Re-Establishing Trust In the Web
by Amir Herzberg and Ahmad Jbara

Listing One

1. <overlay id="TrustBarOverlay"
       xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
2. <window id="main-window" onload="Init()" >
3. <script type="application/x-javascript"
       src="chrome://safergn/content/safergn.js" />
4. <script type="application/x-javascript"
       src="chrome://safergn/content/TrustBarGlobalFunctions.js" />
5. <popupset>
6. <popup id="safergnMnu">
7. <menuitem id="dialogmenuId"
       label="Show identification details dialog" disabled="true"
8. oncommand="ShowLogoDialog(true);"/>
9. <menuitem id="resetmenuId" label="Reset..."  oncommand="Reset();"/>
10. <menuitem id="aboutmenuId" label=
      "About TrustBar" oncommand="openAboutDlg()"/>
11. </popup>
12. </popupset>
13. <hbox id="TrustBarBox" insertbefore="mainCommandSet"
       context="safergnMnu" align="center">
14. <image id="OrgImgId" maxheight="45" status="none" />
15. <label id="OrgTxtId" hidden="false" class="header"/>
16. <label id="CertifiedBy" value="Identified by "
      class="header" hidden="true"/>
17. <image id="IssuerImgId" maxheight="45"/>
18. <label id="IssuerTxtId" class="header"/>
19. <label id="CANotVerByUserId" class="header" hidden="true"/>
20. <button id="whatId" label="what does it means?"
       oncommand="ShowLogoDialog(true);"/>
21. <button id="fraudId" label="suspect fraud?"
       oncommand="reportFraud(CLocation)"/>
22. </hbox>
23. </window>
24. <popup id="contentAreaContextMenu">
25. <menuitem id="logomnuId" insertafter="context-setWallpaper"
        label="Set As Site Logo"
        hidden="true" oncommand="GetPointedImage(Sdir);"/>
26. </popup>
27. </overlay>


Listing Two

1. function init
2. {
3. Startup();
4. br = top.document.getElementById("content");
5. br.addProgressListener(TrustBarProgressListener);
6. gid=document.getElementById("OrgTxtId");
7. CreateLogoDir();
8. }


Listing Three

1. var TrustBarProgressListener = {
2. onStateChange: function(webProgress, request, stateFlags, status)
3. {  },
4. onProgressChange: function(webProgress, request,
        curSelfProgress, maxSelfProgress, curTotalProgress,maxTotalProgress)
5. {},
6. onStatusChange: function(webProgress, request, status, message)
7. {},
8. onLocationChange : function(aWebProgress, aRequest, aLocation)
9. {CLocation=aLocation; },
10. onSecurityChange: function(webProgress, request, aState)
11. {
12. const wpl = Components.interfaces.nsIWebProgressListener;
13.  switch (aState)
14.  {
15. case wpl.STATE_IS_SECURE | wpl.STATE_SECURE_HIGH:
16.    sCert=pickServerCert();
17.    if (verifySSLCertificate(status.serverCert))
18.     {
19.        constructSecureUI();
21.        var newCA=updateLocalDB(sCert);
22.        showTrustBarDialog(newCA);
23.      }
24.    else
25.      badVerification();break
26. case wpl.STATE_IS_INSECURE:
27.  destructSecureUI();
28.  constructInsecureUI();
29. break
30. }
31. }
32. }



