Mercurial > mozreview > gecko / changeset / 1d30bc32c0b280b2e1f5f9c979c624479d9a6433
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1336915 - Disable updates and fullhash requests when the Google API key is missing draft
authorThomas Nguyen <tnguyen@mozilla.com>
Tue, 25 Apr 2017 15:20:44 +0800
changeset 569922 1d30bc32c0b280b2e1f5f9c979c624479d9a6433
parent 568509 0f5ba06c4c5959030a05cb852656d854065e2226
child 626336 c1300b269e0fdc273c5463b0b4210fee73e586e5
push id56318
push userbmo:tnguyen@mozilla.com
push dateFri, 28 Apr 2017 03:04:18 +0000
bugs1336915
milestone55.0a1
Bug 1336915 - Disable updates and fullhash requests when the Google API key is missing We only register google table if we have a valid google api keys MozReview-Commit-ID: CJmJErxSOqa
toolkit/components/url-classifier/SafeBrowsing.jsm file | annotate | diff | comparison | revisions
toolkit/components/url-classifier/content/listmanager.js file | annotate | diff | comparison | revisions
toolkit/components/url-classifier/tests/mochitest/test_safebrowsing_bug1272239.html file | annotate | diff | comparison | revisions 
--- a/toolkit/components/url-classifier/SafeBrowsing.jsm
+++ b/toolkit/components/url-classifier/SafeBrowsing.jsm
@@ -80,16 +80,21 @@ this.SafeBrowsing = {
     let provider = this.providers[providerName];
 
     if (!providerName || !provider) {
       log("No provider info found for " + listname);
       log("Check browser.safebrowsing.provider.[google/mozilla].lists");
       return;
     }
 
+    if (!provider.updateURL) {
+      log("Invalid update url " + listname);
+      return;
+    }
+
     listManager.registerTable(listname, providerName, provider.updateURL, provider.gethashURL);
   },
 
   registerTables: function() {
     for (let i = 0; i < this.phishingLists.length; ++i) {
       this.registerTableWithURLs(this.phishingLists[i]);
     }
     for (let i = 0; i < this.malwareLists.length; ++i) {
@@ -265,16 +270,24 @@ this.SafeBrowsing = {
     Object.keys(this.providers).forEach(function(provider) {
       let updateURL = Services.urlFormatter.formatURLPref(
         "browser.safebrowsing.provider." + provider + ".updateURL");
       let gethashURL = Services.urlFormatter.formatURLPref(
         "browser.safebrowsing.provider." + provider + ".gethashURL");
       updateURL = updateURL.replace("SAFEBROWSING_ID", clientID);
       gethashURL = gethashURL.replace("SAFEBROWSING_ID", clientID);
 
+      // Disable updates and gethash if the Google API key is missing.
+      let googleKey = Services.urlFormatter.formatURL("%GOOGLE_API_KEY%").trim();
+      if ((provider == "google" || provider == "google4") &&
+          (!googleKey || googleKey == "no-google-api-key")) {
+        updateURL= "";
+        gethashURL= "";
+      }
+
       log("Provider: " + provider + " updateURL=" + updateURL);
       log("Provider: " + provider + " gethashURL=" + gethashURL);
 
       // Urls used to update DB
       this.providers[provider].updateURL  = updateURL;
       this.providers[provider].gethashURL = gethashURL;
 
       // Get lists this provider manages
--- a/toolkit/components/url-classifier/content/listmanager.js
+++ b/toolkit/components/url-classifier/content/listmanager.js
@@ -96,22 +96,22 @@ PROT_ListManager.prototype.shutdown_ = f
  * @param updateUrl - the url for updating the table
  * @param gethashUrl - the url for fetching hash completions
  * @returns true if the table could be created; false otherwise
  */
 PROT_ListManager.prototype.registerTable = function(tableName,
                                                     providerName,
                                                     updateUrl,
                                                     gethashUrl) {
-  log("registering " + tableName + " with " + updateUrl);
+  this.tablesData[tableName] = {};
   if (!updateUrl) {
     log("Can't register table " + tableName + " without updateUrl");
     return false;
   }
-  this.tablesData[tableName] = {};
+  log("registering " + tableName + " with " + updateUrl);
   this.tablesData[tableName].updateUrl = updateUrl;
   this.tablesData[tableName].gethashUrl = gethashUrl;
   this.tablesData[tableName].provider = providerName;
 
   // Keep track of all of our update URLs.
   if (!this.needsUpdate_[updateUrl]) {
     this.needsUpdate_[updateUrl] = {};
 
--- a/toolkit/components/url-classifier/tests/mochitest/test_safebrowsing_bug1272239.html
+++ b/toolkit/components/url-classifier/tests/mochitest/test_safebrowsing_bug1272239.html
@@ -58,29 +58,36 @@ for (var provider in providers) {
 var lists = [];
 for (var pref of prefs) {
   lists = lists.concat(SpecialPowers.getCharPref(pref).split(","));
 }
 
 var listmanager = Cc["@mozilla.org/url-classifier/listmanager;1"].
                   getService(Ci.nsIUrlListManager);
 
+let googleKey = SpecialPowers.Services.urlFormatter.formatURL("%GOOGLE_API_KEY%").trim();
+
 for (var list of lists) {
   if (!list)
     continue;
 
   // For lists having a provider, it should have a correct gethash url
   // For lists without a provider, for example, test-malware-simple, it should not
   // have a gethash url.
   var url = listmanager.getGethashUrl(list);
   var index = listsWithProvider.indexOf(list);
   if (index >= 0) {
     var provider = listsToProvider[index];
     var pref = "browser.safebrowsing.provider." + provider + ".gethashURL";
-    is(url, SpecialPowers.getCharPref(pref), list + " matches its gethash url");
+    if ((provider == "google" || provider == "google4") &&
+        (!googleKey || googleKey == "no-google-api-key")) {
+      is(url, "", "getHash url of " + list + " should be empty");
+    } else {
+      is(url, SpecialPowers.getCharPref(pref), list + " matches its gethash url");
+    }
   } else {
     is(url, "", list + " should not have a gethash url");
   }
 }
 
 </script>
 </pre>
 </body>
gecko
Deployed from af051c2a8da7 at 2024-04-29T16:08:02Z.