Stop excluding caps/ from eslint runs and apply mozilla/recommended rules.
This generally affects xpcshell and mochitest files under caps/tests.
Includes many mechanical changes to comply with mozilla recommended
formatting rules.
Two about:blank codebase URI principals are only equal if their
object identities are the same, but not if their string
serializations happen to be equal (as they always will be.) In order
to ensure that we always get this right in places where we compare
the origin properties of two principals to check for their equality,
we should ensure that the origin getter would throw so that we never
incorrectly conclude that two such principals are equal.
We will soon start returning a null principal instead of a codebase
principal under this situation.
This patch allows specifying an OriginAttributes when creating a sandbox
using Components.utils.Sandbox() by specifying an originAttributes
member on the options dictionary.
If an OA is specified in this way, it is used for creating codebase
principals from the string arguments passed to the function. Otherwise,
if one or more principals are passed in the array argument to Sandbox(),
the OA of the principal(s) is used to construct codebase principals from
the strings inside the array. In this case, we check to make sure that
all of the passed principals have the same OA, otherwise we'll throw an
exception.
In case no explicit OA is specified and no principals are passed in the
array argument, we create the codebase principals using a default OA.
Add an origin attribute called 'firstPartyDomain'.
This value will be extracted from the URL bar.
And the purpose of this attribute is used to isolate the data-jars.
Please see the tor documentation.
https://www.torproject.org/projects/torbrowser/design/#identifier-linkability
The idea is like a superset of 'reject third party cookies', but not
only apply for cookies, it also applies to all data-jars like localStorage,
indexedDB and so on.
So basically an iframe will have its own data-jar, and this data-jar is
isolated by the URL from URL bar, for instance, an iframe
https://facebook.com inside https://cnn.com won't share data-jar with
the iframe (https://facebook.com) in https://bbc.com
Add an origin attribute called 'firstPartyDomain'.
This value will be extracted from the URL bar.
And the purpose of this attribute is used to isolate the data-jars.
Please see the tor documentation.
https://www.torproject.org/projects/torbrowser/design/#identifier-linkability
The idea is like a superset of 'reject third party cookies', but not
only apply for cookies, it also applies to all data-jars like localStorage,
indexedDB and so on.
So basically an iframe will have its own data-jar, and this data-jar is
isolated by the URL from URL bar, for instance, an iframe
https://facebook.com inside https://cnn.com won't share data-jar with
the iframe (https://facebook.com) in https://bbc.com
This change renames OriginAttributes.mInBrowser to mInIsolatedMozBrowser and
nsIPrincipal::GetIsInBrowserElement to GetIsInIsolatedMozBrowserElement. Other
methods that pass these values around also have name changes.
Tokens such as "inBrowser" have previously been serialized into cache keys, used
as DB column names, stored in app registries, etc. No changes are made to any
serialization formats. Only runtime method and variable names are updated.
No behavior changes are made in this patch, so some renamed methods may have
nonsensical implementations. These are corrected in subsequent patches
focused on behavior.
MozReview-Commit-ID: 66HfMlsXFLs
Rajesh Kathiriya
Sebastian Hengst
Geoff Brown
Andrea Marchesini
Ehsan Akhgari
Kris Maglione
Mark Banner
Florian Quèze
Valentin Gosu
Yoshi Huang
Dave Huseby
Carsten "Tomcat" Book
J. Ryan Stinnett
Bobby Holley
Shu-yu Guo
Stephanie Ouillon
Henry Chang
Michael Layzell
Steven Englehardt
Wes Kocher