Bug 1219088 - Show infobar when RC4 override is enabled. r=past

2024-09-13 09:24:08 -07:00 · 2015-11-11 23:13:34 +09:00 · 2015-11-11 23:13:34 +09:00 · 9c6beff42f
commit 9c6beff42f
parent 451907567d
2 changed files with 56 additions and 2 deletions
--- a/browser/base/content/browser.js
+++ b/browser/base/content/browser.js
@ -2836,8 +2836,7 @@ var BrowserOnClick = {
                                   .getService(Ci.nsIWeakCryptoOverride);
        weakCryptoOverride.addWeakCryptoOverride(
          msg.data.location.hostname,
-          PrivateBrowsingUtils.isBrowserPrivate(gBrowser.selectedBrowser),
-          true /* temporary */);
+          PrivateBrowsingUtils.isBrowserPrivate(gBrowser.selectedBrowser));
      break;
    }
  },
@ -7140,6 +7139,7 @@ var gIdentityHandler = {
    if (shouldHidePopup) {
      this._identityPopup.hidePopup();
    }
+    this.showWeakCryptoInfoBar();

    // NOTE: We do NOT update the identity popup (the control center) when
    // we receive a new security state on the existing page (i.e. from a
@ -7288,6 +7288,55 @@ var gIdentityHandler = {
    this._identityIconLabel.parentNode.collapsed = icon_label ? false : true;
  },

+  /**
+   * Show the weak crypto notification bar.
+   */
+  showWeakCryptoInfoBar() {
+    if (!this._uriHasHost || !this._isBroken || !this._sslStatus.cipherName ||
+        this._sslStatus.cipherName.indexOf("_RC4_") < 0) {
+      return;
+    }
+
+    let notificationBox = gBrowser.getNotificationBox();
+    let notification = notificationBox.getNotificationWithValue("weak-crypto");
+    if (notification) {
+      return;
+    }
+
+    let brandBundle = document.getElementById("bundle_brand");
+    let brandShortName = brandBundle.getString("brandShortName");
+    let message = gNavigatorBundle.getFormattedString("weakCryptoOverriding.message",
+                                                      [brandShortName]);
+
+    let host = this._uri.host;
+    let port = 443;
+    try {
+      if (this._uri.port > 0) {
+        port = this._uri.port;
+      }
+    } catch (e) {}
+
+    let buttons = [{
+      label: gNavigatorBundle.getString("revokeOverride.label"),
+      accessKey: gNavigatorBundle.getString("revokeOverride.accesskey"),
+      callback: function (aNotification, aButton) {
+        try {
+          let weakCryptoOverride = Cc["@mozilla.org/security/weakcryptooverride;1"]
+                                     .getService(Ci.nsIWeakCryptoOverride);
+          weakCryptoOverride.removeWeakCryptoOverride(host, port,
+            PrivateBrowsingUtils.isBrowserPrivate(gBrowser.selectedBrowser));
+          BrowserReloadWithFlags(nsIWebNavigation.LOAD_FLAGS_BYPASS_CACHE);
+        } catch (e) {
+          Cu.reportError(e);
+        }
+      }
+    }];
+
+    const priority = notificationBox.PRIORITY_WARNING_MEDIUM;
+    notificationBox.appendNotification(message, "weak-crypto", null,
+                                       priority, buttons);
+  },
+
  /**
   * Set up the title and content messages for the identity message popup,
   * based on the specified mode, and the details of the SSL cert, where
--- a/browser/locales/en-US/chrome/browser/browser.properties
+++ b/browser/locales/en-US/chrome/browser/browser.properties
@ -798,6 +798,11 @@ muteTab.accesskey = M
 unmuteTab.label = Unmute Tab
 unmuteTab.accesskey = M

+# LOCALIZATION NOTE (weakCryptoOverriding.message): %S is brandShortName
+weakCryptoOverriding.message = %S recommends that you don't enter your password, credit card and other personal information on this website.
+revokeOverride.label = Don't Trust This Website
+revokeOverride.accesskey = D
+
 # LOCALIZATION NOTE (tabgroups.deprecationwarning.description):
 # %S is brandShortName
 tabgroups.deprecationwarning.description         = Heads up! Tab Groups will be removed from %S soon.