Bug 1905323 - Fully remove confirm auth prompts, prefs, and related tests. r=emz,necko-reviewers,extension-reviewers,valentin,robwu,urlbar-reviewers,Sasha

Differential Revision: https://phabricator.services.mozilla.com/D271294

Author: KipChelilim

accessible/tests/browser/tree/browser_test_nsIAccessibleDocument_URL.js

@@ -35,9 +35,6 @@ add_task(async function testInDataURI() {
 });
 
 add_task(async function testInHTTPSURIContainingPrivateThings() {
-  await SpecialPowers.pushPrefEnv({
-    set: [["network.auth.confirmAuth.enabled", false]],
-  });
   const kURL =
     "https://username:[email protected]/browser/toolkit/content/tests/browser/file_empty.html?query=some#ref";
   const kURLWithoutUserPass =

browser/components/urlbar/tests/browser/browser_UrlbarInput_setURI.js

@@ -4,18 +4,9 @@
 
 function test() {
   waitForExplicitFinish();
-
-  // avoid prompting about phishing
-  Services.prefs.setIntPref(phishyUserPassPref, 32);
-  registerCleanupFunction(function () {
-    Services.prefs.clearUserPref(phishyUserPassPref);
-  });
-
   nextTest();
 }
 
-const phishyUserPassPref = "network.http.phishy-userpass-length";
-
 function nextTest() {
   let testCase = tests.shift();
   if (testCase) {

browser/components/urlbar/tests/browser/browser_copying.js

@@ -28,8 +28,6 @@ async function test_copy_values(testValues, trimHttps) {
       ["browser.urlbar.scotchBonnet.enableOverride", false],
       ["browser.urlbar.trimURLs", true],
       ["browser.urlbar.trimHttps", trimHttps],
-      // avoid prompting about phishing
-      ["network.http.phishy-userpass-length", 32],
     ],
   });
 

browser/modules/test/browser/browser_SitePermissions_tab_urls.js

@@ -12,11 +12,6 @@ function newPrincipal(origin) {
 
 // This tests the key used to store the URI -> permission map on a tab.
 add_task(async function testTemporaryPermissionTabURLs() {
-  // Prevent showing a dialog for https://name:password@example.com
-  SpecialPowers.pushPrefEnv({
-    set: [["network.http.phishy-userpass-length", 2048]],
-  });
-
   // This usually takes about 60 seconds on 32bit Linux debug,
   // due to the combinatory nature of the test that is hard to fix.
   requestLongerTimeout(2);

dom/security/nsHTTPSOnlyUtils.cpp

@@ -775,7 +775,7 @@ bool nsHTTPSOnlyUtils::HttpsUpgradeUnrelatedErrorCode(nsresult aError) {
          NS_ERROR_UNKNOWN_HOST == aError || NS_ERROR_PHISHING_URI == aError ||
          NS_ERROR_MALWARE_URI == aError || NS_ERROR_UNWANTED_URI == aError ||
          NS_ERROR_HARMFUL_URI == aError || NS_ERROR_CONTENT_CRASHED == aError ||
-         NS_ERROR_FRAME_CRASHED == aError || NS_ERROR_SUPERFLUOS_AUTH == aError;
+         NS_ERROR_FRAME_CRASHED == aError;
 }
 
 /* ------ Logging ------ */

dom/security/test/https-first/browser.toml

@@ -101,8 +101,6 @@ support-files = [
   "file_subdocument_downgrade.sjs",
 ]
 
-["browser_superfluos_auth.js"]
-
 ["browser_tlds.js"]
 
 ["browser_upgrade_onion.js"]

dom/security/test/https-first/browser_superfluos_auth.js

@@ -139,7 +139,6 @@ XPC_MSG_DEF(NS_ERROR_FIRST_HEADER_FIELD_COMPONENT_EMPTY, "Couldn't extract first
 XPC_MSG_DEF(NS_ERROR_ALREADY_CONNECTED              , "The connection is already established")
 XPC_MSG_DEF(NS_ERROR_NOT_CONNECTED                  , "The connection does not exist")
 XPC_MSG_DEF(NS_ERROR_CONNECTION_REFUSED             , "The connection was refused")
-XPC_MSG_DEF(NS_ERROR_SUPERFLUOS_AUTH                , "User refused navigation to potentially unsafe URL with embedded credentials/superfluos authentication")
 XPC_MSG_DEF(NS_ERROR_BASIC_HTTP_AUTH_DISABLED       , "User attempted basic HTTP authentication when it is disabled")
 XPC_MSG_DEF(NS_ERROR_LOCAL_NETWORK_ACCESS_DENIED    , "The access to local network is denied")
 

js/xpconnect/src/xpc.msg

@@ -13298,13 +13298,6 @@
   value: false
   mirror: always
 
-# Whether to show anti-spoof confirmation prompts when navigating to a url
-# with userinfo
-- name: network.auth.confirmAuth.enabled
-  type: bool
-  value: false
-  mirror: always
-
 # Whether to display auth prompts if X-Frame-Options header will block loading
 # page
 - name: network.auth.supress_auth_prompt_for_XFO_failures
@@ -16932,12 +16925,6 @@
   value: 2
   mirror: always
 
-# nsHttpChannelAuthProvider#ConfirmAuth anti-phishing prompts.
-- name: prompts.modalType.confirmAuth
-  type: int32_t
-  value: 2
-  mirror: always
-
 #---------------------------------------------------------------------------
 # Prefs starting with "security."
 #---------------------------------------------------------------------------

modules/libpref/init/StaticPrefList.yaml

@@ -13,9 +13,6 @@ DirColSize=Size
 DirColMTime=Last Modified
 DirFileLabel=File:
 
-SuperfluousAuth=You are about to log in to the site “%1$S” with the username “%2$S”, but the website does not require authentication. This may be an attempt to trick you.\n\nIs “%1$S” the site you want to visit?
-AutomaticAuth=You are about to log in to the site “%1$S” with the username “%2$S”.
-
 TrackerUriBlockedByETP=The resource at “%1$S” was blocked because Enhanced Tracking Protection is enabled.
 UnsafeUriBlocked=The resource at “%1$S” was blocked by Safe Browsing.