nsISupports
Last changed in Gecko 2.0 (Firefox 4 / Thunderbird 3.3 / SeaMonkey 2.1)boolean permitsAncestry(in nsIDocShell docShell); |
void refinePolicy(in AString policyString, in nsIURI selfURI); |
void scanRequestData(in nsIHttpChannel aChannel); |
void sendReports(in AString blockedURI, in AString violatedDirective); |
short shouldLoad(in unsigned long aContentType, in nsIURI aContentLocation, in nsIURI aRequestOrigin, in nsISupports aContext, in ACString aMimeTypeGuess, in nsISupports aExtra); |
short shouldProcess(in unsigned long aContentType, in nsIURI aContentLocation, in nsIURI aRequestOrigin, in nsISupports aContext, in ACString aMimeType, in nsISupports aExtra); |
Attribute | Type | Description |
allowsEval | boolean | Whether this |
allowsInlineScript | boolean | Whether this |
isInitialized | boolean | Set to true when the Content Security Policy has been read in and parsed and is ready to enforce. This is a barrier for the nsDocument so it doesn't load any sub-content until either it knows that a Content Security Policy is ready or will not be used. |
policy | AString | A read-only string version of the policy for debugging. Read only. |
reportOnlyMode | boolean | When set to true , content load-blocking and fail-closed are disabled: Content Security Policy will only send reports, and not modify behavior. |
Verifies ancestry as permitted by the policy
.
Calls to this may trigger violation reports when queried, so this value should not be cached.
boolean permitsAncestry( in nsIDocShell docShell );
docShell
true
if the frame's ancestors are all permitted by policy
.
Updates the policy
currently stored in the Content Security Policy to be "refined" or tightened by the one specified in the string policyString
.
void refinePolicy( in AString policyString, in nsIURI selfURI );
policyString
selfURI
Called after the Content Security Policy object is created to fill in the appropriate request and request header information needed in case a report needs to be sent.
void scanRequestData( in nsIHttpChannel aChannel );
aChannel
Manually triggers violation report sending given a URI and reason. The URI may be null
, in which case "self" is sent.
void sendReports( in AString blockedURI, in AString violatedDirective );
blockedURI
policy
.violatedDirective
Delegate method called by the service when sub-elements of the protected document are being loaded. Given a bit of information about the request, decides whether or not the policy
is satisfied.
Calls to this may trigger violation reports when queried, so this value should not be cached.
short shouldLoad( in unsigned long aContentType, in nsIURI aContentLocation, in nsIURI aRequestOrigin, in nsISupports aContext, in ACString aMimeTypeGuess, in nsISupports aExtra );
aContentType
aContentLocation
aRequestOrigin
aContext
aMimeTypeGuess
aExtra
Delegate method called by the service when sub-elements of the protected document are being processed. Given a bit of information about the request, decides whether or not the policy
is satisfied.
short shouldProcess( in unsigned long aContentType, in nsIURI aContentLocation, in nsIURI aRequestOrigin, in nsISupports aContext, in ACString aMimeType, in nsISupports aExtra );
aContentType
aContentLocation
aRequestOrigin
aContext
aMimeType
aExtra