GitLab

at 2024-11-25T15:21:36+01:00

Bug 1836921 - Improve dialogs  a=dmeehan

Original Revision: https://phabricator.services.mozilla.com/D226961

Differential Revision: https://phabricator.services.mozilla.com/D228842
Bug 1909396 - Remove HTTPS-Only exception button in iframes r=freddyb,fluent-reviewers

Rationale for this can be read in Bug 1909396, but the main reason is that the iframe will get blocked regardless by mixed content blocking.

Differential Revision: https://phabricator.services.mozilla.com/D220257
Bug 1776646 - Support EXTRA_IS_SENSITIVE for clipboard. r=geckoview-reviewers,owlish

When nsITransferable.isPrivateData is true, such as coping password or
private mode, we should set EXTRA_IS_SENSITIVE to ClipData.

AndroidJunit test runner doesn't often get `ClipDescription.extras`
from clipboard service in test runner. So we cannot write a unit test
using AndroidJUnit test runner.

Differential Revision: https://phabricator.services.mozilla.com/D225326
Bug 1914797 - Part 1 + 2 + partial backout (details below)

Bug 1914797 - Part 1 - Revert bug 1868469 r=android-reviewers,jonalmeida, a=dmeehan

Differential Revision: https://phabricator.services.mozilla.com/D226431

Bug 1914797 - Part 2 - Add url change during onPageStart for slow loading sites r=android-reviewers,jonalmeida, a=dmeehan

Differential Revision: https://phabricator.services.mozilla.com/D226432

Backed out 1 changesets (bug 1914797) for causing Bug 1929028

Backed out changeset a79554879d7b (bug 1914797)

     return IPC_FAIL(this, "HTTPS-only mode: Illegal state");

   }

-  // If the error page is within an iFrame, we create an exception for whatever

-  // scheme the top-level site is currently on, because the user wants to

-  // unbreak the iFrame and not the top-level page. When the error page shows up

-  // on a top-level request, then we replace the scheme with http, because the

-  // user wants to unbreak the whole page.

+  // We replace the scheme with http, because the user wants to unbreak the

+  // whole page.

   nsCOMPtr<nsIURI> newURI;

-  if (!BrowsingContext()->IsTop()) {

-    newURI = innerURI;

-  } else {

-    Unused << NS_MutateURI(innerURI).SetScheme("http"_ns).Finalize(

-        getter_AddRefs(newURI));

-  }

+  Unused << NS_MutateURI(innerURI).SetScheme("http"_ns).Finalize(

+      getter_AddRefs(newURI));

   OriginAttributes originAttributes =

       TopWindowContext()->DocumentPrincipal()->OriginAttributesRef();

 ["browser_httpsonly_speculative_connect.js"]

 support-files = ["file_httpsonly_speculative_connect.html"]

+["browser_iframe_buttons.js"]

+support-files = ["file_iframe_buttons.html"]

+

 ["browser_iframe_test.js"]

 skip-if = [

   "os == 'linux' && bits == 64", # Bug 1735565

+/* Any copyright is dedicated to the Public Domain.

+   https://creativecommons.org/publicdomain/zero/1.0/ */

+

+"use strict";

+

+// Ensure the buttons at the buttom of the HTTPS-Only error page do not get

+// displayed in an iframe (Bug 1909396).

+

+add_task(async function test_iframe_buttons() {

+  await BrowserTestUtils.withNewTab(

+    "https://example.com/browser/dom/security/test/https-only/file_iframe_buttons.html",

+    async function (browser) {

+      await SpecialPowers.pushPrefEnv({

+        set: [["dom.security.https_only_mode", true]],

+      });

+

+      await SpecialPowers.spawn(browser, [], async function () {

+        const iframe = content.document.getElementById("iframe");

+        // eslint-disable-next-line @microsoft/sdl/no-insecure-url

+        iframe.src = "http://nocert.example.com";

+

+        await ContentTaskUtils.waitForCondition(

+          () => iframe.contentWindow.document.readyState === "interactive",

+          "Iframe error page should have loaded"

+        );

+

+        ok(

+          !!iframe.contentWindow.document.getElementById("explanation-iframe"),

+          "#explanation-iframe should exist"

+        );

+

+        is(

+          iframe.contentWindow.document

+            .getElementById("explanation-iframe")

+            .getAttribute("hidden"),

+          null,

+          "#explanation-iframe should not be hidden"

+        );

+

+        for (const id of ["explanation-continue", "goBack", "openInsecure"]) {

+          is(

+            iframe.contentWindow.document.getElementById(id),

+            null,

+            `#${id} should have been removed`

+          );

+        }

+      });

+    }

+  );

+});
+<!DOCTYPE html>

+<html lang="en">

+<head>

+  <meta charset="UTF-8">

+</head>

+<body>

+  <iframe id="iframe" frameborder="0"></iframe>

+</body>

+</html>
 import androidx.annotation.StyleRes

 import androidx.annotation.VisibleForTesting

 import androidx.appcompat.app.AlertDialog

+import mozilla.components.support.ktx.util.PromptAbuserDetector

 import mozilla.components.ui.widgets.withCenterAlignedButtons

 /**

  */

 class SimpleRedirectDialogFragment : RedirectDialogFragment() {

+    @VisibleForTesting

+    internal var promptAbuserDetector =

+        PromptAbuserDetector(maxSuccessiveDialogSecondsLimit = TIME_SHOWN_OFFSET_SECONDS)

+

     @VisibleForTesting

     internal var testingContext: Context? = null

             return if (themeID == 0) AlertDialog.Builder(context) else AlertDialog.Builder(context, themeID)

         }

+        promptAbuserDetector.updateJSDialogAbusedState()

+

         return with(requireBundle()) {

             val dialogTitleText = getInt(KEY_TITLE_TEXT, R.string.mozac_feature_applinks_normal_confirm_dialog_title)

             val dialogMessageString = getString(KEY_MESSAGE_STRING, "")

             val themeResId = getInt(KEY_THEME_ID, 0)

             val cancelable = getBoolean(KEY_CANCELABLE, false)

-            getBuilder(themeResId)

+            val dialog = getBuilder(themeResId)

                 .setTitle(dialogTitleText)

                 .setMessage(dialogMessageString)

-                .setPositiveButton(positiveButtonText) { _, _ ->

-                    onConfirmRedirect()

-                }

+                .setPositiveButton(positiveButtonText) { _, _ -> }

                 .setNegativeButton(negativeButtonText) { _, _ ->

                     onCancelRedirect()

                 }

                 .setCancelable(cancelable)

                 .create()

-                .withCenterAlignedButtons()

+

+            dialog.withCenterAlignedButtons()

+            dialog.setOnShowListener {

+                val okButton = dialog.getButton(AlertDialog.BUTTON_POSITIVE)

+                okButton.setOnClickListener {

+                    if (promptAbuserDetector.areDialogsBeingAbused()) {

+                        promptAbuserDetector.updateJSDialogAbusedState()

+                    } else {

+                        onConfirmRedirect()

+                        dialog.dismiss()

+                    }

+                }

+            }

+            dialog

         }

     }

         const val KEY_THEME_ID = "KEY_THEME_ID"

         const val KEY_CANCELABLE = "KEY_CANCELABLE"

+        private const val TIME_SHOWN_OFFSET_SECONDS = 1

     }

     private fun requireBundle(): Bundle {

 import mozilla.components.support.test.robolectric.testContext

 import org.junit.Assert.assertFalse

 import org.junit.Assert.assertTrue

+import org.junit.Ignore

 import org.junit.Test

 import org.junit.runner.RunWith

 import org.mockito.Mockito.doNothing

     private val themeResId = appcompatR.style.Theme_AppCompat_Light

     @Test

+    @Ignore("This will be addressed in another follow up ticket")

     fun `Dialog confirmed callback is called correctly`() {

         var onConfirmCalled = false

         var onCancelCalled = false

         assertFalse(onCancelCalled)

     }

+    @Suppress("unused")

     private fun mockFragmentManager(): FragmentManager {

         val fragmentManager: FragmentManager = mock()

         val transaction: FragmentTransaction = mock()

 package mozilla.components.feature.session

-import mozilla.components.browser.state.action.ContentAction

 import mozilla.components.browser.state.action.CrashAction

 import mozilla.components.browser.state.action.EngineAction

 import mozilla.components.browser.state.action.LastAccessAction

                     flags = flags,

                     additionalHeaders = additionalHeaders,

                 )

-                // Update the url in content immediately until the engine updates with any new changes to the state.

-                store.dispatch(

-                    ContentAction.UpdateUrlAction(

-                        loadSessionId,

-                        url,

-                    ),

-                )

                 store.dispatch(

                     EngineAction.OptimizedLoadUrlTriggeredAction(

                         loadSessionId,

 import mozilla.components.browser.state.action.TabListAction

 import mozilla.components.browser.state.engine.EngineMiddleware

 import mozilla.components.browser.state.selector.findTab

-import mozilla.components.browser.state.selector.selectedTab

 import mozilla.components.browser.state.state.BrowserState

 import mozilla.components.browser.state.state.TabSessionState

 import mozilla.components.browser.state.state.createCustomTab

             assertEquals("mozilla", action.tabId)

             assertEquals("https://getpocket.com", action.url)

         }

-        assertEquals("https://getpocket.com", store.state.selectedTab?.content?.url)

         useCases.loadUrl("https://www.mozilla.org", LoadUrlFlags.select(LoadUrlFlags.EXTERNAL))

         store.waitUntilIdle()

             assertEquals("https://www.mozilla.org", action.url)

             assertEquals(LoadUrlFlags.select(LoadUrlFlags.EXTERNAL), action.flags)

         }

-        assertEquals("https://www.mozilla.org", store.state.selectedTab?.content?.url)

         useCases.loadUrl("https://firefox.com", store.state.selectedTabId)

         store.waitUntilIdle()

             assertEquals("mozilla", action.tabId)

             assertEquals("https://firefox.com", action.url)

         }

-        assertEquals("https://firefox.com", store.state.selectedTab?.content?.url)

         useCases.loadUrl.invoke(

             "https://developer.mozilla.org",

 * **feature-customtabs**

   * Fallback behaviour when failing to open a new window in custom tab will now be loading the URL directly in the same custom tab. [Bug 1832357](https://bugzilla.mozilla.org/show_bug.cgi?id=1832357)

-* **feature-session**

-  * Update URL in the store immediately when using the optimized load URL code path.

-

 * **tooling-lint**

   * Added a lint rule to detect when `Response#close` may not have been called. Note: Currently, this rule only runs on Android Components.

             verifyPageContent(tabCrashMessage)

         }.openTabDrawer(activityTestRule) {

             verifyExistingOpenTabs(firstWebPage.title)

-            verifyExistingOpenTabs("about:crashcontent")

+            verifyExistingOpenTabs(secondWebPage.title)

         }.closeTabDrawer {

         }.goToHomescreen {

             verifyExistingTopSitesList()

 import android.content.Context;

 import android.content.res.AssetFileDescriptor;

 import android.os.Build;

+import android.os.PersistableBundle;

 import android.text.TextUtils;

 import android.util.Log;

 import java.io.ByteArrayOutputStream;

    * @return true if copy is successful.

    */

   @WrapForJNI(calledFrom = "gecko")

-  public static boolean setText(final Context context, final CharSequence text) {

-    return setData(context, ClipData.newPlainText("text", text));

+  public static boolean setText(

+      final Context context, final CharSequence text, final boolean isPrivateData) {

+    return setData(context, ClipData.newPlainText("text", text), isPrivateData);

   }

   /**

    */

   @WrapForJNI(calledFrom = "gecko")

   private static boolean setHTML(

-      final Context context, final CharSequence text, final String htmlText) {

-    return setData(context, ClipData.newHtmlText("html", text, htmlText));

+      final Context context,

+      final CharSequence text,

+      final String htmlText,

+      final boolean isPrivateData) {

+    return setData(context, ClipData.newHtmlText("html", text, htmlText), isPrivateData);

   }

   /**

    * @param clipData a {@link android.content.ClipData} to set to clipboard

    * @return true if copy is successful.

    */

-  private static boolean setData(final Context context, final ClipData clipData) {

+  private static boolean setData(

+      final Context context, final ClipData clipData, final boolean isPrivateData) {

     // In API Level 11 and above, CLIPBOARD_SERVICE returns android.content.ClipboardManager,

     // which is a subclass of android.text.ClipboardManager.

     final ClipboardManager cm =

         (ClipboardManager) context.getSystemService(Context.CLIPBOARD_SERVICE);

+    if (isPrivateData && Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {

+      final PersistableBundle extras = new PersistableBundle();

+      extras.putBoolean(ClipDescription.EXTRA_IS_SENSITIVE, true);

+      clipData.getDescription().setExtras(extras);

+    }

     try {

       cm.setPrimaryClip(clipData);

     } catch (final NullPointerException e) {

   @WrapForJNI(calledFrom = "gecko")

   private static void clear(final Context context) {

     if (Build.VERSION.SDK_INT <= Build.VERSION_CODES.P) {

-      setText(context, null);

+      setText(context, null, false);

       return;

     }

     // Although we don't know more details of https://crbug.com/1203377, Blink doesn't use

   private ExtractedTextRequest mUpdateRequest;

   private final InputConnection mKeyInputConnection;

   private CursorAnchorInfo.Builder mCursorAnchorInfoBuilder;

+  private boolean mIsPrivateBrowsing;

   public static SessionTextInput.InputConnectionClient create(

       final GeckoSession session,

         // If selection is empty, we'll select everything

         if (selStart == selEnd) {

           // Fill the clipboard

-          Clipboard.setText(view.getContext(), editable);

+          Clipboard.setText(view.getContext(), editable, mIsPrivateBrowsing);

           editable.clear();

         } else {

           Clipboard.setText(

               view.getContext(),

-              editable.subSequence(Math.min(selStart, selEnd), Math.max(selStart, selEnd)));

+              editable.subSequence(Math.min(selStart, selEnd), Math.max(selStart, selEnd)),

+              mIsPrivateBrowsing);

           editable.delete(selStart, selEnd);

         }

         break;

                 : editable

                     .toString()

                     .substring(Math.min(selStart, selEnd), Math.max(selStart, selEnd));

-        Clipboard.setText(view.getContext(), copiedText);

+        Clipboard.setText(view.getContext(), copiedText, mIsPrivateBrowsing);

         break;

     }

     return true;

       outAttrs.imeOptions |= EditorInfo.IME_FLAG_NO_EXTRACT_UI | EditorInfo.IME_FLAG_NO_FULLSCREEN;

     }

+    mIsPrivateBrowsing =

+        ((outAttrs.imeOptions & InputMethods.IME_FLAG_NO_PERSONALIZED_LEARNING) != 0);

+

     if (DEBUG) {

       Log.d(

           LOGTAG,

           inert

         ></button>

       </div>

+

+      <p id="explanation-iframe" hidden>

+        <span data-l10n-id="about-httpsonly-explanation-iframe"></span>

+        <a

+          id="mixedContentLearnMoreLink"

+          target="_blank"

+          data-l10n-id="about-httpsonly-link-learn-more"

+        ></a>

+      </p>

+

       <div class="suggestion-box" hidden>

         <h2 data-l10n-id="about-httpsonly-suggestion-box-header"></h2>

       </div>

   document

     .getElementById("learnMoreLink")

     .setAttribute("href", baseSupportURL + "https-only-prefs");

+  document

+    .getElementById("mixedContentLearnMoreLink")

+    .setAttribute("href", baseSupportURL + "mixed-content");

+

+  const isTopLevel = window.top == window;

+  if (!isTopLevel) {

+    for (const id of ["explanation-continue", "goBack", "openInsecure"]) {

+      document.getElementById(id).remove();

+    }

+    document.getElementById("explanation-iframe").removeAttribute("hidden");

+    return;

+  }

   document

     .getElementById("openInsecure")

     .addEventListener("click", onOpenInsecureButtonClick);

+  document

+    .getElementById("goBack")

+    .addEventListener("click", onReturnButtonClick);

   const delay = RPMGetIntPref("security.dialog_enable_delay", 1000);

   setTimeout(() => {

     document.getElementById("openInsecure").removeAttribute("inert");

   }, delay);

-  if (window.top == window) {

-    document

-      .getElementById("goBack")

-      .addEventListener("click", onReturnButtonClick);

-    addAutofocus("#goBack", "beforeend");

-  } else {

-    document.getElementById("goBack").remove();

-  }

+  addAutofocus("#goBack", "beforeend");

-  const isTopLevel = window.top == window;

   const hasWWWPrefix = pageUrl.href.startsWith("https://www.");

-  if (isTopLevel && !hasWWWPrefix) {

+  if (!hasWWWPrefix) {

     // HTTPS-Only generally simply replaces http: with https:;

     // here we additionally try to add www and see if that allows to upgrade the connection if it is top level

 about-httpsonly-explanation-nosupport = Most likely, the website simply does not support HTTPS.

 about-httpsonly-explanation-risk = It’s also possible that an attacker is involved. If you decide to visit the website, you should not enter any sensitive information like passwords, emails, or credit card details.

 about-httpsonly-explanation-continue = If you continue, HTTPS-Only Mode will be turned off temporarily for this site.

+about-httpsonly-explanation-iframe = Due to mixed content blocking, it is not possible to manually allow this frame to load.

 about-httpsonly-button-continue-to-site = Continue to HTTP Site

 about-httpsonly-button-go-back = Go Back

     return rv;

   }

+  bool isPrivate = aTransferable->GetIsPrivateData();

+

   if (!html.IsEmpty() &&

       java::Clipboard::SetHTML(java::GeckoAppShell::GetApplicationContext(),

-                               text, html)) {

+                               text, html, isPrivate)) {

     return NS_OK;

   }

   if (!text.IsEmpty() &&

       java::Clipboard::SetText(java::GeckoAppShell::GetApplicationContext(),

-                               text)) {

+                               text, isPrivate)) {

     return NS_OK;

   }

ma1 pushed to branch mullvad-browser-128.5.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser

Commits:

16 changed files:

Changes:

@@ -12,6 +12,7 @@ about-httpsonly-explanation-question = What could be causing this?
  about-httpsonly-explanation-nosupport = Most likely, the website simply does not support HTTPS.
  about-httpsonly-explanation-risk = It’s also possible that an attacker is involved. If you decide to visit the website, you should not enter any sensitive information like passwords, emails, or credit card details.
  about-httpsonly-explanation-continue = If you continue, HTTPS-Only Mode will be turned off temporarily for this site.
 +about-httpsonly-explanation-iframe = Due to mixed content blocking, it is not possible to manually allow this frame to load.
  about-httpsonly-button-continue-to-site = Continue to HTTP Site
  about-httpsonly-button-go-back = Go Back