summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-06-29 17:40:01 +0200
committerwolfbeast <mcwerewolf@gmail.com>2018-06-29 17:40:01 +0200
commit535e9399e6a57eafa478c26055339778f2b0c661 (patch)
tree4644082b77797c7add693d8dae9179cf5c2687fd
parentf12fac8ad111ff5893fba07dcb20c7b08fd5bb1a (diff)
downloadUXP-535e9399e6a57eafa478c26055339778f2b0c661.tar
UXP-535e9399e6a57eafa478c26055339778f2b0c661.tar.gz
UXP-535e9399e6a57eafa478c26055339778f2b0c661.tar.lz
UXP-535e9399e6a57eafa478c26055339778f2b0c661.tar.xz
UXP-535e9399e6a57eafa478c26055339778f2b0c661.zip
Remove SSL Error Reporting telemetry
-rw-r--r--application/basilisk/base/content/aboutNetError.xhtml52
-rw-r--r--application/basilisk/base/content/browser.js24
-rw-r--r--application/basilisk/base/content/content.js28
-rw-r--r--application/basilisk/installer/package-manifest.in5
-rw-r--r--application/basilisk/locales/en-US/chrome/overrides/netError.dtd3
-rw-r--r--application/palemoon/locales/en-US/chrome/overrides/netError.dtd10
-rw-r--r--mobile/android/installer/package-manifest.in5
-rw-r--r--netwerk/protocol/http/nsHttpChannel.cpp55
-rw-r--r--security/manager/ssl/tests/unit/test_toolkit_securityreporter.js133
-rw-r--r--security/manager/ssl/tests/unit/xpcshell.ini3
-rw-r--r--toolkit/components/moz.build1
-rw-r--r--toolkit/components/securityreporter/SecurityReporter.js112
-rw-r--r--toolkit/components/securityreporter/SecurityReporter.manifest2
-rw-r--r--toolkit/components/securityreporter/moz.build16
-rw-r--r--toolkit/components/securityreporter/nsISecurityReporter.idl14
15 files changed, 1 insertions, 462 deletions
diff --git a/application/basilisk/base/content/aboutNetError.xhtml b/application/basilisk/base/content/aboutNetError.xhtml
index f2de106c2..609725c9e 100644
--- a/application/basilisk/base/content/aboutNetError.xhtml
+++ b/application/basilisk/base/content/aboutNetError.xhtml
@@ -96,11 +96,6 @@
return (node.style.display = toggle[node.style.display]);
}
- function showCertificateErrorReporting() {
- // Display error reporting UI
- document.getElementById("certificateErrorReporting").style.display = "block";
- }
-
function showPrefChangeContainer() {
const panel = document.getElementById("prefChangeContainer");
panel.style.display = "block";
@@ -286,21 +281,6 @@
learnMoreLink.href = "https://support.mozilla.org/kb/how-resolve-weak-crypto-error-messages-firefox";
}
- var options = JSON.parse(evt.detail);
- if (options && options.enabled) {
- var checkbox = document.getElementById("automaticallyReportInFuture");
- showCertificateErrorReporting();
- if (options.automatic) {
- // set the checkbox
- checkbox.checked = true;
- }
-
- checkbox.addEventListener("change", function(evt) {
- var event = new CustomEvent("AboutNetErrorSetAutomatic",
- {bubbles:true, detail:evt.target.checked});
- document.dispatchEvent(event);
- }, false);
- }
const hasPrefStyleError = [
"interrupted", // This happens with subresources that are above the max tls
"SSL_ERROR_PROTOCOL_VERSION_ALERT",
@@ -370,25 +350,6 @@
document.getElementById("learnMoreContainer").style.display = "block";
- let checkbox = document.getElementById("automaticallyReportInFuture");
- checkbox.addEventListener("change", function({target: {checked}}) {
- document.dispatchEvent(new CustomEvent("AboutNetErrorSetAutomatic", {
- detail: checked,
- bubbles: true
- }));
- });
-
- addEventListener("AboutNetErrorOptions", function(event) {
- var options = JSON.parse(event.detail);
- if (options && options.enabled) {
- // Display error reporting UI
- document.getElementById("certificateErrorReporting").style.display = "block";
-
- // set the checkbox
- checkbox.checked = !!options.automatic;
- }
- }, true, true);
-
let event = new CustomEvent("AboutNetErrorLoad", {bubbles:true});
document.getElementById("advancedButton").dispatchEvent(event);
@@ -631,10 +592,6 @@
<!-- Long Description (Note: See netError.dtd for used XHTML tags) -->
<div id="errorLongDesc" />
- <div id="learnMoreContainer">
- <p><a href="https://support.mozilla.org/kb/what-does-your-connection-is-not-secure-mean" id="learnMoreLink" target="new">&errorReporting.learnMore;</a></p>
- </div>
-
<div id="prefChangeContainer" class="button-container">
<p>&prefReset.longDesc;</p>
<button id="prefResetButton" class="primary" autocomplete="off">&prefReset.label;</button>
@@ -652,15 +609,6 @@
<button id="errorTryAgain" class="primary" autocomplete="off" onclick="retryThis(this);">&retry.label;</button>
</div>
- <!-- UI for option to report certificate errors to Mozilla. Removed on
- init for other error types .-->
- <div id="certificateErrorReporting">
- <p class="toggle-container-with-text">
- <input type="checkbox" id="automaticallyReportInFuture" />
- <label for="automaticallyReportInFuture" id="automaticallyReportInFuture">&errorReporting.automatic2;</label>
- </p>
- </div>
-
<div id="advancedPanelContainer">
<div id="weakCryptoAdvancedPanel" class="advanced-panel">
<div id="weakCryptoAdvancedDescription">
diff --git a/application/basilisk/base/content/browser.js b/application/basilisk/base/content/browser.js
index 38c340eea..9ec7715fa 100644
--- a/application/basilisk/base/content/browser.js
+++ b/application/basilisk/base/content/browser.js
@@ -2749,8 +2749,6 @@ var BrowserOnClick = {
mm.addMessageListener("Browser:OpenCaptivePortalPage", this);
mm.addMessageListener("Browser:SiteBlockedError", this);
mm.addMessageListener("Browser:EnableOnlineMode", this);
- mm.addMessageListener("Browser:SendSSLErrorReport", this);
- mm.addMessageListener("Browser:SetSSLErrorReportAuto", this);
mm.addMessageListener("Browser:ResetSSLPreferences", this);
mm.addMessageListener("Browser:SSLErrorReportTelemetry", this);
mm.addMessageListener("Browser:OverrideWeakCrypto", this);
@@ -2765,8 +2763,6 @@ var BrowserOnClick = {
mm.removeMessageListener("Browser:CertExceptionError", this);
mm.removeMessageListener("Browser:SiteBlockedError", this);
mm.removeMessageListener("Browser:EnableOnlineMode", this);
- mm.removeMessageListener("Browser:SendSSLErrorReport", this);
- mm.removeMessageListener("Browser:SetSSLErrorReportAuto", this);
mm.removeMessageListener("Browser:ResetSSLPreferences", this);
mm.removeMessageListener("Browser:SSLErrorReportTelemetry", this);
mm.removeMessageListener("Browser:OverrideWeakCrypto", this);
@@ -2808,11 +2804,6 @@ var BrowserOnClick = {
msg.target.reload();
}
break;
- case "Browser:SendSSLErrorReport":
- this.onSSLErrorReport(msg.target,
- msg.data.uri,
- msg.data.securityInfo);
- break;
case "Browser:ResetSSLPreferences":
for (let prefName of PREF_SSL_IMPACT) {
Services.prefs.clearUserPref(prefName);
@@ -2846,20 +2837,7 @@ var BrowserOnClick = {
},
onSSLErrorReport: function(browser, uri, securityInfo) {
- if (!Services.prefs.getBoolPref("security.ssl.errorReporting.enabled")) {
- Cu.reportError("User requested certificate error report sending, but certificate error reporting is disabled");
- return;
- }
-
- let serhelper = Cc["@mozilla.org/network/serialization-helper;1"]
- .getService(Ci.nsISerializationHelper);
- let transportSecurityInfo = serhelper.deserializeObject(securityInfo);
- transportSecurityInfo.QueryInterface(Ci.nsITransportSecurityInfo)
-
- let errorReporter = Cc["@mozilla.org/securityreporter;1"]
- .getService(Ci.nsISecurityReporter);
- errorReporter.reportTLSError(transportSecurityInfo,
- uri.host, uri.port);
+ Cu.reportError("User requested certificate error report sending, but certificate error reporting is disabled");
},
onCertError: function (browser, elementId, isTopFrame, location, securityInfoAsString) {
diff --git a/application/basilisk/base/content/content.js b/application/basilisk/base/content/content.js
index 5758cb023..88e58b501 100644
--- a/application/basilisk/base/content/content.js
+++ b/application/basilisk/base/content/content.js
@@ -385,18 +385,6 @@ var AboutNetAndCertErrorListener = {
let ownerDoc = originalTarget.ownerDocument;
ClickEventHandler.onCertError(originalTarget, ownerDoc);
}
-
- let automatic = Services.prefs.getBoolPref("security.ssl.errorReporting.automatic");
- content.dispatchEvent(new content.CustomEvent("AboutNetErrorOptions", {
- detail: JSON.stringify({
- enabled: Services.prefs.getBoolPref("security.ssl.errorReporting.enabled"),
- changedCertPrefs: this.changedCertPrefs(),
- automatic: automatic
- })
- }));
-
- sendAsyncMessage("Browser:SSLErrorReportTelemetry",
- {reportStatus: TLS_ERROR_REPORT_TELEMETRY_UI_SHOWN});
},
openCaptivePortalPage: function(evt) {
@@ -408,22 +396,6 @@ var AboutNetAndCertErrorListener = {
sendAsyncMessage("Browser:ResetSSLPreferences");
},
- onSetAutomatic: function(evt) {
- sendAsyncMessage("Browser:SetSSLErrorReportAuto", {
- automatic: evt.detail
- });
-
- // if we're enabling reports, send a report for this failure
- if (evt.detail) {
- let {host, port} = content.document.mozDocumentURIIfNotForErrorPages;
- sendAsyncMessage("Browser:SendSSLErrorReport", {
- uri: { host, port },
- securityInfo: getSerializedSecurityInfo(docShell),
- });
-
- }
- },
-
onOverride: function(evt) {
let {host, port} = content.document.mozDocumentURIIfNotForErrorPages;
sendAsyncMessage("Browser:OverrideWeakCrypto", { uri: {host, port} });
diff --git a/application/basilisk/installer/package-manifest.in b/application/basilisk/installer/package-manifest.in
index 27dfc4e05..6f80a7882 100644
--- a/application/basilisk/installer/package-manifest.in
+++ b/application/basilisk/installer/package-manifest.in
@@ -297,7 +297,6 @@
@RESPATH@/components/toolkit_finalizationwitness.xpt
@RESPATH@/components/toolkit_formautofill.xpt
@RESPATH@/components/toolkit_osfile.xpt
-@RESPATH@/components/toolkit_securityreporter.xpt
@RESPATH@/components/toolkit_perfmonitoring.xpt
@RESPATH@/components/toolkit_xulstore.xpt
@RESPATH@/components/toolkitprofile.xpt
@@ -584,10 +583,6 @@
@RESPATH@/components/PrivateBrowsing.manifest
@RESPATH@/components/PrivateBrowsingTrackingProtectionWhitelist.js
-; Security Reports
-@RESPATH@/components/SecurityReporter.manifest
-@RESPATH@/components/SecurityReporter.js
-
; ANGLE GLES-on-D3D rendering library
#ifdef MOZ_ANGLE_RENDERER
@BINPATH@/libEGL.dll
diff --git a/application/basilisk/locales/en-US/chrome/overrides/netError.dtd b/application/basilisk/locales/en-US/chrome/overrides/netError.dtd
index 6c65c9345..872847458 100644
--- a/application/basilisk/locales/en-US/chrome/overrides/netError.dtd
+++ b/application/basilisk/locales/en-US/chrome/overrides/netError.dtd
@@ -178,9 +178,6 @@ was trying to connect. -->
<!ENTITY securityOverride.exceptionButtonLabel "Add Exception…">
-<!ENTITY errorReporting.automatic2 "Report errors like this to help Mozilla identify and block malicious sites">
-<!ENTITY errorReporting.learnMore "Learn more…">
-
<!ENTITY remoteXUL.title "Remote XUL">
<!ENTITY remoteXUL.longDesc "<p><ul><li>Please contact the website owners to inform them of this problem.</li></ul></p>">
diff --git a/application/palemoon/locales/en-US/chrome/overrides/netError.dtd b/application/palemoon/locales/en-US/chrome/overrides/netError.dtd
index c97bd1b59..04bfe9925 100644
--- a/application/palemoon/locales/en-US/chrome/overrides/netError.dtd
+++ b/application/palemoon/locales/en-US/chrome/overrides/netError.dtd
@@ -226,16 +226,6 @@ functionality specific to firefox. -->
<button id='exceptionDialogButton'>&securityOverride.exceptionButtonLabel;</button>
">
-<!ENTITY errorReporting.title "Report this error">
-<!ENTITY errorReporting.longDesc "Reporting the address and certificate information for <span id='hostname'></span> will help us identify and block malicious sites. Thanks for helping create a safer web!">
-<!ENTITY errorReporting.automatic "Automatically report errors in the future">
-<!ENTITY errorReporting.automatic2 "Report errors like this to help Mozilla identify and block malicious sites">
-<!ENTITY errorReporting.learnMore "Learn more…">
-<!ENTITY errorReporting.sending "Sending report">
-<!ENTITY errorReporting.sent "Report sent">
-<!ENTITY errorReporting.report "Report">
-<!ENTITY errorReporting.tryAgain "Try again">
-
<!ENTITY remoteXUL.title "Remote XUL">
<!ENTITY remoteXUL.longDesc "<p><ul><li>Please contact the website owners to inform them of this problem.</li></ul></p>">
diff --git a/mobile/android/installer/package-manifest.in b/mobile/android/installer/package-manifest.in
index 188682d3b..af4a155a9 100644
--- a/mobile/android/installer/package-manifest.in
+++ b/mobile/android/installer/package-manifest.in
@@ -217,7 +217,6 @@
@BINPATH@/components/toolkit_finalizationwitness.xpt
@BINPATH@/components/toolkit_formautofill.xpt
@BINPATH@/components/toolkit_osfile.xpt
-@BINPATH@/components/toolkit_securityreporter.xpt
@BINPATH@/components/toolkit_perfmonitoring.xpt
@BINPATH@/components/toolkit_xulstore.xpt
@BINPATH@/components/toolkitprofile.xpt
@@ -422,10 +421,6 @@
@BINPATH@/components/PrivateBrowsing.manifest
@BINPATH@/components/PrivateBrowsingTrackingProtectionWhitelist.js
-; Security Reports
-@BINPATH@/components/SecurityReporter.manifest
-@BINPATH@/components/SecurityReporter.js
-
; [Browser Chrome Files]
@BINPATH@/chrome/toolkit@JAREXT@
@BINPATH@/chrome/toolkit.manifest
diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp
index 7bcec146d..ac855b478 100644
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@@ -24,7 +24,6 @@
#include "nsICryptoHash.h"
#include "nsINetworkInterceptController.h"
#include "nsINSSErrorsService.h"
-#include "nsISecurityReporter.h"
#include "nsIStringBundle.h"
#include "nsIStreamListenerTee.h"
#include "nsISeekableStream.h"
@@ -1733,56 +1732,6 @@ nsHttpChannel::ProcessContentSignatureHeader(nsHttpResponseHead *aResponseHead)
return NS_OK;
}
-/**
- * Decide whether or not to send a security report and, if so, give the
- * SecurityReporter the information required to send such a report.
- */
-void
-nsHttpChannel::ProcessSecurityReport(nsresult status) {
- uint32_t errorClass;
- nsCOMPtr<nsINSSErrorsService> errSvc =
- do_GetService("@mozilla.org/nss_errors_service;1");
- // getErrorClass will throw a generic NS_ERROR_FAILURE if the error code is
- // not in the set of errors covered by the NSS errors service.
- nsresult rv = errSvc->GetErrorClass(status, &errorClass);
- if (!NS_SUCCEEDED(rv)) {
- return;
- }
-
- // if the content was not loaded succesfully and we have security info,
- // send a TLS error report - we must do this early as other parts of
- // OnStopRequest can return early
- bool reportingEnabled =
- Preferences::GetBool("security.ssl.errorReporting.enabled");
- bool reportingAutomatic =
- Preferences::GetBool("security.ssl.errorReporting.automatic");
- if (!mSecurityInfo || !reportingEnabled || !reportingAutomatic) {
- return;
- }
-
- nsCOMPtr<nsITransportSecurityInfo> secInfo =
- do_QueryInterface(mSecurityInfo);
- nsCOMPtr<nsISecurityReporter> errorReporter =
- do_GetService("@mozilla.org/securityreporter;1");
-
- if (!secInfo || !mURI) {
- return;
- }
-
- nsAutoCString hostStr;
- int32_t port;
- rv = mURI->GetHost(hostStr);
- if (!NS_SUCCEEDED(rv)) {
- return;
- }
-
- rv = mURI->GetPort(&port);
-
- if (NS_SUCCEEDED(rv)) {
- errorReporter->ReportTLSError(secInfo, hostStr, port);
- }
-}
-
bool
nsHttpChannel::IsHTTPS()
{
@@ -6687,10 +6636,6 @@ nsHttpChannel::OnStopRequest(nsIRequest *request, nsISupports *ctxt, nsresult st
MOZ_ASSERT(NS_IsMainThread(),
"OnStopRequest should only be called from the main thread");
- if (NS_FAILED(status)) {
- ProcessSecurityReport(status);
- }
-
// If this load failed because of a security error, it may be because we
// are in a captive portal - trigger an async check to make sure.
int32_t nsprError = -1 * NS_ERROR_GET_CODE(status);
diff --git a/security/manager/ssl/tests/unit/test_toolkit_securityreporter.js b/security/manager/ssl/tests/unit/test_toolkit_securityreporter.js
deleted file mode 100644
index d7ffd17bd..000000000
--- a/security/manager/ssl/tests/unit/test_toolkit_securityreporter.js
+++ /dev/null
@@ -1,133 +0,0 @@
-/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-/* This test is for the TLS error reporting functionality exposed by
- * SecurityReporter.js in /toolkit/components/securityreporter. The test is
- * here because we make use of the tlsserver functionality that lives with the
- * PSM ssl tests.
- *
- * The testing here will be augmented by the existing mochitests for the
- * error reporting functionality in aboutNetError.xhtml and
- * aboutCertError.xhtml once these make use of this component.
- */
-
-"use strict";
-const CC = Components.Constructor;
-const Cm = Components.manager;
-
-Cu.import("resource://testing-common/AppInfo.jsm");
-/*global updateAppInfo:false*/ // Imported via AppInfo.jsm.
-updateAppInfo();
-
-// We must get the profile before performing operations on the cert db.
-do_get_profile();
-
-const certdb = Cc["@mozilla.org/security/x509certdb;1"]
- .getService(Ci.nsIX509CertDB);
-const reporter = Cc["@mozilla.org/securityreporter;1"]
- .getService(Ci.nsISecurityReporter);
-
-
-const BinaryInputStream = CC("@mozilla.org/binaryinputstream;1",
- "nsIBinaryInputStream", "setInputStream");
-
-var server;
-
-// this allows us to create a callback which checks that a report is as
-// expected.
-function getReportCheck(expectReport, expectedError) {
- return function sendReportWithInfo(transportSecurityInfo) {
- // register a path handler on the server
- server.registerPathHandler("/submit/sslreports",
- function(request, response) {
- if (expectReport) {
- let report = JSON.parse(readDataFromRequest(request));
- do_check_eq(report.errorCode, expectedError);
- response.setStatusLine(null, 201, "Created");
- response.write("Created");
- } else {
- do_throw("No report should have been received");
- }
- });
-
- reporter.reportTLSError(transportSecurityInfo, "example.com", -1);
- };
-}
-
-// read the request body from a request
-function readDataFromRequest(aRequest) {
- if (aRequest.method == "POST" || aRequest.method == "PUT") {
- if (aRequest.bodyInputStream) {
- let inputStream = new BinaryInputStream(aRequest.bodyInputStream);
- let bytes = [];
- let available;
-
- while ((available = inputStream.available()) > 0) {
- Array.prototype.push.apply(bytes, inputStream.readByteArray(available));
- }
-
- return String.fromCharCode.apply(null, bytes);
- }
- }
- return null;
-}
-
-function run_test() {
- // start a report server
- server = new HttpServer();
- server.start(-1);
-
- let port = server.identity.primaryPort;
-
- // Set the reporting URL to ensure any reports are sent to the test server
- Services.prefs.setCharPref("security.ssl.errorReporting.url",
- `http://localhost:${port}/submit/sslreports`);
- // set strict-mode pinning enforcement so we can cause connection failures.
- Services.prefs.setIntPref("security.cert_pinning.enforcement_level", 2);
-
- // start a TLS server
- add_tls_server_setup("BadCertServer", "bad_certs");
-
- // Add a user-specified trust anchor.
- addCertFromFile(certdb, "bad_certs/other-test-ca.pem", "CTu,u,u");
-
-
- // Cause a reportable condition with error reporting disabled. No report
- // should be sent.
- Services.prefs.setBoolPref("security.ssl.errorReporting.enabled", false);
- add_connection_test("expired.example.com",
- SEC_ERROR_EXPIRED_CERTIFICATE, null,
- getReportCheck(false));
-
- // Now enable reporting
- add_test(function () {
- Services.prefs.setBoolPref("security.ssl.errorReporting.enabled", true);
- run_next_test();
- });
-
- // test calling the component with no transportSecurityInfo. No report should
- // be sent even though reporting is enabled.
- add_test(function() {
- server.registerPathHandler("/submit/sslreports",
- function(request, response) {
- do_throw("No report should be sent");
- });
- reporter.reportTLSError(null, "example.com", -1);
- run_next_test();
- });
-
- // Test sending a report with no error. This allows us to check the case
- // where there is no failed cert chain
- add_connection_test("good.include-subdomains.pinning.example.com",
- PRErrorCodeSuccess, null,
- getReportCheck(true, PRErrorCodeSuccess));
-
- // Test sending a report where there is an error and a failed cert chain.
- add_connection_test("expired.example.com",
- SEC_ERROR_EXPIRED_CERTIFICATE, null,
- getReportCheck(true, SEC_ERROR_EXPIRED_CERTIFICATE));
-
- run_next_test();
-}
diff --git a/security/manager/ssl/tests/unit/xpcshell.ini b/security/manager/ssl/tests/unit/xpcshell.ini
index b2f3de420..bdf9933f4 100644
--- a/security/manager/ssl/tests/unit/xpcshell.ini
+++ b/security/manager/ssl/tests/unit/xpcshell.ini
@@ -144,6 +144,3 @@ skip-if = toolkit == 'android'
[test_validity.js]
run-sequentially = hardcoded ports
[test_x509.js]
-
-# The TLS error reporting functionality lives in /toolkit but needs tlsserver
-[test_toolkit_securityreporter.js]
diff --git a/toolkit/components/moz.build b/toolkit/components/moz.build
index c11f62792..953e6c6e3 100644
--- a/toolkit/components/moz.build
+++ b/toolkit/components/moz.build
@@ -51,7 +51,6 @@ DIRS += [
'reader',
'remotebrowserutils',
'reflect',
- 'securityreporter',
'sqlite',
'startup',
'statusfilter',
diff --git a/toolkit/components/securityreporter/SecurityReporter.js b/toolkit/components/securityreporter/SecurityReporter.js
deleted file mode 100644
index 9ca1e5546..000000000
--- a/toolkit/components/securityreporter/SecurityReporter.js
+++ /dev/null
@@ -1,112 +0,0 @@
-/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-const { classes: Cc, interfaces: Ci, utils: Cu} = Components;
-
-Cu.importGlobalProperties(['fetch']);
-
-const { XPCOMUtils } = Cu.import("resource://gre/modules/XPCOMUtils.jsm", {});
-const protocolHandler = Cc["@mozilla.org/network/protocol;1?name=http"]
- .getService(Ci.nsIHttpProtocolHandler);
-const { Services } = Cu.import("resource://gre/modules/Services.jsm", {});
-
-const TLS_ERROR_REPORT_TELEMETRY_SUCCESS = 6;
-const TLS_ERROR_REPORT_TELEMETRY_FAILURE = 7;
-const HISTOGRAM_ID = "TLS_ERROR_REPORT_UI";
-
-
-XPCOMUtils.defineLazyModuleGetter(this, "UpdateUtils",
- "resource://gre/modules/UpdateUtils.jsm");
-
-function getDERString(cert)
-{
- var length = {};
- var derArray = cert.getRawDER(length);
- var derString = '';
- for (var i = 0; i < derArray.length; i++) {
- derString += String.fromCharCode(derArray[i]);
- }
- return derString;
-}
-
-function SecurityReporter() { }
-
-SecurityReporter.prototype = {
- classDescription: "Security reporter component",
- classID: Components.ID("{8a997c9a-bea1-11e5-a1fa-be6aBc8e7f8b}"),
- contractID: "@mozilla.org/securityreporter;1",
- QueryInterface: XPCOMUtils.generateQI([Ci.nsISecurityReporter]),
- reportTLSError: function(transportSecurityInfo, hostname, port) {
- // don't send if there's no transportSecurityInfo (since the report cannot
- // contain anything of interest)
- if (!transportSecurityInfo) {
- return;
- }
-
- // don't send a report if the pref is not enabled
- if (!Services.prefs.getBoolPref("security.ssl.errorReporting.enabled")) {
- return;
- }
-
- // Don't send a report if the host we're connecting to is the report
- // server (otherwise we'll get loops when this fails)
- let endpoint =
- Services.prefs.getCharPref("security.ssl.errorReporting.url");
- let reportURI = Services.io.newURI(endpoint, null, null);
-
- if (reportURI.host == hostname) {
- return;
- }
-
- // Convert the nsIX509CertList into a format that can be parsed into
- // JSON
- let asciiCertChain = [];
-
- if (transportSecurityInfo.failedCertChain) {
- let certs = transportSecurityInfo.failedCertChain.getEnumerator();
- while (certs.hasMoreElements()) {
- let cert = certs.getNext();
- cert.QueryInterface(Ci.nsIX509Cert);
- asciiCertChain.push(btoa(getDERString(cert)));
- }
- }
-
- let report = {
- hostname: hostname,
- port: port,
- timestamp: Math.round(Date.now() / 1000),
- errorCode: transportSecurityInfo.errorCode,
- failedCertChain: asciiCertChain,
- userAgent: protocolHandler.userAgent,
- version: 1,
- build: Services.appinfo.appBuildID,
- product: Services.appinfo.name,
- channel: UpdateUtils.UpdateChannel
- }
-
- fetch(endpoint, {
- method: "POST",
- body: JSON.stringify(report),
- headers: {
- 'Content-Type': 'application/json'
- }
- }).then(function (aResponse) {
- if (!aResponse.ok) {
- // request returned non-success status
- Services.telemetry.getHistogramById(HISTOGRAM_ID)
- .add(TLS_ERROR_REPORT_TELEMETRY_FAILURE);
- } else {
- Services.telemetry.getHistogramById(HISTOGRAM_ID)
- .add(TLS_ERROR_REPORT_TELEMETRY_SUCCESS);
- }
- }).catch(function (e) {
- // error making request to reportURL
- Services.telemetry.getHistogramById(HISTOGRAM_ID)
- .add(TLS_ERROR_REPORT_TELEMETRY_FAILURE);
- });
- }
-};
-
-this.NSGetFactory = XPCOMUtils.generateNSGetFactory([SecurityReporter]);
diff --git a/toolkit/components/securityreporter/SecurityReporter.manifest b/toolkit/components/securityreporter/SecurityReporter.manifest
deleted file mode 100644
index d4e080dc7..000000000
--- a/toolkit/components/securityreporter/SecurityReporter.manifest
+++ /dev/null
@@ -1,2 +0,0 @@
-component {8a997c9a-bea1-11e5-a1fa-be6aBc8e7f8b} SecurityReporter.js
-contract @mozilla.org/securityreporter;1 {8a997c9a-bea1-11e5-a1fa-be6aBc8e7f8b}
diff --git a/toolkit/components/securityreporter/moz.build b/toolkit/components/securityreporter/moz.build
deleted file mode 100644
index 7ef56a115..000000000
--- a/toolkit/components/securityreporter/moz.build
+++ /dev/null
@@ -1,16 +0,0 @@
-# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
-# vim: set filetype=python:
-# This Source Code Form is subject to the terms of the Mozilla Public
-# License, v. 2.0. If a copy of the MPL was not distributed with this
-# file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
-XPIDL_MODULE = 'toolkit_securityreporter'
-
-XPIDL_SOURCES += [
- 'nsISecurityReporter.idl',
-]
-
-EXTRA_COMPONENTS += [
- 'SecurityReporter.js',
- 'SecurityReporter.manifest',
-]
diff --git a/toolkit/components/securityreporter/nsISecurityReporter.idl b/toolkit/components/securityreporter/nsISecurityReporter.idl
deleted file mode 100644
index 462dd1e48..000000000
--- a/toolkit/components/securityreporter/nsISecurityReporter.idl
+++ /dev/null
@@ -1,14 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#include "nsISupports.idl"
-#include "nsITransportSecurityInfo.idl"
-
-[scriptable, uuid(8a997c9a-bea1-11e5-a1fa-be6aBc8e7f8b)]
-interface nsISecurityReporter : nsISupports
-{
- void reportTLSError(in nsITransportSecurityInfo aSecurityInfo,
- in AUTF8String aHostname,
- in long aPort);
-};