1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ft=cpp tw=78 sw=2 et ts=8 : */
3 /* ***** BEGIN LICENSE BLOCK *****
4 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
5 *
6 * The contents of this file are subject to the Mozilla Public License Version
7 * 1.1 (the "License"); you may not use this file except in compliance with
8 * the License. You may obtain a copy of the License at
9 * http://www.mozilla.org/MPL/
10 *
11 * Software distributed under the License is distributed on an "AS IS" basis,
12 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
13 * for the specific language governing rights and limitations under the
14 * License.
15 *
16 * The Original Code is Mozilla code.
17 *
18 * The Initial Developer of the Original Code is
19 * Zero-Knowledge Systems, Inc.
20 * Portions created by the Initial Developer are Copyright (C) 2000
21 * the Initial Developer. All Rights Reserved.
22 *
23 * Contributor(s):
24 * Timothy Watt <riceman+bmo@mail.rit.edu>
25 *
26 * Alternatively, the contents of this file may be used under the terms of
27 * either of the GNU General Public License Version 2 or later (the "GPL"),
28 * or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
29 * in which case the provisions of the GPL or the LGPL are applicable instead
30 * of those above. If you wish to allow use of your version of this file only
31 * under the terms of either the GPL or the LGPL, and not to allow others to
32 * use your version of this file under the terms of the MPL, indicate your
33 * decision by deleting the provisions above and replace them with the notice
34 * and other provisions required by the GPL or the LGPL. If you do not delete
35 * the provisions above, a recipient may use your version of this file under
36 * the terms of any one of the MPL, the GPL or the LGPL.
37 *
38 * ***** END LICENSE BLOCK ***** */
39
40 #include "nsISupports.idl"
41
42 interface nsIURI;
43 interface nsIDOMNode;
44
45 /**
46 * Interface for content policy mechanism. Implementations of this
47 * interface can be used to control loading of various types of out-of-line
48 * content, or processing of certain types of in-line content.
49 *
50 * WARNING: do not block the caller from shouldLoad or shouldProcess (e.g.,
51 * by launching a dialog to prompt the user for something).
52 */
53
54 [scriptable,uuid(58cf9dca-40b3-6211-a508-7351f437a53e)]
55 interface nsIContentPolicy : nsISupports
56 {
57 const unsigned long TYPE_OTHER = 1;
58
59 /**
60 * Indicates an executable script (such as JavaScript).
61 */
62 const unsigned long TYPE_SCRIPT = 2;
63
64 /**
65 * Indicates an image (e.g., IMG elements).
66 */
67 const unsigned long TYPE_IMAGE = 3;
68
69 /**
70 * Indicates a stylesheet (e.g., STYLE elements).
71 */
72 const unsigned long TYPE_STYLESHEET = 4;
73
74 /**
75 * Indicates a generic object (plugin-handled content typically falls under
76 * this category).
77 */
78 const unsigned long TYPE_OBJECT = 5;
79
80 /**
81 * Indicates a document at the top-level (i.e., in a browser).
82 */
83 const unsigned long TYPE_DOCUMENT = 6;
84
85 /**
86 * Indicates a document contained within another document (e.g., IFRAMEs,
87 * FRAMES, and OBJECTs).
88 */
89 const unsigned long TYPE_SUBDOCUMENT = 7;
90
91 /**
92 * Indicates a timed refresh.
93 *
94 * shouldLoad will never get this, because it does not represent content
95 * to be loaded (the actual load triggered by the refresh will go through
96 * shouldLoad as expected).
97 *
98 * shouldProcess will get this for, e.g., META Refresh elements and HTTP
99 * Refresh headers.
100 */
101 const unsigned long TYPE_REFRESH = 8;
102
103 /**
104 * Indicates an XBL binding request, triggered either by -moz-binding CSS
105 * property or Document.addBinding method.
106 */
107 const unsigned long TYPE_XBL = 9;
108
109 /**
110 * Indicates a ping triggered by a click on <A PING="..."> element.
111 */
112 const unsigned long TYPE_PING = 10;
113
114 /**
115 * Indicates an XMLHttpRequest.
116 */
117 const unsigned long TYPE_XMLHTTPREQUEST = 11;
118
119 /**
120 * Indicates a request by a plugin.
121 */
122 const unsigned long TYPE_OBJECT_SUBREQUEST = 12;
123
124 /**
125 * Indicates a DTD loaded by an XML document.
126 */
127 const unsigned long TYPE_DTD = 13;
128
129 //////////////////////////////////////////////////////////////////////
130
131 /**
132 * Returned from shouldLoad or shouldProcess if the load or process request
133 * is rejected based on details of the request.
134 */
135 const short REJECT_REQUEST = -1;
136
137 /**
138 * Returned from shouldLoad or shouldProcess if the load/process is rejected
139 * based solely on its type (of the above flags).
140 *
141 * NOTE that it is not meant to stop future requests for this type--only the
142 * current request.
143 */
144 const short REJECT_TYPE = -2;
145
146 /**
147 * Returned from shouldLoad or shouldProcess if the load/process is rejected
148 * based on the server it is hosted on or requested from (aContentLocation or
149 * aRequestOrigin), e.g., if you block an IMAGE because it is served from
150 * goatse.cx (even if you don't necessarily block other types from that
151 * server/domain).
152 *
153 * NOTE that it is not meant to stop future requests for this server--only the
154 * current request.
155 */
156 const short REJECT_SERVER = -3;
157
158 /**
159 * Returned from shouldLoad or shouldProcess if the load/process is rejected
160 * based on some other criteria. Mozilla callers will handle this like
161 * REJECT_REQUEST; third-party implementors may, for example, use this to
162 * direct their own callers to consult the extra parameter for additional
163 * details.
164 */
165 const short REJECT_OTHER = -4;
166
167 /**
168 * Returned from shouldLoad or shouldProcess if the load or process request
169 * is not rejected.
170 */
171 const short ACCEPT = 1;
172
173 //////////////////////////////////////////////////////////////////////
174
175 /**
176 * Should the resource at this location be loaded?
177 * ShouldLoad will be called before loading the resource at aContentLocation
178 * to determine whether to start the load at all.
179 *
180 * @param aContentType the type of content being tested. This will be one
181 * one of the TYPE_* constants.
182 *
183 * @param aContentLocation the location of the content being checked; must
184 * not be null
185 *
186 * @param aRequestOrigin OPTIONAL. the location of the resource that
187 * initiated this load request; can be null if
188 * inapplicable
189 *
190 * @param aContext OPTIONAL. the nsIDOMNode or nsIDOMWindow that
191 * initiated the request, or something that can QI
192 * to one of those; can be null if inapplicable.
193 *
194 * @param aMimeTypeGuess OPTIONAL. a guess for the requested content's
195 * MIME type, based on information available to
196 * the request initiator (e.g., an OBJECT's type
197 * attribute); does not reliably reflect the
198 * actual MIME type of the requested content
199 *
200 * @param aExtra an OPTIONAL argument, pass-through for non-Gecko
201 * callers to pass extra data to callees.
202 *
203 * @return ACCEPT or REJECT_*
204 *
205 * @note shouldLoad can be called while the DOM and layout of the document
206 * involved is in an inconsistent state. This means that implementors of
207 * this method MUST NOT do any of the following:
208 * 1) Modify the DOM in any way (e.g. setting attributes is a no-no).
209 * 2) Query any DOM properties that depend on layout (e.g. offset*
210 * properties).
211 * 3) Query any DOM properties that depend on style (e.g. computed style).
212 * 4) Query any DOM properties that depend on the current state of the DOM
213 * outside the "context" node (e.g. lengths of node lists).
214 * 5) [JavaScript implementations only] Access properties of any sort on any
215 * object without using XPCNativeWrapper (either explicitly or
216 * implicitly). Due to various DOM0 things, this leads to item 4.
217 * If you do any of these things in your shouldLoad implementation, expect
218 * unpredictable behavior, possibly including crashes, content not showing
219 * up, content showing up doubled, etc. If you need to do any of the things
220 * above, do them off timeout or event.
221 */
222 short shouldLoad(in unsigned long aContentType,
223 in nsIURI aContentLocation,
224 in nsIURI aRequestOrigin,
225 in nsISupports aContext,
226 in ACString aMimeTypeGuess,
227 in nsISupports aExtra);
228
229 /**
230 * Should the resource be processed?
231 * ShouldProcess will be called once all the information passed to it has
232 * been determined about the resource, typically after part of the resource
233 * has been loaded.
234 *
235 * @param aContentType the type of content being tested. This will be one
236 * one of the TYPE_* constants.
237 *
238 * @param aContentLocation OPTIONAL; the location of the resource being
239 * requested: MAY be, e.g., a post-redirection URI
240 * for the resource.
241 *
242 * @param aRequestOrigin OPTIONAL. the location of the resource that
243 * initiated this load request; can be null if
244 * inapplicable
245 *
246 * @param aContext OPTIONAL. the nsIDOMNode or nsIDOMWindow that
247 * initiated the request, or something that can QI
248 * to one of those; can be null if inapplicable.
249 *
250 * @param aMimeType the MIME type of the requested resource (e.g.,
251 * image/png), as reported by the networking library,
252 * if available (may be empty if inappropriate for
253 * the type, e.g., TYPE_REFRESH).
254 *
255 * @param aExtra an OPTIONAL argument, pass-through for non-Gecko
256 * callers to pass extra data to callees.
257 *
258 * @return ACCEPT or REJECT_*
259 *
260 * @note shouldProcess can be called while the DOM and layout of the document
261 * involved is in an inconsistent state. See the note on shouldLoad to see
262 * what this means for implementors of this method.
263 */
264 short shouldProcess(in unsigned long aContentType,
265 in nsIURI aContentLocation,
266 in nsIURI aRequestOrigin,
267 in nsISupports aContext,
268 in ACString aMimeType,
269 in nsISupports aExtra);
270
271 };