| blob | cbe37c8688f1fd5e8c110981cb6391d20cb5b295 |
1 /* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
2 /* This Source Code Form is subject to the terms of the Mozilla Public
3 * License, v. 2.0. If a copy of the MPL was not distributed with this
4 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6 const lazy = {};
8 ChromeUtils.defineESModuleGetters(lazy, {
9 SafeBrowsing: "resource://gre/modules/SafeBrowsing.sys.mjs",
10 });
12 function getSiteBlockedErrorDetails(docShell) {
13 let blockedInfo = {};
14 if (docShell.failedChannel) {
15 let classifiedChannel = docShell.failedChannel.QueryInterface(
16 Ci.nsIClassifiedChannel
17 );
18 if (classifiedChannel) {
19 let httpChannel = docShell.failedChannel.QueryInterface(
20 Ci.nsIHttpChannel
21 );
23 let reportUri = httpChannel.URI;
25 // Remove the query to avoid leaking sensitive data
26 if (reportUri instanceof Ci.nsIURL) {
27 reportUri = reportUri.mutate().setQuery("").finalize();
28 }
30 let triggeringPrincipal = docShell.failedChannel.loadInfo
31 ? docShell.failedChannel.loadInfo.triggeringPrincipal
32 : null;
33 blockedInfo = {
34 list: classifiedChannel.matchedList,
35 triggeringPrincipal,
36 provider: classifiedChannel.matchedProvider,
37 uri: reportUri.asciiSpec,
38 };
39 }
40 }
41 return blockedInfo;
42 }
44 export class BlockedSiteChild extends JSWindowActorChild {
45 receiveMessage(msg) {
46 if (msg.name == "DeceptiveBlockedDetails") {
47 return getSiteBlockedErrorDetails(this.docShell);
48 }
49 return null;
50 }
52 handleEvent(event) {
53 if (event.type == "AboutBlockedLoaded") {
54 this.onAboutBlockedLoaded(event);
55 } else if (event.type == "click" && event.button == 0) {
56 this.onClick(event);
57 }
58 }
60 onAboutBlockedLoaded(aEvent) {
61 let content = aEvent.target.ownerGlobal;
63 let blockedInfo = getSiteBlockedErrorDetails(this.docShell);
64 let provider = blockedInfo.provider || "";
66 let doc = content.document;
68 /**
69 * Set error description link in error details.
70 * For example, the "reported as a deceptive site" link for
71 * blocked phishing pages.
72 */
73 let desc = Services.prefs.getCharPref(
74 "browser.safebrowsing.provider." + provider + ".reportURL",
75 ""
76 );
77 if (desc) {
78 doc
79 .getElementById("error_desc_link")
80 .setAttribute("href", desc + encodeURIComponent(aEvent.detail.url));
81 }
83 // Set other links in error details.
84 switch (aEvent.detail.err) {
85 case "malware":
86 doc
87 .getElementById("report_detection")
88 .setAttribute(
89 "href",
90 lazy.SafeBrowsing.getReportURL("MalwareMistake", blockedInfo)
91 );
92 break;
93 case "unwanted":
94 doc
95 .getElementById("learn_more_link")
96 .setAttribute(
97 "href",
98 "https://www.google.com/about/unwanted-software-policy.html"
99 );
100 break;
101 case "phishing":
102 doc
103 .getElementById("report_detection")
104 .setAttribute(
105 "href",
106 lazy.SafeBrowsing.getReportURL("PhishMistake", blockedInfo) ||
107 "https://safebrowsing.google.com/safebrowsing/report_error/?tpl=mozilla"
108 );
109 doc
110 .getElementById("learn_more_link")
111 .setAttribute("href", "https://www.antiphishing.org//");
112 break;
113 }
115 // Set the firefox support url.
116 doc
117 .getElementById("firefox_support")
118 .setAttribute(
119 "href",
120 Services.urlFormatter.formatURLPref("app.support.baseURL") +
121 "phishing-malware"
122 );
124 // Show safe browsing details on load if the pref is set to true.
125 let showDetails = Services.prefs.getBoolPref(
126 "browser.xul.error_pages.show_safe_browsing_details_on_load"
127 );
128 if (showDetails) {
129 let details = content.document.getElementById(
130 "errorDescriptionContainer"
131 );
132 details.removeAttribute("hidden");
133 }
135 // Set safe browsing advisory link.
136 let advisoryUrl = Services.prefs.getCharPref(
137 "browser.safebrowsing.provider." + provider + ".advisoryURL",
138 ""
139 );
140 let advisoryDesc = content.document.getElementById("advisoryDescText");
141 if (!advisoryUrl) {
142 advisoryDesc.remove();
143 return;
144 }
146 let advisoryLinkText = Services.prefs.getCharPref(
147 "browser.safebrowsing.provider." + provider + ".advisoryName",
148 ""
149 );
150 if (!advisoryLinkText) {
151 advisoryDesc.remove();
152 return;
153 }
155 content.document.l10n.setAttributes(
156 advisoryDesc,
157 "safeb-palm-advisory-desc",
158 { advisoryname: advisoryLinkText }
159 );
160 content.document
161 .getElementById("advisory_provider")
162 .setAttribute("href", advisoryUrl);
163 }
165 onClick(event) {
166 let ownerDoc = event.target.ownerDocument;
167 if (!ownerDoc) {
168 return;
169 }
171 var reason = "phishing";
172 if (/e=malwareBlocked/.test(ownerDoc.documentURI)) {
173 reason = "malware";
174 } else if (/e=unwantedBlocked/.test(ownerDoc.documentURI)) {
175 reason = "unwanted";
176 } else if (/e=harmfulBlocked/.test(ownerDoc.documentURI)) {
177 reason = "harmful";
178 }
180 this.sendAsyncMessage("Browser:SiteBlockedError", {
181 location: ownerDoc.location.href,
182 reason,
183 elementId: event.target.getAttribute("id"),
184 blockedInfo: getSiteBlockedErrorDetails(this.docShell),
185 });
186 }
187 }