Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Malicious site protection - iOS Ship review feedback #1443

Draft
wants to merge 6 commits into
base: main
Choose a base branch
from
Draft

Malicious site protection - iOS Ship review feedback #1443

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
ee9b38d
Malicious site copy update
mgurgel Jan 30, 2025
abc1ba0
Tab title fix
mgurgel Jan 30, 2025
b6956d5
Icon fix
mgurgel Jan 30, 2025
b85c74c
Fix for hanging word in title
mgurgel Jan 30, 2025
a3b8486
text-wrap: balance on warning title
mgurgel Jan 30, 2025
52d3750
Consistent line-breaking
mgurgel Jan 31, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions special-pages/pages/special-error/app/components/App.jsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,10 +34,10 @@ function PageTitle() {
useEffect(() => {
switch (kind) {
case 'malware':
document.title = t('malwarePageHeading');
document.title = t('malwareTabTitle');
break;
case 'phishing':
document.title = t('phishingPageHeading');
document.title = t('phishingTabTitle');
break;
default:
document.title = t('sslPageHeading');
Expand Down
1 change: 0 additions & 1 deletion special-pages/pages/special-error/app/components/App.module.css
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,6 @@ body {
top: 0;
left: 0;


@media (max-height: 400px) {
padding-top: var(--sp-10);
align-items: flex-start;
Expand Down
7 changes: 6 additions & 1 deletion special-pages/pages/special-error/app/components/Warning.jsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,12 @@ export function WarningHeading() {
return (
<header className={classNames(styles.heading, styles[kind])}>
<i className={styles.icon} aria-hidden="true" />
<Text as="h1" variant={platformName === 'macos' ? 'title-2-emphasis' : 'title-2'} strictSpacing={platformName !== 'macos'}>
<Text
as="h1"
variant={platformName === 'macos' ? 'title-2-emphasis' : 'title-2'}
strictSpacing={platformName !== 'macos'}
className={styles.title}
>
{heading}
</Text>
</header>
Expand Down
25 changes: 20 additions & 5 deletions special-pages/pages/special-error/app/components/Warning.module.css
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,7 @@

& .content {
text-align: center;
white-space: pre-line; /* Preserve line breaks on all screen sizes */
}

& .buttonContainer {
Expand Down Expand Up @@ -117,12 +118,26 @@
}

& .phishing .icon, & .malware .icon {
background-image: url(../../../../shared/assets/img/icons/Malware-Site-96.svg);
background-image: url(../../../../shared/assets/img/icons/Malware-Site-128.svg);
}

/* Inserts line break before an inline element. Used for the Learn More link in the Warning text */
& [data-line-break]::before {
content: ' ';
display: block;
/* Preserves line breaks on smaller screens to avoid orfan words.
This is a fallback for browsers that don't support text-wrap: balance */
& .title {
white-space: pre-line;

@media (min-width: 600px) {
white-space: normal;
}
}
}

@supports (text-wrap: balance) {
/* Balanced line breaks on title for browsers that support it */
[data-platform-name="ios"] {
& .title {
text-wrap: balance;
white-space: normal;
}
}
}
11 changes: 6 additions & 5 deletions special-pages/pages/special-error/app/hooks/ErrorStrings.jsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,6 @@ const sanitizeURL = (urlString) => {
*/

const helpPageAnchorTagParams = {
'data-line-break': true,
href: phishingMalwareHelpPageURL,
target: '_blank',
};
Expand Down Expand Up @@ -62,11 +61,11 @@ export function useWarningHeading() {
const { kind } = useErrorData();

if (kind === 'phishing') {
return t('phishingPageHeading');
return t('phishingPageHeading').replace('{newline}', '\n');
}

if (kind === 'malware') {
return t('malwarePageHeading');
return t('malwarePageHeading').replace('{newline}', '\n');
}

if (kind === 'ssl') {
Expand All @@ -85,11 +84,13 @@ export function useWarningContent() {
const { kind } = useErrorData();

if (kind === 'phishing') {
return [<Trans str={t('phishingWarningText')} values={{ a: helpPageAnchorTagParams }} />];
const text = t('phishingWarningText').replace('{newline}', '\n');
return [<Trans str={text} values={{ a: helpPageAnchorTagParams }} />];
}

if (kind === 'malware') {
return [<Trans str={t('malwareWarningText')} values={{ a: helpPageAnchorTagParams }} />];
const text = t('malwareWarningText').replace('{newline}', '\n');
return [<Trans str={text} values={{ a: helpPageAnchorTagParams }} />];
}

if (kind === 'ssl') {
Expand Down
28 changes: 26 additions & 2 deletions special-pages/pages/special-error/integration-tests/special-error.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -150,6 +150,10 @@

async showsExpiredPage() {
const { page } = this;

const title = await page.locator('title').textContent();
expect(title).toBe('Warning: This site may be insecure');

Check failure on line 155 in special-pages/pages/special-error/integration-tests/special-error.js

View workflow job for this annotation

GitHub Actions / integration

[macos] › pages/special-error/integration-tests/special-error.spec.js:21:5 › special-error › shows SSL expired cert error 

  2) [macos] › pages/special-error/integration-tests/special-error.spec.js:21:5 › special-error › shows SSL expired cert error 
    Error: expect(received).toBe(expected) // Object.is equality

    Expected: "Warning: This site may be insecure"
    Received: "Error"

       at pages/special-error/integration-tests/special-error.js:155

      153 |
      154 |         const title = await page.locator('title').textContent();
    > 155 |         expect(title).toBe('Warning: This site may be insecure');
          |                       ^
      156 |
      157 |         await expect(page.getByText('Warning: This site may be insecure', { exact: true })).toBeVisible();
      158 |         await expect(
        at SpecialErrorPage.showsExpiredPage (/home/runner/work/content-scope-scripts/content-scope-scripts/special-pages/pages/special-error/integration-tests/special-error.js:155:23)
        at /home/runner/work/content-scope-scripts/content-scope-scripts/special-pages/pages/special-error/integration-tests/special-error.spec.js:24:9

await expect(page.getByText('Warning: This site may be insecure', { exact: true })).toBeVisible();
await expect(
page.getByText(
Expand All @@ -174,6 +178,10 @@

async showsInvalidPage() {
const { page } = this;

const title = await page.locator('title').textContent();
expect(title).toBe('Warning: This site may be insecure');

Check failure on line 183 in special-pages/pages/special-error/integration-tests/special-error.js

View workflow job for this annotation

GitHub Actions / integration

[macos] › pages/special-error/integration-tests/special-error.spec.js:33:5 › special-error › shows SSL invalid cert error 

  3) [macos] › pages/special-error/integration-tests/special-error.spec.js:33:5 › special-error › shows SSL invalid cert error 
    Error: expect(received).toBe(expected) // Object.is equality

    Expected: "Warning: This site may be insecure"
    Received: "Error"

       at pages/special-error/integration-tests/special-error.js:183

      181 |
      182 |         const title = await page.locator('title').textContent();
    > 183 |         expect(title).toBe('Warning: This site may be insecure');
          |                       ^
      184 |
      185 |         await expect(page.getByText('Warning: This site may be insecure', { exact: true })).toBeVisible();
      186 |         await expect(
        at SpecialErrorPage.showsInvalidPage (/home/runner/work/content-scope-scripts/content-scope-scripts/special-pages/pages/special-error/integration-tests/special-error.js:183:23)
        at /home/runner/work/content-scope-scripts/content-scope-scripts/special-pages/pages/special-error/integration-tests/special-error.spec.js:36:9

await expect(page.getByText('Warning: This site may be insecure', { exact: true })).toBeVisible();
await expect(
page.getByText(
Expand All @@ -193,6 +201,10 @@

async showsSelfSignedPage() {
const { page } = this;

const title = await page.locator('title').textContent();
expect(title).toBe('Warning: This site may be insecure');

Check failure on line 206 in special-pages/pages/special-error/integration-tests/special-error.js

View workflow job for this annotation

GitHub Actions / integration

[macos] › pages/special-error/integration-tests/special-error.spec.js:39:5 › special-error › shows SSL self signed cert error 

  4) [macos] › pages/special-error/integration-tests/special-error.spec.js:39:5 › special-error › shows SSL self signed cert error 
    Error: expect(received).toBe(expected) // Object.is equality

    Expected: "Warning: This site may be insecure"
    Received: "Error"

       at pages/special-error/integration-tests/special-error.js:206

      204 |
      205 |         const title = await page.locator('title').textContent();
    > 206 |         expect(title).toBe('Warning: This site may be insecure');
          |                       ^
      207 |
      208 |         await expect(page.getByText('Warning: This site may be insecure', { exact: true })).toBeVisible();
      209 |         await expect(
        at SpecialErrorPage.showsSelfSignedPage (/home/runner/work/content-scope-scripts/content-scope-scripts/special-pages/pages/special-error/integration-tests/special-error.js:206:23)
        at /home/runner/work/content-scope-scripts/content-scope-scripts/special-pages/pages/special-error/integration-tests/special-error.spec.js:42:9

await expect(page.getByText('Warning: This site may be insecure', { exact: true })).toBeVisible();
await expect(
page.getByText(
Expand All @@ -212,6 +224,10 @@

async showsWrongHostPage() {
const { page } = this;

const title = await page.locator('title').textContent();
expect(title).toBe('Warning: This site may be insecure');

Check failure on line 229 in special-pages/pages/special-error/integration-tests/special-error.js

View workflow job for this annotation

GitHub Actions / integration

[macos] › pages/special-error/integration-tests/special-error.spec.js:45:5 › special-error › shows SSL wrong host error 

  5) [macos] › pages/special-error/integration-tests/special-error.spec.js:45:5 › special-error › shows SSL wrong host error 
    Error: expect(received).toBe(expected) // Object.is equality

    Expected: "Warning: This site may be insecure"
    Received: "Error"

       at pages/special-error/integration-tests/special-error.js:229

      227 |
      228 |         const title = await page.locator('title').textContent();
    > 229 |         expect(title).toBe('Warning: This site may be insecure');
          |                       ^
      230 |
      231 |         await expect(page.getByText('Warning: This site may be insecure', { exact: true })).toBeVisible();
      232 |         await expect(
        at SpecialErrorPage.showsWrongHostPage (/home/runner/work/content-scope-scripts/content-scope-scripts/special-pages/pages/special-error/integration-tests/special-error.js:229:23)
        at /home/runner/work/content-scope-scripts/content-scope-scripts/special-pages/pages/special-error/integration-tests/special-error.spec.js:48:9

await expect(page.getByText('Warning: This site may be insecure', { exact: true })).toBeVisible();
await expect(
page.getByText(
Expand All @@ -231,7 +247,11 @@

async showsPhishingPage() {
const { page } = this;
await expect(page.getByText('Warning: This site may put your personal information at risk', { exact: true })).toBeVisible();

const title = await page.locator('title').textContent();
expect(title).toBe('Warning: Security Risk');

Check failure on line 252 in special-pages/pages/special-error/integration-tests/special-error.js

View workflow job for this annotation

GitHub Actions / integration

[macos] › pages/special-error/integration-tests/special-error.spec.js:51:5 › special-error › shows phishing warning 

  6) [macos] › pages/special-error/integration-tests/special-error.spec.js:51:5 › special-error › shows phishing warning 
    Error: expect(received).toBe(expected) // Object.is equality

    Expected: "Warning: Security Risk"
    Received: "Error"

       at pages/special-error/integration-tests/special-error.js:252

      250 |
      251 |         const title = await page.locator('title').textContent();
    > 252 |         expect(title).toBe('Warning: Security Risk');
          |                       ^
      253 |
      254 |         await expect(page.getByText('Warning: This site may be a security risk', { exact: true })).toBeVisible();
      255 |         await expect(
        at SpecialErrorPage.showsPhishingPage (/home/runner/work/content-scope-scripts/content-scope-scripts/special-pages/pages/special-error/integration-tests/special-error.js:252:23)
        at /home/runner/work/content-scope-scripts/content-scope-scripts/special-pages/pages/special-error/integration-tests/special-error.spec.js:54:9

await expect(page.getByText('Warning: This site may be a security risk', { exact: true })).toBeVisible();
await expect(
page.getByText(
'This website may be impersonating a legitimate site in order to trick you into providing personal information, such as passwords or credit card numbers. Learn more',
Expand All @@ -249,7 +269,11 @@

async showsMalwarePage() {
const { page } = this;
await expect(page.getByText('Warning: This site may put your personal information at risk', { exact: true })).toBeVisible();

const title = await page.locator('title').textContent();
expect(title).toBe('Warning: Security Risk');

Check failure on line 274 in special-pages/pages/special-error/integration-tests/special-error.js

View workflow job for this annotation

GitHub Actions / integration

[macos] › pages/special-error/integration-tests/special-error.spec.js:57:5 › special-error › shows malware warning 

  7) [macos] › pages/special-error/integration-tests/special-error.spec.js:57:5 › special-error › shows malware warning 
    Error: expect(received).toBe(expected) // Object.is equality

    Expected: "Warning: Security Risk"
    Received: "Error"

       at pages/special-error/integration-tests/special-error.js:274

      272 |
      273 |         const title = await page.locator('title').textContent();
    > 274 |         expect(title).toBe('Warning: Security Risk');
          |                       ^
      275 |
      276 |         await expect(page.getByText('Warning: This site may be a security risk', { exact: true })).toBeVisible();
      277 |         await expect(
        at SpecialErrorPage.showsMalwarePage (/home/runner/work/content-scope-scripts/content-scope-scripts/special-pages/pages/special-error/integration-tests/special-error.js:274:23)
        at /home/runner/work/content-scope-scripts/content-scope-scripts/special-pages/pages/special-error/integration-tests/special-error.spec.js:60:9

await expect(page.getByText('Warning: This site may be a security risk', { exact: true })).toBeVisible();
await expect(
page.getByText(
'DuckDuckGo blocked this page because it may be distributing malware designed to compromise your device or steal your personal information. Learn more',
Expand Down
24 changes: 16 additions & 8 deletions special-pages/pages/special-error/public/locales/en/special-error.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,24 +26,32 @@
"note": "Button shown in an error page that warns users of security risks on a website due to Phishing or Malware issues. The buttons allows the user to visit the website anyway despite the risks."
},
"malwarePageHeading": {
"title": "Warning: This site may put your personal information at risk",
"note": "Title shown in an error page that warn users of security risks on a website due to malware distribution"
"title": "Warning: This site may be a{newline}security risk",
"note": "Title shown in an error page that warn users of security risks on a website due to malware distribution. The {newline} tag should not be translated. It should be placed within the sentence to avoid having a single word hanging on the last line"
},
"malwareTabTitle": {
"title": "Warning: Security Risk",
"note": "Title shown in the browser window or tab when the current page may be a security risk due to malware"
},
"malwareWarningText": {
"title": "DuckDuckGo blocked this page because it may be distributing malware designed to compromise your device or steal your personal information. <a>Learn more</a>",
"note": "Error description shown in an error page that warns users of security risks on a website due to malware distribution."
"title": "DuckDuckGo blocked this page because it may be distributing malware designed to compromise your device or steal your personal information.{newline}<a>Learn more</a>",
"note": "Error description shown in an error page that warns users of security risks on a website due to malware distribution. The {newline} tag should not be translated. It should be placed before the translated <a>Learn More</a> text."
},
"malwareAdvancedInfoHeading": {
"title": "If you believe this website is safe, you can <a>report an error</a>. You can still visit the website at your own risk.",
"note": "Title of the Advanced info section shown in an error page that warns users of security risks on a website due to malware distribution."
},
"phishingPageHeading": {
"title": "Warning: This site may put your personal information at risk",
"note": "Title shown in an error page that warn users of security risks on a website due to Phishing issues"
"title": "Warning: This site may be a{newline}security risk",
"note": "Title shown in an error page that warn users of security risks on a website due to Phishing issues. The {newline} tag should not be translated. It should be placed within the sentence to avoid having a single word hanging on the last line"
},
"phishingTabTitle": {
"title": "Warning: Security Risk",
"note": "Title shown in the browser window or tab when the current page may be a security risk due to phishing"
},
"phishingWarningText": {
"title": "This website may be impersonating a legitimate site in order to trick you into providing personal information, such as passwords or credit card numbers. <a>Learn more</a>",
"note": "Error description shown in an error page that warns users of security risks on a website due to Phishing issues."
"title": "This website may be impersonating a legitimate site in order to trick you into providing personal information, such as passwords or credit card numbers.{newline}<a>Learn more</a>",
"note": "Error description shown in an error page that warns users of security risks on a website due to Phishing issues. The {newline} tag should not be translated. It should be placed before the translated <a>Learn More</a> text."
},
"phishingAdvancedInfoHeading": {
"title": "If you believe this website is safe, you can <a>report an error</a>. You can still visit the website at your own risk.",
Expand Down
15 changes: 15 additions & 0 deletions special-pages/shared/assets/img/icons/Malware-Site-128.svg
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading