Closed Bug 1608894 Opened 1 year ago Closed 8 months ago

use the new certificate viewer in thunderbird (about:certificate?cert=)

Categories

(Thunderbird :: Security, enhancement, P1)

enhancement

Tracking

(Not tracked)

RESOLVED FIXED
Thunderbird 78.0

People

(Reporter: keeler, Assigned: khushil324)

References

(Blocks 1 open bug)

Details

Attachments

(2 files, 3 obsolete files)

Component: General → Security
Priority: -- → P1
Summary: use the new certificate viewer in thunderbird → use the new certificate viewer in thunderbird (about:certificate?cert=)
Assignee: nobody → khushil324

I need some feedback. I have a few questions:

  1. If you open the certificate, you have two options: PEM(Cert) and PEM(Chain) to download the certificate. It's <html:a> component with href="data;<data>" and when we click, nothing is happening. What do we need to keep in mind while working on the <html:a> in the Thunderbird?
  2. critcal.svg icon is not loading up. I have tried to override the icon with the messenger one. But it's not loading up. Do we need to take care of anything while overriding?
Attachment #9148075 - Flags: feedback?(mkmelin+mozilla)
Comment on attachment 9148075 [details] [diff] [review]
WIP-Bug-1608894_new-certificate-viewer-in-thunderbird.patch

Review of attachment 9148075 [details] [diff] [review]:
-----------------------------------------------------------------

data uris should be able to be loaded into a tab

For the override, I guess it wont work because it's in browser and not something already "known"? I guess if the certificate viewer is using a browser uri that's basically wrong.

::: mailnews/extensions/smime/content/msgReadSecurityInfo.js
@@ +228,5 @@
> +      "_blank",
> +      "centerscreen,chrome,titlebar",
> +      cert
> +    );
> +  }

you should remove the old way, as once we've removed our usage they will remove that
Attachment #9148075 - Flags: feedback?(mkmelin+mozilla)
Attachment #9148075 - Attachment is obsolete: true
Attachment #9149441 - Flags: review?(mkmelin+mozilla)
Status: NEW → ASSIGNED
Comment on attachment 9149441 [details] [diff] [review]
Bug-1608894_new-certificate-viewer-in-thunderbird-0.patch

Review of attachment 9149441 [details] [diff] [review]:
-----------------------------------------------------------------

You should set security.aboutcertificate.enabled true

::: mail/base/content/specialTabs.js
@@ +25,5 @@
> +  picker.init(mail3PaneWindow, fileName, Ci.nsIFilePicker.modeSave);
> +  picker.defaultString = fileName;
> +  picker.defaultExtension = "pem";
> +  picker.appendFilters(Ci.nsIFilePicker.filterAll);
> +  let filePickerResult = await new Promise(resolve => {

This should be right, but I think it would be easier to read without a promise. Like https://searchfox.org/comm-central/rev/41733433edd6a3a2d0369ce03eb4fab62bf38c3b/mailnews/extensions/newsblog/content/feed-subscriptions.js#2518-2526

@@ +412,5 @@
>      },
>  
>      // Other about:* pages.
>      function(aDocument, aTab) {
> +      if (aDocument.URL.startsWith("about:certificate")) {

you should instead map it above, in inContentWhitelist. 
(if you put it in index 3, then the implementaton should be at index 3 here)
Attachment #9149441 - Flags: review?(mkmelin+mozilla)
Attachment #9149441 - Attachment is obsolete: true
Attachment #9149649 - Flags: review?(mkmelin+mozilla)
Comment on attachment 9149649 [details] [diff] [review]
Bug-1608894_new-certificate-viewer-in-thunderbird-1.patch

Review of attachment 9149649 [details] [diff] [review]:
-----------------------------------------------------------------

If I open the certificate manager and try to click open a certificate, all I get is
JavaScript error: chrome://pippki/content/pippki.js, line 46: TypeError: can't access property "switchToTabHavingURI", win is nul

::: mailnews/extensions/smime/content/msgCompSecurityInfo.js
@@ +266,5 @@
>    );
>  }
>  
>  function viewCertHelper(parent, cert) {
> +  if (Services.prefs.getBoolPref("security.aboutcertificate.enabled")) {

You can remove these checks. I only meant to add the actual pref since it seems to affect things in toolkit.

::: mailnews/extensions/smime/content/msgReadSecurityInfo.js
@@ +214,3 @@
>  
>  function viewCertHelper(parent, cert) {
> +  if (Services.prefs.getBoolPref("security.aboutcertificate.enabled")) {

remove
Attachment #9149649 - Flags: review?(mkmelin+mozilla) → review-

This part is coming from the Mozilla Central pippki.js: https://searchfox.org/mozilla-central/source/security/manager/pki/resources/content/pippki.js#33-50
How can we override this part?

I've got a patch to fix that. Will upload once I got it fully tested.

Flags: needinfo?(mkmelin+mozilla)

With the mozilla-central patch above we get the right window.
The Thunderbird patch needs to also add handling to open a tab for this case at https://searchfox.org/comm-central/rev/cfa832291ae06d6b814f8a9ebe1991a08f25da92/mail/base/content/contentAreaClick.js#256

Something like

     document.getElementById("tabmail").openTab("contentTab", {
      contentPage: url,
      clickHandler: "specialTabs.aboutClickHandler(event);",
    });
``
Flags: needinfo?(mkmelin+mozilla)
Attachment #9149649 - Attachment is obsolete: true
Attachment #9150362 - Flags: review?(mkmelin+mozilla)

We have a problem with icon critcal.svg that we need to keep in my mind and ask the M-C developers to change it so that we can override it.

Pushed by mkmelin@iki.fi:
https://hg.mozilla.org/integration/autoland/rev/6ca84f6daedd
use getMostRecentWindow to find mainwindow, and hook that up for Thunderbird too. r=smaug
Status: ASSIGNED → RESOLVED
Closed: 8 months ago
Resolution: --- → FIXED
Target Milestone: --- → Thunderbird 78.0

Reopening until we land the Thunderbird part.

Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Comment on attachment 9150362 [details] [diff] [review]
Bug-1608894_new-certificate-viewer-in-thunderbird-2.patch

Review of attachment 9150362 [details] [diff] [review]:
-----------------------------------------------------------------

This seems to be working now. r=mkmelin
Attachment #9150362 - Flags: review?(mkmelin+mozilla) → review+

Pushed by geoff@darktrojan.net:
https://hg.mozilla.org/comm-central/rev/3d86054fed85
use the new certificate viewer in thunderbird (about:certificate?cert=). r=mkmelin

Status: REOPENED → RESOLVED
Closed: 8 months ago8 months ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.