browser/components/preferences/security.js

   1 # -*- Mode: Java; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
   2 # ***** BEGIN LICENSE BLOCK *****
   3 # Version: MPL 1.1/GPL 2.0/LGPL 2.1
   4 #
   5 # The contents of this file are subject to the Mozilla Public License Version
   6 # 1.1 (the "License"); you may not use this file except in compliance with
   7 # the License. You may obtain a copy of the License at
   8 # http://www.mozilla.org/MPL/
   9 #
  10 # Software distributed under the License is distributed on an "AS IS" basis,
  11 # WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
  12 # for the specific language governing rights and limitations under the
  13 # License.
  14 #
  15 # The Original Code is the Firefox Preferences System.
  16 #
  17 # The Initial Developer of the Original Code is
  18 # Jeff Walden <jwalden+code@mit.edu>.
  19 # Portions created by the Initial Developer are Copyright (C) 2006
  20 # the Initial Developer. All Rights Reserved.
  21 #
  22 # Contributor(s):
  23 #   Ryan Flint <rflint@dslr.net>
  24 #
  25 # Alternatively, the contents of this file may be used under the terms of
  26 # either the GNU General Public License Version 2 or later (the "GPL"), or
  27 # the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
  28 # in which case the provisions of the GPL or the LGPL are applicable instead
  29 # of those above. If you wish to allow use of your version of this file only
  30 # under the terms of either the GPL or the LGPL, and not to allow others to
  31 # use your version of this file under the terms of the MPL, indicate your
  32 # decision by deleting the provisions above and replace them with the notice
  33 # and other provisions required by the GPL or the LGPL. If you do not delete
  34 # the provisions above, a recipient may use your version of this file under
  35 # the terms of any one of the MPL, the GPL or the LGPL.
  36 #
  37 # ***** END LICENSE BLOCK *****
  38
  39 var gSecurityPane = {
  40   _pane: null,
  41
  42   /**
  43    * Initializes master password UI.
  44    */
  45   init: function ()
  46   {
  47     this._pane = document.getElementById("paneSecurity");
  48     this._initMasterPasswordUI();
  49   },
  50
  51   // ADD-ONS
  52
  53   /*
  54    * Preferences:
  55    *
  56    * xpinstall.whitelist.required
  57    * - true if a site must be added to a site whitelist before extensions
  58    *   provided by the site may be installed from it, false if the extension
  59    *   may be directly installed after a confirmation dialog
  60    */
  61
  62   /**
  63    * Enables/disables the add-ons Exceptions button depending on whether
  64    * or not add-on installation warnings are displayed.
  65    */
  66   readWarnAddonInstall: function ()
  67   {
  68     var warn = document.getElementById("xpinstall.whitelist.required");
  69     var exceptions = document.getElementById("addonExceptions");
  70
  71     exceptions.disabled = !warn.value;
  72
  73     // don't override the preference value
  74     return undefined;
  75   },
  76
  77   /**
  78    * Displays the exceptions lists for add-on installation warnings.
  79    */
  80   showAddonExceptions: function ()
  81   {
  82     var bundlePrefs = document.getElementById("bundlePreferences");
  83
  84     var params = this._addonParams;
  85     if (!params.windowTitle || !params.introText) {
  86       params.windowTitle = bundlePrefs.getString("addons_permissions_title");
  87       params.introText = bundlePrefs.getString("addonspermissionstext");
  88     }
  89
  90     document.documentElement.openWindow("Browser:Permissions",
  91                                         "chrome://browser/content/preferences/permissions.xul",
  92                                         "", params);
  93   },
  94
  95   /**
  96    * Parameters for the add-on install permissions dialog.
  97    */
  98   _addonParams:
  99     {
 100       blockVisible: false,
 101       sessionVisible: false,
 102       allowVisible: true,
 103       prefilledHost: "",
 104       permissionType: "install"
 105     },
 106
 107   // PASSWORDS
 108
 109   /*
 110    * Preferences:
 111    *
 112    * signon.rememberSignons
 113    * - true if passwords are remembered, false otherwise
 114    */
 115
 116   /**
 117    * Enables/disables the Exceptions button used to configure sites where
 118    * passwords are never saved.
 119    */
 120   readSavePasswords: function ()
 121   {
 122     var pref = document.getElementById("signon.rememberSignons");
 123     var excepts = document.getElementById("passwordExceptions");
 124
 125     excepts.disabled = !pref.value;
 126
 127     // don't override pref value in UI
 128     return undefined;
 129   },
 130
 131   /**
 132    * Displays a dialog in which the user can view and modify the list of sites
 133    * where passwords are never saved.
 134    */
 135   showPasswordExceptions: function ()
 136   {
 137     document.documentElement.openWindow("Toolkit:PasswordManagerExceptions",
 138                                         "chrome://passwordmgr/content/passwordManagerExceptions.xul",
 139                                         "", null);
 140   },
 141
 142   /**
 143    * Initializes master password UI: the "use master password" checkbox, selects
 144    * the master password button to show, and enables/disables it as necessary.
 145    * The master password is controlled by various bits of NSS functionality, so
 146    * the UI for it can't be controlled by the normal preference bindings.
 147    */
 148   _initMasterPasswordUI: function ()
 149   {
 150     var noMP = !this._masterPasswordSet();
 151
 152     var button = document.getElementById("changeMasterPassword");
 153     button.disabled = noMP;
 154
 155     var checkbox = document.getElementById("useMasterPassword");
 156     checkbox.checked = !noMP;
 157   },
 158
 159   /**
 160    * Returns true if the user has a master password set and false otherwise.
 161    */
 162   _masterPasswordSet: function ()
 163   {
 164     const Cc = Components.classes, Ci = Components.interfaces;
 165     var secmodDB = Cc["@mozilla.org/security/pkcs11moduledb;1"].
 166                    getService(Ci.nsIPKCS11ModuleDB);
 167     var slot = secmodDB.findSlotByName("");
 168     if (slot) {
 169       var status = slot.status;
 170       var hasMP = status != Ci.nsIPKCS11Slot.SLOT_UNINITIALIZED &&
 171                   status != Ci.nsIPKCS11Slot.SLOT_READY;
 172       return hasMP;
 173     } else {
 174       // XXX I have no bloody idea what this means
 175       return false;
 176     }
 177   },
 178
 179   /**
 180    * Enables/disables the master password button depending on the state of the
 181    * "use master password" checkbox, and prompts for master password removal if
 182    * one is set.
 183    */
 184   updateMasterPasswordButton: function ()
 185   {
 186     var checkbox = document.getElementById("useMasterPassword");
 187     var button = document.getElementById("changeMasterPassword");
 188     button.disabled = !checkbox.checked;
 189
 190     // unchecking the checkbox should try to immediately remove the master
 191     // password, because it's impossible to non-destructively remove the master
 192     // password used to encrypt all the passwords without providing it (by
 193     // design), and it would be extremely odd to pop up that dialog when the
 194     // user closes the prefwindow and saves his settings
 195     if (!checkbox.checked)
 196       this._removeMasterPassword();
 197     else
 198       this.changeMasterPassword();
 199
 200     this._initMasterPasswordUI();
 201   },
 202
 203   /**
 204    * Displays the "remove master password" dialog to allow the user to remove
 205    * the current master password.  When the dialog is dismissed, master password
 206    * UI is automatically updated.
 207    */
 208   _removeMasterPassword: function ()
 209   {
 210     const Cc = Components.classes, Ci = Components.interfaces;
 211     var secmodDB = Cc["@mozilla.org/security/pkcs11moduledb;1"].
 212                    getService(Ci.nsIPKCS11ModuleDB);
 213     if (secmodDB.isFIPSEnabled) {
 214       var promptService = Cc["@mozilla.org/embedcomp/prompt-service;1"].
 215                           getService(Ci.nsIPromptService);
 216       var bundle = document.getElementById("bundlePreferences");
 217       promptService.alert(window,
 218                           bundle.getString("pw_change_failed_title"),
 219                           bundle.getString("pw_change2empty_in_fips_mode"));
 220     }
 221     else {
 222       document.documentElement.openSubDialog("chrome://mozapps/content/preferences/removemp.xul",
 223                                              "", null);
 224     }
 225     this._initMasterPasswordUI();
 226   },
 227
 228   /**
 229    * Displays a dialog in which the master password may be changed.
 230    */
 231   changeMasterPassword: function ()
 232   {
 233     document.documentElement.openSubDialog("chrome://mozapps/content/preferences/changemp.xul",
 234                                            "", null);
 235     this._initMasterPasswordUI();
 236   },
 237
 238   /**
 239    * Shows the sites where the user has saved passwords and the associated login
 240    * information.
 241    */
 242   showPasswords: function ()
 243   {
 244     document.documentElement.openWindow("Toolkit:PasswordManager",
 245                                         "chrome://passwordmgr/content/passwordManager.xul",
 246                                         "", null);
 247   },
 248
 249
 250   // WARNING MESSAGES
 251
 252   /**
 253    * Displays the security warnings dialog which allows changing the
 254    * "submitting unencrypted information", "moving from secure to unsecure",
 255    * etc. dialogs that every user immediately disables when he sees them.
 256    */
 257   showWarningMessageSettings: function ()
 258   {
 259     document.documentElement.openSubDialog("chrome://browser/content/preferences/securityWarnings.xul",
 260                                            "", null);
 261   }
 262
 263 };