Bug #216133 --> Allow remote images from senders in the white list for Thunderbird.

Enable remote image blocking by default, add pref UI under privacy for controlling the new white list settings
for blocking remote content.

mail/app/profile/thunderbird.js

@@ -97,6 +97,7 @@ pref("update.severity", 0);
 pref("update.extensions.count", 0);
 pref("xpinstall.whitelist.add", "update.mozilla.org");
 
+
 /////////////////////////////////////////////////////////////////
 // Overrides of the seamonkey suite mailnews.js prefs
 ///////////////////////////////////////////////////////////////// 
@@ -104,6 +105,9 @@ pref("mail.showFolderPaneColumns", false); // setting to true will allow total/u
 pref("mail.showCondensedAddresses", true); // show the friendly display name for people I know
 
 pref("mailnews.message_display.allow.plugins", false); // disable plugins by default
+pref("mailnews.message_display.disable_remote_image", true);
+pref("mailnews.message_display.disable_remote_images.useWhitelist", true);
+pref("mailnews.message_display.disable_remote_images.whiteListAbURI","moz-abmdbdirectory://abook.mab");
 
 // hidden pref for changing how we present attachments in the message pane
 pref("mailnews.attachments.display.largeView", false); 

mail/components/prefwindow/content/pref-advanced.js

@@ -59,6 +59,8 @@ function Startup()
   // proxy connection
   DoEnabling();
         
+  toggleRemoteImagesPrefUI(document.getElementById('networkImageDisableImagesInMailNews'));
+        
   return true;
 }                   
 
@@ -132,6 +134,20 @@ function DoEnabling()
   }
 }
 
+function toggleRemoteImagesPrefUI(aCheckbox)
+{
+  if (aCheckbox.checked) 
+  {
+    document.getElementById('useWhiteList').removeAttribute('disabled');
+    document.getElementById('whiteListAbURI').removeAttribute('disabled');
+  }
+  else
+  {
+    document.getElementById('useWhiteList').setAttribute('disabled', 'true');
+    document.getElementById('whiteListAbURI').setAttribute('disabled', 'true');
+  }
+}
+
 const nsIProtocolProxyService = Components.interfaces.nsIProtocolProxyService;
 const kPROTPROX_CID = '{e9b301c0-e0e4-11D3-a1a8-0050041caf44}';
 

mail/components/prefwindow/content/pref-advanced.xul

@@ -58,7 +58,7 @@
   <![CDATA[
 
     var _elementIDs = [ // privacy settings
-                       "javascriptAllowMailNews", "networkImageDisableImagesInMailNews", 
+                       "javascriptAllowMailNews", "networkImageDisableImagesInMailNews", "useWhiteList", "whiteListAbURI",
                        
                        // return receipts
                        "alwaysRequest", "receiptFolder", "receiptSend", "notInToCcPref", "outsideDomainPref", "otherCasesPref",
@@ -92,7 +92,32 @@
         <checkbox id="networkImageDisableImagesInMailNews" 
                   label="&disableImageInMailNews.label;" accesskey="&disableImageInMailNews.accesskey;"
                   pref="true" preftype="bool" prefstring="mailnews.message_display.disable_remote_image"
-                  prefattribute="checked"/>
+                  prefattribute="checked" oncommand="toggleRemoteImagesPrefUI(event.target);"/>
+
+          <hbox class="indent">
+            <checkbox id="useWhiteList" pref="true" preftype="bool" 
+                      prefstring="mailnews.message_display.disable_remote_images.useWhitelist"                       
+                      label="&allowRemoteImagesForFriends.label;" accesskey="&allowRemoteImagesForFriends.accesskey;"/> 
+
+            <menulist id="whiteListAbURI" preftype="string" 
+                      prefstring="mailnews.message_display.disable_remote_images.whiteListAbURI">
+              <menupopup id="abPopup-menupopup" ref="moz-abdirectory://" 
+                           datasources="rdf:addressdirectory"
+                           sortActive="true"
+                           sortDirection="ascending"
+                           sortResource="http://home.netscape.com/NC-rdf#DirTreeNameSort">
+                <template>
+                  <rule nc:IsWriteable="false"/>
+                  <rule nc:IsMailList="false">
+                    <menuitem uri="..."
+                              label="rdf:http://home.netscape.com/NC-rdf#DirName"
+                              value="rdf:http://home.netscape.com/NC-rdf#DirUri"/>
+                  </rule>
+                </template>
+              </menupopup>
+            </menulist>  
+          </hbox>
+
         
         <checkbox id="javascriptAllowMailNews"
                   label="&enbJsCheckMailNews.label;" accesskey="&enbJsCheckMailNews.accesskey;"

mail/components/prefwindow/locale/pref-advanced.dtd

@@ -4,6 +4,8 @@
 <!ENTITY privacyTitle.label            "Privacy">
 <!ENTITY disableImageInMailNews.label  "Block loading of remote images in mail messages.">
 <!ENTITY disableImageInMailNews.accesskey "B">
+<!ENTITY allowRemoteImagesForFriends.label  "Allow remote images if the sender is in my:">
+<!ENTITY allowRemoteImagesForFriends.accesskey "A">
 <!ENTITY enbJsCheckMailNews.label      "Enable JavaScript in mail messages.">
 <!ENTITY enbJsCheckMailNews.accesskey  "J">
 

mailnews/base/src/nsMsgContentPolicy.cpp

@@ -44,8 +44,11 @@
 #include "nsIURI.h"
 #include "nsCOMPtr.h"
 #include "nsCRT.h"
-#include "nsString.h"
 #include "nsIContentPolicy.h"
+#include "nsIRDFService.h"
+#include "nsIRDFResource.h"
+#include "nsIMsgHeaderParser.h"
+#include "nsIAbMDBDirectory.h"
 
 #include "nsIMsgMailNewsUrl.h"
 #include "nsIMsgWindow.h"
@@ -57,6 +60,8 @@
 #include "nsMsgUtils.h"
 
 static const char kBlockRemoteImages[] = "mailnews.message_display.disable_remote_image";
+static const char kRemoteImagesUseWhiteList[] = "mailnews.message_display.disable_remote_images.useWhitelist";
+static const char kRemoteImagesWhiteListURI[] = "mailnews.message_display.disable_remote_images.whiteListAbURI";
 static const char kAllowPlugins[] = "mailnews.message_display.allow.plugins";
 
 // Per message headder flags to keep track of whether the user is allowing remote
@@ -80,6 +85,8 @@ NS_INTERFACE_MAP_END
 nsMsgContentPolicy::nsMsgContentPolicy()
 {
   mAllowPlugins = PR_FALSE;
+  mUseRemoteImageWhiteList = PR_TRUE;
+  mBlockRemoteImages = PR_TRUE;
 }
 
 nsMsgContentPolicy::~nsMsgContentPolicy()
@@ -93,6 +100,8 @@ nsMsgContentPolicy::~nsMsgContentPolicy()
     if (NS_SUCCEEDED(rv))
     {
       prefInternal->RemoveObserver(kBlockRemoteImages, this);
+      prefInternal->RemoveObserver(kRemoteImagesUseWhiteList, this);
+      prefInternal->RemoveObserver(kRemoteImagesWhiteListURI, this);
       prefInternal->RemoveObserver(kAllowPlugins, this);
     }
   }
@@ -109,10 +118,47 @@ nsresult nsMsgContentPolicy::Init()
   nsCOMPtr<nsIPrefBranchInternal> prefInternal = do_QueryInterface(prefBranch, &rv);
   NS_ENSURE_SUCCESS(rv, rv);
   prefInternal->AddObserver(kBlockRemoteImages, this, PR_TRUE);
+  prefInternal->AddObserver(kRemoteImagesUseWhiteList, this, PR_TRUE);
+  prefInternal->AddObserver(kRemoteImagesWhiteListURI, this, PR_TRUE);
   prefInternal->AddObserver(kAllowPlugins, this, PR_TRUE);
 
   prefBranch->GetBoolPref(kAllowPlugins, &mAllowPlugins);
-  rv = prefBranch->GetBoolPref(kBlockRemoteImages, &mBlockRemoteImages);
+  prefBranch->GetBoolPref(kRemoteImagesUseWhiteList, &mUseRemoteImageWhiteList);
+  prefBranch->GetCharPref(kRemoteImagesWhiteListURI, getter_Copies(mRemoteImageWhiteListURI));
+  return prefBranch->GetBoolPref(kBlockRemoteImages, &mBlockRemoteImages);
+}
+
+nsresult nsMsgContentPolicy::IsSenderInWhiteList(nsIMsgDBHdr * aMsgHdr, PRBool * aWhiteListed)
+{
+  *aWhiteListed = PR_FALSE;
+  NS_ENSURE_ARG_POINTER(aMsgHdr); 
+  nsresult rv = NS_OK;
+
+  if (mBlockRemoteImages && mUseRemoteImageWhiteList && !mRemoteImageWhiteListURI.IsEmpty())
+  {
+    nsXPIDLCString author;
+    rv = aMsgHdr->GetAuthor(getter_Copies(author));
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    nsCOMPtr<nsIRDFService> rdfService = do_GetService("@mozilla.org/rdf/rdf-service;1", &rv);
+    NS_ENSURE_SUCCESS(rv, rv);
+    
+    nsCOMPtr <nsIRDFResource> resource;
+    rv = rdfService->GetResource(mRemoteImageWhiteListURI, getter_AddRefs(resource));
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    nsCOMPtr <nsIAbMDBDirectory> addressBook = do_QueryInterface(resource, &rv);
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    nsCOMPtr<nsIMsgHeaderParser> headerParser = do_GetService("@mozilla.org/messenger/headerparser;1", &rv);
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    nsXPIDLCString emailAddress; 
+    rv = headerParser->ExtractHeaderAddressMailboxes(nsnull, author, getter_Copies(emailAddress));
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    rv = addressBook->HasCardForEmailAddress(emailAddress, aWhiteListed);
+  }
   
   return rv;
 }
@@ -172,8 +218,8 @@ nsMsgContentPolicy::ShouldLoad(PRUint32          aContentType,
         //     see if this particular message has special rights to bypass the remote content check
         // (2) special case RSS urls, always allow them to load remote images since the user explicitly
         //     subscribed to the feed.
-        // (3) Eventually, check the personal address book and use it as a white list for senders 
-        //     who are allowed to send remote images (NOT IMPLEMENTED YET)
+        // (3) Check the personal address book and use it as a white list for senders 
+        //     who are allowed to send us remote images 
         
         // get the msg hdr for the message URI we are actually loading
         NS_ENSURE_TRUE(aRequestingLocation, NS_OK);
@@ -211,9 +257,13 @@ nsMsgContentPolicy::ShouldLoad(PRUint32          aContentType,
           rssServer = do_QueryInterface(server);
         }
         
+        // Case #3, author is in our white list..
+        PRBool authorInWhiteList = PR_FALSE;
+        IsSenderInWhiteList(msgHdr, &authorInWhiteList);
+        
         // Case #1 and #2: special case RSS. Allow urls that are RSS feeds to show remote image (Bug #250246)
         // Honor the message specific remote content policy
-        if (rssServer || remoteContentPolicy == kAllowRemoteContent)
+        if (rssServer || remoteContentPolicy == kAllowRemoteContent || authorInWhiteList)
           *aDecision = nsIContentPolicy::ACCEPT;
         else if (mBlockRemoteImages) 
         {
@@ -264,6 +314,10 @@ NS_IMETHODIMP nsMsgContentPolicy::Observe(nsISupports *aSubject, const char *aTo
 
     if (pref.Equals(kBlockRemoteImages))
       rv = prefBranch->GetBoolPref(kBlockRemoteImages, &mBlockRemoteImages);
+    else if (pref.Equals(kRemoteImagesUseWhiteList))
+      prefBranch->GetBoolPref(kRemoteImagesUseWhiteList, &mUseRemoteImageWhiteList);
+    else if (pref.Equals(kRemoteImagesWhiteListURI))
+      prefBranch->GetCharPref(kRemoteImagesWhiteListURI, getter_Copies(mRemoteImageWhiteListURI));
   }
   
   return NS_OK;

mailnews/base/src/nsMsgContentPolicy.h

@@ -47,6 +47,7 @@
 #include "nsIContentPolicy.h"
 #include "nsIObserver.h"
 #include "nsWeakReference.h"
+#include "nsString.h"
 
 
 /* DBFCFDF0-4489-4faa-8122-190FD1EFA16C */
@@ -55,6 +56,8 @@
 
 #define NS_MSGCONTENTPOLICY_CONTRACTID "@mozilla.org/messenger/content-policy;1"
 
+class nsIMsgDBHdr;
+
 class nsMsgContentPolicy : public nsIContentPolicy,
                            public nsIObserver,
                            public nsSupportsWeakReference
@@ -71,7 +74,11 @@ public:
 
 protected:
   PRBool   mBlockRemoteImages;
+  PRBool   mUseRemoteImageWhiteList;
+  nsXPIDLCString mRemoteImageWhiteListURI;
   PRBool   mAllowPlugins;
+
+  nsresult IsSenderInWhiteList(nsIMsgDBHdr * aMsgHdr, PRBool * aWhiteListed);
 };
 
 #endif // _nsMsgContentPolicy_H_