Struct xpcom::interfaces::nsIContentSecurityPolicy [] [src]

#[repr(C)]

pub struct nsIContentSecurityPolicy { /* fields omitted */ }

interface nsIContentSecurityPolicy : nsISerializable

Methods

impl nsIContentSecurityPolicy
[src]

[src]

Cast this nsIContentSecurityPolicy to one of its base interfaces.

impl nsIContentSecurityPolicy
[src]

NO_DIRECTIVE: i64 = 0
/**
   * Directives supported by Content Security Policy.  These are enums for
   * the CSPDirective type.
   * The NO_DIRECTIVE entry is  used for checking default permissions and
   * returning failure when asking CSP which directive to check.
   *
   * NOTE: When implementing a new directive, you will need to add it here but also
   * add it to the CSPStrDirectives array in nsCSPUtils.h.
   */


DEFAULT_SRC_DIRECTIVE: i64 = 1

SCRIPT_SRC_DIRECTIVE: i64 = 2

OBJECT_SRC_DIRECTIVE: i64 = 3

STYLE_SRC_DIRECTIVE: i64 = 4

IMG_SRC_DIRECTIVE: i64 = 5

MEDIA_SRC_DIRECTIVE: i64 = 6

FRAME_SRC_DIRECTIVE: i64 = 7

FONT_SRC_DIRECTIVE: i64 = 8

CONNECT_SRC_DIRECTIVE: i64 = 9

REPORT_URI_DIRECTIVE: i64 = 10

FRAME_ANCESTORS_DIRECTIVE: i64 = 11

REFLECTED_XSS_DIRECTIVE: i64 = 12

BASE_URI_DIRECTIVE: i64 = 13

FORM_ACTION_DIRECTIVE: i64 = 14

REFERRER_DIRECTIVE: i64 = 15

WEB_MANIFEST_SRC_DIRECTIVE: i64 = 16

UPGRADE_IF_INSECURE_DIRECTIVE: i64 = 17

CHILD_SRC_DIRECTIVE: i64 = 18

BLOCK_ALL_MIXED_CONTENT: i64 = 19

REQUIRE_SRI_FOR: i64 = 20

SANDBOX_DIRECTIVE: i64 = 21

WORKER_SRC_DIRECTIVE: i64 = 22

VIOLATION_TYPE_INLINE_SCRIPT: i64 = 1

VIOLATION_TYPE_EVAL: i64 = 2

VIOLATION_TYPE_INLINE_STYLE: i64 = 3

VIOLATION_TYPE_NONCE_SCRIPT: i64 = 4

VIOLATION_TYPE_NONCE_STYLE: i64 = 5

VIOLATION_TYPE_HASH_SCRIPT: i64 = 6

VIOLATION_TYPE_HASH_STYLE: i64 = 7

VIOLATION_TYPE_REQUIRE_SRI_FOR_STYLE: i64 = 8

VIOLATION_TYPE_REQUIRE_SRI_FOR_SCRIPT: i64 = 9

[src]

/**
   * Accessor method for a read-only string version of the policy at a given
   * index.
   */

[binaryname(GetPolicyString)] AString getPolicy (in unsigned long index);

[src]

/**
   * Returns the number of policies attached to this CSP instance.  Useful with
   * getPolicy().
   */

readonly attribute unsigned long policyCount;

[src]

/**
   * Returns whether this policy uses the directive upgrade-insecure-requests.
   * Please note that upgrade-insecure-reqeusts also applies if the parent or
   * including document (context) makes use of the directive.
   */

readonly attribute bool upgradeInsecureRequests;

[src]

/**
   * Returns whether this policy uses the directive block-all-mixed-content.
   * Please note that block-all-mixed-content takes presedence in case the
   * directive upgrade-insecure-requests is defined in the same policy and
   * will therefore block all mixed content without even trying to perform
   * an upgrade.
   */

readonly attribute bool blockAllMixedContent;

[src]

/**
   * Returns whether this policy enforces the frame-ancestors directive.
   */

readonly attribute bool enforcesFrameAncestors;

[src]

/**
   * Obtains the referrer policy (as integer) for this browsing context as
   * specified in CSP.  If there are multiple policies and...
   *  - only one sets a referrer policy: that policy is returned
   *  - more than one sets different referrer policies: no-referrer is returned
   *  - more than one set equivalent policies: that policy is returned
   * For the enumeration of policies see ReferrerPolicy.h and nsIHttpChannel.
   *
   * @param aPolicy
   *        The referrer policy to use for the protected resource.
   * @return
   *        true if a referrer policy is specified, false if it's unspecified.
   */

bool getReferrerPolicy (out unsigned long policy);

[src]

/**
   * Parse and install a CSP policy.
   * @param aPolicy
   *        String representation of the policy
   *        (e.g., header value, meta content)
   * @param reportOnly
   *        Should this policy affect content, script and style processing or
   *        just send reports if it is violated?
   * @param deliveredViaMetaTag
   *        Indicates whether the policy was delivered via the meta tag.
   */

void appendPolicy (in AString policyString, in boolean reportOnly, in boolean deliveredViaMetaTag);

[src]

boolean getAllowsInline (in nsContentPolicyType aContentPolicyType, in AString aNonce, in boolean aParserCreated, in nsISupports aElementOrContent, in unsigned long aLineNumber);

[src]

/**
   * whether this policy allows eval and eval-like functions
   * such as setTimeout("code string", time).
   * @param shouldReportViolations
   *     Whether or not the use of eval should be reported.
   *     This function returns "true" when violating report-only policies, but
   *     when any policy (report-only or otherwise) is violated,
   *     shouldReportViolations is true as well.
   * @return
   *     Whether or not the effects of the eval call should be allowed
   *     (block the call if false).
   */

boolean getAllowsEval (out boolean shouldReportViolations);

[src]

/**
   * Delegate method called by the service when the protected document is loaded.
   * Returns the union of all the sandbox flags contained in CSP policies. This is the most
   * restrictive interpretation of flags set in multiple policies.
   * See nsSandboxFlags.h for the possible flags.
   *
   * @return
   *    sandbox flags or SANDBOXED_NONE if no sandbox directive exists
   */

uint32_t getCSPSandboxFlags ();

[src]

/**
   * For each violated policy (of type violationType), log policy violation on
   * the Error Console and send a report to report-uris present in the violated
   * policies.
   *
   * @param violationType
   *     one of the VIOLATION_TYPE_* constants, e.g. inline-script or eval
   * @param sourceFile
   *     name of the source file containing the violation (if available)
   * @param contentSample
   *     sample of the violating content (to aid debugging)
   * @param lineNum
   *     source line number of the violation (if available)
   * @param aNonce
   *     (optional) If this is a nonce violation, include the nonce so we can
   *     recheck to determine which policies were violated and send the
   *     appropriate reports.
   * @param aContent
   *     (optional) If this is a hash violation, include contents of the inline
   *     resource in the question so we can recheck the hash in order to
   *     determine which policies were violated and send the appropriate
   *     reports.
   */

void logViolationDetails (in unsigned short violationType, in AString sourceFile, in AString scriptSample, in int32_t lineNum, [optional] in AString nonce, [optional] in AString content);

[src]

/**
   * Called after the CSP object is created to fill in appropriate request
   * context. Either use
   *  * aDocument (preferred), or if no document is available, then provide
   *  * aPrincipal
   */

void setRequestContext (in nsIDOMDocument aDocument, in nsIPrincipal aPrincipal);

[src]

/**
   *  Ensure we have a nsIEventTarget to use to label CSPReportSenderRunnable
   */

[noscript] void ensureEventTarget (in nsIEventTarget aEventTarget);

[src]

bool requireSRIForType (in nsContentPolicyType aContentType);

[src]

/**
   * Verifies ancestry as permitted by the policy.
   *
   * NOTE: Calls to this may trigger violation reports when queried, so this
   * value should not be cached.
   *
   * @param docShell
   *    containing the protected resource
   * @return
   *    true if the frame's ancestors are all allowed by policy (except for
   *    report-only policies, which will send reports and then return true
   *    here when violated).
   */

boolean permitsAncestry (in nsIDocShell docShell);

[src]

/**
   * Checks if a specific directive permits loading of a URI.
   *
   * NOTE: Calls to this may trigger violation reports when queried, so the
   * return value should not be cached.
   *
   * @param aURI
   *    The URI about to be loaded or used.
   * @param aDir
   *    The CSPDirective to query (see above constants *_DIRECTIVE).
   * @param aSpecific
   *    If "true" and the directive is specified to fall back to "default-src"
   *    when it's not explicitly provided, directivePermits will NOT try
   *    default-src when the specific directive is not used.  Setting this to
   *    "false" allows CSP to fall back to default-src.  This function
   *    behaves the same for both values of canUseDefault when querying
   *    directives that don't fall-back.
   * @return
   *    Whether or not the provided URI is allowed by CSP under the given
   *    directive. (block the pending operation if false).
   */

boolean permits (in nsIURI aURI, in CSPDirective aDir, in boolean aSpecific);

[src]

/**
   * Delegate method called by the service when sub-elements of the protected
   * document are being loaded.  Given a bit of information about the request,
   * decides whether or not the policy is satisfied.
   *
   * Calls to this may trigger violation reports when queried, so
   * this value should not be cached.
   */

short shouldLoad (in nsContentPolicyType aContentType, in nsIURI aContentLocation, in nsIURI aRequestOrigin, in nsISupports aContext, in ACString aMimeTypeGuess, in nsISupports aExtra);

[src]

/**
   * Returns the CSP in JSON notation.
   */

AString toJSON ();

Methods from Deref<Target = nsISerializable>

[src]

Cast this nsISerializable to one of its base interfaces.

[src]

/**
     * Initialize the object implementing nsISerializable, which must have
     * been freshly constructed via CreateInstance.  All data members that
     * can't be set to default values must have been serialized by write,
     * and should be read from aInputStream in the same order by this method.
     */

void read (in nsIObjectInputStream aInputStream);

[src]

/**
     * Serialize the object implementing nsISerializable to aOutputStream, by
     * writing each data member that must be recovered later to reconstitute
     * a working replica of this object, in a canonical member and byte order,
     * to aOutputStream.
     *
     * NB: a class that implements nsISerializable *must* also implement
     * nsIClassInfo, in particular nsIClassInfo::GetClassID.
     */

void write (in nsIObjectOutputStream aOutputStream);

Trait Implementations

impl XpCom for nsIContentSecurityPolicy
[src]

IID: nsIID = nsID(3016016046, 48478, 19629, [135, 224, 141, 33, 13, 187, 63, 159])

[src]

Perform a QueryInterface call on this object, attempting to dynamically cast it to the requested interface type. Returns Some(RefPtr) if the cast succeeded, and None otherwise. Read more

impl RefCounted for nsIContentSecurityPolicy
[src]

[src]

Increment the reference count.

[src]

Decrement the reference count, potentially freeing backing memory.

impl Deref for nsIContentSecurityPolicy
[src]

The resulting type after dereferencing.

[src]

Dereferences the value.