browser/metro/base/content/exceptions.js@7e26c7da4463 (annotated)
browser/metro/base/content/exceptions.js
Wed, 31 Dec 2014 06:55:50 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:55:50 +0100
- changeset 2
- 7e26c7da4463
- permissions
- -rw-r--r--
Added tag UPSTREAM_283F7C6 for changeset ca08bd8f51b2
| michael@0 | 1 | /* This Source Code Form is subject to the terms of the Mozilla Public |
| michael@0 | 2 | * License, v. 2.0. If a copy of the MPL was not distributed with this |
| michael@0 | 3 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| michael@0 | 4 | |
| michael@0 | 5 | let Cc = Components.classes; |
| michael@0 | 6 | let Ci = Components.interfaces; |
| michael@0 | 7 | let Cu = Components.utils; |
| michael@0 | 8 | |
| michael@0 | 9 | Cu.import("resource://gre/modules/PrivateBrowsingUtils.jsm"); |
| michael@0 | 10 | |
| michael@0 | 11 | /** |
| michael@0 | 12 | A class to add exceptions to override SSL certificate problems. The functionality |
| michael@0 | 13 | itself is borrowed from exceptionDialog.js. |
| michael@0 | 14 | */ |
| michael@0 | 15 | function SSLExceptions() { |
| michael@0 | 16 | this._overrideService = Cc["@mozilla.org/security/certoverride;1"] |
| michael@0 | 17 | .getService(Ci.nsICertOverrideService); |
| michael@0 | 18 | } |
| michael@0 | 19 | |
| michael@0 | 20 | |
| michael@0 | 21 | SSLExceptions.prototype = { |
| michael@0 | 22 | _overrideService: null, |
| michael@0 | 23 | _sslStatus: null, |
| michael@0 | 24 | |
| michael@0 | 25 | getInterface: function SSLE_getInterface(aIID) { |
| michael@0 | 26 | return this.QueryInterface(aIID); |
| michael@0 | 27 | }, |
| michael@0 | 28 | QueryInterface: function SSLE_QueryInterface(aIID) { |
| michael@0 | 29 | if (aIID.equals(Ci.nsIBadCertListener2) || |
| michael@0 | 30 | aIID.equals(Ci.nsISupports)) |
| michael@0 | 31 | return this; |
| michael@0 | 32 | |
| michael@0 | 33 | throw Components.results.NS_ERROR_NO_INTERFACE; |
| michael@0 | 34 | }, |
| michael@0 | 35 | |
| michael@0 | 36 | /** |
| michael@0 | 37 | To collect the SSL status we intercept the certificate error here |
| michael@0 | 38 | and store the status for later use. |
| michael@0 | 39 | */ |
| michael@0 | 40 | notifyCertProblem: function SSLE_notifyCertProblem(socketInfo, sslStatus, targetHost) { |
| michael@0 | 41 | this._sslStatus = sslStatus.QueryInterface(Ci.nsISSLStatus); |
| michael@0 | 42 | return true; // suppress error UI |
| michael@0 | 43 | }, |
| michael@0 | 44 | |
| michael@0 | 45 | /** |
| michael@0 | 46 | Attempt to download the certificate for the location specified to get the SSLState |
| michael@0 | 47 | for the certificate and the errors. |
| michael@0 | 48 | */ |
| michael@0 | 49 | _checkCert: function SSLE_checkCert(aURI) { |
| michael@0 | 50 | this._sslStatus = null; |
| michael@0 | 51 | |
| michael@0 | 52 | var req = new XMLHttpRequest(); |
| michael@0 | 53 | try { |
| michael@0 | 54 | if(aURI) { |
| michael@0 | 55 | req.open("GET", aURI.prePath, false); |
| michael@0 | 56 | req.channel.notificationCallbacks = this; |
| michael@0 | 57 | req.send(null); |
| michael@0 | 58 | } |
| michael@0 | 59 | } catch (e) { |
| michael@0 | 60 | // We *expect* exceptions if there are problems with the certificate |
| michael@0 | 61 | // presented by the site. Log it, just in case, but we can proceed here, |
| michael@0 | 62 | // with appropriate sanity checks |
| michael@0 | 63 | Components.utils.reportError("Attempted to connect to a site with a bad certificate in the add exception dialog. " + |
| michael@0 | 64 | "This results in a (mostly harmless) exception being thrown. " + |
| michael@0 | 65 | "Logged for information purposes only: " + e); |
| michael@0 | 66 | } |
| michael@0 | 67 | |
| michael@0 | 68 | return this._sslStatus; |
| michael@0 | 69 | }, |
| michael@0 | 70 | |
| michael@0 | 71 | /** |
| michael@0 | 72 | Internal method to create an override. |
| michael@0 | 73 | */ |
| michael@0 | 74 | _addOverride: function SSLE_addOverride(aURI, aWindow, temporary) { |
| michael@0 | 75 | var SSLStatus = this._checkCert(aURI); |
| michael@0 | 76 | var certificate = SSLStatus.serverCert; |
| michael@0 | 77 | |
| michael@0 | 78 | var flags = 0; |
| michael@0 | 79 | |
| michael@0 | 80 | // in private browsing do not store exceptions permanently ever |
| michael@0 | 81 | if (PrivateBrowsingUtils.isWindowPrivate(aWindow)) { |
| michael@0 | 82 | temporary = true; |
| michael@0 | 83 | } |
| michael@0 | 84 | |
| michael@0 | 85 | if(SSLStatus.isUntrusted) |
| michael@0 | 86 | flags |= this._overrideService.ERROR_UNTRUSTED; |
| michael@0 | 87 | if(SSLStatus.isDomainMismatch) |
| michael@0 | 88 | flags |= this._overrideService.ERROR_MISMATCH; |
| michael@0 | 89 | if(SSLStatus.isNotValidAtThisTime) |
| michael@0 | 90 | flags |= this._overrideService.ERROR_TIME; |
| michael@0 | 91 | |
| michael@0 | 92 | this._overrideService.rememberValidityOverride( |
| michael@0 | 93 | aURI.asciiHost, |
| michael@0 | 94 | aURI.port, |
| michael@0 | 95 | certificate, |
| michael@0 | 96 | flags, |
| michael@0 | 97 | temporary); |
| michael@0 | 98 | }, |
| michael@0 | 99 | |
| michael@0 | 100 | /** |
| michael@0 | 101 | Creates a permanent exception to override all overridable errors for |
| michael@0 | 102 | the given URL. |
| michael@0 | 103 | */ |
| michael@0 | 104 | addPermanentException: function SSLE_addPermanentException(aURI, aWindow) { |
| michael@0 | 105 | this._addOverride(aURI, aWindow, false); |
| michael@0 | 106 | }, |
| michael@0 | 107 | |
| michael@0 | 108 | /** |
| michael@0 | 109 | Creates a temporary exception to override all overridable errors for |
| michael@0 | 110 | the given URL. |
| michael@0 | 111 | */ |
| michael@0 | 112 | addTemporaryException: function SSLE_addTemporaryException(aURI, aWindow) { |
| michael@0 | 113 | this._addOverride(aURI, aWindow, true); |
| michael@0 | 114 | } |
| michael@0 | 115 | }; |
