<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE html [
  <!ENTITY % htmlDTD PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "DTD/xhtml1-strict.dtd">
  %htmlDTD;
  <!ENTITY % globalDTD SYSTEM "chrome://global/locale/global.dtd">
  %globalDTD;
  <!ENTITY % brandDTD SYSTEM "chrome://branding/locale/brand.dtd" >
  %brandDTD;
  <!ENTITY % blockedSiteDTD SYSTEM "chrome://browser/locale/safebrowsing/phishing-afterload-warning-message.dtd">
  %blockedSiteDTD;
]>

<!-- This Source Code Form is subject to the terms of the Mozilla Public
   - License, v. 2.0. If a copy of the MPL was not distributed with this
   - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->

<html xmlns="http://www.w3.org/1999/xhtml" class="blacklist">
  <head>
    <link rel="stylesheet" href="chrome://global/skin/netError.css" type="text/css" media="all" />
    <link rel="icon" type="image/png" id="favicon" href="chrome://global/skin/icons/blacklist_favicon.png"/>

    <script type="application/javascript"><![CDATA[
      // Error url MUST be formatted like this:
      //   about:blocked?e=error_code&u=url
      
      // Note that this file uses document.documentURI to get
      // the URL (with the format from above). This is because
      // document.location.href gets the current URI off the docshell,
      // which is the URL displayed in the location bar, i.e.
      // the URI that the user attempted to load.

      function getErrorCode()
      {
        var url = document.documentURI;
        var error = url.search(/e\=/);
        var duffUrl = url.search(/\&u\=/);
        return decodeURIComponent(url.slice(error + 2, duffUrl));
      }

      function getURL()
      {
        var url = document.documentURI;
        var match = url.match(/&u=([^&]+)&/);

        // match == null if not found; if so, return an empty string
        // instead of what would turn out to be portions of the URI
        if (!match)
          return "";

        url = decodeURIComponent(match[1]);

        // If this is a view-source page, then get then real URI of the page
        if (url.startsWith("view-source:"))
          url = url.slice(12);
        return url;
      }
      
      /**
       * Attempt to get the hostname via document.location.  Fail back
       * to getURL so that we always return something meaningful.
       */
      function getHostString()
      {
        try {
          return document.location.hostname;
        } catch (e) {
          return getURL();
        }
      }
      
      function initPage()
      {
        // Handoff to the appropriate initializer, based on error code
        switch (getErrorCode()) {
          case "malwareBlocked" :
            initPage_malware();
            break;
          case "phishingBlocked" :
            initPage_phishing();
            break;
        }
      }        
      
      /**
       * Initialize custom strings and functionality for blocked malware case
       */
      function initPage_malware()
      {
        // Remove phishing strings
        var el = document.getElementById("errorTitleText_phishing");
        el.parentNode.removeChild(el);

        el = document.getElementById("errorShortDescText_phishing");
        el.parentNode.removeChild(el);

        el = document.getElementById("errorLongDescText_phishing");
        el.parentNode.removeChild(el);

        // Set sitename
        document.getElementById("malware_sitename").textContent = getHostString();
        document.title = document.getElementById("errorTitleText_malware")
                                 .innerHTML;
      }
      
      /**
       * Initialize custom strings and functionality for blocked phishing case
       */
      function initPage_phishing()
      {
        // Remove malware strings
        var el = document.getElementById("errorTitleText_malware");
        el.parentNode.removeChild(el);

        el = document.getElementById("errorShortDescText_malware");
        el.parentNode.removeChild(el);

        el = document.getElementById("errorLongDescText_malware");
        el.parentNode.removeChild(el);

        // Set sitename
        document.getElementById("phishing_sitename").textContent = getHostString();
        document.title = document.getElementById("errorTitleText_phishing")
                                 .innerHTML;
      }
    ]]></script>
    <style type="text/css">
      /* Style warning button to look like a small text link in the
         bottom right. This is preferable to just using a text link
         since there is already a mechanism in browser.js for trapping
         oncommand events from unprivileged chrome pages (BrowserOnCommand).*/
      #ignoreWarningButton {
        -moz-appearance: none;
        background: transparent;
        border: none;
        color: white;  /* Hard coded because netError.css forces this page's background to dark red */
        text-decoration: underline;
        margin: 0;
        padding: 0;
        position: relative;
        top: 23px;
        left: 20px;
        font-size: smaller;
      }
      
      #ignoreWarning {
        text-align: right;
      }
    </style>
  </head>

  <body dir="&locale.dir;">
    <div id="errorPageContainer">
    
      <!-- Error Title -->
      <div id="errorTitle">
        <h1 id="errorTitleText_phishing">&safeb.blocked.phishingPage.title;</h1>
        <h1 id="errorTitleText_malware">&safeb.blocked.malwarePage.title;</h1>
      </div>
      
      <div id="errorLongContent">
      
        <!-- Short Description -->
        <div id="errorShortDesc">
          <p id="errorShortDescText_phishing">&safeb.blocked.phishingPage.shortDesc;</p>
          <p id="errorShortDescText_malware">&safeb.blocked.malwarePage.shortDesc;</p>
        </div>

        <!-- Long Description -->
        <div id="errorLongDesc">
          <p id="errorLongDescText_phishing">&safeb.blocked.phishingPage.longDesc;</p>
          <p id="errorLongDescText_malware">&safeb.blocked.malwarePage.longDesc;</p>
        </div>
        
        <!-- Action buttons -->
        <div id="buttons">
          <!-- Commands handled in browser.js -->
          <button id="getMeOutButton">&safeb.palm.accept.label;</button>
          <button id="reportButton">&safeb.palm.reportPage.label;</button>
        </div>
      </div>
      <div id="ignoreWarning">
        <button id="ignoreWarningButton">&safeb.palm.decline.label;</button>
      </div>
    </div>
    <!--
    - Note: It is important to run the script this way, instead of using
    - an onload handler. This is because error pages are loaded as
    - LOAD_BACKGROUND, which means that onload handlers will not be executed.
    -->
    <script type="application/javascript">initPage();</script>
  </body>
</html>