nagai/fune
3
0
Fork 0
forked from mirrors/gecko-dev
Code Pull requests Activity
fune/netwerk/url-classifier/UrlClassifierFeatureCryptominingProtection.cpp
dlee daa17adb9e Bug 1545033 - P1. Pass matched hash values to ProcessChannel. r=baku 
In origin telemetry, we want to record the matching statistic of each entry
in our tracking tables. To identify which entry a given URL matches, it needs
the hash value that matches the safe browsing database.

This patch passes the hash value to ProcessChannel so Features can obtain the
information and pass it.

Note that it is possible that an URL may find multiple matches. If an URL matches
hash A of list 1 and hash B of list 2, the parameter in ProcessChannel looks like:
aList = [list 1, list2]
aHashes = [hash A, hash B]

Differential Revision: https://phabricator.services.mozilla.com/D28789

--HG--
extra : moz-landing-system : lando
2019-04-26 13:02:35 +00:00

197 lines
6.2 KiB
C++
Raw Blame History

/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "UrlClassifierFeatureCryptominingProtection.h"
#include "mozilla/AntiTrackingCommon.h"
#include "mozilla/net/UrlClassifierCommon.h"
#include "mozilla/StaticPrefs.h"
#include "nsContentUtils.h"
#include "nsNetUtil.h"
namespace mozilla {
namespace net {
namespace {
#define CRYPTOMINING_FEATURE_NAME "cryptomining-protection"
#define URLCLASSIFIER_CRYPTOMINING_BLACKLIST \
"urlclassifier.features.cryptomining.blacklistTables"
#define URLCLASSIFIER_CRYPTOMINING_BLACKLIST_TEST_ENTRIES \
"urlclassifier.features.cryptomining.blacklistHosts"
#define URLCLASSIFIER_CRYPTOMINING_WHITELIST \
"urlclassifier.features.cryptomining.whitelistTables"
#define URLCLASSIFIER_CRYPTOMINING_WHITELIST_TEST_ENTRIES \
"urlclassifier.features.cryptomining.whitelistHosts"
#define URLCLASSIFIER_CRYPTOMINING_SKIP_URLS \
"urlclassifier.features.cryptomining.skipURLs"
#define TABLE_CRYPTOMINING_BLACKLIST_PREF "cryptomining-blacklist-pref"
#define TABLE_CRYPTOMINING_WHITELIST_PREF "cryptomining-whitelist-pref"
StaticRefPtr<UrlClassifierFeatureCryptominingProtection>
gFeatureCryptominingProtection;
} // namespace
UrlClassifierFeatureCryptominingProtection::
UrlClassifierFeatureCryptominingProtection()
: UrlClassifierFeatureBase(
NS_LITERAL_CSTRING(CRYPTOMINING_FEATURE_NAME),
NS_LITERAL_CSTRING(URLCLASSIFIER_CRYPTOMINING_BLACKLIST),
NS_LITERAL_CSTRING(URLCLASSIFIER_CRYPTOMINING_WHITELIST),
NS_LITERAL_CSTRING(URLCLASSIFIER_CRYPTOMINING_BLACKLIST_TEST_ENTRIES),
NS_LITERAL_CSTRING(URLCLASSIFIER_CRYPTOMINING_WHITELIST_TEST_ENTRIES),
NS_LITERAL_CSTRING(TABLE_CRYPTOMINING_BLACKLIST_PREF),
NS_LITERAL_CSTRING(TABLE_CRYPTOMINING_WHITELIST_PREF),
NS_LITERAL_CSTRING(URLCLASSIFIER_CRYPTOMINING_SKIP_URLS)) {}
/* static */ const char* UrlClassifierFeatureCryptominingProtection::Name() {
return CRYPTOMINING_FEATURE_NAME;
}
/* static */
void UrlClassifierFeatureCryptominingProtection::MaybeInitialize() {
UC_LOG(("UrlClassifierFeatureCryptominingProtection: MaybeInitialize"));
if (!gFeatureCryptominingProtection) {
gFeatureCryptominingProtection =
new UrlClassifierFeatureCryptominingProtection();
gFeatureCryptominingProtection->InitializePreferences();
}
}
/* static */
void UrlClassifierFeatureCryptominingProtection::MaybeShutdown() {
UC_LOG(("UrlClassifierFeatureCryptominingProtection: MaybeShutdown"));
if (gFeatureCryptominingProtection) {
gFeatureCryptominingProtection->ShutdownPreferences();
gFeatureCryptominingProtection = nullptr;
}
}
/* static */
already_AddRefed<UrlClassifierFeatureCryptominingProtection>
UrlClassifierFeatureCryptominingProtection::MaybeCreate(nsIChannel* aChannel) {
MOZ_ASSERT(aChannel);
UC_LOG(
("UrlClassifierFeatureCryptominingProtection: MaybeCreate for channel %p",
aChannel));
if (!StaticPrefs::privacy_trackingprotection_cryptomining_enabled()) {
return nullptr;
}
nsCOMPtr<nsIURI> chanURI;
nsresult rv = aChannel->GetURI(getter_AddRefs(chanURI));
if (NS_WARN_IF(NS_FAILED(rv))) {
return nullptr;
}
bool isThirdParty =
nsContentUtils::IsThirdPartyWindowOrChannel(nullptr, aChannel, chanURI);
if (!isThirdParty) {
if (UC_LOG_ENABLED()) {
nsCString spec = chanURI->GetSpecOrDefault();
spec.Truncate(
std::min(spec.Length(), UrlClassifierCommon::sMaxSpecLength));
UC_LOG(
("UrlClassifierFeatureCryptominingProtection: Skipping cryptomining "
"checks "
"for first party or top-level load channel[%p] "
"with uri %s",
aChannel, spec.get()));
}
return nullptr;
}
if (!UrlClassifierCommon::ShouldEnableClassifier(aChannel)) {
return nullptr;
}
MaybeInitialize();
MOZ_ASSERT(gFeatureCryptominingProtection);
RefPtr<UrlClassifierFeatureCryptominingProtection> self =
gFeatureCryptominingProtection;
return self.forget();
}
/* static */
already_AddRefed<nsIUrlClassifierFeature>
UrlClassifierFeatureCryptominingProtection::GetIfNameMatches(
const nsACString& aName) {
if (!aName.EqualsLiteral(CRYPTOMINING_FEATURE_NAME)) {
return nullptr;
}
MaybeInitialize();
MOZ_ASSERT(gFeatureCryptominingProtection);
RefPtr<UrlClassifierFeatureCryptominingProtection> self =
gFeatureCryptominingProtection;
return self.forget();
}
NS_IMETHODIMP
UrlClassifierFeatureCryptominingProtection::ProcessChannel(
nsIChannel* aChannel, const nsTArray<nsCString>& aList,
const nsTArray<nsCString>& aHashes, bool* aShouldContinue) {
NS_ENSURE_ARG_POINTER(aChannel);
NS_ENSURE_ARG_POINTER(aShouldContinue);
bool isAllowListed = UrlClassifierCommon::IsAllowListed(
aChannel, AntiTrackingCommon::eCryptomining);
// This is a blocking feature.
*aShouldContinue = isAllowListed;
if (isAllowListed) {
return NS_OK;
}
nsAutoCString list;
UrlClassifierCommon::TablesToString(aList, list);
UrlClassifierCommon::SetBlockedContent(aChannel, NS_ERROR_CRYPTOMINING_URI,
list, EmptyCString(), EmptyCString());
UC_LOG(
("UrlClassifierFeatureCryptominingProtection::ProcessChannel, "
"cancelling "
"channel[%p]",
aChannel));
nsCOMPtr<nsIHttpChannelInternal> httpChannel = do_QueryInterface(aChannel);
if (httpChannel) {
Unused << httpChannel->CancelByURLClassifier(NS_ERROR_CRYPTOMINING_URI);
} else {
Unused << aChannel->Cancel(NS_ERROR_CRYPTOMINING_URI);
}
return NS_OK;
}
NS_IMETHODIMP
UrlClassifierFeatureCryptominingProtection::GetURIByListType(
nsIChannel* aChannel, nsIUrlClassifierFeature::listType aListType,
nsIURI** aURI) {
NS_ENSURE_ARG_POINTER(aChannel);
NS_ENSURE_ARG_POINTER(aURI);
if (aListType == nsIUrlClassifierFeature::blacklist) {
return aChannel->GetURI(aURI);
}
MOZ_ASSERT(aListType == nsIUrlClassifierFeature::whitelist);
return UrlClassifierCommon::CreatePairwiseWhiteListURI(aChannel, aURI);
}
} // namespace net
} // namespace mozilla
View git blame Copy permalink