gecko-dev/browser/components/safebrowsing/SafeBrowsing.jsm

217 lines
6.7 KiB
JavaScript
Raw Normal View History

/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
var EXPORTED_SYMBOLS = ["SafeBrowsing"];
const Cc = Components.classes;
const Ci = Components.interfaces;
const Cu = Components.utils;
Cu.import("resource://gre/modules/Services.jsm");
const phishingList = "goog-phish-shavar";
const malwareList = "goog-malware-shavar";
var debug = false;
function log(...stuff) {
if (!debug)
return;
let msg = "SafeBrowsing: " + stuff.join(" ");
Services.console.logStringMessage(msg);
dump(msg + "\n");
}
var SafeBrowsing = {
init: function() {
if (this.initialized) {
log("Already initialized");
return;
}
Services.prefs.addObserver("browser.safebrowsing", this.readPrefs, false);
this.readPrefs();
this.initProviderURLs();
// Initialize the list manager
let listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].
getService(Ci.nsIUrlListManager);
listManager.setUpdateUrl(this.updateURL);
// setKeyUrl has the side effect of fetching a key from the server.
// This shouldn't happen if anti-phishing/anti-malware is disabled.
if (this.phishingEnabled || this.malwareEnabled)
listManager.setKeyUrl(this.keyURL);
listManager.setGethashUrl(this.gethashURL);
// Register our two types of tables
listManager.registerTable(phishingList, false);
listManager.registerTable(malwareList, false);
this.addMozEntries();
this.controlUpdateChecking();
this.initialized = true;
log("init() finished");
},
initialized: false,
phishingEnabled: false,
malwareEnabled: false,
provName: null,
updateURL: null,
keyURL: null,
reportURL: null,
gethashURL: null,
reportGenericURL: null,
reportErrorURL: null,
reportPhishURL: null,
reportMalwareURL: null,
reportMalwareErrorURL: null,
getReportURL: function(kind) {
return this["report" + kind + "URL"];
},
readPrefs: function() {
log("reading prefs");
debug = Services.prefs.getBoolPref("browser.safebrowsing.debug");
this.phishingEnabled = Services.prefs.getBoolPref("browser.safebrowsing.enabled");
this.malwareEnabled = Services.prefs.getBoolPref("browser.safebrowsing.malware.enabled");
// XXX The listManager backend gets confused if this is called before the
// lists are registered. So only call it here when a pref changes, and not
// when doing initialization. I expect to refactor this later, so pardon the hack.
if (this.initialized)
this.controlUpdateChecking();
},
initProviderURLs: function() {
log("initializing provider URLs");
// XXX remove this as obsolete?
let provID = Services.prefs.getIntPref("browser.safebrowsing.dataProvider");
if (provID != 0) {
Cu.reportError("unknown safebrowsing provider ID " + provID);
return;
}
let basePref = "browser.safebrowsing.provider.0.";
this.provName = Services.prefs.getCharPref(basePref + "name");
// Urls used to get data from a provider
this.updateURL = this.getUrlPref(basePref + "updateURL");
this.keyURL = this.getUrlPref(basePref + "keyURL");
this.reportURL = this.getUrlPref(basePref + "reportURL");
this.gethashURL = this.getUrlPref(basePref + "gethashURL");
// Urls to HTML report pages
this.reportGenericURL = this.getUrlPref(basePref + "reportGenericURL");
this.reportErrorURL = this.getUrlPref(basePref + "reportErrorURL");
this.reportPhishURL = this.getUrlPref(basePref + "reportPhishURL");
this.reportMalwareURL = this.getUrlPref(basePref + "reportMalwareURL")
this.reportMalwareErrorURL = this.getUrlPref(basePref + "reportMalwareErrorURL")
},
getUrlPref: function(prefName) {
let MOZ_OFFICIAL_BUILD = false;
#ifdef OFFICIAL_BUILD
MOZ_OFFICIAL_BUILD = true;
#endif
let url = Services.prefs.getCharPref(prefName);
let clientName = MOZ_OFFICIAL_BUILD ? "navclient-auto-ffox" : Services.appinfo.name;
let clientVersion = Services.appinfo.version;
// Parameter substitution
// XXX: we should instead use nsIURLFormatter here.
url = url.replace(/\{moz:locale\}/g, this.getLocale());
url = url.replace(/\{moz:client\}/g, clientName);
url = url.replace(/\{moz:buildid\}/g, Services.appinfo.appBuildID);
url = url.replace(/\{moz:version\}/g, clientVersion);
log(prefName, "is", url);
return url;
},
getLocale: function() {
const localePref = "general.useragent.locale";
let locale = Services.prefs.getCharPref(localePref);
try {
// Dumb. This API only works if pref is localized or has a user value.
locale = Services.prefs.getComplexValue(localePref, Ci.nsIPrefLocalizedString).data;
} catch (e) { }
return locale;
},
controlUpdateChecking: function() {
log("phishingEnabled:", this.phishingEnabled, "malwareEnabled:", this.malwareEnabled);
let listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].
getService(Ci.nsIUrlListManager);
if (this.phishingEnabled)
listManager.enableUpdate(phishingList);
else
listManager.disableUpdate(phishingList);
if (this.malwareEnabled)
listManager.enableUpdate(malwareList);
else
listManager.disableUpdate(malwareList);
},
addMozEntries: function() {
// Add test entries to the DB.
// XXX this should really just be done by DB itself for all moz apps.
const phishURL = "mozilla.org/firefox/its-a-trap.html";
const malwareURL = "mozilla.org/firefox/its-an-attack.html";
let update = "n:1000\ni:test-malware-simple\nad:1\n" +
"a:1:32:" + malwareURL.length + "\n" +
malwareURL;
update += "n:1000\ni:test-phish-simple\nad:1\n" +
"a:1:32:" + phishURL.length + "\n" +
phishURL;
log("addMozEntries:", update);
let db = Cc["@mozilla.org/url-classifier/dbservice;1"].
getService(Ci.nsIUrlClassifierDBService);
// nsIUrlClassifierUpdateObserver
let dummyListener = {
updateUrlRequested: function() { },
streamFinished: function() { },
updateError: function() { },
updateSuccess: function() { }
};
try {
db.beginUpdate(dummyListener, "test-malware-simple,test-phish-simple", "");
db.beginStream("", "");
db.updateStream(update);
db.finishStream();
db.finishUpdate();
} catch(ex) {
// beginUpdate will throw harmlessly if there's an existing update in progress, ignore failures.
log("addMozEntries failed!", ex);
}
},
};