1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/browser/metro/base/content/pages/netError.xhtml Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,368 @@
1.4 +<?xml version="1.0" encoding="UTF-8"?>
1.5 +
1.6 +<!DOCTYPE html [
1.7 + <!ENTITY % htmlDTD
1.8 + PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
1.9 + "DTD/xhtml1-strict.dtd">
1.10 + %htmlDTD;
1.11 + <!ENTITY % netErrorDTD
1.12 + SYSTEM "chrome://global/locale/netError.dtd">
1.13 + %netErrorDTD;
1.14 + <!ENTITY % globalDTD
1.15 + SYSTEM "chrome://global/locale/global.dtd">
1.16 + %globalDTD;
1.17 +]>
1.18 +
1.19 +<!-- This Source Code Form is subject to the terms of the Mozilla Public
1.20 + - License, v. 2.0. If a copy of the MPL was not distributed with this
1.21 + - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
1.22 +
1.23 +<html xmlns="http://www.w3.org/1999/xhtml">
1.24 + <head>
1.25 + <meta name="viewport" content="width=device-width; user-scalable=false;" />
1.26 + <title>&loadError.label;</title>
1.27 + <link rel="stylesheet" href="chrome://global/skin/netError.css" type="text/css" media="all" />
1.28 + <!-- If the location of the favicon is changed here, the FAVICON_ERRORPAGE_URL symbol in
1.29 + toolkit/components/places/src/nsFaviconService.h should be updated. -->
1.30 + <link rel="icon" type="image/png" id="favicon" href="chrome://global/skin/icons/warning-16.png"/>
1.31 +
1.32 + <script type="application/javascript"><![CDATA[
1.33 + // Error url MUST be formatted like this:
1.34 + // moz-neterror:page?e=error&u=url&d=desc
1.35 + //
1.36 + // or optionally, to specify an alternate CSS class to allow for
1.37 + // custom styling and favicon:
1.38 + //
1.39 + // moz-neterror:page?e=error&u=url&s=classname&d=desc
1.40 +
1.41 + // Note that this file uses document.documentURI to get
1.42 + // the URL (with the format from above). This is because
1.43 + // document.location.href gets the current URI off the docshell,
1.44 + // which is the URL displayed in the location bar, i.e.
1.45 + // the URI that the user attempted to load.
1.46 +
1.47 + function getErrorCode()
1.48 + {
1.49 + var url = document.documentURI;
1.50 + var error = url.search(/e\=/);
1.51 + var duffUrl = url.search(/\&u\=/);
1.52 + return decodeURIComponent(url.slice(error + 2, duffUrl));
1.53 + }
1.54 +
1.55 + function getCSSClass()
1.56 + {
1.57 + var url = document.documentURI;
1.58 + var matches = url.match(/s\=([^&]+)\&/);
1.59 + // s is optional, if no match just return nothing
1.60 + if (!matches || matches.length < 2)
1.61 + return "";
1.62 +
1.63 + // parenthetical match is the second entry
1.64 + return decodeURIComponent(matches[1]);
1.65 + }
1.66 +
1.67 + function getDescription()
1.68 + {
1.69 + var url = document.documentURI;
1.70 + var desc = url.search(/d\=/);
1.71 +
1.72 + // desc == -1 if not found; if so, return an empty string
1.73 + // instead of what would turn out to be portions of the URI
1.74 + if (desc == -1)
1.75 + return "";
1.76 +
1.77 + return decodeURIComponent(url.slice(desc + 2));
1.78 + }
1.79 +
1.80 + function retryThis(buttonEl)
1.81 + {
1.82 + // Note: The application may wish to handle switching off "offline mode"
1.83 + // before this event handler runs, but using a capturing event handler.
1.84 +
1.85 + // Session history has the URL of the page that failed
1.86 + // to load, not the one of the error page. So, just call
1.87 + // reload(), which will also repost POST data correctly.
1.88 + try {
1.89 + location.reload();
1.90 + } catch (e) {
1.91 + // We probably tried to reload a URI that caused an exception to
1.92 + // occur; e.g. a nonexistent file.
1.93 + }
1.94 +
1.95 + buttonEl.disabled = true;
1.96 + }
1.97 +
1.98 + function initPage()
1.99 + {
1.100 + var err = getErrorCode();
1.101 +
1.102 + // if it's an unknown error or there's no title or description
1.103 + // defined, get the generic message
1.104 + var errTitle = document.getElementById("et_" + err);
1.105 + var errDesc = document.getElementById("ed_" + err);
1.106 + if (!errTitle || !errDesc)
1.107 + {
1.108 + errTitle = document.getElementById("et_generic");
1.109 + errDesc = document.getElementById("ed_generic");
1.110 + }
1.111 +
1.112 + var title = document.querySelector(".errorTitleText");
1.113 + if (title)
1.114 + {
1.115 + title.parentNode.replaceChild(errTitle, title);
1.116 + // change id to the replaced child's id so styling works
1.117 + errTitle.classList.add("errorTitleText");
1.118 + }
1.119 +
1.120 + var sd = document.getElementById("errorShortDescText");
1.121 + if (sd)
1.122 + sd.textContent = getDescription();
1.123 +
1.124 + var ld = document.getElementById("errorLongDesc");
1.125 + if (ld)
1.126 + {
1.127 + ld.parentNode.replaceChild(errDesc, ld);
1.128 + // change id to the replaced child's id so styling works
1.129 + errDesc.id = "errorLongDesc";
1.130 + }
1.131 +
1.132 + // remove undisplayed errors to avoid bug 39098
1.133 + var errContainer = document.getElementById("errorContainer");
1.134 + errContainer.parentNode.removeChild(errContainer);
1.135 +
1.136 + var className = getCSSClass();
1.137 + if (className && className != "expertBadCert") {
1.138 + // Associate a CSS class with the root of the page, if one was passed in,
1.139 + // to allow custom styling.
1.140 + // Not "expertBadCert" though, don't want to deal with the favicon
1.141 + document.documentElement.className = className;
1.142 +
1.143 + // Also, if they specified a CSS class, they must supply their own
1.144 + // favicon. In order to trigger the browser to repaint though, we
1.145 + // need to remove/add the link element.
1.146 + var favicon = document.getElementById("favicon");
1.147 + var faviconParent = favicon.parentNode;
1.148 + faviconParent.removeChild(favicon);
1.149 + favicon.setAttribute("href", "chrome://global/skin/icons/" + className + "_favicon.png");
1.150 + faviconParent.appendChild(favicon);
1.151 + }
1.152 + if (className == "expertBadCert") {
1.153 + showSecuritySection();
1.154 + }
1.155 +
1.156 + if (err == "remoteXUL") {
1.157 + // Remove the "Try again" button for remote XUL errors given that
1.158 + // it is useless.
1.159 + document.getElementById("errorTryAgain").style.display = "none";
1.160 + }
1.161 +
1.162 + if (err == "cspFrameAncestorBlocked") {
1.163 + // Remove the "Try again" button for CSP frame ancestors violation, since it's
1.164 + // almost certainly useless. (Bug 553180)
1.165 + document.getElementById("errorTryAgain").style.display = "none";
1.166 + }
1.167 +
1.168 + if (err == "nssBadCert") {
1.169 + // Remove the "Try again" button for security exceptions, since it's
1.170 + // almost certainly useless.
1.171 + document.getElementById("errorTryAgain").style.display = "none";
1.172 + document.getElementById("errorPage").setAttribute("class", "certerror");
1.173 + addDomainErrorLink();
1.174 + }
1.175 + else {
1.176 + // Remove the override block for non-certificate errors. CSS-hiding
1.177 + // isn't good enough here, because of bug 39098
1.178 + var secOverride = document.getElementById("securityOverrideDiv");
1.179 + secOverride.parentNode.removeChild(secOverride);
1.180 + }
1.181 + }
1.182 +
1.183 + function showSecuritySection() {
1.184 + // Swap link out, content in
1.185 + document.getElementById('securityOverrideContent').style.display = '';
1.186 + document.getElementById('securityOverrideLink').style.display = 'none';
1.187 + }
1.188 +
1.189 + /* In the case of SSL error pages about domain mismatch, see if
1.190 + we can hyperlink the user to the correct site. We don't want
1.191 + to do this generically since it allows MitM attacks to redirect
1.192 + users to a site under attacker control, but in certain cases
1.193 + it is safe (and helpful!) to do so. Bug 402210
1.194 + */
1.195 + function addDomainErrorLink() {
1.196 + // Rather than textContent, we need to treat description as HTML
1.197 + var sd = document.getElementById("errorShortDescText");
1.198 + if (sd) {
1.199 + var desc = getDescription();
1.200 +
1.201 + // sanitize description text - see bug 441169
1.202 +
1.203 + // First, find the index of the <a> tag we care about, being careful not to
1.204 + // use an over-greedy regex
1.205 + var re = /<a id="cert_domain_link" title="([^"]+)">/;
1.206 + var result = re.exec(desc);
1.207 + if(!result)
1.208 + return;
1.209 +
1.210 + // Remove sd's existing children
1.211 + sd.textContent = "";
1.212 +
1.213 + // Everything up to the link should be text content
1.214 + sd.appendChild(document.createTextNode(desc.slice(0, result.index)));
1.215 +
1.216 + // Now create the link itself
1.217 + var anchorEl = document.createElement("a");
1.218 + anchorEl.setAttribute("id", "cert_domain_link");
1.219 + anchorEl.setAttribute("title", result[1]);
1.220 + anchorEl.appendChild(document.createTextNode(result[1]));
1.221 + sd.appendChild(anchorEl);
1.222 +
1.223 + // Finally, append text for anything after the closing </a>
1.224 + sd.appendChild(document.createTextNode(desc.slice(desc.indexOf("</a>") + "</a>".length)));
1.225 + }
1.226 +
1.227 + var link = document.getElementById('cert_domain_link');
1.228 + if (!link)
1.229 + return;
1.230 +
1.231 + var okHost = link.getAttribute("title");
1.232 + var thisHost = document.location.hostname;
1.233 + var proto = document.location.protocol;
1.234 +
1.235 + // If okHost is a wildcard domain ("*.example.com") let's
1.236 + // use "www" instead. "*.example.com" isn't going to
1.237 + // get anyone anywhere useful. bug 432491
1.238 + okHost = okHost.replace(/^\*\./, "www.");
1.239 +
1.240 + /* case #1:
1.241 + * example.com uses an invalid security certificate.
1.242 + *
1.243 + * The certificate is only valid for www.example.com
1.244 + *
1.245 + * Make sure to include the "." ahead of thisHost so that
1.246 + * a MitM attack on paypal.com doesn't hyperlink to "notpaypal.com"
1.247 + *
1.248 + * We'd normally just use a RegExp here except that we lack a
1.249 + * library function to escape them properly (bug 248062), and
1.250 + * domain names are famous for having '.' characters in them,
1.251 + * which would allow spurious and possibly hostile matches.
1.252 + */
1.253 + if (endsWith(okHost, "." + thisHost))
1.254 + link.href = proto + okHost;
1.255 +
1.256 + /* case #2:
1.257 + * browser.garage.maemo.org uses an invalid security certificate.
1.258 + *
1.259 + * The certificate is only valid for garage.maemo.org
1.260 + */
1.261 + if (endsWith(thisHost, "." + okHost))
1.262 + link.href = proto + okHost;
1.263 + }
1.264 +
1.265 + function endsWith(haystack, needle) {
1.266 + return haystack.slice(-needle.length) == needle;
1.267 + }
1.268 +
1.269 + ]]></script>
1.270 + </head>
1.271 +
1.272 + <body id="errorPage" dir="&locale.dir;">
1.273 +
1.274 + <!-- ERROR ITEM CONTAINER (removed during loading to avoid bug 39098) -->
1.275 + <div id="errorContainer">
1.276 + <div id="errorTitlesContainer">
1.277 + <h1 id="et_generic">&generic.title;</h1>
1.278 + <h1 id="et_dnsNotFound">&dnsNotFound.title;</h1>
1.279 + <h1 id="et_fileNotFound">&fileNotFound.title;</h1>
1.280 + <h1 id="et_malformedURI">&malformedURI.title;</h1>
1.281 + <h1 id="et_unknownProtocolFound">&unknownProtocolFound.title;</h1>
1.282 + <h1 id="et_connectionFailure">&connectionFailure.title;</h1>
1.283 + <h1 id="et_netTimeout">&netTimeout.title;</h1>
1.284 + <h1 id="et_redirectLoop">&redirectLoop.title;</h1>
1.285 + <h1 id="et_unknownSocketType">&unknownSocketType.title;</h1>
1.286 + <h1 id="et_netReset">&netReset.title;</h1>
1.287 + <h1 id="et_notCached">¬Cached.title;</h1>
1.288 + <h1 id="et_netOffline">&netOffline.title;</h1>
1.289 + <h1 id="et_netInterrupt">&netInterrupt.title;</h1>
1.290 + <h1 id="et_deniedPortAccess">&deniedPortAccess.title;</h1>
1.291 + <h1 id="et_proxyResolveFailure">&proxyResolveFailure.title;</h1>
1.292 + <h1 id="et_proxyConnectFailure">&proxyConnectFailure.title;</h1>
1.293 + <h1 id="et_contentEncodingError">&contentEncodingError.title;</h1>
1.294 + <h1 id="et_unsafeContentType">&unsafeContentType.title;</h1>
1.295 + <h1 id="et_nssFailure2">&nssFailure2.title;</h1>
1.296 + <h1 id="et_nssBadCert">&nssBadCert.title;</h1>
1.297 + <h1 id="et_cspFrameAncestorBlocked">&cspFrameAncestorBlocked.title;</h1>
1.298 + <h1 id="et_remoteXUL">&remoteXUL.title;</h1>
1.299 + <h1 id="et_corruptedContentError">&corruptedContentError.title;</h1>
1.300 + </div>
1.301 + <div id="errorDescriptionsContainer">
1.302 + <div id="ed_generic">&generic.longDesc;</div>
1.303 + <div id="ed_dnsNotFound">&dnsNotFound.longDesc;</div>
1.304 + <div id="ed_fileNotFound">&fileNotFound.longDesc;</div>
1.305 + <div id="ed_malformedURI">&malformedURI.longDesc;</div>
1.306 + <div id="ed_unknownProtocolFound">&unknownProtocolFound.longDesc;</div>
1.307 + <div id="ed_connectionFailure">&connectionFailure.longDesc;</div>
1.308 + <div id="ed_netTimeout">&netTimeout.longDesc;</div>
1.309 + <div id="ed_redirectLoop">&redirectLoop.longDesc;</div>
1.310 + <div id="ed_unknownSocketType">&unknownSocketType.longDesc;</div>
1.311 + <div id="ed_netReset">&netReset.longDesc;</div>
1.312 + <div id="ed_notCached">¬Cached.longDesc;</div>
1.313 + <div id="ed_netOffline">&netOffline.longDesc2;</div>
1.314 + <div id="ed_netInterrupt">&netInterrupt.longDesc;</div>
1.315 + <div id="ed_deniedPortAccess">&deniedPortAccess.longDesc;</div>
1.316 + <div id="ed_proxyResolveFailure">&proxyResolveFailure.longDesc;</div>
1.317 + <div id="ed_proxyConnectFailure">&proxyConnectFailure.longDesc;</div>
1.318 + <div id="ed_contentEncodingError">&contentEncodingError.longDesc;</div>
1.319 + <div id="ed_unsafeContentType">&unsafeContentType.longDesc;</div>
1.320 + <div id="ed_nssFailure2">&nssFailure2.longDesc;</div>
1.321 + <div id="ed_nssBadCert">&nssBadCert.longDesc2;</div>
1.322 + <div id="ed_cspFrameAncestorBlocked">&cspFrameAncestorBlocked.longDesc;</div>
1.323 + <div id="ed_remoteXUL">&remoteXUL.longDesc;</div>
1.324 + <div id="ed_corruptedContentError">&corruptedContentError.longDesc;</div>
1.325 + </div>
1.326 + </div>
1.327 +
1.328 + <!-- PAGE CONTAINER (for styling purposes only) -->
1.329 + <div id="errorPageContainer" class="section">
1.330 +
1.331 + <!-- Error Title -->
1.332 + <div id="errorTitle" class="section-header">
1.333 + <span id="errorTitleIcon"></span>
1.334 + <h1 class="errorTitleText" />
1.335 + </div>
1.336 +
1.337 + <!-- LONG CONTENT (the section most likely to require scrolling) -->
1.338 + <div id="errorLongContent" class="section-details">
1.339 +
1.340 + <!-- Short Description -->
1.341 + <div id="errorShortDesc">
1.342 + <p id="errorShortDescText" />
1.343 + </div>
1.344 +
1.345 + <!-- Long Description (Note: See netError.dtd for used XHTML tags) -->
1.346 + <div id="errorLongDesc" />
1.347 +
1.348 + <!-- Override section - For ssl errors only. Removed on init for other
1.349 + error types. -->
1.350 + <div id="securityOverrideDiv">
1.351 + <a id="securityOverrideLink" href="javascript:showSecuritySection();" >&securityOverride.linkText;</a>
1.352 + <div id="securityOverrideContent" style="display: none;">&securityOverride.warningContent;</div>
1.353 + </div>
1.354 + </div>
1.355 +
1.356 + <div class="section-footer">
1.357 + <!-- Retry Button -->
1.358 + <button id="errorTryAgain" onclick="retryThis(this);">&retry.label;</button>
1.359 + </div>
1.360 +
1.361 + </div>
1.362 +
1.363 + <!--
1.364 + - Note: It is important to run the script this way, instead of using
1.365 + - an onload handler. This is because error pages are loaded as
1.366 + - LOAD_BACKGROUND, which means that onload handlers will not be executed.
1.367 + -->
1.368 + <script type="application/javascript">initPage();</script>
1.369 +
1.370 + </body>
1.371 +</html>
