Bug 623482 - Present error page when someone tries to access remote XUL. r+a=sicking
authorMounir Lamouri <mounir.lamouri@gmail.com>
Fri, 14 Jan 2011 16:33:57 +0100
changeset 60516 b023a8c82f97b1fcd0f0880bfca19c1f0effa0d8
parent 60515 bd51bbe882144ad0626a04bfd8279c3ca321fbdf
child 60517 e23b4fe4e09ce67c38d940af2dfc77f4aba16ae8
push id18031
push usermlamouri@mozilla.com
push dateFri, 14 Jan 2011 15:48:20 +0000
treeherdermozilla-central@e23b4fe4e09c [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
bugs623482
milestone2.0b10pre
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 623482 - Present error page when someone tries to access remote XUL. r+a=sicking
docshell/base/nsDSURIContentListener.cpp
docshell/base/nsDocShell.cpp
docshell/resources/content/netError.xhtml
layout/build/nsContentDLF.cpp
netwerk/base/public/nsNetError.h
--- a/docshell/base/nsDSURIContentListener.cpp
+++ b/docshell/base/nsDSURIContentListener.cpp
@@ -141,16 +141,22 @@ nsDSURIContentListener::DoContent(const 
     {
         // XXX: Why does this not stop the content too?
         mDocShell->Stop(nsIWebNavigation::STOP_NETWORK);
 
         mDocShell->SetLoadType(aIsContentPreferred ? LOAD_LINK : LOAD_NORMAL);
     }
 
     rv = mDocShell->CreateContentViewer(aContentType, request, aContentHandler);
+
+    if (rv == NS_ERROR_REMOTE_XUL) {
+      request->Cancel(rv);
+      return NS_OK;
+    }
+
     if (NS_FAILED(rv)) {
        // it's okay if we don't know how to handle the content   
         return NS_OK;
     }
 
     if (loadFlags & nsIChannel::LOAD_RETARGETED_DOCUMENT_URI) {
         nsCOMPtr<nsIDOMWindowInternal> domWindow = do_GetInterface(static_cast<nsIDocShell*>(mDocShell));
         NS_ENSURE_TRUE(domWindow, NS_ERROR_FAILURE);
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -3917,16 +3917,46 @@ nsDocShell::DisplayLoadError(nsresult aE
         case NS_ERROR_PROXY_CONNECTION_REFUSED:
             // Proxy connection was refused.
             error.AssignLiteral("proxyConnectFailure");
             break;
         case NS_ERROR_INVALID_CONTENT_ENCODING:
             // Bad Content Encoding.
             error.AssignLiteral("contentEncodingError");
             break;
+        case NS_ERROR_REMOTE_XUL:
+        {
+            error.AssignLiteral("remoteXUL");
+
+            /**
+             * We want to set an hardcoded messageStr which uses the
+             * brandShortName.
+             */
+            nsCOMPtr<nsIStringBundleService> stringBundleService =
+                mozilla::services::GetStringBundleService();
+            if (!stringBundleService) {
+                return NS_ERROR_FAILURE;
+            }
+
+            nsCOMPtr<nsIStringBundle> brandBundle;
+            rv = stringBundleService->CreateBundle(kBrandBundleURL,
+                                                   getter_AddRefs(brandBundle));
+            NS_ENSURE_SUCCESS(rv, rv);
+
+            nsXPIDLString brandName;
+            rv = brandBundle->GetStringFromName(NS_LITERAL_STRING("brandShortName").get(),
+                                                getter_Copies(brandName));
+
+            // We could use something like nsTextFormatter::smprintf.
+            messageStr.AssignLiteral("This page uses an unsupported technology "
+                                     "that is no longer available in ");
+            messageStr.Append(brandName);
+            messageStr.AppendLiteral(".");
+            break;
+        }
         case NS_ERROR_UNSAFE_CONTENT_TYPE:
             // Channel refused to load from an unrecognized content type.
             error.AssignLiteral("unsafeContentType");
             break;
         }
     }
 
     // Test if the error should be displayed
@@ -6248,16 +6278,17 @@ nsDocShell::EndPageLoad(nsIWebProgress *
         else if (aStatus == NS_ERROR_NET_TIMEOUT ||
                  aStatus == NS_ERROR_REDIRECT_LOOP ||
                  aStatus == NS_ERROR_UNKNOWN_SOCKET_TYPE ||
                  aStatus == NS_ERROR_NET_INTERRUPT ||
                  aStatus == NS_ERROR_NET_RESET ||
                  aStatus == NS_ERROR_MALWARE_URI ||
                  aStatus == NS_ERROR_PHISHING_URI ||
                  aStatus == NS_ERROR_UNSAFE_CONTENT_TYPE ||
+                 aStatus == NS_ERROR_REMOTE_XUL ||
                  NS_ERROR_GET_MODULE(aStatus) == NS_ERROR_MODULE_SECURITY) {
             DisplayLoadError(aStatus, url, nsnull, aChannel);
         }
         else if (aStatus == NS_ERROR_DOCUMENT_NOT_CACHED) {
             /* A document that was requested to be fetched *only* from
              * the cache is not in cache. May be this is one of those 
              * postdata results. Throw a  dialog to the user,
              * saying that the page has expired from cache and ask if 
@@ -7287,17 +7318,17 @@ nsDocShell::CreateContentViewer(const ch
     NS_ASSERTION(mLoadGroup, "Someone ignored return from Init()?");
 
     // Instantiate the content viewer object
     nsCOMPtr<nsIContentViewer> viewer;
     nsresult rv = NewContentViewerObj(aContentType, request, mLoadGroup,
                                       aContentHandler, getter_AddRefs(viewer));
 
     if (NS_FAILED(rv))
-        return NS_ERROR_FAILURE;
+        return rv;
 
     // Notify the current document that it is about to be unloaded!!
     //
     // It is important to fire the unload() notification *before* any state
     // is changed within the DocShell - otherwise, javascript will get the
     // wrong information :-(
     //
 
@@ -7469,24 +7500,24 @@ nsDocShell::NewContentViewerObj(const ch
     nsCOMPtr<nsIDocumentLoaderFactory> docLoaderFactory =
         cutils->FindInternalContentViewer(aContentType);
     if (!docLoaderFactory) {
         return NS_ERROR_FAILURE;
     }
 
     // Now create an instance of the content viewer
     // nsLayoutDLF makes the determination if it should be a "view-source" instead of "view"
-    NS_ENSURE_SUCCESS(docLoaderFactory->CreateInstance("view",
-                                                       aOpenedChannel,
-                                                       aLoadGroup, aContentType,
-                                                       static_cast<nsIContentViewerContainer*>(this),
-                                                       nsnull,
-                                                       aContentHandler,
-                                                       aViewer),
-                      NS_ERROR_FAILURE);
+    nsresult rv = docLoaderFactory->CreateInstance("view",
+                                                   aOpenedChannel,
+                                                   aLoadGroup, aContentType,
+                                                   static_cast<nsIContentViewerContainer*>(this),
+                                                   nsnull,
+                                                   aContentHandler,
+                                                   aViewer);
+    NS_ENSURE_SUCCESS(rv, rv);
 
     (*aViewer)->SetContainer(static_cast<nsIContentViewerContainer *>(this));
     return NS_OK;
 }
 
 NS_IMETHODIMP
 nsDocShell::SetupNewViewer(nsIContentViewer * aNewViewer)
 {
--- a/docshell/resources/content/netError.xhtml
+++ b/docshell/resources/content/netError.xhtml
@@ -181,16 +181,22 @@
           faviconParent.removeChild(favicon);
           favicon.setAttribute("href", "chrome://global/skin/icons/" + className + "_favicon.png");
           faviconParent.appendChild(favicon);
         }
         if (className == "expertBadCert") {
           showSecuritySection();
         }
 
+        if (err == "remoteXUL") {
+          // Remove the "Try again" button for remote XUL errors given that
+          // it is useless.
+          document.getElementById("errorTryAgain").style.display = "none";
+        }
+
         if (err == "cspFrameAncestorBlocked") {
           // Remove the "Try again" button for CSP frame ancestors violation, since it's
           // almost certainly useless. (Bug 553180)
           document.getElementById("errorTryAgain").style.display = "none";
         }
 
         if (err == "nssBadCert") {
           // Remove the "Try again" button for security exceptions, since it's
@@ -317,16 +323,17 @@
         <h1 id="et_proxyResolveFailure">&proxyResolveFailure.title;</h1>
         <h1 id="et_proxyConnectFailure">&proxyConnectFailure.title;</h1>
         <h1 id="et_contentEncodingError">&contentEncodingError.title;</h1>
         <h1 id="et_unsafeContentType">&unsafeContentType.title;</h1>
         <h1 id="et_nssFailure2">&nssFailure2.title;</h1>
         <h1 id="et_nssBadCert">&nssBadCert.title;</h1>
         <h1 id="et_malwareBlocked">&malwareBlocked.title;</h1>
         <h1 id="et_cspFrameAncestorBlocked">&cspFrameAncestorBlocked.title;</h1>
+        <h1 id="et_remoteXUL">Remote XUL</h1>
       </div>
       <div id="errorDescriptionsContainer">
         <div id="ed_generic">&generic.longDesc;</div>
         <div id="ed_dnsNotFound">&dnsNotFound.longDesc;</div>
         <div id="ed_fileNotFound">&fileNotFound.longDesc;</div>
         <div id="ed_malformedURI">&malformedURI.longDesc;</div>
         <div id="ed_protocolNotFound">&protocolNotFound.longDesc;</div>
         <div id="ed_connectionFailure">&connectionFailure.longDesc;</div>
@@ -340,16 +347,17 @@
         <div id="ed_proxyResolveFailure">&proxyResolveFailure.longDesc;</div>
         <div id="ed_proxyConnectFailure">&proxyConnectFailure.longDesc;</div>
         <div id="ed_contentEncodingError">&contentEncodingError.longDesc;</div>
         <div id="ed_unsafeContentType">&unsafeContentType.longDesc;</div>
         <div id="ed_nssFailure2">&nssFailure2.longDesc;</div>
         <div id="ed_nssBadCert">&nssBadCert.longDesc2;</div>
         <div id="ed_malwareBlocked">&malwareBlocked.longDesc;</div>
         <div id="ed_cspFrameAncestorBlocked">&cspFrameAncestorBlocked.longDesc;</div>
+        <div id="ed_remoteXUL"><ul><li>Please contact the website owners to inform them of this problem.</li></ul></div>
       </div>
     </div>
 
     <!-- PAGE CONTAINER (for styling purposes only) -->
     <div id="errorPageContainer">
     
       <!-- Error Title -->
       <div id="errorTitle">
--- a/layout/build/nsContentDLF.cpp
+++ b/layout/build/nsContentDLF.cpp
@@ -276,18 +276,21 @@ nsContentDLF::CreateInstance(const char*
                             aContainer, kSVGDocumentCID,
                             aDocListener, aDocViewer);
     }
   }
 
   // Try XUL
   typeIndex = 0;
   while (gXULTypes[typeIndex]) {
-    if (0 == PL_strcmp(gXULTypes[typeIndex++], aContentType) &&
-        MayUseXULXBL(aChannel)) {
+    if (0 == PL_strcmp(gXULTypes[typeIndex++], aContentType)) {
+      if (!MayUseXULXBL(aChannel)) {
+        return NS_ERROR_REMOTE_XUL;
+      }
+
       return CreateXULDocument(aCommand,
                                aChannel, aLoadGroup,
                                aContentType, aContainer,
                                aExtraInfo, aDocListener, aDocViewer);
     }
   }
 
 #ifdef MOZ_MEDIA
--- a/netwerk/base/public/nsNetError.h
+++ b/netwerk/base/public/nsNetError.h
@@ -235,16 +235,24 @@
 /**
  * The request failed because the content type returned by the server was
  * not a type expected by the channel (for nested channels such as the JAR
  * channel).
  */
 #define NS_ERROR_UNSAFE_CONTENT_TYPE \
     NS_ERROR_GENERATE_FAILURE(NS_ERROR_MODULE_NETWORK, 74)
 
+/**
+ * The request failed because the user tried to access to a remote XUL document
+ * from a website that is not in its white-list.
+ */
+#define NS_ERROR_REMOTE_XUL \
+    NS_ERROR_GENERATE_FAILURE(NS_ERROR_MODULE_NETWORK, 75)
+
+
 /******************************************************************************
  * FTP specific error codes:
  *
  * XXX document me
  */
 
 #define NS_ERROR_FTP_LOGIN \
     NS_ERROR_GENERATE_FAILURE(NS_ERROR_MODULE_NETWORK, 21)