diff options
-rw-r--r-- | application/basilisk/base/content/aboutNetError.xhtml | 52 | ||||
-rw-r--r-- | application/basilisk/base/content/browser.js | 24 | ||||
-rw-r--r-- | application/basilisk/base/content/content.js | 28 | ||||
-rw-r--r-- | application/basilisk/installer/package-manifest.in | 5 | ||||
-rw-r--r-- | application/basilisk/locales/en-US/chrome/overrides/netError.dtd | 3 | ||||
-rw-r--r-- | application/palemoon/locales/en-US/chrome/overrides/netError.dtd | 10 | ||||
-rw-r--r-- | mobile/android/installer/package-manifest.in | 5 | ||||
-rw-r--r-- | netwerk/protocol/http/nsHttpChannel.cpp | 55 | ||||
-rw-r--r-- | security/manager/ssl/tests/unit/test_toolkit_securityreporter.js | 133 | ||||
-rw-r--r-- | security/manager/ssl/tests/unit/xpcshell.ini | 3 | ||||
-rw-r--r-- | toolkit/components/moz.build | 1 | ||||
-rw-r--r-- | toolkit/components/securityreporter/SecurityReporter.js | 112 | ||||
-rw-r--r-- | toolkit/components/securityreporter/SecurityReporter.manifest | 2 | ||||
-rw-r--r-- | toolkit/components/securityreporter/moz.build | 16 | ||||
-rw-r--r-- | toolkit/components/securityreporter/nsISecurityReporter.idl | 14 |
15 files changed, 1 insertions, 462 deletions
diff --git a/application/basilisk/base/content/aboutNetError.xhtml b/application/basilisk/base/content/aboutNetError.xhtml index f2de106c2..609725c9e 100644 --- a/application/basilisk/base/content/aboutNetError.xhtml +++ b/application/basilisk/base/content/aboutNetError.xhtml @@ -96,11 +96,6 @@ return (node.style.display = toggle[node.style.display]); } - function showCertificateErrorReporting() { - // Display error reporting UI - document.getElementById("certificateErrorReporting").style.display = "block"; - } - function showPrefChangeContainer() { const panel = document.getElementById("prefChangeContainer"); panel.style.display = "block"; @@ -286,21 +281,6 @@ learnMoreLink.href = "https://support.mozilla.org/kb/how-resolve-weak-crypto-error-messages-firefox"; } - var options = JSON.parse(evt.detail); - if (options && options.enabled) { - var checkbox = document.getElementById("automaticallyReportInFuture"); - showCertificateErrorReporting(); - if (options.automatic) { - // set the checkbox - checkbox.checked = true; - } - - checkbox.addEventListener("change", function(evt) { - var event = new CustomEvent("AboutNetErrorSetAutomatic", - {bubbles:true, detail:evt.target.checked}); - document.dispatchEvent(event); - }, false); - } const hasPrefStyleError = [ "interrupted", // This happens with subresources that are above the max tls "SSL_ERROR_PROTOCOL_VERSION_ALERT", @@ -370,25 +350,6 @@ document.getElementById("learnMoreContainer").style.display = "block"; - let checkbox = document.getElementById("automaticallyReportInFuture"); - checkbox.addEventListener("change", function({target: {checked}}) { - document.dispatchEvent(new CustomEvent("AboutNetErrorSetAutomatic", { - detail: checked, - bubbles: true - })); - }); - - addEventListener("AboutNetErrorOptions", function(event) { - var options = JSON.parse(event.detail); - if (options && options.enabled) { - // Display error reporting UI - document.getElementById("certificateErrorReporting").style.display = "block"; - - // set the checkbox - checkbox.checked = !!options.automatic; - } - }, true, true); - let event = new CustomEvent("AboutNetErrorLoad", {bubbles:true}); document.getElementById("advancedButton").dispatchEvent(event); @@ -631,10 +592,6 @@ <!-- Long Description (Note: See netError.dtd for used XHTML tags) --> <div id="errorLongDesc" /> - <div id="learnMoreContainer"> - <p><a href="https://support.mozilla.org/kb/what-does-your-connection-is-not-secure-mean" id="learnMoreLink" target="new">&errorReporting.learnMore;</a></p> - </div> - <div id="prefChangeContainer" class="button-container"> <p>&prefReset.longDesc;</p> <button id="prefResetButton" class="primary" autocomplete="off">&prefReset.label;</button> @@ -652,15 +609,6 @@ <button id="errorTryAgain" class="primary" autocomplete="off" onclick="retryThis(this);">&retry.label;</button> </div> - <!-- UI for option to report certificate errors to Mozilla. Removed on - init for other error types .--> - <div id="certificateErrorReporting"> - <p class="toggle-container-with-text"> - <input type="checkbox" id="automaticallyReportInFuture" /> - <label for="automaticallyReportInFuture" id="automaticallyReportInFuture">&errorReporting.automatic2;</label> - </p> - </div> - <div id="advancedPanelContainer"> <div id="weakCryptoAdvancedPanel" class="advanced-panel"> <div id="weakCryptoAdvancedDescription"> diff --git a/application/basilisk/base/content/browser.js b/application/basilisk/base/content/browser.js index 38c340eea..9ec7715fa 100644 --- a/application/basilisk/base/content/browser.js +++ b/application/basilisk/base/content/browser.js @@ -2749,8 +2749,6 @@ var BrowserOnClick = { mm.addMessageListener("Browser:OpenCaptivePortalPage", this); mm.addMessageListener("Browser:SiteBlockedError", this); mm.addMessageListener("Browser:EnableOnlineMode", this); - mm.addMessageListener("Browser:SendSSLErrorReport", this); - mm.addMessageListener("Browser:SetSSLErrorReportAuto", this); mm.addMessageListener("Browser:ResetSSLPreferences", this); mm.addMessageListener("Browser:SSLErrorReportTelemetry", this); mm.addMessageListener("Browser:OverrideWeakCrypto", this); @@ -2765,8 +2763,6 @@ var BrowserOnClick = { mm.removeMessageListener("Browser:CertExceptionError", this); mm.removeMessageListener("Browser:SiteBlockedError", this); mm.removeMessageListener("Browser:EnableOnlineMode", this); - mm.removeMessageListener("Browser:SendSSLErrorReport", this); - mm.removeMessageListener("Browser:SetSSLErrorReportAuto", this); mm.removeMessageListener("Browser:ResetSSLPreferences", this); mm.removeMessageListener("Browser:SSLErrorReportTelemetry", this); mm.removeMessageListener("Browser:OverrideWeakCrypto", this); @@ -2808,11 +2804,6 @@ var BrowserOnClick = { msg.target.reload(); } break; - case "Browser:SendSSLErrorReport": - this.onSSLErrorReport(msg.target, - msg.data.uri, - msg.data.securityInfo); - break; case "Browser:ResetSSLPreferences": for (let prefName of PREF_SSL_IMPACT) { Services.prefs.clearUserPref(prefName); @@ -2846,20 +2837,7 @@ var BrowserOnClick = { }, onSSLErrorReport: function(browser, uri, securityInfo) { - if (!Services.prefs.getBoolPref("security.ssl.errorReporting.enabled")) { - Cu.reportError("User requested certificate error report sending, but certificate error reporting is disabled"); - return; - } - - let serhelper = Cc["@mozilla.org/network/serialization-helper;1"] - .getService(Ci.nsISerializationHelper); - let transportSecurityInfo = serhelper.deserializeObject(securityInfo); - transportSecurityInfo.QueryInterface(Ci.nsITransportSecurityInfo) - - let errorReporter = Cc["@mozilla.org/securityreporter;1"] - .getService(Ci.nsISecurityReporter); - errorReporter.reportTLSError(transportSecurityInfo, - uri.host, uri.port); + Cu.reportError("User requested certificate error report sending, but certificate error reporting is disabled"); }, onCertError: function (browser, elementId, isTopFrame, location, securityInfoAsString) { diff --git a/application/basilisk/base/content/content.js b/application/basilisk/base/content/content.js index 5758cb023..88e58b501 100644 --- a/application/basilisk/base/content/content.js +++ b/application/basilisk/base/content/content.js @@ -385,18 +385,6 @@ var AboutNetAndCertErrorListener = { let ownerDoc = originalTarget.ownerDocument; ClickEventHandler.onCertError(originalTarget, ownerDoc); } - - let automatic = Services.prefs.getBoolPref("security.ssl.errorReporting.automatic"); - content.dispatchEvent(new content.CustomEvent("AboutNetErrorOptions", { - detail: JSON.stringify({ - enabled: Services.prefs.getBoolPref("security.ssl.errorReporting.enabled"), - changedCertPrefs: this.changedCertPrefs(), - automatic: automatic - }) - })); - - sendAsyncMessage("Browser:SSLErrorReportTelemetry", - {reportStatus: TLS_ERROR_REPORT_TELEMETRY_UI_SHOWN}); }, openCaptivePortalPage: function(evt) { @@ -408,22 +396,6 @@ var AboutNetAndCertErrorListener = { sendAsyncMessage("Browser:ResetSSLPreferences"); }, - onSetAutomatic: function(evt) { - sendAsyncMessage("Browser:SetSSLErrorReportAuto", { - automatic: evt.detail - }); - - // if we're enabling reports, send a report for this failure - if (evt.detail) { - let {host, port} = content.document.mozDocumentURIIfNotForErrorPages; - sendAsyncMessage("Browser:SendSSLErrorReport", { - uri: { host, port }, - securityInfo: getSerializedSecurityInfo(docShell), - }); - - } - }, - onOverride: function(evt) { let {host, port} = content.document.mozDocumentURIIfNotForErrorPages; sendAsyncMessage("Browser:OverrideWeakCrypto", { uri: {host, port} }); diff --git a/application/basilisk/installer/package-manifest.in b/application/basilisk/installer/package-manifest.in index 27dfc4e05..6f80a7882 100644 --- a/application/basilisk/installer/package-manifest.in +++ b/application/basilisk/installer/package-manifest.in @@ -297,7 +297,6 @@ @RESPATH@/components/toolkit_finalizationwitness.xpt @RESPATH@/components/toolkit_formautofill.xpt @RESPATH@/components/toolkit_osfile.xpt -@RESPATH@/components/toolkit_securityreporter.xpt @RESPATH@/components/toolkit_perfmonitoring.xpt @RESPATH@/components/toolkit_xulstore.xpt @RESPATH@/components/toolkitprofile.xpt @@ -584,10 +583,6 @@ @RESPATH@/components/PrivateBrowsing.manifest @RESPATH@/components/PrivateBrowsingTrackingProtectionWhitelist.js -; Security Reports -@RESPATH@/components/SecurityReporter.manifest -@RESPATH@/components/SecurityReporter.js - ; ANGLE GLES-on-D3D rendering library #ifdef MOZ_ANGLE_RENDERER @BINPATH@/libEGL.dll diff --git a/application/basilisk/locales/en-US/chrome/overrides/netError.dtd b/application/basilisk/locales/en-US/chrome/overrides/netError.dtd index 6c65c9345..872847458 100644 --- a/application/basilisk/locales/en-US/chrome/overrides/netError.dtd +++ b/application/basilisk/locales/en-US/chrome/overrides/netError.dtd @@ -178,9 +178,6 @@ was trying to connect. --> <!ENTITY securityOverride.exceptionButtonLabel "Add Exception…"> -<!ENTITY errorReporting.automatic2 "Report errors like this to help Mozilla identify and block malicious sites"> -<!ENTITY errorReporting.learnMore "Learn more…"> - <!ENTITY remoteXUL.title "Remote XUL"> <!ENTITY remoteXUL.longDesc "<p><ul><li>Please contact the website owners to inform them of this problem.</li></ul></p>"> diff --git a/application/palemoon/locales/en-US/chrome/overrides/netError.dtd b/application/palemoon/locales/en-US/chrome/overrides/netError.dtd index c97bd1b59..04bfe9925 100644 --- a/application/palemoon/locales/en-US/chrome/overrides/netError.dtd +++ b/application/palemoon/locales/en-US/chrome/overrides/netError.dtd @@ -226,16 +226,6 @@ functionality specific to firefox. --> <button id='exceptionDialogButton'>&securityOverride.exceptionButtonLabel;</button> "> -<!ENTITY errorReporting.title "Report this error"> -<!ENTITY errorReporting.longDesc "Reporting the address and certificate information for <span id='hostname'></span> will help us identify and block malicious sites. Thanks for helping create a safer web!"> -<!ENTITY errorReporting.automatic "Automatically report errors in the future"> -<!ENTITY errorReporting.automatic2 "Report errors like this to help Mozilla identify and block malicious sites"> -<!ENTITY errorReporting.learnMore "Learn more…"> -<!ENTITY errorReporting.sending "Sending report"> -<!ENTITY errorReporting.sent "Report sent"> -<!ENTITY errorReporting.report "Report"> -<!ENTITY errorReporting.tryAgain "Try again"> - <!ENTITY remoteXUL.title "Remote XUL"> <!ENTITY remoteXUL.longDesc "<p><ul><li>Please contact the website owners to inform them of this problem.</li></ul></p>"> diff --git a/mobile/android/installer/package-manifest.in b/mobile/android/installer/package-manifest.in index 188682d3b..af4a155a9 100644 --- a/mobile/android/installer/package-manifest.in +++ b/mobile/android/installer/package-manifest.in @@ -217,7 +217,6 @@ @BINPATH@/components/toolkit_finalizationwitness.xpt @BINPATH@/components/toolkit_formautofill.xpt @BINPATH@/components/toolkit_osfile.xpt -@BINPATH@/components/toolkit_securityreporter.xpt @BINPATH@/components/toolkit_perfmonitoring.xpt @BINPATH@/components/toolkit_xulstore.xpt @BINPATH@/components/toolkitprofile.xpt @@ -422,10 +421,6 @@ @BINPATH@/components/PrivateBrowsing.manifest @BINPATH@/components/PrivateBrowsingTrackingProtectionWhitelist.js -; Security Reports -@BINPATH@/components/SecurityReporter.manifest -@BINPATH@/components/SecurityReporter.js - ; [Browser Chrome Files] @BINPATH@/chrome/toolkit@JAREXT@ @BINPATH@/chrome/toolkit.manifest diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp index 7bcec146d..ac855b478 100644 --- a/netwerk/protocol/http/nsHttpChannel.cpp +++ b/netwerk/protocol/http/nsHttpChannel.cpp @@ -24,7 +24,6 @@ #include "nsICryptoHash.h" #include "nsINetworkInterceptController.h" #include "nsINSSErrorsService.h" -#include "nsISecurityReporter.h" #include "nsIStringBundle.h" #include "nsIStreamListenerTee.h" #include "nsISeekableStream.h" @@ -1733,56 +1732,6 @@ nsHttpChannel::ProcessContentSignatureHeader(nsHttpResponseHead *aResponseHead) return NS_OK; } -/** - * Decide whether or not to send a security report and, if so, give the - * SecurityReporter the information required to send such a report. - */ -void -nsHttpChannel::ProcessSecurityReport(nsresult status) { - uint32_t errorClass; - nsCOMPtr<nsINSSErrorsService> errSvc = - do_GetService("@mozilla.org/nss_errors_service;1"); - // getErrorClass will throw a generic NS_ERROR_FAILURE if the error code is - // not in the set of errors covered by the NSS errors service. - nsresult rv = errSvc->GetErrorClass(status, &errorClass); - if (!NS_SUCCEEDED(rv)) { - return; - } - - // if the content was not loaded succesfully and we have security info, - // send a TLS error report - we must do this early as other parts of - // OnStopRequest can return early - bool reportingEnabled = - Preferences::GetBool("security.ssl.errorReporting.enabled"); - bool reportingAutomatic = - Preferences::GetBool("security.ssl.errorReporting.automatic"); - if (!mSecurityInfo || !reportingEnabled || !reportingAutomatic) { - return; - } - - nsCOMPtr<nsITransportSecurityInfo> secInfo = - do_QueryInterface(mSecurityInfo); - nsCOMPtr<nsISecurityReporter> errorReporter = - do_GetService("@mozilla.org/securityreporter;1"); - - if (!secInfo || !mURI) { - return; - } - - nsAutoCString hostStr; - int32_t port; - rv = mURI->GetHost(hostStr); - if (!NS_SUCCEEDED(rv)) { - return; - } - - rv = mURI->GetPort(&port); - - if (NS_SUCCEEDED(rv)) { - errorReporter->ReportTLSError(secInfo, hostStr, port); - } -} - bool nsHttpChannel::IsHTTPS() { @@ -6687,10 +6636,6 @@ nsHttpChannel::OnStopRequest(nsIRequest *request, nsISupports *ctxt, nsresult st MOZ_ASSERT(NS_IsMainThread(), "OnStopRequest should only be called from the main thread"); - if (NS_FAILED(status)) { - ProcessSecurityReport(status); - } - // If this load failed because of a security error, it may be because we // are in a captive portal - trigger an async check to make sure. int32_t nsprError = -1 * NS_ERROR_GET_CODE(status); diff --git a/security/manager/ssl/tests/unit/test_toolkit_securityreporter.js b/security/manager/ssl/tests/unit/test_toolkit_securityreporter.js deleted file mode 100644 index d7ffd17bd..000000000 --- a/security/manager/ssl/tests/unit/test_toolkit_securityreporter.js +++ /dev/null @@ -1,133 +0,0 @@ -/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -/* This test is for the TLS error reporting functionality exposed by - * SecurityReporter.js in /toolkit/components/securityreporter. The test is - * here because we make use of the tlsserver functionality that lives with the - * PSM ssl tests. - * - * The testing here will be augmented by the existing mochitests for the - * error reporting functionality in aboutNetError.xhtml and - * aboutCertError.xhtml once these make use of this component. - */ - -"use strict"; -const CC = Components.Constructor; -const Cm = Components.manager; - -Cu.import("resource://testing-common/AppInfo.jsm"); -/*global updateAppInfo:false*/ // Imported via AppInfo.jsm. -updateAppInfo(); - -// We must get the profile before performing operations on the cert db. -do_get_profile(); - -const certdb = Cc["@mozilla.org/security/x509certdb;1"] - .getService(Ci.nsIX509CertDB); -const reporter = Cc["@mozilla.org/securityreporter;1"] - .getService(Ci.nsISecurityReporter); - - -const BinaryInputStream = CC("@mozilla.org/binaryinputstream;1", - "nsIBinaryInputStream", "setInputStream"); - -var server; - -// this allows us to create a callback which checks that a report is as -// expected. -function getReportCheck(expectReport, expectedError) { - return function sendReportWithInfo(transportSecurityInfo) { - // register a path handler on the server - server.registerPathHandler("/submit/sslreports", - function(request, response) { - if (expectReport) { - let report = JSON.parse(readDataFromRequest(request)); - do_check_eq(report.errorCode, expectedError); - response.setStatusLine(null, 201, "Created"); - response.write("Created"); - } else { - do_throw("No report should have been received"); - } - }); - - reporter.reportTLSError(transportSecurityInfo, "example.com", -1); - }; -} - -// read the request body from a request -function readDataFromRequest(aRequest) { - if (aRequest.method == "POST" || aRequest.method == "PUT") { - if (aRequest.bodyInputStream) { - let inputStream = new BinaryInputStream(aRequest.bodyInputStream); - let bytes = []; - let available; - - while ((available = inputStream.available()) > 0) { - Array.prototype.push.apply(bytes, inputStream.readByteArray(available)); - } - - return String.fromCharCode.apply(null, bytes); - } - } - return null; -} - -function run_test() { - // start a report server - server = new HttpServer(); - server.start(-1); - - let port = server.identity.primaryPort; - - // Set the reporting URL to ensure any reports are sent to the test server - Services.prefs.setCharPref("security.ssl.errorReporting.url", - `http://localhost:${port}/submit/sslreports`); - // set strict-mode pinning enforcement so we can cause connection failures. - Services.prefs.setIntPref("security.cert_pinning.enforcement_level", 2); - - // start a TLS server - add_tls_server_setup("BadCertServer", "bad_certs"); - - // Add a user-specified trust anchor. - addCertFromFile(certdb, "bad_certs/other-test-ca.pem", "CTu,u,u"); - - - // Cause a reportable condition with error reporting disabled. No report - // should be sent. - Services.prefs.setBoolPref("security.ssl.errorReporting.enabled", false); - add_connection_test("expired.example.com", - SEC_ERROR_EXPIRED_CERTIFICATE, null, - getReportCheck(false)); - - // Now enable reporting - add_test(function () { - Services.prefs.setBoolPref("security.ssl.errorReporting.enabled", true); - run_next_test(); - }); - - // test calling the component with no transportSecurityInfo. No report should - // be sent even though reporting is enabled. - add_test(function() { - server.registerPathHandler("/submit/sslreports", - function(request, response) { - do_throw("No report should be sent"); - }); - reporter.reportTLSError(null, "example.com", -1); - run_next_test(); - }); - - // Test sending a report with no error. This allows us to check the case - // where there is no failed cert chain - add_connection_test("good.include-subdomains.pinning.example.com", - PRErrorCodeSuccess, null, - getReportCheck(true, PRErrorCodeSuccess)); - - // Test sending a report where there is an error and a failed cert chain. - add_connection_test("expired.example.com", - SEC_ERROR_EXPIRED_CERTIFICATE, null, - getReportCheck(true, SEC_ERROR_EXPIRED_CERTIFICATE)); - - run_next_test(); -} diff --git a/security/manager/ssl/tests/unit/xpcshell.ini b/security/manager/ssl/tests/unit/xpcshell.ini index b2f3de420..bdf9933f4 100644 --- a/security/manager/ssl/tests/unit/xpcshell.ini +++ b/security/manager/ssl/tests/unit/xpcshell.ini @@ -144,6 +144,3 @@ skip-if = toolkit == 'android' [test_validity.js] run-sequentially = hardcoded ports [test_x509.js] - -# The TLS error reporting functionality lives in /toolkit but needs tlsserver -[test_toolkit_securityreporter.js] diff --git a/toolkit/components/moz.build b/toolkit/components/moz.build index c11f62792..953e6c6e3 100644 --- a/toolkit/components/moz.build +++ b/toolkit/components/moz.build @@ -51,7 +51,6 @@ DIRS += [ 'reader', 'remotebrowserutils', 'reflect', - 'securityreporter', 'sqlite', 'startup', 'statusfilter', diff --git a/toolkit/components/securityreporter/SecurityReporter.js b/toolkit/components/securityreporter/SecurityReporter.js deleted file mode 100644 index 9ca1e5546..000000000 --- a/toolkit/components/securityreporter/SecurityReporter.js +++ /dev/null @@ -1,112 +0,0 @@ -/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -const { classes: Cc, interfaces: Ci, utils: Cu} = Components; - -Cu.importGlobalProperties(['fetch']); - -const { XPCOMUtils } = Cu.import("resource://gre/modules/XPCOMUtils.jsm", {}); -const protocolHandler = Cc["@mozilla.org/network/protocol;1?name=http"] - .getService(Ci.nsIHttpProtocolHandler); -const { Services } = Cu.import("resource://gre/modules/Services.jsm", {}); - -const TLS_ERROR_REPORT_TELEMETRY_SUCCESS = 6; -const TLS_ERROR_REPORT_TELEMETRY_FAILURE = 7; -const HISTOGRAM_ID = "TLS_ERROR_REPORT_UI"; - - -XPCOMUtils.defineLazyModuleGetter(this, "UpdateUtils", - "resource://gre/modules/UpdateUtils.jsm"); - -function getDERString(cert) -{ - var length = {}; - var derArray = cert.getRawDER(length); - var derString = ''; - for (var i = 0; i < derArray.length; i++) { - derString += String.fromCharCode(derArray[i]); - } - return derString; -} - -function SecurityReporter() { } - -SecurityReporter.prototype = { - classDescription: "Security reporter component", - classID: Components.ID("{8a997c9a-bea1-11e5-a1fa-be6aBc8e7f8b}"), - contractID: "@mozilla.org/securityreporter;1", - QueryInterface: XPCOMUtils.generateQI([Ci.nsISecurityReporter]), - reportTLSError: function(transportSecurityInfo, hostname, port) { - // don't send if there's no transportSecurityInfo (since the report cannot - // contain anything of interest) - if (!transportSecurityInfo) { - return; - } - - // don't send a report if the pref is not enabled - if (!Services.prefs.getBoolPref("security.ssl.errorReporting.enabled")) { - return; - } - - // Don't send a report if the host we're connecting to is the report - // server (otherwise we'll get loops when this fails) - let endpoint = - Services.prefs.getCharPref("security.ssl.errorReporting.url"); - let reportURI = Services.io.newURI(endpoint, null, null); - - if (reportURI.host == hostname) { - return; - } - - // Convert the nsIX509CertList into a format that can be parsed into - // JSON - let asciiCertChain = []; - - if (transportSecurityInfo.failedCertChain) { - let certs = transportSecurityInfo.failedCertChain.getEnumerator(); - while (certs.hasMoreElements()) { - let cert = certs.getNext(); - cert.QueryInterface(Ci.nsIX509Cert); - asciiCertChain.push(btoa(getDERString(cert))); - } - } - - let report = { - hostname: hostname, - port: port, - timestamp: Math.round(Date.now() / 1000), - errorCode: transportSecurityInfo.errorCode, - failedCertChain: asciiCertChain, - userAgent: protocolHandler.userAgent, - version: 1, - build: Services.appinfo.appBuildID, - product: Services.appinfo.name, - channel: UpdateUtils.UpdateChannel - } - - fetch(endpoint, { - method: "POST", - body: JSON.stringify(report), - headers: { - 'Content-Type': 'application/json' - } - }).then(function (aResponse) { - if (!aResponse.ok) { - // request returned non-success status - Services.telemetry.getHistogramById(HISTOGRAM_ID) - .add(TLS_ERROR_REPORT_TELEMETRY_FAILURE); - } else { - Services.telemetry.getHistogramById(HISTOGRAM_ID) - .add(TLS_ERROR_REPORT_TELEMETRY_SUCCESS); - } - }).catch(function (e) { - // error making request to reportURL - Services.telemetry.getHistogramById(HISTOGRAM_ID) - .add(TLS_ERROR_REPORT_TELEMETRY_FAILURE); - }); - } -}; - -this.NSGetFactory = XPCOMUtils.generateNSGetFactory([SecurityReporter]); diff --git a/toolkit/components/securityreporter/SecurityReporter.manifest b/toolkit/components/securityreporter/SecurityReporter.manifest deleted file mode 100644 index d4e080dc7..000000000 --- a/toolkit/components/securityreporter/SecurityReporter.manifest +++ /dev/null @@ -1,2 +0,0 @@ -component {8a997c9a-bea1-11e5-a1fa-be6aBc8e7f8b} SecurityReporter.js -contract @mozilla.org/securityreporter;1 {8a997c9a-bea1-11e5-a1fa-be6aBc8e7f8b} diff --git a/toolkit/components/securityreporter/moz.build b/toolkit/components/securityreporter/moz.build deleted file mode 100644 index 7ef56a115..000000000 --- a/toolkit/components/securityreporter/moz.build +++ /dev/null @@ -1,16 +0,0 @@ -# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- -# vim: set filetype=python: -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -XPIDL_MODULE = 'toolkit_securityreporter' - -XPIDL_SOURCES += [ - 'nsISecurityReporter.idl', -] - -EXTRA_COMPONENTS += [ - 'SecurityReporter.js', - 'SecurityReporter.manifest', -] diff --git a/toolkit/components/securityreporter/nsISecurityReporter.idl b/toolkit/components/securityreporter/nsISecurityReporter.idl deleted file mode 100644 index 462dd1e48..000000000 --- a/toolkit/components/securityreporter/nsISecurityReporter.idl +++ /dev/null @@ -1,14 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "nsISupports.idl" -#include "nsITransportSecurityInfo.idl" - -[scriptable, uuid(8a997c9a-bea1-11e5-a1fa-be6aBc8e7f8b)] -interface nsISecurityReporter : nsISupports -{ - void reportTLSError(in nsITransportSecurityInfo aSecurityInfo, - in AUTF8String aHostname, - in long aPort); -}; |