1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsISupports.idl"
interface nsIApplicationReputationCallback;
interface nsIApplicationReputationQuery;
interface nsIArray;
interface nsIURI;
/*
* A service for asynchronously querying an application reputation service
* based on metadata of the downloaded file.
*/
[scriptable, uuid(c9f03479-fd68-4393-acb2-c88d4f563174)]
interface nsIApplicationReputationService : nsISupports {
/**
* Indicates the reason for the application reputation block.
*/
const unsigned long VERDICT_SAFE = 0;
const unsigned long VERDICT_DANGEROUS = 1;
const unsigned long VERDICT_UNCOMMON = 2;
const unsigned long VERDICT_POTENTIALLY_UNWANTED = 3;
const unsigned long VERDICT_DANGEROUS_HOST = 4;
/**
* Start querying the application reputation service.
*
* @param aQuery
* The nsIApplicationReputationQuery containing metadata of the
* downloaded file.
*
* @param aCallback
* The callback for receiving the results of the query.
*
* @remarks aCallback may not be null. onComplete is guaranteed to be called
* on aCallback. This function may not be called more than once with
* the same query object. If any of the attributes of aQuery have
* not been set or have been set with empty data (with the exception
* of sourceURI), then a valid request can still be constructed and
* will solicit a valid response, but won't produce any useful
* information.
*/
void queryReputation(in nsIApplicationReputationQuery aQuery,
in nsIApplicationReputationCallback aCallback);
};
/**
* A single-use, write-once interface for recording the metadata of the
* downloaded file. nsIApplicationReputationService.Start() may only be called
* once with a single query.
*/
[scriptable, uuid(812d7509-a9a3-446e-a66f-3ed8cc91ebd0)]
interface nsIApplicationReputationQuery : nsISupports {
/*
* The nsIURI from which the file was downloaded. This may not be null.
*/
readonly attribute nsIURI sourceURI;
/*
* The reference, if any.
*/
readonly attribute nsIURI referrerURI;
/*
* The target filename for the downloaded file, as inferred from the source
* URI or provided by the Content-Disposition attachment file name. If this
* is not set by the caller, it will be passed as an empty string but the
* query won't produce any useful information.
*/
readonly attribute AString suggestedFileName;
/*
* The size of the downloaded file in bytes.
*/
readonly attribute unsigned long fileSize;
/*
* The SHA256 hash of the downloaded file in raw bytes. If this is not set by
* the caller, it will be passed as an empty string but the query won't
* produce any useful information.
*/
readonly attribute ACString sha256Hash;
/*
* The nsIArray of nsIX509CertList of nsIX509Cert that verify for this
* binary, if it is signed.
*/
readonly attribute nsIArray signatureInfo;
/*
* The nsIArray of nsIPrincipal of redirects that lead to this download. The
* most recent redirect is the last element.
*/
readonly attribute nsIArray redirects;
};
[scriptable, function, uuid(9a228470-cfe5-11e2-8b8b-0800200c9a66)]
interface nsIApplicationReputationCallback : nsISupports {
/**
* Callback for the result of the application reputation query.
* @param aStatus
* NS_OK if and only if the query succeeded. If it did, then
* shouldBlock is meaningful (otherwise it defaults to false). This
* may be NS_ERROR_FAILURE if the response cannot be parsed, or
* NS_ERROR_NOT_AVAILABLE if the service has been disabled or is not
* reachable.
* @param aShouldBlock
* Whether or not the download should be blocked.
* @param aVerdict
* Indicates the result of the lookup that determines whether the
* download should be blocked, according to the "VERDICT_" constants.
* This may be set to a value different than "VERDICT_SAFE" even if
* aShouldBlock is false, so you should always check aShouldBlock.
*/
void onComplete(in bool aShouldBlock,
in nsresult aStatus,
in unsigned long aVerdict);
};
|