Bug 380932: land netError page for malware URIs, patch by Johnathan Nightingale <johnath@mozilla.com>, r=biesi, ui+r=beltzner

browser/locales/en-US/chrome/overrides/netError.dtd

@@ -134,3 +134,9 @@
     that &brandShortName; is permitted to access the Web.</li>
 </ul>
 ">
+
+<!ENTITY malwareBlocked.title "Suspected Attack Site!">
+<!ENTITY malwareBlocked.longDesc "<p>
+Attack sites try to install programs that steal private information, use your computer to attack others, or damage your system.</p>
+<p>You should not visit this site.</p>
+">

docshell/resources/content/netError.xhtml

@@ -38,6 +38,7 @@
    -   William R. Price <wrprice@alumni.rice.edu>
    -   Henrik Skupin <mozilla@hskupin.info>
    -   Jeff Walden <jwalden+code@mit.edu>
+   -   Johnathan Nightingale <johnath@mozilla.com>
    -
    - Alternatively, the contents of this file may be used under the terms of
    - either the GNU General Public License Version 2 or later (the "GPL"), or
@@ -57,12 +58,16 @@
   <head>
     <title>&loadError.label;</title>
     <link rel="stylesheet" href="chrome://global/skin/netError.css" type="text/css" media="all" />
-    <!-- XXX this needs to be themeable -->
-    <link rel="icon" type="image/png" href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAANbY1E9YMgAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAICSURBVHjaYvz//z8DJQAggJhwiDPvnmlzc2aR0O+JGezt+AwACCCsBhxfYhn59N41FWtXIxZOLu70niRGXVwGAAQQNgNYHj96O8HaWYdJW5ubwd4/mI2Ng7sblwEAAYRhwMm1URk/vn4SUNWVYGD8+YZBXZOZm5OLzRjoCmNsBgAEEKoBN82Y7l851GLrqMjM8Oc7A8O/3wwMP54wuAQFCXNycUzGZgBAAKEYcOaKZO2/f//5FbUVgBrfMoRVcgHpNwyKGjKMXDwCan0prFboBgAEELIBzDcvXyy2cVZhYPj9GWj7H4jo/38MDJ9OMDj7O/KzsjH3oxsAEEBwA/bNNipiZf7FI6cqwcDw8x2qqp8fGORUpVn4BEXlgGHhhCwFEEAwA9gfP3hdZ+Oizcjw+wvCdjgAuuLrFQbXIH9hTm7uqcgyAAEENuD4ctcebm5mbikFYRTbV7V/Q6j88Z5BSuY7q4CQgAjQFR4wYYAAAhtw89L5ZFsnRaDtn4CW/YXrAQcisit+PGVwDgrnZ2NnnwATBQggpsNLvGYLCAmxi8tLARWg+h3FBVBXSEj/ZZWQkRcCuiIQJAQQQCyvnj5KMDTkZ2JgYmRg4FchnHv+vmEwttLmeXT3VjKQtx4ggFgk5TXebV63UfT3ijOMxOZAVlZWdiB1EMQGCCBGSrMzQIABAFR3kRM3KggZAAAAAElFTkSuQmCC" />
+    <link rel="icon" type="image/png" id="favicon" href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAANbY1E9YMgAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAICSURBVHjaYvz//z8DJQAggJhwiDPvnmlzc2aR0O+JGezt+AwACCCsBhxfYhn59N41FWtXIxZOLu70niRGXVwGAAQQNgNYHj96O8HaWYdJW5ubwd4/mI2Ng7sblwEAAYRhwMm1URk/vn4SUNWVYGD8+YZBXZOZm5OLzRjoCmNsBgAEEKoBN82Y7l851GLrqMjM8Oc7A8O/3wwMP54wuAQFCXNycUzGZgBAAKEYcOaKZO2/f//5FbUVgBrfMoRVcgHpNwyKGjKMXDwCan0prFboBgAEELIBzDcvXyy2cVZhYPj9GWj7H4jo/38MDJ9OMDj7O/KzsjH3oxsAEEBwA/bNNipiZf7FI6cqwcDw8x2qqp8fGORUpVn4BEXlgGHhhCwFEEAwA9gfP3hdZ+Oizcjw+wvCdjgAuuLrFQbXIH9hTm7uqcgyAAEENuD4ctcebm5mbikFYRTbV7V/Q6j88Z5BSuY7q4CQgAjQFR4wYYAAAhtw89L5ZFsnRaDtn4CW/YXrAQcisit+PGVwDgrnZ2NnnwATBQggpsNLvGYLCAmxi8tLARWg+h3FBVBXSEj/ZZWQkRcCuiIQJAQQQCyvnj5KMDTkZ2JgYmRg4FchnHv+vmEwttLmeXT3VjKQtx4ggFgk5TXebV63UfT3ijOMxOZAVlZWdiB1EMQGCCBGSrMzQIABAFR3kRM3KggZAAAAAElFTkSuQmCC"/>
 
     <script type="application/x-javascript"><![CDATA[
       // Error url MUST be formatted like this:
       //   moz-neterror:page?e=error&u=url&d=desc
+      //
+      // or optionally, to specify an alternate CSS class to allow for
+      // custom styling and favicon:
+      //
+      //   moz-neterror:page?c=classname&e=error&u=url&d=desc
 
       // Note that this file uses document.documentURI to get
       // the URL (with the format from above). This is because
@@ -78,6 +83,19 @@
         return decodeURIComponent(url.slice(error + 2, duffUrl));
       }
 
+      function getCSSClass()
+      {
+        var url = document.documentURI;
+        var class = url.search(/c\=/);
+        
+        // c is optional, if class === -1 just return nothing
+        if (class === -1)
+          return "";
+          
+        var rest = url.search(/\&/);
+        return decodeURIComponent(url.slice(class + 2, rest));
+      }
+
       function getDescription()
       {
         var url = document.documentURI;
@@ -142,6 +160,22 @@
         // remove undisplayed errors to avoid bug 39098
         var errContainer = document.getElementById("errorContainer");
         errContainer.parentNode.removeChild(errContainer);
+
+        var class = getCSSClass();
+        if (class) {
+          // Associate a CSS class with the root of the page, if one was passed in,
+          // to allow custom styling.
+          document.documentElement.className = class;
+
+          // Also, if they specified a CSS class, they must supply their own
+          // favicon.  In order to trigger the browser to repaint though, we
+          // need to remove/add the link element. 
+          var favicon = document.getElementById("favicon");
+          var faviconParent = favicon.parentNode;
+          faviconParent.removeChild(favicon);
+          favicon.setAttribute("href", "chrome://global/skin/icons/" + class + "_favicon.png");
+          faviconParent.appendChild(favicon);
+        }
       }
     ]]></script>
   </head>
@@ -168,6 +202,7 @@
         <h1 id="et_proxyConnectFailure">&proxyConnectFailure.title;</h1>
         <h1 id="et_contentEncodingError">&contentEncodingError.title;</h1>
         <h1 id="et_nssFailure2">&nssFailure2.title;</h1>
+        <h1 id="et_malwareBlocked">&malwareBlocked.title;</h1>
       </div>
       <div id="errorDescriptionsContainer">
         <div id="ed_generic">&generic.longDesc;</div>
@@ -187,6 +222,7 @@
         <div id="ed_proxyConnectFailure">&proxyConnectFailure.longDesc;</div>
         <div id="ed_contentEncodingError">&contentEncodingError.longDesc;</div>
         <div id="ed_nssFailure2">&nssFailure2.longDesc;</div>
+        <div id="ed_malwareBlocked">&malwareBlocked.longDesc;</div>
       </div>
     </div>
 

dom/locales/en-US/chrome/netError.dtd

@@ -53,3 +53,9 @@
 
 <!ENTITY nssFailure2.title "Secure Connection Failed">
 <!ENTITY nssFailure2.longDesc "<p>The page you are trying to view can not be shown because the authenticity of the received data could not be verified.</p><ul><li>Please contact the web site owners to inform them of this problem.</li></ul>">
+
+<!ENTITY malwareBlocked.title "Suspected Attack Site!">
+<!ENTITY malwareBlocked.longDesc "<p>
+Attack sites try to install programs that steal private information, use your computer to attack others, or damage your system.</p>
+<p>You should not visit this site.</p>
+">

toolkit/themes/pinstripe/global/jar.mn

@@ -113,6 +113,8 @@ classic.jar:
 +  skin/classic/global/icons/alert-question.gif                       (icons/alert-question.gif)
 +  skin/classic/global/icons/autocomplete-dropmarker.png              (icons/autocomplete-dropmarker.png)
 +  skin/classic/global/icons/autoscroll.png                           (icons/autoscroll.png)
++  skin/classic/global/icons/blacklist_favicon.png                    (icons/blacklist_favicon.png)
++  skin/classic/global/icons/blacklist_large.png                      (icons/blacklist_large.png)
 +  skin/classic/global/icons/chevron.png                              (icons/chevron.png)
 +  skin/classic/global/icons/close.gif                                (icons/close.gif)
 +  skin/classic/global/icons/closetab-active.png                      (icons/closetab-active.png)

toolkit/themes/pinstripe/global/netError.css

@@ -103,3 +103,24 @@ body[dir="rtl"] #brand {
 #errorContainer {
   display: none;
 }
+
+/* Custom styling for 'blacklist' error class */
+:root.blacklist #errorTitle, :root.blacklist #errorLongContent,
+:root.blacklist #errorShortDesc, :root.blacklist #errorLongDesc {
+  background-color: #722; /* Dark red */
+  color: white;
+}
+
+:root.blacklist #errorPageContainer {
+  background-image: url("chrome://global/skin/icons/blacklist_large.png");
+  background-color: #722;
+}
+
+:root.blacklist {
+  background: #333;
+}
+
+:root.blacklist #errorTryAgain {
+  display: none;
+}
+

toolkit/themes/winstripe/global/jar.mn

@@ -75,6 +75,8 @@ classic.jar:
         skin/classic/global/icons/autocomplete-dropmark-bkgnd-mid-top.png    (icons/autocomplete-dropmark-bkgnd-mid-top.png)
         skin/classic/global/icons/autocomplete-dropmark-bkgnd-mid-bottom.png (icons/autocomplete-dropmark-bkgnd-mid-bottom.png)
         skin/classic/global/icons/autoscroll.png                    (icons/autoscroll.png)
+        skin/classic/global/icons/blacklist_favicon.png             (icons/blacklist_favicon.png)
+        skin/classic/global/icons/blacklist_large.png               (icons/blacklist_large.png)
         skin/classic/global/icons/Close.gif                         (icons/Close.gif)
         skin/classic/global/icons/close.png                         (icons/close.png)
         skin/classic/global/icons/alltabs.png                       (icons/alltabs.png)

toolkit/themes/winstripe/global/netError.css

@@ -103,3 +103,23 @@ body[dir="rtl"] #brand {
 #errorContainer {
   display: none;
 }
+
+/* Custom styling for 'blacklist' error class */
+:root.blacklist #errorTitle, :root.blacklist #errorLongContent,
+:root.blacklist #errorShortDesc, :root.blacklist #errorLongDesc {
+  background-color: #722; /* Dark red */
+  color: white;
+}
+
+:root.blacklist #errorPageContainer {
+  background-image: url("chrome://global/skin/icons/blacklist_large.png");
+  background-color: #722;
+}
+
+:root.blacklist {
+  background: #333;
+}
+
+:root.blacklist #errorTryAgain {
+  display: none;
+}