From 89e61326585c22c01cc3eff6bd834ccb3aaa2c01 Mon Sep 17 00:00:00 2001 From: "racham%netscape.com" Date: Tue, 6 Oct 1998 21:04:19 +0000 Subject: [PATCH] Adding -reg_mode flag related changes git-svn-id: svn://10.0.0.236/trunk@12080 18797224-902f-48f8-a5cc-f745e15eee43 --- mozilla/caps/src/nsPrivilegeManager.cpp | 34 ++++++++++++++++++++++++- mozilla/caps/src/nsUserTarget.cpp | 12 +++++++-- 2 files changed, 43 insertions(+), 3 deletions(-) diff --git a/mozilla/caps/src/nsPrivilegeManager.cpp b/mozilla/caps/src/nsPrivilegeManager.cpp index a5ed05532e1..cb27542338e 100755 --- a/mozilla/caps/src/nsPrivilegeManager.cpp +++ b/mozilla/caps/src/nsPrivilegeManager.cpp @@ -1110,6 +1110,9 @@ nsPrivilegeManager::checkPrivilegeEnabled(void *context, PRInt32 noOfTargets; PRInt32 idx; char *errMsg = NULL; + nsPrincipal *principal; + PRInt32 noOfPrincipals; + PRBool saw_dangerous_code = PR_FALSE; if (targetArray == NULL) { return "internal error - null target array"; @@ -1144,7 +1147,29 @@ nsPrivilegeManager::checkPrivilegeEnabled(void *context, (nsPrivilegeTable *) (*nsCapsGetAnnotationCallback)(wrapper); prinArray = (nsPrincipalArray *) (*nsCapsGetPrincipalArrayCallback)(wrapper); - /* + + /* + * When the Registration Mode flag is enabled, we allow secure + * operations if and only iff the principal codebase is 'file:'. + * That means we load files only after recognizing that they + * reside on local harddrive. Any other code is considered as + * dangerous and an exception will be thrown in such cases. + */ + if ((nsCapsGetRegistrationModeFlag()) && (prinArray != NULL)){ + noOfPrincipals = prinArray->GetSize(); + + for (idx=0; idx < noOfPrincipals; idx++){ + principal = (nsPrincipal *) prinArray->Get(idx); + + if (!(principal->isFileCodeBase())){ + saw_dangerous_code = PR_TRUE; + errMsg = "access to target Forbidden - Illegal url code base is detected"; + goto done; + } + } + } + + /* * frame->annotation holds a PrivilegeTable, describing * the scope privileges of this frame. We'll check * if it permits the target, and if so, we just return. @@ -1219,6 +1244,13 @@ nsPrivilegeManager::checkPrivilegeEnabled(void *context, errMsg = "access to target forbidden. Target was not enabled on stack (stack included only system code)"; done: + /* + * If the Registration Mode flag is set and principals have + * 'file:' code base, we set the error message to NULL. + */ + if ((nsCapsGetRegistrationModeFlag()) && !(saw_dangerous_code)){ + errMsg = NULL; + } (*nsCapsFreeNSJSJavaFrameWrapperCallback)(wrapper); return errMsg; } diff --git a/mozilla/caps/src/nsUserTarget.cpp b/mozilla/caps/src/nsUserTarget.cpp index c5cc7a4deb1..4892ef6144a 100755 --- a/mozilla/caps/src/nsUserTarget.cpp +++ b/mozilla/caps/src/nsUserTarget.cpp @@ -62,8 +62,16 @@ nsPrivilege * nsUserTarget::enablePrivilege(nsPrincipal *prin, void *data) PRBool isCert = (prin->isCodebase()) ? PR_FALSE : PR_TRUE; nsPermState permState = nsPermState_AllowedSession; - /* set displayUI to TRUE, to enable UI */ - if (displayUI) { + /* + * Check Registration Mode flag and the url code base + * to set permission state + */ + if ((nsCapsGetRegistrationModeFlag()) && (prin != NULL)) { + if (prin->isFileCodeBase()) { + permState = nsPermState_AllowedSession; + } + } else if (displayUI) { + /* set displayUI to TRUE, to enable UI */ nsCaps_lock(); permState = displayPermissionDialog(prinStr, targetStr, riskStr, isCert); nsCaps_unlock();