зеркало из https://github.com/mozilla/gecko-dev.git
Merge mozilla-inbound to mozilla-central. a=merge
This commit is contained in:
Коммит
69f9d5002c
|
@ -26,6 +26,8 @@ XPCOMUtils.defineLazyGetter(this, "gBrandBundle", function() {
|
|||
});
|
||||
XPCOMUtils.defineLazyPreferenceGetter(this, "newErrorPagesEnabled",
|
||||
"browser.security.newcerterrorpage.enabled");
|
||||
XPCOMUtils.defineLazyPreferenceGetter(this, "mitmErrorPageEnabled",
|
||||
"browser.security.newcerterrorpage.mitm.enabled");
|
||||
XPCOMUtils.defineLazyGetter(this, "gNSSErrorsBundle", function() {
|
||||
return Services.strings.createBundle("chrome://pipnss/locale/nsserrors.properties");
|
||||
});
|
||||
|
@ -124,8 +126,18 @@ class NetErrorChild extends ActorChild {
|
|||
|
||||
if (input.data.certIsUntrusted) {
|
||||
switch (input.data.code) {
|
||||
// We only want to measure MitM rates for now. Treat it as unkown issuer.
|
||||
case MOZILLA_PKIX_ERROR_MITM_DETECTED:
|
||||
if (newErrorPagesEnabled && mitmErrorPageEnabled) {
|
||||
let brandName = gBrandBundle.GetStringFromName("brandShortName");
|
||||
msg1 = gPipNSSBundle.GetStringFromName("certErrorMitM");
|
||||
msg1 += "\n\n";
|
||||
msg1 += gPipNSSBundle.formatStringFromName("certErrorMitM2", [brandName], 1);
|
||||
msg1 += "\n\n";
|
||||
msg1 += gPipNSSBundle.formatStringFromName("certErrorMitM3", [brandName], 1);
|
||||
msg1 += "\n";
|
||||
break;
|
||||
}
|
||||
// If the condition is false, fall through...
|
||||
case SEC_ERROR_UNKNOWN_ISSUER:
|
||||
let brandName = gBrandBundle.GetStringFromName("brandShortName");
|
||||
if (newErrorPagesEnabled) {
|
||||
|
@ -410,6 +422,39 @@ class NetErrorChild extends ActorChild {
|
|||
updateContainerPosition();
|
||||
break;
|
||||
case MOZILLA_PKIX_ERROR_MITM_DETECTED:
|
||||
if (newErrorPagesEnabled && mitmErrorPageEnabled) {
|
||||
// We don't actually know what the MitM is called (since we don't
|
||||
// maintain a list), so we'll try and display the common name of the
|
||||
// root issuer to the user. In the worst case they are as clueless as
|
||||
// before, in the best case this gives them an actionable hint.
|
||||
// This may be revised in the future.
|
||||
let {securityInfo} = docShell.failedChannel;
|
||||
securityInfo.QueryInterface(Ci.nsITransportSecurityInfo);
|
||||
let mitmName = null;
|
||||
for (let cert of securityInfo.failedCertChain.getEnumerator()) {
|
||||
mitmName = cert.issuerCommonName;
|
||||
}
|
||||
for (let span of doc.querySelectorAll(".mitm-name")) {
|
||||
span.textContent = mitmName;
|
||||
}
|
||||
|
||||
learnMoreLink.href = baseURL + "security-error";
|
||||
|
||||
let title = doc.getElementById("et_mitm");
|
||||
let desc = doc.getElementById("ed_mitm");
|
||||
doc.querySelector(".title-text").textContent = title.textContent;
|
||||
// eslint-disable-next-line no-unsanitized/property
|
||||
doc.getElementById("errorShortDescText").innerHTML = desc.innerHTML;
|
||||
|
||||
// eslint-disable-next-line no-unsanitized/property
|
||||
es.innerHTML = errWhatToDo.innerHTML;
|
||||
// eslint-disable-next-line no-unsanitized/property
|
||||
est.innerHTML = errWhatToDoTitle.innerHTML;
|
||||
|
||||
updateContainerPosition();
|
||||
break;
|
||||
}
|
||||
// If the condition is false, fall through...
|
||||
case MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT:
|
||||
learnMoreLink.href = baseURL + "security-error";
|
||||
break;
|
||||
|
|
|
@ -956,8 +956,10 @@ pref("security.alternate_certificate_error_page", "certerror");
|
|||
// Enable the new certificate error pages.
|
||||
#ifdef EARLY_BETA_OR_EARLIER
|
||||
pref("browser.security.newcerterrorpage.enabled", true);
|
||||
pref("browser.security.newcerterrorpage.mitm.enabled", true);
|
||||
#else
|
||||
pref("browser.security.newcerterrorpage.enabled", false);
|
||||
pref("browser.security.newcerterrorpage.mitm.enabled", false);
|
||||
#endif
|
||||
|
||||
pref("security.certerrors.recordEventTelemetry", true);
|
||||
|
|
|
@ -68,6 +68,7 @@
|
|||
<h1 id="et_sslv3Used">&sslv3Used.title;</h1>
|
||||
<h1 id="et_inadequateSecurityError">&inadequateSecurityError.title;</h1>
|
||||
<h1 id="et_blockedByPolicy">&blockedByPolicy.title;</h1>
|
||||
<h1 id="et_mitm">&certerror.mitm.title;</h1>
|
||||
<h1 id="et_clockSkewError">&clockSkewError.title;</h1>
|
||||
<h1 id="et_networkProtocolError">&networkProtocolError.title;</h1>
|
||||
</div>
|
||||
|
@ -96,6 +97,7 @@
|
|||
<div id="ed_nssBadCert">&certerror.introPara2;</div>
|
||||
<div id="ed_nssBadCert_sts">&certerror.sts.introPara;</div>
|
||||
<div id="ed_nssBadCert_SEC_ERROR_EXPIRED_CERTIFICATE">&certerror.expiredCert.introPara;</div>
|
||||
<div id="ed_mitm">&certerror.mitm.longDesc;</div>
|
||||
<div id="ed_cspBlocked">&cspBlocked.longDesc;</div>
|
||||
<div id="ed_remoteXUL">&remoteXUL.longDesc;</div>
|
||||
<div id="ed_corruptedContentErrorv2">&corruptedContentErrorv2.longDesc;</div>
|
||||
|
@ -119,11 +121,19 @@
|
|||
<div id="es_nssBadCert_MOZILLA_PKIX_ERROR_NOT_YET_VALID_CERTIFICATE">&certerror.expiredCert.whatCanYouDoAboutIt2;</div>
|
||||
<div id="es_nssBadCert_MOZILLA_PKIX_ERROR_NOT_YET_VALID_ISSUER_CERTIFICATE">&certerror.expiredCert.whatCanYouDoAboutIt2;</div>
|
||||
<div id="es_nssBadCert_SSL_ERROR_BAD_CERT_DOMAIN">&certerror.badCertDomain.whatCanYouDoAboutIt;</div>
|
||||
<div id="es_nssBadCert_MOZILLA_PKIX_ERROR_MITM_DETECTED">
|
||||
<ul>
|
||||
<li>&certerror.mitm.whatCanYouDoAboutIt1;</li>
|
||||
<li>&certerror.mitm.whatCanYouDoAboutIt2;</li>
|
||||
<li id="mitmWhatCanYouDoAboutIt3">&certerror.mitm.whatCanYouDoAboutIt3;</li>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
<!-- Stores an alternative text for when we don't want to add "Recommended" to the
|
||||
return button. This is one of many l10n atrocities in this file and should be
|
||||
removed when we finally switch to Fluent. -->
|
||||
<span id="stsReturnButtonText">&returnToPreviousPage.label;</span>
|
||||
<span id="stsMitmWhatCanYouDoAboutIt3">&certerror.mitm.sts.whatCanYouDoAboutIt3;</span>
|
||||
</div>
|
||||
|
||||
<!-- PAGE CONTAINER (for styling purposes only) -->
|
||||
|
|
|
@ -134,6 +134,11 @@ function disallowCertOverridesIfNeeded() {
|
|||
let stsReturnButtonText = document.getElementById("stsReturnButtonText").textContent;
|
||||
document.getElementById("returnButton").textContent = stsReturnButtonText;
|
||||
document.getElementById("advancedPanelReturnButton").textContent = stsReturnButtonText;
|
||||
|
||||
let stsMitmWhatCanYouDoAboutIt3 =
|
||||
document.getElementById("stsMitmWhatCanYouDoAboutIt3").innerHTML;
|
||||
// eslint-disable-next-line no-unsanitized/property
|
||||
document.getElementById("mitmWhatCanYouDoAboutIt3").innerHTML = stsMitmWhatCanYouDoAboutIt3;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -48,6 +48,18 @@ let gWhitelist = [{
|
|||
file: "netError.dtd",
|
||||
key: "clockSkewError.longDesc",
|
||||
type: "single-quote",
|
||||
}, {
|
||||
file: "netError.dtd",
|
||||
key: "certerror.mitm.longDesc",
|
||||
type: "single-quote",
|
||||
}, {
|
||||
file: "netError.dtd",
|
||||
key: "certerror.mitm.whatCanYouDoAboutIt3",
|
||||
type: "single-quote",
|
||||
}, {
|
||||
file: "netError.dtd",
|
||||
key: "certerror.mitm.sts.whatCanYouDoAboutIt3",
|
||||
type: "single-quote",
|
||||
}, {
|
||||
file: "phishing-afterload-warning-message.dtd",
|
||||
key: "safeb.palm.advisory.desc2",
|
||||
|
|
|
@ -234,6 +234,13 @@ certificate.">
|
|||
|
||||
<!ENTITY blockedByPolicy.title "Blocked Page">
|
||||
|
||||
<!ENTITY certerror.mitm.title "Software is Preventing &brandShortName; From Safely Connecting to This Site">
|
||||
<!ENTITY certerror.mitm.longDesc "<span class='hostname'></span> is most likely a safe site, but a secure connection could not be established. This issue is caused by <span class='mitm-name'/>, which is either software on your computer or your network.">
|
||||
<!ENTITY certerror.mitm.whatCanYouDoAboutIt1 "If your antivirus software includes a feature that scans encrypted connections (often called “web scanning” or “https scanning”), you can disable that feature. If that doesn’t work, you can remove and reinstall the antivirus software.">
|
||||
<!ENTITY certerror.mitm.whatCanYouDoAboutIt2 "If you are on a corporate network, you can contact your IT department.">
|
||||
<!ENTITY certerror.mitm.whatCanYouDoAboutIt3 "If you are not familiar with <span class='mitm-name'/>, then this could be an attack and you should not continue to the site.">
|
||||
<!ENTITY certerror.mitm.sts.whatCanYouDoAboutIt3 "If you are not familiar with <span class='mitm-name'/>, then this could be an attack, and there is nothing you can do to access the site.">
|
||||
|
||||
<!ENTITY clockSkewError.title "Your Computer Clock is Wrong">
|
||||
<!ENTITY clockSkewError.longDesc "Your computer thinks it is <span id='wrongSystemTime_systemDate1'/>, which prevents &brandShortName; from connecting securely. To visit <span class='hostname'></span>, update your computer clock in your system settings to the current date, time, and time zone, and then refresh <span class='hostname'></span>.">
|
||||
|
||||
|
|
|
@ -145,7 +145,8 @@ body:not(:-moz-any(.clockSkewError,.badStsCert,.neterror)) #advancedButton {
|
|||
margin-top: 1em;
|
||||
}
|
||||
|
||||
span#hostname {
|
||||
.mitm-name,
|
||||
#hostname {
|
||||
font-weight: bold;
|
||||
}
|
||||
|
||||
|
|
|
@ -269,6 +269,7 @@ class App extends Component<Props, State> {
|
|||
vert={horizontal}
|
||||
onResizeEnd={num => {
|
||||
prefs.endPanelSize = num;
|
||||
this.triggerEditorPaneResize();
|
||||
}}
|
||||
startPanel={
|
||||
<SplitBox
|
||||
|
@ -293,7 +294,6 @@ class App extends Component<Props, State> {
|
|||
/>
|
||||
}
|
||||
endPanelCollapsed={endPanelCollapsed}
|
||||
onResizeEnd={this.triggerEditorPaneResize}
|
||||
/>
|
||||
);
|
||||
};
|
||||
|
|
|
@ -325,7 +325,7 @@ fuzzy-if(/^Windows\x20NT\x2010\.0/.test(http.oscpu)||skiaContent,0-1,0-10000) ==
|
|||
|
||||
fuzzy-if(Android,0-8,0-200) == outer-svg-border-and-padding-01.svg outer-svg-border-and-padding-01-ref.svg
|
||||
|
||||
fuzzy(0-16,0-193) fuzzy-if(skiaContent,0-7,0-175) fuzzy-if(webrender,54-54,124-124) == outline.html outline-ref.html # Bug 1392106, Bug 1503525
|
||||
fuzzy(0-16,0-193) fuzzy-if(skiaContent,0-7,0-193) fuzzy-if(webrender,54-54,124-124) == outline.html outline-ref.html # Bug 1392106, Bug 1503525
|
||||
|
||||
== overflow-on-outer-svg-01.svg overflow-on-outer-svg-01-ref.svg
|
||||
== overflow-on-outer-svg-02a.xhtml overflow-on-outer-svg-02-ref.xhtml
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
<link rel="author" title="Daniel Holbert" href="mailto:dholbert@mozilla.com">
|
||||
<link rel="help" href="https://drafts.csswg.org/css-contain/#containment-layout">
|
||||
<link rel="help" href="https://drafts.csswg.org/css-flexbox-1/#valdef-align-items-baseline">
|
||||
<link rel="match" href="contain-layout-suppress-baseline-001-ref.html">
|
||||
<link rel="match" href="contain-layout-suppress-baseline-002-ref.html">
|
||||
<style>
|
||||
.flexBaselineCheck {
|
||||
display: flex;
|
||||
|
|
|
@ -709,7 +709,7 @@ VARCACHE_PREF(
|
|||
)
|
||||
|
||||
// Are -moz-prefixed gradient functions enabled?
|
||||
#ifdef EARLY_BETA_OR_EARLIER
|
||||
#ifdef NIGHTLY_BUILD
|
||||
# define PREF_VALUE false
|
||||
#else
|
||||
# define PREF_VALUE true
|
||||
|
|
|
@ -291,6 +291,12 @@ certErrorExpiredNow2=Websites prove their identity via certificates, which are v
|
|||
certErrorNotYetValidNow=The certificate will not be valid until %1$S. The current time is %2$S.
|
||||
certErrorNotYetValidNow2=Websites prove their identity via certificates, which are valid for a set time period. The certificate for %S appears to be not yet valid.
|
||||
|
||||
certErrorMitM=Websites prove their identity via certificates, which are issued by certificate authorities.
|
||||
# LOCALIZATION NOTE (certErrorMitM2): %S is brandShortName
|
||||
certErrorMitM2=%S is backed by the non-profit Mozilla, which administers a completely open certificate authority (CA) store. The CA store helps ensure that certificate authorities are following best practices for user security.
|
||||
# LOCALIZATION NOTE (certErrorMitM3): %S is brandShortName
|
||||
certErrorMitM3=%S uses the Mozilla CA store to verify that a connection is secure, rather than certificates supplied by the user’s operating system. So, if an antivirus program or a network is intercepting a connection with a security certificate issued by a CA that is not in the Mozilla CA store, the connection is considered unsafe.
|
||||
|
||||
# LOCALIZATION NOTE (certErrorSymantecDistrustDescription1): %S will be replaced by the domain for which the certificate is valid.
|
||||
certErrorSymantecDistrustDescription1=Websites prove their identity via certificates, which are issued by certificate authorities. Most browsers no longer trust certificates issued by GeoTrust, RapidSSL, Symantec, Thawte, and VeriSign. %S uses a certificate from one of these authorities and so the website’s identity cannot be proven.
|
||||
certErrorSymantecDistrustAdministrator=You may notify the website’s administrator about this problem.
|
||||
|
|
|
@ -63,14 +63,19 @@ To create a new callback action you must create a file
|
|||
The arguments are:
|
||||
``parameters``
|
||||
an instance of ``taskgraph.parameters.Parameters``, carrying decision task parameters from the original decision task.
|
||||
|
||||
``graph_config``
|
||||
an instance of ``taskgraph.config.GraphConfig``, carrying configuration for this tree
|
||||
|
||||
``input``
|
||||
the input from the user triggering the action (if any)
|
||||
|
||||
``task_group_id``
|
||||
the target task group on which this action should operate
|
||||
|
||||
``task_id``
|
||||
the target task on which this action should operate (or None if it is operating on the whole group)
|
||||
|
||||
``task``
|
||||
the definition of the target task (or None, as for ``task_id``)
|
||||
|
||||
|
|
|
@ -42,7 +42,7 @@ run_on_hg_branches
|
|||
|
||||
On a given project, the mercurial branch where this task should be in the target
|
||||
task set. This is how requirements like "only run this RELBRANCH" get implemented.
|
||||
These are either the regular expression of a branch (e.g.: "GECKOVIEW_\d+_RELBRANCH")
|
||||
These are either the regular expression of a branch (e.g.: ``GECKOVIEW_\d+_RELBRANCH``)
|
||||
or the following alias:
|
||||
|
||||
* `all` -- everywhere (the default)
|
||||
|
|
|
@ -288,7 +288,7 @@ release-notify-promote
|
|||
Notify when a release has been promoted.
|
||||
|
||||
release-notify-started
|
||||
-------------------
|
||||
----------------------
|
||||
Notify when a release has been started.
|
||||
|
||||
release-bouncer-sub
|
||||
|
|
|
@ -149,7 +149,8 @@ class CheckTestCompleteParser(OutputParser):
|
|||
levels=TBPL_WORST_LEVEL_TUPLE)
|
||||
|
||||
# Account for the possibility that no test summary was output.
|
||||
if self.pass_count == 0 and self.fail_count == 0:
|
||||
if (self.pass_count == 0 and self.fail_count == 0 and
|
||||
os.environ.get('TRY_SELECTOR') != 'coverage'):
|
||||
self.error('No tests run or test summary not found')
|
||||
self.tbpl_status = self.worst_level(TBPL_WARNING, self.tbpl_status,
|
||||
levels=TBPL_WORST_LEVEL_TUPLE)
|
||||
|
|
|
@ -6,6 +6,7 @@
|
|||
# ***** END LICENSE BLOCK *****
|
||||
|
||||
import re
|
||||
import os
|
||||
|
||||
from mozharness.mozilla.testing.errors import TinderBoxPrintRe
|
||||
from mozharness.base.log import OutputParser, WARNING, INFO, CRITICAL, ERROR
|
||||
|
@ -202,8 +203,9 @@ class DesktopUnittestOutputParser(OutputParser):
|
|||
levels=TBPL_WORST_LEVEL_TUPLE)
|
||||
|
||||
# Account for the possibility that no test summary was output.
|
||||
if self.pass_count <= 0 and self.fail_count <= 0 and \
|
||||
(self.known_fail_count is None or self.known_fail_count <= 0):
|
||||
if (self.pass_count <= 0 and self.fail_count <= 0 and
|
||||
(self.known_fail_count is None or self.known_fail_count <= 0) and
|
||||
os.environ.get('TRY_SELECTOR') != 'coverage'):
|
||||
self.error('No tests run or test summary not found')
|
||||
self.worst_log_level = self.worst_level(WARNING,
|
||||
self.worst_log_level)
|
||||
|
|
|
@ -1620,7 +1620,7 @@ class XPCShellTests(object):
|
|||
self.log.error(t)
|
||||
raise exceptions[0]
|
||||
|
||||
if self.testCount == 0:
|
||||
if self.testCount == 0 and os.environ.get('TRY_SELECTOR') != 'coverage':
|
||||
self.log.error("No tests run. Did you pass an invalid --test-path?")
|
||||
self.failCount = 1
|
||||
|
||||
|
|
|
@ -90,6 +90,9 @@ def push_to_try(method, msg, labels=None, templates=None, try_task_config=None,
|
|||
commit_message = ('%s%s\n\nPushed via `mach try %s`' %
|
||||
(msg, closed_tree_string, method))
|
||||
|
||||
if templates is not None:
|
||||
templates.setdefault('env', {}).update({'TRY_SELECTOR': method})
|
||||
|
||||
if labels or labels == []:
|
||||
try_task_config = {
|
||||
'version': 1,
|
||||
|
|
|
@ -39,7 +39,10 @@ def test_try_again(monkeypatch):
|
|||
|
||||
try_task_config = kwargs.pop('try_task_config')
|
||||
assert sorted(try_task_config.get('tasks')) == sorted(['foo', 'bar'])
|
||||
assert try_task_config.get('templates') == {'artifact': True}
|
||||
assert try_task_config.get('templates') == {
|
||||
'artifact': True,
|
||||
'env': {'TRY_SELECTOR': 'fuzzy'},
|
||||
}
|
||||
|
||||
with open(push.history_path, 'r') as fh:
|
||||
assert len(fh.readlines()) == 1
|
||||
|
|
|
@ -3117,7 +3117,8 @@ static PrefPair debug_PrefValues[] = {
|
|||
{"nglayout.debug.invalidate_dumping", false},
|
||||
{"nglayout.debug.motion_event_dumping", false},
|
||||
{"nglayout.debug.paint_dumping", false},
|
||||
{"nglayout.debug.paint_flashing", false}};
|
||||
{"nglayout.debug.paint_flashing", false},
|
||||
{"nglayout.debug.paint_flashing_chrome", false}};
|
||||
|
||||
//////////////////////////////////////////////////////////////
|
||||
bool nsBaseWidget::debug_GetCachedBoolPref(const char* aPrefName) {
|
||||
|
|
Загрузка…
Ссылка в новой задаче