зеркало из https://github.com/mozilla/pjs.git
bug 342187: query params for "ask google" anti-phishing queries are in source code
r=mmchew,sr=ben
This commit is contained in:
Родитель
93d1cd7160
Коммит
25597ce19b
|
@ -476,13 +476,13 @@ pref("browser.safebrowsing.enabled", true);
|
|||
pref("browser.safebrowsing.remoteLookups", false);
|
||||
|
||||
// Non-enhanced mode (local url lists) URL list to check for updates
|
||||
pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?");
|
||||
pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?client=navclient-auto-ffox2&");
|
||||
|
||||
pref("browser.safebrowsing.dataProvider", 0);
|
||||
|
||||
// Does the provider name need to be localizable?
|
||||
pref("browser.safebrowsing.provider.0.name", "Google");
|
||||
pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?");
|
||||
pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client=navclient-auto-ffox2&");
|
||||
pref("browser.safebrowsing.provider.0.keyURL", "https://www.google.com/safebrowsing/getkey?");
|
||||
pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?");
|
||||
|
||||
|
|
|
@ -95,6 +95,24 @@ PROT_DataProvider.prototype.loadDataProviderPrefs_ = function() {
|
|||
this.reportGenericURL_ = this.prefs_.getPref(basePref + "reportGenericURL", "");
|
||||
this.reportErrorURL_ = this.prefs_.getPref(basePref + "reportErrorURL", "");
|
||||
this.reportPhishURL_ = this.prefs_.getPref(basePref + "reportPhishURL", "");
|
||||
|
||||
// Propogate the changes to the list-manager.
|
||||
this.updateListManager_();
|
||||
}
|
||||
|
||||
/**
|
||||
* The list manager needs urls to operate. It needs a url to know where the
|
||||
* table updates are, and it needs a url for decrypting enchash style tables.
|
||||
*/
|
||||
PROT_DataProvider.prototype.updateListManager_ = function() {
|
||||
var listManager = Cc["@mozilla.org/url-classifier/listmanager;1"]
|
||||
.getService(Ci.nsIUrlListManager);
|
||||
|
||||
// If we add support for changing local data providers, we need to add a
|
||||
// pref observer that sets the update url accordingly.
|
||||
listManager.setUpdateUrl(this.getUpdateURL());
|
||||
|
||||
listManager.setKeyUrl(this.getKeyURL());
|
||||
}
|
||||
|
||||
//////////////////////////////////////////////////////////////////////////////
|
||||
|
|
|
@ -59,10 +59,6 @@ function PROT_ListWarden() {
|
|||
.getService(Ci.nsIUrlListManager);
|
||||
this.listManager_ = listManager;
|
||||
|
||||
// If we add support for changing local data providers, we need to add a
|
||||
// pref observer that sets the update url accordingly.
|
||||
this.listManager_.setUpdateUrl(gDataProvider.getUpdateURL());
|
||||
|
||||
// Once we register tables, their respective names will be listed here.
|
||||
this.blackTables_ = [];
|
||||
this.whiteTables_ = [];
|
||||
|
|
|
@ -62,16 +62,6 @@ function PROT_TRFetcher(opt_noCrypto) {
|
|||
|
||||
PROT_TRFetcher.TRY_REKEYING_RESPONSE = "pleaserekey";
|
||||
|
||||
/**
|
||||
* Query params we'll send. Don't touch unless you know what you're
|
||||
* doing and are prepared to carefully test.
|
||||
*/
|
||||
PROT_TRFetcher.prototype.extraQueryParams = {
|
||||
sourceid: "firefox-antiphish",
|
||||
features: "TrustRank",
|
||||
client: "navclient-auto-ffox2"
|
||||
};
|
||||
|
||||
/**
|
||||
* Get the URL of the request that will fetch us TR for the argument URL
|
||||
*
|
||||
|
@ -90,9 +80,6 @@ PROT_TRFetcher.prototype.getRequestURL_ = function(url) {
|
|||
if (!requestURL)
|
||||
return null;
|
||||
|
||||
for (var param in this.extraQueryParams)
|
||||
requestURL += param + "=" + this.extraQueryParams[param] + "&";
|
||||
|
||||
if (this.useCrypto_) {
|
||||
var maybeCryptedParams = this.urlCrypto_.maybeCryptParams({ "q": url});
|
||||
|
||||
|
|
|
@ -87,7 +87,11 @@ ARC4.prototype.setKey = function(key, opt_length) {
|
|||
* @param {int} n is # of bytes to disregard from stream
|
||||
*/
|
||||
ARC4.prototype.discard = function(n) {
|
||||
var devnul = new Array(n);
|
||||
// To avoid strict JS warnings, we fill the array with values.
|
||||
var devnul = [];
|
||||
for (var i = 0; i < n; i++) {
|
||||
devnul[i] = 0;
|
||||
}
|
||||
this.crypt(devnul);
|
||||
}
|
||||
|
||||
|
|
|
@ -159,6 +159,18 @@ PROT_ListManager.prototype.setUpdateUrl = function(url) {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the crypto key url.
|
||||
* @param url String
|
||||
*/
|
||||
PROT_ListManager.prototype.setKeyUrl = function(url) {
|
||||
G_Debug(this, "Set key url: " + url);
|
||||
if (!this.urlCrypto_)
|
||||
this.urlCrypto_ = new PROT_UrlCrypto();
|
||||
|
||||
this.urlCrypto_.manager_.setKeyUrl(url);
|
||||
}
|
||||
|
||||
/**
|
||||
* Register a new table table
|
||||
* @param tableName - the name of the table
|
||||
|
|
|
@ -55,10 +55,7 @@
|
|||
function G_CryptoHasher() {
|
||||
this.debugZone = "cryptohasher";
|
||||
this.decoder_ = new G_Base64();
|
||||
this.hasher_ = Cc["@mozilla.org/security/hash;1"]
|
||||
.createInstance(Ci.nsICryptoHash);
|
||||
|
||||
this.initialized_ = false;
|
||||
this.hasher_ = null;
|
||||
}
|
||||
|
||||
G_CryptoHasher.algorithms = {
|
||||
|
@ -86,7 +83,8 @@ G_CryptoHasher.prototype.init = function(algorithm) {
|
|||
if (!validAlgorithm)
|
||||
throw new Error("Invalid algorithm: " + algorithm);
|
||||
|
||||
this.initialized_ = true;
|
||||
this.hasher_ = Cc["@mozilla.org/security/hash;1"]
|
||||
.createInstance(Ci.nsICryptoHash);
|
||||
this.hasher_.init(algorithm);
|
||||
}
|
||||
|
||||
|
@ -100,7 +98,7 @@ G_CryptoHasher.prototype.init = function(algorithm) {
|
|||
* @param input String containing data to hash.
|
||||
*/
|
||||
G_CryptoHasher.prototype.updateFromString = function(input) {
|
||||
if (!this.initialized_)
|
||||
if (!this.hasher_)
|
||||
throw new Error("You must initialize the hasher first!");
|
||||
|
||||
this.hasher_.update(this.decoder_.arrayifyString(input), input.length);
|
||||
|
@ -113,7 +111,7 @@ G_CryptoHasher.prototype.updateFromString = function(input) {
|
|||
* @param input Array containing data to hash.
|
||||
*/
|
||||
G_CryptoHasher.prototype.updateFromArray = function(input) {
|
||||
if (!this.initialized_)
|
||||
if (!this.hasher_)
|
||||
throw new Error("You must initialize the hasher first!");
|
||||
|
||||
this.hasher_.update(input, input.length);
|
||||
|
@ -124,7 +122,7 @@ G_CryptoHasher.prototype.updateFromArray = function(input) {
|
|||
* called multiple times from incremental hash updates.
|
||||
*/
|
||||
G_CryptoHasher.prototype.updateFromStream = function(stream) {
|
||||
if (!this.initialized_)
|
||||
if (!this.hasher_)
|
||||
throw new Error("You must initialize the hasher first!");
|
||||
|
||||
this.hasher_.updateFromStream(stream, stream.available());
|
||||
|
@ -134,14 +132,18 @@ G_CryptoHasher.prototype.updateFromStream = function(stream) {
|
|||
* @returns The hash value as a string (sequence of 8-bit values)
|
||||
*/
|
||||
G_CryptoHasher.prototype.digestRaw = function() {
|
||||
return this.hasher_.finish(false /* not b64 encoded */);
|
||||
var digest = this.hasher_.finish(false /* not b64 encoded */);
|
||||
this.hasher_ = null;
|
||||
return digest;
|
||||
}
|
||||
|
||||
/**
|
||||
* @returns The hash value as a base64-encoded string
|
||||
*/
|
||||
G_CryptoHasher.prototype.digestBase64 = function() {
|
||||
return this.hasher_.finish(true /* b64 encoded */);
|
||||
var digest = this.hasher_.finish(true /* b64 encoded */);
|
||||
this.hasher_ = null;
|
||||
return digest;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -68,11 +68,6 @@
|
|||
// server updates.
|
||||
const kKeyFilename = "kf.txt";
|
||||
|
||||
// If we don't have a key, we can get one at this url.
|
||||
// XXX We shouldn't be referencing browser.safebrowsing. from here. This
|
||||
// should be an constructor param or settable some other way.
|
||||
const kGetKeyUrl = "browser.safebrowsing.provider.0.keyURL";
|
||||
|
||||
/**
|
||||
* A key manager for UrlCrypto. There should be exactly one of these
|
||||
* per appplication, and all UrlCrypto's should share it. This is
|
||||
|
@ -80,6 +75,7 @@ const kGetKeyUrl = "browser.safebrowsing.provider.0.keyURL";
|
|||
* UrlCrypto's prototype at startup. We could've opted for a global
|
||||
* instead, but I like this better, even though it is spooky action
|
||||
* at a distance.
|
||||
* XXX: Should be an XPCOM service
|
||||
*
|
||||
* @param opt_keyFilename String containing the name of the
|
||||
* file we should serialize keys to/from. Used
|
||||
|
@ -101,6 +97,9 @@ function PROT_UrlCryptoKeyManager(opt_keyFilename, opt_testing) {
|
|||
this.wrappedKey_ = null; // Opaque websafe base64-encoded server key
|
||||
this.rekeyTries_ = 0;
|
||||
|
||||
// Don't do anything until keyUrl_ is set.
|
||||
this.keyUrl_ = null;
|
||||
|
||||
this.keyFilename_ = opt_keyFilename ?
|
||||
opt_keyFilename : kKeyFilename;
|
||||
|
||||
|
@ -115,7 +114,6 @@ function PROT_UrlCryptoKeyManager(opt_keyFilename, opt_testing) {
|
|||
PROT_UrlCrypto.prototype.manager_ = this;
|
||||
|
||||
this.maybeLoadOldKey();
|
||||
this.reKey();
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -147,6 +145,20 @@ PROT_UrlCryptoKeyManager.prototype.getWrappedKey = function() {
|
|||
return this.wrappedKey_;
|
||||
}
|
||||
|
||||
/**
|
||||
* Change the key url. When we do this, we go ahead and rekey.
|
||||
* @param keyUrl String
|
||||
*/
|
||||
PROT_UrlCryptoKeyManager.prototype.setKeyUrl = function(keyUrl) {
|
||||
// If it's the same key url, do nothing.
|
||||
if (keyUrl == this.keyUrl_)
|
||||
return;
|
||||
|
||||
this.keyUrl_ = keyUrl;
|
||||
this.rekeyTries_ = 0;
|
||||
this.reKey();
|
||||
}
|
||||
|
||||
/**
|
||||
* Tell the manager to re-key. For safety, this method still obeys the
|
||||
* max-tries limit. Clients should generally use maybeReKey() if they
|
||||
|
@ -162,9 +174,9 @@ PROT_UrlCryptoKeyManager.prototype.reKey = function() {
|
|||
|
||||
G_Debug(this, "Attempting to re-key");
|
||||
var prefs = new G_Preferences();
|
||||
var url = prefs.getPref(kGetKeyUrl, null);
|
||||
if (!this.testing_ && url)
|
||||
(new PROT_XMLFetcher()).get(url,
|
||||
// If the keyUrl isn't set, we don't do anything.
|
||||
if (!this.testing_ && this.keyUrl_)
|
||||
(new PROT_XMLFetcher()).get(this.keyUrl_,
|
||||
BindToObject(this.onGetKeyResponse, this));
|
||||
}
|
||||
|
||||
|
|
|
@ -48,7 +48,7 @@ interface nsIUrlListManagerCallback : nsISupports {
|
|||
void handleEvent(in boolean value);
|
||||
};
|
||||
|
||||
[scriptable, uuid(914b3a54-47a8-4cb0-b9df-c89064f6bb34)]
|
||||
[scriptable, uuid(d39982d6-da4f-4a27-8d91-f9c7b179aa33)]
|
||||
interface nsIUrlListManager : nsISupports
|
||||
{
|
||||
/**
|
||||
|
@ -56,6 +56,12 @@ interface nsIUrlListManager : nsISupports
|
|||
*/
|
||||
void setUpdateUrl(in ACString url);
|
||||
|
||||
/**
|
||||
* Set the URL we use to get keys used to decrypt URLs in
|
||||
* enchash tables.
|
||||
*/
|
||||
void setKeyUrl(in ACString url);
|
||||
|
||||
/**
|
||||
* Add a table to the list of tables we are managing. The name is a
|
||||
* string of the format provider_name-semantic_type-table_type. For
|
||||
|
|
|
@ -56,6 +56,7 @@ function Init() {
|
|||
modScope.G_Alarm = jslib.G_Alarm;
|
||||
modScope.BindToObject = jslib.BindToObject;
|
||||
modScope.PROT_XMLFetcher = jslib.PROT_XMLFetcher;
|
||||
modScope.PROT_UrlCrypto = jslib.PROT_UrlCrypto;
|
||||
|
||||
// We only need to call Init once.
|
||||
modScope.Init = function() {};
|
||||
|
|
Загрузка…
Ссылка в новой задаче