2012-07-28 10:25:11 +04:00
|
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
|
2012-10-31 20:13:28 +04:00
|
|
|
this.EXPORTED_SYMBOLS = ["SafeBrowsing"];
|
2012-07-28 10:25:11 +04:00
|
|
|
|
|
|
|
const Cc = Components.classes;
|
|
|
|
const Ci = Components.interfaces;
|
|
|
|
const Cu = Components.utils;
|
|
|
|
|
|
|
|
Cu.import("resource://gre/modules/Services.jsm");
|
|
|
|
|
2014-04-17 21:57:08 +04:00
|
|
|
// Skip all the ones containining "test", because we never need to ask for
|
|
|
|
// updates for them.
|
|
|
|
function getLists(prefName) {
|
2014-04-22 17:11:53 +04:00
|
|
|
let pref = Services.prefs.getCharPref(prefName);
|
|
|
|
// Splitting an empty string returns [''], we really want an empty array.
|
|
|
|
if (!pref) {
|
|
|
|
return [];
|
|
|
|
}
|
|
|
|
return pref.split(",")
|
2014-04-17 21:57:08 +04:00
|
|
|
.filter(function(value) { return value.indexOf("test-") == -1; })
|
|
|
|
.map(function(value) { return value.trim(); });
|
|
|
|
}
|
|
|
|
|
|
|
|
// These may be a comma-separated lists of tables.
|
|
|
|
const phishingLists = getLists("urlclassifier.phish_table");
|
|
|
|
const malwareLists = getLists("urlclassifier.malware_table");
|
|
|
|
const downloadBlockLists = getLists("urlclassifier.downloadBlockTable");
|
|
|
|
const downloadAllowLists = getLists("urlclassifier.downloadAllowTable");
|
2012-07-28 10:25:11 +04:00
|
|
|
|
|
|
|
var debug = false;
|
|
|
|
function log(...stuff) {
|
|
|
|
if (!debug)
|
|
|
|
return;
|
|
|
|
|
|
|
|
let msg = "SafeBrowsing: " + stuff.join(" ");
|
|
|
|
Services.console.logStringMessage(msg);
|
|
|
|
dump(msg + "\n");
|
|
|
|
}
|
|
|
|
|
2012-10-31 20:13:28 +04:00
|
|
|
this.SafeBrowsing = {
|
2012-07-28 10:25:11 +04:00
|
|
|
|
2012-07-31 04:14:29 +04:00
|
|
|
init: function() {
|
2012-07-28 10:25:11 +04:00
|
|
|
if (this.initialized) {
|
|
|
|
log("Already initialized");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2013-12-07 12:50:19 +04:00
|
|
|
Services.prefs.addObserver("browser.safebrowsing", this.readPrefs.bind(this), false);
|
2012-07-28 10:25:11 +04:00
|
|
|
this.readPrefs();
|
|
|
|
|
2012-08-02 02:52:47 +04:00
|
|
|
// Register our two types of tables, and add custom Mozilla entries
|
2012-07-28 10:25:11 +04:00
|
|
|
let listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].
|
|
|
|
getService(Ci.nsIUrlListManager);
|
2014-04-17 21:57:08 +04:00
|
|
|
for (let i = 0; i < phishingLists.length; ++i) {
|
2014-06-12 21:24:03 +04:00
|
|
|
listManager.registerTable(phishingLists[i], this.updateURL, this.gethashURL);
|
2014-04-17 21:57:08 +04:00
|
|
|
}
|
|
|
|
for (let i = 0; i < malwareLists.length; ++i) {
|
2014-06-12 21:24:03 +04:00
|
|
|
listManager.registerTable(malwareLists[i], this.updateURL, this.gethashURL);
|
2014-04-17 21:57:08 +04:00
|
|
|
}
|
|
|
|
for (let i = 0; i < downloadBlockLists.length; ++i) {
|
2014-06-12 21:24:03 +04:00
|
|
|
listManager.registerTable(downloadBlockLists[i], this.updateURL, this.gethashURL);
|
2014-04-17 21:57:08 +04:00
|
|
|
}
|
|
|
|
for (let i = 0; i < downloadAllowLists.length; ++i) {
|
2014-06-12 21:24:03 +04:00
|
|
|
listManager.registerTable(downloadAllowLists[i], this.updateURL, this.gethashURL);
|
2014-04-17 21:57:08 +04:00
|
|
|
}
|
2012-07-28 10:25:11 +04:00
|
|
|
this.addMozEntries();
|
|
|
|
|
|
|
|
this.controlUpdateChecking();
|
|
|
|
this.initialized = true;
|
|
|
|
|
|
|
|
log("init() finished");
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
|
|
initialized: false,
|
|
|
|
phishingEnabled: false,
|
|
|
|
malwareEnabled: false,
|
|
|
|
|
|
|
|
updateURL: null,
|
|
|
|
gethashURL: null,
|
2012-08-02 02:52:47 +04:00
|
|
|
|
|
|
|
reportURL: null,
|
2012-07-28 10:25:11 +04:00
|
|
|
reportGenericURL: null,
|
|
|
|
reportErrorURL: null,
|
|
|
|
reportPhishURL: null,
|
|
|
|
reportMalwareURL: null,
|
|
|
|
reportMalwareErrorURL: null,
|
|
|
|
|
|
|
|
|
|
|
|
getReportURL: function(kind) {
|
|
|
|
return this["report" + kind + "URL"];
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
|
|
readPrefs: function() {
|
|
|
|
log("reading prefs");
|
|
|
|
|
|
|
|
debug = Services.prefs.getBoolPref("browser.safebrowsing.debug");
|
|
|
|
this.phishingEnabled = Services.prefs.getBoolPref("browser.safebrowsing.enabled");
|
|
|
|
this.malwareEnabled = Services.prefs.getBoolPref("browser.safebrowsing.malware.enabled");
|
2012-08-02 02:52:47 +04:00
|
|
|
this.updateProviderURLs();
|
2012-07-28 10:25:11 +04:00
|
|
|
|
|
|
|
// XXX The listManager backend gets confused if this is called before the
|
|
|
|
// lists are registered. So only call it here when a pref changes, and not
|
|
|
|
// when doing initialization. I expect to refactor this later, so pardon the hack.
|
|
|
|
if (this.initialized)
|
|
|
|
this.controlUpdateChecking();
|
|
|
|
},
|
|
|
|
|
|
|
|
|
2012-08-02 02:52:47 +04:00
|
|
|
updateProviderURLs: function() {
|
2013-01-10 11:38:50 +04:00
|
|
|
try {
|
|
|
|
var clientID = Services.prefs.getCharPref("browser.safebrowsing.id");
|
|
|
|
} catch(e) {
|
|
|
|
var clientID = Services.appinfo.name;
|
|
|
|
}
|
2012-07-31 04:14:29 +04:00
|
|
|
|
2013-11-01 01:15:14 +04:00
|
|
|
log("initializing safe browsing URLs, client id ", clientID);
|
2012-08-02 02:52:47 +04:00
|
|
|
let basePref = "browser.safebrowsing.";
|
2012-07-31 04:14:29 +04:00
|
|
|
|
2012-08-02 02:52:47 +04:00
|
|
|
// Urls to HTML report pages
|
|
|
|
this.reportURL = Services.urlFormatter.formatURLPref(basePref + "reportURL");
|
|
|
|
this.reportGenericURL = Services.urlFormatter.formatURLPref(basePref + "reportGenericURL");
|
|
|
|
this.reportErrorURL = Services.urlFormatter.formatURLPref(basePref + "reportErrorURL");
|
|
|
|
this.reportPhishURL = Services.urlFormatter.formatURLPref(basePref + "reportPhishURL");
|
|
|
|
this.reportMalwareURL = Services.urlFormatter.formatURLPref(basePref + "reportMalwareURL");
|
|
|
|
this.reportMalwareErrorURL = Services.urlFormatter.formatURLPref(basePref + "reportMalwareErrorURL");
|
|
|
|
|
|
|
|
// Urls used to update DB
|
|
|
|
this.updateURL = Services.urlFormatter.formatURLPref(basePref + "updateURL");
|
|
|
|
this.gethashURL = Services.urlFormatter.formatURLPref(basePref + "gethashURL");
|
|
|
|
|
|
|
|
this.updateURL = this.updateURL.replace("SAFEBROWSING_ID", clientID);
|
|
|
|
this.gethashURL = this.gethashURL.replace("SAFEBROWSING_ID", clientID);
|
2012-07-28 10:25:11 +04:00
|
|
|
},
|
|
|
|
|
|
|
|
controlUpdateChecking: function() {
|
|
|
|
log("phishingEnabled:", this.phishingEnabled, "malwareEnabled:", this.malwareEnabled);
|
|
|
|
|
|
|
|
let listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].
|
|
|
|
getService(Ci.nsIUrlListManager);
|
|
|
|
|
2014-04-17 21:57:08 +04:00
|
|
|
for (let i = 0; i < phishingLists.length; ++i) {
|
|
|
|
if (this.phishingEnabled) {
|
|
|
|
listManager.enableUpdate(phishingLists[i]);
|
|
|
|
} else {
|
|
|
|
listManager.disableUpdate(phishingLists[i]);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
for (let i = 0; i < malwareLists.length; ++i) {
|
|
|
|
if (this.malwareEnabled) {
|
|
|
|
listManager.enableUpdate(malwareLists[i]);
|
|
|
|
} else {
|
|
|
|
listManager.disableUpdate(malwareLists[i]);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
for (let i = 0; i < downloadBlockLists.length; ++i) {
|
|
|
|
if (this.malwareEnabled) {
|
|
|
|
listManager.enableUpdate(downloadBlockLists[i]);
|
|
|
|
} else {
|
|
|
|
listManager.disableUpdate(downloadBlockLists[i]);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
for (let i = 0; i < downloadAllowLists.length; ++i) {
|
|
|
|
if (this.malwareEnabled) {
|
|
|
|
listManager.enableUpdate(downloadAllowLists[i]);
|
|
|
|
} else {
|
|
|
|
listManager.disableUpdate(downloadAllowLists[i]);
|
|
|
|
}
|
2013-11-01 01:15:14 +04:00
|
|
|
}
|
2012-07-28 10:25:11 +04:00
|
|
|
},
|
|
|
|
|
|
|
|
|
|
|
|
addMozEntries: function() {
|
|
|
|
// Add test entries to the DB.
|
2012-08-02 02:52:47 +04:00
|
|
|
// XXX bug 779008 - this could be done by DB itself?
|
2014-03-07 22:12:23 +04:00
|
|
|
const phishURL = "itisatrap.org/firefox/its-a-trap.html";
|
|
|
|
const malwareURL = "itisatrap.org/firefox/its-an-attack.html";
|
2012-07-28 10:25:11 +04:00
|
|
|
|
|
|
|
let update = "n:1000\ni:test-malware-simple\nad:1\n" +
|
|
|
|
"a:1:32:" + malwareURL.length + "\n" +
|
|
|
|
malwareURL;
|
|
|
|
update += "n:1000\ni:test-phish-simple\nad:1\n" +
|
|
|
|
"a:1:32:" + phishURL.length + "\n" +
|
|
|
|
phishURL;
|
|
|
|
log("addMozEntries:", update);
|
|
|
|
|
|
|
|
let db = Cc["@mozilla.org/url-classifier/dbservice;1"].
|
|
|
|
getService(Ci.nsIUrlClassifierDBService);
|
|
|
|
|
|
|
|
// nsIUrlClassifierUpdateObserver
|
|
|
|
let dummyListener = {
|
|
|
|
updateUrlRequested: function() { },
|
|
|
|
streamFinished: function() { },
|
|
|
|
updateError: function() { },
|
|
|
|
updateSuccess: function() { }
|
|
|
|
};
|
|
|
|
|
|
|
|
try {
|
|
|
|
db.beginUpdate(dummyListener, "test-malware-simple,test-phish-simple", "");
|
|
|
|
db.beginStream("", "");
|
|
|
|
db.updateStream(update);
|
|
|
|
db.finishStream();
|
|
|
|
db.finishUpdate();
|
|
|
|
} catch(ex) {
|
|
|
|
// beginUpdate will throw harmlessly if there's an existing update in progress, ignore failures.
|
|
|
|
log("addMozEntries failed!", ex);
|
|
|
|
}
|
|
|
|
},
|
|
|
|
};
|