Bug 826992 - Avoid hardcoded clientId in SafeBrowsing.jsm. r=Mossop,r=mfinkle,r=gcp

browser/app/Makefile.in

@@ -31,9 +31,12 @@ DEFINES += \
   -DNEWWINDOW_ICO=\"$(DIST)/branding/newwindow.ico\" \
   -DNEWTAB_ICO=\"$(DIST)/branding/newtab.ico\" \
   -DPBMODE_ICO=\"$(DIST)/branding/pbmode.ico\" \
-
   $(NULL)
 
+ifdef MOZILLA_OFFICIAL
+DEFINES += -DMOZILLA_OFFICIAL
+endif
+
 ifdef LIBXUL_SDK #{
 PREF_JS_EXPORTS += $(srcdir)/profile/channel-prefs.js
 DEFINES += -DLIBXUL_SDK

browser/app/profile/firefox.js

@@ -734,6 +734,12 @@ pref("browser.safebrowsing.reportMalwareErrorURL", "http://%LOCALE%.malware-erro
 pref("browser.safebrowsing.warning.infoURL", "http://www.mozilla.com/%LOCALE%/firefox/phishing-protection/");
 pref("browser.safebrowsing.malware.reportURL", "http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=%NAME%&hl=%LOCALE%&site=");
 
+#ifdef MOZILLA_OFFICIAL
+// Normally the "client ID" sent in updates is appinfo.name, but for
+// official Firefox releases from Mozilla we use a special identifier.
+pref("browser.safebrowsing.id", "navclient-auto-ffox");
+#endif
+
 // Name of the about: page contributed by safebrowsing to handle display of error
 // pages on phishing/malware hits.  (bug 399233)
 pref("urlclassifier.alternate_error_page", "blocked");

mobile/android/app/Makefile.in

@@ -46,6 +46,7 @@ DEFINES += \
   -DAPP_NAME=$(MOZ_APP_NAME) \
   -DAPP_VERSION=$(MOZ_APP_VERSION) \
   -DMOZ_UPDATER=$(MOZ_UPDATER) \
+  -DMOZ_APP_UA_NAME=$(MOZ_APP_UA_NAME) \
   $(NULL)
 
 ifdef MOZ_PKG_SPECIAL

mobile/android/app/mobile.js

@@ -573,6 +573,8 @@ pref("browser.safebrowsing.reportMalwareErrorURL", "http://%LOCALE%.malware-erro
 pref("browser.safebrowsing.warning.infoURL", "http://www.mozilla.com/%LOCALE%/firefox/phishing-protection/");
 pref("browser.safebrowsing.malware.reportURL", "http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=%NAME%&hl=%LOCALE%&site=");
 
+pref("browser.safebrowsing.id", @MOZ_APP_UA_NAME@);
+
 // Name of the about: page contributed by safebrowsing to handle display of error
 // pages on phishing/malware hits.  (bug 399233)
 pref("urlclassifier.alternate_error_page", "blocked");

mobile/android/components/Makefile.in

@@ -39,14 +39,4 @@ EXTRA_COMPONENTS = \
         BlocklistPrompt.js \
         $(NULL)
 
-ifdef MOZ_SAFE_BROWSING
-DEFINES += \
-        -DMOZ_APP_UA_NAME=$(MOZ_APP_UA_NAME) \
-        $(NULL)
-
-EXTRA_PP_JS_MODULES = \
-        SafeBrowsing.jsm \
-        $(NULL)
-endif
-
 include $(topsrcdir)/config/rules.mk

mobile/android/components/SafeBrowsing.jsm

@@ -1,182 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-this.EXPORTED_SYMBOLS = ["SafeBrowsing"];
-
-const Cc = Components.classes;
-const Ci = Components.interfaces;
-const Cu = Components.utils;
-
-Cu.import("resource://gre/modules/Services.jsm");
-
-const phishingList = "goog-phish-shavar";
-const malwareList  = "goog-malware-shavar";
-
-var debug = false;
-
-function log(...stuff) {
-  if (!debug)
-    return;
-
-  let msg = "SafeBrowsing: " + stuff.join(" ");
-  Services.console.logStringMessage(msg);
-  dump(msg + "\n");
-}
-
-this.SafeBrowsing = {
-
-  init: function() {
-    if (this.initialized) {
-      log("Already initialized");
-      return;
-    }
-
-    Services.prefs.addObserver("browser.safebrowsing", this.readPrefs, false);
-    this.readPrefs();
-
-    // Register our two types of tables, and add custom Mozilla entries
-    let listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].
-                      getService(Ci.nsIUrlListManager);
-    listManager.registerTable(phishingList, false);
-    listManager.registerTable(malwareList, false);
-    this.addMozEntries();
-
-    this.controlUpdateChecking();
-    this.initialized = true;
-
-    log("init() finished");
-  },
-
-
-  initialized:     false,
-  phishingEnabled: false,
-  malwareEnabled:  false,
-
-  updateURL:             null,
-  keyURL:                null,
-  gethashURL:            null,
-
-  reportURL:             null,
-  reportGenericURL:      null,
-  reportErrorURL:        null,
-  reportPhishURL:        null,
-  reportMalwareURL:      null,
-  reportMalwareErrorURL: null,
-
-
-  getReportURL: function(kind) {
-    return this["report"  + kind + "URL"];
-  },
-
-
-  readPrefs: function() {
-    log("reading prefs");
-
-    debug = Services.prefs.getBoolPref("browser.safebrowsing.debug");
-    this.phishingEnabled = Services.prefs.getBoolPref("browser.safebrowsing.enabled");
-    this.malwareEnabled  = Services.prefs.getBoolPref("browser.safebrowsing.malware.enabled");
-    this.updateProviderURLs();
-
-    // XXX The listManager backend gets confused if this is called before the
-    // lists are registered. So only call it here when a pref changes, and not
-    // when doing initialization. I expect to refactor this later, so pardon the hack.
-    if (this.initialized)
-      this.controlUpdateChecking();
-  },
-
-
-  updateProviderURLs: function() {
-#ifdef USE_HISTORIC_SAFEBROWSING_ID
-    let clientID = "navclient-auto-ffox";
-#else
-#expand    let clientID = __MOZ_APP_UA_NAME__;
-#endif
-
-    log("initializing safe browsing URLs");
-    let basePref = "browser.safebrowsing.";
-
-    // Urls to HTML report pages
-    this.reportURL             = Services.urlFormatter.formatURLPref(basePref + "reportURL");
-    this.reportGenericURL      = Services.urlFormatter.formatURLPref(basePref + "reportGenericURL");
-    this.reportErrorURL        = Services.urlFormatter.formatURLPref(basePref + "reportErrorURL");
-    this.reportPhishURL        = Services.urlFormatter.formatURLPref(basePref + "reportPhishURL");
-    this.reportMalwareURL      = Services.urlFormatter.formatURLPref(basePref + "reportMalwareURL");
-    this.reportMalwareErrorURL = Services.urlFormatter.formatURLPref(basePref + "reportMalwareErrorURL");
-
-    // Urls used to update DB
-    this.updateURL  = Services.urlFormatter.formatURLPref(basePref + "updateURL");
-    this.keyURL     = Services.urlFormatter.formatURLPref(basePref + "keyURL");
-    this.gethashURL = Services.urlFormatter.formatURLPref(basePref + "gethashURL");
-
-    this.updateURL  = this.updateURL.replace("SAFEBROWSING_ID", clientID);
-    this.keyURL     = this.keyURL.replace("SAFEBROWSING_ID", clientID);
-    this.gethashURL = this.gethashURL.replace("SAFEBROWSING_ID", clientID);
-
-    let listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].
-                      getService(Ci.nsIUrlListManager);
-
-    listManager.setUpdateUrl(this.updateURL);
-    // XXX Bug 779317 - setKeyUrl has the side effect of fetching a key from the server.
-    // This shouldn't happen if anti-phishing/anti-malware is disabled.
-    if (this.phishingEnabled || this.malwareEnabled)
-      listManager.setKeyUrl(this.keyURL);
-    listManager.setGethashUrl(this.gethashURL);
-  },
-
-
-  controlUpdateChecking: function() {
-    log("phishingEnabled:", this.phishingEnabled, "malwareEnabled:", this.malwareEnabled);
-
-    let listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].
-                      getService(Ci.nsIUrlListManager);
-
-    if (this.phishingEnabled)
-      listManager.enableUpdate(phishingList);
-    else
-      listManager.disableUpdate(phishingList);
-
-    if (this.malwareEnabled)
-      listManager.enableUpdate(malwareList);
-    else
-      listManager.disableUpdate(malwareList);
-  },
-
-
-  addMozEntries: function() {
-    // Add test entries to the DB.
-    // XXX bug 779008 - this could be done by DB itself?
-    const phishURL   = "mozilla.org/firefox/its-a-trap.html";
-    const malwareURL = "mozilla.org/firefox/its-an-attack.html";
-
-    let update = "n:1000\ni:test-malware-simple\nad:1\n" +
-                 "a:1:32:" + malwareURL.length + "\n" +
-                 malwareURL;
-    update += "n:1000\ni:test-phish-simple\nad:1\n" +
-              "a:1:32:" + phishURL.length + "\n" +
-              phishURL;
-    log("addMozEntries:", update);
-
-    let db = Cc["@mozilla.org/url-classifier/dbservice;1"].
-             getService(Ci.nsIUrlClassifierDBService);
-
-    // nsIUrlClassifierUpdateObserver
-    let dummyListener = {
-      updateUrlRequested: function() { },
-      streamFinished:     function() { },
-      updateError:        function() { },
-      updateSuccess:      function() { }
-    };
-
-    try {
-      db.beginUpdate(dummyListener, "test-malware-simple,test-phish-simple", "");
-      db.beginStream("", "");
-      db.updateStream(update);
-      db.finishStream();
-      db.finishUpdate();
-    } catch(ex) {
-      // beginUpdate will throw harmlessly if there's an existing update in progress, ignore failures.
-      log("addMozEntries failed!", ex);
-    }
-  },
-};

toolkit/components/url-classifier/Makefile.in

@@ -18,14 +18,6 @@ LIBXUL_LIBRARY = 1
 FORCE_STATIC_LIB = 1
 FAIL_ON_WARNINGS = 1
 
-# Normally the "client ID" sent in updates is appinfo.name, but for
-# official Firefox releases from Mozilla we use a special identifier.
-ifdef MOZILLA_OFFICIAL
-ifdef MOZ_PHOENIX
-DEFINES += -DUSE_HISTORIC_SAFEBROWSING_ID=1
-endif
-endif
-
 XPIDLSRCS = \
   nsIUrlClassifierDBService.idl \
   nsIUrlClassifierHashCompleter.idl \
@@ -65,7 +57,7 @@ EXTRA_PP_COMPONENTS = \
   nsUrlClassifierListManager.js \
   $(NULL)
 
-EXTRA_PP_JS_MODULES = \
+EXTRA_JS_MODULES = \
   SafeBrowsing.jsm \
   $(NULL)
 

toolkit/components/url-classifier/SafeBrowsing.jsm

@@ -86,11 +86,11 @@ this.SafeBrowsing = {
 
 
   updateProviderURLs: function() {
-#ifdef USE_HISTORIC_SAFEBROWSING_ID
+    try {
-    let clientID = "navclient-auto-ffox";
+      var clientID = Services.prefs.getCharPref("browser.safebrowsing.id");
-#else
+    } catch(e) {
-    let clientID = Services.appinfo.name;
+      var clientID = Services.appinfo.name;
-#endif
+    }
 
     log("initializing safe browsing URLs");
     let basePref = "browser.safebrowsing.";