Bug 1735746 - Log an error message to the web console for blocked ext…

…ernal protocol navigation from sandbox. r=ckerschb

Depends on D141132

Differential Revision: https://phabricator.services.mozilla.com/D141133

dom/locales/en-US/chrome/security/security.properties

@@ -153,6 +153,9 @@ HTTPSOnlyUpgradeSpeculativeConnection = Upgrading insecure speculative TCP conne
 # LOCALIZATION NOTE: %S is the URL of the blocked request;
 IframeSandboxBlockedDownload = Download of “%S” was blocked because the triggering iframe has the sandbox flag set.
 
+# LOCALIZATION NOTE: %S is the URL of the blocked request;
+SandboxBlockedCustomProtocols = Blocked navigation to custom protocol “%S” from a sandboxed context.
+
 # Sanitizer API
 # LOCALIZATION NOTE: Please do not localize "DocumentFragment". It's the name of an API.
 SanitizerRcvdNoInput = Received empty or no input. Returning an empty DocumentFragment.

uriloader/exthandler/nsExternalHelperAppService.cpp

@@ -1156,6 +1156,25 @@ nsExternalHelperAppService::LoadURI(nsIURI* aURI,
   if (aBrowsingContext &&
       ExternalProtocolIsBlockedBySandbox(aBrowsingContext,
                                          aHasValidUserGestureActivation)) {
+    // Log an error to the web console of the sandboxed BrowsingContext.
+    nsAutoString localizedMsg;
+    nsAutoCString spec;
+    aURI->GetSpec(spec);
+
+    AutoTArray<nsString, 1> params = {NS_ConvertUTF8toUTF16(spec)};
+    nsresult rv = nsContentUtils::FormatLocalizedString(
+        nsContentUtils::eSECURITY_PROPERTIES, "SandboxBlockedCustomProtocols",
+        params, localizedMsg);
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    WindowContext* windowContext = aBrowsingContext->GetCurrentWindowContext();
+    NS_ENSURE_TRUE(windowContext, NS_ERROR_FAILURE);
+
+    nsContentUtils::ReportToConsoleByWindowID(
+        localizedMsg, nsIScriptError::errorFlag, "Security"_ns,
+        windowContext->InnerWindowId(),
+        windowContext->Canonical()->GetDocumentURI());
+
     return NS_OK;
   }