mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
480 688 коммитов 615 Ветки 98 Теги 5,9 GiB
Граф коммитов

350 Коммитов

Автор SHA1 Сообщение Дата
Christoph Kerschbaumer 9e62aecdfc Bug 1278272 - Convert test_csp_upgrade_insecure_request_header.js to channel.asyncOpen2() r=jkt 2016-06-29 13:08:47 +02:00
Christoph Kerschbaumer 1a5fda4297 Bug 1240193 - Skip TYPE_DOCUMENT assertions for loads initiated by JS tests (r=tanvi) 2016-06-29 12:59:45 +02:00
Jonathan Kingston daa6f72c59 Bug 1279420 - Adding in security.csp.experimentalEnabled pref check to require-sri-for directive in CSP. r=ckerschb 
MozReview-Commit-ID: 799ZZoW0YiG

--HG--
extra : transplant_source : %CAC%12%16%C6a%10AP%BEc%85%BA%93Z%7Cq%D43%8D
 2016-06-20 19:49:38 +01:00
Christoph Kerschbaumer 24fbc29c99 Bug 1188642 - Use channel->ascynOpen2 in dom/base/nsObjectLoadingContent.cpp r=smaug 2016-06-28 09:37:55 +02:00
Christoph Kerschbaumer 25f6f710d7 Bug 1100181 - CSP: Enforce connect-src when submitting pings. r=arroway 2016-06-24 15:25:11 +02:00
Christoph Kerschbaumer 76f6cc7739 Bug 1268327 - ReferrerPolicy should not be delivered through CSPRO r=tnguyen 
--HG--
extra : rebase_source : 92bd320351de91b72304c2fc386f1ae295837a9e
 2016-06-22 14:13:03 +02:00
Christoph Kerschbaumer 1b81dcec35 Bug 1271198 - Convert Websockets to use AsyncOpen2(). r=jduell 2016-05-17 12:04:11 +02:00
Thomas Nguyen 4b7ad0e2c5 Bug 1223838 - Fix wrong policy associated with empty string. r=fkiefer,hsivonen 
MozReview-Commit-ID: 7kFH39cegmH
 2016-05-30 15:17:45 +08:00
Dimi Lee 83ab2f2e39 Bug 1148732 - (CVE-2015-4483) feed: protocol + POST method => mixed scripting. r=tanvi 2016-05-23 12:11:02 +08:00
Stephanie Ouillon e4fbe1d9ac Bug 1247459 - Meta and header CSP are merged without a semicolon. r=ckerschb 2016-05-17 15:34:53 +02:00
Frederik Braun 404a0bbb99 Bug 1265318: add require-sri-for CSP directive. r=ckerschb 
MozReview-Commit-ID: 200PAvKtBME
 2016-05-31 11:14:00 +02:00
Frederik Braun e8df1f59be Bug 1265318: tests for require-sri-for CSP directive. r=ckerschb 
MozReview-Commit-ID: Ji14cwB8D3P
 2016-05-31 08:30:00 +02:00
Jonathan Hao 525c086187 Bug 1259871 - Replace getSimpleCodebasePrincipal with createCodebasePrincipal. r=sicking 
MozReview-Commit-ID: Frx0CjBzuve

--HG--
extra : histedit_source : 036eb321d9ccb20e0e071ba588b0a1249eb34bdd
 2016-05-24 18:01:34 +08:00
Sebastian Hengst 4a29890033 Backed out changeset c970fb57fedd (bug 1247459) for failing its own test on Windows. r=backout 2016-05-31 08:36:02 +02:00
Stephanie Ouillon fc06857f8e Bug 1247459 - Meta and header CSP are merged without a semicolon. r=ckerschb 2016-05-17 15:34:53 +02:00
Christoph Kerschbaumer 8a208322fb Bug 1269254 - Skip CheckLoadURIWithPrincipal checks within ContentSecurityManager on loadingPrincipal if security flag indicates allow cross origin loads (r=sicking) 2016-05-29 20:40:16 +02:00
Christoph Kerschbaumer 031a59734b Bug 1196013 - Use channel->ascynOpen2 in toolkit/components/places. r=billm r=sicking r=mak 2016-05-23 23:57:31 +02:00
Patrick McManus 2cd574f25f Bug 1274376 - more mozilla::net namespaces r=dragana 
--HG--
extra : rebase_source : 914d48f23a4a5db052a789b9e21c1ff922533d35
 2016-05-18 22:02:57 -04:00
Carsten "Tomcat" Book 927b1a0b3a Backed out changeset 7469725d7461 (bug 959388) 2016-05-23 11:36:12 +02:00
Carsten "Tomcat" Book 9214312096 Backed out changeset 9feb9c89d33a (bug 959388) 2016-05-23 11:36:10 +02:00
Thomas Nguyen 61fe1800b8 Bug 959388 - Add csp worker test cases. r=kmckinley 
MozReview-Commit-ID: Ahx419BHWrS

--HG--
extra : rebase_source : 2016c1e68f990a8ba9cd471e18778c87b08546e1
 2016-05-19 11:59:54 +08:00
Thomas Nguyen 32e38271c9 Bug 959388 - Deliver CSP from HTTP header. r=ckerschb r=khuey 
MozReview-Commit-ID: LUl5LyO94m3

--HG--
extra : rebase_source : f2ddfcbf6237b11ebb19adfabf346cf76f4a6ab8
 2016-05-19 11:57:32 +08:00
Christoph Kerschbaumer 52a84afc5c Bug 1273418 - CSP: Test evaluate upgrade-insecure-requests before block-all-mixed-content (r=tanvi) 2016-05-21 19:36:02 +02:00
Christoph Kerschbaumer 3713fd6352 Bug 1273418 - CSP: Evaluate upgrade-insecure-requests before block-all-mixed-content (r=tanvi) 2016-05-21 19:35:45 +02:00
Sebastian Hengst 468fcc6924 Backed out changeset 2292661153e3 (bug 1271198) for web-platform failures. r=backout on a CLOSED TREE 2016-05-19 17:06:04 +02:00
Christoph Kerschbaumer bbc661631e Bug 1271198 - Convert Websockets to use AsyncOpen2() (r=jduell) 2016-05-19 15:42:01 +02:00
Sebastian Hengst d6e3286232 Backed out changeset 854a8df494d3 (bug 1271198) for many assertions at nsHttpChannel.cpp:5204. r=backout on a CLOSED TREE 2016-05-19 14:23:51 +02:00
Christoph Kerschbaumer 0e2d46a840 Bug 1271198 - Convert Websockets to use AsyncOpen2() (r=jduell) 2016-05-19 11:54:02 +02:00
Trevor Saunders 1e81548029 bug 1271436 - use nsIDocShellTreeItem::GetDocument() more r=smaug 2016-05-17 18:16:07 -04:00
Chris Peterson 8a9e2d2bd4 Bug 1272513 - Part 2: Remove redundant -Wshadow CXXFLAGS from moz.build files. r=glandium 2016-05-14 00:54:55 -07:00
Henry Chang dc7cba21ef Bug 1251152 - Part 3: Test case. r=franziskus 2016-05-05 11:11:34 +08:00
Andreas Farre 51e42c28d2 Bug 1268851 - Add SRILogHelper to hold GetSriLog r=baku 
MozReview-Commit-ID: BqW7LXOFirn

--HG--
extra : rebase_source : cf0d1c8f1f88e05912830cef673e866b7c2756c4
 2016-05-03 17:43:33 -07:00
Christoph Kerschbaumer 9944442791 Bug 1261634 - Tests for whitespace skipping within meta csp. r=dveditz 2016-04-21 21:19:50 +02:00
Christoph Kerschbaumer a9a95d1918 Bug 1261634 - Update whitespace skipping for meta csp. r=dveditz 2016-04-21 21:15:06 +02:00
Aryeh Gregor f14f1babe8 Bug 1193762 part 8 - Fix things that will break; r=froydnj 
It looks like VC++ doesn't like comparisons of nsCOMPtr to 0 after this
change, but those are bad style anyway, so I removed them from
TestCOMPtr.cpp instead of trying to make them work.
 2016-05-01 21:29:23 +03:00
Christoph Kerschbaumer da0d241d98 Bug 1206961 - Use channel->AsyncOpen2() for imageLoader; Remove security checks from callsites (r=bz) 2016-04-27 19:41:13 +02:00
Jonathan Watt 2bb448cbb2 Bug 1267509 - Make nsContentSecurityManager::IsURIPotentiallyTrustworthy act on an nsIPrincipal. r=bz 
MozReview-Commit-ID: Zu1zU4Brkx

--HG--
rename : dom/security/test/unit/test_isURIPotentiallyTrustworthy.js => dom/security/test/unit/test_isOriginPotentiallyTrustworthy.js
 2016-04-26 11:30:43 +01:00
Christoph Kerschbaumer c607e5cac1 Bug 1263286 - Update csp base-uri tests. r=bz 
--HG--
rename : dom/security/test/csp/file_base-uri.html => dom/security/test/csp/file_base_uri_server.sjs
 2016-04-26 12:38:06 +02:00
Kyle Huey c73656947b Bug 1265927: Move nsRunnable to mozilla::Runnable, CancelableRunnable to mozilla::CancelableRunnable. r=froydnj 2016-04-25 17:23:21 -07:00
Frederik Braun 582caa399f Bug 1142332 - Prevent calling CSP_EnumToKeyword with CSP_HASH. r=ckerschb 
MozReview-Commit-ID: I1w9QrWJeEo

--HG--
extra : histedit_source : 1258cfc50d32c10f0de90ba1e863e21ae3ebf0f8
 2016-04-24 14:56:22 -04:00
Kris Maglione f3feb0cfd3 Bug 1254194: Allow iterating over and inspecting sources of parsed CSP directives. r=ckerschb 
MozReview-Commit-ID: G8b86UvSv0y

--HG--
extra : rebase_source : c7857e88af0d94dd1162dccfe12aae6567945f2c
 2016-04-23 20:42:43 -07:00
Christoph Kerschbaumer d82c07bf27 Bug 1262635 - Don't strip URIs of ftp: when sending reports. r=dveditz 2016-04-17 20:09:18 +02:00
Matt Robenolt 1d82e1412f Bug 1192840 - Fix CSP report content-type. r=ckerschb 2016-04-14 12:51:31 +02:00
Frederik Braun 6c12520100 Bug 1192840 - fix tests to expect correct csp report content-type r=ckerschb 
MozReview-Commit-ID: TzpGH63EPF

--HG--
extra : transplant_source : %1548%CC%97%F5%3Ca%D6_%0Df%96.%5C%F0%B0%3BE%21
 2016-04-08 14:14:38 +02:00
Tanvi Vyas 9c0a7ac154 Bug 1105556 - Add a hidden preference that is checked in debug mode to determine whether the main LoadInfo() constructor should assert that the ContentPolicyType is not TYPE_DOCUMENT. 
Set the preference in xpcshell tests that create TYPE_DOCUMENT loads in javascript and hence end up using the main constructor. r=sicking, ckerschb
 2016-04-13 16:30:36 -07:00
Tanvi Vyas b58752765c Bug 1105556 - Don't call CheckLoadURIWithPrincipal() in DoCheckLoadURIChecks() for TYPE_DOCUMENT loads where we don't have a loadingPrincipal. Ensure SEC_COOKIES_SAME_ORIGIN isn't set for TYPE_DOCUMENT loads in CheckChannel(). r=ckerschb, sicking 2016-04-13 16:30:28 -07:00
Sebastian Hengst 4ee65db5e7 Backed out changeset 0c21f872515b (bug 1192840) for failure in modified test_csp_reports.js. r=backout 2016-04-13 19:32:44 +02:00
Frederik Braun ae7f565803 Bug 1192840 - fix tests to expect correct csp report content-type r=ckerschb 
MozReview-Commit-ID: TzpGH63EPF

--HG--
extra : transplant_source : %1548%CC%97%F5%3Ca%D6_%0Df%96.%5C%F0%B0%3BE%21
 2016-04-08 14:14:38 +02:00
Marcos Caceres 387bd9e686 Bug 1258005 - Remove setTimeout to avoid intermittent issue. r=bkelly 2016-04-12 00:39:00 +02:00
Jonathan Hao e1331785d7 Bug 1241634 - Reflow before clicking in mixedcontentblocker test r=mckinley 
MozReview-Commit-ID: 5rbeuVjaw0B

--HG--
extra : rebase_source : f0f603c31e0e2ee43f8bbac575de3dab0660e333
 2016-03-25 16:52:49 +08:00