--- a/browser/base/content/blockedSite.xhtml
+++ b/browser/base/content/blockedSite.xhtml
@@ -51,18 +51,19 @@
// If this is a view-source page, then get then real URI of the page
if (url.startsWith("view-source:"))
url = url.slice(12);
return url;
}
/**
- * Check whether this warning page should be overridable or whether
- * the "ignore warning" button should be hidden.
+ * Check whether this warning page is overridable or not, in which case
+ * the "ignore the risk" suggestion in the error description
+ * should not be shown.
*/
function getOverride() {
var url = document.documentURI;
var match = url.match(/&o=1&/);
return !!match;
}
/**
@@ -72,16 +73,25 @@
function getHostString() {
try {
return document.location.hostname;
} catch (e) {
return getURL();
}
}
+ function onClickSeeDetails() {
+ let details = document.getElementById("errorDescriptionContainer");
+ if (details.hidden == true) {
+ details.removeAttribute("hidden");
+ } else {
+ details.setAttribute("hidden", "true");
+ }
+ }
+
function initPage() {
var error = "";
switch (getErrorCode()) {
case "malwareBlocked" :
error = "malware";
break;
case "deceptiveBlocked" :
error = "phishing";
@@ -98,111 +108,129 @@
var el;
if (error !== "malware") {
el = document.getElementById("errorTitleText_malware");
el.remove();
el = document.getElementById("errorShortDescText_malware");
el.remove();
- el = document.getElementById("errorLongDescText_malware");
+ el = document.getElementById("errorLongDesc_malware");
el.remove();
}
if (error !== "phishing") {
el = document.getElementById("errorTitleText_phishing");
el.remove();
el = document.getElementById("errorShortDescText_phishing");
el.remove();
- el = document.getElementById("errorLongDescText_phishing");
+ el = document.getElementById("errorLongDesc_phishing");
el.remove();
}
if (error !== "unwanted") {
el = document.getElementById("errorTitleText_unwanted");
el.remove();
el = document.getElementById("errorShortDescText_unwanted");
el.remove();
- el = document.getElementById("errorLongDescText_unwanted");
+ el = document.getElementById("errorLongDesc_unwanted");
el.remove();
}
if (error !== "harmful") {
el = document.getElementById("errorTitleText_harmful");
el.remove();
el = document.getElementById("errorShortDescText_harmful");
el.remove();
+ el = document.getElementById("errorLongDesc_harmful");
+ el.remove();
}
- // Set sitename if necessary.
- let sitenameElem = document.getElementById(error + "_sitename");
- if (sitenameElem) {
- sitenameElem.textContent = getHostString();
+ // Decide which version of the string should be visible in the error description.
+ if (getOverride()) {
+ document.getElementById(error + "_error_desc_no_override").remove();
+ } else {
+ document.getElementById(error + "_error_desc_override").remove();
}
- document.title = document.getElementById("errorTitleText_" + error)
- .innerHTML;
+ // Set sitename in error details.
+ let sitenameElem = document.getElementById(error + "_sitename");
+ sitenameElem.setAttribute("class", "sitename");
+ sitenameElem.textContent = getHostString();
+
+ document.title = document.getElementById("errorTitleText_" + error).textContent;
- if (!getOverride()) {
- var btn = document.getElementById("ignoreWarningButton");
- if (btn) {
- btn.remove();
- }
- }
-
- // Inform the test harness that we're done loading the page
- var event = new CustomEvent("AboutBlockedLoaded", {bubbles: true});
+ // Inform the test harness that we're done loading the page.
+ var event = new CustomEvent("AboutBlockedLoaded",
+ {
+ bubbles: true,
+ detail: {
+ url: this.getURL(),
+ err: error
+ }
+ });
document.dispatchEvent(event);
}
]]></script>
</head>
<body dir="&locale.dir;">
<div id="errorPageContainer" class="container">
<!-- Error Title -->
<div id="errorTitle" class="title">
- <h1 class="title-text" id="errorTitleText_phishing">&safeb.blocked.phishingPage.title2;</h1>
- <h1 class="title-text" id="errorTitleText_malware">&safeb.blocked.malwarePage.title;</h1>
- <h1 class="title-text" id="errorTitleText_unwanted">&safeb.blocked.unwantedPage.title;</h1>
+ <h1 class="title-text" id="errorTitleText_phishing">&safeb.blocked.phishingPage.title3;</h1>
+ <h1 class="title-text" id="errorTitleText_malware">&safeb.blocked.malwarePage.title2;</h1>
+ <h1 class="title-text" id="errorTitleText_unwanted">&safeb.blocked.unwantedPage.title2;</h1>
<h1 class="title-text" id="errorTitleText_harmful">&safeb.blocked.harmfulPage.title;</h1>
</div>
<div id="errorLongContent">
<!-- Short Description -->
<div id="errorShortDesc">
- <p id="errorShortDescText_phishing">&safeb.blocked.phishingPage.shortDesc2;</p>
- <p id="errorShortDescText_malware">&safeb.blocked.malwarePage.shortDesc;</p>
- <p id="errorShortDescText_unwanted">&safeb.blocked.unwantedPage.shortDesc;</p>
+ <p id="errorShortDescText_phishing">&safeb.blocked.phishingPage.shortDesc3;</p>
+ <p id="errorShortDescText_malware">&safeb.blocked.malwarePage.shortDesc2;</p>
+ <p id="errorShortDescText_unwanted">&safeb.blocked.unwantedPage.shortDesc2;</p>
<p id="errorShortDescText_harmful">&safeb.blocked.harmfulPage.shortDesc2;</p>
</div>
- <!-- Long Description -->
- <div id="errorLongDesc">
- <p id="errorLongDescText_phishing">&safeb.blocked.phishingPage.longDesc2;</p>
- <p id="errorLongDescText_malware">&safeb.blocked.malwarePage.longDesc;</p>
- <p id="errorLongDescText_unwanted">&safeb.blocked.unwantedPage.longDesc;</p>
- </div>
-
<!-- Advisory -->
<div id="advisoryDesc">
- <p id="advisoryDescText">&safeb.palm.advisory.desc;</p>
+ <p id="advisoryDescText">&safeb.palm.advisory.desc2;</p>
</div>
<!-- Action buttons -->
<div id="buttons" class="button-container">
<!-- Commands handled in browser.js -->
- <button id="getMeOutButton" class="primary">&safeb.palm.accept.label;</button>
- <div class="button-spacer"></div>
- <button id="reportButton">&safeb.palm.reportPage.label;</button>
+ <button id="goBackButton">&safeb.palm.accept.label2;</button>
+ <button id="seeDetailsButton" onclick="onClickSeeDetails();">&safeb.palm.seedetails.label;</button>
</div>
</div>
- <div id="ignoreWarning">
- <button id="ignoreWarningButton">&safeb.palm.decline.label;</button>
+ <div id="errorDescriptionContainer" hidden="true">
+ <div class="error-description" id="errorLongDesc_phishing">
+ <p id="phishing_error_desc_override">&safeb.blocked.phishingPage.errorDesc.override;</p>
+ <p id="phishing_error_desc_no_override">&safeb.blocked.phishingPage.errorDesc.noOverride;</p>
+ <p id="phishing_learn_more">&safeb.blocked.phishingPage.learnMore;</p>
+ </div>
+ <div class="error-description" id="errorLongDesc_malware">
+ <p id="malware_error_desc_override">&safeb.blocked.malwarePage.errorDesc.override;</p>
+ <p id="malware_error_desc_no_override">&safeb.blocked.malwarePage.errorDesc.noOverride;</p>
+ <p id="malware_learn_more">&safeb.blocked.malwarePage.learnMore;</p>
+ </div>
+ <div class="error-description" id="errorLongDesc_unwanted">
+ <p id="unwanted_error_desc_override">&safeb.blocked.unwantedPage.errorDesc.override;</p>
+ <p id="unwanted_error_desc_no_override">&safeb.blocked.unwantedPage.errorDesc.noOverride;</p>
+ <p id="unwanted_learn_more">&safeb.blocked.unwantedPage.learnMore;</p>
+ </div>
+ <div class="error-description" id="errorLongDesc_harmful">
+ <p id="harmful_error_desc_override">&safeb.blocked.harmfulPage.errorDesc.override;</p>
+ <p id="harmful_error_desc_no_override">&safeb.blocked.harmfulPage.errorDesc.noOverride;</p>
+ <p id="harmful_learn_more">&safeb.blocked.harmfulPage.learnMore;</p>
+ </div>
</div>
</div>
<!--
- Note: It is important to run the script this way, instead of using
- an onload handler. This is because error pages are loaded as
- LOAD_BACKGROUND, which means that onload handlers will not be executed.
-->
<script type="application/javascript">
--- a/browser/base/content/browser.js
+++ b/browser/base/content/browser.js
@@ -3149,48 +3149,36 @@ var BrowserOnClick = {
bucketName = "WARNING_UNWANTED_PAGE_";
} else if (reason === "harmful") {
sendTelemetry = true;
bucketName = "WARNING_HARMFUL_PAGE_";
}
let secHistogram = Services.telemetry.getHistogramById("URLCLASSIFIER_UI_EVENTS");
let nsISecTel = Ci.IUrlClassifierUITelemetry;
bucketName += isTopFrame ? "TOP_" : "FRAME_";
+
switch (elementId) {
- case "getMeOutButton":
+ case "goBackButton":
if (sendTelemetry) {
secHistogram.add(nsISecTel[bucketName + "GET_ME_OUT_OF_HERE"]);
}
getMeOutOfHere();
break;
-
- case "reportButton":
- // This is the "Why is this site blocked" button. We redirect
- // to the generic page describing phishing/malware protection.
-
- // We log even if malware/phishing/unwanted info URL couldn't be found:
- // the measurement is for how many users clicked the WHY BLOCKED button
- if (sendTelemetry) {
- secHistogram.add(nsISecTel[bucketName + "WHY_BLOCKED"]);
- }
- openHelpLink("phishing-malware", false, "current");
- break;
-
- case "ignoreWarningButton":
+ case "ignore_warning_link":
if (gPrefService.getBoolPref("browser.safebrowsing.allowOverride")) {
if (sendTelemetry) {
secHistogram.add(nsISecTel[bucketName + "IGNORE_WARNING"]);
}
- this.ignoreWarningButton(reason, blockedInfo);
+ this.ignoreWarningLink(reason, blockedInfo);
}
break;
}
},
- ignoreWarningButton(reason, blockedInfo) {
+ ignoreWarningLink(reason, blockedInfo) {
// Allow users to override and continue through to the site,
// but add a notify bar as a reminder, so that they don't lose
// track after, e.g., tab switching.
gBrowser.loadURIWithFlags(gBrowser.currentURI.spec,
nsIWebNavigation.LOAD_FLAGS_BYPASS_CLASSIFIER,
null, null, null);
Services.perms.add(gBrowser.currentURI, "safe-browsing",
--- a/browser/base/content/content.js
+++ b/browser/base/content/content.js
@@ -160,16 +160,54 @@ var AboutBlockedSiteListener = {
if (docShell.failedChannel) {
let classifiedChannel = docShell.failedChannel.
QueryInterface(Ci.nsIClassifiedChannel);
if (classifiedChannel) {
provider = classifiedChannel.matchedProvider;
}
}
+ let doc = content.document;
+
+ /**
+ * Set error description link in error details.
+ * For example, the "reported as a deceptive site" link for
+ * blocked phishing pages.
+ */
+ let desc = Services.prefs.getCharPref(
+ "browser.safebrowsing.provider." + provider + ".reportURL", "");
+ if (desc) {
+ doc.getElementById("error_desc_link").setAttribute("href", desc + aEvent.detail.url);
+ }
+
+ // Set other links in error details.
+ switch (aEvent.detail.err) {
+ case "malware":
+ doc.getElementById("report_detection").setAttribute("href",
+ "https://www.stopbadware.org/firefox");
+ doc.getElementById("learn_more_link").setAttribute("href",
+ "https://www.stopbadware.org/firefox");
+ break;
+ case "unwanted":
+ doc.getElementById("learn_more_link").setAttribute("href",
+ "https://www.google.com/about/unwanted-software-policy.html");
+ break;
+ case "phishing":
+ doc.getElementById("report_detection").setAttribute("href",
+ "https://safebrowsing.google.com/safebrowsing/report_error/?tpl=mozilla");
+ doc.getElementById("learn_more_link").setAttribute("href",
+ "https://www.antiphishing.org//");
+ break;
+ }
+
+ // Set the firefox support url.
+ doc.getElementById("firefox_support").setAttribute("href",
+ "https://support.mozilla.org/kb/how-does-phishing-and-malware-protection-work");
+
+ // Set safe browsing advisory link.
let advisoryUrl = Services.prefs.getCharPref(
"browser.safebrowsing.provider." + provider + ".advisoryURL", "");
if (!advisoryUrl) {
let el = content.document.getElementById("advisoryDesc");
el.remove();
return;
}
--- a/browser/base/content/test/static/browser_misused_characters_in_strings.js
+++ b/browser/base/content/test/static/browser_misused_characters_in_strings.js
@@ -25,29 +25,65 @@ let gWhitelist = [{
key: "certerror.wrongSystemTime2",
type: "single-quote"
}, {
file: "netError.dtd",
key: "certerror.wrongSystemTimeWithoutReference",
type: "single-quote"
}, {
file: "phishing-afterload-warning-message.dtd",
- key: "safeb.palm.advisory.desc",
+ key: "safeb.palm.advisory.desc2",
+ type: "single-quote"
+ }, {
+ file: "phishing-afterload-warning-message.dtd",
+ key: "safeb.blocked.malwarePage.errorDesc.override",
+ type: "single-quote"
+ }, {
+ file: "phishing-afterload-warning-message.dtd",
+ key: "safeb.blocked.malwarePage.errorDesc.noOverride",
+ type: "single-quote"
+ }, {
+ file: "phishing-afterload-warning-message.dtd",
+ key: "safeb.blocked.malwarePage.learnMore",
+ type: "single-quote"
+ }, {
+ file: "phishing-afterload-warning-message.dtd",
+ key: "safeb.blocked.unwantedPage.errorDesc.override",
+ type: "single-quote"
+ }, {
+ file: "phishing-afterload-warning-message.dtd",
+ key: "safeb.blocked.unwantedPage.errorDesc.noOverride",
type: "single-quote"
}, {
file: "phishing-afterload-warning-message.dtd",
- key: "safeb.blocked.malwarePage.shortDesc",
+ key: "safeb.blocked.unwantedPage.learnMore",
+ type: "single-quote"
+ }, {
+ file: "phishing-afterload-warning-message.dtd",
+ key: "safeb.blocked.phishingPage.errorDesc.override",
+ type: "single-quote"
+ }, {
+ file: "phishing-afterload-warning-message.dtd",
+ key: "safeb.blocked.phishingPage.errorDesc.noOverride",
type: "single-quote"
}, {
file: "phishing-afterload-warning-message.dtd",
- key: "safeb.blocked.unwantedPage.shortDesc",
+ key: "safeb.blocked.phishingPage.learnMore",
type: "single-quote"
}, {
file: "phishing-afterload-warning-message.dtd",
- key: "safeb.blocked.phishingPage.shortDesc2",
+ key: "safeb.blocked.harmfulPage.errorDesc.override",
+ type: "single-quote"
+ }, {
+ file: "phishing-afterload-warning-message.dtd",
+ key: "safeb.blocked.harmfulPage.errorDesc.noOverride",
+ type: "single-quote"
+ }, {
+ file: "phishing-afterload-warning-message.dtd",
+ key: "safeb.blocked.harmfulPage.learnMore",
type: "single-quote"
}, {
file: "mathfont.properties",
key: "operator.\\u002E\\u002E\\u002E.postfix",
type: "ellipsis"
}, {
file: "layout_errors.properties",
key: "ImageMapRectBoundsError",
--- a/browser/components/safebrowsing/content/test/browser_bug400731.js
+++ b/browser/components/safebrowsing/content/test/browser_bug400731.js
@@ -10,17 +10,17 @@ function onDOMContentLoaded(callback) {
let mm = gBrowser.selectedBrowser.messageManager;
mm.addMessageListener("Test:DOMContentLoaded", complete);
function contentScript() {
let listener = function() {
removeEventListener("DOMContentLoaded", listener);
- let button = content.document.getElementById("ignoreWarningButton");
+ let button = content.document.getElementById("ignore_warning_link");
sendAsyncMessage("Test:DOMContentLoaded", { buttonPresent: !!button });
};
addEventListener("DOMContentLoaded", listener);
}
mm.loadFrameScript("data:,(" + contentScript.toString() + ")();", true);
}
@@ -29,34 +29,34 @@ function test() {
waitForDBInit(() => {
gBrowser.selectedTab = BrowserTestUtils.addTab(gBrowser, "http://www.itisatrap.org/firefox/its-an-attack.html");
onDOMContentLoaded(testMalware);
});
}
function testMalware(data) {
- ok(data.buttonPresent, "Ignore warning button should be present for malware");
+ ok(data.buttonPresent, "Ignore warning link should be present for malware");
Services.prefs.setBoolPref("browser.safebrowsing.allowOverride", false);
// Now launch the unwanted software test
onDOMContentLoaded(testUnwanted);
gBrowser.loadURI("http://www.itisatrap.org/firefox/unwanted.html");
}
function testUnwanted(data) {
// Confirm that "Ignore this warning" is visible - bug 422410
- ok(!data.buttonPresent, "Ignore warning button should be missing for unwanted software");
+ ok(!data.buttonPresent, "Ignore warning link should be missing for unwanted software");
Services.prefs.setBoolPref("browser.safebrowsing.allowOverride", true);
// Now launch the phishing test
onDOMContentLoaded(testPhishing);
gBrowser.loadURI("http://www.itisatrap.org/firefox/its-a-trap.html");
}
function testPhishing(data) {
- ok(data.buttonPresent, "Ignore warning button should be present for phishing");
+ ok(data.buttonPresent, "Ignore warning link should be present for phishing");
gBrowser.removeCurrentTab();
finish();
}
--- a/browser/locales/en-US/chrome/browser/safebrowsing/phishing-afterload-warning-message.dtd
+++ b/browser/locales/en-US/chrome/browser/safebrowsing/phishing-afterload-warning-message.dtd
@@ -1,36 +1,65 @@
<!-- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this
- file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
-<!ENTITY safeb.palm.accept.label "Get me out of here!">
-<!ENTITY safeb.palm.decline.label "Ignore this warning">
+<!ENTITY safeb.palm.accept.label2 "Go back">
+<!ENTITY safeb.palm.seedetails.label "See details">
+
<!-- Localization note (safeb.palm.notdeceptive.label) - Label of the Help menu
item. Either this or reportDeceptiveSiteMenu.label from report-phishing.dtd is
shown. -->
<!ENTITY safeb.palm.notdeceptive.label "This isn’t a deceptive site…">
<!-- Localization note (safeb.palm.notdeceptive.accesskey) - Because
safeb.palm.notdeceptive.label and reportDeceptiveSiteMenu.title from
report-phishing.dtd are never shown at the same time, the same accesskey can
be used for them. -->
<!ENTITY safeb.palm.notdeceptive.accesskey "d">
-<!ENTITY safeb.palm.reportPage.label "Why was this page blocked?">
+
<!-- Localization note (safeb.palm.advisory.desc) - Please don't translate <a id="advisory_provider"/> tag. It will be replaced at runtime with advisory link-->
-<!ENTITY safeb.palm.advisory.desc "Advisory provided by <a id='advisory_provider'/>">
+<!ENTITY safeb.palm.advisory.desc2 "Advisory provided by <a id='advisory_provider'/>.">
+
+
+<!ENTITY safeb.blocked.malwarePage.title2 "Visiting this website may harm your computer">
+<!ENTITY safeb.blocked.malwarePage.shortDesc2 "&brandShortName; blocked this page because it might attempt to install malicious software that may steal or delete personal information on your computer.">
+
+<!-- Localization note (safeb.blocked.malwarePage.errorDesc.override, safeb.blocked.malwarePage.errorDesc.noOverride, safeb.blocked.malwarePage.learnMore) - All <span> and <a> tags are replaced by the appropriate links and text during runtime. -->
-<!ENTITY safeb.blocked.malwarePage.title "Reported Attack Page!">
-<!-- Localization note (safeb.blocked.malwarePage.shortDesc) - Please don't translate the contents of the <span id="malware_sitename"/> tag. It will be replaced at runtime with a domain name (e.g. www.badsite.com) -->
-<!ENTITY safeb.blocked.malwarePage.shortDesc "This web page at <span id='malware_sitename'/> has been reported as an attack page and has been blocked based on your security preferences.">
-<!ENTITY safeb.blocked.malwarePage.longDesc "<p>Attack pages try to install programs that steal private information, use your computer to attack others, or damage your system.</p><p>Some attack pages intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners.</p>">
+<!ENTITY safeb.blocked.malwarePage.errorDesc.override "<span id='malware_sitename'/> has been <a id='error_desc_link'>reported as containing malicious software</a>. You can <a id='report_detection'>report a detection problem</a> or <a id='ignore_warning_link'>ignore the risk</a> and go to this unsafe site.">
+
+<!ENTITY safeb.blocked.malwarePage.errorDesc.noOverride "<span id='malware_sitename'/> has been <a id='error_desc_link'>reported as containing malicious software</a>. You can <a id='report_detection'>report a detection problem</a>.">
+
+<!ENTITY safeb.blocked.malwarePage.learnMore "Learn more about harmful web content including viruses and other malware and how to protect your computer at <a id='learn_more_link'>StopBadware.org</a>. Learn more about &brandShortName;’s Phishing and Malware Protection at <a id='firefox_support'>support.mozilla.org</a>.">
+
+
+<!ENTITY safeb.blocked.unwantedPage.title2 "The site ahead may contain harmful programs">
+<!ENTITY safeb.blocked.unwantedPage.shortDesc2 "&brandShortName; blocked this page because it might try to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or showing extra ads on sites you visit).">
-<!ENTITY safeb.blocked.unwantedPage.title "Reported Unwanted Software Page!">
-<!-- Localization note (safeb.blocked.unwantedPage.shortDesc) - Please don't translate the contents of the <span id="unwanted_sitename"/> tag. It will be replaced at runtime with a domain name (e.g. www.badsite.com) -->
-<!ENTITY safeb.blocked.unwantedPage.shortDesc "This web page at <span id='unwanted_sitename'/> has been reported to contain unwanted software and has been blocked based on your security preferences.">
-<!ENTITY safeb.blocked.unwantedPage.longDesc "<p>Unwanted software pages try to install software that can be deceptive and affect your system in unexpected ways.</p>">
+<!-- Localization note (safeb.blocked.unwantedPage.errorDesc.override, safeb.blocked.unwantedPage.errorDesc.noOverride, safeb.blocked.unwantedPage.learnMore) - All <span> and <a> tags are replaced by the appropriate links and text during runtime. -->
+
+<!ENTITY safeb.blocked.unwantedPage.errorDesc.override "<span id='unwanted_sitename'/> has been <a id='error_desc_link'>reported as containing harmful software</a>. You can <a id='ignore_warning_link'>ignore the risk</a> and go to this unsafe site.">
+
+<!ENTITY safeb.blocked.unwantedPage.errorDesc.noOverride "<span id='unwanted_sitename'/> has been <a id='error_desc_link'>reported as containing harmful software</a>.">
+
+<!ENTITY safeb.blocked.unwantedPage.learnMore "Learn more about harmful and unwanted software at <a id='learn_more_link'>Unwanted Software Policy</a>. Learn more about &brandShortName;’s Phishing and Malware Protection at <a id='firefox_support'>support.mozilla.org</a>.">
+
-<!ENTITY safeb.blocked.phishingPage.title2 "Deceptive Site!">
-<!-- Localization note (safeb.blocked.phishingPage.shortDesc2) - Please don't translate the contents of the <span id="phishing_sitename"/> tag. It will be replaced at runtime with a domain name (e.g. www.badsite.com) -->
-<!ENTITY safeb.blocked.phishingPage.shortDesc2 "This web page at <span id='phishing_sitename'/> has been reported as a deceptive site and has been blocked based on your security preferences.">
-<!ENTITY safeb.blocked.phishingPage.longDesc2 "<p>Deceptive sites are designed to trick you into doing something dangerous, like installing software, or revealing your personal information, like passwords, phone numbers or credit cards.</p><p>Entering any information on this web page may result in identity theft or other fraud.</p>">
+<!ENTITY safeb.blocked.phishingPage.title3 "Deceptive site ahead">
+<!ENTITY safeb.blocked.phishingPage.shortDesc3 "&brandShortName; blocked this page because it may trick you into doing something dangerous like installing software or revealing personal information like passwords or credit cards.">
+
+<!-- Localization note (safeb.blocked.phishingPage.errorDesc.override, safeb.blocked.phishingPage.errorDesc.noOverride, safeb.blocked.phishingPage.learnMore) - All <span> and <a> tags are replaced by the appropriate links and text during runtime. -->
+<!ENTITY safeb.blocked.phishingPage.errorDesc.override "<span id='phishing_sitename'/> has been <a id='error_desc_link'>reported as a deceptive site</a>. You can <a id='report_detection'>report a detection problem</a> or <a id='ignore_warning_link'>ignore the risk</a> and go to this unsafe site.">
+
+<!ENTITY safeb.blocked.phishingPage.errorDesc.noOverride "<span id='phishing_sitename'/> has been <a id='error_desc_link'>reported as a deceptive site</a>. You can <a id='report_detection'>report a detection problem</a>.">
+
+<!ENTITY safeb.blocked.phishingPage.learnMore "Learn more about deceptive sites and phishing at <a id='learn_more_link'>www.antiphishing.org</a>. Learn more about &brandShortName;’s Phishing and Malware Protection at <a id='firefox_support'>support.mozilla.org</a>.">
+
<!ENTITY safeb.blocked.harmfulPage.title "The site ahead may contain malware">
-<!ENTITY safeb.blocked.harmfulPage.shortDesc2 "&brandShortName; blocked this page because it might try to install dangerous apps that steal or delete your information (for example, photos, passwords, messages and credit cards).">
\ No newline at end of file
+<!ENTITY safeb.blocked.harmfulPage.shortDesc2 "&brandShortName; blocked this page because it might try to install dangerous apps that steal or delete your information (for example, photos, passwords, messages and credit cards).">
+
+<!-- Localization note (safeb.blocked.harmfulPage.errorDesc.override, safeb.blocked.harmfulPage.errorDesc.noOverride, safeb.blocked.harmfulPage.learnMore) - All <span> and <a> tags are replaced by the appropriate links and text during runtime. -->
+<!ENTITY safeb.blocked.harmfulPage.errorDesc.override "<span id='harmful_sitename'/> has been <a id='error_desc_link'>reported as containing a potentially harmful application</a>. You can <a id='ignore_warning_link'>ignore the risk</a> and go to this unsafe site.">
+
+<!ENTITY safeb.blocked.harmfulPage.errorDesc.noOverride "<span id='harmful_sitename'/> has been <a id='error_desc_link'>reported as containing a potentially harmful application</a>.">
+
+<!ENTITY safeb.blocked.harmfulPage.learnMore "Learn more about &brandShortName;’s Phishing and Malware Protection at <a id='firefox_support'>support.mozilla.org</a>.">
--- a/browser/themes/shared/blockedSite.css
+++ b/browser/themes/shared/blockedSite.css
@@ -1,70 +1,94 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
@import url("chrome://browser/skin/error-pages.css");
+html {
+ background-color: #A4000F;
+}
+
body {
- background-image: linear-gradient(-45deg, #9b2e2e, #9b2e2e 33%,
- #a83232 33%, #a83232 66%,
- #9b2e2e 66%, #9b2e2e);
- background-color: #b14646;
color: white;
}
.title {
background-image: url("chrome://global/skin/icons/blocked.svg");
}
.title-text {
color: white;
}
-.button-container button:not(.primary) {
+.button-container button {
background-color: transparent;
color: white;
- border: 1px solid #9b2e2e;
+ border: 1px solid white;
margin-inline-end: 0;
+ margin-top: 1.5em;
}
-.button-container button:not(.primary):hover {
- background-color: #a83232;
-}
-
-.button-container button:not(.primary):active {
- background-color: #9b2e2e;
-}
-
-.button-container button {
- margin-top: 1.2em;
+.button-container button:hover {
+ background-color: #5a0002;
}
-/* Style warning button to look like a small text link in the
- bottom right. This is preferable to just using a text link
- since there is already a mechanism in browser.js for trapping
- oncommand events from unprivileged chrome pages (BrowserOnCommand).*/
-#ignoreWarningButton {
- -moz-appearance: none;
- background: transparent;
- border: none;
- color: white;
- text-decoration: underline;
- margin: 4px 0 0 0;
- padding: 0;
- font-size: smaller;
- min-width: 0;
+.button-container button:hover:active {
+ background-color: #3e0200;
+}
+
+#goBackButton {
+ color: black;
+ background-color: white;
}
-#ignoreWarningButton:hover {
- cursor: pointer;
+#goBackButton:hover {
+ background-color: white;
+ opacity: 0.8;
}
-#ignoreWarning {
- margin-top: 1.2em;
- text-align: end;
+#goBackButton:active {
+ background-color: white;
+ opacity: 0.7;
}
#advisory_provider {
color: white;
text-decoration: underline;
}
+
+#errorDescriptionContainer {
+ position: absolute;
+ margin: 48px auto;
+}
+
+.error-description {
+ min-width: var(--in-content-container-min-width);
+ max-width: var(--in-content-container-max-width);
+ color: black;
+ background-color: white;
+}
+
+.error-description > p:first-child {
+ padding: 3.5em 3.5em 1em 3.5em;
+}
+
+.error-description > p:last-child {
+ padding: 0 3.5em 3.5em 3.5em;
+}
+
+.error-description #ignore_warning_link,
+.error-description a:-moz-any(:link, :visited) {
+ cursor: pointer;
+ text-decoration: underline;
+ color: black;
+}
+
+a:not(:link) {
+ color: black;
+ text-decoration: none;
+ cursor: auto;
+}
+
+.sitename {
+ font-weight: bold;
+}
--- a/testing/firefox-ui/tests/functional/security/test_safe_browsing_notification.py
+++ b/testing/firefox-ui/tests/functional/security/test_safe_browsing_notification.py
@@ -70,38 +70,41 @@ class TestSafeBrowsingNotificationBar(Pu
# Navigate to the unsafe page
# Check "ignore warning" link then notification bar's "not badware" button
# Only do this if feature supports it
if button_property is not None:
self.marionette.navigate(unsafe_page)
# Wait for the DOM to receive events for about:blocked
time.sleep(1)
- self.check_ignore_warning_button(unsafe_page)
+ self.check_ignore_warning_link(unsafe_page)
self.check_not_badware_button(button_property, report_page)
# Return to the unsafe page
# Check "ignore warning" link then notification bar's "get me out" button
self.marionette.navigate(unsafe_page)
# Wait for the DOM to receive events for about:blocked
time.sleep(1)
- self.check_ignore_warning_button(unsafe_page)
+ self.check_ignore_warning_link(unsafe_page)
self.check_get_me_out_of_here_button()
# Return to the unsafe page
# Check "ignore warning" link then notification bar's "X" button
self.marionette.navigate(unsafe_page)
# Wait for the DOM to receive events for about:blocked
time.sleep(1)
- self.check_ignore_warning_button(unsafe_page)
+ self.check_ignore_warning_link(unsafe_page)
self.check_x_button()
- def check_ignore_warning_button(self, unsafe_page):
- button = self.marionette.find_element(By.ID, 'ignoreWarningButton')
+ def check_ignore_warning_link(self, unsafe_page):
+ button = self.marionette.find_element(By.ID, 'seeDetailsButton')
button.click()
+ time.sleep(1)
+ link = self.marionette.find_element(By.ID, 'ignore_warning_link')
+ link.click()
Wait(self.marionette, timeout=self.marionette.timeout.page_load).until(
expected.element_present(By.ID, 'main-feature'),
message='Expected target element "#main-feature" has not been found',
)
self.assertEquals(self.marionette.get_url(), self.browser.get_final_url(unsafe_page))
# Clean up here since the permission gets set in this function
--- a/toolkit/components/url-classifier/tests/mochitest/test_reporturl.html
+++ b/toolkit/components/url-classifier/tests/mochitest/test_reporturl.html
@@ -115,31 +115,31 @@ var createBlockedIframe = function(aWind
};
addEventListener("AboutBlockedLoaded", listener, false, true);
let frame = content.document.getElementById("phishingFrame");
frame.setAttribute("src", "http://" + url);
});
});
let doc = aWindow.gBrowser.contentDocument.getElementsByTagName("iframe")[0].contentDocument;
- let ignoreButton = doc.getElementById("ignoreWarningButton");
- ok(ignoreButton, "ignoreWarningButton should exist");
- ignoreButton.click();
+ let ignoreWarningLink = doc.getElementById("ignore_warning_link");
+ ok(ignoreWarningLink, "Ignore warning link should exist");
+ ignoreWarningLink.click();
})();
};
var createBlockedPage = function(aWindow, aBrowser, aTopUrl, aUrl) {
(async function() {
await BrowserTestUtils.loadURI(aBrowser, aTopUrl);
await BrowserTestUtils.waitForContentEvent(aBrowser, "DOMContentLoaded")
let doc = aWindow.gBrowser.contentDocument;
- let ignoreButton = doc.getElementById("ignoreWarningButton");
- ok(ignoreButton, "ignoreWarningButton should exist");
- ignoreButton.click();
+ let ignoreWarningLink = doc.getElementById("ignore_warning_link");
+ ok(ignoreWarningLink, "Ignore warning link should exist");
+ ignoreWarningLink.click();
})();
};
function checkReportURL(aReportBrowser, aUrl) {
let expectedReportUrl = BASE_URL + "action=reporturl&reporturl=" + encodeURIComponent(aUrl);
is(aReportBrowser.contentDocument.location.href, expectedReportUrl, "Correct report URL");
}
--- a/toolkit/components/viewsource/content/viewSource-content.js
+++ b/toolkit/components/viewsource/content/viewSource-content.js
@@ -375,31 +375,19 @@ var ViewSourceContent = {
if (!event.isTrusted || event.target.localName != "button")
return;
let errorDoc = target.ownerDocument;
if (/^about:blocked/.test(errorDoc.documentURI)) {
// The event came from a button on a malware/phishing block page
- if (target == errorDoc.getElementById("getMeOutButton")) {
+ if (target == errorDoc.getElementById("goBackButton")) {
// Instead of loading some safe page, just close the window
sendAsyncMessage("ViewSource:Close");
- } else if (target == errorDoc.getElementById("reportButton")) {
- // This is the "Why is this site blocked" button. We redirect
- // to the generic page describing phishing/malware protection.
- let URL = Services.urlFormatter.formatURLPref("app.support.baseURL");
- sendAsyncMessage("ViewSource:OpenURL", { URL })
- } else if (target == errorDoc.getElementById("ignoreWarningButton")) {
- // Allow users to override and continue through to the site
- docShell.QueryInterface(Ci.nsIWebNavigation)
- .loadURIWithOptions(content.location.href,
- Ci.nsIWebNavigation.LOAD_FLAGS_BYPASS_CLASSIFIER,
- null, Ci.nsIHttpChannel.REFERRER_POLICY_UNSET,
- null, null, null);
}
}
},
/**
* Handler for the pageshow event.
*
* @param event