javascript - Firefox Extension : Stopping the page load when suspicious url found -

javascript - Firefox Extension : Stopping the page load when suspicious url found -

i working on simple firefox extension tracks url requested , phone call web service @ background detects whether url suspicious or not , based on result returned service, extension decides stop page load , alert user case of forgery or whatever, , if user still wishes go page can redirected original page has requested

i have added http-on-modify-request observer

var observerservice = components.classes["@mozilla.org/observer-service;1"].getservice(components.interfaces.nsiobserverservice); observerservice.addobserver(requestobserverlistener.observe, "http-on-modify-request", false);

and observer

var requestobserverlistener = {observe: function (subject, topic, data) { //alert("inside observe"); if (topic == "http-on-modify-request") { subject.queryinterface(components.interfaces.nsihttpchannel); var url = subject.uri.spec; //url beingness requested. might want else //alert("inside modify request"); var urlbarvalue = document.getelementbyid("urlbar").value; urlbarvalue = processurl(urlbarvalue, url); //alert("url bar: "+urlbarvalue); //alert("url: "+url); document.getelementbyid("urlbar").style.backgroundcolor = "white"; if(urlbarvalue == url && url != "") { var browser = getwindowforrequest(subject); if (browser != null) { //alert(""+browser.contentdocument.body.innerhtml); alert("inside browser: "+url); getxmlhttprequest(url); } } } }, }

so when url in urlbar , requested url matches rest service called through ajax getxmlhttprequest(url); method

now when running extension phone call made service before service homecoming response page gets loaded not appropriate because user might come in credentials in meanwhile , compromised

i want first display user warning message on browser tab , if still wanted visit page can redirected page on link click in warning message window

i haven't tried code out i'm not sure suspend , resume work here's try. you're working nsirequest object subject can phone call subject.suspend() on it. there utilize callbacks xhr phone call either cancel() or resume() nsirequest.

here's relevant (untested) snippet of code. xhr assumes kind of promise .the() homecoming understand intention:

if(urlbarvalue == url && url != "") { var browser = getwindowforrequest(subject); if (browser != null) { // suspend pending request subject.suspend(); getxmlhttprequest(url).then( function success() { subject.resume(); }, function failure() { subject.cancel(components.results.ns_binding_aborted); }); } }

just fair warning don't want implement add-on in way.

it's going extremely slow remote phone call every http request. safe browsing module single phone call download database of sites considered 'unsafe', can check database against http request page such doesn't have create individual calls every time.

here's more info on kind of intercepting worth reading: https://developer.mozilla.org/en-us/docs/xul/school_tutorial/intercepting_page_loads#http_observers

also i'd worry xhr request loop because xhr calls creates http-on-modify-request event code might check xhr request valid before beingness able check current url. want safety check url checking domain.

and here's stackoverflow similar question yours might useful: how block http request on particular tab?

good luck!

javascript firefox firefox-addon