Bug 1319176 - Open the SUMO page when the insecure login warning is clicked. r=seanlee
MozReview-Commit-ID: JxAps2ySOnZ
--- a/toolkit/components/passwordmgr/test/browser/browser.ini
+++ b/toolkit/components/passwordmgr/test/browser/browser.ini
@@ -1,24 +1,26 @@
[DEFAULT]
support-files =
../formsubmit.sjs
authenticate.sjs
form_basic.html
form_basic_iframe.html
formless_basic.html
form_same_origin_action.html
- form_cross_origin_insecure_action.html
form_cross_origin_secure_action.html
head.js
insecure_test.html
insecure_test_subframe.html
multiple_forms.html
streamConverter_content.sjs
+[browser_autocomplete_insecure_warning.js]
+support-files =
+ form_cross_origin_insecure_action.html
[browser_capture_doorhanger.js]
support-files =
subtst_notifications_1.html
subtst_notifications_2.html
subtst_notifications_2pw_0un.html
subtst_notifications_2pw_1un_1text.html
subtst_notifications_3.html
subtst_notifications_4.html
@@ -41,17 +43,19 @@ support-files =
subtst_notifications_change_p.html
[browser_DOMFormHasPassword.js]
[browser_DOMInputPasswordAdded.js]
[browser_exceptions_dialog.js]
[browser_formless_submit_chrome.js]
[browser_hasInsecureLoginForms.js]
[browser_hasInsecureLoginForms_streamConverter.js]
[browser_http_autofill.js]
-[browser_insecurePasswordWarning.js]
+[browser_insecurePasswordConsoleWarning.js]
+support-files =
+ form_cross_origin_insecure_action.html
[browser_notifications.js]
[browser_notifications_username.js]
[browser_notifications_password.js]
[browser_notifications_2.js]
skip-if = os == "linux" # Bug 1272849 Main action button disabled state intermittent
[browser_passwordmgr_editing.js]
skip-if = os == "linux"
[browser_context_menu.js]
new file mode 100644
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_autocomplete_insecure_warning.js
@@ -0,0 +1,38 @@
+"use strict";
+
+const EXPECTED_SUPPORT_URL = Services.urlFormatter.formatURLPref("app.support.baseURL") +
+ "insecure-password";
+
+add_task(function* test_clickInsecureFieldWarning() {
+ let url = "https://example.com" + DIRECTORY_PATH + "form_cross_origin_insecure_action.html";
+
+ yield BrowserTestUtils.withNewTab({
+ gBrowser,
+ url,
+ }, function*(browser) {
+ let popup = document.getElementById("PopupAutoComplete");
+ ok(popup, "Got popup");
+
+ let promiseShown = BrowserTestUtils.waitForEvent(popup, "popupshown");
+
+ // Focus the username field to open the popup.
+ yield ContentTask.spawn(browser, null, function openAutocomplete() {
+ content.document.getElementById("form-basic-username").focus();
+ });
+
+ yield promiseShown;
+ ok(promiseShown, "autocomplete shown");
+
+ let warningItem = document.getAnonymousElementByAttribute(popup, "type", "insecureWarning");
+ ok(warningItem, "Got warning richlistitem");
+
+ yield BrowserTestUtils.waitForCondition(() => !warningItem.collapsed, "Wait for warning to show");
+
+ info("Clicking on warning");
+ let supportTabPromise = BrowserTestUtils.waitForNewTab(gBrowser, EXPECTED_SUPPORT_URL);
+ EventUtils.synthesizeMouseAtCenter(warningItem, {});
+ let supportTab = yield supportTabPromise;
+ ok(supportTab, "Support tab opened");
+ yield BrowserTestUtils.removeTab(supportTab);
+ });
+});
rename from toolkit/components/passwordmgr/test/browser/browser_insecurePasswordWarning.js
rename to toolkit/components/passwordmgr/test/browser/browser_insecurePasswordConsoleWarning.js
--- a/toolkit/components/passwordmgr/test/browser/browser_insecurePasswordWarning.js
+++ b/toolkit/components/passwordmgr/test/browser/browser_insecurePasswordConsoleWarning.js
@@ -1,12 +1,10 @@
"use strict";
-const TEST_URL_PATH = "/browser/toolkit/components/passwordmgr/test/browser/";
-
const WARNING_PATTERN = [{
key: "INSECURE_FORM_ACTION",
msg: 'JavaScript Warning: "Password fields present in a form with an insecure (http://) form action. This is a security risk that allows user login credentials to be stolen."'
}, {
key: "INSECURE_PAGE",
msg: 'JavaScript Warning: "Password fields present on an insecure (http://) page. This is a security risk that allows user login credentials to be stolen."'
}];
@@ -53,17 +51,17 @@ add_task(function* testInsecurePasswordW
["http://example.com", "form_cross_origin_insecure_action.html", ["INSECURE_PAGE"]],
["https://example.com", "form_cross_origin_insecure_action.html", ["INSECURE_FORM_ACTION"]],
// For a form with a secure (https) customized action link.
["http://127.0.0.1", "form_cross_origin_secure_action.html", []],
["http://example.com", "form_cross_origin_secure_action.html", ["INSECURE_PAGE"]],
["https://example.com", "form_cross_origin_secure_action.html", []],
]) {
- let testURL = origin + TEST_URL_PATH + testFile;
+ let testURL = origin + DIRECTORY_PATH + testFile;
let promiseConsoleMessages = new Promise(resolve => {
warningPatternHandler = function(warning, originMessage) {
ok(warning, "Handling a warning pattern");
let fullMessage = `[${warning.msg} {file: "${testURL}" line: 0 column: 0 source: "0"}]`;
is(originMessage, fullMessage, "Message full matched:" + originMessage);
let index = expectWarnings.indexOf(warning.key);
isnot(index, -1, "Found warning: " + warning.key + " for URL:" + testURL);
--- a/toolkit/components/satchel/AutoCompletePopup.jsm
+++ b/toolkit/components/satchel/AutoCompletePopup.jsm
@@ -266,18 +266,21 @@ this.AutoCompletePopup = {
}
}
// Returning false to pacify ESLint, but this return value is
// ignored by the messaging infrastructure.
return false;
},
/**
- * Despite its name, handleEnter is what is called when the
- * user clicks on one of the items in the popup.
+ * Despite its name, this handleEnter is only called when the user clicks on
+ * one of the items in the popup since the popup is rendered in the parent process.
+ * The real controller's handleEnter is called directly in the content process
+ * for other methods of completing a selection (e.g. using the tab or enter
+ * keys) since the field with focus is in that process.
*/
handleEnter(aIsPopupSelection) {
if (this.openedPopup) {
this.sendMessageToBrowser("FormAutoComplete:HandleEnter", {
selectedIndex: this.openedPopup.selectedIndex,
isPopupSelection: aIsPopupSelection,
});
}
--- a/toolkit/content/widgets/autocomplete.xml
+++ b/toolkit/content/widgets/autocomplete.xml
@@ -1512,16 +1512,26 @@ extends="chrome://global/content/binding
xbl:inherits="selected,actiontype">
<xul:description class="ac-text-overflow-container">
<xul:description anonid="action-text"
class="ac-action-text"
xbl:inherits="selected"/>
</xul:description>
</xul:hbox>
</content>
+
+ <handlers>
+ <handler event="click" button="0"><![CDATA[
+ let baseURL = Services.urlFormatter.formatURLPref("app.support.baseURL");
+ window.openUILinkIn(baseURL + "insecure-password", "tab", {
+ relatedToCurrent: true,
+ });
+ ]]></handler>
+ </handlers>
+
<implementation>
<constructor><![CDATA[
// Unlike other autocomplete items, the height of the insecure warning
// increases by wrapping. So "forceHandleUnderflow" is for container to
// recalculate an item's height and width.
this.classList.add("forceHandleUnderflow");
]]></constructor>
</implementation>