You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

196 lines
6.9 KiB

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html [
<!ENTITY % htmlDTD PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "DTD/xhtml1-strict.dtd">
<!ENTITY % globalDTD SYSTEM "chrome://global/locale/global.dtd">
<!ENTITY % brandDTD SYSTEM "chrome://branding/locale/brand.dtd" >
<!ENTITY % blockedSiteDTD SYSTEM "chrome://browser/locale/safebrowsing/phishing-afterload-warning-message.dtd">
<!-- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this
- file, You can obtain one at -->
<html xmlns="" class="blacklist">
<link rel="stylesheet" href="chrome://browser/skin/blockedSite.css" type="text/css" media="all" />
<link rel="icon" type="image/png" id="favicon" href="chrome://global/skin/icons/blacklist_favicon.png"/>
<script type="application/javascript"><![CDATA[
// Error url MUST be formatted like this:
// about:blocked?e=error_code&u=url(&o=1)?
// (o=1 when user overrides are allowed)
// Note that this file uses document.documentURI to get
// the URL (with the format from above). This is because
// document.location.href gets the current URI off the docshell,
// which is the URL displayed in the location bar, i.e.
// the URI that the user attempted to load.
function getErrorCode()
var url = document.documentURI;
var error =\=/);
var duffUrl =\&u\=/);
return decodeURIComponent(url.slice(error + 2, duffUrl));
function getURL()
var url = document.documentURI;
var match = url.match(/&u=([^&]+)&/);
// match == null if not found; if so, return an empty string
// instead of what would turn out to be portions of the URI
if (!match)
return "";
url = decodeURIComponent(match[1]);
// If this is a view-source page, then get then real URI of the page
if (url.startsWith("view-source:"))
url = url.slice(12);
return url;
* Check whether this warning page should be overridable or whether
* the "ignore warning" button should be hidden.
function getOverride()
var url = document.documentURI;
var match = url.match(/&o=1&/);
return !!match;
* Attempt to get the hostname via document.location. Fail back
* to getURL so that we always return something meaningful.
function getHostString()
try {
return document.location.hostname;
} catch (e) {
return getURL();
function initPage()
var error = "";
switch (getErrorCode()) {
case "malwareBlocked" :
error = "malware";
case "deceptiveBlocked" :
error = "phishing";
case "unwantedBlocked" :
error = "unwanted";
var el;
if (error !== "malware") {
el = document.getElementById("errorTitleText_malware");
el = document.getElementById("errorShortDescText_malware");
el = document.getElementById("errorLongDescText_malware");
if (error !== "phishing") {
el = document.getElementById("errorTitleText_phishing");
el = document.getElementById("errorShortDescText_phishing");
el = document.getElementById("errorLongDescText_phishing");
if (error !== "unwanted") {
el = document.getElementById("errorTitleText_unwanted");
el = document.getElementById("errorShortDescText_unwanted");
el = document.getElementById("errorLongDescText_unwanted");
// Set sitename
document.getElementById(error + "_sitename").textContent = getHostString();
document.title = document.getElementById("errorTitleText_" + error)
if (!getOverride()) {
var btn = document.getElementById("ignoreWarningButton");
if (btn) {
// Inform the test harness that we're done loading the page
var event = new CustomEvent("AboutBlockedLoaded");
<body dir="&locale.dir;">
<div id="errorPageContainer" class="container">
<!-- Error Title -->
<div id="errorTitle" class="title">
<h1 class="title-text" id="errorTitleText_phishing">&safeb.blocked.phishingPage.title2;</h1>
<h1 class="title-text" id="errorTitleText_malware">&safeb.blocked.malwarePage.title;</h1>
<h1 class="title-text" id="errorTitleText_unwanted">&safeb.blocked.unwantedPage.title;</h1>
<div id="errorLongContent">
<!-- Short Description -->
<div id="errorShortDesc">
<p id="errorShortDescText_phishing">&safeb.blocked.phishingPage.shortDesc2;</p>
<p id="errorShortDescText_malware">&safeb.blocked.malwarePage.shortDesc;</p>
<p id="errorShortDescText_unwanted">&safeb.blocked.unwantedPage.shortDesc;</p>
<!-- Long Description -->
<div id="errorLongDesc">
<p id="errorLongDescText_phishing">&safeb.blocked.phishingPage.longDesc2;</p>
<p id="errorLongDescText_malware">&safeb.blocked.malwarePage.longDesc;</p>
<p id="errorLongDescText_unwanted">&safeb.blocked.unwantedPage.longDesc;</p>
<!-- Action buttons -->
<div id="buttons" class="button-container">
<!-- Commands handled in browser.js -->
<button id="getMeOutButton" class="primary">&safeb.palm.accept.label;</button>
<div class="button-spacer"></div>
<button id="reportButton">&safeb.palm.reportPage.label;</button>
<div id="ignoreWarning">
<button id="ignoreWarningButton">&safeb.palm.decline.label;</button>
- Note: It is important to run the script this way, instead of using
- an onload handler. This is because error pages are loaded as
- LOAD_BACKGROUND, which means that onload handlers will not be executed.
<script type="application/javascript">