Bug 1475647 - Remove nsISSLStatusProvider interface. r?keeler,gijs,jryans,mcmanus,sebastian
- Removed nsITransportSecurityInfoProvider. Made secInfo a member of nsISecureBrowserUI.
The TabParent implementation GetSecInfo will always return null.
- Removed unnecessary QueryInterface calls
- Style adherence updates
MozReview-Commit-ID: 2oEC4Fqz2lc
--- a/browser/base/content/browser-siteIdentity.js
+++ b/browser/base/content/browser-siteIdentity.js
@@ -342,18 +342,17 @@ var gIdentityHandler = {
*/
updateIdentity(state, uri) {
let shouldHidePopup = this._uri && (this._uri.spec != uri.spec);
this._state = state;
// Firstly, populate the state properties required to display the UI. See
// the documentation of the individual properties for details.
this.setURI(uri);
- let secinfo = gBrowser.securityUI
- .QueryInterface(Ci.nsITransportSecurityInfoProvider).secInfo;
+ let secinfo = gBrowser.securityUI.secInfo;
if (secinfo) {
this._sslStatus = secinfo.SSLStatus;
}
// Then, update the user interface with the available data.
this.refreshIdentityBlock();
// Handle a location change while the Control Center is focused
// by closing the popup (bug 1207542)
--- a/browser/base/content/pageinfo/security.js
+++ b/browser/base/content/pageinfo/security.js
@@ -22,17 +22,16 @@ var security = {
// Display the server certificate (static)
viewCert() {
var cert = security._cert;
viewCertHelper(window, cert);
},
_getSecurityInfo() {
- const nsITransportSecurityInfoProvider = Ci.nsITransportSecurityInfoProvider;
const nsISSLStatus = Ci.nsISSLStatus;
// We don't have separate info for a frame, return null until further notice
// (see bug 138479)
if (!this.windowInfo.isTopWindow)
return null;
var hostName = this.windowInfo.hostName;
@@ -45,17 +44,16 @@ var security = {
(ui.state & Ci.nsIWebProgressListener.STATE_IS_BROKEN);
var isMixed =
(ui.state & (Ci.nsIWebProgressListener.STATE_LOADED_MIXED_ACTIVE_CONTENT |
Ci.nsIWebProgressListener.STATE_LOADED_MIXED_DISPLAY_CONTENT));
var isInsecure =
(ui.state & Ci.nsIWebProgressListener.STATE_IS_INSECURE);
var isEV =
(ui.state & Ci.nsIWebProgressListener.STATE_IDENTITY_EV_TOPLEVEL);
- ui.QueryInterface(nsITransportSecurityInfoProvider);
var status = ui.secInfo.QueryInterface(Ci.nsITransportSecurityInfo).SSLStatus;
if (!isInsecure && status) {
status.QueryInterface(nsISSLStatus);
var cert = status.serverCert;
var issuerName = cert.issuerOrganization || cert.issuerName;
var retval = {
--- a/dom/ipc/TabParent.cpp
+++ b/dom/ipc/TabParent.cpp
@@ -54,16 +54,17 @@
#include "nsIContent.h"
#include "nsIDocShell.h"
#include "nsIDocShellTreeOwner.h"
#include "nsIDOMWindow.h"
#include "nsIDOMWindowUtils.h"
#include "nsIInterfaceRequestorUtils.h"
#include "nsILoadInfo.h"
#include "nsIPromptFactory.h"
+#include "nsITransportSecurityInfo.h"
#include "nsIURI.h"
#include "nsIWindowWatcher.h"
#include "nsIWebBrowserChrome.h"
#include "nsIXULBrowserWindow.h"
#include "nsIXULWindow.h"
#include "nsIRemoteBrowser.h"
#include "nsViewManager.h"
#include "nsVariant.h"
@@ -884,16 +885,26 @@ TabParent::GetState(uint32_t *aState)
{
NS_ENSURE_ARG(aState);
NS_WARNING("SecurityState not valid here");
*aState = 0;
return NS_OK;
}
NS_IMETHODIMP
+TabParent::GetSecInfo(nsITransportSecurityInfo** _result)
+{
+ NS_ENSURE_ARG_POINTER(_result);
+ NS_WARNING("TransportSecurityInfo not valid here");
+ *_result = nullptr;
+ NS_IF_ADDREF(*_result);
+ return NS_OK;
+}
+
+NS_IMETHODIMP
TabParent::SetDocShell(nsIDocShell *aDocShell)
{
NS_ENSURE_ARG(aDocShell);
NS_WARNING("No mDocShell member in TabParent so there is no docShell to set");
return NS_OK;
}
a11y::PDocAccessibleParent*
--- a/mobile/android/chrome/content/browser.js
+++ b/mobile/android/chrome/content/browser.js
@@ -5690,18 +5690,17 @@ var IdentityHandler = {
},
/**
* Determine the identity of the page being displayed by examining its SSL cert
* (if available). Return the data needed to update the UI.
*/
checkIdentity: function checkIdentity(aState, aBrowser) {
this._lastStatus = aBrowser.securityUI
- .QueryInterface(Ci.nsITransportSecurityInfoProvider)
- .secInfo.QueryInferface(Ci.nsITransportSecurityInfo).SSLStatus;
+ .secInfo.QueryInferface(Ci.nsITransportSecurityInfo).SSLStatus;
// Don't pass in the actual location object, since it can cause us to
// hold on to the window object too long. Just pass in the fields we
// care about. (bug 424829)
let locationObj = {};
try {
let location = aBrowser.contentWindow.location;
locationObj.host = location.host;
--- a/mobile/android/modules/geckoview/GeckoViewProgress.jsm
+++ b/mobile/android/modules/geckoview/GeckoViewProgress.jsm
@@ -156,17 +156,16 @@ var IdentityHandler = {
try {
result.host = IDNService.convertToDisplayIDN(uri.host, {});
} catch (e) {
result.host = uri.host;
}
this._lastStatus = aBrowser.securityUI;
let status = aBrowser.securityUI
- .QueryInterface(Ci.nsITransportSecurityInfoProvider)
.secInfo.QueryInferface(Ci.nsITransportSecurityInfo)
.SSLStatus.QueryInterface(Ci.nsISSLStatus);
let cert = status.serverCert;
result.organization = cert.organization;
result.subjectName = cert.subjectName;
result.issuerOrganization = cert.issuerOrganization;
result.issuerCommonName = cert.issuerCommonName;
--- a/netwerk/base/nsISecureBrowserUI.idl
+++ b/netwerk/base/nsISecureBrowserUI.idl
@@ -3,21 +3,23 @@
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsISupports.idl"
interface mozIDOMWindowProxy;
interface nsIDocShell;
+interface nsITransportSecurityInfo;
[scriptable, uuid(718c662a-f810-4a80-a6c9-0b1810ecade2)]
interface nsISecureBrowserUI : nsISupports
{
void init(in mozIDOMWindowProxy window);
void setDocShell(in nsIDocShell docShell);
readonly attribute unsigned long state;
+ readonly attribute nsITransportSecurityInfo secInfo;
};
%{C++
#define NS_SECURE_BROWSER_UI_CONTRACTID "@mozilla.org/secure_browser_ui;1"
%}
--- a/security/manager/pki/resources/content/exceptionDialog.js
+++ b/security/manager/pki/resources/content/exceptionDialog.js
@@ -21,17 +21,18 @@ function initExceptionDialog() {
gNeedReset = false;
gDialog = document.documentElement;
gBundleBrand = document.getElementById("brand_bundle");
gPKIBundle = document.getElementById("pippki_bundle");
gSecHistogram = Services.telemetry.getHistogramById("SECURITY_UI");
gNsISecTel = Ci.nsISecurityUITelemetry;
var brandName = gBundleBrand.getString("brandShortName");
- setText("warningText", gPKIBundle.getFormattedString("addExceptionBrandedWarning2", [brandName]));
+ setText("warningText",
+ gPKIBundle.getFormattedString("addExceptionBrandedWarning2", [brandName]));
gDialog.getButton("extra1").disabled = true;
var args = window.arguments;
if (args && args[0]) {
if (args[0].location) {
// We were pre-seeded with a location.
document.getElementById("locationTextBox").value = args[0].location;
document.getElementById("checkCertButton").disabled = false;
@@ -69,17 +70,18 @@ function initExceptionDialog() {
*
* @param {XMLHttpRequest} req
* The XMLHttpRequest created and sent by checkCert.
* @param {Event} evt
* The load or error event.
*/
function grabCert(req, evt) {
if (req.channel && req.channel.securityInfo) {
- gSSLStatus = req.channel.securityInfo.QueryInterface(Ci.nsITransportSecurityInfo).SSLStatus;
+ gSSLStatus = req.channel.securityInfo
+ .QueryInterface(Ci.nsITransportSecurityInfo).SSLStatus;
gCert = gSSLStatus ? gSSLStatus.QueryInterface(Ci.nsISSLStatus).serverCert
: null;
}
gBroken = evt.type == "error";
gChecking = false;
updateCertStatus();
}
@@ -153,17 +155,18 @@ function resetDialog() {
window.sizeToContent();
}
/**
* Called by input textboxes to manage UI state
*/
function handleTextChange() {
var checkCertButton = document.getElementById("checkCertButton");
- checkCertButton.disabled = !(document.getElementById("locationTextBox").value);
+ checkCertButton.disabled =
+ !(document.getElementById("locationTextBox").value);
if (gNeedReset) {
gNeedReset = false;
resetDialog();
}
}
function updateCertStatus() {
var shortDesc, longDesc;
@@ -195,17 +198,18 @@ function updateCertStatus() {
longDesc = exl;
} else {
use2 = true;
shortDesc2 = exs;
longDesc2 = exl;
}
}
if (gSSLStatus.isUntrusted) {
- bucketId += gNsISecTel.WARNING_BAD_CERT_TOP_ADD_EXCEPTION_FLAG_UNTRUSTED;
+ bucketId +=
+ gNsISecTel.WARNING_BAD_CERT_TOP_ADD_EXCEPTION_FLAG_UNTRUSTED;
if (!use1) {
use1 = true;
shortDesc = uts;
longDesc = utl;
} else if (!use2) {
use2 = true;
shortDesc2 = uts;
longDesc2 = utl;
@@ -223,17 +227,18 @@ function updateCertStatus() {
// If the Private Browsing service is available and the mode is active,
// don't store permanent exceptions, since they would persist after
// private browsing mode was disabled.
var inPrivateBrowsing = inPrivateBrowsingMode();
var pe = document.getElementById("permanent");
pe.disabled = inPrivateBrowsing;
pe.checked = !inPrivateBrowsing;
- setText("headerDescription", gPKIBundle.getString("addExceptionInvalidHeader"));
+ setText("headerDescription",
+ gPKIBundle.getString("addExceptionInvalidHeader"));
} else {
shortDesc = "addExceptionValidShort";
longDesc = "addExceptionValidLong";
gDialog.getButton("extra1").disabled = true;
document.getElementById("permanent").disabled = true;
}
// We're done checking the certificate, so allow the user to check it again.
@@ -295,32 +300,37 @@ function viewCertButtonClick() {
function addException() {
if (!gCert || !gSSLStatus) {
return;
}
var overrideService = Cc["@mozilla.org/security/certoverride;1"]
.getService(Ci.nsICertOverrideService);
var flags = 0;
- let confirmBucketId = gNsISecTel.WARNING_BAD_CERT_TOP_CONFIRM_ADD_EXCEPTION_BASE;
+ let confirmBucketId =
+ gNsISecTel.WARNING_BAD_CERT_TOP_CONFIRM_ADD_EXCEPTION_BASE;
if (gSSLStatus.isUntrusted) {
flags |= overrideService.ERROR_UNTRUSTED;
- confirmBucketId += gNsISecTel.WARNING_BAD_CERT_TOP_CONFIRM_ADD_EXCEPTION_FLAG_UNTRUSTED;
+ confirmBucketId +=
+ gNsISecTel.WARNING_BAD_CERT_TOP_CONFIRM_ADD_EXCEPTION_FLAG_UNTRUSTED;
}
if (gSSLStatus.isDomainMismatch) {
flags |= overrideService.ERROR_MISMATCH;
- confirmBucketId += gNsISecTel.WARNING_BAD_CERT_TOP_CONFIRM_ADD_EXCEPTION_FLAG_DOMAIN;
+ confirmBucketId +=
+ gNsISecTel.WARNING_BAD_CERT_TOP_CONFIRM_ADD_EXCEPTION_FLAG_DOMAIN;
}
if (gSSLStatus.isNotValidAtThisTime) {
flags |= overrideService.ERROR_TIME;
- confirmBucketId += gNsISecTel.WARNING_BAD_CERT_TOP_CONFIRM_ADD_EXCEPTION_FLAG_TIME;
+ confirmBucketId +=
+ gNsISecTel.WARNING_BAD_CERT_TOP_CONFIRM_ADD_EXCEPTION_FLAG_TIME;
}
var permanentCheckbox = document.getElementById("permanent");
- var shouldStorePermanently = permanentCheckbox.checked && !inPrivateBrowsingMode();
+ var shouldStorePermanently = permanentCheckbox.checked &&
+ !inPrivateBrowsingMode();
if (!permanentCheckbox.checked) {
gSecHistogram.add(gNsISecTel.WARNING_BAD_CERT_TOP_DONT_REMEMBER_EXCEPTION);
}
gSecHistogram.add(confirmBucketId);
var uri = getURI();
overrideService.rememberValidityOverride(
uri.asciiHost, uri.port,
--- a/security/manager/ssl/moz.build
+++ b/security/manager/ssl/moz.build
@@ -33,17 +33,16 @@ XPIDL_SOURCES += [
'nsIPKCS11Slot.idl',
'nsIProtectedAuthThread.idl',
'nsISecretDecoderRing.idl',
'nsISecurityUITelemetry.idl',
'nsISiteSecurityService.idl',
'nsISSLStatus.idl',
'nsITokenDialogs.idl',
'nsITokenPasswordDialogs.idl',
- 'nsITransportSecurityInfoProvider.idl',
'nsIX509Cert.idl',
'nsIX509CertDB.idl',
'nsIX509CertList.idl',
'nsIX509CertValidity.idl',
]
if CONFIG['MOZ_XUL']:
XPIDL_SOURCES += [
deleted file mode 100644
--- a/security/manager/ssl/nsITransportSecurityInfoProvider.idl
+++ /dev/null
@@ -1,14 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#include "nsISupports.idl"
-
-interface nsITransportSecurityInfo;
-
-[scriptable, uuid(fe68e888-dea6-4ec6-942c-fc12f8a61bdb)]
-interface nsITransportSecurityInfoProvider : nsISupports {
- readonly attribute nsITransportSecurityInfo secInfo;
-};
-
--- a/security/manager/ssl/nsSecureBrowserUIImpl.cpp
+++ b/security/manager/ssl/nsSecureBrowserUIImpl.cpp
@@ -84,18 +84,17 @@ nsSecureBrowserUIImpl::nsSecureBrowserUI
MOZ_ASSERT(NS_IsMainThread());
ResetStateTracking();
}
NS_IMPL_ISUPPORTS(nsSecureBrowserUIImpl,
nsISecureBrowserUI,
nsIWebProgressListener,
- nsISupportsWeakReference,
- nsITransportSecurityInfoProvider)
+ nsISupportsWeakReference)
NS_IMETHODIMP
nsSecureBrowserUIImpl::Init(mozIDOMWindowProxy* aWindow)
{
MOZ_ASSERT(NS_IsMainThread());
if (MOZ_LOG_TEST(gSecureDocLog, LogLevel::Debug)) {
nsCOMPtr<nsIDOMWindow> window(do_QueryReferent(mWindow));
@@ -1159,17 +1158,16 @@ nsSecureBrowserUIImpl::OnSecurityChange(
("SecureUI:%p: OnSecurityChange: (%x) %s\n", this,
state, aURI->GetSpecOrDefault().get()));
}
#endif
return NS_OK;
}
-// nsITransportSecurityInfoProvider methods
NS_IMETHODIMP
nsSecureBrowserUIImpl::GetSecInfo(nsITransportSecurityInfo** _result)
{
NS_ENSURE_ARG_POINTER(_result);
MOZ_ASSERT(NS_IsMainThread());
switch (mNotifiedSecurityState)
{
--- a/security/manager/ssl/nsSecureBrowserUIImpl.h
+++ b/security/manager/ssl/nsSecureBrowserUIImpl.h
@@ -7,42 +7,39 @@
#define nsSecureBrowserUIImpl_h
#include "PLDHashTable.h"
#include "mozilla/ReentrancyGuard.h"
#include "nsCOMPtr.h"
#include "nsINetUtil.h"
#include "nsISecureBrowserUI.h"
#include "nsISecurityEventSink.h"
-#include "nsITransportSecurityInfoProvider.h"
#include "nsIURI.h"
#include "nsIWebProgressListener.h"
#include "nsWeakReference.h"
class nsITransportSecurityInfo;
class nsIChannel;
#define NS_SECURE_BROWSER_UI_CID \
{ 0xcc75499a, 0x1dd1, 0x11b2, {0x8a, 0x82, 0xca, 0x41, 0x0a, 0xc9, 0x07, 0xb8}}
class nsSecureBrowserUIImpl : public nsISecureBrowserUI,
public nsIWebProgressListener,
- public nsSupportsWeakReference,
- public nsITransportSecurityInfoProvider
+ public nsSupportsWeakReference
{
friend class mozilla::ReentrancyGuard;
public:
nsSecureBrowserUIImpl();
NS_DECL_ISUPPORTS
NS_DECL_NSIWEBPROGRESSLISTENER
NS_DECL_NSISECUREBROWSERUI
- NS_DECL_NSITRANSPORTSECURITYINFOPROVIDER
protected:
virtual ~nsSecureBrowserUIImpl() {};
nsWeakPtr mWindow;
nsWeakPtr mDocShell;
nsCOMPtr<nsINetUtil> mIOService;
nsCOMPtr<nsIURI> mCurrentURI;
--- a/security/manager/ssl/tests/unit/test_ssl_status.js
+++ b/security/manager/ssl/tests/unit/test_ssl_status.js
@@ -16,30 +16,30 @@ function run_test() {
});
fakeOCSPResponder.start(8888);
// Test successful connection (failedCertChain should be null,
// succeededCertChain should be set as expected)
add_connection_test(
"good.include-subdomains.pinning.example.com", PRErrorCodeSuccess, null,
function withSecurityInfo(aSecInfo) {
- let sslstatus = aSecInfo.QueryInterface(Ci.nsITransportSecurityInfo).SSLStatus;
+ let sslstatus = aSecInfo.SSLStatus;
equal(sslstatus.failedCertChain, null,
"failedCertChain for a successful connection should be null");
ok(sslstatus.succeededCertChain.equals(build_cert_chain(["default-ee", "test-ca"])),
"succeededCertChain for a successful connection should be as expected");
}
);
// Test failed connection (failedCertChain should be set as expected,
// succeededCertChain should be null)
add_connection_test(
"expired.example.com", SEC_ERROR_EXPIRED_CERTIFICATE, null,
function withSecurityInfo(aSecInfo) {
- let sslstatus = aSecInfo.QueryInterface(Ci.nsITransportSecurityInfo).SSLStatus;
+ let sslstatus = aSecInfo.SSLStatus;
equal(sslstatus.succeededCertChain, null,
"succeededCertChain for a failed connection should be null");
ok(sslstatus.failedCertChain.equals(build_cert_chain(["expired-ee", "test-ca"])),
"failedCertChain for a failed connection should be as expected");
}
);
// Ensure the correct failed cert chain is set on cert override
--- a/security/manager/tools/getHSTSPreloadList.js
+++ b/security/manager/tools/getHSTSPreloadList.js
@@ -106,17 +106,18 @@ function getHosts(rawdata) {
function processStsHeader(host, header, status, securityInfo) {
let maxAge = { value: 0 };
let includeSubdomains = { value: false };
let error = ERROR_NONE;
if (header != null && securityInfo != null) {
try {
let uri = Services.io.newURI("https://" + host.name);
- let sslStatus = securityInfo.QueryInterface(Ci.nsITransportSecurityInfo).SSLStatus;
+ let sslStatus = securityInfo.
+ QueryInterface(Ci.nsITransportSecurityInfo).SSLStatus;
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS,
uri, header, sslStatus, 0,
Ci.nsISiteSecurityService.SOURCE_PRELOAD_LIST,
{}, maxAge, includeSubdomains);
} catch (e) {
dump("ERROR: could not process header '" + header + "' from " +
host.name + ": " + e + "\n");
error = e;
--- a/testing/marionette/puppeteer/firefox/firefox_puppeteer/api/security.py
+++ b/testing/marionette/puppeteer/firefox/firefox_puppeteer/api/security.py
@@ -38,17 +38,16 @@ class Security(BaseLib):
:param tab_element: The inner tab DOM element.
:returns: Certificate details as JSON object.
"""
cert = self.marionette.execute_script("""
var securityUI = arguments[0].linkedBrowser.securityUI;
var status = securityUI
- .QueryInterface(Components.interfaces.nsITransportSecurityInfoProvider)
.secInfo.QueryInterface(Components.interfaces.nsITransportSecurityInfo)
.SSLStatus;
return status ? status.serverCert : null;
""", script_args=[tab_element])
uri = self.marionette.execute_script("""
return arguments[0].linkedBrowser.currentURI.spec;
--- a/toolkit/content/browser-child.js
+++ b/toolkit/content/browser-child.js
@@ -368,17 +368,17 @@ var WebNavigation = {
this.webNavigation.stop(flags);
}
};
WebNavigation.init();
var SecurityUI = {
getSecInfoAsString() {
- let secinfo = docShell.securityUI.QueryInterface(Ci.nsITransportSecurityInfoProvider).secInfo;
+ let secinfo = docShell.securityUI.secInfo;
if (secinfo) {
if (secinfo) {
let helper = Cc["@mozilla.org/network/serialization-helper;1"]
.getService(Ci.nsISerializationHelper);
secinfo.QueryInterface(Ci.nsISerializable);
return helper.serializeToString(secinfo);
--- a/toolkit/modules/RemoteSecurityUI.jsm
+++ b/toolkit/modules/RemoteSecurityUI.jsm
@@ -8,22 +8,20 @@ var EXPORTED_SYMBOLS = ["RemoteSecurityU
ChromeUtils.import("resource://gre/modules/XPCOMUtils.jsm");
function RemoteSecurityUI() {
this._secInfo = null;
this._state = 0;
}
RemoteSecurityUI.prototype = {
- QueryInterface: ChromeUtils.generateQI([Ci.nsITransportSecurityInfoProvider, Ci.nsISecureBrowserUI]),
-
- // nsITransportSecurityInfoProvider
- get secInfo() { return this._secInfo; },
+ QueryInterface: ChromeUtils.generateQI([Ci.nsISecureBrowserUI]),
// nsISecureBrowserUI
get state() { return this._state; },
get tooltipText() { return ""; },
+ get secInfo() { return this._secInfo; },
_update(aSecInfo, aState) {
this._secInfo = aSecInfo;
this._state = aState;
}
};