summaryrefslogtreecommitdiffstats
path: root/application/basilisk/base/content
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-08-05 11:35:53 +0200
committerwolfbeast <mcwerewolf@gmail.com>2018-08-05 11:35:53 +0200
commit6bd66b1728eeddb058066edda740aaeb2ceaec23 (patch)
tree985faf01c526763515731569fa01a99f4dbef36e /application/basilisk/base/content
parente0a8dcfed131ffa58a5e2cb1d30fe48c745c2fdc (diff)
parent559824514dc95e02fbe81f1786e6ac13ee8e9d55 (diff)
downloadUXP-6bd66b1728eeddb058066edda740aaeb2ceaec23.tar
UXP-6bd66b1728eeddb058066edda740aaeb2ceaec23.tar.gz
UXP-6bd66b1728eeddb058066edda740aaeb2ceaec23.tar.lz
UXP-6bd66b1728eeddb058066edda740aaeb2ceaec23.tar.xz
UXP-6bd66b1728eeddb058066edda740aaeb2ceaec23.zip
Merge branch 'master' into js-modules
Diffstat (limited to 'application/basilisk/base/content')
-rw-r--r--application/basilisk/base/content/aboutNetError.xhtml114
-rw-r--r--application/basilisk/base/content/browser-fullScreenAndPointerLock.js12
-rw-r--r--application/basilisk/base/content/browser.js92
-rw-r--r--application/basilisk/base/content/content.js3
4 files changed, 32 insertions, 189 deletions
diff --git a/application/basilisk/base/content/aboutNetError.xhtml b/application/basilisk/base/content/aboutNetError.xhtml
index 609725c9e..3296600c8 100644
--- a/application/basilisk/base/content/aboutNetError.xhtml
+++ b/application/basilisk/base/content/aboutNetError.xhtml
@@ -123,13 +123,6 @@
document.getElementById("advancedButton")
.addEventListener("click", function togglePanelVisibility() {
toggleDisplay(panel);
- if (gIsCertError) {
- // Toggling the advanced panel must ensure that the debugging
- // information panel is hidden as well, since it's opened by the
- // error code link in the advanced panel.
- var div = document.getElementById("certificateErrorDebugInformation");
- div.style.display = "none";
- }
if (panel.style.display == "block") {
// send event to trigger telemetry ping
@@ -149,11 +142,6 @@
if (getCSSClass() == "expertBadCert") {
toggleDisplay(document.getElementById("badCertAdvancedPanel"));
- // Toggling the advanced panel must ensure that the debugging
- // information panel is hidden as well, since it's opened by the
- // error code link in the advanced panel.
- var div = document.getElementById("certificateErrorDebugInformation");
- div.style.display = "none";
}
disallowCertOverridesIfNeeded();
@@ -224,9 +212,6 @@
}
if (err == "sslv3Used") {
- document.getElementById("learnMoreContainer").style.display = "block";
- var learnMoreLink = document.getElementById("learnMoreLink");
- learnMoreLink.href = "https://support.mozilla.org/kb/how-resolve-sslv3-error-messages-firefox";
document.body.className = "certerror";
}
@@ -270,17 +255,6 @@
window.addEventListener("AboutNetErrorOptions", function(evt) {
// Pinning errors are of type nssFailure2
if (getErrorCode() == "nssFailure2" || getErrorCode() == "weakCryptoUsed") {
- document.getElementById("learnMoreContainer").style.display = "block";
- var learnMoreLink = document.getElementById("learnMoreLink");
- // nssFailure2 also gets us other non-overrideable errors. Choose
- // a "learn more" link based on description:
- if (getDescription().includes("mozilla_pkix_error_key_pinning_failure")) {
- learnMoreLink.href = "https://support.mozilla.org/kb/certificate-pinning-reports";
- }
- if (getErrorCode() == "weakCryptoUsed") {
- learnMoreLink.href = "https://support.mozilla.org/kb/how-resolve-weak-crypto-error-messages-firefox";
- }
-
const hasPrefStyleError = [
"interrupted", // This happens with subresources that are above the max tls
"SSL_ERROR_PROTOCOL_VERSION_ALERT",
@@ -312,7 +286,7 @@
}
}
- addDomainErrorLinks();
+ addDomainErrorLink();
}
function initPageCaptivePortal()
@@ -329,7 +303,7 @@
addAutofocus("openPortalLoginPageButton");
setupAdvancedButton(true);
- addDomainErrorLinks();
+ addDomainErrorLink();
// When the portal is freed, an event is generated by the frame script
// that we can pick up and attempt to reload the original page.
@@ -348,12 +322,10 @@
addAutofocus("returnButton");
setupAdvancedButton(true);
- document.getElementById("learnMoreContainer").style.display = "block";
-
let event = new CustomEvent("AboutNetErrorLoad", {bubbles:true});
document.getElementById("advancedButton").dispatchEvent(event);
- addDomainErrorLinks();
+ addDomainErrorLink();
}
/* Only do autofocus if we're the toplevel frame; otherwise we
@@ -372,16 +344,13 @@
}
}
- /* Try to preserve the links contained in the error description, like
- the error code.
-
- Also, in the case of SSL error pages about domain mismatch, see if
+ /* In the case of SSL error pages about domain mismatch, see if
we can hyperlink the user to the correct site. We don't want
to do this generically since it allows MitM attacks to redirect
users to a site under attacker control, but in certain cases
it is safe (and helpful!) to do so. Bug 402210
*/
- function addDomainErrorLinks() {
+ function addDomainErrorLink() {
// Rather than textContent, we need to treat description as HTML
var sdid = gIsCertError ? "badCertTechnicalInfo" : "errorShortDescText";
var sd = document.getElementById(sdid);
@@ -390,50 +359,28 @@
// sanitize description text - see bug 441169
- // First, find the index of the <a> tags we care about, being
+ // First, find the index of the <a> tag we care about, being
// careful not to use an over-greedy regex.
- var codeRe = /<a id="errorCode" title="([^"]+)">/;
- var codeResult = codeRe.exec(desc);
- var domainRe = /<a id="cert_domain_link" title="([^"]+)">/;
- var domainResult = domainRe.exec(desc);
-
- // The order of these links in the description is fixed in
- // TransportSecurityInfo.cpp:formatOverridableCertErrorMessage.
- var firstResult = domainResult;
- if (!domainResult)
- firstResult = codeResult;
- if (!firstResult)
+ var re = /<a id="cert_domain_link" title="([^"]+)">/;
+ var result = domainRe.exec(desc);
+
+ if (!result)
return;
// Remove sd's existing children
sd.textContent = "";
- // Everything up to the first link should be text content.
- sd.appendChild(document.createTextNode(desc.slice(0, firstResult.index)));
+ // Everything up to the link should be text content.
+ sd.appendChild(document.createTextNode(desc.slice(0, result.index)));
- // Now create the actual links.
- if (domainResult) {
- createLink(sd, "cert_domain_link", domainResult[1])
- // Append text for anything between the two links.
- sd.appendChild(document.createTextNode(desc.slice(desc.indexOf("</a>") + "</a>".length, codeResult.index)));
- }
- createLink(sd, "errorCode", codeResult[1])
+ // Now create the link itself.
+ var anchorEl = document.createElement("a");
+ anchorEl.setAttribute("id", "cert_domain_link");
+ anchorEl.setAttribute("title", result[1]);
+ anchorEl.appendChild(document.createTextNode(result[1]));
+ sd.appendChild(anchorEl);
- // Finally, append text for anything after the last closing </a>.
- sd.appendChild(document.createTextNode(desc.slice(desc.lastIndexOf("</a>") + "</a>".length)));
- }
-
- if (gIsCertError) {
- // Initialize the error code link embedded in the error message to
- // display debug information about the cert error.
- var errorCode = document.getElementById("errorCode");
- if (errorCode) {
- errorCode.href = "javascript:void(0)";
- errorCode.addEventListener("click", () => {
- let debugInfo = document.getElementById("certificateErrorDebugInformation");
- debugInfo.style.display = "block";
- debugInfo.scrollIntoView({block: "start", behavior: "smooth"});
- }, false);
- }
+ // Finally, append text for anything after the closing </a>.
+ sd.appendChild(document.createTextNode(desc.slice(desc.indexOf("</a>") + "</a>".length)));
}
// Initialize the cert domain link.
@@ -479,23 +426,8 @@
if (link.href && getCSSClass() != "expertBadCert") {
var panelId = gIsCertError ? "badCertAdvancedPanel" : "weakCryptoAdvancedPanel"
toggleDisplay(document.getElementById(panelId));
- if (gIsCertError) {
- // Toggling the advanced panel must ensure that the debugging
- // information panel is hidden as well, since it's opened by the
- // error code link in the advanced panel.
- var div = document.getElementById("certificateErrorDebugInformation");
- div.style.display = "none";
- }
}
}
-
- function createLink(el, id, text) {
- var anchorEl = document.createElement("a");
- anchorEl.setAttribute("id", id);
- anchorEl.setAttribute("title", text);
- anchorEl.appendChild(document.createTextNode(text));
- el.appendChild(anchorEl);
- }
]]></script>
</head>
@@ -628,12 +560,6 @@
</div>
- <div id="certificateErrorDebugInformation">
- <button id="copyToClipboard">&certerror.copyToClipboard.label;</button>
- <div id="certificateErrorText"/>
- <button id="copyToClipboard">&certerror.copyToClipboard.label;</button>
- </div>
-
<!--
- Note: It is important to run the script this way, instead of using
- an onload handler. This is because error pages are loaded as
diff --git a/application/basilisk/base/content/browser-fullScreenAndPointerLock.js b/application/basilisk/base/content/browser-fullScreenAndPointerLock.js
index 497e51121..dbc9478c1 100644
--- a/application/basilisk/base/content/browser-fullScreenAndPointerLock.js
+++ b/application/basilisk/base/content/browser-fullScreenAndPointerLock.js
@@ -320,6 +320,18 @@ var FullScreen = {
document.addEventListener("keypress", this._keyToggleCallback, false);
document.addEventListener("popupshown", this._setPopupOpen, false);
document.addEventListener("popuphidden", this._setPopupOpen, false);
+ // If it is not safe to collapse, add the mouse position tracker or
+ // else it won't be possible to hide the navigation toolbox again
+ if (!this._safeToCollapse()) {
+ let rect = gBrowser.mPanelContainer.getBoundingClientRect();
+ this._mouseTargetRect = {
+ top: rect.top + 50,
+ bottom: rect.bottom,
+ left: rect.left,
+ right: rect.right
+ };
+ MousePosTracker.addListener(this);
+ }
// In DOM fullscreen mode, we hide toolbars with CSS
if (!document.fullscreenElement)
this.hideNavToolbox(true);
diff --git a/application/basilisk/base/content/browser.js b/application/basilisk/base/content/browser.js
index 9ec7715fa..031144dfd 100644
--- a/application/basilisk/base/content/browser.js
+++ b/application/basilisk/base/content/browser.js
@@ -2888,24 +2888,7 @@ var BrowserOnClick = {
secHistogram.add(Ci.nsISecurityUITelemetry.WARNING_BAD_CERT_TOP_UNDERSTAND_RISKS);
}
- securityInfo = getSecurityInfo(securityInfoAsString);
- let errorInfo = getDetailedCertErrorInfo(location,
- securityInfo);
- browser.messageManager.sendAsyncMessage( "CertErrorDetails", {
- code: securityInfo.errorCode,
- info: errorInfo
- });
- break;
-
- case "copyToClipboard":
- const gClipboardHelper = Cc["@mozilla.org/widget/clipboardhelper;1"]
- .getService(Ci.nsIClipboardHelper);
- securityInfo = getSecurityInfo(securityInfoAsString);
- let detailedInfo = getDetailedCertErrorInfo(location,
- securityInfo);
- gClipboardHelper.copyString(detailedInfo);
break;
-
}
},
@@ -3145,81 +3128,6 @@ function getSecurityInfo(securityInfoAsString) {
return securityInfo;
}
-/**
- * Returns a string with detailed information about the certificate validation
- * failure from the specified URI that can be used to send a report.
- */
-function getDetailedCertErrorInfo(location, securityInfo) {
- if (!securityInfo)
- return "";
-
- let certErrorDetails = location;
- let code = securityInfo.errorCode;
- let errors = Cc["@mozilla.org/nss_errors_service;1"]
- .getService(Ci.nsINSSErrorsService);
-
- certErrorDetails += "\r\n\r\n" + errors.getErrorMessage(errors.getXPCOMFromNSSError(code));
-
- const sss = Cc["@mozilla.org/ssservice;1"]
- .getService(Ci.nsISiteSecurityService);
- // SiteSecurityService uses different storage if the channel is
- // private. Thus we must give isSecureHost correct flags or we
- // might get incorrect results.
- let flags = PrivateBrowsingUtils.isWindowPrivate(window) ?
- Ci.nsISocketProvider.NO_PERMANENT_STORAGE : 0;
-
- let uri = Services.io.newURI(location, null, null);
-
- let hasHSTS = sss.isSecureHost(sss.HEADER_HSTS, uri.host, flags);
- let hasHPKP = sss.isSecureHost(sss.HEADER_HPKP, uri.host, flags);
- certErrorDetails += "\r\n\r\n" +
- gNavigatorBundle.getFormattedString("certErrorDetailsHSTS.label",
- [hasHSTS]);
- certErrorDetails += "\r\n" +
- gNavigatorBundle.getFormattedString("certErrorDetailsKeyPinning.label",
- [hasHPKP]);
-
- let certChain = "";
- if (securityInfo.failedCertChain) {
- let certs = securityInfo.failedCertChain.getEnumerator();
- while (certs.hasMoreElements()) {
- let cert = certs.getNext();
- cert.QueryInterface(Ci.nsIX509Cert);
- certChain += getPEMString(cert);
- }
- }
-
- certErrorDetails += "\r\n\r\n" +
- gNavigatorBundle.getString("certErrorDetailsCertChain.label") +
- "\r\n\r\n" + certChain;
-
- return certErrorDetails;
-}
-
-// TODO: can we pull getDERString and getPEMString in from pippki.js instead of
-// duplicating them here?
-function getDERString(cert)
-{
- var length = {};
- var derArray = cert.getRawDER(length);
- var derString = '';
- for (var i = 0; i < derArray.length; i++) {
- derString += String.fromCharCode(derArray[i]);
- }
- return derString;
-}
-
-function getPEMString(cert)
-{
- var derb64 = btoa(getDERString(cert));
- // Wrap the Base64 string into lines of 64 characters,
- // with CRLF line breaks (as specified in RFC 1421).
- var wrapped = derb64.replace(/(\S{64}(?!$))/g, "$1\r\n");
- return "-----BEGIN CERTIFICATE-----\r\n"
- + wrapped
- + "\r\n-----END CERTIFICATE-----\r\n";
-}
-
var PrintPreviewListener = {
_printPreviewTab: null,
_tabBeforePrintPreview: null,
diff --git a/application/basilisk/base/content/content.js b/application/basilisk/base/content/content.js
index 88e58b501..5accbdf7b 100644
--- a/application/basilisk/base/content/content.js
+++ b/application/basilisk/base/content/content.js
@@ -298,12 +298,10 @@ var AboutNetAndCertErrorListener = {
onCertErrorDetails(msg) {
let div = content.document.getElementById("certificateErrorText");
div.textContent = msg.data.info;
- let learnMoreLink = content.document.getElementById("learnMoreLink");
let baseURL = Services.urlFormatter.formatURLPref("app.support.baseURL");
switch (msg.data.code) {
case SEC_ERROR_UNKNOWN_ISSUER:
- learnMoreLink.href = baseURL + "security-error";
break;
// in case the certificate expired we make sure the system clock
@@ -336,7 +334,6 @@ var AboutNetAndCertErrorListener = {
content.document.getElementById("wrongSystemTimePanel")
.style.display = "block";
}
- learnMoreLink.href = baseURL + "time-errors";
break;
}
},