OP_STATUS
OpSecurityManager_DOM::CheckExtensionSecurity(const OpSecurityContext& source, const OpSecurityContext& target, BOOL& allowed)
{
OpGadget *owner = target.GetGadget();
if (owner)
{
RETURN_IF_ERROR(g_secman_instance->CheckGadgetExtensionSecurity(source, target, allowed));
if (!allowed)
return OpStatus::OK;
}
FramesDocument *frames_doc = source.GetFramesDocument();
Window *window = frames_doc->GetWindow();
// Do not run on gadgets, dialogs, or devtools.
if (window->GetGadget() || window->GetType() == WIN_TYPE_DIALOG || window->GetType() == WIN_TYPE_DEVTOOLS)
allowed = FALSE;
// Extension JS not allowed run in javascript: or opera: content.
else if (target.GetURL().Type() == URL_OPERA || target.GetURL().Type() == URL_JAVASCRIPT)
allowed = FALSE;
else
allowed = TRUE;
return OpStatus::OK;
}
OP_STATUS OpSecurityManager_DOC::CheckInlineSecurity(const OpSecurityContext& source, const OpSecurityContext& target, BOOL& allowed, OpSecurityState& state)
{
allowed = FALSE;
state.suspended = FALSE;
state.host_resolving_comm = NULL;
#ifdef GADGET_SUPPORT
if (source.IsGadget())
return g_secman_instance->CheckGadgetUrlLoadSecurity(source, target, allowed, state);
#endif // GADGET_SUPPORT
FramesDocument* doc = source.GetDoc();
BOOL from_user_css = target.IsFromUserCss();
URL inline_url = target.GetURL();
URLType inline_url_type = inline_url.Type(), doc_url_type = doc->GetSecurityContext().Type();
/* Disallow javascript: URLs for all inline types. */
if (inline_url.Type() == URL_JAVASCRIPT)
return OpStatus::OK;
if (doc->GetSuppress(inline_url_type))
return OpStatus::OK;
if (inline_url_type == URL_FILE && doc_url_type != URL_FILE && doc_url_type != URL_EMAIL)
{
BOOL reject_file = TRUE;
if (from_user_css)
/* We're allowed to load file url resources from user stylesheets. */
reject_file = FALSE;
#ifdef _LOCALHOST_SUPPORT_
else if (doc->GetLogicalDocument() && doc->GetLogicalDocument()->IsXmlParsingFailed() && target.inline_type == CSS_INLINE)
{
/* The document is a generated XML parsing error document that links in
a stylesheet from a local file. Allow it (and its assumed import) only. */
OP_BOOLEAN result = IsAllowedStyleFileImport(target.GetURL());
RETURN_IF_ERROR(result);
if (result == OpBoolean::IS_TRUE)
reject_file = FALSE;
}
#endif // _LOCALHOST_SUPPORT_
else if (doc->IsGeneratedByOpera())
reject_file = FALSE;
else if (inline_url.GetAttribute(URL::KIsGeneratedByOpera))
reject_file = FALSE;
#ifdef WEBFEEDS_DISPLAY_SUPPORT
if (doc->IsInlineFeed())
/* The document is a generated HTML document that might link in
local stylesheets */
reject_file = FALSE;
#endif // WEBFEEDS_DISPLAY_SUPPORT
#ifdef GADGET_SUPPORT
#ifdef DOM_JIL_API_SUPPORT
if (doc->GetWindow()->GetGadget() &&
doc->GetWindow()->GetGadget()->GetClass()->HasJILFilesystemAccess())
/* This is JIL widget which has access to the filesystem */
reject_file = FALSE;
#endif // DOM_JIL_API_SUPPORT
#endif // GADGET_SUPPORT
if (reject_file)
return OpStatus::OK;
}
if (inline_url_type == URL_OPERA && doc_url_type != URL_OPERA)
{
BOOL reject_opera = TRUE;
if (doc->GetURL().IsImage() && inline_url.GetAttribute(URL::KPath).Compare("style/image.css") == 0)
/* The document is a generated HTML document that links in a
stylesheet from 'opera:style/image.css'. */
reject_opera = FALSE;
#ifdef MEDIA_HTML_SUPPORT
if (g_media_module.IsMediaPlayableUrl(doc->GetURL()) &&
inline_url.GetAttribute(URL::KPath).Compare("style/media.css") == 0)
reject_opera = FALSE;
#endif // MEDIA_HTML_SUPPORT
if (IsAboutBlankURL(inline_url))
reject_opera = FALSE;
if (reject_opera)
return OpStatus::OK;
}
#ifdef GADGET_SUPPORT
Window* window = doc->GetWindow();
if (inline_url_type == URL_WIDGET)
{
RETURN_IF_ERROR(g_secman_instance->CheckHasGadgetManagerAccess(source, allowed));
if (allowed)
return OpStatus::OK;
}
if (window->GetGadget())
{
RETURN_IF_ERROR(OpSecurityManager::CheckSecurity(OpSecurityManager::DOC_INLINE_LOAD, OpSecurityContext(window->GetGadget(), window), OpSecurityContext(inline_url, target.inline_type, from_user_css), allowed, state));
if (!allowed)
return OpStatus::OK;
}
// Don't allow widgets to be loaded as inlines, except from other widgets. See bug 305609
else if (inline_url_type == URL_WIDGET)
return OpStatus::OK;
#endif // GADGET_SUPPORT
allowed = FALSE;
#ifdef _PLUGIN_SUPPORT_
if (target.GetInlineType() == EMBED_INLINE)
{
if (!g_pcdisplay->GetIntegerPref(PrefsCollectionDisplay::PluginsEnabled, doc->GetHostName()) ||
(doc->GetWindow()->IsSuppressWindow() && doc->GetURL().GetAttribute(URL::KSuppressScriptAndEmbeds, TRUE) != MIME_Local_ScriptEmbed_Restrictions) ||
doc->GetWindow()->GetForcePluginsDisabled())
{
return OpStatus::OK;
}
}
#endif // _PLUGIN_SUPPORT_
#ifdef WEBSERVER_SUPPORT
if (inline_url.GetAttribute(URL::KIsUniteServiceAdminURL))
{
OpSecurityContext source_context(doc->GetSecurityContext()), target_context(inline_url);
RAISE_AND_RETURN_IF_ERROR(OpSecurityManager::CheckSecurity(OpSecurityManager::UNITE_STANDARD, source_context, target_context, allowed));
return OpStatus::OK;
}
#endif // WEBSERVER_SUPPORT
ServerName *source_sn = source.GetURL().GetServerName();
ServerName *inline_sn = inline_url.GetServerName();
if (inline_sn != source_sn &&
source_sn != NULL &&
inline_sn != NULL &&
inline_url.Type() != URL_FILE &&
source.GetURL().Type() != URL_FILE &&
source_sn->GetNetType() != NETTYPE_UNDETERMINED &&
inline_sn->GetNetType() != NETTYPE_UNDETERMINED &&
inline_sn->GetNetType() < source_sn->GetNetType() &&
!g_pcnet->GetIntegerPref(PrefsCollectionNetwork::AllowCrossNetworkNavigation, source_sn))
// allowed = FALSE
return OpStatus::OK;
if (inline_sn != NULL &&
inline_sn->GetCrossNetwork() &&
!g_pcnet->GetIntegerPref(PrefsCollectionNetwork::AllowCrossNetworkNavigation, source_sn))
// allowed = FALSE
return OpStatus::OK;
allowed = TRUE;
return OpStatus::OK;
}
