mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-21 17:25:36 +00:00
Bug 902691 - Add a Learn More link to HSTS security console messages. r=msucan
This commit is contained in:
parent
2c35337455
commit
b8d3f70dff
@ -10,7 +10,7 @@
|
||||
// Blocker to the Security Pane in the Web Console
|
||||
|
||||
const TEST_URI = "https://example.com/browser/browser/devtools/webconsole/test/test-mixedcontent-securityerrors.html";
|
||||
const LEARN_MORE_URI = "https://developer.mozilla.org/en/Security/MixedContent";
|
||||
const LEARN_MORE_URI = "https://developer.mozilla.org/Security/MixedContent";
|
||||
|
||||
function test()
|
||||
{
|
||||
|
@ -13,7 +13,7 @@
|
||||
// Blocker to the Security Pane in the Web Console
|
||||
|
||||
const TEST_URI = "https://example.com/browser/browser/devtools/webconsole/test/test-mixedcontent-securityerrors.html";
|
||||
const LEARN_MORE_URI = "https://developer.mozilla.org/en/Security/MixedContent";
|
||||
const LEARN_MORE_URI = "https://developer.mozilla.org/Security/MixedContent";
|
||||
|
||||
function test()
|
||||
{
|
||||
|
@ -48,7 +48,7 @@ function testMixedContent(hud) {
|
||||
let oldOpenLink = hud.openLink;
|
||||
let linkOpened = false;
|
||||
hud.openLink = (url) => {
|
||||
is(url, "https://developer.mozilla.org/en/Security/MixedContent",
|
||||
is(url, "https://developer.mozilla.org/Security/MixedContent",
|
||||
"url opened");
|
||||
linkOpened = true;
|
||||
};
|
||||
|
@ -9,7 +9,7 @@ const TEST_URI = "http://example.com/browser/browser/devtools/webconsole/test/te
|
||||
const INSECURE_PASSWORD_MSG = "Password fields present on an insecure (http://) page. This is a security risk that allows user login credentials to be stolen.";
|
||||
const INSECURE_FORM_ACTION_MSG = "Password fields present in a form with an insecure (http://) form action. This is a security risk that allows user login credentials to be stolen.";
|
||||
const INSECURE_IFRAME_MSG = "Password fields present on an insecure (http://) iframe. This is a security risk that allows user login credentials to be stolen.";
|
||||
const INSECURE_PASSWORDS_URI = "https://developer.mozilla.org/en-US/docs/Security/InsecurePasswords";
|
||||
const INSECURE_PASSWORDS_URI = "https://developer.mozilla.org/docs/Security/InsecurePasswords";
|
||||
|
||||
function test() {
|
||||
addTab(TEST_URI);
|
||||
|
@ -4,6 +4,7 @@
|
||||
* to the web console */
|
||||
const TEST_URI = "https://example.com/browser/browser/devtools/webconsole/test/test-bug-846918-hsts-invalid-headers.html";
|
||||
const HSTS_INVALID_HEADER_MSG = "The site specified an invalid Strict-Transport-Security header.";
|
||||
const LEARN_MORE_URI = "https://developer.mozilla.org/docs/Security/HTTP_Strict_Transport_Security";
|
||||
|
||||
function test()
|
||||
{
|
||||
@ -21,7 +22,29 @@ function test()
|
||||
severity: SEVERITY_WARNING
|
||||
},
|
||||
],
|
||||
}).then(finishTest);
|
||||
}).then(() => testClickOpenNewTab(hud));
|
||||
});
|
||||
}, true);
|
||||
}
|
||||
|
||||
function testClickOpenNewTab(hud) {
|
||||
let warningNode = hud.outputNode.querySelector(
|
||||
".webconsole-learn-more-link");
|
||||
|
||||
// Invoke the click event and check if a new tab would
|
||||
// open to the correct page.
|
||||
let linkOpened = false;
|
||||
let oldOpenUILinkIn = window.openUILinkIn;
|
||||
window.openUILinkIn = function(aLink) {
|
||||
if (aLink == LEARN_MORE_URI) {
|
||||
linkOpened = true;
|
||||
}
|
||||
}
|
||||
|
||||
EventUtils.synthesizeMouse(warningNode, 2, 2, {},
|
||||
warningNode.ownerDocument.defaultView);
|
||||
ok(linkOpened, "Clicking the Learn More Warning node opens the desired page");
|
||||
window.openUILinkIn = oldOpenUILinkIn;
|
||||
|
||||
finishTest();
|
||||
}
|
||||
|
@ -37,9 +37,11 @@ let l10n = new WebConsoleUtils.l10n(STRINGS_URI);
|
||||
// The XUL namespace.
|
||||
const XUL_NS = "http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul";
|
||||
|
||||
const MIXED_CONTENT_LEARN_MORE = "https://developer.mozilla.org/en/Security/MixedContent";
|
||||
const MIXED_CONTENT_LEARN_MORE = "https://developer.mozilla.org/Security/MixedContent";
|
||||
|
||||
const INSECURE_PASSWORDS_LEARN_MORE = "https://developer.mozilla.org/en-US/docs/Security/InsecurePasswords";
|
||||
const INSECURE_PASSWORDS_LEARN_MORE = "https://developer.mozilla.org/docs/Security/InsecurePasswords";
|
||||
|
||||
const STRICT_TRANSPORT_SECURITY_LEARN_MORE = "https://developer.mozilla.org/docs/Security/HTTP_Strict_Transport_Security";
|
||||
|
||||
const HELP_URL = "https://developer.mozilla.org/docs/Tools/Web_Console/Helpers";
|
||||
|
||||
@ -1447,14 +1449,18 @@ WebConsoleFrame.prototype = {
|
||||
addMoreInfoLink: function WCF_addMoreInfoLink(aNode, aScriptError)
|
||||
{
|
||||
let url;
|
||||
if (aScriptError.category == "Insecure Password Field") {
|
||||
url = INSECURE_PASSWORDS_LEARN_MORE;
|
||||
}
|
||||
else if (aScriptError.category == "Mixed Content Message" ||
|
||||
aScriptError.category == "Mixed Content Blocker") {
|
||||
switch (aScriptError.category) {
|
||||
case "Insecure Password Field":
|
||||
url = INSECURE_PASSWORDS_LEARN_MORE;
|
||||
break;
|
||||
case "Mixed Content Message":
|
||||
case "Mixed Content Blocker":
|
||||
url = MIXED_CONTENT_LEARN_MORE;
|
||||
}
|
||||
else {
|
||||
break;
|
||||
case "Invalid HSTS Headers":
|
||||
url = STRICT_TRANSPORT_SECURITY_LEARN_MORE;
|
||||
break;
|
||||
default:
|
||||
// Unknown category. Return without adding more info node.
|
||||
return;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user