Bug 468313 - Add permissions to safe-browsing so warnings don't keep showing up on attack sites. r=sdwilsh ui-r=limi
authorMehdi Mulani <mmmulani@uwaterloo.ca>
Tue, 03 May 2011 13:39:28 -0400
changeset 68954 79497dd8d244531a144b96251c5a30fad233e040
parent 68953 3fd770ef6a6501565551734fce94d78ed5c7d8f0
child 68956 9fa7473f00b8526c5c5211d53a1e1e830d30ccdb
push idunknown
push userunknown
push dateunknown
reviewerssdwilsh, limi
bugs468313
milestone6.0a1
Bug 468313 - Add permissions to safe-browsing so warnings don't keep showing up on attack sites. r=sdwilsh ui-r=limi
browser/base/content/browser.js
toolkit/components/url-classifier/nsUrlClassifierDBService.cpp
--- a/browser/base/content/browser.js
+++ b/browser/base/content/browser.js
@@ -2683,16 +2683,21 @@ function BrowserOnClick(event) {
       }
       else if (ot == errorDoc.getElementById('ignoreWarningButton')) {
         // Allow users to override and continue through to the site,
         // but add a notify bar as a reminder, so that they don't lose
         // track after, e.g., tab switching.
         gBrowser.loadURIWithFlags(content.location.href,
                                   nsIWebNavigation.LOAD_FLAGS_BYPASS_CLASSIFIER,
                                   null, null, null);
+
+        Services.perms.add(makeURI(content.location.href), "safe-browsing",
+                           Ci.nsIPermissionManager.ALLOW_ACTION,
+                           Ci.nsIPermissionManager.EXPIRE_SESSION);
+
         let buttons = [{
           label: gNavigatorBundle.getString("safebrowsing.getMeOutOfHereButton.label"),
           accessKey: gNavigatorBundle.getString("safebrowsing.getMeOutOfHereButton.accessKey"),
           callback: function() { getMeOutOfHere(); }
         }];
 
         let title;
         if (isMalware) {
--- a/toolkit/components/url-classifier/nsUrlClassifierDBService.cpp
+++ b/toolkit/components/url-classifier/nsUrlClassifierDBService.cpp
@@ -49,16 +49,17 @@
 #include "nsAppDirectoryServiceDefs.h"
 #include "nsCRT.h"
 #include "nsDataHashtable.h"
 #include "nsICryptoHash.h"
 #include "nsICryptoHMAC.h"
 #include "nsIDirectoryService.h"
 #include "nsIKeyModule.h"
 #include "nsIObserverService.h"
+#include "nsIPermissionManager.h"
 #include "nsIPrefBranch.h"
 #include "nsIPrefBranch2.h"
 #include "nsIPrefService.h"
 #include "nsIProperties.h"
 #include "nsIProxyObjectManager.h"
 #include "nsToolkitCompsCID.h"
 #include "nsIUrlClassifierUtils.h"
 #include "nsUrlClassifierDBService.h"
@@ -4020,16 +4021,27 @@ nsUrlClassifierDBService::LookupURI(nsIU
     *didLookup = PR_TRUE;
   } else {
     // Check if the URI is on a clean host.  If so, we don't need to
     // bother queueing up a lookup, we can just return.
     PRBool clean;
     rv = mWorker->CheckCleanHost(key, &clean);
     NS_ENSURE_SUCCESS(rv, rv);
 
+    if (!clean) {
+      nsCOMPtr<nsIPermissionManager> permissionManager =
+        do_GetService(NS_PERMISSIONMANAGER_CONTRACTID);
+
+      if (permissionManager) {
+        PRUint32 perm;
+        permissionManager->TestPermission(uri, "safe-browsing", &perm);
+        clean |= (perm == nsIPermissionManager::ALLOW_ACTION);
+      }
+    }
+
     *didLookup = !clean;
     if (clean) {
       return NS_OK;
     }
   }
 
   // Create an nsUrlClassifierLookupCallback object.  This object will
   // take care of confirming partial hash matches if necessary before