//=========================================================================== void CSMLoginScene::DidDownloadStatus( DownloadStatus status ) { if (status == DownloadStatusResNotFound) { //m_label->SetText( "抱歉,下载资源未找到,请联系GM" ); if (m_pLabelPromtp) { m_pLabelPromtp->SetText( NDCommonCString2(SZ_ERROR_04).c_str() ); m_pLabelPromtp->SetFontColor( ccc4(0xFF,0x0,0x0,255) ); //m_pLabelPromtp->SetFontSize( 20 ); //CCRect tRect = m_pLabelPromtp->GetFrameRect(); //m_pLabelPromtp->SetFrameRect( CCRectMake( tRect.origin.x, tRect.origin.y, tRect.size.width*3, tRect.size.height*2)); //m_pLabelPromtp->SetVisible( true ); } } else if (status == DownloadStatusFailed) { if (m_pLabelPromtp) { //m_label->SetText( "下载失败,请检查网络链接或者重启设备尝试" ); m_pLabelPromtp->SetText( NDCommonCString2(SZ_ERROR_05).c_str() ); m_pLabelPromtp->SetFontColor( ccc4(0xFF,0x0,0x0,255) ); //m_pLabelPromtp->SetFontSize( 20 ); //CCRect tRect = m_pLabelPromtp->GetFrameRect(); //m_pLabelPromtp->SetFrameRect( CCRectMake( tRect.origin.x/2, tRect.origin.y, tRect.size.width*3, tRect.size.height*2)); //m_pLabelPromtp->SetVisible( true ); } } else { //m_label->SetText("下载完成,正在进行安装升级,请稍候......"); m_pTimer->SetTimer( this, TAG_TIMER_DOWNLOAD_SUCCESS, 0.5f ); StartInstall(); } }
NS_IMETHODIMP nsInstallTrigger::HandleContent(const char * aContentType, nsIInterfaceRequestor* aWindowContext, nsIRequest* aRequest) { nsresult rv = NS_OK; if (!aRequest) return NS_ERROR_NULL_POINTER; if (nsCRT::strcasecmp(aContentType, "application/x-xpinstall") != 0) { // We only support content-type application/x-xpinstall return NS_ERROR_WONT_HANDLE_CONTENT; } // Save the URI so nsXPInstallManager can re-load it later nsCOMPtr<nsIURI> uri; nsCAutoString urispec; nsCOMPtr<nsIChannel> channel = do_QueryInterface(aRequest); if (channel) { rv = channel->GetURI(getter_AddRefs(uri)); if (NS_SUCCEEDED(rv) && uri) rv = uri->GetSpec(urispec); } if (NS_FAILED(rv)) return rv; if (urispec.IsEmpty()) return NS_ERROR_ILLEGAL_VALUE; // Save the referrer if any, for permission checks NS_NAMED_LITERAL_STRING(referrerProperty, "docshell.internalReferrer"); PRBool useReferrer = PR_FALSE; nsCOMPtr<nsIURI> referringURI; nsCOMPtr<nsIPropertyBag2> channelprops(do_QueryInterface(channel)); if (channelprops) { // Get the referrer from the channel properties if we can (not all // channels support our internal-referrer property). // // It's possible docshell explicitly set a null referrer in the case // of typed, pasted, or bookmarked URLs and the like. In such a case // we get a success return value with null pointer. // // A null referrer is automatically whitelisted as an explicit user // action (though they'll still get the confirmation dialog). For a // missing referrer we go to our fall-back plan of using the XPI // location for whitelisting purposes. rv = channelprops->GetPropertyAsInterface(referrerProperty, NS_GET_IID(nsIURI), getter_AddRefs(referringURI)); if (NS_SUCCEEDED(rv)) useReferrer = PR_TRUE; } // Cancel the current request. nsXPInstallManager restarts the download // under its control (shared codepath with InstallTrigger) aRequest->Cancel(NS_BINDING_ABORTED); // Get the global object of the target window for StartSoftwareUpdate nsCOMPtr<nsIScriptGlobalObjectOwner> globalObjectOwner = do_QueryInterface(aWindowContext); nsIScriptGlobalObject* globalObject = globalObjectOwner ? globalObjectOwner->GetScriptGlobalObject() : nsnull; if ( !globalObject ) return NS_ERROR_INVALID_ARG; nsCOMPtr<nsIURI> checkuri; if ( useReferrer ) { // easiest and most common case: base decision on the page that // contained the link // // NOTE: the XPI itself may be from elsewhere; the user can decide if // they trust the actual source when they get the install confirmation // dialog. The decision we're making here is whether the triggering // site is one which is allowed to annoy the user with modal dialogs. checkuri = referringURI; } else { // Now we're stumbing in the dark. In the most likely case the user // simply clicked on an FTP link (no referrer) and it's perfectly // sane to use the current window. // // On the other hand the user might be opening a non-http XPI link // in an unrelated existing window (typed in location bar, bookmark, // dragged link ...) in which case the current window is irrelevant. // If we knew it was one of these explicit user actions we'd like to // allow it, but we have no way of knowing that here. // // But there's no way to distinguish the innocent cases from a clever // malicious site. If we used the target window then evil.com could // embed a presumed allowed site (e.g. mozilla.org) in a frame, then // change the location to the XPI and trigger the install. Or evil.com // could do the same thing in a new window (more work to get around // popup blocking, but possible). // // Our choices appear to be block this type of load entirely or to // trust only the install URI. The former is unacceptably restrictive, // the latter allows malicious sites to pester people with modal // dialogs. As long as the trusted sites don't host bad content that's // no worse than an endless stream of alert()s -- already possible. // If the trusted sites don't even have an ftp server then even this // level of annoyance is not possible. // // If a trusted site hosts an install with an exploitable flaw it // might be possible that a malicious site would attempt to trick // people into installing it, hoping to turn around and exploit it. // This is not entirely far-fetched (it's been done with ActiveX // controls) and will require community policing of the default // trusted sites. checkuri = uri; } nsAutoPtr<nsXPITriggerInfo> trigger(new nsXPITriggerInfo()); nsAutoPtr<nsXPITriggerItem> item(new nsXPITriggerItem(0, NS_ConvertUTF8toUTF16(urispec).get(), nsnull)); if (trigger && item) { // trigger will own the item now trigger->Add(item.forget()); nsCOMPtr<nsIDOMWindowInternal> win(do_QueryInterface(globalObject)); nsCOMPtr<nsIXPIInstallInfo> installInfo = new nsXPIInstallInfo(win, checkuri, trigger, 0); if (installInfo) { // From here trigger is owned by installInfo until passed on to nsXPInstallManager trigger.forget(); if (AllowInstall(checkuri)) { return StartInstall(installInfo, nsnull); } else { nsCOMPtr<nsIObserverService> os(do_GetService("@mozilla.org/observer-service;1")); if (os) os->NotifyObservers(installInfo, "xpinstall-install-blocked", nsnull); return NS_ERROR_ABORT; } } } return NS_ERROR_OUT_OF_MEMORY; }