Bug 633691 - Removed the ability to add exceptions to framed certerrors. r=gavin
authorJared Wein <jwein@mozilla.com>
Mon, 05 Dec 2011 14:01:00 -0800
changeset 81403 290d329672e5b696809a8958e7e4c3408c01e2c8
parent 81402 cdee05798c4abce28d16cce222ea47383b97452b
child 81473 338fae43b9d0d174fb58e7a086f9f8de565c420c
push id371
push userjwein@mozilla.com
push dateMon, 05 Dec 2011 22:29:37 +0000
treeherderfx-team@290d329672e5 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersgavin
bugs633691
milestone11.0a1
Bug 633691 - Removed the ability to add exceptions to framed certerrors. r=gavin
browser/components/certerror/content/aboutCertError.xhtml
--- a/browser/components/certerror/content/aboutCertError.xhtml
+++ b/browser/components/certerror/content/aboutCertError.xhtml
@@ -118,21 +118,22 @@
         };
         replaceWithHost(intro);
         
         if (getCSSClass() == "expertBadCert") {
           toggle('technicalContent');
           toggle('expertContent');
         }
 
-        // if this is a Strict-Transport-Security host and the cert
-        // is bad, don't allow overrides (STS Spec section 7.3).
-        if (getCSSClass() == "badStsCert") {
+        // Disallow overrides if this is a Strict-Transport-Security
+        // host and the cert is bad (STS Spec section 7.3) or if the
+        // certerror is in a frame (bug 633691).
+        if (getCSSClass() == "badStsCert" || window != top) {
           var ec = document.getElementById('expertContent');
-          document.getElementById('errorLongContent').removeChild(ec);
+          ec.parentNode.removeChild(ec);
         }
         
         var tech = document.getElementById("technicalContentText");
         if (tech)
           tech.textContent = getDescription();
         
         addDomainErrorLink();
       }