9f4d083047
Bug 1412456 - Test changes to no longer use interposition (r=felipe,bgrins,mrbkap)
...
MozReview-Commit-ID: 2nQPOSGTr1s
2017-12-07 12:55:24 -08:00
89531e8dc3
Backed out 9 changesets (bug 1412456) for crashing talos g2 and unexpected network connections in browser-chrome's browser_searchEngine_behaviors.js r=backout a=backout on a CLOSED TREE
...
Backed out changeset 0c01a98f4fd5 (bug 1412456)
Backed out changeset 27077db47231 (bug 1412456)
Backed out changeset f35ec2a884f8 (bug 1412456)
Backed out changeset 602b30ac3c69 (bug 1412456)
Backed out changeset b1ff1050c589 (bug 1412456)
Backed out changeset f100d953f9eb (bug 1412456)
Backed out changeset d85af60fe259 (bug 1412456)
Backed out changeset 736f38486832 (bug 1412456)
Backed out changeset 13a637602dc2 (bug 1412456)
2017-12-07 12:20:21 +02:00
bef7c122df
Bug 1412456 - Test changes to no longer use interposition (r=felipe,bgrins,mrbkap)
...
MozReview-Commit-ID: 2nQPOSGTr1s
2017-12-06 21:17:05 -08:00
eb65c24c7b
Backed out 8 changesets (bug 1412456) for ESlint failure on browser_urlbarKeepStateAcrossTabSwitches.js:13:49 r=backout on a CLOSED TREE
...
Backed out changeset 0e88de036c55 (bug 1412456)
Backed out changeset 49b93f807db0 (bug 1412456)
Backed out changeset 039e980b7dc6 (bug 1412456)
Backed out changeset c7698410ddbd (bug 1412456)
Backed out changeset e56a1ba26b7c (bug 1412456)
Backed out changeset 0c4506e124ac (bug 1412456)
Backed out changeset a7aec2ce903b (bug 1412456)
Backed out changeset 3e9fb71f1e8e (bug 1412456)
2017-12-07 07:09:33 +02:00
be77cf4a01
Bug 1412456 - Test changes to no longer use interposition (r=felipe,bgrins,mrbkap)
...
MozReview-Commit-ID: 2nQPOSGTr1s
2017-12-06 20:46:58 -08:00
e77ee731e9
Bug 1222924 - stop allowing webpages to link to moz-icon: , r=mrbkap
...
MozReview-Commit-ID: FKEDboWIfFQ
--HG--
extra : rebase_source : 801317b5746c6e84431c6a8f2097b83523646016
2017-11-22 21:31:41 +00:00
63739feac3
Bug 1037335 - Add a pref to enable only within Nightly and Early Beta. r=ckerschb,smaug
...
MozReview-Commit-ID: Bi82dHm53qX
--HG--
extra : rebase_source : 61a7c517afb2759d672a1c486213a73ef505a324
extra : amend_source : 572a2c8613fe36ae1ebd613a361bb23acc019912
2017-11-29 16:55:00 +02:00
a3b493b9ca
Bug 1037335 - Add a mochitest for security policy violation event. r=ckerschb
...
MozReview-Commit-ID: 7l5jJFEtIaT
--HG--
extra : rebase_source : 49b6794482f0be79919b20226aa571d6ebe066de
2017-11-29 16:54:00 +02:00
8dd7eb1b95
Bug 1037335 - Implement security policy violation event. r=ckerschb,smaug
...
MozReview-Commit-ID: 4BYThUXduI4
--HG--
extra : rebase_source : 5d4a34c5e6bb7fd3774fafb1de72e761bce4591f
2017-11-29 16:53:00 +02:00
513ba7660d
Backed out changeset b3d1e9847a7a (bug 725490) for mochitest failures in dom/base/test/test_x-frame-options.html r=backout on a CLOSED TREE
2017-11-29 12:01:19 +02:00
099e4fa549
Bug 1421458 - Add more initial configuration setup and prepare .eslintignore for enabling ESLint on more xpcshell-test directories. r=mossop
...
MozReview-Commit-ID: 4nbTuNNnAdZ
--HG--
extra : rebase_source : 7131f0ddad79d28615a5799c657972bd84a69180
2017-11-28 22:57:08 +00:00
6986c42dfa
Bug 1190623 - Add a pref to consider object sub requests as active. r=tanvi, r=ckerschb
...
MozReview-Commit-ID: Br2F89IfWng
2017-11-11 01:15:06 +00:00
5565689b54
Bug 725490 - Change XFO sameorigin to check all ancestors for same origin. r=smaug
...
MozReview-Commit-ID: 5fPxGpcdVms
--HG--
extra : rebase_source : f25e525c1e5f6cfe2c5002779fefe17263896d02
2017-11-03 15:37:10 +00:00
326ce05075
Bug 1415352: Part 3a - Add preference to increase max length of CSP report source sample. r=ckerschb
...
This is necessary for tests which need to verify that reports are being sent
for the correct inline sources, where the current sample size is not enough to
completely distinguish them.
MozReview-Commit-ID: 2k2vAhJhIsi
--HG--
extra : rebase_source : 268a53d1450be6666081bf5093aa170352b398e1
2017-11-06 14:01:32 -08:00
e011d320e1
Bug 1398229 - Save-link-as feature should use the loading principal - part 4 - Comment updated, r=me
2017-11-19 08:53:47 +01:00
92d28bd8f2
Merge inbound to mozilla-central r=merge a=merge
2017-11-17 11:59:03 +02:00
97baa05333
Bug 1398229 - Save-link-as feature should use the loading principal - part 3 - implementation of nsIContentPolicy.TYPE_SAVE_AS_DOWNLOAD, r=ckerschb, r=tanvi
2017-11-16 12:27:01 +01:00
59de60ae4b
Bug 1407343 Silence multiple classes of warnings for the MinGW build, including not enabling format warnings unless -Wformat is set r=froydnj,glandium
...
MozReview-Commit-ID: ALmo1hbqVxC
--HG--
extra : rebase_source : a68475b90372cd5679c37474fb6705b2a5d48ddf
2017-11-16 12:36:33 -06:00
6c1d6be6fb
Backed out 3 changesets (bug 1398229) for failing own browser-chrome browser/components/contextualidentity/test/browser/browser_saveLink.js. r=backout on a CLOSED TREE
...
Backed out changeset 5b3b0a38b2d1 (bug 1398229)
Backed out changeset a726fc7506ca (bug 1398229)
Backed out changeset 53dae7764e58 (bug 1398229)
2017-11-15 20:49:09 +02:00
11eefa61bb
Bug 1398229 - Save-link-as feature should use the loading principal - part 3 - implementation of nsIContentPolicy.TYPE_SAVE_AS_DOWNLOAD, r=ckerschb
2017-11-15 18:16:29 +01:00
c848c91be9
Bug 1415612: Allow all plain text types when navigating top-level data URIs. r=bz
2017-11-13 21:25:02 +01:00
1ea20715d4
Bug 1407891: Test navigation for right-click view-image on data:image/svg. r=bz
2017-11-08 17:43:26 +01:00
6584da597b
Bug 1407891: Allow view-image to open a data: URI by setting a flag on the loadinfo. r=bz
2017-11-08 20:01:41 +01:00
d5958a52e0
Bug 1403870: Test toplevel data URI navigation to application/json is allowed. r=smaug
2017-11-03 13:27:01 +01:00
078474c979
Bug 1403870: Allow toplevel data URI navigation data:application/json. r=smaug
2017-11-03 13:26:28 +01:00
3d0a1f002e
Bug 1403814 - Block toplevel data: URI navigations only if openend in the browser. r=smaug
2017-11-03 13:23:11 +01:00
60bd93b916
Bug 1403814 - Update tests for toplevel data URI blocking because we know block after we have received the response. r=smaug
2017-11-03 13:22:57 +01:00
8f13729a0f
Bug 1403814: Test navigation to data:text/csv. r=smaug
2017-10-11 22:47:12 +02:00
5703b12317
Bug 1302667 - CSP: Update test_child-src_worker.html because child-src falls back to script-src. r=dveditz,mckinley
2017-10-30 18:46:34 +01:00
67c85139df
Bug 1302667 - CSP: Test 'frame-src'. r=dveditz,mckinley
2017-10-30 18:46:19 +01:00
d1b704d00d
Bug 1302667 - CSP: Test 'worker-src'. r=dveditz,mckinley
2017-10-30 18:46:05 +01:00
5d54a394cc
Bug 1302667 - CSP: Add Parser test for 'worker-src'. r=dveditz,mckinley
2017-10-30 18:45:50 +01:00
2fd8493f7f
Bug 1302667 - CSP: Implement 'worker-src'. r=baku,dveditz,mckinley
2017-10-30 18:45:36 +01:00
75fc345254
bug 1406391 - Remove toolkit.telemetry.enabled manipulation from tests r=Dexter
...
Minor note:
reftests should've turned off uploadEnabled in the first place.
reftests should have unified telemetry on. It's the future.
MozReview-Commit-ID: 9spzuUAXwwP
2017-10-30 10:47:39 -04:00
44d1b50592
Backed out changeset 70ccfda99dbc::ca6ae38c0432 (bug 1302667) for frequently failing mochitest in security/test/csp/test_worker_src.html r=backout a=backout on a CLOSED TREE
...
Backed out changeset ca6ae38c0432 (bug 1302667)
Backed out changeset ff86e185e09d (bug 1302667)
Backed out changeset 8ec6b8bf8c6c (bug 1302667)
Backed out changeset 21c73f9d8fac (bug 1302667)
Backed out changeset e982481dbf2c (bug 1302667)
Backed out changeset 70ccfda99dbc (bug 1302667)
2017-10-30 14:19:29 +02:00
f74ce8742c
Bug 1302667 - CSP: Update test_child-src_worker.html because child-src falls back to script-src. r=dveditz,mckinley
2017-10-30 09:07:31 +01:00
3a0a307bf0
Bug 1302667 - CSP: Test 'frame-src'. r=dveditz,mckinley
2017-10-30 09:07:12 +01:00
5fc9f5eebd
Bug 1302667 - CSP: Test 'worker-src'. r=dveditz,mckinley
2017-10-30 09:06:53 +01:00
0de95dd051
Bug 1302667 - CSP: Add Parser test for 'worker-src'. r=dveditz,mckinley
2017-10-30 09:06:35 +01:00
58b63c1576
Bug 1302667 - CSP: Implement 'worker-src'. r=baku,dveditz,mckinley
2017-10-30 09:10:36 +01:00
4bc2b1615d
Backed out 4 changesets (bug 1408433, bug 1406391, bug 1408512) for crashing tests by touching the network contacting incoming.telemetry.mozilla.org on nightly builds
...
Backed out changeset 9bfd4b0927dc (bug 1408433)
Backed out changeset 555850d5107e (bug 1408512)
Backed out changeset 15d959b9123e (bug 1406391)
Backed out changeset e1f34ba9cecc (bug 1406391)
MozReview-Commit-ID: BVoGRsD73Hf
2017-10-27 21:08:27 -07:00
8e6dd31d55
bug 1406391 - Remove toolkit.telemetry.enabled manipulation from tests r=Dexter
...
Minor note:
reftests should've turned off uploadEnabled in the first place.
MozReview-Commit-ID: 9spzuUAXwwP
2017-10-27 10:59:43 -04:00
298aa82710
Bug 1412125, part 2 - Fix dom/ mode lines. r=qdot
...
This was automatically generated by the script modeline.py.
MozReview-Commit-ID: BgulzkGteAL
--HG--
extra : rebase_source : a4b9d16a4c06c4e85d7d85f485221b1e4ebdfede
2017-10-26 15:08:41 -07:00
1d0acbdb9b
Bug 1412125, part 1 - Manually add mode lines and MPL to files that were missing them entirely. r=qdot
...
These were detected by the script used to generate part 2.
MozReview-Commit-ID: VMcT154f6f
--HG--
extra : rebase_source : 2f5fc8a314302fcacac840a8dbe0ff874d518e51
2017-10-26 14:54:59 -07:00
ebfa77072c
Bug 1408451: Log to web console when blocking toplevel data: URI navigations. r=bz
2017-10-16 14:18:52 +02:00
42bc28d260
Bug 1399956 - Disable some mochitests in headless. r=jrmuizel
...
These tests will need more work and are low priority.
MozReview-Commit-ID: H0J16E8FqNr
2017-10-16 16:15:45 -07:00
98c0c61998
Bug 1407056: Follow-up: Don't try to truncate data URI strings to a longer length. r=me
...
MozReview-Commit-ID: CDsYXyrhB7T
--HG--
extra : rebase_source : 5647f2d05def805218a2ee45913da4388a4d9647
extra : amend_source : e5015c868db64dce924476600f713b6c3aac1e17
2017-10-12 16:56:37 -07:00
84fb189b82
Bug 1407056: Part 2 - Override page CSP for loads by expanded principals. r=bz,krizsa
...
Per the CSP specification, content injected by extensions is meant to be
exempt from page CSP. This patch takes care of the most common case of content
injected by extension content scripts, which always have expanded principals
which inherit from the page principal.
In a follow-up, we'll probably need to extend the exemption to stylesheet
content loaded by extension codebase principals.
MozReview-Commit-ID: GlY887QAb5V
--HG--
extra : rebase_source : 1371b4e4e7f330b7f7721d4aa169fcb52a7622d0
2017-10-07 14:53:30 -07:00
5fdcb5a5d2
Bug 1407056: Part 1 - Provide more consistent principal/origin URL to content policies. r=bz,ckerschb
...
We're currently fairly vague and inconsistent about the values we provide to
content policy implementations for requestOrigin and requestPrincipal. In some
cases they're the triggering principal, sometimes the loading principal,
sometimes the channel principal.
Our existing content policy implementations which require or expect a loading
principal currently retrieve it from the context node. Since no current
callers require the principal to be the loading principal, and some already
expect it to be the triggering principal (which there's currently no other way
to retrieve), I chose to pass the triggering principal whenever possible, but
use the loading principal to determine the origin URL.
As a follow-up, I'd like to change the nsIContentPolicy interface to
explicitly receive loading and triggering principals, or possibly just
LoadInfo instances, rather than poorly-defined request
origin/principal/context args. But since that may cause trouble for
comm-central, I'd rather not do it as part of this bug.
MozReview-Commit-ID: LqD9GxdzMte
--HG--
extra : rebase_source : 41ce439912ae7b895e0a3b0e660fa6ba571eb50f
2017-10-12 15:43:55 -07:00
159f6b5627
Bug 1406794 - Provide the CSP keywords in both UTF8 and UTF16 forms. r=ckerschb
...
This avoids the need for numerous 8-to-16-bit and 16-to-8-bit string
conversions.
The patch also introduces a higher-order macro, FOR_EACH_CSP_KEYWORD, which
defines all the stuff about the keywords in a single place and makes the code
nicer.
--HG--
extra : rebase_source : b0f655546aa397749bb18dc7d6d27fbc12fe8fca
2017-10-06 16:16:52 +11:00
Bill McCloskey
Andreea Pavel
Dorel Luca
Gijs Kruitbosch
Chung-Sheng Fu
arthur.iakab
Mark Banner
Jonathan Kingston
Kris Maglione
Andrea Marchesini
Ciure Andrei
Tom Ritter
Sebastian Hengst
Christoph Kerschbaumer
Chris H-C
Coroiu Cristina
Phil Ringnalda
Andrew McCreight
Brendan Dahl
Nicholas Nethercote