Struct xpcom::interfaces::nsIContentSecurityPolicy
[−]
[src]
#[repr(C)]pub struct nsIContentSecurityPolicy { /* fields omitted */ }
interface nsIContentSecurityPolicy : nsISerializable
Methods
impl nsIContentSecurityPolicy
[src]
pub fn coerce<T: nsIContentSecurityPolicyCoerce>(&self) -> &T
[src]
Cast this nsIContentSecurityPolicy
to one of its base interfaces.
impl nsIContentSecurityPolicy
[src]
pub const NO_DIRECTIVE: i64
NO_DIRECTIVE: i64 = 0
/**
* Directives supported by Content Security Policy. These are enums for
* the CSPDirective type.
* The NO_DIRECTIVE entry is used for checking default permissions and
* returning failure when asking CSP which directive to check.
*
* NOTE: When implementing a new directive, you will need to add it here but also
* add it to the CSPStrDirectives array in nsCSPUtils.h.
*/
pub const DEFAULT_SRC_DIRECTIVE: i64
DEFAULT_SRC_DIRECTIVE: i64 = 1
pub const SCRIPT_SRC_DIRECTIVE: i64
SCRIPT_SRC_DIRECTIVE: i64 = 2
pub const OBJECT_SRC_DIRECTIVE: i64
OBJECT_SRC_DIRECTIVE: i64 = 3
pub const STYLE_SRC_DIRECTIVE: i64
STYLE_SRC_DIRECTIVE: i64 = 4
pub const IMG_SRC_DIRECTIVE: i64
IMG_SRC_DIRECTIVE: i64 = 5
pub const MEDIA_SRC_DIRECTIVE: i64
MEDIA_SRC_DIRECTIVE: i64 = 6
pub const FRAME_SRC_DIRECTIVE: i64
FRAME_SRC_DIRECTIVE: i64 = 7
pub const FONT_SRC_DIRECTIVE: i64
FONT_SRC_DIRECTIVE: i64 = 8
pub const CONNECT_SRC_DIRECTIVE: i64
CONNECT_SRC_DIRECTIVE: i64 = 9
pub const REPORT_URI_DIRECTIVE: i64
REPORT_URI_DIRECTIVE: i64 = 10
pub const FRAME_ANCESTORS_DIRECTIVE: i64
FRAME_ANCESTORS_DIRECTIVE: i64 = 11
pub const REFLECTED_XSS_DIRECTIVE: i64
REFLECTED_XSS_DIRECTIVE: i64 = 12
pub const BASE_URI_DIRECTIVE: i64
BASE_URI_DIRECTIVE: i64 = 13
pub const FORM_ACTION_DIRECTIVE: i64
FORM_ACTION_DIRECTIVE: i64 = 14
pub const REFERRER_DIRECTIVE: i64
REFERRER_DIRECTIVE: i64 = 15
pub const WEB_MANIFEST_SRC_DIRECTIVE: i64
WEB_MANIFEST_SRC_DIRECTIVE: i64 = 16
pub const UPGRADE_IF_INSECURE_DIRECTIVE: i64
UPGRADE_IF_INSECURE_DIRECTIVE: i64 = 17
pub const CHILD_SRC_DIRECTIVE: i64
CHILD_SRC_DIRECTIVE: i64 = 18
pub const BLOCK_ALL_MIXED_CONTENT: i64
BLOCK_ALL_MIXED_CONTENT: i64 = 19
pub const REQUIRE_SRI_FOR: i64
REQUIRE_SRI_FOR: i64 = 20
pub const SANDBOX_DIRECTIVE: i64
SANDBOX_DIRECTIVE: i64 = 21
pub const WORKER_SRC_DIRECTIVE: i64
WORKER_SRC_DIRECTIVE: i64 = 22
pub const VIOLATION_TYPE_INLINE_SCRIPT: i64
VIOLATION_TYPE_INLINE_SCRIPT: i64 = 1
pub const VIOLATION_TYPE_EVAL: i64
VIOLATION_TYPE_EVAL: i64 = 2
pub const VIOLATION_TYPE_INLINE_STYLE: i64
VIOLATION_TYPE_INLINE_STYLE: i64 = 3
pub const VIOLATION_TYPE_NONCE_SCRIPT: i64
VIOLATION_TYPE_NONCE_SCRIPT: i64 = 4
pub const VIOLATION_TYPE_NONCE_STYLE: i64
VIOLATION_TYPE_NONCE_STYLE: i64 = 5
pub const VIOLATION_TYPE_HASH_SCRIPT: i64
VIOLATION_TYPE_HASH_SCRIPT: i64 = 6
pub const VIOLATION_TYPE_HASH_STYLE: i64
VIOLATION_TYPE_HASH_STYLE: i64 = 7
pub const VIOLATION_TYPE_REQUIRE_SRI_FOR_STYLE: i64
VIOLATION_TYPE_REQUIRE_SRI_FOR_STYLE: i64 = 8
pub const VIOLATION_TYPE_REQUIRE_SRI_FOR_SCRIPT: i64
VIOLATION_TYPE_REQUIRE_SRI_FOR_SCRIPT: i64 = 9
pub unsafe fn GetPolicyString(
&self,
index: uint32_t,
_retval: &mut nsAString
) -> nsresult
[src]
&self,
index: uint32_t,
_retval: &mut nsAString
) -> nsresult
/**
* Accessor method for a read-only string version of the policy at a given
* index.
*/
[binaryname(GetPolicyString)] AString getPolicy (in unsigned long index);
pub unsafe fn GetPolicyCount(&self, aPolicyCount: *mut uint32_t) -> nsresult
[src]
/**
* Returns the number of policies attached to this CSP instance. Useful with
* getPolicy().
*/
readonly attribute unsigned long policyCount;
pub unsafe fn GetUpgradeInsecureRequests(
&self,
aUpgradeInsecureRequests: *mut bool
) -> nsresult
[src]
&self,
aUpgradeInsecureRequests: *mut bool
) -> nsresult
/**
* Returns whether this policy uses the directive upgrade-insecure-requests.
* Please note that upgrade-insecure-reqeusts also applies if the parent or
* including document (context) makes use of the directive.
*/
readonly attribute bool upgradeInsecureRequests;
pub unsafe fn GetBlockAllMixedContent(
&self,
aBlockAllMixedContent: *mut bool
) -> nsresult
[src]
&self,
aBlockAllMixedContent: *mut bool
) -> nsresult
/**
* Returns whether this policy uses the directive block-all-mixed-content.
* Please note that block-all-mixed-content takes presedence in case the
* directive upgrade-insecure-requests is defined in the same policy and
* will therefore block all mixed content without even trying to perform
* an upgrade.
*/
readonly attribute bool blockAllMixedContent;
pub unsafe fn GetEnforcesFrameAncestors(
&self,
aEnforcesFrameAncestors: *mut bool
) -> nsresult
[src]
&self,
aEnforcesFrameAncestors: *mut bool
) -> nsresult
/**
* Returns whether this policy enforces the frame-ancestors directive.
*/
readonly attribute bool enforcesFrameAncestors;
pub unsafe fn GetReferrerPolicy(
&self,
policy: *mut uint32_t,
_retval: *mut bool
) -> nsresult
[src]
&self,
policy: *mut uint32_t,
_retval: *mut bool
) -> nsresult
/**
* Obtains the referrer policy (as integer) for this browsing context as
* specified in CSP. If there are multiple policies and...
* - only one sets a referrer policy: that policy is returned
* - more than one sets different referrer policies: no-referrer is returned
* - more than one set equivalent policies: that policy is returned
* For the enumeration of policies see ReferrerPolicy.h and nsIHttpChannel.
*
* @param aPolicy
* The referrer policy to use for the protected resource.
* @return
* true if a referrer policy is specified, false if it's unspecified.
*/
bool getReferrerPolicy (out unsigned long policy);
pub unsafe fn AppendPolicy(
&self,
policyString: &nsAString,
reportOnly: bool,
deliveredViaMetaTag: bool
) -> nsresult
[src]
&self,
policyString: &nsAString,
reportOnly: bool,
deliveredViaMetaTag: bool
) -> nsresult
/**
* Parse and install a CSP policy.
* @param aPolicy
* String representation of the policy
* (e.g., header value, meta content)
* @param reportOnly
* Should this policy affect content, script and style processing or
* just send reports if it is violated?
* @param deliveredViaMetaTag
* Indicates whether the policy was delivered via the meta tag.
*/
void appendPolicy (in AString policyString, in boolean reportOnly, in boolean deliveredViaMetaTag);
pub unsafe fn GetAllowsInline(
&self,
aContentPolicyType: nsContentPolicyType,
aNonce: &nsAString,
aParserCreated: bool,
aElementOrContent: *const nsISupports,
aLineNumber: uint32_t,
_retval: *mut bool
) -> nsresult
[src]
&self,
aContentPolicyType: nsContentPolicyType,
aNonce: &nsAString,
aParserCreated: bool,
aElementOrContent: *const nsISupports,
aLineNumber: uint32_t,
_retval: *mut bool
) -> nsresult
boolean getAllowsInline (in nsContentPolicyType aContentPolicyType, in AString aNonce, in boolean aParserCreated, in nsISupports aElementOrContent, in unsigned long aLineNumber);
pub unsafe fn GetAllowsEval(
&self,
shouldReportViolations: *mut bool,
_retval: *mut bool
) -> nsresult
[src]
&self,
shouldReportViolations: *mut bool,
_retval: *mut bool
) -> nsresult
/**
* whether this policy allows eval and eval-like functions
* such as setTimeout("code string", time).
* @param shouldReportViolations
* Whether or not the use of eval should be reported.
* This function returns "true" when violating report-only policies, but
* when any policy (report-only or otherwise) is violated,
* shouldReportViolations is true as well.
* @return
* Whether or not the effects of the eval call should be allowed
* (block the call if false).
*/
boolean getAllowsEval (out boolean shouldReportViolations);
pub unsafe fn GetCSPSandboxFlags(&self, _retval: *mut uint32_t) -> nsresult
[src]
/**
* Delegate method called by the service when the protected document is loaded.
* Returns the union of all the sandbox flags contained in CSP policies. This is the most
* restrictive interpretation of flags set in multiple policies.
* See nsSandboxFlags.h for the possible flags.
*
* @return
* sandbox flags or SANDBOXED_NONE if no sandbox directive exists
*/
uint32_t getCSPSandboxFlags ();
pub unsafe fn LogViolationDetails(
&self,
violationType: uint16_t,
sourceFile: &nsAString,
scriptSample: &nsAString,
lineNum: int32_t,
nonce: &nsAString,
content: &nsAString
) -> nsresult
[src]
&self,
violationType: uint16_t,
sourceFile: &nsAString,
scriptSample: &nsAString,
lineNum: int32_t,
nonce: &nsAString,
content: &nsAString
) -> nsresult
/**
* For each violated policy (of type violationType), log policy violation on
* the Error Console and send a report to report-uris present in the violated
* policies.
*
* @param violationType
* one of the VIOLATION_TYPE_* constants, e.g. inline-script or eval
* @param sourceFile
* name of the source file containing the violation (if available)
* @param contentSample
* sample of the violating content (to aid debugging)
* @param lineNum
* source line number of the violation (if available)
* @param aNonce
* (optional) If this is a nonce violation, include the nonce so we can
* recheck to determine which policies were violated and send the
* appropriate reports.
* @param aContent
* (optional) If this is a hash violation, include contents of the inline
* resource in the question so we can recheck the hash in order to
* determine which policies were violated and send the appropriate
* reports.
*/
void logViolationDetails (in unsigned short violationType, in AString sourceFile, in AString scriptSample, in int32_t lineNum, [optional] in AString nonce, [optional] in AString content);
pub unsafe fn SetRequestContext(
&self,
aDocument: *const nsIDOMDocument,
aPrincipal: *const nsIPrincipal
) -> nsresult
[src]
&self,
aDocument: *const nsIDOMDocument,
aPrincipal: *const nsIPrincipal
) -> nsresult
/**
* Called after the CSP object is created to fill in appropriate request
* context. Either use
* * aDocument (preferred), or if no document is available, then provide
* * aPrincipal
*/
void setRequestContext (in nsIDOMDocument aDocument, in nsIPrincipal aPrincipal);
pub unsafe fn EnsureEventTarget(
&self,
aEventTarget: *const nsIEventTarget
) -> nsresult
[src]
&self,
aEventTarget: *const nsIEventTarget
) -> nsresult
/**
* Ensure we have a nsIEventTarget to use to label CSPReportSenderRunnable
*/
[noscript] void ensureEventTarget (in nsIEventTarget aEventTarget);
pub unsafe fn RequireSRIForType(
&self,
aContentType: nsContentPolicyType,
_retval: *mut bool
) -> nsresult
[src]
&self,
aContentType: nsContentPolicyType,
_retval: *mut bool
) -> nsresult
bool requireSRIForType (in nsContentPolicyType aContentType);
pub unsafe fn PermitsAncestry(
&self,
docShell: *const nsIDocShell,
_retval: *mut bool
) -> nsresult
[src]
&self,
docShell: *const nsIDocShell,
_retval: *mut bool
) -> nsresult
/**
* Verifies ancestry as permitted by the policy.
*
* NOTE: Calls to this may trigger violation reports when queried, so this
* value should not be cached.
*
* @param docShell
* containing the protected resource
* @return
* true if the frame's ancestors are all allowed by policy (except for
* report-only policies, which will send reports and then return true
* here when violated).
*/
boolean permitsAncestry (in nsIDocShell docShell);
pub unsafe fn Permits(
&self,
aURI: *const nsIURI,
aDir: CSPDirective,
aSpecific: bool,
_retval: *mut bool
) -> nsresult
[src]
&self,
aURI: *const nsIURI,
aDir: CSPDirective,
aSpecific: bool,
_retval: *mut bool
) -> nsresult
/**
* Checks if a specific directive permits loading of a URI.
*
* NOTE: Calls to this may trigger violation reports when queried, so the
* return value should not be cached.
*
* @param aURI
* The URI about to be loaded or used.
* @param aDir
* The CSPDirective to query (see above constants *_DIRECTIVE).
* @param aSpecific
* If "true" and the directive is specified to fall back to "default-src"
* when it's not explicitly provided, directivePermits will NOT try
* default-src when the specific directive is not used. Setting this to
* "false" allows CSP to fall back to default-src. This function
* behaves the same for both values of canUseDefault when querying
* directives that don't fall-back.
* @return
* Whether or not the provided URI is allowed by CSP under the given
* directive. (block the pending operation if false).
*/
boolean permits (in nsIURI aURI, in CSPDirective aDir, in boolean aSpecific);
pub unsafe fn ShouldLoad(
&self,
aContentType: nsContentPolicyType,
aContentLocation: *const nsIURI,
aRequestOrigin: *const nsIURI,
aContext: *const nsISupports,
aMimeTypeGuess: &nsACString,
aExtra: *const nsISupports,
_retval: *mut int16_t
) -> nsresult
[src]
&self,
aContentType: nsContentPolicyType,
aContentLocation: *const nsIURI,
aRequestOrigin: *const nsIURI,
aContext: *const nsISupports,
aMimeTypeGuess: &nsACString,
aExtra: *const nsISupports,
_retval: *mut int16_t
) -> nsresult
/**
* Delegate method called by the service when sub-elements of the protected
* document are being loaded. Given a bit of information about the request,
* decides whether or not the policy is satisfied.
*
* Calls to this may trigger violation reports when queried, so
* this value should not be cached.
*/
short shouldLoad (in nsContentPolicyType aContentType, in nsIURI aContentLocation, in nsIURI aRequestOrigin, in nsISupports aContext, in ACString aMimeTypeGuess, in nsISupports aExtra);
pub unsafe fn ToJSON(&self, _retval: &mut nsAString) -> nsresult
[src]
/**
* Returns the CSP in JSON notation.
*/
AString toJSON ();
Methods from Deref<Target = nsISerializable>
pub fn coerce<T: nsISerializableCoerce>(&self) -> &T
[src]
Cast this nsISerializable
to one of its base interfaces.
pub unsafe fn Read(&self, aInputStream: *const nsIObjectInputStream) -> nsresult
[src]
/**
* Initialize the object implementing nsISerializable, which must have
* been freshly constructed via CreateInstance. All data members that
* can't be set to default values must have been serialized by write,
* and should be read from aInputStream in the same order by this method.
*/
void read (in nsIObjectInputStream aInputStream);
pub unsafe fn Write(
&self,
aOutputStream: *const nsIObjectOutputStream
) -> nsresult
[src]
&self,
aOutputStream: *const nsIObjectOutputStream
) -> nsresult
/**
* Serialize the object implementing nsISerializable to aOutputStream, by
* writing each data member that must be recovered later to reconstitute
* a working replica of this object, in a canonical member and byte order,
* to aOutputStream.
*
* NB: a class that implements nsISerializable *must* also implement
* nsIClassInfo, in particular nsIClassInfo::GetClassID.
*/
void write (in nsIObjectOutputStream aOutputStream);
Trait Implementations
impl XpCom for nsIContentSecurityPolicy
[src]
const IID: nsIID
IID: nsIID = nsID(3016016046, 48478, 19629, [135, 224, 141, 33, 13, 187, 63, 159])
fn query_interface<T: XpCom>(&self) -> Option<RefPtr<T>>
[src]
Perform a QueryInterface call on this object, attempting to dynamically cast it to the requested interface type. Returns Some(RefPtr) if the cast succeeded, and None otherwise. Read more
impl RefCounted for nsIContentSecurityPolicy
[src]
unsafe fn addref(&self)
[src]
Increment the reference count.
unsafe fn release(&self)
[src]
Decrement the reference count, potentially freeing backing memory.
impl Deref for nsIContentSecurityPolicy
[src]
type Target = nsISerializable
The resulting type after dereferencing.
fn deref(&self) -> &nsISerializable
[src]
Dereferences the value.