From 6115ede7b5a93707718aee1a63d33802228f67ee Mon Sep 17 00:00:00 2001
From: "bsmedberg%covad.net" <bsmedberg%covad.net>
Date: Thu, 14 Jul 2005 17:46:55 +0000
Subject: [PATCH] Bug 292624 - XUL error pages should not have chrome
 privileges, r=darin sr=dveditz a=asa

---
 caps/src/nsScriptSecurityManager.cpp          |  3 +-
 docshell/base/nsDocShell.cpp                  | 15 +---
 docshell/resources/content/jar.mn             |  1 -
 docshell/resources/content/netError.js        |  0
 docshell/resources/content/netError.xhtml     | 83 +++++++++++++++++--
 netwerk/build/nsNetModule.cpp                 |  5 ++
 .../about/src/nsAboutProtocolHandler.cpp      | 35 ++++----
 .../about/src/nsAboutProtocolHandler.h        |  4 +
 .../protocol/about/src/nsAboutRedirector.cpp  |  8 +-
 9 files changed, 111 insertions(+), 43 deletions(-)
 delete mode 100644 docshell/resources/content/netError.js

diff --git a/caps/src/nsScriptSecurityManager.cpp b/caps/src/nsScriptSecurityManager.cpp
index b10888c4d60..bb770d2f4a5 100644
--- a/caps/src/nsScriptSecurityManager.cpp
+++ b/caps/src/nsScriptSecurityManager.cpp
@@ -1566,7 +1566,8 @@ nsScriptSecurityManager::CanExecuteScripts(JSContext* cx,
     {
         nsCAutoString spec;
         principalURI->GetSpec(spec);
-        if (spec.EqualsLiteral("about:"))
+        if (spec.EqualsLiteral("about:") ||
+            StringBeginsWith(spec, NS_LITERAL_CSTRING("about:neterror?")))
         {
             *result = PR_TRUE;
             return NS_OK;              
diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp
index 37c262cd102..5701d4be2bf 100644
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -3051,21 +3051,8 @@ nsDocShell::LoadErrorPage(nsIURI *aURI, const PRUnichar *aURL,
     char *escapedError = nsEscape(NS_ConvertUTF16toUTF8(aErrorType).get(), url_Path);
     char *escapedDescription = nsEscape(NS_ConvertUTF16toUTF8(aDescription).get(), url_Path);
 
-    nsXPIDLCString errorPageUrl;
+    nsCString errorPageUrl("about:neterror?e=");
 
-    nsCOMPtr<nsIPrefBranch> prefBranch(do_GetService(NS_PREFSERVICE_CONTRACTID));
-    if (prefBranch)
-    {
-        // Note that we don't expose this pref, because we don't want users fiddling with it.
-        prefBranch->GetCharPref("browser.xul.error_pages.location", getter_Copies(errorPageUrl));
-    }
-
-    if (errorPageUrl.IsEmpty())
-    {
-        errorPageUrl.AssignLiteral("chrome://global/content/netError.xhtml");
-    }
-
-    errorPageUrl.AppendLiteral("?e=");
     errorPageUrl.AppendASCII(escapedError);
     errorPageUrl.AppendLiteral("&u=");
     errorPageUrl.AppendASCII(escapedUrl);
diff --git a/docshell/resources/content/jar.mn b/docshell/resources/content/jar.mn
index 58fed605d4e..f1641c86010 100644
--- a/docshell/resources/content/jar.mn
+++ b/docshell/resources/content/jar.mn
@@ -1,3 +1,2 @@
 toolkit.jar:
 	content/global/netError.xhtml
-	content/global/netError.js
diff --git a/docshell/resources/content/netError.js b/docshell/resources/content/netError.js
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/docshell/resources/content/netError.xhtml b/docshell/resources/content/netError.xhtml
index 2bc4317ad7d..171a4fde773 100644
--- a/docshell/resources/content/netError.xhtml
+++ b/docshell/resources/content/netError.xhtml
@@ -51,7 +51,6 @@
 
 <head>
   <title>&loadError.label;</title>
-  <script src="chrome://global/content/netError.js"></script>
   <style><![CDATA[
     body {
       font: message-box;
@@ -161,12 +160,82 @@
     </div>
   </div>
   <p><input type="button" value="&retry.label;" id="retry" onclick="retryThis();"/></p>
-  <!--
-    - Note: It is important to run fillIn using this way, instead of using
-    - an onload handler. This is because error pages are loaded as
-    - LOAD_BACKGROUND, which means that onload handlers will not be executed.
-    -->
-  <script type="application/x-javascript">fillIn();</script>
+
+  <script type="application/x-javascript"><![CDATA[
+    // Error url MUST be formatted like this:
+    //   moz-neterror:page?e=error&u=url&d=desc
+
+    // Note that this file uses document.documentURI to get
+    // the URL (with the format from above). This is because
+    // document.location.href gets the current URI off the docshell,
+    // which is the URL displayed in the location bar, i.e.
+    // the URI that the user attempted to load.
+
+    function getErrorCode()
+    {
+      var url = document.documentURI;
+
+      var error = url.search(/e\=/);
+      var duffUrl = url.search(/\&u\=/);
+      return decodeURIComponent(url.slice(error + 2, duffUrl));
+    }
+
+    function getDuffUrl()
+    {
+      var url = document.documentURI;
+      var duffUrl = url.search(/u\=/);
+      var desc = url.search(/\&d\=/);
+      return decodeURIComponent(url.slice(duffUrl + 2, desc));
+    }
+
+    function getDescription()
+    {
+      var url = document.documentURI;
+      var desc = url.search(/d\=/);
+      return decodeURIComponent(url.slice(desc + 2));
+    }
+
+    function retryThis()
+    {
+      // Session history has the URL of the page that failed
+      // to load, not the one of the error page. So, just call
+      // reload(), which will also repost POST data correctly.
+      location.reload();
+    }
+
+    // Note: It is important to run this code inline, instead of using
+    // an onload handler. This is because error pages are loaded as
+    // LOAD_BACKGROUND, which means that onload handlers will not be executed.
+
+    var err = getErrorCode();
+    var duffUrl = getDuffUrl();
+
+    var i;
+
+    // Fill in the title
+    var et = document.getElementById("et_" + err);
+    if (et) {
+      et.className = "et_visible";
+    }
+
+    // Fill in the short description
+    var sd = document.getElementById("shortDesc");
+    for (i = 0; i < sd.childNodes.length; i++)
+    {
+      var n = sd.childNodes.item(i);
+      if (n.nodeType == Node.TEXT_NODE)
+      {
+        n.nodeValue = getDescription();
+        break;
+      }
+    }
+
+    // Long description
+    var ld = document.getElementById("ld_" + err);
+    if (ld) {
+      ld.className = "ld_visible";
+    }
+  ]]></script>
 </body>
 
 </html>
diff --git a/netwerk/build/nsNetModule.cpp b/netwerk/build/nsNetModule.cpp
index 45b9042a1b6..5baf57e6099 100644
--- a/netwerk/build/nsNetModule.cpp
+++ b/netwerk/build/nsNetModule.cpp
@@ -1031,6 +1031,11 @@ static const nsModuleComponentInfo gNetModuleInfo[] = {
       NS_ABOUT_MODULE_CONTRACTID_PREFIX "about",
       nsAboutRedirector::Create
     },
+    { "about:neterror",
+      NS_ABOUT_REDIRECTOR_MODULE_CID,
+      NS_ABOUT_MODULE_CONTRACTID_PREFIX "neterror",
+      nsAboutRedirector::Create
+    },
 
     { "about:cache", 
       NS_ABOUT_CACHE_MODULE_CID,
diff --git a/netwerk/protocol/about/src/nsAboutProtocolHandler.cpp b/netwerk/protocol/about/src/nsAboutProtocolHandler.cpp
index f676e42e481..d8a396612f4 100644
--- a/netwerk/protocol/about/src/nsAboutProtocolHandler.cpp
+++ b/netwerk/protocol/about/src/nsAboutProtocolHandler.cpp
@@ -131,32 +131,31 @@ nsAboutProtocolHandler::NewURI(const nsACString &aSpec,
     return rv;
 }
 
+void
+nsAboutProtocolHandler::StripQueryAndHash(nsCString& aPath)
+{
+    PRInt32 f = aPath.FindCharInSet(NS_LITERAL_CSTRING("#?"));
+    if (f != kNotFound) {
+        aPath.Truncate(f);
+    }
+
+    // convert to lowercase, as all about: modules are lowercase
+    ToLowerCase(aPath);
+}
+
 NS_IMETHODIMP
 nsAboutProtocolHandler::NewChannel(nsIURI* uri, nsIChannel* *result)
 {
     // about:what you ask?
     nsresult rv;
-    nsCAutoString what;
-    rv = uri->GetPath(what);
+    nsCAutoString contractID;
+    rv = uri->GetPath(contractID);
     if (NS_FAILED(rv)) return rv;
-    
-    // look up a handler to deal with "whatStr"
-    nsCAutoString contractID(NS_ABOUT_MODULE_CONTRACTID_PREFIX);
 
-    // only take up to a question-mark if there is one:
-    nsACString::const_iterator begin, end;
-    what.BeginReading(begin);
-    what.EndReading(end);
-    FindCharInReadable('?', begin, end); // moves begin to first '?' or to end
-    end = begin;
-    what.BeginReading(begin);
-    FindCharInReadable('#', begin, end); // moves begin to first '#' or to end
-    end = begin;
-    what.BeginReading(begin);
-    contractID.Append(Substring(begin, end));
+    StripQueryAndHash(contractID);
 
-    // convert to lowercase, as all about: modules are lowercase
-    ToLowerCase(contractID);
+    // look up a handler to deal with "what"
+    contractID.Insert(NS_LITERAL_CSTRING(NS_ABOUT_MODULE_CONTRACTID_PREFIX), 0);
 
     nsCOMPtr<nsIAboutModule> aboutMod(do_GetService(contractID.get(), &rv));
     if (NS_SUCCEEDED(rv)) {
diff --git a/netwerk/protocol/about/src/nsAboutProtocolHandler.h b/netwerk/protocol/about/src/nsAboutProtocolHandler.h
index 41d3cc97b43..c6a02eeb040 100644
--- a/netwerk/protocol/about/src/nsAboutProtocolHandler.h
+++ b/netwerk/protocol/about/src/nsAboutProtocolHandler.h
@@ -40,6 +40,8 @@
 
 #include "nsIProtocolHandler.h"
 
+class nsCString;
+
 #define NS_ABOUTPROTOCOLHANDLER_CID                  \
 { /* 9e3b6c90-2f75-11d3-8cd0-0060b0fc14a3 */         \
     0x9e3b6c90,                                      \
@@ -65,6 +67,8 @@ public:
 
     nsresult Init();
 
+    static void StripQueryAndHash(nsCString& aPath);
+
 protected:
 };
 
diff --git a/netwerk/protocol/about/src/nsAboutRedirector.cpp b/netwerk/protocol/about/src/nsAboutRedirector.cpp
index a8d31db2df9..2c9d0db846f 100644
--- a/netwerk/protocol/about/src/nsAboutRedirector.cpp
+++ b/netwerk/protocol/about/src/nsAboutRedirector.cpp
@@ -37,6 +37,7 @@
  *
  * ***** END LICENSE BLOCK ***** */
 
+#include "nsAboutProtocolHandler.h"
 #include "nsAboutRedirector.h"
 #include "nsNetUtil.h"
 #include "plstr.h"
@@ -66,7 +67,8 @@ static RedirEntry kRedirMap[] = {
     { "buildconfig", "chrome://global/content/buildconfig.html", PR_TRUE },
     { "license", "chrome://global/content/MPL-1.1.html", PR_TRUE },
     { "licence", "chrome://global/content/MPL-1.1.html", PR_TRUE },
-    { "about", "chrome://global/content/aboutAbout.html", PR_FALSE }
+    { "about", "chrome://global/content/aboutAbout.html", PR_FALSE },
+    { "neterror", "chrome://global/content/netError.xhtml", PR_TRUE }
 };
 static const int kRedirTotal = NS_ARRAY_LENGTH(kRedirMap);
 
@@ -83,13 +85,15 @@ nsAboutRedirector::NewChannel(nsIURI *aURI, nsIChannel **result)
     if (NS_FAILED(rv))
         return rv;
 
+    nsAboutProtocolHandler::StripQueryAndHash(path);
+
     nsCOMPtr<nsIIOService> ioService = do_GetIOService(&rv);
     if (NS_FAILED(rv))
         return rv;
 
     for (int i=0; i<kRedirTotal; i++) 
     {
-        if (!PL_strcasecmp(path.get(), kRedirMap[i].id))
+        if (!strcmp(path.get(), kRedirMap[i].id))
         {
             nsCOMPtr<nsIChannel> tempChannel;
             rv = ioService->NewChannel(nsDependentCString(kRedirMap[i].url),