Bug 1549605 - Add an indicator in the identity popup for when the site is verified by an imported root certificate. r=nhnt11

Differential Revision: https://phabricator.services.mozilla.com/D30136

--HG--
extra : moz-landing-system : lando

browser/base/content/browser-siteIdentity.js

@@ -140,6 +140,11 @@ var gIdentityHandler = {
     return this._identityPopupContentVerif =
       document.getElementById("identity-popup-content-verifier");
   },
+  get _identityPopupCustomRootLearnMore() {
+    delete this._identityPopupCustomRootLearnMore;
+    return this._identityPopupCustomRootLearnMore =
+      document.getElementById("identity-popup-custom-root-learn-more");
+  },
   get _identityPopupMixedContentLearnMore() {
     delete this._identityPopupMixedContentLearnMore;
     return this._identityPopupMixedContentLearnMore =
@@ -509,6 +514,18 @@ var gIdentityHandler = {
     return "unknownIdentity";
   },
 
+  /**
+   * Returns whether the issuer of the current certificate chain is
+   * built-in (returns false) or imported (returns true).
+   */
+  _hasCustomRoot() {
+    let issuerCert = null;
+    // Walk the whole chain to get the last cert.
+    for (issuerCert of this._secInfo.succeededCertChain.getEnumerator());
+
+    return !issuerCert.isBuiltInRoot;
+  },
+
   /**
    * Updates the identity block user interface with the data from this object.
    */
@@ -695,10 +712,14 @@ var gIdentityHandler = {
       e => e.setAttribute("href", baseURL + "mixed-content"));
     this._identityPopupInsecureLoginFormsLearnMore
         .setAttribute("href", baseURL + "insecure-password");
+    this._identityPopupCustomRootLearnMore
+        .setAttribute("href", baseURL + "enterprise-roots");
 
     // This is in the properties file because the expander used to switch its tooltip.
     this._popupExpander.tooltipText = gNavigatorBundle.getString("identity.showDetails.tooltip");
 
+    let customRoot = false;
+
     // Determine connection security information.
     let connection = "not-secure";
     if (this._isSecureInternalUI) {
@@ -713,6 +734,7 @@ var gIdentityHandler = {
       connection = "secure-cert-user-overridden";
     } else if (this._isSecure) {
       connection = "secure";
+      customRoot = this._hasCustomRoot();
     }
 
     // Determine if there are insecure login forms.
@@ -762,6 +784,7 @@ var gIdentityHandler = {
       updateAttribute(element, "ciphers", ciphers);
       updateAttribute(element, "mixedcontent", mixedcontent);
       updateAttribute(element, "isbroken", this._isBroken);
+      updateAttribute(element, "customroot", customRoot);
     }
 
     // Initialize the optional strings to empty values

browser/base/content/test/siteIdentity/browser.ini

@@ -46,6 +46,7 @@ support-files =
 [browser_identityBlock_focus.js]
 support-files = ../permissions/permissions.html
 [browser_identityPopup_clearSiteData.js]
+[browser_identityPopup_custom_roots.js]
 [browser_identityPopup_focus.js]
 [browser_insecureLoginForms.js]
 support-files =

browser/base/content/test/siteIdentity/browser_identityPopup_custom_roots.js

@@ -0,0 +1,47 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/* Test that the UI for imported root certificates shows up correctly in the identity popup.
+ */
+
+const TEST_PATH = getRootDirectory(gTestPath).replace("chrome://mochitests/content", "https://example.com");
+
+// This test is incredibly simple, because our test framework already
+// imports root certificates by default, so we just visit example.com
+// and verify that the custom root certificates UI is visible.
+add_task(async function test_https() {
+  await BrowserTestUtils.withNewTab("https://example.com", async function() {
+    let promisePanelOpen = BrowserTestUtils.waitForEvent(gIdentityHandler._identityPopup, "popupshown");
+    gIdentityHandler._identityBox.click();
+    await promisePanelOpen;
+    let customRootWarning = document.getElementById("identity-popup-security-decription-custom-root");
+    ok(BrowserTestUtils.is_visible(customRootWarning), "custom root warning is visible");
+
+    let securityView = document.getElementById("identity-popup-securityView");
+    let shown = BrowserTestUtils.waitForEvent(securityView, "ViewShown");
+    document.getElementById("identity-popup-security-expander").click();
+    await shown;
+
+    let subPanelInfo = document.getElementById("identity-popup-content-verifier-unknown");
+    ok(BrowserTestUtils.is_visible(subPanelInfo), "custom root warning in sub panel is visible");
+  });
+});
+
+// Also check that there are conditions where this isn't shown.
+add_task(async function test_http() {
+  await BrowserTestUtils.withNewTab("http://example.com", async function() {
+    let promisePanelOpen = BrowserTestUtils.waitForEvent(gIdentityHandler._identityPopup, "popupshown");
+    gIdentityHandler._identityBox.click();
+    await promisePanelOpen;
+    let customRootWarning = document.getElementById("identity-popup-security-decription-custom-root");
+    ok(BrowserTestUtils.is_hidden(customRootWarning), "custom root warning is hidden");
+
+    let securityView = document.getElementById("identity-popup-securityView");
+    let shown = BrowserTestUtils.waitForEvent(securityView, "ViewShown");
+    document.getElementById("identity-popup-security-expander").click();
+    await shown;
+
+    let subPanelInfo = document.getElementById("identity-popup-content-verifier-unknown");
+    ok(BrowserTestUtils.is_hidden(subPanelInfo), "custom root warning in sub panel is hidden");
+  });
+});

browser/base/content/test/siteIdentity/browser_identityPopup_focus.js

@@ -51,20 +51,24 @@ add_task(async function testSiteSecurityTabOrder() {
     EventUtils.sendString(" ");
     await shown;
 
-    // 3. First press of tab should focus the Back button.
-    let backButton = gIdentityHandler._identityPopup.querySelector(".subviewbutton-back");
-    // Wait for focus to move somewhere. We use focusin because focus doesn't bubble.
+    // 3. Custom root learn more info should be focused by default
+    // This is probably not present in real-world scenarios, but needs to be present in our test infrastructure.
+    let customRootLearnMore = document.getElementById("identity-popup-custom-root-learn-more");
+    is(Services.focus.focusedElement, customRootLearnMore, "learn more option for custom roots is focused");
+
+    // 4. First press of tab should move to the More Information button.
+    let moreInfoButton = document.getElementById("identity-popup-more-info");
     let focused = BrowserTestUtils.waitForEvent(gIdentityHandler._identityPopup, "focusin");
     EventUtils.sendKey("tab");
     await focused;
-    is(Services.focus.focusedElement, backButton);
+    is(Services.focus.focusedElement, moreInfoButton, "more info button is focused");
 
-    // 4. Second press of tab should move to the More Information button.
-    let moreInfoButton = document.getElementById("identity-popup-more-info");
+    // 5. Second press of tab should focus the Back button.
+    let backButton = gIdentityHandler._identityPopup.querySelector(".subviewbutton-back");
+    // Wait for focus to move somewhere. We use focusin because focus doesn't bubble.
     focused = BrowserTestUtils.waitForEvent(gIdentityHandler._identityPopup, "focusin");
     EventUtils.sendKey("tab");
     await focused;
-    isnot(Services.focus.focusedElement, backButton);
-    is(Services.focus.focusedElement, moreInfoButton);
+    is(Services.focus.focusedElement, backButton, "back button is focused");
   });
 });

browser/components/controlcenter/content/identityPanel.inc.xul

@@ -29,7 +29,7 @@
             <label class="identity-popup-headline">&identity.connection;</label>
           </label>
           <description class="identity-popup-connection-not-secure"
-                       when-connection="not-secure secure-cert-user-overridden">&identity.connectionNotSecure;</description>
+                       when-connection="not-secure secure-cert-user-overridden secure-custom-root">&identity.connectionNotSecure;</description>
           <description class="identity-popup-connection-secure"
                        when-connection="secure secure-ev">&identity.connectionSecure;</description>
           <description when-connection="chrome">&identity.connectionInternal;</description>
@@ -39,6 +39,9 @@
           <vbox id="identity-popup-security-descriptions">
             <description class="identity-popup-warning-gray"
                          when-mixedcontent="active-blocked">&identity.activeBlocked;</description>
+           <description  id="identity-popup-security-decription-custom-root"
+                         class="identity-popup-warning-gray"
+                         when-customroot="true">&identity.customRoot;</description>
             <description class="identity-popup-warning-yellow"
                          when-mixedcontent="passive-loaded">&identity.passiveLoaded;</description>
             <description when-mixedcontent="active-loaded">&identity.activeLoaded;</description>
@@ -183,6 +186,9 @@
                      when-connection="secure-ev"/>
         <description id="identity-popup-content-verifier"
                      when-connection="secure secure-ev secure-cert-user-overridden"/>
+        <description id="identity-popup-content-verifier-unknown"
+                     class="identity-popup-warning-gray"
+                     when-customroot="true">&identity.description.customRoot; <label id="identity-popup-custom-root-learn-more" is="text-link" class="plain" value="&identity.learnMore;"/></description>
 
         <!-- Remove Certificate Exception -->
         <button when-connection="secure-cert-user-overridden"

browser/locales/en-US/chrome/browser/browser.dtd

@@ -790,6 +790,7 @@ you can use these alternative items. Otherwise, their values should be empty.  -
 <!ENTITY identity.connectionInternal "This is a secure &brandShortName; page.">
 <!ENTITY identity.extensionPage "This page is loaded from an extension.">
 <!ENTITY identity.insecureLoginForms2 "Logins entered on this page could be compromised.">
+<!ENTITY identity.customRoot "Connection verified by a certificate issuer that is not recognized by Mozilla.">
 
 <!-- Strings for connection state warnings. -->
 <!ENTITY identity.activeBlocked "&brandShortName; has blocked parts of this page that are not secure.">
@@ -808,6 +809,7 @@ you can use these alternative items. Otherwise, their values should be empty.  -
 <!ENTITY identity.description.passiveLoaded3 "Although &brandShortName; has blocked some content, there is still content on the page that is not secure (such as images).">
 <!ENTITY identity.description.activeLoaded "This website contains content that is not secure (such as scripts) and your connection to it is not private.">
 <!ENTITY identity.description.activeLoaded2 "Information you share with this site could be viewed by others (like passwords, messages, credit cards, etc.).">
+<!ENTITY identity.description.customRoot "Mozilla does not recognize this certificate issuer. It may have been added from your operating system or by an administrator.">
 
 <!ENTITY identity.enableMixedContentBlocking.label "Enable protection">
 <!ENTITY identity.enableMixedContentBlocking.accesskey "E">

browser/themes/shared/controlcenter/panel.inc.css

@@ -5,7 +5,7 @@
 %endif
 
 /* Hide all conditional elements by default. */
-:-moz-any([when-connection],[when-mixedcontent],[when-ciphers],[when-loginforms]) {
+:-moz-any([when-connection],[when-customroot],[when-mixedcontent],[when-ciphers],[when-loginforms]) {
   display: none;
 }
 
@@ -24,6 +24,7 @@
 }
 
 /* Show the right elements for the right connection states. */
+#identity-popup[customroot=true] [when-customroot=true],
 #identity-popup[connection=not-secure] [when-connection~=not-secure],
 #identity-popup[connection=secure-cert-user-overridden] [when-connection~=secure-cert-user-overridden],
 #identity-popup[connection=secure-ev] [when-connection~=secure-ev],