Source code

Revision control

Other Tools

1
/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
2
/* This Source Code Form is subject to the terms of the Mozilla Public
3
* License, v. 2.0. If a copy of the MPL was not distributed with this
4
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
5
6
const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm");
7
8
var EXPORTED_SYMBOLS = ["BlockedSiteChild"];
9
10
ChromeUtils.defineModuleGetter(
11
this,
12
"SafeBrowsing",
14
);
15
16
function getSiteBlockedErrorDetails(docShell) {
17
let blockedInfo = {};
18
if (docShell.failedChannel) {
19
let classifiedChannel = docShell.failedChannel.QueryInterface(
20
Ci.nsIClassifiedChannel
21
);
22
if (classifiedChannel) {
23
let httpChannel = docShell.failedChannel.QueryInterface(
24
Ci.nsIHttpChannel
25
);
26
27
let reportUri = httpChannel.URI;
28
29
// Remove the query to avoid leaking sensitive data
30
if (reportUri instanceof Ci.nsIURL) {
31
reportUri = reportUri
32
.mutate()
33
.setQuery("")
34
.finalize();
35
}
36
37
let triggeringPrincipal = docShell.failedChannel.loadInfo
38
? docShell.failedChannel.loadInfo.triggeringPrincipal
39
: null;
40
blockedInfo = {
41
list: classifiedChannel.matchedList,
42
triggeringPrincipal,
43
provider: classifiedChannel.matchedProvider,
44
uri: reportUri.asciiSpec,
45
};
46
}
47
}
48
return blockedInfo;
49
}
50
51
class BlockedSiteChild extends JSWindowActorChild {
52
receiveMessage(msg) {
53
if (msg.name == "DeceptiveBlockedDetails") {
54
return getSiteBlockedErrorDetails(this.docShell);
55
}
56
return null;
57
}
58
59
handleEvent(event) {
60
if (event.type == "AboutBlockedLoaded") {
61
this.onAboutBlockedLoaded(event);
62
} else if (event.type == "click" && event.button == 0) {
63
this.onClick(event);
64
}
65
}
66
67
onAboutBlockedLoaded(aEvent) {
68
let content = aEvent.target.ownerGlobal;
69
70
let blockedInfo = getSiteBlockedErrorDetails(this.docShell);
71
let provider = blockedInfo.provider || "";
72
73
let doc = content.document;
74
75
/**
76
* Set error description link in error details.
77
* For example, the "reported as a deceptive site" link for
78
* blocked phishing pages.
79
*/
80
let desc = Services.prefs.getCharPref(
81
"browser.safebrowsing.provider." + provider + ".reportURL",
82
""
83
);
84
if (desc) {
85
doc
86
.getElementById("error_desc_link")
87
.setAttribute("href", desc + encodeURIComponent(aEvent.detail.url));
88
}
89
90
// Set other links in error details.
91
switch (aEvent.detail.err) {
92
case "malware":
93
doc
94
.getElementById("report_detection")
95
.setAttribute(
96
"href",
97
SafeBrowsing.getReportURL("MalwareMistake", blockedInfo) ||
99
);
100
doc
101
.getElementById("learn_more_link")
102
.setAttribute("href", "https://www.stopbadware.org/firefox");
103
break;
104
case "unwanted":
105
doc
106
.getElementById("learn_more_link")
107
.setAttribute(
108
"href",
110
);
111
break;
112
case "phishing":
113
doc
114
.getElementById("report_detection")
115
.setAttribute(
116
"href",
117
SafeBrowsing.getReportURL("PhishMistake", blockedInfo) ||
119
);
120
doc
121
.getElementById("learn_more_link")
122
.setAttribute("href", "https://www.antiphishing.org//");
123
break;
124
}
125
126
// Set the firefox support url.
127
doc
128
.getElementById("firefox_support")
129
.setAttribute(
130
"href",
131
Services.urlFormatter.formatURLPref("app.support.baseURL") +
132
"phishing-malware"
133
);
134
135
// Show safe browsing details on load if the pref is set to true.
136
let showDetails = Services.prefs.getBoolPref(
137
"browser.xul.error_pages.show_safe_browsing_details_on_load"
138
);
139
if (showDetails) {
140
let details = content.document.getElementById(
141
"errorDescriptionContainer"
142
);
143
details.removeAttribute("hidden");
144
}
145
146
// Set safe browsing advisory link.
147
let advisoryUrl = Services.prefs.getCharPref(
148
"browser.safebrowsing.provider." + provider + ".advisoryURL",
149
""
150
);
151
let advisoryDesc = content.document.getElementById("advisoryDescText");
152
if (!advisoryUrl) {
153
advisoryDesc.remove();
154
return;
155
}
156
157
let advisoryLinkText = Services.prefs.getCharPref(
158
"browser.safebrowsing.provider." + provider + ".advisoryName",
159
""
160
);
161
if (!advisoryLinkText) {
162
advisoryDesc.remove();
163
return;
164
}
165
166
content.document.l10n.setAttributes(
167
advisoryDesc,
168
"safeb-palm-advisory-desc",
169
{ advisoryname: advisoryLinkText }
170
);
171
content.document
172
.getElementById("advisory_provider")
173
.setAttribute("href", advisoryUrl);
174
}
175
176
onClick(event) {
177
let ownerDoc = event.target.ownerDocument;
178
if (!ownerDoc) {
179
return;
180
}
181
182
var reason = "phishing";
183
if (/e=malwareBlocked/.test(ownerDoc.documentURI)) {
184
reason = "malware";
185
} else if (/e=unwantedBlocked/.test(ownerDoc.documentURI)) {
186
reason = "unwanted";
187
} else if (/e=harmfulBlocked/.test(ownerDoc.documentURI)) {
188
reason = "harmful";
189
}
190
191
this.sendAsyncMessage("Browser:SiteBlockedError", {
192
location: ownerDoc.location.href,
193
reason,
194
elementId: event.target.getAttribute("id"),
195
blockedInfo: getSiteBlockedErrorDetails(this.docShell),
196
});
197
}
198
}