Bug 1216723 - Add a new -forbid- Safe Browsing list type. r=gcp,r=smaug

This commit is contained in:
Francois Marier 2015-11-20 20:24:50 -08:00
parent e6105bca07
commit 8a1fa6c429
22 changed files with 233 additions and 187 deletions

View File

@ -32,6 +32,7 @@ externalProtocolLaunchBtn=Launch application
malwareBlocked=The site at %S has been reported as an attack site and has been blocked based on your security preferences.
unwantedBlocked=The site at %S has been reported as serving unwanted software and has been blocked based on your security preferences.
phishingBlocked=The website at %S has been reported as a web forgery designed to trick users into sharing personal or financial information.
forbiddenBlocked=The site at %S has been blocked by your browser configuration.
cspBlocked=This page has a content security policy that prevents it from being loaded in this way.
corruptedContentError=The page you are trying to view cannot be shown because an error in the data transmission was detected.
remoteXUL=This page uses an unsupported technology that is no longer available by default in Firefox.

View File

@ -423,6 +423,7 @@
<h1 id="et_nssBadCert">&nssBadCert.title;</h1>
<h1 id="et_malwareBlocked">&malwareBlocked.title;</h1>
<h1 id="et_unwantedBlocked">&unwantedBlocked.title;</h1>
<h1 id="et_forbiddenBlocked">&forbiddenBlocked.title;</h1>
<h1 id="et_cspBlocked">&cspBlocked.title;</h1>
<h1 id="et_remoteXUL">&remoteXUL.title;</h1>
<h1 id="et_corruptedContentError">&corruptedContentError.title;</h1>
@ -452,6 +453,7 @@
<div id="ed_nssBadCert">&nssBadCert.longDesc2;</div>
<div id="ed_malwareBlocked">&malwareBlocked.longDesc;</div>
<div id="ed_unwantedBlocked">&unwantedBlocked.longDesc;</div>
<div id="ed_forbiddenBlocked">&forbiddenBlocked.longDesc;</div>
<div id="ed_cspBlocked">&cspBlocked.longDesc;</div>
<div id="ed_remoteXUL">&remoteXUL.longDesc;</div>
<div id="ed_corruptedContentError">&corruptedContentError.longDesc;</div>

View File

@ -68,110 +68,71 @@
return getURL();
}
}
function initPage()
{
// Handoff to the appropriate initializer, based on error code
var error = "";
switch (getErrorCode()) {
case "malwareBlocked" :
initPage_malware();
error = "malware";
break;
case "phishingBlocked" :
initPage_phishing();
error = "phishing";
break;
case "unwantedBlocked" :
initPage_unwanted();
error = "unwanted";
break;
case "forbiddenBlocked" :
error = "forbidden";
break;
default:
return;
}
}
/**
* Initialize custom strings and functionality for blocked malware case
*/
function initPage_malware()
{
// Remove phishing and unwanted strings
var el = document.getElementById("errorTitleText_phishing");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_phishing");
el.parentNode.removeChild(el);
var el;
el = document.getElementById("errorLongDescText_phishing");
el.parentNode.removeChild(el);
if (error !== "malware") {
el = document.getElementById("errorTitleText_malware");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_malware");
el.parentNode.removeChild(el);
el = document.getElementById("errorLongDescText_malware");
el.parentNode.removeChild(el);
}
el = document.getElementById("errorTitleText_unwanted");
el.parentNode.removeChild(el);
if (error !== "phishing") {
el = document.getElementById("errorTitleText_phishing");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_phishing");
el.parentNode.removeChild(el);
el = document.getElementById("errorLongDescText_phishing");
el.parentNode.removeChild(el);
}
el = document.getElementById("errorShortDescText_unwanted");
el.parentNode.removeChild(el);
if (error !== "unwanted") {
el = document.getElementById("errorTitleText_unwanted");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_unwanted");
el.parentNode.removeChild(el);
el = document.getElementById("errorLongDescText_unwanted");
el.parentNode.removeChild(el);
}
el = document.getElementById("errorLongDescText_unwanted");
el.parentNode.removeChild(el);
if (error !== "forbidden") {
el = document.getElementById("errorTitleText_forbidden");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_forbidden");
el.parentNode.removeChild(el);
} else {
el = document.getElementById("ignoreWarningButton");
el.parentNode.removeChild(el);
el = document.getElementById("reportButton");
el.parentNode.removeChild(el);
}
// Set sitename
document.getElementById("malware_sitename").textContent = getHostString();
document.title = document.getElementById("errorTitleText_malware")
.innerHTML;
}
/**
* Initialize custom strings and functionality for blocked malware case
*/
function initPage_unwanted()
{
// Remove phishing and malware strings
var el = document.getElementById("errorTitleText_phishing");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_phishing");
el.parentNode.removeChild(el);
el = document.getElementById("errorLongDescText_phishing");
el.parentNode.removeChild(el);
el = document.getElementById("errorTitleText_malware");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_malware");
el.parentNode.removeChild(el);
el = document.getElementById("errorLongDescText_malware");
el.parentNode.removeChild(el);
// Set sitename
document.getElementById("unwanted_sitename").textContent = getHostString();
document.title = document.getElementById("errorTitleText_unwanted")
.innerHTML;
}
/**
* Initialize custom strings and functionality for blocked phishing case
*/
function initPage_phishing()
{
// Remove malware and unwanted strings
var el = document.getElementById("errorTitleText_malware");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_malware");
el.parentNode.removeChild(el);
el = document.getElementById("errorLongDescText_malware");
el.parentNode.removeChild(el);
el = document.getElementById("errorTitleText_unwanted");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_unwanted");
el.parentNode.removeChild(el);
el = document.getElementById("errorLongDescText_unwanted");
el.parentNode.removeChild(el);
// Set sitename
document.getElementById("phishing_sitename").textContent = getHostString();
document.title = document.getElementById("errorTitleText_phishing")
document.getElementById(error + "_sitename").textContent = getHostString();
document.title = document.getElementById("errorTitleText_" + error)
.innerHTML;
}
]]></script>
@ -213,6 +174,7 @@
<h1 id="errorTitleText_phishing">&safeb.blocked.phishingPage.title;</h1>
<h1 id="errorTitleText_malware">&safeb.blocked.malwarePage.title;</h1>
<h1 id="errorTitleText_unwanted">&safeb.blocked.unwantedPage.title;</h1>
<h1 id="errorTitleText_forbidden">&safeb.blocked.forbiddenPage.title;</h1>
</div>
<div id="errorLongContent">
@ -222,6 +184,7 @@
<p id="errorShortDescText_phishing">&safeb.blocked.phishingPage.shortDesc;</p>
<p id="errorShortDescText_malware">&safeb.blocked.malwarePage.shortDesc;</p>
<p id="errorShortDescText_unwanted">&safeb.blocked.unwantedPage.shortDesc;</p>
<p id="errorShortDescText_forbidden">&safeb.blocked.forbiddenPage.shortDesc;</p>
</div>
<!-- Long Description -->

View File

@ -2998,10 +2998,16 @@ var BrowserOnClick = {
onAboutBlocked: function (elementId, reason, isTopFrame, location) {
// Depending on what page we are displaying here (malware/phishing/unwanted)
// use the right strings and links for each.
let bucketName = "WARNING_PHISHING_PAGE_";
let bucketName = "";
let sendTelemetry = false;
if (reason === 'malware') {
sendTelemetry = true;
bucketName = "WARNING_MALWARE_PAGE_";
} else if (reason === 'phishing') {
sendTelemetry = true;
bucketName = "WARNING_PHISHING_PAGE_";
} else if (reason === 'unwanted') {
sendTelemetry = true;
bucketName = "WARNING_UNWANTED_PAGE_";
}
let secHistogram = Services.telemetry.getHistogramById("SECURITY_UI");
@ -3009,7 +3015,9 @@ var BrowserOnClick = {
bucketName += isTopFrame ? "TOP_" : "FRAME_";
switch (elementId) {
case "getMeOutButton":
secHistogram.add(nsISecTel[bucketName + "GET_ME_OUT_OF_HERE"]);
if (sendTelemetry) {
secHistogram.add(nsISecTel[bucketName + "GET_ME_OUT_OF_HERE"]);
}
getMeOutOfHere();
break;
@ -3019,13 +3027,16 @@ var BrowserOnClick = {
// We log even if malware/phishing/unwanted info URL couldn't be found:
// the measurement is for how many users clicked the WHY BLOCKED button
secHistogram.add(nsISecTel[bucketName + "WHY_BLOCKED"]);
if (sendTelemetry) {
secHistogram.add(nsISecTel[bucketName + "WHY_BLOCKED"]);
}
openHelpLink("phishing-malware", false, "current");
break;
case "ignoreWarningButton":
secHistogram.add(nsISecTel[bucketName + "IGNORE_WARNING"]);
if (sendTelemetry) {
secHistogram.add(nsISecTel[bucketName + "IGNORE_WARNING"]);
}
this.ignoreWarningButton(reason);
break;
}
@ -3094,6 +3105,8 @@ var BrowserOnClick = {
title = gNavigatorBundle.getString("safebrowsing.reportedUnwantedSite");
// There is no button for reporting errors since Google doesn't currently
// provide a URL endpoint for these reports.
} else {
return; // no notifications for forbidden sites
}
let notificationBox = gBrowser.getNotificationBox();

View File

@ -460,6 +460,8 @@ var ClickEventHandler = {
reason = 'malware';
} else if (/e=unwantedBlocked/.test(ownerDoc.documentURI)) {
reason = 'unwanted';
} else if (/e=forbiddenBlocked/.test(ownerDoc.documentURI)) {
reason = 'forbidden';
}
sendAsyncMessage("Browser:SiteBlockedError", {
location: ownerDoc.location.href,

View File

@ -8,16 +8,21 @@
<!ENTITY safeb.palm.reportPage.label "Why was this page blocked?">
<!ENTITY safeb.blocked.malwarePage.title "Reported Attack Page!">
<!-- Localization note (safeb.blocked.malware.shortDesc) - Please don't translate the contents of the <span id="malware_sitename"/> tag. It will be replaced at runtime with a domain name (e.g. www.badsite.com) -->
<!-- Localization note (safeb.blocked.malwarePage.shortDesc) - Please don't translate the contents of the <span id="malware_sitename"/> tag. It will be replaced at runtime with a domain name (e.g. www.badsite.com) -->
<!ENTITY safeb.blocked.malwarePage.shortDesc "This web page at <span id='malware_sitename'/> has been reported as an attack page and has been blocked based on your security preferences.">
<!ENTITY safeb.blocked.malwarePage.longDesc "<p>Attack pages try to install programs that steal private information, use your computer to attack others, or damage your system.</p><p>Some attack pages intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners.</p>">
<!ENTITY safeb.blocked.unwantedPage.title "Reported Unwanted Software Page!">
<!-- Localization note (safeb.blocked.malware.shortDesc) - Please don't translate the contents of the <span id="unwanted_sitename"/> tag. It will be replaced at runtime with a domain name (e.g. www.badsite.com) -->
<!-- Localization note (safeb.blocked.unwantedPage.shortDesc) - Please don't translate the contents of the <span id="unwanted_sitename"/> tag. It will be replaced at runtime with a domain name (e.g. www.badsite.com) -->
<!ENTITY safeb.blocked.unwantedPage.shortDesc "This web page at <span id='unwanted_sitename'/> has been reported to contain unwanted software and has been blocked based on your security preferences.">
<!ENTITY safeb.blocked.unwantedPage.longDesc "<p>Unwanted software pages try to install software that can be deceptive and affect your system in unexpected ways.</p>">
<!ENTITY safeb.blocked.phishingPage.title "Reported Web Forgery!">
<!-- Localization note (safeb.blocked.phishing.shortDesc) - Please don't translate the contents of the <span id="phishing_sitename"/> tag. It will be replaced at runtime with a domain name (e.g. www.badsite.com) -->
<!-- Localization note (safeb.blocked.phishingPage.shortDesc) - Please don't translate the contents of the <span id="phishing_sitename"/> tag. It will be replaced at runtime with a domain name (e.g. www.badsite.com) -->
<!ENTITY safeb.blocked.phishingPage.shortDesc "This web page at <span id='phishing_sitename'/> has been reported as a web forgery and has been blocked based on your security preferences.">
<!ENTITY safeb.blocked.phishingPage.longDesc "<p>Web forgeries are designed to trick you into revealing personal or financial information by imitating sources you may trust.</p><p>Entering any information on this web page may result in identity theft or other fraud.</p>">
<!ENTITY safeb.blocked.forbiddenPage.title "Forbidden Site">
<!-- Localization note (safeb.blocked.forbiddenPage.shortDesc) - Please don't translate the contents of the <span id="forbidden_sitename"/> tag. It will be replaced at runtime with a domain name (e.g. www.badsite.com) -->
<!ENTITY safeb.blocked.forbiddenPage.shortDesc "This Web page at <span id='forbidden_sitename'/> has been blocked based on your browser configuration.">

View File

@ -32,6 +32,7 @@ externalProtocolLaunchBtn=Launch application
malwareBlocked=The site at %S has been reported as an attack site and has been blocked based on your security preferences.
unwantedBlocked=The site at %S has been reported as serving unwanted software and has been blocked based on your security preferences.
phishingBlocked=The website at %S has been reported as a web forgery designed to trick users into sharing personal or financial information.
forbiddenBlocked=The site at %S has been blocked by your browser configuration.
cspBlocked=This page has a content security policy that prevents it from being loaded in this way.
corruptedContentError=The page you are trying to view cannot be shown because an error in the data transmission was detected.
remoteXUL=This page uses an unsupported technology that is no longer available by default in Firefox.

View File

@ -175,6 +175,10 @@ be temporary, and you can try again later.</li>
<p>These types of web forgeries are used in scams known as phishing attacks, in which fraudulent web pages and emails are used to imitate sources you may trust.</p>
">
<!ENTITY forbiddenBlocked.title "Forbidden Site">
<!ENTITY forbiddenBlocked.longDesc "<p>&brandShortName; prevented this page from loading because it is configured to block it.</p>
">
<!ENTITY cspBlocked.title "Blocked by Content Security Policy">
<!ENTITY cspBlocked.longDesc "<p>&brandShortName; prevented this page from loading in this way because the page has a content security policy that disallows it.</p>">

View File

@ -4909,7 +4909,8 @@ nsDocShell::DisplayLoadError(nsresult aError, nsIURI* aURI,
}
} else if (NS_ERROR_PHISHING_URI == aError ||
NS_ERROR_MALWARE_URI == aError ||
NS_ERROR_UNWANTED_URI == aError) {
NS_ERROR_UNWANTED_URI == aError ||
NS_ERROR_FORBIDDEN_URI == aError) {
nsAutoCString host;
aURI->GetHost(host);
CopyUTF8toUTF16(host, formatStrs[0]);
@ -4924,21 +4925,27 @@ nsDocShell::DisplayLoadError(nsresult aError, nsIURI* aURI,
}
uint32_t bucketId;
bool sendTelemetry = false;
if (NS_ERROR_PHISHING_URI == aError) {
sendTelemetry = true;
error.AssignLiteral("phishingBlocked");
bucketId = IsFrame() ? nsISecurityUITelemetry::WARNING_PHISHING_PAGE_FRAME
: nsISecurityUITelemetry::WARNING_PHISHING_PAGE_TOP;
} else if (NS_ERROR_MALWARE_URI == aError) {
sendTelemetry = true;
error.AssignLiteral("malwareBlocked");
bucketId = IsFrame() ? nsISecurityUITelemetry::WARNING_MALWARE_PAGE_FRAME
: nsISecurityUITelemetry::WARNING_MALWARE_PAGE_TOP;
} else {
} else if (NS_ERROR_UNWANTED_URI == aError) {
sendTelemetry = true;
error.AssignLiteral("unwantedBlocked");
bucketId = IsFrame() ? nsISecurityUITelemetry::WARNING_UNWANTED_PAGE_FRAME
: nsISecurityUITelemetry::WARNING_UNWANTED_PAGE_TOP;
} else if (NS_ERROR_FORBIDDEN_URI == aError) {
error.AssignLiteral("forbiddenBlocked");
}
if (errorPage.EqualsIgnoreCase("blocked")) {
if (sendTelemetry && errorPage.EqualsIgnoreCase("blocked")) {
Telemetry::Accumulate(Telemetry::SECURITY_UI, bucketId);
}
@ -7699,6 +7706,7 @@ nsDocShell::EndPageLoad(nsIWebProgress* aProgress,
aStatus == NS_ERROR_MALWARE_URI ||
aStatus == NS_ERROR_PHISHING_URI ||
aStatus == NS_ERROR_UNWANTED_URI ||
aStatus == NS_ERROR_FORBIDDEN_URI ||
aStatus == NS_ERROR_UNSAFE_CONTENT_TYPE ||
aStatus == NS_ERROR_REMOTE_XUL ||
aStatus == NS_ERROR_INTERCEPTION_FAILED ||

View File

@ -295,6 +295,7 @@
<h1 id="et_nssBadCert">&nssBadCert.title;</h1>
<h1 id="et_malwareBlocked">&malwareBlocked.title;</h1>
<h1 id="et_unwantedBlocked">&unwantedBlocked.title;</h1>
<h1 id="et_forbiddenBlocked">&forbiddenBlocked.title;</h1>
<h1 id="et_cspBlocked">&cspBlocked.title;</h1>
<h1 id="et_remoteXUL">&remoteXUL.title;</h1>
<h1 id="et_corruptedContentError">&corruptedContentError.title;</h1>
@ -322,6 +323,7 @@
<div id="ed_nssBadCert">&nssBadCert.longDesc2;</div>
<div id="ed_malwareBlocked">&malwareBlocked.longDesc;</div>
<div id="ed_unwantedBlocked">&unwantedBlocked.longDesc;</div>
<div id="ed_forbiddenBlocked">&forbiddenBlocked.longDesc;</div>
<div id="ed_cspBlocked">&cspBlocked.longDesc;</div>
<div id="ed_remoteXUL">&remoteXUL.longDesc;</div>
<div id="ed_corruptedContentError">&corruptedContentError.longDesc;</div>

View File

@ -2037,6 +2037,9 @@ BrowserElementChild.prototype = {
case Cr.NS_ERROR_UNWANTED_URI :
sendAsyncMsg('error', { type: 'unwantedBlocked' });
return;
case Cr.NS_ERROR_FORBIDDEN_URI :
sendAsyncMsg('error', { type: 'forbiddenBlocked' });
return;
case Cr.NS_ERROR_OFFLINE :
sendAsyncMsg('error', { type: 'offline' });

View File

@ -31,6 +31,7 @@ externalProtocolLaunchBtn=Launch application
malwareBlocked=The site at %S has been reported as an attack site and has been blocked based on your security preferences.
unwantedBlocked=The site at %S has been reported as serving unwanted software and has been blocked based on your security preferences.
phishingBlocked=The website at %S has been reported as a web forgery designed to trick users into sharing personal or financial information.
forbiddenBlocked=The site at %S has been blocked by your browser configuration.
cspBlocked=This page has a content security policy that prevents it from being loaded in this way.
corruptedContentError=The page you are trying to view cannot be shown because an error in the data transmission was detected.
remoteXUL=This page uses an unsupported technology that is no longer available by default.

View File

@ -92,6 +92,10 @@
<p>These types of web forgeries are used in scams known as phishing attacks, in which fraudulent web pages and emails are used to imitate sources you may trust.</p>
">
<!ENTITY forbiddenBlocked.title "Forbidden Site">
<!ENTITY forbiddenBlocked.longDesc "<p>The browser prevented this page from loading because it is configured to block it.</p>
">
<!ENTITY securityOverride.linkText "Or you can add an exception…">
<!ENTITY securityOverride.warningContent "
<p>You should not add an exception if you are using an internet connection that you do not trust completely or if you are not used to seeing a warning for this server.</p>

View File

@ -69,100 +69,71 @@
return getURL();
}
}
function initPage()
{
// Handoff to the appropriate initializer, based on error code
var error = "";
switch (getErrorCode()) {
case "malwareBlocked" :
initPage_malware();
error = "malware";
break;
case "phishingBlocked" :
initPage_phishing();
error = "phishing";
break;
case "unwantedBlocked" :
initPage_unwanted();
error = "unwanted";
break;
case "forbiddenBlocked" :
error = "forbidden";
break;
default:
return;
}
}
/**
* Initialize custom strings and functionality for blocked malware case
*/
function initPage_malware()
{
// Remove phishing/unwanted strings
var el = document.getElementById("errorTitleText_phishing");
el.parentNode.removeChild(el);
el = document.getElementById("errorTitleText_unwanted");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_phishing");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_unwanted");
el.parentNode.removeChild(el);
var el;
el = document.getElementById("errorLongDescText_phishing");
el.parentNode.removeChild(el);
el = document.getElementById("errorLongDescText_unwanted");
el.parentNode.removeChild(el);
if (error !== "malware") {
el = document.getElementById("errorTitleText_malware");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_malware");
el.parentNode.removeChild(el);
el = document.getElementById("errorLongDescText_malware");
el.parentNode.removeChild(el);
}
if (error !== "phishing") {
el = document.getElementById("errorTitleText_phishing");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_phishing");
el.parentNode.removeChild(el);
el = document.getElementById("errorLongDescText_phishing");
el.parentNode.removeChild(el);
}
if (error !== "unwanted") {
el = document.getElementById("errorTitleText_unwanted");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_unwanted");
el.parentNode.removeChild(el);
el = document.getElementById("errorLongDescText_unwanted");
el.parentNode.removeChild(el);
}
if (error !== "forbidden") {
el = document.getElementById("errorTitleText_forbidden");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_forbidden");
el.parentNode.removeChild(el);
} else {
el = document.getElementById("ignoreWarningButton");
el.parentNode.removeChild(el);
el = document.getElementById("reportButton");
el.parentNode.removeChild(el);
}
// Set sitename
document.getElementById("malware_sitename").textContent = getHostString();
document.title = document.getElementById("errorTitleText_malware")
.innerHTML;
}
/**
* Initialize custom strings and functionality for blocked phishing case
*/
function initPage_phishing()
{
// Remove malware/unwanted strings
var el = document.getElementById("errorTitleText_malware");
el.parentNode.removeChild(el);
el = document.getElementById("errorTitleText_unwanted");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_malware");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_unwanted");
el.parentNode.removeChild(el);
el = document.getElementById("errorLongDescText_malware");
el.parentNode.removeChild(el);
el = document.getElementById("errorLongDescText_unwanted");
el.parentNode.removeChild(el);
document.title = document.getElementById("errorTitleText_phishing")
.innerHTML;
}
/**
* Initialize custom strings and functionality for blocked unwanted
* software case
*/
function initPage_unwanted()
{
// Remove malware/phishing strings
var el = document.getElementById("errorTitleText_malware");
el.parentNode.removeChild(el);
el = document.getElementById("errorTitleText_phishing");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_malware");
el.parentNode.removeChild(el);
el = document.getElementById("errorShortDescText_phishing");
el.parentNode.removeChild(el);
el = document.getElementById("errorLongDescText_malware");
el.parentNode.removeChild(el);
el = document.getElementById("errorLongDescText_phishing");
el.parentNode.removeChild(el);
// Set sitename
document.getElementById("unwanted_sitename").textContent = getHostString();
document.title = document.getElementById("errorTitleText_unwanted")
document.getElementById(error + "_sitename").textContent = getHostString();
document.title = document.getElementById("errorTitleText_" + error)
.innerHTML;
}
]]></script>
@ -177,6 +148,7 @@
<h1 id="errorTitleText_phishing" class="errorTitleText">&safeb.blocked.phishingPage.title2;</h1>
<h1 id="errorTitleText_malware" class="errorTitleText">&safeb.blocked.malwarePage.title;</h1>
<h1 id="errorTitleText_unwanted" class="errorTitleText">&safeb.blocked.unwantedPage.title;</h1>
<h1 id="errorTitleText_forbidden" class="errorTitleText">&safeb.blocked.forbiddenPage.title;</h1>
</div>
<div id="errorLongContent">
@ -186,6 +158,7 @@
<p id="errorShortDescText_phishing">&safeb.blocked.phishingPage.shortDesc2;</p>
<p id="errorShortDescText_malware">&safeb.blocked.malwarePage.shortDesc;</p>
<p id="errorShortDescText_unwanted">&safeb.blocked.unwantedPage.shortDesc;</p>
<p id="errorShortDescText_forbidden">&safeb.blocked.forbiddenPage.shortDesc;</p>
</div>
<!-- Long Description -->

View File

@ -5287,6 +5287,8 @@ var ErrorPageEventHandler = {
bucketName = "WARNING_MALWARE_PAGE_";
} else if (errorDoc.documentURI.contains("e=unwantedBlocked")) {
bucketName = "WARNING_UNWANTED_PAGE_";
} else if (errorDoc.documentURI.contains("e=forbiddenBlocked")) {
return; // no telemetry for forbidden pages
}
let nsISecTel = Ci.nsISecurityUITelemetry;
let isIframe = (errorDoc.defaultView.parent === errorDoc.defaultView);

View File

@ -32,6 +32,7 @@ externalProtocolLaunchBtn=Launch application
malwareBlocked=The site at %S has been reported as an attack site and has been blocked based on your security preferences.
phishingBlocked=The website at %S has been reported as a web forgery designed to trick users into sharing personal or financial information.
unwantedBlocked=The site at %S has been reported as serving unwanted software and has been blocked based on your security preferences.
forbiddenBlocked=The site at %S has been blocked by your browser configuration.
cspBlocked=This page has a content security policy that prevents it from being loaded in this way.
corruptedContentError=The page you are trying to view cannot be shown because an error in the data transmission was detected.
remoteXUL=This page uses an unsupported technology that is no longer available by default in Firefox.

View File

@ -4829,13 +4829,17 @@ pref("urlclassifier.malwareTable", "goog-malware-shavar,goog-unwanted-shavar,tes
pref("urlclassifier.phishTable", "goog-phish-shavar,test-phish-simple");
pref("urlclassifier.downloadBlockTable", "");
pref("urlclassifier.downloadAllowTable", "");
pref("urlclassifier.disallow_completions", "test-malware-simple,test-phish-simple,test-unwanted-simple,test-track-simple,test-trackwhite-simple,goog-downloadwhite-digest256,mozstd-track-digest256,mozstd-trackwhite-digest256,mozfull-track-digest256");
pref("urlclassifier.disallow_completions", "test-malware-simple,test-phish-simple,test-unwanted-simple,test-track-simple,test-trackwhite-simple,test-forbid-simple,goog-downloadwhite-digest256,mozstd-track-digest256,mozstd-trackwhite-digest256,mozfull-track-digest256");
// The table and update/gethash URLs for Safebrowsing phishing and malware
// checks.
pref("urlclassifier.trackingTable", "test-track-simple,mozstd-track-digest256");
pref("urlclassifier.trackingWhitelistTable", "test-trackwhite-simple,mozstd-trackwhite-digest256");
// The table and global pref for blocking access to sites forbidden by policy
pref("browser.safebrowsing.forbiddenURIs.enabled", false);
pref("urlclassifier.forbiddenTable", "test-forbid-simple");
pref("browser.safebrowsing.provider.mozilla.lists", "mozstd-track-digest256,mozstd-trackwhite-digest256,mozfull-track-digest256");
pref("browser.safebrowsing.provider.mozilla.updateURL", "https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=%VERSION%&pver=2.2");
pref("browser.safebrowsing.provider.mozilla.gethashURL", "https://shavar.services.mozilla.com/gethash?client=SAFEBROWSING_ID&appver=%VERSION%&pver=2.2");

View File

@ -53,6 +53,7 @@ const downloadBlockLists = getLists("urlclassifier.downloadBlockTable");
const downloadAllowLists = getLists("urlclassifier.downloadAllowTable");
const trackingProtectionLists = getLists("urlclassifier.trackingTable");
const trackingProtectionWhitelists = getLists("urlclassifier.trackingWhitelistTable");
const forbiddenLists = getLists("urlclassifier.forbiddenTable");
this.SafeBrowsing = {
@ -102,12 +103,17 @@ this.SafeBrowsing = {
for (let i = 0; i < trackingProtectionWhitelists.length; ++i) {
this.registerTableWithURLs(trackingProtectionWhitelists[i]);
}
for (let i = 0; i < forbiddenLists.length; ++i) {
this.registerTableWithURLs(forbiddenLists[i]);
}
},
initialized: false,
phishingEnabled: false,
malwareEnabled: false,
initialized: false,
phishingEnabled: false,
malwareEnabled: false,
trackingEnabled: false,
forbiddenEnabled: false,
updateURL: null,
gethashURL: null,
@ -153,6 +159,7 @@ this.SafeBrowsing = {
this.phishingEnabled = Services.prefs.getBoolPref("browser.safebrowsing.enabled");
this.malwareEnabled = Services.prefs.getBoolPref("browser.safebrowsing.malware.enabled");
this.trackingEnabled = Services.prefs.getBoolPref("privacy.trackingprotection.enabled") || Services.prefs.getBoolPref("privacy.trackingprotection.pbmode.enabled");
this.forbiddenEnabled = Services.prefs.getBoolPref("browser.safebrowsing.forbiddenURIs.enabled");
this.updateProviderURLs();
this.registerTables();
@ -228,7 +235,8 @@ this.SafeBrowsing = {
controlUpdateChecking: function() {
log("phishingEnabled:", this.phishingEnabled, "malwareEnabled:",
this.malwareEnabled, "trackingEnabled:", this.trackingEnabled);
this.malwareEnabled, "trackingEnabled:", this.trackingEnabled,
"forbiddenEnabled:", this.forbiddenEnabled);
let listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].
getService(Ci.nsIUrlListManager);
@ -270,6 +278,13 @@ this.SafeBrowsing = {
listManager.disableUpdate(trackingProtectionWhitelists[i]);
}
}
for (let i = 0; i < forbiddenLists.length; ++i) {
if (this.forbiddenEnabled) {
listManager.enableUpdate(forbiddenLists[i]);
} else {
listManager.disableUpdate(forbiddenLists[i]);
}
}
listManager.maybeToggleUpdateChecking();
},
@ -285,6 +300,7 @@ this.SafeBrowsing = {
"itisatracker.org/",
];
const whitelistURL = "itisatrap.org/?resource=itisatracker.org";
const forbiddenURL = "itisatrap.org/firefox/forbidden.html";
let update = "n:1000\ni:test-malware-simple\nad:1\n" +
"a:1:32:" + malwareURL.length + "\n" +
@ -304,6 +320,9 @@ this.SafeBrowsing = {
update += "n:1000\ni:test-trackwhite-simple\nad:1\n" +
"a:1:32:" + whitelistURL.length + "\n" +
whitelistURL;
update += "n:1000\ni:test-forbid-simple\nad:1\n" +
"a:1:32:" + forbiddenURL.length + "\n" +
forbiddenURL;
log("addMozEntries:", update);
let db = Cc["@mozilla.org/url-classifier/dbservice;1"].
@ -318,7 +337,7 @@ this.SafeBrowsing = {
};
try {
let tables = "test-malware-simple,test-phish-simple,test-unwanted-simple,test-track-simple,test-trackwhite-simple";
let tables = "test-malware-simple,test-phish-simple,test-unwanted-simple,test-track-simple,test-trackwhite-simple,test-forbid-simple";
db.beginUpdate(dummyListener, tables, "");
db.beginStream("", "");
db.updateStream(update);

View File

@ -72,6 +72,9 @@ PRLogModuleInfo *gUrlClassifierDbServiceLog = nullptr;
#define CHECK_TRACKING_PB_PREF "privacy.trackingprotection.pbmode.enabled"
#define CHECK_TRACKING_PB_DEFAULT false
#define CHECK_FORBIDDEN_PREF "browser.safebrowsing.forbiddenURIs.enabled"
#define CHECK_FORBIDDEN_DEFAULT false
#define GETHASH_NOISE_PREF "urlclassifier.gethashnoise"
#define GETHASH_NOISE_DEFAULT 4
@ -80,6 +83,7 @@ PRLogModuleInfo *gUrlClassifierDbServiceLog = nullptr;
#define PHISH_TABLE_PREF "urlclassifier.phishTable"
#define TRACKING_TABLE_PREF "urlclassifier.trackingTable"
#define TRACKING_WHITELIST_TABLE_PREF "urlclassifier.trackingWhitelistTable"
#define FORBIDDEN_TABLE_PREF "urlclassifier.forbiddenTable"
#define DOWNLOAD_BLOCK_TABLE_PREF "urlclassifier.downloadBlockTable"
#define DOWNLOAD_ALLOW_TABLE_PREF "urlclassifier.downloadAllowTable"
#define DISALLOW_COMPLETION_TABLE_PREF "urlclassifier.disallow_completions"
@ -187,6 +191,9 @@ TablesToResponse(const nsACString& tables)
if (FindInReadable(NS_LITERAL_CSTRING("-unwanted-"), tables)) {
return NS_ERROR_UNWANTED_URI;
}
if (FindInReadable(NS_LITERAL_CSTRING("-forbid-"), tables)) {
return NS_ERROR_FORBIDDEN_URI;
}
return NS_OK;
}
@ -1001,7 +1008,8 @@ public:
nsUrlClassifierClassifyCallback(nsIURIClassifierCallback *c,
bool checkMalware,
bool checkPhishing,
bool checkTracking)
bool checkTracking,
bool checkForbidden)
: mCallback(c)
{}
@ -1061,6 +1069,7 @@ nsUrlClassifierDBService::nsUrlClassifierDBService()
: mCheckMalware(CHECK_MALWARE_DEFAULT)
, mCheckPhishing(CHECK_PHISHING_DEFAULT)
, mCheckTracking(CHECK_TRACKING_DEFAULT)
, mCheckForbiddenURIs(CHECK_FORBIDDEN_DEFAULT)
, mInUpdate(false)
{
}
@ -1107,6 +1116,12 @@ nsUrlClassifierDBService::ReadTablesFromPrefs()
allTables.Append(tables);
}
Preferences::GetCString(FORBIDDEN_TABLE_PREF, &tables);
if (!tables.IsEmpty()) {
allTables.Append(',');
allTables.Append(tables);
}
Classifier::SplitTables(allTables, mGethashTables);
Preferences::GetCString(DISALLOW_COMPLETION_TABLE_PREF, &tables);
@ -1138,6 +1153,8 @@ nsUrlClassifierDBService::Init()
mCheckTracking =
Preferences::GetBool(CHECK_TRACKING_PREF, CHECK_TRACKING_DEFAULT) ||
Preferences::GetBool(CHECK_TRACKING_PB_PREF, CHECK_TRACKING_PB_DEFAULT);
mCheckForbiddenURIs = Preferences::GetBool(CHECK_FORBIDDEN_PREF,
CHECK_FORBIDDEN_DEFAULT);
uint32_t gethashNoise = Preferences::GetUint(GETHASH_NOISE_PREF,
GETHASH_NOISE_DEFAULT);
gFreshnessGuarantee = Preferences::GetInt(CONFIRM_AGE_PREF,
@ -1149,12 +1166,14 @@ nsUrlClassifierDBService::Init()
Preferences::AddStrongObserver(this, CHECK_PHISHING_PREF);
Preferences::AddStrongObserver(this, CHECK_TRACKING_PREF);
Preferences::AddStrongObserver(this, CHECK_TRACKING_PB_PREF);
Preferences::AddStrongObserver(this, CHECK_FORBIDDEN_PREF);
Preferences::AddStrongObserver(this, GETHASH_NOISE_PREF);
Preferences::AddStrongObserver(this, CONFIRM_AGE_PREF);
Preferences::AddStrongObserver(this, PHISH_TABLE_PREF);
Preferences::AddStrongObserver(this, MALWARE_TABLE_PREF);
Preferences::AddStrongObserver(this, TRACKING_TABLE_PREF);
Preferences::AddStrongObserver(this, TRACKING_WHITELIST_TABLE_PREF);
Preferences::AddStrongObserver(this, FORBIDDEN_TABLE_PREF);
Preferences::AddStrongObserver(this, DOWNLOAD_BLOCK_TABLE_PREF);
Preferences::AddStrongObserver(this, DOWNLOAD_ALLOW_TABLE_PREF);
Preferences::AddStrongObserver(this, DISALLOW_COMPLETION_TABLE_PREF);
@ -1239,6 +1258,12 @@ nsUrlClassifierDBService::BuildTables(bool aTrackingProtectionEnabled,
tables.Append(trackingWhitelist);
}
}
nsAutoCString forbidden;
Preferences::GetCString(FORBIDDEN_TABLE_PREF, &forbidden);
if (mCheckForbiddenURIs && !forbidden.IsEmpty()) {
tables.Append(',');
tables.Append(forbidden);
}
if (StringBeginsWith(tables, NS_LITERAL_CSTRING(","))) {
tables.Cut(0, 1);
@ -1255,14 +1280,15 @@ nsUrlClassifierDBService::Classify(nsIPrincipal* aPrincipal,
NS_ENSURE_ARG(aPrincipal);
NS_ENSURE_TRUE(gDbBackgroundThread, NS_ERROR_NOT_INITIALIZED);
if (!(mCheckMalware || mCheckPhishing || aTrackingProtectionEnabled)) {
if (!(mCheckMalware || mCheckPhishing || aTrackingProtectionEnabled ||
mCheckForbiddenURIs)) {
*result = false;
return NS_OK;
}
RefPtr<nsUrlClassifierClassifyCallback> callback =
new nsUrlClassifierClassifyCallback(c, mCheckMalware, mCheckPhishing,
mCheckTracking);
mCheckTracking, mCheckForbiddenURIs);
if (!callback) return NS_ERROR_OUT_OF_MEMORY;
nsAutoCString tables;
@ -1564,11 +1590,15 @@ nsUrlClassifierDBService::Observe(nsISupports *aSubject, const char *aTopic,
mCheckTracking =
Preferences::GetBool(CHECK_TRACKING_PREF, CHECK_TRACKING_DEFAULT) ||
Preferences::GetBool(CHECK_TRACKING_PB_PREF, CHECK_TRACKING_PB_DEFAULT);
} else if (NS_LITERAL_STRING(CHECK_FORBIDDEN_PREF).Equals(aData)) {
mCheckForbiddenURIs = Preferences::GetBool(CHECK_FORBIDDEN_PREF,
CHECK_FORBIDDEN_DEFAULT);
} else if (
NS_LITERAL_STRING(PHISH_TABLE_PREF).Equals(aData) ||
NS_LITERAL_STRING(MALWARE_TABLE_PREF).Equals(aData) ||
NS_LITERAL_STRING(TRACKING_TABLE_PREF).Equals(aData) ||
NS_LITERAL_STRING(TRACKING_WHITELIST_TABLE_PREF).Equals(aData) ||
NS_LITERAL_STRING(FORBIDDEN_TABLE_PREF).Equals(aData) ||
NS_LITERAL_STRING(DOWNLOAD_BLOCK_TABLE_PREF).Equals(aData) ||
NS_LITERAL_STRING(DOWNLOAD_ALLOW_TABLE_PREF).Equals(aData) ||
NS_LITERAL_STRING(DISALLOW_COMPLETION_TABLE_PREF).Equals(aData)) {
@ -1605,10 +1635,12 @@ nsUrlClassifierDBService::Shutdown()
prefs->RemoveObserver(CHECK_PHISHING_PREF, this);
prefs->RemoveObserver(CHECK_TRACKING_PREF, this);
prefs->RemoveObserver(CHECK_TRACKING_PB_PREF, this);
prefs->RemoveObserver(CHECK_FORBIDDEN_PREF, this);
prefs->RemoveObserver(PHISH_TABLE_PREF, this);
prefs->RemoveObserver(MALWARE_TABLE_PREF, this);
prefs->RemoveObserver(TRACKING_TABLE_PREF, this);
prefs->RemoveObserver(TRACKING_WHITELIST_TABLE_PREF, this);
prefs->RemoveObserver(FORBIDDEN_TABLE_PREF, this);
prefs->RemoveObserver(DOWNLOAD_BLOCK_TABLE_PREF, this);
prefs->RemoveObserver(DOWNLOAD_ALLOW_TABLE_PREF, this);
prefs->RemoveObserver(DISALLOW_COMPLETION_TABLE_PREF, this);

View File

@ -118,6 +118,10 @@ private:
// uris on document loads.
bool mCheckTracking;
// TRUE if the nsURIClassifier implementation should check for forbidden
// uris on document loads.
bool mCheckForbiddenURIs;
// TRUE if a BeginUpdate() has been called without an accompanying
// CancelUpdate()/FinishUpdate(). This is used to prevent competing
// updates, not to determine whether an update is still being

View File

@ -31,6 +31,7 @@ externalProtocolLaunchBtn=Launch application
malwareBlocked=The site at %S has been reported as an attack site and has been blocked based on your security preferences.
unwantedBlocked=The site at %S has been reported as serving unwanted software and has been blocked based on your security preferences.
phishingBlocked=The website at %S has been reported as a web forgery designed to trick users into sharing personal or financial information.
forbiddenBlocked=The site at %S has been blocked by your browser configuration.
cspBlocked=This application tried to access a resource that has a content security policy that prevents it from being loaded in this way.
corruptedContentError=The application cannot continue loading because an error in the data transmission was detected.
remoteXUL=This application tried to use an unsupported technology that is no longer available.

View File

@ -706,6 +706,7 @@
ERROR(NS_ERROR_PHISHING_URI, FAILURE(31)),
ERROR(NS_ERROR_TRACKING_URI, FAILURE(34)),
ERROR(NS_ERROR_UNWANTED_URI, FAILURE(35)),
ERROR(NS_ERROR_FORBIDDEN_URI, FAILURE(36)),
/* Used when "Save Link As..." doesn't see the headers quickly enough to
* choose a filename. See nsContextMenu.js. */
ERROR(NS_ERROR_SAVE_LINK_AS_TIMEOUT, FAILURE(32)),