PRBool canExecuteScripts ( JSContextPtr* cx , nsIPrincipal principal )

Return true if content from the given principal is allowed to execute scripts.

Arguments:

cx

principal

void checkConnect ( JSContextPtr* JSContext , nsIURI targetURI , char* className , char* property )

Checks whether the running script is allowed to connect to targetURI

Arguments:

JSContext

targetURI

className

property

void checkFunctionAccess ( JSContextPtr* cx , voidPtr* funObj , voidPtr* targetObj )

Check that the function 'funObj' is allowed to run on 'targetObj'

Will return error code NS_ERROR_DOM_SECURITY_ERR if the function should not run

Arguments:

cx: The current active JavaScript context.

funObj: The function trying to run..

targetObj: The object the function will run on.

void checkLoadURI ( nsIURI from , nsIURI uri , PRUint32 flags )

Check that content from "from" can load "uri".

Will return error code NS_ERROR_DOM_BAD_URI if the load request should be denied.

Arguments:

from: the URI causing the load

uri: the URI that is being loaded

flags: the permission set, see above

void checkLoadURIFromScript ( JSContextPtr* cx , nsIURI uri )

Check that the script currently running in context "cx" can load "uri".

Will return error code NS_ERROR_DOM_BAD_URI if the load request should be denied.

Arguments:

cx: the JSContext of the script causing the load

uri: the URI that is being loaded

void checkLoadURIStr ( AUTF8String from , AUTF8String uri , PRUint32 flags )

Same as CheckLoadURI but takes string arguments for ease of use by scripts

Arguments:

from

uri

flags

void checkLoadURIStrWithPrincipal ( nsIPrincipal principal , AUTF8String uri , PRUint32 flags )

Similar to checkLoadURIWithPrincipal but there are two differences:

1) The URI is a string, not a URI object. 2) This function assumes that the URI may still be subject to fixup (and hence will check whether fixed-up versions of the URI are allowed to load as well); if any of the versions of this URI is not allowed, this function will return error code NS_ERROR_DOM_BAD_URI.

Arguments:

principal

uri

flags

void checkLoadURIWithPrincipal ( nsIPrincipal principal , nsIURI uri , PRUint32 flags )

Check that content with principal principal can load "uri".

Will return error code NS_ERROR_DOM_BAD_URI if the load request should be denied.

Arguments:

principal: the principal identifying the actor causing the load

uri: the URI that is being loaded

flags: the permission set, see above

void checkPropertyAccess ( JSContextPtr* JSContext , JSObjectPtr* JSObject , char* className , JSVal property , PRUint32 action )

Checks whether the running script is allowed to access property.

Arguments:

JSContext

JSObject

className

property

action

void checkSameOrigin ( JSContextPtr* JSContext , nsIURI targetURI )

Returns OK if jSContext and target have the same "origin" (scheme, host, and port).

Arguments:

JSContext

targetURI

void checkSameOriginPrincipal ( nsIPrincipal sourcePrincipal , nsIPrincipal targetPrincipal )

Returns OK if sourcePrincipal and targetPrincipal have the same "origin" (scheme, host, and port).

Arguments:

sourcePrincipal

targetPrincipal

void checkSameOriginURI ( nsIURI sourceURI , nsIURI targetURI , PRBool reportError )

Returns OK if sourceURI and target have the same "origin" (scheme, host, and port). ReportError flag suppresses error reports for functions that don't need reporting.

Arguments:

sourceURI

targetURI

reportError

void disableCapability ( char* capability )

Disable 'capability' in the innermost frame of the currently executing script.

Arguments:

capability

void enableCapability ( char* capability )

Enable 'capability' in the innermost frame of the currently executing script.

Arguments:

capability

nsIPrincipal getCertificatePrincipal ( AUTF8String certFingerprint , AUTF8String subjectName , AUTF8String prettyName , nsISupports cert , nsIURI URI )

Return a principal with the specified certificate fingerprint, subject name (the full name or concatenated set of names of the entity represented by the certificate), pretty name, certificate, and codebase URI. The certificate fingerprint and subject name MUST be nonempty; otherwise an error will be thrown. Similarly, cert must not be null.

Arguments:

certFingerprint

subjectName

prettyName

cert

URI

nsIPrincipal getChannelPrincipal ( nsIChannel channel )

Get the principal for the given channel. This will typically be the channel owner if there is one, and the codebase principal for the channel's URI otherwise. channel must not be null.

Arguments:

channel

nsIPrincipal getCodebasePrincipal ( nsIURI URI )

Return a principal that has the same origin as uRI.

Arguments:

URI

[notxpcom] nsIPrincipal getCxSubjectPrincipal ( JSContextPtr* cx )

Same as getSubjectPrincipal(), only faster. cx must *never* be passed null, and it must be the context on the top of the context stack. Does *not* reference count the returned principal.

Arguments:

cx

nsIPrincipal getObjectPrincipal ( JSContextPtr* cx , JSObjectPtr* obj )

Return the principal of the specified object in the specified context.

Arguments:

cx

obj

nsIPrincipal getPrincipalFromContext ( JSContextPtr* cx )

Returns the principal of the global object of the given context, or null if no global or no principal.

Arguments:

cx

nsIPrincipal getSubjectPrincipal ( )

Return the principal of the innermost frame of the currently executing script. Will return null if there is no script currently executing.

nsIPrincipal getSystemPrincipal ( )

Return the all-powerful system principal.

PRBool isCapabilityEnabled ( char* capability )

Return true if the currently executing script has 'capability' enabled.

Arguments:

capability

PRBool isSystemPrincipal ( nsIPrincipal principal )

Check whether a given principal is a system principal. This allows us to avoid handing back the system principal to script while allowing script to check whether a given principal is system.

Arguments:

principal

PRInt16 requestCapability ( nsIPrincipal principal , char* capability )

Request that 'capability' can be enabled by scripts or applets running with 'principal'. Will prompt user if necessary. Returns nsIPrincipal::ENABLE_GRANTED or nsIPrincipal::ENABLE_DENIED based on user's choice.

Arguments:

principal

capability

void revertCapability ( char* capability )

Remove 'capability' from the innermost frame of the currently executing script. Any setting of 'capability' from enclosing frames thus comes into effect.

Arguments:

capability

void setCanEnableCapability ( AUTF8String certificateFingerprint , char* capability , PRInt16 canEnable )

Allow 'certificateID' to enable 'capability.' Can only be performed by code signed by the system certificate.

Arguments:

certificateFingerprint

capability

canEnable

PRBool subjectPrincipalIsSystem ( )

Returns true if the principal of the currently running script is the system principal, false otherwise.