Bug 1438243 - Improve the UI for pages blocked by policy
Improves the UI for pages blocked by the enterprise policy manager. These improvements include a new image instead of the generic "info" image and updated, approved strings for the page.
MozReview-Commit-ID: 9d6V9onHGGg
--- a/browser/base/content/aboutNetError.xhtml
+++ b/browser/base/content/aboutNetError.xhtml
@@ -164,16 +164,19 @@
// List of error pages with an illustration.
let illustratedErrors = [
"malformedURI", "dnsNotFound", "connectionFailure", "netInterrupt",
"netTimeout", "netReset", "netOffline",
];
if (illustratedErrors.includes(err)) {
document.body.classList.add("illustrated", err);
}
+ if (err == "blockedByPolicy") {
+ document.body.classList.add("blocked");
+ }
gIsCertError = (err == "nssBadCert");
// Only worry about captive portals if this is a cert error.
let showCaptivePortalUI = isCaptive() && gIsCertError;
if (showCaptivePortalUI) {
err = "captivePortal";
}
@@ -303,17 +306,17 @@
if (getErrorCode() == "sslv3Used") {
document.getElementById("advancedButton").style.display = "none";
}
}, true, true);
var event = new CustomEvent("AboutNetErrorLoad", {bubbles: true});
document.dispatchEvent(event);
- if (err == "inadequateSecurityError" || err == "blockedByPolicyTemp") {
+ if (err == "inadequateSecurityError" || err == "blockedByPolicy") {
// Remove the "Try again" button from pages that don't need it.
// For HTTP/2 inadequate security or pages blocked by policy, trying
// again won't help.
document.getElementById("errorTryAgain").style.display = "none";
var container = document.getElementById("errorLongDesc");
for (var span of container.querySelectorAll("span.hostname")) {
span.textContent = document.location.hostname;
@@ -524,16 +527,17 @@
<body dir="&locale.dir;">
<!-- ERROR ITEM CONTAINER (removed during loading to avoid bug 39098) -->
<div id="errorContainer">
<div id="errorPageTitlesContainer">
<span id="ept_nssBadCert">&certerror.pagetitle1;</span>
<span id="ept_captivePortal">&captivePortal.title;</span>
<span id="ept_dnsNotFound">&dnsNotFound.pageTitle;</span>
<span id="ept_malformedURI">&malformedURI.pageTitle;</span>
+ <span id="ept_blockedByPolicy">&blockedByPolicy.title;</span>
</div>
<div id="errorTitlesContainer">
<h1 id="et_generic">&generic.title;</h1>
<h1 id="et_captivePortal">&captivePortal.title;</h1>
<h1 id="et_dnsNotFound">&dnsNotFound.title1;</h1>
<h1 id="et_fileNotFound">&fileNotFound.title;</h1>
<h1 id="et_fileAccessDenied">&fileAccessDenied.title;</h1>
<h1 id="et_malformedURI">&malformedURI.title1;</h1>
@@ -553,17 +557,17 @@
<h1 id="et_unsafeContentType">&unsafeContentType.title;</h1>
<h1 id="et_nssFailure2">&nssFailure2.title;</h1>
<h1 id="et_nssBadCert">&certerror.longpagetitle1;</h1>
<h1 id="et_cspBlocked">&cspBlocked.title;</h1>
<h1 id="et_remoteXUL">&remoteXUL.title;</h1>
<h1 id="et_corruptedContentErrorv2">&corruptedContentErrorv2.title;</h1>
<h1 id="et_sslv3Used">&sslv3Used.title;</h1>
<h1 id="et_inadequateSecurityError">&inadequateSecurityError.title;</h1>
- <h1 id="et_blockedByPolicyTemp">&blockedByPolicyTemp.title;</h1>
+ <h1 id="et_blockedByPolicy">&blockedByPolicy.title;</h1>
</div>
<div id="errorDescriptionsContainer">
<div id="ed_generic">&generic.longDesc;</div>
<div id="ed_captivePortal">&captivePortal.longDesc2;</div>
<div id="ed_dnsNotFound">&dnsNotFound.longDesc1;</div>
<div id="ed_fileNotFound">&fileNotFound.longDesc;</div>
<div id="ed_fileAccessDenied">&fileAccessDenied.longDesc;</div>
<div id="ed_malformedURI"></div>
@@ -583,17 +587,17 @@
<div id="ed_unsafeContentType">&unsafeContentType.longDesc;</div>
<div id="ed_nssFailure2">&nssFailure2.longDesc2;</div>
<div id="ed_nssBadCert">&certerror.introPara;</div>
<div id="ed_cspBlocked">&cspBlocked.longDesc;</div>
<div id="ed_remoteXUL">&remoteXUL.longDesc;</div>
<div id="ed_corruptedContentErrorv2">&corruptedContentErrorv2.longDesc;</div>
<div id="ed_sslv3Used">&sslv3Used.longDesc2;</div>
<div id="ed_inadequateSecurityError">&inadequateSecurityError.longDesc;</div>
- <div id="ed_blockedByPolicyTemp">&blockedByPolicyTemp.longDesc;</div>
+ <div id="ed_blockedByPolicy"></div>
</div>
</div>
<!-- PAGE CONTAINER (for styling purposes only) -->
<div id="errorPageContainer" class="container">
<div id="text-container">
<!-- Error Title -->
<div class="title">
--- a/browser/locales/en-US/chrome/overrides/appstrings.properties
+++ b/browser/locales/en-US/chrome/overrides/appstrings.properties
@@ -35,9 +35,9 @@ harmfulBlocked=The site at %S has been r
unwantedBlocked=The site at %S has been reported as serving unwanted software and has been blocked based on your security preferences.
deceptiveBlocked=This web page at %S has been reported as a deceptive site and has been blocked based on your security preferences.
cspBlocked=This page has a content security policy that prevents it from being loaded in this way.
corruptedContentErrorv2=The site at %S has experienced a network protocol violation that cannot be repaired.
remoteXUL=This page uses an unsupported technology that is no longer available by default in Firefox.
## LOCALIZATION NOTE (sslv3Used) - Do not translate "%S".
sslv3Used=Firefox cannot guarantee the safety of your data on %S because it uses SSLv3, a broken security protocol.
inadequateSecurityError=The website tried to negotiate an inadequate level of security.
-blockedByPolicyTemp=This page has been blocked by the enterprise policy manager.
+blockedByPolicy=Your organization has blocked access to this page or website.
--- a/browser/locales/en-US/chrome/overrides/netError.dtd
+++ b/browser/locales/en-US/chrome/overrides/netError.dtd
@@ -195,13 +195,12 @@ to it securely. As a result, it is not p
certificate.">
<!ENTITY certerror.copyToClipboard.label "Copy text to clipboard">
<!ENTITY inadequateSecurityError.title "Your connection is not secure">
<!-- LOCALIZATION NOTE (inadequateSecurityError.longDesc) - Do not translate
"NS_ERROR_NET_INADEQUATE_SECURITY". -->
<!ENTITY inadequateSecurityError.longDesc "<p><span class='hostname'></span> uses security technology that is outdated and vulnerable to attack. An attacker could easily reveal information which you thought to be safe. The website administrator will need to fix the server first before you can visit the site.</p><p>Error code: NS_ERROR_NET_INADEQUATE_SECURITY</p>">
-<!ENTITY blockedByPolicyTemp.title "Page Blocked">
-<!ENTITY blockedByPolicyTemp.longDesc "<p>Access has been disabled by your administrator.</p>">
+<!ENTITY blockedByPolicy.title "Blocked Page">
<!ENTITY prefReset.longDesc "It looks like your network security settings might be causing this. Do you want the default settings to be restored?">
<!ENTITY prefReset.label "Restore default settings">
--- a/browser/themes/shared/aboutNetError.css
+++ b/browser/themes/shared/aboutNetError.css
@@ -11,16 +11,20 @@
body.captiveportal .title {
background-image: url("wifi.svg");
}
body.certerror .title {
background-image: url("cert-error.svg");
}
+body.blocked .title {
+ background-image: url("chrome://global/skin/icons/blocked.svg");
+}
+
#errorContainer {
display: none;
}
/* Pressing the retry button will cause the cursor to flicker from a pointer to
* not-allowed. Override the disabled cursor behaviour since we will never show
* the button disabled as the initial state. */
button:disabled {
--- a/browser/themes/shared/blockedSite.css
+++ b/browser/themes/shared/blockedSite.css
@@ -9,16 +9,18 @@ html {
}
body {
color: white;
}
.title {
background-image: url("chrome://global/skin/icons/blocked.svg");
+ fill: currentColor;
+ -moz-context-properties: fill;
}
.title-text {
color: white;
}
.button-container button {
background-color: transparent;
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -4835,17 +4835,17 @@ nsDocShell::DisplayLoadError(nsresult aE
break;
case NS_ERROR_NET_INADEQUATE_SECURITY:
// Server negotiated bad TLS for HTTP/2.
error = "inadequateSecurityError";
addHostPort = true;
break;
case NS_ERROR_BLOCKED_BY_POLICY:
// Page blocked by policy
- error = "blockedByPolicyTemp";
+ error = "blockedByPolicy";
break;
default:
break;
}
}
// Test if the error should be displayed
if (!error) {
--- a/docshell/resources/content/netError.xhtml
+++ b/docshell/resources/content/netError.xhtml
@@ -173,17 +173,17 @@
}
else {
// Remove the override block for non-certificate errors. CSS-hiding
// isn't good enough here, because of bug 39098
var secOverride = document.getElementById("securityOverrideDiv");
secOverride.remove();
}
- if (err == "inadequateSecurityError" || err == "blockedByPolicyTemp") {
+ if (err == "inadequateSecurityError" || err == "blockedByPolicy") {
// Remove the "Try again" button from pages that don't need it.
// For HTTP/2 inadequate security or pages blocked by policy, trying
// again won't help.
document.getElementById("errorTryAgain").style.display = "none";
var container = document.getElementById("errorLongDesc");
for (var span of container.querySelectorAll("span.hostname")) {
span.textContent = document.location.hostname;
@@ -305,17 +305,17 @@
<h1 id="et_contentEncodingError">&contentEncodingError.title;</h1>
<h1 id="et_unsafeContentType">&unsafeContentType.title;</h1>
<h1 id="et_nssFailure2">&nssFailure2.title;</h1>
<h1 id="et_nssBadCert">&nssBadCert.title;</h1>
<h1 id="et_cspBlocked">&cspBlocked.title;</h1>
<h1 id="et_remoteXUL">&remoteXUL.title;</h1>
<h1 id="et_corruptedContentErrorv2">&corruptedContentErrorv2.title;</h1>
<h1 id="et_inadequateSecurityError">&inadequateSecurityError.title;</h1>
- <h1 id="et_blockedByPolicyTemp">&blockedByPolicyTemp.title;</h1>
+ <h1 id="et_blockedByPolicy">&blockedByPolicy.title;</h1>
</div>
<div id="errorDescriptionsContainer">
<div id="ed_generic">&generic.longDesc;</div>
<div id="ed_dnsNotFound">&dnsNotFound.longDesc;</div>
<div id="ed_fileNotFound">&fileNotFound.longDesc;</div>
<div id="ed_fileAccessDenied">&fileAccessDenied.longDesc;</div>
<div id="ed_malformedURI">&malformedURI.longDesc;</div>
<div id="ed_unknownProtocolFound">&unknownProtocolFound.longDesc;</div>
@@ -333,17 +333,17 @@
<div id="ed_contentEncodingError">&contentEncodingError.longDesc;</div>
<div id="ed_unsafeContentType">&unsafeContentType.longDesc;</div>
<div id="ed_nssFailure2">&nssFailure2.longDesc2;</div>
<div id="ed_nssBadCert">&nssBadCert.longDesc2;</div>
<div id="ed_cspBlocked">&cspBlocked.longDesc;</div>
<div id="ed_remoteXUL">&remoteXUL.longDesc;</div>
<div id="ed_corruptedContentErrorv2">&corruptedContentErrorv2.longDesc;</div>
<div id="ed_inadequateSecurityError">&inadequateSecurityError.longDesc;</div>
- <div id="ed_blockedByPolicyTemp">&blockedByPolicyTemp.longDesc;</div>
+ <div id="ed_blockedByPolicy"></div>
</div>
</div>
<!-- PAGE CONTAINER (for styling purposes only) -->
<div id="errorPageContainer">
<!-- Error Title -->
<div id="errorTitle">
--- a/dom/browser-element/BrowserElementChildPreload.js
+++ b/dom/browser-element/BrowserElementChildPreload.js
@@ -1509,17 +1509,17 @@ BrowserElementChild.prototype = {
return;
case Cr.NS_ERROR_UNSAFE_CONTENT_TYPE :
sendAsyncMsg('error', { type: 'unsafeContentType' });
return;
case Cr.NS_ERROR_CORRUPTED_CONTENT :
sendAsyncMsg('error', { type: 'corruptedContentErrorv2' });
return;
case Cr.NS_ERROR_BLOCKED_BY_POLICY :
- sendAsyncMsg('error', { type: 'blockedByPolicyTemp' });
+ sendAsyncMsg('error', { type: 'blockedByPolicy' });
return;
default:
// getErrorClass() will throw if the error code passed in is not a NSS
// error code.
try {
let nssErrorsService = Cc['@mozilla.org/nss_errors_service;1']
.getService(Ci.nsINSSErrorsService);
--- a/dom/locales/en-US/chrome/appstrings.properties
+++ b/dom/locales/en-US/chrome/appstrings.properties
@@ -33,9 +33,9 @@ malwareBlocked=The site at %S has been r
unwantedBlocked=The site at %S has been reported as serving unwanted software and has been blocked based on your security preferences.
deceptiveBlocked=This web page at %S has been reported as a deceptive site and has been blocked based on your security preferences.
cspBlocked=This page has a content security policy that prevents it from being loaded in this way.
corruptedContentErrorv2=The site at %S has experienced a network protocol violation that cannot be repaired.
remoteXUL=This page uses an unsupported technology that is no longer available by default.
sslv3Used=The safety of your data on %S could not be guaranteed because it uses SSLv3, a broken security protocol.
weakCryptoUsed=The owner of %S has configured their website improperly. To protect your information from being stolen, the connection to this website has not been established.
inadequateSecurityError=The website tried to negotiate an inadequate level of security.
-blockedByPolicyTemp=This page has been blocked by the enterprise policy manager.
+blockedByPolicy=Your organization has blocked access to this page or website.
--- a/dom/locales/en-US/chrome/netError.dtd
+++ b/dom/locales/en-US/chrome/netError.dtd
@@ -93,10 +93,9 @@
<!ENTITY remoteXUL.title "Remote XUL">
<!ENTITY remoteXUL.longDesc "<p><ul><li>Please contact the website owners to inform them of this problem.</li></ul></p>">
<!ENTITY inadequateSecurityError.title "Your connection is not secure">
<!-- LOCALIZATION NOTE (inadequateSecurityError.longDesc) - Do not translate
"NS_ERROR_NET_INADEQUATE_SECURITY". -->
<!ENTITY inadequateSecurityError.longDesc "<p><span class='hostname'></span> uses security technology that is outdated and vulnerable to attack. An attacker could easily reveal information which you thought to be safe. The website administrator will need to fix the server first before you can visit the site.</p><p>Error code: NS_ERROR_NET_INADEQUATE_SECURITY</p>">
-<!ENTITY blockedByPolicyTemp.title "Page Blocked">
-<!ENTITY blockedByPolicyTemp.longDesc "<p>Access has been disabled by your administrator.</p>">
+<!ENTITY blockedByPolicy.title "Blocked Page">
--- a/toolkit/themes/shared/incontent-icons/blocked.svg
+++ b/toolkit/themes/shared/incontent-icons/blocked.svg
@@ -1,13 +1,6 @@
<!-- This Source Code Form is subject to the terms of the Mozilla Public
- - License, v. 2.0. If a copy of the MPL was not distributed with this
- - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
-<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" viewBox="0 0 45 45">
- <defs>
- <circle id="stop-sign" cx="22.5" cy="22.5" r="20.5"/>
- <mask id="stop-symbol">
- <rect width="45" height="45" fill="#fff"/>
- <line x1="10" y1="23" x2="35" y2="23" stroke="#000" stroke-width="6"/>
- </mask>
- </defs>
- <use xlink:href="#stop-sign" mask="url(#stop-symbol)" fill="#fff"/>
-</svg>
\ No newline at end of file
+ - License, v. 2.0. If a copy of the MPL was not distributed with this
+ - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16">
+ <path fill="context-fill" fill-rule="evenodd" d="M3 9h10V7H3v2zm5-8a7 7 0 1 0 0 14A7 7 0 0 0 8 1z"/>
+</svg>