diff options
Diffstat (limited to 'toolkit/components/reputationservice/nsIApplicationReputation.idl')
| -rw-r--r-- | toolkit/components/reputationservice/nsIApplicationReputation.idl | 147 |
1 files changed, 147 insertions, 0 deletions
diff --git a/toolkit/components/reputationservice/nsIApplicationReputation.idl b/toolkit/components/reputationservice/nsIApplicationReputation.idl new file mode 100644 index 0000000000..ea7f92038e --- /dev/null +++ b/toolkit/components/reputationservice/nsIApplicationReputation.idl @@ -0,0 +1,147 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "nsISupports.idl" + +interface nsIApplicationReputationCallback; +interface nsIApplicationReputationQuery; +interface nsIArray; +interface nsIURI; +interface nsIReferrerInfo; + +/* + * A service for asynchronously querying an application reputation service + * based on metadata of the downloaded file. + */ +[scriptable, uuid(c9f03479-fd68-4393-acb2-c88d4f563174)] +interface nsIApplicationReputationService : nsISupports { + /** + * Indicates the reason for the application reputation block. + */ + const unsigned long VERDICT_SAFE = 0; + const unsigned long VERDICT_DANGEROUS = 1; + const unsigned long VERDICT_UNCOMMON = 2; + const unsigned long VERDICT_POTENTIALLY_UNWANTED = 3; + const unsigned long VERDICT_DANGEROUS_HOST = 4; + + /** + * Start querying the application reputation service. + * + * @param aQuery + * The nsIApplicationReputationQuery containing metadata of the + * downloaded file. + * + * @param aCallback + * The callback for receiving the results of the query. + * + * @remarks aCallback may not be null. onComplete is guaranteed to be called + * on aCallback. This function may not be called more than once with + * the same query object. If any of the attributes of aQuery have + * not been set or have been set with empty data (with the exception + * of sourceURI), then a valid request can still be constructed and + * will solicit a valid response, but won't produce any useful + * information. + */ + void queryReputation(in nsIApplicationReputationQuery aQuery, + in nsIApplicationReputationCallback aCallback); + + /** + * Check if a file with this name should be treated as a binary executable, + * and is therefore subject to application reputation checks. + * Will return true if the filename's extension is either: + * - in kBinaryFileExtensions in ApplicationReputation.cpp + * - in sExecutableExts in nsLocalFileCommon.h *and* not in + * kNonBinaryExecutables in ApplicationReputation.cpp + * + * @param aFilename + * The filename to check. + */ + bool isBinary(in AUTF8String aFilename); + + /** + * Check if a file with this name should be treated as an executable, + * and should not be opened without caution. + * Will return true if the filename's extension is in sExecutableExts + * in nsLocalFileCommon.h. + * + * @param aFilename + * The filename to check. + */ + bool isExecutable(in AUTF8String aFilename); +}; + +/** + * A single-use, write-once interface for recording the metadata of the + * downloaded file. nsIApplicationReputationService.Start() may only be called + * once with a single query. + */ +[scriptable, uuid(812d7509-a9a3-446e-a66f-3ed8cc91ebd0)] +interface nsIApplicationReputationQuery : nsISupports { + /* + * The nsIURI from which the file was downloaded. This may not be null. + */ + readonly attribute nsIURI sourceURI; + + /* + * The reference, if any. + */ + readonly attribute nsIReferrerInfo referrerInfo; + + /* + * The target filename for the downloaded file, as inferred from the source + * URI or provided by the Content-Disposition attachment file name. If this + * is not set by the caller, it will be passed as an empty string but the + * query won't produce any useful information. + */ + readonly attribute AUTF8String suggestedFileName; + + /* + * The size of the downloaded file in bytes. + */ + readonly attribute unsigned long fileSize; + + /* + * The SHA256 hash of the downloaded file in raw bytes. If this is not set by + * the caller, it will be passed as an empty string but the query won't + * produce any useful information. + */ + readonly attribute ACString sha256Hash; + + /* + * The Array of Array of Array of bytes that verify for this + * binary, if it is signed. + */ + readonly attribute Array<Array<Array<uint8_t> > > signatureInfo; + + /* + * The nsIArray of nsIPrincipal of redirects that lead to this download. The + * most recent redirect is the last element. + */ + readonly attribute nsIArray redirects; +}; + +[scriptable, function, uuid(9a228470-cfe5-11e2-8b8b-0800200c9a66)] +interface nsIApplicationReputationCallback : nsISupports { + /** + * Callback for the result of the application reputation query. + * @param aStatus + * NS_OK if and only if the query succeeded. If it did, then + * shouldBlock is meaningful (otherwise it defaults to false). This + * may be NS_ERROR_FAILURE if the response cannot be parsed, or + * NS_ERROR_NOT_AVAILABLE if the service has been disabled or is not + * reachable. + * @param aShouldBlock + * Whether or not the download should be blocked. + * @param aVerdict + * Indicates the result of the lookup that determines whether the + * download should be blocked, according to the "VERDICT_" constants. + * This may be set to a value different than "VERDICT_SAFE" even if + * aShouldBlock is false, so you should always check aShouldBlock. + */ + void onComplete(in bool aShouldBlock, + in nsresult aStatus, + in unsigned long aVerdict); +}; |