9a65a40178
Backed out 3 changesets (bug 1431533) for Android mochitest failures on testEventDispatcher on a CLOSED TREE
...
Backed out changeset a1eca62826a1 (bug 143153314315331431533
2018-01-30 07:17:48 +02:00
6476f95b13
Bug 1431533: Part 5a - Auto-rewrite code to use ChromeUtils import methods. r=florian
...
This was done using the following script:
37e3803c7a/processors/chromeutils-import.jsm
2018-01-29 15:20:18 -08:00
af8879d1eb
Backed out 2 changesets (bug 1431533) for ESlint failures on a CLOSED TREE
...
Backed out changeset 6e56f4c8843e (bug 14315331431533
2018-01-30 02:32:43 +02:00
c276bb9375
Bug 1431533: Part 5a - Auto-rewrite code to use ChromeUtils import methods. r=florian
...
This was done using the following script:
37e3803c7a/processors/chromeutils-import.jsm
2018-01-29 15:20:18 -08:00
7b23ba9165
Bug 1397740 - Removed security.xcto_nosniff_block_images from about:config r=ckerschb,fkiefer
...
MozReview-Commit-ID: HTalMWq694W
--HG--
extra : rebase_source : 0ce03ae0ed6bb754791f7aadb52bc6c55aa6c7cd
2018-01-05 10:43:17 +01:00
9d7a2186b4
Bug 1370468 - frame-ancestor tests added for userpass r=ckerschb,fkiefer
...
MozReview-Commit-ID: 4wW24JnxaKh
--HG--
extra : rebase_source : b926ea06208c1fbd91fe1a9fdee100f8cb21e8d1
2017-08-30 15:58:20 +02:00
16dba8baf1
Bug 1432137 - Add test to verify insecure redirects to data: URIs are blocked for script modules. r=jonco
2018-01-23 14:04:21 +01:00
d8e2caf90a
Bug 1428793: Test block insecure redirects to data: URIs. r=smaug
2018-01-23 09:58:06 +01:00
0319902c5b
Bug 1418243 - Fix mochitest failures due to violationDirective change. r=ckerschb
...
MozReview-Commit-ID: AphtAxYo6Hr
--HG--
extra : rebase_source : 24cd7773cb1f3583c524d142908f859ff5e88e8a
2018-01-16 23:00:00 +02:00
9d094a2464
Bug 1427302 - Stop supporting type=content-* on XUL <browser>s, r=bz
...
Was: Backed out changeset 83fbff91e9d2 (bug 1328605).
MozReview-Commit-ID: 2itUgw8Ogkl
--HG--
extra : rebase_source : bad855f0292b28eb61b1549a1d96914a792c0fb6
2018-01-10 19:37:29 +00:00
e97980a95e
Bug 1424917 - Remove support for HSTS Priming. r=mayhemer, r=ckerschb
...
This patch removes support and tests for HSTS priming from the tree.
2018-01-10 11:07:00 -05:00
41dae4c2d2
Bug 1425968 - Skip HSTS browser-chrome tests because the feature is being removed and they depend on an expiring Telemetry probe. r=kmckinley
2018-01-03 16:46:35 -05:00
032c961e0a
Bug 1421992 - script-generated patch to replace do_check_* functions with their Assert.* equivalents, rs=Gijs.
2017-12-21 11:08:17 +01:00
ffc0ed12d2
Bug 1425363 - remove onWindowTitleChanged given that nobody uses it, r=bgrins
...
MozReview-Commit-ID: ALslAwZo4K9
--HG--
extra : rebase_source : ca1add0015eea86128c0c5f209252ebb6a228998
2017-12-14 21:55:44 -06:00
4f18e92ffb
Bug 1334189 - Enable mochitest-plain for linux64-qr. r=jrmuizel
...
MozReview-Commit-ID: nbcWhDq5de
--HG--
extra : rebase_source : 25e2c2b8b996ae11cd25dee07d9092ba574a9e40
2017-12-13 18:38:39 -05:00
9f4d083047
Bug 1412456 - Test changes to no longer use interposition (r=felipe,bgrins,mrbkap)
...
MozReview-Commit-ID: 2nQPOSGTr1s
2017-12-07 12:55:24 -08:00
89531e8dc3
Backed out 9 changesets (bug 1412456) for crashing talos g2 and unexpected network connections in browser-chrome's browser_searchEngine_behaviors.js r=backout a=backout on a CLOSED TREE
...
Backed out changeset 0c01a98f4fd5 (bug 1412456)
Backed out changeset 27077db47231 (bug 1412456)
Backed out changeset f35ec2a884f8 (bug 1412456)
Backed out changeset 602b30ac3c69 (bug 1412456)
Backed out changeset b1ff1050c589 (bug 1412456)
Backed out changeset f100d953f9eb (bug 1412456)
Backed out changeset d85af60fe259 (bug 1412456)
Backed out changeset 736f38486832 (bug 1412456)
Backed out changeset 13a637602dc2 (bug 1412456)
2017-12-07 12:20:21 +02:00
bef7c122df
Bug 1412456 - Test changes to no longer use interposition (r=felipe,bgrins,mrbkap)
...
MozReview-Commit-ID: 2nQPOSGTr1s
2017-12-06 21:17:05 -08:00
eb65c24c7b
Backed out 8 changesets (bug 1412456) for ESlint failure on browser_urlbarKeepStateAcrossTabSwitches.js:13:49 r=backout on a CLOSED TREE
...
Backed out changeset 0e88de036c55 (bug 1412456)
Backed out changeset 49b93f807db0 (bug 1412456)
Backed out changeset 039e980b7dc6 (bug 1412456)
Backed out changeset c7698410ddbd (bug 1412456)
Backed out changeset e56a1ba26b7c (bug 1412456)
Backed out changeset 0c4506e124ac (bug 1412456)
Backed out changeset a7aec2ce903b (bug 1412456)
Backed out changeset 3e9fb71f1e8e (bug 1412456)
2017-12-07 07:09:33 +02:00
be77cf4a01
Bug 1412456 - Test changes to no longer use interposition (r=felipe,bgrins,mrbkap)
...
MozReview-Commit-ID: 2nQPOSGTr1s
2017-12-06 20:46:58 -08:00
e77ee731e9
Bug 1222924 - stop allowing webpages to link to moz-icon: , r=mrbkap
...
MozReview-Commit-ID: FKEDboWIfFQ
--HG--
extra : rebase_source : 801317b5746c6e84431c6a8f2097b83523646016
2017-11-22 21:31:41 +00:00
63739feac3
Bug 1037335 - Add a pref to enable only within Nightly and Early Beta. r=ckerschb,smaug
...
MozReview-Commit-ID: Bi82dHm53qX
--HG--
extra : rebase_source : 61a7c517afb2759d672a1c486213a73ef505a324
extra : amend_source : 572a2c8613fe36ae1ebd613a361bb23acc019912
2017-11-29 16:55:00 +02:00
a3b493b9ca
Bug 1037335 - Add a mochitest for security policy violation event. r=ckerschb
...
MozReview-Commit-ID: 7l5jJFEtIaT
--HG--
extra : rebase_source : 49b6794482f0be79919b20226aa571d6ebe066de
2017-11-29 16:54:00 +02:00
099e4fa549
Bug 1421458 - Add more initial configuration setup and prepare .eslintignore for enabling ESLint on more xpcshell-test directories. r=mossop
...
MozReview-Commit-ID: 4nbTuNNnAdZ
--HG--
extra : rebase_source : 7131f0ddad79d28615a5799c657972bd84a69180
2017-11-28 22:57:08 +00:00
1ea20715d4
Bug 1407891: Test navigation for right-click view-image on data:image/svg. r=bz
2017-11-08 17:43:26 +01:00
d5958a52e0
Bug 1403870: Test toplevel data URI navigation to application/json is allowed. r=smaug
2017-11-03 13:27:01 +01:00
60bd93b916
Bug 1403814 - Update tests for toplevel data URI blocking because we know block after we have received the response. r=smaug
2017-11-03 13:22:57 +01:00
8f13729a0f
Bug 1403814: Test navigation to data:text/csv. r=smaug
2017-10-11 22:47:12 +02:00
5703b12317
Bug 1302667 - CSP: Update test_child-src_worker.html because child-src falls back to script-src. r=dveditz,mckinley
2017-10-30 18:46:34 +01:00
67c85139df
Bug 1302667 - CSP: Test 'frame-src'. r=dveditz,mckinley
2017-10-30 18:46:19 +01:00
d1b704d00d
Bug 1302667 - CSP: Test 'worker-src'. r=dveditz,mckinley
2017-10-30 18:46:05 +01:00
5d54a394cc
Bug 1302667 - CSP: Add Parser test for 'worker-src'. r=dveditz,mckinley
2017-10-30 18:45:50 +01:00
75fc345254
bug 1406391 - Remove toolkit.telemetry.enabled manipulation from tests r=Dexter
...
Minor note:
reftests should've turned off uploadEnabled in the first place.
reftests should have unified telemetry on. It's the future.
MozReview-Commit-ID: 9spzuUAXwwP
2017-10-30 10:47:39 -04:00
44d1b50592
Backed out changeset 70ccfda99dbc::ca6ae38c0432 (bug 1302667) for frequently failing mochitest in security/test/csp/test_worker_src.html r=backout a=backout on a CLOSED TREE
...
Backed out changeset ca6ae38c0432 (bug 1302667)
Backed out changeset ff86e185e09d (bug 1302667)
Backed out changeset 8ec6b8bf8c6c (bug 1302667)
Backed out changeset 21c73f9d8fac (bug 1302667)
Backed out changeset e982481dbf2c (bug 1302667)
Backed out changeset 70ccfda99dbc (bug 1302667)
2017-10-30 14:19:29 +02:00
f74ce8742c
Bug 1302667 - CSP: Update test_child-src_worker.html because child-src falls back to script-src. r=dveditz,mckinley
2017-10-30 09:07:31 +01:00
3a0a307bf0
Bug 1302667 - CSP: Test 'frame-src'. r=dveditz,mckinley
2017-10-30 09:07:12 +01:00
5fc9f5eebd
Bug 1302667 - CSP: Test 'worker-src'. r=dveditz,mckinley
2017-10-30 09:06:53 +01:00
0de95dd051
Bug 1302667 - CSP: Add Parser test for 'worker-src'. r=dveditz,mckinley
2017-10-30 09:06:35 +01:00
4bc2b1615d
Backed out 4 changesets (bug 1408433, bug 1406391, bug 1408512) for crashing tests by touching the network contacting incoming.telemetry.mozilla.org on nightly builds
...
Backed out changeset 9bfd4b0927dc (bug 1408433)
Backed out changeset 555850d5107e (bug 1408512)
Backed out changeset 15d959b9123e (bug 1406391)
Backed out changeset e1f34ba9cecc (bug 1406391)
MozReview-Commit-ID: BVoGRsD73Hf
2017-10-27 21:08:27 -07:00
8e6dd31d55
bug 1406391 - Remove toolkit.telemetry.enabled manipulation from tests r=Dexter
...
Minor note:
reftests should've turned off uploadEnabled in the first place.
MozReview-Commit-ID: 9spzuUAXwwP
2017-10-27 10:59:43 -04:00
42bc28d260
Bug 1399956 - Disable some mochitests in headless. r=jrmuizel
...
These tests will need more work and are low priority.
MozReview-Commit-ID: H0J16E8FqNr
2017-10-16 16:15:45 -07:00
a8b72c7aa8
Bug 1380755 - Examine & report on frame-ancestors CSP in report-only mode. r=ckerschb
...
Despite what the comment here says, there is nowhere in the W3C CSP spec stating
that frame-ancestors should be ignored in report-only mode.
2017-07-17 14:19:57 -04:00
b0dac2b742
Bug 1403641: Test data: URI download. r=bz
2017-10-04 08:44:36 +02:00
a3d6a913cc
Bug 1402363: Test Mixed Content Redirect Blocking. r=tanvi,kate
2017-10-02 09:12:12 +02:00
ece368a815
Bug 1398692: Test toplevel navigation to a data:application/pdf. r=bz
2017-09-14 07:37:07 +02:00
d43805d4f6
Bug 1396320: Fix CSP sandbox regression for allow-scripts. r=dveditz
2017-09-07 09:11:38 +02:00
9db4e41781
Bug 1396798: Test toplevel data: URI navigation to images. r=smaug
2017-09-06 16:16:18 +02:00
11ddd453de
Bug 1394554: Test block data: URI toplevel navigations after redirect. r=smaug
2017-09-06 09:34:59 +02:00
8cc650c579
Bug 1394554: Test block data: URI toplevel navigations after redirect. r=smaug
2017-09-06 09:34:38 +02:00
90189a558c
Bug 863246 - Fix test failures r=Gijs
...
MozReview-Commit-ID: 8tUr27zvs8z
--HG--
extra : rebase_source : 997ace66c37098701d433508c682ed7621a78479
2017-07-19 17:30:01 +08:00
a8f25b8f67
Backed out changeset a7b0c6ddd812 (bug 863246)
2017-08-25 16:43:33 +02:00
2c9f10e897
Bug 863246 - Fix test failures r=Gijs
...
MozReview-Commit-ID: 8tUr27zvs8z
--HG--
extra : rebase_source : f9ce0f19c1cceeefac0a015d33b94bb787a34ffb
2017-07-19 17:30:01 +08:00
a33f11e0f5
Bug 1391803 - Use nsStringFwd.h for forward declaring string classes. r=froydnj
...
We should not be declaring forward declarations for nsString classes directly,
instead we should use nsStringFwd.h. This will make changing the underlying
types easier.
--HG--
extra : rebase_source : b2c7554e8632f078167ff2f609392e63a136c299
2017-08-16 16:48:52 -07:00
2ae1ae3098
Bug 1387871 - CSP: Test 'self' within meta csp in data: URI iframe. r=dveditz
2017-08-23 09:50:20 +02:00
d6143e40d8
Bug 1391011: CSP: Test upgrade-insecure-requests for toplevel navigations when base it https. r=smaug
2017-08-21 08:58:01 +02:00
366445521c
Merge m-c to autoland, a=merge
...
MozReview-Commit-ID: DjSlrmDFfe3
2017-08-16 17:14:41 -07:00
5c5de1568b
Bug 1390687 - remove versioned javascript and legacy generator code r=emk
...
MozReview-Commit-ID: 5f3NQdjQ68v
--HG--
extra : rebase_source : 6216fa33d168fb39b885f7cd0e4f7622af8dc3df
2017-08-15 16:08:16 -07:00
722233fed1
Bug 1376895 - Make preloaded browser use pre-existing content process. r=mconley
...
We want to avoid to have several cached content processes, one for each
preloaded browser (one per window) and one for the preallocated process.
For that we force the preloaded browser to choose an existing process and
during the first navigation in that tab, that leaves about:newtab, we re-run
the process selecting algorithm
2017-08-16 13:00:22 +02:00
eea1986e03
merge mozilla-inbound to mozilla-central a=merge
2017-08-16 11:23:24 +02:00
1fc6e56a12
merge autoland to mozilla-central a=merge
2017-08-16 11:20:31 +02:00
a478b0ef54
Backed out changeset adf5ed713e0d (bug 1376895)
2017-08-16 11:15:50 +02:00
a83fefd956
Bug 1390036 (part 1) - Remove most remaining uses of nsXPIDLString. r=erahm.
...
CompareCacheHashEntry::mCrit[] is the only case where the nsXPIDLString-ness
was important. The patch adds an explicit SetIsVoid() call to that class's
constructor and changes some null checks to IsVoid() checks.
--HG--
extra : rebase_source : e68befcde4dd098bac2a550bc666eaf3bf1298d7
2017-08-11 18:31:22 +10:00
3945278423
Merge m-c to autoland, a=merge
...
MozReview-Commit-ID: D96bIJACwZe
2017-08-15 19:16:12 -07:00
38894511bc
Bug 1390106 - Stop using versioned scripts in dom. r=mrbkap
...
MozReview-Commit-ID: 89KvCoTAg3I
--HG--
extra : rebase_source : 24831fa454a1cc6fff70a9b1eb509d0f5aeb800a
2017-08-14 20:42:55 +09:00
a53261ca24
Bug 1376895 - Make preloaded browser use pre-existing content process. r=mconley
...
We want to avoid to have several cached content processes, one for each
preloaded browser (one per window) and one for the preallocated process.
For that we force the preloaded browser to choose an existing process and
during the first navigation in that tab, that leaves about:newtab, we re-run
the process selecting algorithm
2017-08-15 14:05:17 +02:00
7f90eb21ad
Bug 1384741 - Part 4: Test that we don't send CSP violation reports for cached fonts we don't actually use. r=jfkthame
...
MozReview-Commit-ID: Hlu6Dp1Hc1D
2017-08-07 10:13:31 +08:00
d531dc4afb
Bug 1384741 - Part 2: Allow file_report_chromescript.js to listen for more than one CSP violation report. r=bz
...
MozReview-Commit-ID: 8ym5OqSUTMW
2017-08-07 10:11:04 +08:00
0262e6e6ac
Bug 1388552 - Export the HUDService object directly instead of individual methods and properties;r=nchevobbe
...
MozReview-Commit-ID: 9AYCuqqv1U7
--HG--
extra : rebase_source : 83612fd2c4edfde5c86cfc11a70682cc74ebfa12
2017-08-11 09:07:04 -07:00
32e5d77ba4
Bug 1387805 - Remove [deprecated] nsIScriptSecurityManager.getCodebasePrincipal(). r=bz
...
MozReview-Commit-ID: CY47PBaQ5oy
--HG--
extra : rebase_source : 6a82bae0d3caafadc772a08a1d392ab30c4ad914
2017-08-06 15:31:31 +09:00
a1341ccf6d
Bug 1387811 - Follow up for Test within Bug 1381761: CSP JSON is never null, hence it's better to check actual contents of JSON for testing. r=dveditz
2017-08-06 11:37:09 +02:00
4c276ebc38
Bug 1382869: Test data document should ignore meta csp. r=bz
2017-08-08 15:38:22 +02:00
8b713b2b0f
Bug 1375125 - Stop using nsILocalFile in the tree. r=froydnj
...
This mechanically replaces nsILocalFile with nsIFile in
*.js, *.jsm, *.sjs, *.html, *.xul, *.xml, and *.py.
MozReview-Commit-ID: 4ecl3RZhOwC
--HG--
extra : rebase_source : 412880ea27766118c38498d021331a3df6bccc70
2017-08-04 17:49:22 +09:00
092434c08c
Bug 1376651 - Pass the nsIScriptElement instead of allocating a string every time r=ckerschb
...
Change the interface to GetAlowsInline to take an nsISupports* instead
of a string, and pass the nsIScriptElement directly. If we don't have an
element, then pass nullptr or the mock string created as an
nsISupportsString.
MozReview-Commit-ID: pgIMxtplsi
--HG--
extra : rebase_source : 4691643bb67ff6c78a74a4886a04c4816cff6219
2017-07-27 11:01:24 -07:00
8b999864f0
Bug 1381761 - Test data: URIs inherit the CSP even if treated as unique, opaque origins. r=dveditz
2017-08-04 14:10:38 +02:00
38a3b36992
Bug 1386183 - Test Meta CSP on data: URI iframe to be merged with CSP from including context. r=dveditz
2017-08-03 10:52:27 +02:00
20689fef47
Backed out 2 changesets (bug 1376895) for breaking browser_identity_UI.js with assertions in nsPermissionManager.cpp a=backout
...
Backed out changeset 620d01ac103a (bug 1376895)
Backed out changeset 3a06ab7fda1a (bug 1376895)
MozReview-Commit-ID: 2C8kUg77dz8
2017-08-14 13:13:45 -07:00
7f2b53e79a
Bug 1376895 - Make preloaded browser use pre-existing content process. r=mconley
...
We want to avoid to have several cached content processes, one for each
preloaded browser (one per window) and one for the preallocated process.
For that we force the preloaded browser to choose an existing process and
during the first navigation in that tab, that leaves about:newtab, we re-run
the process selecting algorithm
2017-08-14 17:42:05 +02:00
ddd4030358
merge mozilla-inbound to mozilla-central. r=merge a=merge
...
MozReview-Commit-ID: IrMqWiJhwan
2017-08-01 11:23:57 +02:00
73558eac3d
Bug 1384834 (part 2) - Remove remaining uses of nsAdoptingCString. r=erahm.
...
--HG--
extra : rebase_source : 70a385a0a06bc88e728d51459e7460a68f15f7fb
2017-07-28 11:21:47 +10:00
d18fdecf67
Bug 1384834 (part 1) - Remove remaining uses of nsAdoptingString. r=erahm.
...
--HG--
extra : rebase_source : c81ee11b9d08198a000979760a8e29a01e9498d0
2017-07-28 11:21:45 +10:00
ef8d138ba7
Bug 1279218 - Remove tests related to the applet tag; r=bz
...
MozReview-Commit-ID: FzzA5Qic4Uq
--HG--
extra : rebase_source : 64206ee3e5073bafd822b23040fe6e24dda3463f
2017-07-10 16:15:16 -07:00
e4b4af3900
Bug 1331351: Disable mochitest on android. r=me
2017-07-25 13:33:50 +02:00
2d37dad0be
Bug 1331351: Test allow toplevel window data: URI navigations from system. r=smaug
2017-07-24 18:51:39 +02:00
e116c4627b
Bug 1331351: Test block toplevel window data: URI navigations. r=smaug
2017-07-24 18:52:01 +02:00
1ad55fc00a
Bug 1380683 - Fix test_frameNavigation.html to pass with webrender enabled. r=jhao
...
MozReview-Commit-ID: 7CiM1eAFNJU
--HG--
extra : rebase_source : 0900fcc0cee8d44957408929f5451093e1db0728
2017-07-13 11:17:16 -04:00
84d5adef43
Bug 1331730 - Log CORS messages from the content process r=bz,mayhemer
...
In e10s, a channel created by parent does not have a reliable reference
to the inner window ID that initiated the request. Without that, the
channel must request that the content process log and blocked messages
to the web console. This patch creates a new ipdl interface to pass the
message from the parent to the child process. The nsCORSListenerProxy
also needs to keep a reference to the nsIHttpChannel that created it so
it can find its way back to the child. Additionally, the
HttpChannelParent needs to be propagated when creating a new channel for
CORS.
MozReview-Commit-ID: 8CUhlVCTWxt
--HG--
extra : rebase_source : 350f39ad6f7ada39e88dfcc69c4f2c470e2be0de
2017-02-15 12:40:41 +09:00
a6583be403
Bug 1376238 - Skip browser_hsts-priming_include-subdomains.js on linux for intermittent failures; r=me,test-only
2017-07-12 10:48:29 -06:00
9ff74a50f4
Bug 1373513 - Part 3: Revert Bug 1363634. r=ckerschb
...
Revert what we did in Bug 1363634, from the spec, data:text/css should be same origin.
2017-07-12 11:00:34 +08:00
250d4b1ff8
Bug 1377426 - Set CSP on freshly created nullprincipal when iframe is sandboxed. r=dveditz
2017-07-11 08:48:37 +02:00
a039d5288b
Bug 1311239 - Intermittent dom/security/test/hsts/browser_hsts-priming_hsts_after_mixed.js. temporarily disable. r=gbrown
...
MozReview-Commit-ID: EWCAOjebfcH
2017-06-23 15:12:34 -04:00
fe9268c4cd
Bug 1374580 (part 2) - Remove nsAFlat{,C}String typedefs. r=froydnj.
...
All the instances are converted as follows.
- nsAFlatString --> nsString
- nsAFlatCString --> nsCString
--HG--
extra : rebase_source : b37350642c58a85a08363df2e7c610873faa6e41
2017-06-20 19:19:05 +10:00
66f6d259bc
Bug 1374282 - script generated patch to remove Task.jsm calls, r=Mossop.
2017-06-22 12:51:42 +02:00
10ee6a5c4e
Bug 1362970 - Part 2 - Script-generated patch to convert .then(null, ...) to .catch(...). r=florian
...
Changes to Promise tests designed to test .then(null) have been reverted, and the browser/extensions directory was excluded because the projects it contains have a separate process for accepting changes.
MozReview-Commit-ID: 1buqgX1EP4P
--HG--
extra : rebase_source : 3a9ea310d3e4a8642aabbc10636c04bfe2e77070
2017-06-19 11:32:37 +01:00
396962011a
Bug 1363546 - Store and report HSTS upgrade source r=francois,keeler,mayhemer p=francois
...
Add a field to the HSTS cache which indicates the source of the HSTS
entry if known, from the preload list, organically seen header, or HSTS
priming, or unknown otherwise. Also adds telemetry to collect the source
when upgrading in NS_ShouldSecureUpgrade.
MozReview-Commit-ID: 3IwyYe3Cn73
--HG--
extra : rebase_source : 9b8daac3aa02bd7a1b4285fb1e5731a817a76b7f
2017-05-23 15:31:37 -07:00
37a7ace256
Bug 1359987 - Update HSTS priming telemetry r=ckerschb,francois,mayhemer p=francois
...
Collect telemetry for all requests to get an exact percentage of
requests that are subject to HSTS priming, and how many result in an
HSTS Priming request being sent. Clean up telemetry to remove instances
of double counting requests if a priming request was sent.
HSTSPrimingListener::ReportTiming was using mCallback to calculate
timing telemetry, but we were calling swap() on the nsCOMPtr. Give it an
explicit argument for the callback.
Add tests for telemetry values to all of the HSTS priming tests. This
tests for the minimum as telemetry may be gathered on background or
other requests.
MozReview-Commit-ID: 5V2Nf0Ugc3r
--HG--
extra : rebase_source : daa357219a77d912a78b95a703430f39d884c6ab
2017-05-09 15:36:07 -07:00
0d10a7c233
Bug 1024557 - Test XFO is ignored when frame-ancestors is present. r=smaug
2017-06-07 10:12:55 +02:00
b6b3bb161d
Bug 1367531: Update CSP frame ancestors test to make sure paths are ignored. r=dveditz
2017-06-06 09:12:32 +02:00
7aef584058
Bug 1363634 - rewrite test_style_crossdomain.html. r=ckerschb
...
data:text/css should be considered as a CORS request, and should be
blocked if crossorigin is not specified.
Also move the original test to test_style-crossdomain_legacy.html
--HG--
rename : dom/security/test/sri/iframe_style_crossdomain.html => dom/security/test/sri/iframe_style_crossdomain_legacy.html
2017-05-23 09:02:06 +08:00
c10dd4c73c
Bug 1364262 - Convert SRI metadata to ASCII before parsing it. r=ckerschb
...
MozReview-Commit-ID: Ekw8lNzDvou
--HG--
extra : rebase_source : a2fe92e804b5b690856c44783e88d815e38e2922
2017-05-16 17:33:22 -07:00
e4f38c8d7c
Bug 1362993 - Rewrite gBrowser.addTab() to use BrowserTestUtils.addTab(). r=florian
2017-05-15 21:49:50 +02:00
5e41427024
Bug 903966 - Stop blocking ' http://127.0.0.1/ ' as mixed content. r=ckerschb,kmckinley
...
According to the spec, content from loopback addresses should no longer
be treated as mixed content even in secure origins. See:
- 349501cdaahttps://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy
Note that we only whitelist '127.0.0.1' and '::1' to match Chrome 53 and
later. See:
- 130ee686fahttps://github.com/w3c/web-platform-tests/pull/5304
2017-05-10 20:50:00 +03:00
b9a841105c
Bug 1355801: Nonce should not apply to images tests. r=dveditz
2017-05-10 08:53:27 +02:00
58bdcd15b5
Bug 1345615: Disable websocket tests on android. r=test-fix
2017-04-27 17:28:13 +02:00
9a3cfa6017
Bug 1334776 - Store header names into nsHttpHeaderArray. r=mcmanus
2017-04-27 16:48:36 +02:00
62c0c912c8
Bug 1345615: Test websocket schemes when using 'self' in CSP. r=freddyb,dveditz
2017-04-27 09:59:35 +02:00
37ff4fc7cc
Bug 1356569 - Remove addObserver's last parameter when it is false, r=jaws.
2017-04-14 21:51:38 +02:00
a07223d699
Backed out changeset 322fde2d53bf (bug 1356569) so bug 1355161 can be backed out. r=backout
2017-04-14 23:39:22 +02:00
95d4d20c17
Bug 1356569 - Remove addObserver's last parameter when it is false, r=jaws.
2017-04-14 21:51:38 +02:00
cdf987089d
Bug 1107904 - Remove packed.js and references to it as it is unused. r=standard8
...
MozReview-Commit-ID: K5TLF92pHq4
--HG--
extra : rebase_source : 295bf325a07fa8ec4c55a8babf5418588308dca6
2017-04-12 11:10:00 +01:00
694ea4ea3b
Bug 1183300 - Intermittent dom/security/test/csp/test_upgrade_insecure.html. disable on win7. r=ckerschb,gbrown
...
MozReview-Commit-ID: AslnFrYGOVw
2017-04-09 05:43:47 -04:00
d082c41757
Bug 1322044 - Only mark a subdomain cached when includeSubDomains is true r=ckerschb,keeler
...
MozReview-Commit-ID: 3lFkuLauyGg
--HG--
extra : rebase_source : c356f1d4bef73b634eed6ca4d8078281ebc3ce3c
2017-02-13 13:36:01 +09:00
2c716cd273
Bug 1347817 - Principal must always have a valid origin - part 6 - fixing tests, r=ehsan
2017-03-29 15:28:46 +02:00
eadf7b5c6e
Backed out changeset 4af10700c64c (bug 1347817)
2017-03-29 11:17:04 +02:00
4b77f4a4b9
Bug 1347817 - Principal must always have a valid origin - part 6 - fixing tests, r=ehsan
2017-03-29 08:27:17 +02:00
f49ee1fdca
Bug 1316305 - Explicilty call .close() for websocket in test. r=baku
2017-03-22 13:04:02 +01:00
56207a1b8b
Bug 1073952: tests for iframe sandbox srcdoc and data URIs with CSP r=ckerschb,Tomcat
...
MozReview-Commit-ID: 5Q8XIJPrRPk
--HG--
extra : rebase_source : 391431d3585173d096ab58747a854542dfd3adca
2017-01-30 14:12:15 +01:00
17c2bf2604
Bug 1224225: Tests for punycode/unicode in CSP source matching code r=ckerschb,KWierso
...
MozReview-Commit-ID: 21Mr9ekUvnk
--HG--
extra : rebase_source : be5d673efaa31e322fea5da5ff4e7e6fa749daca
2017-03-15 13:22:55 +01:00
658552e990
Bug 1316305 - Add debug information for test_upgrade_insecure_requests. r=jmaher
2017-03-13 12:00:46 +01:00
6b1858e254
Bug 1340181 - Hide Activity Stream URL in URLbar r=fkiefer,mconley
...
MozReview-Commit-ID: F0P5tn2wyG
--HG--
extra : rebase_source : a9f766913b8340e12a4f526dc741e8ed752e6acf
2017-02-22 13:18:09 -05:00
7be7b11a1c
Bug 1342144 - Remove version parameter from the type attribute of script elements. r=jmaher
...
This patch is generated by the following sed script:
find . ! -wholename '*/.hg*' -type f \( -iname '*.html' -o -iname '*.xhtml' -o -iname '*.xul' -o -iname '*.js' \) -exec sed -i -e 's/\(\(text\|application\)\/javascript\);version=1.[0-9]/\1/g' {} \;
MozReview-Commit-ID: AzhtdwJwVNg
--HG--
extra : rebase_source : e8f90249454c0779d926f87777f457352961748d
2017-02-23 06:10:07 +09:00
51bcce91f3
Bug 1316305 - Intermittent dom/security/test/csp/test_upgrade_insecure.html. disabled on osx. r=gbrown
...
MozReview-Commit-ID: FyX1wqxhyT7
2017-02-24 12:33:21 -05:00
3e72a08b95
Bug 1339394 - Don't serialize transparent color to transparent keyword when not necessary. r=heycam,jaws
...
MozReview-Commit-ID: 59cmaCoFJMR
--HG--
extra : rebase_source : 3b927d3c056b66e98f457de1726cf9d459eb8708
2017-02-16 10:26:13 +11:00
6582faf6eb
Bug 1338251 - Remove remaining legacy generator from dom/security/test/hsts/. r=smaug
2017-02-11 01:53:23 +09:00
af9b4969e3
Bug 1334838 - Avoid matching same host with a non-test URI a=testonly r=ckerschb
...
MozReview-Commit-ID: 7Ok7FXFtMoH
--HG--
extra : rebase_source : 99e6beac73e043e9d6174277ab9458fe8d7556c7
2017-02-08 11:28:29 +08:00
456a4733d7
Bug 1336654 - update expired certs and signatures for content signature tests, r=mgoodwin
...
--HG--
extra : rebase_source : ec6a62f2f8d651f6e2cc8d4dade93d9647d03a10
2017-02-06 10:07:49 +01:00
f9c7eaa259
Bug 1336654 - Skip the suddenly permafailing tests to reopen the tree a=me CLOSED TREE
...
MozReview-Commit-ID: 1KLjbaojvYc
2017-02-03 17:17:51 -08:00
43b97e9ea3
Bug 1288768 - Better error reporting for network errors in workers - WPT, r=bz
2017-01-28 15:40:08 +01:00
5d4072a82c
Merge m-i to m-c, a=merge
2017-01-28 13:09:00 -08:00
439b10ced6
Backed out 2 changesets (bug 1288768) for wptlint failure
...
Backed out changeset 3361d527f683 (bug 1288768)
Backed out changeset d8b8219c20d6 (bug 1288768)
2017-01-28 08:10:26 -08:00
cab859bea8
Bug 1288768 - Better error reporting for network errors in workers - WPT, r=bz
2017-01-28 15:40:08 +01:00
0baeefeea1
Bug 1328460 - Don't send priming to IP or non-standard ports r=ckerschb
...
MozReview-Commit-ID: GLyLfp8gqYt
--HG--
extra : rebase_source : f722504803ed63c5d3be9b84d5053cb1abea984e
2017-01-23 14:01:43 -08:00
b11907c7aa
Bug 1334156 - script-generated patch to replace .ownerDocument.defaultView with .ownerGlobal, r=jaws.
2017-01-27 10:51:03 +01:00
2cf30507bd
Bug 1334261 - script-generated patch to remove more newURI null parameters, r=jaws.
2017-01-27 10:51:02 +01:00
be4dbae285
Bug 1334199 - script-generated patch to omit getComputedStyle's second argument when it's falsy, r=jaws.
2017-01-27 10:51:02 +01:00
3317135d5c
Backed out 3 changesets (bug 1073952) for test_iframe_srcdoc.html failures a=backout
...
Backed out changeset e63233859ee1 (bug 1073952)
Backed out changeset 5534087efac3 (bug 1073952)
Backed out changeset 1e631015acc8 (bug 1073952)
MozReview-Commit-ID: Fmrv8mz4HYI
2017-01-27 10:37:05 -08:00
2c0ed9cf64
Bug 1334242 - add BUG_COMPONENT to dom/security/* files. r=ckerschb
...
MozReview-Commit-ID: EeYWpLBI5G5
2017-01-27 08:18:50 -05:00
d15c007015
Bug 1073952 - Part 2 - tests for iframe sandbox srcdoc and data URIs with CSP r=ckerschb,dveditz
...
MozReview-Commit-ID: DPJRqEut5pu
2017-01-27 01:05:00 +01:00
f72672a461
Bug 1073952: inherit CSP into iframe sandbox srcdoc r=ckerschb,dveditz
...
MozReview-Commit-ID: KTzCLoDfYnd
2017-01-27 01:05:00 +01:00
52276acb40
Bug 1271173 - Test upgrade-insecure-requests for navigational requests. r=smaug,freddyb
2016-05-09 13:37:49 +02:00
dd581118f0
Bug 1329288 - Test ContentPolicy blocks opening a new window. r=smaug
2017-01-22 17:42:42 +01:00
040a162daf
Backed out changeset 828efd8ce683 (bug 1329288)
2017-01-22 13:09:53 +01:00
5b0e184329
Bug 1329288 - Test ContentPolicy blocks opening a new window. r=smaug
2017-01-22 07:30:10 +01:00
16e6d381ac
Bug 503613 - Remove old 'tail =' lines from xpcshell.ini files; r=gps
...
MozReview-Commit-ID: 62Hp5ISxowJ
--HG--
extra : rebase_source : daa8efb3409031fea553f4fd0c9d0746e38dc308
extra : histedit_source : b4c23aacf678ba0d0ac9c09191a7c494ead11a08
2017-01-18 10:30:39 +00:00
4ef7762311
Bug 1331838 - Remove support for app URIs in CSP directives; r=ckerschb
2017-01-18 15:18:29 -05:00
ee5969e9c2
Backout changeset 7040329487e9 (bug 1331838) because it was the wrong patch
2017-01-18 15:18:29 -05:00
842ce9fb2d
Bug 1331838 - Remove support for app URIs in CSP directives; r=ckerschb
2017-01-18 13:11:42 -05:00
85611a7b6d
Bug 1331081 - script generated patch to omit addEventListener/removeEventListener's third parameter when it's false, r=jaws.
...
--HG--
extra : rebase_source : a22344ee1569f58f1f0a01017bfe0d46a6a14602
2017-01-17 11:50:25 +01:00
edae411c07
Bug 1313595 - Lower HSTS priming timeout r=mayhemer
...
MozReview-Commit-ID: 5wOqtYM1MfD
--HG--
extra : rebase_source : 78cb81a9223c80b93b2c574846111eb3bad91c03
2016-12-08 11:07:55 -10:00
ab089bc866
Bug 1324870 - Skip test_bug803225.html and test_ext_downloads_misc.js on linux32 only, to enable taskcluster migration; r=jmaher
2017-01-05 16:34:47 -07:00
8ca3b2dc24
Backed out changeset 724fdfe8f396 (bug 1324870)
2017-01-05 12:21:31 -05:00
Cosmin Sabou
Kris Maglione
Brindusan Cristian
vinoth
Christoph Kerschbaumer
Chung-Sheng Fu
Gijs Kruitbosch
Kate McKinley
Ryan VanderMeulen
Florian Quèze
Kartikaya Gupta
Bill McCloskey
Andreea Pavel
Dorel Luca
Mark Banner
Chris H-C
Coroiu Cristina
Phil Ringnalda
Brendan Dahl
Jason Tarka
Sebastian Hengst
Eric Rahm
Wes Kocher
Gabor Krizsanits
Carsten "Tomcat" Book
Nicholas Nethercote
Masatoshi Kimura
Cameron McCormack
Brian Grinstead
Kyle Machulis
Geoff Brown
Yoshi Huang
Joel Maher
Paolo Amadini
Francois Marier
Birunthan Mohanathas
Dragana Damjanovic
Dan Banner
Andrea Marchesini
Frederik Braun
Ursula Sarracini
Xidorn Quan
Tooru Fujisawa
Franziskus Kiefer
Ehsan Akhgari
Iris Hsiao