mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1175702 - Implement mixed content states in the control center r=paolo

This commit is contained in:
Tim Taubert 2015-08-04 20:04:24 +02:00
Родитель 0d84a92357
Коммит 2d06faf7c4
9 изменённых файлов: 383 добавлений и 231 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

294
browser/base/content/browser.js
Просмотреть файл

@ -6678,12 +6678,10 @@ var gIdentityHandler = {
IDENTITY_MODE_MIXED_ACTIVE_BLOCKED : "verifiedDomain mixedContent mixedActiveBlocked", // SSL with unauthenticated active content blocked; no unauthenticated display content
IDENTITY_MODE_MIXED_ACTIVE_BLOCKED_IDENTIFIED : "verifiedIdentity mixedContent mixedActiveBlocked", // SSL with unauthenticated active content blocked; no unauthenticated display content
IDENTITY_MODE_CHROMEUI : "chromeUI", // Part of the product's UI
IDENTITY_MODE_FILE_URI : "fileURI", // File path
// Cache the most recent SSLStatus and Location seen in checkIdentity
_lastStatus : null,
_lastUri : null,
_mode : "unknownIdentity",
_isChromeUI: false,
_sslStatus: null,
_uri: null,
// smart getters
get _identityPopup () {
@ -6714,20 +6712,10 @@ var gIdentityHandler = {
return this._identityPopupContentVerif =
document.getElementById("identity-popup-content-verifier");
},
get _identityPopupSecurityContent () {
delete this._identityPopupSecurityContent;
return this._identityPopupSecurityContent =
document.getElementById("identity-popup-security-content");
},
get _identityPopupSecurityView () {
delete this._identityPopupSecurityView;
return this._identityPopupSecurityView =
document.getElementById("identity-popup-securityView");
},
get _identityPopupMainView () {
delete this._identityPopupMainView;
return this._identityPopupMainView =
document.getElementById("identity-popup-mainView");
get _identityPopupMixedContentLearnMore () {
delete this._identityPopupMixedContentLearnMore;
return this._identityPopupMixedContentLearnMore =
document.getElementById("identity-popup-mcb-learn-more");
},
get _identityIconLabel () {
delete this._identityIconLabel;
@ -6806,13 +6794,33 @@ var gIdentityHandler = {
}
},
disableMixedContentProtection() {
// Use telemetry to measure how often unblocking happens
const kMIXED_CONTENT_UNBLOCK_EVENT = 2;
let histogram =
Services.telemetry.getHistogramById(
"MIXED_CONTENT_UNBLOCK_COUNTER");
histogram.add(kMIXED_CONTENT_UNBLOCK_EVENT);
// Reload the page with the content unblocked
BrowserReloadWithFlags(
Ci.nsIWebNavigation.LOAD_FLAGS_ALLOW_MIXED_CONTENT);
this._identityPopup.hidePopup();
},
enableMixedContentProtection() {
gBrowser.selectedBrowser.messageManager.sendAsyncMessage(
"MixedContent:ReenableProtection", {});
BrowserReload();
this._identityPopup.hidePopup();
},
/**
* Helper to parse out the important parts of _lastStatus (of the SSL cert in
* Helper to parse out the important parts of _sslStatus (of the SSL cert in
* particular) for use in constructing identity UI strings
*/
getIdentityData : function() {
var result = {};
var status = this._lastStatus.QueryInterface(Components.interfaces.nsISSLStatus);
var status = this._sslStatus.QueryInterface(Ci.nsISSLStatus);
var cert = status.serverCert;
// Human readable name of Subject
@ -6848,68 +6856,58 @@ var gIdentityHandler = {
* @param nsIURI uri The address for which the UI should be updated.
*/
checkIdentity : function(state, uri) {
var currentStatus = gBrowser.securityUI
.QueryInterface(Components.interfaces.nsISSLStatusProvider)
.SSLStatus;
this._lastStatus = currentStatus;
this._lastUri = uri;
let nsIWebProgressListener = Ci.nsIWebProgressListener;
// For some URIs like data: we can't get a host and so can't do
// anything useful here.
let unknown = false;
try {
uri.host;
} catch (e) { unknown = true; }
// Chrome URIs however get special treatment. Some chrome URIs are
// whitelisted to provide a positive security signal to the user.
let whitelist = /^about:(accounts|addons|app-manager|config|crashes|customizing|downloads|healthreport|home|license|newaddon|permissions|preferences|privatebrowsing|rights|sessionrestore|support|welcomeback)/i;
let isChromeUI = uri.schemeIs("about") && whitelist.test(uri.spec);
let mode = this.IDENTITY_MODE_UNKNOWN;
if (isChromeUI) {
this.setMode(this.IDENTITY_MODE_CHROMEUI);
} else if (unknown) {
this.setMode(this.IDENTITY_MODE_UNKNOWN);
mode = this.IDENTITY_MODE_CHROMEUI;
} else if (state & nsIWebProgressListener.STATE_IDENTITY_EV_TOPLEVEL) {
if (state & nsIWebProgressListener.STATE_BLOCKED_MIXED_ACTIVE_CONTENT) {
this.setMode(this.IDENTITY_MODE_MIXED_ACTIVE_BLOCKED_IDENTIFIED);
mode = this.IDENTITY_MODE_MIXED_ACTIVE_BLOCKED_IDENTIFIED;
} else {
this.setMode(this.IDENTITY_MODE_IDENTIFIED);
mode = this.IDENTITY_MODE_IDENTIFIED;
}
} else if (state & nsIWebProgressListener.STATE_IS_SECURE) {
if (state & nsIWebProgressListener.STATE_BLOCKED_MIXED_ACTIVE_CONTENT) {
this.setMode(this.IDENTITY_MODE_MIXED_ACTIVE_BLOCKED);
mode = this.IDENTITY_MODE_MIXED_ACTIVE_BLOCKED;
} else {
this.setMode(this.IDENTITY_MODE_DOMAIN_VERIFIED);
mode = this.IDENTITY_MODE_DOMAIN_VERIFIED;
}
} else if (state & nsIWebProgressListener.STATE_IS_BROKEN) {
if (state & nsIWebProgressListener.STATE_LOADED_MIXED_ACTIVE_CONTENT) {
this.setMode(this.IDENTITY_MODE_MIXED_ACTIVE_LOADED);
mode = this.IDENTITY_MODE_MIXED_ACTIVE_LOADED;
} else if (state & nsIWebProgressListener.STATE_BLOCKED_MIXED_ACTIVE_CONTENT) {
this.setMode(this.IDENTITY_MODE_MIXED_DISPLAY_LOADED_ACTIVE_BLOCKED);
mode = this.IDENTITY_MODE_MIXED_DISPLAY_LOADED_ACTIVE_BLOCKED;
} else if (state & nsIWebProgressListener.STATE_LOADED_MIXED_DISPLAY_CONTENT) {
this.setMode(this.IDENTITY_MODE_MIXED_DISPLAY_LOADED);
mode = this.IDENTITY_MODE_MIXED_DISPLAY_LOADED;
} else {
this.setMode(this.IDENTITY_MODE_USES_WEAK_CIPHER);
}
} else {
// Create a channel for the sole purpose of getting the resolved URI
// of the request to determine if it's loaded from the file system.
let resolvedURI = NetUtil.newChannel({uri,loadUsingSystemPrincipal:true}).URI;
if (resolvedURI.schemeIs("jar")) {
// Given a URI "jar:<jar-file-uri>!/<jar-entry>"
// create a new URI using <jar-file-uri>!/<jar-entry>
resolvedURI = NetUtil.newURI(resolvedURI.path);
}
if (resolvedURI.schemeIs("file")) {
this.setMode(this.IDENTITY_MODE_FILE_URI);
} else {
this.setMode(this.IDENTITY_MODE_UNKNOWN);
mode = this.IDENTITY_MODE_USES_WEAK_CIPHER;
}
}
// We need those values later when populating the control center.
this._uri = uri;
this._state = state;
this._isChromeUI = isChromeUI;
this._sslStatus =
gBrowser.securityUI.QueryInterface(Ci.nsISSLStatusProvider).SSLStatus;
// Update the identity block.
if (this._identityBox) {
this._identityBox.className = mode;
this.refreshIdentityBlock(mode);
}
// NOTE: We do NOT update the identity popup (the control center) when
// we receive a new security state. If the user opened the popup and looks
// at the provided information we don't want to suddenly change the panel
// contents.
// Show the doorhanger when:
// - mixed active content is blocked
// - mixed active content is loaded (detected but not blocked)
@ -6961,46 +6959,22 @@ var gIdentityHandler = {
.getService(Ci.nsIIDNService);
try {
let baseDomain =
Services.eTLD.getBaseDomainFromHost(this._lastUri.host);
Services.eTLD.getBaseDomainFromHost(this._uri.host);
return this._IDNService.convertToDisplayIDN(baseDomain, {});
} catch (e) {
// If something goes wrong (e.g. host is an IP address) just fail back
// to the full domain.
return this._lastUri.host;
return this._uri.host;
}
},
/**
* Update the UI to reflect the specified mode, which should be one of the
* IDENTITY_MODE_* constants.
*/
setMode : function(newMode) {
if (!this._identityBox) {
// No identity box means the identity box is not visible, in which
// case there's nothing to do.
return;
}
this._identityPopup.className = newMode;
this._identityBox.className = newMode;
this.setIdentityMessages(newMode);
// Update the popup too, if it's open
if (this._identityPopup.state == "open") {
this.setPopupMessages(newMode);
this.updateSitePermissions();
}
this._mode = newMode;
},
/**
* Set up the messages for the primary identity UI based on the specified mode,
* and the details of the SSL cert, where applicable
*
* @param newMode The newly set identity mode. Should be one of the IDENTITY_MODE_* constants.
*/
setIdentityMessages : function(newMode) {
refreshIdentityBlock(newMode) {
let icon_label = "";
let tooltip = "";
let icon_country_label = "";
@ -7017,11 +6991,11 @@ var gIdentityHandler = {
[iData.caOrg]);
// This can't throw, because URI's with a host that throw don't end up in this case.
let host = this._lastUri.host;
let host = this._uri.host;
let port = 443;
try {
if (this._lastUri.port > 0)
port = this._lastUri.port;
if (this._uri.port > 0)
port = this._uri.port;
} catch (e) {}
if (this._overrideService.hasMatchingOverride(host, port, iData.cert, {}, {}))
@ -7070,15 +7044,78 @@ var gIdentityHandler = {
* Set up the title and content messages for the identity message popup,
* based on the specified mode, and the details of the SSL cert, where
* applicable
*
* @param newMode The newly set identity mode. Should be one of the IDENTITY_MODE_* constants.
*/
setPopupMessages : function(newMode) {
refreshIdentityPopup() {
// Update the "Learn More" hrefs for Mixed Content Blocking.
let baseURL = Services.urlFormatter.formatURLPref("app.support.baseURL");
let learnMoreHref = `${baseURL}mixed-content`;
this._identityPopupMixedContentLearnMore.setAttribute("href", learnMoreHref);
this._identityPopup.className = newMode;
this._identityPopupMainView.className = newMode;
this._identityPopupSecurityView.className = newMode;
this._identityPopupSecurityContent.className = newMode;
// Basic connection properties.
let isBroken = this._state & Ci.nsIWebProgressListener.STATE_IS_BROKEN;
let isSecure = this._state & Ci.nsIWebProgressListener.STATE_IS_SECURE;
let isEV = this._state & Ci.nsIWebProgressListener.STATE_IDENTITY_EV_TOPLEVEL;
// Determine connection security information.
let connection = "not-secure";
if (this._isChromeUI) {
connection = "chrome";
} else if (this._isURILoadedFromFile(this._uri)) {
connection = "file";
} else if (isEV) {
connection = "secure-ev";
} else if (isSecure) {
connection = "secure";
}
// Mixed content flags.
let isMixedActiveContentLoaded =
this._state & Ci.nsIWebProgressListener.STATE_LOADED_MIXED_ACTIVE_CONTENT;
let isMixedActiveContentBlocked =
this._state & Ci.nsIWebProgressListener.STATE_BLOCKED_MIXED_ACTIVE_CONTENT;
let isMixedPassiveContentLoaded =
this._state & Ci.nsIWebProgressListener.STATE_LOADED_MIXED_DISPLAY_CONTENT;
// Determine the mixed content state.
let mixedcontent = [];
if (isMixedPassiveContentLoaded) {
mixedcontent.push("passive-loaded");
}
if (isMixedActiveContentLoaded) {
mixedcontent.push("active-loaded");
} else if (isMixedActiveContentBlocked) {
mixedcontent.push("active-blocked");
}
mixedcontent = mixedcontent.join(" ");
// We have no specific flags for weak ciphers (yet). If a connection is
// broken and we can't detect any mixed active content loaded then it's
// a weak cipher.
let ciphers = "";
if (isBroken && !isMixedActiveContentLoaded) {
ciphers = "weak";
}
// Update all elements.
let elementIDs = [
"identity-popup",
"identity-popup-securityView-body",
];
function updateAttribute(elem, attr, value) {
if (value) {
elem.setAttribute(attr, value);
} else {
elem.removeAttribute(attr);
}
}
for (let id of elementIDs) {
let element = document.getElementById(id);
updateAttribute(element, "connection", connection);
updateAttribute(element, "ciphers", ciphers);
updateAttribute(element, "mixedcontent", mixedcontent);
}
// Initialize the optional strings to empty values
let supplemental = "";
@ -7092,19 +7129,18 @@ var gIdentityHandler = {
// Some URIs might have no hosts.
}
// Fallback for special protocols.
if (!host) {
// Fallback for special protocols.
host = this._lastUri.specIgnoringRef;
host = this._uri.specIgnoringRef;
}
switch (newMode) {
case this.IDENTITY_MODE_DOMAIN_VERIFIED:
case this.IDENTITY_MODE_MIXED_ACTIVE_BLOCKED:
// Fill in the CA name if we have a valid TLS certificate.
if (isSecure) {
verifier = this._identityBox.tooltipText;
break;
case this.IDENTITY_MODE_IDENTIFIED:
case this.IDENTITY_MODE_MIXED_ACTIVE_BLOCKED_IDENTIFIED: {
// If it's identified, then we can populate the dialog with credentials
}
// Fill in organization information if we have a valid EV certificate.
if (isEV) {
let iData = this.getIdentityData();
host = owner = iData.subjectOrg;
verifier = this._identityBox.tooltipText;
@ -7119,21 +7155,6 @@ var gIdentityHandler = {
supplemental += iData.state;
else if (iData.country) // Country only
supplemental += iData.country;
break;
}
case this.IDENTITY_MODE_UNKNOWN:
supplemental = gNavigatorBundle.getString("identity.not_secure");
break;
case this.IDENTITY_MODE_USES_WEAK_CIPHER:
supplemental = gNavigatorBundle.getString("identity.uses_weak_cipher");
break;
case this.IDENTITY_MODE_MIXED_DISPLAY_LOADED:
case this.IDENTITY_MODE_MIXED_DISPLAY_LOADED_ACTIVE_BLOCKED:
supplemental = gNavigatorBundle.getString("identity.mixed_display_loaded");
break;
case this.IDENTITY_MODE_MIXED_ACTIVE_LOADED:
supplemental = gNavigatorBundle.getString("identity.mixed_active_loaded2");
break;
}
// Push the appropriate strings out to the UI. Need to use |value| for the
@ -7144,8 +7165,31 @@ var gIdentityHandler = {
this._identityPopupContentSupp.textContent = supplemental;
this._identityPopupContentVerif.textContent = verifier;
// Hide subviews when updating panel information.
document.getElementById("identity-popup-multiView").showMainView();
// Update per-site permissions section.
this.updateSitePermissions();
},
_isURILoadedFromFile(uri) {
try {
uri.host;
// No internal/file URI if we have a host.
return false;
} catch (e) {
// All good, let's continue.
}
// Create a channel for the sole purpose of getting the resolved URI
// of the request to determine if it's loaded from the file system.
let chanOptions = {uri, loadUsingSystemPrincipal: true};
let resolvedURI = NetUtil.newChannel(chanOptions).URI;
if (resolvedURI.schemeIs("jar")) {
// Given a URI "jar:<jar-file-uri>!/<jar-entry>"
// create a new URI using <jar-file-uri>!/<jar-entry>
resolvedURI = NetUtil.newURI(resolvedURI.path);
}
// Check the URI again after resolving.
return resolvedURI.schemeIs("file");
},
/**
@ -7170,9 +7214,7 @@ var gIdentityHandler = {
this._identityPopup.hidden = false;
// Update the popup strings
this.setPopupMessages(this._identityBox.className);
this.updateSitePermissions();
this.refreshIdentityPopup();
// Add the "open" attribute to the identity box for styling
this._identityBox.setAttribute("open", "true");

124
browser/components/controlcenter/content/panel.inc.xul
Просмотреть файл

@ -10,7 +10,8 @@
orient="vertical">
<broadcasterset>
<broadcaster id="identity-popup-content-host" value=""/>
<broadcaster id="identity-popup-content-host" class="identity-popup-headline" crop="end"/>
<broadcaster id="identity-popup-mcb-learn-more" class="text-link plain" value="&identity.learnMore;"/>
</broadcasterset>
<panelmultiview id="identity-popup-multiView"
@ -18,39 +19,50 @@
<panelview id="identity-popup-mainView" flex="1">
<!-- Security Section -->
<hbox class="identity-popup-section">
<hbox id="identity-popup-security" class="identity-popup-section">
<vbox id="identity-popup-security-content" flex="1">
<label class="identity-popup-headline" crop="end">
<observes element="identity-popup-content-host" attribute="value"/>
</label>
<label class="identity-popup-connection-secure identity-popup-text"
value="&identity.connectionSecure;"/>
<label class="identity-popup-connection-not-secure identity-popup-text"
value="&identity.connectionNotSecure;"/>
<label class="identity-popup-connection-file-uri identity-popup-text"
value="&identity.connectionFile;"/>
<label class="identity-popup-connection-internal identity-popup-text"
value="&identity.connectionInternal;"/>
<label observes="identity-popup-content-host"/>
<description class="identity-popup-connection-not-secure"
value="&identity.connectionNotSecure;"
when-connection="not-secure"/>
<description class="identity-popup-connection-secure"
value="&identity.connectionSecure;"
when-connection="secure secure-ev"/>
<description value="&identity.connectionInternal;"
when-connection="chrome"/>
<description value="&identity.connectionFile;"
when-connection="file"/>
<vbox id="identity-popup-security-descriptions">
<description class="identity-popup-warning-gray"
when-mixedcontent="active-blocked">&identity.activeBlocked;</description>
<description class="identity-popup-warning-yellow"
when-mixedcontent="passive-loaded">&identity.passiveLoaded;</description>
<description when-mixedcontent="active-loaded">&identity.activeLoaded;</description>
<description class="identity-popup-warning-yellow"
when-ciphers="weak">&identity.weakEncryption;</description>
</vbox>
</vbox>
<button class="identity-popup-expander"
<button id="identity-popup-security-expander"
class="identity-popup-expander"
when-connection="not-secure secure secure-ev"
oncommand="gIdentityHandler.toggleSubView('security', this)"/>
</hbox>
<!-- Tracking Protection Section -->
<hbox id="tracking-protection-container" class="identity-popup-section">
<hbox id="tracking-protection-container"
class="identity-popup-section"
when-connection="not-secure secure secure-ev file">
<vbox id="tracking-protection-content" flex="1">
<description class="identity-popup-text identity-popup-headline"
<description class="identity-popup-headline"
crop="end"
value="&trackingProtection.title;" />
<label id="tracking-blocked"
class="identity-popup-text"
crop="end">&trackingProtection.detectedBlocked2;</label>
<label id="tracking-loaded"
class="identity-popup-text"
crop="end">&trackingProtection.detectedNotBlocked2;</label>
<label id="tracking-not-detected"
class="identity-popup-text"
crop="end">&trackingProtection.notDetected2;</label>
<button id="tracking-action-unblock"
@ -71,7 +83,7 @@
<!-- Permissions Section -->
<hbox id="identity-popup-permissions" class="identity-popup-section">
<vbox id="identity-popup-permissions-content" flex="1">
<label class="identity-popup-text identity-popup-headline"
<label class="identity-popup-headline"
value="&identity.permissions;"/>
<vbox id="identity-popup-permission-list"/>
</vbox>
@ -90,29 +102,63 @@
<!-- Security SubView -->
<panelview id="identity-popup-securityView" flex="1">
<vbox id="identity-popup-securityView-header">
<label class="identity-popup-headline" crop="end">
<observes element="identity-popup-content-host" attribute="value"/>
</label>
<label class="identity-popup-connection-secure identity-popup-text"
value="&identity.connectionSecure;"/>
<label class="identity-popup-connection-not-secure identity-popup-text"
value="&identity.connectionNotSecure;"/>
<label class="identity-popup-connection-file-uri identity-popup-text"
value="&identity.connectionFile;"/>
<label class="identity-popup-connection-internal identity-popup-text"
value="&identity.connectionInternal;"/>
<label observes="identity-popup-content-host"/>
<description class="identity-popup-connection-not-secure"
value="&identity.connectionNotSecure;"
when-connection="not-secure"/>
<description class="identity-popup-connection-secure"
value="&identity.connectionSecure;"
when-connection="secure secure-ev"/>
</vbox>
<description id="identity-popup-content-verifier"
class="identity-popup-text"/>
<vbox id="identity-popup-securityView-body">
<!-- (EV) Certificate Information -->
<description id="identity-popup-content-verified-by"
when-connection="secure-ev">&identity.connectionVerified;</description>
<description id="identity-popup-content-owner"
when-connection="secure-ev"
class="header"/>
<description id="identity-popup-content-supplemental"
when-connection="secure-ev"/>
<description id="identity-popup-content-verifier"
when-connection="secure secure-ev"/>
<description id="identity-popup-securityView-connection"
class="identity-popup-text">&identity.connectionVerified;</description>
<!-- Connection is Not Secure -->
<description when-connection="not-secure">&identity.description.insecure;</description>
<description id="identity-popup-content-owner"
class="identity-popup-text"/>
<description id="identity-popup-content-supplemental"
class="identity-popup-text"/>
<!-- Weak Cipher -->
<description when-ciphers="weak">&identity.description.weakCipher;</description>
<description class="identity-popup-warning-yellow"
when-ciphers="weak">&identity.description.weakCipher2;</description>
<!-- Active Mixed Content Blocked -->
<description class="identity-popup-warning-gray"
when-mixedcontent="active-blocked">&identity.description.activeBlocked; <label observes="identity-popup-mcb-learn-more"/></description>
<!-- Passive Mixed Content Loaded -->
<description when-mixedcontent="passive-loaded">&identity.description.passiveLoaded;</description>
<description class="identity-popup-warning-yellow"
when-mixedcontent="passive-loaded">&identity.description.passiveLoaded2; <label observes="identity-popup-mcb-learn-more"/></description>
<!-- Passive Mixed Content Loaded, Active Mixed Content Blocked -->
<description when-mixedcontent="passive-loaded active-blocked">&identity.description.passiveLoaded;</description>
<description when-mixedcontent="passive-loaded active-blocked"
class="identity-popup-warning-yellow">&identity.description.passiveLoaded3; <label observes="identity-popup-mcb-learn-more"/></description>
<!-- Active Mixed Content Blocking Disabled -->
<description when-mixedcontent="active-loaded">&identity.description.activeLoaded;</description>
<description when-mixedcontent="active-loaded">&identity.description.activeLoaded2;</description>
<!-- Buttons to enable/disable mixed content blocking. -->
<button when-mixedcontent="active-blocked"
label="&identity.disableMixedContentBlocking.label;"
accesskey="&identity.disableMixedContentBlocking.accesskey;"
oncommand="gIdentityHandler.disableMixedContentProtection()"/>
<button when-mixedcontent="active-loaded"
label="&identity.enableMixedContentBlocking.label;"
accesskey="&identity.enableMixedContentBlocking.accesskey;"
oncommand="gIdentityHandler.enableMixedContentProtection()"/>
</vbox>
</panelview>
</panelmultiview>
</panel>

23
browser/locales/en-US/chrome/browser/browser.dtd
Просмотреть файл

@ -689,6 +689,29 @@ you can use these alternative items. Otherwise, their values should be empty. -
<!ENTITY identity.connectionVerified "&brandShortName; verified that you are securely connected to this site, run by:">
<!ENTITY identity.connectionInternal "This is a secure &brandShortName; page.">
<!-- Strings for connection state warnings. -->
<!ENTITY identity.activeBlocked "&brandShortName; has blocked parts of this page that are not secure.">
<!ENTITY identity.passiveLoaded "Parts of this page are not secure (such as images).">
<!ENTITY identity.activeLoaded "You have disabled protection on this page.">
<!ENTITY identity.weakEncryption "This page uses weak encryption.">
<!-- Strings for connection state warnings in the subview. -->
<!ENTITY identity.description.insecure "Your connection to this site is not private. Information you submit could be viewed by others (like passwords, messages, credit cards, etc.).">
<!ENTITY identity.description.weakCipher "Your connection to this website uses weak encryption and is not private.">
<!ENTITY identity.description.weakCipher2 "Other people can view your information or modify the website's behavior.">
<!ENTITY identity.description.activeBlocked "&brandShortName; has blocked parts of this page that are not secure.">
<!ENTITY identity.description.passiveLoaded "Your connection is not private and information you share with the site could be viewed by others.">
<!ENTITY identity.description.passiveLoaded2 "This website contains content that is not secure (such as images).">
<!ENTITY identity.description.passiveLoaded3 "Although &brandShortName; has blocked some content, there is still content on the page that is not secure (such as images).">
<!ENTITY identity.description.activeLoaded "This website contains content that is not secure (such as scripts) and your connection to it is not private.">
<!ENTITY identity.description.activeLoaded2 "Information you share with this site could be viewed by others (like passwords, messages, credit cards, etc.).">
<!ENTITY identity.enableMixedContentBlocking.label "Enable protection">
<!ENTITY identity.enableMixedContentBlocking.accesskey "E">
<!ENTITY identity.disableMixedContentBlocking.label "Disable protection for now">
<!ENTITY identity.disableMixedContentBlocking.accesskey "D">
<!ENTITY identity.learnMore "Learn More">
<!ENTITY identity.moreInfoLinkText2 "More Information">
<!ENTITY identity.permissions "Permissions">

5
browser/locales/en-US/chrome/browser/browser.properties
Просмотреть файл

@ -329,11 +329,6 @@ identity.identified.verifier=Verified by: %S
identity.identified.verified_by_you=You have added a security exception for this site.
identity.identified.state_and_country=%S, %S
identity.not_secure=Your connection to this site is not private. Information you submit could be viewable to others (for example passwords, messages, credit cards, etc.).
identity.uses_weak_cipher=Your connection to this website uses weak encryption and is not private. Other people can view your information or modify the website's behavior.
identity.mixed_display_loaded=The connection to this website is not fully secure because it contains unencrypted elements (such as images).
identity.mixed_active_loaded2=This website contains interactive content that isn't encrypted (such as scripts). Other people can view your information or modify the website's behavior.
identity.unknown.tooltip=This website does not supply identity information.
trackingProtection.intro.title=How Tracking Protection works

9
browser/themes/osx/controlcenter/panel.css
Просмотреть файл

@ -21,20 +21,23 @@
#tracking-action-block,
#tracking-action-unblock,
#tracking-action-unblock-private {
#tracking-action-unblock-private,
#identity-popup-securityView-body > button {
@hudButton@
min-height: 30px;
}
#tracking-action-block:hover:active,
#tracking-action-unblock:hover:active,
#tracking-action-unblock-private:hover:active {
#tracking-action-unblock-private:hover:active,
#identity-popup-securityView-body > button:hover:active {
@hudButtonPressed@
}
#tracking-action-block:-moz-focusring,
#tracking-action-unblock:-moz-focusring,
#tracking-action-unblock-private:-moz-focusring {
#tracking-action-unblock-private:-moz-focusring,
#identity-popup-securityView-body > button:-moz-focusring {
@hudButtonFocused@
}

6
browser/themes/osx/jar.mn
Просмотреть файл

@ -195,8 +195,10 @@ browser.jar:
skin/classic/browser/controlcenter/conn-degraded.svg (../shared/controlcenter/conn-degraded.svg)
skin/classic/browser/controlcenter/mcb-disabled.svg (../shared/controlcenter/mcb-disabled.svg)
skin/classic/browser/controlcenter/permissions.svg (../shared/controlcenter/permissions.svg)
skin/classic/browser/controlcenter/tracking-protection.svg (../shared/controlcenter/tracking-protection.svg)
skin/classic/browser/controlcenter/tracking-protection-disabled.svg (../shared/controlcenter/tracking-protection-disabled.svg)
skin/classic/browser/controlcenter/tracking-protection.svg (../shared/controlcenter/tracking-protection.svg)
skin/classic/browser/controlcenter/tracking-protection-disabled.svg (../shared/controlcenter/tracking-protection-disabled.svg)
skin/classic/browser/controlcenter/warning-gray.svg (../shared/controlcenter/warning-gray.svg)
skin/classic/browser/controlcenter/warning-yellow.svg (../shared/controlcenter/warning-yellow.svg)
skin/classic/browser/customizableui/background-noise-toolbar.png (customizableui/background-noise-toolbar.png)
skin/classic/browser/customizableui/customize-titleBar-toggle.png (customizableui/customize-titleBar-toggle.png)
skin/classic/browser/customizableui/customize-titleBar-toggle@2x.png (customizableui/customize-titleBar-toggle@2x.png)

135
browser/themes/shared/controlcenter/panel.inc.css
Просмотреть файл

@ -1,33 +1,39 @@
/* Show the organization name only for EV certs. */
#identity-popup-securityView:not(.verifiedIdentity) > #identity-popup-content-owner,
#identity-popup-securityView:not(.verifiedIdentity) > #identity-popup-securityView-connection,
/* Show the "Verified by" label only for DV and EV certs. */
#identity-popup-securityView:not(.verifiedIdentity):not(.verifiedDomain) > #identity-popup-content-verifier,
/* Show a longer explanation for non-secure sites, mixed content, and weak
connection security. Show the organization address for EV certs. */
#identity-popup-securityView:not(.unknownIdentity):not(.verifiedIdentity):not(.mixedContent):not(.weakCipher) > #identity-popup-content-supplemental,
/* Show the "Connection is secure" labels only for EV and DV certs. */
#identity-popup-security-content:not(.verifiedIdentity):not(.verifiedDomain) > .identity-popup-connection-secure,
#identity-popup-securityView:not(.verifiedIdentity):not(.verifiedDomain) > #identity-popup-securityView-header > .identity-popup-connection-secure,
/* Show the "Connection is not secure" labels only for non-secure sites. */
#identity-popup-security-content:not(.unknownIdentity) > .identity-popup-connection-not-secure,
#identity-popup-securityView:not(.unknownIdentity) > #identity-popup-securityView-header > .identity-popup-connection-not-secure,
/* Show "This page is stored on your computer" only for file URLs. */
#identity-popup-security-content:not(.fileURI) > .identity-popup-connection-file-uri,
#identity-popup-securityView:not(.fileURI) > #identity-popup-securityView-header > .identity-popup-connection-file-uri,
/* Show "This is a secure internal page" only for whitelisted pages. */
#identity-popup-securityView:not(.chromeUI) > #identity-popup-securityView-header > .identity-popup-connection-internal,
#identity-popup-security-content:not(.chromeUI) > .identity-popup-connection-internal,
/* Hide the subsection arrow for whitelisted chromeUI pages. */
#identity-popup-security-content.chromeUI + .identity-popup-expander,
/* Hide the subsection arrow for whitelisted file URI pages. */
#identity-popup-security-content.fileURI + .identity-popup-expander,
/* Hide the tracking protection section for whitelisted chromeUI pages. */
#identity-popup-mainView.chromeUI > #tracking-protection-container {
%if 0
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
%endif
/* Hide all conditional elements by default. */
:-moz-any([when-connection],[when-mixedcontent],[when-ciphers]) {
display: none;
}
/* PANEL */
/* Show the right elements for the right connection states. */
#identity-popup[connection=not-secure] [when-connection~=not-secure],
#identity-popup[connection=secure-ev] [when-connection~=secure-ev],
#identity-popup[connection=secure] [when-connection~=secure],
#identity-popup[connection=chrome] [when-connection~=chrome],
#identity-popup[connection=file] [when-connection~=file],
/* Show weak cipher messages when needed. */
#identity-popup[ciphers=weak]:not([mixedcontent]) [when-ciphers~=weak],
/* Show mixed content warnings when needed */
#identity-popup[mixedcontent~=active-loaded] [when-mixedcontent=active-loaded],
#identity-popup[mixedcontent~=passive-loaded]:not([mixedcontent~=active-loaded]) [when-mixedcontent=passive-loaded],
#identity-popup[mixedcontent~=active-blocked]:not([mixedcontent~=passive-loaded]) [when-mixedcontent=active-blocked],
/* Show the right elements when there is mixed passive content loaded and active blocked. */
#identity-popup[mixedcontent~=active-blocked][mixedcontent~=passive-loaded] [when-mixedcontent~=active-blocked][when-mixedcontent~=passive-loaded],
/* Show 'disable MCB' button always when there is mixed active content blocked. */
#identity-popup-securityView-body[mixedcontent~=active-blocked] > button[when-mixedcontent=active-blocked] {
display: inherit;
}
/* Hide 'not secure' message in subview when weak cipher or mixed content messages are shown. */
#identity-popup-securityView-body:-moz-any([mixedcontent],[ciphers]) > description[when-connection=not-secure],
/* Hide 'passive-loaded (only)' message when there is mixed passive content loaded and active blocked. */
#identity-popup-securityView-body[mixedcontent~=passive-loaded][mixedcontent~=active-blocked] > description[when-mixedcontent=passive-loaded] {
display: none;
}
#identity-popup,
#identity-popup:not([panelopen]) .panel-viewstack[viewtype="main"]:not([transitioning]) #identity-popup-mainView {
@ -143,7 +149,11 @@
/* CONTENT */
.identity-popup-text {
#identity-popup-security-content > description,
#identity-popup-security-descriptions > description,
#identity-popup-securityView-header > description,
#identity-popup-securityView-body > description,
#tracking-protection-content > label {
white-space: pre-wrap;
font-size: 110%;
margin: 0;
@ -154,12 +164,18 @@
font-size: 150%;
}
/* SECURITY */
#identity-popup-securityView > .identity-popup-text:not(#identity-popup-content-owner) {
margin: 2px 0 4px;
.identity-popup-warning-gray {
-moz-padding-start: 24px;
background: url(chrome://browser/skin/controlcenter/warning-gray.svg) no-repeat 0 50%;
}
.identity-popup-warning-yellow {
-moz-padding-start: 24px;
background: url(chrome://browser/skin/controlcenter/warning-yellow.svg) no-repeat 0 50%;
}
/* SECURITY */
.identity-popup-connection-secure {
color: #418220;
}
@ -168,12 +184,6 @@
color: #d74345;
}
#identity-popup-security-content.chromeUI {
background-image: url(chrome://branding/content/icon48.png);
}
/* SECURITY SUBVIEW */
#identity-popup-securityView {
padding-bottom: 2em;
overflow: hidden;
@ -184,46 +194,59 @@
background-image: url(chrome://browser/skin/controlcenter/conn-not-secure.svg);
}
#identity-popup-securityView.verifiedDomain,
#identity-popup-securityView.verifiedIdentity,
#identity-popup-security-content.verifiedDomain,
#identity-popup-security-content.verifiedIdentity {
#identity-popup[connection=chrome] #identity-popup-securityView,
#identity-popup[connection=chrome] #identity-popup-security-content {
background-image: url(chrome://branding/content/icon48.png);
}
#identity-popup[connection^=secure] #identity-popup-securityView,
#identity-popup[connection^=secure] #identity-popup-security-content {
background-image: url(chrome://browser/skin/controlcenter/conn-secure.svg);
}
#identity-popup-securityView.weakCipher,
#identity-popup-securityView.mixedDisplayContent,
#identity-popup-securityView.mixedDisplayContentLoadedActiveBlocked,
#identity-popup-security-content.weakCipher,
#identity-popup-security-content.mixedDisplayContent,
#identity-popup-security-content.mixedDisplayContentLoadedActiveBlocked {
#identity-popup[ciphers=weak] #identity-popup-securityView,
#identity-popup[ciphers=weak] #identity-popup-security-content,
#identity-popup[mixedcontent~=passive-loaded] #identity-popup-securityView,
#identity-popup[mixedcontent~=passive-loaded] #identity-popup-security-content {
background-image: url(chrome://browser/skin/controlcenter/conn-degraded.svg);
}
#identity-popup-securityView.mixedActiveContent,
#identity-popup-security-content.mixedActiveContent {
#identity-popup[mixedcontent~=active-loaded] #identity-popup-securityView,
#identity-popup[mixedcontent~=active-loaded] #identity-popup-security-content {
background-image: url(chrome://browser/skin/controlcenter/mcb-disabled.svg);
}
#identity-popup-security-descriptions > description {
margin-top: 6px;
color: Graytext;
}
#identity-popup-securityView-header {
border-bottom: 1px solid var(--panel-separator-color);
padding-bottom: 1em;
margin-bottom: 1em;
}
#identity-popup-content-owner {
font-weight: 700;
#identity-popup-securityView-body {
-moz-padding-end: 1em;
}
#identity-popup-content-verifier {
#identity-popup-content-verifier ~ description {
margin-top: 1em;
color: Graytext;
}
#identity-popup-content-owner,
#identity-popup-securityView > #identity-popup-securityView-connection.identity-popup-text {
description#identity-popup-content-verified-by,
description#identity-popup-content-owner,
description#identity-popup-content-verifier,
#identity-popup-securityView-body > button {
margin-top: 1em;
}
#identity-popup-securityView-body > button {
margin-inline-start: 0;
margin-inline-end: 0;
}
/* TRACKING PROTECTION */
#tracking-protection-content {

9
browser/themes/shared/controlcenter/warning-gray.svg Normal file
Просмотреть файл

@ -0,0 +1,9 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this
- file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"
width="16" height="16" viewBox="0 0 16 16">
<path fill="#808080" d="M14.8,12.5L9.3,1.9C9,1.3,8.5,1,8,1C7.5,1,7,1.3,6.7,1.9L1.2,12.5c-0.3,0.6-0.3,1.2,0,1.7C1.5,14.7,2,15,2.6,15h10.8 c0.6,0,1.1-0.3,1.4-0.8C15.1,13.7,15.1,13.1,14.8,12.5z"/>
<path fill="#fff" d="M8,11c-0.8,0-1.5,0.7-1.5,1.5C6.5,13.3,7.2,14,8,14 c0.8,0,1.5-0.7,1.5-1.5C9.5,11.7,8.8,11,8,11z M8,10L8,10C8.6,10,9,9.6,9,9l0.2-4.2c0-0.7-0.5-1.2-1.2-1.2S6.8,4.1,6.8,4.8L7,9 C7,9.6,7.4,10,8,10z"/>
</svg>
Режим "рядом"

После

Ширина:  |  Высота:  |  Размер: 805 B

9
browser/themes/shared/controlcenter/warning-yellow.svg Normal file
Просмотреть файл

@ -0,0 +1,9 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this
- file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"
width="16" height="16" viewBox="0 0 16 16">
<path fill="#ffbf00" d="M14.8,12.5L9.3,1.9C9,1.3,8.5,1,8,1C7.5,1,7,1.3,6.7,1.9L1.2,12.5c-0.3,0.6-0.3,1.2,0,1.7C1.5,14.7,2,15,2.6,15h10.8 c0.6,0,1.1-0.3,1.4-0.8C15.1,13.7,15.1,13.1,14.8,12.5z"/>
<path fill="#fff" d="M8,11c-0.8,0-1.5,0.7-1.5,1.5C6.5,13.3,7.2,14,8,14 c0.8,0,1.5-0.7,1.5-1.5C9.5,11.7,8.8,11,8,11z M8,10L8,10C8.6,10,9,9.6,9,9l0.2-4.2c0-0.7-0.5-1.2-1.2-1.2S6.8,4.1,6.8,4.8L7,9 C7,9.6,7.4,10,8,10z"/>
</svg>
Режим "рядом"

После

Ширина:  |  Высота:  |  Размер: 805 B