Mercurial Mercurial > hg > mozilla / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
old/gecko-lockdown.patch
changeset 24 ca988be0905b
parent 23 c62859a2fd22
child 25 fa8130c45304 
--- a/old/gecko-lockdown.patch	Wed Dec 16 07:34:53 2009 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,319 +0,0 @@
-From: Robert O'Callahan
-Subject: Lockdown feature for Gecko
-References:
-
-
-Index: extensions/cookie/nsCookiePermission.cpp
-===================================================================
---- extensions/cookie/nsCookiePermission.cpp.orig
-+++ extensions/cookie/nsCookiePermission.cpp
-@@ -86,6 +86,7 @@ static const char kCookiesPrefsMigrated[
- // obsolete pref names for migration
- static const char kCookiesLifetimeEnabled[] = "network.cookie.lifetime.enabled";
- static const char kCookiesLifetimeBehavior[] = "network.cookie.lifetime.behavior";
-+static const char kCookiesHonorExceptions[] = "network.cookie.honorExceptions";
- static const char kCookiesAskPermission[] = "network.cookie.warnAboutCookies";
- 
- static const char kPermissionType[] = "cookie";
-@@ -125,6 +126,7 @@ nsCookiePermission::Init()
-     prefBranch->AddObserver(kCookiesLifetimePolicy, this, PR_FALSE);
-     prefBranch->AddObserver(kCookiesLifetimeDays, this, PR_FALSE);
-     prefBranch->AddObserver(kCookiesAlwaysAcceptSession, this, PR_FALSE);
-+    prefBranch->AddObserver(kCookiesHonorExceptions, this, PR_FALSE);
- #ifdef MOZ_MAIL_NEWS
-     prefBranch->AddObserver(kCookiesDisabledForMailNews, this, PR_FALSE);
- #endif
-@@ -182,6 +184,10 @@ nsCookiePermission::PrefChanged(nsIPrefB
-       NS_SUCCEEDED(aPrefBranch->GetBoolPref(kCookiesAlwaysAcceptSession, &val)))
-     mCookiesAlwaysAcceptSession = val;
- 
-+  if (PREF_CHANGED(kCookiesHonorExceptions) &&
-+      NS_SUCCEEDED(aPrefBranch->GetBoolPref(kCookiesHonorExceptions, &val)))
-+    mCookiesHonorExceptions = val;
-+
- #ifdef MOZ_MAIL_NEWS
-   if (PREF_CHANGED(kCookiesDisabledForMailNews) &&
-       NS_SUCCEEDED(aPrefBranch->GetBoolPref(kCookiesDisabledForMailNews, &val)))
-@@ -232,6 +238,11 @@ nsCookiePermission::CanAccess(nsIURI
- #endif // MOZ_MAIL_NEWS
-   
-   // finally, check with permission manager...
-+  if (!mCookiesHonorExceptions) {
-+    *aResult = ACCESS_DEFAULT;
-+    return NS_OK;
-+  }
-+
-   nsresult rv = mPermMgr->TestPermission(aURI, kPermissionType, (PRUint32 *) aResult);
-   if (NS_SUCCEEDED(rv)) {
-     switch (*aResult) {
-Index: extensions/cookie/nsCookiePermission.h
-===================================================================
---- extensions/cookie/nsCookiePermission.h.orig
-+++ extensions/cookie/nsCookiePermission.h
-@@ -61,6 +61,7 @@ public:
- #ifdef MOZ_MAIL_NEWS
-     , mCookiesDisabledForMailNews(PR_TRUE)
- #endif
-+    , mCookiesHonorExceptions(PR_TRUE)
-     {}
-   virtual ~nsCookiePermission() {}
- 
-@@ -76,7 +77,7 @@ private:
- #ifdef MOZ_MAIL_NEWS
-   PRPackedBool mCookiesDisabledForMailNews;
- #endif
--
-+  PRPackedBool mCookiesHonorExceptions;
- };
- 
- // {EF565D0A-AB9A-4A13-9160-0644CDFD859A}
-Index: extensions/permissions/nsContentBlocker.cpp
-===================================================================
---- extensions/permissions/nsContentBlocker.cpp.orig
-+++ extensions/permissions/nsContentBlocker.cpp
-@@ -76,6 +76,7 @@ NS_IMPL_ISUPPORTS3(nsContentBlocker,
- nsContentBlocker::nsContentBlocker()
- {
-   memset(mBehaviorPref, BEHAVIOR_ACCEPT, NUMBER_OF_TYPES);
-+  memset(mHonorExceptions, PR_TRUE, NUMBER_OF_TYPES);
- }
- 
- nsresult
-@@ -92,6 +93,11 @@ nsContentBlocker::Init()
-   rv = prefService->GetBranch("permissions.default.", getter_AddRefs(prefBranch));
-   NS_ENSURE_SUCCESS(rv, rv);
- 
-+  nsCOMPtr<nsIPrefBranch> honorExceptionsPrefBranch;
-+  rv = prefService->GetBranch("permissions.honorExceptions.",
-+                              getter_AddRefs(honorExceptionsPrefBranch));
-+  NS_ENSURE_SUCCESS(rv, rv);
-+
-   // Migrate old image blocker pref
-   nsCOMPtr<nsIPrefBranch> oldPrefBranch;
-   oldPrefBranch = do_QueryInterface(prefService);
-@@ -121,8 +127,15 @@ nsContentBlocker::Init()
-   mPrefBranchInternal = do_QueryInterface(prefBranch, &rv);
-   NS_ENSURE_SUCCESS(rv, rv);
- 
-+  mHonorExceptionsPrefBranchInternal =
-+    do_QueryInterface(honorExceptionsPrefBranch, &rv);
-+  NS_ENSURE_SUCCESS(rv, rv);
-+
-   rv = mPrefBranchInternal->AddObserver("", this, PR_TRUE);
--  PrefChanged(prefBranch, nsnull);
-+  NS_ENSURE_SUCCESS(rv, rv);
-+
-+  rv = mHonorExceptionsPrefBranchInternal->AddObserver("", this, PR_TRUE);
-+  PrefChanged(nsnull);
- 
-   return rv;
- }
-@@ -131,19 +144,22 @@ nsContentBlocker::Init()
- #define LIMIT(x, low, high, default) ((x) >= (low) && (x) <= (high) ? (x) : (default))
- 
- void
--nsContentBlocker::PrefChanged(nsIPrefBranch *aPrefBranch,
--                              const char    *aPref)
-+nsContentBlocker::PrefChanged(const char *aPref)
- {
--  PRInt32 val;
--
--#define PREF_CHANGED(_P) (!aPref || !strcmp(aPref, _P))
--
--  for(PRUint32 i = 0; i < NUMBER_OF_TYPES; ++i) {
--    if (PREF_CHANGED(kTypeString[i]) &&
--        NS_SUCCEEDED(aPrefBranch->GetIntPref(kTypeString[i], &val)))
--      mBehaviorPref[i] = LIMIT(val, 1, 3, 1);
-+  for (PRUint32 i = 0; i < NUMBER_OF_TYPES; ++i) {
-+    if (!aPref || !strcmp(kTypeString[i], aPref)) {
-+      PRInt32 val;
-+      PRBool b;
-+      if (mPrefBranchInternal &&
-+          NS_SUCCEEDED(mPrefBranchInternal->GetIntPref(kTypeString[i], &val))) {
-+        mBehaviorPref[i] = LIMIT(val, 1, 3, 1);
-+      }
-+      if (mHonorExceptionsPrefBranchInternal &&
-+          NS_SUCCEEDED(mHonorExceptionsPrefBranchInternal->GetBoolPref(kTypeString[i], &b))) {
-+        mHonorExceptions[i] = b;
-+      }
-+    }
-   }
--
- }
- 
- // nsIContentPolicy Implementation
-@@ -268,11 +284,13 @@ nsContentBlocker::TestPermission(nsIURI
-   // default prefs.
-   // Don't forget the aContentType ranges from 1..8, while the
-   // array is indexed 0..7
--  PRUint32 permission;
--  nsresult rv = mPermissionManager->TestPermission(aCurrentURI, 
--                                                   kTypeString[aContentType - 1],
--                                                   &permission);
--  NS_ENSURE_SUCCESS(rv, rv);
-+  PRUint32 permission = 0;
-+  if (mHonorExceptions[aContentType - 1]) {
-+    nsresult rv = mPermissionManager->TestPermission(aCurrentURI,
-+                                                     kTypeString[aContentType - 1],
-+                                                     &permission);
-+    NS_ENSURE_SUCCESS(rv, rv);
-+  }
- 
-   // If there is nothing on the list, use the default.
-   if (!permission) {
-@@ -298,7 +316,7 @@ nsContentBlocker::TestPermission(nsIURI
-       return NS_OK;
- 
-     PRBool trustedSource = PR_FALSE;
--    rv = aFirstURI->SchemeIs("chrome", &trustedSource);
-+    nsresult rv = aFirstURI->SchemeIs("chrome", &trustedSource);
-     NS_ENSURE_SUCCESS(rv,rv);
-     if (!trustedSource) {
-       rv = aFirstURI->SchemeIs("resource", &trustedSource);
-@@ -363,8 +381,6 @@ nsContentBlocker::Observe(nsISupports
- {
-   NS_ASSERTION(!strcmp(NS_PREFBRANCH_PREFCHANGE_TOPIC_ID, aTopic),
-                "unexpected topic - we only deal with pref changes!");
--
--  if (mPrefBranchInternal)
--    PrefChanged(mPrefBranchInternal, NS_LossyConvertUTF16toASCII(aData).get());
-+  PrefChanged(NS_LossyConvertUTF16toASCII(aData).get());
-   return NS_OK;
- }
-Index: extensions/permissions/nsContentBlocker.h
-===================================================================
---- extensions/permissions/nsContentBlocker.h.orig
-+++ extensions/permissions/nsContentBlocker.h
-@@ -66,7 +66,7 @@ public:
- private:
-   ~nsContentBlocker() {}
- 
--  void PrefChanged(nsIPrefBranch *, const char *);
-+  void PrefChanged(const char *);
-   nsresult TestPermission(nsIURI *aCurrentURI,
-                           nsIURI *aFirstURI,
-                           PRInt32 aContentType,
-@@ -75,7 +75,9 @@ private:
- 
-   nsCOMPtr<nsIPermissionManager> mPermissionManager;
-   nsCOMPtr<nsIPrefBranch2> mPrefBranchInternal;
-+  nsCOMPtr<nsIPrefBranch2> mHonorExceptionsPrefBranchInternal;
-   PRUint8 mBehaviorPref[NUMBER_OF_TYPES];
-+  PRPackedBool mHonorExceptions[NUMBER_OF_TYPES];
- };
- 
- #define NS_CONTENTBLOCKER_CID \
-Index: modules/libpref/src/init/all.js
-===================================================================
---- modules/libpref/src/init/all.js.orig
-+++ modules/libpref/src/init/all.js
-@@ -798,6 +798,7 @@ pref("network.automatic-ntlm-auth.truste
- pref("network.ntlm.send-lm-response", false);
- 
- pref("permissions.default.image",           1); // 1-Accept, 2-Deny, 3-dontAcceptForeign
-+pref("permissions.honorExceptions.image",   true);
- 
- #ifndef XP_MACOSX
- #ifdef XP_UNIX
-@@ -825,6 +826,7 @@ pref("network.proxy.no_proxies_on",
- pref("network.proxy.failover_timeout",      1800); // 30 minutes
- pref("network.online",                      true); //online/offline
- pref("network.cookie.cookieBehavior",       0); // 0-Accept, 1-dontAcceptForeign, 2-dontUse
-+pref("network.cookie.honorExceptions",      true);
- pref("network.cookie.disableCookieForMailNews", true); // disable all cookies for mail
- pref("network.cookie.lifetimePolicy",       0); // accept normally, 1-askBeforeAccepting, 2-acceptForSession,3-acceptForNDays
- pref("network.cookie.alwaysAcceptSessionCookies", false);
-Index: widget/src/gtk2/nsWindow.cpp
-===================================================================
---- widget/src/gtk2/nsWindow.cpp.orig
-+++ widget/src/gtk2/nsWindow.cpp
-@@ -81,6 +81,7 @@
- #include "nsIServiceManager.h"
- #include "nsIStringBundle.h"
- #include "nsGfxCIID.h"
-+#include "nsIPrefService.h"
- 
- #ifdef ACCESSIBILITY
- #include "nsIAccessibilityService.h"
-@@ -91,7 +92,6 @@
- static PRBool sAccessibilityChecked = PR_FALSE;
- /* static */
- PRBool nsWindow::sAccessibilityEnabled = PR_FALSE;
--static const char sSysPrefService [] = "@mozilla.org/system-preference-service;1";
- static const char sAccEnv [] = "GNOME_ACCESSIBILITY";
- static const char sAccessibilityKey [] = "config.use_system_prefs.accessibility";
- #endif
-@@ -3992,18 +3992,18 @@ nsWindow::NativeCreate(nsIWidget
-             sAccessibilityEnabled = atoi(envValue) != 0;
-             LOG(("Accessibility Env %s=%s\n", sAccEnv, envValue));
-         }
--        //check gconf-2 setting
-+        //check preference setting
-         else {
--            nsCOMPtr<nsIPrefBranch> sysPrefService =
--                do_GetService(sSysPrefService, &rv);
--            if (NS_SUCCEEDED(rv) && sysPrefService) {
--
--                // do the work to get gconf setting.
--                // will be done soon later.
--                sysPrefService->GetBoolPref(sAccessibilityKey,
-+            nsCOMPtr<nsIPrefService> prefService =
-+               do_GetService(NS_PREFSERVICE_CONTRACTID, &rv);
-+            if (NS_SUCCEEDED(rv) && prefService) {
-+                nsCOMPtr<nsIPrefBranch> prefBranch;
-+                rv = prefService->GetBranch(nsnull, getter_AddRefs(prefBranch));
-+                if (NS_SUCCEEDED(rv) && prefBranch) {
-+                    prefBranch->GetBoolPref(sAccessibilityKey,
-                                             &sAccessibilityEnabled);
-+                }
-             }
--
-         }
-     }
-     if (sAccessibilityEnabled) {
-Index: xpinstall/src/nsXPInstallManager.cpp
-===================================================================
---- xpinstall/src/nsXPInstallManager.cpp.orig
-+++ xpinstall/src/nsXPInstallManager.cpp
-@@ -290,6 +290,7 @@ nsXPInstallManager::InitManagerInternal(
-         //-----------------------------------------------------
-         // Get permission to install
-         //-----------------------------------------------------
-+        nsCOMPtr<nsIPrefBranch> pref(do_GetService(NS_PREFSERVICE_CONTRACTID));
- 
- #ifdef ENABLE_SKIN_SIMPLE_INSTALLATION_UI
-         if ( mChromeType == CHROME_SKIN )
-@@ -299,17 +300,26 @@ nsXPInstallManager::InitManagerInternal(
- 
-             // skins get a simpler/friendlier dialog
-             // XXX currently not embeddable
--            OKtoInstall = ConfirmChromeInstall( mParentWindow, packageList );
-+            PRBool themesDisabled = PR_FALSE;
-+            if (pref)
-+                pref->GetBoolPref("config.lockdown.disable_themes", &themesDisabled);
-+            OKtoInstall = !themesDisabled &&
-+               ConfirmChromeInstall( mParentWindow, packageList );
-         }
-         else
-         {
- #endif
--            rv = dlgSvc->ConfirmInstall( mParentWindow,
--                                         packageList,
--                                         numStrings,
--                                         &OKtoInstall );
--            if (NS_FAILED(rv))
--                OKtoInstall = PR_FALSE;
-+            PRBool extensionsDisabled = PR_FALSE;
-+            if (pref)
-+                pref->GetBoolPref("config.lockdown.disable_extensions", &extensionsDisabled);
-+            if (!extensionsDisabled) {
-+                rv = dlgSvc->ConfirmInstall( mParentWindow,
-+                                             packageList,
-+                                             numStrings,
-+                                             &OKtoInstall );
-+                if (NS_FAILED(rv))
-+                    OKtoInstall = PR_FALSE;
-+            }
- #ifdef ENABLE_SKIN_SIMPLE_INSTALLATION_UI
-         }
- #endif
mozilla