mozilla
/
pjs
зеркало из https://github.com/mozilla/pjs.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Fixes: 

35864 Convert nsSecureBrowserUIImpl to use new WebProgress interfa
35472 Lock does not change when going to a mixed frames site.
27104 [feature] No warning when sending insecure form data
28335 Forcing handshake on CMT_OpenSSLConnection for https connect
28418 Lock broken on https startup home page.
36814 nsPSMSocketInfo not thread safe
updated to pavlov's new directory picker.
This commit is contained in:
dougt%netscape.com 2000-04-25 01:56:59 +00:00
Родитель 2ea484ee25
Коммит 912688545d
9 изменённых файлов: 456 добавлений и 393 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

2
extensions/psm-glue/public/nsIPSMUIHandler.idl
Просмотреть файл

@ -27,7 +27,7 @@
interface nsIPSMUIHandler : nsISupports
{
void DisplayURI(in long width, in long height, in string urlStr);
void PromptForFile(in string prompt, in string fileRegEx, in boolean shouldFileExist, out string outFile);
void PromptForFile(in wstring prompt, in string fileRegEx, in boolean shouldFileExist, out string outFile);
};
%{C++

2
extensions/psm-glue/res/locale/en-US/security.properties
Просмотреть файл

@ -25,4 +25,4 @@ LeaveSiteMessage=You have requested an insecure document. The document and any i
EnterSiteMessage=You have requested a secure document. The document and any information you send back are encrypted for privacy while in transit.
PostToInsecure=Although this document is secure, the information you have submitted is insecure and could be observed by a third party while in transit. If you are submitting passwords, credit card numbers, or other information you would like to keep private, it would be safer for you to cancel the submission.
DontShowAgain=Show Me This Alert Next Time.
FindText=Please find the Personal Security Manager application

27
extensions/psm-glue/src/nsPSMComponent.cpp
Просмотреть файл

@ -62,6 +62,7 @@
#endif
static NS_DEFINE_CID(kCStringBundleServiceCID, NS_STRINGBUNDLESERVICE_CID);
static NS_DEFINE_CID(kProfileCID, NS_PROFILE_CID);
static NS_DEFINE_CID(kPrefCID, NS_PREF_CID);
@ -112,7 +113,7 @@ nsPSMComponent::CreatePSMComponent(nsISupports* aOuter, REFNSIID aIID, void **aR
}
/* nsISupports Implementation for the class */
NS_IMPL_ISUPPORTS1 (nsPSMComponent, nsIPSMComponent);
NS_IMPL_THREADSAFE_ISUPPORTS1 (nsPSMComponent, nsIPSMComponent);
#define INIT_NUM_PREFS 100
/* preference types */
@ -487,11 +488,29 @@ nsPSMComponent::GetControlConnection( CMT_CONTROL * *_retval )
if (mControl == nsnull)
{
char* filePath = nsnull;
char* filePath = nsnull;
NS_WITH_PROXIED_SERVICE(nsIPSMUIHandler, handler, nsPSMUIHandlerImpl::GetCID(), NS_UI_THREAD_EVENTQ, &rv);
if(NS_SUCCEEDED(rv))
handler->PromptForFile("Please find the Personal Security Manager application", PSM_FILE_NAME, PR_TRUE, &filePath);
{
NS_WITH_SERVICE(nsIStringBundleService, service, kCStringBundleServiceCID, &rv);
if (NS_FAILED(rv)) return rv;
nsILocale* locale = nsnull;
nsCOMPtr<nsIStringBundle> stringBundle;
rv = service->CreateBundle(SECURITY_STRING_BUNDLE_URL, locale, getter_AddRefs(stringBundle));
if (NS_FAILED(rv)) return rv;
PRUnichar *ptrv = nsnull;
rv = stringBundle->GetStringFromName( nsString("FindText").GetUnicode(), &ptrv);
if (NS_FAILED(rv)) return rv;
handler->PromptForFile(ptrv, PSM_FILE_NAME, PR_TRUE, &filePath);
nsAllocator::Free(ptrv);
}
if (! filePath)
return NS_ERROR_FAILURE;

3
extensions/psm-glue/src/nsPSMComponent.h
Просмотреть файл

@ -24,6 +24,9 @@
#include "nscore.h"
#include "nsIPSMComponent.h"
#include "nsIStringBundle.h"
#define SECURITY_STRING_BUNDLE_URL "chrome://navigator/locale/security.properties"
#define NS_PSMCOMPONENT_CID {0xddcae170, 0x5412, 0x11d3, {0xbb, 0xc8, 0x00, 0x00, 0x86, 0x1d, 0x12, 0x37}}

98
extensions/psm-glue/src/nsPSMUICallbacks.cpp
Просмотреть файл

@ -26,7 +26,7 @@
#include "nsIEventQueueService.h"
#include "nsPSMUICallbacks.h"
#include "nsINetSupportDialogService.h"
#include "nsIFileSpecWithUI.h"
#include "nsIFilePicker.h"
#include "nsAppShellCIDs.h"
#include "prprf.h"
@ -65,77 +65,65 @@ NS_METHOD
nsPSMUIHandlerImpl::DisplayURI(PRInt32 width, PRInt32 height, const char *urlStr)
{
nsresult rv;
nsCOMPtr<nsIDOMWindow> hiddenWindow;
JSContext *jsContext;
NS_WITH_SERVICE(nsIAppShellService, appShell, kAppShellServiceCID, &rv);
if (NS_SUCCEEDED(rv))
{
// get a parent window for the new browser window
nsCOMPtr<nsIXULWindow> parent;
appShell->GetHiddenWindow(getter_AddRefs(parent));
rv = appShell->GetHiddenWindowAndJSContext( getter_AddRefs( hiddenWindow ),
&jsContext );
// convert it to a DOMWindow
nsCOMPtr<nsIDocShell> docShell;
if (parent)
{
parent->GetDocShell(getter_AddRefs(docShell));
}
nsCOMPtr<nsIDOMWindow> domParent(do_GetInterface(docShell));
nsCOMPtr<nsIScriptGlobalObject> sgo(do_QueryInterface(domParent));
if ( NS_SUCCEEDED( rv ) )
{
// Set up arguments for "window.open"
void *stackPtr;
nsCOMPtr<nsIScriptContext> context;
if (sgo)
{
sgo->GetContext(getter_AddRefs(context));
}
if (context)
{
JSContext *jsContext = (JSContext*)context->GetNativeContext();
if (jsContext)
{
void *stackPtr;
char buffer[256];
PR_snprintf(buffer,
sizeof(buffer),
"menubar=no,height=%d,width=%d",
height,
width );
char buffer[256];
PR_snprintf(buffer,
sizeof(buffer),
"menubar=no,height=%d,width=%d",
height,
width );
jsval *argv = JS_PushArguments(jsContext, &stackPtr, "sss", urlStr, "_blank", buffer);
if (argv)
{
// open the window
nsIDOMWindow *newWindow;
domParent->Open(jsContext, argv, 3, &newWindow);
newWindow->ResizeTo(width, height);
JS_PopArguments(jsContext, stackPtr);
}
}
}
jsval *argv = JS_PushArguments(jsContext, &stackPtr, "sss", urlStr, "_blank", buffer);
if (argv)
{
// open the window
nsIDOMWindow *newWindow;
hiddenWindow->Open(jsContext, argv, 3, &newWindow);
newWindow->ResizeTo(width, height);
JS_PopArguments(jsContext, stackPtr);
}
}
}
return rv;
}
NS_IMETHODIMP
nsPSMUIHandlerImpl::PromptForFile(const char *prompt, const char *fileRegEx, PRBool shouldFileExist, char **outFile)
nsPSMUIHandlerImpl::PromptForFile(const PRUnichar *prompt, const char *fileRegEx, PRBool shouldFileExist, char **outFile)
{
NS_ENSURE_ARG_POINTER(outFile);
nsIFileSpecWithUI* file = NS_CreateFileSpecWithUI();
nsCOMPtr<nsIFilePicker> fp = do_CreateInstance("component://mozilla/filepicker");
if (file == nsnull)
if (!fp)
return NS_ERROR_NULL_POINTER;
nsresult rv = file->ChooseInputFile(prompt,
nsIFileSpecWithUI::eAllFiles | nsIFileSpecWithUI::eExtraFilter,
fileRegEx, // FIX name?
fileRegEx);
if (NS_FAILED(rv))
return rv;
fp->Init(nsnull, prompt, nsIFilePicker::modeOpen);
fp->SetFilters(nsIFilePicker::filterAll);
fp->AppendFilter(nsAutoString(fileRegEx).GetUnicode(), nsAutoString(fileRegEx).GetUnicode());
PRInt16 mode;
nsresult rv = fp->Show(&mode);
rv = file->GetNativePath(outFile);
NS_RELEASE(file);
if (NS_FAILED(rv) || (mode == nsIFilePicker::returnCancel))
return rv;
nsCOMPtr<nsILocalFile> file;
rv = fp->GetFile(getter_AddRefs(file));
if (file)
file->GetPath(outFile);
return rv;
}
@ -338,7 +326,7 @@ char * FilePathPromptCallback(void *arg, char *prompt, char *fileRegEx, CMUint32
NS_WITH_PROXIED_SERVICE(nsIPSMUIHandler, handler, nsPSMUIHandlerImpl::GetCID(), NS_UI_THREAD_EVENTQ, &rv);
if(NS_SUCCEEDED(rv))
handler->PromptForFile(prompt, fileRegEx, (PRBool)shouldFileExist, &filePath);
handler->PromptForFile(nsAutoString(prompt).GetUnicode(), fileRegEx, (PRBool)shouldFileExist, &filePath);
return filePath;
}

4
extensions/psm-glue/src/nsSSLIOLayer.cpp
Просмотреть файл

@ -134,7 +134,7 @@ nsSSLIOLayerConnect(PRFileDesc *fd, const PRNetAddr *addr, PRIntervalTime timeou
PR_ntohs(addr->inet.port),
ipBuffer,
(hostName ? hostName : ipBuffer),
CM_TRUE,
CM_FALSE,
nsnull);
if (CMTSuccess == status)
{
@ -286,7 +286,7 @@ nsPSMSocketInfo::~nsPSMSocketInfo()
{
}
NS_IMPL_ISUPPORTS1(nsPSMSocketInfo, nsIPSMSocketInfo);
NS_IMPL_THREADSAFE_ISUPPORTS1(nsPSMSocketInfo, nsIPSMSocketInfo);
NS_IMETHODIMP
nsPSMSocketInfo::GetControlPtr(CMT_CONTROL * *aControlPtr)

2
extensions/psm-glue/src/nsSSLSocketProvider.cpp
Просмотреть файл

@ -43,7 +43,7 @@ nsSSLSocketProvider::~nsSSLSocketProvider()
{
}
NS_IMPL_ISUPPORTS2(nsSSLSocketProvider, nsISocketProvider, nsISSLSocketProvider);
NS_IMPL_THREADSAFE_ISUPPORTS2(nsSSLSocketProvider, nsISocketProvider, nsISSLSocketProvider);
NS_METHOD
nsSSLSocketProvider::Create(nsISupports *aOuter, REFNSIID aIID, void **aResult)

685
extensions/psm-glue/src/nsSecureBrowserUIImpl.cpp
Просмотреть файл

@ -22,9 +22,13 @@
* Doug Turner <dougt@netscape.com>
*/
#include "nspr.h"
#include "prlog.h"
#include "nsISecureBrowserUI.h"
#include "nsSecureBrowserUIImpl.h"
#include "nsIPSMComponent.h"
#include "nsPSMComponent.h"
#include "nsCOMPtr.h"
#include "nsIServiceManager.h"
@ -40,6 +44,7 @@
#include "nsIDOMXULDocument.h"
#include "nsIDOMElement.h"
#include "nsIDOMWindow.h"
#include "nsIWebProgress.h"
#include "nsIChannel.h"
#include "nsIPSMSocketInfo.h"
@ -52,6 +57,8 @@
#include "nsICommonDialogs.h"
#include "nsIPref.h"
#include "nsIFormSubmitObserver.h"
static NS_DEFINE_CID(kCStringBundleServiceCID, NS_STRINGBUNDLESERVICE_CID);
static NS_DEFINE_CID(kCommonDialogsCID, NS_CommonDialog_CID );
static NS_DEFINE_CID(kPrefCID, NS_PREF_CID);
@ -61,8 +68,20 @@ static NS_DEFINE_CID(kPrefCID, NS_PREF_CID);
#define MIXEDCONTENT_PREF "security.warn_viewing_mixed"
#define INSECURE_SUBMIT_PREF "security.warn_submit_insecure"
#define STRING_BUNDLE_URL "chrome://navigator/locale/security.properties"
#if defined(PR_LOGGING)
//
// Log module for nsSecureBroswerUI logging...
//
// To enable logging (see prlog.h for full details):
//
// set NSPR_LOG_MODULES=nsSecureBroswerUI:5
// set NSPR_LOG_FILE=nspr.log
//
// this enables PR_LOG_DEBUG level information and places all output in
// the file nspr.log
//
PRLogModuleInfo* gSecureDocLog = nsnull;
#endif /* PR_LOGGING */
NS_IMETHODIMP
@ -98,57 +117,81 @@ nsSecureBrowserUIImpl::nsSecureBrowserUIImpl()
{
NS_INIT_REFCNT();
#if defined(PR_LOGGING)
if (nsnull == gSecureDocLog) {
gSecureDocLog = PR_NewLogModule("nsSecureBroswerUI");
}
#endif /* PR_LOGGING */
mIsSecureDocument = mMixContentAlertShown = mIsDocumentBroken = PR_FALSE;
mLastPSMStatus = nsnull;
mHost = nsnull;
mCurrentURI = nsnull;
mSecurityButton = nsnull;
}
nsSecureBrowserUIImpl::~nsSecureBrowserUIImpl()
{
PR_FREEIF(mLastPSMStatus);
PR_FREEIF(mHost);
}
NS_IMPL_ISUPPORTS2(nsSecureBrowserUIImpl, nsIDocumentLoaderObserver, nsSecureBrowserUI);
NS_IMPL_ISUPPORTS4(nsSecureBrowserUIImpl,
nsSecureBrowserUI,
nsIWebProgressListener,
nsIFormSubmitObserver,
nsIObserver);
NS_IMETHODIMP
nsSecureBrowserUIImpl::Init(nsIDOMWindow *window, nsIDOMElement *button)
{
mSecurityButton = button;
mWindow = window;
nsresult rv = nsServiceManager::GetService( kPrefCID,
NS_GET_IID(nsIPref),
getter_AddRefs(mPref));
if (NS_FAILED(rv)) return rv;
NS_WITH_SERVICE(nsIStringBundleService, service, kCStringBundleServiceCID, &rv);
if (NS_FAILED(rv)) return rv;
nsILocale* locale = nsnull;
rv = service->CreateBundle(SECURITY_STRING_BUNDLE_URL, locale, getter_AddRefs(mStringBundle));
if (NS_FAILED(rv)) return rv;
// hook up to the form post notifications:
nsIObserverService *svc = 0;
rv = nsServiceManager::GetService(NS_OBSERVERSERVICE_PROGID,
NS_GET_IID(nsIObserverService),
(nsISupports**)&svc );
if ( NS_SUCCEEDED( rv ) && svc )
{
nsString topic; topic.AssignWithConversion(NS_FORMSUBMIT_SUBJECT);
rv = svc->AddObserver( this, topic.GetUnicode());
nsServiceManager::ReleaseService( NS_OBSERVERSERVICE_PROGID, svc );
}
// hook up to the webprogress notifications.
nsCOMPtr<nsIDocShell> docShell;
nsCOMPtr<nsIScriptGlobalObject> sgo = do_QueryInterface(window);
if (sgo)
{
nsCOMPtr<nsIDocShell> docShell;
if (!sgo) return NS_ERROR_NULL_POINTER;
sgo->GetDocShell(getter_AddRefs(docShell));
if (!docShell) return NS_ERROR_NULL_POINTER;
nsCOMPtr<nsIWebProgress> wp = do_QueryInterface(docShell);
if (!wp) return NS_ERROR_NULL_POINTER;
sgo->GetDocShell(getter_AddRefs(docShell));
if (docShell)
{
mSecurityButton = button;
mWindow = window;
wp->AddProgressListener(NS_STATIC_CAST(nsIWebProgressListener*,this));
docShell->GetDocLoaderObserver(getter_AddRefs(mOldWebShellObserver));
docShell->SetDocLoaderObserver(this);
nsresult rv = nsServiceManager::GetService( kPrefCID,
NS_GET_IID(nsIPref),
getter_AddRefs(mPref));
// Set up stuff the first time the window loads:
docShell->GetCurrentURI(getter_AddRefs(mCurrentURI));
if (NS_FAILED(rv)) return rv;
NS_WITH_SERVICE(nsIStringBundleService, service, kCStringBundleServiceCID, &rv);
if (NS_FAILED(rv)) return rv;
nsILocale* locale = nsnull;
rv = service->CreateBundle(STRING_BUNDLE_URL, locale, getter_AddRefs(mStringBundle));
if (NS_FAILED(rv)) return rv;
}
}
return NS_OK;
return IsURLHTTPS(mCurrentURI, &mIsSecureDocument);
}
NS_IMETHODIMP
nsSecureBrowserUIImpl::DisplayPageInfoUI()
{
@ -156,61 +199,237 @@ nsSecureBrowserUIImpl::DisplayPageInfoUI()
NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &res);
if (NS_FAILED(res))
return res;
return psm->DisplaySecurityAdvisor(mLastPSMStatus, mHost);
nsXPIDLCString temp;
mCurrentURI->GetHost(getter_Copies(temp));
return psm->DisplaySecurityAdvisor(mLastPSMStatus, temp);
}
NS_IMETHODIMP
nsSecureBrowserUIImpl::OnStartDocumentLoad(nsIDocumentLoader* aLoader,
nsIURI* aURL,
const char* aCommand)
NS_IMETHODIMP
nsSecureBrowserUIImpl::Observe(nsISupports*, const PRUnichar*, const PRUnichar*)
{
nsresult res;
return NS_ERROR_NOT_IMPLEMENTED;
}
NS_IMETHODIMP
nsSecureBrowserUIImpl::Notify(nsIContent* formNode, nsIDOMWindow* window, nsIURI* actionURL)
{
// Return NS_OK unless we want to prevent this form from submitting.
if (!window || (mWindow.get() != window) || !actionURL) {
return NS_OK;
}
PRBool okayToPost;
nsresult res = CheckPost(actionURL, &okayToPost);
// Return NS_OK unless we want to prevent this form from submitting.
if (NS_SUCCEEDED(res) && okayToPost)
return NS_OK;
PR_FREEIF(mLastPSMStatus); mLastPSMStatus = nsnull;
PR_FREEIF(mHost); mHost = nsnull;
return NS_ERROR_FAILURE;
}
// nsIWebProgressListener
NS_IMETHODIMP
nsSecureBrowserUIImpl::OnProgressChange(nsIChannel* aChannel,
PRInt32 aCurSelfProgress,
PRInt32 aMaxSelfProgress,
PRInt32 aCurTotalProgress,
PRInt32 aMaxTotalProgress)
{
return NS_OK;
}
NS_IMETHODIMP
nsSecureBrowserUIImpl::OnChildProgressChange(nsIChannel* aChannel,
PRInt32 aCurSelfProgress,
PRInt32 aMaxSelfProgress)
{
return NS_OK;
}
NS_IMETHODIMP
nsSecureBrowserUIImpl::OnStatusChange(nsIChannel* aChannel,
PRInt32 aProgressStatusFlags)
{
nsresult res;
if (aChannel == nsnull || !mSecurityButton || !mPref)
return NS_ERROR_NULL_POINTER;
aURL->GetHost(&mHost);
nsCOMPtr<nsIURI> loadingURI;
aChannel->GetURI(getter_AddRefs(loadingURI));
#if defined(DEBUG)
nsXPIDLCString temp;
loadingURI->GetSpec(getter_Copies(temp));
PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI:%p: OnStatusChange: %x :%s\n", this, aProgressStatusFlags,(const char*)temp));
#endif
mIsSecureDocument = mMixContentAlertShown = mIsDocumentBroken = PR_FALSE;
if (!aURL || !aLoader || !mSecurityButton || !mPref)
return NS_ERROR_NULL_POINTER;
// lets call the old webshell observer.
if (mOldWebShellObserver)
if (aProgressStatusFlags & nsIWebProgress::flag_net_start)
{
res = mOldWebShellObserver->OnStartDocumentLoad(aLoader, aURL, aCommand);
if (NS_FAILED(res)) return res;
// starting to load a webpage
PR_FREEIF(mLastPSMStatus); mLastPSMStatus = nsnull;
mIsSecureDocument = mMixContentAlertShown = mIsDocumentBroken = PR_FALSE;
res = CheckProtocolContextSwitch( loadingURI, mCurrentURI);
}
else if ((aProgressStatusFlags & nsIWebProgress::flag_net_stop) && mIsSecureDocument)
{
if (!mIsDocumentBroken) // and status is okay FIX
{
// qi for the psm information about this channel load.
nsCOMPtr<nsISupports> info;
aChannel->GetSecurityInfo(getter_AddRefs(info));
nsCOMPtr<nsIPSMSocketInfo> psmInfo = do_QueryInterface(info);
if ( psmInfo )
{
// Everything looks okay. Lets stash the picked status.
PR_FREEIF(mLastPSMStatus);
res = psmInfo->GetPickledStatus(&mLastPSMStatus);
if (NS_SUCCEEDED(res))
{
PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI:%p: Icon set to lock\n", this));
res = mSecurityButton->SetAttribute( "level", nsString("high") );
}
}
}
else
{
PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI:%p: Icon set to broken\n", this));
mIsDocumentBroken = PR_TRUE;
res = mSecurityButton->SetAttribute( "level", nsString("broken") );
}
}
else // if (aProgressStatusFlags == nsIWebProgress::flag_net_redirecting)
{
res = NS_ERROR_NOT_IMPLEMENTED;
// xxx need to fix.
}
// Check to see if the URL that the current page was
// loaded by https://.
PRBool isOldSchemeSecure;
nsCOMPtr<nsIURI> uri;
res = GetURIFromDocumentLoader(aLoader, getter_AddRefs(uri));
return res;
}
NS_IMETHODIMP
nsSecureBrowserUIImpl::OnChildStatusChange(nsIChannel* aChannel, PRInt32 aProgressStatusFlags)
{
nsresult rv;
if (aChannel == nsnull || !mSecurityButton || !mPref)
return NS_ERROR_NULL_POINTER;
if (NS_FAILED(res))
return res;
nsCOMPtr<nsIURI> uri;
rv = aChannel->GetURI(getter_AddRefs(uri));
if (NS_FAILED(rv)) return rv;
#if defined(DEBUG)
nsXPIDLCString temp;
uri->GetSpec(getter_Copies(temp));
PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI:%p: OnChildStatusChange: %x :%s\n", this, aProgressStatusFlags,(const char*)temp));
#endif
// don't need to do anything more if the page is broken or not secure...
if (!mIsSecureDocument || mIsDocumentBroken)
return NS_OK;
if (aProgressStatusFlags & nsIWebProgress::flag_net_start)
{ // check to see if we are going to mix content.
return CheckMixedContext(uri);
}
if (aProgressStatusFlags & nsIWebProgress::flag_net_stop)
{
if (1) // FIX status from the flag...
{
nsCOMPtr<nsISupports> info;
aChannel->GetSecurityInfo(getter_AddRefs(info));
nsCOMPtr<nsIPSMSocketInfo> psmInfo = do_QueryInterface(info, &rv);
// qi for the psm information about this channel load.
if ( psmInfo )
{
return NS_OK;
}
}
PR_LOG(gSecureDocLog, PR_LOG_DEBUG, ("SecureUI:%p: OnChildStatusChange - Icon set to broken\n", this));
mSecurityButton->SetAttribute( "level", nsString("broken") );
mIsDocumentBroken = PR_TRUE;
}
return NS_OK;
}
NS_IMETHODIMP
nsSecureBrowserUIImpl::OnLocationChange(nsIURI* aLocation)
{
mCurrentURI = aLocation;
return NS_OK;
}
nsresult
nsSecureBrowserUIImpl::IsURLHTTPS(nsIURI* aURL, PRBool* value)
{
*value = PR_FALSE;
if (!aURL)
return NS_OK;
char* scheme;
aURL->GetScheme(&scheme);
if (scheme == nsnull)
return NS_ERROR_NULL_POINTER;
if ( PL_strncasecmp(scheme, "https", 5) == 0 )
*value = PR_TRUE;
// passing false means we only care about https
res = IsSecureUrl(PR_FALSE, uri, &isOldSchemeSecure);
nsAllocator::Free(scheme);
return NS_OK;
}
void nsSecureBrowserUIImpl::GetBundleString(const nsString& name, nsString &outString)
{
if (mStringBundle && name.Length() > 0)
{
PRUnichar *ptrv = nsnull;
if (NS_SUCCEEDED(mStringBundle->GetStringFromName(name.GetUnicode(), &ptrv)))
outString = ptrv;
else
outString = "";
nsAllocator::Free(ptrv);
}
else
{
outString = "";
}
}
nsresult
nsSecureBrowserUIImpl::CheckProtocolContextSwitch( nsIURI* newURI, nsIURI* oldURI)
{
nsresult res;
PRBool isNewSchemeSecure, isOldSchemeSecure, boolpref;
res = IsURLHTTPS(oldURI, &isOldSchemeSecure);
if (NS_FAILED(res))
return res;
res = IsURLHTTPS(newURI, &isNewSchemeSecure);
if (NS_FAILED(res))
return res;
// check to see if the new url to load is a
// secure url.
PRBool isNewSchemeSecure;
res = IsSecureUrl(PR_FALSE, aURL, &isNewSchemeSecure);
if (NS_FAILED(res))
return res;
PRBool boolpref;
// Check to see if we are going from a secure page to and insecure page
// Check to see if we are going from a secure page to and insecure page
if ( !isNewSchemeSecure && isOldSchemeSecure)
{
mSecurityButton->RemoveAttribute( "level" );
@ -282,122 +501,39 @@ nsSecureBrowserUIImpl::OnStartDocumentLoad(nsIDocumentLoader* aLoader,
psm->PassPrefs();
}
}
}
mIsSecureDocument = isNewSchemeSecure;
}
mIsSecureDocument = isNewSchemeSecure;
return NS_OK;
}
NS_IMETHODIMP
nsSecureBrowserUIImpl::OnEndDocumentLoad(nsIDocumentLoader* aLoader,
nsIChannel* channel,
nsresult aStatus)
nsresult
nsSecureBrowserUIImpl::CheckMixedContext(nsIURI* nextURI)
{
nsresult rv;
if (mOldWebShellObserver)
{
rv = mOldWebShellObserver->OnEndDocumentLoad(aLoader, channel, aStatus);
}
if (! mIsSecureDocument)
return rv;
if (!mSecurityButton || !channel || !mIsSecureDocument)
return NS_ERROR_NULL_POINTER;
// check for an error from the above OnEndDocumentLoad().
if (NS_FAILED(rv))
{
mIsDocumentBroken = PR_TRUE;
mSecurityButton->SetAttribute( "level", nsString("broken") );
return rv;
}
PRBool secure;
if (NS_SUCCEEDED(aStatus) && !mIsDocumentBroken)
{
// qi for the psm information about this channel load.
nsCOMPtr<nsISupports> info;
channel->GetSecurityInfo(getter_AddRefs(info));
nsCOMPtr<nsIPSMSocketInfo> psmInfo = do_QueryInterface(info, &rv);
if ( psmInfo )
{
// Everything looks okay. Lets stash the picked status.
PR_FREEIF(mLastPSMStatus);
rv = psmInfo->GetPickledStatus(&mLastPSMStatus);
if (NS_SUCCEEDED(rv))
{
return mSecurityButton->SetAttribute( "level", nsString("high") );
}
}
}
return mSecurityButton->SetAttribute( "level", nsString("broken") );
}
NS_IMETHODIMP
nsSecureBrowserUIImpl::OnStartURLLoad(nsIDocumentLoader* loader,
nsIChannel* channel)
{
nsresult rv;
if (mOldWebShellObserver)
{
rv = mOldWebShellObserver->OnStartURLLoad(loader, channel);
}
if (! mIsSecureDocument)
return rv;
if (!channel || !loader || !mSecurityButton)
return NS_ERROR_NULL_POINTER;
// check for an error from the above OnStartURLLoad().
if (NS_FAILED(rv))
{
mIsDocumentBroken = PR_TRUE;
mSecurityButton->SetAttribute( "level", nsString("broken") );
return rv;
}
// check to see if the URL that we are about to load
// is a secure. We do this by checking the scheme
PRBool secure;
nsCOMPtr<nsIURI> uri;
rv = channel->GetURI(getter_AddRefs(uri));
if (NS_FAILED(rv))
return rv;
rv = IsSecureUrl(PR_TRUE, uri, &secure);
nsresult rv = IsURLHTTPS(nextURI, &secure);
if (NS_FAILED(rv))
return rv;
if (!secure)
{
mIsDocumentBroken = PR_TRUE;
if (!secure && mIsSecureDocument)
{
mIsDocumentBroken = PR_TRUE;
mSecurityButton->SetAttribute( "level", nsString("broken") );
// if we were going to block unsecure links, this is where
// we would try to do it:
// nsCOMPtr<nsIURI> uri;
// channel->GetURI(getter_AddRefs(uri));
// uri->SetSpec("chrome://navigator/skin/insecureLink.gif"); //fix
nsresult res;
if (!mPref) return NS_ERROR_NULL_POINTER;
if (!mPref) return NS_ERROR_NULL_POINTER;
PRBool boolpref;
if ((mPref->GetBoolPref(MIXEDCONTENT_PREF, &boolpref) != 0))
boolpref = PR_TRUE;
if ((mPref->GetBoolPref(MIXEDCONTENT_PREF, &boolpref) != 0))
boolpref = PR_TRUE;
if (boolpref && !mMixContentAlertShown)
{
NS_WITH_SERVICE(nsICommonDialogs, dialog, kCommonDialogsCID, &res);
if (NS_FAILED(res))
return res;
if (boolpref && !mMixContentAlertShown)
{
NS_WITH_SERVICE(nsICommonDialogs, dialog, kCommonDialogsCID, &rv);
if (NS_FAILED(rv))
return rv;
nsAutoString windowTitle, message, dontShowAgain;
GetBundleString("Title", windowTitle);
@ -405,176 +541,79 @@ nsSecureBrowserUIImpl::OnStartURLLoad(nsIDocumentLoader* loader,
GetBundleString("DontShowAgain", dontShowAgain);
PRBool outCheckValue = PR_TRUE;
dialog->AlertCheck(mWindow,
windowTitle.GetUnicode(),
message.GetUnicode(),
dontShowAgain.GetUnicode(),
&outCheckValue);
if (!outCheckValue)
{
mPref->SetBoolPref(MIXEDCONTENT_PREF, PR_FALSE);
NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &res);
if (NS_FAILED(res))
return res;
NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &rv);
if (NS_FAILED(rv))
return rv;
psm->PassPrefs();
}
mMixContentAlertShown = PR_TRUE;
}
}
}
}
return NS_OK;
}
NS_IMETHODIMP
nsSecureBrowserUIImpl::OnProgressURLLoad(nsIDocumentLoader* loader,
nsIChannel* channel,
PRUint32 aProgress,
PRUint32 aProgressMax)
{
if (mOldWebShellObserver)
{
return mOldWebShellObserver->OnProgressURLLoad(loader, channel, aProgress, aProgressMax);
}
return NS_ERROR_FAILURE;
}
NS_IMETHODIMP
nsSecureBrowserUIImpl::OnStatusURLLoad(nsIDocumentLoader* loader,
nsIChannel* channel,
nsString& aMsg)
{
if (mOldWebShellObserver)
{
return mOldWebShellObserver->OnStatusURLLoad(loader, channel, aMsg);
}
return NS_ERROR_FAILURE;
}
NS_IMETHODIMP
nsSecureBrowserUIImpl::OnEndURLLoad(nsIDocumentLoader* loader,
nsIChannel* channel,
nsresult aStatus)
{
nsresult rv;
if (mOldWebShellObserver)
{
rv = mOldWebShellObserver->OnEndURLLoad(loader, channel, aStatus);
}
if (!mIsSecureDocument)
return rv;
if (!channel || !loader || !mSecurityButton)
return NS_ERROR_NULL_POINTER;
// check for an error from the above OnStartURLLoad().
if (NS_FAILED(rv))
{
mIsDocumentBroken = PR_TRUE;
mSecurityButton->SetAttribute( "level", nsString("broken") );
return rv;
}
if (NS_SUCCEEDED(aStatus) && !mIsDocumentBroken)
{
nsCOMPtr<nsISupports> info;
channel->GetSecurityInfo(getter_AddRefs(info));
nsCOMPtr<nsIPSMSocketInfo> psmInfo = do_QueryInterface(info, &rv);
// qi for the psm information about this channel load.
if ( psmInfo )
{
return NS_OK;
}
}
mSecurityButton->SetAttribute( "level", nsString("broken") );
mIsDocumentBroken = PR_TRUE;
return NS_OK;
}
// fileSecure flag determines if we should include file: and other local protocols.
nsresult
nsSecureBrowserUIImpl::IsSecureUrl(PRBool fileSecure, nsIURI* aURL, PRBool* value)
nsSecureBrowserUIImpl::CheckPost(nsIURI *actionURL, PRBool *okayToPost)
{
*value = PR_FALSE;
PRBool secure;
if (!aURL)
return NS_ERROR_NULL_POINTER;
nsresult rv = IsURLHTTPS(actionURL, &secure);
if (NS_FAILED(rv))
return rv;
if (!secure && mIsSecureDocument)
{
PRBool boolpref;
char* scheme;
aURL->GetScheme(&scheme);
// posting to a non https URL.
if ((mPref->GetBoolPref(INSECURE_SUBMIT_PREF, &boolpref) != 0))
boolpref = PR_TRUE;
if (boolpref)
{
NS_WITH_SERVICE(nsICommonDialogs, dialog, kCommonDialogsCID, &rv);
if (NS_FAILED(rv))
return rv;
if (scheme == nsnull)
return NS_ERROR_NULL_POINTER;
nsAutoString windowTitle, message, dontShowAgain;
GetBundleString("Title", windowTitle);
GetBundleString("PostToInsecure", message);
GetBundleString("DontShowAgain", dontShowAgain);
if ( (strncmp(scheme, "https", 5) == 0) ||
(fileSecure &&
(strncmp(scheme, "file", 4) == 0) ))
*value = PR_TRUE;
nsAllocator::Free(scheme);
return NS_OK;
PRBool outCheckValue = PR_TRUE;
dialog->ConfirmCheck(mWindow,
windowTitle.GetUnicode(),
message.GetUnicode(),
dontShowAgain.GetUnicode(),
&outCheckValue,
okayToPost);
if (!outCheckValue)
{
mPref->SetBoolPref(INSECURE_SUBMIT_PREF, PR_FALSE);
NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &rv);
if (NS_FAILED(rv))
return rv;
psm->PassPrefs();
}
}
}
return NS_OK;
}
nsresult
nsSecureBrowserUIImpl::GetURIFromDocumentLoader(nsIDocumentLoader* aLoader, nsIURI** uri)
{
nsresult rv;
if (aLoader == nsnull)
return NS_ERROR_NULL_POINTER;
nsCOMPtr<nsISupports> cont;
rv = aLoader->GetContainer(getter_AddRefs(cont));
if (NS_FAILED(rv) || (cont == nsnull))
return NS_ERROR_NULL_POINTER;
nsCOMPtr<nsIDocShell> docShell(do_QueryInterface(cont));
NS_ENSURE_TRUE(docShell, NS_ERROR_FAILURE);
nsCOMPtr<nsIContentViewer> cv;
rv = docShell->GetContentViewer(getter_AddRefs(cv));
if (NS_FAILED(rv) || (cv == nsnull))
return NS_ERROR_NULL_POINTER;
nsCOMPtr<nsIDocumentViewer> docViewer(do_QueryInterface(cv));
NS_ENSURE_TRUE(docViewer, NS_ERROR_FAILURE);
nsCOMPtr<nsIDocument> doc;
rv = docViewer->GetDocument(*getter_AddRefs(doc));
if (NS_FAILED(rv) || (doc == nsnull))
return NS_ERROR_NULL_POINTER;
*uri = doc->GetDocumentURL();
if (!*uri)
return NS_ERROR_NULL_POINTER;
return NS_OK;
}
void nsSecureBrowserUIImpl::GetBundleString(const nsString& name, nsString &outString)
{
if (mStringBundle && name.Length() > 0)
{
PRUnichar *ptrv = nsnull;
if (NS_SUCCEEDED(mStringBundle->GetStringFromName(name.GetUnicode(), &ptrv)))
outString = ptrv;
else
outString = "";
nsAllocator::Free(ptrv);
}
else
{
outString = "";
}
}

26
extensions/psm-glue/src/nsSecureBrowserUIImpl.h
Просмотреть файл

@ -36,6 +36,9 @@
#include "nsISecureBrowserUI.h"
#include "nsIDocShell.h"
#include "nsIPref.h"
#include "nsIWebProgressListener.h"
#include "nsIFormSubmitObserver.h"
#include "nsIURI.h"
#define NS_SECURE_BROWSER_DOCOBSERVER_CLASSNAME "Mozilla Secure Browser Doc Observer"
@ -46,7 +49,10 @@
#define NS_SECURE_BROWSER_DOCOBSERVER_PROGID "component://netscape/secure_browser_docobserver"
class nsSecureBrowserUIImpl : public nsIDocumentLoaderObserver, public nsSecureBrowserUI
class nsSecureBrowserUIImpl : public nsSecureBrowserUI,
public nsIWebProgressListener,
public nsIFormSubmitObserver,
public nsIObserver
{
public:
@ -56,11 +62,13 @@ public:
static NS_METHOD Create(nsISupports *aOuter, REFNSIID aIID, void **aResult);
NS_DECL_ISUPPORTS
NS_DECL_NSIDOCUMENTLOADEROBSERVER
NS_DECL_NSIWEBPROGRESSLISTENER
NS_DECL_NSSECUREBROWSERUI
static nsresult IsSecureUrl(PRBool fileSecure, nsIURI* aURL, PRBool *value);
static nsresult GetURIFromDocumentLoader(nsIDocumentLoader* aLoader, nsIURI** uri);
// nsIObserver
NS_DECL_NSIOBSERVER
NS_IMETHOD Notify(nsIContent* formNode, nsIDOMWindow* window, nsIURI *actionURL);
protected:
@ -69,16 +77,22 @@ protected:
nsCOMPtr<nsIDocumentLoaderObserver> mOldWebShellObserver;
nsCOMPtr<nsIPref> mPref;
nsCOMPtr<nsIStringBundle> mStringBundle;
nsCOMPtr<nsIURI> mCurrentURI;
PRBool mIsSecureDocument; // is https loaded
PRBool mIsDocumentBroken; //
PRBool mMixContentAlertShown;
char* mLastPSMStatus;
char* mHost;
void GetBundleString(const nsString& name, nsString &outString);
nsresult CheckProtocolContextSwitch( nsIURI* newURI, nsIURI* oldURI);
nsresult CheckMixedContext(nsIURI* nextURI);
nsresult CheckPost(nsIURI *actionURL, PRBool *okayToPost);
nsresult IsURLHTTPS(nsIURI* aURL, PRBool *value);
};