summaryrefslogtreecommitdiffstats
path: root/security/manager
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@wolfbeast.com>2019-08-17 22:28:30 +0200
committerwolfbeast <mcwerewolf@wolfbeast.com>2019-08-17 22:28:30 +0200
commit3252e220000430851ce92446f0fd1336258c7584 (patch)
tree3580c2cc08d62371a662de0b7df41db3d0d11412 /security/manager
parentab6242a93b849b0a3c7525b16bc01dd3172fc167 (diff)
downloadUXP-3252e220000430851ce92446f0fd1336258c7584.tar
UXP-3252e220000430851ce92446f0fd1336258c7584.tar.gz
UXP-3252e220000430851ce92446f0fd1336258c7584.tar.lz
UXP-3252e220000430851ce92446f0fd1336258c7584.tar.xz
UXP-3252e220000430851ce92446f0fd1336258c7584.zip
Issue #1064: Don't get certificate details synchronously.
This avoids getting data synchronously on the main thread in an XHR (which has been deprecated for a long time and _may_ actually be blocked in our networking) and attempts to be more predictable by always firing an update request for the dialog from the XHR request handlers.
Diffstat (limited to 'security/manager')
-rw-r--r--security/manager/pki/resources/content/exceptionDialog.js82
1 files changed, 31 insertions, 51 deletions
diff --git a/security/manager/pki/resources/content/exceptionDialog.js b/security/manager/pki/resources/content/exceptionDialog.js
index c106cdbf5..cebf51fa1 100644
--- a/security/manager/pki/resources/content/exceptionDialog.js
+++ b/security/manager/pki/resources/content/exceptionDialog.js
@@ -15,32 +15,6 @@ var gNeedReset;
Components.utils.import("resource://gre/modules/PrivateBrowsingUtils.jsm");
-function badCertListener() {}
-badCertListener.prototype = {
- getInterface: function (aIID) {
- return this.QueryInterface(aIID);
- },
- QueryInterface: function(aIID) {
- if (aIID.equals(Components.interfaces.nsIBadCertListener2) ||
- aIID.equals(Components.interfaces.nsIInterfaceRequestor) ||
- aIID.equals(Components.interfaces.nsISupports)) {
- return this;
- }
-
- throw new Error(Components.results.NS_ERROR_NO_INTERFACE);
- },
- handle_test_result: function () {
- if (gSSLStatus) {
- gCert = gSSLStatus.QueryInterface(Components.interfaces.nsISSLStatus).serverCert;
- }
- },
- notifyCertProblem: function MSR_notifyCertProblem(socketInfo, sslStatus, targetHost) {
- gBroken = true;
- gSSLStatus = sslStatus;
- this.handle_test_result();
- return true; // suppress error UI
- }
-};
function initExceptionDialog() {
gNeedReset = false;
@@ -85,6 +59,28 @@ function initExceptionDialog() {
}
/**
+ * Helper function for checkCert. Set as the onerror/onload callbacks for an
+ * XMLHttpRequest. Sets gSSLStatus, gCert, gBroken, and gChecking according to
+ * the load information from the request. Probably should not be used directly.
+ *
+ * @param {XMLHttpRequest} req
+ * The XMLHttpRequest created and sent by checkCert.
+ * @param {Event} evt
+ * The load or error event.
+ */
+function grabCert(req, evt) {
+ if (req.channel && req.channel.securityInfo) {
+ gSSLStatus = req.channel.securityInfo
+ .QueryInterface(Ci.nsISSLStatusProvider).SSLStatus;
+ gCert = gSSLStatus ? gSSLStatus.QueryInterface(Ci.nsISSLStatus).serverCert
+ : null;
+ }
+ gBroken = evt.type == "error";
+ gChecking = false;
+ updateCertStatus();
+}
+
+/**
* Attempt to download the certificate for the location specified, and populate
* the Certificate Status section with the result.
*/
@@ -95,34 +91,18 @@ function checkCert() {
gBroken = false;
updateCertStatus();
- var uri = getURI();
+ let uri = getURI();
- var req = new XMLHttpRequest();
- try {
- if (uri) {
- req.open('GET', uri.prePath, false);
- req.channel.notificationCallbacks = new badCertListener();
- req.send(null);
- }
- } catch (e) {
- // We *expect* exceptions if there are problems with the certificate
- // presented by the site. Log it, just in case, but we can proceed here,
- // with appropriate sanity checks
- Components.utils.reportError("Attempted to connect to a site with a bad certificate in the add exception dialog. " +
- "This results in a (mostly harmless) exception being thrown. " +
- "Logged for information purposes only: " + e);
- } finally {
+ if (uri) {
+ let req = new XMLHttpRequest();
+ req.open("GET", uri.prePath);
+ req.onerror = grabCert.bind(this, req);
+ req.onload = grabCert.bind(this, req);
+ req.send(null);
+ } else {
gChecking = false;
+ updateCertStatus();
}
-
- if (req.channel && req.channel.securityInfo) {
- const Ci = Components.interfaces;
- gSSLStatus = req.channel.securityInfo
- .QueryInterface(Ci.nsISSLStatusProvider).SSLStatus;
- gCert = gSSLStatus.QueryInterface(Ci.nsISSLStatus).serverCert;
- }
-
- updateCertStatus();
}
/**