ec39a4bf02
Bug 1725026 - Check if the load is triggered by a user gesture only when redirect chain is empty, r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D122494
2021-08-13 14:09:08 +00:00
3ebe6a7c5d
Bug 1720103 - Https-first: Do not upgrade form submissions (for now) r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D119882
2021-07-14 15:53:00 +00:00
cc7f254576
Bug 1706126 - HTTPS- First doesn't upgrade redirection from exempt target domain to subdomain (which supports https) r=ckerschb,necko-reviewers,dragana
...
Differential Revision: https://phabricator.services.mozilla.com/D118704
2021-07-07 14:19:09 +00:00
1cbf5d7e80
Bug 1716069 - P2: Use nsHTTPSOnlyUtils::IsUpgradeDowngradeEndlessLoop to check if there is an endless loop when HTTPS RR is presented, r=ckerschb
...
Depends on D118598
Differential Revision: https://phabricator.services.mozilla.com/D118599
2021-06-24 09:27:54 +00:00
c4bbb92b2d
Bug 1716069 - P1: Skip user gesture check in IsUpgradeDowngradeEndlessLoop(), r=ckerschb
...
The main reason that I think we can skip this check is that `mHasValidUserGestureActivation` of the load info will be copied to the redirected channel's load info.
Take the website in this bug (www.animechiby.com) as an example.
1. When a user types http://www.animechiby.com in the address bar and press enter, we create an http channel to load. At this point, `mHasValidUserGestureActivation` of this channel's load info is true.
2. The channel is redirect to `https` because of HTTPS RR (could be also HTTPS-only mode).
3. The web server returns 302 with a location header: `http://www.animechiby.com `.
4. We create a new channel and start redirecting to `http://www.animechiby.com `, and `mHasValidUserGestureActivation` is copied to the new channel's load info.
5. IsUpgradeDowngradeEndlessLoop() returns false because GetHasValidUserGestureActivation() returns true.
6. IsUpgradeDowngradeEndlessLoop() failed to detect this endless loop case.
Differential Revision: https://phabricator.services.mozilla.com/D118598
2021-06-24 09:27:54 +00:00
2224c15d86
Bug 1717797: HTTPS-First and HTTPS-Only: Convert static 3000ms background request delay to rely on a pref r=freddyb
...
Differential Revision: https://phabricator.services.mozilla.com/D118581
2021-06-23 11:46:50 +00:00
fdcd24393c
Bug 1715253: Break endless upgrade downgrade loops within https-first r=necko-reviewers,kershaw
...
Differential Revision: https://phabricator.services.mozilla.com/D118204
2021-06-22 14:56:44 +00:00
8c341a47c7
Bug 1709552 HTTPS-First: 4xx and 5xx error responses might need a downgrade. r=ckerschb,necko-reviewers,valentin,JulianWels
...
Differential Revision: https://phabricator.services.mozilla.com/D114749
2021-06-02 08:35:22 +00:00
77ad045bc1
Bug 1710234 Crash in [@ TestHTTPAnswerRunnable::IsBackgroundRequestRedirected]. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D114840
2021-05-11 12:27:51 +00:00
65efd6810d
Bug 1710467: HTTPS-First Mode should only upgrade schemes using the default port r=arthuredelstein
...
Differential Revision: https://phabricator.services.mozilla.com/D114760
2021-05-11 07:50:25 +00:00
cc61c075ad
Backed out changeset 00f13360743a (bug 1707856) for causing mochitest failures in test_fragment.html CLOSED TREE
2021-05-10 20:20:28 +03:00
9dc5e2e4d4
Bug 1707856: Test redirect downgrades with https-first. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D113511
2021-05-10 16:32:16 +00:00
c46e217683
Bug 1708116 - Use NetAddr::InitFromString instead of PR_StringToNetAddr r=necko-reviewers,dragana
...
Differential Revision: https://phabricator.services.mozilla.com/D113752
2021-05-10 09:26:01 +00:00
31acb9e00c
Backed out 2 changesets (bug 1708116) for causing xpcshell failures in test_udpsocket_offline.js and bc failures in browser_cookies_ipv6.js. CLOSED TREE
...
Backed out changeset 0c9b303226f1 (bug 1708116)
Backed out changeset e3be13d3c045 (bug 1708116)
2021-05-06 16:35:48 +03:00
301361bdfb
Bug 1708116 - Use NetAddr::InitFromString instead of PR_StringToNetAddr r=necko-reviewers,dragana
...
Differential Revision: https://phabricator.services.mozilla.com/D113752
2021-05-06 10:06:46 +00:00
0c7ef5cde0
Backed out changeset c09cb1410f56 (bug 1707856) for causing mochitest failures on test_fragment.html. CLOSED TREE
2021-05-05 13:24:24 +03:00
dc8fb2b8d5
Bug 1707856: Test redirect downgrades with https-first. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D113511
2021-05-05 09:39:59 +00:00
f7b8c6b3d1
Backed out 2 changesets (bug 1708116) for causing build bustages. CLOSED TREE
...
Backed out changeset d1488e9d64a6 (bug 1708116)
Backed out changeset 44ed91f0b7b4 (bug 1708116)
2021-05-04 18:41:36 +03:00
5ae9a468e0
Bug 1708116 - Use NetAddr::InitFromString instead of PR_StringToNetAddr r=necko-reviewers,dragana
...
Differential Revision: https://phabricator.services.mozilla.com/D113752
2021-05-04 14:05:59 +00:00
ca97a5eee9
Bug 1705340: Ensure .onion URLs are handled properly within HTTPS-First Mode r=JulianWels
...
Differential Revision: https://phabricator.services.mozilla.com/D112161
2021-04-30 08:35:19 +00:00
e4937e72d8
Bug 1706351 Copy and adapt test https-only/test_redirect_upgrade.html for https-first. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D113315
2021-04-27 12:35:10 +00:00
64526e2041
Bug 1683015 HTTPS-Only Mode Alert appears on site which supports https. r=ckerschb,JulianWels
...
Differential Revision: https://phabricator.services.mozilla.com/D112702
2021-04-26 11:45:20 +00:00
3d007777ee
Bug 1706577: HTTPS-First should handle fragment navigation correctly. r=JulianWels
...
Differential Revision: https://phabricator.services.mozilla.com/D113107
2021-04-22 11:58:19 +00:00
fb0cf1ec76
Bug 1706552: Change HTTPS First Mode pref to dom.security.https_first r=lyavor
...
Differential Revision: https://phabricator.services.mozilla.com/D112918
2021-04-21 10:56:54 +00:00
19ebeecdba
Backed out changeset 6af1c50f4499 (bug 1705340) for casuing failures at browser_upgrade_top_level_exceptions.js. CLOSED TREE
2021-04-20 19:30:50 +03:00
bb9d21868f
Bug 1705340: Ensure localhost and .onion are handled properly within HTTPS-First Mode r=JulianWels
...
Differential Revision: https://phabricator.services.mozilla.com/D112161
2021-04-20 12:40:07 +00:00
2688122af1
Bug 1704719: Introduce Pref for HTTPS-First in Private Browsing Mode r=JulianWels
...
Differential Revision: https://phabricator.services.mozilla.com/D112011
2021-04-14 11:10:39 +00:00
e1c35fda94
Bug 1658924: Implement HTTPS-First and automatically fall back to http if secure top-level connection is not available r=necko-reviewers,JulianWels,mattwoodrow,dragana
...
Differential Revision: https://phabricator.services.mozilla.com/D111686
2021-04-13 17:43:12 +00:00
0eda688c65
Bug 1694932 - Https-only mode reloads the page in certain cases when there should be just a fragment navigation r=ckerschb,smaug
...
Differential Revision: https://phabricator.services.mozilla.com/D107999
2021-03-29 12:56:33 +00:00
39ef03a187
Bug 1691888: Break endless upgrade downgrade loops when using https-only r=necko-reviewers,valentin,JulianWels
...
Differential Revision: https://phabricator.services.mozilla.com/D106475
2021-03-11 18:02:27 +00:00
69d8f06dc7
Backed out changeset 37aae4f2c6cf (bug 1691888) for test_break_endless_upgrade_downgrade_loop.html failures CLOSED TREE
2021-03-10 10:28:49 +02:00
37c822edfd
Bug 1691888: Break endless upgrade downgrade loops when using https-only r=necko-reviewers,valentin,JulianWels
...
Differential Revision: https://phabricator.services.mozilla.com/D106475
2021-03-10 07:30:25 +00:00
8fea71cdd5
Bug 1686616 - make PermissionManager use Components instead of Services. r=kmag
...
Differential Revision: https://phabricator.services.mozilla.com/D105528
2021-02-18 13:26:31 +00:00
22a60154b9
Bug 1685942 - Only fallback to original conn info when network error happens r=necko-reviewers,valentin,dragana
...
Differential Revision: https://phabricator.services.mozilla.com/D102703
2021-02-08 11:46:51 +00:00
a29e207781
Bug 1685900 - Split internal and external contentPolicyType. r=ckerschb,smaug
...
Differential Revision: https://phabricator.services.mozilla.com/D101271
2021-01-15 12:07:16 +00:00
0322452233
Backed out changeset a52961071dcd (bug 1685900) for Build bustage in nsContentSecurityManager.cpp. CLOSED TREE
2021-01-15 04:04:37 +02:00
b384f14cde
Bug 1685900 - Split internal and external contentPolicyType. r=ckerschb,smaug
...
Differential Revision: https://phabricator.services.mozilla.com/D101271
2021-01-15 04:02:41 +02:00
9ed19e2828
Backed out changeset a52961071dcd (bug 1685900) for Build bustage in nsContentSecurityManager.cpp. CLOSED TREE
2021-01-15 02:45:34 +02:00
87e50835c4
Bug 1685900 - Split internal and external contentPolicyType. r=ckerschb,smaug
...
Differential Revision: https://phabricator.services.mozilla.com/D101271
2021-01-14 20:44:54 +00:00
3b72538413
Bug 1679630 - Don't create HTTPS-Only Mode background request if URI is local or onion. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D98233
2020-12-01 15:36:30 +00:00
5e91efd61f
Bug 1626555 - Add `dom/security` to the list of non-unified-build-compatible directories. r=sg
...
Differential Revision: https://phabricator.services.mozilla.com/D96427
2020-11-09 21:03:52 +00:00
ca85f574a0
Backed out changeset 3a087ad91d30 (bug 1626555) for build bustages. CLOSED TREE
2020-11-09 21:09:33 +02:00
6ffdaf663d
Bug 1626555 - Add `dom/security` to the list of non-unified-build-compatible directories. r=sg
...
Differential Revision: https://phabricator.services.mozilla.com/D96427
2020-11-09 17:57:01 +00:00
390f3eecff
Bug 1671720: HTTPS-Only Mode: Query if channel is auth only if we can query nsIHttpChannelInternal. r=dragana
...
Differential Revision: https://phabricator.services.mozilla.com/D93910
2020-10-19 09:05:12 +00:00
88e9eb0d02
Bug 1665062: HTTPS-Only: Upgraded website creating HTTP auth prompt gets interrupted by error-page r=necko-reviewers,dragana,JulianWels
...
Differential Revision: https://phabricator.services.mozilla.com/D91908
2020-10-13 14:06:28 +00:00
d359081e12
Backed out changeset aaf5c5213d8d (bug 1665062) for perma failures on test_http_background_auth_request.html. CLOSED TREE
2020-10-07 17:51:55 +03:00
d43cc4af7e
Bug 1665062: HTTPS-Only: Upgraded website creating HTTP auth prompt gets interrupted by error-page r=necko-reviewers,dragana,JulianWels
...
Differential Revision: https://phabricator.services.mozilla.com/D91908
2020-10-07 11:47:07 +00:00
341416588c
Bug 1653026 - Added HTTPS-Only Mode upgrade info to browser UI state. r=mattwoodrow,necko-reviewers,dragana
...
Differential Revision: https://phabricator.services.mozilla.com/D86566
2020-10-06 00:34:55 +00:00
2a9b39efce
Backed out 2 changesets (bug 1653026) for mochitest failures at WindowGlobalParent.cpp. CLOSED TREE
...
Backed out changeset 54c69c99b241 (bug 1653026)
Backed out changeset e70649f78910 (bug 1653026)
2020-10-03 10:49:04 +03:00
30a6225652
Bug 1653026 - Added HTTPS-Only Mode upgrade info to browser UI state. r=mattwoodrow,necko-reviewers,dragana
...
Differential Revision: https://phabricator.services.mozilla.com/D86566
2020-10-03 01:22:19 +00:00
Kershaw Chang
lyavor
Christoph Kerschbaumer
Noemi Erli
Valentin Gosu
Brindusan Cristian
Iulian Moraru
Sandor Molnar
Butkovits Atila
Bogdan Tara
Alexis Beingessner
Masatoshi Kimura
Narcis Beleuzu
Dorel Luca
julianwels
Andi-Bogdan Postelnicu
Razvan Maries