Bug 1597228 - move 'get me out of here' logic to shared place and make toolkit-safe, r=dimi

Differential Revision: https://phabricator.services.mozilla.com/D238762
2025-02-24 15:30:42 +00:00
parent d7fff069d3
commit 6b3212de9b
6 changed files with 52 additions and 117 deletions
--- a/browser/actors/BlockedSiteParent.sys.mjs
+++ b/browser/actors/BlockedSiteParent.sys.mjs
@@ -3,6 +3,8 @@
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

+import { EscapablePageParent } from "resource://gre/actors/NetErrorParent.sys.mjs";
+
 let lazy = {};

 ChromeUtils.defineESModuleGetters(lazy, {
@@ -108,7 +110,7 @@ SafeBrowsingNotificationBox.prototype.QueryInterface = ChromeUtils.generateQI([
  "nsISupportsWeakReference",
 ]);

-export class BlockedSiteParent extends JSWindowActorParent {
+export class BlockedSiteParent extends EscapablePageParent {
  receiveMessage(msg) {
    switch (msg.name) {
      case "Browser:SiteBlockedError":
@@ -154,7 +156,7 @@ export class BlockedSiteParent extends JSWindowActorParent {
            nsISecTel[bucketName + "GET_ME_OUT_OF_HERE"]
          );
        }
-        browser.ownerGlobal.getMeOutOfHere(this.browsingContext);
+        this.leaveErrorPage(browser, /* Never go back */ false);
        break;
      case "ignore_warning_link":
        if (Services.prefs.getBoolPref("browser.safebrowsing.allowOverride")) {
@@ -194,8 +196,9 @@ export class BlockedSiteParent extends JSWindowActorParent {
        accessKey: lazy.browserBundle.GetStringFromName(
          "safebrowsing.getMeOutOfHereButton.accessKey"
        ),
-        callback() {
-          browsingContext.topChromeWindow.getMeOutOfHere(browsingContext);
+        callback: () => {
+          let browser = browsingContext.top.embedderElement;
+          this.leaveErrorPage(browser, /* Never go back */ false);
        },
      },
    ];
--- a/browser/base/content/browser.js
+++ b/browser/base/content/browser.js
@@ -1526,36 +1526,6 @@ function PageProxyClickHandler(aEvent) {
  }
 }

-/**
- * Re-direct the browser to a known-safe page.  This function is
- * used when, for example, the user browses to a known malware page
- * and is presented with about:blocked.  The "Get me out of here!"
- * button should take the user to the default start page so that even
- * when their own homepage is infected, we can get them somewhere safe.
- */
-function getMeOutOfHere(browsingContext) {
-  browsingContext.top.fixupAndLoadURIString(getDefaultHomePage(), {
-    triggeringPrincipal: Services.scriptSecurityManager.getSystemPrincipal(), // Also needs to load homepage
-  });
-}
-
-/**
- * Return the default start page for the cases when the user's own homepage is
- * infected, so we can get them somewhere safe.
- */
-function getDefaultHomePage() {
-  let url = BROWSER_NEW_TAB_URL;
-  if (PrivateBrowsingUtils.isWindowPrivate(window)) {
-    return url;
-  }
-  url = HomePage.getDefault();
-  // If url is a pipe-delimited set of pages, just take the first one.
-  if (url.includes("|")) {
-    url = url.split("|")[0];
-  }
-  return url;
-}
-
 var browserDragAndDrop = {
  canDropLink: aEvent => Services.droppedLinkHandler.canDropLink(aEvent, true),

--- a/browser/base/content/browser.js.globals
+++ b/browser/base/content/browser.js.globals
@@ -39,8 +39,6 @@
  "UpdateUrlbarSearchSplitterState",
  "UpdatePopupNotificationsVisibility",
  "PageProxyClickHandler",
-  "getMeOutOfHere",
-  "getDefaultHomePage",
  "browserDragAndDrop",
  "homeButtonObserver",
  "openHomeDialog",
--- a/browser/modules/HomePage.sys.mjs
+++ b/browser/modules/HomePage.sys.mjs
@@ -133,6 +133,17 @@ export let HomePage = {
    return homePages;
  },

+  getForErrorPage(win) {
+    if (lazy.PrivateBrowsingUtils.isWindowPrivate(win)) {
+      return win.BROWSER_NEW_TAB_URL;
+    }
+    let url = this.get(win);
+    if (url.includes("|")) {
+      url = url.split("|")[0];
+    }
+    return url;
+  },
+
  /**
   * @returns {string}
   *   Returns the application default homepage.
--- a/toolkit/actors/AboutHttpsOnlyErrorParent.sys.mjs
+++ b/toolkit/actors/AboutHttpsOnlyErrorParent.sys.mjs
@@ -2,10 +2,9 @@
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

-import { HomePage } from "resource:///modules/HomePage.sys.mjs";
-import { PrivateBrowsingUtils } from "resource://gre/modules/PrivateBrowsingUtils.sys.mjs";
+import { EscapablePageParent } from "resource://gre/actors/NetErrorParent.sys.mjs";

-export class AboutHttpsOnlyErrorParent extends JSWindowActorParent {
+export class AboutHttpsOnlyErrorParent extends EscapablePageParent {
  get browser() {
    return this.browsingContext.top.embedderElement;
  }
@@ -13,36 +12,8 @@ export class AboutHttpsOnlyErrorParent extends JSWindowActorParent {
  receiveMessage(aMessage) {
    switch (aMessage.name) {
      case "goBack":
-        this.goBackFromErrorPage(this.browser);
+        this.leaveErrorPage(this.browser);
        break;
    }
  }
-
-  goBackFromErrorPage(aBrowser) {
-    if (!aBrowser.canGoBack) {
-      // If the unsafe page is the first or the only one in history, go to the
-      // start page.
-      aBrowser.fixupAndLoadURIString(
-        this.getDefaultHomePage(aBrowser.ownerGlobal),
-        {
-          triggeringPrincipal:
-            Services.scriptSecurityManager.getSystemPrincipal(),
-        }
-      );
-    } else {
-      aBrowser.goBack();
-    }
-  }
-
-  getDefaultHomePage(win) {
-    if (PrivateBrowsingUtils.isWindowPrivate(win)) {
-      return win.BROWSER_NEW_TAB_URL || "about:blank";
-    }
-    let url = HomePage.getDefault();
-    // If url is a pipe-delimited set of pages, just take the first one.
-    if (url.includes("|")) {
-      url = url.split("|")[0];
-    }
-    return url;
-  }
 }
--- a/toolkit/actors/NetErrorParent.sys.mjs
+++ b/toolkit/actors/NetErrorParent.sys.mjs
@@ -5,8 +5,6 @@

 import { AppConstants } from "resource://gre/modules/AppConstants.sys.mjs";

-import { PrivateBrowsingUtils } from "resource://gre/modules/PrivateBrowsingUtils.sys.mjs";
-
 const PREF_SSL_IMPACT_ROOTS = [
  "security.tls.version.",
  "security.ssl3.",
@@ -44,7 +42,36 @@ class CaptivePortalObserver {
  }
 }

-export class NetErrorParent extends JSWindowActorParent {
+export class EscapablePageParent extends JSWindowActorParent {
+  /**
+   * Re-direct the browser to the previous page or a known-safe page if no
+   * previous page is found in history.  This function is used when the user
+   * browses to a secure page with certificate issues and is presented with
+   * about:certerror.  The "Go Back" button should take the user to the previous
+   * or a default start page so that even when their own homepage is on a server
+   * that has certificate errors, we can get them somewhere safe.
+   */
+  leaveErrorPage(browser, allowGoingBack = true) {
+    if (!browser.canGoBack || !allowGoingBack) {
+      // If the unsafe page is the first or the only one in history, we need to
+      // go somewhere:
+      let safePage = "about:blank";
+
+      // Ideally we use the homepage...
+      if (AppConstants.MOZ_BUILD_APP == "browser") {
+        safePage = lazy.HomePage.getForErrorPage(browser.ownerGlobal);
+      }
+      browser.fixupAndLoadURIString(safePage, {
+        triggeringPrincipal:
+          Services.scriptSecurityManager.getSystemPrincipal(),
+      });
+    } else {
+      browser.goBack();
+    }
+  }
+}
+
+export class NetErrorParent extends EscapablePageParent {
  constructor() {
    super();
    this.captivePortalObserver = new CaptivePortalObserver(this);
@@ -73,51 +100,6 @@ export class NetErrorParent extends JSWindowActorParent {
    return false;
  }

-  /**
-   * Return the default start page for the cases when the user's own homepage is
-   * infected, so we can get them somewhere safe.
-   */
-  getDefaultHomePage(win) {
-    let url;
-    if (
-      !PrivateBrowsingUtils.isWindowPrivate(win) &&
-      AppConstants.MOZ_BUILD_APP == "browser"
-    ) {
-      url = lazy.HomePage.getDefault();
-    }
-    url ||= win.BROWSER_NEW_TAB_URL || "about:blank";
-
-    // If url is a pipe-delimited set of pages, just take the first one.
-    if (url.includes("|")) {
-      url = url.split("|")[0];
-    }
-    return url;
-  }
-
-  /**
-   * Re-direct the browser to the previous page or a known-safe page if no
-   * previous page is found in history.  This function is used when the user
-   * browses to a secure page with certificate issues and is presented with
-   * about:certerror.  The "Go Back" button should take the user to the previous
-   * or a default start page so that even when their own homepage is on a server
-   * that has certificate errors, we can get them somewhere safe.
-   */
-  goBackFromErrorPage(browser) {
-    if (!browser.canGoBack) {
-      // If the unsafe page is the first or the only one in history, go to the
-      // start page.
-      browser.fixupAndLoadURIString(
-        this.getDefaultHomePage(browser.ownerGlobal),
-        {
-          triggeringPrincipal:
-            Services.scriptSecurityManager.getSystemPrincipal(),
-        }
-      );
-    } else {
-      browser.goBack();
-    }
-  }
-
  /**
   * This function does a canary request to a reliable, maintained endpoint, in
   * order to help network code detect a system-wide man-in-the-middle.
@@ -241,7 +223,7 @@ export class NetErrorParent extends JSWindowActorParent {
        this.browser.reload();
        break;
      case "Browser:SSLErrorGoBack":
-        this.goBackFromErrorPage(this.browser);
+        this.leaveErrorPage(this.browser);
        break;
      case "GetChangedCertPrefs":
        let hasChangedCertPrefs = this.hasChangedCertPrefs();