mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
471 273 коммитов 615 Ветки 98 Теги 5,7 GiB
Граф коммитов

30 Коммитов

Автор SHA1 Сообщение Дата
Tanvi Vyas 74153c556f Bug 1260153 - remove unreachable code in nsMixedContentBlocker. if/else blocks above all return. r=ckerschb 2016-03-28 12:48:00 +02:00
Christoph Kerschbaumer 254dd8f12a Bug 1216365 - nsMixedContentBlocker should use innerMostURI for aContentLocation. r=tanvi 2016-03-28 22:03:26 -07:00
Benjamin Peterson 752343237e No bug - fix typo r=me 
DONTBUILD CLOSED TREE

--HG--
extra : rebase_source : 25f0600425dec249f838ed221dde71d401571eb9
extra : amend_source : 49f7ccab9e47083df9e8b7776acc6de73a880473
 2016-03-19 21:28:19 -07:00
Christoph Kerschbaumer 39f2d53360 Bug 1122236 - CSP: Implement block-all-mixed-content (r=tanvi,kate,mrbkap) 2016-01-13 20:58:16 -08:00
Franziskus Kiefer 56bdfe820a Bug 1244116 - Telemetry for mixed content requests by plugins. r=smaug, p=ally 
MozReview-Commit-ID: F9rOb1SdPnL

--HG--
extra : rebase_source : 0b2aa83761880fb6e5a18c3a80ac86fe5ca16923
 2016-02-16 15:46:36 +01:00
Christoph Kerschbaumer 18e28eaf42 Bug 1239397: Send Internal ContentPolicyType to CSP and MixedContent (r=sicking) 2016-01-19 09:10:50 -08:00
Christoph Kerschbaumer 071f422450 Bug 1233098 - Refactor CSP upgrade insecure requests flag within loadInfo (r=sicking) 2016-01-14 12:38:15 -08:00
Nigel Babu 7089beabc7 Backed out changeset f51b921e1ccf (bug 1233098) for browser-chrome bustage 
--HG--
extra : commitid : ytS8fc4lFu
 2016-01-14 08:04:37 +05:30
Christoph Kerschbaumer c42851930c Bug 1233098 - Refactor CSP upgrade insecure requests flag within loadInfo (r=sicking) 2016-01-13 15:51:43 -08:00
Ehsan Akhgari 59c135c176 Bug 1198078 - Add support for TYPE_INTERNAL_SERVICE_WORKER; r=ckerschb,tanvi 2015-09-16 19:15:30 -04:00
Richard Barnes cba82e6dbd Bug 1198572 - Add telemetry for how often HSTS would fix mixed content problems r=smaug r=tanvi 2015-09-09 15:14:27 -04:00
Tanvi Vyas aa87627fac Bug 1182551 - Don't set STATE_IS_BROKEN on HTTP pages when mixed content is allowed by default. r=smaug 2015-08-13 17:13:43 -07:00
Tanvi Vyas 87164ced3c Bug 1181683 - Mark ping and beacon as blockable mixed content instead of optionally blockable. r=smaug 2015-08-03 15:25:21 -07:00
Christoph Kerschbaumer 9ea890b6d7 Bug 1139297 - Implement CSP upgrade-insecure-requests directive - mcb changes (r=tanvi) 
--HG--
extra : rebase_source : 055dda3713d13e0fa8f4e4d97a5371900df0ff4e
 2015-07-10 09:14:42 -07:00
Dragana Damjanovic 7987d2203e Bug 905127 - Part 2 - remove unnecessary nsNetUtil.h includes r=jduell 2015-07-06 07:55:00 +02:00
Ehsan Akhgari 3b2798f9f5 Bug 1175299 - Translate the content policy type obtained in nsMixedContentBlocker::AsyncOnChannelRedirect to an external one before invoking the content policy implementation; r=smaug 2015-06-16 21:17:01 -04:00
Ehsan Akhgari 72aef1875b Bug 1175122 - Add more assertions to the in-tree content policy implementations to ensure that they receive external content policy types; r=baku 2015-06-16 11:38:53 -04:00
Ehsan Akhgari 8f750a75b2 Bug 1174307 - Add some internal content policy types for the purpose of reflecting them on RequestContext; r=sicking 
These new content policy types will be internal ones that we will map
to external nsContentPolicyTypes before passing them to content policy
implementations.
 2015-06-15 15:40:26 -04:00
Marcos Caceres 8fc79cb285 Bug 1089255 - Implement and test manifest-src CSP directive. r=bholley, r=dveditz, r=ckerschb 
---
 dom/base/nsContentPolicyUtils.h                    |   1 +
 dom/base/nsDataDocumentContentPolicy.cpp           |   3 +-
 dom/base/nsIContentPolicy.idl                      |   2 +-
 dom/base/nsIContentPolicyBase.idl                  |   7 +-
 dom/base/nsISimpleContentPolicy.idl                |   2 +-
 dom/base/test/csp/browser.ini                      |   4 +
 dom/base/test/csp/browser_test_web_manifest.js     | 265 +++++++++++++++++++++
 .../csp/browser_test_web_manifest_mixed_content.js |  55 +++++
 dom/base/test/csp/file_CSP_web_manifest.html       |   6 +
 dom/base/test/csp/file_CSP_web_manifest.json       |   1 +
 .../test/csp/file_CSP_web_manifest.json^headers^   |   1 +
 dom/base/test/csp/file_CSP_web_manifest_https.html |   4 +
 dom/base/test/csp/file_CSP_web_manifest_https.json |   1 +
 .../csp/file_CSP_web_manifest_mixed_content.html   |   9 +
 .../test/csp/file_CSP_web_manifest_remote.html     |   8 +
 dom/base/test/csp/file_csp_testserver.sjs          |  14 +-
 dom/base/test/csp/mochitest.ini                    |   7 +
 dom/base/test/moz.build                            |   5 +-
 dom/fetch/InternalRequest.cpp                      |   3 +
 dom/fetch/InternalRequest.h                        |   2 +-
 .../security/nsIContentSecurityPolicy.idl          |   3 +-
 dom/ipc/manifestMessages.js                        |  25 +-
 dom/security/nsCSPUtils.cpp                        |   7 +
 dom/security/nsCSPUtils.h                          |  10 +-
 dom/security/nsMixedContentBlocker.cpp             |   1 +
 dom/webidl/CSPDictionaries.webidl                  |   1 +
 extensions/permissions/nsContentBlocker.cpp        |   6 +-
 netwerk/mime/nsMimeTypes.h                         |   1 +
 28 files changed, 439 insertions(+), 15 deletions(-)
 create mode 100644 dom/base/test/csp/browser.ini
 create mode 100644 dom/base/test/csp/browser_test_web_manifest.js
 create mode 100644 dom/base/test/csp/browser_test_web_manifest_mixed_content.js
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest.html
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest.json
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest.json^headers^
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest_https.html
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest_https.json
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest_mixed_content.html
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest_remote.html
 2015-06-02 15:42:19 -04:00
Eric Rahm 4879ae86f4 Bug 1165518 - Part 2: Replace prlog.h with Logging.h. rs=froydnj 2015-05-19 11:15:34 -07:00
Andrew McCreight 9e8f4b219e Bug 1152551, part 2 - Fix mode lines in dom/. r=jst 2015-05-03 15:32:37 -04:00
Tanvi Vyas ac8b060203 Bug 1148732 - When checking a document's scheme, check the innermost uri. r=dveditz, smaug 2015-04-15 10:18:27 -07:00
Tanvi Vyas 9bd1ff3802 Bug 1082947 - Make sure the security state is set properly in nsMixedContentBlocker. r=smaug 2015-03-25 11:23:42 -07:00
Tanvi Vyas d10e6067e4 Bug 1082837 - Use nsresult for static ShouldLoad and use NS_IMETHODIMP for nsIContentPolicy::ShouldLoad(). CLOSED TREE 2015-03-24 10:51:15 -07:00
Tanvi Vyas 3faad06490 Bug 1082837 - Call content policies on cached image redirects in imgLoader::ValidateSecurityInfo. Content policies check the last hop (final uri) of the cached image. For Mixed Content Blocker, we do an additional check to see if any of the intermediary hops went through an insecure redirect. r=smaug, feedback=seth 2015-03-24 09:18:48 -07:00
Tanvi Vyas 8761a49c15 Bug 1084504 - fix Mixed Content Blocking for redirects in e10s. r=mrbkap 2015-02-19 17:01:04 -08:00
Masatoshi Kimura 28adad3ff7 Bug 1115668 - Fix inappropriate mixed content warning messages. r=tanvi 2014-12-30 23:09:33 +09:00
Carsten "Tomcat" Book fb9f41c121 Backed out changeset 470c550c782b (bug 1115668) for breaking dt tests on a CLOSED TREE 2014-12-30 08:09:15 +01:00
Masatoshi Kimura a1bc5e76d9 Bug 1115668 - Fix inappropriate mixed content warning messages. r=tanvi 2014-12-30 14:37:15 +09:00
Christoph Kerschbaumer ea908adf75 Bug 1089912: Part 2, move mixedcontentblocker into dom/security (r=tanvi,jst) 
--HG--
rename : dom/base/nsMixedContentBlocker.cpp => dom/security/nsMixedContentBlocker.cpp
rename : dom/base/nsMixedContentBlocker.h => dom/security/nsMixedContentBlocker.h
 2014-10-28 09:44:11 -07:00