1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/browser/components/preferences/security.js Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,227 @@
1.4 +/* -*- Mode: Java; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
1.5 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.6 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.7 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.8 +
1.9 +Components.utils.import("resource://gre/modules/PrivateBrowsingUtils.jsm");
1.10 +
1.11 +var gSecurityPane = {
1.12 + _pane: null,
1.13 +
1.14 + /**
1.15 + * Initializes master password UI.
1.16 + */
1.17 + init: function ()
1.18 + {
1.19 + this._pane = document.getElementById("paneSecurity");
1.20 + this._initMasterPasswordUI();
1.21 + },
1.22 +
1.23 + // ADD-ONS
1.24 +
1.25 + /*
1.26 + * Preferences:
1.27 + *
1.28 + * xpinstall.whitelist.required
1.29 + * - true if a site must be added to a site whitelist before extensions
1.30 + * provided by the site may be installed from it, false if the extension
1.31 + * may be directly installed after a confirmation dialog
1.32 + */
1.33 +
1.34 + /**
1.35 + * Enables/disables the add-ons Exceptions button depending on whether
1.36 + * or not add-on installation warnings are displayed.
1.37 + */
1.38 + readWarnAddonInstall: function ()
1.39 + {
1.40 + var warn = document.getElementById("xpinstall.whitelist.required");
1.41 + var exceptions = document.getElementById("addonExceptions");
1.42 +
1.43 + exceptions.disabled = !warn.value;
1.44 +
1.45 + // don't override the preference value
1.46 + return undefined;
1.47 + },
1.48 +
1.49 + /**
1.50 + * Displays the exceptions lists for add-on installation warnings.
1.51 + */
1.52 + showAddonExceptions: function ()
1.53 + {
1.54 + var bundlePrefs = document.getElementById("bundlePreferences");
1.55 +
1.56 + var params = this._addonParams;
1.57 + if (!params.windowTitle || !params.introText) {
1.58 + params.windowTitle = bundlePrefs.getString("addons_permissions_title");
1.59 + params.introText = bundlePrefs.getString("addonspermissionstext");
1.60 + }
1.61 +
1.62 + document.documentElement.openWindow("Browser:Permissions",
1.63 + "chrome://browser/content/preferences/permissions.xul",
1.64 + "", params);
1.65 + },
1.66 +
1.67 + /**
1.68 + * Parameters for the add-on install permissions dialog.
1.69 + */
1.70 + _addonParams:
1.71 + {
1.72 + blockVisible: false,
1.73 + sessionVisible: false,
1.74 + allowVisible: true,
1.75 + prefilledHost: "",
1.76 + permissionType: "install"
1.77 + },
1.78 +
1.79 + // PASSWORDS
1.80 +
1.81 + /*
1.82 + * Preferences:
1.83 + *
1.84 + * signon.rememberSignons
1.85 + * - true if passwords are remembered, false otherwise
1.86 + */
1.87 +
1.88 + /**
1.89 + * Enables/disables the Exceptions button used to configure sites where
1.90 + * passwords are never saved. When browser is set to start in Private
1.91 + * Browsing mode, the "Remember passwords" UI is useless, so we disable it.
1.92 + */
1.93 + readSavePasswords: function ()
1.94 + {
1.95 + var pref = document.getElementById("signon.rememberSignons");
1.96 + var excepts = document.getElementById("passwordExceptions");
1.97 +
1.98 + if (PrivateBrowsingUtils.permanentPrivateBrowsing) {
1.99 + document.getElementById("savePasswords").disabled = true;
1.100 + excepts.disabled = true;
1.101 + return false;
1.102 + } else {
1.103 + excepts.disabled = !pref.value;
1.104 + // don't override pref value in UI
1.105 + return undefined;
1.106 + }
1.107 + },
1.108 +
1.109 + /**
1.110 + * Displays a dialog in which the user can view and modify the list of sites
1.111 + * where passwords are never saved.
1.112 + */
1.113 + showPasswordExceptions: function ()
1.114 + {
1.115 + document.documentElement.openWindow("Toolkit:PasswordManagerExceptions",
1.116 + "chrome://passwordmgr/content/passwordManagerExceptions.xul",
1.117 + "", null);
1.118 + },
1.119 +
1.120 + /**
1.121 + * Initializes master password UI: the "use master password" checkbox, selects
1.122 + * the master password button to show, and enables/disables it as necessary.
1.123 + * The master password is controlled by various bits of NSS functionality, so
1.124 + * the UI for it can't be controlled by the normal preference bindings.
1.125 + */
1.126 + _initMasterPasswordUI: function ()
1.127 + {
1.128 + var noMP = !this._masterPasswordSet();
1.129 +
1.130 + var button = document.getElementById("changeMasterPassword");
1.131 + button.disabled = noMP;
1.132 +
1.133 + var checkbox = document.getElementById("useMasterPassword");
1.134 + checkbox.checked = !noMP;
1.135 + },
1.136 +
1.137 + /**
1.138 + * Returns true if the user has a master password set and false otherwise.
1.139 + */
1.140 + _masterPasswordSet: function ()
1.141 + {
1.142 + const Cc = Components.classes, Ci = Components.interfaces;
1.143 + var secmodDB = Cc["@mozilla.org/security/pkcs11moduledb;1"].
1.144 + getService(Ci.nsIPKCS11ModuleDB);
1.145 + var slot = secmodDB.findSlotByName("");
1.146 + if (slot) {
1.147 + var status = slot.status;
1.148 + var hasMP = status != Ci.nsIPKCS11Slot.SLOT_UNINITIALIZED &&
1.149 + status != Ci.nsIPKCS11Slot.SLOT_READY;
1.150 + return hasMP;
1.151 + } else {
1.152 + // XXX I have no bloody idea what this means
1.153 + return false;
1.154 + }
1.155 + },
1.156 +
1.157 + /**
1.158 + * Enables/disables the master password button depending on the state of the
1.159 + * "use master password" checkbox, and prompts for master password removal if
1.160 + * one is set.
1.161 + */
1.162 + updateMasterPasswordButton: function ()
1.163 + {
1.164 + var checkbox = document.getElementById("useMasterPassword");
1.165 + var button = document.getElementById("changeMasterPassword");
1.166 + button.disabled = !checkbox.checked;
1.167 +
1.168 + // unchecking the checkbox should try to immediately remove the master
1.169 + // password, because it's impossible to non-destructively remove the master
1.170 + // password used to encrypt all the passwords without providing it (by
1.171 + // design), and it would be extremely odd to pop up that dialog when the
1.172 + // user closes the prefwindow and saves his settings
1.173 + if (!checkbox.checked)
1.174 + this._removeMasterPassword();
1.175 + else
1.176 + this.changeMasterPassword();
1.177 +
1.178 + this._initMasterPasswordUI();
1.179 +
1.180 + // We might want to hide sync's password engine.
1.181 + gSyncPane.updateWeavePrefs();
1.182 + },
1.183 +
1.184 + /**
1.185 + * Displays the "remove master password" dialog to allow the user to remove
1.186 + * the current master password. When the dialog is dismissed, master password
1.187 + * UI is automatically updated.
1.188 + */
1.189 + _removeMasterPassword: function ()
1.190 + {
1.191 + const Cc = Components.classes, Ci = Components.interfaces;
1.192 + var secmodDB = Cc["@mozilla.org/security/pkcs11moduledb;1"].
1.193 + getService(Ci.nsIPKCS11ModuleDB);
1.194 + if (secmodDB.isFIPSEnabled) {
1.195 + var promptService = Cc["@mozilla.org/embedcomp/prompt-service;1"].
1.196 + getService(Ci.nsIPromptService);
1.197 + var bundle = document.getElementById("bundlePreferences");
1.198 + promptService.alert(window,
1.199 + bundle.getString("pw_change_failed_title"),
1.200 + bundle.getString("pw_change2empty_in_fips_mode"));
1.201 + }
1.202 + else {
1.203 + document.documentElement.openSubDialog("chrome://mozapps/content/preferences/removemp.xul",
1.204 + "", null);
1.205 + }
1.206 + this._initMasterPasswordUI();
1.207 + },
1.208 +
1.209 + /**
1.210 + * Displays a dialog in which the master password may be changed.
1.211 + */
1.212 + changeMasterPassword: function ()
1.213 + {
1.214 + document.documentElement.openSubDialog("chrome://mozapps/content/preferences/changemp.xul",
1.215 + "", null);
1.216 + this._initMasterPasswordUI();
1.217 + },
1.218 +
1.219 + /**
1.220 + * Shows the sites where the user has saved passwords and the associated login
1.221 + * information.
1.222 + */
1.223 + showPasswords: function ()
1.224 + {
1.225 + document.documentElement.openWindow("Toolkit:PasswordManager",
1.226 + "chrome://passwordmgr/content/passwordManager.xul",
1.227 + "", null);
1.228 + }
1.229 +
1.230 +};
