releases-comm-central/suite/common/certError.xhtml

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE html [
<!ENTITY % brandDTD SYSTEM "chrome://branding/locale/brand.dtd" >
  %brandDTD;
  <!ENTITY % htmlDTD
    PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "DTD/xhtml1-strict.dtd">
  %htmlDTD;
  <!ENTITY % netErrorDTD SYSTEM "chrome://global/locale/netError.dtd">
  %netErrorDTD;
  <!ENTITY % globalDTD
    SYSTEM "chrome://global/locale/global.dtd">
  %globalDTD;
  <!ENTITY % certerrorDTD
    SYSTEM "chrome://communicator/locale/certError.dtd">
  %certerrorDTD;
]>

<!-- ***** BEGIN LICENSE BLOCK *****
   - Version: MPL 1.1/GPL 2.0/LGPL 2.1
   -
   - The contents of this file are subject to the Mozilla Public License Version
   - 1.1 (the "License"); you may not use this file except in compliance with
   - the License. You may obtain a copy of the License at
   - http://www.mozilla.org/MPL/
   -
   - Software distributed under the License is distributed on an "AS IS" basis,
   - WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
   - for the specific language governing rights and limitations under the
   - License.
   -
   - The Original Code is netError.xhtml.
   -
   - The Initial Developer of the Original Code is
   - Netscape Communications Corporation.
   - Portions created by the Initial Developer are Copyright (C) 1998
   - the Initial Developer. All Rights Reserved.
   -
   - Contributor(s):
   -   Adam Lock <adamlock@netscape.com>
   -   William R. Price <wrprice@alumni.rice.edu>
   -   Henrik Skupin <mozilla@hskupin.info>
   -   Jeff Walden <jwalden+code@mit.edu>
   -   Johnathan Nightingale <johnath@mozilla.com>
   -   Ehsan Akhgari <ehsan.akhgari@gmail.com>
   -
   - Alternatively, the contents of this file may be used under the terms of
   - either the GNU General Public License Version 2 or later (the "GPL"), or
   - the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
   - in which case the provisions of the GPL or the LGPL are applicable instead
   - of those above. If you wish to allow use of your version of this file only
   - under the terms of either the GPL or the LGPL, and not to allow others to
   - use your version of this file under the terms of the MPL, indicate your
   - decision by deleting the provisions above and replace them with the notice
   - and other provisions required by the LGPL or the GPL. If you do not delete
   - the provisions above, a recipient may use your version of this file under
   - the terms of any one of the MPL, the GPL or the LGPL.
   -
   - ***** END LICENSE BLOCK ***** -->
<html xmlns="http://www.w3.org/1999/xhtml">
  <head>
    <title>&certerror.pagetitle;</title>
    <link rel="stylesheet" href="chrome://communicator/skin/certError.css" type="text/css" media="all" />
    <link rel="icon" type="image/png" id="favicon" href="chrome://global/skin/icons/warning-16.png"/>

    <script type="application/x-javascript"><![CDATA[
      // Error url MUST be formatted like this:
      //   about:certerror?e=error&u=url&d=desc

      // Note that this file uses document.documentURI to get
      // the URL (with the format from above). This is because
      // document.location.href gets the current URI off the docshell,
      // which is the URL displayed in the location bar, i.e.
      // the URI that the user attempted to load.

      function getCSSClass()
      {
        var url = document.documentURI;
        var matches = url.match(/s\=([^&]+)\&/);
        // s is optional, if no match just return nothing
        if (!matches || matches.length < 2)
          return "";

        // parenthetical match is the second entry
        return decodeURIComponent(matches[1]);
      }

      function getDescription()
      {
        var url = document.documentURI;
        var desc = url.search(/d\=/);

        // desc == -1 if not found; if so, return an empty string
        // instead of what would turn out to be portions of the URI
        if (desc == -1)
          return "";

        return decodeURIComponent(url.slice(desc + 2));
      }

      function initPage()
      {
        var intro = document.getElementById('introContentP1');
        var node = document.evaluate('//text()[string()="#1"]', intro, null,
                                     XPathResult.ANY_UNORDERED_NODE_TYPE,
                                     null).singleNodeValue;
        if (node)
          node.textContent = location.host;

        if (getCSSClass() == "expertBadCert") {
          toggle('technicalContent');
          toggle('expertContent');
        }

        // Rather than textContent, we need to treat description as HTML
        var sd = document.getElementById("technicalContentText");
        if (!sd)
          return;

        var desc = getDescription();

        // sanitize description text - see bug 441169

        // First, find the index of the <a> tag we care about, being careful not to
        // use an over-greedy regex
        var re = /<a id="cert_domain_link" title="([^"]+)">/;
        var result = re.exec(desc);
        if (!result) {
          sd.textContent = desc;
          return;
        }

        var okHost = result[1];
        sd.textContent = desc.slice(0, result.index);

        // Now create the link itself
        var link = document.createElement("a");
        link.setAttribute("id", "cert_domain_link");
        link.setAttribute("title", okHost);
        link.appendChild(document.createTextNode(okHost));
        sd.appendChild(link);

        // Finally, append text for anything after the closing </a>
        sd.appendChild(document.createTextNode(desc.slice(desc.indexOf("</a>") + "</a>".length)));

        var thisHost = document.location.hostname;
        var proto = document.location.protocol;

        // If okHost is a wildcard domain ("*.example.com") let's
        // use "www" instead.  "*.example.com" isn't going to
        // get anyone anywhere useful. bug 432491
        okHost = okHost.replace(/^\*\./, "www.");

        /* case #1:
         * example.com uses an invalid security certificate.
         *
         * The certificate is only valid for www.example.com
         *
         * Make sure to include the "." ahead of thisHost so that
         * a MitM attack on paypal.com doesn't hyperlink to "notpaypal.com"
         *
         * We'd normally just use a RegExp here except that we lack a
         * library function to escape them properly (bug 248062), and
         * domain names are famous for having '.' characters in them,
         * which would allow spurious and possibly hostile matches.
         */
        if (endsWith(okHost, "." + thisHost))
          link.href = proto + "//" + okHost;

        /* case #2:
         * browser.garage.maemo.org uses an invalid security certificate.
         *
         * The certificate is only valid for garage.maemo.org
         */
        if (endsWith(thisHost, "." + okHost))
          link.href = proto + "//" + okHost;

        // If we set a link, meaning there's something helpful for
        // the user here, expand the section by default
        if (link.href && getCSSClass() != "expertBadCert")
          toggle("technicalContent");
      }

      function endsWith(haystack, needle) {
        return haystack.slice(-needle.length) == needle;
      }

      function toggle(id) {
        var el = document.getElementById(id);
        if (el.hasAttribute("collapsed"))
          el.removeAttribute("collapsed");
        else
          el.setAttribute("collapsed", true);
      }
    ]]></script>
  </head>

  <body dir="&locale.dir;">

    <!-- PAGE CONTAINER (for styling purposes only) -->
    <div id="errorPageContainer">

      <!-- Error Title -->
      <div id="errorTitle">
        <h1 id="errorTitleText">&certerror.longpagetitle;</h1>
      </div>

      <!-- LONG CONTENT (the section most likely to require scrolling) -->
      <div id="errorLongContent">
        <div id="introContent">
          <p id="introContentP1">&certerror.introPara1;</p>
          <p>&certerror.introPara2;</p>
        </div>

        <div id="whatShouldIDoContent">
          <h2>&certerror.whatShouldIDo.heading;</h2>
          <div id="whatShouldIDoContentText">
            <p>&certerror.whatShouldIDo.content;</p>
            <xul:button xmlns:xul='http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul' id='getMeOutOfHereButton' label='&certerror.getMeOutOfHere.label;'/>
          </div>
        </div>

        <!-- The following sections can be unhidden by default by setting the
             "browser.xul.error_pages.expert_bad_cert" pref to true -->
        <div id="technicalContent" collapsed="true">
          <h2 onclick="toggle('technicalContent');" id="technicalContentHeading">&certerror.technical.heading;</h2>
          <p id="technicalContentText"/>
        </div>

        <div id="expertContent" collapsed="true">
          <h2 onclick="toggle('expertContent');" id="expertContentHeading">&certerror.expert.heading;</h2>
          <div>
            <p>&certerror.expert.content;</p>
            <p>&certerror.expert.contentPara2;</p>
            <xul:button xmlns:xul='http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul' id='exceptionDialogButton' label='&certerror.addException.label;'/>
          </div>
        </div>
      </div>
    </div>

    <!--
    - Note: It is important to run the script this way, instead of using
    - an onload handler. This is because error pages are loaded as
    - LOAD_BACKGROUND, which means that onload handlers will not be executed.
    -->
    <script type="application/x-javascript">initPage();</script>

  </body>
</html>