Bug 826992 - Avoid hardcoded clientId in SafeBrowser.jsm. r=Mossop,r=mfinkle,r=gcp
authorMike Hommey <mh+mozilla@glandium.org>
Thu, 10 Jan 2013 08:38:50 +0100
changeset 118341 ff82d1a3955ef1ca4b78060c8e7ea0cff77758a2
parent 118340 e16c82303ab39c046a43379368008fc8978e68ab
child 118342 25ce76f1d0cf92f0ee9a26d7b97cc38a905e960a
push id24162
push useremorley@mozilla.com
push dateThu, 10 Jan 2013 16:00:43 +0000
treeherdermozilla-central@fc3ed72129d9 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersMossop, mfinkle, gcp
bugs826992
milestone21.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 826992 - Avoid hardcoded clientId in SafeBrowser.jsm. r=Mossop,r=mfinkle,r=gcp
browser/app/Makefile.in
browser/app/profile/firefox.js
mobile/android/app/Makefile.in
mobile/android/app/mobile.js
mobile/android/components/Makefile.in
mobile/android/components/SafeBrowsing.jsm
toolkit/components/url-classifier/Makefile.in
toolkit/components/url-classifier/SafeBrowsing.jsm
--- a/browser/app/Makefile.in
+++ b/browser/app/Makefile.in
@@ -26,18 +26,21 @@ AB_CD = en-US
 DEFINES += \
   -DAB_CD=$(AB_CD) \
   -DAPP_VERSION="$(MOZ_APP_VERSION)" \
   -DFIREFOX_ICO=\"$(DIST)/branding/firefox.ico\" \
   -DDOCUMENT_ICO=\"$(DIST)/branding/document.ico\" \
   -DNEWWINDOW_ICO=\"$(DIST)/branding/newwindow.ico\" \
   -DNEWTAB_ICO=\"$(DIST)/branding/newtab.ico\" \
   -DPBMODE_ICO=\"$(DIST)/branding/pbmode.ico\" \
+  $(NULL)
 
-  $(NULL)
+ifdef MOZILLA_OFFICIAL
+DEFINES += -DMOZILLA_OFFICIAL
+endif
 
 ifdef LIBXUL_SDK #{
 PREF_JS_EXPORTS += $(srcdir)/profile/channel-prefs.js
 DEFINES += -DLIBXUL_SDK
 endif #} LIBXUL_SDK
 
 # Build a binary bootstrapping with XRE_main
 
--- a/browser/app/profile/firefox.js
+++ b/browser/app/profile/firefox.js
@@ -724,16 +724,22 @@ pref("browser.safebrowsing.reportGeneric
 pref("browser.safebrowsing.reportErrorURL", "http://%LOCALE%.phish-error.mozilla.com/?hl=%LOCALE%");
 pref("browser.safebrowsing.reportPhishURL", "http://%LOCALE%.phish-report.mozilla.com/?hl=%LOCALE%");
 pref("browser.safebrowsing.reportMalwareURL", "http://%LOCALE%.malware-report.mozilla.com/?hl=%LOCALE%");
 pref("browser.safebrowsing.reportMalwareErrorURL", "http://%LOCALE%.malware-error.mozilla.com/?hl=%LOCALE%");
 
 pref("browser.safebrowsing.warning.infoURL", "http://www.mozilla.com/%LOCALE%/firefox/phishing-protection/");
 pref("browser.safebrowsing.malware.reportURL", "http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=%NAME%&hl=%LOCALE%&site=");
 
+#ifdef MOZILLA_OFFICIAL
+// Normally the "client ID" sent in updates is appinfo.name, but for
+// official Firefox releases from Mozilla we use a special identifier.
+pref("browser.safebrowsing.id", "navclient-auto-ffox");
+#endif
+
 // Name of the about: page contributed by safebrowsing to handle display of error
 // pages on phishing/malware hits.  (bug 399233)
 pref("urlclassifier.alternate_error_page", "blocked");
 
 // The number of random entries to send with a gethash request.
 pref("urlclassifier.gethashnoise", 4);
 
 // The list of tables that use the gethash request to confirm partial results.
--- a/mobile/android/app/Makefile.in
+++ b/mobile/android/app/Makefile.in
@@ -41,16 +41,17 @@ NSDISTMODE = copy
 include $(topsrcdir)/config/rules.mk
 
 APP_ICON = mobile
 
 DEFINES += \
   -DAPP_NAME=$(MOZ_APP_NAME) \
   -DAPP_VERSION=$(MOZ_APP_VERSION) \
   -DMOZ_UPDATER=$(MOZ_UPDATER) \
+  -DMOZ_APP_UA_NAME=$(MOZ_APP_UA_NAME) \
   $(NULL)
 
 ifdef MOZ_PKG_SPECIAL
 DEFINES += -DMOZ_PKG_SPECIAL=$(MOZ_PKG_SPECIAL)
 endif
 
 APP_BINARY = $(MOZ_APP_NAME)$(BIN_SUFFIX)
 
--- a/mobile/android/app/mobile.js
+++ b/mobile/android/app/mobile.js
@@ -563,16 +563,18 @@ pref("browser.safebrowsing.reportGeneric
 pref("browser.safebrowsing.reportErrorURL", "http://%LOCALE%.phish-error.mozilla.com/?hl=%LOCALE%");
 pref("browser.safebrowsing.reportPhishURL", "http://%LOCALE%.phish-report.mozilla.com/?hl=%LOCALE%");
 pref("browser.safebrowsing.reportMalwareURL", "http://%LOCALE%.malware-report.mozilla.com/?hl=%LOCALE%");
 pref("browser.safebrowsing.reportMalwareErrorURL", "http://%LOCALE%.malware-error.mozilla.com/?hl=%LOCALE%");
 
 pref("browser.safebrowsing.warning.infoURL", "http://www.mozilla.com/%LOCALE%/firefox/phishing-protection/");
 pref("browser.safebrowsing.malware.reportURL", "http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=%NAME%&hl=%LOCALE%&site=");
 
+pref("browser.safebrowsing.id", "@MOZ_APP_UA_NAME@");
+
 // Name of the about: page contributed by safebrowsing to handle display of error
 // pages on phishing/malware hits.  (bug 399233)
 pref("urlclassifier.alternate_error_page", "blocked");
 
 // The number of random entries to send with a gethash request.
 pref("urlclassifier.gethashnoise", 4);
 
 // The list of tables that use the gethash request to confirm partial results.
--- a/mobile/android/components/Makefile.in
+++ b/mobile/android/components/Makefile.in
@@ -34,19 +34,9 @@ EXTRA_COMPONENTS = \
         PromptService.js \
         ContentDispatchChooser.js \
         AddonUpdateService.js \
         FormAutoComplete.js \
         LoginManagerPrompter.js \
         BlocklistPrompt.js \
         $(NULL)
 
-ifdef MOZ_SAFE_BROWSING
-DEFINES += \
-        -DMOZ_APP_UA_NAME=$(MOZ_APP_UA_NAME) \
-        $(NULL)
-
-EXTRA_PP_JS_MODULES = \
-        SafeBrowsing.jsm \
-        $(NULL)
-endif
-
 include $(topsrcdir)/config/rules.mk
deleted file mode 100644
--- a/mobile/android/components/SafeBrowsing.jsm
+++ /dev/null
@@ -1,182 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-this.EXPORTED_SYMBOLS = ["SafeBrowsing"];
-
-const Cc = Components.classes;
-const Ci = Components.interfaces;
-const Cu = Components.utils;
-
-Cu.import("resource://gre/modules/Services.jsm");
-
-const phishingList = "goog-phish-shavar";
-const malwareList  = "goog-malware-shavar";
-
-var debug = false;
-
-function log(...stuff) {
-  if (!debug)
-    return;
-
-  let msg = "SafeBrowsing: " + stuff.join(" ");
-  Services.console.logStringMessage(msg);
-  dump(msg + "\n");
-}
-
-this.SafeBrowsing = {
-
-  init: function() {
-    if (this.initialized) {
-      log("Already initialized");
-      return;
-    }
-
-    Services.prefs.addObserver("browser.safebrowsing", this.readPrefs, false);
-    this.readPrefs();
-
-    // Register our two types of tables, and add custom Mozilla entries
-    let listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].
-                      getService(Ci.nsIUrlListManager);
-    listManager.registerTable(phishingList, false);
-    listManager.registerTable(malwareList, false);
-    this.addMozEntries();
-
-    this.controlUpdateChecking();
-    this.initialized = true;
-
-    log("init() finished");
-  },
-
-
-  initialized:     false,
-  phishingEnabled: false,
-  malwareEnabled:  false,
-
-  updateURL:             null,
-  keyURL:                null,
-  gethashURL:            null,
-
-  reportURL:             null,
-  reportGenericURL:      null,
-  reportErrorURL:        null,
-  reportPhishURL:        null,
-  reportMalwareURL:      null,
-  reportMalwareErrorURL: null,
-
-
-  getReportURL: function(kind) {
-    return this["report"  + kind + "URL"];
-  },
-
-
-  readPrefs: function() {
-    log("reading prefs");
-
-    debug = Services.prefs.getBoolPref("browser.safebrowsing.debug");
-    this.phishingEnabled = Services.prefs.getBoolPref("browser.safebrowsing.enabled");
-    this.malwareEnabled  = Services.prefs.getBoolPref("browser.safebrowsing.malware.enabled");
-    this.updateProviderURLs();
-
-    // XXX The listManager backend gets confused if this is called before the
-    // lists are registered. So only call it here when a pref changes, and not
-    // when doing initialization. I expect to refactor this later, so pardon the hack.
-    if (this.initialized)
-      this.controlUpdateChecking();
-  },
-
-
-  updateProviderURLs: function() {
-#ifdef USE_HISTORIC_SAFEBROWSING_ID
-    let clientID = "navclient-auto-ffox";
-#else
-#expand    let clientID = __MOZ_APP_UA_NAME__;
-#endif
-
-    log("initializing safe browsing URLs");
-    let basePref = "browser.safebrowsing.";
-
-    // Urls to HTML report pages
-    this.reportURL             = Services.urlFormatter.formatURLPref(basePref + "reportURL");
-    this.reportGenericURL      = Services.urlFormatter.formatURLPref(basePref + "reportGenericURL");
-    this.reportErrorURL        = Services.urlFormatter.formatURLPref(basePref + "reportErrorURL");
-    this.reportPhishURL        = Services.urlFormatter.formatURLPref(basePref + "reportPhishURL");
-    this.reportMalwareURL      = Services.urlFormatter.formatURLPref(basePref + "reportMalwareURL");
-    this.reportMalwareErrorURL = Services.urlFormatter.formatURLPref(basePref + "reportMalwareErrorURL");
-
-    // Urls used to update DB
-    this.updateURL  = Services.urlFormatter.formatURLPref(basePref + "updateURL");
-    this.keyURL     = Services.urlFormatter.formatURLPref(basePref + "keyURL");
-    this.gethashURL = Services.urlFormatter.formatURLPref(basePref + "gethashURL");
-
-    this.updateURL  = this.updateURL.replace("SAFEBROWSING_ID", clientID);
-    this.keyURL     = this.keyURL.replace("SAFEBROWSING_ID", clientID);
-    this.gethashURL = this.gethashURL.replace("SAFEBROWSING_ID", clientID);
-
-    let listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].
-                      getService(Ci.nsIUrlListManager);
-
-    listManager.setUpdateUrl(this.updateURL);
-    // XXX Bug 779317 - setKeyUrl has the side effect of fetching a key from the server.
-    // This shouldn't happen if anti-phishing/anti-malware is disabled.
-    if (this.phishingEnabled || this.malwareEnabled)
-      listManager.setKeyUrl(this.keyURL);
-    listManager.setGethashUrl(this.gethashURL);
-  },
-
-
-  controlUpdateChecking: function() {
-    log("phishingEnabled:", this.phishingEnabled, "malwareEnabled:", this.malwareEnabled);
-
-    let listManager = Cc["@mozilla.org/url-classifier/listmanager;1"].
-                      getService(Ci.nsIUrlListManager);
-
-    if (this.phishingEnabled)
-      listManager.enableUpdate(phishingList);
-    else
-      listManager.disableUpdate(phishingList);
-
-    if (this.malwareEnabled)
-      listManager.enableUpdate(malwareList);
-    else
-      listManager.disableUpdate(malwareList);
-  },
-
-
-  addMozEntries: function() {
-    // Add test entries to the DB.
-    // XXX bug 779008 - this could be done by DB itself?
-    const phishURL   = "mozilla.org/firefox/its-a-trap.html";
-    const malwareURL = "mozilla.org/firefox/its-an-attack.html";
-
-    let update = "n:1000\ni:test-malware-simple\nad:1\n" +
-                 "a:1:32:" + malwareURL.length + "\n" +
-                 malwareURL;
-    update += "n:1000\ni:test-phish-simple\nad:1\n" +
-              "a:1:32:" + phishURL.length + "\n" +
-              phishURL;
-    log("addMozEntries:", update);
-
-    let db = Cc["@mozilla.org/url-classifier/dbservice;1"].
-             getService(Ci.nsIUrlClassifierDBService);
-
-    // nsIUrlClassifierUpdateObserver
-    let dummyListener = {
-      updateUrlRequested: function() { },
-      streamFinished:     function() { },
-      updateError:        function() { },
-      updateSuccess:      function() { }
-    };
-
-    try {
-      db.beginUpdate(dummyListener, "test-malware-simple,test-phish-simple", "");
-      db.beginStream("", "");
-      db.updateStream(update);
-      db.finishStream();
-      db.finishUpdate();
-    } catch(ex) {
-      // beginUpdate will throw harmlessly if there's an existing update in progress, ignore failures.
-      log("addMozEntries failed!", ex);
-    }
-  },
-};
--- a/toolkit/components/url-classifier/Makefile.in
+++ b/toolkit/components/url-classifier/Makefile.in
@@ -13,24 +13,16 @@ include $(DEPTH)/config/autoconf.mk
 
 MODULE = url-classifier
 LIBRARY_NAME = urlclassifier_s
 XPIDL_MODULE = url-classifier
 LIBXUL_LIBRARY = 1
 FORCE_STATIC_LIB = 1
 FAIL_ON_WARNINGS = 1
 
-# Normally the "client ID" sent in updates is appinfo.name, but for
-# official Firefox releases from Mozilla we use a special identifier.
-ifdef MOZILLA_OFFICIAL
-ifdef MOZ_PHOENIX
-DEFINES += -DUSE_HISTORIC_SAFEBROWSING_ID=1
-endif
-endif
-
 XPIDLSRCS = \
   nsIUrlClassifierDBService.idl \
   nsIUrlClassifierHashCompleter.idl \
   nsIUrlClassifierStreamUpdater.idl \
   nsIUrlClassifierPrefixSet.idl \
   nsIUrlClassifierUtils.idl \
   nsIUrlListManager.idl \
   $(NULL)
@@ -60,17 +52,17 @@ EXTRA_COMPONENTS = \
   $(NULL)
 
 # Same as JS components that are run through the pre-processor.
 EXTRA_PP_COMPONENTS = \
   nsUrlClassifierLib.js \
   nsUrlClassifierListManager.js \
   $(NULL)
 
-EXTRA_PP_JS_MODULES = \
+EXTRA_JS_MODULES = \
   SafeBrowsing.jsm \
   $(NULL)
 
 ifdef ENABLE_TESTS
 TOOL_DIRS += tests
 endif
 
 include $(topsrcdir)/config/rules.mk
--- a/toolkit/components/url-classifier/SafeBrowsing.jsm
+++ b/toolkit/components/url-classifier/SafeBrowsing.jsm
@@ -81,21 +81,21 @@ this.SafeBrowsing = {
     // lists are registered. So only call it here when a pref changes, and not
     // when doing initialization. I expect to refactor this later, so pardon the hack.
     if (this.initialized)
       this.controlUpdateChecking();
   },
 
 
   updateProviderURLs: function() {
-#ifdef USE_HISTORIC_SAFEBROWSING_ID
-    let clientID = "navclient-auto-ffox";
-#else
-    let clientID = Services.appinfo.name;
-#endif
+    try {
+      var clientID = Services.prefs.getCharPref("browser.safebrowsing.id");
+    } catch(e) {
+      var clientID = Services.appinfo.name;
+    }
 
     log("initializing safe browsing URLs");
     let basePref = "browser.safebrowsing.";
 
     // Urls to HTML report pages
     this.reportURL             = Services.urlFormatter.formatURLPref(basePref + "reportURL");
     this.reportGenericURL      = Services.urlFormatter.formatURLPref(basePref + "reportGenericURL");
     this.reportErrorURL        = Services.urlFormatter.formatURLPref(basePref + "reportErrorURL");