mozbrowsersercuritychange event

5 files changed, 62 insertions, 1 deletions

diff --git a/components/script/dom/bindings/trace.rs b/components/script/dom/bindings/trace.rs
index 1362731339a..6794f803a10 100644
--- a/components/script/dom/bindings/trace.rs
+++ b/components/script/dom/bindings/trace.rs
@@ -60,6 +60,7 @@ use msg::constellation_msg::{PipelineId, SubpageId, WindowSizeData};
 use net_traits::Metadata;
 use net_traits::image::base::{Image, ImageMetadata};
 use net_traits::image_cache_thread::{ImageCacheChan, ImageCacheThread};
+use net_traits::response::HttpsState;
 use net_traits::storage_thread::StorageType;
 use profile_traits::mem::ProfilerChan as MemProfilerChan;
 use profile_traits::time::ProfilerChan as TimeProfilerChan;
@@ -299,6 +300,7 @@ no_jsmanaged_fields!(Mime);
 no_jsmanaged_fields!(AttrIdentifier);
 no_jsmanaged_fields!(AttrValue);
 no_jsmanaged_fields!(ElementSnapshot);
+no_jsmanaged_fields!(HttpsState);
 
 impl JSTraceable for ConstellationChan<ScriptMsg> {
     #[inline]
diff --git a/components/script/dom/document.rs b/components/script/dom/document.rs
index b5672319837..91eb87ca881 100644
--- a/components/script/dom/document.rs
+++ b/components/script/dom/document.rs
@@ -84,6 +84,7 @@ use msg::constellation_msg::{ConstellationChan, Key, KeyModifiers, KeyState};
 use msg::constellation_msg::{PipelineId, SubpageId};
 use net_traits::ControlMsg::{GetCookiesForUrl, SetCookiesForUrl};
 use net_traits::CookieSource::NonHTTP;
+use net_traits::response::HttpsState;
 use net_traits::{AsyncResponseTarget, PendingAsyncLoad};
 use num::ToPrimitive;
 use script_thread::{MainThreadScriptMsg, Runnable};
@@ -204,6 +205,8 @@ pub struct Document {
     dom_complete: Cell<u64>,
     /// Vector to store CSS errors
     css_errors_store: DOMRefCell<Vec<CSSError>>,
+    /// https://html.spec.whatwg.org/multipage/#concept-document-https-state
+    https_state: Cell<HttpsState>,
 }
 
 #[derive(JSTraceable, HeapSizeOf)]
@@ -289,6 +292,11 @@ impl Document {
         self.is_html_document
     }
 
+    pub fn set_https_state(&self, https_state: HttpsState) {
+        self.https_state.set(https_state);
+        self.trigger_mozbrowser_event(MozBrowserEvent::SecurityChange(https_state));
+    }
+
     pub fn report_css_error(&self, css_error: CSSError) {
         self.css_errors_store.borrow_mut().push(css_error);
     }
@@ -1525,6 +1533,7 @@ impl Document {
             dom_content_loaded_event_end: Cell::new(Default::default()),
             dom_complete: Cell::new(Default::default()),
             css_errors_store: DOMRefCell::new(vec![]),
+            https_state: Cell::new(HttpsState::None),
         }
     }
 
diff --git a/components/script/dom/htmliframeelement.rs b/components/script/dom/htmliframeelement.rs
index fd8788480a6..930c15b0e0f 100644
--- a/components/script/dom/htmliframeelement.rs
+++ b/components/script/dom/htmliframeelement.rs
@@ -4,6 +4,7 @@
 
 use dom::attr::{Attr, AttrValue};
 use dom::bindings::codegen::Bindings::BrowserElementBinding::BrowserElementIconChangeEventDetail;
+use dom::bindings::codegen::Bindings::BrowserElementBinding::BrowserElementSecurityChangeDetail;
 use dom::bindings::codegen::Bindings::BrowserElementBinding::BrowserShowModalPromptEventDetail;
 use dom::bindings::codegen::Bindings::HTMLIFrameElementBinding;
 use dom::bindings::codegen::Bindings::HTMLIFrameElementBinding::HTMLIFrameElementMethods;
@@ -29,6 +30,7 @@ use js::jsval::{UndefinedValue, NullValue};
 use layout_interface::ReflowQueryType;
 use msg::constellation_msg::{ConstellationChan};
 use msg::constellation_msg::{NavigationDirection, PipelineId, SubpageId};
+use net_traits::response::HttpsState;
 use page::IterablePage;
 use script_traits::IFrameSandboxState::{IFrameSandboxed, IFrameUnsandboxed};
 use script_traits::{IFrameLoadInfo, MozBrowserEvent, ScriptMsg as ConstellationMsg};
@@ -275,10 +277,26 @@ impl MozBrowserEventDetailBuilder for HTMLIFrameElement {
         match event {
             MozBrowserEvent::AsyncScroll | MozBrowserEvent::Close | MozBrowserEvent::ContextMenu |
             MozBrowserEvent::Error | MozBrowserEvent::LoadEnd | MozBrowserEvent::LoadStart |
-            MozBrowserEvent::OpenWindow | MozBrowserEvent::SecurityChange | MozBrowserEvent::OpenSearch  |
+            MozBrowserEvent::OpenWindow | MozBrowserEvent::OpenSearch  |
             MozBrowserEvent::UsernameAndPasswordRequired => {
                 rval.set(NullValue());
             }
+            MozBrowserEvent::SecurityChange(https_state) => {
+                BrowserElementSecurityChangeDetail {
+                    // https://developer.mozilla.org/en-US/docs/Web/Events/mozbrowsersecuritychange
+                    state: Some(DOMString::from(match https_state {
+                        HttpsState::Modern => "secure",
+                        HttpsState::Deprecated => "broken",
+                        HttpsState::None => "insecure",
+                    }.to_owned())),
+                    // FIXME - Not supported yet:
+                    trackingContent: None,
+                    mixedContent: None,
+                    trackingState: None,
+                    extendedValidation: None,
+                    mixedState: None,
+                }.to_jsval(cx, rval);
+            }
             MozBrowserEvent::LocationChange(ref string) | MozBrowserEvent::TitleChange(ref string) => {
                 string.to_jsval(cx, rval);
             }
diff --git a/components/script/dom/webidls/BrowserElement.webidl b/components/script/dom/webidls/BrowserElement.webidl
index ecd9df12e66..33f1fa6fd5e 100644
--- a/components/script/dom/webidls/BrowserElement.webidl
+++ b/components/script/dom/webidls/BrowserElement.webidl
@@ -24,6 +24,36 @@ callback BrowserElementNextPaintEventCallback = void ();
 interface BrowserElement {
 };
 
+dictionary BrowserElementSecurityChangeDetail {
+
+  // state:
+  //   "insecure" indicates that the data corresponding to
+  //     the request was received over an insecure channel.
+  //
+  //   "broken" indicates an unknown security state.  This
+  //     may mean that the request is being loaded as part
+  //     of a page in which some content was received over
+  //     an insecure channel.
+  //
+  //   "secure" indicates that the data corresponding to the
+  //     request was received over a secure channel.
+  DOMString state;
+
+  // trackingState:
+  //   "loaded_tracking_content": tracking content has been loaded.
+  //   "blocked_tracking_content": tracking content has been blocked from loading.
+  DOMString trackingState;
+
+  // mixedState:
+  //   "blocked_mixed_active_content": Mixed active content has been blocked from loading.
+  //   "loaded_mixed_active_content": Mixed active content has been loaded.
+  DOMString mixedState;
+
+  boolean extendedValidation;
+  boolean trackingContent;
+  boolean mixedContent;
+};
+
 dictionary BrowserElementIconChangeEventDetail {
   DOMString rel;
   DOMString href;
diff --git a/components/script/script_thread.rs b/components/script/script_thread.rs
index 4cae85da9ba..ef1a04e1682 100644
--- a/components/script/script_thread.rs
+++ b/components/script/script_thread.rs
@@ -1878,6 +1878,8 @@ impl ScriptThread {
             DOMString::new()
         };
 
+        document.set_https_state(metadata.https_state);
+
         match metadata.content_type {
             Some(ContentType(Mime(TopLevel::Text, SubLevel::Xml, _))) => {
                 parse_xml(document.r(),