Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-29 15:52:07 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 317720 Some emails use <area href> to get round phishing detection

Browse Source 
p=me r=neil.parkwaycc.co.uk sr=mscott
This commit is contained in:
bugzilla%arlen.demon.co.uk 2005-11-29 23:54:38 +00:00
parent 4e4b58e6fa
commit c017ee0cb7
2 changed files with 11 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
mail/base/content/phishingDetector.js
View File

@ -64,10 +64,10 @@ function isMsgEmailScam(aUrl)
// loop through all of the link nodes in the message's DOM, looking for phishing URLs...
var msgDocument = document.getElementById('messagepane').contentDocument;
// examine all anchor tags...
var anchorNodes = msgDocument.getElementsByTagName("a");
for (var index = 0; index < anchorNodes.length && !isEmailScam; index++)
isEmailScam = isPhishingURL(anchorNodes[index], true);
// examine all links...
var linkNodes = msgDocument.links;
for (var index = 0; index < linkNodes.length && !isEmailScam; index++)
isEmailScam = isPhishingURL(linkNodes[index], true);
// if an e-mail contains a form element, then assume the message is a phishing attack.
// Legitimate sites should not be using forms inside of e-mail.

13
mailnews/base/resources/content/phishingDetector.js
View File

@ -63,19 +63,20 @@ function isMsgEmailScam(aUrl)
// loop through all of the link nodes in the message's DOM, looking for phishing URLs...
var msgDocument = document.getElementById('messagepane').contentDocument;
var index;
// examine all anchor tags...
var anchorNodes = msgDocument.getElementsByTagName("a");
for (var index = 0; index < anchorNodes.length && !isEmailScam; index++)
isEmailScam = isPhishingURL(anchorNodes[index], true);
// examine all links...
var linkNodes = msgDocument.links;
for (index = 0; index < linkNodes.length && !isEmailScam; index++)
isEmailScam = isPhishingURL(linkNodes[index], true);
// if an e-mail contains a non-addressbook form element, then assume the message is
// a phishing attack. Legitimate sites should not be using forms inside of e-mail
if (!isEmailScam)
{
var forms = msgDocument.getElementsByTagName("form");
for (var i = 0; i < forms.length && !isEmailScam; i++)
isEmailScam = forms[i].action.search("addbook") != 0;
for (index = 0; index < forms.length && !isEmailScam; index++)
isEmailScam = !/^addbook:/.test(forms[index].action);
}
// we'll add more checks here as our detector matures....