Fix Certificate Exception dialog logic.
This commit is contained in:
parent
f92331676b
commit
fe1c660000
|
@ -13,34 +13,11 @@ var gChecking;
|
||||||
var gBroken;
|
var gBroken;
|
||||||
var gNeedReset;
|
var gNeedReset;
|
||||||
|
|
||||||
Components.utils.import("resource://gre/modules/PrivateBrowsingUtils.jsm");
|
const {interfaces: Ci, classes: Cc, results: Cr, utils: Cu} = Components;
|
||||||
|
|
||||||
function badCertListener() {}
|
Cu.import("resource://gre/modules/PrivateBrowsingUtils.jsm");
|
||||||
badCertListener.prototype = {
|
Cu.import("resource://gre/modules/Services.jsm");
|
||||||
getInterface: function (aIID) {
|
|
||||||
return this.QueryInterface(aIID);
|
|
||||||
},
|
|
||||||
QueryInterface: function(aIID) {
|
|
||||||
if (aIID.equals(Components.interfaces.nsIBadCertListener2) ||
|
|
||||||
aIID.equals(Components.interfaces.nsIInterfaceRequestor) ||
|
|
||||||
aIID.equals(Components.interfaces.nsISupports)) {
|
|
||||||
return this;
|
|
||||||
}
|
|
||||||
|
|
||||||
throw new Error(Components.results.NS_ERROR_NO_INTERFACE);
|
|
||||||
},
|
|
||||||
handle_test_result: function () {
|
|
||||||
if (gSSLStatus) {
|
|
||||||
gCert = gSSLStatus.QueryInterface(Components.interfaces.nsISSLStatus).serverCert;
|
|
||||||
}
|
|
||||||
},
|
|
||||||
notifyCertProblem: function MSR_notifyCertProblem(socketInfo, sslStatus, targetHost) {
|
|
||||||
gBroken = true;
|
|
||||||
gSSLStatus = sslStatus;
|
|
||||||
this.handle_test_result();
|
|
||||||
return true; // suppress error UI
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
function initExceptionDialog() {
|
function initExceptionDialog() {
|
||||||
gNeedReset = false;
|
gNeedReset = false;
|
||||||
|
@ -84,6 +61,28 @@ function initExceptionDialog() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Helper function for checkCert. Set as the onerror/onload callbacks for an
|
||||||
|
* XMLHttpRequest. Sets gSSLStatus, gCert, gBroken, and gChecking according to
|
||||||
|
* the load information from the request. Probably should not be used directly.
|
||||||
|
*
|
||||||
|
* @param {XMLHttpRequest} req
|
||||||
|
* The XMLHttpRequest created and sent by checkCert.
|
||||||
|
* @param {Event} evt
|
||||||
|
* The load or error event.
|
||||||
|
*/
|
||||||
|
function grabCert(req, evt) {
|
||||||
|
if (req.channel && req.channel.securityInfo) {
|
||||||
|
gSSLStatus = req.channel.securityInfo
|
||||||
|
.QueryInterface(Ci.nsISSLStatusProvider).SSLStatus;
|
||||||
|
gCert = gSSLStatus ? gSSLStatus.QueryInterface(Ci.nsISSLStatus).serverCert
|
||||||
|
: null;
|
||||||
|
}
|
||||||
|
gBroken = evt.type == "error";
|
||||||
|
gChecking = false;
|
||||||
|
updateCertStatus();
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Attempt to download the certificate for the location specified, and populate
|
* Attempt to download the certificate for the location specified, and populate
|
||||||
* the Certificate Status section with the result.
|
* the Certificate Status section with the result.
|
||||||
|
@ -95,34 +94,18 @@ function checkCert() {
|
||||||
gBroken = false;
|
gBroken = false;
|
||||||
updateCertStatus();
|
updateCertStatus();
|
||||||
|
|
||||||
var uri = getURI();
|
let uri = getURI();
|
||||||
|
|
||||||
var req = new XMLHttpRequest();
|
if (uri) {
|
||||||
try {
|
let req = new XMLHttpRequest();
|
||||||
if (uri) {
|
req.open("GET", uri.prePath);
|
||||||
req.open('GET', uri.prePath, false);
|
req.onerror = grabCert.bind(this, req);
|
||||||
req.channel.notificationCallbacks = new badCertListener();
|
req.onload = grabCert.bind(this, req);
|
||||||
req.send(null);
|
req.send(null);
|
||||||
}
|
} else {
|
||||||
} catch (e) {
|
|
||||||
// We *expect* exceptions if there are problems with the certificate
|
|
||||||
// presented by the site. Log it, just in case, but we can proceed here,
|
|
||||||
// with appropriate sanity checks
|
|
||||||
Components.utils.reportError("Attempted to connect to a site with a bad certificate in the add exception dialog. " +
|
|
||||||
"This results in a (mostly harmless) exception being thrown. " +
|
|
||||||
"Logged for information purposes only: " + e);
|
|
||||||
} finally {
|
|
||||||
gChecking = false;
|
gChecking = false;
|
||||||
|
updateCertStatus();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (req.channel && req.channel.securityInfo) {
|
|
||||||
const Ci = Components.interfaces;
|
|
||||||
gSSLStatus = req.channel.securityInfo
|
|
||||||
.QueryInterface(Ci.nsISSLStatusProvider).SSLStatus;
|
|
||||||
gCert = gSSLStatus.QueryInterface(Ci.nsISSLStatus).serverCert;
|
|
||||||
}
|
|
||||||
|
|
||||||
updateCertStatus();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -252,7 +235,7 @@ function updateCertStatus() {
|
||||||
document.getElementById("viewCertButton").disabled = false;
|
document.getElementById("viewCertButton").disabled = false;
|
||||||
|
|
||||||
// Notify observers about the availability of the certificate
|
// Notify observers about the availability of the certificate
|
||||||
Services.obs.notifyObservers(null, "cert-exception-ui-ready");
|
Services.obs.notifyObservers(null, "cert-exception-ui-ready", null);
|
||||||
} else if (gChecking) {
|
} else if (gChecking) {
|
||||||
shortDesc = "addExceptionCheckingShort";
|
shortDesc = "addExceptionCheckingShort";
|
||||||
longDesc = "addExceptionCheckingLong2";
|
longDesc = "addExceptionCheckingLong2";
|
||||||
|
@ -306,8 +289,8 @@ function addException() {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
var overrideService = Components.classes["@mozilla.org/security/certoverride;1"]
|
var overrideService = Cc["@mozilla.org/security/certoverride;1"]
|
||||||
.getService(Components.interfaces.nsICertOverrideService);
|
.getService(Ci.nsICertOverrideService);
|
||||||
var flags = 0;
|
var flags = 0;
|
||||||
if (gSSLStatus.isUntrusted) {
|
if (gSSLStatus.isUntrusted) {
|
||||||
flags |= overrideService.ERROR_UNTRUSTED;
|
flags |= overrideService.ERROR_UNTRUSTED;
|
||||||
|
|
Loading…
Reference in New Issue
Block a user