author Tim Taubert <>
Wed, 14 Oct 2015 13:38:05 +0200
changeset 318135 29a076e8bc0d803b73533c95def47b7bdaf93dc9
parent 264194 90d9af9b861a816df7da099934525c8ead0ae270
child 387480 e9d8a75a0dcceedeaabf2924bcf8459db2da01f5
permissions -rw-r--r--
Bug 1191936 - Implement SPKI/PKCS#8/JWK import/export for RSA-PSS r=rbarnes

/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at */

#include "nsISupports.idl"

interface nsIURI;
interface nsIDomainSet;

%{ C++
namespace mozilla {
namespace dom {
class DomainPolicyClone;

[ptr] native DomainPolicyClonePtr(mozilla::dom::DomainPolicyClone);

 * When a domain policy is instantiated by invoking activateDomainPolicy() on
 * nsIScriptSecurityManager, these domain sets are consulted when each new
 * global is created (they have no effect on already-created globals).
 * If javascript is globally enabled with |javascript.enabled|, the blacklists
 * are consulted. If globally disabled, the whitelists are consulted. Lookups
 * on blacklist and whitelist happen with contains(), and lookups on
 * superBlacklist and superWhitelist happen with containsSuperDomain().
 * When deactivate() is invoked, the domain sets are emptied, and the
 * nsIDomainPolicy ceases to have any effect on the system.
[scriptable, builtinclass, uuid(82b24a20-6701-4d40-a0f9-f5dc7321b555)]
interface nsIDomainPolicy : nsISupports
    readonly attribute nsIDomainSet blacklist;
    readonly attribute nsIDomainSet superBlacklist;
    readonly attribute nsIDomainSet whitelist;
    readonly attribute nsIDomainSet superWhitelist;

    void deactivate();

    [noscript, notxpcom] void cloneDomainPolicy(in DomainPolicyClonePtr aClone);
    [noscript, notxpcom] void applyClone(in DomainPolicyClonePtr aClone);

[scriptable, builtinclass, uuid(665c981b-0a0f-4229-ac06-a826e02d4f69)]
interface nsIDomainSet : nsISupports
     * The type of the set. See: DomainSetType
    [noscript] readonly attribute uint32_t type;

     * Add a domain to the set. No-op if it already exists.
    void add(in nsIURI aDomain);

     * Remove a domain from the set. No-op if it doesn't exist.
    void remove(in nsIURI aDomain);

     * Remove all entries from the set.
    void clear();

     * Returns true if a given domain is in the set.
    bool contains(in nsIURI aDomain);

     * Returns true if a given domain is a subdomain of one of the entries in
     * the set.
    bool containsSuperDomain(in nsIURI aDomain);