Christoph Kerschbaumer
24fbc29c99
Bug 1188642 - Use channel->ascynOpen2 in dom/base/nsObjectLoadingContent.cpp r=smaug
2016-06-28 09:37:55 +02:00
Christoph Kerschbaumer
25f6f710d7
Bug 1100181 - CSP: Enforce connect-src when submitting pings. r=arroway
2016-06-24 15:25:11 +02:00
Christoph Kerschbaumer
76f6cc7739
Bug 1268327 - ReferrerPolicy should not be delivered through CSPRO r=tnguyen
...
--HG--
extra : rebase_source : 92bd320351de91b72304c2fc386f1ae295837a9e
2016-06-22 14:13:03 +02:00
Christoph Kerschbaumer
1b81dcec35
Bug 1271198 - Convert Websockets to use AsyncOpen2(). r=jduell
2016-05-17 12:04:11 +02:00
Thomas Nguyen
4b7ad0e2c5
Bug 1223838 - Fix wrong policy associated with empty string. r=fkiefer,hsivonen
...
MozReview-Commit-ID: 7kFH39cegmH
2016-05-30 15:17:45 +08:00
Dimi Lee
83ab2f2e39
Bug 1148732 - (CVE-2015-4483) feed: protocol + POST method => mixed scripting. r=tanvi
2016-05-23 12:11:02 +08:00
Stephanie Ouillon
e4fbe1d9ac
Bug 1247459 - Meta and header CSP are merged without a semicolon. r=ckerschb
2016-05-17 15:34:53 +02:00
Frederik Braun
404a0bbb99
Bug 1265318: add require-sri-for CSP directive. r=ckerschb
...
MozReview-Commit-ID: 200PAvKtBME
2016-05-31 11:14:00 +02:00
Frederik Braun
e8df1f59be
Bug 1265318: tests for require-sri-for CSP directive. r=ckerschb
...
MozReview-Commit-ID: Ji14cwB8D3P
2016-05-31 08:30:00 +02:00
Jonathan Hao
525c086187
Bug 1259871 - Replace getSimpleCodebasePrincipal with createCodebasePrincipal. r=sicking
...
MozReview-Commit-ID: Frx0CjBzuve
--HG--
extra : histedit_source : 036eb321d9ccb20e0e071ba588b0a1249eb34bdd
2016-05-24 18:01:34 +08:00
Sebastian Hengst
4a29890033
Backed out changeset c970fb57fedd (bug 1247459) for failing its own test on Windows. r=backout
2016-05-31 08:36:02 +02:00
Stephanie Ouillon
fc06857f8e
Bug 1247459 - Meta and header CSP are merged without a semicolon. r=ckerschb
2016-05-17 15:34:53 +02:00
Christoph Kerschbaumer
8a208322fb
Bug 1269254 - Skip CheckLoadURIWithPrincipal checks within ContentSecurityManager on loadingPrincipal if security flag indicates allow cross origin loads (r=sicking)
2016-05-29 20:40:16 +02:00
Christoph Kerschbaumer
031a59734b
Bug 1196013 - Use channel->ascynOpen2 in toolkit/components/places. r=billm r=sicking r=mak
2016-05-23 23:57:31 +02:00
Patrick McManus
2cd574f25f
Bug 1274376 - more mozilla::net namespaces r=dragana
...
--HG--
extra : rebase_source : 914d48f23a4a5db052a789b9e21c1ff922533d35
2016-05-18 22:02:57 -04:00
Carsten "Tomcat" Book
927b1a0b3a
Backed out changeset 7469725d7461 (bug 959388)
2016-05-23 11:36:12 +02:00
Carsten "Tomcat" Book
9214312096
Backed out changeset 9feb9c89d33a (bug 959388)
2016-05-23 11:36:10 +02:00
Thomas Nguyen
61fe1800b8
Bug 959388 - Add csp worker test cases. r=kmckinley
...
MozReview-Commit-ID: Ahx419BHWrS
--HG--
extra : rebase_source : 2016c1e68f990a8ba9cd471e18778c87b08546e1
2016-05-19 11:59:54 +08:00
Thomas Nguyen
32e38271c9
Bug 959388 - Deliver CSP from HTTP header. r=ckerschb r=khuey
...
MozReview-Commit-ID: LUl5LyO94m3
--HG--
extra : rebase_source : f2ddfcbf6237b11ebb19adfabf346cf76f4a6ab8
2016-05-19 11:57:32 +08:00
Christoph Kerschbaumer
52a84afc5c
Bug 1273418
- CSP: Test evaluate upgrade-insecure-requests before block-all-mixed-content (r=tanvi)
2016-05-21 19:36:02 +02:00
Christoph Kerschbaumer
3713fd6352
Bug 1273418
- CSP: Evaluate upgrade-insecure-requests before block-all-mixed-content (r=tanvi)
2016-05-21 19:35:45 +02:00
Sebastian Hengst
468fcc6924
Backed out changeset 2292661153e3 (bug 1271198) for web-platform failures. r=backout on a CLOSED TREE
2016-05-19 17:06:04 +02:00
Christoph Kerschbaumer
bbc661631e
Bug 1271198 - Convert Websockets to use AsyncOpen2() (r=jduell)
2016-05-19 15:42:01 +02:00
Sebastian Hengst
d6e3286232
Backed out changeset 854a8df494d3 (bug 1271198) for many assertions at nsHttpChannel.cpp:5204. r=backout on a CLOSED TREE
2016-05-19 14:23:51 +02:00
Christoph Kerschbaumer
0e2d46a840
Bug 1271198 - Convert Websockets to use AsyncOpen2() (r=jduell)
2016-05-19 11:54:02 +02:00
Trevor Saunders
1e81548029
bug 1271436 - use nsIDocShellTreeItem::GetDocument() more r=smaug
2016-05-17 18:16:07 -04:00
Chris Peterson
8a9e2d2bd4
Bug 1272513 - Part 2: Remove redundant -Wshadow CXXFLAGS from moz.build files. r=glandium
2016-05-14 00:54:55 -07:00
Henry Chang
dc7cba21ef
Bug 1251152 - Part 3: Test case. r=franziskus
2016-05-05 11:11:34 +08:00
Andreas Farre
51e42c28d2
Bug 1268851 - Add SRILogHelper to hold GetSriLog r=baku
...
MozReview-Commit-ID: BqW7LXOFirn
--HG--
extra : rebase_source : cf0d1c8f1f88e05912830cef673e866b7c2756c4
2016-05-03 17:43:33 -07:00
Christoph Kerschbaumer
9944442791
Bug 1261634
- Tests for whitespace skipping within meta csp. r=dveditz
2016-04-21 21:19:50 +02:00
Christoph Kerschbaumer
a9a95d1918
Bug 1261634
- Update whitespace skipping for meta csp. r=dveditz
2016-04-21 21:15:06 +02:00
Aryeh Gregor
f14f1babe8
Bug 1193762 part 8 - Fix things that will break; r=froydnj
...
It looks like VC++ doesn't like comparisons of nsCOMPtr to 0 after this
change, but those are bad style anyway, so I removed them from
TestCOMPtr.cpp instead of trying to make them work.
2016-05-01 21:29:23 +03:00
Christoph Kerschbaumer
da0d241d98
Bug 1206961 - Use channel->AsyncOpen2() for imageLoader; Remove security checks from callsites (r=bz)
2016-04-27 19:41:13 +02:00
Jonathan Watt
2bb448cbb2
Bug 1267509 - Make nsContentSecurityManager::IsURIPotentiallyTrustworthy act on an nsIPrincipal. r=bz
...
MozReview-Commit-ID: Zu1zU4Brkx
--HG--
rename : dom/security/test/unit/test_isURIPotentiallyTrustworthy.js => dom/security/test/unit/test_isOriginPotentiallyTrustworthy.js
2016-04-26 11:30:43 +01:00
Christoph Kerschbaumer
c607e5cac1
Bug 1263286 - Update csp base-uri tests. r=bz
...
--HG--
rename : dom/security/test/csp/file_base-uri.html => dom/security/test/csp/file_base_uri_server.sjs
2016-04-26 12:38:06 +02:00
Kyle Huey
c73656947b
Bug 1265927: Move nsRunnable to mozilla::Runnable, CancelableRunnable to mozilla::CancelableRunnable. r=froydnj
2016-04-25 17:23:21 -07:00
Frederik Braun
582caa399f
Bug 1142332 - Prevent calling CSP_EnumToKeyword with CSP_HASH. r=ckerschb
...
MozReview-Commit-ID: I1w9QrWJeEo
--HG--
extra : histedit_source : 1258cfc50d32c10f0de90ba1e863e21ae3ebf0f8
2016-04-24 14:56:22 -04:00
Kris Maglione
f3feb0cfd3
Bug 1254194: Allow iterating over and inspecting sources of parsed CSP directives. r=ckerschb
...
MozReview-Commit-ID: G8b86UvSv0y
--HG--
extra : rebase_source : c7857e88af0d94dd1162dccfe12aae6567945f2c
2016-04-23 20:42:43 -07:00
Christoph Kerschbaumer
d82c07bf27
Bug 1262635 - Don't strip URIs of ftp: when sending reports. r=dveditz
2016-04-17 20:09:18 +02:00
Matt Robenolt
1d82e1412f
Bug 1192840 - Fix CSP report content-type. r=ckerschb
2016-04-14 12:51:31 +02:00
Frederik Braun
6c12520100
Bug 1192840 - fix tests to expect correct csp report content-type r=ckerschb
...
MozReview-Commit-ID: TzpGH63EPF
--HG--
extra : transplant_source : %1548%CC%97%F5%3Ca%D6_%0Df%96.%5C%F0%B0%3BE%21
2016-04-08 14:14:38 +02:00
Tanvi Vyas
9c0a7ac154
Bug 1105556 - Add a hidden preference that is checked in debug mode to determine whether the main LoadInfo() constructor should assert that the ContentPolicyType is not TYPE_DOCUMENT.
...
Set the preference in xpcshell tests that create TYPE_DOCUMENT loads in javascript and hence end up using the main constructor. r=sicking, ckerschb
2016-04-13 16:30:36 -07:00
Tanvi Vyas
b58752765c
Bug 1105556 - Don't call CheckLoadURIWithPrincipal() in DoCheckLoadURIChecks() for TYPE_DOCUMENT loads where we don't have a loadingPrincipal. Ensure SEC_COOKIES_SAME_ORIGIN isn't set for TYPE_DOCUMENT loads in CheckChannel(). r=ckerschb, sicking
2016-04-13 16:30:28 -07:00
Sebastian Hengst
4ee65db5e7
Backed out changeset 0c21f872515b (bug 1192840) for failure in modified test_csp_reports.js. r=backout
2016-04-13 19:32:44 +02:00
Frederik Braun
ae7f565803
Bug 1192840 - fix tests to expect correct csp report content-type r=ckerschb
...
MozReview-Commit-ID: TzpGH63EPF
--HG--
extra : transplant_source : %1548%CC%97%F5%3Ca%D6_%0Df%96.%5C%F0%B0%3BE%21
2016-04-08 14:14:38 +02:00
Marcos Caceres
387bd9e686
Bug 1258005 - Remove setTimeout to avoid intermittent issue. r=bkelly
2016-04-12 00:39:00 +02:00
Jonathan Hao
e1331785d7
Bug 1241634 - Reflow before clicking in mixedcontentblocker test r=mckinley
...
MozReview-Commit-ID: 5rbeuVjaw0B
--HG--
extra : rebase_source : f0f603c31e0e2ee43f8bbac575de3dab0660e333
2016-03-25 16:52:49 +08:00
Marcos Caceres
f7ad23868a
Bug 1250048 - CSP manifest-src doesn't override default-src. r=ckerschb,bkelly,ehsan
...
MozReview-Commit-ID: Ceu3sYUcML4
2016-04-07 14:13:09 -07:00
Chris Manchester
f7a1b3fb60
Bug 1242051 - Add inter-directory test support file dependencies to ini manifests. r=gps
...
Previously, every test and support file would be synced to the objdir
when running any test. Now that only those support files and tests requested
are synced, we note support files required beyond those in a test's
directory in ini manifests.
MozReview-Commit-ID: EmlDz9d4lqt
2016-04-04 14:56:52 -07:00
Tanvi Vyas
74153c556f
Bug 1260153 - remove unreachable code in nsMixedContentBlocker. if/else blocks above all return. r=ckerschb
2016-03-28 12:48:00 +02:00
Christoph Kerschbaumer
adb02c6c4f
Bug 1243586 - Test Upgrade-Insecure-Requests HTTP Request Header Field. r=rbarnes
2016-03-01 09:19:28 -08:00
Christoph Kerschbaumer
254dd8f12a
Bug 1216365 - nsMixedContentBlocker should use innerMostURI for aContentLocation. r=tanvi
2016-03-28 22:03:26 -07:00
Tanvi Vyas
1de9e6ab9d
Bug 1259678 - Refactor SubjectToCSP to avoid calling ShouldLoad if CSP doesn't apply to the content type. r=ckerschb
...
--HG--
extra : rebase_source : 76f914a9dfab38bd5d21ddca519f47a2a5d68963
2016-03-24 23:09:00 -04:00
Christoph Kerschbaumer
36d3e09fd4
Bug 1257650 - Skip Security checks if triggeringPrincipal is SystemPrincipal only for subresource loads. r=sicking
...
--HG--
extra : rebase_source : fb8d0827788e70ca87e8cd680e2cdd56941e3c2a
2016-03-18 16:14:03 -07:00
Christoph Kerschbaumer
20549b7fe0
Bug 1251043 - Test form submission blocked by CSP. r=francois
2016-03-23 13:38:05 -07:00
Wes Kocher
fe9aec58c3
Backed out changeset 1d5e6c22fd3a (bug 1250048) for CSP failures/assertions in various tests/chunks CLOSED TREE
...
MozReview-Commit-ID: I21ELiYYqdD
--HG--
extra : amend_source : 83d8554e6046153a3cf16ffefed7d6602e822241
2016-03-21 12:42:36 -07:00
Marcos Caceres
2e3ca60562
Bug 1250048 - CSP manifest-src doesn't override default-src. r=ckerschb
...
--HG--
extra : rebase_source : 1f8a65dcb9ea909588991cd5e8970560c3651426
2016-03-20 23:24:00 -04:00
Carsten "Tomcat" Book
0db9291841
merge mozilla-inbound to mozilla-central a=merge
2016-03-21 15:30:59 +01:00
Benjamin Peterson
752343237e
No bug - fix typo r=me
...
DONTBUILD CLOSED TREE
--HG--
extra : rebase_source : 25f0600425dec249f838ed221dde71d401571eb9
extra : amend_source : 49f7ccab9e47083df9e8b7776acc6de73a880473
2016-03-19 21:28:19 -07:00
Franziskus Kiefer
1a47cfb77a
Bug 1186072 - Add trailing slash to origin referer header when policy is set. r=sworkman
...
MozReview-Commit-ID: 3PYuODmqpbL
--HG--
extra : source : ac4148f22b2d6f76762dac3fd94a6452da80bdde
2016-02-24 10:51:54 +01:00
Jonathan Hao
f750d8988e
Bug 1235572 - Tests of enforcing SRI on remote about:newtab. r=francois
...
MozReview-Commit-ID: 6epw8D4M0FX
--HG--
extra : transplant_source : %87t%D0%60a%B4%14%24%E6%B9%97Q%CDXr%B69%12%E9%0D
2016-03-16 11:19:20 +08:00
Marcos Caceres
84cb2023d7
Bug 1176824 - Intermittent browser_test_web_manifest.js. r=ckerschb
2016-03-16 16:07:00 +01:00
Franziskus Kiefer
bf87c6c564
Bug 1252829 - CSP Telemetry. r=ckerschb, p=bsmedberg
...
MozReview-Commit-ID: CiNAxh2ZrHB
--HG--
extra : transplant_source : %B8%00%E0%83%1B%29%BDI%DE%09%CDPN%AE%7B9Tk%8B%99
2016-03-02 13:00:09 +01:00
Christoph Kerschbaumer
a35cb7baf1
Bug 1122236 - CSP: block-all-mixed-content - test frame navigation (r=tanvi)
2016-03-15 16:08:07 -07:00
Christoph Kerschbaumer
18d0d6e8d6
Bug 1122236 - CSP: block-all-mixed-content tests (r=tanvi)
2016-03-15 16:07:49 -07:00
Christoph Kerschbaumer
39f2d53360
Bug 1122236 - CSP: Implement block-all-mixed-content (r=tanvi,kate,mrbkap)
2016-01-13 20:58:16 -08:00
Ryan VanderMeulen
5f15eed746
Bug 1241634 - Skip test_frameNavigation.html on Windows and OSX for frequent failures. a=test-only
...
--HG--
extra : rebase_source : ba229e6a62c82ad8c59ae89943fd6181df4275a9
2016-03-15 12:50:07 -04:00
Marco Castelluccio
2fb9c40ec1
Bug 1250453
- Remove DOMApplicationRegistry.allAppsLaunchable property and related testing API. r=myk
2016-03-14 16:29:11 +00:00
Franziskus Kiefer
2b22d469bb
Bug 1226928 - content-signature verification tests for about:newtab, r=mconley
2016-03-14 11:57:16 +01:00
Franziskus Kiefer
bd54ab19d3
Bug 1226928 - signature verification for content-signing, r=keeler,mayhemer
2016-03-14 11:56:35 +01:00
Christoph Kerschbaumer
5e6ba24562
Bug 1227813 - CSP: Ignore unsafe-inline within style-src if hash or nonce specified. r=kmckinley
2016-03-11 15:35:39 -08:00
Blake Kaplan
40da91e7a5
Bug 1242775 - Run parent-process code in the parent. r=mccr8
2016-03-10 17:14:35 -08:00
Carsten "Tomcat" Book
25fbf67b66
Backed out changeset 878c54ec3954 (bug 1250453
)
2016-03-10 14:45:59 +01:00
Marco Castelluccio
1902f1c620
Bug 1250453
- Remove DOMApplicationRegistry.allAppsLaunchable property and related testing API. r=myk
2016-03-10 11:12:38 +00:00
Carsten "Tomcat" Book
eb98199ac0
Backed out changeset ac4148f22b2d (bug 1186072) for referrer test failures
...
--HG--
extra : rebase_source : 124130bb041418eb97862a131ae6365df5cfbdc6
2016-03-03 09:23:59 +01:00
Franziskus Kiefer
55e0623947
Bug 1186072 - add trailing slash to origin referer header when policy is set, r=sworkman
...
MozReview-Commit-ID: 3PYuODmqpbL
--HG--
extra : transplant_source : %E5P%B1%1F%82%08%07%2A%1C%26%AF%C5%C8%29%B1y%97O%877
2016-02-24 10:51:54 +01:00
Christoph Kerschbaumer
8414718c57
Bug 1232903
- Skip Security checks if triggeringPrincipal is SystemPrincipal (r=sicking)
2016-03-01 16:11:37 -08:00
Christoph Kerschbaumer
41b26f4a9b
Bug 1195172 - Test Fonts governed by CSP (r=bz)
2016-03-01 13:06:26 -08:00
Christoph Kerschbaumer
9ab1648f67
Bug 1195172 - Use channel->ascynOpen2 layout/style/FontFaceSet.cpp (r=bz,cam)
2016-03-01 13:06:13 -08:00
Boris Zbarsky
7aa5d59bc7
Bug 1251518
. Fix js::ErrorReportToString to make a bit more sense, and change worker code to not use it anyway, so it matches the mainthread code. r=bholley,terrence
2016-03-01 13:49:21 -05:00
Ehsan Akhgari
8a0731fdde
Bug 1251875 - Part 1: Remove the dom.serviceWorkers.interception.enabled pref; r=bkelly
2016-03-01 09:16:38 -05:00
Wes Kocher
4712647d7d
Backed out 2 changesets (bug 1243586) for dt5 bustage in netmonitor tests
...
Backed out changeset 06a4d2d48fb2 (bug 1243586)
Backed out changeset 846e31fe5eb2 (bug 1243586)
MozReview-Commit-ID: 69kiDIULtm2
2016-02-29 10:39:04 -08:00
Christoph Kerschbaumer
f7017a06c3
Bug 1243586 - Test Upgrade-Insecure-Requests HTTP Request Header Field (r=rbarnes)
2016-02-29 08:46:48 -08:00
Franziskus Kiefer
56bdfe820a
Bug 1244116 - Telemetry for mixed content requests by plugins. r=smaug, p=ally
...
MozReview-Commit-ID: F9rOb1SdPnL
--HG--
extra : rebase_source : 0b2aa83761880fb6e5a18c3a80ac86fe5ca16923
2016-02-16 15:46:36 +01:00
Boris Zbarsky
7413f2bf46
Bug 1251369. Use an AutoJSAPI that reports its own exceptions around the main runloop in workers. r=khuey
...
The silly leading ": " on the error messages is due to bug 1251518
.
2016-02-26 15:23:13 -05:00
Ethan Tseng
eb71a675d8
Bug 908933 - Part2 - CSP tests: ShouldProcess should block TYPE_OBJECT. r=ckerschb
...
--HG--
extra : rebase_source : 6dcf8d477656e4d5cdb9362b1f1ec561aba420a7
2016-01-27 01:35:53 +08:00
Christoph Kerschbaumer
ec146d5159
Bug 908933 - Part1 - CSP: Call ShouldLoad inside ShouldProcess for TYPE_OBJECT. r=ckerschb
...
--HG--
extra : rebase_source : ee8875120e45d84413ab8ed3c9553d3d42e88acd
2014-08-05 11:47:08 -07:00
Christoph Kerschbaumer
1f7d8b69b3
Bug 1243178: CSP - Skip sending reports for non http schemes. r=dveditz
2016-01-27 15:56:39 -08:00
Kyle Huey
4be3856258
Bug 1241634: Use is instead of ok in tests. r=me
...
--HG--
extra : rebase_source : 42e2a1dde47957d813f11379bba173f62e8f8d70
2016-02-18 17:32:34 -08:00
Francois Marier
694b1fd843
Bug 1247464 - Run CSP report URIs through the URL classifier. r=ckerschb
...
MozReview-Commit-ID: ERoZAbw1nbf
--HG--
extra : rebase_source : 431e443f563138055f9893d9ccf537040659f103
2016-02-11 17:36:13 -08:00
Carsten "Tomcat" Book
10c0856d69
Backed out changeset b9aecc2e6334 (bug 1234813
) for test failures in connect-src-beacon-blocked.sub.html
...
--HG--
extra : rebase_source : 1b9441481b7da04393d5cf12617078376757d447
2016-02-11 11:33:06 +01:00
Christoph Kerschbaumer
eac10123df
Bug 1234813
- Tests for: sendBeacon should not throw if blocked by Content Policy. r=rbarnes
2015-12-23 11:45:26 -08:00
Ben Kelly
0bcca14aa1
Bug 1238954 P2 Fix csp service worker tests to register and unregister separate scopes. r=ehsan
2016-02-09 19:33:40 -08:00
Kate McKinley
0916871a27
Bug 1241634 - Increase timeout from 5 to 10 seconds. r=tanvi
2016-02-08 18:49:00 +01:00
Myk Melez
a6aff185d2
Bug 1238576 - disable mozApps API on desktop/Android; r=ehsan,ochameau,bz,mcmanus,jmaher,marco
2016-02-08 11:24:22 -08:00
Andrew McCreight
44c631e968
Bug 1237726, part 4 - Convert test_bug803225.html to use pushPrefEnv() to set preferences. r=tanvi
...
This gets the test closer to working with e10s.
2016-02-08 09:52:19 -08:00
Andrew McCreight
c6c65b3c73
Bug 1237726, part 3 - Don't load an iframe until we're actually ready to run the test in test_bug803225.html. r=tanvi
...
This needs to wait for onload to do the reloadFrame(), or the
.getElementById() will return null.
2016-02-08 09:52:19 -08:00
Andrew McCreight
4cf4ea2fd9
Bug 1237726, part 2 - Don't start running mixedcontentblocker/test_main.html until the page has finished loading. r=tanvi
...
If the script runs before the page finishes loading, you get an error
about getElementById being null. This doesn't seem to usually happen
with this particular test, but it looks like it can happen at least
sometimes.
2016-02-08 09:52:19 -08:00
Andrew McCreight
164c42ece5
Bug 1237726, part 1 - Set prefs with pushPrefEnv in mixedcontentblocker/test_main.html. r=tanvi
2016-02-08 09:52:19 -08:00
Christoph Kerschbaumer
de9089189c
Bug 1195173 - Use channel->ascynOpen2 layout/style/Loader.cpp (r=bz)
2016-02-02 20:35:02 -08:00
Myk Melez
dcd9fa1424
Bug 1242899 - consolidate mozApps tests into dom/apps/tests/ dir; r=marco
...
--HG--
rename : dom/tests/mochitest/webapps/apps/bad_content_type.webapp => dom/apps/tests/apps/bad_content_type.webapp
rename : dom/tests/mochitest/webapps/apps/basic.webapp => dom/apps/tests/apps/basic.webapp
rename : dom/tests/mochitest/webapps/apps/basic.webapp^headers^ => dom/apps/tests/apps/basic.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/installs_allowed_from_chrome_mochitests.webapp => dom/apps/tests/apps/installs_allowed_from_chrome_mochitests.webapp
rename : dom/tests/mochitest/webapps/apps/installs_allowed_from_chrome_mochitests.webapp^headers^ => dom/apps/tests/apps/installs_allowed_from_chrome_mochitests.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/installs_allowed_from_example.com.webapp => dom/apps/tests/apps/installs_allowed_from_example.com.webapp
rename : dom/tests/mochitest/webapps/apps/installs_allowed_from_example.com.webapp^headers^ => dom/apps/tests/apps/installs_allowed_from_example.com.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_activity_href.webapp => dom/apps/tests/apps/invalid_activity_href.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_activity_href.webapp^headers^ => dom/apps/tests/apps/invalid_activity_href.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_activity_href2.webapp => dom/apps/tests/apps/invalid_activity_href2.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_activity_href2.webapp^headers^ => dom/apps/tests/apps/invalid_activity_href2.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_entry_point.webapp => dom/apps/tests/apps/invalid_entry_point.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_entry_point.webapp^headers^ => dom/apps/tests/apps/invalid_entry_point.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_launch_path.webapp => dom/apps/tests/apps/invalid_launch_path.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_launch_path.webapp^headers^ => dom/apps/tests/apps/invalid_launch_path.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_launch_path2.webapp => dom/apps/tests/apps/invalid_launch_path2.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_launch_path2.webapp^headers^ => dom/apps/tests/apps/invalid_launch_path2.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_locale_entry_point.webapp => dom/apps/tests/apps/invalid_locale_entry_point.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_locale_entry_point.webapp^headers^ => dom/apps/tests/apps/invalid_locale_entry_point.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_message.webapp => dom/apps/tests/apps/invalid_message.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_message.webapp^headers^ => dom/apps/tests/apps/invalid_message.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/json_syntax_error.webapp => dom/apps/tests/apps/json_syntax_error.webapp
rename : dom/tests/mochitest/webapps/apps/json_syntax_error.webapp^headers^ => dom/apps/tests/apps/json_syntax_error.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/launch_paths.webapp => dom/apps/tests/apps/launch_paths.webapp
rename : dom/tests/mochitest/webapps/apps/launch_paths.webapp^headers^ => dom/apps/tests/apps/launch_paths.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/missing_required_field.webapp => dom/apps/tests/apps/missing_required_field.webapp
rename : dom/tests/mochitest/webapps/apps/missing_required_field.webapp^headers^ => dom/apps/tests/apps/missing_required_field.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/no_delegated_install.webapp => dom/apps/tests/apps/no_delegated_install.webapp
rename : dom/tests/mochitest/webapps/apps/no_delegated_install.webapp^headers^ => dom/apps/tests/apps/no_delegated_install.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/utf8.webapp => dom/apps/tests/apps/utf8.webapp
rename : dom/tests/mochitest/webapps/apps/utf8.webapp^headers^ => dom/apps/tests/apps/utf8.webapp^headers^
rename : dom/tests/mochitest/webapps/cross_origin.html => dom/apps/tests/cross_origin.html
rename : dom/tests/mochitest/webapps/file_bug_779982.html => dom/apps/tests/file_bug_779982.html
rename : dom/tests/mochitest/webapps/head.js => dom/apps/tests/head.js
rename : dom/tests/mochitest/webapps/test_bug_779982.html => dom/apps/tests/test_bug_779982.html
rename : dom/tests/mochitest/webapps/test_list_api.xul => dom/apps/tests/test_list_api.xul
2016-01-31 15:04:54 -08:00
Gijs Kruitbosch
318722bcf1
Bug 1242909, r=ckerschb
...
--HG--
extra : commitid : 4MmsATsPR5X
2016-01-26 11:52:31 +00:00
Kate McKinley
66aa150bc3
Bug 1007634 - Add a test to show that Worker construction is no longer allowed by CSP script-src directive. r=ckerschb
...
--HG--
extra : amend_source : 0acea47a18c3a40be6e7fe50db1c71bc9dd91b3a
2016-01-21 16:57:00 -05:00
Kate McKinley
b0483f9b8c
Bug 1213633 - Test childDocument prior to use. r=tanvi
2016-01-04 16:37:14 -08:00
Carsten "Tomcat" Book
248f7a3dee
merge mozilla-inbound to mozilla-central a=merge
2016-01-20 15:34:34 +01:00
Paolo Amadini
3ae375bf1c
Bug 1217766 - All PDFs trigger the insecure password warning. r=MattN,bz
...
--HG--
extra : commitid : 1aP0he1jDxh
extra : rebase_source : 49375a644ff345fe479b060945f6fe61efe52df7
2016-01-18 14:54:18 +00:00
Christoph Kerschbaumer
fecee7be59
Bug 1224694 - Unify and clean up initialization of CSP (r=sicking)
2016-01-14 13:21:31 -08:00
Christoph Kerschbaumer
071f422450
Bug 1233098 - Refactor CSP upgrade insecure requests flag within loadInfo (r=sicking)
2016-01-14 12:38:15 -08:00
Christoph Kerschbaumer
238b5ed942
Bug 1208946 - Update tests for URI stripping in CSP reports (r=dveditz)
2016-01-14 12:37:15 -08:00
Christoph Kerschbaumer
3d4a5ddffa
Bug 1208946 - Strip URIs in CSP reports (r=dveditz)
2016-01-14 12:36:50 -08:00
Ben Kelly
0e30d8b611
Bug 1237455 P1 Make file_CrossSiteXHR_server.sjs check headers on redirects. r=ehsan
2016-01-19 13:54:14 -08:00
Christoph Kerschbaumer
18e28eaf42
Bug 1239397: Send Internal ContentPolicyType to CSP and MixedContent (r=sicking)
2016-01-19 09:10:50 -08:00
Nigel Babu
7089beabc7
Backed out changeset f51b921e1ccf (bug 1233098) for browser-chrome bustage
...
--HG--
extra : commitid : ytS8fc4lFu
2016-01-14 08:04:37 +05:30
Christoph Kerschbaumer
c42851930c
Bug 1233098 - Refactor CSP upgrade insecure requests flag within loadInfo (r=sicking)
2016-01-13 15:51:43 -08:00
Andrew McCreight
9c67777407
Bug 1237799, part 2 - Use setTestPluginEnabledState in various tests. r=gfritzsche
...
This make these tests pass with e10s.
Also, add a missing open quote to test_bug827160.html.
2016-01-12 16:50:34 -08:00
Shu-yu Guo
1768759efb
Bug 1220564 - Update chrome code uses of genexprs and legacy comprehensions. (r=billm)
2016-01-06 16:02:16 -08:00
Ethan Tseng
caf218fa3e
Bug 1030936 - [CSP] remove fast-path for certified apps once the C++ backend is activated. r=ckerschb
2015-12-17 12:07:37 +08:00
Christoph Kerschbaumer
93de65860e
Bug 1223743 - Test CSP enforcement for multipart channels (r=sicking)
2015-12-14 10:06:47 -08:00
Bogdan Postelnicu
9811f5c2eb
Bug 1228497 - initialize 3 members in class. r=christophkerschbaumer
2015-12-10 00:33:00 +01:00
Jonas Sicking
0bb4231605
Bug 1216687: Add nsILoadInfo flags for cookie policies. r=ckerschb
2015-12-06 18:33:15 -05:00
Jonas Sicking
f7193fdf30
Bug 1226909 part 4: Make AsyncOpen2 set taining information on channels. Use this information in XHR and fetch(). r=bkelly
2015-12-06 18:33:15 -05:00
Jonas Sicking
28de02f687
Bug 1226909 part 3: Move logic of when to initiate CORS preflight into channels. Allow CORS preflight to happen when doing a same-origin to cross-origin redirect. r=ckerschb
2015-12-06 18:33:14 -05:00
Jonas Sicking
6cc5074df0
Bug 1226909 part 1: Do security checks in a redirect handler rather than when opening the redirected channel. r=ckerschb
2015-12-06 18:33:14 -05:00
Sebastian Hengst
774236075d
Backed out changeset 09d64535bcda (bug 1216687), a7f1a289dd78, 4dbf06183e6c, 26318a5e3006, 9ae2af3cf86d (bug 1226909) for M(1,2,5) oranges. r=backout
2015-12-05 16:34:47 +01:00
Jonas Sicking
993136c2c9
Bug 1216687: Add nsILoadInfo flags for cookie policies. r=ckerschb
2015-12-05 01:46:21 -08:00
Jonas Sicking
7fae3fd853
Bug 1226909 part 4: Make AsyncOpen2 set taining information on channels. Use this information in XHR and fetch(). r=bkelly
2015-12-05 01:46:20 -08:00
Jonas Sicking
ff12f48c5a
Bug 1226909 part 3: Move logic of when to initiate CORS preflight into channels. Allow CORS preflight to happen when doing a same-origin to cross-origin redirect. r=ckerschb
2015-12-05 01:46:20 -08:00
Jonas Sicking
df33e62850
Bug 1226909 part 1: Do security checks in a redirect handler rather than when opening the redirected channel. r=ckerschb
2015-12-05 01:46:20 -08:00
Yury Delendik
5576308d8c
Bug 1218029 - Implements progressive Unicode chars decoding in nsScriptLoader. r=djvj
...
--HG--
extra : commitid : 4fqBUFXilM5
2015-11-30 08:54:52 -06:00
Yury Delendik
aeaf497a64
Bug 1218029 - Adds SRICheckDataVerifier for progressing data handling. r=francois
...
--HG--
extra : commitid : DLkHFWfJFxT
2015-11-30 08:54:40 -06:00
Yury Delendik
66199890c4
Bug 1218029 - Adds IncrementalStreamLoader interface stubs. r=djvj
...
--HG--
extra : commitid : J0UubFG9gvz
2015-11-30 08:54:11 -06:00
Christoph Kerschbaumer
20d9928a1b
Bug 1228116 - Relax Security checks for DTD loads. r=sicking
...
--HG--
extra : rebase_source : 53f2deeb44dd29dbb4d6f50a8435763cb07df8a1
2015-11-25 13:38:05 -08:00
sajitk
5fb2c53074
Bug 1219478: Replace PRLogModuleInfo usage with LazyLogModule in dom folders except media.r=amerchesini
2015-11-23 11:09:25 -08:00
Ehsan Akhgari
76fa5db947
Bug 1210302 - Part 4: Add automated tests; r=sicking
2015-11-20 16:32:53 -05:00
Christoph Kerschbaumer
143b334dd4
Bug 1182546 - Use channel->Open2() in parser/htmlparser/nsExpatDriver.cpp (r=bz)
2015-11-20 10:55:54 -08:00
Christoph Kerschbaumer
d4843470df
Bug 1226324 - Do not use NS_ENSURCE_SUCCESS(rv, NS_OK) within nsContentSecurityManager. r=tanvi
2015-11-19 14:22:57 -08:00
Nigel Babu
ba8444d785
Backed out changeset 95069f2ce648 (bug 1182546) for Android M(c) bustage ON A CLOSED TREE
2015-11-19 14:26:33 +05:30
Christoph Kerschbaumer
ab10273998
Bug 1182546 - Use channel->Open2() in parser/htmlparser/nsExpatDriver.cpp (r=bz)
2015-11-18 19:23:28 -08:00
Andrea Marchesini
36e922b9b7
Bug 1218433 - Use AsyncOpen2 in dom/workers/ScriptLoader.cpp - part 2 - WPT, r=sicking, r=Ms2ger
2015-11-16 22:41:54 +00:00
Wes Kocher
9d1f194cbb
Backed out 2 changesets (bug 1218433) for wpt failures CLOSED TREE
...
Backed out changeset 1cc8cc0444c0 (bug 1218433)
Backed out changeset 5418ca0e0378 (bug 1218433)
--HG--
extra : commitid : H1h8VHrzxx8
2015-11-16 11:13:43 -08:00
Andrea Marchesini
76aba80dc5
Bug 1218433 - Use AsyncOpen2 in dom/workers/ScriptLoader.cpp - part 2 - WPT, r=sicking, r=Ms2ger
2015-11-16 16:57:29 +00:00
Sebastian Hengst
a0cf7d50ad
Backed out 2 changesets (22360424ed15, 325a67608df0) (bug 1218433) for W(1,2) failures. r=backout on a CLOSED TREE
...
Backed out changeset 22360424ed15 (bug 1218433)
Backed out changeset 325a67608df0 (bug 1218433)
2015-11-15 15:56:45 +01:00
Andrea Marchesini
3285721a07
Bug 1218433 - Use AsyncOpen2 in dom/workers/ScriptLoader.cpp - part 2 - WPT, r=sicking
2015-11-15 11:57:22 +00:00
Christoph Kerschbaumer
c941fd4008
Bug 663570 - Test 5: doc.write(meta csp) (r=sicking)
2015-11-14 19:30:24 -08:00
Christoph Kerschbaumer
749afb19d4
Bug 663570 - Test 4: update referrer tests (r=sicking)
2015-11-14 19:30:16 -08:00
Christoph Kerschbaumer
74f7445a35
Bug 663570 - Test 3: update upgrade-insecure-requests tests (r=sicking)
2015-11-14 19:30:08 -08:00
Christoph Kerschbaumer
55d2e60a7e
Bug 663570 - Test 2: meta and header dual test (r=sicking)
2015-11-14 19:29:58 -08:00
Christoph Kerschbaumer
82df3d1b9b
Bug 663570 - Test 1: baseline tests (r=sicking)
2015-11-14 19:29:45 -08:00
Christoph Kerschbaumer
3bac30dca9
Bug 663570 - MetaCSP Part 6: CSP preload changes (r=sicking)
2015-11-14 19:29:18 -08:00
Christoph Kerschbaumer
96f42dd458
Bug 663570 - MetaCSP Part 1: CSP parser changes (r=sicking)
2015-11-14 19:27:59 -08:00