Monday, 08 July
- Created a sample patch that generates observer notification for SSL error and has SSL error code in 3rd parameter of observer notification.
- Uploaded the patch file on Bugzilla for comments.
- I am working on adding observer notifications for security related errors. Observer notifications will be helpful to our security report tool as well as for others security related tools in future.
- CSP errors already have observer notification. But CORS, mixed-content, SSL, HSTS, etc not yet having observer notifications.
- To start working in this direction I have added observer notification for SSL error that sends SSL error code. I have added you as a reviewer for that patch.
Tuesday, 09 July
- I worked on Bug 890224 (https://bugzilla.mozilla.org/show_bug.cgi?id=890224) to add observer notification for mixed-contents.
- I used mxr.mozilla.org service to search for the placed where mixed-content notifications are generated.
- I found "content/base/src/nsMixedContentBlocker.cpp" file generates mixed-content notifications for Browser Console.
Wednesday, 10 July
- I read code of "nsMixedContentBlocker.cpp" and added observer notification with aTopic="report-mixed-content" , aSubject = URI of content generated error/warning and aData=URI of document on which mixed-content error/warning is generated.
- Patch was submitted on bugzilla for feedback from Mark.
Thursday, 11 July
Friday, 12 July
- I tried to capture SSL errors/warnings in the security report tool using nsIConsoleService.
- However, I observed that SSL errors do not have error category at all. They are not instance of nsIScriptError.
- This implies that the only option I will have to use string matching (which is a worst approach) to capture SSL errors.