• file
• revisions
• annotate
• diff
• comparison
• raw

toolkit/components/url-classifier/SafeBrowsing.jsm@6474c204b198 (annotated)

toolkit/components/url-classifier/SafeBrowsing.jsm

Wed, 31 Dec 2014 06:09:35 +0100

author

Michael Schloh von Bennewitz <michael@schloh.com>

date

Wed, 31 Dec 2014 06:09:35 +0100

changeset 0

6474c204b198

permissions

-rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

michael@0	1	/* This Source Code Form is subject to the terms of the Mozilla Public
michael@0	2	* License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0	3	* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0	4
michael@0	5	this.EXPORTED_SYMBOLS = ["SafeBrowsing"];
michael@0	6
michael@0	7	const Cc = Components.classes;
michael@0	8	const Ci = Components.interfaces;
michael@0	9	const Cu = Components.utils;
michael@0	10
michael@0	11	Cu.import("resource://gre/modules/Services.jsm");
michael@0	12
michael@0	13	// Skip all the ones containining "test", because we never need to ask for
michael@0	14	// updates for them.
michael@0	15	function getLists(prefName) {
michael@0	16	let pref = Services.prefs.getCharPref(prefName);
michael@0	17	// Splitting an empty string returns [''], we really want an empty array.
michael@0	18	if (!pref) {
michael@0	19	return [];
michael@0	20	}
michael@0	21	return pref.split(",")
michael@0	22	.filter(function(value) { return value.indexOf("test-") == -1; })
michael@0	23	.map(function(value) { return value.trim(); });
michael@0	24	}
michael@0	25
michael@0	26	// These may be a comma-separated lists of tables.
michael@0	27	const phishingLists = getLists("urlclassifier.phish_table");
michael@0	28	const malwareLists = getLists("urlclassifier.malware_table");
michael@0	29	const downloadBlockLists = getLists("urlclassifier.downloadBlockTable");
michael@0	30	const downloadAllowLists = getLists("urlclassifier.downloadAllowTable");
michael@0	31
michael@0	32	var debug = false;
michael@0	33	function log(...stuff) {
michael@0	34	if (!debug)
michael@0	35	return;
michael@0	36
michael@0	37	let msg = "SafeBrowsing: " + stuff.join(" ");
michael@0	38	Services.console.logStringMessage(msg);
michael@0	39	dump(msg + "\n");
michael@0	40	}
michael@0	41
michael@0	42	this.SafeBrowsing = {
michael@0	43
michael@0	44	init: function() {
michael@0	45	if (this.initialized) {
michael@0	46	log("Already initialized");
michael@0	47	return;
michael@0	48	}
michael@0	49
michael@0	50	Services.prefs.addObserver("browser.safebrowsing", this.readPrefs.bind(this), false);
michael@0	51	this.readPrefs();
michael@0	52
michael@0	53	// Register our two types of tables, and add custom Mozilla entries
michael@0	54	let listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].
michael@0	55	getService(Ci.nsIUrlListManager);
michael@0	56	for (let i = 0; i < phishingLists.length; ++i) {
michael@0	57	listManager.registerTable(phishingLists[i], false);
michael@0	58	}
michael@0	59	for (let i = 0; i < malwareLists.length; ++i) {
michael@0	60	listManager.registerTable(malwareLists[i], false);
michael@0	61	}
michael@0	62	for (let i = 0; i < downloadBlockLists.length; ++i) {
michael@0	63	listManager.registerTable(downloadBlockLists[i], false);
michael@0	64	}
michael@0	65	for (let i = 0; i < downloadAllowLists.length; ++i) {
michael@0	66	listManager.registerTable(downloadAllowLists[i], false);
michael@0	67	}
michael@0	68	this.addMozEntries();
michael@0	69
michael@0	70	this.controlUpdateChecking();
michael@0	71	this.initialized = true;
michael@0	72
michael@0	73	log("init() finished");
michael@0	74	},
michael@0	75
michael@0	76
michael@0	77	initialized: false,
michael@0	78	phishingEnabled: false,
michael@0	79	malwareEnabled: false,
michael@0	80
michael@0	81	updateURL: null,
michael@0	82	gethashURL: null,
michael@0	83
michael@0	84	reportURL: null,
michael@0	85	reportGenericURL: null,
michael@0	86	reportErrorURL: null,
michael@0	87	reportPhishURL: null,
michael@0	88	reportMalwareURL: null,
michael@0	89	reportMalwareErrorURL: null,
michael@0	90
michael@0	91
michael@0	92	getReportURL: function(kind) {
michael@0	93	return this["report" + kind + "URL"];
michael@0	94	},
michael@0	95
michael@0	96
michael@0	97	readPrefs: function() {
michael@0	98	log("reading prefs");
michael@0	99
michael@0	100	debug = Services.prefs.getBoolPref("browser.safebrowsing.debug");
michael@0	101	this.phishingEnabled = Services.prefs.getBoolPref("browser.safebrowsing.enabled");
michael@0	102	this.malwareEnabled = Services.prefs.getBoolPref("browser.safebrowsing.malware.enabled");
michael@0	103	this.updateProviderURLs();
michael@0	104
michael@0	105	// XXX The listManager backend gets confused if this is called before the
michael@0	106	// lists are registered. So only call it here when a pref changes, and not
michael@0	107	// when doing initialization. I expect to refactor this later, so pardon the hack.
michael@0	108	if (this.initialized)
michael@0	109	this.controlUpdateChecking();
michael@0	110	},
michael@0	111
michael@0	112
michael@0	113	updateProviderURLs: function() {
michael@0	114	try {
michael@0	115	var clientID = Services.prefs.getCharPref("browser.safebrowsing.id");
michael@0	116	} catch(e) {
michael@0	117	var clientID = Services.appinfo.name;
michael@0	118	}
michael@0	119
michael@0	120	log("initializing safe browsing URLs, client id ", clientID);
michael@0	121	let basePref = "browser.safebrowsing.";
michael@0	122
michael@0	123	// Urls to HTML report pages
michael@0	124	this.reportURL = Services.urlFormatter.formatURLPref(basePref + "reportURL");
michael@0	125	this.reportGenericURL = Services.urlFormatter.formatURLPref(basePref + "reportGenericURL");
michael@0	126	this.reportErrorURL = Services.urlFormatter.formatURLPref(basePref + "reportErrorURL");
michael@0	127	this.reportPhishURL = Services.urlFormatter.formatURLPref(basePref + "reportPhishURL");
michael@0	128	this.reportMalwareURL = Services.urlFormatter.formatURLPref(basePref + "reportMalwareURL");
michael@0	129	this.reportMalwareErrorURL = Services.urlFormatter.formatURLPref(basePref + "reportMalwareErrorURL");
michael@0	130
michael@0	131	// Urls used to update DB
michael@0	132	this.updateURL = Services.urlFormatter.formatURLPref(basePref + "updateURL");
michael@0	133	this.gethashURL = Services.urlFormatter.formatURLPref(basePref + "gethashURL");
michael@0	134
michael@0	135	this.updateURL = this.updateURL.replace("SAFEBROWSING_ID", clientID);
michael@0	136	this.gethashURL = this.gethashURL.replace("SAFEBROWSING_ID", clientID);
michael@0	137
michael@0	138	let listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].
michael@0	139	getService(Ci.nsIUrlListManager);
michael@0	140
michael@0	141	listManager.setUpdateUrl(this.updateURL);
michael@0	142	listManager.setGethashUrl(this.gethashURL);
michael@0	143	},
michael@0	144
michael@0	145
michael@0	146	controlUpdateChecking: function() {
michael@0	147	log("phishingEnabled:", this.phishingEnabled, "malwareEnabled:", this.malwareEnabled);
michael@0	148
michael@0	149	let listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].
michael@0	150	getService(Ci.nsIUrlListManager);
michael@0	151
michael@0	152	for (let i = 0; i < phishingLists.length; ++i) {
michael@0	153	if (this.phishingEnabled) {
michael@0	154	listManager.enableUpdate(phishingLists[i]);
michael@0	155	} else {
michael@0	156	listManager.disableUpdate(phishingLists[i]);
michael@0	157	}
michael@0	158	}
michael@0	159	for (let i = 0; i < malwareLists.length; ++i) {
michael@0	160	if (this.malwareEnabled) {
michael@0	161	listManager.enableUpdate(malwareLists[i]);
michael@0	162	} else {
michael@0	163	listManager.disableUpdate(malwareLists[i]);
michael@0	164	}
michael@0	165	}
michael@0	166	for (let i = 0; i < downloadBlockLists.length; ++i) {
michael@0	167	if (this.malwareEnabled) {
michael@0	168	listManager.enableUpdate(downloadBlockLists[i]);
michael@0	169	} else {
michael@0	170	listManager.disableUpdate(downloadBlockLists[i]);
michael@0	171	}
michael@0	172	}
michael@0	173	for (let i = 0; i < downloadAllowLists.length; ++i) {
michael@0	174	if (this.malwareEnabled) {
michael@0	175	listManager.enableUpdate(downloadAllowLists[i]);
michael@0	176	} else {
michael@0	177	listManager.disableUpdate(downloadAllowLists[i]);
michael@0	178	}
michael@0	179	}
michael@0	180	},
michael@0	181
michael@0	182
michael@0	183	addMozEntries: function() {
michael@0	184	// Add test entries to the DB.
michael@0	185	// XXX bug 779008 - this could be done by DB itself?
michael@0	186	const phishURL = "itisatrap.org/firefox/its-a-trap.html";
michael@0	187	const malwareURL = "itisatrap.org/firefox/its-an-attack.html";
michael@0	188
michael@0	189	let update = "n:1000\ni:test-malware-simple\nad:1\n" +
michael@0	190	"a:1:32:" + malwareURL.length + "\n" +
michael@0	191	malwareURL;
michael@0	192	update += "n:1000\ni:test-phish-simple\nad:1\n" +
michael@0	193	"a:1:32:" + phishURL.length + "\n" +
michael@0	194	phishURL;
michael@0	195	log("addMozEntries:", update);
michael@0	196
michael@0	197	let db = Cc["@mozilla.org/url-classifier/dbservice;1"].
michael@0	198	getService(Ci.nsIUrlClassifierDBService);
michael@0	199
michael@0	200	// nsIUrlClassifierUpdateObserver
michael@0	201	let dummyListener = {
michael@0	202	updateUrlRequested: function() { },
michael@0	203	streamFinished: function() { },
michael@0	204	updateError: function() { },
michael@0	205	updateSuccess: function() { }
michael@0	206	};
michael@0	207
michael@0	208	try {
michael@0	209	db.beginUpdate(dummyListener, "test-malware-simple,test-phish-simple", "");
michael@0	210	db.beginStream("", "");
michael@0	211	db.updateStream(update);
michael@0	212	db.finishStream();
michael@0	213	db.finishUpdate();
michael@0	214	} catch(ex) {
michael@0	215	// beginUpdate will throw harmlessly if there's an existing update in progress, ignore failures.
michael@0	216	log("addMozEntries failed!", ex);
michael@0	217	}
michael@0	218	},
michael@0	219	};