[no bug] Relaunch and redo the web bug bounty program

bedrock/mozorg/templates/mozorg/about/governance/policies/security/bugs.html

@@ -8,14 +8,16 @@
 {% block body_class %}sand{% endblock %}
 
 {% block article %}
-  <h1 class="title-banner">{{ _('Handling Mozilla Security Bugs') }}</h1>
+  <h1 class="title-shadow-box">{{ _('Handling Mozilla Security Bugs') }}</h1>
 
   <p>{{ _(' Version 1.1') }}</p>
 
-  <p><strong>{% trans mail='mailto:security@mozilla.org?subject=Mozilla%20security%20bug%20report' %}
-    IMPORTANT: Anyone who believes they have found a Mozilla-related security vulnerability can and should report
-it by sending email to the address <a href="{{ mail }}">security@mozilla.org</a>.
-  {% endtrans %}</strong></p>
+  <p><strong>
+  {% trans bounty=url('security.bug-bounty') %}
+    IMPORTANT: Anyone who believes they have found a Mozilla-related security vulnerability should visit
+    our <a href="{{ bounty }}">bug bounty program</a> for information on how to submit them.
+  {% endtrans %}
+  </strong></p>
 
   <h2 id="intro">{{ _('Introduction') }}</h2>
 

bedrock/mozorg/templates/mozorg/about/governance/policies/security/membership.html

@@ -8,7 +8,7 @@
 {% block body_class %}sand{% endblock %}
 
 {% block article %}
-  <h1 class="title-banner">{{ _('Mozilla Security Group Membership Policy') }}</h1>
+  <h1 class="title-shadow-box">{{ _('Mozilla Security Group Membership Policy') }}</h1>
 
   <p>{{ _('Version 1.01 - 2008-03-07') }}</p>
 

bedrock/mozorg/templates/mozorg/about/governance/policies/security/tld-idn.html

@@ -7,13 +7,9 @@
 {% block page_title %}{{ _('IDN-enabled TLDs') }}{% endblock %}
 {% block body_class %}sand{% endblock %}
 
-{% block page_css %}
-  {% stylesheet 'security-tld-idn' %}
-{% endblock %}
-
 {% block article %}
 
-<h1 class="title-banner">{{ _('IDN-enabled TLDs') }}</h1>
+<h1 class="title-shadow-box">{{ _('IDN-enabled TLDs') }}</h1>
 
 <p><strong>{% trans url='https://wiki.mozilla.org/IDN_Display_Algorithm' %}
 This document is of historical interest only. Firefox now uses <a href="{{ url }}">an algorithm</a> to decide which IDNs to display. The whitelist mechanism still remains in the product for backwards compatibility, but the whitelist of domains is no longer updated.

bedrock/security/templates/security/base.html

@@ -8,16 +8,27 @@
   {% stylesheet 'security' %}
 {% endblock %}
 
-{% set navigation_bar = [
+{% set navigation_bar_security = [
     (url('security.index'), 'security-index', 'Mozilla Security'),
-    (url('security.advisories'), 'advisories', 'Security Advisories'),
+    (url('security.advisories'), 'advisories', 'Advisories'),
     (url('security.known-vulnerabilities'), 'known-vulnerabilities', 'Known Vulnerabilities'),
-    (url('security.bug-bounty'), 'bug-bounty', 'Bug Bounty'),
-    (url('security.bug-bounty.hall-of-fame'), 'hall-of-fame', 'Firefox Hall Of Fame'),
-    (url('security.bug-bounty.web-hall-of-fame'), 'web-hall-of-fame', 'Mozilla Web and Services Hall Of Fame'),
-    ('https://blog.mozilla.com/security/', 'blog', 'Security Blog'),
+    ('https://blog.mozilla.com/security/', 'blog', 'Blog'),
 ] %}
 
+{% set navigation_bar_client_bounty = [
+    (url('security.client-bug-bounty'),'client-bug-bounty', 'Client Bug Bounty'),
+    (url('security.bug-bounty.faq'), 'faq', 'Frequently Asked Questions'),
+    (url('security.bug-bounty.hall-of-fame'), 'hall-of-fame', 'Hall of Fame'),
+] %}
+
+{% set navigation_bar_web_bounty = [
+    (url('security.web-bug-bounty'), 'web-bug-bounty', 'Web Bug Bounty'),
+    (url('security.bug-bounty.web-eligible-sites'), 'web-eligible-sites', 'Eligible Websites'),
+    (url('security.bug-bounty.faq-webapp'), 'faq-webapp', 'Frequently Asked Questions'),
+    (url('security.bug-bounty.web-hall-of-fame'), 'web-hall-of-fame', 'Hall of Fame'),
+] %}
+
+
 {% block body_class %}sand{% endblock %}
 
 {% block breadcrumbs %}
@@ -39,7 +50,35 @@
         {% block side_nav %}
           <nav>
             <ul>
-            {% for href, id, caption in navigation_bar %}
+            {% for href, id, caption in navigation_bar_security %}
+              <li>
+              {% if id == body_id %}
+                <b>{{ caption|e }}</b>
+              {% else %}
+                <a href="{{ href|e }}">{{ caption|e }}</a>
+              {% endif %}
+              </li>
+            {% endfor %}
+            </ul>
+          </nav>
+
+          <nav>
+            <ul>
+            {% for href, id, caption in navigation_bar_client_bounty %}
+              <li>
+              {% if id == body_id %}
+                <b>{{ caption|e }}</b>
+              {% else %}
+                <a href="{{ href|e }}">{{ caption|e }}</a>
+              {% endif %}
+              </li>
+            {% endfor %}
+            </ul>
+          </nav>
+
+          <nav>
+            <ul>
+            {% for href, id, caption in navigation_bar_web_bounty %}
               <li>
               {% if id == body_id %}
                 <b>{{ caption|e }}</b>
@@ -50,6 +89,7 @@
             {% endfor %}
             </ul>
           </nav>
+
         {% endblock %}
         {% block side_extra %}
         {% endblock %}

bedrock/security/templates/security/bug-bounty.html

@@ -21,11 +21,11 @@ <h2>Introduction</h2>
 
       <p>Mozilla has paid out over 1.6 million dollars in bounties to our various researchers!</p>
 
-      <p>Mozilla manages two different bug bounty programs.  One program focuses on Firefox and other client applications and one bounty program focuses on our web properties and services.</p>
+      <p>Mozilla manages two different bug bounty programs.  One focuses on Firefox and other Mozilla applications and the other covers our websites and services.</p>
 
       <ul>
-        <li>Information on the Client Bug Bounty Program can be found <a href="{{ url('security.client-bug-bounty') }}">here</a>
-        <li>Information on the Web and Services Bug Bounty Program can be found <a href="{{ url('security.web-bug-bounty') }}">here</a>
+        <li><a href="{{ url('security.client-bug-bounty') }}">Client Bug Bounty Guidelines</a></li>
+        <li><a href="{{ url('security.web-bug-bounty') }}">Web Bug Bounty Guidelines</a></li>
       </ul>
      </div>
   </article>