home *** CD-ROM | disk | FTP | other *** search

---

/ Personal Computer World 2009 February / PCWFEB09.iso / Software / Resources / Security / Hotspot Shield 1.08 / HSS-1.08-install-anchorfree-76-conduit.exe / components / nsAxSecurityPolicy.js

< prev

next >

Wrap

Text File  |  2008-06-26  |  9KB  |  234 lines

---

1. /* ***** BEGIN LICENSE BLOCK *****
2.  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3.  *
4.  * The contents of this file are subject to the Mozilla Public License Version
5.  * 1.1 (the "License"); you may not use this file except in compliance with
6.  * the License. You may obtain a copy of the License at
7.  * http://www.mozilla.org/MPL/
8.  *
9.  * Software distributed under the License is distributed on an "AS IS" basis,
10.  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11.  * for the specific language governing rights and limitations under the
12.  * License.
13.  *
14.  * The Original Code is mozilla.org code.
15.  *
16.  * The Initial Developer of the Original Code is
17.  * Netscape Communications Corporation.
18.  * Portions created by the Initial Developer are Copyright (C) 1998
19.  * the Initial Developer. All Rights Reserved.
20.  *
21.  * Contributor(s):
22.  *
23.  * Alternatively, the contents of this file may be used under the terms of
24.  * either the GNU General Public License Version 2 or later (the "GPL"), or
25.  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
26.  * in which case the provisions of the GPL or the LGPL are applicable instead
27.  * of those above. If you wish to allow use of your version of this file only
28.  * under the terms of either the GPL or the LGPL, and not to allow others to
29.  * use your version of this file under the terms of the MPL, indicate your
30.  * decision by deleting the provisions above and replace them with the notice
31.  * and other provisions required by the GPL or the LGPL. If you do not delete
32.  * the provisions above, a recipient may use your version of this file under
33.  * the terms of any one of the MPL, the GPL or the LGPL.
34.  *
35.  * ***** END LICENSE BLOCK ***** */
36.  
37. const NS_IACTIVEXSECURITYPOLICY_CONTRACTID =
38.     "@mozilla.org/nsactivexsecuritypolicy;1";
39. const NS_IACTIVEXSECURITYPOLICY_CID =
40.     Components.ID("{B9BDB43B-109E-44b8-858C-B68C6C3DF86F}");
41.  
42. const nsISupports               = Components.interfaces.nsISupports;
43. const nsIObserver               = Components.interfaces.nsIObserver;
44. const nsIActiveXSecurityPolicy  = Components.interfaces.nsIActiveXSecurityPolicy;
45.  
46. ///////////////////////////////////////////////////////////////////////////////
47. // Constants representing some default flag combinations of varying degrees
48. // of safety.
49.  
50. // No controls at all
51. const kTotalSecurityHostingFlags =
52.     nsIActiveXSecurityPolicy.HOSTING_FLAGS_HOST_NOTHING;
53.  
54. // Host only safe controls, no downloading or scripting
55. const kHighSecurityHostingFlags =
56.     nsIActiveXSecurityPolicy.HOSTING_FLAGS_HOST_SAFE_OBJECTS;
57.  
58. // Host and script safe controls and allow downloads
59. const kMediumSecurityGlobalHostingFlags =
60.     nsIActiveXSecurityPolicy.HOSTING_FLAGS_HOST_SAFE_OBJECTS |
61.     nsIActiveXSecurityPolicy.HOSTING_FLAGS_DOWNLOAD_CONTROLS |
62.     nsIActiveXSecurityPolicy.HOSTING_FLAGS_SCRIPT_SAFE_OBJECTS;
63.  
64. // Host any control and script safe controls
65. const kLowSecurityHostFlags =
66.     nsIActiveXSecurityPolicy.HOSTING_FLAGS_HOST_SAFE_OBJECTS |
67.     nsIActiveXSecurityPolicy.HOSTING_FLAGS_DOWNLOAD_CONTROLS |
68.     nsIActiveXSecurityPolicy.HOSTING_FLAGS_SCRIPT_SAFE_OBJECTS |
69.     nsIActiveXSecurityPolicy.HOSTING_FLAGS_HOST_ALL_OBJECTS;
70.  
71. // Goodbye cruel world
72. const kNoSecurityHostingFlags =
73.     nsIActiveXSecurityPolicy.HOSTING_FLAGS_HOST_SAFE_OBJECTS |
74.     nsIActiveXSecurityPolicy.HOSTING_FLAGS_DOWNLOAD_CONTROLS |
75.     nsIActiveXSecurityPolicy.HOSTING_FLAGS_SCRIPT_SAFE_OBJECTS |
76.     nsIActiveXSecurityPolicy.HOSTING_FLAGS_SCRIPT_ALL_OBJECTS |
77.     nsIActiveXSecurityPolicy.HOSTING_FLAGS_HOST_ALL_OBJECTS;
78.  
79. ///////////////////////////////////////////////////////////////////////////////
80. // Constants representing the default hosting flag values when there is
81. // no pref value. Note that these should be as tight as possible except for
82. // testing purposes.
83.  
84. const kDefaultGlobalHostingFlags = kMediumSecurityGlobalHostingFlags;
85. const kDefaultOtherHostingFlags  = kMediumSecurityGlobalHostingFlags;
86.  
87. // Preferences security policy reads from
88. const kHostingPrefPart1 = "security.xpconnect.activex.";
89. const kHostingPrefPart2 = ".hosting_flags";
90. const kGlobalHostingFlagsPref = kHostingPrefPart1 + "global" + kHostingPrefPart2;
91.  
92. var gPref = null;
93.  
94. function addPrefListener(observer, prefStr)
95. {
96.     try {
97.         if (gPref == null) {
98.             var prefService = Components.classes["@mozilla.org/preferences-service;1"]
99.                                         .getService(Components.interfaces.nsIPrefService);
100.             gPref = prefService.getBranch(null);
101.         }
102.         var pbi = gPref.QueryInterface(Components.interfaces.nsIPrefBranch2);
103.         pbi.addObserver(prefStr, observer, false);
104.     } catch(ex) {
105.         dump("Failed to observe prefs: " + ex + "\n");
106.     }
107. }
108.  
109. function AxSecurityPolicy()
110. {
111.     addPrefListener(this, kGlobalHostingFlagsPref);
112.     this.syncPrefs();
113.     this.globalHostingFlags = kDefaultGlobalHostingFlags;
114. }
115.  
116. AxSecurityPolicy.prototype = {
117.     syncPrefs: function()
118.     {
119.         var hostingFlags = this.globalHostingFlags;
120.         try {
121.             if (gPref == null) {
122.                 var prefService = Components.classes["@mozilla.org/preferences-service;1"]
123.                                             .getService(Components.interfaces.nsIPrefService);
124.                 gPref = prefService.getBranch(null);
125.             }
126.             hostingFlags = gPref.getIntPref(kGlobalHostingFlagsPref);
127.         }
128.         catch (ex) {
129.             dump("Failed to read control hosting flags from \"" + kGlobalHostingFlagsPref + "\"\n");
130.             hostingFlags = kDefaultGlobalHostingFlags;
131.         }
132.         if (hostingFlags != this.globalHostingFlags)
133.         {
134.             dump("Global activex hosting flags have changed value to " + hostingFlags + "\n");
135.             this.globalHostingFlags = hostingFlags
136.         }
137.     },
138.  
139.     // nsIActiveXSecurityPolicy
140.     getHostingFlags: function(context)
141.     {
142.         var hostingFlags;
143.         if (context == null || context == "global") {
144.             hostingFlags = this.globalHostingFlags;
145.         }
146.         else {
147.             try {
148.                 var prefName = kHostingPrefPart1 + context + kHostingPrefPart2;
149.                 hostingFlags = gPref.getIntPref(prefName);
150.             }
151.             catch (ex) {
152.                 dump("Failed to read control hosting prefs for \"" + context + "\" from \"" + prefName + "\" pref\n");
153.                 hostingFlags = kDefaultOtherHostingFlags;
154.             }
155.             hostingFlags = kDefaultOtherHostingFlags;
156.         }
157.         return hostingFlags;
158.     },
159.     // nsIObserver
160.     observe: function(subject, topic, prefName)
161.     {
162.         if (topic != "nsPref:changed")
163.             return;
164.         this.syncPrefs();
165.  
166.     },
167.     // nsISupports
168.     QueryInterface: function(iid) {
169.         if (iid.equals(nsISupports) ||
170.             iid.equals(nsIActiveXSecurityPolicy) ||
171.             iid.equals(nsIObserver))
172.             return this;
173.  
174.         Components.returnCode = Components.results.NS_ERROR_NO_INTERFACE;
175.         return null;
176.     }
177. };
178.  
179. /* factory for AxSecurityPolicy */
180. var AxSecurityPolicyFactory = {
181.     createInstance: function (outer, iid)
182.     {
183.         if (outer != null)
184.             throw Components.results.NS_ERROR_NO_AGGREGATION;
185.         if (!iid.equals(nsISupports) &&
186.             !iid.equals(nsIActiveXSecurityPolicy) &&
187.             !iid.equals(nsIObserver))
188.             throw Components.results.NS_ERROR_INVALID_ARG;
189.         return new AxSecurityPolicy();
190.     }
191. };
192.  
193.  
194. var AxSecurityPolicyModule = {
195.     registerSelf: function (compMgr, fileSpec, location, type)
196.     {
197.         debug("*** Registering axsecurity policy.\n");
198.         compMgr = compMgr.QueryInterface(Components.interfaces.nsIComponentRegistrar);
199.         compMgr.registerFactoryLocation(
200.             NS_IACTIVEXSECURITYPOLICY_CID ,
201.             "ActiveX Security Policy Service",
202.             NS_IACTIVEXSECURITYPOLICY_CONTRACTID,
203.             fileSpec,
204.             location,
205.             type);
206.     },
207.     unregisterSelf: function(compMgr, fileSpec, location)
208.     {
209.         compMgr = compMgr.QueryInterface(Components.interfaces.nsIComponentRegistrar);
210.         compMgr.unregisterFactoryLocation(NS_IACTIVEXSECURITYPOLICY_CID, fileSpec);
211.     },
212.     getClassObject: function(compMgr, cid, iid)
213.     {
214.         if (cid.equals(NS_IACTIVEXSECURITYPOLICY_CID))
215.             return AxSecurityPolicyFactory;
216.  
217.         if (!iid.equals(Components.interfaces.nsIFactory))
218.             throw Components.results.NS_ERROR_NOT_IMPLEMENTED;
219.  
220.         throw Components.results.NS_ERROR_NO_INTERFACE;
221.     },
222.     canUnload: function(compMgr)
223.     {
224.         return true;
225.     }
226. };
227.  
228. /* entrypoint */
229. function NSGetModule(compMgr, fileSpec) {
230.     return AxSecurityPolicyModule;
231. }
232.  
233.  
234.