Commit a40573f3 authored by Laurent Montel's avatar Laurent Montel 😁
Browse files

Implement scam detection. Now we have a warning when we detect that

a message can be a scam.
(for the moment we detect if an anchor has a title and it shows an url
which is not the url define in href)

We will improve it.

CCBUG: 307818
parent 79e47ded
......@@ -39,6 +39,9 @@ class QLabel;
class KActionCollection;
namespace MessageViewer {
#ifndef KDEPIM_NO_WEBKIT
class ScamDetection;
#endif
/// MailWebView extends KWebView so that it can emit the popupMenu() signal
#ifdef KDEPIM_NO_WEBKIT
......@@ -98,6 +101,9 @@ public:
void setScrollBarPolicy( Qt::Orientation orientation, Qt::ScrollBarPolicy policy );
Qt::ScrollBarPolicy scrollBarPolicy( Qt::Orientation orientation ) const;
#ifndef KDEPIM_NO_WEBKIT
void scamCheck();
#endif
Q_SIGNALS:
......@@ -110,6 +116,7 @@ Q_SIGNALS:
#ifdef KDEPIM_NO_WEBKIT
void linkClicked( const QUrl & link );
#endif
void messageMayBeAScam();
protected:
#ifdef KDEPIM_MOBILE_UI
......@@ -139,6 +146,8 @@ private:
QList<QLabel*> mAccessKeyLabels;
QHash<QChar, QWebElement> mAccessKeyNodes;
QHash<QString, QChar> mDuplicateLinkElements;
ScamDetection *mScamDetection;
#endif
KActionCollection *mActionCollection;
};
......
/* Copyright 2010 Thomas McGuire <mcguire@kde.org>
Copyright 2013 Laurent Montel <monte@kde.org>
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License as
published by the Free Software Foundation; either version 2 of
......@@ -17,6 +19,7 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "mailwebview.h"
#include "scamdetection/scamdetection.h"
#include <KDebug>
#include <KActionCollection>
......@@ -120,7 +123,7 @@ static void handleDuplicateLinkElements(const QWebElement& element, QHash<QStrin
MailWebView::MailWebView( KActionCollection *actionCollection, QWidget *parent )
: SuperClass( parent ), mActionCollection(actionCollection)
: SuperClass( parent ), mScamDetection(new ScamDetection), mActionCollection(actionCollection)
{
page()->setLinkDelegationPolicy( QWebPage::DelegateAllLinks );
settings()->setAttribute( QWebSettings::JavascriptEnabled, false );
......@@ -129,10 +132,14 @@ MailWebView::MailWebView( KActionCollection *actionCollection, QWidget *parent )
connect( page(), SIGNAL(linkHovered(QString,QString,QString)),
this, SIGNAL(linkHovered(QString,QString,QString)) );
connect(this, SIGNAL(loadStarted()), this, SLOT(hideAccessKeys()));
connect(mScamDetection, SIGNAL(messageMayBeAScam()), this, SIGNAL(messageMayBeAScam()));
connect(page(), SIGNAL(scrollRequested(int,int,QRect)), this, SLOT(hideAccessKeys()));
}
MailWebView::~MailWebView() {}
MailWebView::~MailWebView()
{
delete mScamDetection;
}
bool MailWebView::event( QEvent *event )
{
......@@ -612,5 +619,11 @@ void MailWebView::makeAccessKeyLabel(const QChar &accessKey, const QWebElement &
mAccessKeyNodes.insertMulti(accessKey, element);
}
void MailWebView::scamCheck()
{
const QWebElement root = page()->mainFrame()->documentElement();
mScamDetection->scanPage(root);
//TODO
}
#include "mailwebview.moc"
......@@ -24,27 +24,32 @@
using namespace MessageViewer;
ScamDetection::ScamDetection(QObject *parent)
: QObject(parent), mPage(new QWebPage())
: QObject(parent)
{
mPage->settings()->setAttribute( QWebSettings::JavascriptEnabled, false );
mPage->settings()->setAttribute( QWebSettings::JavaEnabled, false );
mPage->settings()->setAttribute( QWebSettings::PluginsEnabled, false );
mPage->settings()->setAttribute( QWebSettings::AutoLoadImages, false );
}
ScamDetection::~ScamDetection()
{
delete mPage;
}
void ScamDetection::scanPage(const QString &html)
void ScamDetection::scanPage(const QWebElement &rootElement)
{
QWebFrame *frame = mPage->mainFrame();
frame->setHtml( html, QUrl( "file:///" ) );
QWebElement document = frame->documentElement();
QWebElementCollection allAnchor = document.findAll("a");
QWebElementCollection allAnchor = rootElement.findAll("a");
Q_FOREACH (const QWebElement &anchorElement, allAnchor) {
qDebug()<<" href"<<anchorElement.attribute(QLatin1String("href"));
//1) detect if title has a url and title != href
const QString href = anchorElement.attribute(QLatin1String("href"));
const QString title = anchorElement.attribute(QLatin1String("title"));
if (!title.isEmpty()) {
if (title.startsWith(QLatin1String("http:")) || title.startsWith(QLatin1String("https:"))) {
if (href != title) {
Q_EMIT messageMayBeAScam();
break;
}
}
}
//2) delete if url href has ip and not server name.
//TODO
}
}
......
......@@ -20,22 +20,20 @@
#include <QObject>
class QWebPage;
class QWebElement;
namespace MessageViewer {
class ScamDetection : public QObject
{
Q_OBJECT
public:
explicit ScamDetection(QObject *parent);
explicit ScamDetection(QObject *parent = 0);
~ScamDetection();
void scanPage(const QString &html);
void scanPage(const QWebElement &rootElement);
Q_SIGNALS:
void messageMayBeAScam();
private:
QWebPage *mPage;
};
}
......
......@@ -35,4 +35,9 @@ ScamDetectionWarningWidget::~ScamDetectionWarningWidget()
{
}
void ScamDetectionWarningWidget::slotShowWarning()
{
setVisible(true);
}
#include "scamdetectionwarningwidget.moc"
......@@ -27,6 +27,9 @@ class ScamDetectionWarningWidget : public KMessageWidget
public:
explicit ScamDetectionWarningWidget(QWidget *parent = 0);
~ScamDetectionWarningWidget();
public Q_SLOTS:
void slotShowWarning();
};
}
......
......@@ -1088,6 +1088,7 @@ void ViewerPrivate::initHtmlWidget()
this, SLOT(slotUrlOpen(QUrl)), Qt::QueuedConnection );
connect( mViewer, SIGNAL(popupMenu(QUrl,QUrl,QPoint)),
SLOT(slotUrlPopup(QUrl,QUrl,QPoint)) );
connect( mViewer, SIGNAL(messageMayBeAScam()), mScamDetectionWarning, SLOT(slotShowWarning()));
}
bool ViewerPrivate::eventFilter( QObject *, QEvent *e )
......
......@@ -36,6 +36,7 @@
#include "webkitparthtmlwriter.h"
#include "mailwebview.h"
#include "scamdetection/scamdetection.h"
#include <KDebug>
#include <KUrl>
......@@ -92,7 +93,9 @@ void WebKitPartHtmlWriter::end() {
mHtml.clear();
resolveCidUrls();
#ifndef KDEPIM_NO_WEBKIT
mHtmlView->scamCheck();
#endif
mHtmlView->setUpdatesEnabled( true );
mHtmlView->update();
mState = Ended;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment