Name Description Size
ActorsChild.cpp QuotaChild **************************************************************************** 5667
ActorsChild.h 2669
ActorsParent.cpp 341388
ActorsParent.h 667
ArtificialFailure.cpp 1200
ArtificialFailure.h Checks if an artificial failure should be triggered based on the specified category and the configured probability. This method evaluates if the provided failure category matches the categories set in the preferences. If a match is found, it then checks the probability of triggering an artificial failure. A random value is generated to determine if the failure should occur based on this probability. If both the category matches and the random value falls within the defined probability, the method returns an error code indicating the artificial failure. Otherwise, it returns a successful result. @param aCategory - The failure category to check against the configured categories for triggering an artificial failure. It must have only one bit set. @returns Result<Ok, nsresult> - An Ok result if no failure occurs; an Err result containing an error code if an artificial failure is triggered. Note: Consider replacing the preferences with a dedicated class with static methods for entering and leaving artificial failure mode, something like `ChaosMode`. The class would also implement an interface, for example `nsIQuotaArtificialFailure` allowing access from scripts. Example usage: This example demonstrates the usage of `ArtificialFailure` in conjunction with the `QM_TRY` macro to handle potential artificial failures gracefully. The `QM_TRY` macro will return early if an artificial failure occurs, with the corresponding error code from `ArtificialFailure`. ```cpp QM_TRY(ArtificialFailure( nsIQuotaArtificialFailure::CATEGORY_INITIALIZE_ORIGIN)); ``` 2492
Assertions.cpp 1210
Assertions.h 794
AssertionsImpl.h 1413
BackgroundThreadObject.cpp 1172
BackgroundThreadObject.h 931
CachingDatabaseConnection.cpp 5720
CachingDatabaseConnection.h 7457
CanonicalQuotaObject.cpp aTruncate 10013
CanonicalQuotaObject.h aIsRemote 2418
CheckedUnsafePtr.h 20455
CipherKeyManager.h 3195
CipherStrategy.h 1426
Client.cpp 6683
Client.h 5575
ClientDirectoryLock.cpp 2426
ClientDirectoryLock.h 2282
ClientDirectoryLockHandle.cpp 4326
ClientDirectoryLockHandle.h @class ClientDirectoryLockHandle @brief RAII-style wrapper for managing a ClientDirectoryLock. ClientDirectoryLockHandle is a RAII-style wrapper that manages a ClientDirectoryLock created by QuotaManager::OpenClientDirectory. This class ensures that the associated directory lock remains acquired while the handle is in scope and automatically drops it when destroyed. ## Usage: - See QuotaManager::OpenClientDirectory for details on obtaining a ClientDirectoryLockHandle. - The handle should be retained for as long as access to the directory is needed. ## Threading: - Must be used only on the thread that created it, except that it may be safely destroyed from another thread after being moved (see also Destruction). - `AssertIsOnOwningThread()` is primarily used internally to verify correct threading, but clients can use it for additional thread-safety checks if needed. ## Destruction: - If the lock has already been dropped (e.g., due to move), the destructor does nothing. - The destructor automatically drops the lock if it is still held. - Thus, it is safe to destroy a handle from any thread as long as the handle was moved beforehand on the owning thread. ## Key Features: - Move-only: Prevents accidental copies. - Implicit boolean conversion to check if the handle holds a valid `ClientDirectoryLock`. - Easy access to the underlying ClientDirectoryLock using `operator*` and `operator->`. - Moved-from handles are placed in a well-defined inert state and can be safely inspected using `IsInert()` for diagnostic purposes. 4248
ClientImpl.h 1088
ClientStorageScope.h Represents a scope within an origin directory, currently covering either a specific client (`Client`), metadata (`Metadata`), or a match-all scope (`Null`). The use of "Storage" in the class name is intentional. Unlike `PersistenceScope` and `OriginScope`, which match only specific directories, this scope is meant to cover all entries within an origin directory. That includes client specific folders (e.g., idb/, fs/) and, in the future, files like metadata that exist alongside them. The special `Metadata` scope exists because adding the metadata type to client types would complicate other aspects of the system. A special client implementation just for working with the metadata file would be overkill. However, we need a way to lock just the metadata file. Since metadata files reside alongside client directories under the same origin directory, it makes sense to include them in the `ClientStorageScope`. This class provides operations to check the current scope type (`Client`, `Metadata`, or `Null`), set the scope type, retrieve a client type, and match it with another scope. 4966
ClientUsageArray.cpp 1601
ClientUsageArray.h 1248
CommonMetadata.h 7945
CommonMetadataArray.h 578
CommonMetadataArrayFwd.h 664
components.conf 1123
ConditionalCompilation.h Macros for conditional compilation based on build configuration. These macros are primarily used to inline debug or configuration specific declarations or expressions in a single line without needing explicit #ifdef blocks. This improves readability and avoids code clutter. Current macros include: - DEBUGONLY(expr) - DIAGNOSTICONLY(expr) This header may also include future macros such as: - NIGHTLYONLY(expr) - IF_NIGHTLY(expr) All macros in this file are designed for compile time control over code inclusion and should not introduce runtime behavior. 1358
Config.h 1047
Constants.h 3010
Date.h A lightweight utility class representing a date as the number of days since the Unix epoch (1970-01-01 UTC). This class is useful when full timestamp precision is not needed and only a compact representation is required, such as when storing the value in an int32_t field. An int32_t can safely represent dates out to the year ~5.8 million, making this format ideal for tracking coarse-grained time values like origin maintenance dates, and similar use cases. Internally, the date is derived from PR_Now(), which returns microseconds since the epoch. This ensures consistency with other quota-related timestamp logic, such as origin last access time. 2290
DecryptingInputStream.cpp 3572
DecryptingInputStream.h 6342
DecryptingInputStream_impl.h aCheckAvailableBytes 15981
DirectoryLock.h 1103
DirectoryLockCategory.h 2388
DirectoryLockImpl.cpp Automatically log information about a directory lock if acquiring of the directory lock takes this long. We've chosen a value that is long enough that it is unlikely for the problem to be falsely triggered by slow system I/O. We've also chosen a value long enough so that testers can notice the timeout; we want to know about the timeouts, not hide them. On the other hand this value is less than 45 seconds which is used by quota manager to crash a hung quota manager shutdown. 14506
DirectoryLockImpl.h 8369
DirectoryLockInlines.h 1744
DirectoryMetadata.cpp 4150
DirectoryMetadata.h Directory Metadata File Format (.metadata-v2) The metadata file is a binary file containing metadata information for an origin directory. It consists of a header and several additional fields, some of which are maintained only for backward compatibility. Header (OriginStateMetadata): - int64_t mLastAccessTime The last access time of the origin in microseconds since the epoch. - bool mPersisted True if the origin is marked as persisted and should survive origin eviction. - uint32_t flags A bitfield of DirectoryMetadataFlags used to store boolean state flags. This field currently maps only to mAccessed. The defined flags are: - Initialized: Always set when writing metadata; indicates that this field contains valid flag bits. Older files written before this flag was introduced will have this field set to zero. - Accessed: Indicates whether the origin has been accessed by a quota client. This maps directly to the mAccessed field in memory. If the Initialized flag is not set, the flags field is considered invalid and mAccessed is conservatively set to true to ensure a full initialization scan. - int32_t mLastMaintenanceDate The last maintenance date of the origin in days since the epoch. Legacy fields (still written and read for backward compatibility, but no longer used): - nsCString mSuffix Originally used for origin attributes. Still written to preserve compatibility. - nsCString mGroup Originally used for quota group. Still written to preserve compatibility. Storage fields: - nsCString mStorageOrigin Storage origin string (actively used for reconstructing the principal). Legacy fields (continued): - bool mIsPrivate Flag originally used for private browsing contexts or apps. Still written. Validation check: - After reading all expected fields, any additional data (even a single 32-bit value) is treated as an error. Notes: - OriginStateMetadata is loaded first and interpreted independently. This allows fast and safe updates to the metadata header on disk without rewriting the full file. - The header is intentionally designed to contain only fixed-size fields. This allows updating the header in-place without creating a temporary file. 3638
DummyCipherStrategy.h 1746
EncryptedBlock.h 3592
EncryptingOutputStream.cpp 2033
EncryptingOutputStream.h 3850
EncryptingOutputStream_impl.h 8563
ErrorHandling.h 1419
FileStreams.cpp aTruncate 6864
FileStreams.h 6204
FileUtils.cpp 1408
FileUtils.h 715
FirstInitializationAttempts.h 2448
FirstInitializationAttemptsImpl.h 1394
Flatten.h 3192
ForwardDecls.h 3865
GroupInfo.cpp 2705
GroupInfo.h 1992
GroupInfoPair.cpp 928
GroupInfoPair.h 2538
HashKeys.h 808
InitializationTypes.cpp 2506
InitializationTypes.h 3431
IPCQuotaObject.ipdlh 441
IPCStreamCipherStrategy.h 575
metrics.yaml 8695
moz.build 4890
MozPromiseUtils.h 3788
NormalOriginOperationBase.cpp 1091
NormalOriginOperationBase.h 1802
NotifyUtils.cpp 2027
NotifyUtils.h 888
NotifyUtilsCommon.cpp 1424
NotifyUtilsCommon.h 738
nsIndexedDBProtocolHandler.cpp 1359
nsIndexedDBProtocolHandler.h 821
nsIQuotaArtificialFailure.idl 649
nsIQuotaCallbacks.idl 745
nsIQuotaManagerService.idl Asynchronously retrieves storage name and returns it as a plain string. If the dom.quotaManager.testing preference is not true the call will be a no-op. 18989
nsIQuotaManagerServiceInternal.idl This interface defines internal methods for use within Quota Manager code. It is intended strictly for internal implementation details and should not be used outside of Quota Manager internal code. 1508
nsIQuotaRequests.idl 1404
nsIQuotaResults.idl 1957
nsIQuotaUtilsService.idl This interface provides utility methods for storage and quota management that require information only available in JavaScript system modules. It serves as a bridge for accessing such information from C++ code where direct access is not feasible. 970
NSSCipherStrategy.cpp 4976
NSSCipherStrategy.h 1824
OpenClientDirectoryInfo.cpp 2536
OpenClientDirectoryInfo.h @class OpenClientDirectoryInfo @brief Tracks the first and last access to an origin directory. OpenClientDirectoryInfo is a lightweight internal helper used to track access to a specific origin directory after a call to QuotaManager::OpenClientDirectory. It keeps a count of active ClientDirectoryLockHandle instances associated with the origin directory and allows the QuotaManager to update the directory’s access time when the first handle is created and when the last one is released. Although this class is currently focused on tracking origin-level access, it may be extended in the future to track finer-grained access to individual client directories as well. The name reflects its connection to the broader OpenClientDirectory mechanism, which is central to how quota clients initiate access to their storage. ## Usage: - Created by QuotaManager::RegisterClientDirectoryLockHandle. - Removed by QuotaManager::UnregisterClientDirectoryLockHandle. ## Lifetime: - Exists only while at least one ClientDirectoryLockHandle is active for the origin directory. ## Threading: - Must be used only on the thread that created it. - `AssertIsOnOwningThread()` can be used to verify correct usage. 3002
OpenClientDirectoryUtils.h aExclusive 6081
OriginDirectoryLock.cpp aExclusive 1578
OriginDirectoryLock.h 1792
OriginInfo.cpp 6743
OriginInfo.h In some special cases like the LocalStorage client where it's possible to create a Quota-using representation but not actually write any data, we want to be able to track quota for an origin without creating its origin directory or the per-client files until they are actually needed to store data. In those cases, the OriginInfo will be created by InitQuotaForOrigin and the resulting mDirectoryExists will be false until the origin actually needs to be created. It is possible for mUsage to be greater than zero while mDirectoryExists is false, representing a state where a client like LocalStorage has reserved quota for disk writes, but has not yet flushed the data to disk. 5043
OriginOperationBase.cpp 4953
OriginOperationBase.h 2042
OriginOperationCallbacks.h 2206
OriginOperations.cpp 125171
OriginOperations.h 7862
OriginParser.cpp 12395
OriginParser.h Checks whether the given origin attributes suffix corresponds to a specific user context, based on the provided `userContextId` value. This function parses the input suffix into an `OriginAttributes` object and evaluates the `userContextId` attribute. If the attribute matches the given `aUserContextId`, the suffix is considered to belong to that user context. Other attributes in the suffix are ignored. @param aSuffix The origin attributes suffix to check. This must be a valid suffix; otherwise, the code will trigger an assertion failure. @param aUserContextId The `userContextId` value to compare against the attribute in the suffix. @return `true` if the `userContextId` attribute matches `aUserContextId`, `false` otherwise. @note The input must be a valid suffix. Invalid inputs will cause a diagnostic assertion failure because of `MOZ_ALWAYS_TRUE`. 5035
OriginScope.h 11570
PersistenceScope.cpp 962
PersistenceScope.h 4465
PersistenceType.cpp 7150
PersistenceType.h 2482
PQuota.ipdl 6111
PQuotaRequest.ipdl 1091
PQuotaUsageRequest.ipdl 459
PRemoteQuotaObject.ipdl 730
PrincipalUtils.cpp 9306
PrincipalUtils.h 1734
PromiseUtils.cpp 1124
PromiseUtils.h 690
QMResult.cpp 670
QMResult.h Propagate the result. This is used by GenericErrorResult<QMResult> to create a propagated result. 1622
QuotaCommon.cpp aStart 22400
QuotaCommon.h 70672
QuotaManager.h 43487
QuotaManagerImpl.h 1837
QuotaManagerService.cpp aIID 52334
QuotaManagerService.h mozilla_dom_quota_QuotaManagerService_h 2712
QuotaObject.cpp 2507
QuotaObject.h 2547
QuotaParent.cpp 38583
QuotaParent.h 6783
QuotaPrefs.cpp 1570
QuotaPrefs.h The QuotaPrefs class provides static helper methods for evaluating preferences with non-trivial logic. 817
QuotaRequestBase.cpp 1152
QuotaRequestBase.h 1545
QuotaRequests.cpp 6385
QuotaRequests.h 2775
QuotaResults.cpp 4459
QuotaResults.h 1943
QuotaUsageRequestChild.cpp 1390
QuotaUsageRequestChild.h 1365
QuotaUsageRequestParent.cpp 1153
QuotaUsageRequestParent.h 1211
QuotaUtilsService.sys.mjs 827
RemoteQuotaObject.cpp aIsRemote 1623
RemoteQuotaObject.h 1385
RemoteQuotaObjectChild.cpp 1002
RemoteQuotaObjectChild.h 1084
RemoteQuotaObjectParent.cpp aTruncate 1995
RemoteQuotaObjectParent.h 1363
RemoteQuotaObjectParentTracker.h 1225
RemoveParen.h 900
ResolvableNormalOriginOp.h 1931
ResultExtensions.h 5012
SanitizationUtils.cpp 1146
SanitizationUtils.h 682
ScopedLogExtraInfo.cpp static 2665
ScopedLogExtraInfo.h 2475
scripts
SerializationHelpers.h 6432
StorageHelpers.cpp 2015
StorageHelpers.h This class provides a RAII wrap of attaching and detaching database in a given C++ scope. It is guaranteed that an attached database will be detached even if you have an exception or return early. @param aConnection The connection to attach a database to. @param aDatabaseFile The database file to attach. @param aSchemaName The schema-name. Can be any string literal which is supported by the underlying database. For more details about schema-name, see https://www.sqlite.org/lang_attach.html 1779
StorageManager.cpp PersistentStoragePermissionRequest **************************************************************************** 22029
StorageManager.h 1769
StorageOriginAttributes.cpp 2769
StorageOriginAttributes.h 2010
StreamUtils.cpp 2749
StreamUtils.h 1209
StringifyUtils.cpp static 1711
StringifyUtils.h 1848
TargetPtrHolder.h 1495
test
ThreadUtils.cpp aThread 2547
ThreadUtils.h Add a temporary thread observer and listen for the "AfterProcessNextEvent" notification. Once the notification is received, remove the temporary thread observer and call aCallback. In practice, this calls aCallback immediately after the current thread is done with running and releasing recently popped event from thread's event queue. If called multiple times, all the callbacks will be executed, in the order in which RunAfterProcessingCurrentEvent() was called. Use this method if you need to dispatch the same or some other runnable to another thread in a way which prevents any race conditions (for example unpredictable releases of objects). This method should be used only in existing code which can't be easily converted to use MozPromise which doesn't have the problem with unpredictable releases of objects, see: https://searchfox.org/mozilla-central/rev/4582d908c17fbf7924f5699609fe4a12c28ddc4a/xpcom/threads/MozPromise.h#866 Note: Calling this method from a thread pool is not supported since thread pools don't fire the "AfterProcessNextEvent" notification. The method has a diagnostic assertion for that so any calls like that will be caught in builds with enabled diagnostic assertions. The callback will never get executed in other builds, such as release builds. The limitation can be removed completely when thread pool implementation gets support for firing the "AfterProcessNextEvent". 2577
UniversalDirectoryLock.cpp aExclusive 3032
UniversalDirectoryLock.h / 2161
UsageInfo.h 2599