зеркало из https://github.com/mozilla/gecko-dev.git
Bug 741808 - Make using the URL classifier possible in Fennec. r=mfinkle
This commit is contained in:
Родитель
9d307cccc3
Коммит
f58aa0a7d7
|
@ -534,33 +534,22 @@ pref("image.mem.min_discard_timeout_ms", 10000);
|
||||||
pref("dom.w3c_touch_events.enabled", true);
|
pref("dom.w3c_touch_events.enabled", true);
|
||||||
|
|
||||||
#ifdef MOZ_SAFE_BROWSING
|
#ifdef MOZ_SAFE_BROWSING
|
||||||
// Safe browsing does nothing unless this pref is set
|
pref("browser.safebrowsing.enabled", false);
|
||||||
pref("browser.safebrowsing.enabled", true);
|
pref("browser.safebrowsing.malware.enabled", false);
|
||||||
|
pref("browser.safebrowsing.debug", false);
|
||||||
|
|
||||||
// Prevent loading of pages identified as malware
|
pref("browser.safebrowsing.updateURL", "http://safebrowsing.clients.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=%VERSION%&pver=2.2");
|
||||||
pref("browser.safebrowsing.malware.enabled", true);
|
pref("browser.safebrowsing.keyURL", "https://sb-ssl.google.com/safebrowsing/newkey?client=SAFEBROWSING_ID&appver=%VERSION%&pver=2.2");
|
||||||
|
pref("browser.safebrowsing.gethashURL", "http://safebrowsing.clients.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=%VERSION%&pver=2.2");
|
||||||
|
pref("browser.safebrowsing.reportURL", "http://safebrowsing.clients.google.com/safebrowsing/report?");
|
||||||
|
pref("browser.safebrowsing.reportGenericURL", "http://%LOCALE%.phish-generic.mozilla.com/?hl=%LOCALE%");
|
||||||
|
pref("browser.safebrowsing.reportErrorURL", "http://%LOCALE%.phish-error.mozilla.com/?hl=%LOCALE%");
|
||||||
|
pref("browser.safebrowsing.reportPhishURL", "http://%LOCALE%.phish-report.mozilla.com/?hl=%LOCALE%");
|
||||||
|
pref("browser.safebrowsing.reportMalwareURL", "http://%LOCALE%.malware-report.mozilla.com/?hl=%LOCALE%");
|
||||||
|
pref("browser.safebrowsing.reportMalwareErrorURL", "http://%LOCALE%.malware-error.mozilla.com/?hl=%LOCALE%");
|
||||||
|
|
||||||
// Non-enhanced mode (local url lists) URL list to check for updates
|
pref("browser.safebrowsing.warning.infoURL", "http://www.mozilla.com/%LOCALE%/firefox/phishing-protection/");
|
||||||
pref("browser.safebrowsing.provider.0.updateURL", "http://safebrowsing.clients.google.com/safebrowsing/downloads?client={moz:client}&appver={moz:version}&pver=2.2");
|
pref("browser.safebrowsing.malware.reportURL", "http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=%NAME%&hl=%LOCALE%&site=");
|
||||||
|
|
||||||
pref("browser.safebrowsing.dataProvider", 0);
|
|
||||||
|
|
||||||
// Does the provider name need to be localizable?
|
|
||||||
pref("browser.safebrowsing.provider.0.name", "Google");
|
|
||||||
pref("browser.safebrowsing.provider.0.keyURL", "https://sb-ssl.google.com/safebrowsing/newkey?client={moz:client}&appver={moz:version}&pver=2.2");
|
|
||||||
pref("browser.safebrowsing.provider.0.reportURL", "http://safebrowsing.clients.google.com/safebrowsing/report?");
|
|
||||||
pref("browser.safebrowsing.provider.0.gethashURL", "http://safebrowsing.clients.google.com/safebrowsing/gethash?client={moz:client}&appver={moz:version}&pver=2.2");
|
|
||||||
|
|
||||||
// HTML report pages
|
|
||||||
pref("browser.safebrowsing.provider.0.reportGenericURL", "http://{moz:locale}.phish-generic.mozilla.com/?hl={moz:locale}");
|
|
||||||
pref("browser.safebrowsing.provider.0.reportErrorURL", "http://{moz:locale}.phish-error.mozilla.com/?hl={moz:locale}");
|
|
||||||
pref("browser.safebrowsing.provider.0.reportPhishURL", "http://{moz:locale}.phish-report.mozilla.com/?hl={moz:locale}");
|
|
||||||
pref("browser.safebrowsing.provider.0.reportMalwareURL", "http://{moz:locale}.malware-report.mozilla.com/?hl={moz:locale}");
|
|
||||||
pref("browser.safebrowsing.provider.0.reportMalwareErrorURL", "http://{moz:locale}.malware-error.mozilla.com/?hl={moz:locale}");
|
|
||||||
|
|
||||||
// FAQ URLs
|
|
||||||
pref("browser.safebrowsing.warning.infoURL", "http://www.mozilla.com/%LOCALE%/%APP%/phishing-protection/");
|
|
||||||
pref("browser.geolocation.warning.infoURL", "http://www.mozilla.com/%LOCALE%/%APP%/geolocation/");
|
|
||||||
|
|
||||||
// Name of the about: page contributed by safebrowsing to handle display of error
|
// Name of the about: page contributed by safebrowsing to handle display of error
|
||||||
// pages on phishing/malware hits. (bug 399233)
|
// pages on phishing/malware hits. (bug 399233)
|
||||||
|
@ -569,6 +558,9 @@ pref("urlclassifier.alternate_error_page", "blocked");
|
||||||
// The number of random entries to send with a gethash request.
|
// The number of random entries to send with a gethash request.
|
||||||
pref("urlclassifier.gethashnoise", 4);
|
pref("urlclassifier.gethashnoise", 4);
|
||||||
|
|
||||||
|
// Randomize all UrlClassifier data with a per-client key.
|
||||||
|
pref("urlclassifier.randomizeclient", true);
|
||||||
|
|
||||||
// The list of tables that use the gethash request to confirm partial results.
|
// The list of tables that use the gethash request to confirm partial results.
|
||||||
pref("urlclassifier.gethashtables", "goog-phish-shavar,goog-malware-shavar");
|
pref("urlclassifier.gethashtables", "goog-phish-shavar,goog-malware-shavar");
|
||||||
|
|
||||||
|
@ -576,9 +568,6 @@ pref("urlclassifier.gethashtables", "goog-phish-shavar,goog-malware-shavar");
|
||||||
// a gethash request will be forced to check that the result is still in
|
// a gethash request will be forced to check that the result is still in
|
||||||
// the database.
|
// the database.
|
||||||
pref("urlclassifier.confirm-age", 2700);
|
pref("urlclassifier.confirm-age", 2700);
|
||||||
|
|
||||||
// URL for checking the reason for a malware warning.
|
|
||||||
pref("browser.safebrowsing.malware.reportURL", "http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=%NAME%&hl=%LOCALE%&site=");
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
// True if this is the first time we are showing about:firstrun
|
// True if this is the first time we are showing about:firstrun
|
||||||
|
|
|
@ -86,6 +86,11 @@ public class DoorHanger extends LinearLayout implements Button.OnClickListener {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Enable the button layout if we have buttons.
|
||||||
|
if (buttons.length() > 0) {
|
||||||
|
mChoicesLayout.setVisibility(LinearLayout.VISIBLE);
|
||||||
|
}
|
||||||
|
|
||||||
setOptions(options);
|
setOptions(options);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -24,6 +24,7 @@
|
||||||
style="@android:style/ButtonBar"
|
style="@android:style/ButtonBar"
|
||||||
android:layout_width="fill_parent"
|
android:layout_width="fill_parent"
|
||||||
android:layout_height="wrap_content"
|
android:layout_height="wrap_content"
|
||||||
android:orientation="horizontal"/>
|
android:orientation="horizontal"
|
||||||
|
android:visibility="gone"/>
|
||||||
|
|
||||||
</merge>
|
</merge>
|
||||||
|
|
|
@ -119,8 +119,6 @@
|
||||||
el = document.getElementById("errorLongDescText_malware");
|
el = document.getElementById("errorLongDescText_malware");
|
||||||
el.parentNode.removeChild(el);
|
el.parentNode.removeChild(el);
|
||||||
|
|
||||||
// Set sitename
|
|
||||||
document.getElementById("phishing_sitename").textContent = getHostString();
|
|
||||||
document.title = document.getElementById("errorTitleText_phishing")
|
document.title = document.getElementById("errorTitleText_phishing")
|
||||||
.innerHTML;
|
.innerHTML;
|
||||||
}
|
}
|
||||||
|
@ -134,7 +132,6 @@
|
||||||
-moz-appearance: none;
|
-moz-appearance: none;
|
||||||
background: transparent;
|
background: transparent;
|
||||||
border: none;
|
border: none;
|
||||||
color: white; /* Hard coded because netError.css forces this page's background to dark red */
|
|
||||||
text-decoration: underline;
|
text-decoration: underline;
|
||||||
margin: 0;
|
margin: 0;
|
||||||
padding: 0;
|
padding: 0;
|
||||||
|
@ -181,6 +178,9 @@
|
||||||
<button id="reportButton">&safeb.palm.reportPage.label;</button>
|
<button id="reportButton">&safeb.palm.reportPage.label;</button>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
<div id="ignoreWarning">
|
||||||
|
<button id="ignoreWarningButton">&safeb.palm.decline.label;</button>
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<!--
|
<!--
|
||||||
- Note: It is important to run the script this way, instead of using
|
- Note: It is important to run the script this way, instead of using
|
||||||
|
|
|
@ -32,6 +32,14 @@ XPCOMUtils.defineLazyGetter(this, "NetUtil", function() {
|
||||||
return NetUtil;
|
return NetUtil;
|
||||||
});
|
});
|
||||||
|
|
||||||
|
#ifdef MOZ_SAFE_BROWSING
|
||||||
|
XPCOMUtils.defineLazyGetter(this, "SafeBrowsing", function() {
|
||||||
|
let tmp = {};
|
||||||
|
Cu.import("resource://gre/modules/SafeBrowsing.jsm", tmp);
|
||||||
|
return tmp.SafeBrowsing;
|
||||||
|
});
|
||||||
|
#endif
|
||||||
|
|
||||||
// Lazily-loaded browser scripts:
|
// Lazily-loaded browser scripts:
|
||||||
[
|
[
|
||||||
["HelperApps", "chrome://browser/content/HelperApps.js"],
|
["HelperApps", "chrome://browser/content/HelperApps.js"],
|
||||||
|
@ -344,6 +352,11 @@ var BrowserApp = {
|
||||||
"value": Services.prefs.getBoolPref("gfx.show_checkerboard_pattern")
|
"value": Services.prefs.getBoolPref("gfx.show_checkerboard_pattern")
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
|
#ifdef MOZ_SAFE_BROWSING
|
||||||
|
// Bug 778855 - Perf regression if we do this here. To be addressed in bug 779008.
|
||||||
|
setTimeout(function() { SafeBrowsing.init(); }, 2000);
|
||||||
|
#endif
|
||||||
},
|
},
|
||||||
|
|
||||||
isAppUpdated: function() {
|
isAppUpdated: function() {
|
||||||
|
@ -4213,6 +4226,59 @@ var ErrorPageEventHandler = {
|
||||||
} else if (target == errorDoc.getElementById("getMeOutOfHereButton")) {
|
} else if (target == errorDoc.getElementById("getMeOutOfHereButton")) {
|
||||||
errorDoc.location = "about:home";
|
errorDoc.location = "about:home";
|
||||||
}
|
}
|
||||||
|
} else if (/^about:blocked/.test(errorDoc.documentURI)) {
|
||||||
|
let secHistogram = Cc["@mozilla.org/base/telemetry;1"].getService(Ci.nsITelemetry).getHistogramById("SECURITY_UI");
|
||||||
|
|
||||||
|
// The event came from a button on a malware/phishing block page
|
||||||
|
// First check whether it's malware or phishing, so that we can
|
||||||
|
// use the right strings/links
|
||||||
|
let isMalware = /e=malwareBlocked/.test(errorDoc.documentURI);
|
||||||
|
let bucketName = isMalware ? "WARNING_MALWARE_PAGE_" : "WARNING_PHISHING_PAGE_";
|
||||||
|
let nsISecTel = Ci.nsISecurityUITelemetry;
|
||||||
|
|
||||||
|
let formatter = Cc["@mozilla.org/toolkit/URLFormatterService;1"].getService(Ci.nsIURLFormatter);
|
||||||
|
|
||||||
|
if (target == errorDoc.getElementById("getMeOutButton")) {
|
||||||
|
secHistogram.add(nsISecTel[bucketName + "GET_ME_OUT_OF_HERE"]);
|
||||||
|
errorDoc.location = "about:home";
|
||||||
|
} else if (target == errorDoc.getElementById("reportButton")) {
|
||||||
|
// We log even if malware/phishing info URL couldn't be found:
|
||||||
|
// the measurement is for how many users clicked the WHY BLOCKED button
|
||||||
|
secHistogram.add(nsISecTel[bucketName + "WHY_BLOCKED"]);
|
||||||
|
|
||||||
|
// This is the "Why is this site blocked" button. For malware,
|
||||||
|
// we can fetch a site-specific report, for phishing, we redirect
|
||||||
|
// to the generic page describing phishing protection.
|
||||||
|
if (isMalware) {
|
||||||
|
// Get the stop badware "why is this blocked" report url, append the current url, and go there.
|
||||||
|
try {
|
||||||
|
let reportURL = formatter.formatURLPref("browser.safebrowsing.malware.reportURL");
|
||||||
|
reportURL += errorDoc.location.href;
|
||||||
|
BrowserApp.selectedBrowser.loadURI(reportURL);
|
||||||
|
} catch (e) {
|
||||||
|
Cu.reportError("Couldn't get malware report URL: " + e);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
// It's a phishing site, not malware. (There's no report URL)
|
||||||
|
try {
|
||||||
|
let reportURL = formatter.formatURLPref("browser.safebrowsing.warning.infoURL");
|
||||||
|
BrowserApp.selectedBrowser.loadURI(reportURL);
|
||||||
|
} catch (e) {
|
||||||
|
Cu.reportError("Couldn't get phishing info URL: " + e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} else if (target == errorDoc.getElementById("ignoreWarningButton")) {
|
||||||
|
secHistogram.add(nsISecTel[bucketName + "IGNORE_WARNING"]);
|
||||||
|
|
||||||
|
// Allow users to override and continue through to the site,
|
||||||
|
let webNav = BrowserApp.selectedBrowser.docShell.QueryInterface(Ci.nsIWebNavigation);
|
||||||
|
let location = BrowserApp.selectedBrowser.contentWindow.location;
|
||||||
|
webNav.loadURI(location, Ci.nsIWebNavigation.LOAD_FLAGS_BYPASS_CLASSIFIER, null, null, null);
|
||||||
|
|
||||||
|
// ....but add a notify bar as a reminder, so that they don't lose
|
||||||
|
// track after, e.g., tab switching.
|
||||||
|
NativeWindow.doorhanger.show(Strings.browser.GetStringFromName("safeBrowsingDoorhanger"), "safebrowsing-warning", [], BrowserApp.selectedTab.id);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
|
@ -40,7 +40,13 @@ EXTRA_COMPONENTS = \
|
||||||
$(NULL)
|
$(NULL)
|
||||||
|
|
||||||
ifdef MOZ_SAFE_BROWSING
|
ifdef MOZ_SAFE_BROWSING
|
||||||
EXTRA_COMPONENTS += SafeBrowsing.js
|
DEFINES += \
|
||||||
|
-DMOZ_APP_UA_NAME=$(MOZ_APP_UA_NAME) \
|
||||||
|
$(NULL)
|
||||||
|
|
||||||
|
EXTRA_PP_JS_MODULES = \
|
||||||
|
SafeBrowsing.jsm \
|
||||||
|
$(NULL)
|
||||||
endif
|
endif
|
||||||
|
|
||||||
include $(topsrcdir)/config/rules.mk
|
include $(topsrcdir)/config/rules.mk
|
||||||
|
|
|
@ -89,10 +89,3 @@ contract @mozilla.org/login-manager/prompter;1 {97d12931-abe2-11df-94e2-0800200c
|
||||||
component {4e6ea350-b09a-11df-94e2-0800200c9a66} BlocklistPrompt.js
|
component {4e6ea350-b09a-11df-94e2-0800200c9a66} BlocklistPrompt.js
|
||||||
contract @mozilla.org/addons/blocklist-prompt;1 {4e6ea350-b09a-11df-94e2-0800200c9a66}
|
contract @mozilla.org/addons/blocklist-prompt;1 {4e6ea350-b09a-11df-94e2-0800200c9a66}
|
||||||
|
|
||||||
#ifdef MOZ_SAFE_BROWSING
|
|
||||||
# SafeBrowsing.js
|
|
||||||
component {aadaed90-6c03-42d0-924a-fc61198ff283} SafeBrowsing.js
|
|
||||||
contract @mozilla.org/safebrowsing/application;1 {aadaed90-6c03-42d0-924a-fc61198ff283}
|
|
||||||
category app-startup SafeBrowsing service,@mozilla.org/safebrowsing/application;1
|
|
||||||
#endif
|
|
||||||
|
|
||||||
|
|
|
@ -1,168 +0,0 @@
|
||||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
||||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
||||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
||||||
|
|
||||||
const Cc = Components.classes;
|
|
||||||
const Ci = Components.interfaces;
|
|
||||||
const Cu = Components.utils;
|
|
||||||
const Cr = Components.results;
|
|
||||||
|
|
||||||
Cu.import("resource://gre/modules/XPCOMUtils.jsm");
|
|
||||||
Cu.import("resource://gre/modules/Services.jsm");
|
|
||||||
|
|
||||||
const kPhishWardenEnabledPref = "browser.safebrowsing.enabled";
|
|
||||||
const kMalwareWardenEnabledPref = "browser.safebrowsing.malware.enabled";
|
|
||||||
|
|
||||||
// This XPCOM object doesn't have a public interface. It just works quietly in the background
|
|
||||||
function SafeBrowsing() {
|
|
||||||
this.listManager = null;
|
|
||||||
|
|
||||||
// Once we register tables, their respective names will be listed here.
|
|
||||||
this.phishing = {
|
|
||||||
pref: kPhishWardenEnabledPref,
|
|
||||||
blackTables: [],
|
|
||||||
whiteTables: []
|
|
||||||
};
|
|
||||||
this.malware = {
|
|
||||||
pref: kMalwareWardenEnabledPref,
|
|
||||||
blackTables: [],
|
|
||||||
whiteTables: []
|
|
||||||
};
|
|
||||||
|
|
||||||
// Get notifications when the phishing or malware warden enabled pref changes
|
|
||||||
Services.prefs.addObserver(kPhishWardenEnabledPref, this, true);
|
|
||||||
Services.prefs.addObserver(kMalwareWardenEnabledPref, this, true);
|
|
||||||
}
|
|
||||||
|
|
||||||
SafeBrowsing.prototype = {
|
|
||||||
classID: Components.ID("{aadaed90-6c03-42d0-924a-fc61198ff283}"),
|
|
||||||
|
|
||||||
QueryInterface: XPCOMUtils.generateQI([Ci.nsISessionStore,
|
|
||||||
Ci.nsIDOMEventListener,
|
|
||||||
Ci.nsIObserver,
|
|
||||||
Ci.nsISupportsWeakReference]),
|
|
||||||
|
|
||||||
observe: function sb_observe(aSubject, aTopic, aData) {
|
|
||||||
switch (aTopic) {
|
|
||||||
case "app-startup":
|
|
||||||
Services.obs.addObserver(this, "final-ui-startup", true);
|
|
||||||
Services.obs.addObserver(this, "xpcom-shutdown", true);
|
|
||||||
break;
|
|
||||||
case "final-ui-startup":
|
|
||||||
Services.obs.removeObserver(this, "final-ui-startup");
|
|
||||||
this._startup();
|
|
||||||
break;
|
|
||||||
case "xpcom-shutdown":
|
|
||||||
Services.obs.removeObserver(this, "xpcom-shutdown");
|
|
||||||
this._shutdown();
|
|
||||||
break;
|
|
||||||
case "nsPref:changed":
|
|
||||||
if (aData == kPhishWardenEnabledPref)
|
|
||||||
this.maybeToggleUpdateChecking(this.phishing);
|
|
||||||
else if (aData == kMalwareWardenEnabledPref)
|
|
||||||
this.maybeToggleUpdateChecking(this.malware);
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
},
|
|
||||||
|
|
||||||
_startup: function sb_startup() {
|
|
||||||
this.listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].getService(Ci.nsIUrlListManager);
|
|
||||||
|
|
||||||
// Add a test chunk to the database
|
|
||||||
let testData = "mozilla.org/firefox/its-an-attack.html";
|
|
||||||
let testUpdate =
|
|
||||||
"n:1000\ni:test-malware-simple\nad:1\n" +
|
|
||||||
"a:1:32:" + testData.length + "\n" +
|
|
||||||
testData;
|
|
||||||
|
|
||||||
testData = "mozilla.org/firefox/its-a-trap.html";
|
|
||||||
testUpdate +=
|
|
||||||
"n:1000\ni:test-phish-simple\nad:1\n" +
|
|
||||||
"a:1:32:" + testData.length + "\n" +
|
|
||||||
testData;
|
|
||||||
|
|
||||||
let dbService = Cc["@mozilla.org/url-classifier/dbservice;1"].getService(Ci.nsIUrlClassifierDBService);
|
|
||||||
|
|
||||||
let listener = {
|
|
||||||
QueryInterface: function(aIID) {
|
|
||||||
if (aIID.equals(Ci.nsISupports) || aIID.equals(Ci.nsIUrlClassifierUpdateObserver))
|
|
||||||
return this;
|
|
||||||
throw Cr.NS_ERROR_NO_INTERFACE;
|
|
||||||
},
|
|
||||||
|
|
||||||
updateUrlRequested: function(aURL) { },
|
|
||||||
streamFinished: function(aStatus) { },
|
|
||||||
updateError: function(aErrorCode) { },
|
|
||||||
updateSuccess: function(aRequestedTimeout) { }
|
|
||||||
};
|
|
||||||
|
|
||||||
try {
|
|
||||||
dbService.beginUpdate(listener, "test-malware-simple,test-phish-simple", "");
|
|
||||||
dbService.beginStream("", "");
|
|
||||||
dbService.updateStream(testUpdate);
|
|
||||||
dbService.finishStream();
|
|
||||||
dbService.finishUpdate();
|
|
||||||
} catch(ex) {}
|
|
||||||
|
|
||||||
this.registerBlackTable("goog-malware-shavar", this.malware);
|
|
||||||
this.maybeToggleUpdateChecking(this.malware);
|
|
||||||
|
|
||||||
this.registerBlackTable("goog-phish-shavar", this.phishing);
|
|
||||||
this.maybeToggleUpdateChecking(this.phishing);
|
|
||||||
},
|
|
||||||
|
|
||||||
_shutdown: function sb_shutdown() {
|
|
||||||
Services.prefs.removeObserver(kPhishWardenEnabledPref, this);
|
|
||||||
Services.prefs.removeObserver(kMalwareWardenEnabledPref, this);
|
|
||||||
|
|
||||||
this.listManager = null;
|
|
||||||
},
|
|
||||||
|
|
||||||
enableBlacklistTableUpdates: function sb_enableBlacklistTableUpdates(aWarden) {
|
|
||||||
for (let i = 0; i < aWarden.blackTables.length; ++i) {
|
|
||||||
this.listManager.enableUpdate(aWarden.blackTables[i]);
|
|
||||||
}
|
|
||||||
},
|
|
||||||
|
|
||||||
disableBlacklistTableUpdates: function sb_disableBlacklistTableUpdates(aWarden) {
|
|
||||||
for (let i = 0; i < aWarden.blackTables.length; ++i) {
|
|
||||||
this.listManager.disableUpdate(aWarden.blackTables[i]);
|
|
||||||
}
|
|
||||||
},
|
|
||||||
|
|
||||||
enableWhitelistTableUpdates: function sb_enableWhitelistTableUpdates(aWarden) {
|
|
||||||
for (let i = 0; i < this.whiteTables.length; ++i) {
|
|
||||||
this.listManager.enableUpdate(this.whiteTables[i]);
|
|
||||||
}
|
|
||||||
},
|
|
||||||
|
|
||||||
disableWhitelistTableUpdates: function sb_disableWhitelistTableUpdates(aWarden) {
|
|
||||||
for (let i = 0; i < aWarden.whiteTables.length; ++i) {
|
|
||||||
this.listManager.disableUpdate(aWarden.whiteTables[i]);
|
|
||||||
}
|
|
||||||
},
|
|
||||||
|
|
||||||
registerBlackTable: function sb_registerBlackTable(aTableName, aWarden) {
|
|
||||||
let result = this.listManager.registerTable(aTableName, false);
|
|
||||||
if (result)
|
|
||||||
aWarden.blackTables.push(aTableName);
|
|
||||||
return result;
|
|
||||||
},
|
|
||||||
|
|
||||||
registerWhiteTable: function sb_registerWhiteTable(aTableName, aWarden) {
|
|
||||||
let result = this.listManager.registerTable(aTableName, false);
|
|
||||||
if (result)
|
|
||||||
aWarden.whiteTables.push(aTableName);
|
|
||||||
return result;
|
|
||||||
},
|
|
||||||
|
|
||||||
maybeToggleUpdateChecking: function sb_maybeToggleUpdateChecking(aWarden) {
|
|
||||||
let enabled = Services.prefs.getBoolPref(aWarden.pref);
|
|
||||||
if (enabled)
|
|
||||||
this.enableBlacklistTableUpdates(aWarden);
|
|
||||||
else
|
|
||||||
this.disableBlacklistTableUpdates(aWarden);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
const NSGetFactory = XPCOMUtils.generateNSGetFactory([SafeBrowsing]);
|
|
|
@ -0,0 +1,182 @@
|
||||||
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||||
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||||
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||||
|
|
||||||
|
var EXPORTED_SYMBOLS = ["SafeBrowsing"];
|
||||||
|
|
||||||
|
const Cc = Components.classes;
|
||||||
|
const Ci = Components.interfaces;
|
||||||
|
const Cu = Components.utils;
|
||||||
|
|
||||||
|
Cu.import("resource://gre/modules/Services.jsm");
|
||||||
|
|
||||||
|
const phishingList = "goog-phish-shavar";
|
||||||
|
const malwareList = "goog-malware-shavar";
|
||||||
|
|
||||||
|
var debug = false;
|
||||||
|
|
||||||
|
function log(...stuff) {
|
||||||
|
if (!debug)
|
||||||
|
return;
|
||||||
|
|
||||||
|
let msg = "SafeBrowsing: " + stuff.join(" ");
|
||||||
|
Services.console.logStringMessage(msg);
|
||||||
|
dump(msg + "\n");
|
||||||
|
}
|
||||||
|
|
||||||
|
var SafeBrowsing = {
|
||||||
|
|
||||||
|
init: function() {
|
||||||
|
if (this.initialized) {
|
||||||
|
log("Already initialized");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
Services.prefs.addObserver("browser.safebrowsing", this.readPrefs, false);
|
||||||
|
this.readPrefs();
|
||||||
|
|
||||||
|
// Register our two types of tables, and add custom Mozilla entries
|
||||||
|
let listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].
|
||||||
|
getService(Ci.nsIUrlListManager);
|
||||||
|
listManager.registerTable(phishingList, false);
|
||||||
|
listManager.registerTable(malwareList, false);
|
||||||
|
this.addMozEntries();
|
||||||
|
|
||||||
|
this.controlUpdateChecking();
|
||||||
|
this.initialized = true;
|
||||||
|
|
||||||
|
log("init() finished");
|
||||||
|
},
|
||||||
|
|
||||||
|
|
||||||
|
initialized: false,
|
||||||
|
phishingEnabled: false,
|
||||||
|
malwareEnabled: false,
|
||||||
|
|
||||||
|
updateURL: null,
|
||||||
|
keyURL: null,
|
||||||
|
gethashURL: null,
|
||||||
|
|
||||||
|
reportURL: null,
|
||||||
|
reportGenericURL: null,
|
||||||
|
reportErrorURL: null,
|
||||||
|
reportPhishURL: null,
|
||||||
|
reportMalwareURL: null,
|
||||||
|
reportMalwareErrorURL: null,
|
||||||
|
|
||||||
|
|
||||||
|
getReportURL: function(kind) {
|
||||||
|
return this["report" + kind + "URL"];
|
||||||
|
},
|
||||||
|
|
||||||
|
|
||||||
|
readPrefs: function() {
|
||||||
|
log("reading prefs");
|
||||||
|
|
||||||
|
debug = Services.prefs.getBoolPref("browser.safebrowsing.debug");
|
||||||
|
this.phishingEnabled = Services.prefs.getBoolPref("browser.safebrowsing.enabled");
|
||||||
|
this.malwareEnabled = Services.prefs.getBoolPref("browser.safebrowsing.malware.enabled");
|
||||||
|
this.updateProviderURLs();
|
||||||
|
|
||||||
|
// XXX The listManager backend gets confused if this is called before the
|
||||||
|
// lists are registered. So only call it here when a pref changes, and not
|
||||||
|
// when doing initialization. I expect to refactor this later, so pardon the hack.
|
||||||
|
if (this.initialized)
|
||||||
|
this.controlUpdateChecking();
|
||||||
|
},
|
||||||
|
|
||||||
|
|
||||||
|
updateProviderURLs: function() {
|
||||||
|
#ifdef USE_HISTORIC_SAFEBROWSING_ID
|
||||||
|
let clientID = "navclient-auto-ffox";
|
||||||
|
#else
|
||||||
|
#expand let clientID = __MOZ_APP_UA_NAME__;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
log("initializing safe browsing URLs");
|
||||||
|
let basePref = "browser.safebrowsing.";
|
||||||
|
|
||||||
|
// Urls to HTML report pages
|
||||||
|
this.reportURL = Services.urlFormatter.formatURLPref(basePref + "reportURL");
|
||||||
|
this.reportGenericURL = Services.urlFormatter.formatURLPref(basePref + "reportGenericURL");
|
||||||
|
this.reportErrorURL = Services.urlFormatter.formatURLPref(basePref + "reportErrorURL");
|
||||||
|
this.reportPhishURL = Services.urlFormatter.formatURLPref(basePref + "reportPhishURL");
|
||||||
|
this.reportMalwareURL = Services.urlFormatter.formatURLPref(basePref + "reportMalwareURL");
|
||||||
|
this.reportMalwareErrorURL = Services.urlFormatter.formatURLPref(basePref + "reportMalwareErrorURL");
|
||||||
|
|
||||||
|
// Urls used to update DB
|
||||||
|
this.updateURL = Services.urlFormatter.formatURLPref(basePref + "updateURL");
|
||||||
|
this.keyURL = Services.urlFormatter.formatURLPref(basePref + "keyURL");
|
||||||
|
this.gethashURL = Services.urlFormatter.formatURLPref(basePref + "gethashURL");
|
||||||
|
|
||||||
|
this.updateURL = this.updateURL.replace("SAFEBROWSING_ID", clientID);
|
||||||
|
this.keyURL = this.keyURL.replace("SAFEBROWSING_ID", clientID);
|
||||||
|
this.gethashURL = this.gethashURL.replace("SAFEBROWSING_ID", clientID);
|
||||||
|
|
||||||
|
let listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].
|
||||||
|
getService(Ci.nsIUrlListManager);
|
||||||
|
|
||||||
|
listManager.setUpdateUrl(this.updateURL);
|
||||||
|
// XXX Bug 779317 - setKeyUrl has the side effect of fetching a key from the server.
|
||||||
|
// This shouldn't happen if anti-phishing/anti-malware is disabled.
|
||||||
|
if (this.phishingEnabled || this.malwareEnabled)
|
||||||
|
listManager.setKeyUrl(this.keyURL);
|
||||||
|
listManager.setGethashUrl(this.gethashURL);
|
||||||
|
},
|
||||||
|
|
||||||
|
|
||||||
|
controlUpdateChecking: function() {
|
||||||
|
log("phishingEnabled:", this.phishingEnabled, "malwareEnabled:", this.malwareEnabled);
|
||||||
|
|
||||||
|
let listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].
|
||||||
|
getService(Ci.nsIUrlListManager);
|
||||||
|
|
||||||
|
if (this.phishingEnabled)
|
||||||
|
listManager.enableUpdate(phishingList);
|
||||||
|
else
|
||||||
|
listManager.disableUpdate(phishingList);
|
||||||
|
|
||||||
|
if (this.malwareEnabled)
|
||||||
|
listManager.enableUpdate(malwareList);
|
||||||
|
else
|
||||||
|
listManager.disableUpdate(malwareList);
|
||||||
|
},
|
||||||
|
|
||||||
|
|
||||||
|
addMozEntries: function() {
|
||||||
|
// Add test entries to the DB.
|
||||||
|
// XXX bug 779008 - this could be done by DB itself?
|
||||||
|
const phishURL = "mozilla.org/firefox/its-a-trap.html";
|
||||||
|
const malwareURL = "mozilla.org/firefox/its-an-attack.html";
|
||||||
|
|
||||||
|
let update = "n:1000\ni:test-malware-simple\nad:1\n" +
|
||||||
|
"a:1:32:" + malwareURL.length + "\n" +
|
||||||
|
malwareURL;
|
||||||
|
update += "n:1000\ni:test-phish-simple\nad:1\n" +
|
||||||
|
"a:1:32:" + phishURL.length + "\n" +
|
||||||
|
phishURL;
|
||||||
|
log("addMozEntries:", update);
|
||||||
|
|
||||||
|
let db = Cc["@mozilla.org/url-classifier/dbservice;1"].
|
||||||
|
getService(Ci.nsIUrlClassifierDBService);
|
||||||
|
|
||||||
|
// nsIUrlClassifierUpdateObserver
|
||||||
|
let dummyListener = {
|
||||||
|
updateUrlRequested: function() { },
|
||||||
|
streamFinished: function() { },
|
||||||
|
updateError: function() { },
|
||||||
|
updateSuccess: function() { }
|
||||||
|
};
|
||||||
|
|
||||||
|
try {
|
||||||
|
db.beginUpdate(dummyListener, "test-malware-simple,test-phish-simple", "");
|
||||||
|
db.beginStream("", "");
|
||||||
|
db.updateStream(update);
|
||||||
|
db.finishStream();
|
||||||
|
db.finishUpdate();
|
||||||
|
} catch(ex) {
|
||||||
|
// beginUpdate will throw harmlessly if there's an existing update in progress, ignore failures.
|
||||||
|
log("addMozEntries failed!", ex);
|
||||||
|
}
|
||||||
|
},
|
||||||
|
};
|
|
@ -12,7 +12,7 @@ MOZ_BRANDING_DIRECTORY=mobile/android/branding/unofficial
|
||||||
MOZ_OFFICIAL_BRANDING_DIRECTORY=mobile/android/branding/official
|
MOZ_OFFICIAL_BRANDING_DIRECTORY=mobile/android/branding/official
|
||||||
# MOZ_APP_DISPLAYNAME is set by branding/configure.sh
|
# MOZ_APP_DISPLAYNAME is set by branding/configure.sh
|
||||||
|
|
||||||
MOZ_SAFE_BROWSING=
|
MOZ_SAFE_BROWSING=1
|
||||||
|
|
||||||
MOZ_DISABLE_DOMCRYPTO=1
|
MOZ_DISABLE_DOMCRYPTO=1
|
||||||
|
|
||||||
|
|
|
@ -357,12 +357,14 @@
|
||||||
; Modules
|
; Modules
|
||||||
@BINPATH@/modules/*
|
@BINPATH@/modules/*
|
||||||
|
|
||||||
|
#ifdef MOZ_SAFE_BROWSING
|
||||||
; Safe Browsing
|
; Safe Browsing
|
||||||
@BINPATH@/components/nsURLClassifier.manifest
|
@BINPATH@/components/nsURLClassifier.manifest
|
||||||
@BINPATH@/components/nsUrlClassifierHashCompleter.js
|
@BINPATH@/components/nsUrlClassifierHashCompleter.js
|
||||||
@BINPATH@/components/nsUrlClassifierListManager.js
|
@BINPATH@/components/nsUrlClassifierListManager.js
|
||||||
@BINPATH@/components/nsUrlClassifierLib.js
|
@BINPATH@/components/nsUrlClassifierLib.js
|
||||||
@BINPATH@/components/url-classifier.xpt
|
@BINPATH@/components/url-classifier.xpt
|
||||||
|
#endif
|
||||||
|
|
||||||
; GNOME hooks
|
; GNOME hooks
|
||||||
#ifdef MOZ_ENABLE_GNOME_COMPONENT
|
#ifdef MOZ_ENABLE_GNOME_COMPONENT
|
||||||
|
@ -522,7 +524,7 @@ bin/components/@DLL_PREFIX@nkgnomevfs@DLL_SUFFIX@
|
||||||
@BINPATH@/components/SessionStore.js
|
@BINPATH@/components/SessionStore.js
|
||||||
@BINPATH@/components/Sidebar.js
|
@BINPATH@/components/Sidebar.js
|
||||||
#ifdef MOZ_SAFE_BROWSING
|
#ifdef MOZ_SAFE_BROWSING
|
||||||
@BINPATH@/components/SafeBrowsing.js
|
@BINPATH@/components/SafeBrowsing.jsm
|
||||||
#endif
|
#endif
|
||||||
@BINPATH@/components/XPIDialogService.js
|
@BINPATH@/components/XPIDialogService.js
|
||||||
@BINPATH@/components/browsercomps.xpt
|
@BINPATH@/components/browsercomps.xpt
|
||||||
|
|
|
@ -55,6 +55,9 @@ popupButtonAllowOnce=Show
|
||||||
popupButtonAlwaysAllow2=Always Show
|
popupButtonAlwaysAllow2=Always Show
|
||||||
popupButtonNeverWarn2=Never Show
|
popupButtonNeverWarn2=Never Show
|
||||||
|
|
||||||
|
# SafeBrowsing
|
||||||
|
safeBrowsingDoorhanger=This site has been identified as containing malware or a phishing attempt. Be careful.
|
||||||
|
|
||||||
# LOCALIZATION NOTE (blockPopups.label): Label that will be used in
|
# LOCALIZATION NOTE (blockPopups.label): Label that will be used in
|
||||||
# site settings dialog.
|
# site settings dialog.
|
||||||
blockPopups.label=Block Popups
|
blockPopups.label=Block Popups
|
||||||
|
|
Загрузка…
Ссылка в новой задаче