commit b275ae9f845f8e3d8d693cc1d681cc96be80eb83 parent cc0321e7f4a0e3abf41d705f926cd2c33282b913 Author: agoloman <agoloman@mozilla.com> Date: Wed, 24 Dec 2025 19:28:54 +0200 Revert "Bug 2003587 - Pref security.certerrors.felt-privacy-v1 enabled by default - r=niklas,places-reviewers" for causing bc failures @browser_bug633691.js. This reverts commit 4fe8edd4e94f26b4c2c23b28a403d01b4d7aa6ff. Diffstat:
15 files changed, 66 insertions(+), 320 deletions(-)
diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js @@ -2912,7 +2912,7 @@ pref("browser.toolbars.bookmarks.showOtherBookmarks", true); // Felt Privacy pref to control simplified private browsing UI pref("browser.privatebrowsing.felt-privacy-v1", false); -pref("security.certerrors.felt-privacy-v1", true); +pref("security.certerrors.felt-privacy-v1", false); // Prefs to control the Firefox Account toolbar menu. // This pref will surface existing Firefox Account information diff --git a/browser/base/content/test/about/browser_aboutCertError_cca_telemetry.js b/browser/base/content/test/about/browser_aboutCertError_cca_telemetry.js @@ -45,10 +45,7 @@ async function checkTelemetry(expectedIssuedByCCA) { ]); } -async function test_cca_site(useFeltPrivacyV1) { - await SpecialPowers.pushPrefEnv({ - set: [["security.certerrors.felt-privacy-v1", useFeltPrivacyV1]], - }); +add_task(async function test_cca_site() { await resetTelemetry(); let browser; let pageLoaded; @@ -69,12 +66,9 @@ async function test_cca_site(useFeltPrivacyV1) { // Check that telemetry indicates this was issued by CCA. await checkTelemetry("true"); BrowserTestUtils.removeTab(gBrowser.selectedTab); -} +}); -async function test_non_cca_site(useFeltPrivacyV1) { - await SpecialPowers.pushPrefEnv({ - set: [["security.certerrors.felt-privacy-v1", useFeltPrivacyV1]], - }); +add_task(async function test_non_cca_site() { await resetTelemetry(); let browser; let pageLoaded; @@ -95,16 +89,4 @@ async function test_non_cca_site(useFeltPrivacyV1) { // Check that telemetry indicates this was not issued by CCA. await checkTelemetry("false"); BrowserTestUtils.removeTab(gBrowser.selectedTab); -} - -add_task(async function test_cca_sites() { - for (const useFeltPrivacyV1 of [true, false]) { - await test_cca_site(useFeltPrivacyV1); - } -}); - -add_task(async function test_non_cca_sites() { - for (const useFeltPrivacyV1 of [true, false]) { - await test_non_cca_site(useFeltPrivacyV1); - } }); diff --git a/browser/base/content/test/about/browser_aboutCertError_coep.js b/browser/base/content/test/about/browser_aboutCertError_coep.js @@ -10,8 +10,6 @@ add_task(async function test_coepError() { let browser; let pageLoaded; - await setSecurityCertErrorsFeltPrivacyToFalse(); - const uri = `${AUTH_ROUTE}?error=coep`; await BrowserTestUtils.openNewForegroundTab( diff --git a/browser/base/content/test/about/browser_aboutCertError_coop.js b/browser/base/content/test/about/browser_aboutCertError_coop.js @@ -29,7 +29,6 @@ function waitForNewTabAndErrorPage() { } add_task(async function test_coopError() { - await setSecurityCertErrorsFeltPrivacyToFalse(); let iframeTab = await BrowserTestUtils.openNewForegroundTab( gBrowser, `${AUTH_ROUTE}?error=coop` diff --git a/browser/base/content/test/about/browser_aboutCertError_mitm.js b/browser/base/content/test/about/browser_aboutCertError_mitm.js @@ -9,17 +9,16 @@ const PREF_MITM_CANARY_ISSUER = "security.pki.mitm_canary_issuer"; const PREF_MITM_AUTO_ENABLE_ENTERPRISE_ROOTS = "security.certerrors.mitm.auto_enable_enterprise_roots"; const PREF_ENTERPRISE_ROOTS = "security.enterprise_roots.enabled"; -const PREF_FELT_PRIV_V1 = "security.certerrors.felt-privacy-v1"; const UNKNOWN_ISSUER = "https://untrusted.example.com"; -async function checkMitmPriming(useFelt) { +// Check that basic MitM priming works and the MitM error page is displayed successfully. +add_task(async function checkMitmPriming() { await SpecialPowers.pushPrefEnv({ set: [ [PREF_MITM_PRIMING, true], [PREF_MITM_PRIMING_ENDPOINT, UNKNOWN_ISSUER], [PREF_ENTERPRISE_ROOTS, false], - [PREF_FELT_PRIV_V1, useFelt], ], }); @@ -89,18 +88,18 @@ async function checkMitmPriming(useFelt) { }); BrowserTestUtils.removeTab(gBrowser.selectedTab); - await SpecialPowers.clearUserPref(PREF_MITM_CANARY_ISSUER); - await SpecialPowers.flushPrefEnv(); -} -async function checkMitmAutoEnableEnterpriseRoots(useFelt) { + Services.prefs.clearUserPref(PREF_MITM_CANARY_ISSUER); +}); + +// Check that we set the enterprise roots pref correctly on MitM +add_task(async function checkMitmAutoEnableEnterpriseRoots() { await SpecialPowers.pushPrefEnv({ set: [ [PREF_MITM_PRIMING, true], [PREF_MITM_PRIMING_ENDPOINT, UNKNOWN_ISSUER], [PREF_MITM_AUTO_ENABLE_ENTERPRISE_ROOTS, true], [PREF_ENTERPRISE_ROOTS, false], - [PREF_FELT_PRIV_V1, !!useFelt], ], }); @@ -155,19 +154,6 @@ async function checkMitmAutoEnableEnterpriseRoots(useFelt) { ); BrowserTestUtils.removeTab(gBrowser.selectedTab); - await SpecialPowers.clearUserPref(PREF_MITM_CANARY_ISSUER); - await SpecialPowers.flushPrefEnv(); -} -// Check that basic MitM priming works and the MitM error page is displayed successfully. -add_task(async function runCheckMitmPriming() { - for (const useFelt of [true, false]) { - await checkMitmPriming(useFelt); - } -}); -// Check that we set the enterprise roots pref correctly on MitM -add_task(async function runCheckMitmAutoEnableEnterpriseRoots() { - for (const useFelt of [true, false]) { - await checkMitmAutoEnableEnterpriseRoots(useFelt); - } + Services.prefs.clearUserPref(PREF_MITM_CANARY_ISSUER); }); diff --git a/browser/base/content/test/about/browser_aboutCertError_noSubjectAltName.js b/browser/base/content/test/about/browser_aboutCertError_noSubjectAltName.js @@ -8,55 +8,34 @@ const BROWSER_NAME = document .getString("brandShortName"); const UNKNOWN_ISSUER = "https://no-subject-alt-name.example.com:443"; -const checkAdvancedAndGetTechnicalInfoText = async useFelt => { +const checkAdvancedAndGetTechnicalInfoText = async () => { let doc = content.document; - let badCertTechnicalInfo; - const netErrorCard = doc.querySelector("net-error-card")?.wrappedJSObject; - let advancedButton = useFelt - ? netErrorCard.advancedButton - : doc.getElementById("advancedButton"); + let advancedButton = doc.getElementById("advancedButton"); ok(advancedButton, "advancedButton found"); is( advancedButton.hasAttribute("disabled"), false, "advancedButton should be clickable" ); + advancedButton.click(); - if (useFelt) { - advancedButton.scrollIntoView(true); - EventUtils.synthesizeMouseAtCenter(advancedButton, {}, content); + let badCertAdvancedPanel = doc.getElementById("badCertAdvancedPanel"); + ok(badCertAdvancedPanel, "badCertAdvancedPanel found"); - await ContentTaskUtils.waitForCondition( - () => netErrorCard.advancedContainer, - "Advanced section should be rendered for revoked certificate" - ); - ok(netErrorCard.advancedContainer, "advancedContainer found"); - } else { - advancedButton.click(); - let badCertAdvancedPanel = doc.getElementById("badCertAdvancedPanel"); - ok(badCertAdvancedPanel, "badCertAdvancedPanel found"); - - badCertTechnicalInfo = doc.getElementById("badCertTechnicalInfo"); - ok(badCertTechnicalInfo, "badCertTechnicalInfo found"); - } + let badCertTechnicalInfo = doc.getElementById("badCertTechnicalInfo"); + ok(badCertTechnicalInfo, "badCertTechnicalInfo found"); // Wait until fluent sets the errorCode inner text. await ContentTaskUtils.waitForCondition(() => { - let errorCode = useFelt - ? netErrorCard.errorCode - : doc.getElementById("errorCode"); - return errorCode.textContent.includes("SSL_ERROR_BAD_CERT_DOMAIN"); + let errorCode = doc.getElementById("errorCode"); + return errorCode.textContent == "SSL_ERROR_BAD_CERT_DOMAIN"; }, "correct error code has been set inside the advanced button panel"); - let viewCertificate = useFelt - ? netErrorCard.viewCertificate - : doc.getElementById("viewCertificate"); + let viewCertificate = doc.getElementById("viewCertificate"); ok(viewCertificate, "viewCertificate found"); - return useFelt - ? netErrorCard.advancedContainer.innerHTML - : badCertTechnicalInfo.innerHTML; + return badCertTechnicalInfo.innerHTML; }; const checkCorrectMessages = message => { @@ -71,30 +50,7 @@ const checkCorrectMessages = message => { is(isWrongMessage, false, "That message shouldn't appear"); }; -const checkFeltCopy = () => { - const netErrorCard = - content.document.querySelector("net-error-card")?.wrappedJSObject; - Assert.equal( - netErrorCard.whyDangerous.dataset.l10nId, - "fp-certerror-bad-domain-why-dangerous-body", - "Using the 'bad domain' variant of the 'Why Dangerous' copy." - ); - Assert.equal( - netErrorCard.whatCanYouDo.dataset.l10nId, - "fp-certerror-bad-domain-what-can-you-do-body", - "Using the 'bad domain' variant of the 'What can you do' copy." - ); - Assert.equal( - netErrorCard.learnMoreLink.getAttribute("support-page"), - "connection-not-secure", - "'Learn more' link points to the standard support page." - ); -}; - -async function checkUntrustedCertError(useFelt) { - await SpecialPowers.pushPrefEnv({ - set: [["security.certerrors.felt-privacy-v1", useFelt]], - }); +add_task(async function checkUntrustedCertError() { info( `Loading ${UNKNOWN_ISSUER} which does not have a subject specified in the certificate` ); @@ -103,19 +59,9 @@ async function checkUntrustedCertError(useFelt) { info("Clicking the exceptionDialogButton in advanced panel"); let badCertTechnicalInfoText = await SpecialPowers.spawn( browser, - [useFelt], + [], checkAdvancedAndGetTechnicalInfoText ); - if (useFelt) { - await SpecialPowers.spawn(browser, [], checkFeltCopy); - } else { - checkCorrectMessages(badCertTechnicalInfoText, browser); - } + checkCorrectMessages(badCertTechnicalInfoText, browser); BrowserTestUtils.removeTab(gBrowser.selectedTab); -} - -add_task(async function runCheckUntrustedCertError() { - for (const useFelt of [true, false]) { - await checkUntrustedCertError(useFelt); - } }); diff --git a/browser/base/content/test/about/browser_aboutCertError_telemetry.js b/browser/base/content/test/about/browser_aboutCertError_telemetry.js @@ -3,17 +3,14 @@ "use strict"; -requestLongerTimeout(4); +requestLongerTimeout(2); const BAD_CERT = "https://expired.example.com/"; const BAD_STS_CERT = "https://badchain.include-subdomains.pinning.example.com:443"; -async function checkTelemetryClickEvents(useFelt) { +add_task(async function checkTelemetryClickEvents() { info("Loading a bad cert page and verifying telemetry click events arrive."); - await SpecialPowers.pushPrefEnv({ - set: [["security.certerrors.felt-privacy-v1", useFelt]], - }); let oldCanRecord = Services.telemetry.canRecordExtended; Services.telemetry.canRecordExtended = true; @@ -50,25 +47,13 @@ async function checkTelemetryClickEvents(useFelt) { "error_code_link", "clipboard_button_top", "clipboard_button_bot", + "return_button_top", ]; - const mapRecordObjectsFelt = { - advanced_button: "advancedButton", - learn_more_link: "learnMoreLink", - error_code_link: "errorCode", - clipboard_button_top: "copyButtonTop", - clipboard_button_bot: "copyButtonBot", - return_button_adv: "returnButton", - exception_button: "exceptionButton", - }; - recordedObjects.push("return_button_adv"); if (!useFrame) { recordedObjects.push("exception_button"); } - if (!useFelt) { - recordedObjects.push("return_button_top"); - } for (let object of recordedObjects) { let tab = await openErrorPage(BAD_CERT, useFrame); @@ -104,62 +89,17 @@ async function checkTelemetryClickEvents(useFelt) { bc = bc.children[0]; } - await SpecialPowers.spawn( - bc, - [object, useFelt, mapRecordObjectsFelt], - async function (objectId, use_felt, mapFelt) { - let doc = content.document; - - if (use_felt) { - const netErrorCard = - doc.querySelector("net-error-card").wrappedJSObject; - const advancedButton = netErrorCard.advancedButton; - if ( - !netErrorCard.advancedContainer && - objectId !== "advanced_button" - ) { - advancedButton.scrollIntoView(true); - EventUtils.synthesizeMouseAtCenter(advancedButton, {}, content); - - await ContentTaskUtils.waitForCondition( - () => netErrorCard.advancedContainer, - "Advanced section should be rendered for revoked certificate" - ); - } - if ( - ["clipboard_button_top", "clipboard_button_bot"].includes( - objectId - ) - ) { - netErrorCard.errorCode.click(); - await ContentTaskUtils.waitForCondition( - () => netErrorCard[mapFelt[objectId]], - "Wait for component to render." - ); - } - if (objectId === "exception_button") { - await ContentTaskUtils.waitForCondition( - () => - netErrorCard.exceptionButton && - !netErrorCard.exceptionButton.disabled, - "Wait for the exception button to be created." - ); - } - const el = netErrorCard[mapFelt[objectId]]; - el.scrollIntoView(true); - EventUtils.synthesizeMouseAtCenter(el, {}, content); - } else { - await ContentTaskUtils.waitForCondition( - () => doc.body.classList.contains("certerror"), - "Wait for certerror to be loaded" - ); - let domElement = doc.querySelector( - `[data-telemetry-id='${objectId}']` - ); - domElement.click(); - } - } - ); + await SpecialPowers.spawn(bc, [object], async function (objectId) { + let doc = content.document; + + await ContentTaskUtils.waitForCondition( + () => doc.body.classList.contains("certerror"), + "Wait for certerror to be loaded" + ); + + let domElement = doc.querySelector(`[data-telemetry-id='${objectId}']`); + domElement.click(); + }); let clickEvents = await TestUtils.waitForCondition(() => { let events = Services.telemetry.snapshotEvents( @@ -208,10 +148,4 @@ async function checkTelemetryClickEvents(useFelt) { BrowserTestUtils.removeTab(gBrowser.selectedTab); } } -} - -add_task(async function runCheckTelemetryClickEvents() { - for (const useFelt of [true, false]) { - await checkTelemetryClickEvents(useFelt); - } }); diff --git a/browser/base/content/test/about/browser_aboutNetError_basicHttpAuth.js b/browser/base/content/test/about/browser_aboutNetError_basicHttpAuth.js @@ -19,7 +19,6 @@ add_task(async function test_basicHttpAuth() { ["network.http.basic_http_auth.enabled", false], // blank page with error is priortized ["browser.http.blank_page_with_error_response.enabled", true], - ["security.certerrors.felt-privacy-v1", false], ], }); diff --git a/browser/base/content/test/about/browser_aboutNetError_internet_connection_offline.js b/browser/base/content/test/about/browser_aboutNetError_internet_connection_offline.js @@ -6,7 +6,6 @@ async function checkErrorForInvalidUriLoad(l10nId) { let browser; let pageLoaded; - await setSecurityCertErrorsFeltPrivacyToFalse(); await BrowserTestUtils.openNewForegroundTab( gBrowser, () => { diff --git a/browser/base/content/test/about/browser_aboutNewTab_bookmarksToolbar.js b/browser/base/content/test/about/browser_aboutNewTab_bookmarksToolbar.js @@ -3,12 +3,6 @@ "use strict"; -add_setup(async function () { - await SpecialPowers.pushPrefEnv({ - set: [["test.wait300msAfterTabSwitch", true]], - }); -}); - add_task(async function bookmarks_toolbar_shown_on_newtab() { let newtab = await BrowserTestUtils.openNewForegroundTab({ gBrowser, diff --git a/browser/base/content/test/about/browser_bug435325.js b/browser/base/content/test/about/browser_bug435325.js @@ -3,7 +3,7 @@ /* Ensure that clicking the button in the Offline mode neterror page makes the browser go online. See bug 435325. */ -async function checkSwitchPageToOnlineMode(useFelt) { +add_task(async function checkSwitchPageToOnlineMode() { // Go offline and disable the proxy and cache, then try to load the test URL. Services.io.offline = true; @@ -15,7 +15,6 @@ async function checkSwitchPageToOnlineMode(useFelt) { ["network.proxy.type", 0], ["browser.cache.disk.enable", false], ["browser.cache.memory.enable", false], - ["security.certerrors.felt-privacy-v1", useFelt], ], }); @@ -36,18 +35,14 @@ async function checkSwitchPageToOnlineMode(useFelt) { ); // Click on the 'Try again' button. - await SpecialPowers.spawn(browser, [useFelt], async function (use_felt) { + await SpecialPowers.spawn(browser, [], async function () { ok( content.document.documentURI.startsWith("about:neterror?e=netOffline"), "Should be showing error page" ); - const button = use_felt - ? content.document.querySelector("net-error-card").wrappedJSObject - .tryAgainButton - : content.document.querySelector( - "#netErrorButtonContainer > .try-again" - ); - button.click(); + content.document + .querySelector("#netErrorButtonContainer > .try-again") + .click(); }); await changeObserved; @@ -56,11 +51,6 @@ async function checkSwitchPageToOnlineMode(useFelt) { "After clicking the 'Try Again' button, we're back online." ); }); -} -add_task(async function runCheckSwitchPageToOnlineMode() { - for (const useFelt of [true, false]) { - await checkSwitchPageToOnlineMode(useFelt); - } }); registerCleanupFunction(function () { diff --git a/browser/base/content/test/about/browser_bug633691.js b/browser/base/content/test/about/browser_bug633691.js @@ -2,15 +2,7 @@ * http://creativecommons.org/publicdomain/zero/1.0/ */ -add_setup(async function () { - await SpecialPowers.pushPrefEnv({ - set: [["test.wait300msAfterTabSwitch", true]], - }); -}); - -add_task(async function testFalse() { - await setSecurityCertErrorsFeltPrivacyToFalse(); - +add_task(async function test() { const URL = "data:text/html,<iframe width='700' height='700'></iframe>"; await BrowserTestUtils.withNewTab( { gBrowser, url: URL }, @@ -38,34 +30,3 @@ add_task(async function testFalse() { } ); }); - -add_task(async function testTrue() { - await setSecurityCertErrorsFeltPrivacyToTrue(); - const URL = "data:text/html,<iframe width='700' height='700'></iframe>"; - await BrowserTestUtils.withNewTab( - { gBrowser, url: URL }, - async function (browser) { - let context = await SpecialPowers.spawn(browser, [], function () { - const iframe = content.document.querySelector("iframe"); - iframe.src = "https://expired.example.com/"; - return BrowsingContext.getFromWindow(iframe.contentWindow); - }); - await TestUtils.waitForCondition(() => { - let frame = context.currentWindowGlobal; - return frame && frame.documentURI.spec.startsWith("about:certerror"); - }); - await SpecialPowers.spawn(context, [], async function () { - await ContentTaskUtils.waitForCondition( - () => content.document.readyState == "interactive" - ); - const netErrorCard = - content.document.querySelector("net-error-card").wrappedJSObject; - Assert.ok(netErrorCard.advancedButton, "Advanced content should exist"); - Assert.ok( - !netErrorCard.advancedContainer, - "Advanced content should not be visible by default" - ); - }); - } - ); -}); diff --git a/toolkit/components/certviewer/tests/browser/browser_openTabAndSendCertInfo.js b/toolkit/components/certviewer/tests/browser/browser_openTabAndSendCertInfo.js @@ -76,9 +76,6 @@ function openCertDownloadDialog(cert) { add_task(async function openFromPopUp() { info("Testing openFromPopUp"); - await SpecialPowers.pushPrefEnv({ - set: [["security.certerrors.felt-privacy-v1", false]], - }); const certdb = Cc["@mozilla.org/security/x509certdb;1"].getService( Ci.nsIX509CertDB @@ -220,9 +217,6 @@ add_task(async function testBadCertIframe_feltPrivacyToTrue() { add_task(async function testBadCert() { info("Testing bad cert"); - await SpecialPowers.pushPrefEnv({ - set: [["security.certerrors.felt-privacy-v1", false]], - }); let tab = await openErrorPage(); let tabsCount = gBrowser.tabs.length; @@ -254,9 +248,6 @@ add_task(async function testBadCert() { add_task(async function testBadCertIframe() { info("Testing bad cert in an iframe"); - await SpecialPowers.pushPrefEnv({ - set: [["security.certerrors.felt-privacy-v1", false]], - }); let tab = await openErrorPage(true); let tabsCount = gBrowser.tabs.length; @@ -289,9 +280,6 @@ add_task(async function testBadCertIframe() { add_task(async function testGoodCert() { info("Testing page info"); - await SpecialPowers.pushPrefEnv({ - set: [["security.certerrors.felt-privacy-v1", false]], - }); let url = "https://example.com/"; let tabsCount = gBrowser.tabs.length; @@ -328,9 +316,6 @@ add_task(async function testGoodCert() { add_task(async function testPreferencesCert() { info("Testing preferences cert"); - await SpecialPowers.pushPrefEnv({ - set: [["security.certerrors.felt-privacy-v1", false]], - }); let url = "about:preferences#privacy"; let tabsCount; diff --git a/toolkit/components/places/tests/browser/browser_bug680727.js b/toolkit/components/places/tests/browser/browser_bug680727.js @@ -83,17 +83,13 @@ function errorAsyncListener(aURI, aIsVisited) { ); SpecialPowers.spawn(ourTab.linkedBrowser, [], function () { - const netErrorCard = - content.document.querySelector("net-error-card").wrappedJSObject; Assert.ok( - netErrorCard.tryAgainButton, + content.document.querySelector("#netErrorButtonContainer > .try-again"), "The error page has got a .try-again element" ); - EventUtils.synthesizeMouseAtCenter( - netErrorCard.tryAgainButton, - {}, - content - ); + content.document + .querySelector("#netErrorButtonContainer > .try-again") + .click(); }); } diff --git a/toolkit/content/net-error-card.mjs b/toolkit/content/net-error-card.mjs @@ -44,7 +44,6 @@ export class NetErrorCard extends MozLitElement { static queries = { copyButtonTop: "#copyToClipboardTop", - copyButtonBot: "#copyToClipboardBot", exceptionButton: "#exception-button", errorCode: "#errorCode", advancedContainer: ".advanced-container", @@ -61,7 +60,6 @@ export class NetErrorCard extends MozLitElement { netErrorTitleText: "#neterror-title-text", netErrorLearnMoreLink: "#neterror-learn-more-link", httpAuthIntroText: "#fp-http-auth-disabled-intro-text", - tryAgainButton: "#tryAgainButton", }; static ERROR_CODES = new Set([ @@ -72,7 +70,7 @@ export class NetErrorCard extends MozLitElement { "MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT", "SEC_ERROR_EXPIRED_CERTIFICATE", "SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE", - // Bug #2006790 - Temporarily disabling SSL_ERROR_NO_CYPHER_OVERLAP until we create a pref reset button. + "SSL_ERROR_NO_CYPHER_OVERLAP", "MOZILLA_PKIX_ERROR_INSUFFICIENT_CERTIFICATE_TRANSPARENCY", "NS_ERROR_OFFLINE", "NS_ERROR_DOM_COOP_FAILED", @@ -98,16 +96,10 @@ export class NetErrorCard extends MozLitElement { return false; } - let errorInfo; - try { - errorInfo = gIsCertError - ? document.getFailedCertSecurityInfo() - : document.getNetErrorInfo(); - } catch { - return false; - } - - let defaultErrorCode = errorInfo.errorCodeString + const errorInfo = gIsCertError + ? document.getFailedCertSecurityInfo() + : document.getNetErrorInfo(); + const defaultErrorCode = errorInfo.errorCodeString ? errorInfo.errorCodeString : gErrorCode; const errorCode = NetErrorCard.getCustomErrorCode(defaultErrorCode); @@ -154,6 +146,17 @@ export class NetErrorCard extends MozLitElement { document.dispatchEvent( new CustomEvent("AboutNetErrorLoad", { bubbles: true }) ); + + // Record telemetry when the error page loads + if (gIsCertError && !isCaptive()) { + if (this.failedCertInfo) { + recordSecurityUITelemetry( + "securityUiCerterror", + "loadAboutcerterror", + this.failedCertInfo + ); + } + } } shouldHideExceptionButton() { @@ -177,31 +180,6 @@ export class NetErrorCard extends MozLitElement { this.errorInfo = this.getErrorInfo(); this.hideExceptionButton = this.shouldHideExceptionButton(); - - // Record telemetry when the error page loads - if (gIsCertError && !isCaptive()) { - recordSecurityUITelemetry( - "securityUiCerterror", - "loadAboutcerterror", - this.errorInfo - ); - } - - // Check if the connection is being man-in-the-middled. When the parent - // detects an intercepted connection, the page may be reloaded with a new - // error code (MOZILLA_PKIX_ERROR_MITM_DETECTED). - const mitmPrimingEnabled = RPMGetBoolPref( - "security.certerrors.mitm.priming.enabled" - ); - if ( - mitmPrimingEnabled && - this.errorInfo.errorCodeString == "SEC_ERROR_UNKNOWN_ISSUER" && - // Only do this check for top-level failures. - window.parent == window - ) { - RPMSendAsyncMessage("Browser:PrimeMitm"); - } - this.hostname = HOST_NAME; const { port } = document.location; if (port && port != 443) { @@ -795,7 +773,6 @@ export class NetErrorCard extends MozLitElement { ></moz-button> <div id="certificateErrorText">${this.certificateErrorText}</div> <moz-button - id="copyToClipboardBot" data-telemetry-id="clipboard_button_bot" data-l10n-id="neterror-copy-to-clipboard-button" @click=${this.copyCertErrorTextToClipboard}