Bug 1385484 - Add the login reputation whitelist behind a pref. r=hchang

MozReview-Commit-ID: Dbtl3WL5tMJ

browser/app/profile/firefox.js

@@ -1170,6 +1170,7 @@ pref("services.sync.prefs.sync.browser.offline-apps.notify", true);
 pref("services.sync.prefs.sync.browser.safebrowsing.phishing.enabled", true);
 pref("services.sync.prefs.sync.browser.safebrowsing.malware.enabled", true);
 pref("services.sync.prefs.sync.browser.safebrowsing.downloads.enabled", true);
+pref("services.sync.prefs.sync.browser.safebrowsing.passwords.enabled", true);
 pref("services.sync.prefs.sync.browser.search.update", true);
 pref("services.sync.prefs.sync.browser.sessionstore.restore_on_demand", true);
 pref("services.sync.prefs.sync.browser.startup.homepage", true);

modules/libpref/init/all.js

@@ -5354,6 +5354,9 @@ pref("urlclassifier.phishTable", "googpub-phish-shavar,test-phish-simple");
 pref("urlclassifier.downloadAllowTable", "goog-downloadwhite-proto");
 pref("urlclassifier.downloadBlockTable", "goog-badbinurl-proto");
 
+// Tables for login reputation
+pref("urlclassifier.passwordAllowTable", "goog-passwordwhite-proto");
+
 // Tables for tracking protection
 pref("urlclassifier.trackingTable", "test-track-simple,base-track-digest256");
 pref("urlclassifier.trackingWhitelistTable", "test-trackwhite-simple,mozstd-trackwhite-digest256");
@@ -5400,6 +5403,9 @@ pref("browser.safebrowsing.downloads.remote.block_dangerous_host",       true);
 pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", true);
 pref("browser.safebrowsing.downloads.remote.block_uncommon",             true);
 
+// Password protection
+pref("browser.safebrowsing.passwords.enabled", false);
+
 // Google Safe Browsing provider (legacy)
 pref("browser.safebrowsing.provider.google.pver", "2.2");
 pref("browser.safebrowsing.provider.google.lists", "goog-badbinurl-shavar,goog-downloadwhite-digest256,goog-phish-shavar,googpub-phish-shavar,goog-malware-shavar,goog-unwanted-shavar");
@@ -5413,7 +5419,7 @@ pref("browser.safebrowsing.provider.google.advisoryName", "Google Safe Browsing"
 
 // Google Safe Browsing provider
 pref("browser.safebrowsing.provider.google4.pver", "4");
-pref("browser.safebrowsing.provider.google4.lists", "goog-badbinurl-proto,goog-downloadwhite-proto,goog-phish-proto,googpub-phish-proto,goog-malware-proto,goog-unwanted-proto,goog-harmful-proto");
+pref("browser.safebrowsing.provider.google4.lists", "goog-badbinurl-proto,goog-downloadwhite-proto,goog-phish-proto,googpub-phish-proto,goog-malware-proto,goog-unwanted-proto,goog-harmful-proto,goog-passwordwhite-proto");
 pref("browser.safebrowsing.provider.google4.updateURL", "https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=%GOOGLE_API_KEY%&$httpMethod=POST");
 pref("browser.safebrowsing.provider.google4.gethashURL", "https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=%GOOGLE_API_KEY%&$httpMethod=POST");
 pref("browser.safebrowsing.provider.google4.reportURL", "https://safebrowsing.google.com/safebrowsing/diagnostic?client=%NAME%&hl=%LOCALE%&site=");

toolkit/components/url-classifier/SafeBrowsing.jsm

@@ -41,6 +41,7 @@ const tablePreferences = [
   "urlclassifier.malwareTable",
   "urlclassifier.downloadBlockTable",
   "urlclassifier.downloadAllowTable",
+  "urlclassifier.passwordAllowTable",
   "urlclassifier.trackingTable",
   "urlclassifier.trackingWhitelistTable",
   "urlclassifier.blockedTable",
@@ -109,6 +110,9 @@ this.SafeBrowsing = {
     for (let i = 0; i < this.downloadAllowLists.length; ++i) {
       this.registerTableWithURLs(this.downloadAllowLists[i]);
     }
+    for (let i = 0; i < this.passwordAllowLists.length; ++i) {
+      this.registerTableWithURLs(this.passwordAllowLists[i]);
+    }
     for (let i = 0; i < this.trackingProtectionLists.length; ++i) {
       this.registerTableWithURLs(this.trackingProtectionLists[i]);
     }
@@ -130,6 +134,7 @@ this.SafeBrowsing = {
   initialized:          false,
   phishingEnabled:      false,
   malwareEnabled:       false,
+  passwordsEnabled:     false,
   trackingEnabled:      false,
   blockedEnabled:       false,
   trackingAnnotations:  false,
@@ -140,6 +145,7 @@ this.SafeBrowsing = {
   malwareLists:                 [],
   downloadBlockLists:           [],
   downloadAllowLists:           [],
+  passwordAllowLists:           [],
   trackingProtectionLists:      [],
   trackingProtectionWhitelists: [],
   blockedLists:                 [],
@@ -207,6 +213,7 @@ this.SafeBrowsing = {
 
     this.phishingEnabled = Services.prefs.getBoolPref("browser.safebrowsing.phishing.enabled");
     this.malwareEnabled = Services.prefs.getBoolPref("browser.safebrowsing.malware.enabled");
+    this.passwordsEnabled = Services.prefs.getBoolPref("browser.safebrowsing.passwords.enabled");
     this.trackingEnabled = Services.prefs.getBoolPref("privacy.trackingprotection.enabled") || Services.prefs.getBoolPref("privacy.trackingprotection.pbmode.enabled");
     this.blockedEnabled = Services.prefs.getBoolPref("browser.safebrowsing.blockedURIs.enabled");
     this.trackingAnnotations = Services.prefs.getBoolPref("privacy.trackingprotection.annotate_channels");
@@ -220,6 +227,7 @@ this.SafeBrowsing = {
      this.malwareLists,
      this.downloadBlockLists,
      this.downloadAllowLists,
+     this.passwordAllowLists,
      this.trackingProtectionLists,
      this.trackingProtectionWhitelists,
      this.blockedLists,
@@ -320,7 +328,8 @@ this.SafeBrowsing = {
 
   controlUpdateChecking() {
     log("phishingEnabled:", this.phishingEnabled, "malwareEnabled:",
-        this.malwareEnabled, "trackingEnabled:", this.trackingEnabled,
+        this.malwareEnabled, "passwordsEnabled:", this.passwordsEnabled,
+        "trackingEnabled:", this.trackingEnabled,
         "blockedEnabled:", this.blockedEnabled, "trackingAnnotations",
         this.trackingAnnotations, "flashBlockEnabled", this.flashBlockEnabled,
         "flashInfobarListEnabled:", this.flashInfobarListEnabled);
@@ -356,6 +365,13 @@ this.SafeBrowsing = {
         listManager.disableUpdate(this.downloadAllowLists[i]);
       }
     }
+    for (let i = 0; i < this.passwordAllowLists.length; ++i) {
+      if (this.passwordsEnabled) {
+        listManager.enableUpdate(this.passwordAllowLists[i]);
+      } else {
+        listManager.disableUpdate(this.passwordAllowLists[i]);
+      }
+    }
     for (let i = 0; i < this.trackingProtectionLists.length; ++i) {
       if (this.trackingEnabled || this.trackingAnnotations) {
         listManager.enableUpdate(this.trackingProtectionLists[i]);

toolkit/components/url-classifier/nsUrlClassifierDBService.cpp

@@ -1564,6 +1564,9 @@ nsUrlClassifierDBService::ReadTablesFromPrefs()
   Preferences::GetCString(DOWNLOAD_ALLOW_TABLE_PREF, tables);
   AppendTables(tables, allTables);
 
+  Preferences::GetCString(PASSWORD_ALLOW_TABLE_PREF, tables);
+  AppendTables(tables, allTables);
+
   Preferences::GetCString(TRACKING_TABLE_PREF, tables);
   AppendTables(tables, allTables);
   AppendTables(tables, mTrackingProtectionTables);

toolkit/components/url-classifier/nsUrlClassifierDBService.h

@@ -61,6 +61,7 @@
 #define DOWNLOAD_BLOCK_TABLE_PREF       "urlclassifier.downloadBlockTable"
 #define DOWNLOAD_ALLOW_TABLE_PREF       "urlclassifier.downloadAllowTable"
 #define DISALLOW_COMPLETION_TABLE_PREF  "urlclassifier.disallow_completions"
+#define PASSWORD_ALLOW_TABLE_PREF       "urlclassifier.passwordAllowTable"
 
 using namespace mozilla::safebrowsing;
 

toolkit/components/url-classifier/nsUrlClassifierUtils.cpp

@@ -252,6 +252,9 @@ static const struct {
   { "goog-badbinurl-proto", MALICIOUS_BINARY},            // 7
   { "goog-downloadwhite-proto", CSD_DOWNLOAD_WHITELIST},  // 9
 
+  // For login reputation
+  { "goog-passwordwhite-proto", CSD_WHITELIST}, // 8
+
   // For testing purpose.
   { "test-phish-proto",    SOCIAL_ENGINEERING_PUBLIC}, // 2
   { "test-unwanted-proto", UNWANTED_SOFTWARE},         // 3