Bug 1533074 - Implement Fingerprinting and Cryptomining annotation features - Part 3 - Cryptomining-annotation, r=dimi

Differential Revision: https://phabricator.services.mozilla.com/D22344 --HG-- extra : moz-landing-system : lando
2019-03-14 06:32:38 +00:00 · 2019-03-14 06:32:38 +00:00 · 5423d1a772
--- a/browser/app/profile/firefox.js
+++ b/browser/app/profile/firefox.js
@ -1247,6 +1247,7 @@ pref("services.sync.prefs.sync.privacy.fuzzyfox.clockgrainus", false);
 pref("services.sync.prefs.sync.privacy.sanitize.sanitizeOnShutdown", true);
 pref("services.sync.prefs.sync.privacy.trackingprotection.enabled", true);
 pref("services.sync.prefs.sync.privacy.trackingprotection.cryptomining.enabled", true);
+pref("services.sync.prefs.sync.privacy.trackingprotection.cryptomining.annotate.enabled", true);
 pref("services.sync.prefs.sync.privacy.trackingprotection.fingerprinting.enabled", true);
 pref("services.sync.prefs.sync.privacy.trackingprotection.fingerprinting.annotate.enabled", true);
 pref("services.sync.prefs.sync.privacy.trackingprotection.pbmode.enabled", true);
--- a/modules/libpref/init/StaticPrefList.h
+++ b/modules/libpref/init/StaticPrefList.h
@ -2021,13 +2021,18 @@ VARCACHE_PREF(
 )

 // Block 3rd party cryptomining resources.
-# define PREF_VALUE false
 VARCACHE_PREF(
  "privacy.trackingprotection.cryptomining.enabled",
   privacy_trackingprotection_cryptomining_enabled,
-  bool, PREF_VALUE
+  bool, false
+)
+
+// Annotate cryptomining resources.
+VARCACHE_PREF(
+  "privacy.trackingprotection.cryptomining.annotate.enabled",
+   privacy_trackingprotection_cryptomining_annotate_enabled,
+  bool, false
 )
-#undef PREF_VALUE

 // Lower the priority of network loads for resources on the tracking protection
 // list.  Note that this requires the
--- a/netwerk/url-classifier/UrlClassifierFeatureCryptominingAnnotation.cpp
+++ b/netwerk/url-classifier/UrlClassifierFeatureCryptominingAnnotation.cpp
@ -0,0 +1,158 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "UrlClassifierFeatureCryptominingAnnotation.h"
+
+#include "mozilla/AntiTrackingCommon.h"
+#include "mozilla/net/UrlClassifierCommon.h"
+#include "mozilla/StaticPrefs.h"
+#include "nsContentUtils.h"
+#include "nsNetUtil.h"
+
+namespace mozilla {
+namespace net {
+
+namespace {
+
+#define CRYPTOMINING_ANNOTATION_FEATURE_NAME "cryptomining-annotation"
+
+#define URLCLASSIFIER_CRYPTOMINING_ANNOTATION_BLACKLIST \
+  "urlclassifier.features.cryptomining.annotate.blacklistTables"
+#define URLCLASSIFIER_CRYPTOMINING_ANNOTATION_BLACKLIST_TEST_ENTRIES \
+  "urlclassifier.features.cryptomining.annotate.blacklistHosts"
+#define URLCLASSIFIER_CRYPTOMINING_ANNOTATION_WHITELIST \
+  "urlclassifier.features.cryptomining.annotate.whitelistTables"
+#define URLCLASSIFIER_CRYPTOMINING_ANNOTATION_WHITELIST_TEST_ENTRIES \
+  "urlclassifier.features.cryptomining.annotate.whitelistHosts"
+#define TABLE_CRYPTOMINING_ANNOTATION_BLACKLIST_PREF \
+  "cryptomining-annotate-blacklist-pref"
+#define TABLE_CRYPTOMINING_ANNOTATION_WHITELIST_PREF \
+  "cryptomining-annotate-whitelist-pref"
+
+StaticRefPtr<UrlClassifierFeatureCryptominingAnnotation>
+    gFeatureCryptominingAnnotation;
+
+}  // namespace
+
+UrlClassifierFeatureCryptominingAnnotation::
+    UrlClassifierFeatureCryptominingAnnotation()
+    : UrlClassifierFeatureBase(
+          NS_LITERAL_CSTRING(CRYPTOMINING_ANNOTATION_FEATURE_NAME),
+          NS_LITERAL_CSTRING(URLCLASSIFIER_CRYPTOMINING_ANNOTATION_BLACKLIST),
+          NS_LITERAL_CSTRING(URLCLASSIFIER_CRYPTOMINING_ANNOTATION_WHITELIST),
+          NS_LITERAL_CSTRING(
+              URLCLASSIFIER_CRYPTOMINING_ANNOTATION_BLACKLIST_TEST_ENTRIES),
+          NS_LITERAL_CSTRING(
+              URLCLASSIFIER_CRYPTOMINING_ANNOTATION_WHITELIST_TEST_ENTRIES),
+          NS_LITERAL_CSTRING(TABLE_CRYPTOMINING_ANNOTATION_BLACKLIST_PREF),
+          NS_LITERAL_CSTRING(TABLE_CRYPTOMINING_ANNOTATION_WHITELIST_PREF),
+          EmptyCString()) {}
+
+/* static */ const char* UrlClassifierFeatureCryptominingAnnotation::Name() {
+  return CRYPTOMINING_ANNOTATION_FEATURE_NAME;
+}
+
+/* static */
+void UrlClassifierFeatureCryptominingAnnotation::MaybeInitialize() {
+  UC_LOG(("UrlClassifierFeatureCryptominingAnnotation: MaybeInitialize"));
+
+  if (!gFeatureCryptominingAnnotation) {
+    gFeatureCryptominingAnnotation =
+        new UrlClassifierFeatureCryptominingAnnotation();
+    gFeatureCryptominingAnnotation->InitializePreferences();
+  }
+}
+
+/* static */
+void UrlClassifierFeatureCryptominingAnnotation::MaybeShutdown() {
+  UC_LOG(("UrlClassifierFeatureCryptominingAnnotation: MaybeShutdown"));
+
+  if (gFeatureCryptominingAnnotation) {
+    gFeatureCryptominingAnnotation->ShutdownPreferences();
+    gFeatureCryptominingAnnotation = nullptr;
+  }
+}
+
+/* static */
+already_AddRefed<UrlClassifierFeatureCryptominingAnnotation>
+UrlClassifierFeatureCryptominingAnnotation::MaybeCreate(nsIChannel* aChannel) {
+  MOZ_ASSERT(aChannel);
+
+  UC_LOG(
+      ("UrlClassifierFeatureCryptominingAnnotation: MaybeCreate for channel %p",
+       aChannel));
+
+  if (!StaticPrefs::
+          privacy_trackingprotection_cryptomining_annotate_enabled()) {
+    return nullptr;
+  }
+
+  if (!UrlClassifierCommon::ShouldEnableClassifier(aChannel)) {
+    return nullptr;
+  }
+
+  MaybeInitialize();
+  MOZ_ASSERT(gFeatureCryptominingAnnotation);
+
+  RefPtr<UrlClassifierFeatureCryptominingAnnotation> self =
+      gFeatureCryptominingAnnotation;
+  return self.forget();
+}
+
+/* static */
+already_AddRefed<nsIUrlClassifierFeature>
+UrlClassifierFeatureCryptominingAnnotation::GetIfNameMatches(
+    const nsACString& aName) {
+  if (!aName.EqualsLiteral(CRYPTOMINING_ANNOTATION_FEATURE_NAME)) {
+    return nullptr;
+  }
+
+  MaybeInitialize();
+  MOZ_ASSERT(gFeatureCryptominingAnnotation);
+
+  RefPtr<UrlClassifierFeatureCryptominingAnnotation> self =
+      gFeatureCryptominingAnnotation;
+  return self.forget();
+}
+
+NS_IMETHODIMP
+UrlClassifierFeatureCryptominingAnnotation::ProcessChannel(
+    nsIChannel* aChannel, const nsACString& aList, bool* aShouldContinue) {
+  NS_ENSURE_ARG_POINTER(aChannel);
+  NS_ENSURE_ARG_POINTER(aShouldContinue);
+
+  // This is not a blocking feature.
+  *aShouldContinue = true;
+
+  UC_LOG(
+      ("UrlClassifierFeatureCryptominingAnnotation::ProcessChannel, annotating "
+       "channel[%p]",
+       aChannel));
+
+  UrlClassifierCommon::AnnotateChannel(
+      aChannel, AntiTrackingCommon::eCryptomining,
+      nsIHttpChannel::ClassificationFlags::CLASSIFIED_CRYPTOMINING,
+      nsIWebProgressListener::STATE_LOADED_CRYPTOMINING_CONTENT);
+  return NS_OK;
+}
+
+NS_IMETHODIMP
+UrlClassifierFeatureCryptominingAnnotation::GetURIByListType(
+    nsIChannel* aChannel, nsIUrlClassifierFeature::listType aListType,
+    nsIURI** aURI) {
+  NS_ENSURE_ARG_POINTER(aChannel);
+  NS_ENSURE_ARG_POINTER(aURI);
+
+  if (aListType == nsIUrlClassifierFeature::blacklist) {
+    return aChannel->GetURI(aURI);
+  }
+
+  MOZ_ASSERT(aListType == nsIUrlClassifierFeature::whitelist);
+  return UrlClassifierCommon::CreatePairwiseWhiteListURI(aChannel, aURI);
+}
+
+}  // namespace net
+}  // namespace mozilla
--- a/netwerk/url-classifier/UrlClassifierFeatureCryptominingAnnotation.h
+++ b/netwerk/url-classifier/UrlClassifierFeatureCryptominingAnnotation.h
@ -0,0 +1,46 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef mozilla_net_UrlClassifierFeatureCryptominingAnnotation_h
+#define mozilla_net_UrlClassifierFeatureCryptominingAnnotation_h
+
+#include "UrlClassifierFeatureBase.h"
+
+class nsIChannel;
+
+namespace mozilla {
+namespace net {
+
+class UrlClassifierFeatureCryptominingAnnotation final
+    : public UrlClassifierFeatureBase {
+ public:
+  static const char* Name();
+
+  static void MaybeShutdown();
+
+  static already_AddRefed<UrlClassifierFeatureCryptominingAnnotation>
+  MaybeCreate(nsIChannel* aChannel);
+
+  static already_AddRefed<nsIUrlClassifierFeature> GetIfNameMatches(
+      const nsACString& aName);
+
+  NS_IMETHOD ProcessChannel(nsIChannel* aChannel, const nsACString& aList,
+                            bool* aShouldContinue) override;
+
+  NS_IMETHOD GetURIByListType(nsIChannel* aChannel,
+                              nsIUrlClassifierFeature::listType aListType,
+                              nsIURI** aURI) override;
+
+ private:
+  UrlClassifierFeatureCryptominingAnnotation();
+
+  static void MaybeInitialize();
+};
+
+}  // namespace net
+}  // namespace mozilla
+
+#endif  // mozilla_net_UrlClassifierFeatureCryptominingAnnotation_h
--- a/netwerk/url-classifier/UrlClassifierFeatureCryptominingProtection.cpp
+++ b/netwerk/url-classifier/UrlClassifierFeatureCryptominingProtection.cpp
@ -17,7 +17,7 @@ namespace net {

 namespace {

-#define CRYPTOMINING_FEATURE_NAME "cryptomining"
+#define CRYPTOMINING_FEATURE_NAME "cryptomining-protection"

 #define URLCLASSIFIER_CRYPTOMINING_BLACKLIST \
  "urlclassifier.features.cryptomining.blacklistTables"
@ -150,31 +150,23 @@ UrlClassifierFeatureCryptominingProtection::ProcessChannel(
  *aShouldContinue = isAllowListed;

  if (isAllowListed) {
-    // Even with cryptomining blocking disabled, we still want to show the user
-    // that there are unblocked cryptominers on the site, so notify the UI that
-    // we loaded cryptomining content.  UI code can treat this notification
-    // differently depending on whether cryptomining blocking is enabled or
-    // disabled.
-    UrlClassifierCommon::NotifyChannelClassifierProtectionDisabled(
-        aChannel, nsIWebProgressListener::STATE_LOADED_CRYPTOMINING_CONTENT);
+    return NS_OK;
+  }
+
+  UrlClassifierCommon::SetBlockedContent(aChannel, NS_ERROR_CRYPTOMINING_URI,
+                                         aList, EmptyCString(), EmptyCString());
+
+  UC_LOG(
+      ("UrlClassifierFeatureCryptominingProtection::ProcessChannel, "
+       "cancelling "
+       "channel[%p]",
+       aChannel));
+  nsCOMPtr<nsIHttpChannelInternal> httpChannel = do_QueryInterface(aChannel);
+
+  if (httpChannel) {
+    Unused << httpChannel->CancelByChannelClassifier(NS_ERROR_CRYPTOMINING_URI);
  } else {
-    UrlClassifierCommon::SetBlockedContent(aChannel, NS_ERROR_CRYPTOMINING_URI,
-                                           aList, EmptyCString(),
-                                           EmptyCString());
-
-    UC_LOG(
-        ("UrlClassifierFeatureCryptominingProtection::ProcessChannel, "
-         "cancelling "
-         "channel[%p]",
-         aChannel));
-    nsCOMPtr<nsIHttpChannelInternal> httpChannel = do_QueryInterface(aChannel);
-
-    if (httpChannel) {
-      Unused << httpChannel->CancelByChannelClassifier(
-          NS_ERROR_CRYPTOMINING_URI);
-    } else {
-      Unused << aChannel->Cancel(NS_ERROR_CRYPTOMINING_URI);
-    }
+    Unused << aChannel->Cancel(NS_ERROR_CRYPTOMINING_URI);
  }

  return NS_OK;
--- a/netwerk/url-classifier/UrlClassifierFeatureFactory.cpp
+++ b/netwerk/url-classifier/UrlClassifierFeatureFactory.cpp
@ -7,6 +7,7 @@
 #include "mozilla/net/UrlClassifierFeatureFactory.h"

 // List of Features
+#include "UrlClassifierFeatureCryptominingAnnotation.h"
 #include "UrlClassifierFeatureCryptominingProtection.h"
 #include "UrlClassifierFeatureFingerprintingAnnotation.h"
 #include "UrlClassifierFeatureFingerprintingProtection.h"
@ -29,6 +30,7 @@ void UrlClassifierFeatureFactory::Shutdown() {
    return;
  }

+  UrlClassifierFeatureCryptominingAnnotation::MaybeShutdown();
  UrlClassifierFeatureCryptominingProtection::MaybeShutdown();
  UrlClassifierFeatureFingerprintingAnnotation::MaybeShutdown();
  UrlClassifierFeatureFingerprintingProtection::MaybeShutdown();
@ -65,14 +67,20 @@ void UrlClassifierFeatureFactory::GetFeaturesFromChannel(
    aFeatures.AppendElement(feature);
  }

-  // Fingerprinting Annotation
-  feature = UrlClassifierFeatureFingerprintingAnnotation::MaybeCreate(aChannel);
+  // Tracking Protection
+  feature = UrlClassifierFeatureTrackingProtection::MaybeCreate(aChannel);
  if (feature) {
    aFeatures.AppendElement(feature);
  }

-  // Tracking Protection
-  feature = UrlClassifierFeatureTrackingProtection::MaybeCreate(aChannel);
+  // Cryptomining Annotation
+  feature = UrlClassifierFeatureCryptominingAnnotation::MaybeCreate(aChannel);
+  if (feature) {
+    aFeatures.AppendElement(feature);
+  }
+
+  // Fingerprinting Annotation
+  feature = UrlClassifierFeatureFingerprintingAnnotation::MaybeCreate(aChannel);
  if (feature) {
    aFeatures.AppendElement(feature);
  }
@ -110,6 +118,12 @@ UrlClassifierFeatureFactory::GetFeatureByName(const nsACString& aName) {

  nsCOMPtr<nsIUrlClassifierFeature> feature;

+  // Cryptomining Annotation
+  feature = UrlClassifierFeatureCryptominingAnnotation::GetIfNameMatches(aName);
+  if (feature) {
+    return feature.forget();
+  }
+
  // Cryptomining Protection
  feature = UrlClassifierFeatureCryptominingProtection::GetIfNameMatches(aName);
  if (feature) {
@ -169,8 +183,15 @@ void UrlClassifierFeatureFactory::GetFeatureNames(nsTArray<nsCString>& aArray) {
    return;
  }

-  // Cryptomining Protection
  nsAutoCString name;
+
+  // Cryptomining Annotation
+  name.Assign(UrlClassifierFeatureCryptominingAnnotation::Name());
+  if (!name.IsEmpty()) {
+    aArray.AppendElement(name);
+  }
+
+  // Cryptomining Protection
  name.Assign(UrlClassifierFeatureCryptominingProtection::Name());
  if (!name.IsEmpty()) {
    aArray.AppendElement(name);
--- a/netwerk/url-classifier/moz.build
+++ b/netwerk/url-classifier/moz.build
@ -31,6 +31,7 @@ UNIFIED_SOURCES += [
    'nsChannelClassifier.cpp',
    'UrlClassifierCommon.cpp',
    'UrlClassifierFeatureBase.cpp',
+    'UrlClassifierFeatureCryptominingAnnotation.cpp',
    'UrlClassifierFeatureCryptominingProtection.cpp',
    'UrlClassifierFeatureCustomTables.cpp',
    'UrlClassifierFeatureFactory.cpp',
--- a/toolkit/components/url-classifier/SafeBrowsing.jsm
+++ b/toolkit/components/url-classifier/SafeBrowsing.jsm
@ -115,7 +115,17 @@ const FEATURES = [
      return Services.prefs.getBoolPref("browser.safebrowsing.features.flashBlock.update", this.enabled());
    },
  },
-  { name: "fingerprinting",
+  { name: "fingerprinting-annotation",
+    list: ["urlclassifier.features.fingerprinting.annotate.blacklistTables",
+           "urlclassifier.features.fingerprinting.annotate.whitelistTables"],
+    enabled() {
+      return Services.prefs.getBoolPref("privacy.trackingprotection.fingerprinting.annotate.enabled", false);
+    },
+    update() {
+      return Services.prefs.getBoolPref("browser.safebrowsing.features.fingerprinting.annotate.update", this.enabled());
+    },
+  },
+  { name: "fingerprinting-protection",
    list: ["urlclassifier.features.fingerprinting.blacklistTables",
           "urlclassifier.features.fingerprinting.whitelistTables"],
    enabled() {
@ -125,7 +135,16 @@ const FEATURES = [
      return Services.prefs.getBoolPref("browser.safebrowsing.features.fingerprinting.update", this.enabled());
    },
  },
-  { name: "cryptomining",
+  { name: "cryptomining-annotation",
+    list: ["urlclassifier.features.cryptomining.annotate.blacklistTables",
+           "urlclassifier.features.cryptomining.annotate.whitelistTables"],
+    enabled() {
+      return Services.prefs.getBoolPref("privacy.trackingprotection.annotate.cryptomining.enabled", false);
+    },
+    update() {
+      return Services.prefs.getBoolPref("browser.safebrowsing.features.cryptomining.annotate.update", this.enabled());
+    },
+  { name: "cryptomining-protection",
    list: ["urlclassifier.features.cryptomining.blacklistTables",
           "urlclassifier.features.cryptomining.whitelistTables"],
    enabled() {