Bug 1559578 - Part 2: Port Bug 1375277 - Add support for the POTENTIALLY_HARMFUL_APPLICATION threat type. r=frg
authorIan Neal <iann_cvs@blueyonder.co.uk>
Sun, 16 Jun 2019 14:04:04 +0200
changeset 35874 b7482b535da0b44f5031208975f099f16cc2a2d7
parent 35873 d9d310226b372604de7584ce11aa3f5c18acc863
child 35875 0a5868fe98d9ad6bec9922ae6d5d0e1a33203227
push id392
push userclokep@gmail.com
push dateMon, 02 Sep 2019 20:17:19 +0000
reviewersfrg
bugs1559578, 1375277
Bug 1559578 - Part 2: Port Bug 1375277 - Add support for the POTENTIALLY_HARMFUL_APPLICATION threat type. r=frg
suite/base/content/blockedSite.js
suite/base/content/blockedSite.xhtml
suite/base/content/utilityOverlay.js
suite/locales/en-US/chrome/common/safeBrowsing.dtd
--- a/suite/base/content/blockedSite.js
+++ b/suite/base/content/blockedSite.js
@@ -79,16 +79,19 @@ function initPage()
       error = "malware";
       break;
     case "deceptiveBlocked":
       error = "phishing";
       break;
     case "unwantedBlocked":
       error = "unwanted";
       break;
+    case "harmfulBlocked":
+      error = "harmful";
+      break;
     default:
       return;
   }
 
   if (error != "malware") {
     deleteElement("errorTitleText_malware");
     deleteElement("errorShortDescText_malware");
     deleteElement("errorLongDescText_malware");
@@ -101,16 +104,22 @@ function initPage()
   }
 
   if (error != "unwanted") {
     deleteElement("errorTitleText_unwanted");
     deleteElement("errorShortDescText_unwanted");
     deleteElement("errorLongDescText_unwanted");
   }
 
+  if (error != "harmful") {
+    deleteElement("errorTitleText_harmful");
+    deleteElement("errorShortDescText_harmful");
+    deleteElement("errorLongDescText_harmful");
+  }
+
   // Set sitename
   document.getElementById(error + "_sitename").textContent = getHostString();
   document.title = document.getElementById("errorTitleText_" + error)
                            .innerHTML;
 
   if (!getOverride())
     deleteElement("ignoreWarningButton");
 }
--- a/suite/base/content/blockedSite.xhtml
+++ b/suite/base/content/blockedSite.xhtml
@@ -26,32 +26,35 @@
   <body dir="&locale.dir;">
     <div id="errorPageContainer">
 
       <!-- Error Title -->
       <div id="errorTitle">
         <h1 id="errorTitleText_phishing">&safeb.blocked.phishingPage.title2;</h1>
         <h1 id="errorTitleText_malware">&safeb.blocked.malwarePage.title;</h1>
         <h1 id="errorTitleText_unwanted">&safeb.blocked.unwantedPage.title;</h1>
+        <h1 id="errorTitleText_harmful">&safeb.blocked.harmfulPage.title;</h1>
       </div>
 
       <div id="errorLongContent">
 
         <!-- Short Description -->
         <div id="errorShortDesc">
           <p id="errorShortDescText_phishing">&safeb.blocked.phishingPage.shortDesc2;</p>
           <p id="errorShortDescText_malware">&safeb.blocked.malwarePage.shortDesc;</p>
           <p id="errorShortDescText_unwanted">&safeb.blocked.unwantedPage.shortDesc;</p>
+          <p id="errorShortDescText_harmful">&safeb.blocked.harmfulPage.shortDesc;</p>
         </div>
 
         <!-- Long Description -->
         <div id="errorLongDesc">
           <p id="errorLongDescText_phishing">&safeb.blocked.phishingPage.longDesc2;</p>
           <p id="errorLongDescText_malware">&safeb.blocked.malwarePage.longDesc;</p>
           <p id="errorLongDescText_unwanted">&safeb.blocked.unwantedPage.longDesc;</p>
+          <p id="errorLongDescText_harmful">&safeb.blocked.harmfulPage.longDesc;</p>
         </div>
 
         <!-- Action buttons -->
         <div id="buttons">
           <!-- Commands handled in utilityOverlay.js -->
           <span id="getMeOutOfHereButton"
                 class="button"
                 label="&safeb.palm.accept.label;"/>
--- a/suite/base/content/utilityOverlay.js
+++ b/suite/base/content/utilityOverlay.js
@@ -1148,16 +1148,18 @@ function BrowserOnCommand(event)
     // First check whether the reason, so that we can
     // use the right strings/links
     let reason = "phishing";
 
     if (/e=malwareBlocked/.test(docURI)) {
       reason = "malware";
     } else if (/e=unwantedBlocked/.test(docURI)) {
       reason = "unwanted";
+    } else if (/e=harmfulBlocked/.test(docURI)) {
+      reason = "harmful";
     }
 
     let docShell = ownerDoc.defaultView
                            .QueryInterface(Ci.nsIInterfaceRequestor)
                            .getInterface(Ci.nsIWebNavigation)
                            .QueryInterface(Ci.nsIDocShell);
     let blockedInfo = {};
     if (docShell.failedChannel) {
--- a/suite/locales/en-US/chrome/common/safeBrowsing.dtd
+++ b/suite/locales/en-US/chrome/common/safeBrowsing.dtd
@@ -16,13 +16,18 @@
 <!ENTITY safeb.blocked.unwantedPage.shortDesc "This web page at <span id='unwanted_sitename'/> has been reported to contain unwanted software and has been blocked based on your security preferences.">
 <!ENTITY safeb.blocked.unwantedPage.longDesc "<p>Unwanted software pages try to install software that can be deceptive and affect your system in unexpected ways.</p>">
 
 <!ENTITY safeb.blocked.phishingPage.title2 "Deceptive Site!">
 <!-- Localization note (safeb.blocked.phishingPage.shortDesc2) - Please don't translate the contents of the <span id="phishing_sitename"/> tag. It will be replaced at runtime with a domain name (e.g. www.badsite.com) -->
 <!ENTITY safeb.blocked.phishingPage.shortDesc2 "This web page at <span id='phishing_sitename'/> has been reported as a deceptive site and has been blocked based on your security preferences.">
 <!ENTITY safeb.blocked.phishingPage.longDesc2 "<p>Deceptive sites are designed to trick you into doing something dangerous, like installing software, or revealing your personal information, like passwords, phone numbers or credit cards.</p><p>Entering any information on this web page may result in identity theft or other fraud.</p>">
 
+<!ENTITY safeb.blocked.harmfulPage.title "The site ahead may contain malware">
+<!-- Localization note (safeb.blocked.harmfulPage.shortDesc) - Please don't translate the contents of the <span id="harmful_sitename"/> tag. It will be replaced at runtime with a domain name (e.g. www.badsite.com) -->
+<!ENTITY safeb.blocked.harmfulPage.shortDesc "&brandShortName; blocked the web page at <span id='harmful_sitename'/> because it might try to install dangerous apps that steal or delete your information (for example, photos, passwords, messages and credit cards).">
+<!ENTITY safeb.blocked.harmfulPage.longDesc "">
+
 <!-- Localization note (reportDeceptiveSite, notADeceptiveSite) - The two button strings will never be shown at the same time, so it's okay for them to have the same access key. -->
 <!ENTITY reportDeceptiveSite.label "Report deceptive site…">
 <!ENTITY reportDeceptiveSite.accesskey "d">
 <!ENTITY notADeceptiveSite.label "This isn't a deceptive site…">
 <!ENTITY notADeceptiveSite.accesskey "d">