bug 342187: query params for "ask google" anti-phishing queries are in source code

r=mmchew,sr=ben
This commit is contained in:
tony%ponderer.org 2006-07-18 21:28:11 +00:00
Родитель 93d1cd7160
Коммит 25597ce19b
10 изменённых файлов: 78 добавлений и 40 удалений

Просмотреть файл

@ -476,13 +476,13 @@ pref("browser.safebrowsing.enabled", true);
pref("browser.safebrowsing.remoteLookups", false);
// Non-enhanced mode (local url lists) URL list to check for updates
pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?");
pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?client=navclient-auto-ffox2&");
pref("browser.safebrowsing.dataProvider", 0);
// Does the provider name need to be localizable?
pref("browser.safebrowsing.provider.0.name", "Google");
pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?");
pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client=navclient-auto-ffox2&");
pref("browser.safebrowsing.provider.0.keyURL", "https://www.google.com/safebrowsing/getkey?");
pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?");

Просмотреть файл

@ -95,6 +95,24 @@ PROT_DataProvider.prototype.loadDataProviderPrefs_ = function() {
this.reportGenericURL_ = this.prefs_.getPref(basePref + "reportGenericURL", "");
this.reportErrorURL_ = this.prefs_.getPref(basePref + "reportErrorURL", "");
this.reportPhishURL_ = this.prefs_.getPref(basePref + "reportPhishURL", "");
// Propogate the changes to the list-manager.
this.updateListManager_();
}
/**
* The list manager needs urls to operate. It needs a url to know where the
* table updates are, and it needs a url for decrypting enchash style tables.
*/
PROT_DataProvider.prototype.updateListManager_ = function() {
var listManager = Cc["@mozilla.org/url-classifier/listmanager;1"]
.getService(Ci.nsIUrlListManager);
// If we add support for changing local data providers, we need to add a
// pref observer that sets the update url accordingly.
listManager.setUpdateUrl(this.getUpdateURL());
listManager.setKeyUrl(this.getKeyURL());
}
//////////////////////////////////////////////////////////////////////////////

Просмотреть файл

@ -59,10 +59,6 @@ function PROT_ListWarden() {
.getService(Ci.nsIUrlListManager);
this.listManager_ = listManager;
// If we add support for changing local data providers, we need to add a
// pref observer that sets the update url accordingly.
this.listManager_.setUpdateUrl(gDataProvider.getUpdateURL());
// Once we register tables, their respective names will be listed here.
this.blackTables_ = [];
this.whiteTables_ = [];

Просмотреть файл

@ -62,16 +62,6 @@ function PROT_TRFetcher(opt_noCrypto) {
PROT_TRFetcher.TRY_REKEYING_RESPONSE = "pleaserekey";
/**
* Query params we'll send. Don't touch unless you know what you're
* doing and are prepared to carefully test.
*/
PROT_TRFetcher.prototype.extraQueryParams = {
sourceid: "firefox-antiphish",
features: "TrustRank",
client: "navclient-auto-ffox2"
};
/**
* Get the URL of the request that will fetch us TR for the argument URL
*
@ -90,9 +80,6 @@ PROT_TRFetcher.prototype.getRequestURL_ = function(url) {
if (!requestURL)
return null;
for (var param in this.extraQueryParams)
requestURL += param + "=" + this.extraQueryParams[param] + "&";
if (this.useCrypto_) {
var maybeCryptedParams = this.urlCrypto_.maybeCryptParams({ "q": url});

Просмотреть файл

@ -87,7 +87,11 @@ ARC4.prototype.setKey = function(key, opt_length) {
* @param {int} n is # of bytes to disregard from stream
*/
ARC4.prototype.discard = function(n) {
var devnul = new Array(n);
// To avoid strict JS warnings, we fill the array with values.
var devnul = [];
for (var i = 0; i < n; i++) {
devnul[i] = 0;
}
this.crypt(devnul);
}

Просмотреть файл

@ -159,6 +159,18 @@ PROT_ListManager.prototype.setUpdateUrl = function(url) {
}
}
/**
* Set the crypto key url.
* @param url String
*/
PROT_ListManager.prototype.setKeyUrl = function(url) {
G_Debug(this, "Set key url: " + url);
if (!this.urlCrypto_)
this.urlCrypto_ = new PROT_UrlCrypto();
this.urlCrypto_.manager_.setKeyUrl(url);
}
/**
* Register a new table table
* @param tableName - the name of the table

Просмотреть файл

@ -55,10 +55,7 @@
function G_CryptoHasher() {
this.debugZone = "cryptohasher";
this.decoder_ = new G_Base64();
this.hasher_ = Cc["@mozilla.org/security/hash;1"]
.createInstance(Ci.nsICryptoHash);
this.initialized_ = false;
this.hasher_ = null;
}
G_CryptoHasher.algorithms = {
@ -86,7 +83,8 @@ G_CryptoHasher.prototype.init = function(algorithm) {
if (!validAlgorithm)
throw new Error("Invalid algorithm: " + algorithm);
this.initialized_ = true;
this.hasher_ = Cc["@mozilla.org/security/hash;1"]
.createInstance(Ci.nsICryptoHash);
this.hasher_.init(algorithm);
}
@ -100,7 +98,7 @@ G_CryptoHasher.prototype.init = function(algorithm) {
* @param input String containing data to hash.
*/
G_CryptoHasher.prototype.updateFromString = function(input) {
if (!this.initialized_)
if (!this.hasher_)
throw new Error("You must initialize the hasher first!");
this.hasher_.update(this.decoder_.arrayifyString(input), input.length);
@ -113,7 +111,7 @@ G_CryptoHasher.prototype.updateFromString = function(input) {
* @param input Array containing data to hash.
*/
G_CryptoHasher.prototype.updateFromArray = function(input) {
if (!this.initialized_)
if (!this.hasher_)
throw new Error("You must initialize the hasher first!");
this.hasher_.update(input, input.length);
@ -124,7 +122,7 @@ G_CryptoHasher.prototype.updateFromArray = function(input) {
* called multiple times from incremental hash updates.
*/
G_CryptoHasher.prototype.updateFromStream = function(stream) {
if (!this.initialized_)
if (!this.hasher_)
throw new Error("You must initialize the hasher first!");
this.hasher_.updateFromStream(stream, stream.available());
@ -134,14 +132,18 @@ G_CryptoHasher.prototype.updateFromStream = function(stream) {
* @returns The hash value as a string (sequence of 8-bit values)
*/
G_CryptoHasher.prototype.digestRaw = function() {
return this.hasher_.finish(false /* not b64 encoded */);
var digest = this.hasher_.finish(false /* not b64 encoded */);
this.hasher_ = null;
return digest;
}
/**
* @returns The hash value as a base64-encoded string
*/
G_CryptoHasher.prototype.digestBase64 = function() {
return this.hasher_.finish(true /* b64 encoded */);
var digest = this.hasher_.finish(true /* b64 encoded */);
this.hasher_ = null;
return digest;
}
/**

Просмотреть файл

@ -68,11 +68,6 @@
// server updates.
const kKeyFilename = "kf.txt";
// If we don't have a key, we can get one at this url.
// XXX We shouldn't be referencing browser.safebrowsing. from here. This
// should be an constructor param or settable some other way.
const kGetKeyUrl = "browser.safebrowsing.provider.0.keyURL";
/**
* A key manager for UrlCrypto. There should be exactly one of these
* per appplication, and all UrlCrypto's should share it. This is
@ -80,6 +75,7 @@ const kGetKeyUrl = "browser.safebrowsing.provider.0.keyURL";
* UrlCrypto's prototype at startup. We could've opted for a global
* instead, but I like this better, even though it is spooky action
* at a distance.
* XXX: Should be an XPCOM service
*
* @param opt_keyFilename String containing the name of the
* file we should serialize keys to/from. Used
@ -101,6 +97,9 @@ function PROT_UrlCryptoKeyManager(opt_keyFilename, opt_testing) {
this.wrappedKey_ = null; // Opaque websafe base64-encoded server key
this.rekeyTries_ = 0;
// Don't do anything until keyUrl_ is set.
this.keyUrl_ = null;
this.keyFilename_ = opt_keyFilename ?
opt_keyFilename : kKeyFilename;
@ -115,7 +114,6 @@ function PROT_UrlCryptoKeyManager(opt_keyFilename, opt_testing) {
PROT_UrlCrypto.prototype.manager_ = this;
this.maybeLoadOldKey();
this.reKey();
}
}
@ -147,6 +145,20 @@ PROT_UrlCryptoKeyManager.prototype.getWrappedKey = function() {
return this.wrappedKey_;
}
/**
* Change the key url. When we do this, we go ahead and rekey.
* @param keyUrl String
*/
PROT_UrlCryptoKeyManager.prototype.setKeyUrl = function(keyUrl) {
// If it's the same key url, do nothing.
if (keyUrl == this.keyUrl_)
return;
this.keyUrl_ = keyUrl;
this.rekeyTries_ = 0;
this.reKey();
}
/**
* Tell the manager to re-key. For safety, this method still obeys the
* max-tries limit. Clients should generally use maybeReKey() if they
@ -162,9 +174,9 @@ PROT_UrlCryptoKeyManager.prototype.reKey = function() {
G_Debug(this, "Attempting to re-key");
var prefs = new G_Preferences();
var url = prefs.getPref(kGetKeyUrl, null);
if (!this.testing_ && url)
(new PROT_XMLFetcher()).get(url,
// If the keyUrl isn't set, we don't do anything.
if (!this.testing_ && this.keyUrl_)
(new PROT_XMLFetcher()).get(this.keyUrl_,
BindToObject(this.onGetKeyResponse, this));
}

Просмотреть файл

@ -48,7 +48,7 @@ interface nsIUrlListManagerCallback : nsISupports {
void handleEvent(in boolean value);
};
[scriptable, uuid(914b3a54-47a8-4cb0-b9df-c89064f6bb34)]
[scriptable, uuid(d39982d6-da4f-4a27-8d91-f9c7b179aa33)]
interface nsIUrlListManager : nsISupports
{
/**
@ -56,6 +56,12 @@ interface nsIUrlListManager : nsISupports
*/
void setUpdateUrl(in ACString url);
/**
* Set the URL we use to get keys used to decrypt URLs in
* enchash tables.
*/
void setKeyUrl(in ACString url);
/**
* Add a table to the list of tables we are managing. The name is a
* string of the format provider_name-semantic_type-table_type. For

Просмотреть файл

@ -56,6 +56,7 @@ function Init() {
modScope.G_Alarm = jslib.G_Alarm;
modScope.BindToObject = jslib.BindToObject;
modScope.PROT_XMLFetcher = jslib.PROT_XMLFetcher;
modScope.PROT_UrlCrypto = jslib.PROT_UrlCrypto;
// We only need to call Init once.
modScope.Init = function() {};