Restore "ignore this warning" link for phishing warning. b=400731, r=gavin, r=dcamp, ui-r=mconnor, a=blocking-firefox3 (beltzner)

browser/base/content/browser.js

@@ -2321,6 +2321,22 @@ function BrowserOnCommand(event) {
           }
         }
       }
+      else if (ot == errorDoc.getElementById('ignoreWarningButton')) {
+        // Allow users to override and continue through to the site,
+        // but add a notify bar as a reminder, so that they don't lose
+        // track after, e.g., tab switching.
+        gBrowser.loadURIWithFlags(content.location.href,
+                                  nsIWebNavigation.LOAD_FLAGS_BYPASS_CLASSIFIER,
+                                  null, null, null);
+        var notificationBox = gBrowser.getNotificationBox();
+        notificationBox.appendNotification(
+          errorDoc.title, /* Re-use the error page's title, e.g. "Reported Web Forgery!" */
+          "blocked-badware-page",
+          "chrome://global/skin/icons/blacklist_favicon.png",
+          notificationBox.PRIORITY_CRITICAL_HIGH,
+          null
+        );
+      }
     }
 }
 

browser/components/safebrowsing/Makefile.in

@@ -45,6 +45,10 @@ include $(DEPTH)/config/autoconf.mk
 
 DIRS      = src
 
+ifdef MOZ_MOCHITEST
+DIRS += content/test
+endif
+
 ifneq (,$(BUILD_OFFICIAL)$(MOZILLA_OFFICIAL))
 DEFINES += -DOFFICIAL_BUILD=1
 endif

browser/components/safebrowsing/content/blockedSite.xhtml

@@ -147,12 +147,40 @@
         el = document.getElementById("errorLongDescText_malware");
         el.parentNode.removeChild(el);
 
+        // Unhide clickthrough button
+        el = document.getElementById("ignoreWarningButton");
+        el.style.display = "-moz-box";
+        
         // Set sitename
         document.getElementById("phishing_sitename").textContent = getHostString();
         document.title = document.getElementById("errorTitleText_phishing")
                                  .innerHTML;
       }
     ]]></script>
+    <style type="text/css">
+      /* Style warning button to look like a small text link in the
+         bottom right. This is preferable to just using a text link
+         since there is already a mechanism in browser.js for trapping
+         oncommand events from unprivileged chrome pages (BrowserOnCommand).*/
+      #ignoreWarningButton {
+        -moz-appearance: none;
+        background: transparent;
+        border: none;
+        color: white;  /* Hard coded because netError.css forces this page's background to dark red */
+        text-decoration: underline;
+        margin: 0;
+        padding: 0;
+        position: relative;
+        top: 23px;
+        left: 20px;
+        font-size: smaller;
+        display: none; /* Hide the button by default */
+      }
+      
+      #ignoreWarning {
+        text-align: right;
+      }
+    </style>
   </head>
 
   <body dir="&locale.dir;">
@@ -187,6 +215,10 @@
                       id="reportButton" label="&safeb.palm.report.label;"/>
         </div>
       </div>
+      <div id="ignoreWarning">
+        <xul:button xmlns:xul="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
+                    id="ignoreWarningButton" label="&safeb.palm.decline.label;"/>
+      </div>
     </div>
     <!--
     - Note: It is important to run the script this way, instead of using

browser/components/safebrowsing/content/test/Makefile.in

@@ -0,0 +1,53 @@
+#
+# ***** BEGIN LICENSE BLOCK *****
+# Version: MPL 1.1/GPL 2.0/LGPL 2.1
+#
+# The contents of this file are subject to the Mozilla Public License Version
+# 1.1 (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+# http://www.mozilla.org/MPL/
+#
+# Software distributed under the License is distributed on an "AS IS" basis,
+# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+# for the specific language governing rights and limitations under the
+# License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is
+#    Mozilla Corporation.
+# Portions created by the Initial Developer are Copyright (C) 1998
+# the Initial Developer. All Rights Reserved.
+#
+# Contributor(s):
+#   Johnathan Nightingale <johnath@mozilla.com>
+#
+# Alternatively, the contents of this file may be used under the terms of
+# either of the GNU General Public License Version 2 or later (the "GPL"),
+# or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+# in which case the provisions of the GPL or the LGPL are applicable instead
+# of those above. If you wish to allow use of your version of this file only
+# under the terms of either the GPL or the LGPL, and not to allow others to
+# use your version of this file under the terms of the MPL, indicate your
+# decision by deleting the provisions above and replace them with the notice
+# and other provisions required by the GPL or the LGPL. If you do not delete
+# the provisions above, a recipient may use your version of this file under
+# the terms of any one of the MPL, the GPL or the LGPL.
+#
+# ***** END LICENSE BLOCK *****
+
+DEPTH		= ../../../../..
+topsrcdir	= @top_srcdir@
+srcdir		= @srcdir@
+VPATH		= @srcdir@
+relativesrcdir  = browser/components/safebrowsing/content/test
+
+include $(DEPTH)/config/autoconf.mk
+include $(topsrcdir)/config/rules.mk
+
+_BROWSER_FILES = browser_bug400731.js \
+    $(NULL)
+
+libs::	$(_BROWSER_FILES)
+	$(INSTALL) $(foreach f,$^,"$f") $(DEPTH)/_tests/testing/mochitest/browser/$(relativesrcdir)
+

browser/components/safebrowsing/content/test/browser_bug400731.js

@@ -0,0 +1,39 @@
+/* Check for the intended visibility of the "Ignore this warning" text*/
+var newBrowser
+
+function test() {
+  waitForExplicitFinish();
+  
+  var newTab = gBrowser.addTab();
+  gBrowser.selectedTab = newTab;
+  newBrowser = gBrowser.getBrowserForTab(newTab);
+  
+  // Navigate to malware site.  Can't use an onload listener here since
+  // error pages don't fire onload
+  newBrowser.contentWindow.location = 'http://www.mozilla.com/firefox/its-an-attack.html';
+  window.setTimeout(testMalware, 2000);
+}
+
+function testMalware() {
+  // Confirm that "Ignore this warning" is hidden
+  var el = newBrowser.contentDocument.getElementById("ignoreWarningButton");
+  ok(el, "Ignore warning button should be present (but hidden) for malware");
+  
+  var style = newBrowser.contentWindow.getComputedStyle(el, null);
+  is(style.display, "none", "Ignore Warning button should be display:none for malware");
+  
+  // Now launch the phishing test
+  newBrowser.contentWindow.location = 'http://www.mozilla.com/firefox/its-a-trap.html';
+  window.setTimeout(testPhishing, 2000);
+}
+
+function testPhishing() {
+  var el = newBrowser.contentDocument.getElementById("ignoreWarningButton");
+  ok(el, "Ignore warning button should be present for phishing");
+  
+  var style = newBrowser.contentWindow.getComputedStyle(el, null);
+  is(style.display, "-moz-box", "Ignore Warning button should be display:-moz-box for phishing");
+  
+  gBrowser.removeCurrentTab();
+  finish();
+}