Bug 546857 Part 3: Make error pages not use xul buttons. r=dao a=blocker
authorJonas Sicking <jonas@sicking.cc>
Thu, 19 Aug 2010 16:06:07 -0700
changeset 50983 61fd19a4587f89ab75f259e0742de56eb94f57f7
parent 50982 1493938c90c84a6ebfd1b8fff765dd882a494ab7
child 50984 7072d5e4753f25d98aab57041a0c2fb6081a1618
push id15201
push usersicking@mozilla.com
push dateFri, 20 Aug 2010 00:14:57 +0000
treeherdermozilla-central@80b450a23c6b [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersdao, blocker
bugs546857
milestone2.0b5pre
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 546857 Part 3: Make error pages not use xul buttons. r=dao a=blocker
browser/base/content/aboutRobots.xhtml
browser/base/content/browser.js
browser/components/certerror/content/aboutCertError.xhtml
browser/components/privatebrowsing/content/aboutPrivateBrowsing.xhtml
browser/components/safebrowsing/content/blockedSite.xhtml
browser/components/safebrowsing/content/test/browser_bug400731.js
browser/locales/en-US/chrome/overrides/netError.dtd
docshell/resources/content/netError.xhtml
--- a/browser/base/content/aboutRobots.xhtml
+++ b/browser/base/content/aboutRobots.xhtml
@@ -71,17 +71,17 @@
       var buttonClicked = false;
       function robotButton()
       {
         var button = document.getElementById('errorTryAgain');
         if (buttonClicked) {
           button.style.visibility = "hidden";
         } else {
           var newLabel = button.getAttribute("label2");
-          button.setAttribute("label", newLabel);
+          button.textContent = newLabel;
           buttonClicked = true;
         }
       }
     ]]></script>
 
     <style type="text/css"><![CDATA[
       #errorPageContainer {
         background: url('chrome://browser/content/aboutRobots-icon.png') left 0 no-repeat -moz-Field;
@@ -134,21 +134,19 @@
         <!-- Short Description -->
         <div id="errorTrailerDesc">
           <p id="errorTrailerDescText">&robots.errorTrailerDescText;</p>
         </div>
 
       </div>
 
       <!-- Button -->
-      <xul:button xmlns:xul="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
-                  id="errorTryAgain"
-                  label="&retry.label;"
-                  label2="&robots.dontpress;"
-                  oncommand="robotButton();" />
+      <button id="errorTryAgain"
+              label2="&robots.dontpress;"
+              onclick="robotButton();">&retry.label;</button>
 
       <img src="chrome://browser/content/aboutRobots-widget-left.png"
            style="position: absolute; bottom: -12px; left: -10px;"/>
       <img src="chrome://browser/content/aboutRobots-widget-right.png"
            style="position: absolute; bottom: -12px; right: -10px;"/>
     </div>
 
   </body>
--- a/browser/base/content/browser.js
+++ b/browser/base/content/browser.js
@@ -1445,22 +1445,16 @@ function delayedStartup(isLoadingBlank, 
     dump("nsSessionStore could not be initialized: " + ex + "\n");
   }
 
   PlacesToolbarHelper.init();
 
   // bookmark-all-tabs command
   gBookmarkAllTabsHandler.init();
 
-  // Attach a listener to watch for "command" events bubbling up from error
-  // pages.  This lets us fix bugs like 401575 which require error page UI to
-  // do privileged things, without letting error pages have any privilege
-  // themselves.
-  gBrowser.addEventListener("command", BrowserOnCommand, false);
-
   ctrlTab.readPref();
   gPrefService.addObserver(ctrlTab.prefName, ctrlTab, false);
   gPrefService.addObserver(allTabs.prefName, allTabs, false);
 
   // Initialize the microsummary service by retrieving it, prompting its factory
   // to create its singleton, whose constructor initializes the service.
   // Started 4 seconds after delayedStartup (before the livemarks service below).
   setTimeout(function() {
@@ -2486,19 +2480,19 @@ function BrowserImport()
   window.openDialog("chrome://browser/content/migration/migration.xul",
                     "migration", "modal,centerscreen,chrome,resizable=no");
 #endif
 }
 
 /**
  * Handle command events bubbling up from error page content
  */
-function BrowserOnCommand(event) {
+function BrowserOnClick(event) {
     // Don't trust synthetic events
-    if (!event.isTrusted)
+    if (!event.isTrusted || event.target.localName != "button")
       return;
 
     var ot = event.originalTarget;
     var errorDoc = ot.ownerDocument;
 
     // If the event came from an ssl error page, it is probably either the "Add
     // Exception…" or "Get me out of here!" button
     if (/^about:certerror/.test(errorDoc.documentURI)) {
@@ -4075,16 +4069,17 @@ var XULBrowserWindow = {
     return this.onProgressChange(aWebProgress, aRequest,
       aCurSelfProgress, aMaxSelfProgress, aCurTotalProgress,
       aMaxTotalProgress);
   },
 
   onStateChange: function (aWebProgress, aRequest, aStateFlags, aStatus) {
     const nsIWebProgressListener = Ci.nsIWebProgressListener;
     const nsIChannel = Ci.nsIChannel;
+
     if (aStateFlags & nsIWebProgressListener.STATE_START &&
         aStateFlags & nsIWebProgressListener.STATE_IS_NETWORK) {
 
       if (aRequest && aWebProgress.DOMWindow == content)
         this.startDocumentLoad(aRequest);
 
       this.isBusy = true;
 
@@ -4521,27 +4516,43 @@ var CombinedStopReload = {
     if (this._timer) {
       clearTimeout(this._timer);
       this._timer = 0;
     }
   }
 };
 
 var TabsProgressListener = {
+  onStateChange: function (aBrowser, aWebProgress, aRequest, aStateFlags, aStatus) {
 #ifdef MOZ_CRASHREPORTER
-  onStateChange: function (aBrowser, aWebProgress, aRequest, aStateFlags, aStatus) {
     if (aRequest instanceof Ci.nsIChannel &&
         aStateFlags & Ci.nsIWebProgressListener.STATE_START &&
         aStateFlags & Ci.nsIWebProgressListener.STATE_IS_DOCUMENT &&
         gCrashReporter.enabled) {
       gCrashReporter.annotateCrashReport("URL", aRequest.URI.spec);
     }
-  },
 #endif
 
+    // Attach a listener to watch for "click" events bubbling up from error
+    // pages and other similar page. This lets us fix bugs like 401575 which
+    // require error page UI to do privileged things, without letting error
+    // pages have any privilege themselves.
+    // We can't look for this during onLocationChange since at that point the
+    // document URI is not yet the about:-uri of the error page.
+
+    if (aStateFlags & Ci.nsIWebProgressListener.STATE_STOP &&
+        /^about:/.test(aBrowser.contentWindow.document.documentURI)) {
+      aBrowser.addEventListener("click", BrowserOnClick, false);
+      aBrowser.addEventListener("pagehide", function () {
+        aBrowser.removeEventListener("click", BrowserOnClick, false);
+        aBrowser.removeEventListener("pagehide", arguments.callee, true);
+      }, true);
+    }
+  },
+
   onLocationChange: function (aBrowser, aWebProgress, aRequest, aLocationURI) {
     // Filter out any sub-frame loads
     if (aBrowser.contentWindow == aWebProgress.DOMWindow)
       FullZoom.onLocationChange(aLocationURI, false, aBrowser);
   },
 
   onRefreshAttempted: function (aBrowser, aWebProgress, aURI, aDelay, aSameURI) {
     if (gPrefService.getBoolPref("accessibility.blockautorefresh")) {
--- a/browser/components/certerror/content/aboutCertError.xhtml
+++ b/browser/components/certerror/content/aboutCertError.xhtml
@@ -241,33 +241,33 @@
           <p id="introContentP1">&certerror.introPara1;</p>
           <p>&certerror.introPara2;</p>
         </div>
         
         <div id="whatShouldIDoContent">
           <h2>&certerror.whatShouldIDo.heading;</h2>
           <div id="whatShouldIDoContentText">
             <p>&certerror.whatShouldIDo.content;</p>
-            <xul:button xmlns:xul='http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul' id='getMeOutOfHereButton' label='&certerror.getMeOutOfHere.label;'/>
+            <button id='getMeOutOfHereButton'>&certerror.getMeOutOfHere.label;</button>
           </div>
         </div>
         
         <!-- The following sections can be unhidden by default by setting the
              "browser.xul.error_pages.expert_bad_cert" pref to true -->
         <div id="technicalContent" collapsed="true">
           <h2 onclick="toggle('technicalContent');" id="technicalContentHeading">&certerror.technical.heading;</h2>
           <p id="technicalContentText"/>
         </div>
         
         <div id="expertContent" collapsed="true">
           <h2 onclick="toggle('expertContent');" id="expertContentHeading">&certerror.expert.heading;</h2>
           <div>
             <p>&certerror.expert.content;</p>
             <p>&certerror.expert.contentPara2;</p>
-            <xul:button xmlns:xul='http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul' id='exceptionDialogButton' label='&certerror.addException.label;'/>
+            <button id='exceptionDialogButton'>&certerror.addException.label;</button>
           </div>
         </div>
       </div>
     </div>
 
     <!--
     - Note: It is important to run the script this way, instead of using
     - an onload handler. This is because error pages are loaded as
--- a/browser/components/privatebrowsing/content/aboutPrivateBrowsing.xhtml
+++ b/browser/components/privatebrowsing/content/aboutPrivateBrowsing.xhtml
@@ -140,19 +140,19 @@
 
         <!-- Long Description -->
         <div id="errorLongDesc">
           <p id="errorLongDescText">&privatebrowsingpage.description;</p>
         </div>
 
         <!-- Start Private Browsing -->
         <div id="startPrivateBrowsingDesc" class="showNormal">
-          <button xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
-                  id="startPrivateBrowsing" label="&privatebrowsingpage.startPrivateBrowsing.label;"
-                  accesskey="&privatebrowsingpage.startPrivateBrowsing.accesskey;"/>
+          <button id="startPrivateBrowsing"
+                  accesskey="&privatebrowsingpage.startPrivateBrowsing.accesskey;"
+                  >&privatebrowsingpage.startPrivateBrowsing.label;</button>
         </div>
 
         <!-- Footer -->
         <div id="footerDesc">
           <p id="footerText" class="showPrivate">&privatebrowsingpage.howToStop;</p>
           <p id="footerTextNormal" class="showNormal">&privatebrowsingpage.howToStart;</p>
         </div>
 
--- a/browser/components/safebrowsing/content/blockedSite.xhtml
+++ b/browser/components/safebrowsing/content/blockedSite.xhtml
@@ -207,25 +207,22 @@
         <div id="errorLongDesc">
           <p id="errorLongDescText_phishing">&safeb.blocked.phishingPage.longDesc;</p>
           <p id="errorLongDescText_malware">&safeb.blocked.malwarePage.longDesc;</p>
         </div>
         
         <!-- Action buttons -->
         <div id="buttons">
           <!-- Commands handled in browser.js -->
-          <xul:button xmlns:xul="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
-                      id="getMeOutButton" label="&safeb.palm.accept.label;"/>
-          <xul:button xmlns:xul="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
-                      id="reportButton" label="&safeb.palm.reportPage.label;"/>
+          <button id="getMeOutButton">&safeb.palm.accept.label;</button>
+          <button id="reportButton">&safeb.palm.reportPage.label;</button>
         </div>
       </div>
       <div id="ignoreWarning">
-        <xul:button xmlns:xul="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
-                    id="ignoreWarningButton" label="&safeb.palm.decline.label;"/>
+        <button id="ignoreWarningButton">&safeb.palm.decline.label;</button>
       </div>
     </div>
     <!--
     - Note: It is important to run the script this way, instead of using
     - an onload handler. This is because error pages are loaded as
     - LOAD_BACKGROUND, which means that onload handlers will not be executed.
     -->
     <script type="application/javascript">initPage();</script>
--- a/browser/components/safebrowsing/content/test/browser_bug400731.js
+++ b/browser/components/safebrowsing/content/test/browser_bug400731.js
@@ -14,27 +14,27 @@ function test() {
 function testMalware() {
   window.removeEventListener("DOMContentLoaded", testMalware, true);
 
   // Confirm that "Ignore this warning" is visible - bug 422410
   var el = content.document.getElementById("ignoreWarningButton");
   ok(el, "Ignore warning button should be present for malware");
   
   var style = content.getComputedStyle(el, null);
-  is(style.display, "-moz-box", "Ignore Warning button should be display:-moz-box for malware");
+  is(style.display, "inline", "Ignore Warning button should be display:inline for malware");
   
   // Now launch the phishing test
   window.addEventListener("DOMContentLoaded", testPhishing, true);
   content.location = "http://www.mozilla.com/firefox/its-a-trap.html";
 }
 
 function testPhishing() {
   window.removeEventListener("DOMContentLoaded", testPhishing, true);
   
   var el = content.document.getElementById("ignoreWarningButton");
   ok(el, "Ignore warning button should be present for phishing");
   
   var style = content.getComputedStyle(el, null);
-  is(style.display, "-moz-box", "Ignore Warning button should be display:-moz-box for phishing");
+  is(style.display, "inline", "Ignore Warning button should be display:inline for phishing");
   
   gBrowser.removeCurrentTab();
   finish();
 }
--- a/browser/locales/en-US/chrome/overrides/netError.dtd
+++ b/browser/locales/en-US/chrome/overrides/netError.dtd
@@ -173,11 +173,11 @@ be temporary, and you can try again late
 <!-- LOCALIZATION NOTE (securityOverride.warningText) - Do not translate the
 contents of the <xul:button> tags.  The only language content is the label= field,
 which uses strings already defined above. The button is included here (instead of
 netError.xhtml) because it exposes functionality specific to firefox. -->
 
 <!ENTITY securityOverride.warningText "
 <p>You should not add an exception if you are using an internet connection that you do not trust completely or if you are not used to seeing a warning for this server.</p>
 
-<xul:button xmlns:xul='http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul' id='getMeOutOfHereButton' label='&securityOverride.getMeOutOfHereButton;'/>
-<xul:button xmlns:xul='http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul' id='exceptionDialogButton' label='&securityOverride.exceptionButtonLabel;'/>
+<button id='getMeOutOfHereButton'>&securityOverride.getMeOutOfHereButton;</button>
+<button id='exceptionDialogButton'>&securityOverride.exceptionButtonLabel;</button>
 ">
--- a/docshell/resources/content/netError.xhtml
+++ b/docshell/resources/content/netError.xhtml
@@ -369,18 +369,17 @@
              error types.  -->
         <div id="securityOverrideDiv">
           <a id="securityOverrideLink" href="javascript:showSecuritySection();" >&securityOverride.linkText;</a>
           <div id="securityOverrideContent" style="display: none;">&securityOverride.warningText;</div>
         </div>
       </div>
 
       <!-- Retry Button -->
-      <xul:button xmlns:xul="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
-                  id="errorTryAgain" label="&retry.label;" oncommand="retryThis(this);" />
+      <button id="errorTryAgain" onclick="retryThis(this);">&retry.label;</button>
 
     </div>
 
     <!--
     - Note: It is important to run the script this way, instead of using
     - an onload handler. This is because error pages are loaded as
     - LOAD_BACKGROUND, which means that onload handlers will not be executed.
     -->