summaryrefslogtreecommitdiffstats
path: root/netwerk/url-classifier/UrlClassifierFeatureCryptominingProtection.cpp
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--netwerk/url-classifier/UrlClassifierFeatureCryptominingProtection.cpp211
1 files changed, 211 insertions, 0 deletions
diff --git a/netwerk/url-classifier/UrlClassifierFeatureCryptominingProtection.cpp b/netwerk/url-classifier/UrlClassifierFeatureCryptominingProtection.cpp
new file mode 100644
index 0000000000..72406179bc
--- /dev/null
+++ b/netwerk/url-classifier/UrlClassifierFeatureCryptominingProtection.cpp
@@ -0,0 +1,211 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "UrlClassifierFeatureCryptominingProtection.h"
+
+#include "mozilla/AntiTrackingUtils.h"
+#include "mozilla/net/UrlClassifierCommon.h"
+#include "ChannelClassifierService.h"
+#include "mozilla/StaticPrefs_privacy.h"
+#include "nsNetUtil.h"
+#include "mozilla/StaticPtr.h"
+#include "nsIWebProgressListener.h"
+#include "nsIHttpChannelInternal.h"
+#include "nsIChannel.h"
+
+namespace mozilla {
+namespace net {
+
+namespace {
+
+#define CRYPTOMINING_FEATURE_NAME "cryptomining-protection"
+
+#define URLCLASSIFIER_CRYPTOMINING_BLOCKLIST \
+ "urlclassifier.features.cryptomining.blacklistTables"
+#define URLCLASSIFIER_CRYPTOMINING_BLOCKLIST_TEST_ENTRIES \
+ "urlclassifier.features.cryptomining.blacklistHosts"
+#define URLCLASSIFIER_CRYPTOMINING_ENTITYLIST \
+ "urlclassifier.features.cryptomining.whitelistTables"
+#define URLCLASSIFIER_CRYPTOMINING_ENTITYLIST_TEST_ENTRIES \
+ "urlclassifier.features.cryptomining.whitelistHosts"
+#define URLCLASSIFIER_CRYPTOMINING_EXCEPTION_URLS \
+ "urlclassifier.features.cryptomining.skipURLs"
+#define TABLE_CRYPTOMINING_BLOCKLIST_PREF "cryptomining-blacklist-pref"
+#define TABLE_CRYPTOMINING_ENTITYLIST_PREF "cryptomining-whitelist-pref"
+
+StaticRefPtr<UrlClassifierFeatureCryptominingProtection>
+ gFeatureCryptominingProtection;
+
+} // namespace
+
+UrlClassifierFeatureCryptominingProtection::
+ UrlClassifierFeatureCryptominingProtection()
+ : UrlClassifierFeatureAntiTrackingBase(
+ nsLiteralCString(CRYPTOMINING_FEATURE_NAME),
+ nsLiteralCString(URLCLASSIFIER_CRYPTOMINING_BLOCKLIST),
+ nsLiteralCString(URLCLASSIFIER_CRYPTOMINING_ENTITYLIST),
+ nsLiteralCString(URLCLASSIFIER_CRYPTOMINING_BLOCKLIST_TEST_ENTRIES),
+ nsLiteralCString(URLCLASSIFIER_CRYPTOMINING_ENTITYLIST_TEST_ENTRIES),
+ nsLiteralCString(TABLE_CRYPTOMINING_BLOCKLIST_PREF),
+ nsLiteralCString(TABLE_CRYPTOMINING_ENTITYLIST_PREF),
+ nsLiteralCString(URLCLASSIFIER_CRYPTOMINING_EXCEPTION_URLS)) {}
+
+/* static */ const char* UrlClassifierFeatureCryptominingProtection::Name() {
+ return CRYPTOMINING_FEATURE_NAME;
+}
+
+/* static */
+void UrlClassifierFeatureCryptominingProtection::MaybeInitialize() {
+ UC_LOG_LEAK(("UrlClassifierFeatureCryptominingProtection::MaybeInitialize"));
+
+ if (!gFeatureCryptominingProtection) {
+ gFeatureCryptominingProtection =
+ new UrlClassifierFeatureCryptominingProtection();
+ gFeatureCryptominingProtection->InitializePreferences();
+ }
+}
+
+/* static */
+void UrlClassifierFeatureCryptominingProtection::MaybeShutdown() {
+ UC_LOG_LEAK(("UrlClassifierFeatureCryptominingProtection::MaybeShutdown"));
+
+ if (gFeatureCryptominingProtection) {
+ gFeatureCryptominingProtection->ShutdownPreferences();
+ gFeatureCryptominingProtection = nullptr;
+ }
+}
+
+/* static */
+already_AddRefed<UrlClassifierFeatureCryptominingProtection>
+UrlClassifierFeatureCryptominingProtection::MaybeCreate(nsIChannel* aChannel) {
+ MOZ_ASSERT(aChannel);
+
+ UC_LOG_LEAK(
+ ("UrlClassifierFeatureCryptominingProtection::MaybeCreate - channel %p",
+ aChannel));
+
+ if (!StaticPrefs::privacy_trackingprotection_cryptomining_enabled()) {
+ return nullptr;
+ }
+
+ bool isThirdParty = AntiTrackingUtils::IsThirdPartyChannel(aChannel);
+ if (!isThirdParty) {
+ UC_LOG(
+ ("UrlClassifierFeatureCryptominingProtection::MaybeCreate - "
+ "skipping first party or top-level load for channel %p",
+ aChannel));
+ return nullptr;
+ }
+
+ if (!UrlClassifierCommon::ShouldEnableProtectionForChannel(aChannel)) {
+ return nullptr;
+ }
+
+ MaybeInitialize();
+ MOZ_ASSERT(gFeatureCryptominingProtection);
+
+ RefPtr<UrlClassifierFeatureCryptominingProtection> self =
+ gFeatureCryptominingProtection;
+ return self.forget();
+}
+
+/* static */
+already_AddRefed<nsIUrlClassifierFeature>
+UrlClassifierFeatureCryptominingProtection::GetIfNameMatches(
+ const nsACString& aName) {
+ if (!aName.EqualsLiteral(CRYPTOMINING_FEATURE_NAME)) {
+ return nullptr;
+ }
+
+ MaybeInitialize();
+ MOZ_ASSERT(gFeatureCryptominingProtection);
+
+ RefPtr<UrlClassifierFeatureCryptominingProtection> self =
+ gFeatureCryptominingProtection;
+ return self.forget();
+}
+
+NS_IMETHODIMP
+UrlClassifierFeatureCryptominingProtection::ProcessChannel(
+ nsIChannel* aChannel, const nsTArray<nsCString>& aList,
+ const nsTArray<nsCString>& aHashes, bool* aShouldContinue) {
+ NS_ENSURE_ARG_POINTER(aChannel);
+ NS_ENSURE_ARG_POINTER(aShouldContinue);
+
+ bool isAllowListed = UrlClassifierCommon::IsAllowListed(aChannel);
+
+ // This is a blocking feature.
+ *aShouldContinue = isAllowListed;
+
+ if (isAllowListed) {
+ return NS_OK;
+ }
+
+ nsAutoCString list;
+ UrlClassifierCommon::TablesToString(aList, list);
+
+ ChannelBlockDecision decision =
+ ChannelClassifierService::OnBeforeBlockChannel(aChannel, mName, list);
+ if (decision != ChannelBlockDecision::Blocked) {
+ uint32_t event =
+ decision == ChannelBlockDecision::Replaced
+ ? nsIWebProgressListener::STATE_REPLACED_TRACKING_CONTENT
+ : nsIWebProgressListener::STATE_ALLOWED_TRACKING_CONTENT;
+
+ // Need to set aBlocked to True if we replace the Cryptominer with a shim,
+ // since the shim is treated as a blocked event
+ // Note: If we need to account for which kind of tracker was replaced,
+ // we need to create a new event type in nsIWebProgressListener
+ if (event == nsIWebProgressListener::STATE_REPLACED_TRACKING_CONTENT) {
+ ContentBlockingNotifier::OnEvent(aChannel, event, true);
+ } else {
+ ContentBlockingNotifier::OnEvent(aChannel, event, false);
+ }
+
+ *aShouldContinue = true;
+ return NS_OK;
+ }
+
+ UrlClassifierCommon::SetBlockedContent(aChannel, NS_ERROR_CRYPTOMINING_URI,
+ list, ""_ns, ""_ns);
+
+ UC_LOG(
+ ("UrlClassifierFeatureCryptominingProtection::ProcessChannel - "
+ "cancelling channel %p",
+ aChannel));
+
+ nsCOMPtr<nsIHttpChannelInternal> httpChannel = do_QueryInterface(aChannel);
+
+ if (httpChannel) {
+ Unused << httpChannel->CancelByURLClassifier(NS_ERROR_CRYPTOMINING_URI);
+ } else {
+ Unused << aChannel->Cancel(NS_ERROR_CRYPTOMINING_URI);
+ }
+
+ return NS_OK;
+}
+
+NS_IMETHODIMP
+UrlClassifierFeatureCryptominingProtection::GetURIByListType(
+ nsIChannel* aChannel, nsIUrlClassifierFeature::listType aListType,
+ nsIUrlClassifierFeature::URIType* aURIType, nsIURI** aURI) {
+ NS_ENSURE_ARG_POINTER(aChannel);
+ NS_ENSURE_ARG_POINTER(aURIType);
+ NS_ENSURE_ARG_POINTER(aURI);
+
+ if (aListType == nsIUrlClassifierFeature::blocklist) {
+ *aURIType = nsIUrlClassifierFeature::blocklistURI;
+ return aChannel->GetURI(aURI);
+ }
+
+ MOZ_ASSERT(aListType == nsIUrlClassifierFeature::entitylist);
+
+ *aURIType = nsIUrlClassifierFeature::pairwiseEntitylistURI;
+ return UrlClassifierCommon::CreatePairwiseEntityListURI(aChannel, aURI);
+}
+
+} // namespace net
+} // namespace mozilla