gecko-dev/browser/base/content/blockedSite.xhtml

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE html [
  <!ENTITY % htmlDTD PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "DTD/xhtml1-strict.dtd">
  %htmlDTD;
  <!ENTITY % globalDTD SYSTEM "chrome://global/locale/global.dtd">
  %globalDTD;
  <!ENTITY % brandDTD SYSTEM "chrome://branding/locale/brand.dtd" >
  %brandDTD;
  <!ENTITY % blockedSiteDTD SYSTEM "chrome://browser/locale/safebrowsing/phishing-afterload-warning-message.dtd">
  %blockedSiteDTD;
]>

<!-- This Source Code Form is subject to the terms of the Mozilla Public
   - License, v. 2.0. If a copy of the MPL was not distributed with this
   - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->

<html xmlns="http://www.w3.org/1999/xhtml" class="blacklist">
  <head>
    <link rel="stylesheet" href="chrome://browser/skin/blockedSite.css" type="text/css" media="all" />
    <link rel="icon" type="image/png" id="favicon" href="chrome://global/skin/icons/blacklist_favicon.png"/>

    <script type="application/javascript"><![CDATA[
      // Error url MUST be formatted like this:
      //   about:blocked?e=error_code&u=url(&o=1)?
      //     (o=1 when user overrides are allowed)

      // Note that this file uses document.documentURI to get
      // the URL (with the format from above). This is because
      // document.location.href gets the current URI off the docshell,
      // which is the URL displayed in the location bar, i.e.
      // the URI that the user attempted to load.

      function getErrorCode() {
        var url = document.documentURI;
        var error = url.search(/e\=/);
        var duffUrl = url.search(/\&u\=/);
        return decodeURIComponent(url.slice(error + 2, duffUrl));
      }

      function getURL() {
        var url = document.documentURI;
        var match = url.match(/&u=([^&]+)&/);

        // match == null if not found; if so, return an empty string
        // instead of what would turn out to be portions of the URI
        if (!match)
          return "";

        url = decodeURIComponent(match[1]);

        // If this is a view-source page, then get then real URI of the page
        if (url.startsWith("view-source:"))
          url = url.slice(12);
        return url;
      }

      /**
       * Check whether this warning page should be overridable or whether
       * the "ignore warning" button should be hidden.
       */
      function getOverride() {
        var url = document.documentURI;
        var match = url.match(/&o=1&/);
        return !!match;
      }

      /**
       * Attempt to get the hostname via document.location.  Fail back
       * to getURL so that we always return something meaningful.
       */
      function getHostString() {
        try {
          return document.location.hostname;
        } catch (e) {
          return getURL();
        }
      }

      function initPage() {
        var error = "";
        switch (getErrorCode()) {
          case "malwareBlocked" :
            error = "malware";
            break;
          case "deceptiveBlocked" :
            error = "phishing";
            break;
          case "unwantedBlocked" :
            error = "unwanted";
            break;
          default:
            return;
        }

        var el;

        if (error !== "malware") {
          el = document.getElementById("errorTitleText_malware");
          el.remove();
          el = document.getElementById("errorShortDescText_malware");
          el.remove();
          el = document.getElementById("errorLongDescText_malware");
          el.remove();
        }

        if (error !== "phishing") {
          el = document.getElementById("errorTitleText_phishing");
          el.remove();
          el = document.getElementById("errorShortDescText_phishing");
          el.remove();
          el = document.getElementById("errorLongDescText_phishing");
          el.remove();
        }

        if (error !== "unwanted") {
          el = document.getElementById("errorTitleText_unwanted");
          el.remove();
          el = document.getElementById("errorShortDescText_unwanted");
          el.remove();
          el = document.getElementById("errorLongDescText_unwanted");
          el.remove();
        }

        // Set sitename
        document.getElementById(error + "_sitename").textContent = getHostString();
        document.title = document.getElementById("errorTitleText_" + error)
                                 .innerHTML;

        if (!getOverride()) {
          var btn = document.getElementById("ignoreWarningButton");
          if (btn) {
            btn.remove();
          }
        }

        // Inform the test harness that we're done loading the page
        var event = new CustomEvent("AboutBlockedLoaded", {bubbles: true});
        document.dispatchEvent(event);
      }
    ]]></script>
  </head>

  <body dir="&locale.dir;">
    <div id="errorPageContainer" class="container">

      <!-- Error Title -->
      <div id="errorTitle" class="title">
        <h1 class="title-text" id="errorTitleText_phishing">&safeb.blocked.phishingPage.title2;</h1>
        <h1 class="title-text" id="errorTitleText_malware">&safeb.blocked.malwarePage.title;</h1>
        <h1 class="title-text" id="errorTitleText_unwanted">&safeb.blocked.unwantedPage.title;</h1>
      </div>

      <div id="errorLongContent">

        <!-- Short Description -->
        <div id="errorShortDesc">
          <p id="errorShortDescText_phishing">&safeb.blocked.phishingPage.shortDesc2;</p>
          <p id="errorShortDescText_malware">&safeb.blocked.malwarePage.shortDesc;</p>
          <p id="errorShortDescText_unwanted">&safeb.blocked.unwantedPage.shortDesc;</p>
        </div>

        <!-- Long Description -->
        <div id="errorLongDesc">
          <p id="errorLongDescText_phishing">&safeb.blocked.phishingPage.longDesc2;</p>
          <p id="errorLongDescText_malware">&safeb.blocked.malwarePage.longDesc;</p>
          <p id="errorLongDescText_unwanted">&safeb.blocked.unwantedPage.longDesc;</p>
        </div>

        <!-- Advisory -->
        <div id="advisoryDesc">
          <p id="advisoryDescText">&safeb.palm.advisory.desc;</p>
        </div>

        <!-- Action buttons -->
        <div id="buttons" class="button-container">
          <!-- Commands handled in browser.js -->
          <button id="getMeOutButton" class="primary">&safeb.palm.accept.label;</button>
          <div class="button-spacer"></div>
          <button id="reportButton">&safeb.palm.reportPage.label;</button>
        </div>
      </div>
      <div id="ignoreWarning">
        <button id="ignoreWarningButton">&safeb.palm.decline.label;</button>
      </div>
    </div>
    <!--
    - Note: It is important to run the script this way, instead of using
    - an onload handler. This is because error pages are loaded as
    - LOAD_BACKGROUND, which means that onload handlers will not be executed.
    -->
    <script type="application/javascript">
      initPage();
    </script>
  </body>
</html>