/**
 * For a given msg hdr, iterate through the list of remote content blocking criteria.
 * returns nsIContentPolicy::REJECT if the msg hdr fails any of these tests.
 *
 * @param aRequestingLocation cannot be null
 */
nsresult nsMsgContentPolicy::AllowRemoteContentForMsgHdr(nsIMsgDBHdr * aMsgHdr, nsIURI * aRequestingLocation, nsIURI * aContentLocation, PRInt16 *aDecision)
{
    NS_ENSURE_ARG_POINTER(aMsgHdr);

    // Case #1, check the db hdr for the remote content policy on this particular message
    PRUint32 remoteContentPolicy = kNoRemoteContentPolicy;
    aMsgHdr->GetUint32Property("remoteContentPolicy", &remoteContentPolicy);

    // Case #2, check if the message is in an RSS folder
    PRBool isRSS = PR_FALSE;
    IsRSSArticle(aRequestingLocation, &isRSS);

    // Case #3, the domain for the remote image is in our white list
    PRBool trustedDomain = IsTrustedDomain(aContentLocation);

    // Case 4 is expensive as we're looking up items in the address book. So if
    // either of the two previous items means we load the data, just do it.
    if (isRSS || remoteContentPolicy == kAllowRemoteContent || trustedDomain)
    {
        *aDecision = nsIContentPolicy::ACCEPT;
        return NS_OK;
    }

    // Case #4, author is in our white list..
    PRBool allowForSender = PR_FALSE;
    AllowRemoteContentForSender(aMsgHdr, &allowForSender);

    *aDecision = allowForSender ?
                 nsIContentPolicy::ACCEPT : nsIContentPolicy::REJECT_REQUEST;

    if (*aDecision == nsIContentPolicy::REJECT_REQUEST && !remoteContentPolicy) // kNoRemoteContentPolicy means we have never set a value on the message
        aMsgHdr->SetUint32Property("remoteContentPolicy", kBlockRemoteContent);

    return NS_OK; // always return success
}
NS_IMETHODIMP nsMsgCookiePolicy::CanAccess(nsIURI         *aURI,
        nsIChannel     *aChannel,
        nsCookieAccess *aResult)
{
    // by default we deny all cookies in mail
    *aResult = ACCESS_DENY;
    NS_ENSURE_ARG_POINTER(aChannel);

    nsCOMPtr<nsIDocShellTreeItem> docShellTreeItem;
    NS_QueryNotificationCallbacks(aChannel, docShellTreeItem);

    NS_ENSURE_TRUE(docShellTreeItem, NS_OK);
    PRInt32 itemType;
    docShellTreeItem->GetItemType(&itemType);

    // allow chrome docshells to set cookies
    if (itemType == nsIDocShellTreeItem::typeChrome)
        *aResult = ACCESS_DEFAULT;
    else // allow RSS articles in content to access cookies
    {
        NS_ENSURE_TRUE(aURI, NS_OK);
        PRBool isRSS = PR_FALSE;
        IsRSSArticle(aURI, &isRSS);
        if (isRSS)
            *aResult = ACCESS_DEFAULT;
    }

    return NS_OK;
}
Exemplo n.º 3
0
/**
 * The default for this function will be to reject the content request.
 * When determining if to allow the request for a given msg hdr, the function
 * will go through the list of remote content blocking criteria:
 *
 * #1 Allow if there is a db header for a manual override.
 * #2 Allow if the message is in an RSS folder.
 * #3 Allow if the domain for the remote image in our white list.
 * #4 Allow if the author has been specifically white listed.
 */
PRInt16
nsMsgContentPolicy::ShouldAcceptRemoteContentForMsgHdr(nsIMsgDBHdr *aMsgHdr,
                                                       nsIURI *aRequestingLocation,
                                                       nsIURI *aContentLocation)
{
  if (!aMsgHdr)
    return static_cast<PRInt16>(nsIContentPolicy::REJECT_REQUEST);

  // Case #1, check the db hdr for the remote content policy on this particular
  // message.
  PRUint32 remoteContentPolicy = kNoRemoteContentPolicy;
  aMsgHdr->GetUint32Property("remoteContentPolicy", &remoteContentPolicy);

  // Case #2, check if the message is in an RSS folder
  bool isRSS = false;
  IsRSSArticle(aRequestingLocation, &isRSS);

  // Case #3, the domain for the remote image is in our white list
  bool trustedDomain = IsTrustedDomain(aContentLocation);

  // Case 4 is expensive as we're looking up items in the address book. So if
  // either of the two previous items means we load the data, just do it.
  if (isRSS || remoteContentPolicy == kAllowRemoteContent || trustedDomain)
    return nsIContentPolicy::ACCEPT;

  // Case #4, author is in our white list..
  bool allowForSender = ShouldAcceptRemoteContentForSender(aMsgHdr);

  PRInt16 result = allowForSender ?
    static_cast<PRInt16>(nsIContentPolicy::ACCEPT) :
    static_cast<PRInt16>(nsIContentPolicy::REJECT_REQUEST);

  // kNoRemoteContentPolicy means we have never set a value on the message
  if (result == nsIContentPolicy::REJECT_REQUEST && !remoteContentPolicy)
    aMsgHdr->SetUint32Property("remoteContentPolicy", kBlockRemoteContent);
  
  return result;
}