What is missing in my nsIContentPolicy Firefox/Ice

2019-09-02 10:22发布

站内问答 / 移动开发
1297 1 5

In short

Why, based on the code detailed below, is the shouldLoad function not called?

Longer version

My goal

I am trying to construct a Firefox/Iceweasel extension that will cancel/redirect certain url requests.

Background

Based on what I have seen on the web, one way (if I want to intercept every request and not just the top document) to do this is to make an XPCOM component that implements the nsIContentPolicy interface, and register that component in the extension, and have the shouldLoad function examine the requested url and deny when appropriate.

Problem

I have implemented a component to the best of my effort, and integrated it with my extension. The component seems to work in the sense that it gets registered in compreg.dat, etc, BUT - the shouldLoad function does not get called, as far as I can tell.

Details

Environment

I am developing on Debian Linux using an IceWeasel version corresponding to FireFox 3.5.16.

Extension

My extension is based off of an example extension given at http://kb.mozillazine.org/Getting_started_with_extension_development#reg-em In essence, all it does is add a menu item that opens an alert-like dialog saying hello world. it has an onLoad registration that fires and alert saying "onLoad Reporting!". The alert fires without problems every time.

Reference

I have installed the extension Redirector, seemingly operating on the same principles, https://addons.mozilla.org/en-US/firefox/addon/redirector/ and it works (so it is likely to be a mistake in my code rather than the environment being bad).

Component

My component implementation is based on various sources I have found on the internet. I have placed it in a file in directory {pathtoextension}/helloworld/components/PolicyComponent.js, and its code is as follows:

Components.utils.import("resource://gre/modules/XPCOMUtils.jsm");  
const CI = Components.interfaces, CC = Components.classes, CR = Components.results;  

var componentobj = null;

function PolicyComponent()
{
    // this.wrappedJSObject = this;
}  

PolicyComponent.prototype = {  
  classDescription: "My QWERTY nsIContentPolicy XPCOM Component",  
  classID:          Components.ID("{6ffd2f60-3784-11e1-b86c-0800200c9a66}"),  
  contractID:       "@abc.def.com/policycomp;1",  
  QueryInterface: XPCOMUtils.generateQI([CI.nsIContentPolicy]),  


  testFunction: function() { return "Your component is not entirely broken!"; },  

  _xpcom_categories: [{
        category: "content-policy"
    }],

    _xpcom_factory  :
    {
        createInstance: function(outer, iid)
        {
            if (outer)
            { throw CR.NS_ERROR_NO_AGGREGATION;}
            if (componentobj == null)
            {
                componentobj = new PolicyComponent();   
            }
            else {}
            return componentobj.QueryInterface(iid);
        }
    },



    shouldLoad: function(contentType, contentLocation, requestOrigin, aContext, mimeTypeGuess, extra)
    {
        if (contentType != Ci.nsIContentPolicy.TYPE_DOCUMENT) {
                return Ci.nsIContentPolicy.ACCEPT;
            }

        if(-1 != contentLocation.spec.search("abc"))
            {
                aContext.loadURI("http://www.stroustrup.com/", requestOrigin, null);
                return Ci.nsIContentPolicy.REJECT_REQUEST;
            }
        return CI.nsIContentPolicy.ACCEPT;
    },

    shouldProcess: function(contentType, contentLocation, requestOrigin, insecNode, mimeType, extra) {
        return CI.nsIContentPolicy.ACCEPT;
    }    

};  
var components = [PolicyComponent];  

if (XPCOMUtils.generateNSGetFactory)  
    var NSGetFactory = XPCOMUtils.generateNSGetFactory([PolicyComponent]);  
else  
    var NSGetModule = XPCOMUtils.generateNSGetModule([PolicyComponent]);
Status

The component seems to be recognised by IceWeasel. If I remove compreg.dat and xpti.dat and restart IceWeasel, a grep on content-policy in compreg.dat gives the following result:

...
@mozilla.org/embedding/browser/content-policy;1,{f66bc334-1dd1-11b2-bab2-90e04fe15c19}
content-policy,@mozilla.org/data-document-content-policy;1,@mozilla.org/data-document-content-policy;1
content-policy,My QWERTY nsIContentPolicy XPCOM Component,@abc.def.com/policycomp;1
content-policy,@mozilla.org/no-data-protocol-content-policy;1,@mozilla.org/no-data-protocol-content-policy;1
...

So it seems as if there is at least something correct with the component. HOWEVER, I can still access web pages with "abc" in the url (which makes believe that the shouldLoad function is not called).

Further info

I have not added anything about the extension to the chrome.manifest file. It is my belief that I need not do that in version 3.5.x of FF/IW.

Questions

  1. What's wrong? :)

  2. Would I need to add something to chrome.manifest? Or is that only for FF 4+?

  3. Do I need to somehow instantiate the component/service further? Like in, say, the overlay.js in the onLoad hook?

  4. Do I need to register the component as valid for the extension in a more explicit way, and if so, how?

Thanks in advance!

标签: firefox xpcom
举报
1条回答
啃猪蹄的小仙女
2楼-- · 2019-09-02 10:45

Looks like you didn't verify that your shouldLoad method really isn't being called. I would suggest using dump() function to see what's really happening in your component. It seems more likely that it is being called but it throws an exception like "aContext.loadURI is not a function". Reason is that aContext for TYPE_DOCUMENT calls is an HTMLDocument object and it has no loadURI method. You probably want to call aContext.defaultView.location.replace() instead. But doing that from a content policy would be a security vulnerability (in fact, doing anything from a content policy that could cause the web page scripts to run would be a security vulnerability). If you look at the interface definition you will see that it comes with big warnings attached.

So a manipulation like this one needs to happen delayed, to make sure that it happens when the engine is in a consistent state. E.g. you could do:

aContext.defaultView.setTimeout("window.location.replace('http://www.stroustrup.com/')", 0);

What's wrong? :)

Other than what I mentioned above, you probably shouldn't define your custom _xpcom_factory function. Content policies are always used as a service meaning that they are automatically singletons. Your own code accessing the component should use getService() as well of course.

Would I need to add something to chrome.manifest? Or is that only for FF 4+?

Yes, for FF4+. Something like:

component {6ffd2f60-3784-11e1-b86c-0800200c9a66} components/PolicyComponent.js
contract @abc.def.com/policycomp;1 {6ffd2f60-3784-11e1-b86c-0800200c9a66}
category content-policy @abc.def.com/policycomp;1 @abc.def.com/policycomp;1

Do I need to somehow instantiate the component/service further? Like in, say, the overlay.js in the onLoad hook?

No, that happens automatically by the built-in content policy component.

Do I need to register the component as valid for the extension in a more explicit way, and if so, how?

Don't know what you mean.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)