Bug 669282 - Add prefs for fetchFromISP and guessconfig - r=bwinton
authorBen Bucksch <ben.bucksch@beonex.com>
Thu, 13 Feb 2014 00:28:26 +0100
changeset 15725 12401af31c63
parent 15724 effd19c7f41b
child 15726 09c8c61c2803
push id9858
push usermozilla.BenB@bucksch.org
push dateWed, 12 Feb 2014 23:28:03 +0000
treeherdercomm-central@12401af31c63 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbwinton
bugs669282, 971347
Bug 669282 - Add prefs for fetchFromISP and guessconfig - r=bwinton Non-SSL HTTP calls can leak the user's identity to a network sniffer, and are also vulnerable to changes by MITM. This is a problem e.g. for Tor users, so allow to disable these parts. A better solution is in bug 971347.
mailnews/base/prefs/content/accountcreation/fetchConfig.js
mailnews/base/prefs/content/accountcreation/guessConfig.js
mailnews/mailnews.js
--- a/mailnews/base/prefs/content/accountcreation/fetchConfig.js
+++ b/mailnews/base/prefs/content/accountcreation/fetchConfig.js
@@ -52,42 +52,51 @@ function fetchConfigFromDisk(domain, suc
  *         for whatever reason. This is expected (e.g. when there's no config
  *         for this domain at this location),
  *         so do not unconditionally show this to the user.
  *         The first paramter will be an exception object or error string.
  */
 function fetchConfigFromISP(domain, emailAddress, successCallback,
                             errorCallback)
 {
+  if (!Services.prefs.getBoolPref(
+      "mailnews.auto_config.fetchFromISP.enabled")) {
+    errorCallback("ISP fetch disabled per user preference");
+    return;
+  }
+
   let url1 = "http://autoconfig." + sanitize.hostname(domain) +
              "/mail/config-v1.1.xml";
   // .well-known/ <http://tools.ietf.org/html/draft-nottingham-site-meta-04>
   let url2 = "http://" + sanitize.hostname(domain) +
              "/.well-known/autoconfig/mail/config-v1.1.xml";
   let sucAbortable = new SuccessiveAbortable();
   var time = Date.now();
-  let fetch1 = new FetchHTTP(
-    url1, { emailaddress: emailAddress }, false,
+  var urlArgs = { emailaddress: emailAddress };
+  if (!Services.prefs.getBoolPref(
+      "mailnews.auto_config.fetchFromISP.sendEmailAddress")) {
+    delete urlArgs.emailaddress;
+  }
+  let fetch1 = new FetchHTTP(url1, urlArgs, false,
     function(result)
     {
       successCallback(readFromXML(result));
     },
     function(e1) // fetch1 failed
     {
       ddump("fetchisp 1 <" + url1 + "> took " + (Date.now() - time) +
           "ms and failed with " + e1);
       time = Date.now();
       if (e1 instanceof CancelledException)
       {
         errorCallback(e1);
         return;
       }
 
-      let fetch2 = new FetchHTTP(
-        url2, { emailaddress: emailAddress }, false,
+      let fetch2 = new FetchHTTP(url2, urlArgs, false,
         function(result)
         {
           successCallback(readFromXML(result));
         },
         function(e2)
         {
           ddump("fetchisp 2 <" + url2 + "> took " + (Date.now() - time) +
               "ms and failed with " + e2);
--- a/mailnews/base/prefs/content/accountcreation/guessConfig.js
+++ b/mailnews/base/prefs/content/accountcreation/guessConfig.js
@@ -58,16 +58,22 @@ function guessConfig(domain, progressCal
 {
   assert(typeof(progressCallback) == "function", "need progressCallback");
   assert(typeof(successCallback) == "function", "need successCallback");
   assert(typeof(errorCallback) == "function", "need errorCallback");
   if (!resultConfig)
     resultConfig = new AccountConfig();
   resultConfig.source = AccountConfig.kSourceGuess;
 
+  if (!Services.prefs.getBoolPref(
+      "mailnews.auto_config.guess.enabled")) {
+    errorCallback("Guessing config disabled per user preference");
+    return;
+  }
+
   var incomingHostDetector = null;
   var outgoingHostDetector = null;
   var incomingEx = null; // if incoming had error, store ex here
   var outgoingEx = null; // if incoming had error, store ex here
   var incomingDone = (which == "outgoing");
   var outgoingDone = (which == "incoming");
   // If we're offline, we're going to pick the most common settings.
   // (Not the "best" settings, but common).
--- a/mailnews/mailnews.js
+++ b/mailnews/mailnews.js
@@ -785,16 +785,23 @@ pref("mail.compose.max_recycled_windows"
 // For the Empty Junk/Trash confirmation dialogs.
 pref("mailnews.emptyJunk.dontAskAgain", false);
 pref("mailnews.emptyTrash.dontAskAgain", false);
 
 // where to fetch auto config information from.
 pref("mailnews.auto_config_url", "https://live.mozillamessaging.com/autoconfig/v1.1/");
 // Added in bug 551519. Remove when bug 545866 is fixed.
 pref("mailnews.mx_service_url", "https://live.mozillamessaging.com/dns/mx/");
+// Allow to contact ISP (email address domain)
+// This happens via insecure means (HTTP), so the config cannot be trusted,
+// and also contains the email address
+pref("mailnews.auto_config.fetchFromISP.enabled", true);
+// Allow the fetch from ISP via HTTP, but not the email address
+pref("mailnews.auto_config.fetchFromISP.sendEmailAddress", true);
+pref("mailnews.auto_config.guess.enabled", true);
 
 // -- Summary Database options
 // dontPreserveOnCopy: a space separated list of properties that are not
 //                     copied to the new nsIMsgHdr when a message is copied.
 //                     Allows extensions to control preservation of properties.
 pref("mailnews.database.summary.dontPreserveOnCopy",
   "account msgOffset threadParent msgThreadId statusOfset flags size numLines ProtoThreadFlags label gloda-id gloda-dirty storeToken");