Review fixes

mozilla · Oct 24, 2016 · cedeefc · cedeefc
1 parent e2ec19c
commit cedeefc
Show file tree

Hide file tree

Showing 13 changed files with 51 additions and 219 deletions.
diff --git a/bedrock/firefox/templates/firefox/geolocation.html b/bedrock/firefox/templates/firefox/geolocation.html
@@ -217,7 +217,7 @@ <h3 data-accordion-role="tab">{{ _('How can I add support for Geolocation to my
 
 </section><!-- end #faq -->
 
-<div style="display:none">
+<div class="hidden">
   <div id="geo-demo">
     <div id="map_canvas"></div>
     <button id="locateButton" type="button">{{ _('Where am I?') }}</button>

diff --git a/bedrock/mozorg/tests/test_views.py b/bedrock/mozorg/tests/test_views.py
@@ -66,16 +66,6 @@ def test_old_home_template(self, render_mock):
 
 
 class TestViews(TestCase):
-    def test_hacks_newsletter_frames_allow(self):
-        """
-        Bedrock pages get the 'x-frame-options: DENY' header by default.
-        The hacks newsletter page is framed, so needs to ALLOW.
-        """
-        with self.activate('en-US'):
-            resp = self.client.get(reverse('mozorg.hacks_newsletter'))
-
-        ok_('x-frame-options' not in resp)
-
     @override_settings(STUB_INSTALLER_LOCALES={'win': _ALL})
     def test_download_button_funnelcake(self):
         """The download button should have the funnelcake ID."""

diff --git a/bedrock/newsletter/templates/newsletter/hacks.mozilla.org.html b/bedrock/newsletter/templates/newsletter/hacks.mozilla.org.html
diff --git a/bedrock/newsletter/tests/test_views.py b/bedrock/newsletter/tests/test_views.py
@@ -49,16 +49,6 @@ class TestViews(TestCase):
     def setUp(self):
         self.rf = RequestFactory()
 
-    def test_hacks_newsletter_frames_allow(self):
-        """
-        Bedrock pages get the 'x-frame-options: DENY' header by default.
-        The hacks newsletter page is framed, so needs to ALLOW.
-        """
-        with self.activate('en-US'):
-            resp = self.client.get(reverse('mozorg.hacks_newsletter'))
-
-        ok_('x-frame-options' not in resp)
-
     @patch('bedrock.newsletter.views.l10n_utils.render')
     def test_updated_allows_good_tokens(self, mock_render):
         token = unicode(uuid.uuid4())

diff --git a/bedrock/newsletter/urls.py b/bedrock/newsletter/urls.py
@@ -36,13 +36,6 @@
         views.recovery,
         name='newsletter.recovery'),
 
-    # This particular view is used inside a frame somewhere else, so it
-    # has its own view and doesn't work like the rest of these newsletter
-    # signup pages.
-    url('^newsletter/hacks\.mozilla\.org/$',
-        views.hacks_newsletter,
-        name='mozorg.hacks_newsletter'),
-
     # Receives POSTs from all subscribe forms
     url('^newsletter/$',
         views.newsletter_subscribe,

diff --git a/bedrock/newsletter/views.py b/bedrock/newsletter/views.py
@@ -190,12 +190,6 @@
                         re.IGNORECASE)
 
 
-@xframe_allow
-def hacks_newsletter(request):
-    return l10n_utils.render(request,
-                             'newsletter/hacks.mozilla.org.html')
-
-
 @never_cache
 def confirm(request, token):
     """

diff --git a/bedrock/privacy/templates/privacy/archive/firefox-2008-06.html b/bedrock/privacy/templates/privacy/archive/firefox-2008-06.html
@@ -37,8 +37,8 @@ <h2>Interactive Product Features</h2>
         <ul class="spaced">
           <li><em>Crash-Reporting Feature</em>. Firefox has a crash-reporting feature that sends a report to Mozilla when Firefox crashes. Mozilla uses the information in the crash reports to diagnose and correct the problems in Firefox that caused the crash. Though this feature starts automatically after Firefox crashes, it does not send information to Mozilla until you explicitly authorize it to do so. By default, this feature sends a variety of Non-Personal Information to Mozilla, including the stack trace (a detailed description of which parts of the Firefox code were active at the time of the crash) and the type of computer you are using. Additional information is collected by the crash reporting feature. Which crash reporting feature is used and additional information collected by Firefox depends on which version of Firefox you’re using.
             <dl>
-              <dd><span class="underline">Firefox 1.0 – 2.x</span>. For these earlier versions of Firefox, “Talkback” is Firefox’s crash reporting feature. Talkback also collects Personal Information (including your name, email address) and Potentially Personal Information (including your IP address, your computer’s name, and the processes you were running at the time of the crash). You can selectively disable the sending of this information. Additionally, you have the option to include the URL of the site you were visiting when Firefox crashed, a comment, and your email address in the report. Mozilla only makes Non-Personal Information and Potentially Personal Information in the public reports available online at <a href="http://www.talkback-public.mozilla.org/">www.talkback-public.mozilla.org/</a>.</dd>
-              <dd><span class="underline">Firefox 3.0 to 3.x</span>. For the current versions of Firefox, the Firefox Crash Reporter is Firefox’s crash reporting feature. With this feature, you have the option to include the URL of the site you were visiting when Firefox crashed, a comment, and your email address in the report. Firefox Crash Reporter also sends Potentially Personal Information to Mozilla in the form of a unique numeric value to distinguish individual Firefox installs. Mozilla only makes Non-Personal Information and Potentially Personal Information in the public reports available online at <a href="http://crash-stats.mozilla.com/">http://crash-stats.mozilla.com/</a>.</dd>
+              <dd><b>Firefox 1.0 – 2.x</b>. For these earlier versions of Firefox, “Talkback” is Firefox’s crash reporting feature. Talkback also collects Personal Information (including your name, email address) and Potentially Personal Information (including your IP address, your computer’s name, and the processes you were running at the time of the crash). You can selectively disable the sending of this information. Additionally, you have the option to include the URL of the site you were visiting when Firefox crashed, a comment, and your email address in the report. Mozilla only makes Non-Personal Information and Potentially Personal Information in the public reports available online at <a href="http://www.talkback-public.mozilla.org/">www.talkback-public.mozilla.org/</a>.</dd>
+              <dd><b>Firefox 3.0 to 3.x</b>. For the current versions of Firefox, the Firefox Crash Reporter is Firefox’s crash reporting feature. With this feature, you have the option to include the URL of the site you were visiting when Firefox crashed, a comment, and your email address in the report. Firefox Crash Reporter also sends Potentially Personal Information to Mozilla in the form of a unique numeric value to distinguish individual Firefox installs. Mozilla only makes Non-Personal Information and Potentially Personal Information in the public reports available online at <a href="http://crash-stats.mozilla.com/">http://crash-stats.mozilla.com/</a>.</dd>
             </dl>
           </li>
           <li><em>Report Broken Web Site Feature</em>. Firefox’s Report Broken Web Site feature lets you notify Mozilla when a website you visit improperly appears or incorrectly functions. The feature sends the URL of the broken website to Mozilla. You may also choose to send your email address and a description of the problem. This feature also sends a variety of Non-Personal Information to Mozilla, including but not limited to the version of Firefox you are using and your language preference. Except for your email address, Mozilla makes all of this information public. This feature does not send information to Mozilla until you explicitly authorize Firefox to do so. To prevent this public release of Personal and Potentially Personal Information, don’t report a website if the website’s URL contains your Personal and Potentially Personal Information, and don’t include Personal Information in your description of the problem. To prevent the release of any information, don’t use this feature to report a broken website.</li>

diff --git a/bedrock/security/templates/security/older-vulnerabilities.html b/bedrock/security/templates/security/older-vulnerabilities.html
@@ -700,37 +700,37 @@ <h3 id="nov-2003">November 2003 Update</h3>
       <td>61</td>
       <td>Running Executables</td>
       <td>1.5 1.4.2</td>
-      <td valign="top">M1 to 1.4.1</td>
-      <td valign="top">*.hta files could be executed on Windows</td>
-      <td valign="top">*.hta files were not treated as executable, and
+      <td>M1 to 1.4.1</td>
+      <td>*.hta files could be executed on Windows</td>
+      <td>*.hta files were not treated as executable, and
         could be used to gain full access to a user's system
       </td>
-      <td valign="top">
+      <td>
         <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=220257">220257</a>
       </td>
-      <td valign="top">Don't open *.hta or application/hta files</td>
-      <td valign="top"><em>2003-09-29</em></td>
+      <td>Don't open *.hta or application/hta files</td>
+      <td><em>2003-09-29</em></td>
     </tr>
     <tr>
-      <td valign="top">60</td>
-      <td valign="top">Networking<br>
+      <td>60</td>
+      <td>Networking<br>
       </td>
-      <td valign="top">1.5 1.4.2</td>
-      <td valign="top">M1 to 1.4.1</td>
-      <td valign="top">Reading passwords</td>
-      <td valign="top">A malicious website could gain access to a user's
+      <td>1.5 1.4.2</td>
+      <td>M1 to 1.4.1</td>
+      <td>Reading passwords</td>
+      <td>A malicious website could gain access to a user's
         authentication credentials to a proxy server.
       </td>
-      <td valign="top">
+      <td>
         <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=220122">220122</a>
       </td>
-      <td valign="top">None</td>
-      <td valign="top"><em>2003-09-24</em></td>
+      <td>None</td>
+      <td><em>2003-09-24</em></td>
     </tr>
     <tr>
       <td>59</td>
       <td>JavaScript</td>
-      <td valign="top">firebird 0.7</td>
+      <td>firebird 0.7</td>
       <td>Firebird 0.6</td>
       <td>Run arbitrary code</td>
       <td>A website could gain chrome privileges by overriding the setter of a
@@ -743,7 +743,7 @@ <h3 id="nov-2003">November 2003 Update</h3>
     <tr>
       <td>58</td>
       <td>Mail</td>
-      <td valign="top">1.5</td>
+      <td>1.5</td>
       <td>M1 to 1.4</td>
       <td>Storing passwords on disk</td>
       <td>POP3 account passwords are saved to disk even when the user explicitly
@@ -754,53 +754,53 @@ <h3 id="nov-2003">November 2003 Update</h3>
       <td>2003-08-28</td>
     </tr>
     <tr>
-      <td valign="top">57</td>
-      <td valign="top">Cookies</td>
-      <td valign="top">1.5 1.4.1</td>
-      <td valign="top">M1 to 1.4</td>
-      <td valign="top">Read cookies set by another path</td>
-      <td valign="top">By requesting a cookie with a path containing the escape
+      <td>57</td>
+      <td>Cookies</td>
+      <td>1.5 1.4.1</td>
+      <td>M1 to 1.4</td>
+      <td>Read cookies set by another path</td>
+      <td>By requesting a cookie with a path containing the escape
         sequence "%2E%2E", a malicious web site would be able to read cookies
         from different paths.
       </td>
-      <td valign="top">
+      <td>
         <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=213012">213012</a></td>
-      <td valign="top">Disable Cookies</td>
-      <td valign="top"><em>2003-07-28</em></td>
+      <td>Disable Cookies</td>
+      <td><em>2003-07-28</em></td>
     </tr>
     <tr>
-      <td valign="top">56</td>
-      <td valign="top">JavaScript</td>
-      <td valign="top">1.4</td>
-      <td valign="top">M1 to 1.3</td>
-      <td valign="top">Determine whether a variable exists on a different domain</td>
-      <td valign="top">Cross-domain variable detection is possible using scopes (eval,
+      <td>56</td>
+      <td>JavaScript</td>
+      <td>1.4</td>
+      <td>M1 to 1.3</td>
+      <td>Determine whether a variable exists on a different domain</td>
+      <td>Cross-domain variable detection is possible using scopes (eval,
         with)
       </td>
-      <td valign="top">
+      <td>
         <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=158049">158049</a></td>
       <td>Disable JavaScript</td>
       <td><em>2003-06-02</em></td>
     </tr>
     <tr>
-      <td valign="top">55</td>
-      <td valign="top">JavaScript</td>
-      <td valign="top">1.4</td>
-      <td valign="top">M1 to 1.3</td>
-      <td valign="top">Cross-domain scripting</td>
-      <td valign="top">Executing custom setters or getters on a different domain is
+      <td>55</td>
+      <td>JavaScript</td>
+      <td>1.4</td>
+      <td>M1 to 1.3</td>
+      <td>Cross-domain scripting</td>
+      <td>Executing custom setters or getters on a different domain is
         possible.
       </td>
-      <td valign="top">
+      <td>
         <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=92773">92773</a>
       </td>
-      <td valign="top">Disable JavaScript</td>
-      <td valign="top"><em>2003-03-06</em></td>
+      <td>Disable JavaScript</td>
+      <td><em>2003-03-06</em></td>
     </tr>
     <tr>
       <td>54</td>
       <td>DOM</td>
-      <td valign="top">1.4</td>
+      <td>1.4</td>
       <td>M1 to 1.3</td>
       <td>Determine whether a URL was visited</td>
       <td>A website can use history.goURL to determine whether a URL was previously visited
@@ -812,7 +812,7 @@ <h3 id="nov-2003">November 2003 Update</h3>
     <tr>
       <td>53</td>
       <td>Cookies</td>
-      <td valign="top">1.3</td>
+      <td>1.3</td>
       <td>M1 to 1.2</td>
       <td>Read cookies set by another path</td>
       <td>Cookies set to path "abc" were able to be read by a page with path "abcd"</td>

diff --git a/bedrock/settings/static_media.py b/bedrock/settings/static_media.py
@@ -585,12 +585,6 @@
         ),
         'output_filename': 'css/installer_help-bundle.css',
     },
-    'hacks-blog-newsletter': {
-        'source_filenames': (
-            'css/newsletter/hacks-blog-newsletter.scss',
-        ),
-        'output_filename': 'css/hacks-blog-newsletter-bundle.css',
-    },
     'history-slides': {
         'source_filenames': (
             'css/mozorg/history-slides.less',
@@ -1413,15 +1407,6 @@
         ),
         'output_filename': 'js/geolocation-bundle.js',
     },
-    'hacks-blog-newsletter': {
-        'source_filenames': (
-            'js/libs/jquery-1.11.3.min.js',
-            'js/libs/spin.min.js',
-            'js/newsletter/form.js',
-            'js/newsletter/hacks-blog-newsletter.js',
-        ),
-        'output_filename': 'js/hacks-blog-newsletter-bundle.js',
-    },
     'home': {
         'source_filenames': (
             'js/libs/jquery.cycle2.min.js',

diff --git a/media/css/newsletter/hacks-blog-newsletter.scss b/media/css/newsletter/hacks-blog-newsletter.scss
diff --git a/media/css/privacy/privacy.less b/media/css/privacy/privacy.less
@@ -104,10 +104,6 @@
         display: none;
       }
     }
-
-    .underline {
-        text-decoration: underline;
-    }
   }
 }
 

diff --git a/media/css/security/security.less b/media/css/security/security.less
@@ -251,6 +251,10 @@ p.note {
         .span-all();
         .table {
             background: #fff;
+
+            td {
+                vertical-align: top;
+            }
         }
     }
 }