = current->GetNextSibling())) {
current = next;
break;
}
current = current->GetParentNode();
// Handle template element. If the parent is a template's content,
// then adjust the parent to be the template element.
if (current != aRoot &&
current->NodeType() == nsINode::DOCUMENT_FRAGMENT_NODE) {
DocumentFragment* frag = static_cast<DocumentFragment*>(current);
nsIContent* fragHost = frag->GetHost();
if (fragHost && fragHost->IsTemplateElement()) {
current = fragHost;
}
}
if (aDescendantsOnly && current == aRoot) {
return builder.ToString(aOut);
}
}
}
}
bool nsContentUtils::IsSpecificAboutPage(JSObject* aGlobal, const char* aUri) {
// aUri must start with about: or this isn't the right function to be using.
MOZ_ASSERT(strncmp(aUri, "about:", 6) == 0);
// Make sure the global is a window
MOZ_DIAGNOSTIC_ASSERT(JS_IsGlobalObject(aGlobal));
nsGlobalWindowInner* win = xpc::WindowOrNull(aGlobal);
if (!win) {
return false;
}
nsCOMPtr<nsIPrincipal> principal = win->GetPrincipal();
NS_ENSURE_TRUE(principal, false);
// First check the scheme to avoid getting long specs in the common case.
if (!principal->SchemeIs("about")) {
return false;
}
nsAutoCString spec;
principal->GetAsciiSpec(spec);
return spec.EqualsASCII(aUri);
}
/* static */
void nsContentUtils::SetScrollbarsVisibility(nsIDocShell* aDocShell,
bool aVisible) {
if (!aDocShell) {
return;
}
auto pref = aVisible ? ScrollbarPreference::Auto : ScrollbarPreference::Never;
nsDocShell::Cast(aDocShell)->SetScrollbarPreference(pref);
}
/* static */
nsIDocShell* nsContentUtils::GetDocShellForEventTarget(EventTarget* aTarget) {
if (!aTarget) {
return nullptr;
}
nsCOMPtr<nsPIDOMWindowInner> innerWindow;
if (nsCOMPtr<nsINode> node = nsINode::FromEventTarget(aTarget)) {
bool ignore;
innerWindow =
do_QueryInterface(node->OwnerDoc()->GetScriptHandlingObject(ignore));
} else if ((innerWindow = nsPIDOMWindowInner::FromEventTarget(aTarget))) {
// Nothing else to do
} else {
nsCOMPtr<DOMEventTargetHelper> helper = do_QueryInterface(aTarget);
if (helper) {
innerWindow = helper->GetOwner();
}
}
if (innerWindow) {
return innerWindow->GetDocShell();
}
return nullptr;
}
/*
* Note: this function only relates to figuring out HTTPS state, which is an
* input to the Secure Context algorithm. We are not actually implementing any
* part of the Secure Context algorithm itself here.
*
* This is a bit of a hack. Ideally we'd propagate HTTPS state through
* nsIChannel as described in the Fetch and HTML specs, but making channels
* know about whether they should inherit HTTPS state, propagating information
* about who the channel's "client" is, exposing GetHttpsState API on channels
* and modifying the various cache implementations to store and retrieve HTTPS
* state involves a huge amount of code (see bug 1220687). We avoid that for
* now using this function.
*
* This function takes advantage of the observation that we can return true if
* nsIContentSecurityManager::IsOriginPotentiallyTrustworthy returns true for
* the document's origin (e.g. the origin has a scheme of 'https' or host
* 'localhost' etc.). Since we generally propagate a creator document's origin
* onto data:, blob:, etc. documents, this works for them too.
*
* The scenario where this observation breaks down is sandboxing without the
* 'allow-same-origin' flag, since in this case a document is given a unique
* origin (IsOriginPotentiallyTrustworthy would return false). We handle that
* by using the origin that the document would have had had it not been
* sandboxed.
*
* DEFICIENCIES: Note that this function uses nsIScriptSecurityManager's
* getChannelResultPrincipalIfNotSandboxed, and that method's ignoring of
* sandboxing is limited to the immediate sandbox. In the case that aDocument
* should inherit its origin (e.g. data: URI) but its parent has ended up
* with a unique origin due to sandboxing further up the parent chain we may
* end up returning false when we would ideally return true (since we will
* examine the parent's origin for 'https' and not finding it.) This means
* that we may restrict the privileges of some pages unnecessarily in this
* edge case.
*/
/* static */
bool nsContentUtils::HttpsStateIsModern(Document* aDocument) {
if (!aDocument) {
return false;
}
nsCOMPtr<nsIPrincipal> principal = aDocument->NodePrincipal();
if (principal->IsSystemPrincipal()) {
return true;
}
// If aDocument is sandboxed, try and get the principal that it would have
// been given had it not been sandboxed:
if (principal->GetIsNullPrincipal() &&
(aDocument->GetSandboxFlags() & SANDBOXED_ORIGIN)) {
nsIChannel* channel = aDocument->GetChannel();
if (channel) {
nsCOMPtr<nsIScriptSecurityManager> ssm =
nsContentUtils::GetSecurityManager();
nsresult rv = ssm->GetChannelResultPrincipalIfNotSandboxed(
channel, getter_AddRefs(principal));
if (NS_FAILED(rv)) {
return false;
}
if (principal->IsSystemPrincipal()) {
// If a document with the system principal is sandboxing a subdocument
// that would normally inherit the embedding element's principal (e.g.
// a srcdoc document) then the embedding document does not trust the
// content that is written to the embedded document. Unlike when the
// embedding document is https, in this case we have no indication as
// to whether the embedded document's contents are delivered securely
// or not, and the sandboxing would possibly indicate that they were
// not. To play it safe we return false here. (See bug 1162772
// comment 73-80.)
return false;
}
}
}
if (principal->GetIsNullPrincipal()) {
return false;
}
MOZ_ASSERT(principal->GetIsContentPrincipal());
return principal->GetIsOriginPotentiallyTrustworthy();
}
/* static */
bool nsContentUtils::ComputeIsSecureContext(nsIChannel* aChannel) {
MOZ_ASSERT(aChannel);
nsCOMPtr<nsIScriptSecurityManager> ssm = nsContentUtils::GetSecurityManager();
nsCOMPtr<nsIPrincipal> principal;
nsresult rv = ssm->GetChannelResultPrincipalIfNotSandboxed(
aChannel, getter_AddRefs(principal));
if (NS_FAILED(rv)) {
return false;
}
const RefPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
if (principal->IsSystemPrincipal()) {
// If the load would've been sandboxed, treat this load as an untrusted
// load, as system code considers sandboxed resources insecure.
return !loadInfo->GetLoadingSandboxed();
}
if (principal->GetIsNullPrincipal()) {
return false;
}
if (const RefPtr<WindowContext> windowContext =
WindowContext::GetById(loadInfo->GetInnerWindowID())) {
if (!windowContext->GetIsSecureContext()) {
return false;
}
}
return principal->GetIsOriginPotentiallyTrustworthy();
}
/* static */
void nsContentUtils::TryToUpgradeElement(Element* aElement) {
NodeInfo* nodeInfo = aElement->NodeInfo();
RefPtr<nsAtom> typeAtom =
aElement->GetCustomElementData()->GetCustomElementType();
MOZ_ASSERT(nodeInfo->NameAtom()->Equals(nodeInfo->LocalName()));
CustomElementDefinition* definition =
nsContentUtils::LookupCustomElementDefinition(
nodeInfo->GetDocument(), nodeInfo->NameAtom(),
nodeInfo->NamespaceID(), typeAtom);
if (definition) {
nsContentUtils::EnqueueUpgradeReaction(aElement, definition);
} else {
// Add an unresolved custom element that is a candidate for upgrade when a
// custom element is connected to the document.
nsContentUtils::RegisterUnresolvedElement(aElement, typeAtom);
}
}
MOZ_CAN_RUN_SCRIPT
static void DoCustomElementCreate(Element** aElement, JSContext* aCx,
Document* aDoc, NodeInfo* aNodeInfo,
CustomElementConstructor* aConstructor,
ErrorResult& aRv, FromParser aFromParser) {
JS::Rooted<JS::Value> constructResult(aCx);
aConstructor->Construct(&constructResult, aRv, "Custom Element Create",
CallbackFunction::eRethrowExceptions);
if (aRv.Failed()) {
return;
}
RefPtr<Element> element;
// constructResult is an ObjectValue because construction with a callback
// always forms the return value from a JSObject.
UNWRAP_OBJECT(Element, &constructResult, element);
if (aNodeInfo->NamespaceEquals(kNameSpaceID_XHTML)) {
if (!element || !element->IsHTMLElement()) {
aRv.ThrowTypeError<MSG_DOES_NOT_IMPLEMENT_INTERFACE>("\"this\"",
"HTMLElement");
return;
}
} else {
if (!element || !element->IsXULElement()) {
aRv.ThrowTypeError<MSG_DOES_NOT_IMPLEMENT_INTERFACE>("\"this\"",
"XULElement");
return;
}
}
nsAtom* localName = aNodeInfo->NameAtom();
if (aDoc != element->OwnerDoc() || element->GetParentNode() ||
element->HasChildren() || element->GetAttrCount() ||
element->NodeInfo()->NameAtom() != localName) {
aRv.Throw(NS_ERROR_DOM_NOT_SUPPORTED_ERR);
return;
}
if (element->IsHTMLElement()) {
static_cast<HTMLElement*>(&*element)->InhibitRestoration(
!(aFromParser & FROM_PARSER_NETWORK));
}
element.forget(aElement);
}
/* static */
nsresult nsContentUtils::NewXULOrHTMLElement(
Element** aResult, mozilla::dom::NodeInfo* aNodeInfo,
FromParser aFromParser, nsAtom* aIsAtom,
mozilla::dom::CustomElementDefinition* aDefinition) {
RefPtr<mozilla::dom::NodeInfo> nodeInfo = aNodeInfo;
MOZ_ASSERT(nodeInfo->NamespaceEquals(kNameSpaceID_XHTML) ||
nodeInfo->NamespaceEquals(kNameSpaceID_XUL),
"Can only create XUL or XHTML elements.");
nsAtom* name = nodeInfo->NameAtom();
int32_t tag = eHTMLTag_unknown;
bool isCustomElementName = false;
if (nodeInfo->NamespaceEquals(kNameSpaceID_XHTML)) {
tag = nsHTMLTags::CaseSensitiveAtomTagToId(name);
isCustomElementName =
(tag == eHTMLTag_userdefined &&
nsContentUtils::IsCustomElementName(name, kNameSpaceID_XHTML));
} else { // kNameSpaceID_XUL
if (aIsAtom) {
// Make sure the customized built-in element to be constructed confirms
// to our naming requirement, i.e. [is] must be a dashed name and
// the tag name must not.
// if so, set isCustomElementName to false to kick off all the logics
// that pick up aIsAtom.
if (nsContentUtils::IsNameWithDash(aIsAtom) &&
!nsContentUtils::IsNameWithDash(name)) {
isCustomElementName = false;
} else {
isCustomElementName =
nsContentUtils::IsCustomElementName(name, kNameSpaceID_XUL);
}
} else {
isCustomElementName =
nsContentUtils::IsCustomElementName(name, kNameSpaceID_XUL);
}
}
nsAtom* tagAtom = nodeInfo->NameAtom();
nsAtom* typeAtom = nullptr;
bool isCustomElement = isCustomElementName || aIsAtom;
if (isCustomElement) {
typeAtom = isCustomElementName ? tagAtom : aIsAtom;
}
MOZ_ASSERT_IF(aDefinition, isCustomElement);
// https://dom.spec.whatwg.org/#concept-create-element
// We only handle the "synchronous custom elements flag is set" now.
// For the unset case (e.g. cloning a node), see bug 1319342 for that.
// Step 4.
RefPtr<CustomElementDefinition> definition = aDefinition;
if (isCustomElement && !definition) {
MOZ_ASSERT(nodeInfo->NameAtom()->Equals(nodeInfo->LocalName()));
definition = nsContentUtils::LookupCustomElementDefinition(
nodeInfo->GetDocument(), nodeInfo->NameAtom(), nodeInfo->NamespaceID(),
typeAtom);
}
// It might be a problem that parser synchronously calls constructor, so filed
// bug 1378079 to figure out what we should do for parser case.
if (definition) {
/*
* Synchronous custom elements flag is determined by 3 places in spec,
* 1) create an element for a token, the flag is determined by
* "will execute script" which is not originally created
* for the HTML fragment parsing algorithm.
* 2) createElement and createElementNS, the flag is the same as
* NOT_FROM_PARSER.
* 3) clone a node, our implementation will not go into this function.
* For the unset case which is non-synchronous only applied for
* inner/outerHTML.
*/
bool synchronousCustomElements = aFromParser != dom::FROM_PARSER_FRAGMENT;
// Per discussion in https://github.com/w3c/webcomponents/issues/635,
// use entry global in those places that are called from JS APIs and use the
// node document's global object if it is called from parser.
nsIGlobalObject* global;
if (aFromParser == dom::NOT_FROM_PARSER) {
global = GetEntryGlobal();
// Documents created from the PrototypeDocumentSink always use
// NOT_FROM_PARSER for non-XUL elements. We can get the global from the
// document in that case.
if (!global) {
Document* doc = nodeInfo->GetDocument();
if (doc && doc->LoadedFromPrototype()) {
global = doc->GetScopeObject();
}
}
} else {
global = nodeInfo->GetDocument()->GetScopeObject();
}
if (!global) {
// In browser chrome code, one may have access to a document which doesn't
// have scope object anymore.
return NS_ERROR_FAILURE;
}
AutoAllowLegacyScriptExecution exemption;
AutoEntryScript aes(global, "create custom elements");
JSContext* cx = aes.cx();
ErrorResult rv;
// Step 5.
if (definition->IsCustomBuiltIn()) {
// SetupCustomElement() should be called with an element that don't have
// CustomElementData setup, if not we will hit the assertion in
// SetCustomElementData().
// Built-in element
if (nodeInfo->NamespaceEquals(kNameSpaceID_XHTML)) {
*aResult =
CreateHTMLElement(tag, nodeInfo.forget(), aFromParser).take();
} else {
NS_IF_ADDREF(*aResult = nsXULElement::Construct(nodeInfo.forget()));
}
(*aResult)->SetCustomElementData(MakeUnique<CustomElementData>(typeAtom));
if (synchronousCustomElements) {
CustomElementRegistry::Upgrade(*aResult, definition, rv);
if (rv.MaybeSetPendingException(cx)) {
aes.ReportException();
}
} else {
nsContentUtils::EnqueueUpgradeReaction(*aResult, definition);
}
return NS_OK;
}
// Step 6.1.
if (synchronousCustomElements) {
definition->mPrefixStack.AppendElement(nodeInfo->GetPrefixAtom());
RefPtr<Document> doc = nodeInfo->GetDocument();
DoCustomElementCreate(aResult, cx, doc, nodeInfo,
MOZ_KnownLive(definition->mConstructor), rv,
aFromParser);
if (rv.MaybeSetPendingException(cx)) {
if (nodeInfo->NamespaceEquals(kNameSpaceID_XHTML)) {
NS_IF_ADDREF(*aResult = NS_NewHTMLUnknownElement(nodeInfo.forget(),
aFromParser));
} else {
NS_IF_ADDREF(*aResult = nsXULElement::Construct(nodeInfo.forget()));
}
(*aResult)->SetDefined(false);
}
definition->mPrefixStack.RemoveLastElement();
return NS_OK;
}
// Step 6.2.
if (nodeInfo->NamespaceEquals(kNameSpaceID_XHTML)) {
NS_IF_ADDREF(*aResult =
NS_NewHTMLElement(nodeInfo.forget(), aFromParser));
} else {
NS_IF_ADDREF(*aResult = nsXULElement::Construct(nodeInfo.forget()));
}
(*aResult)->SetCustomElementData(
MakeUnique<CustomElementData>(definition->mType));
nsContentUtils::EnqueueUpgradeReaction(*aResult, definition);
return NS_OK;
}
if (nodeInfo->NamespaceEquals(kNameSpaceID_XHTML)) {
// Per the Custom Element specification, unknown tags that are valid custom
// element names should be HTMLElement instead of HTMLUnknownElement.
if (isCustomElementName) {
NS_IF_ADDREF(*aResult =
NS_NewHTMLElement(nodeInfo.forget(), aFromParser));
} else {
*aResult = CreateHTMLElement(tag, nodeInfo.forget(), aFromParser).take();
}
} else {
NS_IF_ADDREF(*aResult = nsXULElement::Construct(nodeInfo.forget()));
}
if (!*aResult) {
return NS_ERROR_OUT_OF_MEMORY;
}
if (isCustomElement) {
(*aResult)->SetCustomElementData(MakeUnique<CustomElementData>(typeAtom));
nsContentUtils::RegisterCallbackUpgradeElement(*aResult, typeAtom);
}
return NS_OK;
}
CustomElementRegistry* nsContentUtils::GetCustomElementRegistry(
Document* aDoc) {
MOZ_ASSERT(aDoc);
if (!aDoc->GetDocShell()) {
return nullptr;
}
nsPIDOMWindowInner* window = aDoc->GetInnerWindow();
if (!window) {
return nullptr;
}
return window->CustomElements();
}
/* static */
CustomElementDefinition* nsContentUtils::LookupCustomElementDefinition(
Document* aDoc, nsAtom* aNameAtom, uint32_t aNameSpaceID,
nsAtom* aTypeAtom) {
if (aNameSpaceID != kNameSpaceID_XUL && aNameSpaceID != kNameSpaceID_XHTML) {
return nullptr;
}
RefPtr<CustomElementRegistry> registry = GetCustomElementRegistry(aDoc);
if (!registry) {
return nullptr;
}
return registry->LookupCustomElementDefinition(aNameAtom, aNameSpaceID,
aTypeAtom);
}
/* static */
void nsContentUtils::RegisterCallbackUpgradeElement(Element* aElement,
nsAtom* aTypeName) {
MOZ_ASSERT(aElement);
Document* doc = aElement->OwnerDoc();
CustomElementRegistry* registry = GetCustomElementRegistry(doc);
if (registry) {
registry->RegisterCallbackUpgradeElement(aElement, aTypeName);
}
}
/* static */
void nsContentUtils::RegisterUnresolvedElement(Element* aElement,
nsAtom* aTypeName) {
MOZ_ASSERT(aElement);
Document* doc = aElement->OwnerDoc();
CustomElementRegistry* registry = GetCustomElementRegistry(doc);
if (registry) {
registry->RegisterUnresolvedElement(aElement, aTypeName);
}
}
/* static */
void nsContentUtils::UnregisterUnresolvedElement(Element* aElement) {
MOZ_ASSERT(aElement);
nsAtom* typeAtom = aElement->GetCustomElementData()->GetCustomElementType();
Document* doc = aElement->OwnerDoc();
CustomElementRegistry* registry = GetCustomElementRegistry(doc);
if (registry) {
registry->UnregisterUnresolvedElement(aElement, typeAtom);
}
}
/* static */
void nsContentUtils::EnqueueUpgradeReaction(
Element* aElement, CustomElementDefinition* aDefinition) {
MOZ_ASSERT(aElement);
Document* doc = aElement->OwnerDoc();
// No DocGroup means no custom element reactions stack.
if (!doc->GetDocGroup()) {
return;
}
CustomElementReactionsStack* stack =
doc->GetDocGroup()->CustomElementReactionsStack();
stack->EnqueueUpgradeReaction(aElement, aDefinition);
}
/* static */
void nsContentUtils::EnqueueLifecycleCallback(
ElementCallbackType aType, Element* aCustomElement,
const LifecycleCallbackArgs& aArgs, CustomElementDefinition* aDefinition) {
// No DocGroup means no custom element reactions stack.
if (!aCustomElement->OwnerDoc()->GetDocGroup()) {
return;
}
CustomElementRegistry::EnqueueLifecycleCallback(aType, aCustomElement, aArgs,
aDefinition);
}
/* static */
CustomElementFormValue nsContentUtils::ConvertToCustomElementFormValue(
const Nullable<OwningFileOrUSVStringOrFormData>& aState) {
if (aState.IsNull()) {
return void_t{};
}
const auto& state = aState.Value();
if (state.IsFile()) {
RefPtr<BlobImpl> impl = state.GetAsFile()->Impl();
return {std::move(impl)};
}
if (state.IsUSVString()) {
return state.GetAsUSVString();
}
return state.GetAsFormData()->ConvertToCustomElementFormValue();
}
/* static */
Nullable<OwningFileOrUSVStringOrFormData>
nsContentUtils::ExtractFormAssociatedCustomElementValue(
nsIGlobalObject* aGlobal,
const mozilla::dom::CustomElementFormValue& aCEValue) {
MOZ_ASSERT(aGlobal);
OwningFileOrUSVStringOrFormData value;
switch (aCEValue.type()) {
case CustomElementFormValue::TBlobImpl: {
RefPtr<File> file = File::Create(aGlobal, aCEValue.get_BlobImpl());
if (NS_WARN_IF(!file)) {
return {};
}
value.SetAsFile() = file;
} break;
case CustomElementFormValue::TnsString:
value.SetAsUSVString() = aCEValue.get_nsString();
break;
case CustomElementFormValue::TArrayOfFormDataTuple: {
const auto& array = aCEValue.get_ArrayOfFormDataTuple();
auto formData = MakeRefPtr<FormData>();
for (auto i = 0ul; i < array.Length(); ++i) {
const auto& item = array.ElementAt(i);
switch (item.value().type()) {
case FormDataValue::TnsString:
formData->AddNameValuePair(item.name(),
item.value().get_nsString());
break;
case FormDataValue::TBlobImpl: {
auto blobImpl = item.value().get_BlobImpl();
auto* blob = Blob::Create(aGlobal, blobImpl);
formData->AddNameBlobPair(item.name(), blob);
} break;
default:
continue;
}
}
value.SetAsFormData() = formData;
} break;
case CustomElementFormValue::Tvoid_t:
return {};
default:
NS_WARNING("Invalid CustomElementContentData type!");
return {};
}
return value;
}
/* static */
void nsContentUtils::AppendDocumentLevelNativeAnonymousContentTo(
Document* aDocument, nsTArray<nsIContent*>& aElements) {
MOZ_ASSERT(aDocument);
#ifdef DEBUG
size_t oldLength = aElements.Length();
#endif
if (PresShell* presShell = aDocument->GetPresShell()) {
if (nsIFrame* scrollFrame = presShell->GetRootScrollFrame()) {
nsIAnonymousContentCreator* creator = do_QueryFrame(scrollFrame);
MOZ_ASSERT(
creator,
"scroll frame should always implement nsIAnonymousContentCreator");
creator->AppendAnonymousContentTo(aElements, 0);
}
if (nsCanvasFrame* canvasFrame = presShell->GetCanvasFrame()) {
canvasFrame->AppendAnonymousContentTo(aElements, 0);
}
}
#ifdef DEBUG
for (size_t i = oldLength; i < aElements.Length(); i++) {
MOZ_ASSERT(
aElements[i]->GetProperty(nsGkAtoms::docLevelNativeAnonymousContent),
"Someone here has lied, or missed to flag the node");
}
#endif
}
static void AppendNativeAnonymousChildrenFromFrame(nsIFrame* aFrame,
nsTArray<nsIContent*>& aKids,
uint32_t aFlags) {
if (nsIAnonymousContentCreator* ac = do_QueryFrame(aFrame)) {
ac->AppendAnonymousContentTo(aKids, aFlags);
}
}
/* static */
void nsContentUtils::AppendNativeAnonymousChildren(const nsIContent* aContent,
nsTArray<nsIContent*>& aKids,
uint32_t aFlags) {
if (aContent->MayHaveAnonymousChildren()) {
if (nsIFrame* primaryFrame = aContent->GetPrimaryFrame()) {
// NAC created by the element's primary frame.
AppendNativeAnonymousChildrenFromFrame(primaryFrame, aKids, aFlags);
// NAC created by any other non-primary frames for the element.
AutoTArray<nsIFrame::OwnedAnonBox, 8> ownedAnonBoxes;
primaryFrame->AppendOwnedAnonBoxes(ownedAnonBoxes);
for (nsIFrame::OwnedAnonBox& box : ownedAnonBoxes) {
MOZ_ASSERT(box.mAnonBoxFrame->GetContent() == aContent);
AppendNativeAnonymousChildrenFromFrame(box.mAnonBoxFrame, aKids,
aFlags);
}
}
// Get manually created NAC (editor resize handles, etc.).
if (auto nac = static_cast<ManualNACArray*>(
aContent->GetProperty(nsGkAtoms::manualNACProperty))) {
aKids.AppendElements(*nac);
}
}
// The root scroll frame is not the primary frame of the root element.
// Detect and handle this case.
if (!(aFlags & nsIContent::eSkipDocumentLevelNativeAnonymousContent) &&
aContent == aContent->OwnerDoc()->GetRootElement()) {
AppendDocumentLevelNativeAnonymousContentTo(aContent->OwnerDoc(), aKids);
}
}
bool nsContentUtils::IsImageAvailable(nsIContent* aLoadingNode, nsIURI* aURI,
nsIPrincipal* aDefaultTriggeringPrincipal,
CORSMode aCORSMode) {
nsCOMPtr<nsIPrincipal> triggeringPrincipal;
QueryTriggeringPrincipal(aLoadingNode, aDefaultTriggeringPrincipal,
getter_AddRefs(triggeringPrincipal));
MOZ_ASSERT(triggeringPrincipal);
Document* doc = aLoadingNode->OwnerDoc();
return IsImageAvailable(aURI, triggeringPrincipal, aCORSMode, doc);
}
bool nsContentUtils::IsImageAvailable(nsIURI* aURI,
nsIPrincipal* aTriggeringPrincipal,
CORSMode aCORSMode, Document* aDoc) {
imgLoader* imgLoader = GetImgLoaderForDocument(aDoc);
return imgLoader->IsImageAvailable(aURI, aTriggeringPrincipal, aCORSMode,
aDoc);
}
/* static */
bool nsContentUtils::QueryTriggeringPrincipal(
nsIContent* aLoadingNode, nsIPrincipal* aDefaultPrincipal,
nsIPrincipal** aTriggeringPrincipal) {
MOZ_ASSERT(aLoadingNode);
MOZ_ASSERT(aTriggeringPrincipal);
bool result = false;
nsCOMPtr<nsIPrincipal> loadingPrincipal = aDefaultPrincipal;
if (!loadingPrincipal) {
loadingPrincipal = aLoadingNode->NodePrincipal();
}
// If aLoadingNode is content, bail out early.
if (!aLoadingNode->NodePrincipal()->IsSystemPrincipal()) {
loadingPrincipal.forget(aTriggeringPrincipal);
return result;
}
nsAutoString loadingStr;
if (aLoadingNode->IsElement()) {
aLoadingNode->AsElement()->GetAttr(
kNameSpaceID_None, nsGkAtoms::triggeringprincipal, loadingStr);
}
// Fall back if 'triggeringprincipal' isn't specified,
if (loadingStr.IsEmpty()) {
loadingPrincipal.forget(aTriggeringPrincipal);
return result;
}
nsCString binary;
nsCOMPtr<nsIPrincipal> serializedPrin =
BasePrincipal::FromJSON(NS_ConvertUTF16toUTF8(loadingStr));
if (serializedPrin) {
result = true;
serializedPrin.forget(aTriggeringPrincipal);
}
if (!result) {
// Fallback if the deserialization is failed.
loadingPrincipal.forget(aTriggeringPrincipal);
}
return result;
}
/* static */
void nsContentUtils::GetContentPolicyTypeForUIImageLoading(
nsIContent* aLoadingNode, nsIPrincipal** aTriggeringPrincipal,
nsContentPolicyType& aContentPolicyType, uint64_t* aRequestContextID) {
MOZ_ASSERT(aRequestContextID);
bool result = QueryTriggeringPrincipal(aLoadingNode, aTriggeringPrincipal);
if (result) {
// Set the content policy type to TYPE_INTERNAL_IMAGE_FAVICON for
// indicating it's a favicon loading.
aContentPolicyType = nsIContentPolicy::TYPE_INTERNAL_IMAGE_FAVICON;
nsAutoString requestContextID;
if (aLoadingNode->IsElement()) {
aLoadingNode->AsElement()->GetAttr(
kNameSpaceID_None, nsGkAtoms::requestcontextid, requestContextID);
}
nsresult rv;
int64_t val = requestContextID.ToInteger64(&rv);
*aRequestContextID = NS_SUCCEEDED(rv) ? val : 0;
} else {
aContentPolicyType = nsIContentPolicy::TYPE_INTERNAL_IMAGE;
}
}
/* static */
nsresult nsContentUtils::CreateJSValueFromSequenceOfObject(
JSContext* aCx, const Sequence<JSObject*>& aTransfer,
JS::MutableHandle<JS::Value> aValue) {
if (aTransfer.IsEmpty()) {
return NS_OK;
}
JS::Rooted<JSObject*> array(aCx, JS::NewArrayObject(aCx, aTransfer.Length()));
if (!array) {
return NS_ERROR_OUT_OF_MEMORY;
}
for (uint32_t i = 0; i < aTransfer.Length(); ++i) {
JS::Rooted<JSObject*> object(aCx, aTransfer[i]);
if (!object) {
continue;
}
if (NS_WARN_IF(
!JS_DefineElement(aCx, array, i, object, JSPROP_ENUMERATE))) {
return NS_ERROR_OUT_OF_MEMORY;
}
}
aValue.setObject(*array);
return NS_OK;
}
/* static */
void nsContentUtils::StructuredClone(JSContext* aCx, nsIGlobalObject* aGlobal,
JS::Handle<JS::Value> aValue,
const StructuredSerializeOptions& aOptions,
JS::MutableHandle<JS::Value> aRetval,
ErrorResult& aError) {
JS::Rooted<JS::Value> transferArray(aCx, JS::UndefinedValue());
aError = nsContentUtils::CreateJSValueFromSequenceOfObject(
aCx, aOptions.mTransfer, &transferArray);
if (NS_WARN_IF(aError.Failed())) {
return;
}
JS::CloneDataPolicy clonePolicy;
// We are definitely staying in the same agent cluster.
clonePolicy.allowIntraClusterClonableSharedObjects();
if (aGlobal->IsSharedMemoryAllowed()) {
clonePolicy.allowSharedMemoryObjects();
}
StructuredCloneHolder holder(StructuredCloneHolder::CloningSupported,
StructuredCloneHolder::TransferringSupported,
JS::StructuredCloneScope::SameProcess);
holder.Write(aCx, aValue, transferArray, clonePolicy, aError);
if (NS_WARN_IF(aError.Failed())) {
return;
}
holder.Read(aGlobal, aCx, aRetval, clonePolicy, aError);
if (NS_WARN_IF(aError.Failed())) {
return;
}
nsTArray<RefPtr<MessagePort>> ports = holder.TakeTransferredPorts();
Unused << ports;
}
/* static */
bool nsContentUtils::ShouldBlockReservedKeys(WidgetKeyboardEvent* aKeyEvent) {
nsCOMPtr<nsIPrincipal> principal;
RefPtr<Element> targetElement =
Element::FromEventTargetOrNull(aKeyEvent->mOriginalTarget);
nsCOMPtr<nsIBrowser> targetBrowser;
if (targetElement) {
targetBrowser = targetElement->AsBrowser();
}
bool isRemoteBrowser = false;
if (targetBrowser) {
targetBrowser->GetIsRemoteBrowser(&isRemoteBrowser);
}
if (isRemoteBrowser) {
targetBrowser->GetContentPrincipal(getter_AddRefs(principal));
return principal ? nsContentUtils::IsSitePermDeny(principal, "shortcuts"_ns)
: false;
}
if (targetElement) {
Document* doc = targetElement->GetUncomposedDoc();
if (doc) {
RefPtr<WindowContext> wc = doc->GetWindowContext();
if (wc) {
return wc->TopWindowContext()->GetShortcutsPermission() ==
nsIPermissionManager::DENY_ACTION;
}
}
}
return false;
}
/**
* Checks whether the given type is a supported document type for
* loading within the nsObjectLoadingContent specified by aContent.
*
* NOTE Helper method for nsContentUtils::HtmlObjectContentTypeForMIMEType.
* NOTE Does not take content policy or capabilities into account
*/
static bool HtmlObjectContentSupportsDocument(const nsCString& aMimeType) {
nsCOMPtr<nsIWebNavigationInfo> info(
do_GetService(NS_WEBNAVIGATION_INFO_CONTRACTID));
if (!info) {
return false;
}
uint32_t supported;
nsresult rv = info->IsTypeSupported(aMimeType, &supported);
if (NS_FAILED(rv)) {
return false;
}
if (supported != nsIWebNavigationInfo::UNSUPPORTED) {
// Don't want to support plugins as documents
return supported != nsIWebNavigationInfo::FALLBACK;
}
// Try a stream converter
// NOTE: We treat any type we can convert from as a supported type. If a
// type is not actually supported, the URI loader will detect that and
// return an error, and we'll fallback.
nsCOMPtr<nsIStreamConverterService> convServ =
do_GetService("@mozilla.org/streamConverters;1");
bool canConvert = false;
if (convServ) {
rv = convServ->CanConvert(aMimeType.get(), "*/*", &canConvert);
}
return NS_SUCCEEDED(rv) && canConvert;
}
/* static */
uint32_t nsContentUtils::HtmlObjectContentTypeForMIMEType(
const nsCString& aMIMEType) {
if (aMIMEType.IsEmpty()) {
return nsIObjectLoadingContent::TYPE_FALLBACK;
}
if (imgLoader::SupportImageWithMimeType(aMIMEType)) {
return nsIObjectLoadingContent::TYPE_DOCUMENT;
}
// Faking support of the PDF content as a document for EMBED tags
// when internal PDF viewer is enabled.
if (aMIMEType.LowerCaseEqualsLiteral("application/pdf") && IsPDFJSEnabled()) {
return nsIObjectLoadingContent::TYPE_DOCUMENT;
}
if (HtmlObjectContentSupportsDocument(aMIMEType)) {
return nsIObjectLoadingContent::TYPE_DOCUMENT;
}
return nsIObjectLoadingContent::TYPE_FALLBACK;
}
/* static */
bool nsContentUtils::IsLocalRefURL(const nsAString& aString) {
return !aString.IsEmpty() && aString[0] == '#';
}
// We use only 53 bits for the ID so that it can be converted to and from a JS
// value without loss of precision. The upper bits of the ID hold the process
// ID. The lower bits identify the object itself.
static constexpr uint64_t kIdTotalBits = 53;
static constexpr uint64_t kIdProcessBits = 22;
static constexpr uint64_t kIdBits = kIdTotalBits - kIdProcessBits;
/* static */
uint64_t nsContentUtils::GenerateProcessSpecificId(uint64_t aId) {
uint64_t processId = 0;
if (XRE_IsContentProcess()) {
ContentChild* cc = ContentChild::GetSingleton();
processId = cc->GetID();
}
MOZ_RELEASE_ASSERT(processId < (uint64_t(1) << kIdProcessBits));
uint64_t processBits = processId & ((uint64_t(1) << kIdProcessBits) - 1);
uint64_t id = aId;
MOZ_RELEASE_ASSERT(id < (uint64_t(1) << kIdBits));
uint64_t bits = id & ((uint64_t(1) << kIdBits) - 1);
return (processBits << kIdBits) | bits;
}
/* static */
std::tuple<uint64_t, uint64_t> nsContentUtils::SplitProcessSpecificId(
uint64_t aId) {
return {aId >> kIdBits, aId & ((uint64_t(1) << kIdBits) - 1)};
}
// Next process-local Tab ID.
static uint64_t gNextTabId = 0;
/* static */
uint64_t nsContentUtils::GenerateTabId() {
return GenerateProcessSpecificId(++gNextTabId);
}
// Next process-local Browser ID.
static uint64_t gNextBrowserId = 0;
/* static */
uint64_t nsContentUtils::GenerateBrowserId() {
return GenerateProcessSpecificId(++gNextBrowserId);
}
// Next process-local Browsing Context ID.
static uint64_t gNextBrowsingContextId = 0;
/* static */
uint64_t nsContentUtils::GenerateBrowsingContextId() {
return GenerateProcessSpecificId(++gNextBrowsingContextId);
}
// Next process-local Window ID.
static uint64_t gNextWindowId = 0;
/* static */
uint64_t nsContentUtils::GenerateWindowId() {
return GenerateProcessSpecificId(++gNextWindowId);
}
// Next process-local load.
static Atomic<uint64_t> gNextLoadIdentifier(0);
/* static */
uint64_t nsContentUtils::GenerateLoadIdentifier() {
return GenerateProcessSpecificId(++gNextLoadIdentifier);
}
/* static */
bool nsContentUtils::GetUserIsInteracting() {
return UserInteractionObserver::sUserActive;
}
/* static */
bool nsContentUtils::GetSourceMapURL(nsIHttpChannel* aChannel,
nsACString& aResult) {
nsresult rv = aChannel->GetResponseHeader("SourceMap"_ns, aResult);
if (NS_FAILED(rv)) {
rv = aChannel->GetResponseHeader("X-SourceMap"_ns, aResult);
}
return NS_SUCCEEDED(rv);
}
/* static */
bool nsContentUtils::IsMessageInputEvent(const IPC::Message& aMsg) {
if ((aMsg.type() & mozilla::dom::PBrowser::PBrowserStart) ==
mozilla::dom::PBrowser::PBrowserStart) {
switch (aMsg.type()) {
case mozilla::dom::PBrowser::Msg_RealMouseMoveEvent__ID:
case mozilla::dom::PBrowser::Msg_RealMouseButtonEvent__ID:
case mozilla::dom::PBrowser::Msg_RealMouseEnterExitWidgetEvent__ID:
case mozilla::dom::PBrowser::Msg_RealKeyEvent__ID:
case mozilla::dom::PBrowser::Msg_MouseWheelEvent__ID:
case mozilla::dom::PBrowser::Msg_RealTouchEvent__ID:
case mozilla::dom::PBrowser::Msg_RealTouchMoveEvent__ID:
case mozilla::dom::PBrowser::Msg_RealDragEvent__ID:
case mozilla::dom::PBrowser::Msg_UpdateDimensions__ID:
return true;
}
}
return false;
}
/* static */
bool nsContentUtils::IsMessageCriticalInputEvent(const IPC::Message& aMsg) {
if ((aMsg.type() & mozilla::dom::PBrowser::PBrowserStart) ==
mozilla::dom::PBrowser::PBrowserStart) {
switch (aMsg.type()) {
case mozilla::dom::PBrowser::Msg_RealMouseButtonEvent__ID:
case mozilla::dom::PBrowser::Msg_RealKeyEvent__ID:
case mozilla::dom::PBrowser::Msg_MouseWheelEvent__ID:
case mozilla::dom::PBrowser::Msg_RealTouchEvent__ID:
case mozilla::dom::PBrowser::Msg_RealDragEvent__ID:
return true;
}
}
return false;
}
static const char* kUserInteractionInactive = "user-interaction-inactive";
static const char* kUserInteractionActive = "user-interaction-active";
void nsContentUtils::UserInteractionObserver::Init() {
// Listen for the observer messages from EventStateManager which are telling
// us whether or not the user is interacting.
nsCOMPtr<nsIObserverService> obs = mozilla::services::GetObserverService();
obs->AddObserver(this, kUserInteractionInactive, false);
obs->AddObserver(this, kUserInteractionActive, false);
// We can't register ourselves as an annotator yet, as the
// BackgroundHangMonitor hasn't started yet. It will have started by the
// time we have the chance to spin the event loop.
RefPtr<UserInteractionObserver> self = this;
NS_DispatchToMainThread(NS_NewRunnableFunction(
"nsContentUtils::UserInteractionObserver::Init",
[=]() { BackgroundHangMonitor::RegisterAnnotator(*self); }));
}
void nsContentUtils::UserInteractionObserver::Shutdown() {
nsCOMPtr<nsIObserverService> obs = mozilla::services::GetObserverService();
if (obs) {
obs->RemoveObserver(this, kUserInteractionInactive);
obs->RemoveObserver(this, kUserInteractionActive);
}
BackgroundHangMonitor::UnregisterAnnotator(*this);
}
/**
* NB: This function is always called by the BackgroundHangMonitor thread.
* Plan accordingly
*/
void nsContentUtils::UserInteractionObserver::AnnotateHang(
BackgroundHangAnnotations& aAnnotations) {
// NOTE: Only annotate the hang report if the user is known to be interacting.
if (sUserActive) {
aAnnotations.AddAnnotation(u"UserInteracting"_ns, true);
}
}
NS_IMETHODIMP
nsContentUtils::UserInteractionObserver::Observe(nsISupports* aSubject,
const char* aTopic,
const char16_t* aData) {
if (!strcmp(aTopic, kUserInteractionInactive)) {
if (sUserActive && XRE_IsParentProcess()) {
glean::RecordPowerMetrics();
}
sUserActive = false;
} else if (!strcmp(aTopic, kUserInteractionActive)) {
if (!sUserActive && XRE_IsParentProcess()) {
glean::RecordPowerMetrics();
nsCOMPtr<nsIUserIdleServiceInternal> idleService =
do_GetService("@mozilla.org/widget/useridleservice;1");
if (idleService) {
idleService->ResetIdleTimeOut(0);
}
}
sUserActive = true;
} else {
NS_WARNING("Unexpected observer notification");
}
return NS_OK;
}
Atomic<bool> nsContentUtils::UserInteractionObserver::sUserActive(false);
NS_IMPL_ISUPPORTS(nsContentUtils::UserInteractionObserver, nsIObserver)
/* static */
bool nsContentUtils::IsSpecialName(const nsAString& aName) {
return aName.LowerCaseEqualsLiteral("_blank") ||
aName.LowerCaseEqualsLiteral("_top") ||
aName.LowerCaseEqualsLiteral("_parent") ||
aName.LowerCaseEqualsLiteral("_self");
}
/* static */
bool nsContentUtils::IsOverridingWindowName(const nsAString& aName) {
return !aName.IsEmpty() && !IsSpecialName(aName);
}
// Unfortunately, we can't unwrap an IDL object using only a concrete type.
// We need to calculate type data based on the IDL typename. Which means
// wrapping our templated function in a macro.
#define EXTRACT_EXN_VALUES(T, ...) \
ExtractExceptionValues<mozilla::dom::prototypes::id::T, \
T##_Binding::NativeType, T>(__VA_ARGS__) \
.isOk()
template <prototypes::ID PrototypeID, class NativeType, typename T>
static Result<Ok, nsresult> ExtractExceptionValues(
JSContext* aCx, JS::Handle<JSObject*> aObj, nsAString& aSourceSpecOut,
uint32_t* aLineOut, uint32_t* aColumnOut, nsString& aMessageOut) {
AssertStaticUnwrapOK<PrototypeID>();
RefPtr<T> exn;
MOZ_TRY((UnwrapObject<PrototypeID, NativeType>(aObj, exn, nullptr)));
exn->GetFilename(aCx, aSourceSpecOut);
if (!aSourceSpecOut.IsEmpty()) {
*aLineOut = exn->LineNumber(aCx);
*aColumnOut = exn->ColumnNumber();
}
exn->GetName(aMessageOut);
aMessageOut.AppendLiteral(": ");
nsAutoString message;
exn->GetMessageMoz(message);
aMessageOut.Append(message);
return Ok();
}
/* static */
void nsContentUtils::ExtractErrorValues(
JSContext* aCx, JS::Handle<JS::Value> aValue, nsACString& aSourceSpecOut,
uint32_t* aLineOut, uint32_t* aColumnOut, nsString& aMessageOut) {
nsAutoString sourceSpec;
ExtractErrorValues(aCx, aValue, sourceSpec, aLineOut, aColumnOut,
aMessageOut);
CopyUTF16toUTF8(sourceSpec, aSourceSpecOut);
}
/* static */
void nsContentUtils::ExtractErrorValues(
JSContext* aCx, JS::Handle<JS::Value> aValue, nsAString& aSourceSpecOut,
uint32_t* aLineOut, uint32_t* aColumnOut, nsString& aMessageOut) {
MOZ_ASSERT(aLineOut);
MOZ_ASSERT(aColumnOut);
if (aValue.isObject()) {
JS::Rooted<JSObject*> obj(aCx, &aValue.toObject());
// Try to process as an Error object. Use the file/line/column values
// from the Error as they will be more specific to the root cause of
// the problem.
JSErrorReport* err = obj ? JS_ErrorFromException(aCx, obj) : nullptr;
if (err) {
// Use xpc to extract the error message only. We don't actually send
// this report anywhere.
RefPtr<xpc::ErrorReport> report = new xpc::ErrorReport();
report->Init(err,
nullptr, // toString result
false, // chrome
0); // window ID
if (!report->mFileName.IsEmpty()) {
aSourceSpecOut = report->mFileName;
*aLineOut = report->mLineNumber;
*aColumnOut = report->mColumn;
}
aMessageOut.Assign(report->mErrorMsg);
}
// Next, try to unwrap the rejection value as a DOMException.
else if (EXTRACT_EXN_VALUES(DOMException, aCx, obj, aSourceSpecOut,
aLineOut, aColumnOut, aMessageOut)) {
return;
}
// Next, try to unwrap the rejection value as an XPC Exception.
else if (EXTRACT_EXN_VALUES(Exception, aCx, obj, aSourceSpecOut, aLineOut,
aColumnOut, aMessageOut)) {
return;
}
}
// If we could not unwrap a specific error type, then perform default safe
// string conversions on primitives. Objects will result in "[Object]"
// unfortunately.
if (aMessageOut.IsEmpty()) {
nsAutoJSString jsString;
if (jsString.init(aCx, aValue)) {
aMessageOut = jsString;
} else {
JS_ClearPendingException(aCx);
}
}
}
#undef EXTRACT_EXN_VALUES
/* static */
bool nsContentUtils::ContentIsLink(nsIContent* aContent) {
if (!aContent || !aContent->IsElement()) {
return false;
}
if (aContent->IsHTMLElement(nsGkAtoms::a)) {
return true;
}
return aContent->AsElement()->AttrValueIs(kNameSpaceID_XLink, nsGkAtoms::type,
nsGkAtoms::simple, eCaseMatters);
}
/* static */
already_AddRefed<ContentFrameMessageManager>
nsContentUtils::TryGetBrowserChildGlobal(nsISupports* aFrom) {
RefPtr<nsFrameLoaderOwner> frameLoaderOwner = do_QueryObject(aFrom);
if (!frameLoaderOwner) {
return nullptr;
}
RefPtr<nsFrameLoader> frameLoader = frameLoaderOwner->GetFrameLoader();
if (!frameLoader) {
return nullptr;
}
RefPtr<ContentFrameMessageManager> manager =
frameLoader->GetBrowserChildMessageManager();
return manager.forget();
}
/* static */
uint32_t nsContentUtils::InnerOrOuterWindowCreated() {
MOZ_ASSERT(NS_IsMainThread());
++sInnerOrOuterWindowCount;
return ++sInnerOrOuterWindowSerialCounter;
}
/* static */
void nsContentUtils::InnerOrOuterWindowDestroyed() {
MOZ_ASSERT(NS_IsMainThread());
MOZ_ASSERT(sInnerOrOuterWindowCount > 0);
--sInnerOrOuterWindowCount;
}
/* static */
nsresult nsContentUtils::AnonymizeURI(nsIURI* aURI, nsCString& aAnonymizedURI) {
MOZ_ASSERT(aURI);
if (aURI->SchemeIs("data")) {
aAnonymizedURI.Assign("data:..."_ns);
return NS_OK;
}
// Anonymize the URL.
// Strip the URL of any possible username/password and make it ready to be
// presented in the UI.
nsCOMPtr<nsIURI> exposableURI = net::nsIOService::CreateExposableURI(aURI);
return exposableURI->GetSpec(aAnonymizedURI);
}
static bool JSONCreator(const char16_t* aBuf, uint32_t aLen, void* aData) {
nsAString* result = static_cast<nsAString*>(aData);
return result->Append(aBuf, aLen, fallible);
}
/* static */
bool nsContentUtils::StringifyJSON(JSContext* aCx, JS::Handle<JS::Value> aValue,
nsAString& aOutStr, JSONBehavior aBehavior) {
MOZ_ASSERT(aCx);
switch (aBehavior) {
case UndefinedIsNullStringLiteral: {
aOutStr.Truncate();
JS::Rooted<JS::Value> value(aCx, aValue);
return JS_Stringify(aCx, &value, nullptr, JS::NullHandleValue,
JSONCreator, &aOutStr);
}
case UndefinedIsVoidString: {
aOutStr.SetIsVoid(true);
return JS::ToJSON(aCx, aValue, nullptr, JS::NullHandleValue, JSONCreator,
&aOutStr);
}
default:
MOZ_ASSERT_UNREACHABLE("Invalid value for aBehavior");
return false;
}
}
/* static */
bool nsContentUtils::
HighPriorityEventPendingForTopLevelDocumentBeforeContentfulPaint(
Document* aDocument) {
MOZ_ASSERT(XRE_IsContentProcess(),
"This function only makes sense in content processes");
if (aDocument && !aDocument->IsLoadedAsData()) {
if (nsPresContext* presContext = FindPresContextForDocument(aDocument)) {
MOZ_ASSERT(!presContext->IsChrome(),
"Should never have a chrome PresContext in a content process");
return !presContext->GetInProcessRootContentDocumentPresContext()
->HadFirstContentfulPaint() &&
nsThreadManager::MainThreadHasPendingHighPriorityEvents();
}
}
return false;
}
static nsGlobalWindowInner* GetInnerWindowForGlobal(nsIGlobalObject* aGlobal) {
NS_ENSURE_TRUE(aGlobal, nullptr);
if (auto* window = aGlobal->GetAsInnerWindow()) {
return nsGlobalWindowInner::Cast(window);
}
// When Extensions run content scripts inside a sandbox, it uses
// sandboxPrototype to make them appear as though they're running in the
// scope of the page. So when a content script invokes postMessage, it expects
// the |source| of the received message to be the window set as the
// sandboxPrototype. This used to work incidentally for unrelated reasons, but
// now we need to do some special handling to support it.
JS::Rooted<JSObject*> scope(RootingCx(), aGlobal->GetGlobalJSObject());
NS_ENSURE_TRUE(scope, nullptr);
if (xpc::IsSandbox(scope)) {
AutoJSAPI jsapi;
MOZ_ALWAYS_TRUE(jsapi.Init(scope));
JSContext* cx = jsapi.cx();
// Our current Realm on aCx is the sandbox. Using that for unwrapping
// makes sense: if the sandbox can unwrap the window, we can use it.
return xpc::SandboxWindowOrNull(scope, cx);
}
// The calling window must be holding a reference, so we can return a weak
// pointer.
return nsGlobalWindowInner::Cast(aGlobal->GetAsInnerWindow());
}
/* static */
nsGlobalWindowInner* nsContentUtils::IncumbentInnerWindow() {
return GetInnerWindowForGlobal(GetIncumbentGlobal());
}
/* static */
nsGlobalWindowInner* nsContentUtils::EntryInnerWindow() {
return GetInnerWindowForGlobal(GetEntryGlobal());
}
/* static */
bool nsContentUtils::IsURIInPrefList(nsIURI* aURI, const char* aPrefName) {
MOZ_ASSERT(aPrefName);
nsAutoCString list;
Preferences::GetCString(aPrefName, list);
ToLowerCase(list);
return IsURIInList(aURI, list);
}
/* static */
bool nsContentUtils::IsURIInList(nsIURI* aURI, const nsCString& aList) {
#ifdef DEBUG
nsAutoCString listLowerCase(aList);
ToLowerCase(listLowerCase);
MOZ_ASSERT(listLowerCase.Equals(aList),
"The aList argument should be lower-case");
#endif
if (!aURI) {
return false;
}
nsAutoCString scheme;
aURI->GetScheme(scheme);
if (!scheme.EqualsLiteral("http") && !scheme.EqualsLiteral("https")) {
return false;
}
if (aList.IsEmpty()) {
return false;
}
// The list is comma separated domain list. Each item may start with "*.".
// If starts with "*.", it matches any sub-domains.
nsCCharSeparatedTokenizer tokenizer(aList, ',');
while (tokenizer.hasMoreTokens()) {
const nsCString token(tokenizer.nextToken());
nsAutoCString host;
aURI->GetHost(host);
if (host.IsEmpty()) {
return false;
}
ToLowerCase(host);
for (;;) {
int32_t index = token.Find(host);
if (index >= 0 &&
static_cast<uint32_t>(index) + host.Length() <= token.Length()) {
// If we found a full match, return true.
size_t indexAfterHost = index + host.Length();
if (index == 0 && indexAfterHost == token.Length()) {
return true;
}
// If next character is '/', we need to check the path too.
// We assume the path in the list means "/foo" + "*".
if (token[indexAfterHost] == '/') {
nsDependentCSubstring pathInList(
token, indexAfterHost,
static_cast<nsDependentCSubstring::size_type>(-1));
nsAutoCString filePath;
aURI->GetFilePath(filePath);
ToLowerCase(filePath);
if (StringBeginsWith(filePath, pathInList) &&
(filePath.Length() == pathInList.Length() ||
pathInList.EqualsLiteral("/") ||
filePath[pathInList.Length() - 1] == '/' ||
filePath[pathInList.Length() - 1] == '?' ||
filePath[pathInList.Length() - 1] == '#')) {
return true;
}
}
}
int32_t startIndexOfCurrentLevel = host[0] == '*' ? 1 : 0;
int32_t startIndexOfNextLevel =
host.Find(".", startIndexOfCurrentLevel + 1);
if (startIndexOfNextLevel <= 0) {
break;
}
host.ReplaceLiteral(0, startIndexOfNextLevel, "*");
}
}
return false;
}
/* static */
ScreenIntMargin nsContentUtils::GetWindowSafeAreaInsets(
nsIScreen* aScreen, const ScreenIntMargin& aSafeAreaInsets,
const LayoutDeviceIntRect& aWindowRect) {
// This calculates safe area insets of window from screen rectangle, window
// rectangle and safe area insets of screen.
//
// +----------------------------------------+ <-- screen
// | +-------------------------------+ <------- window
// | | window's safe area inset top) | |
// +--+-------------------------------+--+ |
// | | | |<------ safe area rectangle of
// | | | | | screen
// +--+-------------------------------+--+ |
// | |window's safe area inset bottom| |
// | +-------------------------------+ |
// +----------------------------------------+
//
ScreenIntMargin windowSafeAreaInsets;
if (windowSafeAreaInsets == aSafeAreaInsets) {
// no safe area insets.
return windowSafeAreaInsets;
}
int32_t screenLeft, screenTop, screenWidth, screenHeight;
nsresult rv =
aScreen->GetRect(&screenLeft, &screenTop, &screenWidth, &screenHeight);
if (NS_WARN_IF(NS_FAILED(rv))) {
return windowSafeAreaInsets;
}
const ScreenIntRect screenRect(screenLeft, screenTop, screenWidth,
screenHeight);
ScreenIntRect safeAreaRect = screenRect;
safeAreaRect.Deflate(aSafeAreaInsets);
ScreenIntRect windowRect = ViewAs<ScreenPixel>(
aWindowRect, PixelCastJustification::LayoutDeviceIsScreenForTabDims);
// FIXME(bug 1754323): This can trigger because the screen rect is not
// orientation-aware.
// MOZ_ASSERT(screenRect.Contains(windowRect),
// "Screen doesn't contain window rect? Something seems off");
// window's rect of safe area
safeAreaRect = safeAreaRect.Intersect(windowRect);
windowSafeAreaInsets.top = safeAreaRect.y - aWindowRect.y;
windowSafeAreaInsets.left = safeAreaRect.x - aWindowRect.x;
windowSafeAreaInsets.right =
aWindowRect.x + aWindowRect.width - (safeAreaRect.x + safeAreaRect.width);
windowSafeAreaInsets.bottom = aWindowRect.y + aWindowRect.height -
(safeAreaRect.y + safeAreaRect.height);
windowSafeAreaInsets.EnsureAtLeast(ScreenIntMargin());
// This shouldn't be needed, but it wallpapers orientation issues, see bug
// 1754323.
windowSafeAreaInsets.EnsureAtMost(aSafeAreaInsets);
return windowSafeAreaInsets;
}
/* static */
nsContentUtils::SubresourceCacheValidationInfo
nsContentUtils::GetSubresourceCacheValidationInfo(nsIRequest* aRequest,
nsIURI* aURI) {
SubresourceCacheValidationInfo info;
if (nsCOMPtr<nsICacheInfoChannel> cache = do_QueryInterface(aRequest)) {
uint32_t value = 0;
if (NS_SUCCEEDED(cache->GetCacheTokenExpirationTime(&value))) {
info.mExpirationTime.emplace(value);
}
}
// Determine whether the cache entry must be revalidated when we try to use
// it. Currently, only HTTP specifies this information...
if (nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aRequest)) {
Unused << httpChannel->IsNoStoreResponse(&info.mMustRevalidate);
if (!info.mMustRevalidate) {
Unused << httpChannel->IsNoCacheResponse(&info.mMustRevalidate);
}
}
// data: URIs are safe to cache across documents under any circumstance, so we
// special-case them here even though the channel itself doesn't have any
// caching policy. Same for chrome:// uris.
//
// TODO(emilio): Figure out which other schemes that don't have caching
// policies are safe to cache. Blobs should be...
const bool knownCacheable = [&] {
if (!aURI) {
return false;
}
if (aURI->SchemeIs("data") || aURI->SchemeIs("moz-page-thumb") ||
aURI->SchemeIs("moz-extension")) {
return true;
}
if (aURI->SchemeIs("chrome") || aURI->SchemeIs("resource")) {
return !StaticPrefs::nglayout_debug_disable_xul_cache();
}
return false;
}();
if (knownCacheable) {
MOZ_ASSERT(!info.mExpirationTime);
MOZ_ASSERT(!info.mMustRevalidate);
info.mExpirationTime = Some(0); // 0 means "doesn't expire".
}
return info;
}
nsCString nsContentUtils::TruncatedURLForDisplay(nsIURI* aURL, size_t aMaxLen) {
nsCString spec;
if (aURL) {
aURL->GetSpec(spec);
spec.Truncate(std::min(aMaxLen, spec.Length()));
}
return spec;
}
/* static */
nsresult nsContentUtils::AnonymizeId(nsAString& aId,
const nsACString& aOriginKey,
OriginFormat aFormat) {
MOZ_ASSERT(NS_IsMainThread());
nsresult rv;
nsCString rawKey;
if (aFormat == OriginFormat::Base64) {
rv = Base64Decode(aOriginKey, rawKey);
NS_ENSURE_SUCCESS(rv, rv);
} else {
rawKey = aOriginKey;
}
HMAC hmac;
rv = hmac.Begin(
SEC_OID_SHA256,
Span(reinterpret_cast<const uint8_t*>(rawKey.get()), rawKey.Length()));
NS_ENSURE_SUCCESS(rv, rv);
NS_ConvertUTF16toUTF8 id(aId);
rv = hmac.Update(reinterpret_cast<const uint8_t*>(id.get()), id.Length());
NS_ENSURE_SUCCESS(rv, rv);
nsTArray<uint8_t> macBytes;
rv = hmac.End(macBytes);
NS_ENSURE_SUCCESS(rv, rv);
nsCString macBase64;
rv = Base64Encode(
nsDependentCSubstring(reinterpret_cast<const char*>(macBytes.Elements()),
macBytes.Length()),
macBase64);
NS_ENSURE_SUCCESS(rv, rv);
CopyUTF8toUTF16(macBase64, aId);
return NS_OK;
}
void nsContentUtils::RequestGeckoTaskBurst() {
nsCOMPtr<nsIAppShell> appShell = do_GetService(NS_APPSHELL_CID);
if (appShell) {
appShell->GeckoTaskBurst();
}
}
nsIContent* nsContentUtils::GetClosestLinkInFlatTree(nsIContent* aContent) {
for (nsIContent* content = aContent; content;
content = content->GetFlattenedTreeParent()) {
if (nsContentUtils::IsDraggableLink(content)) {
return content;
}
}
return nullptr;
}
template <TreeKind aKind>
MOZ_ALWAYS_INLINE const nsINode* GetParent(const nsINode* aNode) {
if constexpr (aKind == TreeKind::DOM) {
return aNode->GetParentNode();
} else {
return aNode->GetFlattenedTreeParentNode();
}
}
template <TreeKind aKind>
MOZ_ALWAYS_INLINE Maybe<uint32_t> GetIndexInParent(const nsINode* aParent,
const nsINode* aNode) {
if constexpr (aKind == TreeKind::DOM) {
return aParent->ComputeIndexOf(aNode);
} else {
return aParent->ComputeFlatTreeIndexOf(aNode);
}
}
template <TreeKind aTreeKind>
int32_t nsContentUtils::CompareTreePosition(const nsINode* aNode1,
const nsINode* aNode2,
const nsINode* aCommonAncestor) {
MOZ_ASSERT(aNode1, "aNode1 must not be null");
MOZ_ASSERT(aNode2, "aNode2 must not be null");
if (MOZ_UNLIKELY(NS_WARN_IF(aNode1 == aNode2))) {
return 0;
}
AutoTArray<const nsINode*, 32> node1Ancestors;
const nsINode* c1;
for (c1 = aNode1; c1 && c1 != aCommonAncestor;
c1 = GetParent<aTreeKind>(c1)) {
node1Ancestors.AppendElement(c1);
}
if (!c1 && aCommonAncestor) {
// So, it turns out aCommonAncestor was not an ancestor of c1. Oops.
// Never mind. We can continue as if aCommonAncestor was null.
aCommonAncestor = nullptr;
}
AutoTArray<const nsINode*, 32> node2Ancestors;
const nsINode* c2;
for (c2 = aNode2; c2 && c2 != aCommonAncestor;
c2 = GetParent<aTreeKind>(c2)) {
node2Ancestors.AppendElement(c2);
}
if (!c2 && aCommonAncestor) {
// So, it turns out aCommonAncestor was not an ancestor of c2.
// We need to retry with no common ancestor hint.
return CompareTreePosition<aTreeKind>(aNode1, aNode2, nullptr);
}
int last1 = node1Ancestors.Length() - 1;
int last2 = node2Ancestors.Length() - 1;
const nsINode* node1Ancestor = nullptr;
const nsINode* node2Ancestor = nullptr;
while (last1 >= 0 && last2 >= 0 &&
((node1Ancestor = node1Ancestors.ElementAt(last1)) ==
(node2Ancestor = node2Ancestors.ElementAt(last2)))) {
last1--;
last2--;
}
if (last1 < 0) {
if (last2 < 0) {
NS_ASSERTION(aNode1 == aNode2, "internal error?");
return 0;
}
// aContent1 is an ancestor of aContent2
return -1;
}
if (last2 < 0) {
// aContent2 is an ancestor of aContent1
return 1;
}
// node1Ancestor != node2Ancestor, so they must be siblings with the
// same parent
const nsINode* parent = GetParent<aTreeKind>(node1Ancestor);
if (NS_WARN_IF(!parent)) { // different documents??
return 0;
}
const Maybe<uint32_t> index1 =
GetIndexInParent<aTreeKind>(parent, node1Ancestor);
const Maybe<uint32_t> index2 =
GetIndexInParent<aTreeKind>(parent, node2Ancestor);
// None of the nodes are anonymous, just do a regular comparison.
if (index1.isSome() && index2.isSome()) {
return static_cast<int32_t>(static_cast<int64_t>(*index1) - *index2);
}
// Otherwise handle pseudo-element and anonymous node ordering.
// ::marker -> ::before -> anon siblings -> regular siblings -> ::after
auto PseudoIndex = [](const nsINode* aNode,
const Maybe<uint32_t>& aNodeIndex) -> int32_t {
if (aNodeIndex.isSome()) {
return 1; // Not a pseudo.
}
if (aNode->IsGeneratedContentContainerForMarker()) {
return -2;
}
if (aNode->IsGeneratedContentContainerForBefore()) {
return -1;
}
if (aNode->IsGeneratedContentContainerForAfter()) {
return 2;
}
return 0;
};
return PseudoIndex(node1Ancestor, index1) -
PseudoIndex(node2Ancestor, index2);
}
nsIContent* nsContentUtils::AttachDeclarativeShadowRoot(nsIContent* aHost,
ShadowRootMode aMode,
bool aDelegatesFocus) {
RefPtr<Element> host = mozilla::dom::Element::FromNodeOrNull(aHost);
if (!host) {
return nullptr;
}
ShadowRootInit init;
init.mMode = aMode;
init.mDelegatesFocus = aDelegatesFocus;
init.mSlotAssignment = SlotAssignmentMode::Named;
init.mClonable = true;
RefPtr shadowRoot = host->AttachShadow(init, IgnoreErrors(),
Element::ShadowRootDeclarative::Yes);
if (shadowRoot) {
// https://html.spec.whatwg.org/#parsing-main-inhead:available-to-element-internals
shadowRoot->SetAvailableToElementInternals();
}
return shadowRoot;
}
template int32_t nsContentUtils::CompareTreePosition<TreeKind::DOM>(
const nsINode*, const nsINode*, const nsINode*);
template int32_t nsContentUtils::CompareTreePosition<TreeKind::Flat>(
const nsINode*, const nsINode*, const nsINode*);
namespace mozilla {
std::ostream& operator<<(std::ostream& aOut,
const PreventDefaultResult aPreventDefaultResult) {
switch (aPreventDefaultResult) {
case PreventDefaultResult::No:
aOut << "unhandled";
break;
case PreventDefaultResult::ByContent:
aOut << "handled-by-content";
break;
case PreventDefaultResult::ByChrome:
aOut << "handled-by-chrome";
break;
}
return aOut;
}
} // namespace mozilla
View git blame Copy permalink