diff options
Diffstat (limited to 'security')
-rw-r--r-- | security/manager/pki/resources/content/exceptionDialog.js | 107 |
1 files changed, 42 insertions, 65 deletions
diff --git a/security/manager/pki/resources/content/exceptionDialog.js b/security/manager/pki/resources/content/exceptionDialog.js index c106cdbf5..9d70ebdce 100644 --- a/security/manager/pki/resources/content/exceptionDialog.js +++ b/security/manager/pki/resources/content/exceptionDialog.js @@ -15,32 +15,6 @@ var gNeedReset; Components.utils.import("resource://gre/modules/PrivateBrowsingUtils.jsm"); -function badCertListener() {} -badCertListener.prototype = { - getInterface: function (aIID) { - return this.QueryInterface(aIID); - }, - QueryInterface: function(aIID) { - if (aIID.equals(Components.interfaces.nsIBadCertListener2) || - aIID.equals(Components.interfaces.nsIInterfaceRequestor) || - aIID.equals(Components.interfaces.nsISupports)) { - return this; - } - - throw new Error(Components.results.NS_ERROR_NO_INTERFACE); - }, - handle_test_result: function () { - if (gSSLStatus) { - gCert = gSSLStatus.QueryInterface(Components.interfaces.nsISSLStatus).serverCert; - } - }, - notifyCertProblem: function MSR_notifyCertProblem(socketInfo, sslStatus, targetHost) { - gBroken = true; - gSSLStatus = sslStatus; - this.handle_test_result(); - return true; // suppress error UI - } -}; function initExceptionDialog() { gNeedReset = false; @@ -57,7 +31,7 @@ function initExceptionDialog() { if (args[0].location) { // We were pre-seeded with a location. document.getElementById("locationTextBox").value = args[0].location; - document.getElementById('checkCertButton').disabled = false; + document.getElementById("checkCertButton").disabled = false; if (args[0].sslStatus) { gSSLStatus = args[0].sslStatus; @@ -85,6 +59,28 @@ function initExceptionDialog() { } /** + * Helper function for checkCert. Set as the onerror/onload callbacks for an + * XMLHttpRequest. Sets gSSLStatus, gCert, gBroken, and gChecking according to + * the load information from the request. Probably should not be used directly. + * + * @param {XMLHttpRequest} req + * The XMLHttpRequest created and sent by checkCert. + * @param {Event} evt + * The load or error event. + */ +function grabCert(req, evt) { + if (req.channel && req.channel.securityInfo) { + gSSLStatus = req.channel.securityInfo + .QueryInterface(Ci.nsISSLStatusProvider).SSLStatus; + gCert = gSSLStatus ? gSSLStatus.QueryInterface(Ci.nsISSLStatus).serverCert + : null; + } + gBroken = evt.type == "error"; + gChecking = false; + updateCertStatus(); +} + +/** * Attempt to download the certificate for the location specified, and populate * the Certificate Status section with the result. */ @@ -95,48 +91,34 @@ function checkCert() { gBroken = false; updateCertStatus(); - var uri = getURI(); + let uri = getURI(); - var req = new XMLHttpRequest(); - try { - if (uri) { - req.open('GET', uri.prePath, false); - req.channel.notificationCallbacks = new badCertListener(); - req.send(null); - } - } catch (e) { - // We *expect* exceptions if there are problems with the certificate - // presented by the site. Log it, just in case, but we can proceed here, - // with appropriate sanity checks - Components.utils.reportError("Attempted to connect to a site with a bad certificate in the add exception dialog. " + - "This results in a (mostly harmless) exception being thrown. " + - "Logged for information purposes only: " + e); - } finally { + if (uri) { + let req = new XMLHttpRequest(); + req.open("GET", uri.prePath); + req.onerror = grabCert.bind(this, req); + req.onload = grabCert.bind(this, req); + req.send(null); + } else { gChecking = false; + updateCertStatus(); } - - if (req.channel && req.channel.securityInfo) { - const Ci = Components.interfaces; - gSSLStatus = req.channel.securityInfo - .QueryInterface(Ci.nsISSLStatusProvider).SSLStatus; - gCert = gSSLStatus.QueryInterface(Ci.nsISSLStatus).serverCert; - } - - updateCertStatus(); } /** * Build and return a URI, based on the information supplied in the * Certificate Location fields + * + * @returns {nsIURI} + * URI constructed from the information supplied on success, null + * otherwise. */ function getURI() { // Use fixup service instead of just ioservice's newURI since it's quite // likely that the host will be supplied without a protocol prefix, resulting // in malformed uri exceptions being thrown. - let fus = Components.classes["@mozilla.org/docshell/urifixup;1"] - .getService(Components.interfaces.nsIURIFixup); let locationTextBox = document.getElementById("locationTextBox"); - let uri = fus.createFixupURI(locationTextBox.value, 0); + let uri = Services.uriFixup.createFixupURI(locationTextBox.value, 0); if (!uri) { return null; @@ -170,7 +152,7 @@ function resetDialog() { * Called by input textboxes to manage UI state */ function handleTextChange() { - var checkCertButton = document.getElementById('checkCertButton'); + var checkCertButton = document.getElementById("checkCertButton"); checkCertButton.disabled = !(document.getElementById("locationTextBox").value); if (gNeedReset) { gNeedReset = false; @@ -238,8 +220,7 @@ function updateCertStatus() { pe.checked = !inPrivateBrowsing; setText("headerDescription", gPKIBundle.getString("addExceptionInvalidHeader")); - } - else { + } else { shortDesc = "addExceptionValidShort"; longDesc = "addExceptionValidLong"; gDialog.getButton("extra1").disabled = true; @@ -251,11 +232,8 @@ function updateCertStatus() { document.getElementById("viewCertButton").disabled = false; // Notify observers about the availability of the certificate - Components.classes["@mozilla.org/observer-service;1"] - .getService(Components.interfaces.nsIObserverService) - .notifyObservers(null, "cert-exception-ui-ready", null); - } - else if (gChecking) { + Services.obs.notifyObservers(null, "cert-exception-ui-ready"); + } else if (gChecking) { shortDesc = "addExceptionCheckingShort"; longDesc = "addExceptionCheckingLong2"; // We're checking the certificate, so we disable the Get Certificate @@ -265,8 +243,7 @@ function updateCertStatus() { document.getElementById("viewCertButton").disabled = true; gDialog.getButton("extra1").disabled = true; document.getElementById("permanent").disabled = true; - } - else { + } else { shortDesc = "addExceptionNoCertShort"; longDesc = "addExceptionNoCertLong2"; // We're done checking the certificate, so allow the user to check it again. |