Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-21 17:25:36 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 902691 - Add a Learn More link to HSTS security console messages. r=msucan

Browse Source
This commit is contained in:
Ivan Alagenchev 2013-08-29 11:22:18 -04:00
parent 2c35337455
commit b8d3f70dff
6 changed files with 43 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
browser/devtools/webconsole/test/browser_webconsole_allow_mixedcontent_securityerrors.js
View File

@ -10,7 +10,7 @@
// Blocker to the Security Pane in the Web Console
const TEST_URI = "https://example.com/browser/browser/devtools/webconsole/test/test-mixedcontent-securityerrors.html";
const LEARN_MORE_URI = "https://developer.mozilla.org/en/Security/MixedContent";
const LEARN_MORE_URI = "https://developer.mozilla.org/Security/MixedContent";
function test()
{

2
browser/devtools/webconsole/test/browser_webconsole_block_mixedcontent_securityerrors.js
View File

@ -13,7 +13,7 @@
// Blocker to the Security Pane in the Web Console
const TEST_URI = "https://example.com/browser/browser/devtools/webconsole/test/test-mixedcontent-securityerrors.html";
const LEARN_MORE_URI = "https://developer.mozilla.org/en/Security/MixedContent";
const LEARN_MORE_URI = "https://developer.mozilla.org/Security/MixedContent";
function test()
{

2
browser/devtools/webconsole/test/browser_webconsole_bug_737873_mixedcontent.js
View File

@ -48,7 +48,7 @@ function testMixedContent(hud) {
let oldOpenLink = hud.openLink;
let linkOpened = false;
hud.openLink = (url) => {
is(url, "https://developer.mozilla.org/en/Security/MixedContent",
is(url, "https://developer.mozilla.org/Security/MixedContent",
"url opened");
linkOpened = true;
};

2
browser/devtools/webconsole/test/browser_webconsole_bug_762593_insecure_passwords_web_console_warning.js
View File

@ -9,7 +9,7 @@ const TEST_URI = "http://example.com/browser/browser/devtools/webconsole/test/te
const INSECURE_PASSWORD_MSG = "Password fields present on an insecure (http://) page. This is a security risk that allows user login credentials to be stolen.";
const INSECURE_FORM_ACTION_MSG = "Password fields present in a form with an insecure (http://) form action. This is a security risk that allows user login credentials to be stolen.";
const INSECURE_IFRAME_MSG = "Password fields present on an insecure (http://) iframe. This is a security risk that allows user login credentials to be stolen.";
const INSECURE_PASSWORDS_URI = "https://developer.mozilla.org/en-US/docs/Security/InsecurePasswords";
const INSECURE_PASSWORDS_URI = "https://developer.mozilla.org/docs/Security/InsecurePasswords";
function test() {
addTab(TEST_URI);

25
browser/devtools/webconsole/test/browser_webconsole_bug_846918_hsts_invalid-headers.js
View File

@ -4,6 +4,7 @@
* to the web console */
const TEST_URI = "https://example.com/browser/browser/devtools/webconsole/test/test-bug-846918-hsts-invalid-headers.html";
const HSTS_INVALID_HEADER_MSG = "The site specified an invalid Strict-Transport-Security header.";
const LEARN_MORE_URI = "https://developer.mozilla.org/docs/Security/HTTP_Strict_Transport_Security";
function test()
{
@ -21,7 +22,29 @@ function test()
severity: SEVERITY_WARNING
},
],
}).then(finishTest);
}).then(() => testClickOpenNewTab(hud));
});
}, true);
}
function testClickOpenNewTab(hud) {
let warningNode = hud.outputNode.querySelector(
".webconsole-learn-more-link");
// Invoke the click event and check if a new tab would
// open to the correct page.
let linkOpened = false;
let oldOpenUILinkIn = window.openUILinkIn;
window.openUILinkIn = function(aLink) {
if (aLink == LEARN_MORE_URI) {
linkOpened = true;
}
}
EventUtils.synthesizeMouse(warningNode, 2, 2, {},
warningNode.ownerDocument.defaultView);
ok(linkOpened, "Clicking the Learn More Warning node opens the desired page");
window.openUILinkIn = oldOpenUILinkIn;
finishTest();
}

24
browser/devtools/webconsole/webconsole.js
View File

@ -37,9 +37,11 @@ let l10n = new WebConsoleUtils.l10n(STRINGS_URI);
// The XUL namespace.
const XUL_NS = "http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul";
const MIXED_CONTENT_LEARN_MORE = "https://developer.mozilla.org/en/Security/MixedContent";
const MIXED_CONTENT_LEARN_MORE = "https://developer.mozilla.org/Security/MixedContent";
const INSECURE_PASSWORDS_LEARN_MORE = "https://developer.mozilla.org/en-US/docs/Security/InsecurePasswords";
const INSECURE_PASSWORDS_LEARN_MORE = "https://developer.mozilla.org/docs/Security/InsecurePasswords";
const STRICT_TRANSPORT_SECURITY_LEARN_MORE = "https://developer.mozilla.org/docs/Security/HTTP_Strict_Transport_Security";
const HELP_URL = "https://developer.mozilla.org/docs/Tools/Web_Console/Helpers";
@ -1447,14 +1449,18 @@ WebConsoleFrame.prototype = {
addMoreInfoLink: function WCF_addMoreInfoLink(aNode, aScriptError)
{
let url;
if (aScriptError.category == "Insecure Password Field") {
url = INSECURE_PASSWORDS_LEARN_MORE;
}
else if (aScriptError.category == "Mixed Content Message" ||
aScriptError.category == "Mixed Content Blocker") {
switch (aScriptError.category) {
case "Insecure Password Field":
url = INSECURE_PASSWORDS_LEARN_MORE;
break;
case "Mixed Content Message":
case "Mixed Content Blocker":
url = MIXED_CONTENT_LEARN_MORE;
}
else {
break;
case "Invalid HSTS Headers":
url = STRICT_TRANSPORT_SECURITY_LEARN_MORE;
break;
default:
// Unknown category. Return without adding more info node.
return;
}