Bug 1099088 - Part 2: Show "This is a secure Firefox page" site identity popup on about: pages r=liuche
--- a/mobile/android/base/java/org/mozilla/gecko/toolbar/SiteIdentityPopup.java
+++ b/mobile/android/base/java/org/mozilla/gecko/toolbar/SiteIdentityPopup.java
@@ -306,17 +306,26 @@ public class SiteIdentityPopup extends A
* The connection state should reflect the combination of:
* a) Connection encryption
* b) Mixed Content state (Active/Display Mixed content, loaded, blocked, none, etc)
* and update the icons and strings to inform the user of that state.
*
* @param siteIdentity SiteIdentity information about the connection.
*/
private void updateConnectionState(final SiteIdentity siteIdentity) {
- if (!siteIdentity.isSecure()) {
+ if (siteIdentity.getSecurityMode() == SecurityMode.CHROMEUI) {
+ mSecurityState.setText(R.string.identity_connection_chromeui);
+ mSecurityState.setTextColor(ColorUtils.getColor(mContext, R.color.placeholder_active_grey));
+
+ mIcon.setImageResource(R.drawable.icon);
+ clearSecurityStateIcon();
+
+ mMixedContentActivity.setVisibility(View.GONE);
+ mLink.setVisibility(View.GONE);
+ } else if (!siteIdentity.isSecure()) {
if (siteIdentity.loginInsecure()) {
// Login detected on an insecure page.
mIcon.setImageResource(R.drawable.lock_disabled);
clearSecurityStateIcon();
mMixedContentActivity.setVisibility(View.VISIBLE);
mMixedContentActivity.setText(R.string.identity_login_insecure);
} else if (siteIdentity.getMixedModeActive() == MixedMode.MIXED_CONTENT_LOADED) {
@@ -459,46 +468,57 @@ public class SiteIdentityPopup extends A
@Override
public void show() {
if (mSiteIdentity == null) {
Log.e(LOGTAG, "Can't show site identity popup for undefined state");
return;
}
- // about: has an unknown SiteIdentity in code, but showing "This
- // site's identity is unknown" is misleading! So don't show a popup.
+ // Verified about: pages have the CHROMEUI SiteIdentity, however there can also
+ // be unverified about: pages for which "This site's identity is unknown" or
+ // "This is a secure Firefox page" are both misleading, so don't show a popup.
final Tab selectedTab = Tabs.getInstance().getSelectedTab();
- if (selectedTab != null && AboutPages.isAboutPage(selectedTab.getURL())) {
- Log.d(LOGTAG, "We don't show site identity popups for about: pages");
+ if (selectedTab != null &&
+ AboutPages.isAboutPage(selectedTab.getURL()) &&
+ mSiteIdentity.getSecurityMode() != SecurityMode.CHROMEUI) {
+ Log.d(LOGTAG, "We don't show site identity popups for unverified about: pages");
return;
}
updateIdentity(mSiteIdentity);
final TrackingMode trackingMode = mSiteIdentity.getTrackingMode();
if (trackingMode != TrackingMode.UNKNOWN) {
addTrackingContentNotification(trackingMode == TrackingMode.TRACKING_CONTENT_BLOCKED);
}
try {
addSelectLoginDoorhanger(selectedTab);
} catch (JSONException e) {
Log.e(LOGTAG, "Error adding selectLogin doorhanger", e);
}
- mTitle.setText(selectedTab.getBaseDomain());
- final Bitmap favicon = selectedTab.getFavicon();
- if (favicon != null) {
- final Drawable faviconDrawable = new BitmapDrawable(mResources, favicon);
- final int dimen = (int) mResources.getDimension(R.dimen.browser_toolbar_favicon_size);
- faviconDrawable.setBounds(0, 0, dimen, dimen);
+ if (mSiteIdentity.getSecurityMode() == SecurityMode.CHROMEUI) {
+ // For about: pages we display the product icon in place of the verified/globe
+ // image, hence we don't also set the favicon (for most about pages the
+ // favicon is the product icon, hence we'd be showing the same icon twice).
+ mTitle.setText(R.string.moz_app_displayname);
+ } else {
+ mTitle.setText(selectedTab.getBaseDomain());
- mTitle.setCompoundDrawables(faviconDrawable, null, null, null);
- mTitle.setCompoundDrawablePadding((int) mContext.getResources().getDimension(R.dimen.doorhanger_drawable_padding));
+ final Bitmap favicon = selectedTab.getFavicon();
+ if (favicon != null) {
+ final Drawable faviconDrawable = new BitmapDrawable(mResources, favicon);
+ final int dimen = (int) mResources.getDimension(R.dimen.browser_toolbar_favicon_size);
+ faviconDrawable.setBounds(0, 0, dimen, dimen);
+
+ mTitle.setCompoundDrawables(faviconDrawable, null, null, null);
+ mTitle.setCompoundDrawablePadding((int) mContext.getResources().getDimension(R.dimen.doorhanger_drawable_padding));
+ }
}
showDividers();
super.show();
}
// Show the right dividers
--- a/mobile/android/base/java/org/mozilla/gecko/toolbar/ToolbarDisplayLayout.java
+++ b/mobile/android/base/java/org/mozilla/gecko/toolbar/ToolbarDisplayLayout.java
@@ -122,16 +122,20 @@ public class ToolbarDisplayLayout extend
private AlphaAnimation mLockFadeIn;
private TranslateAnimation mTitleSlideLeft;
private TranslateAnimation mTitleSlideRight;
private final SiteIdentityPopup mSiteIdentityPopup;
private int mSecurityImageLevel;
+ // Security level constants, which map to the icons / levels defined in:
+ // http://mxr.mozilla.org/mozilla-central/source/mobile/android/base/java/org/mozilla/gecko/resources/drawable/site_security_level.xml
+ // Default level (unverified pages) - globe icon:
+ private final int LEVEL_DEFAULT_GLOBE = 0;
// Levels for displaying Mixed Content state icons.
private final int LEVEL_WARNING_MINOR = 3;
private final int LEVEL_LOCK_DISABLED = 4;
// Levels for displaying Tracking Protection state icons.
private final int LEVEL_SHIELD_ENABLED = 5;
private final int LEVEL_SHIELD_DISABLED = 6;
private PropertyAnimator mForwardAnim;
@@ -435,16 +439,24 @@ public class ToolbarDisplayLayout extend
trackingMode = siteIdentity.getTrackingMode();
loginInsecure = siteIdentity.loginInsecure();
}
// This is a bit tricky, but we have one icon and three potential indicators.
// Default to the identity level
int imageLevel = securityMode.ordinal();
+ // about: pages should default to having no icon too (the same as SecurityMode.UNKNOWN), however
+ // SecurityMode.CHROMEUI has a different ordinal - hence we need to manually reset it here.
+ // (We then continue and process the tracking / mixed content icons as usual, even for about: pages, as they
+ // can still load external sites.)
+ if (securityMode == SecurityMode.CHROMEUI) {
+ imageLevel = LEVEL_DEFAULT_GLOBE; // == SecurityMode.UNKNOWN.ordinal()
+ }
+
// Check to see if any protection was overridden first
if (loginInsecure) {
imageLevel = LEVEL_LOCK_DISABLED;
} else if (trackingMode == TrackingMode.TRACKING_CONTENT_LOADED) {
imageLevel = LEVEL_SHIELD_DISABLED;
} else if (trackingMode == TrackingMode.TRACKING_CONTENT_BLOCKED) {
imageLevel = LEVEL_SHIELD_ENABLED;
} else if (activeMixedMode == MixedMode.MIXED_CONTENT_LOADED) {
--- a/mobile/android/base/locales/en-US/android_strings.dtd
+++ b/mobile/android/base/locales/en-US/android_strings.dtd
@@ -587,16 +587,17 @@ Example Enterprises, Inc.
The layout of the identity dialog prevents combining this into a single string with
substitution variables. If it is difficult to translate the sense of the string
with that structure, consider a translation which ignores the preceding domain and
just addresses the organization to follow, e.g. "This site is run by " -->
<!ENTITY identity_connection_secure "Secure Connection">
<!ENTITY identity_connection_insecure "Insecure connection">
<!ENTITY identity_login_insecure "This page is not secure and your login could be vulnerable.">
+<!ENTITY identity_connection_chromeui "This is a secure &brandShortName; page">
<!-- Mixed content notifications in site identity popup -->
<!ENTITY mixed_content_blocked_all1 "&brandShortName; has blocked insecure content on this page.">
<!ENTITY mixed_content_blocked_some1 "&brandShortName; has blocked some of the insecure content on this page.">
<!ENTITY mixed_content_display_loaded1 "Parts of this page are not secure (such as images).">
<!ENTITY mixed_content_protection_disabled1 "You have disabled protection from insecure content.">
<!-- Tracking content notifications in site identity popup -->
--- a/mobile/android/base/strings.xml.in
+++ b/mobile/android/base/strings.xml.in
@@ -482,16 +482,17 @@
<string name="bookmarkdefaults_title_restricted_support">&bookmarks_restricted_support2;</string>
<string name="bookmarkdefaults_url_restricted_support">https://support.mozilla.org/kb/controlledaccess</string>
<!-- Site identity popup -->
<string name="identity_connection_secure">&identity_connection_secure;</string>
<string name="identity_connection_insecure">&identity_connection_insecure;</string>
<string name="identity_login_insecure">&identity_login_insecure;</string>
+ <string name="identity_connection_chromeui">&identity_connection_chromeui;</string>
<string name="mixed_content_blocked_all">&mixed_content_blocked_all1;</string>
<string name="mixed_content_blocked_some">&mixed_content_blocked_some1;</string>
<string name="mixed_content_display_loaded">&mixed_content_display_loaded1;</string>
<string name="mixed_content_protection_disabled">&mixed_content_protection_disabled1;</string>
<string name="doorhanger_tracking_title">&doorhanger_tracking_title;</string>
<string name="doorhanger_tracking_state_enabled">&doorhanger_tracking_state_enabled;</string>