Bug 1153010 - Disambiguate error messages for mixed content and weak/broken cipher. r=keeler,tanvi,dolske

2024-09-13 09:24:08 -07:00 · 2015-07-08 09:04:11 +02:00 · 2015-07-08 09:04:11 +02:00 · 1e34a3a78e
commit 1e34a3a78e
parent a0438a1c42
6 changed files with 23 additions and 6 deletions
--- a/browser/base/content/browser.js
+++ b/browser/base/content/browser.js
@ -6579,6 +6579,7 @@ var gIdentityHandler = {
  IDENTITY_MODE_IDENTIFIED                             : "verifiedIdentity", // High-quality identity information
  IDENTITY_MODE_DOMAIN_VERIFIED                        : "verifiedDomain",   // Minimal SSL CA-signed domain verification
  IDENTITY_MODE_UNKNOWN                                : "unknownIdentity",  // No trusted identity information
+  IDENTITY_MODE_USES_WEAK_CIPHER                       : "unknownIdentity weakCipher",  // SSL with RC4 cipher suite or SSL3
  IDENTITY_MODE_MIXED_DISPLAY_LOADED                   : "unknownIdentity mixedContent mixedDisplayContent",  // SSL with unauthenticated display content
  IDENTITY_MODE_MIXED_ACTIVE_LOADED                    : "unknownIdentity mixedContent mixedActiveContent",  // SSL with unauthenticated active (and perhaps also display) content
  IDENTITY_MODE_MIXED_DISPLAY_LOADED_ACTIVE_BLOCKED    : "unknownIdentity mixedContent mixedDisplayContentLoadedActiveBlocked",  // SSL with unauthenticated display content; unauthenticated active content is blocked.
@ -6773,8 +6774,10 @@ var gIdentityHandler = {
        this.setMode(this.IDENTITY_MODE_MIXED_ACTIVE_LOADED);
      } else if (state & nsIWebProgressListener.STATE_BLOCKED_MIXED_ACTIVE_CONTENT) {
        this.setMode(this.IDENTITY_MODE_MIXED_DISPLAY_LOADED_ACTIVE_BLOCKED);
-      } else {
+      } else if (state & nsIWebProgressListener.STATE_LOADED_MIXED_DISPLAY_CONTENT) {
        this.setMode(this.IDENTITY_MODE_MIXED_DISPLAY_LOADED);
+      } else {
+        this.setMode(this.IDENTITY_MODE_USES_WEAK_CIPHER);
      }
    } else {
      this.setMode(this.IDENTITY_MODE_UNKNOWN);
@ -7006,9 +7009,12 @@ var gIdentityHandler = {
    case this.IDENTITY_MODE_UNKNOWN:
      supplemental = gNavigatorBundle.getString("identity.not_secure");
      break;
+    case this.IDENTITY_MODE_USES_WEAK_CIPHER:
+      supplemental = gNavigatorBundle.getString("identity.uses_weak_cipher");
+      break;
    case this.IDENTITY_MODE_MIXED_DISPLAY_LOADED:
    case this.IDENTITY_MODE_MIXED_DISPLAY_LOADED_ACTIVE_BLOCKED:
-      supplemental = gNavigatorBundle.getString("identity.broken_loaded");
+      supplemental = gNavigatorBundle.getString("identity.mixed_display_loaded");
      break;
    case this.IDENTITY_MODE_MIXED_ACTIVE_LOADED:
      supplemental = gNavigatorBundle.getString("identity.mixed_active_loaded2");
--- a/browser/base/content/pageinfo/security.js
+++ b/browser/base/content/pageinfo/security.js
@ -262,13 +262,14 @@ function securityOnLoad() {
  if (info.isBroken) {
    if (info.isMixed) {
      hdr = pkiBundle.getString("pageInfo_MixedContent");
+      msg1 = pkiBundle.getString("pageInfo_MixedContent2");
    } else {
      hdr = pkiBundle.getFormattedString("pageInfo_BrokenEncryption",
                                         [info.encryptionAlgorithm,
                                          info.encryptionStrength + "",
                                          info.version]);
+      msg1 = pkiBundle.getString("pageInfo_WeakCipher");
    }
-    msg1 = pkiBundle.getString("pageInfo_Privacy_Broken2");
    msg2 = pkiBundle.getString("pageInfo_Privacy_None2");
  }
  else if (info.encryptionStrength > 0) {
--- a/browser/locales/en-US/chrome/browser/browser.properties
+++ b/browser/locales/en-US/chrome/browser/browser.properties
@ -330,7 +330,8 @@ identity.identified.verified_by_you=You have added a security exception for this
 identity.identified.state_and_country=%S, %S

 identity.not_secure=Your connection to this site is not private. Information you submit could be viewable to others (for example passwords, messages, credit cards, etc.).
-identity.broken_loaded=The connection to this website is not fully secure because it contains unencrypted elements (such as images) or the encryption is not strong enough.
+identity.uses_weak_cipher=Your connection to this website uses weak encryption and is not private. Other people can view your information or modify the website's behavior.
+identity.mixed_display_loaded=The connection to this website is not fully secure because it contains unencrypted elements (such as images).
 identity.mixed_active_loaded2=This website contains interactive content that isn't encrypted (such as scripts). Other people can view your information or modify the website's behavior.

 identity.unknown.tooltip=This website does not supply identity information.
--- a/browser/themes/shared/controlcenter/panel.inc.css
+++ b/browser/themes/shared/controlcenter/panel.inc.css
@ -1,6 +1,6 @@
 #identity-popup-securityView:not(.verifiedIdentity) > #identity-popup-content-owner,
 #identity-popup-securityView:not(.verifiedIdentity):not(.verifiedDomain) > #identity-popup-content-verifier,
-#identity-popup-securityView:not(.unknownIdentity):not(.verifiedIdentity):not(.mixedContent) > #identity-popup-content-supplemental,
+#identity-popup-securityView:not(.unknownIdentity):not(.verifiedIdentity):not(.mixedContent):not(.weakCipher) > #identity-popup-content-supplemental,
 #identity-popup-security-content:not(.verifiedIdentity):not(.verifiedDomain) > .identity-popup-connection-secure,
 #identity-popup-securityView:not(.verifiedIdentity):not(.verifiedDomain) > #identity-popup-securityView-header > .identity-popup-connection-secure,
 #identity-popup-securityView:not(.unknownIdentity) > #identity-popup-securityView-header > .identity-popup-connection-not-secure,
--- a/browser/themes/shared/identity-block.inc.css
+++ b/browser/themes/shared/identity-block.inc.css
@ -75,6 +75,10 @@
  list-style-image: url(chrome://browser/skin/identity-icons-https-ev.png);
 }

+.weakCipher > #page-proxy-favicon[pageproxystate="valid"] {
+  list-style-image: url(chrome://browser/skin/identity-icons-https-mixed-display.png);
+}
+
 .mixedActiveContent > #page-proxy-favicon[pageproxystate="valid"] {
  list-style-image: url(chrome://browser/skin/identity-icons-https-mixed-active.png);
 }
@ -124,6 +128,10 @@
    list-style-image: url(chrome://browser/skin/identity-icons-https-ev@2x.png);
  }

+  .weakCipher > #page-proxy-favicon[pageproxystate="valid"] {
+    list-style-image: url(chrome://browser/skin/identity-icons-https-mixed-display@2x.png);
+  }
+
  .mixedActiveContent > #page-proxy-favicon[pageproxystate="valid"] {
    list-style-image: url(chrome://browser/skin/identity-icons-https-mixed-active@2x.png);
  }
--- a/security/manager/locales/en-US/chrome/pippki/pippki.properties
+++ b/security/manager/locales/en-US/chrome/pippki/pippki.properties
@ -69,7 +69,8 @@ pageInfo_BrokenEncryption=Broken Encryption (%1$S, %2$S bit keys, %3$S)
 pageInfo_Privacy_Encrypted1=The page you are viewing was encrypted before being transmitted over the Internet.
 pageInfo_Privacy_Encrypted2=Encryption makes it difficult for unauthorized people to view information traveling between computers. It is therefore unlikely that anyone read this page as it traveled across the network.
 pageInfo_MixedContent=Connection Partially Encrypted
-pageInfo_Privacy_Broken2=Parts of the page you are viewing were not encrypted before being transmitted over the Internet or the encryption is not strong enough.
+pageInfo_MixedContent2=Parts of the page you are viewing were not encrypted before being transmitted over the Internet.
+pageInfo_WeakCipher=Your connection to this website uses weak encryption and is not private. Other people can view your information or modify the website's behavior.

 #Cert Viewer
 certDetails=Certificate Viewer: