diff --git a/b2g/locales/en-US/chrome/overrides/appstrings.properties b/b2g/locales/en-US/chrome/overrides/appstrings.properties index 805a725527f..e212f77c808 100644 --- a/b2g/locales/en-US/chrome/overrides/appstrings.properties +++ b/b2g/locales/en-US/chrome/overrides/appstrings.properties @@ -30,6 +30,7 @@ externalProtocolUnknown= externalProtocolChkMsg=Remember my choice for all links of this type. externalProtocolLaunchBtn=Launch application malwareBlocked=The site at %S has been reported as an attack site and has been blocked based on your security preferences. +unwantedBlocked=The site at %S has been reported as serving unwanted software and has been blocked based on your security preferences. phishingBlocked=The website at %S has been reported as a web forgery designed to trick users into sharing personal or financial information. cspBlocked=This page has a content security policy that prevents it from being loaded in this way. corruptedContentError=The page you are trying to view cannot be shown because an error in the data transmission was detected. diff --git a/browser/base/content/aboutNetError.xhtml b/browser/base/content/aboutNetError.xhtml index 5a7bd1879b1..c2eb60e103d 100644 --- a/browser/base/content/aboutNetError.xhtml +++ b/browser/base/content/aboutNetError.xhtml @@ -374,6 +374,7 @@

&nssFailure2.title;

&nssBadCert.title;

&malwareBlocked.title;

+

&unwantedBlocked.title;

&cspBlocked.title;

&remoteXUL.title;

&corruptedContentError.title;

@@ -401,6 +402,7 @@
&nssFailure2.longDesc2;
&nssBadCert.longDesc2;
&malwareBlocked.longDesc;
+
&unwantedBlocked.longDesc;
&cspBlocked.longDesc;
&remoteXUL.longDesc;
&corruptedContentError.longDesc;
diff --git a/browser/base/content/blockedSite.xhtml b/browser/base/content/blockedSite.xhtml index 99c495000d6..27810a408aa 100644 --- a/browser/base/content/blockedSite.xhtml +++ b/browser/base/content/blockedSite.xhtml @@ -79,6 +79,9 @@ case "phishingBlocked" : initPage_phishing(); break; + case "unwantedBlocked" : + initPage_unwanted(); + break; } } @@ -87,7 +90,7 @@ */ function initPage_malware() { - // Remove phishing strings + // Remove phishing and unwanted strings var el = document.getElementById("errorTitleText_phishing"); el.parentNode.removeChild(el); @@ -97,18 +100,57 @@ el = document.getElementById("errorLongDescText_phishing"); el.parentNode.removeChild(el); + el = document.getElementById("errorTitleText_unwanted"); + el.parentNode.removeChild(el); + + el = document.getElementById("errorShortDescText_unwanted"); + el.parentNode.removeChild(el); + + el = document.getElementById("errorLongDescText_unwanted"); + el.parentNode.removeChild(el); + // Set sitename document.getElementById("malware_sitename").textContent = getHostString(); document.title = document.getElementById("errorTitleText_malware") .innerHTML; } + /** + * Initialize custom strings and functionality for blocked malware case + */ + function initPage_unwanted() + { + // Remove phishing and malware strings + var el = document.getElementById("errorTitleText_phishing"); + el.parentNode.removeChild(el); + + el = document.getElementById("errorShortDescText_phishing"); + el.parentNode.removeChild(el); + + el = document.getElementById("errorLongDescText_phishing"); + el.parentNode.removeChild(el); + + el = document.getElementById("errorTitleText_malware"); + el.parentNode.removeChild(el); + + el = document.getElementById("errorShortDescText_malware"); + el.parentNode.removeChild(el); + + el = document.getElementById("errorLongDescText_malware"); + el.parentNode.removeChild(el); + + // Set sitename + document.getElementById("unwanted_sitename").textContent = getHostString(); + document.title = document.getElementById("errorTitleText_unwanted") + .innerHTML; + } + /** * Initialize custom strings and functionality for blocked phishing case */ function initPage_phishing() { - // Remove malware strings + // Remove malware and unwanted strings var el = document.getElementById("errorTitleText_malware"); el.parentNode.removeChild(el); @@ -118,6 +160,15 @@ el = document.getElementById("errorLongDescText_malware"); el.parentNode.removeChild(el); + el = document.getElementById("errorTitleText_unwanted"); + el.parentNode.removeChild(el); + + el = document.getElementById("errorShortDescText_unwanted"); + el.parentNode.removeChild(el); + + el = document.getElementById("errorLongDescText_unwanted"); + el.parentNode.removeChild(el); + // Set sitename document.getElementById("phishing_sitename").textContent = getHostString(); document.title = document.getElementById("errorTitleText_phishing") @@ -161,6 +212,7 @@

&safeb.blocked.phishingPage.title;

&safeb.blocked.malwarePage.title;

+

&safeb.blocked.unwantedPage.title;

@@ -169,12 +221,14 @@

&safeb.blocked.phishingPage.shortDesc;

&safeb.blocked.malwarePage.shortDesc;

+

&safeb.blocked.unwantedPage.shortDesc;

&safeb.blocked.phishingPage.longDesc;

&safeb.blocked.malwarePage.longDesc;

+

&safeb.blocked.unwantedPage.longDesc;

diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index 79e0a0b3d8c..dc61724d052 100644 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -2659,7 +2659,7 @@ let BrowserOnClick = { msg.data.sslStatusAsString); break; case "Browser:SiteBlockedError": - this.onAboutBlocked(msg.data.elementId, msg.data.isMalware, + this.onAboutBlocked(msg.data.elementId, msg.data.reason, msg.data.isTopFrame, msg.data.location); break; case "Browser:EnableOnlineMode": @@ -2843,10 +2843,15 @@ let BrowserOnClick = { } }, - onAboutBlocked: function (elementId, isMalware, isTopFrame, location) { - // Depending on what page we are displaying here (malware/phishing) + onAboutBlocked: function (elementId, reason, isTopFrame, location) { + // Depending on what page we are displaying here (malware/phishing/unwanted) // use the right strings and links for each. - let bucketName = isMalware ? "WARNING_MALWARE_PAGE_":"WARNING_PHISHING_PAGE_"; + let bucketName = "WARNING_PHISHING_PAGE_"; + if (reason === 'malware') { + bucketName = "WARNING_MALWARE_PAGE_"; + } else if (reason === 'unwanted') { + bucketName = "WARNING_UNWANTED_PAGE_"; + } let secHistogram = Services.telemetry.getHistogramById("SECURITY_UI"); let nsISecTel = Ci.nsISecurityUITelemetry; bucketName += isTopFrame ? "TOP_" : "FRAME_"; @@ -2857,33 +2862,19 @@ let BrowserOnClick = { break; case "reportButton": - // This is the "Why is this site blocked" button. For malware, - // we can fetch a site-specific report, for phishing, we redirect - // to the generic page describing phishing protection. + // This is the "Why is this site blocked" button. We redirect + // to the generic page describing phishing/malware protection. - // We log even if malware/phishing info URL couldn't be found: + // We log even if malware/phishing/unwanted info URL couldn't be found: // the measurement is for how many users clicked the WHY BLOCKED button secHistogram.add(nsISecTel[bucketName + "WHY_BLOCKED"]); - if (isMalware) { - // Get the stop badware "why is this blocked" report url, - // append the current url, and go there. - try { - let reportURL = formatURL("browser.safebrowsing.malware.reportURL", true); - reportURL += location; - gBrowser.loadURI(reportURL); - } catch (e) { - Components.utils.reportError("Couldn't get malware report URL: " + e); - } - } - else { // It's a phishing site, not malware - openHelpLink("phishing-malware", false, "current"); - } + openHelpLink("phishing-malware", false, "current"); break; case "ignoreWarningButton": secHistogram.add(nsISecTel[bucketName + "IGNORE_WARNING"]); - this.ignoreWarningButton(isMalware); + this.ignoreWarningButton(reason); break; } }, @@ -2910,7 +2901,7 @@ let BrowserOnClick = { } }, - ignoreWarningButton: function (isMalware) { + ignoreWarningButton: function (reason) { // Allow users to override and continue through to the site, // but add a notify bar as a reminder, so that they don't lose // track after, e.g., tab switching. @@ -2929,7 +2920,7 @@ let BrowserOnClick = { }]; let title; - if (isMalware) { + if (reason === 'malware') { title = gNavigatorBundle.getString("safebrowsing.reportedAttackSite"); buttons[1] = { label: gNavigatorBundle.getString("safebrowsing.notAnAttackButton.label"), @@ -2938,7 +2929,7 @@ let BrowserOnClick = { openUILinkIn(gSafeBrowsing.getReportURL('MalwareError'), 'tab'); } }; - } else { + } else if (reason === 'phishing') { title = gNavigatorBundle.getString("safebrowsing.reportedWebForgery"); buttons[1] = { label: gNavigatorBundle.getString("safebrowsing.notAForgeryButton.label"), @@ -2947,6 +2938,10 @@ let BrowserOnClick = { openUILinkIn(gSafeBrowsing.getReportURL('Error'), 'tab'); } }; + } else if (reason === 'unwanted') { + title = gNavigatorBundle.getString("safebrowsing.reportedUnwantedSite"); + // There is no button for reporting errors since Google doesn't currently + // provide a URL endpoint for these reports. } let notificationBox = gBrowser.getNotificationBox(); diff --git a/browser/base/content/content.js b/browser/base/content/content.js index 85b27c5c03d..12bfb5a6371 100644 --- a/browser/base/content/content.js +++ b/browser/base/content/content.js @@ -384,9 +384,15 @@ let ClickEventHandler = { }, onAboutBlocked: function (targetElement, ownerDoc) { + var reason = 'phishing'; + if (/e=malwareBlocked/.test(ownerDoc.documentURI)) { + reason = 'malware'; + } else if (/e=unwantedBlocked/.test(ownerDoc.documentURI)) { + reason = 'unwanted'; + } sendAsyncMessage("Browser:SiteBlockedError", { location: ownerDoc.location.href, - isMalware: /e=malwareBlocked/.test(ownerDoc.documentURI), + reason: reason, elementId: targetElement.getAttribute("id"), isTopFrame: (ownerDoc.defaultView.parent === ownerDoc.defaultView) }); diff --git a/browser/components/safebrowsing/content/test/browser_bug400731.js b/browser/components/safebrowsing/content/test/browser_bug400731.js index ca73c44f5a3..f6b9505e3c1 100644 --- a/browser/components/safebrowsing/content/test/browser_bug400731.js +++ b/browser/components/safebrowsing/content/test/browser_bug400731.js @@ -34,6 +34,25 @@ function testMalware(event) { var style = content.getComputedStyle(el, null); is(style.display, "inline-block", "Ignore Warning button should be display:inline-block for malware"); + // Now launch the unwanted software test + window.addEventListener("DOMContentLoaded", testUnwanted, true); + content.location = "http://www.itisatrap.org/firefox/unwanted.html"; +} + +function testUnwanted(event) { + if (event.target != gBrowser.selectedBrowser.contentDocument) { + return; + } + + window.removeEventListener("DOMContentLoaded", testUnwanted, true); + + // Confirm that "Ignore this warning" is visible - bug 422410 + var el = content.document.getElementById("ignoreWarningButton"); + ok(el, "Ignore warning button should be present for unwanted software"); + + var style = content.getComputedStyle(el, null); + is(style.display, "inline-block", "Ignore Warning button should be display:inline-block for unwanted software"); + // Now launch the phishing test window.addEventListener("DOMContentLoaded", testPhishing, true); content.location = "http://www.itisatrap.org/firefox/its-a-trap.html"; diff --git a/browser/components/safebrowsing/content/test/head.js b/browser/components/safebrowsing/content/test/head.js index 886eff5ab24..6ba54773915 100644 --- a/browser/components/safebrowsing/content/test/head.js +++ b/browser/components/safebrowsing/content/test/head.js @@ -1,5 +1,5 @@ // Force SafeBrowsing to be initialized for the tests -Services.prefs.setCharPref("urlclassifier.malwareTable", "test-malware-simple"); +Services.prefs.setCharPref("urlclassifier.malwareTable", "test-malware-simple,test-unwanted-simple"); Services.prefs.setCharPref("urlclassifier.phishTable", "test-phish-simple"); SafeBrowsing.init(); diff --git a/browser/locales/en-US/chrome/browser/browser.properties b/browser/locales/en-US/chrome/browser/browser.properties index 6d872848f0b..49115bdb68d 100644 --- a/browser/locales/en-US/chrome/browser/browser.properties +++ b/browser/locales/en-US/chrome/browser/browser.properties @@ -398,6 +398,7 @@ safebrowsing.notAForgeryButton.accessKey=F safebrowsing.reportedAttackSite=Reported Attack Site! safebrowsing.notAnAttackButton.label=This isn't an attack siteā€¦ safebrowsing.notAnAttackButton.accessKey=A +safebrowsing.reportedUnwantedSite=Reported Unwanted Software Site! # Ctrl-Tab # LOCALIZATION NOTE (ctrlTab.listAllTabs.label): #1 represents the number diff --git a/browser/locales/en-US/chrome/browser/safebrowsing/phishing-afterload-warning-message.dtd b/browser/locales/en-US/chrome/browser/safebrowsing/phishing-afterload-warning-message.dtd index eb8b71dc778..aa970502c63 100644 --- a/browser/locales/en-US/chrome/browser/safebrowsing/phishing-afterload-warning-message.dtd +++ b/browser/locales/en-US/chrome/browser/safebrowsing/phishing-afterload-warning-message.dtd @@ -12,6 +12,11 @@ has been reported as an attack page and has been blocked based on your security preferences."> Attack pages try to install programs that steal private information, use your computer to attack others, or damage your system.

Some attack pages intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners.

"> + + + has been reported to contain unwanted software and has been blocked based on your security preferences."> +Unwanted software pages try to install software that can be deceptive and affect your system in unexpected ways.

"> + has been reported as a web forgery and has been blocked based on your security preferences."> diff --git a/browser/locales/en-US/chrome/overrides/appstrings.properties b/browser/locales/en-US/chrome/overrides/appstrings.properties index 14fad72c0c2..7ed699dcf0f 100644 --- a/browser/locales/en-US/chrome/overrides/appstrings.properties +++ b/browser/locales/en-US/chrome/overrides/appstrings.properties @@ -30,6 +30,7 @@ externalProtocolUnknown= externalProtocolChkMsg=Remember my choice for all links of this type. externalProtocolLaunchBtn=Launch application malwareBlocked=The site at %S has been reported as an attack site and has been blocked based on your security preferences. +unwantedBlocked=The site at %S has been reported as serving unwanted software and has been blocked based on your security preferences. phishingBlocked=The website at %S has been reported as a web forgery designed to trick users into sharing personal or financial information. cspBlocked=This page has a content security policy that prevents it from being loaded in this way. corruptedContentError=The page you are trying to view cannot be shown because an error in the data transmission was detected. diff --git a/browser/locales/en-US/chrome/overrides/netError.dtd b/browser/locales/en-US/chrome/overrides/netError.dtd index 78b32f0be69..e965b78338f 100644 --- a/browser/locales/en-US/chrome/overrides/netError.dtd +++ b/browser/locales/en-US/chrome/overrides/netError.dtd @@ -164,6 +164,11 @@ be temporary, and you can try again later.

Website owners who believe their site has been reported as an attack site in error may request a review.

"> + +Unwanted software pages try to install software that can be deceptive and affect your system in unexpected ways.

+"> + Entering any personal information on this page may result in identity theft or other fraud.

diff --git a/browser/metro/base/content/contenthandlers/Content.js b/browser/metro/base/content/contenthandlers/Content.js index 5eb7d4259c2..ef2bf127f64 100644 --- a/browser/metro/base/content/contenthandlers/Content.js +++ b/browser/metro/base/content/contenthandlers/Content.js @@ -341,20 +341,15 @@ let Content = { } } else if (/^about:blocked/.test(errorDoc.documentURI)) { // The event came from a button on a malware/phishing block page - // First check whether it's malware or phishing, so that we can - // use the right strings/links. - let isMalware = /e=malwareBlocked/.test(errorDoc.documentURI); if (ot == errorDoc.getElementById("getMeOutButton")) { sendAsyncMessage("Browser:BlockedSite", { url: errorDoc.location.href, action: "leave" }); } else if (ot == errorDoc.getElementById("reportButton")) { - // This is the "Why is this site blocked" button. For malware, - // we can fetch a site-specific report, for phishing, we redirect - // to the generic page describing phishing protection. - let action = isMalware ? "report-malware" : "report-phishing"; + // This is the "Why is this site blocked" button. We redirect + // to the generic page describing phishing/malware protection. sendAsyncMessage("Browser:BlockedSite", - { url: errorDoc.location.href, action: action }); + { url: errorDoc.location.href, action: "report-phishing" }); } else if (ot == errorDoc.getElementById("ignoreWarningButton")) { // Allow users to override and continue through to the site, // but add a notify bar as a reminder, so that they don't lose diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 25621c30b19..ad11c018e77 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -5087,7 +5087,8 @@ nsDocShell::DisplayLoadError(nsresult aError, nsIURI* aURI, } } } else if (NS_ERROR_PHISHING_URI == aError || - NS_ERROR_MALWARE_URI == aError) { + NS_ERROR_MALWARE_URI == aError || + NS_ERROR_UNWANTED_URI == aError) { nsAutoCString host; aURI->GetHost(host); CopyUTF8toUTF16(host, formatStrs[0]); @@ -5106,14 +5107,19 @@ nsDocShell::DisplayLoadError(nsresult aError, nsIURI* aURI, error.AssignLiteral("phishingBlocked"); bucketId = IsFrame() ? nsISecurityUITelemetry::WARNING_PHISHING_PAGE_FRAME : nsISecurityUITelemetry::WARNING_PHISHING_PAGE_TOP; - } else { + } else if (NS_ERROR_MALWARE_URI == aError) { error.AssignLiteral("malwareBlocked"); bucketId = IsFrame() ? nsISecurityUITelemetry::WARNING_MALWARE_PAGE_FRAME : nsISecurityUITelemetry::WARNING_MALWARE_PAGE_TOP; + } else { + error.AssignLiteral("unwantedBlocked"); + bucketId = IsFrame() ? nsISecurityUITelemetry::WARNING_UNWANTED_PAGE_FRAME + : nsISecurityUITelemetry::WARNING_UNWANTED_PAGE_TOP; } - if (errorPage.EqualsIgnoreCase("blocked")) + if (errorPage.EqualsIgnoreCase("blocked")) { Telemetry::Accumulate(Telemetry::SECURITY_UI, bucketId); + } cssClass.AssignLiteral("blacklist"); } else if (NS_ERROR_CONTENT_CRASHED == aError) { @@ -7824,6 +7830,7 @@ nsDocShell::EndPageLoad(nsIWebProgress* aProgress, aStatus == NS_ERROR_OFFLINE || aStatus == NS_ERROR_MALWARE_URI || aStatus == NS_ERROR_PHISHING_URI || + aStatus == NS_ERROR_UNWANTED_URI || aStatus == NS_ERROR_UNSAFE_CONTENT_TYPE || aStatus == NS_ERROR_REMOTE_XUL || aStatus == NS_ERROR_OFFLINE || diff --git a/docshell/resources/content/netError.xhtml b/docshell/resources/content/netError.xhtml index 98d1e72a3d9..9b9fe7a631e 100644 --- a/docshell/resources/content/netError.xhtml +++ b/docshell/resources/content/netError.xhtml @@ -291,6 +291,7 @@

&nssFailure2.title;

&nssBadCert.title;

&malwareBlocked.title;

+

&unwantedBlocked.title;

&cspBlocked.title;

&remoteXUL.title;

&corruptedContentError.title;

@@ -317,6 +318,7 @@
&nssFailure2.longDesc2;
&nssBadCert.longDesc2;
&malwareBlocked.longDesc;
+
&unwantedBlocked.longDesc;
&cspBlocked.longDesc;
&remoteXUL.longDesc;
&corruptedContentError.longDesc;
diff --git a/dom/browser-element/BrowserElementChildPreload.js b/dom/browser-element/BrowserElementChildPreload.js index d272235e855..5e2cdd868c3 100644 --- a/dom/browser-element/BrowserElementChildPreload.js +++ b/dom/browser-element/BrowserElementChildPreload.js @@ -1292,6 +1292,9 @@ BrowserElementChild.prototype = { case Cr.NS_ERROR_MALWARE_URI : sendAsyncMsg('error', { type: 'malwareBlocked' }); return; + case Cr.NS_ERROR_UNWANTED_URI : + sendAsyncMsg('error', { type: 'unwantedBlocked' }); + return; case Cr.NS_ERROR_OFFLINE : sendAsyncMsg('error', { type: 'offline' }); diff --git a/dom/locales/en-US/chrome/appstrings.properties b/dom/locales/en-US/chrome/appstrings.properties index 3ee5ee7006f..f5924d53d1c 100644 --- a/dom/locales/en-US/chrome/appstrings.properties +++ b/dom/locales/en-US/chrome/appstrings.properties @@ -29,6 +29,7 @@ externalProtocolUnknown= externalProtocolChkMsg=Remember my choice for all links of this type. externalProtocolLaunchBtn=Launch application malwareBlocked=The site at %S has been reported as an attack site and has been blocked based on your security preferences. +unwantedBlocked=The site at %S has been reported as serving unwanted software and has been blocked based on your security preferences. phishingBlocked=The website at %S has been reported as a web forgery designed to trick users into sharing personal or financial information. cspBlocked=This page has a content security policy that prevents it from being loaded in this way. corruptedContentError=The page you are trying to view cannot be shown because an error in the data transmission was detected. diff --git a/dom/locales/en-US/chrome/netError.dtd b/dom/locales/en-US/chrome/netError.dtd index 533af480039..b5335057902 100644 --- a/dom/locales/en-US/chrome/netError.dtd +++ b/dom/locales/en-US/chrome/netError.dtd @@ -81,6 +81,11 @@

Website owners who believe their site has been reported as an attack site in error may request a review.

"> + +Unwanted software pages try to install software that can be deceptive and affect your system in unexpected ways.

+"> + Entering any personal information on this page may result in identity theft or other fraud.

diff --git a/mobile/android/chrome/content/blockedSite.xhtml b/mobile/android/chrome/content/blockedSite.xhtml index ec0ce1685c2..9392589e217 100644 --- a/mobile/android/chrome/content/blockedSite.xhtml +++ b/mobile/android/chrome/content/blockedSite.xhtml @@ -80,6 +80,9 @@ case "phishingBlocked" : initPage_phishing(); break; + case "unwantedBlocked" : + initPage_unwanted(); + break; } } @@ -88,15 +91,21 @@ */ function initPage_malware() { - // Remove phishing strings + // Remove phishing/unwanted strings var el = document.getElementById("errorTitleText_phishing"); el.parentNode.removeChild(el); + el = document.getElementById("errorTitleText_unwanted"); + el.parentNode.removeChild(el); el = document.getElementById("errorShortDescText_phishing"); el.parentNode.removeChild(el); + el = document.getElementById("errorShortDescText_unwanted"); + el.parentNode.removeChild(el); el = document.getElementById("errorLongDescText_phishing"); el.parentNode.removeChild(el); + el = document.getElementById("errorLongDescText_unwanted"); + el.parentNode.removeChild(el); // Set sitename document.getElementById("malware_sitename").textContent = getHostString(); @@ -109,19 +118,53 @@ */ function initPage_phishing() { - // Remove malware strings + // Remove malware/unwanted strings var el = document.getElementById("errorTitleText_malware"); el.parentNode.removeChild(el); + el = document.getElementById("errorTitleText_unwanted"); + el.parentNode.removeChild(el); el = document.getElementById("errorShortDescText_malware"); el.parentNode.removeChild(el); + el = document.getElementById("errorShortDescText_unwanted"); + el.parentNode.removeChild(el); el = document.getElementById("errorLongDescText_malware"); el.parentNode.removeChild(el); + el = document.getElementById("errorLongDescText_unwanted"); + el.parentNode.removeChild(el); document.title = document.getElementById("errorTitleText_phishing") .innerHTML; } + + /** + * Initialize custom strings and functionality for blocked unwanted + * software case + */ + function initPage_unwanted() + { + // Remove malware/phishing strings + var el = document.getElementById("errorTitleText_malware"); + el.parentNode.removeChild(el); + el = document.getElementById("errorTitleText_phishing"); + el.parentNode.removeChild(el); + + el = document.getElementById("errorShortDescText_malware"); + el.parentNode.removeChild(el); + el = document.getElementById("errorShortDescText_phishing"); + el.parentNode.removeChild(el); + + el = document.getElementById("errorLongDescText_malware"); + el.parentNode.removeChild(el); + el = document.getElementById("errorLongDescText_phishing"); + el.parentNode.removeChild(el); + + // Set sitename + document.getElementById("unwanted_sitename").textContent = getHostString(); + document.title = document.getElementById("errorTitleText_unwanted") + .innerHTML; + } ]]> @@ -133,6 +176,7 @@

&safeb.blocked.phishingPage.title2;

&safeb.blocked.malwarePage.title;

+

&safeb.blocked.unwantedPage.title;

@@ -141,12 +185,14 @@

&safeb.blocked.phishingPage.shortDesc2;

&safeb.blocked.malwarePage.shortDesc;

+

&safeb.blocked.unwantedPage.shortDesc;

&safeb.blocked.phishingPage.longDesc2;

&safeb.blocked.malwarePage.longDesc;

+

&safeb.blocked.unwantedPage.longDesc;

diff --git a/mobile/android/chrome/content/browser.js b/mobile/android/chrome/content/browser.js index f10f1eef76d..9b25baa176f 100644 --- a/mobile/android/chrome/content/browser.js +++ b/mobile/android/chrome/content/browser.js @@ -5547,10 +5547,14 @@ var ErrorPageEventHandler = { } } else if (errorDoc.documentURI.startsWith("about:blocked")) { // The event came from a button on a malware/phishing block page - // First check whether it's malware or phishing, so that we can - // use the right strings/links - let isMalware = errorDoc.documentURI.contains("e=malwareBlocked"); - let bucketName = isMalware ? "WARNING_MALWARE_PAGE_" : "WARNING_PHISHING_PAGE_"; + // First check whether it's malware, phishing or unwanted, so that we + // can use the right strings/links + let bucketName = "WARNING_PHISHING_PAGE_"; + if (errorDoc.documentURI.contains("e=malwareBlocked")) { + bucketName = "WARNING_MALWARE_PAGE_"; + } else if (errorDoc.documentURI.contains("e=unwantedBlocked")) { + bucketName = "WARNING_UNWANTED_PAGE_"; + } let nsISecTel = Ci.nsISecurityUITelemetry; let isIframe = (errorDoc.defaultView.parent === errorDoc.defaultView); bucketName += isIframe ? "TOP_" : "FRAME_"; @@ -5565,23 +5569,10 @@ var ErrorPageEventHandler = { // the measurement is for how many users clicked the WHY BLOCKED button Telemetry.addData("SECURITY_UI", nsISecTel[bucketName + "WHY_BLOCKED"]); - // This is the "Why is this site blocked" button. For malware, - // we can fetch a site-specific report, for phishing, we redirect - // to the generic page describing phishing protection. - if (isMalware) { - // Get the stop badware "why is this blocked" report url, append the current url, and go there. - try { - let reportURL = formatter.formatURLPref("browser.safebrowsing.malware.reportURL"); - reportURL += errorDoc.location.href; - BrowserApp.selectedBrowser.loadURI(reportURL); - } catch (e) { - Cu.reportError("Couldn't get malware report URL: " + e); - } - } else { - // It's a phishing site, just link to the generic information page - let url = Services.urlFormatter.formatURLPref("app.support.baseURL"); - BrowserApp.selectedBrowser.loadURI(url + "phishing-malware"); - } + // This is the "Why is this site blocked" button. We redirect + // to the generic page describing phishing/malware protection. + let url = Services.urlFormatter.formatURLPref("app.support.baseURL"); + BrowserApp.selectedBrowser.loadURI(url + "phishing-malware"); } else if (target == errorDoc.getElementById("ignoreWarningButton")) { Telemetry.addData("SECURITY_UI", nsISecTel[bucketName + "IGNORE_WARNING"]); diff --git a/mobile/android/locales/en-US/chrome/phishing.dtd b/mobile/android/locales/en-US/chrome/phishing.dtd index 42e9af98b7a..c1c1e6ed1d7 100644 --- a/mobile/android/locales/en-US/chrome/phishing.dtd +++ b/mobile/android/locales/en-US/chrome/phishing.dtd @@ -15,3 +15,8 @@ These types of web forgeries are used in scams known as phishing attacks, in which fraudulent web pages and emails are used to imitate sources you may trust.

"> + + + + has been reported to contain unwanted software and has been blocked based on your security preferences."> + diff --git a/mobile/locales/en-US/overrides/appstrings.properties b/mobile/locales/en-US/overrides/appstrings.properties index 805a725527f..e4d2ecce430 100644 --- a/mobile/locales/en-US/overrides/appstrings.properties +++ b/mobile/locales/en-US/overrides/appstrings.properties @@ -31,6 +31,7 @@ externalProtocolChkMsg=Remember my choice for all links of this type. externalProtocolLaunchBtn=Launch application malwareBlocked=The site at %S has been reported as an attack site and has been blocked based on your security preferences. phishingBlocked=The website at %S has been reported as a web forgery designed to trick users into sharing personal or financial information. +unwantedBlocked=The site at %S has been reported as serving unwanted software and has been blocked based on your security preferences. cspBlocked=This page has a content security policy that prevents it from being loaded in this way. corruptedContentError=The page you are trying to view cannot be shown because an error in the data transmission was detected. remoteXUL=This page uses an unsupported technology that is no longer available by default in Firefox. diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js index 77caa0d18a1..0921383ac5b 100644 --- a/modules/libpref/init/all.js +++ b/modules/libpref/init/all.js @@ -4477,11 +4477,11 @@ pref("dom.inter-app-communication-api.enabled", false); pref("dom.mapped_arraybuffer.enabled", false); // The tables used for Safebrowsing phishing and malware checks. -pref("urlclassifier.malwareTable", "goog-malware-shavar,test-malware-simple"); +pref("urlclassifier.malwareTable", "goog-malware-shavar,goog-unwanted-shavar,test-malware-simple,test-unwanted-simple"); pref("urlclassifier.phishTable", "goog-phish-shavar,test-phish-simple"); pref("urlclassifier.downloadBlockTable", ""); pref("urlclassifier.downloadAllowTable", ""); -pref("urlclassifier.disallow_completions", "test-malware-simple,test-phish-simple,goog-downloadwhite-digest256,mozpub-track-digest256"); +pref("urlclassifier.disallow_completions", "test-malware-simple,test-phish-simple,test-unwanted-simple,goog-downloadwhite-digest256,mozpub-track-digest256"); // The table and update/gethash URLs for Safebrowsing phishing and malware // checks. diff --git a/security/manager/boot/public/nsISecurityUITelemetry.idl b/security/manager/boot/public/nsISecurityUITelemetry.idl index dd15d161575..c4b81d3f985 100644 --- a/security/manager/boot/public/nsISecurityUITelemetry.idl +++ b/security/manager/boot/public/nsISecurityUITelemetry.idl @@ -6,7 +6,7 @@ #include "nsISupports.idl" -[scriptable, uuid(f7259bf4-1f2b-4e9e-8983-1978cc076fa1)] +[scriptable, uuid(56e190a0-2802-4fc4-b09f-bcda357035c3)] interface nsISecurityUITelemetry : nsISupports { @@ -141,6 +141,17 @@ const uint32_t WARNING_BAD_CERT_TOP_CONFIRM_ADD_EXCEPTION_BASE = 84; const uint32_t WARNING_BAD_CERT_TOP_CONFIRM_ADD_EXCEPTION_FLAG_UNTRUSTED = 1; const uint32_t WARNING_BAD_CERT_TOP_CONFIRM_ADD_EXCEPTION_FLAG_DOMAIN = 2; const uint32_t WARNING_BAD_CERT_TOP_CONFIRM_ADD_EXCEPTION_FLAG_TIME = 4; -// This uses up buckets till 91 (including) + +// Another Safe Browsing list (like malware & phishing above) +const uint32_t WARNING_UNWANTED_PAGE_TOP = 92; +const uint32_t WARNING_UNWANTED_PAGE_TOP_WHY_BLOCKED = 93; +const uint32_t WARNING_UNWANTED_PAGE_TOP_GET_ME_OUT_OF_HERE = 94; +const uint32_t WARNING_UNWANTED_PAGE_TOP_IGNORE_WARNING = 95; +const uint32_t WARNING_UNWANTED_PAGE_FRAME = 96; +const uint32_t WARNING_UNWANTED_PAGE_FRAME_WHY_BLOCKED = 97; +const uint32_t WARNING_UNWANTED_PAGE_FRAME_GET_ME_OUT_OF_HERE = 98; +const uint32_t WARNING_UNWANTED_PAGE_FRAME_IGNORE_WARNING = 99; + +// This uses up buckets till 99 (including) // We only have buckets up to 100. }; diff --git a/toolkit/components/url-classifier/SafeBrowsing.jsm b/toolkit/components/url-classifier/SafeBrowsing.jsm index 45d2ea4ca0e..5593c214d04 100644 --- a/toolkit/components/url-classifier/SafeBrowsing.jsm +++ b/toolkit/components/url-classifier/SafeBrowsing.jsm @@ -199,8 +199,9 @@ this.SafeBrowsing = { addMozEntries: function() { // Add test entries to the DB. // XXX bug 779008 - this could be done by DB itself? - const phishURL = "itisatrap.org/firefox/its-a-trap.html"; - const malwareURL = "itisatrap.org/firefox/its-an-attack.html"; + const phishURL = "itisatrap.org/firefox/its-a-trap.html"; + const malwareURL = "itisatrap.org/firefox/its-an-attack.html"; + const unwantedURL = "itisatrap.org/firefox/unwanted.html"; let update = "n:1000\ni:test-malware-simple\nad:1\n" + "a:1:32:" + malwareURL.length + "\n" + @@ -208,6 +209,9 @@ this.SafeBrowsing = { update += "n:1000\ni:test-phish-simple\nad:1\n" + "a:1:32:" + phishURL.length + "\n" + phishURL; + update += "n:1000\ni:test-unwanted-simple\nad:1\n" + + "a:1:32:" + unwantedURL.length + "\n" + + unwantedURL; log("addMozEntries:", update); let db = Cc["@mozilla.org/url-classifier/dbservice;1"]. @@ -222,7 +226,7 @@ this.SafeBrowsing = { }; try { - db.beginUpdate(dummyListener, "test-malware-simple,test-phish-simple", ""); + db.beginUpdate(dummyListener, "test-malware-simple,test-phish-simple,test-unwanted-simple", ""); db.beginStream("", ""); db.updateStream(update); db.finishStream(); diff --git a/toolkit/components/url-classifier/nsUrlClassifierDBService.cpp b/toolkit/components/url-classifier/nsUrlClassifierDBService.cpp index 7bfe066ded6..44a19a1f0ac 100644 --- a/toolkit/components/url-classifier/nsUrlClassifierDBService.cpp +++ b/toolkit/components/url-classifier/nsUrlClassifierDBService.cpp @@ -188,6 +188,9 @@ TablesToResponse(const nsACString& tables) if (FindInReadable(NS_LITERAL_CSTRING("-track-"), tables)) { return NS_ERROR_TRACKING_URI; } + if (FindInReadable(NS_LITERAL_CSTRING("-unwanted-"), tables)) { + return NS_ERROR_UNWANTED_URI; + } return NS_OK; } diff --git a/toolkit/components/url-classifier/tests/mochitest/classifierFrame.html b/toolkit/components/url-classifier/tests/mochitest/classifierFrame.html index 1a624ac5308..1cd52028477 100644 --- a/toolkit/components/url-classifier/tests/mochitest/classifierFrame.html +++ b/toolkit/components/url-classifier/tests/mochitest/classifierFrame.html @@ -33,8 +33,8 @@ function checkLoads() { - - + + diff --git a/toolkit/components/url-classifier/tests/mochitest/mochitest.ini b/toolkit/components/url-classifier/tests/mochitest/mochitest.ini index 6a0c32e8092..87f2ae1013b 100644 --- a/toolkit/components/url-classifier/tests/mochitest/mochitest.ini +++ b/toolkit/components/url-classifier/tests/mochitest/mochitest.ini @@ -9,6 +9,7 @@ support-files = import.css raptor.jpg track.html + unwantedWorker.js workerFrame.html [test_classifier.html] diff --git a/toolkit/components/url-classifier/tests/mochitest/test_classifier.html b/toolkit/components/url-classifier/tests/mochitest/test_classifier.html index 27b64075205..374271addb6 100644 --- a/toolkit/components/url-classifier/tests/mochitest/test_classifier.html +++ b/toolkit/components/url-classifier/tests/mochitest/test_classifier.html @@ -24,6 +24,12 @@ var testUpdate = "a:524:32:" + testData.length + "\n" + testData; +testData = "unwanted.example.com/"; +testUpdate += + "n:1000\ni:test-unwanted-simple\nad:1\n" + + "a:524:32:" + testData.length + "\n" + + testData; + var dbService = Cc["@mozilla.org/url-classifier/dbservice;1"] .getService(Ci.nsIUrlClassifierDBService); @@ -55,7 +61,7 @@ function doUpdate(update) { } }; - dbService.beginUpdate(listener, "test-malware-simple", ""); + dbService.beginUpdate(listener, "test-malware-simple,test-unwanted-simple", ""); dbService.beginStream("", ""); dbService.updateStream(update); dbService.finishStream(); @@ -63,7 +69,7 @@ function doUpdate(update) { } SpecialPowers.pushPrefEnv( - {"set" : [["urlclassifier.malwareTable", "test-malware-simple"], + {"set" : [["urlclassifier.malwareTable", "test-malware-simple,test-unwanted-simple"], ["urlclassifier.phishTable", "test-phish-simple"]]}, function() { doUpdate(testUpdate); }); diff --git a/toolkit/components/url-classifier/tests/mochitest/test_classifier_worker.html b/toolkit/components/url-classifier/tests/mochitest/test_classifier_worker.html index f88084a83cc..d74f2802521 100644 --- a/toolkit/components/url-classifier/tests/mochitest/test_classifier_worker.html +++ b/toolkit/components/url-classifier/tests/mochitest/test_classifier_worker.html @@ -23,6 +23,12 @@ var testUpdate = "a:550:32:" + testData.length + "\n" + testData; +testData = "example.com/tests/toolkit/components/url-classifier/tests/mochitest/unwantedWorker.js"; +testUpdate += + "n:1000\ni:test-unwanted-simple\nad:550\n" + + "a:550:32:" + testData.length + "\n" + + testData; + var dbService = Cc["@mozilla.org/url-classifier/dbservice;1"] .getService(Ci.nsIUrlClassifierDBService); @@ -54,7 +60,7 @@ function doUpdate(update) { } }; - dbService.beginUpdate(listener, "test-malware-simple", ""); + dbService.beginUpdate(listener, "test-malware-simple,test-unwanted-simple", ""); dbService.beginStream("", ""); dbService.updateStream(update); dbService.finishStream(); @@ -73,7 +79,7 @@ function onmessage(event) } SpecialPowers.pushPrefEnv( - {"set" : [["urlclassifier.malwareTable", "test-malware-simple"], + {"set" : [["urlclassifier.malwareTable", "test-malware-simple,test-unwanted-simple"], ["urlclassifier.phishTable", "test-phish-simple"]]}, function() { doUpdate(testUpdate); }); diff --git a/toolkit/components/url-classifier/tests/mochitest/unwantedWorker.js b/toolkit/components/url-classifier/tests/mochitest/unwantedWorker.js new file mode 100644 index 00000000000..ac34977d71f --- /dev/null +++ b/toolkit/components/url-classifier/tests/mochitest/unwantedWorker.js @@ -0,0 +1,3 @@ +onmessage = function() { + postMessage("loaded bad file"); +} diff --git a/toolkit/components/url-classifier/tests/mochitest/workerFrame.html b/toolkit/components/url-classifier/tests/mochitest/workerFrame.html index 23f0a25f8a2..69e8dd0074f 100644 --- a/toolkit/components/url-classifier/tests/mochitest/workerFrame.html +++ b/toolkit/components/url-classifier/tests/mochitest/workerFrame.html @@ -29,11 +29,27 @@ function startEvilWorker() { worker.onmessage = function(event) { window.parent.postMessage("failure:failed to block evilWorker.js", "*"); - startCleanWorker(); + startUnwantedWorker(); }; worker.onerror = function(event) { window.parent.postMessage("success:blocked evilWorker.js", "*"); + startUnwantedWorker(); + }; + + worker.postMessage(""); +} + +function startUnwantedWorker() { + var worker = new Worker("unwantedWorker.js"); + + worker.onmessage = function(event) { + window.parent.postMessage("failure:failed to block unwantedWorker.js", "*"); + startCleanWorker(); + }; + + worker.onerror = function(event) { + window.parent.postMessage("success:blocked unwantedWorker.js", "*"); startCleanWorker(); }; diff --git a/toolkit/components/url-classifier/tests/unit/head_urlclassifier.js b/toolkit/components/url-classifier/tests/unit/head_urlclassifier.js index 69ecf2fda69..7f2a4ce9ec5 100644 --- a/toolkit/components/url-classifier/tests/unit/head_urlclassifier.js +++ b/toolkit/components/url-classifier/tests/unit/head_urlclassifier.js @@ -53,15 +53,18 @@ function cleanUp() { delFile("safebrowsing/classifier.hashkey"); delFile("safebrowsing/test-phish-simple.sbstore"); delFile("safebrowsing/test-malware-simple.sbstore"); + delFile("safebrowsing/test-unwanted-simple.sbstore"); delFile("safebrowsing/test-phish-simple.cache"); delFile("safebrowsing/test-malware-simple.cache"); + delFile("safebrowsing/test-unwanted-simple.cache"); delFile("safebrowsing/test-phish-simple.pset"); delFile("safebrowsing/test-malware-simple.pset"); + delFile("safebrowsing/test-unwanted-simple.pset"); delFile("testLarge.pset"); delFile("testNoDelta.pset"); } -var allTables = "test-phish-simple,test-malware-simple"; +var allTables = "test-phish-simple,test-malware-simple,test-unwanted-simple"; var dbservice = Cc["@mozilla.org/url-classifier/dbservice;1"].getService(Ci.nsIUrlClassifierDBService); var streamUpdater = Cc["@mozilla.org/url-classifier/streamupdater;1"] @@ -114,6 +117,10 @@ function buildMalwareUpdate(chunks, hashSize) { return buildUpdate({"test-malware-simple" : chunks}, hashSize); } +function buildUnwantedUpdate(chunks, hashSize) { + return buildUpdate({"test-unwanted-simple" : chunks}, hashSize); +} + function buildBareUpdate(chunks, hashSize) { return buildUpdate({"" : chunks}, hashSize); } @@ -138,7 +145,7 @@ function doSimpleUpdate(updateText, success, failure) { }; dbservice.beginUpdate(listener, - "test-phish-simple,test-malware-simple"); + "test-phish-simple,test-malware-simple,test-unwanted-simple"); dbservice.beginStream("", ""); dbservice.updateStream(updateText); dbservice.finishStream(); @@ -180,7 +187,7 @@ function doStreamUpdate(updateText, success, failure, downloadFailure) { downloadFailure = failure; } - streamUpdater.downloadUpdates("test-phish-simple,test-malware-simple", "", + streamUpdater.downloadUpdates("test-phish-simple,test-malware-simple,test-unwanted-simple", "", dataUpdate, success, failure, downloadFailure); } @@ -237,6 +244,11 @@ malwareUrlsExist: function(urls, cb) this.checkUrls(urls, 'test-malware-simple', cb); }, +unwantedUrlsExist: function(urls, cb) +{ + this.checkUrls(urls, 'test-unwanted-simple', cb); +}, + subsDontExist: function(urls, cb) { // XXX: there's no interface for checking items in the subs table diff --git a/toolkit/components/url-classifier/tests/unit/test_dbservice.js b/toolkit/components/url-classifier/tests/unit/test_dbservice.js index 0f9108be83c..c421c994f42 100644 --- a/toolkit/components/url-classifier/tests/unit/test_dbservice.js +++ b/toolkit/components/url-classifier/tests/unit/test_dbservice.js @@ -47,18 +47,20 @@ var chunk6Urls = [ ]; var chunk6 = chunk6Urls.join("\n"); -// we are going to add chunks 1, 2, 4, 5, and 6 to phish-simple, and -// chunk 2 to malware-simple. Then we'll remove the urls in chunk3 -// from phish-simple, then expire chunk 1 and chunks 4-6 from -// phish-simple. +// we are going to add chunks 1, 2, 4, 5, and 6 to phish-simple, +// chunk 2 to malware-simple and chunk 3 to unwanted-simple. +// Then we'll remove the urls in chunk3 from phish-simple, then +// expire chunk 1 and chunks 4-6 from phish-simple. var phishExpected = {}; var phishUnexpected = {}; var malwareExpected = {}; +var unwantedExpected = {}; for (var i = 0; i < chunk2Urls.length; i++) { phishExpected[chunk2Urls[i]] = true; malwareExpected[chunk2Urls[i]] = true; } for (var i = 0; i < chunk3Urls.length; i++) { + unwantedExpected[chunk3Urls[i]] = true; delete phishExpected[chunk3Urls[i]]; phishUnexpected[chunk3Urls[i]] = true; } @@ -115,7 +117,7 @@ function tablesCallbackWithoutSub(tables) // there's a leading \n here because splitting left an empty string // after the trailing newline, which will sort first do_check_eq(parts.join("\n"), - "\ntest-malware-simple;a:1\ntest-phish-simple;a:2"); + "\ntest-malware-simple;a:1\ntest-phish-simple;a:2\ntest-unwanted-simple;a:1"); checkNoHost(); } @@ -133,7 +135,7 @@ function tablesCallbackWithSub(tables) // there's a leading \n here because splitting left an empty string // after the trailing newline, which will sort first do_check_eq(parts.join("\n"), - "\ntest-malware-simple;a:1\ntest-phish-simple;a:2:s:3"); + "\ntest-malware-simple;a:1\ntest-phish-simple;a:2:s:3\ntest-unwanted-simple;a:1"); // verify that expiring a sub chunk removes its name from the list var data = @@ -182,6 +184,16 @@ function malwareExists(result) { } } +function unwantedExists(result) { + dumpn("unwantedExists: " + result); + + try { + do_check_true(result.indexOf("test-unwanted-simple") != -1); + } finally { + checkDone(); + } +} + function checkState() { numExpecting = 0; @@ -203,6 +215,12 @@ function checkState() dbservice.lookup(principal, allTables, malwareExists, true); numExpecting++; } + + for (var key in unwantedExpected) { + var principal = secMan.getNoAppCodebasePrincipal(iosvc.newURI("http://" + key, null, null)); + dbservice.lookup(principal, allTables, unwantedExists, true); + numExpecting++; + } } function testSubSuccess(result) @@ -249,7 +267,10 @@ function do_adds() { chunk6 + "\n" + "i:test-malware-simple\n" + "a:1:32:" + chunk2.length + "\n" + - chunk2 + "\n"; + chunk2 + "\n" + + "i:test-unwanted-simple\n" + + "a:1:32:" + chunk3.length + "\n" + + chunk3 + "\n"; doSimpleUpdate(data, testAddSuccess, testFailure); } diff --git a/toolkit/components/url-classifier/tests/unit/test_streamupdater.js b/toolkit/components/url-classifier/tests/unit/test_streamupdater.js index 9ba73a17e05..89ea6fab3ba 100644 --- a/toolkit/components/url-classifier/tests/unit/test_streamupdater.js +++ b/toolkit/components/url-classifier/tests/unit/test_streamupdater.js @@ -131,6 +131,7 @@ function testMultipleTables() { var add1Urls = [ "foo-multiple.com/a", "bar-multiple.com/c" ]; var add2Urls = [ "foo-multiple.com/b" ]; var add3Urls = [ "bar-multiple.com/d" ]; + var add4Urls = [ "bar-multiple.com/e" ]; var update = "n:1000\n"; update += "i:test-phish-simple\n"; @@ -152,10 +153,17 @@ function testMultipleTables() { "urls" : add3Urls }]); update += "u:data:," + encodeURIComponent(update3) + "\n"; + update += "i:test-unwanted-simple\n"; + var update4 = buildBareUpdate( + [{ "chunkNum" : 4, + "urls" : add4Urls }]); + update += "u:data:," + encodeURIComponent(update4) + "\n"; + var assertions = { - "tableData" : "test-malware-simple;a:3\ntest-phish-simple;a:1-2", + "tableData" : "test-malware-simple;a:3\ntest-phish-simple;a:1-2\ntest-unwanted-simple;a:4", "urlsExist" : add1Urls.concat(add2Urls), - "malwareUrlsExist" : add3Urls + "malwareUrlsExist" : add3Urls, + "unwantedUrlsExist" : add4Urls }; doTest([update], assertions, false); diff --git a/toolkit/components/viewsource/content/viewSource.js b/toolkit/components/viewsource/content/viewSource.js index 2adbf442c68..4e89ab83810 100644 --- a/toolkit/components/viewsource/content/viewSource.js +++ b/toolkit/components/viewsource/content/viewSource.js @@ -242,33 +242,15 @@ function onClickContent(event) { if (/^about:blocked/.test(errorDoc.documentURI)) { // The event came from a button on a malware/phishing block page - // First check whether it's malware or phishing, so that we can - // use the right strings/links - var isMalware = /e=malwareBlocked/.test(errorDoc.documentURI); if (target == errorDoc.getElementById('getMeOutButton')) { // Instead of loading some safe page, just close the window window.close(); } else if (target == errorDoc.getElementById('reportButton')) { - // This is the "Why is this site blocked" button. For malware, - // we can fetch a site-specific report, for phishing, we redirect - // to the generic page describing phishing protection. - - if (isMalware) { - // Get the stop badware "why is this blocked" report url, - // append the current url, and go there. - try { - let reportURL = Services.urlFormatter.formatURLPref("browser.safebrowsing.malware.reportURL", true); - reportURL += errorDoc.location.href.slice(12); - openURL(reportURL); - } catch (e) { - Components.utils.reportError("Couldn't get malware report URL: " + e); - } - } else { - // It's a phishing site, just link to the generic information page - let url = Services.urlFormatter.formatURLPref("app.support.baseURL"); - openURL(url + "phishing-malware"); - } + // This is the "Why is this site blocked" button. We redirect + // to the generic page describing phishing/malware protection. + let url = Services.urlFormatter.formatURLPref("app.support.baseURL"); + openURL(url + "phishing-malware"); } else if (target == errorDoc.getElementById('ignoreWarningButton')) { // Allow users to override and continue through to the site gBrowser.loadURIWithFlags(content.location.href, diff --git a/webapprt/locales/en-US/webapprt/overrides/appstrings.properties b/webapprt/locales/en-US/webapprt/overrides/appstrings.properties index b41d7ac26f0..0138d137c72 100644 --- a/webapprt/locales/en-US/webapprt/overrides/appstrings.properties +++ b/webapprt/locales/en-US/webapprt/overrides/appstrings.properties @@ -29,6 +29,7 @@ externalProtocolUnknown= externalProtocolChkMsg=Remember my choice for all links of this type. externalProtocolLaunchBtn=Launch application malwareBlocked=The site at %S has been reported as an attack site and has been blocked based on your security preferences. +unwantedBlocked=The site at %S has been reported as serving unwanted software and has been blocked based on your security preferences. phishingBlocked=The website at %S has been reported as a web forgery designed to trick users into sharing personal or financial information. cspBlocked=This application tried to access a resource that has a content security policy that prevents it from being loaded in this way. corruptedContentError=The application cannot continue loading because an error in the data transmission was detected. diff --git a/xpcom/base/ErrorList.h b/xpcom/base/ErrorList.h index 5eef3550c1e..509d4ae9d35 100644 --- a/xpcom/base/ErrorList.h +++ b/xpcom/base/ErrorList.h @@ -678,6 +678,7 @@ ERROR(NS_ERROR_MALWARE_URI, FAILURE(30)), ERROR(NS_ERROR_PHISHING_URI, FAILURE(31)), ERROR(NS_ERROR_TRACKING_URI, FAILURE(34)), + ERROR(NS_ERROR_UNWANTED_URI, FAILURE(35)), /* Used when "Save Link As..." doesn't see the headers quickly enough to * choose a filename. See nsContextMenu.js. */ ERROR(NS_ERROR_SAVE_LINK_AS_TIMEOUT, FAILURE(32)),