Make 'Go Back' button work even when there is nothing to go back to (bug 1221084); r=paolo

browser/base/content/aboutcerterror/aboutCertError.xhtml

@@ -51,16 +51,6 @@
         return decodeURIComponent(matches[1]);
       }
 
-      function goBack(buttonEl)
-      {
-        if (history.length > 1) {
-          history.back();
-        } else {
-          location.href = "about:home";
-        }
-        buttonEl.disabled = true;
-      }
-
       function toggleVisibility(id)
       {
         var node = document.getElementById(id);
@@ -213,7 +203,7 @@
         </div>
 
         <div id="buttonContainer">
-          <button id="returnButton" autocomplete="off" onclick="goBack(this);" autofocus="true">&certerror.returnToPreviousPage.label;</button>
+          <button id="returnButton" autocomplete="off" autofocus="true">&certerror.returnToPreviousPage.label;</button>
           <div id="buttonSpacer"></div>
           <button id="advancedButton" autocomplete="off" onclick="toggleVisibility('advancedPanel');" autofocus="true">&certerror.advanced.label;</button>
         </div>

browser/base/content/browser.js

@@ -2982,20 +2982,14 @@ var BrowserOnClick = {
         }
         break;
 
-      case "getMeOutOfHereButton":
+      case "returnButton":
         if (isTopFrame) {
           secHistogram.add(Ci.nsISecurityUITelemetry.WARNING_BAD_CERT_TOP_GET_ME_OUT_OF_HERE);
         }
-        getMeOutOfHere();
+        goBackFromErrorPage();
         break;
 
-      case "technicalContent":
+      case "advancedButton":
-        if (isTopFrame) {
-          secHistogram.add(Ci.nsISecurityUITelemetry.WARNING_BAD_CERT_TOP_TECHNICAL_DETAILS);
-        }
-        break;
-
-      case "expertContent":
         if (isTopFrame) {
           secHistogram.add(Ci.nsISecurityUITelemetry.WARNING_BAD_CERT_TOP_UNDERSTAND_RISKS);
         }
@@ -3134,6 +3128,35 @@ var BrowserOnClick = {
  * when their own homepage is infected, we can get them somewhere safe.
  */
 function getMeOutOfHere() {
+  gBrowser.loadURI(getDefaultHomePage());
+}
+
+/**
+ * Re-direct the browser to the previous page or a known-safe page if no
+ * previous page is found in history.  This function is used when the user
+ * browses to a secure page with certificate issues and is presented with
+ * about:certerror.  The "Go Back" button should take the user to the previous
+ * or a default start page so that even when their own homepage is on a server
+ * that has certificate errors, we can get them somewhere safe.
+ */
+function goBackFromErrorPage() {
+  const ss = Cc["@mozilla.org/browser/sessionstore;1"].
+             getService(Ci.nsISessionStore);
+  let state = JSON.parse(ss.getTabState(gBrowser.selectedTab));
+  if (state.index == 1) {
+    // If the unsafe page is the first or the only one in history, go to the
+    // start page.
+    gBrowser.loadURI(getDefaultHomePage());
+  } else {
+    BrowserBack();
+  }
+}
+
+/**
+ * Return the default start page for the cases when the user's own homepage is
+ * infected, so we can get them somewhere safe.
+ */
+function getDefaultHomePage() {
   // Get the start page from the *default* pref branch, not the user's
   var prefs = Services.prefs.getDefaultBranch(null);
   var url = BROWSER_NEW_TAB_URL;
@@ -3146,7 +3169,7 @@ function getMeOutOfHere() {
   } catch(e) {
     Components.utils.reportError("Couldn't get homepage pref: " + e);
   }
-  gBrowser.loadURI(url);
+  return url;
 }
 
 function BrowserFullScreen()

browser/base/content/test/general/browser_aboutCertError.js

@@ -7,6 +7,8 @@
 const GOOD_PAGE = "https://example.com/";
 const BAD_CERT = "https://expired.example.com/";
 const BAD_STS_CERT = "https://badchain.include-subdomains.pinning.example.com:443";
+const {TabStateFlusher} = Cu.import("resource:///modules/sessionstore/TabStateFlusher.jsm", {});
+const ss = Cc["@mozilla.org/browser/sessionstore;1"].getService(Ci.nsISessionStore);
 
 add_task(function* checkReturnToAboutHome() {
   info("Loading a bad cert page directly and making sure 'return to previous page' goes to about:home");
@@ -24,6 +26,12 @@ add_task(function* checkReturnToAboutHome() {
   is(browser.webNavigation.canGoBack, false, "!webNavigation.canGoBack");
   is(browser.webNavigation.canGoForward, false, "!webNavigation.canGoForward");
 
+  // Populate the shistory entries manually, since it happens asynchronously
+  // and the following tests will be too soon otherwise.
+  yield TabStateFlusher.flush(browser);
+  let {entries} = JSON.parse(ss.getTabState(tab));
+  is(entries.length, 1, "there is one shistory entry");
+
   info("Clicking the go back button on about:certerror");
   let pageshowPromise = promiseWaitForEvent(browser, "pageshow");
   yield ContentTask.spawn(browser, null, function* () {

security/manager/ssl/nsISecurityUITelemetry.idl

@@ -6,7 +6,7 @@
 
 #include "nsISupports.idl"
 
-[scriptable, uuid(56e190a0-2802-4fc4-b09f-bcda357035c3)]
+[scriptable, uuid(5d1acf82-223a-46fb-a8f3-a1b16e2ceb04)]
 
 interface nsISecurityUITelemetry : nsISupports {
 
@@ -130,7 +130,7 @@ const uint32_t WARNING_BAD_CERT_TOP_CLICK_VIEW_CERT = 71;
 const uint32_t WARNING_BAD_CERT_TOP_DONT_REMEMBER_EXCEPTION = 72;
 const uint32_t WARNING_BAD_CERT_TOP_GET_ME_OUT_OF_HERE = 73;
 const uint32_t WARNING_BAD_CERT_TOP_UNDERSTAND_RISKS = 74;
-const uint32_t WARNING_BAD_CERT_TOP_TECHNICAL_DETAILS = 75;
+//     removed WARNING_BAD_CERT_TOP_TECHNICAL_DETAILS = 75;
 
 const uint32_t WARNING_BAD_CERT_TOP_ADD_EXCEPTION_BASE = 76;
 const uint32_t WARNING_BAD_CERT_TOP_ADD_EXCEPTION_FLAG_UNTRUSTED = 1;