Issue #2146 - Remove nsChannelClassifier/nsIURIClassifier

Resolves #2146

8 files changed, 2 insertions, 489 deletions

diff --git a/netwerk/base/moz.build b/netwerk/base/moz.build
index 78482d87fa..c53c8d335d 100644
--- a/netwerk/base/moz.build
+++ b/netwerk/base/moz.build
@@ -128,7 +128,6 @@ XPIDL_SOURCES += [
     'nsIUploadChannel.idl',
     'nsIUploadChannel2.idl',
     'nsIURI.idl',
-    'nsIURIClassifier.idl',
     'nsIURIWithBlobImpl.idl',
     'nsIURIWithPrincipal.idl',
     'nsIURL.idl',
@@ -200,7 +199,6 @@ UNIFIED_SOURCES += [
     'nsBaseChannel.cpp',
     'nsBaseContentStream.cpp',
     'nsBufferedStreams.cpp',
-    'nsChannelClassifier.cpp',
     'nsDirectoryIndexStream.cpp',
     'nsDNSPrefetch.cpp',
     'nsDownloader.cpp',
diff --git a/netwerk/base/nsBaseChannel.cpp b/netwerk/base/nsBaseChannel.cpp
index a4d8d0d42f..41edc4620d 100644
--- a/netwerk/base/nsBaseChannel.cpp
+++ b/netwerk/base/nsBaseChannel.cpp
@@ -15,7 +15,6 @@
 #include "nsIHttpChannel.h"
 #include "nsIChannelEventSink.h"
 #include "nsIStreamConverterService.h"
-#include "nsChannelClassifier.h"
 #include "nsAsyncRedirectVerifyHelper.h"
 #include "nsProxyRelease.h"
 #include "nsXULAppAPI.h"
diff --git a/netwerk/base/nsChannelClassifier.cpp b/netwerk/base/nsChannelClassifier.cpp
deleted file mode 100644
index 82ad61cd7e..0000000000
--- a/netwerk/base/nsChannelClassifier.cpp
+++ /dev/null
@@ -1,354 +0,0 @@
-/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#include "nsChannelClassifier.h"
-
-#include "mozIThirdPartyUtil.h"
-#include "nsCharSeparatedTokenizer.h"
-#include "nsContentUtils.h"
-#include "nsICacheEntry.h"
-#include "nsICachingChannel.h"
-#include "nsIChannel.h"
-#include "nsIDocShell.h"
-#include "nsIDocument.h"
-#include "nsIDOMDocument.h"
-#include "nsIHttpChannelInternal.h"
-#include "nsIIOService.h"
-#include "nsILoadContext.h"
-#include "nsIParentChannel.h"
-#include "nsIPermissionManager.h"
-#include "nsIProtocolHandler.h"
-#include "nsIScriptError.h"
-#include "nsIScriptSecurityManager.h"
-#include "nsISecureBrowserUI.h"
-#include "nsISecurityEventSink.h"
-#include "nsIURL.h"
-#include "nsIWebProgressListener.h"
-#include "nsNetUtil.h"
-#include "nsPIDOMWindow.h"
-#include "nsXULAppAPI.h"
-
-#include "mozilla/ErrorNames.h"
-#include "mozilla/Logging.h"
-#include "mozilla/Preferences.h"
-
-namespace mozilla {
-namespace net {
-
-//
-// MOZ_LOG=nsChannelClassifier:5
-//
-static LazyLogModule gChannelClassifierLog("nsChannelClassifier");
-
-#undef LOG
-#define LOG(args)     MOZ_LOG(gChannelClassifierLog, LogLevel::Debug, args)
-#define LOG_ENABLED() MOZ_LOG_TEST(gChannelClassifierLog, LogLevel::Debug)
-
-NS_IMPL_ISUPPORTS(nsChannelClassifier,
-                  nsIURIClassifierCallback)
-
-nsChannelClassifier::nsChannelClassifier()
-  : mIsAllowListed(false),
-    mSuspendedChannel(false)
-{
-}
-
-void
-nsChannelClassifier::Start(nsIChannel *aChannel)
-{
-  mChannel = aChannel;
-
-  nsresult rv = StartInternal();
-  if (NS_FAILED(rv)) {
-    // If we aren't getting a callback for any reason, assume a good verdict and
-    // make sure we resume the channel if necessary.
-    OnClassifyComplete(NS_OK);
-  }
-}
-
-nsresult
-nsChannelClassifier::StartInternal()
-{
-    // Should only be called in the parent process.
-    MOZ_ASSERT(XRE_IsParentProcess());
-
-    // Don't bother to run the classifier on a load that has already failed.
-    // (this might happen after a redirect)
-    nsresult status;
-    mChannel->GetStatus(&status);
-    if (NS_FAILED(status))
-        return status;
-
-    // Don't bother to run the classifier on a cached load that was
-    // previously classified as good.
-    if (HasBeenClassified(mChannel)) {
-        return NS_ERROR_UNEXPECTED;
-    }
-
-    nsCOMPtr<nsIURI> uri;
-    nsresult rv = mChannel->GetURI(getter_AddRefs(uri));
-    NS_ENSURE_SUCCESS(rv, rv);
-
-    // Don't bother checking certain types of URIs.
-    bool hasFlags;
-    rv = NS_URIChainHasFlags(uri,
-                             nsIProtocolHandler::URI_DANGEROUS_TO_LOAD,
-                             &hasFlags);
-    NS_ENSURE_SUCCESS(rv, rv);
-    if (hasFlags) return NS_ERROR_UNEXPECTED;
-
-    rv = NS_URIChainHasFlags(uri,
-                             nsIProtocolHandler::URI_IS_LOCAL_FILE,
-                             &hasFlags);
-    NS_ENSURE_SUCCESS(rv, rv);
-    if (hasFlags) return NS_ERROR_UNEXPECTED;
-
-    rv = NS_URIChainHasFlags(uri,
-                             nsIProtocolHandler::URI_IS_UI_RESOURCE,
-                             &hasFlags);
-    NS_ENSURE_SUCCESS(rv, rv);
-    if (hasFlags) return NS_ERROR_UNEXPECTED;
-
-    rv = NS_URIChainHasFlags(uri,
-                             nsIProtocolHandler::URI_IS_LOCAL_RESOURCE,
-                             &hasFlags);
-    NS_ENSURE_SUCCESS(rv, rv);
-    if (hasFlags) return NS_ERROR_UNEXPECTED;
-
-    // Skip whitelisted hostnames.
-    nsAutoCString whitelisted;
-    Preferences::GetCString("urlclassifier.skipHostnames", &whitelisted);
-    if (!whitelisted.IsEmpty()) {
-      ToLowerCase(whitelisted);
-      LOG(("nsChannelClassifier[%p]:StartInternal whitelisted hostnames = %s",
-           this, whitelisted.get()));
-      if (IsHostnameWhitelisted(uri, whitelisted)) {
-        return NS_ERROR_UNEXPECTED;
-      }
-    }
-
-    nsCOMPtr<nsIURIClassifier> uriClassifier =
-        do_GetService(NS_URICLASSIFIERSERVICE_CONTRACTID, &rv);
-    if (rv == NS_ERROR_FACTORY_NOT_REGISTERED ||
-        rv == NS_ERROR_NOT_AVAILABLE) {
-        // no URI classifier, ignore this failure.
-        return NS_ERROR_NOT_AVAILABLE;
-    }
-    NS_ENSURE_SUCCESS(rv, rv);
-
-    nsCOMPtr<nsIScriptSecurityManager> securityManager =
-        do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
-    NS_ENSURE_SUCCESS(rv, rv);
-
-    nsCOMPtr<nsIPrincipal> principal;
-    rv = securityManager->GetChannelURIPrincipal(mChannel, getter_AddRefs(principal));
-    NS_ENSURE_SUCCESS(rv, rv);
-
-    bool expectCallback;
-
-    if (LOG_ENABLED()) {
-      nsCOMPtr<nsIURI> principalURI;
-      principal->GetURI(getter_AddRefs(principalURI));
-      LOG(("nsChannelClassifier[%p]: Classifying principal %s on channel with "
-           "uri %s", this, principalURI->GetSpecOrDefault().get(),
-           uri->GetSpecOrDefault().get()));
-    }
-    rv = uriClassifier->Classify(principal, false, this, &expectCallback);
-    if (NS_FAILED(rv)) {
-        return rv;
-    }
-
-    if (expectCallback) {
-        // Suspend the channel, it will be resumed when we get the classifier
-        // callback.
-        rv = mChannel->Suspend();
-        if (NS_FAILED(rv)) {
-            // Some channels (including nsJSChannel) fail on Suspend.  This
-            // shouldn't be fatal, but will prevent malware from being
-            // blocked on these channels.
-            LOG(("nsChannelClassifier[%p]: Couldn't suspend channel", this));
-            return rv;
-        }
-
-        mSuspendedChannel = true;
-        LOG(("nsChannelClassifier[%p]: suspended channel %p",
-             this, mChannel.get()));
-    } else {
-        LOG(("nsChannelClassifier[%p]: not expecting callback", this));
-        return NS_ERROR_FAILURE;
-    }
-
-    return NS_OK;
-}
-
-bool
-nsChannelClassifier::IsHostnameWhitelisted(nsIURI *aUri,
-                                           const nsACString &aWhitelisted)
-{
-  nsAutoCString host;
-  nsresult rv = aUri->GetHost(host);
-  if (NS_FAILED(rv) || host.IsEmpty()) {
-    return false;
-  }
-  ToLowerCase(host);
-
-  nsCCharSeparatedTokenizer tokenizer(aWhitelisted, ',');
-  while (tokenizer.hasMoreTokens()) {
-    const nsCSubstring& token = tokenizer.nextToken();
-    if (token.Equals(host)) {
-      LOG(("nsChannelClassifier[%p]:StartInternal skipping %s (whitelisted)",
-           this, host.get()));
-      return true;
-    }
-  }
-
-  return false;
-}
-
-// Note in the cache entry that this URL was classified, so that future
-// cached loads don't need to be checked.
-void
-nsChannelClassifier::MarkEntryClassified(nsresult status)
-{
-    // Should only be called in the parent process.
-    MOZ_ASSERT(XRE_IsParentProcess());
-
-    if (mIsAllowListed) {
-        return;
-    }
-
-    if (LOG_ENABLED()) {
-      nsAutoCString errorName;
-      GetErrorName(status, errorName);
-      nsCOMPtr<nsIURI> uri;
-      mChannel->GetURI(getter_AddRefs(uri));
-      nsAutoCString spec;
-      uri->GetAsciiSpec(spec);
-      LOG(("nsChannelClassifier::MarkEntryClassified[%s] %s",
-           errorName.get(), spec.get()));
-    }
-
-    nsCOMPtr<nsICachingChannel> cachingChannel = do_QueryInterface(mChannel);
-    if (!cachingChannel) {
-        return;
-    }
-
-    nsCOMPtr<nsISupports> cacheToken;
-    cachingChannel->GetCacheToken(getter_AddRefs(cacheToken));
-    if (!cacheToken) {
-        return;
-    }
-
-    nsCOMPtr<nsICacheEntry> cacheEntry =
-        do_QueryInterface(cacheToken);
-    if (!cacheEntry) {
-        return;
-    }
-
-    cacheEntry->SetMetaDataElement("necko:classified",
-                                   NS_SUCCEEDED(status) ? "1" : nullptr);
-}
-
-bool
-nsChannelClassifier::HasBeenClassified(nsIChannel *aChannel)
-{
-    // Should only be called in the parent process.
-    MOZ_ASSERT(XRE_IsParentProcess());
-
-    nsCOMPtr<nsICachingChannel> cachingChannel =
-        do_QueryInterface(aChannel);
-    if (!cachingChannel) {
-        return false;
-    }
-
-    // Only check the tag if we are loading from the cache without
-    // validation.
-    bool fromCache;
-    if (NS_FAILED(cachingChannel->IsFromCache(&fromCache)) || !fromCache) {
-        return false;
-    }
-
-    nsCOMPtr<nsISupports> cacheToken;
-    cachingChannel->GetCacheToken(getter_AddRefs(cacheToken));
-    if (!cacheToken) {
-        return false;
-    }
-
-    nsCOMPtr<nsICacheEntry> cacheEntry =
-        do_QueryInterface(cacheToken);
-    if (!cacheEntry) {
-        return false;
-    }
-
-    nsXPIDLCString tag;
-    cacheEntry->GetMetaDataElement("necko:classified", getter_Copies(tag));
-    return tag.EqualsLiteral("1");
-}
-
-//static
-bool
-nsChannelClassifier::SameLoadingURI(nsIDocument *aDoc, nsIChannel *aChannel)
-{
-  nsCOMPtr<nsIURI> docURI = aDoc->GetDocumentURI();
-  nsCOMPtr<nsILoadInfo> channelLoadInfo = aChannel->GetLoadInfo();
-  if (!channelLoadInfo || !docURI) {
-    return false;
-  }
-
-  nsCOMPtr<nsIPrincipal> channelLoadingPrincipal = channelLoadInfo->LoadingPrincipal();
-  if (!channelLoadingPrincipal) {
-    // TYPE_DOCUMENT loads will not have a channelLoadingPrincipal. But top level
-    // loads should not be blocked by Tracking Protection, so we will return
-    // false
-    return false;
-  }
-  nsCOMPtr<nsIURI> channelLoadingURI;
-  channelLoadingPrincipal->GetURI(getter_AddRefs(channelLoadingURI));
-  if (!channelLoadingURI) {
-    return false;
-  }
-  bool equals = false;
-  nsresult rv = docURI->EqualsExceptRef(channelLoadingURI, &equals);
-  return NS_SUCCEEDED(rv) && equals;
-}
-
-NS_IMETHODIMP
-nsChannelClassifier::OnClassifyComplete(nsresult aErrorCode)
-{
-    // Should only be called in the parent process.
-    MOZ_ASSERT(XRE_IsParentProcess());
-
-    if (mSuspendedChannel) {
-      nsAutoCString errorName;
-      if (LOG_ENABLED()) {
-        GetErrorName(aErrorCode, errorName);
-        LOG(("nsChannelClassifier[%p]:OnClassifyComplete %s (suspended channel)",
-             this, errorName.get()));
-      }
-      MarkEntryClassified(aErrorCode);
-
-      if (NS_FAILED(aErrorCode)) {
-        if (LOG_ENABLED()) {
-          nsCOMPtr<nsIURI> uri;
-          mChannel->GetURI(getter_AddRefs(uri));
-          LOG(("nsChannelClassifier[%p]: cancelling channel %p for %s "
-               "with error code %s", this, mChannel.get(),
-               uri->GetSpecOrDefault().get(), errorName.get()));
-        }
-
-        mChannel->Cancel(aErrorCode);
-      }
-      LOG(("nsChannelClassifier[%p]: resuming channel %p from "
-           "OnClassifyComplete", this, mChannel.get()));
-      mChannel->Resume();
-    }
-
-    mChannel = nullptr;
-
-    return NS_OK;
-}
-
-} // namespace net
-} // namespace mozilla
diff --git a/netwerk/base/nsChannelClassifier.h b/netwerk/base/nsChannelClassifier.h
deleted file mode 100644
index 0516b9cbb2..0000000000
--- a/netwerk/base/nsChannelClassifier.h
+++ /dev/null
@@ -1,55 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#ifndef nsChannelClassifier_h__
-#define nsChannelClassifier_h__
-
-#include "nsIURIClassifier.h"
-#include "nsCOMPtr.h"
-#include "mozilla/Attributes.h"
-
-class nsIChannel;
-class nsIHttpChannelInternal;
-class nsIDocument;
-
-namespace mozilla {
-namespace net {
-
-class nsChannelClassifier final : public nsIURIClassifierCallback
-{
-public:
-    nsChannelClassifier();
-
-    NS_DECL_ISUPPORTS
-    NS_DECL_NSIURICLASSIFIERCALLBACK
-
-    // Calls nsIURIClassifier.Classify with the principal of the given channel,
-    // and cancels the channel on a bad verdict.
-    void Start(nsIChannel *aChannel);
-
-private:
-    // True if the channel is on the allow list.
-    bool mIsAllowListed;
-    // True if the channel has been suspended.
-    bool mSuspendedChannel;
-    nsCOMPtr<nsIChannel> mChannel;
-
-    ~nsChannelClassifier() {}
-    // Caches good classifications for the channel principal.
-    void MarkEntryClassified(nsresult status);
-    bool HasBeenClassified(nsIChannel *aChannel);
-    // Helper function so that we ensure we call ContinueBeginConnect once
-    // Start is called. Returns NS_OK if and only if we will get a callback
-    // from the classifier service.
-    nsresult StartInternal();
-    // Helper function to check a URI against the hostname whitelist
-    bool IsHostnameWhitelisted(nsIURI *aUri, const nsACString &aWhitelisted);
-    // Checks that the channel was loaded by the URI currently loaded in aDoc
-    static bool SameLoadingURI(nsIDocument *aDoc, nsIChannel *aChannel);
-};
-
-} // namespace net
-} // namespace mozilla
-
-#endif
diff --git a/netwerk/base/nsIURIClassifier.idl b/netwerk/base/nsIURIClassifier.idl
deleted file mode 100644
index a8f6098a78..0000000000
--- a/netwerk/base/nsIURIClassifier.idl
+++ /dev/null
@@ -1,65 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#include "nsISupports.idl"
-
-interface nsIChannel;
-interface nsIPrincipal;
-interface nsIURI;
-
-/**
- * Callback function for nsIURIClassifier lookups.
- */
-[scriptable, function, uuid(8face46e-0c96-470f-af40-0037dcd797bd)]
-interface nsIURIClassifierCallback : nsISupports
-{
-  /**
-   * Called by the URI classifier service when it is done checking a URI.
-   *
-   * Clients are responsible for associating callback objects with classify()
-   * calls.
-   *
-   * @param aErrorCode
-   *        The error code with which the channel should be cancelled, or
-   *        NS_OK if the load should continue normally.
-   */
-  void onClassifyComplete(in nsresult aErrorCode);
-};
-
-/**
- * The URI classifier service checks a URI against lists of phishing
- * and malware sites.
- */
-[scriptable, uuid(596620cc-76e3-4133-9d90-360e59a794cf)]
-interface nsIURIClassifier : nsISupports
-{
-  /**
-   * Classify a Principal using its URI.
-   *
-   * @param aPrincipal
-   *        The principal that should be checked by the URI classifier.
-   * @param aTrackingProtectionEnabled
-   *        Whether or not to classify the given URI against tracking
-   *        protection lists
-   *
-   * @param aCallback
-   *        The URI classifier will call this callback when the URI has been
-   *        classified.
-   *
-   * @return <code>false</code> if classification is not necessary.  The
-   *         callback will not be called.
-   *         <code>true</code> if classification will be performed.  The
-   *         callback will be called.
-   */
-  boolean classify(in nsIPrincipal aPrincipal,
-                   in boolean aTrackingProtectionEnabled,
-                   in nsIURIClassifierCallback aCallback);
-
-  /**
-   * Synchronously classify a URI with a comma-separated string
-   * containing the given tables. This does not make network requests.
-   * The result is a comma-separated string of tables that match.
-   */
-  ACString classifyLocalWithTables(in nsIURI aURI, in ACString aTables);
-};
diff --git a/netwerk/build/nsNetCID.h b/netwerk/build/nsNetCID.h
index 02ba7307eb..41dbdefb76 100644
--- a/netwerk/build/nsNetCID.h
+++ b/netwerk/build/nsNetCID.h
@@ -441,13 +441,6 @@
     {0x9a, 0x05, 0xb6, 0xd9, 0x2f, 0x8f, 0x22, 0x9a} \
 }
 
-/**
- * Contract ID for a service implementing nsIURIClassifier that identifies
- * phishing and malware sites.
- */
-#define NS_URICLASSIFIERSERVICE_CONTRACTID \
-    "@mozilla.org/uriclassifierservice"
-
 // Redirect channel registrar used for redirect to various protocols
 #define NS_REDIRECTCHANNELREGISTRAR_CONTRACTID \
     "@mozilla.org/redirectchannelregistrar;1"
diff --git a/netwerk/protocol/http/HttpChannelChild.cpp b/netwerk/protocol/http/HttpChannelChild.cpp
index a733b05145..90bbb19e83 100644
--- a/netwerk/protocol/http/HttpChannelChild.cpp
+++ b/netwerk/protocol/http/HttpChannelChild.cpp
@@ -19,7 +19,6 @@
 
 #include "AltDataOutputStreamChild.h"
 #include "nsISupportsPrimitives.h"
-#include "nsChannelClassifier.h"
 #include "nsStringStream.h"
 #include "nsHttpHandler.h"
 #include "nsNetUtil.h"
diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp
index ca2644f6ab..3bbc92e140 100644
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@@ -29,7 +29,6 @@
 #include "nsISeekableStream.h"
 #include "nsILoadGroupChild.h"
 #include "nsIProtocolProxyService2.h"
-#include "nsIURIClassifier.h"
 #include "nsMimeTypes.h"
 #include "nsNetCID.h"
 #include "nsNetUtil.h"
@@ -40,7 +39,6 @@
 #include "nsStreamUtils.h"
 #include "nsIOService.h"
 #include "nsDNSPrefetch.h"
-#include "nsChannelClassifier.h"
 #include "nsIRedirectResultListener.h"
 #include "mozilla/dom/ContentVerifier.h"
 #include "mozilla/TimeStamp.h"
@@ -5995,8 +5993,8 @@ nsHttpChannel::ContinueBeginConnectWithResult()
         mCallOnResume = &nsHttpChannel::ContinueBeginConnect;
         rv = NS_OK;
     } else if (mCanceled) {
-        // We may have been cancelled already, by nsChannelClassifier in that
-        // case, we should not send the request to the server
+        // We may have been cancelled already
+        // in that case, we should not send the request to the server.
         rv = mStatus;
     } else {
         rv = Connect();