5e41427024
Bug 903966 - Stop blocking ' http://127.0.0.1/ ' as mixed content. r=ckerschb,kmckinley
...
According to the spec, content from loopback addresses should no longer
be treated as mixed content even in secure origins. See:
- 349501cdaahttps://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy
Note that we only whitelist '127.0.0.1' and '::1' to match Chrome 53 and
later. See:
- 130ee686fahttps://github.com/w3c/web-platform-tests/pull/5304
2017-05-10 20:50:00 +03:00
b9a841105c
Bug 1355801: Nonce should not apply to images tests. r=dveditz
2017-05-10 08:53:27 +02:00
58bdcd15b5
Bug 1345615: Disable websocket tests on android. r=test-fix
2017-04-27 17:28:13 +02:00
9a3cfa6017
Bug 1334776 - Store header names into nsHttpHeaderArray. r=mcmanus
2017-04-27 16:48:36 +02:00
62c0c912c8
Bug 1345615: Test websocket schemes when using 'self' in CSP. r=freddyb,dveditz
2017-04-27 09:59:35 +02:00
37ff4fc7cc
Bug 1356569 - Remove addObserver's last parameter when it is false, r=jaws.
2017-04-14 21:51:38 +02:00
a07223d699
Backed out changeset 322fde2d53bf (bug 1356569) so bug 1355161 can be backed out. r=backout
2017-04-14 23:39:22 +02:00
95d4d20c17
Bug 1356569 - Remove addObserver's last parameter when it is false, r=jaws.
2017-04-14 21:51:38 +02:00
cdf987089d
Bug 1107904 - Remove packed.js and references to it as it is unused. r=standard8
...
MozReview-Commit-ID: K5TLF92pHq4
--HG--
extra : rebase_source : 295bf325a07fa8ec4c55a8babf5418588308dca6
2017-04-12 11:10:00 +01:00
694ea4ea3b
Bug 1183300 - Intermittent dom/security/test/csp/test_upgrade_insecure.html. disable on win7. r=ckerschb,gbrown
...
MozReview-Commit-ID: AslnFrYGOVw
2017-04-09 05:43:47 -04:00
d082c41757
Bug 1322044 - Only mark a subdomain cached when includeSubDomains is true r=ckerschb,keeler
...
MozReview-Commit-ID: 3lFkuLauyGg
--HG--
extra : rebase_source : c356f1d4bef73b634eed6ca4d8078281ebc3ce3c
2017-02-13 13:36:01 +09:00
2c716cd273
Bug 1347817 - Principal must always have a valid origin - part 6 - fixing tests, r=ehsan
2017-03-29 15:28:46 +02:00
eadf7b5c6e
Backed out changeset 4af10700c64c (bug 1347817)
2017-03-29 11:17:04 +02:00
4b77f4a4b9
Bug 1347817 - Principal must always have a valid origin - part 6 - fixing tests, r=ehsan
2017-03-29 08:27:17 +02:00
f49ee1fdca
Bug 1316305 - Explicilty call .close() for websocket in test. r=baku
2017-03-22 13:04:02 +01:00
56207a1b8b
Bug 1073952: tests for iframe sandbox srcdoc and data URIs with CSP r=ckerschb,Tomcat
...
MozReview-Commit-ID: 5Q8XIJPrRPk
--HG--
extra : rebase_source : 391431d3585173d096ab58747a854542dfd3adca
2017-01-30 14:12:15 +01:00
17c2bf2604
Bug 1224225: Tests for punycode/unicode in CSP source matching code r=ckerschb,KWierso
...
MozReview-Commit-ID: 21Mr9ekUvnk
--HG--
extra : rebase_source : be5d673efaa31e322fea5da5ff4e7e6fa749daca
2017-03-15 13:22:55 +01:00
658552e990
Bug 1316305 - Add debug information for test_upgrade_insecure_requests. r=jmaher
2017-03-13 12:00:46 +01:00
6b1858e254
Bug 1340181 - Hide Activity Stream URL in URLbar r=fkiefer,mconley
...
MozReview-Commit-ID: F0P5tn2wyG
--HG--
extra : rebase_source : a9f766913b8340e12a4f526dc741e8ed752e6acf
2017-02-22 13:18:09 -05:00
7be7b11a1c
Bug 1342144 - Remove version parameter from the type attribute of script elements. r=jmaher
...
This patch is generated by the following sed script:
find . ! -wholename '*/.hg*' -type f \( -iname '*.html' -o -iname '*.xhtml' -o -iname '*.xul' -o -iname '*.js' \) -exec sed -i -e 's/\(\(text\|application\)\/javascript\);version=1.[0-9]/\1/g' {} \;
MozReview-Commit-ID: AzhtdwJwVNg
--HG--
extra : rebase_source : e8f90249454c0779d926f87777f457352961748d
2017-02-23 06:10:07 +09:00
51bcce91f3
Bug 1316305 - Intermittent dom/security/test/csp/test_upgrade_insecure.html. disabled on osx. r=gbrown
...
MozReview-Commit-ID: FyX1wqxhyT7
2017-02-24 12:33:21 -05:00
3e72a08b95
Bug 1339394 - Don't serialize transparent color to transparent keyword when not necessary. r=heycam,jaws
...
MozReview-Commit-ID: 59cmaCoFJMR
--HG--
extra : rebase_source : 3b927d3c056b66e98f457de1726cf9d459eb8708
2017-02-16 10:26:13 +11:00
6582faf6eb
Bug 1338251 - Remove remaining legacy generator from dom/security/test/hsts/. r=smaug
2017-02-11 01:53:23 +09:00
af9b4969e3
Bug 1334838 - Avoid matching same host with a non-test URI a=testonly r=ckerschb
...
MozReview-Commit-ID: 7Ok7FXFtMoH
--HG--
extra : rebase_source : 99e6beac73e043e9d6174277ab9458fe8d7556c7
2017-02-08 11:28:29 +08:00
456a4733d7
Bug 1336654 - update expired certs and signatures for content signature tests, r=mgoodwin
...
--HG--
extra : rebase_source : ec6a62f2f8d651f6e2cc8d4dade93d9647d03a10
2017-02-06 10:07:49 +01:00
f9c7eaa259
Bug 1336654 - Skip the suddenly permafailing tests to reopen the tree a=me CLOSED TREE
...
MozReview-Commit-ID: 1KLjbaojvYc
2017-02-03 17:17:51 -08:00
43b97e9ea3
Bug 1288768 - Better error reporting for network errors in workers - WPT, r=bz
2017-01-28 15:40:08 +01:00
5d4072a82c
Merge m-i to m-c, a=merge
2017-01-28 13:09:00 -08:00
439b10ced6
Backed out 2 changesets (bug 1288768) for wptlint failure
...
Backed out changeset 3361d527f683 (bug 1288768)
Backed out changeset d8b8219c20d6 (bug 1288768)
2017-01-28 08:10:26 -08:00
cab859bea8
Bug 1288768 - Better error reporting for network errors in workers - WPT, r=bz
2017-01-28 15:40:08 +01:00
0baeefeea1
Bug 1328460 - Don't send priming to IP or non-standard ports r=ckerschb
...
MozReview-Commit-ID: GLyLfp8gqYt
--HG--
extra : rebase_source : f722504803ed63c5d3be9b84d5053cb1abea984e
2017-01-23 14:01:43 -08:00
b11907c7aa
Bug 1334156 - script-generated patch to replace .ownerDocument.defaultView with .ownerGlobal, r=jaws.
2017-01-27 10:51:03 +01:00
2cf30507bd
Bug 1334261 - script-generated patch to remove more newURI null parameters, r=jaws.
2017-01-27 10:51:02 +01:00
be4dbae285
Bug 1334199 - script-generated patch to omit getComputedStyle's second argument when it's falsy, r=jaws.
2017-01-27 10:51:02 +01:00
3317135d5c
Backed out 3 changesets (bug 1073952) for test_iframe_srcdoc.html failures a=backout
...
Backed out changeset e63233859ee1 (bug 1073952)
Backed out changeset 5534087efac3 (bug 1073952)
Backed out changeset 1e631015acc8 (bug 1073952)
MozReview-Commit-ID: Fmrv8mz4HYI
2017-01-27 10:37:05 -08:00
2c0ed9cf64
Bug 1334242 - add BUG_COMPONENT to dom/security/* files. r=ckerschb
...
MozReview-Commit-ID: EeYWpLBI5G5
2017-01-27 08:18:50 -05:00
d15c007015
Bug 1073952 - Part 2 - tests for iframe sandbox srcdoc and data URIs with CSP r=ckerschb,dveditz
...
MozReview-Commit-ID: DPJRqEut5pu
2017-01-27 01:05:00 +01:00
f72672a461
Bug 1073952: inherit CSP into iframe sandbox srcdoc r=ckerschb,dveditz
...
MozReview-Commit-ID: KTzCLoDfYnd
2017-01-27 01:05:00 +01:00
52276acb40
Bug 1271173 - Test upgrade-insecure-requests for navigational requests. r=smaug,freddyb
2016-05-09 13:37:49 +02:00
dd581118f0
Bug 1329288 - Test ContentPolicy blocks opening a new window. r=smaug
2017-01-22 17:42:42 +01:00
040a162daf
Backed out changeset 828efd8ce683 (bug 1329288)
2017-01-22 13:09:53 +01:00
5b0e184329
Bug 1329288 - Test ContentPolicy blocks opening a new window. r=smaug
2017-01-22 07:30:10 +01:00
16e6d381ac
Bug 503613 - Remove old 'tail =' lines from xpcshell.ini files; r=gps
...
MozReview-Commit-ID: 62Hp5ISxowJ
--HG--
extra : rebase_source : daa8efb3409031fea553f4fd0c9d0746e38dc308
extra : histedit_source : b4c23aacf678ba0d0ac9c09191a7c494ead11a08
2017-01-18 10:30:39 +00:00
4ef7762311
Bug 1331838 - Remove support for app URIs in CSP directives; r=ckerschb
2017-01-18 15:18:29 -05:00
ee5969e9c2
Backout changeset 7040329487e9 (bug 1331838) because it was the wrong patch
2017-01-18 15:18:29 -05:00
842ce9fb2d
Bug 1331838 - Remove support for app URIs in CSP directives; r=ckerschb
2017-01-18 13:11:42 -05:00
85611a7b6d
Bug 1331081 - script generated patch to omit addEventListener/removeEventListener's third parameter when it's false, r=jaws.
...
--HG--
extra : rebase_source : a22344ee1569f58f1f0a01017bfe0d46a6a14602
2017-01-17 11:50:25 +01:00
edae411c07
Bug 1313595 - Lower HSTS priming timeout r=mayhemer
...
MozReview-Commit-ID: 5wOqtYM1MfD
--HG--
extra : rebase_source : 78cb81a9223c80b93b2c574846111eb3bad91c03
2016-12-08 11:07:55 -10:00
ab089bc866
Bug 1324870 - Skip test_bug803225.html and test_ext_downloads_misc.js on linux32 only, to enable taskcluster migration; r=jmaher
2017-01-05 16:34:47 -07:00
8ca3b2dc24
Backed out changeset 724fdfe8f396 (bug 1324870)
2017-01-05 12:21:31 -05:00
4fdfff0c12
Bug 1324870 - Skip test_bug803225.html and test_ext_downloads_misc.js on linux32 only, to enable taskcluster migration; r=jmaher
...
--HG--
extra : rebase_source : eb4c1e94381f46d54619f0a3ba65e3f5beed2221
2017-01-05 09:15:11 -07:00
515ef9ba45
Bug 1321218 - Remove legacy generator from dom/. r=smaug
2016-12-01 18:11:32 +09:00
8843a98210
Bug 1319936 - Remove String generics uses in dom. r=billm
...
--HG--
extra : rebase_source : f2b40e5d4a423035d2de8739570a76305a058cf0
2016-11-24 13:17:00 -08:00
450508f7f3
merge mozilla-inbound to mozilla-central a=merge
2016-11-29 11:39:49 +01:00
002a446aec
Backed out changeset 3472d9d9dd47 (bug 1313595) for hopefully reducing crashes
2016-11-29 10:25:07 +01:00
29efcb86ac
Bug 1316826 - Test for JS URLs and strict-dynamic. r=dveditz
...
MozReview-Commit-ID: EKmYoZbap25
2016-11-28 21:56:55 -05:00
fe33117844
Bug 1309219 - Only allow valid base64-values for CSP nonce and hash sources, per spec. r=francois
2016-11-24 21:46:09 -05:00
53901256a5
Bug 1316826 - Test case for strict-dynamic blocks inline event handlers. r=dveditz
...
MozReview-Commit-ID: 4TS4pUNeIS1
--HG--
extra : rebase_source : e517f4898d0a9873c77e2731152ce3255b7c5938
2016-11-21 15:13:29 -05:00
e1487e92f8
Bug 1311599 - Disable HSTS tests on linux debug.
...
--HG--
extra : rebase_source : 5ad7d6ea972d4a350091458b0cc47dd148f13bb6
2016-11-21 12:30:56 -05:00
42cdd9436b
Bug 1318273 - Improve the use of SpecialPowers.pushPrefEnv() - part 2, r=qdot
2016-11-18 09:33:50 +01:00
2f974ccbce
Bug 1318273 - Improve the use of SpecialPowers.pushPrefEnv() - part 1, r=qdot
2016-11-18 09:33:33 +01:00
7110a88674
Backed out changeset d43b778d95c6 (bug 1318273) for failing mochitest fetch/test_formdataparsing.html. r=backout on a CLOSED TREE
2016-11-17 20:58:38 +01:00
fdfd8b91d1
Backed out changeset 2560659cda95 (bug 1318273)
2016-11-17 20:57:59 +01:00
a895bd31ae
Bug 1318273 - Improve the use of SpecialPowers.pushPrefEnv() - part 2, r=qdot
2016-11-17 19:36:21 +01:00
cf2ad8072f
Bug 1318273 - Improve the use of SpecialPowers.pushPrefEnv() - part 1, r=qdot
2016-11-17 19:36:01 +01:00
dcbe139332
Bug 1317115 turn off HSTS priming to suppress perma-orange a=test-only
...
MozReview-Commit-ID: I1bNquP4yT7
2016-11-15 10:52:45 +09:00
5565f4d518
Bug 1313595 Reduce timeout for HSTS priming channels r=mayhemer
...
Default is 3 seconds
MozReview-Commit-ID: 47hoaTEL9hV
2016-11-08 17:49:39 +09:00
8562d3859b
Backed out changeset a8be4ebc85cf (bug 1313595) for permaorange unexpected assertion in test_referrerdirective.html, a=backout
...
MozReview-Commit-ID: GxBqDrHHg7z
2016-11-14 18:30:58 -08:00
b8eeda422c
Bug 1313595 Reduce timeout for HSTS priming channels r=mayhemer
...
Default is 3 seconds
MozReview-Commit-ID: 47hoaTEL9hV
--HG--
extra : rebase_source : 6954dc92966122b15c60f19f5e91086fcd859728
2016-11-08 17:49:39 +09:00
5ef79ef9a4
Bug 1313596 - Increase HSTS Priming default cache timeout. r=mayhemer
...
MozReview-Commit-ID: 6sHuB4wIEu4
--HG--
extra : rebase_source : 9672c18384efe24f6cb5e1aa455217e37a97db90
2016-11-10 00:30:00 -05:00
115286c614
Backed out changeset 9c1069e2a42e (bug 1236222) for failing xpcshell test test_csp_reports.js. r=backout
2016-11-09 11:31:38 +01:00
134e80abde
Bug 1236222 - CSP: Blocked URI should be empty for inline violations. r=ckerschb
2016-11-07 19:22:53 +05:30
41c087935b
Merge m-c to inbound, a=merge
2016-11-08 14:08:34 -08:00
eb1fcc9de6
Bug 1299483 - CSP: Implement 'strict-dynamic', test default-src. r=dveditz
2016-11-08 13:34:36 +01:00
54b5ba8aa1
Bug 1299483 - CSP: Implement 'strict-dynamic', parser inserted mochitests. r=dveditz,freddyb
2016-11-08 13:33:58 +01:00
7148985f09
Bug 1299483 - CSP: Implement 'strict-dynamic', mochitests. r=dveditz,freddyb
2016-11-08 13:33:27 +01:00
d9efe93bac
Bug 1299483 - CSP: Implement 'strict-dynamic', parser tests. r=dveditz,freddyb
2016-11-08 13:32:17 +01:00
c267f70f91
Bug 1299483 - CSP: Implement 'strict-dynamic', enforcement changes. r=dveditz,freddyb
2016-11-08 12:55:23 +01:00
27b9e899b0
Bug 1311599 - Disable hsts tests on linux32-debug only. r=kmckinley
...
MozReview-Commit-ID: 2V5Xrfpwy3a
--HG--
extra : rebase_source : c02f00ac03368b5ce52598c23964e39f892e6007
2016-11-07 14:51:45 -05:00
e13c48fba9
Bug 1315170 - gtestify dom/security/test/TestCSPParser.cpp. r=francois.
...
--HG--
rename : dom/security/test/TestCSPParser.cpp => dom/security/test/gtest/TestCSPParser.cpp
extra : rebase_source : 52b30a4c063ce2d330108fa4b8382ff8e4adf1b0
2016-11-04 17:02:26 +11:00
a7bc94158c
Merge m-i to m-c, a=merge
...
MozReview-Commit-ID: H4VKCYDq5cD
--HG--
rename : xpcom/tests/TestAutoRef.cpp => xpcom/tests/gtest/TestAutoRef.cpp
rename : xpcom/tests/TestCOMArray.cpp => xpcom/tests/gtest/TestCOMArray.cpp
rename : xpcom/tests/TestCOMPtr.cpp => xpcom/tests/gtest/TestCOMPtr.cpp
rename : xpcom/tests/TestCOMPtrEq.cpp => xpcom/tests/gtest/TestCOMPtrEq.cpp
rename : xpcom/tests/TestFile.cpp => xpcom/tests/gtest/TestFile.cpp
rename : xpcom/tests/TestHashtables.cpp => xpcom/tests/gtest/TestHashtables.cpp
rename : xpcom/tests/TestID.cpp => xpcom/tests/gtest/TestID.cpp
2016-11-05 13:36:25 -07:00
4b45959d12
Bug 1310297 - Remove test annotations using b2g, mulet or gonk: dom/security. r=RyanVM
...
MozReview-Commit-ID: 8G41CCQ1P01
--HG--
extra : rebase_source : d8f02480bc506c06e13d0d47fa123df6f8b2f18d
2016-11-05 11:29:17 +01:00
e8f0bc4a89
Bug 1312272 - Test that marquee event handlers are subject to CSP. r=smaug
...
MozReview-Commit-ID: 4KYon5u0ocf
--HG--
extra : histedit_source : 6de85932af364aba1960f16a51d20d32b8ec6b7c
2016-11-04 22:54:19 -04:00
579a6043ca
Bug 1312680 - Test that require-sri-for blocks style loads via @import r=francois
...
MozReview-Commit-ID: A8DPWH2S3sD
2016-11-03 03:18:00 +01:00
26490f6904
Bug 1310955 - Fix nsSiteSecurityService cache retrieval r=ckerschb,keeler
...
MozReview-Commit-ID: 55DpKrqcL1x
--HG--
extra : rebase_source : 5e068cc70c45dd1844a0e59559875cde659f202a
2016-10-18 20:09:15 +09:00
6c91017f20
Merge m-i to m-c, a=merge
...
MozReview-Commit-ID: FA9OZyjP59N
2016-10-18 19:36:18 -07:00
f13c011369
Bug 1310895 - Remove support for app default and manifest CSP enforcement; r=baku
2016-10-18 09:40:41 -04:00
5b82359aa3
Bug 1305993 - Break tests up to avoid timeouts r=philor
...
MozReview-Commit-ID: 8y2gwNjnEnT
--HG--
extra : rebase_source : c24354dd7c60064b38bbbad067806d3c0a52c690
2016-10-07 17:19:38 +09:00
066a3827af
Bug 1307321 - Use correct length of CSP report when sending violations. r=jrgm,freddyb
2016-10-14 20:07:32 +02:00
24324313f6
Backed out changeset f443b21ba9de (bug 1307321) for unexpected passing of scripthash-unicode-normalization.sub.html. r=backout
2016-10-14 17:51:22 +02:00
0341cd9771
Bug 1307321 - Use correct length of CSP report when sending violations. r=jrgm,freddyb
2016-10-14 15:23:24 +02:00
9de6bbbaec
Bug 1261019 - Part 3: Remove Navigator.mozApps and code depending on it; r=myk,jryans,fabrice,mcmanus,peterv
2016-10-13 13:18:41 -04:00
f4e92ab657
Bug 1277803 - Part 5 : A test to verify the loadingPrincipal of favicon loads. r=ckerschb
2016-10-13 15:44:00 +08:00
2142de26c1
Backed out 8 changesets (bug 1277803) for browser-chrome test failures a=backout
...
Backed out changeset 477890efdb88 (bug 1277803)
Backed out changeset 49da326bfe68 (bug 1277803)
Backed out changeset 2d17a40a9077 (bug 1277803)
Backed out changeset b1cb0a195ca1 (bug 1277803)
Backed out changeset c7d82459d152 (bug 1277803)
Backed out changeset 3be9a06248af (bug 1277803)
Backed out changeset 8d119ca96999 (bug 1277803)
Backed out changeset be767a6f7ecd (bug 1277803)
2016-10-12 14:26:00 -07:00
226661a0bc
Bug 1277803 - Part 5 : A test to verify the loadingPrincipal of favicon loads. r=ckerschb
2016-10-12 17:32:11 +08:00
ea829544cd
Bug 1308951 - Add a pref to whitelist specific domains as SecureContexts r=ckerschb,jcj
...
MozReview-Commit-ID: AxihCLsBNRw
--HG--
extra : rebase_source : bd2800c65af839ef67f4ca9a841f08884ac9c539
2016-10-10 11:32:24 -04:00
06ba09a073
Bug 1264137 - Part 3: perform ContentPolicy check if the load is happening on this docshell. r=bz, smaug
2016-10-07 17:40:21 +08:00
596b8e86ce
Backed out changeset 76788d4f83ce (bug 1277803)
...
CLOSED TREE
2016-10-07 11:23:40 +08:00
1925944f12
Bug 1277803 - Part 5: Add a test to verify the loadingPrincipal of favicon loads. r=ckerschb
2016-09-13 00:33:00 -04:00
ae7fb1e8d0
Bug 1279139 - require-sri-for needs to govern scriptloading for workers. r=baku
...
MozReview-Commit-ID: 3m21kbiV5qK
--HG--
extra : rebase_source : 30c784392e96c1b28c55d38959cc529093b9b568
2016-10-04 02:36:00 +02:00
b0951acfc5
Bug 1302539 - X-Content-Type-Options: nosniff should not apply to images (temporarily). r=dveditz
2016-09-30 09:38:44 +02:00
cf7304c3c6
Bug 1306007 - Part 1: Remove srcset/picture feature control preference; r=jdm,smaug
...
MozReview-Commit-ID: BsyTHeqiGZL
--HG--
extra : rebase_source : 2add2510dbe16c641fe997a8349c1a36009bec20
2016-04-16 18:07:56 -04:00
c190891418
Bug 1303121 - Do not fire one last progress event on XHR errors, to match a spec change. r=annevk
...
--HG--
extra : rebase_source : 9a59934cfe8fc7f2ee8ef7788813f97e2355ce2a
2016-09-28 13:05:32 -04:00
c57d400961
Bug 1246540 - HSTS Priming Proof of Concept. r=ckerschb, r=mayhemer, r=jld, r=smaug, r=dkeeler, r=jmaher, p=ally
...
HSTS priming changes the order of mixed-content blocking and HSTS
upgrades, and adds a priming request to check if a mixed-content load is
accesible over HTTPS and the server supports upgrading via the
Strict-Transport-Security header.
Every call site that uses AsyncOpen2 passes through the mixed-content
blocker, and has a LoadInfo. If the mixed-content blocker marks the load as
needing HSTS priming, nsHttpChannel will build and send an HSTS priming
request on the same URI with the scheme upgraded to HTTPS. If the server
allows the upgrade, then channel performs an internal redirect to the HTTPS URI,
otherwise use the result of mixed-content blocker to allow or block the
load.
nsISiteSecurityService adds an optional boolean out parameter to
determine if the HSTS state is already cached for negative assertions.
If the host has been probed within the previous 24 hours, no HSTS
priming check will be sent.
MozReview-Commit-ID: ES1JruCtDdX
--HG--
extra : rebase_source : 2ac6c93c49f2862fc0b9e595eb0598cd1ea4bedf
2016-09-27 11:27:00 -04:00
767e1e9b11
merge mozilla-inbound to mozilla-central a=merge
2016-09-26 18:34:20 +08:00
694c12c743
Bug 1242019 - Truncate data URIs in CSP log messages. r=ckerschb
...
MozReview-Commit-ID: DaiGESRI1rb
--HG--
extra : transplant_source : %EC%7B%3F%20O%3A%A7g%BAl%82%BC-Xg%23%84%E2%3C%EE
2016-09-12 14:30:43 -07:00
ed0b5f06ee
Bug 1271796 use raw bytes to calculate SRI hash r=francois
...
MozReview-Commit-ID: F62t5CnsYlJ
--HG--
extra : rebase_source : 9c2148ffe99a51db5541ec6d9961597b578157ae
2016-09-05 12:55:25 +02:00
9f5afabda0
Bug 1294381 - Delayed process script for test_bug803225.html. r=mrbkap
2016-09-22 09:26:26 +02:00
fd99ac5cc2
Bug 1277248 - Add test to ensure that require-sri-for does not allow svg:scripts r=ckerschb
...
MozReview-Commit-ID: 1knIYZ93UeY
--HG--
extra : rebase_source : 4c1385382ecdddf80ec45d46d440b37bf4ad47c1
2016-09-13 11:05:37 +02:00
6f314fb375
Bug 1187335 - P3 - modify SRI test to match current behavior. r=bkelly, r=francois.
2016-05-30 12:26:56 +08:00
6ea7c1b598
Bug 1229639 - Part 2: Test case. r=ckerschb
...
MozReview-Commit-ID: GbofB6JoFil
--HG--
extra : rebase_source : dc4ac339817a052f687179988e28ec02764bd3e7
2016-09-06 18:30:12 +08:00
885c81fd09
Bug 1299267 - Test for wrong mime types. r=ckerschb
2016-09-05 20:02:52 +02:00
9489473322
Bug 1297051 - Test CSPRO should not block mixed content. r=dveditz
2016-08-24 09:24:20 +02:00
4261d2f1f7
Bug 1288361 - Test block script with wrong MIME type. r=dveditz
2016-08-22 08:56:32 +02:00
19b246a586
Bug 1290560 - Update TestCSPParser to include 'sandbox', 'require-sri' and 'report-uri' with no valid srcs. r=dveditz
2016-08-19 18:45:04 +02:00
8e946df619
Bug 1293001 - Part 2: Change the BinaryName of nsIContentSecurityPolicy::getPolicy from GetPolicy (which overloaded another virtual method), to GetPolicyString, r=froydnj
...
MozReview-Commit-ID: 4XWRar3Uuw
2016-08-11 15:49:40 -04:00
95d1c98761
Bug 918703 - Part 2: Correct progress event logic so events are sent in the correct order and with the correct values according to spec. r=baku
...
--HG--
extra : rebase_source : da5305fdfb1b28404199733f68cb65803a087e38
2016-08-05 23:47:40 -04:00
f6bc83a18a
Bug 1285894 - Fixing test_bug803225.html for e10s-multi. r=mrbkap
2016-08-01 12:26:38 +02:00
886e7cd571
Bug 1289085: CSP - Test referrer with no valid src. r=dveditz
2016-07-29 22:53:59 +02:00
6a1fb99d2b
Bug 709991 - Fire onerror instead of throwing on network errors for async XHRs. r=bz
2016-07-30 00:24:56 -04:00
caea40742f
Backed out changeset 8dc198cd46ff (bug 1246540) for Mochitest failures
2016-07-27 13:14:07 +08:00
c6650db185
Bug 1246540 HSTS Priming Proof of Concept
...
HSTS priming changes the order of mixed-content blocking and HSTS
upgrades, and adds a priming request to check if a mixed-content load is
accesible over HTTPS and the server supports upgrading via the
Strict-Transport-Security header.
Every call site that uses AsyncOpen2 passes through the mixed-content
blocker, and has a LoadInfo. If the mixed-content blocker marks the load as
needing HSTS priming, nsHttpChannel will build and send an HSTS priming
request on the same URI with the scheme upgraded to HTTPS. If the server
allows the upgrade, then channel performs an internal redirect to the HTTPS URI,
otherwise use the result of mixed-content blocker to allow or block the
load.
nsISiteSecurityService adds an optional boolean out parameter to
determine if the HSTS state is already cached for negative assertions.
If the host has been probed within the previous 24 hours, no HSTS
priming check will be sent.
(r=ckerschb,r=mayhemer,r=jld,r=smaug,r=dkeeler,r=jmaher,p=ally)
2016-07-26 13:03:00 +08:00
a7c8429fc4
Backed out changeset d7e39be85498 (bug 1246540) for Mochitest failures
2016-07-27 11:15:52 +08:00
567ebcf321
Bug 1246540 - HSTS Priming Proof of Concept. r=ckerschb, r=mayhemer, r=jld, r=smaug, r=dkeeler, r=jmaher, p=ally
...
HSTS priming changes the order of mixed-content blocking and HSTS
upgrades, and adds a priming request to check if a mixed-content load is
accesible over HTTPS and the server supports upgrading via the
Strict-Transport-Security header.
Every call site that uses AsyncOpen2 passes through the mixed-content
blocker, and has a LoadInfo. If the mixed-content blocker marks the load as
needing HSTS priming, nsHttpChannel will build and send an HSTS priming
request on the same URI with the scheme upgraded to HTTPS. If the server
allows the upgrade, then channel performs an internal redirect to the HTTPS URI,
otherwise use the result of mixed-content blocker to allow or block the
load.
nsISiteSecurityService adds an optional boolean out parameter to
determine if the HSTS state is already cached for negative assertions.
If the host has been probed within the previous 24 hours, no HSTS
priming check will be sent.
2016-07-26 13:03:00 -04:00
dcae5b0335
Merge mozilla-central to fx-team
2016-07-26 11:58:36 +02:00
a3904e8a8a
Merge mozilla-central to mozilla-inbound
2016-07-25 15:59:01 +02:00
b9a6c687fa
merge mozilla-inbound to mozilla-central a=merge
2016-07-25 15:50:41 +02:00
249fa77287
Bug 1263793 - update SAN, r=mgoodwin,ulfr
...
MozReview-Commit-ID: HtMKl2gP1xi
--HG--
extra : rebase_source : 5173dda521679b2ce6c8caabb3b54cce4f658640
2016-07-25 09:44:19 +02:00
0a5622c093
Backed out changeset 640247e978ba (bug 1246540) for bustage
2016-07-24 15:59:31 +02:00
547500d5a7
Bug 1246540 - HSTS Priming Proof of Concept. r=honzab
...
HSTS priming changes the order of mixed-content blocking and HSTS
upgrades, and adds a priming request to check if a mixed-content load is
accesible over HTTPS and the server supports upgrading via the
Strict-Transport-Security header.
Every call site that uses AsyncOpen2 passes through the mixed-content
blocker, and has a LoadInfo. If the mixed-content blocker marks the load as
needing HSTS priming, nsHttpChannel will build and send an HSTS priming
request on the same URI with the scheme upgraded to HTTPS. If the server
allows the upgrade, then channel performs an internal redirect to the HTTPS URI,
otherwise use the result of mixed-content blocker to allow or block the
load.
nsISiteSecurityService adds an optional boolean out parameter to
determine if the HSTS state is already cached for negative assertions.
If the host has been probed within the previous 24 hours, no HSTS
priming check will be sent.
(r=ckerschb,r=mayhemer,r=jld,r=smaug,r=dkeeler,r=jmaher,p=ally)
2016-07-22 18:35:00 +02:00
0e04940e1a
Bug 1277524 - Add moz-extension to the list of potentially trustworthy origins. r=tanvi
...
MozReview-Commit-ID: BvR7Xb0AE9N
--HG--
extra : rebase_source : dfe2d600b15a6cffd49be454b3394106c3ff9bb3
extra : histedit_source : 8b03564ebced1305ce79652d904e7bb95a92a2e8
2016-06-02 17:14:27 +02:00
022d9af2b3
Bug 1285003 - Test insecure http port :80 allows secure https port :443. r=dveditz
2016-07-22 11:32:21 +02:00
c7846e126c
Backed out changeset 16aa7041c009 (bug 1287107) for causing xpcshell and mac tests
2016-07-22 11:30:23 +02:00
f5b619fb28
Bug 1287107 - Making transition alive with gaia as chrome:// r=bholley,fabrice
...
MozReview-Commit-ID: 9uVUrmuVFXQ
--HG--
extra : rebase_source : d0c19fcda5c72ecdce3b0d0bbbafa5a7954d7a4c
2016-03-03 09:58:47 -08:00
5538d692d3
Bug 1286877 - do not set c-basic-offset for python-mode; r=gps
...
This removes the unnecessary setting of c-basic-offset from all
python-mode files.
This was automatically generated using
perl -pi -e 's/; *c-basic-offset: *[0-9]+//'
... on the affected files.
The bulk of these files are moz.build files but there a few others as
well.
MozReview-Commit-ID: 2pPf3DEiZqx
--HG--
extra : rebase_source : 0a7dcac80b924174a2c429b093791148ea6ac204
2016-07-14 10:16:42 -06:00
dd5231632f
Bug 1263793 - Using content signature verifier for verifying remote newtab, r=keeler,mayhemer
...
MozReview-Commit-ID: ABXYYseKImq
--HG--
extra : rebase_source : 79614e5215e738dff9683ad447245bd830c887bf
2016-05-19 10:59:48 +02:00
e2d9911273
Backed out changeset 21d8bb5af7b4 (bug 1263793) for leaks in various jobs CLOSED TREE
2016-07-20 11:16:37 -07:00
9b9c643025
Bug 1263793 - Using content signature verifier for verifying remote newtab, r=keeler,mayhemer
...
MozReview-Commit-ID: CHUPgBr8WaC
--HG--
extra : rebase_source : 969bd058a157c7307b7a4d3c2a4c5d62e82b7489
2016-05-19 10:59:48 +02:00
f2c908b15d
Bug 471020 - Test X-Content-Type-Options: nosniff. r=dveditz
2016-07-20 12:33:29 +02:00
23f7b47719
Bug 1273430 - Test CSP upgrade-insecure-requests for doc.write(iframe). r=tanvi
2016-07-20 09:26:16 +02:00
7846da76d6
Bug 1287107 - Making transition alive with gaia as chrome:// r=bholley,fabrice
...
MozReview-Commit-ID: 9uVUrmuVFXQ
--HG--
extra : rebase_source : 20f6f0235667530c21aca4889b5d33e39c2d1a48
2016-03-03 09:58:47 -08:00
c9783f64cb
Backed out 4 changesets (bug 471020) for frequent Windows w(2) failures CLOSED TREE a=merge
...
Backed out changeset d9675ab3d203 (bug 471020)
Backed out changeset 3ee328c56de0 (bug 471020)
Backed out changeset 000576e264bd (bug 471020)
Backed out changeset ffe60708c457 (bug 471020)
2016-07-18 16:07:28 -07:00
6166c48409
Bug 471020 - Test X-Content-Type-Options: nosniff. r=dveditz
2016-07-18 14:47:35 +02:00
97e696739a
Bug 1286376 - Do not call finish multiple times within test_contentpolicytype_targeted_link_iframe.html. r=smaug
2016-07-13 09:04:30 +02:00
0cd1f7698a
Bug 1234813 - Tests for: sendBeacon should not throw if blocked by Content Policy. r=barnes
2016-07-12 07:26:37 +02:00
68b180b34f
Bug 1255240 - Test content policy types within content policies for targeted links in iframes. r=smaug
2016-07-11 20:58:57 +02:00
84f2bb5302
Bug 1277557 - Test require-sri-for in meta tag r=francois
2016-07-08 07:26:34 +02:00
11de73857c
Bug 1269241 - Add SRI tests for UTF-8 stylesheets. r=ckerschb,r=jkt
2016-07-07 14:44:51 -07:00
bd8bba9788
Bug 959388 - Add csp worker test cases. r=kmckinley
...
MozReview-Commit-ID: IhEAA89VyTr
--HG--
extra : rebase_source : 63d522eab0477706636aa2e9086f1b0cdc30889d
2016-06-30 12:32:03 +08:00
edd71bdffd
Bug 671389 - Extend CSP tests for iframe sandbox with CSP sandbox directive tests r=grobinson
...
--HG--
extra : rebase_source : 4a37c0828701909f32870c0079b75b5c55144381
2016-06-28 14:06:06 -07:00
6e2b739762
Bug 671389 - Tests for CSP sandbox directive. r=grobinson, r=smaug
...
--HG--
extra : rebase_source : 8906837f0a8f0afdb3ba3db5463265ef62220f92
2016-06-28 14:03:45 -07:00
ec18fc5ff7
Bug 671389 - Implement CSP sandbox directive. r=ckerschb r=smaug
...
--HG--
extra : rebase_source : d9c5f5868c2558a3696cd489674da6f243be11ad
2016-06-29 07:48:44 -07:00
9e62aecdfc
Bug 1278272 - Convert test_csp_upgrade_insecure_request_header.js to channel.asyncOpen2() r=jkt
2016-06-29 13:08:47 +02:00
daa6f72c59
Bug 1279420 - Adding in security.csp.experimentalEnabled pref check to require-sri-for directive in CSP. r=ckerschb
...
MozReview-Commit-ID: 799ZZoW0YiG
--HG--
extra : transplant_source : %CAC%12%16%C6a%10AP%BEc%85%BA%93Z%7Cq%D43%8D
2016-06-20 19:49:38 +01:00
25f6f710d7
Bug 1100181 - CSP: Enforce connect-src when submitting pings. r=arroway
2016-06-24 15:25:11 +02:00
76f6cc7739
Bug 1268327 - ReferrerPolicy should not be delivered through CSPRO r=tnguyen
...
--HG--
extra : rebase_source : 92bd320351de91b72304c2fc386f1ae295837a9e
2016-06-22 14:13:03 +02:00
e8df1f59be
Bug 1265318: tests for require-sri-for CSP directive. r=ckerschb
...
MozReview-Commit-ID: Ji14cwB8D3P
2016-05-31 08:30:00 +02:00
525c086187
Bug 1259871 - Replace getSimpleCodebasePrincipal with createCodebasePrincipal. r=sicking
...
MozReview-Commit-ID: Frx0CjBzuve
--HG--
extra : histedit_source : 036eb321d9ccb20e0e071ba588b0a1249eb34bdd
2016-05-24 18:01:34 +08:00
9214312096
Backed out changeset 9feb9c89d33a (bug 959388)
2016-05-23 11:36:10 +02:00
61fe1800b8
Bug 959388 - Add csp worker test cases. r=kmckinley
...
MozReview-Commit-ID: Ahx419BHWrS
--HG--
extra : rebase_source : 2016c1e68f990a8ba9cd471e18778c87b08546e1
2016-05-19 11:59:54 +08:00
52a84afc5c
Bug 1273418 - CSP: Test evaluate upgrade-insecure-requests before block-all-mixed-content (r=tanvi)
2016-05-21 19:36:02 +02:00
dc7cba21ef
Bug 1251152 - Part 3: Test case. r=franziskus
2016-05-05 11:11:34 +08:00
9944442791
Bug 1261634 - Tests for whitespace skipping within meta csp. r=dveditz
2016-04-21 21:19:50 +02:00
2bb448cbb2
Bug 1267509 - Make nsContentSecurityManager::IsURIPotentiallyTrustworthy act on an nsIPrincipal. r=bz
...
MozReview-Commit-ID: Zu1zU4Brkx
--HG--
rename : dom/security/test/unit/test_isURIPotentiallyTrustworthy.js => dom/security/test/unit/test_isOriginPotentiallyTrustworthy.js
2016-04-26 11:30:43 +01:00
c607e5cac1
Bug 1263286 - Update csp base-uri tests. r=bz
...
--HG--
rename : dom/security/test/csp/file_base-uri.html => dom/security/test/csp/file_base_uri_server.sjs
2016-04-26 12:38:06 +02:00
d82c07bf27
Bug 1262635 - Don't strip URIs of ftp: when sending reports. r=dveditz
2016-04-17 20:09:18 +02:00
6c12520100
Bug 1192840 - fix tests to expect correct csp report content-type r=ckerschb
...
MozReview-Commit-ID: TzpGH63EPF
--HG--
extra : transplant_source : %1548%CC%97%F5%3Ca%D6_%0Df%96.%5C%F0%B0%3BE%21
2016-04-08 14:14:38 +02:00
9c0a7ac154
Bug 1105556 - Add a hidden preference that is checked in debug mode to determine whether the main LoadInfo() constructor should assert that the ContentPolicyType is not TYPE_DOCUMENT.
...
Set the preference in xpcshell tests that create TYPE_DOCUMENT loads in javascript and hence end up using the main constructor. r=sicking, ckerschb
2016-04-13 16:30:36 -07:00
4ee65db5e7
Backed out changeset 0c21f872515b (bug 1192840) for failure in modified test_csp_reports.js. r=backout
2016-04-13 19:32:44 +02:00
ae7f565803
Bug 1192840 - fix tests to expect correct csp report content-type r=ckerschb
...
MozReview-Commit-ID: TzpGH63EPF
--HG--
extra : transplant_source : %1548%CC%97%F5%3Ca%D6_%0Df%96.%5C%F0%B0%3BE%21
2016-04-08 14:14:38 +02:00
387bd9e686
Bug 1258005 - Remove setTimeout to avoid intermittent issue. r=bkelly
2016-04-12 00:39:00 +02:00
e1331785d7
Bug 1241634 - Reflow before clicking in mixedcontentblocker test r=mckinley
...
MozReview-Commit-ID: 5rbeuVjaw0B
--HG--
extra : rebase_source : f0f603c31e0e2ee43f8bbac575de3dab0660e333
2016-03-25 16:52:49 +08:00
f7ad23868a
Bug 1250048 - CSP manifest-src doesn't override default-src. r=ckerschb,bkelly,ehsan
...
MozReview-Commit-ID: Ceu3sYUcML4
2016-04-07 14:13:09 -07:00
f7a1b3fb60
Bug 1242051 - Add inter-directory test support file dependencies to ini manifests. r=gps
...
Previously, every test and support file would be synced to the objdir
when running any test. Now that only those support files and tests requested
are synced, we note support files required beyond those in a test's
directory in ini manifests.
MozReview-Commit-ID: EmlDz9d4lqt
2016-04-04 14:56:52 -07:00
adb02c6c4f
Bug 1243586 - Test Upgrade-Insecure-Requests HTTP Request Header Field. r=rbarnes
2016-03-01 09:19:28 -08:00
20549b7fe0
Bug 1251043 - Test form submission blocked by CSP. r=francois
2016-03-23 13:38:05 -07:00
fe9aec58c3
Backed out changeset 1d5e6c22fd3a (bug 1250048) for CSP failures/assertions in various tests/chunks CLOSED TREE
...
MozReview-Commit-ID: I21ELiYYqdD
--HG--
extra : amend_source : 83d8554e6046153a3cf16ffefed7d6602e822241
2016-03-21 12:42:36 -07:00
2e3ca60562
Bug 1250048 - CSP manifest-src doesn't override default-src. r=ckerschb
...
--HG--
extra : rebase_source : 1f8a65dcb9ea909588991cd5e8970560c3651426
2016-03-20 23:24:00 -04:00
1a47cfb77a
Bug 1186072 - Add trailing slash to origin referer header when policy is set. r=sworkman
...
MozReview-Commit-ID: 3PYuODmqpbL
--HG--
extra : source : ac4148f22b2d6f76762dac3fd94a6452da80bdde
2016-02-24 10:51:54 +01:00
f750d8988e
Bug 1235572 - Tests of enforcing SRI on remote about:newtab. r=francois
...
MozReview-Commit-ID: 6epw8D4M0FX
--HG--
extra : transplant_source : %87t%D0%60a%B4%14%24%E6%B9%97Q%CDXr%B69%12%E9%0D
2016-03-16 11:19:20 +08:00
84cb2023d7
Bug 1176824 - Intermittent browser_test_web_manifest.js. r=ckerschb
2016-03-16 16:07:00 +01:00
a35cb7baf1
Bug 1122236 - CSP: block-all-mixed-content - test frame navigation (r=tanvi)
2016-03-15 16:08:07 -07:00
18d0d6e8d6
Bug 1122236 - CSP: block-all-mixed-content tests (r=tanvi)
2016-03-15 16:07:49 -07:00
5f15eed746
Bug 1241634 - Skip test_frameNavigation.html on Windows and OSX for frequent failures. a=test-only
...
--HG--
extra : rebase_source : ba229e6a62c82ad8c59ae89943fd6181df4275a9
2016-03-15 12:50:07 -04:00
2fb9c40ec1
Bug 1250453 - Remove DOMApplicationRegistry.allAppsLaunchable property and related testing API. r=myk
2016-03-14 16:29:11 +00:00
2b22d469bb
Bug 1226928 - content-signature verification tests for about:newtab, r=mconley
2016-03-14 11:57:16 +01:00
40da91e7a5
Bug 1242775 - Run parent-process code in the parent. r=mccr8
2016-03-10 17:14:35 -08:00
25fbf67b66
Backed out changeset 878c54ec3954 (bug 1250453)
2016-03-10 14:45:59 +01:00
1902f1c620
Bug 1250453 - Remove DOMApplicationRegistry.allAppsLaunchable property and related testing API. r=myk
2016-03-10 11:12:38 +00:00
eb98199ac0
Backed out changeset ac4148f22b2d (bug 1186072) for referrer test failures
...
--HG--
extra : rebase_source : 124130bb041418eb97862a131ae6365df5cfbdc6
2016-03-03 09:23:59 +01:00
55e0623947
Bug 1186072 - add trailing slash to origin referer header when policy is set, r=sworkman
...
MozReview-Commit-ID: 3PYuODmqpbL
--HG--
extra : transplant_source : %E5P%B1%1F%82%08%07%2A%1C%26%AF%C5%C8%29%B1y%97O%877
2016-02-24 10:51:54 +01:00
41b26f4a9b
Bug 1195172 - Test Fonts governed by CSP (r=bz)
2016-03-01 13:06:26 -08:00
7aa5d59bc7
Bug 1251518. Fix js::ErrorReportToString to make a bit more sense, and change worker code to not use it anyway, so it matches the mainthread code. r=bholley,terrence
2016-03-01 13:49:21 -05:00
8a0731fdde
Bug 1251875 - Part 1: Remove the dom.serviceWorkers.interception.enabled pref; r=bkelly
2016-03-01 09:16:38 -05:00
4712647d7d
Backed out 2 changesets (bug 1243586) for dt5 bustage in netmonitor tests
...
Backed out changeset 06a4d2d48fb2 (bug 1243586)
Backed out changeset 846e31fe5eb2 (bug 1243586)
MozReview-Commit-ID: 69kiDIULtm2
2016-02-29 10:39:04 -08:00
f7017a06c3
Bug 1243586 - Test Upgrade-Insecure-Requests HTTP Request Header Field (r=rbarnes)
2016-02-29 08:46:48 -08:00
7413f2bf46
Bug 1251369. Use an AutoJSAPI that reports its own exceptions around the main runloop in workers. r=khuey
...
The silly leading ": " on the error messages is due to bug 1251518
2016-02-26 15:23:13 -05:00
eb71a675d8
Bug 908933 - Part2 - CSP tests: ShouldProcess should block TYPE_OBJECT. r=ckerschb
...
--HG--
extra : rebase_source : 6dcf8d477656e4d5cdb9362b1f1ec561aba420a7
2016-01-27 01:35:53 +08:00
4be3856258
Bug 1241634: Use is instead of ok in tests. r=me
...
--HG--
extra : rebase_source : 42e2a1dde47957d813f11379bba173f62e8f8d70
2016-02-18 17:32:34 -08:00
10c0856d69
Backed out changeset b9aecc2e6334 (bug 1234813) for test failures in connect-src-beacon-blocked.sub.html
...
--HG--
extra : rebase_source : 1b9441481b7da04393d5cf12617078376757d447
2016-02-11 11:33:06 +01:00
eac10123df
Bug 1234813 - Tests for: sendBeacon should not throw if blocked by Content Policy. r=rbarnes
2015-12-23 11:45:26 -08:00
0bcca14aa1
Bug 1238954 P2 Fix csp service worker tests to register and unregister separate scopes. r=ehsan
2016-02-09 19:33:40 -08:00
0916871a27
Bug 1241634 - Increase timeout from 5 to 10 seconds. r=tanvi
2016-02-08 18:49:00 +01:00
a6aff185d2
Bug 1238576 - disable mozApps API on desktop/Android; r=ehsan,ochameau,bz,mcmanus,jmaher,marco
2016-02-08 11:24:22 -08:00
44c631e968
Bug 1237726, part 4 - Convert test_bug803225.html to use pushPrefEnv() to set preferences. r=tanvi
...
This gets the test closer to working with e10s.
2016-02-08 09:52:19 -08:00
c6c65b3c73
Bug 1237726, part 3 - Don't load an iframe until we're actually ready to run the test in test_bug803225.html. r=tanvi
...
This needs to wait for onload to do the reloadFrame(), or the
.getElementById() will return null.
2016-02-08 09:52:19 -08:00
4cf4ea2fd9
Bug 1237726, part 2 - Don't start running mixedcontentblocker/test_main.html until the page has finished loading. r=tanvi
...
If the script runs before the page finishes loading, you get an error
about getElementById being null. This doesn't seem to usually happen
with this particular test, but it looks like it can happen at least
sometimes.
2016-02-08 09:52:19 -08:00
164c42ece5
Bug 1237726, part 1 - Set prefs with pushPrefEnv in mixedcontentblocker/test_main.html. r=tanvi
2016-02-08 09:52:19 -08:00
dcd9fa1424
Bug 1242899 - consolidate mozApps tests into dom/apps/tests/ dir; r=marco
...
--HG--
rename : dom/tests/mochitest/webapps/apps/bad_content_type.webapp => dom/apps/tests/apps/bad_content_type.webapp
rename : dom/tests/mochitest/webapps/apps/basic.webapp => dom/apps/tests/apps/basic.webapp
rename : dom/tests/mochitest/webapps/apps/basic.webapp^headers^ => dom/apps/tests/apps/basic.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/installs_allowed_from_chrome_mochitests.webapp => dom/apps/tests/apps/installs_allowed_from_chrome_mochitests.webapp
rename : dom/tests/mochitest/webapps/apps/installs_allowed_from_chrome_mochitests.webapp^headers^ => dom/apps/tests/apps/installs_allowed_from_chrome_mochitests.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/installs_allowed_from_example.com.webapp => dom/apps/tests/apps/installs_allowed_from_example.com.webapp
rename : dom/tests/mochitest/webapps/apps/installs_allowed_from_example.com.webapp^headers^ => dom/apps/tests/apps/installs_allowed_from_example.com.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_activity_href.webapp => dom/apps/tests/apps/invalid_activity_href.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_activity_href.webapp^headers^ => dom/apps/tests/apps/invalid_activity_href.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_activity_href2.webapp => dom/apps/tests/apps/invalid_activity_href2.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_activity_href2.webapp^headers^ => dom/apps/tests/apps/invalid_activity_href2.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_entry_point.webapp => dom/apps/tests/apps/invalid_entry_point.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_entry_point.webapp^headers^ => dom/apps/tests/apps/invalid_entry_point.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_launch_path.webapp => dom/apps/tests/apps/invalid_launch_path.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_launch_path.webapp^headers^ => dom/apps/tests/apps/invalid_launch_path.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_launch_path2.webapp => dom/apps/tests/apps/invalid_launch_path2.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_launch_path2.webapp^headers^ => dom/apps/tests/apps/invalid_launch_path2.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_locale_entry_point.webapp => dom/apps/tests/apps/invalid_locale_entry_point.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_locale_entry_point.webapp^headers^ => dom/apps/tests/apps/invalid_locale_entry_point.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_message.webapp => dom/apps/tests/apps/invalid_message.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_message.webapp^headers^ => dom/apps/tests/apps/invalid_message.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/json_syntax_error.webapp => dom/apps/tests/apps/json_syntax_error.webapp
rename : dom/tests/mochitest/webapps/apps/json_syntax_error.webapp^headers^ => dom/apps/tests/apps/json_syntax_error.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/launch_paths.webapp => dom/apps/tests/apps/launch_paths.webapp
rename : dom/tests/mochitest/webapps/apps/launch_paths.webapp^headers^ => dom/apps/tests/apps/launch_paths.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/missing_required_field.webapp => dom/apps/tests/apps/missing_required_field.webapp
rename : dom/tests/mochitest/webapps/apps/missing_required_field.webapp^headers^ => dom/apps/tests/apps/missing_required_field.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/no_delegated_install.webapp => dom/apps/tests/apps/no_delegated_install.webapp
rename : dom/tests/mochitest/webapps/apps/no_delegated_install.webapp^headers^ => dom/apps/tests/apps/no_delegated_install.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/utf8.webapp => dom/apps/tests/apps/utf8.webapp
rename : dom/tests/mochitest/webapps/apps/utf8.webapp^headers^ => dom/apps/tests/apps/utf8.webapp^headers^
rename : dom/tests/mochitest/webapps/cross_origin.html => dom/apps/tests/cross_origin.html
rename : dom/tests/mochitest/webapps/file_bug_779982.html => dom/apps/tests/file_bug_779982.html
rename : dom/tests/mochitest/webapps/head.js => dom/apps/tests/head.js
rename : dom/tests/mochitest/webapps/test_bug_779982.html => dom/apps/tests/test_bug_779982.html
rename : dom/tests/mochitest/webapps/test_list_api.xul => dom/apps/tests/test_list_api.xul
2016-01-31 15:04:54 -08:00
66aa150bc3
Bug 1007634 - Add a test to show that Worker construction is no longer allowed by CSP script-src directive. r=ckerschb
...
--HG--
extra : amend_source : 0acea47a18c3a40be6e7fe50db1c71bc9dd91b3a
2016-01-21 16:57:00 -05:00
b0483f9b8c
Bug 1213633 - Test childDocument prior to use. r=tanvi
2016-01-04 16:37:14 -08:00
248f7a3dee
merge mozilla-inbound to mozilla-central a=merge
2016-01-20 15:34:34 +01:00
3ae375bf1c
Bug 1217766 - All PDFs trigger the insecure password warning. r=MattN,bz
...
--HG--
extra : commitid : 1aP0he1jDxh
extra : rebase_source : 49375a644ff345fe479b060945f6fe61efe52df7
2016-01-18 14:54:18 +00:00
238b5ed942
Bug 1208946 - Update tests for URI stripping in CSP reports (r=dveditz)
2016-01-14 12:37:15 -08:00
0e30d8b611
Bug 1237455 P1 Make file_CrossSiteXHR_server.sjs check headers on redirects. r=ehsan
2016-01-19 13:54:14 -08:00
9c67777407
Bug 1237799, part 2 - Use setTestPluginEnabledState in various tests. r=gfritzsche
...
This make these tests pass with e10s.
Also, add a missing open quote to test_bug827160.html.
2016-01-12 16:50:34 -08:00
1768759efb
Bug 1220564 - Update chrome code uses of genexprs and legacy comprehensions. (r=billm)
2016-01-06 16:02:16 -08:00
93de65860e
Bug 1223743 - Test CSP enforcement for multipart channels (r=sicking)
2015-12-14 10:06:47 -08:00
28de02f687
Bug 1226909 part 3: Move logic of when to initiate CORS preflight into channels. Allow CORS preflight to happen when doing a same-origin to cross-origin redirect. r=ckerschb
2015-12-06 18:33:14 -05:00
6cc5074df0
Bug 1226909 part 1: Do security checks in a redirect handler rather than when opening the redirected channel. r=ckerschb
2015-12-06 18:33:14 -05:00
774236075d
Backed out changeset 09d64535bcda (bug 1216687), a7f1a289dd78, 4dbf06183e6c, 26318a5e3006, 9ae2af3cf86d (bug 1226909) for M(1,2,5) oranges. r=backout
2015-12-05 16:34:47 +01:00
ff12f48c5a
Bug 1226909 part 3: Move logic of when to initiate CORS preflight into channels. Allow CORS preflight to happen when doing a same-origin to cross-origin redirect. r=ckerschb
2015-12-05 01:46:20 -08:00
df33e62850
Bug 1226909 part 1: Do security checks in a redirect handler rather than when opening the redirected channel. r=ckerschb
2015-12-05 01:46:20 -08:00
76fa5db947
Bug 1210302 - Part 4: Add automated tests; r=sicking
2015-11-20 16:32:53 -05:00
36e922b9b7
Bug 1218433 - Use AsyncOpen2 in dom/workers/ScriptLoader.cpp - part 2 - WPT, r=sicking, r=Ms2ger
2015-11-16 22:41:54 +00:00
9d1f194cbb
Backed out 2 changesets (bug 1218433) for wpt failures CLOSED TREE
...
Backed out changeset 1cc8cc0444c0 (bug 1218433)
Backed out changeset 5418ca0e0378 (bug 1218433)
--HG--
extra : commitid : H1h8VHrzxx8
2015-11-16 11:13:43 -08:00
76aba80dc5
Bug 1218433 - Use AsyncOpen2 in dom/workers/ScriptLoader.cpp - part 2 - WPT, r=sicking, r=Ms2ger
2015-11-16 16:57:29 +00:00
a0cf7d50ad
Backed out 2 changesets (22360424ed15, 325a67608df0) (bug 1218433) for W(1,2) failures. r=backout on a CLOSED TREE
...
Backed out changeset 22360424ed15 (bug 1218433)
Backed out changeset 325a67608df0 (bug 1218433)
2015-11-15 15:56:45 +01:00
3285721a07
Bug 1218433 - Use AsyncOpen2 in dom/workers/ScriptLoader.cpp - part 2 - WPT, r=sicking
2015-11-15 11:57:22 +00:00
c941fd4008
Bug 663570 - Test 5: doc.write(meta csp) (r=sicking)
2015-11-14 19:30:24 -08:00
749afb19d4
Bug 663570 - Test 4: update referrer tests (r=sicking)
2015-11-14 19:30:16 -08:00
74f7445a35
Bug 663570 - Test 3: update upgrade-insecure-requests tests (r=sicking)
2015-11-14 19:30:08 -08:00
55d2e60a7e
Bug 663570 - Test 2: meta and header dual test (r=sicking)
2015-11-14 19:29:58 -08:00
82df3d1b9b
Bug 663570 - Test 1: baseline tests (r=sicking)
2015-11-14 19:29:45 -08:00
96f42dd458
Bug 663570 - MetaCSP Part 1: CSP parser changes (r=sicking)
2015-11-14 19:27:59 -08:00
27c89ea082
Bug 1223647: CSP erroneously inherited into dedicated workers. r=ckerschb
...
--HG--
rename : dom/workers/test/serviceworkers/test_eval_not_allowed.html^headers^ => dom/workers/test/serviceworkers/test_eval_allowed.html^headers^
2015-11-10 21:16:12 -08:00
2e6d1e7dfb
Backed out changeset d12f758f5f36 (bug 1223647) for android csp test failures
...
--HG--
extra : commitid : GRTvvKDy9Ki
2015-11-11 14:27:52 -08:00
ea6cf63b0f
Bug 1223647: CSP erroneously inherited into dedicated workers. r=ckerschb
2015-11-10 21:16:12 -08:00
a876eba5c9
Bug 1188028 - Use channel->ascynOpen2 in dom/security/nsCSPContext.cpp (r=sicking)
2015-07-27 11:57:56 -07:00
b98d58e46d
Back out changeset 4d6d9c1e52e4 (bug 1223647) for failures in test_csp.html, csp/test_redirects.html and csp/test_worker_redirect.html
...
--HG--
extra : rebase_source : a4a53053968cfa19e6544dd3e59e36ef23fcf353
2015-11-10 23:10:04 -08:00
426e42e7f9
Bug 1223647: CSP erroneously inherited into dedicated workers. r=ckerschb
2015-11-10 21:16:12 -08:00
00b9a85bd6
Bug 1045891 - Tests for child-src r=ckerschb
2015-11-09 16:42:26 +09:00
4d6f05d2f8
merge mozilla-inbound to mozilla-central a=merge
2015-11-09 14:55:30 +01:00
96837db759
Bug 1222478 - Enable more mulet tests. r=gerard-majax
2015-11-06 20:01:45 +01:00
9d98f9a481
Bug 1215235 - Drop support for jar: URIs by default, r=bz
2015-11-04 11:19:02 +00:00
0d2779ef10
Bug 1222105 - Make test_report.html and test_blocked_uri_in_reports.html work with e10s. r=ckerschb
2015-11-06 16:03:03 -08:00
0238bd1276
Bug 1221365 - Tests for "Is origin potentially trustworthy?" logic. r=ckerschb,bkelly
2015-11-06 11:10:08 -08:00
f8ad8afb5a
Backed out 4 changesets (bug 1045891) for b2g mochitest 7 failures
...
Backed out changeset c590b18c5885 (bug 1045891104589110458911045891
2015-11-06 09:36:49 -08:00
ad73bf4611
Bug 1045891 - Tests for child-src. r=ckerschb
2015-09-30 15:26:25 -07:00
30ff2fd956
Backed out changeset 26e162e72ae1 (bug 1045891)
2015-11-02 10:37:52 +01:00
Birunthan Mohanathas
Christoph Kerschbaumer
Dragana Damjanovic
Florian Queze
Sebastian Hengst
Dan Banner
Joel Maher
Kate McKinley
Andrea Marchesini
Frederik Braun
Ursula Sarracini
Masatoshi Kimura
Xidorn Quan
Tooru Fujisawa
Franziskus Kiefer
Wes Kocher
Phil Ringnalda
Mark Banner
Ehsan Akhgari
Geoff Brown
Iris Hsiao
André Bargull
Carsten "Tomcat" Book
Thomas Wisniewski
Ryan VanderMeulen
Tanuja Sawant
Nicholas Nethercote
Steven Englehardt
Richard Barnes
Yoshi Huang
Edgar Chen
Gabor Krizsanits
Tom Tung
Henry Chang
Tom Schuster
Michael Layzell
Johann Hofmann
Fabrice Desré
Tom Tromey
Christoph Kerschbaumer
Francois Marier
Thomas Nguyen
Paul Roberts
Jonathan Kingston
Jonathan Hao
Jonathan Watt
Frederik Braun
Tanvi Vyas
Marcos Caceres
Chris Manchester
Marco Castelluccio
Blake Kaplan
Boris Zbarsky
Ethan Tseng
Kyle Huey
Ben Kelly
Myk Melez
Andrew McCreight
Paolo Amadini
Shu-yu Guo
Jonas Sicking
Gregor Wagner