Bug 1429176 - Prevent access to about:support draft
authorKirk Steuber <ksteuber@mozilla.com>
Thu, 11 Jan 2018 15:55:43 -0800
changeset 721868 512b3e935a735c0dd5274663157cd7e8ab1d2471
parent 721867 47977979705dd3a954703e19419b9180c7bd5968
child 746461 a0c4cc862c43a292cd43689ec88f984dfc082fc5
push id95976
push userksteuber@mozilla.com
push dateThu, 18 Jan 2018 00:25:45 +0000
bugs1429176
milestone59.0a1
Bug 1429176 - Prevent access to about:support Additionally removes the UI entry points for about:support. MozReview-Commit-ID: 70GQKkSYb6y
browser/base/content/utilityOverlay.js
browser/components/enterprisepolicies/Policies.jsm
browser/components/enterprisepolicies/schemas/policies.json
browser/components/enterprisepolicies/tests/browser/browser.ini
browser/components/enterprisepolicies/tests/browser/browser_policy_block_about_support.js
browser/components/enterprisepolicies/tests/browser/config_block_about_support.json
toolkit/components/aboutmemory/content/aboutMemory.js
--- a/browser/base/content/utilityOverlay.js
+++ b/browser/base/content/utilityOverlay.js
@@ -832,16 +832,20 @@ function openTourPage() {
   openUILinkIn(scope.UITour.url, "tab");
 }
 
 function buildHelpMenu() {
   // Enable/disable the "Report Web Forgery" menu item.
   if (typeof gSafeBrowsing != "undefined") {
     gSafeBrowsing.setReportPhishingMenu();
   }
+
+  if (!Services.policies.isAllowed("about:support")) {
+    document.getElementById("troubleShooting").disabled = true;
+  }
 }
 
 function isElementVisible(aElement) {
   if (!aElement)
     return false;
 
   // If aElement or a direct or indirect parent is hidden or collapsed,
   // height, width or both will be 0.
--- a/browser/components/enterprisepolicies/Policies.jsm
+++ b/browser/components/enterprisepolicies/Policies.jsm
@@ -46,16 +46,24 @@ this.Policies = {
   "block_about_profiles": {
     onBeforeUIStartup(manager, param) {
       if (param == true) {
         manager.disallowFeature("about:profiles", true);
       }
     }
   },
 
+  "block_about_support": {
+    onBeforeUIStartup(manager, param) {
+      if (param == true) {
+        manager.disallowFeature("about:support", true);
+      }
+    }
+  },
+
   "block_devtools": {
     onProfileAfterChange(manager, param) {
       if (param == true) {
         manager.disallowFeature("devtools");
       }
     }
   },
 
--- a/browser/components/enterprisepolicies/schemas/policies.json
+++ b/browser/components/enterprisepolicies/schemas/policies.json
@@ -13,16 +13,24 @@
     "block_about_profiles": {
       "description": "Blocks access to the about:profiles page.",
       "first_available": "59.0",
 
       "type": "boolean",
       "enum": [true]
     },
 
+    "block_about_support": {
+      "description": "Blocks access to the about:support page.",
+      "first_available": "59.0",
+
+      "type": "boolean",
+      "enum": [true]
+    },
+
     "block_devtools": {
       "description": "Blocks access to the developer tools.",
       "first_available": "59.0",
 
       "type": "boolean",
       "enum": [true]
     },
 
--- a/browser/components/enterprisepolicies/tests/browser/browser.ini
+++ b/browser/components/enterprisepolicies/tests/browser/browser.ini
@@ -2,14 +2,16 @@
 prefs =
   browser.policies.enabled=true
 support-files =
   head.js
   config_simple_policies.json
   config_broken_json.json
   config_block_about_config.json
   config_block_about_profiles.json
+  config_block_about_support.json
 
 [browser_policies_broken_json.js]
 [browser_policies_simple_policies.js]
 [browser_policies_validate_and_parse_API.js]
 [browser_policy_block_about_config.js]
 [browser_policy_block_about_profiles.js]
+[browser_policy_block_about_support.js]
new file mode 100644
--- /dev/null
+++ b/browser/components/enterprisepolicies/tests/browser/browser_policy_block_about_support.js
@@ -0,0 +1,56 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+"use strict";
+
+add_task(async function setup() {
+  await setupPolicyEngineWithJson("config_block_about_support.json");
+});
+
+add_task(async function test_about_support() {
+  let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, "about:support", false);
+
+  await ContentTask.spawn(tab.linkedBrowser, null, async function() {
+    ok(content.document.documentURI.startsWith("about:neterror"),
+       "about:support should display the net error page");
+
+    // There is currently a testing-specific race condition that causes this test
+    // to fail, but it is not a problem if we test after the first page load.
+    // Until the race condition is fixed, just make sure to test this *after*
+    // testing the page load.
+    is(Services.policies.isAllowed("about:support"), false,
+       "Policy Engine should report about:support as not allowed");
+  });
+
+  await BrowserTestUtils.removeTab(tab);
+});
+
+add_task(async function test_about_support_ui_entry_about_memory() {
+  let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, "about:memory", false);
+
+  await ContentTask.spawn(tab.linkedBrowser, null, async function() {
+    let anchors = Array.from(content.document.getElementsByTagName("a"));
+    let supportAnchors = anchors.filter(anchor => anchor.href == "about:support");
+    is(supportAnchors.length, 0,
+       "about:support links should be absent from about:memory");
+  });
+
+  await BrowserTestUtils.removeTab(tab);
+});
+
+add_task(async function test_about_support_ui_entry_help_menu() {
+  // The Troubleshooting button is not disabled until the help menu is opened.
+  // Open it now so we can make sure the button got disabled properly.
+  let helpMenu = document.getElementById("menu_HelpPopup");
+  let promiseMenuOpen = BrowserTestUtils.waitForEvent(helpMenu, "popupshown");
+  helpMenu.openPopup();
+  await promiseMenuOpen;
+  let promiseMenuClosed = BrowserTestUtils.waitForEvent(helpMenu, "popuphidden");
+  helpMenu.hidePopup();
+  await promiseMenuClosed;
+
+  let troubleshootButton = document.getElementById("troubleShooting");
+  is(troubleshootButton.disabled, true,
+     "The \"Help->Troubleshooting Information\" menu item should be disabled");
+});
new file mode 100644
--- /dev/null
+++ b/browser/components/enterprisepolicies/tests/browser/config_block_about_support.json
@@ -0,0 +1,5 @@
+{
+  "policies": {
+    "block_about_support": true
+  }
+}
--- a/toolkit/components/aboutmemory/content/aboutMemory.js
+++ b/toolkit/components/aboutmemory/content/aboutMemory.js
@@ -385,19 +385,21 @@ function onLoad() {
 
   gMain = appendElement(document.body, "div", "");
   gMain.id = "mainDiv";
 
   // Generate the footer.  It's hidden at first.
 
   gFooter = appendElement(document.body, "div", "ancillary hidden");
 
-  let a = appendElementWithText(gFooter, "a", "option",
-                                "Troubleshooting information");
-  a.href = "about:support";
+  if (Services.policies.isAllowed("about:support")) {
+    let a = appendElementWithText(gFooter, "a", "option",
+                                  "Troubleshooting information");
+    a.href = "about:support";
+  }
 
   let legendText1 = "Click on a non-leaf node in a tree to expand ('++') " +
                     "or collapse ('--') its children.";
   let legendText2 = "Hover the pointer over the name of a memory report " +
                     "to see a description of what it measures.";
 
   appendElementWithText(gFooter, "div", "legend", legendText1);
   appendElementWithText(gFooter, "div", "legend hiddenOnMobile", legendText2);