mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
611 593 коммитов 615 Ветки 98 Теги 5,7 GiB
Граф коммитов

16 Коммитов

Автор SHA1 Сообщение Дата
Yoshi Huang 9ff74a50f4 Bug 1373513 - Part 3: Revert Bug 1363634. r=ckerschb 
Revert what we did in Bug 1363634, from the spec, data:text/css should be same origin.
 2017-07-12 11:00:34 +08:00
Yoshi Huang 7aef584058 Bug 1363634 - rewrite test_style_crossdomain.html. r=ckerschb 
data:text/css should be considered as a CORS request, and should be
blocked if crossorigin is not specified.
Also move the original test to test_style-crossdomain_legacy.html


--HG--
rename : dom/security/test/sri/iframe_style_crossdomain.html => dom/security/test/sri/iframe_style_crossdomain_legacy.html
 2017-05-23 09:02:06 +08:00
Francois Marier c10dd4c73c Bug 1364262 - Convert SRI metadata to ASCII before parsing it. r=ckerschb 
MozReview-Commit-ID: Ekw8lNzDvou

--HG--
extra : rebase_source : a2fe92e804b5b690856c44783e88d815e38e2922
 2017-05-16 17:33:22 -07:00
Florian Quèze be4dbae285 Bug 1334199 - script-generated patch to omit getComputedStyle's second argument when it's falsy, r=jaws. 2017-01-27 10:51:02 +01:00
Frederik Braun 579a6043ca Bug 1312680 - Test that require-sri-for blocks style loads via @import r=francois 
MozReview-Commit-ID: A8DPWH2S3sD
 2016-11-03 03:18:00 +01:00
Frederik Braun ae7fb1e8d0 Bug 1279139 - require-sri-for needs to govern scriptloading for workers. r=baku 
MozReview-Commit-ID: 3m21kbiV5qK

--HG--
extra : rebase_source : 30c784392e96c1b28c55d38959cc529093b9b568
 2016-10-04 02:36:00 +02:00
Kate McKinley ed0b5f06ee Bug 1271796 use raw bytes to calculate SRI hash r=francois 
MozReview-Commit-ID: F62t5CnsYlJ

--HG--
extra : rebase_source : 9c2148ffe99a51db5541ec6d9961597b578157ae
 2016-09-05 12:55:25 +02:00
Frederik Braun fd99ac5cc2 Bug 1277248 - Add test to ensure that require-sri-for does not allow svg:scripts r=ckerschb 
MozReview-Commit-ID: 1knIYZ93UeY

--HG--
extra : rebase_source : 4c1385382ecdddf80ec45d46d440b37bf4ad47c1
 2016-09-13 11:05:37 +02:00
Tom Tung 6f314fb375 Bug 1187335 - P3 - modify SRI test to match current behavior. r=bkelly, r=francois. 2016-05-30 12:26:56 +08:00
Francois Marier 11de73857c Bug 1269241 - Add SRI tests for UTF-8 stylesheets. r=ckerschb,r=jkt 2016-07-07 14:44:51 -07:00
Jonathan Kingston daa6f72c59 Bug 1279420 - Adding in security.csp.experimentalEnabled pref check to require-sri-for directive in CSP. r=ckerschb 
MozReview-Commit-ID: 799ZZoW0YiG

--HG--
extra : transplant_source : %CAC%12%16%C6a%10AP%BEc%85%BA%93Z%7Cq%D43%8D
 2016-06-20 19:49:38 +01:00
Frederik Braun e8df1f59be Bug 1265318: tests for require-sri-for CSP directive. r=ckerschb 
MozReview-Commit-ID: Ji14cwB8D3P
 2016-05-31 08:30:00 +02:00
Francois Marier 5adc75d084 Bug 1208629 - Properly support data: and blob: URIs with an integrity atribute. r=ckerschb 2015-10-07 11:27:19 -07:00
Francois Marier 14eac63103 Bug 1202027 - Make SRI require CORS loads for cross-origin resources. r=ckerschb 2015-09-09 00:11:38 -07:00
Francois Marier f04275bd0b Bug 1196740 - Consider redirects when looking for SRI-eligibility. r=ckerschb 
--HG--
rename : dom/security/test/sri/iframe_style_sameorigin.html => dom/security/test/sri/iframe_style_crossdomain.html
rename : dom/security/test/sri/script_crossdomain4.js => dom/security/test/sri/script_crossdomain5.js
rename : dom/security/test/sri/style1.css => dom/security/test/sri/style_301.css
rename : dom/security/test/sri/test_style_sameorigin.html => dom/security/test/sri/test_style_crossdomain.html
 2015-08-25 13:38:39 -07:00
Francois Marier 2a4ad76933 Bug 992096 - Implement Sub Resource Integrity [2/2]. r=ckerschb 
Mochitests
 2015-08-12 20:19:16 -07:00