Update blockedSite text, use new stopbadware report url. b=420751, r=gavin, ui-r+a=beltzner

This commit is contained in:
johnath@mozilla.com 2008-03-07 11:51:25 -08:00
Родитель f176ac2efd
Коммит 6589b14190
5 изменённых файлов: 80 добавлений и 49 удалений

Просмотреть файл

@ -603,6 +603,10 @@ pref("urlclassifier.alternate_error_page", "blocked");
// The number of random entries to send with a gethash request.
pref("urlclassifier.gethashnoise", 4);
// URL for checking the reason for a malware warning.
pref("browser.safebrowsing.malware.reportURL", "http://www.stopbadware.org/reports/container?source=@APP_UA_NAME@&version=@APP_VERSION@&reportname=");
#endif
// defaults to true

Просмотреть файл

@ -2237,12 +2237,12 @@ function BrowserOnCommand(event) {
if (!event.isTrusted)
return;
// If the event came from an ssl error page, it is probably either the "Add
// Exception…" or "Get me out of here!" button
if (/^about:neterror\?e=nssBadCert/.test(event.originalTarget.ownerDocument.documentURI)) {
var ot = event.originalTarget;
var errorDoc = ot.ownerDocument;
// If the event came from an ssl error page, it is probably either the "Add
// Exception…" or "Get me out of here!" button
if (/^about:neterror\?e=nssBadCert/.test(errorDoc.documentURI)) {
if (ot == errorDoc.getElementById('exceptionDialogButton')) {
var params = { exceptionAdded : false };
@ -2265,7 +2265,52 @@ function BrowserOnCommand(event) {
errorDoc.location.reload();
}
else if (ot == errorDoc.getElementById('getMeOutOfHereButton')) {
// Redirect them to a known-functioning page, default start page
getMeOutOfHere();
}
}
else if (/^about:blocked/.test(errorDoc.documentURI)) {
// The event came from a button on a malware/phishing block page
if (ot == errorDoc.getElementById('getMeOutButton')) {
getMeOutOfHere();
}
else if (ot == errorDoc.getElementById('reportButton')) {
// This is the "Why is this site blocked" button. For malware,
// we can fetch a site-specific report, for phishing, we redirect
// to the generic page describing phishing protection.
if (/e=malwareBlocked/.test(errorDoc.documentURI)) {
// Get the stop badware "why is this blocked" report url,
// append the current url, and go there.
try {
var reportURL = gPrefService.getCharPref("browser.safebrowsing.malware.reportURL");
reportURL += content.location.href;
content.location = reportURL;
} catch (e) {
Components.utils.reportError("Couldn't get malware report URL: " + e);
}
}
else if (/e=phishingBlocked/.test(errorDoc.documentURI)) {
try {
content.location = Cc["@mozilla.org/toolkit/URLFormatterService;1"]
.getService(Components.interfaces.nsIURLFormatter)
.formatURLPref("browser.safebrowsing.warning.infoURL");
} catch (e) {
Components.utils.reportError("Couldn't get phishing info URL: " + e);
}
}
}
}
}
/**
* Re-direct the browser to a known-safe page. This function is
* used when, for example, the user browses to a known malware page
* and is presented with about:blocked. The "Get me out of here!"
* button should take the user to the default start page so that even
* when their own homepage is infected, we can get them somewhere safe.
*/
function getMeOutOfHere() {
// Get the start page from the *default* pref branch, not the user's
var prefs = Cc["@mozilla.org/preferences-service;1"]
.getService(Ci.nsIPrefService).getDefaultBranch(null);
var url = "about:blank";
@ -2280,8 +2325,6 @@ function BrowserOnCommand(event) {
}
content.location = url;
}
}
}
function BrowserFullScreen()
{

Просмотреть файл

@ -137,11 +137,11 @@
*/
function initPage_malware()
{
document.title = sb.GetStringFromName("malware.title");
document.title = sb.GetStringFromName("malware.title2");
errorTitleText.textContent = document.title;
errorShortDescText.textContent = sb.formatStringFromName("malware.shortDesc",
[getHostString()], 1);
errorLongDesc.innerHTML = sb.GetStringFromName("malware.longDesc");
errorLongDesc.innerHTML = sb.GetStringFromName("malware.longDesc2");
}
/**
@ -149,26 +149,11 @@
*/
function initPage_phishing()
{
document.title = sb.GetStringFromName("phishing.title");
document.title = sb.GetStringFromName("phishing.title2");
errorTitleText.textContent = document.title;
errorShortDescText.textContent = sb.formatStringFromName("phishing.shortDesc",
errorShortDescText.textContent = sb.formatStringFromName("phishing.shortDesc2",
[getHostString()], 1);
var longDesc = sb.GetStringFromName("phishing.longDesc");
// If we have a more-info link for the phishing information, add it in,
// otherwise just use the generic text
var faqURL = Components.classes["@mozilla.org/toolkit/URLFormatterService;1"]
.getService(Components.interfaces.nsIURLFormatter)
.formatURLPref("browser.safebrowsing.warning.infoURL");
if(faqURL && faqURL != "about:blank") {
longDesc += sb.formatStringFromName("phishing.learnMoreLink",
[brandShortName], 1);
errorLongDesc.innerHTML = longDesc;
document.getElementById("faqLink").setAttribute("href", faqURL);
}
else
errorLongDesc.innerHTML = longDesc;
errorLongDesc.innerHTML = sb.GetStringFromName("phishing.longDesc2");
}
]]></script>
</head>
@ -195,8 +180,11 @@
<!-- Action buttons -->
<div id="buttons">
<!-- Commands handled in browser.js -->
<xul:button xmlns:xul="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
id="getMeOutButton" label="&safeb.palm.accept.label;" oncommand="window.home();" />
id="getMeOutButton" label="&safeb.palm.accept.label;"/>
<xul:button xmlns:xul="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
id="reportButton" label="&safeb.palm.report.label;"/>
</div>
</div>
</div>

Просмотреть файл

@ -1,12 +1,7 @@
malware.title=Suspected Attack Site!
malware.title2=Reported Attack Site!
malware.shortDesc=The web site at %S has been reported as an attack site and has been blocked based on your security preferences.
malware.longDesc=<p>Attack sites try to install programs that steal private information, use your computer to attack others, or damage your system.</p>\n<p>Web site owners who believe their site has been reported as an attack site in error may <a href='http://www.stopbadware.org/home/reviewinfo' >request a review</a>.</p>
malware.longDesc2=<p>Attack sites try to install programs that steal private information, use your computer to attack others, or damage your system.</p>\n<p>Some attack sites intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners.</p>
phishing.title=Suspected Web Forgery!
phishing.shortDesc=The web site at %S has been reported as a web forgery designed to trick users into sharing personal or financial information.
phishing.longDesc=<p>Entering any personal information on this page may result in identity theft or other fraud.</p><p>These types of web forgeries are used in scams known as phishing attacks, in which fraudulent web pages and emails are used to imitate sources you may trust.</p>
# Localization note (phishing.learnMoreLink): please leave the HTML tags as-is.
# A localized href is pulled in from user preferences automatically. The anchor
# text, as well as the rest of the sentence, should be translated.
phishing.learnMoreLink=<p>You can find out more about <a id="faqLink" href="">how %S protects you</a> from phishing attacks.</p>
phishing.title2=Reported Web Forgery!
phishing.shortDesc2=The web site at %S has been reported as a web forgery and has been blocked based on your security preferences.
phishing.longDesc2=<p>Web forgeries are designed to trick you into revealing personal or financial information by imitating sources you may trust.</p><p>Entering any information on this web page may result in identity theft or other fraud.</p>

Просмотреть файл

@ -13,5 +13,6 @@
<!ENTITY safeb.palm.decline.label "Ignore this warning">
<!ENTITY safeb.palm.decline.statustext "Close warning" >
<!ENTITY safeb.palm.notforgery.label2 "This isn't a web forgery…">
<!ENTITY safeb.palm.report.label "Why was this site blocked?">
<!ENTITY safeb.urlbaricon.tooltip "This page might be dangerous; click for details.">