summaryrefslogtreecommitdiffstats
path: root/application/basilisk/base/content/aboutNetError.xhtml
diff options
context:
space:
mode:
authorMatt A. Tobin <email@mattatobin.com>2019-12-16 13:57:01 -0500
committerMatt A. Tobin <email@mattatobin.com>2019-12-16 13:57:01 -0500
commit06494f307850c576868831bd28a61464eab1f359 (patch)
treef281f5c46c3e0b73c7eabe22f02622dc013b0c35 /application/basilisk/base/content/aboutNetError.xhtml
parente7d4713e0765c79feddf2384d343d10595fa5cb3 (diff)
downloadUXP-06494f307850c576868831bd28a61464eab1f359.tar
UXP-06494f307850c576868831bd28a61464eab1f359.tar.gz
UXP-06494f307850c576868831bd28a61464eab1f359.tar.lz
UXP-06494f307850c576868831bd28a61464eab1f359.tar.xz
UXP-06494f307850c576868831bd28a61464eab1f359.zip
Remove Basilisk from the Unified XUL Platform repository
Development will proceed at https://github.com/MoonchildProductions/Basilisk
Diffstat (limited to 'application/basilisk/base/content/aboutNetError.xhtml')
-rw-r--r--application/basilisk/base/content/aboutNetError.xhtml573
1 files changed, 0 insertions, 573 deletions
diff --git a/application/basilisk/base/content/aboutNetError.xhtml b/application/basilisk/base/content/aboutNetError.xhtml
deleted file mode 100644
index 5ff79ea12..000000000
--- a/application/basilisk/base/content/aboutNetError.xhtml
+++ /dev/null
@@ -1,573 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<!DOCTYPE html [
- <!ENTITY % htmlDTD
- PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
- "DTD/xhtml1-strict.dtd">
- %htmlDTD;
- <!ENTITY % netErrorDTD
- SYSTEM "chrome://global/locale/netError.dtd">
- %netErrorDTD;
- <!ENTITY % globalDTD
- SYSTEM "chrome://global/locale/global.dtd">
- %globalDTD;
-]>
-
-<!-- This Source Code Form is subject to the terms of the Mozilla Public
- - License, v. 2.0. If a copy of the MPL was not distributed with this
- - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
-
-<html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <title>&loadError.label;</title>
- <link rel="stylesheet" href="chrome://browser/skin/aboutNetError.css" type="text/css" media="all" />
- <!-- If the location of the favicon is changed here, the FAVICON_ERRORPAGE_URL symbol in
- toolkit/components/places/src/nsFaviconService.h should be updated. -->
- <link rel="icon" type="image/png" id="favicon" href="chrome://global/skin/icons/warning-16.png"/>
-
- <script type="application/javascript"><![CDATA[
- // The following parameters are parsed from the error URL:
- // e - the error code
- // s - custom CSS class to allow alternate styling/favicons
- // d - error description
- // captive - "true" to indicate we're behind a captive portal.
- // Any other value is ignored.
-
- // Note that this file uses document.documentURI to get
- // the URL (with the format from above). This is because
- // document.location.href gets the current URI off the docshell,
- // which is the URL displayed in the location bar, i.e.
- // the URI that the user attempted to load.
-
- let searchParams = new URLSearchParams(document.documentURI.split("?")[1]);
-
- // Set to true on init if the error code is nssBadCert.
- let gIsCertError;
-
- function getErrorCode()
- {
- return searchParams.get("e");
- }
-
- function getCSSClass()
- {
- return searchParams.get("s");
- }
-
- function getDescription()
- {
- return searchParams.get("d");
- }
-
- function isCaptive() {
- return searchParams.get("captive") == "true";
- }
-
- function retryThis(buttonEl)
- {
- // Note: The application may wish to handle switching off "offline mode"
- // before this event handler runs, but using a capturing event handler.
-
- // Session history has the URL of the page that failed
- // to load, not the one of the error page. So, just call
- // reload(), which will also repost POST data correctly.
- try {
- location.reload();
- } catch (e) {
- // We probably tried to reload a URI that caused an exception to
- // occur; e.g. a nonexistent file.
- }
-
- buttonEl.disabled = true;
- }
-
- function doOverride(buttonEl) {
- var event = new CustomEvent("AboutNetErrorOverride", {bubbles:true});
- document.dispatchEvent(event);
- retryThis(buttonEl);
- }
-
- function toggleDisplay(node) {
- const toggle = {
- "": "block",
- "none": "block",
- "block": "none"
- };
- return (node.style.display = toggle[node.style.display]);
- }
-
- function showPrefChangeContainer() {
- const panel = document.getElementById("prefChangeContainer");
- panel.style.display = "block";
- document.getElementById("netErrorButtonContainer").style.display = "none";
- document.getElementById("prefResetButton").addEventListener("click", function resetPreferences(e) {
- const event = new CustomEvent("AboutNetErrorResetPreferences", {bubbles:true});
- document.dispatchEvent(event);
- });
- addAutofocus("prefResetButton", "beforeend");
- }
-
- function setupAdvancedButton(allowOverride) {
- // Get the hostname and add it to the panel
- var panelId = gIsCertError ? "badCertAdvancedPanel" : "weakCryptoAdvancedPanel";
- var panel = document.getElementById(panelId);
- for (var span of panel.querySelectorAll("span.hostname")) {
- span.textContent = document.location.hostname;
- }
- if (!gIsCertError) {
- panel.replaceChild(document.getElementById("errorLongDesc"),
- document.getElementById("advancedLongDesc"));
- }
-
- // Register click handler for the weakCryptoAdvancedPanel
- document.getElementById("advancedButton")
- .addEventListener("click", function togglePanelVisibility() {
- toggleDisplay(panel);
-
- if (panel.style.display == "block") {
- // send event to trigger telemetry ping
- var event = new CustomEvent("AboutNetErrorUIExpanded", {bubbles:true});
- document.dispatchEvent(event);
- }
- });
-
- if (allowOverride) {
- document.getElementById("overrideWeakCryptoPanel").style.display = "flex";
- var overrideLink = document.getElementById("overrideWeakCrypto");
- overrideLink.addEventListener("click", () => doOverride(overrideLink), false);
- }
- if (!gIsCertError) {
- return;
- }
-
- if (getCSSClass() == "expertBadCert") {
- toggleDisplay(document.getElementById("badCertAdvancedPanel"));
- }
-
- disallowCertOverridesIfNeeded();
-
- document.getElementById("badCertTechnicalInfo").textContent = getDescription();
- }
-
- function disallowCertOverridesIfNeeded() {
- var cssClass = getCSSClass();
- // Disallow overrides if this is a Strict-Transport-Security
- // host and the cert is bad (STS Spec section 7.3) or if the
- // certerror is in a frame (bug 633691).
- if (cssClass == "badStsCert" || window != top) {
- document.getElementById("exceptionDialogButton").setAttribute("hidden", "true");
- }
- if (cssClass == "badStsCert") {
- document.getElementById("badStsCertExplanation").removeAttribute("hidden");
- }
- }
-
- function initPage()
- {
- var err = getErrorCode();
- gIsCertError = (err == "nssBadCert");
- // Only worry about captive portals if this is a cert error.
- let showCaptivePortalUI = isCaptive() && gIsCertError;
- if (showCaptivePortalUI) {
- err = "captivePortal";
- }
-
- // if it's an unknown error or there's no title or description
- // defined, get the generic message
- var errTitle = document.getElementById("et_" + err);
- var errDesc = document.getElementById("ed_" + err);
- if (!errTitle || !errDesc)
- {
- errTitle = document.getElementById("et_generic");
- errDesc = document.getElementById("ed_generic");
- }
-
- document.querySelector(".title-text").innerHTML = errTitle.innerHTML;
-
- var sd = document.getElementById("errorShortDescText");
- if (sd) {
- if (gIsCertError) {
- sd.innerHTML = errDesc.innerHTML;
- }
- else {
- sd.textContent = getDescription();
- }
- }
- if (showCaptivePortalUI) {
- initPageCaptivePortal();
- return;
- }
- if (gIsCertError) {
- initPageCertError();
- return;
- }
- addAutofocus("errorTryAgain");
-
- document.body.className = "neterror";
-
- var ld = document.getElementById("errorLongDesc");
- if (ld)
- {
- ld.innerHTML = errDesc.innerHTML;
- }
-
- if (err == "sslv3Used") {
- document.body.className = "certerror";
- }
-
- if (err == "weakCryptoUsed") {
- document.body.className = "certerror";
- }
-
- // remove undisplayed errors to avoid bug 39098
- var errContainer = document.getElementById("errorContainer");
- errContainer.parentNode.removeChild(errContainer);
-
- var className = getCSSClass();
- if (className && className != "expertBadCert") {
- // Associate a CSS class with the root of the page, if one was passed in,
- // to allow custom styling.
- // Not "expertBadCert" though, don't want to deal with the favicon
- document.documentElement.className = className;
-
- // Also, if they specified a CSS class, they must supply their own
- // favicon. In order to trigger the browser to repaint though, we
- // need to remove/add the link element.
- var favicon = document.getElementById("favicon");
- var faviconParent = favicon.parentNode;
- faviconParent.removeChild(favicon);
- favicon.setAttribute("href", "chrome://global/skin/icons/" + className + "_favicon.png");
- faviconParent.appendChild(favicon);
- }
-
- if (err == "remoteXUL") {
- // Remove the "Try again" button for remote XUL errors given that
- // it is useless.
- document.getElementById("netErrorButtonContainer").style.display = "none";
- }
-
- if (err == "cspBlocked") {
- // Remove the "Try again" button for CSP violations, since it's
- // almost certainly useless. (Bug 553180)
- document.getElementById("netErrorButtonContainer").style.display = "none";
- }
-
- window.addEventListener("AboutNetErrorOptions", function(evt) {
- // Pinning errors are of type nssFailure2
- if (getErrorCode() == "nssFailure2" || getErrorCode() == "weakCryptoUsed") {
- const hasPrefStyleError = [
- "interrupted", // This happens with subresources that are above the max tls
- "SSL_ERROR_PROTOCOL_VERSION_ALERT",
- "SSL_ERROR_UNSUPPORTED_VERSION",
- "SSL_ERROR_NO_CYPHER_OVERLAP",
- "SSL_ERROR_NO_CIPHERS_SUPPORTED"
- ].some((substring) => getDescription().includes(substring));
- // If it looks like an error that is user config based
- if (getErrorCode() == "nssFailure2" && hasPrefStyleError && options && options.changedCertPrefs) {
- showPrefChangeContainer();
- }
- }
- if (getErrorCode() == "weakCryptoUsed" || getErrorCode() == "sslv3Used") {
- setupAdvancedButton(getErrorCode() == "weakCryptoUsed");
- }
- }.bind(this), true, true);
-
- var event = new CustomEvent("AboutNetErrorLoad", {bubbles:true});
- document.dispatchEvent(event);
-
- if (err == "inadequateSecurityError") {
- // Remove the "Try again" button for HTTP/2 inadequate security as it
- // is useless.
- document.getElementById("errorTryAgain").style.display = "none";
-
- var container = document.getElementById("errorLongDesc");
- for (var span of container.querySelectorAll("span.hostname")) {
- span.textContent = document.location.hostname;
- }
- }
-
- addDomainErrorLink();
- }
-
- function initPageCaptivePortal()
- {
- document.body.className = "captiveportal";
- document.title = document.getElementById("captivePortalPageTitle").textContent;
-
- document.getElementById("openPortalLoginPageButton")
- .addEventListener("click", () => {
- let event = new CustomEvent("AboutNetErrorOpenCaptivePortal", {bubbles:true});
- document.dispatchEvent(event);
- });
-
- addAutofocus("openPortalLoginPageButton");
- setupAdvancedButton(true);
-
- addDomainErrorLink();
-
- // When the portal is freed, an event is generated by the frame script
- // that we can pick up and attempt to reload the original page.
- window.addEventListener("AboutNetErrorCaptivePortalFreed", () => {
- document.location.reload();
- });
- }
-
- function initPageCertError() {
- document.body.className = "certerror";
- document.title = document.getElementById("certErrorPageTitle").textContent;
- for (let host of document.querySelectorAll(".hostname")) {
- host.textContent = document.location.hostname;
- }
-
- addAutofocus("returnButton");
- setupAdvancedButton(true);
-
- let event = new CustomEvent("AboutNetErrorLoad", {bubbles:true});
- document.getElementById("advancedButton").dispatchEvent(event);
-
- addDomainErrorLink();
- }
-
- /* Only do autofocus if we're the toplevel frame; otherwise we
- don't want to call attention to ourselves! The key part is
- that autofocus happens on insertion into the tree, so we
- can remove the button, add @autofocus, and reinsert the
- button.
- */
- function addAutofocus(buttonId, position = "afterbegin") {
- if (window.top == window) {
- var button = document.getElementById(buttonId);
- var parent = button.parentNode;
- button.remove();
- button.setAttribute("autofocus", "true");
- parent.insertAdjacentElement(position, button);
- }
- }
-
- /* In the case of SSL error pages about domain mismatch, see if
- we can hyperlink the user to the correct site. We don't want
- to do this generically since it allows MitM attacks to redirect
- users to a site under attacker control, but in certain cases
- it is safe (and helpful!) to do so. Bug 402210
- */
- function addDomainErrorLink() {
- // Rather than textContent, we need to treat description as HTML
- var sdid = gIsCertError ? "badCertTechnicalInfo" : "errorShortDescText";
- var sd = document.getElementById(sdid);
- if (sd) {
- var desc = getDescription();
-
- // sanitize description text - see bug 441169
-
- // First, find the index of the <a> tag we care about, being
- // careful not to use an over-greedy regex.
- var re = /<a id="cert_domain_link" title="([^"]+)">/;
- var result = re.exec(desc);
-
- if (!result)
- return;
- // Remove sd's existing children
- sd.textContent = "";
-
- // Everything up to the link should be text content.
- sd.appendChild(document.createTextNode(desc.slice(0, result.index)));
-
- // Now create the link itself.
- var anchorEl = document.createElement("a");
- anchorEl.setAttribute("id", "cert_domain_link");
- anchorEl.setAttribute("title", result[1]);
- anchorEl.appendChild(document.createTextNode(result[1]));
- sd.appendChild(anchorEl);
-
- // Finally, append text for anything after the closing </a>.
- sd.appendChild(document.createTextNode(desc.slice(desc.indexOf("</a>") + "</a>".length)));
- }
-
- // Initialize the cert domain link.
- var link = document.getElementById("cert_domain_link");
- if (!link)
- return;
-
- var okHost = link.getAttribute("title");
- var thisHost = document.location.hostname;
- var proto = document.location.protocol;
-
- // If okHost is a wildcard domain ("*.example.com") let's
- // use "www" instead. "*.example.com" isn't going to
- // get anyone anywhere useful. bug 432491
- okHost = okHost.replace(/^\*\./, "www.");
-
- /* case #1:
- * example.com uses an invalid security certificate.
- *
- * The certificate is only valid for www.example.com
- *
- * Make sure to include the "." ahead of thisHost so that
- * a MitM attack on paypal.com doesn't hyperlink to "notpaypal.com"
- *
- * We'd normally just use a RegExp here except that we lack a
- * library function to escape them properly (bug 248062), and
- * domain names are famous for having '.' characters in them,
- * which would allow spurious and possibly hostile matches.
- */
- if (okHost.endsWith("." + thisHost))
- link.href = proto + okHost;
-
- /* case #2:
- * browser.garage.maemo.org uses an invalid security certificate.
- *
- * The certificate is only valid for garage.maemo.org
- */
- if (thisHost.endsWith("." + okHost))
- link.href = proto + okHost;
-
- // If we set a link, meaning there's something helpful for
- // the user here, expand the section by default
- if (link.href && getCSSClass() != "expertBadCert") {
- var panelId = gIsCertError ? "badCertAdvancedPanel" : "weakCryptoAdvancedPanel"
- toggleDisplay(document.getElementById(panelId));
- }
- }
- ]]></script>
- </head>
-
- <body dir="&locale.dir;">
- <!-- Contains an alternate page title set on page init for cert errors. -->
- <div id="certErrorPageTitle" style="display: none;">&certerror.pagetitle1;</div>
- <div id="captivePortalPageTitle" style="display: none;">&captivePortal.title;</div>
-
- <!-- ERROR ITEM CONTAINER (removed during loading to avoid bug 39098) -->
- <div id="errorContainer">
- <div id="errorTitlesContainer">
- <h1 id="et_generic">&generic.title;</h1>
- <h1 id="et_captivePortal">&captivePortal.title;</h1>
- <h1 id="et_dnsNotFound">&dnsNotFound.title;</h1>
- <h1 id="et_fileNotFound">&fileNotFound.title;</h1>
- <h1 id="et_fileAccessDenied">&fileAccessDenied.title;</h1>
- <h1 id="et_malformedURI">&malformedURI.title;</h1>
- <h1 id="et_unknownProtocolFound">&unknownProtocolFound.title;</h1>
- <h1 id="et_connectionFailure">&connectionFailure.title;</h1>
- <h1 id="et_netTimeout">&netTimeout.title;</h1>
- <h1 id="et_redirectLoop">&redirectLoop.title;</h1>
- <h1 id="et_unknownSocketType">&unknownSocketType.title;</h1>
- <h1 id="et_netReset">&netReset.title;</h1>
- <h1 id="et_notCached">&notCached.title;</h1>
- <h1 id="et_netOffline">&netOffline.title;</h1>
- <h1 id="et_netInterrupt">&netInterrupt.title;</h1>
- <h1 id="et_deniedPortAccess">&deniedPortAccess.title;</h1>
- <h1 id="et_proxyResolveFailure">&proxyResolveFailure.title;</h1>
- <h1 id="et_proxyConnectFailure">&proxyConnectFailure.title;</h1>
- <h1 id="et_contentEncodingError">&contentEncodingError.title;</h1>
- <h1 id="et_unsafeContentType">&unsafeContentType.title;</h1>
- <h1 id="et_nssFailure2">&nssFailure2.title;</h1>
- <h1 id="et_nssBadCert">&certerror.longpagetitle1;</h1>
- <h1 id="et_cspBlocked">&cspBlocked.title;</h1>
- <h1 id="et_remoteXUL">&remoteXUL.title;</h1>
- <h1 id="et_corruptedContentErrorv2">&corruptedContentErrorv2.title;</h1>
- <h1 id="et_sslv3Used">&sslv3Used.title;</h1>
- <h1 id="et_weakCryptoUsed">&weakCryptoUsed.title;</h1>
- <h1 id="et_inadequateSecurityError">&inadequateSecurityError.title;</h1>
- </div>
- <div id="errorDescriptionsContainer">
- <div id="ed_generic">&generic.longDesc;</div>
- <div id="ed_captivePortal">&captivePortal.longDesc;</div>
- <div id="ed_dnsNotFound">&dnsNotFound.longDesc;</div>
- <div id="ed_fileNotFound">&fileNotFound.longDesc;</div>
- <div id="ed_fileAccessDenied">&fileAccessDenied.longDesc;</div>
- <div id="ed_malformedURI">&malformedURI.longDesc;</div>
- <div id="ed_unknownProtocolFound">&unknownProtocolFound.longDesc;</div>
- <div id="ed_connectionFailure">&connectionFailure.longDesc;</div>
- <div id="ed_netTimeout">&netTimeout.longDesc;</div>
- <div id="ed_redirectLoop">&redirectLoop.longDesc;</div>
- <div id="ed_unknownSocketType">&unknownSocketType.longDesc;</div>
- <div id="ed_netReset">&netReset.longDesc;</div>
- <div id="ed_notCached">&notCached.longDesc;</div>
- <div id="ed_netOffline">&netOffline.longDesc2;</div>
- <div id="ed_netInterrupt">&netInterrupt.longDesc;</div>
- <div id="ed_deniedPortAccess">&deniedPortAccess.longDesc;</div>
- <div id="ed_proxyResolveFailure">&proxyResolveFailure.longDesc;</div>
- <div id="ed_proxyConnectFailure">&proxyConnectFailure.longDesc;</div>
- <div id="ed_contentEncodingError">&contentEncodingError.longDesc;</div>
- <div id="ed_unsafeContentType">&unsafeContentType.longDesc;</div>
- <div id="ed_nssFailure2">&nssFailure2.longDesc2;</div>
- <div id="ed_nssBadCert">&certerror.introPara;</div>
- <div id="ed_cspBlocked">&cspBlocked.longDesc;</div>
- <div id="ed_remoteXUL">&remoteXUL.longDesc;</div>
- <div id="ed_corruptedContentErrorv2">&corruptedContentErrorv2.longDesc;</div>
- <div id="ed_sslv3Used">&sslv3Used.longDesc2;</div>
- <div id="ed_weakCryptoUsed">&weakCryptoUsed.longDesc2;</div>
- <div id="ed_inadequateSecurityError">&inadequateSecurityError.longDesc;</div>
- </div>
- </div>
-
- <!-- PAGE CONTAINER (for styling purposes only) -->
- <div id="errorPageContainer" class="container">
-
- <!-- Error Title -->
- <div class="title">
- <h1 class="title-text"/>
- </div>
-
- <!-- LONG CONTENT (the section most likely to require scrolling) -->
- <div id="errorLongContent">
-
- <!-- Short Description -->
- <div id="errorShortDesc">
- <p id="errorShortDescText" />
- </div>
- <p id="badStsCertExplanation" hidden="true">&certerror.whatShouldIDo.badStsCertExplanation;</p>
-
- <div id="wrongSystemTimePanel" style="display: none;">
- &certerror.wrongSystemTime;
- </div>
-
- <!-- Long Description (Note: See netError.dtd for used XHTML tags) -->
- <div id="errorLongDesc" />
-
- <div id="prefChangeContainer" class="button-container">
- <p>&prefReset.longDesc;</p>
- <button id="prefResetButton" class="primary" autocomplete="off">&prefReset.label;</button>
- </div>
-
- <div id="certErrorAndCaptivePortalButtonContainer" class="button-container">
- <button id="returnButton" class="primary" autocomplete="off">&returnToPreviousPage.label;</button>
- <button id="openPortalLoginPageButton" class="primary" autocomplete="off">&openPortalLoginPage.label;</button>
- <div class="button-spacer"></div>
- <button id="advancedButton" autocomplete="off">&advanced.label;</button>
- </div>
- </div>
-
- <div id="netErrorButtonContainer" class="button-container">
- <button id="errorTryAgain" class="primary" autocomplete="off" onclick="retryThis(this);">&retry.label;</button>
- </div>
-
- <div id="advancedPanelContainer">
- <div id="weakCryptoAdvancedPanel" class="advanced-panel">
- <div id="weakCryptoAdvancedDescription">
- <p>&weakCryptoAdvanced.longDesc;</p>
- </div>
- <div id="advancedLongDesc" />
- <div id="overrideWeakCryptoPanel">
- <a id="overrideWeakCrypto" href="#">&weakCryptoAdvanced.override;</a>
- </div>
- </div>
-
- <div id="badCertAdvancedPanel" class="advanced-panel">
- <p id="badCertTechnicalInfo"/>
- <button id="exceptionDialogButton">&securityOverride.exceptionButtonLabel;</button>
- </div>
- </div>
-
- </div>
-
- <!--
- - Note: It is important to run the script this way, instead of using
- - an onload handler. This is because error pages are loaded as
- - LOAD_BACKGROUND, which means that onload handlers will not be executed.
- -->
- <script type="application/javascript">
- initPage();
- </script>
-
- </body>
-</html>