re-land bug 342187: query params for "ask google" anti-phishing queries

are in source code. This is triggering a leak in https since we make an https request, see bug 345136. r=mmchew,sr=ben
2006-07-19 01:05:52 +00:00 · 2006-07-19 01:05:52 +00:00 · 684b0f1794
--- a/browser/app/profile/firefox.js
+++ b/browser/app/profile/firefox.js
@ -476,13 +476,13 @@ pref("browser.safebrowsing.enabled", true);
 pref("browser.safebrowsing.remoteLookups", false);

 // Non-enhanced mode (local url lists) URL list to check for updates
-pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?");
+pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?client=navclient-auto-ffox2&");

 pref("browser.safebrowsing.dataProvider", 0);

 // Does the provider name need to be localizable?
 pref("browser.safebrowsing.provider.0.name", "Google");
-pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?");
+pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client=navclient-auto-ffox2&");
 pref("browser.safebrowsing.provider.0.keyURL", "https://www.google.com/safebrowsing/getkey?");
 pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?");

--- a/browser/components/safebrowsing/content/globalstore.js
+++ b/browser/components/safebrowsing/content/globalstore.js
@ -95,6 +95,24 @@ PROT_DataProvider.prototype.loadDataProviderPrefs_ = function() {
  this.reportGenericURL_ = this.prefs_.getPref(basePref + "reportGenericURL", "");
  this.reportErrorURL_ = this.prefs_.getPref(basePref + "reportErrorURL", "");
  this.reportPhishURL_ = this.prefs_.getPref(basePref + "reportPhishURL", "");
+
+  // Propogate the changes to the list-manager.
+  this.updateListManager_();
+}
+
+/**
+ * The list manager needs urls to operate.  It needs a url to know where the
+ * table updates are, and it needs a url for decrypting enchash style tables.
+ */
+PROT_DataProvider.prototype.updateListManager_ = function() {
+  var listManager = Cc["@mozilla.org/url-classifier/listmanager;1"]
+                      .getService(Ci.nsIUrlListManager);
+
+  // If we add support for changing local data providers, we need to add a
+  // pref observer that sets the update url accordingly.
+  listManager.setUpdateUrl(this.getUpdateURL());
+
+  listManager.setKeyUrl(this.getKeyURL());
 }

 //////////////////////////////////////////////////////////////////////////////
--- a/browser/components/safebrowsing/content/list-warden.js
+++ b/browser/components/safebrowsing/content/list-warden.js
@ -59,10 +59,6 @@ function PROT_ListWarden() {
                      .getService(Ci.nsIUrlListManager);
  this.listManager_ = listManager;

-  // If we add support for changing local data providers, we need to add a
-  // pref observer that sets the update url accordingly.
-  this.listManager_.setUpdateUrl(gDataProvider.getUpdateURL());
-
  // Once we register tables, their respective names will be listed here.
  this.blackTables_ = [];
  this.whiteTables_ = [];
--- a/browser/components/safebrowsing/content/tr-fetcher.js
+++ b/browser/components/safebrowsing/content/tr-fetcher.js
@ -62,16 +62,6 @@ function PROT_TRFetcher(opt_noCrypto) {

 PROT_TRFetcher.TRY_REKEYING_RESPONSE = "pleaserekey";

-/**
- * Query params we'll send. Don't touch unless you know what you're
- * doing and are prepared to carefully test. 
- */
-PROT_TRFetcher.prototype.extraQueryParams = {
-  sourceid: "firefox-antiphish",
-  features: "TrustRank",
-  client: "navclient-auto-ffox2"
-};
-
 /**
 * Get the URL of the request that will fetch us TR for the argument URL
 *
@ -90,9 +80,6 @@ PROT_TRFetcher.prototype.getRequestURL_ = function(url) {
  if (!requestURL)
    return null;

-  for (var param in this.extraQueryParams) 
-    requestURL += param + "=" + this.extraQueryParams[param] + "&";
-
  if (this.useCrypto_) {
    var maybeCryptedParams = this.urlCrypto_.maybeCryptParams({ "q": url});
    
--- a/toolkit/components/url-classifier/content/js/arc4.js
+++ b/toolkit/components/url-classifier/content/js/arc4.js
@ -87,7 +87,11 @@ ARC4.prototype.setKey = function(key, opt_length) {
 * @param {int} n is # of bytes to disregard from stream
 */
 ARC4.prototype.discard = function(n) {
-  var devnul = new Array(n);
+  // To avoid strict JS warnings, we fill the array with values.
+  var devnul = [];
+  for (var i = 0; i < n; i++) {
+    devnul[i] = 0;
+  }
  this.crypt(devnul);
 }

--- a/toolkit/components/url-classifier/content/listmanager.js
+++ b/toolkit/components/url-classifier/content/listmanager.js
@ -159,6 +159,18 @@ PROT_ListManager.prototype.setUpdateUrl = function(url) {
  }
 }

+/**
+ * Set the crypto key url.
+ * @param url String
+ */
+PROT_ListManager.prototype.setKeyUrl = function(url) {
+  G_Debug(this, "Set key url: " + url);
+  if (!this.urlCrypto_)
+    this.urlCrypto_ = new PROT_UrlCrypto();
+  
+  this.urlCrypto_.manager_.setKeyUrl(url);
+}
+
 /**
 * Register a new table table
 * @param tableName - the name of the table
--- a/toolkit/components/url-classifier/content/moz/cryptohasher.js
+++ b/toolkit/components/url-classifier/content/moz/cryptohasher.js
@ -55,10 +55,7 @@
 function G_CryptoHasher() {
  this.debugZone = "cryptohasher";
  this.decoder_ = new G_Base64();
-  this.hasher_ = Cc["@mozilla.org/security/hash;1"]
-                 .createInstance(Ci.nsICryptoHash);
-
-  this.initialized_ = false;
+  this.hasher_ = null;
 }

 G_CryptoHasher.algorithms = {
@ -86,7 +83,8 @@ G_CryptoHasher.prototype.init = function(algorithm) {
  if (!validAlgorithm)
    throw new Error("Invalid algorithm: " + algorithm);

-  this.initialized_ = true;
+  this.hasher_ = Cc["@mozilla.org/security/hash;1"]
+                 .createInstance(Ci.nsICryptoHash);
  this.hasher_.init(algorithm);
 }

@ -100,7 +98,7 @@ G_CryptoHasher.prototype.init = function(algorithm) {
 * @param input String containing data to hash.
 */ 
 G_CryptoHasher.prototype.updateFromString = function(input) {
-  if (!this.initialized_)
+  if (!this.hasher_)
    throw new Error("You must initialize the hasher first!");

  this.hasher_.update(this.decoder_.arrayifyString(input), input.length);
@ -113,7 +111,7 @@ G_CryptoHasher.prototype.updateFromString = function(input) {
 * @param input Array containing data to hash.
 */ 
 G_CryptoHasher.prototype.updateFromArray = function(input) {
-  if (!this.initialized_)
+  if (!this.hasher_)
    throw new Error("You must initialize the hasher first!");

  this.hasher_.update(input, input.length);
@ -124,7 +122,7 @@ G_CryptoHasher.prototype.updateFromArray = function(input) {
 * called multiple times from incremental hash updates.
 */
 G_CryptoHasher.prototype.updateFromStream = function(stream) {
-  if (!this.initialized_)
+  if (!this.hasher_)
    throw new Error("You must initialize the hasher first!");

  this.hasher_.updateFromStream(stream, stream.available());
@ -134,14 +132,18 @@ G_CryptoHasher.prototype.updateFromStream = function(stream) {
 * @returns The hash value as a string (sequence of 8-bit values)
 */ 
 G_CryptoHasher.prototype.digestRaw = function() {
-  return this.hasher_.finish(false /* not b64 encoded */);
+  var digest = this.hasher_.finish(false /* not b64 encoded */);
+  this.hasher_ = null;
+  return digest;
 }

 /**
 * @returns The hash value as a base64-encoded string
 */ 
 G_CryptoHasher.prototype.digestBase64 = function() {
-  return this.hasher_.finish(true /* b64 encoded */);
+  var digest = this.hasher_.finish(true /* b64 encoded */);
+  this.hasher_ = null;
+  return digest;
 }

 /**
--- a/toolkit/components/url-classifier/content/url-crypto-key-manager.js
+++ b/toolkit/components/url-classifier/content/url-crypto-key-manager.js
@ -68,11 +68,6 @@
 // server updates.
 const kKeyFilename = "kf.txt";

-// If we don't have a key, we can get one at this url.
-// XXX We shouldn't be referencing browser.safebrowsing. from here.  This
-// should be an constructor param or settable some other way.
-const kGetKeyUrl = "browser.safebrowsing.provider.0.keyURL";
-
 /**
 * A key manager for UrlCrypto. There should be exactly one of these
 * per appplication, and all UrlCrypto's should share it. This is
@ -80,6 +75,7 @@ const kGetKeyUrl = "browser.safebrowsing.provider.0.keyURL";
 * UrlCrypto's prototype at startup. We could've opted for a global
 * instead, but I like this better, even though it is spooky action
 * at a distance.
+ * XXX: Should be an XPCOM service
 *
 * @param opt_keyFilename String containing the name of the 
 *                        file we should serialize keys to/from. Used
@ -101,6 +97,9 @@ function PROT_UrlCryptoKeyManager(opt_keyFilename, opt_testing) {
  this.wrappedKey_ = null;         // Opaque websafe base64-encoded server key
  this.rekeyTries_ = 0;

+  // Don't do anything until keyUrl_ is set.
+  this.keyUrl_ = null;
+
  this.keyFilename_ = opt_keyFilename ? 
                      opt_keyFilename : kKeyFilename;

@ -115,7 +114,6 @@ function PROT_UrlCryptoKeyManager(opt_keyFilename, opt_testing) {
    PROT_UrlCrypto.prototype.manager_ = this;

    this.maybeLoadOldKey();
-    this.reKey();
  }
 }

@ -147,6 +145,20 @@ PROT_UrlCryptoKeyManager.prototype.getWrappedKey = function() {
  return this.wrappedKey_;
 }

+/**
+ * Change the key url.  When we do this, we go ahead and rekey.
+ * @param keyUrl String
+ */
+PROT_UrlCryptoKeyManager.prototype.setKeyUrl = function(keyUrl) {
+  // If it's the same key url, do nothing.
+  if (keyUrl == this.keyUrl_)
+    return;
+
+  this.keyUrl_ = keyUrl;
+  this.rekeyTries_ = 0;
+  this.reKey();
+}
+
 /**
 * Tell the manager to re-key. For safety, this method still obeys the
 * max-tries limit. Clients should generally use maybeReKey() if they
@ -162,9 +174,9 @@ PROT_UrlCryptoKeyManager.prototype.reKey = function() {

  G_Debug(this, "Attempting to re-key");
  var prefs = new G_Preferences();
-  var url = prefs.getPref(kGetKeyUrl, null);
-  if (!this.testing_ && url)
-    (new PROT_XMLFetcher()).get(url, 
+  // If the keyUrl isn't set, we don't do anything.
+  if (!this.testing_ && this.keyUrl_)
+    (new PROT_XMLFetcher()).get(this.keyUrl_,
                                BindToObject(this.onGetKeyResponse, this));
 }

--- a/toolkit/components/url-classifier/public/nsIUrlListManager.idl
+++ b/toolkit/components/url-classifier/public/nsIUrlListManager.idl
@ -48,7 +48,7 @@ interface nsIUrlListManagerCallback : nsISupports {
  void handleEvent(in boolean value);
 };

-[scriptable, uuid(914b3a54-47a8-4cb0-b9df-c89064f6bb34)]
+[scriptable, uuid(d39982d6-da4f-4a27-8d91-f9c7b179aa33)]
 interface nsIUrlListManager : nsISupports
 {
    /**
@ -56,6 +56,12 @@ interface nsIUrlListManager : nsISupports
     */
    void setUpdateUrl(in ACString url);

+    /**
+     * Set the URL we use to get keys used to decrypt URLs in
+     * enchash tables.
+     */
+    void setKeyUrl(in ACString url);
+
    /**
     * Add a table to the list of tables we are managing.  The name is a
     * string of the format provider_name-semantic_type-table_type.  For
--- a/toolkit/components/url-classifier/src/nsUrlClassifierListManager.js
+++ b/toolkit/components/url-classifier/src/nsUrlClassifierListManager.js
@ -56,6 +56,7 @@ function Init() {
  modScope.G_Alarm = jslib.G_Alarm;
  modScope.BindToObject = jslib.BindToObject;
  modScope.PROT_XMLFetcher = jslib.PROT_XMLFetcher;
+  modScope.PROT_UrlCrypto = jslib.PROT_UrlCrypto;

  // We only need to call Init once.
  modScope.Init = function() {};