File Coverage

blib/lib/Mail/SpamAssassin/Plugin/URIEval.pm
Criterion Covered Total %
statement 24 48 50.0
branch 0 8 0.0
condition 1 6 16.6
subroutine 6 9 66.6
pod 1 4 25.0
total 32 75 42.6


line stmt bran cond sub pod time code
1             # <@LICENSE>
2             # Licensed to the Apache Software Foundation (ASF) under one or more
3             # contributor license agreements. See the NOTICE file distributed with
4             # this work for additional information regarding copyright ownership.
5             # The ASF licenses this file to you under the Apache License, Version 2.0
6             # (the "License"); you may not use this file except in compliance with
7             # the License. You may obtain a copy of the License at:
8             #
9             # http://www.apache.org/licenses/LICENSE-2.0
10             #
11             # Unless required by applicable law or agreed to in writing, software
12             # distributed under the License is distributed on an "AS IS" BASIS,
13             # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14             # See the License for the specific language governing permissions and
15             # limitations under the License.
16             # </@LICENSE>
17              
18             package Mail::SpamAssassin::Plugin::URIEval;
19              
20 22     22   160 use Mail::SpamAssassin::Plugin;
  22         54  
  22         632  
21 22     22   117 use Mail::SpamAssassin::Logger;
  22         51  
  22         1077  
22              
23 22     22   170 use strict;
  22         47  
  22         405  
24 22     22   102 use warnings;
  22         46  
  22         551  
25             # use bytes;
26 22     22   122 use re 'taint';
  22         45  
  22         10255  
27              
28             our @ISA = qw(Mail::SpamAssassin::Plugin);
29              
30             # constructor: register the eval rule
31             sub new {
32 63     63 1 247 my $class = shift;
33 63         155 my $mailsaobject = shift;
34              
35             # some boilerplate...
36 63   33     479 $class = ref($class) || $class;
37 63         378 my $self = $class->SUPER::new($mailsaobject);
38 63         214 bless ($self, $class);
39              
40             # the important bit!
41 63         310 $self->register_eval_rule("check_for_http_redirector");
42 63         215 $self->register_eval_rule("check_https_ip_mismatch");
43 63         206 $self->register_eval_rule("check_uri_truncated");
44              
45 63         484 return $self;
46             }
47              
48             ###########################################################################
49              
50             sub check_for_http_redirector {
51 0     0 0   my ($self, $pms) = @_;
52              
53 0           foreach ($pms->get_uri_list()) {
54 0           while (s{^https?://([^/:\?]+).+?(https?:/{0,2}?([^/:\?]+).*)$}{$2}i) {
55 0           my ($redir, $dest) = ($1, $3);
56 0           foreach ($redir, $dest) {
57 0   0       $_ = $self->{main}->{registryboundaries}->uri_to_domain($_) || $_;
58             }
59 0 0         next if ($redir eq $dest);
60 0           dbg("eval: redirect: found $redir to $dest, flagging");
61 0           return 1;
62             }
63             }
64 0           return 0;
65             }
66              
67             ###########################################################################
68              
69             sub check_https_ip_mismatch {
70 0     0 0   my ($self, $pms) = @_;
71              
72 0           while (my($k,$v) = each %{$pms->{html}->{uri_detail}}) {
  0            
73 0 0         next if ($k !~ m%^https?:/*(?:[^\@/]+\@)?\d+\.\d+\.\d+\.\d+%i);
74 0           foreach (@{$v->{anchor_text}}) {
  0            
75 0 0         next if (m%^https:/*(?:[^\@/]+\@)?\d+\.\d+\.\d+\.\d+%i);
76 0 0         if (m%https:%i) {
77 0           keys %{$self->{html}->{uri_detail}}; # resets iterator, bug 4829
  0            
78 0           return 1;
79             }
80             }
81             }
82              
83 0           return 0;
84             }
85              
86             ###########################################################################
87              
88             # is there a better way to do this?
89             sub check_uri_truncated {
90 0     0 0   my ($self, $pms) = @_;
91 0           return $pms->{'uri_truncated'};
92             }
93              
94             1;