Filename | /usr/local/lib/perl5/site_perl/Mail/SpamAssassin/Plugin/HTTPSMismatch.pm |
Statements | Executed 23 statements in 1.53ms |
Calls | P | F | Exclusive Time |
Inclusive Time |
Subroutine |
---|---|---|---|---|---|
1 | 1 | 1 | 76µs | 134µs | new | Mail::SpamAssassin::Plugin::HTTPSMismatch::
1 | 1 | 1 | 40µs | 40µs | BEGIN@20 | Mail::SpamAssassin::Plugin::HTTPSMismatch::
1 | 1 | 1 | 38µs | 104µs | BEGIN@27 | Mail::SpamAssassin::Plugin::HTTPSMismatch::
1 | 1 | 1 | 33µs | 43µs | BEGIN@22 | Mail::SpamAssassin::Plugin::HTTPSMismatch::
1 | 1 | 1 | 26µs | 88µs | BEGIN@25 | Mail::SpamAssassin::Plugin::HTTPSMismatch::
1 | 1 | 1 | 25µs | 36µs | BEGIN@24 | Mail::SpamAssassin::Plugin::HTTPSMismatch::
1 | 1 | 1 | 24µs | 56µs | BEGIN@23 | Mail::SpamAssassin::Plugin::HTTPSMismatch::
1 | 1 | 1 | 24µs | 225µs | BEGIN@21 | Mail::SpamAssassin::Plugin::HTTPSMismatch::
0 | 0 | 0 | 0s | 0s | check_https_http_mismatch | Mail::SpamAssassin::Plugin::HTTPSMismatch::
Line | State ments |
Time on line |
Calls | Time in subs |
Code |
---|---|---|---|---|---|
1 | # <@LICENSE> | ||||
2 | # Licensed to the Apache Software Foundation (ASF) under one or more | ||||
3 | # contributor license agreements. See the NOTICE file distributed with | ||||
4 | # this work for additional information regarding copyright ownership. | ||||
5 | # The ASF licenses this file to you under the Apache License, Version 2.0 | ||||
6 | # (the "License"); you may not use this file except in compliance with | ||||
7 | # the License. You may obtain a copy of the License at: | ||||
8 | # | ||||
9 | # http://www.apache.org/licenses/LICENSE-2.0 | ||||
10 | # | ||||
11 | # Unless required by applicable law or agreed to in writing, software | ||||
12 | # distributed under the License is distributed on an "AS IS" BASIS, | ||||
13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
14 | # See the License for the specific language governing permissions and | ||||
15 | # limitations under the License. | ||||
16 | # </@LICENSE> | ||||
17 | |||||
18 | package Mail::SpamAssassin::Plugin::HTTPSMismatch; | ||||
19 | |||||
20 | 2 | 74µs | 1 | 40µs | # spent 40µs within Mail::SpamAssassin::Plugin::HTTPSMismatch::BEGIN@20 which was called:
# once (40µs+0s) by Mail::SpamAssassin::PluginHandler::load_plugin at line 20 # spent 40µs making 1 call to Mail::SpamAssassin::Plugin::HTTPSMismatch::BEGIN@20 |
21 | 2 | 89µs | 2 | 426µs | # spent 225µs (24+201) within Mail::SpamAssassin::Plugin::HTTPSMismatch::BEGIN@21 which was called:
# once (24µs+201µs) by Mail::SpamAssassin::PluginHandler::load_plugin at line 21 # spent 225µs making 1 call to Mail::SpamAssassin::Plugin::HTTPSMismatch::BEGIN@21
# spent 201µs making 1 call to Exporter::import |
22 | 2 | 80µs | 2 | 53µs | # spent 43µs (33+10) within Mail::SpamAssassin::Plugin::HTTPSMismatch::BEGIN@22 which was called:
# once (33µs+10µs) by Mail::SpamAssassin::PluginHandler::load_plugin at line 22 # spent 43µs making 1 call to Mail::SpamAssassin::Plugin::HTTPSMismatch::BEGIN@22
# spent 10µs making 1 call to strict::import |
23 | 2 | 77µs | 2 | 88µs | # spent 56µs (24+32) within Mail::SpamAssassin::Plugin::HTTPSMismatch::BEGIN@23 which was called:
# once (24µs+32µs) by Mail::SpamAssassin::PluginHandler::load_plugin at line 23 # spent 56µs making 1 call to Mail::SpamAssassin::Plugin::HTTPSMismatch::BEGIN@23
# spent 32µs making 1 call to warnings::import |
24 | 2 | 69µs | 2 | 46µs | # spent 36µs (25+10) within Mail::SpamAssassin::Plugin::HTTPSMismatch::BEGIN@24 which was called:
# once (25µs+10µs) by Mail::SpamAssassin::PluginHandler::load_plugin at line 24 # spent 36µs making 1 call to Mail::SpamAssassin::Plugin::HTTPSMismatch::BEGIN@24
# spent 10µs making 1 call to bytes::import |
25 | 2 | 72µs | 2 | 150µs | # spent 88µs (26+62) within Mail::SpamAssassin::Plugin::HTTPSMismatch::BEGIN@25 which was called:
# once (26µs+62µs) by Mail::SpamAssassin::PluginHandler::load_plugin at line 25 # spent 88µs making 1 call to Mail::SpamAssassin::Plugin::HTTPSMismatch::BEGIN@25
# spent 62µs making 1 call to re::import |
26 | |||||
27 | 2 | 959µs | 2 | 171µs | # spent 104µs (38+67) within Mail::SpamAssassin::Plugin::HTTPSMismatch::BEGIN@27 which was called:
# once (38µs+67µs) by Mail::SpamAssassin::PluginHandler::load_plugin at line 27 # spent 104µs making 1 call to Mail::SpamAssassin::Plugin::HTTPSMismatch::BEGIN@27
# spent 67µs making 1 call to vars::import |
28 | 1 | 16µs | @ISA = qw(Mail::SpamAssassin::Plugin); | ||
29 | |||||
30 | # constructor: register the eval rule | ||||
31 | # spent 134µs (76+58) within Mail::SpamAssassin::Plugin::HTTPSMismatch::new which was called:
# once (76µs+58µs) by Mail::SpamAssassin::PluginHandler::load_plugin at line 1 of (eval 85)[Mail/SpamAssassin/PluginHandler.pm:129] | ||||
32 | 1 | 2µs | my $class = shift; | ||
33 | 1 | 2µs | my $mailsaobject = shift; | ||
34 | |||||
35 | # some boilerplate... | ||||
36 | 1 | 2µs | $class = ref($class) || $class; | ||
37 | 1 | 24µs | 1 | 21µs | my $self = $class->SUPER::new($mailsaobject); # spent 21µs making 1 call to Mail::SpamAssassin::Plugin::new |
38 | 1 | 2µs | bless ($self, $class); | ||
39 | |||||
40 | # the important bit! | ||||
41 | 1 | 21µs | 1 | 37µs | $self->register_eval_rule ("check_https_http_mismatch"); # spent 37µs making 1 call to Mail::SpamAssassin::Plugin::register_eval_rule |
42 | |||||
43 | 1 | 20µs | return $self; | ||
44 | } | ||||
45 | |||||
46 | # [lt]a href="http://baboz-njeryz.de/"[gt]https://bankofamerica.com/[lt]/a[gt] | ||||
47 | # ("<" and ">" replaced with "[lt]" and "[gt]" to avoid Kaspersky Desktop AV | ||||
48 | # false positive ;) | ||||
49 | sub check_https_http_mismatch { | ||||
50 | my ($self, $permsgstatus, undef, $minanchors, $maxanchors) = @_; | ||||
51 | |||||
52 | $minanchors ||= 1; | ||||
53 | |||||
54 | if (!exists $permsgstatus->{chhm_hit}) { | ||||
55 | $permsgstatus->{chhm_hit} = 0; | ||||
56 | $permsgstatus->{chhm_anchors} = 0; | ||||
57 | |||||
58 | foreach my $v ( values %{$permsgstatus->{html}->{uri_detail}} ) { | ||||
59 | # if the URI wasn't used for an anchor tag, or the anchor text didn't | ||||
60 | # exist, skip this. | ||||
61 | next unless (exists $v->{anchor_text} && @{$v->{anchor_text}}); | ||||
62 | |||||
63 | my $uri; | ||||
64 | foreach (@{$v->{cleaned}}) { | ||||
65 | if (m@^https?://([^/:]+)@i) { | ||||
66 | $uri = $1; | ||||
67 | |||||
68 | # Skip IPs since there's another rule to catch that already | ||||
69 | if ($uri =~ /^\d+\.\d+\.\d+\.\d+$/) { | ||||
70 | undef $uri; | ||||
71 | next; | ||||
72 | } | ||||
73 | |||||
74 | # want to compare whole hostnames instead of domains? | ||||
75 | # comment this next section to the blank line. | ||||
76 | $uri = $self->{main}->{registryboundaries}->trim_domain($uri); | ||||
77 | undef $uri unless ($self->{main}->{registryboundaries}->is_domain_valid($uri)); | ||||
78 | |||||
79 | last if $uri; | ||||
80 | } | ||||
81 | } | ||||
82 | |||||
83 | next unless $uri; | ||||
84 | $permsgstatus->{chhm_anchors}++ if exists $v->{anchor_text}; | ||||
85 | |||||
86 | foreach (@{$v->{anchor_text}}) { | ||||
87 | if (m@https://([^/:]+)@i) { | ||||
88 | my $https = $1; | ||||
89 | |||||
90 | # want to compare whole hostnames instead of domains? | ||||
91 | # comment this next section to the blank line. | ||||
92 | if ($https !~ /^\d+\.\d+\.\d+\.\d+$/) { | ||||
93 | $https = $self->{main}->{registryboundaries}->trim_domain($https); | ||||
94 | undef $https unless ($self->{main}->{registryboundaries}->is_domain_valid($https)); | ||||
95 | } | ||||
96 | next unless $https; | ||||
97 | |||||
98 | dbg("https_http_mismatch: domains $uri -> $https"); | ||||
99 | |||||
100 | next if $uri eq $https; | ||||
101 | $permsgstatus->{chhm_hit} = 1; | ||||
102 | last; | ||||
103 | } | ||||
104 | } | ||||
105 | } | ||||
106 | dbg("https_http_mismatch: anchors ".$permsgstatus->{chhm_anchors}); | ||||
107 | } | ||||
108 | |||||
109 | return ( $permsgstatus->{chhm_hit} && $permsgstatus->{chhm_anchors} >= $minanchors && (defined $maxanchors && $permsgstatus->{chhm_anchors} < $maxanchors) ); | ||||
110 | } | ||||
111 | |||||
112 | 1 | 18µs | 1; |