diff --git a/mobile/chrome/content/browser.js b/mobile/chrome/content/browser.js
index 3199d9238cc..89e732123a7 100644
--- a/mobile/chrome/content/browser.js
+++ b/mobile/chrome/content/browser.js
@@ -813,6 +813,19 @@ var BrowserEventHandler = {
title: browser.contentTitle
}
});
+
+ // Attach a listener to watch for "click" events bubbling up from error
+ // pages and other similar page. This lets us fix bugs like 401575 which
+ // require error page UI to do privileged things, without letting error
+ // pages have any privilege themselves.
+ if (/^about:/.test(aEvent.originalTarget.documentURI)) {
+ let browser = BrowserApp.getBrowserForDocument(aEvent.originalTarget);
+ browser.addEventListener("click", ErrorPageEventHandler, false);
+ browser.addEventListener("pagehide", function () {
+ browser.removeEventListener("click", ErrorPageEventHandler, false);
+ browser.removeEventListener("pagehide", arguments.callee, true);
+ }, true);
+ }
break;
}
@@ -1258,6 +1271,63 @@ var BrowserEventHandler = {
}
};
+
+var ErrorPageEventHandler = {
+ handleEvent: function(aEvent) {
+ switch (aEvent.type) {
+ case "click": {
+ // Don't trust synthetic events
+ if (!aEvent.isTrusted)
+ return;
+
+ let target = aEvent.originalTarget;
+ let errorDoc = target.ownerDocument;
+
+ // If the event came from an ssl error page, it is probably either the "Add
+ // Exception…" or "Get me out of here!" button
+ if (/^about:certerror\?e=nssBadCert/.test(errorDoc.documentURI)) {
+ let perm = errorDoc.getElementById("permanentExceptionButton");
+ let temp = errorDoc.getElementById("temporaryExceptionButton");
+ if (target == temp || target == perm) {
+ // Handle setting an cert exception and reloading the page
+ try {
+ // Add a new SSL exception for this URL
+ let uri = Services.io.newURI(errorDoc.location.href, null, null);
+ let sslExceptions = new SSLExceptions();
+
+ if (target == perm)
+ sslExceptions.addPermanentException(uri);
+ else
+ sslExceptions.addTemporaryException(uri);
+ } catch (e) {
+ dump("Failed to set cert exception: " + e + "\n");
+ }
+ errorDoc.location.reload();
+ } else if (target == errorDoc.getElementById("getMeOutOfHereButton")) {
+ errorDoc.location = this.getFallbackSafeURL();
+ }
+ }
+ break;
+ }
+ }
+ },
+
+ getFallbackSafeURL: function getFallbackSafeURL() {
+ // Get the start page from the *default* pref branch, not the user's
+ let prefs = Cc["@mozilla.org/preferences-service;1"].getService(Ci.nsIPrefService).getDefaultBranch(null);
+ let url = "about:home";
+ try {
+ url = prefs.getComplexValue("browser.startup.homepage", Ci.nsIPrefLocalizedString).data;
+ // If url is a pipe-delimited set of pages, just take the first one.
+ if (url.indexOf("|") != -1)
+ url = url.split("|")[0];
+ } catch(e) {
+ Cu.reportError("Couldn't get homepage pref: " + e);
+ }
+ return url;
+ }
+};
+
var XPInstallObserver = {
observe: function xpi_observer(aSubject, aTopic, aData) {
switch (aTopic) {
diff --git a/mobile/chrome/content/browser.xul b/mobile/chrome/content/browser.xul
index 7e631d8fc71..4bbe7d34c63 100644
--- a/mobile/chrome/content/browser.xul
+++ b/mobile/chrome/content/browser.xul
@@ -7,6 +7,7 @@
+
diff --git a/mobile/chrome/content/exceptions.js b/mobile/chrome/content/exceptions.js
index 3c7040c4e7c..eb2bcdb58c5 100644
--- a/mobile/chrome/content/exceptions.js
+++ b/mobile/chrome/content/exceptions.js
@@ -81,9 +81,7 @@ SSLExceptions.prototype = {
try {
var pb = Cc["@mozilla.org/privatebrowsing;1"].getService(Ci.nsIPrivateBrowsingService);
return pb.privateBrowsingEnabled;
- } catch (ex) {
- Components.utils.reportError("Could not get the Private Browsing service");
- }
+ } catch (ex) {}
return false;
},