239 lines
8.3 KiB
HTML
239 lines
8.3 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
|
|
<!DOCTYPE html [
|
|
<!ENTITY % htmlDTD PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "DTD/xhtml1-strict.dtd">
|
|
%htmlDTD;
|
|
<!ENTITY % globalDTD SYSTEM "chrome://global/locale/global.dtd">
|
|
%globalDTD;
|
|
<!ENTITY % brandDTD SYSTEM "chrome://branding/locale/brand.dtd" >
|
|
%brandDTD;
|
|
<!ENTITY % blockedSiteDTD SYSTEM "chrome://browser/locale/safebrowsing/phishing-afterload-warning-message.dtd">
|
|
%blockedSiteDTD;
|
|
]>
|
|
|
|
<!-- This Source Code Form is subject to the terms of the Mozilla Public
|
|
- License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
- file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
|
|
|
|
<html xmlns="http://www.w3.org/1999/xhtml" class="blacklist">
|
|
<head>
|
|
<link rel="stylesheet" href="chrome://global/skin/netError.css" type="text/css" media="all" />
|
|
<link rel="icon" type="image/png" id="favicon" href="chrome://global/skin/icons/blacklist_favicon.png"/>
|
|
|
|
<script type="application/javascript"><![CDATA[
|
|
// Error url MUST be formatted like this:
|
|
// about:blocked?e=error_code&u=url(&o=1)?
|
|
// (o=1 when user overrides are allowed)
|
|
|
|
// Note that this file uses document.documentURI to get
|
|
// the URL (with the format from above). This is because
|
|
// document.location.href gets the current URI off the docshell,
|
|
// which is the URL displayed in the location bar, i.e.
|
|
// the URI that the user attempted to load.
|
|
|
|
function getErrorCode()
|
|
{
|
|
var url = document.documentURI;
|
|
var error = url.search(/e\=/);
|
|
var duffUrl = url.search(/\&u\=/);
|
|
return decodeURIComponent(url.slice(error + 2, duffUrl));
|
|
}
|
|
|
|
function getURL()
|
|
{
|
|
var url = document.documentURI;
|
|
var match = url.match(/&u=([^&]+)&/);
|
|
|
|
// match == null if not found; if so, return an empty string
|
|
// instead of what would turn out to be portions of the URI
|
|
if (!match)
|
|
return "";
|
|
|
|
url = decodeURIComponent(match[1]);
|
|
|
|
// If this is a view-source page, then get then real URI of the page
|
|
if (url.startsWith("view-source:"))
|
|
url = url.slice(12);
|
|
return url;
|
|
}
|
|
|
|
/**
|
|
* Check whether this warning page should be overridable or whether
|
|
* the "ignore warning" button should be hidden.
|
|
*/
|
|
function getOverride()
|
|
{
|
|
var url = document.documentURI;
|
|
var match = url.match(/&o=1&/);
|
|
return !!match;
|
|
}
|
|
|
|
/**
|
|
* Attempt to get the hostname via document.location. Fail back
|
|
* to getURL so that we always return something meaningful.
|
|
*/
|
|
function getHostString()
|
|
{
|
|
try {
|
|
return document.location.hostname;
|
|
} catch (e) {
|
|
return getURL();
|
|
}
|
|
}
|
|
|
|
function initPage()
|
|
{
|
|
var error = "";
|
|
switch (getErrorCode()) {
|
|
case "malwareBlocked" :
|
|
error = "malware";
|
|
break;
|
|
case "phishingBlocked" :
|
|
error = "phishing";
|
|
break;
|
|
case "unwantedBlocked" :
|
|
error = "unwanted";
|
|
break;
|
|
case "forbiddenBlocked" :
|
|
error = "forbidden";
|
|
break;
|
|
default:
|
|
return;
|
|
}
|
|
|
|
var el;
|
|
|
|
if (error !== "malware") {
|
|
el = document.getElementById("errorTitleText_malware");
|
|
el.parentNode.removeChild(el);
|
|
el = document.getElementById("errorShortDescText_malware");
|
|
el.parentNode.removeChild(el);
|
|
el = document.getElementById("errorLongDescText_malware");
|
|
el.parentNode.removeChild(el);
|
|
}
|
|
|
|
if (error !== "phishing") {
|
|
el = document.getElementById("errorTitleText_phishing");
|
|
el.parentNode.removeChild(el);
|
|
el = document.getElementById("errorShortDescText_phishing");
|
|
el.parentNode.removeChild(el);
|
|
el = document.getElementById("errorLongDescText_phishing");
|
|
el.parentNode.removeChild(el);
|
|
}
|
|
|
|
if (error !== "unwanted") {
|
|
el = document.getElementById("errorTitleText_unwanted");
|
|
el.parentNode.removeChild(el);
|
|
el = document.getElementById("errorShortDescText_unwanted");
|
|
el.parentNode.removeChild(el);
|
|
el = document.getElementById("errorLongDescText_unwanted");
|
|
el.parentNode.removeChild(el);
|
|
}
|
|
|
|
if (error !== "forbidden") {
|
|
el = document.getElementById("errorTitleText_forbidden");
|
|
el.parentNode.removeChild(el);
|
|
el = document.getElementById("errorShortDescText_forbidden");
|
|
el.parentNode.removeChild(el);
|
|
} else {
|
|
el = document.getElementById("ignoreWarningButton");
|
|
el.parentNode.removeChild(el);
|
|
el = document.getElementById("reportButton");
|
|
el.parentNode.removeChild(el);
|
|
}
|
|
|
|
// Set sitename
|
|
document.getElementById(error + "_sitename").textContent = getHostString();
|
|
document.title = document.getElementById("errorTitleText_" + error)
|
|
.innerHTML;
|
|
|
|
if (!getOverride()) {
|
|
var btn = document.getElementById("ignoreWarningButton");
|
|
if (btn) {
|
|
btn.parentNode.removeChild(btn);
|
|
}
|
|
}
|
|
|
|
// Inform the test harness that we're done loading the page
|
|
var event = new CustomEvent("AboutBlockedLoaded");
|
|
document.dispatchEvent(event);
|
|
}
|
|
]]></script>
|
|
<style type="text/css">
|
|
/* Style warning button to look like a small text link in the
|
|
bottom right. This is preferable to just using a text link
|
|
since there is already a mechanism in browser.js for trapping
|
|
oncommand events from unprivileged chrome pages (BrowserOnCommand).*/
|
|
#ignoreWarningButton {
|
|
-moz-appearance: none;
|
|
background: transparent;
|
|
border: none;
|
|
color: white; /* Hard coded because netError.css forces this page's background to dark red */
|
|
text-decoration: underline;
|
|
margin: 0;
|
|
padding: 0;
|
|
position: relative;
|
|
top: 23px;
|
|
left: 20px;
|
|
font-size: smaller;
|
|
}
|
|
|
|
#ignoreWarningButton:-moz-dir(rtl) {
|
|
left: auto;
|
|
right: 20px;
|
|
}
|
|
|
|
#ignoreWarning {
|
|
text-align: end;
|
|
}
|
|
</style>
|
|
</head>
|
|
|
|
<body dir="&locale.dir;">
|
|
<div id="errorPageContainer">
|
|
|
|
<!-- Error Title -->
|
|
<div id="errorTitle">
|
|
<h1 id="errorTitleText_phishing">&safeb.blocked.phishingPage.title;</h1>
|
|
<h1 id="errorTitleText_malware">&safeb.blocked.malwarePage.title;</h1>
|
|
<h1 id="errorTitleText_unwanted">&safeb.blocked.unwantedPage.title;</h1>
|
|
<h1 id="errorTitleText_forbidden">&safeb.blocked.forbiddenPage.title;</h1>
|
|
</div>
|
|
|
|
<div id="errorLongContent">
|
|
|
|
<!-- Short Description -->
|
|
<div id="errorShortDesc">
|
|
<p id="errorShortDescText_phishing">&safeb.blocked.phishingPage.shortDesc;</p>
|
|
<p id="errorShortDescText_malware">&safeb.blocked.malwarePage.shortDesc;</p>
|
|
<p id="errorShortDescText_unwanted">&safeb.blocked.unwantedPage.shortDesc;</p>
|
|
<p id="errorShortDescText_forbidden">&safeb.blocked.forbiddenPage.shortDesc;</p>
|
|
</div>
|
|
|
|
<!-- Long Description -->
|
|
<div id="errorLongDesc">
|
|
<p id="errorLongDescText_phishing">&safeb.blocked.phishingPage.longDesc;</p>
|
|
<p id="errorLongDescText_malware">&safeb.blocked.malwarePage.longDesc;</p>
|
|
<p id="errorLongDescText_unwanted">&safeb.blocked.unwantedPage.longDesc;</p>
|
|
</div>
|
|
|
|
<!-- Action buttons -->
|
|
<div id="buttons">
|
|
<!-- Commands handled in browser.js -->
|
|
<button id="getMeOutButton">&safeb.palm.accept.label;</button>
|
|
<button id="reportButton">&safeb.palm.reportPage.label;</button>
|
|
</div>
|
|
</div>
|
|
<div id="ignoreWarning">
|
|
<button id="ignoreWarningButton">&safeb.palm.decline.label;</button>
|
|
</div>
|
|
</div>
|
|
<!--
|
|
- Note: It is important to run the script this way, instead of using
|
|
- an onload handler. This is because error pages are loaded as
|
|
- LOAD_BACKGROUND, which means that onload handlers will not be executed.
|
|
-->
|
|
<script type="application/javascript">initPage();</script>
|
|
</body>
|
|
</html>
|