home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Windows News 2006 October
/
wn148cd2.iso
/
Windows
/
S'informer
/
Netcraft
/
netcrafttoolbar.xpi
/
chrome
/
netcrafttoolbar.jar
/
content
/
phishtank.js
< prev
next >
Wrap
Text File
|
2005-08-04
|
11KB
|
378 lines
/*
* NetcraftToolbar - Main Extension Code
*
* Copyright (C) 2005 Netcraft Ltd
* http://toolbar.netcraft.com/
*
* $Id: chrome:content:phishtank.js,v 1.64 2005/07/21 11:39:26 vb Exp $
*/
const PT_TOOLBARID = "netcrafttoolbar";
const PT_IFRAMEID = "netcrafttoolbar-iframe";
const PT_DESCRIPTIONID = "netcrafttoolbar-description";
const PT_RISKBARLEN = 56;
const PT_BUFSIZ = 4096;
const PT_SERVERERROR = "Toolbar Server Error";
const PT_CHECKURL = "http://mirror.toolbar.netcraft.com/check_url/";
const PT_XSSDATURL = "chrome://netcrafttoolbar/content/xss.dat";
const PT_LBDATURL = "chrome://netcrafttoolbar/content/localblock.dat";
const PT_PHISHINGBLOCKEDURL = "chrome://netcrafttoolbar/content/blocked.html";
const PT_XSSBLOCKEDURL = "chrome://netcrafttoolbar/content/blocked.html";
const PT_LBBLOCKEDURL = "chrome://netcrafttoolbar/content/blocked.html";
const PT_ALERTMSG =
"The page you are trying to visit %ACTION%.\n\n" +
"URL: %URL%\n\n" +
"If this is a mistake, please report it using\n" +
"'Report Incorrect Blocked URL' in the Netcraft Menu.\n\n" +
"Do you still want to go there?";
const PT_BLOCKACTION = "has been blocked by the Netcraft Toolbar because it\n";
const PT_PHISHINGMSG = PT_BLOCKACTION +
"is believed to be part of a fraudulent phishing attack";
const PT_XSSMSG = "is using Cross-Site Scripting (XSS).\n" +
"This is a technique commonly used in phishing attacks";
const PT_LBMSG = PT_BLOCKACTION +
"contains suspicious characters, indicating that it may be a malicious site";
const PT_NOINFO = "No information available";
var phishTank = {
QueryInterface: function(aIID) {
if (aIID.equals(Components.interfaces.nsIWebProgressListener) ||
aIID.equals(Components.interfaces.nsISupportsWeakReference) ||
aIID.equals(Components.interfaces.nsISupports))
return this;
throw Components.results.NS_NOINTERFACE;
},
onLocationChange: function(aProgress, aRequest, aURI) {
if (!aURI) return 0;
var toolbar = document.getElementById(PT_TOOLBARID);
if ((toolbar != null) && toolbar.collapsed) {
this.displayHoster("");
return 0;
}
switch (aURI.scheme) {
case "http":
case "https":
case "ftp":
this.changeToolbar(aURI);
break;
default:
this.displayHoster("");
break;
}
return 0;
},
onStateChange: function(aProgress, aRequest, aFlag, aStatus) { return 0; },
onProgressChange: function() { return 0; },
onStatusChange: function() { return 0; },
onSecurityChange: function() { return 0; },
onLinkIconAvailable: function() { return 0; },
changeToolbar: function (aURI) {
var key = aURI.scheme + "://" + aURI.hostPort;
var url = aURI.asciiSpec;
if (ptRoot.xss &&
this.checkPatterns(ptRoot.xss, this.canonicaliseURL(url)) &&
this.yesno("Block XSS?", PT_XSSMSG, url)
) {
this.displayHoster("XSS URL blocked!");
top.document.getElementById("content").
contentDocument.location.replace(PT_XSSBLOCKEDURL);
return;
}
if (ptRoot.lb &&
this.checkPatterns(ptRoot.lb, url) &&
this.yesno("Block Suspicious URL?", PT_LBMSG, url)
) {
this.displayHoster("Suspicious URL blocked!");
top.document.getElementById("content").
contentDocument.location.replace(PT_LBBLOCKEDURL);
return;
}
if (ptRoot.lookup[key]) {
this.updateIframe(ptRoot.lookup[key], url);
}
else if (ptToolbarPrefs.isOffline()) {
this.displayHoster("offline");
return;
}
else {
var check_url = PT_CHECKURL + aURI.scheme + "://" + aURI.asciiHost;
if (aURI.port > 0)
check_url += ":" + aURI.port;
var ip = ptDns.dnsResolve(aURI.host);
if (ip) {
if (ptDns.unroutableIP(ip)) {
this.displayHoster(PT_NOINFO);
return;
}
else
check_url += "/" + ptDns.convertIP(ip);
this.fetchInfo(key, check_url, url);
}
}
return;
},
fetchInfo: function (key,chkurl,url) {
var daddy = this;
var req = new XMLHttpRequest();
req.open("GET", chkurl, true);
req.key = key;
req.onreadystatechange = function() {
if (req.readyState == 4) {
daddy.updateIframe(req, url);
}
else
daddy.displayHoster(key + "....!".substr(0,req.readyState+1));
}
req.send(null);
return true;
},
updateIframe: function (req,url) {
var descr;
switch (req.status) {
case 200:
try {
var pats = req.getResponseHeader("X-Phishing-Patterns");
}
catch (e) {}
if (pats) {
var patArray = this.headerArray(atob(pats));
if (this.checkPatterns(this.buildPatterns(patArray), url) &&
this.yesno("Block Phishing Site?", PT_PHISHINGMSG, url))
{
ptRoot.lookup[req.key] = req;
this.displayHoster("Phishing URL blocked!");
top.document.getElementById("content").
contentDocument.location.replace(PT_PHISHINGBLOCKEDURL);
return;
}
}
descr = req.responseText;
var flag = descr.match(/\[(\w\w)\]/);
if (flag != null) {
descr = descr.replace(/ \[\w\w\]/,
'<img src="chrome://netcrafttoolbar/content/flags/' +
flag[1].toLowerCase() +
'.gif"/> $&'
);
};
var risk = req.getResponseHeader("X-Risk-Rank");
if (risk) {
const PT_ABSPOS = "position: absolute; left: 0px; top: 0px;";
var barLength = Math.round(risk * PT_RISKBARLEN / 10);
descr =
'<div style="position: relative;" tooltiptext="">' +
'<a href="http://toolbar.netcraft.com/help/faq/index.html#riskrating">' +
'<img style="' + PT_ABSPOS + '" ' +
'border="0" ' +
'src="chrome://netcrafttoolbar/content/risk.png" ' +
'tooltiptext="Risk Rating: ' + risk + '"' +
'/>' +
'<img style="' + PT_ABSPOS +
'clip: rect(0px ' + barLength + 'px auto 0px);" ' +
'border="0" ' +
'src="chrome://netcrafttoolbar/content/bar.png" ' +
'tooltiptext="Risk Rating: ' + risk + '"' +
'/>' +
'</a>' +
'</div>' +
'<nobr style="margin-left: 60px;">' +
descr +
'</nobr>';
}
descr = descr.replace(/\<a /g, '<a onClick="phishTank.goTo(this.href); return(false);" ');
ptRoot.lookup[req.key] = req;
break;
default:
descr = "[" + PT_SERVERERROR + ": " + req.statusText + "]";
break;
}
this.displayHoster(descr);
},
displayHoster: function (htmlText) {
var iframe = document.getElementById(PT_IFRAMEID).contentDocument;
iframe.open();
iframe.write('<div>' + htmlText + '</div>');
iframe.close();
var doc = document.getElementById(PT_DESCRIPTIONID);
while (doc.hasChildNodes())
doc.removeChild(doc.firstChild);
if (iframe.hasChildNodes())
for (i = 0; i < iframe.childNodes.length; i++)
doc.appendChild(iframe.childNodes[i]);
},
substURL: function (str,url) {
return (
str.replace(/%URL%/, this.escapeURL(url.toString())).
replace(/%UUID%/, ptToolbarPrefs.uuid)
);
},
yesno: function (title,str,url) {
var ps = Components.classes["@mozilla.org/embedcomp/prompt-service;1"].
getService(Components.interfaces.nsIPromptService);
var flags = ps.BUTTON_TITLE_IS_STRING * ps.BUTTON_POS_0 +
ps.BUTTON_TITLE_IS_STRING * ps.BUTTON_POS_1 +
ps.BUTTON_POS_1_DEFAULT;
str = PT_ALERTMSG.replace(/%ACTION%/,str);
if (url && url.length)
str = this.substURL(str,url);
return ps.confirmEx(window, title, str, flags, "Yes", "No", null, null, {});
},
openURL: function (aURL) {
var how = ptToolbarPrefs.newWindow();
var inBg = ptToolbarPrefs.bg();
var theTop = top.document.getElementById("content");
switch(how) {
case 3:
var newtab = theTop.addTab(aURL);
if (!inBg)
window.getBrowser().selectedTab = newtab;
break;
case 2:
window.open(aURL);
break;
default:
theTop.contentDocument.location = aURL;
if (!inBg)
window.content.focus();
break;
}
},
goTo: function (url) {
var loc = window.content.location;
url = this.substURL(url,loc);
this.openURL(url);
},
checkForUpdates: function () {
if (ptToolbarPrefs.isOffline())
return false;
var upd = new XMLHttpRequest();
upd.open("GET", "http://mirror.toolbar.netcraft.com/install/update.rdf", true);
upd.onreadystatechange = function() { return; }
upd.setRequestHeader("User-Agent","%UUID% netcrafttoolbar/1.0.3.3 (b:20050804163834)".replace(/%UUID%/, uuid));
upd.send(null);
return true;
},
/* Network Read */
URLarray: function (url) {
var serv = Components.classes["@mozilla.org/network/io-service;1"].
getService(Components.interfaces.nsIIOService);
var chan = serv.newChannel(url, null, null);
var sis = Components.classes["@mozilla.org/scriptableinputstream;1"].
createInstance(Components.interfaces.nsIScriptableInputStream);
sis.init(chan.open());
var buf = "";
while(sis.available() > 0)
buf += sis.read(PT_BUFSIZ);
buf = buf.replace(/\s+$/,'');
sis.close();
return (buf.length > 0 ? buf.split(/[\r\n]+/) : null);
},
headerArray: function (str) {
str = str.replace(/\s+$/,'');
return (str.split(/\t/));
},
canonicaliseURL: function (url) {
url = unescape(url.replace(/\+/g, " "));
url = url.replace(/[\x00-\x08\x0e-\x1f\x7f-\xff]/g, "");
url = url.replace(/\\/g, "");
return url;
},
escapeURL: function (url) {
url = url.
replace(/\#/g, "%23").
replace(/\%/g, "%25").
replace(/\+/g, "%2b").
replace(/\&/g, "%26").
replace(/\?/g, "%3f").
replace(/\s+/g,'+');
return url;
},
buildPatterns: function (strarray) {
if (!strarray || strarray.length == 0)
return null;
var patterns = new Array;
for (var s = 0; s < strarray.length; s++) {
strarray[s] = strarray[s].replace(/\(\?[\w-]+\)/g,"");
patterns[s] = new RegExp(strarray[s],"i");
}
return(patterns.length > 0 ? patterns : null);
},
checkPatterns: function (patterns,str) {
if (!patterns || patterns.length == 0)
return false;
for (var pat = 0; pat < patterns.length; pat++) {
if (patterns[pat].exec(str)) {
return true;
}
}
return false;
}
}
var ptRoot = top;
ptRoot.lookup = new Object;
ptRoot.xss = phishTank.buildPatterns(phishTank.URLarray(PT_XSSDATURL));
ptRoot.lb = phishTank.buildPatterns(phishTank.URLarray(PT_LBDATURL));
function ptRegisterPhishTank() {
window.getBrowser().addProgressListener(
phishTank,
Components.interfaces.nsIWebProgress.NOTIFY_STATE_DOCUMENT
);
}
function ptUnregisterPhishTank()
{
window.getBrowser().removeProgressListener(phishTank);
}
window.addEventListener("load", ptRegisterPhishTank, false);
window.addEventListener("unload", ptUnregisterPhishTank, false);
