From 2fc8ea94dc040a9854718593571b48345d6b22f2 Mon Sep 17 00:00:00 2001 From: Christian Persch Date: Fri, 18 Nov 2005 19:24:16 +0000 Subject: Add chrome: and resource: to the safe list; otherwise forms and scrollbars 2005-11-18 Christian Persch * embed/mozilla/EphyContentPolicy.cpp: * embed/ephy-embed-single.c: * embed/ephy-embed-single.h: Add chrome: and resource: to the safe list; otherwise forms and scrollbars break. Fixes bug #316498. --- embed/ephy-embed-single.c | 27 --------- embed/ephy-embed-single.h | 17 ------ embed/mozilla/EphyContentPolicy.cpp | 113 ++++++++++++------------------------ 3 files changed, 36 insertions(+), 121 deletions(-) (limited to 'embed') diff --git a/embed/ephy-embed-single.c b/embed/ephy-embed-single.c index 4f2c50000..fe32a0289 100644 --- a/embed/ephy-embed-single.c +++ b/embed/ephy-embed-single.c @@ -145,33 +145,6 @@ ephy_embed_single_iface_init (gpointer g_iface) G_TYPE_STRING | G_SIGNAL_TYPE_STATIC_SCOPE, G_TYPE_STRING | G_SIGNAL_TYPE_STATIC_SCOPE); -/** - * EphyEmbedSingle::check_content: - * @single: the #EphyEmbedSingle - * @type: the type of content (an #EphyContentCheckType) - * @address: the address of the content - * @requesting_address: the address of the requesting content (may be empty) - * @mime_type_guess: a guess of the mime type of the content (may be empty) - * - * The ::check-content signal is emitted when Epiphany loads any content from - * anywhere. - * - * If a connected callback returns %TRUE, the - * signal emission will stop, and the load be aborted. - **/ - g_signal_new ("check_content", - EPHY_TYPE_EMBED_SINGLE, - G_SIGNAL_RUN_FIRST | G_SIGNAL_RUN_LAST, - G_STRUCT_OFFSET (EphyEmbedSingleIface, check_content), - g_signal_accumulator_true_handled, NULL, - ephy_marshal_BOOLEAN__ENUM_STRING_STRING_STRING, - G_TYPE_BOOLEAN, - 4, - EPHY_TYPE_CONTENT_CHECK_TYPE, - G_TYPE_STRING | G_SIGNAL_TYPE_STATIC_SCOPE, - G_TYPE_STRING | G_SIGNAL_TYPE_STATIC_SCOPE, - G_TYPE_STRING | G_SIGNAL_TYPE_STATIC_SCOPE); - /** * EphyEmbedSingle::network-status: * diff --git a/embed/ephy-embed-single.h b/embed/ephy-embed-single.h index a89399b2b..916773d7f 100644 --- a/embed/ephy-embed-single.h +++ b/embed/ephy-embed-single.h @@ -35,18 +35,6 @@ G_BEGIN_DECLS typedef struct _EphyEmbedSingle EphyEmbedSingle; typedef struct _EphyEmbedSingleIface EphyEmbedSingleIface; -typedef enum -{ - EPHY_CONTENT_CHECK_TYPE_OTHER = 1U, - EPHY_CONTENT_CHECK_TYPE_SCRIPT = 2U, /* Indicates an executable script (such as JavaScript) */ - EPHY_CONTENT_CHECK_TYPE_IMAGE = 3U, /* Indicates an image (e.g., IMG elements) */ - EPHY_CONTENT_CHECK_TYPE_STYLESHEET = 4U, /* Indicates a stylesheet (e.g., STYLE elements) */ - EPHY_CONTENT_CHECK_TYPE_OBJECT = 5U, /* Indicates a generic object (plugin-handled content typically falls under this category) */ - EPHY_CONTENT_CHECK_TYPE_DOCUMENT = 6U, /* Indicates a document at the top-level (i.e., in a browser) */ - EPHY_CONTENT_CHECK_TYPE_SUBDOCUMENT = 7U, /* Indicates a document contained within another document (e.g., IFRAMEs, FRAMES, and OBJECTs) */ - EPHY_CONTENT_CHECK_TYPE_REFRESH = 8U /* Indicates a timed refresh */ -} EphyContentCheckType; - struct _EphyEmbedSingleIface { GTypeInterface base_iface; @@ -70,11 +58,6 @@ struct _EphyEmbedSingleIface const char *icon_url, const char *title); - gboolean (* check_content) (EphyEmbedSingle *single, - EphyContentCheckType type, - const char *address, - const char *requesting_address, - const char *mime_type_guess); /* Methods */ GtkWidget * (* open_window) (EphyEmbedSingle *single, diff --git a/embed/mozilla/EphyContentPolicy.cpp b/embed/mozilla/EphyContentPolicy.cpp index bbfa59814..30b90bca3 100644 --- a/embed/mozilla/EphyContentPolicy.cpp +++ b/embed/mozilla/EphyContentPolicy.cpp @@ -48,8 +48,6 @@ EphyContentPolicy::EphyContentPolicy() mLocked = eel_gconf_get_boolean (CONF_LOCKDOWN_DISABLE_UNSAFE_PROTOCOLS); mSafeProtocols = eel_gconf_get_string_list (CONF_LOCKDOWN_ADDITIONAL_SAFE_PROTOCOLS); - mSafeProtocols = g_slist_prepend (mSafeProtocols, g_strdup ("https")); - mSafeProtocols = g_slist_prepend (mSafeProtocols, g_strdup ("http")); mEmbedSingle = ephy_embed_shell_get_embed_single (embed_shell); g_return_if_fail (mEmbedSingle); @@ -74,43 +72,33 @@ EphyContentPolicy::ShouldLoad(PRUint32 aContentType, PRInt16 *aDecision) { NS_ENSURE_ARG (aContentLocation); + NS_ENSURE_ARG_POINTER (aDecision); - nsEmbedCString contentScheme; - aContentLocation->GetScheme (contentScheme); + *aDecision = nsIContentPolicy::ACCEPT; + + PRBool isHttp = PR_FALSE, isHttps = PR_FALSE; + aContentLocation->SchemeIs ("http", &isHttp); + aContentLocation->SchemeIs ("https", &isHttps); + if (isHttp || isHttps) return NS_OK; + + /* We have to always allow these, else forms and scrollbars break */ + PRBool isChrome = PR_FALSE, isResource = PR_FALSE; + aContentLocation->SchemeIs ("chrome", &isChrome); + aContentLocation->SchemeIs ("resource", &isResource); + if (isChrome || isResource) return NS_OK; nsEmbedCString contentSpec; aContentLocation->GetSpec (contentSpec); + if (strcmp (contentSpec.get(), "about:blank") == 0) return NS_OK; + + nsEmbedCString contentScheme; + aContentLocation->GetScheme (contentScheme); /* first general lockdown check */ if (mLocked && - !g_slist_find_custom (mSafeProtocols, contentScheme.get(), (GCompareFunc) strcmp) && - strcmp (contentSpec.get(), "about:blank") != 0) + !g_slist_find_custom (mSafeProtocols, contentScheme.get(), (GCompareFunc) strcmp)) { *aDecision = nsIContentPolicy::REJECT_REQUEST; - return NS_OK; - } - - nsEmbedCString requestingSpec; - if (aRequestingLocation) - { - aRequestingLocation->GetSpec (requestingSpec); - } - - gboolean result = FALSE; - g_signal_emit_by_name (mEmbedSingle, "check-content", - (EphyContentCheckType) aContentType, - contentSpec.get(), - requestingSpec.get(), - nsEmbedCString(aMimeTypeGuess).get(), - &result); - - if (result) - { - *aDecision = nsIContentPolicy::REJECT_REQUEST; - } - else - { - *aDecision = nsIContentPolicy::ACCEPT; } return NS_OK; @@ -139,64 +127,35 @@ NS_IMETHODIMP EphyContentPolicy::ShouldLoad(PRInt32 aContentType, PRBool *_retval) { NS_ENSURE_ARG (aContentLocation); + NS_ENSURE_ARG_POINTER (aDecision); - nsEmbedCString contentScheme; - aContentLocation->GetScheme (contentScheme); + *_retval = PR_TRUE; + + PRBool isHttp = PR_FALSE, isHttps = PR_FALSE; + aContentLocation->SchemeIs ("http", &isHttp); + aContentLocation->SchemeIs ("https", &isHttps); + if (isHttp || isHttps) return NS_OK; + + /* We have to always allow these, else forms and scrollbars break */ + PRBool isChrome = PR_FALSE, isResource = PR_FALSE; + aContentLocation->SchemeIs ("chrome", &isChrome); + aContentLocation->SchemeIs ("resource", &isResource); + if (isChrome || isResource) return NS_OK; nsEmbedCString contentSpec; aContentLocation->GetSpec (contentSpec); + if (strcmp (contentSpec.get(), "about:blank") == 0) return NS_OK; + + nsEmbedCString contentScheme; + aContentLocation->GetScheme (contentScheme); /* first general lockdown check */ if (mLocked && - !g_slist_find_custom (mSafeProtocols, contentScheme.get(), (GCompareFunc) strcmp) && - strcmp (contentSpec.get(), "about:blank") != 0) + !g_slist_find_custom (mSafeProtocols, contentScheme.get(), (GCompareFunc) strcmp)) { *_retval = PR_FALSE; - return NS_OK; } - /* translate to variant-2 types */ - EphyContentCheckType type; - switch (aContentType) - { - case nsIContentPolicy::SCRIPT: - type = EPHY_CONTENT_CHECK_TYPE_SCRIPT; - break; - case nsIContentPolicy::IMAGE: - type = EPHY_CONTENT_CHECK_TYPE_IMAGE; - break; - case nsIContentPolicy::STYLESHEET: - type = EPHY_CONTENT_CHECK_TYPE_STYLESHEET; - break; - case nsIContentPolicy::OBJECT: - type = EPHY_CONTENT_CHECK_TYPE_OBJECT; - break; - case nsIContentPolicy::SUBDOCUMENT: - type = EPHY_CONTENT_CHECK_TYPE_SUBDOCUMENT; - break; - case nsIContentPolicy::CONTROL_TAG: - type = EPHY_CONTENT_CHECK_TYPE_REFRESH; - break; - case nsIContentPolicy::DOCUMENT: - type = EPHY_CONTENT_CHECK_TYPE_DOCUMENT; - break; - case nsIContentPolicy::OTHER: - case nsIContentPolicy::RAW_URL: - default: - type = EPHY_CONTENT_CHECK_TYPE_OTHER; - break; - } - - gboolean result = FALSE; - g_signal_emit_by_name (mEmbedSingle, "check-content", - type, - contentSpec.get(), - "", - "", - &result); - - *_retval = !result; - return NS_OK; } -- cgit v1.2.3