// Check site-specific permission and display prompt if appropriate.
bool
IsImageExtractionAllowed(nsIDocument *aDocument)
{
if (!aDocument)
return false;
nsPIDOMWindow *win = aDocument->GetWindow();
nsCOMPtr<nsIScriptObjectPrincipal> sop(do_QueryInterface(win));
if (sop && nsContentUtils::IsSystemPrincipal(sop->GetPrincipal()))
return true;
bool isAllowed = false;
nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil =
do_GetService(THIRDPARTYUTIL_CONTRACTID);
nsCOMPtr<nsIPermissionManager> permissionManager =
do_GetService(NS_PERMISSIONMANAGER_CONTRACTID);
if (thirdPartyUtil && permissionManager) {
nsCOMPtr<nsIURI> uri;
nsresult rv = thirdPartyUtil->GetFirstPartyURI(NULL, aDocument,
getter_AddRefs(uri));
uint32_t permission = nsIPermissionManager::UNKNOWN_ACTION;
if (NS_SUCCEEDED(rv)) {
// Allow local files to access canvas data; check content permissions
// for remote pages.
bool isFileURL = false;
(void)uri->SchemeIs("file", &isFileURL);
if (isFileURL)
permission = nsIPermissionManager::ALLOW_ACTION;
else {
rv = permissionManager->TestPermission(uri,
PERMISSION_CANVAS_EXTRACT_DATA, &permission);
}
}
if (NS_SUCCEEDED(rv)) {
isAllowed = (permission == nsIPermissionManager::ALLOW_ACTION);
if (!isAllowed && (permission != nsIPermissionManager::DENY_ACTION)) {
// Send notification so that a prompt is displayed.
nsCString spec;
rv = uri->GetSpec(spec);
NS_ENSURE_SUCCESS(rv, false);
nsCOMPtr<nsIObserverService> obs =
mozilla::services::GetObserverService();
obs->NotifyObservers(win, TOPIC_CANVAS_PERMISSIONS_PROMPT,
NS_ConvertUTF8toUTF16(spec).get());
}
}
}
return isAllowed;
}
TYPED_TEST(unary_operations, same_as_std_on_random_inputs) {
using optimus_op = typename TypeParam::first_type;
using std_op = typename TypeParam::second_type;
using type = typename std_op::result_type;
optimus_op oop;
std_op sop;
for (size_t i = 0; i < 5; ++i) {
auto r1 = random_input<optimus_op, type>::gen();
EXPECT_EQ(sop(r1), oop(r1));
}
}
SimpleFilter* createSimpleFilter
(
CalpontSystemCatalog*& csc,
const CalpontSystemCatalog::TableColName& tcn,
const string& opstr,
ConstantColumn* cc
)
{
SimpleFilter* lsf = new SimpleFilter();
Operator* op = new Operator();
op->data(opstr);
CalpontSystemCatalog::ColType ccct;
ccct = op->resultType();
ccct.colDataType = cc->resultType().colDataType;
op->operationType(ccct);
SOP sop(op);
lsf->op(sop);
CalpontSystemCatalog::OID oid = csc->lookupOID(tcn);
CalpontSystemCatalog::ColType ct = csc->colType(oid);
SimpleColumn* sc = new SimpleColumn();
sc->schemaName(tcn.schema);
sc->tableName(tcn.table);
sc->tableAlias(tcn.table);
sc->columnName(tcn.column);
sc->oid(oid);
sc->resultType(ct);
sc->alias(tcn.toString());
lsf->lhs(sc);
lsf->rhs(cc);
return lsf;
}
bool IsImageExtractionAllowed(nsIDocument *aDocument, JSContext *aCx)
{
// Do the rest of the checks only if privacy.resistFingerprinting is on.
if (!nsContentUtils::ShouldResistFingerprinting()) {
return true;
}
// Don't proceed if we don't have a document or JavaScript context.
if (!aDocument || !aCx) {
return false;
}
// Documents with system principal can always extract canvas data.
nsPIDOMWindowOuter *win = aDocument->GetWindow();
nsCOMPtr<nsIScriptObjectPrincipal> sop(do_QueryInterface(win));
if (sop && nsContentUtils::IsSystemPrincipal(sop->GetPrincipal())) {
return true;
}
// Always give permission to chrome scripts (e.g. Page Inspector).
if (nsContentUtils::ThreadsafeIsCallerChrome()) {
return true;
}
// Get the document URI and its spec.
nsIURI *docURI = aDocument->GetDocumentURI();
nsCString docURISpec;
docURI->GetSpec(docURISpec);
// Allow local files to extract canvas data.
bool isFileURL;
(void) docURI->SchemeIs("file", &isFileURL);
if (isFileURL) {
return true;
}
// Get calling script file and line for logging.
JS::AutoFilename scriptFile;
unsigned scriptLine = 0;
bool isScriptKnown = false;
if (JS::DescribeScriptedCaller(aCx, &scriptFile, &scriptLine)) {
isScriptKnown = true;
// Don't show canvas prompt for PDF.js
if (scriptFile.get() &&
strcmp(scriptFile.get(), "resource://pdf.js/build/pdf.js") == 0) {
return true;
}
}
nsIDocument* topLevelDocument = aDocument->GetTopLevelContentDocument();
nsIURI *topLevelDocURI = topLevelDocument ? topLevelDocument->GetDocumentURI() : nullptr;
nsCString topLevelDocURISpec;
if (topLevelDocURI) {
topLevelDocURI->GetSpec(topLevelDocURISpec);
}
// Load Third Party Util service.
nsresult rv;
nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil =
do_GetService(THIRDPARTYUTIL_CONTRACTID, &rv);
NS_ENSURE_SUCCESS(rv, false);
// Block all third-party attempts to extract canvas.
bool isThirdParty = true;
rv = thirdPartyUtil->IsThirdPartyURI(topLevelDocURI, docURI, &isThirdParty);
NS_ENSURE_SUCCESS(rv, false);
if (isThirdParty) {
nsAutoCString message;
message.AppendPrintf("Blocked third party %s in page %s from extracting canvas data.",
docURISpec.get(), topLevelDocURISpec.get());
if (isScriptKnown) {
message.AppendPrintf(" %s:%u.", scriptFile.get(), scriptLine);
}
nsContentUtils::LogMessageToConsole(message.get());
return false;
}
// Load Permission Manager service.
nsCOMPtr<nsIPermissionManager> permissionManager =
do_GetService(NS_PERMISSIONMANAGER_CONTRACTID, &rv);
NS_ENSURE_SUCCESS(rv, false);
// Check if the site has permission to extract canvas data.
// Either permit or block extraction if a stored permission setting exists.
uint32_t permission;
rv = permissionManager->TestPermission(topLevelDocURI,
PERMISSION_CANVAS_EXTRACT_DATA,
&permission);
NS_ENSURE_SUCCESS(rv, false);
switch (permission) {
case nsIPermissionManager::ALLOW_ACTION:
return true;
case nsIPermissionManager::DENY_ACTION:
return false;
default:
break;
}
// At this point, permission is unknown (nsIPermissionManager::UNKNOWN_ACTION).
nsAutoCString message;
message.AppendPrintf("Blocked %s in page %s from extracting canvas data.",
docURISpec.get(), topLevelDocURISpec.get());
if (isScriptKnown) {
message.AppendPrintf(" %s:%u.", scriptFile.get(), scriptLine);
}
nsContentUtils::LogMessageToConsole(message.get());
// Prompt the user (asynchronous).
if (XRE_IsContentProcess()) {
TabChild* tabChild = TabChild::GetFrom(win);
if (tabChild) {
tabChild->SendShowCanvasPermissionPrompt(topLevelDocURISpec);
}
} else {
nsCOMPtr<nsIObserverService> obs = mozilla::services::GetObserverService();
if (obs) {
obs->NotifyObservers(win, TOPIC_CANVAS_PERMISSIONS_PROMPT,
NS_ConvertUTF8toUTF16(topLevelDocURISpec).get());
}
}
// We don't extract the image for now -- user may override at prompt.
return false;
}
