Bug 1790313 - Tweak localized messages for SitePermsAddon install flow. r=rpl.

This patch adds a specific path for getting the localized text for the addon install prompt for SitePermissionsAddon. As the message that we want isn't very generic, each gated permission will have its own localized addon prompt message. Differential Revision: https://phabricator.services.mozilla.com/D160452
2022-11-04 17:08:35 +00:00 · 2022-11-04 17:08:35 +00:00 · 93d10b6337
--- a/browser/base/content/browser-addons.js
+++ b/browser/base/content/browser-addons.js
@ -23,6 +23,10 @@ ChromeUtils.defineModuleGetter(
  "ExtensionPermissions",
  "resource://gre/modules/ExtensionPermissions.jsm"
 );
+ChromeUtils.defineESModuleGetters(lazy, {
+  SITEPERMS_ADDON_TYPE:
+    "resource://gre/modules/addons/siteperms-addon-utils.sys.mjs",
+});

 customElements.define(
  "addon-progress-notification",
@ -662,7 +666,20 @@ var gXPInstallObserver = {
          while (message.firstChild) {
            message.firstChild.remove();
          }
-          if (hasHost) {
+
+          if (
+            // Use a install prompt message when the only addon being installed is a SitePerms addon
+            // (NOTE: AOM doesn't support anymore installing multiple addons at the same time anymore,
+            // and so a sitepermission addon type is expected to be always the only entry in installInfo.installs).
+            installInfo.installs.every(
+              ({ addon }) => addon?.type === lazy.SITEPERMS_ADDON_TYPE
+            )
+          ) {
+            message.textContent = gNavigatorBundle.getFormattedString(
+              "sitePermissionsInstallPromptMessage.message",
+              [options.name]
+            );
+          } else if (hasHost) {
            let text = gNavigatorBundle.getString(
              "xpinstallPromptMessage.message"
            );
--- a/browser/locales/en-US/chrome/browser/browser.properties
+++ b/browser/locales/en-US/chrome/browser/browser.properties
@ -39,6 +39,12 @@ xpinstallPromptMessage.dontAllow=Don’t Allow
 xpinstallPromptMessage.dontAllow.accesskey=D
 xpinstallPromptMessage.neverAllow=Never Allow
 xpinstallPromptMessage.neverAllow.accesskey=N
+# LOCALIZATION NOTE (sitePermissionsInstallPromptMessage.message)
+# This message is shown when a SitePermissionsAddon install is triggered, i.e. when the
+# website calls sensitive APIs (e.g. navigator.requestMIDIAccess).
+# %S is the hostname of the site the add-on is being installed from.
+sitePermissionsInstallPromptMessage.message=This add-on gives the site extra privileges that could allow it to steal your data or attack your computer. Only install this add-on if you trust %S.
+
 # Accessibility Note:
 # Be sure you do not choose an accesskey that is used elsewhere in the active context (e.g. main menu bar, submenu of the warning popup button)
 # See https://website-archive.mozilla.org/www.mozilla.org/access/access/keyboard/ for details
@ -182,6 +188,22 @@ webextPerms.hostDescription.tooManySites=Access your data on #1 other site;Acces
 webextSitePerms.headerWithPerms=Add %1$S? This extension grants the following capabilities to %2$S:
 webextSitePerms.headerUnsignedWithPerms=Add %1$S? This extension is unverified. Malicious extensions can steal your private information or compromise your computer. Only add it if you trust the source. This extension grants the following capabilities to %2$S:

+# LOCALIZATION NOTE (webextSitePerms.headerWithGatedPerms.*)
+# These string are used as a header in the webextension permissions dialog for synthetic add-ons.
+# The part of the string describing what privileges the extension gives should be consistent
+# with the value of webextSitePerms.description.{sitePermission}.
+# %1$S is replaced with the localized name of the extension being installed.
+# %2$S will be replaced by the DNS host name for which a webextension enables permissions
+# Note, this string will be used as raw markup. Avoid characters like <, >, &
+webextSitePerms.headerWithGatedPerms.midi=Add %1$S? This add-on gives %2$S access to MIDI devices.
+webextSitePerms.headerWithGatedPerms.midi-sysex=Add %1$S? This add-on gives %2$S access to MIDI devices (with SysEx support).
+
+# LOCALIZATION NOTE (webextSitePerms.descriptionGatedPerms)
+# This string is used as description in the webextension permissions dialog for synthetic add-ons.
+# %S will be replaced by the DNS host name for which a webextension enables permissions
+# Note, this string will be used as raw markup. Avoid characters like <, >, &
+webextSitePerms.descriptionGatedPerms=This access can be dangerous, and allows the site to act like software installed on your computer. Only install this extension if you trust %S.
+
 # These should remain in sync with permissions.NAME.label in sitePermissions.properties
 webextSitePerms.description.midi=Access MIDI devices
 webextSitePerms.description.midi-sysex=Access MIDI devices with SysEx support
--- a/dom/midi/tests/browser_midi_permission_gated.js
+++ b/dom/midi/tests/browser_midi_permission_gated.js
@ -45,6 +45,7 @@ add_setup(async function() {
 add_task(async function testRequestMIDIAccess() {
  gBrowser.selectedTab = BrowserTestUtils.addTab(gBrowser, EXAMPLE_COM_URL);
  await BrowserTestUtils.browserLoaded(gBrowser.selectedBrowser);
+  const testPageHost = gBrowser.selectedTab.linkedBrowser.documentURI.host;

  info("Check that midi-sysex isn't set");
  ok(
@ -68,6 +69,28 @@ add_task(async function testRequestMIDIAccess() {

  info("Deny site permission addon install");
  let addonInstallPanel = await onAddonInstallBlockedNotification;
+  const [
+    installPopupHeader,
+    installPopupMessage,
+  ] = addonInstallPanel.querySelectorAll(
+    "description.popup-notification-description"
+  );
+  is(
+    installPopupHeader.textContent,
+    gNavigatorBundle.getFormattedString("xpinstallPromptMessage.header", [
+      testPageHost,
+    ]),
+    "First popup has expected header text"
+  );
+  is(
+    installPopupMessage.textContent,
+    gNavigatorBundle.getFormattedString(
+      "sitePermissionsInstallPromptMessage.message",
+      [testPageHost]
+    ),
+    "First popup has expected message"
+  );
+
  let notification = addonInstallPanel.childNodes[0];
  // secondaryButton is the "Don't allow" button
  notification.secondaryButton.click();
@ -108,6 +131,24 @@ add_task(async function testRequestMIDIAccess() {
  let dialogPromise = waitForInstallDialog();
  notification.button.click();
  let installDialog = await dialogPromise;
+  is(
+    installDialog.querySelector(".popup-notification-description").textContent,
+    gNavigatorBundle.getFormattedString(
+      "webextSitePerms.headerWithGatedPerms.midi-sysex",
+      [`Site Permissions for ${testPageHost}`, testPageHost]
+    ),
+    "Install dialog has expected header text"
+  );
+  is(
+    installDialog.querySelector("popupnotificationcontent description")
+      .textContent,
+    gNavigatorBundle.getFormattedString(
+      "webextSitePerms.descriptionGatedPerms",
+      [testPageHost]
+    ),
+    "Install dialog has expected description"
+  );
+
  installDialog.button.click();

  info("Wait for the midi-sysex access request promise to resolve");
@ -174,6 +215,25 @@ add_task(async function testRequestMIDIAccess() {
  dialogPromise = waitForInstallDialog();
  notification.button.click();
  installDialog = await dialogPromise;
+
+  is(
+    installDialog.querySelector(".popup-notification-description").textContent,
+    gNavigatorBundle.getFormattedString(
+      "webextSitePerms.headerWithGatedPerms.midi",
+      [`Site Permissions for ${testPageHost}`, testPageHost]
+    ),
+    "Install dialog has expected header text"
+  );
+  is(
+    installDialog.querySelector("popupnotificationcontent description")
+      .textContent,
+    gNavigatorBundle.getFormattedString(
+      "webextSitePerms.descriptionGatedPerms",
+      [testPageHost]
+    ),
+    "Install dialog has expected description"
+  );
+
  installDialog.button.click();

  info("Wait for the midi access request promise to resolve");
--- a/toolkit/components/extensions/Extension.jsm
+++ b/toolkit/components/extensions/Extension.jsm
@ -52,6 +52,8 @@ const lazy = {};
 ChromeUtils.defineESModuleGetters(lazy, {
  E10SUtils: "resource://gre/modules/E10SUtils.sys.mjs",
  Log: "resource://gre/modules/Log.sys.mjs",
+  SITEPERMS_ADDON_TYPE:
+    "resource://gre/modules/addons/siteperms-addon-utils.sys.mjs",
 });

 XPCOMUtils.defineLazyModuleGetters(lazy, {
@ -1994,13 +1996,33 @@ class ExtensionData {
      );
    }

-    // Generate a map of site_permission names to permission strings for site
-    // permissions.  Since SitePermission addons cannot have regular permissions,
-    // we reuse msgs to pass the strings to the permissions panel.
+    // Synthetic addon install can only grant access to a single permission so we can have
+    // a less-generic message than addons with site permissions.
    // NOTE: this is used as part of the synthetic addon install flow implemented for the
    // SitePermissionAddonProvider.
    // (and so it should not be removed as part of Bug 1789718 changes, while this additional note should be).
+    if (info.addon?.type === lazy.SITEPERMS_ADDON_TYPE) {
+      // We simplify the origin to make it more user friendly. The origin is assured to be
+      // available because the SitePermsAddon install is always expected to be triggered
+      // from a website, making the siteOrigin always available through the installing principal.
+      const host = new URL(info.siteOrigin).hostname;
+
+      // messages are specific to the type of gated permission being installed
+      result.header = bundle.formatStringFromName(
+        `webextSitePerms.headerWithGatedPerms.${info.sitePermissions[0]}`,
+        ["<>", host]
+      );
+      result.text = bundle.formatStringFromName(
+        `webextSitePerms.descriptionGatedPerms`,
+        [host]
+      );
+
+      return result;
+    }
+
+    // TODO(Bug 1789718): Remove after the deprecated XPIProvider-based implementation is also removed.
    if (info.sitePermissions) {
+      // Generate a map of site_permission names to permission strings for site permissions.
      for (let permission of info.sitePermissions) {
        try {
          result.msgs.push(
@ -2020,16 +2042,15 @@ class ExtensionData {
        }
      }

-      // Generate header message
+      // We simplify the origin to make it more user friendly.  The origin is
+      // assured to be available via schema requirement.
+      const host = new URL(info.siteOrigin).hostname;
+
      headerKey = info.unsigned
        ? "webextSitePerms.headerUnsignedWithPerms"
        : "webextSitePerms.headerWithPerms";
-      // We simplify the origin to make it more user friendly.  The origin is
-      // assured to be available via schema requirement.
-      result.header = bundle.formatStringFromName(headerKey, [
-        "<>",
-        new URL(info.siteOrigin).hostname,
-      ]);
+      result.header = bundle.formatStringFromName(headerKey, ["<>", host]);
+
      return result;
    }