Source code

Revision control

Other Tools

1
/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
2
/* This Source Code Form is subject to the terms of the Mozilla Public
3
* License, v. 2.0. If a copy of the MPL was not distributed with this
4
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
5
6
const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm");
7
8
var EXPORTED_SYMBOLS = ["BlockedSiteChild"];
9
10
const { ActorChild } = ChromeUtils.import(
12
);
13
ChromeUtils.defineModuleGetter(
14
this,
15
"E10SUtils",
17
);
18
19
ChromeUtils.defineModuleGetter(
20
this,
21
"SafeBrowsing",
23
);
24
25
function getSiteBlockedErrorDetails(docShell) {
26
let blockedInfo = {};
27
if (docShell.failedChannel) {
28
let classifiedChannel = docShell.failedChannel.QueryInterface(
29
Ci.nsIClassifiedChannel
30
);
31
if (classifiedChannel) {
32
let httpChannel = docShell.failedChannel.QueryInterface(
33
Ci.nsIHttpChannel
34
);
35
36
let reportUri = httpChannel.URI;
37
38
// Remove the query to avoid leaking sensitive data
39
if (reportUri instanceof Ci.nsIURL) {
40
reportUri = reportUri
41
.mutate()
42
.setQuery("")
43
.finalize();
44
}
45
46
let triggeringPrincipal = docShell.failedChannel.loadInfo
47
? E10SUtils.serializePrincipal(
48
docShell.failedChannel.loadInfo.triggeringPrincipal
49
)
50
: null;
51
blockedInfo = {
52
list: classifiedChannel.matchedList,
53
triggeringPrincipal,
54
provider: classifiedChannel.matchedProvider,
55
uri: reportUri.asciiSpec,
56
};
57
}
58
}
59
return blockedInfo;
60
}
61
62
class BlockedSiteChild extends ActorChild {
63
receiveMessage(msg) {
64
if (msg.name == "DeceptiveBlockedDetails") {
65
this.mm.sendAsyncMessage("DeceptiveBlockedDetails:Result", {
66
blockedInfo: getSiteBlockedErrorDetails(this.mm.docShell),
67
});
68
}
69
}
70
71
handleEvent(event) {
72
if (event.type == "AboutBlockedLoaded") {
73
this.onAboutBlockedLoaded(event);
74
} else if (event.type == "click" && event.button == 0) {
75
this.onClick(event);
76
}
77
}
78
79
onAboutBlockedLoaded(aEvent) {
80
let global = this.mm;
81
let content = aEvent.target.ownerGlobal;
82
83
let blockedInfo = getSiteBlockedErrorDetails(global.docShell);
84
let provider = blockedInfo.provider || "";
85
86
let doc = content.document;
87
88
/**
89
* Set error description link in error details.
90
* For example, the "reported as a deceptive site" link for
91
* blocked phishing pages.
92
*/
93
let desc = Services.prefs.getCharPref(
94
"browser.safebrowsing.provider." + provider + ".reportURL",
95
""
96
);
97
if (desc) {
98
doc
99
.getElementById("error_desc_link")
100
.setAttribute("href", desc + encodeURIComponent(aEvent.detail.url));
101
}
102
103
// Set other links in error details.
104
switch (aEvent.detail.err) {
105
case "malware":
106
doc
107
.getElementById("report_detection")
108
.setAttribute(
109
"href",
110
SafeBrowsing.getReportURL("MalwareMistake", blockedInfo) ||
112
);
113
doc
114
.getElementById("learn_more_link")
115
.setAttribute("href", "https://www.stopbadware.org/firefox");
116
break;
117
case "unwanted":
118
doc
119
.getElementById("learn_more_link")
120
.setAttribute(
121
"href",
123
);
124
break;
125
case "phishing":
126
doc
127
.getElementById("report_detection")
128
.setAttribute(
129
"href",
130
SafeBrowsing.getReportURL("PhishMistake", blockedInfo) ||
132
);
133
doc
134
.getElementById("learn_more_link")
135
.setAttribute("href", "https://www.antiphishing.org//");
136
break;
137
}
138
139
// Set the firefox support url.
140
doc
141
.getElementById("firefox_support")
142
.setAttribute(
143
"href",
144
Services.urlFormatter.formatURLPref("app.support.baseURL") +
145
"phishing-malware"
146
);
147
148
// Show safe browsing details on load if the pref is set to true.
149
let showDetails = Services.prefs.getBoolPref(
150
"browser.xul.error_pages.show_safe_browsing_details_on_load"
151
);
152
if (showDetails) {
153
let details = content.document.getElementById(
154
"errorDescriptionContainer"
155
);
156
details.removeAttribute("hidden");
157
}
158
159
// Set safe browsing advisory link.
160
let advisoryUrl = Services.prefs.getCharPref(
161
"browser.safebrowsing.provider." + provider + ".advisoryURL",
162
""
163
);
164
let advisoryDesc = content.document.getElementById("advisoryDescText");
165
if (!advisoryUrl) {
166
advisoryDesc.remove();
167
return;
168
}
169
170
let advisoryLinkText = Services.prefs.getCharPref(
171
"browser.safebrowsing.provider." + provider + ".advisoryName",
172
""
173
);
174
if (!advisoryLinkText) {
175
advisoryDesc.remove();
176
return;
177
}
178
179
content.document.l10n.setAttributes(
180
advisoryDesc,
181
"safeb-palm-advisory-desc",
182
{ advisoryname: advisoryLinkText }
183
);
184
content.document
185
.getElementById("advisory_provider")
186
.setAttribute("href", advisoryUrl);
187
}
188
189
onClick(event) {
190
let ownerDoc = event.target.ownerDocument;
191
if (!ownerDoc) {
192
return;
193
}
194
195
var reason = "phishing";
196
if (/e=malwareBlocked/.test(ownerDoc.documentURI)) {
197
reason = "malware";
198
} else if (/e=unwantedBlocked/.test(ownerDoc.documentURI)) {
199
reason = "unwanted";
200
} else if (/e=harmfulBlocked/.test(ownerDoc.documentURI)) {
201
reason = "harmful";
202
}
203
204
this.mm.sendAsyncMessage("Browser:SiteBlockedError", {
205
location: ownerDoc.location.href,
206
reason,
207
elementId: event.target.getAttribute("id"),
208
isTopFrame: ownerDoc.defaultView.parent === ownerDoc.defaultView,
209
blockedInfo: getSiteBlockedErrorDetails(ownerDoc.defaultView.docShell),
210
});
211
}
212
}