def test_plugin_record_with_no_targetApplication_matching():
xml_tree = etree.Element(
'blocklist',
xmlns="http://www.mozilla.org/2006/addons-blocklist",
lastupdate='1459262434336'
)
data = PLUGIN_DATA.copy()
data['versionRange'] = [{
"targetApplication": [
{"guid": "{some-other-application}",
"minVersion": "1.2",
"maxVersion": "1.4"}
],
"minVersion": "0",
"maxVersion": "*",
"severity": 3
}]
exporter.write_plugin_items(xml_tree, [data],
constants.FIREFOX_APPID)
result = etree.tostring(
etree.ElementTree(xml_tree),
pretty_print=True,
xml_declaration=True,
encoding='UTF-8').decode('utf-8')
assert result == b"""<?xml version='1.0' encoding='UTF-8'?>
<blocklist lastupdate="1459262434336" \
xmlns="http://www.mozilla.org/2006/addons-blocklist">
<pluginItems/>
</blocklist>
""".decode('utf-8')
def test_plugin_record_with_no_targetApplication_matching():
xml_tree = etree.Element(
'blocklist',
lastupdate='1459262434336',
xmlns="http://www.mozilla.org/2006/addons-blocklist",
)
data = PLUGIN_DATA.copy()
data['versionRange'] = [{
"targetApplication": [{
"guid": "{some-other-application}",
"minVersion": "1.2",
"maxVersion": "1.4"
}],
"minVersion":
"0",
"maxVersion":
"*",
"severity":
3
}]
exporter.write_plugin_items(xml_tree, [data], constants.FIREFOX_APPID)
result = etree.tostring(etree.ElementTree(xml_tree),
pretty_print=True,
xml_declaration=True,
encoding='UTF-8').decode('utf-8')
assert result == b"""<?xml version='1.0' encoding='UTF-8'?>
<blocklist lastupdate="1459262434336" \
xmlns="http://www.mozilla.org/2006/addons-blocklist">
<pluginItems/>
</blocklist>
""".decode('utf-8')
def test_plugin_record_with_api_version_2():
xml_tree = etree.Element(
'blocklist',
xmlns="http://www.mozilla.org/2006/addons-blocklist",
lastupdate='1459262434336'
)
exporter.write_plugin_items(xml_tree, [PLUGIN_DATA],
constants.FIREFOX_APPID,
api_ver=2)
result = etree.tostring(
etree.ElementTree(xml_tree),
pretty_print=True,
xml_declaration=True,
encoding='UTF-8').decode('utf-8')
assert result == b"""<?xml version='1.0' encoding='UTF-8'?>
<blocklist lastupdate="1459262434336" \
xmlns="http://www.mozilla.org/2006/addons-blocklist">
<pluginItems>
<pluginItem blockID="p26">
<match exp="^Yahoo Application State Plugin$" name="name"/>
<match exp="npYState.dll" name="filename"/>
<match exp="^Yahoo Application State Plugin$" name="description"/>
<infoURL>https://get.adobe.com/flashplayer/</infoURL>
<versionRange maxVersion="4.1.10328.0" minVersion="0" severity="0" \
vulnerabilitystatus="1"/>
</pluginItem>
</pluginItems>
</blocklist>
""".decode('utf-8')
def test_plugin_record_with_api_version_2_with_no_guid_and_severity_0():
xml_tree = etree.Element(
'blocklist',
lastupdate='1459262434336',
xmlns="http://www.mozilla.org/2006/addons-blocklist",
)
data = PLUGIN_DATA.copy()
data['versionRange'] = [{"targetApplication": [], "severity": 0}]
exporter.write_plugin_items(xml_tree, [data],
constants.FIREFOX_APPID,
api_ver=2)
result = etree.tostring(etree.ElementTree(xml_tree),
pretty_print=True,
xml_declaration=True,
encoding='UTF-8').decode('utf-8')
assert result == b"""<?xml version='1.0' encoding='UTF-8'?>
<blocklist lastupdate="1459262434336" \
xmlns="http://www.mozilla.org/2006/addons-blocklist">
<pluginItems>
<pluginItem blockID="p26">
<match exp="^Yahoo Application State Plugin$" name="name"/>
<match exp="npYState.dll" name="filename"/>
<match exp="^Yahoo Application State Plugin$" name="description"/>
<infoURL>https://get.adobe.com/flashplayer/</infoURL>
<versionRange severity="0"/>
</pluginItem>
</pluginItems>
</blocklist>
""".decode('utf-8')
def test_plugin_record_with_api_version_2():
xml_tree = etree.Element(
'blocklist',
lastupdate='1459262434336',
xmlns="http://www.mozilla.org/2006/addons-blocklist",
)
exporter.write_plugin_items(xml_tree, [PLUGIN_DATA],
constants.FIREFOX_APPID,
api_ver=2)
result = etree.tostring(etree.ElementTree(xml_tree),
pretty_print=True,
xml_declaration=True,
encoding='UTF-8').decode('utf-8')
assert result == b"""<?xml version='1.0' encoding='UTF-8'?>
<blocklist lastupdate="1459262434336" \
xmlns="http://www.mozilla.org/2006/addons-blocklist">
<pluginItems>
<pluginItem blockID="p26">
<match exp="^Yahoo Application State Plugin$" name="name"/>
<match exp="npYState.dll" name="filename"/>
<match exp="^Yahoo Application State Plugin$" name="description"/>
<infoURL>https://get.adobe.com/flashplayer/</infoURL>
<versionRange maxVersion="4.1.10328.0" minVersion="0" severity="0" \
vulnerabilitystatus="1"/>
</pluginItem>
</pluginItems>
</blocklist>
""".decode('utf-8')
def get_blocklist(request):
api_ver = int(request.matchdict['api_ver'])
app = request.matchdict['application_guid']
app_ver = request.matchdict['application_ver']
last_update = 0
# Addons blocklist
addons_records, addons_records_count = get_records(request, 'addons')
if addons_records:
last_update = addons_records[-1]['last_modified']
# Plugins blocklist
plugin_records, plugin_records_count = get_records(request, 'plugins')
if plugin_records:
last_update = max(last_update, plugin_records[-1]['last_modified'])
# GFX blocklist
gfx_records, gfx_records_count = get_records(request, 'gfx')
if gfx_records:
last_update = max(last_update, gfx_records[-1]['last_modified'])
# Certificates blocklist
cert_records, cert_records_count = get_records(request, 'certificates')
if cert_records:
last_update = max(last_update, cert_records[-1]['last_modified'])
xml_tree = etree.Element(
'blocklist',
xmlns="http://www.mozilla.org/2006/addons-blocklist",
lastupdate='%s' % last_update
)
write_addons_items(xml_tree, addons_records, api_ver=api_ver, app_id=app)
write_plugin_items(xml_tree, plugin_records, api_ver=api_ver,
app_id=app, app_ver=app_ver)
write_gfx_items(xml_tree, gfx_records, api_ver=api_ver, app_id=app)
write_cert_items(xml_tree, cert_records, api_ver=api_ver)
doc = etree.ElementTree(xml_tree)
request.response.content_type = "application/xml;charset=UTF-8"
request.response.write(etree.tostring(
doc,
pretty_print=True,
xml_declaration=True,
encoding='UTF-8').decode('utf-8'))
return request.response
def test_plugin_record_with_no_targetApplication_info():
xml_tree = etree.Element(
'blocklist',
xmlns="http://www.mozilla.org/2006/addons-blocklist",
lastupdate='1459262434336'
)
data = PLUGIN_DATA.copy()
data['name'] = "Yahoo Application State Plugin"
data['os'] = "WINNT"
data['xpcomabi'] = "test"
data['versionRange'] = [{
"targetApplication": [],
"minVersion": "0",
"maxVersion": "*",
"severity": 0,
"vulnerabilityStatus": "1"
}]
exporter.write_plugin_items(xml_tree, [data],
constants.FIREFOX_APPID)
result = etree.tostring(
etree.ElementTree(xml_tree),
pretty_print=True,
xml_declaration=True,
encoding='UTF-8').decode('utf-8')
assert result == b"""<?xml version='1.0' encoding='UTF-8'?>
<blocklist lastupdate="1459262434336" \
xmlns="http://www.mozilla.org/2006/addons-blocklist">
<pluginItems>
<pluginItem blockID="p26" name="Yahoo Application State Plugin" os="WINNT"\
xpcomabi="test">
<match exp="^Yahoo Application State Plugin$" name="name"/>
<match exp="npYState.dll" name="filename"/>
<match exp="^Yahoo Application State Plugin$" name="description"/>
<infoURL>https://get.adobe.com/flashplayer/</infoURL>
<versionRange maxVersion="*" minVersion="0" severity="0" \
vulnerabilitystatus="1"/>
</pluginItem>
</pluginItems>
</blocklist>
""".decode('utf-8')
def test_plugin_record_with_no_targetApplication_info():
xml_tree = etree.Element(
'blocklist',
xmlns="http://www.mozilla.org/2006/addons-blocklist",
lastupdate='1459262434336'
)
data = PLUGIN_DATA.copy()
data['name'] = "Yahoo Application State Plugin"
data['os'] = "WINNT"
data['xpcomabi'] = "test"
data['versionRange'] = [{
"targetApplication": [],
"minVersion": "0",
"maxVersion": "*",
"severity": 0,
"vulnerabilityStatus": "1"
}]
exporter.write_plugin_items(xml_tree, [data],
constants.FIREFOX_APPID)
result = etree.tostring(
etree.ElementTree(xml_tree),
pretty_print=True,
xml_declaration=True,
encoding='UTF-8').decode('utf-8')
assert result == b"""<?xml version='1.0' encoding='UTF-8'?>
<blocklist lastupdate="1459262434336" \
xmlns="http://www.mozilla.org/2006/addons-blocklist">
<pluginItems>
<pluginItem blockID="p26" name="Yahoo Application State Plugin" os="WINNT"\
xpcomabi="test">
<match exp="^Yahoo Application State Plugin$" name="name"/>
<match exp="npYState.dll" name="filename"/>
<match exp="^Yahoo Application State Plugin$" name="description"/>
<infoURL>https://get.adobe.com/flashplayer/</infoURL>
<versionRange maxVersion="*" minVersion="0" severity="0" \
vulnerabilitystatus="1"/>
</pluginItem>
</pluginItems>
</blocklist>
""".decode('utf-8')
def test_plugin_record_with_api_version_2_with_guid_and_empty_versionRange():
xml_tree = etree.Element(
'blocklist',
xmlns="http://www.mozilla.org/2006/addons-blocklist",
lastupdate='1459262434336'
)
data = PLUGIN_DATA.copy()
data['versionRange'] = [{
"targetApplication": [
{"guid": constants.FIREFOX_APPID,
"minVersion": "3.6",
"maxVersion": "3.6.*"}
]
}]
exporter.write_plugin_items(xml_tree, [data],
constants.FIREFOX_APPID,
api_ver=2)
result = etree.tostring(
etree.ElementTree(xml_tree),
pretty_print=True,
xml_declaration=True,
encoding='UTF-8').decode('utf-8')
assert result == b"""<?xml version='1.0' encoding='UTF-8'?>
<blocklist lastupdate="1459262434336" \
xmlns="http://www.mozilla.org/2006/addons-blocklist">
<pluginItems>
<pluginItem blockID="p26">
<match exp="^Yahoo Application State Plugin$" name="name"/>
<match exp="npYState.dll" name="filename"/>
<match exp="^Yahoo Application State Plugin$" name="description"/>
<infoURL>https://get.adobe.com/flashplayer/</infoURL>
<versionRange/>
</pluginItem>
</pluginItems>
</blocklist>
""".decode('utf-8')
def get_blocklist(request):
prefix = request.matchdict['prefix']
api_ver = int(request.matchdict['api_ver'])
app = request.matchdict['application_guid']
app_ver = request.matchdict['application_ver']
# 1. Verify that we have a config for that prefix
if prefix not in request.registry.amo_resources:
raise HTTPNotFound()
# Addons blocklist
addons_records, addons_last_modified = get_records(request, prefix,
'addons')
# Plugins blocklist
plugins_records, plugins_last_modified = get_records(
request, prefix, 'plugins')
# GFX blocklist
gfx_records, gfx_last_modified = get_records(request, prefix, 'gfx')
# Certificates blocklist
cert_records, cert_last_modified = get_records(request, prefix,
'certificates')
# Expose highest timestamp in response headers.
last_update = max(addons_last_modified, plugins_last_modified,
gfx_last_modified, cert_last_modified)
last_etag = '"{}"'.format(last_update)
request.response.headers['ETag'] = last_etag
request.response.last_modified = last_update / 1000.0
if_none_match = request.headers.get('If-None-Match')
if_modified_since = request.headers.get('If-Modified-Since')
if if_none_match is not None or if_modified_since is not None:
has_changed = (
if_none_match != last_etag
and request.if_modified_since != request.response.last_modified)
if not has_changed:
response = HTTPNotModified()
response.headers['ETag'] = last_etag
response.last_modified = last_update / 1000.0
raise response
xml_tree = etree.Element(
'blocklist',
xmlns="http://www.mozilla.org/2006/addons-blocklist",
lastupdate='%s' % last_update)
write_addons_items(xml_tree,
addons_records,
api_ver=api_ver,
app_id=app,
app_ver=app_ver)
write_plugin_items(xml_tree,
plugins_records,
api_ver=api_ver,
app_id=app,
app_ver=app_ver)
write_gfx_items(xml_tree, gfx_records, api_ver=api_ver, app_id=app)
write_cert_items(xml_tree,
cert_records,
api_ver=api_ver,
app_id=app,
app_ver=app_ver)
doc = etree.ElementTree(xml_tree)
request.response.content_type = "application/xml;charset=UTF-8"
request.response.write(
etree.tostring(doc,
pretty_print=True,
xml_declaration=True,
encoding='UTF-8').decode('utf-8'))
return request.response
