1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/toolkit/components/url-classifier/SafeBrowsing.jsm Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,219 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +
1.8 +this.EXPORTED_SYMBOLS = ["SafeBrowsing"];
1.9 +
1.10 +const Cc = Components.classes;
1.11 +const Ci = Components.interfaces;
1.12 +const Cu = Components.utils;
1.13 +
1.14 +Cu.import("resource://gre/modules/Services.jsm");
1.15 +
1.16 +// Skip all the ones containining "test", because we never need to ask for
1.17 +// updates for them.
1.18 +function getLists(prefName) {
1.19 + let pref = Services.prefs.getCharPref(prefName);
1.20 + // Splitting an empty string returns [''], we really want an empty array.
1.21 + if (!pref) {
1.22 + return [];
1.23 + }
1.24 + return pref.split(",")
1.25 + .filter(function(value) { return value.indexOf("test-") == -1; })
1.26 + .map(function(value) { return value.trim(); });
1.27 +}
1.28 +
1.29 +// These may be a comma-separated lists of tables.
1.30 +const phishingLists = getLists("urlclassifier.phish_table");
1.31 +const malwareLists = getLists("urlclassifier.malware_table");
1.32 +const downloadBlockLists = getLists("urlclassifier.downloadBlockTable");
1.33 +const downloadAllowLists = getLists("urlclassifier.downloadAllowTable");
1.34 +
1.35 +var debug = false;
1.36 +function log(...stuff) {
1.37 + if (!debug)
1.38 + return;
1.39 +
1.40 + let msg = "SafeBrowsing: " + stuff.join(" ");
1.41 + Services.console.logStringMessage(msg);
1.42 + dump(msg + "\n");
1.43 +}
1.44 +
1.45 +this.SafeBrowsing = {
1.46 +
1.47 + init: function() {
1.48 + if (this.initialized) {
1.49 + log("Already initialized");
1.50 + return;
1.51 + }
1.52 +
1.53 + Services.prefs.addObserver("browser.safebrowsing", this.readPrefs.bind(this), false);
1.54 + this.readPrefs();
1.55 +
1.56 + // Register our two types of tables, and add custom Mozilla entries
1.57 + let listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].
1.58 + getService(Ci.nsIUrlListManager);
1.59 + for (let i = 0; i < phishingLists.length; ++i) {
1.60 + listManager.registerTable(phishingLists[i], false);
1.61 + }
1.62 + for (let i = 0; i < malwareLists.length; ++i) {
1.63 + listManager.registerTable(malwareLists[i], false);
1.64 + }
1.65 + for (let i = 0; i < downloadBlockLists.length; ++i) {
1.66 + listManager.registerTable(downloadBlockLists[i], false);
1.67 + }
1.68 + for (let i = 0; i < downloadAllowLists.length; ++i) {
1.69 + listManager.registerTable(downloadAllowLists[i], false);
1.70 + }
1.71 + this.addMozEntries();
1.72 +
1.73 + this.controlUpdateChecking();
1.74 + this.initialized = true;
1.75 +
1.76 + log("init() finished");
1.77 + },
1.78 +
1.79 +
1.80 + initialized: false,
1.81 + phishingEnabled: false,
1.82 + malwareEnabled: false,
1.83 +
1.84 + updateURL: null,
1.85 + gethashURL: null,
1.86 +
1.87 + reportURL: null,
1.88 + reportGenericURL: null,
1.89 + reportErrorURL: null,
1.90 + reportPhishURL: null,
1.91 + reportMalwareURL: null,
1.92 + reportMalwareErrorURL: null,
1.93 +
1.94 +
1.95 + getReportURL: function(kind) {
1.96 + return this["report" + kind + "URL"];
1.97 + },
1.98 +
1.99 +
1.100 + readPrefs: function() {
1.101 + log("reading prefs");
1.102 +
1.103 + debug = Services.prefs.getBoolPref("browser.safebrowsing.debug");
1.104 + this.phishingEnabled = Services.prefs.getBoolPref("browser.safebrowsing.enabled");
1.105 + this.malwareEnabled = Services.prefs.getBoolPref("browser.safebrowsing.malware.enabled");
1.106 + this.updateProviderURLs();
1.107 +
1.108 + // XXX The listManager backend gets confused if this is called before the
1.109 + // lists are registered. So only call it here when a pref changes, and not
1.110 + // when doing initialization. I expect to refactor this later, so pardon the hack.
1.111 + if (this.initialized)
1.112 + this.controlUpdateChecking();
1.113 + },
1.114 +
1.115 +
1.116 + updateProviderURLs: function() {
1.117 + try {
1.118 + var clientID = Services.prefs.getCharPref("browser.safebrowsing.id");
1.119 + } catch(e) {
1.120 + var clientID = Services.appinfo.name;
1.121 + }
1.122 +
1.123 + log("initializing safe browsing URLs, client id ", clientID);
1.124 + let basePref = "browser.safebrowsing.";
1.125 +
1.126 + // Urls to HTML report pages
1.127 + this.reportURL = Services.urlFormatter.formatURLPref(basePref + "reportURL");
1.128 + this.reportGenericURL = Services.urlFormatter.formatURLPref(basePref + "reportGenericURL");
1.129 + this.reportErrorURL = Services.urlFormatter.formatURLPref(basePref + "reportErrorURL");
1.130 + this.reportPhishURL = Services.urlFormatter.formatURLPref(basePref + "reportPhishURL");
1.131 + this.reportMalwareURL = Services.urlFormatter.formatURLPref(basePref + "reportMalwareURL");
1.132 + this.reportMalwareErrorURL = Services.urlFormatter.formatURLPref(basePref + "reportMalwareErrorURL");
1.133 +
1.134 + // Urls used to update DB
1.135 + this.updateURL = Services.urlFormatter.formatURLPref(basePref + "updateURL");
1.136 + this.gethashURL = Services.urlFormatter.formatURLPref(basePref + "gethashURL");
1.137 +
1.138 + this.updateURL = this.updateURL.replace("SAFEBROWSING_ID", clientID);
1.139 + this.gethashURL = this.gethashURL.replace("SAFEBROWSING_ID", clientID);
1.140 +
1.141 + let listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].
1.142 + getService(Ci.nsIUrlListManager);
1.143 +
1.144 + listManager.setUpdateUrl(this.updateURL);
1.145 + listManager.setGethashUrl(this.gethashURL);
1.146 + },
1.147 +
1.148 +
1.149 + controlUpdateChecking: function() {
1.150 + log("phishingEnabled:", this.phishingEnabled, "malwareEnabled:", this.malwareEnabled);
1.151 +
1.152 + let listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].
1.153 + getService(Ci.nsIUrlListManager);
1.154 +
1.155 + for (let i = 0; i < phishingLists.length; ++i) {
1.156 + if (this.phishingEnabled) {
1.157 + listManager.enableUpdate(phishingLists[i]);
1.158 + } else {
1.159 + listManager.disableUpdate(phishingLists[i]);
1.160 + }
1.161 + }
1.162 + for (let i = 0; i < malwareLists.length; ++i) {
1.163 + if (this.malwareEnabled) {
1.164 + listManager.enableUpdate(malwareLists[i]);
1.165 + } else {
1.166 + listManager.disableUpdate(malwareLists[i]);
1.167 + }
1.168 + }
1.169 + for (let i = 0; i < downloadBlockLists.length; ++i) {
1.170 + if (this.malwareEnabled) {
1.171 + listManager.enableUpdate(downloadBlockLists[i]);
1.172 + } else {
1.173 + listManager.disableUpdate(downloadBlockLists[i]);
1.174 + }
1.175 + }
1.176 + for (let i = 0; i < downloadAllowLists.length; ++i) {
1.177 + if (this.malwareEnabled) {
1.178 + listManager.enableUpdate(downloadAllowLists[i]);
1.179 + } else {
1.180 + listManager.disableUpdate(downloadAllowLists[i]);
1.181 + }
1.182 + }
1.183 + },
1.184 +
1.185 +
1.186 + addMozEntries: function() {
1.187 + // Add test entries to the DB.
1.188 + // XXX bug 779008 - this could be done by DB itself?
1.189 + const phishURL = "itisatrap.org/firefox/its-a-trap.html";
1.190 + const malwareURL = "itisatrap.org/firefox/its-an-attack.html";
1.191 +
1.192 + let update = "n:1000\ni:test-malware-simple\nad:1\n" +
1.193 + "a:1:32:" + malwareURL.length + "\n" +
1.194 + malwareURL;
1.195 + update += "n:1000\ni:test-phish-simple\nad:1\n" +
1.196 + "a:1:32:" + phishURL.length + "\n" +
1.197 + phishURL;
1.198 + log("addMozEntries:", update);
1.199 +
1.200 + let db = Cc["@mozilla.org/url-classifier/dbservice;1"].
1.201 + getService(Ci.nsIUrlClassifierDBService);
1.202 +
1.203 + // nsIUrlClassifierUpdateObserver
1.204 + let dummyListener = {
1.205 + updateUrlRequested: function() { },
1.206 + streamFinished: function() { },
1.207 + updateError: function() { },
1.208 + updateSuccess: function() { }
1.209 + };
1.210 +
1.211 + try {
1.212 + db.beginUpdate(dummyListener, "test-malware-simple,test-phish-simple", "");
1.213 + db.beginStream("", "");
1.214 + db.updateStream(update);
1.215 + db.finishStream();
1.216 + db.finishUpdate();
1.217 + } catch(ex) {
1.218 + // beginUpdate will throw harmlessly if there's an existing update in progress, ignore failures.
1.219 + log("addMozEntries failed!", ex);
1.220 + }
1.221 + },
1.222 +};
