This is a large patch which tries to switch many of the external consumers of
nsGlobalWindow to instead use the new Inner or Outer variants.
MozReview-Commit-ID: 99648Lm46T5
All the instances are converted as follows.
- nsSubstring --> nsAString
- nsCSubstring --> nsACString
--HG--
extra : rebase_source : cfd2238c52e3cb4d13e3bd5ddb80ba6584ab6d91
This patch makes navigator object to return spoofed value for fields have fingerprintable
concerns. This changes the worker navigator as well.
MozReview-Commit-ID: E2SLNZRfuVP
--HG--
extra : rebase_source : 960bafbe41382eba891ad807c37a822ba6a758c8
- Added new chrome-only webidl methods to be used by browser UI and WebExtensions
- Implemented bitmasked group visibility for VR sessions to enable switching
between chrome and regular content presentations.
- Implemented throttling mechanism to avoid runaway, unthrottled render loops
for VR sessions that are hidden by group visibility bitmasks or due to
lower level platform VR events, such as during the Oculus
"Health and Safety Warning".
- Simplified the PVRManager IPC protocol while extending it to support
VR session groups and later WebVR content performance profiling API's.
- Removed the last WebVR related sync IPC call.
MozReview-Commit-ID: BMEIPyYeEbq
--HG--
extra : rebase_source : 47d3682cad3d913504175b7d4c3e9d992236f097
This will enable us to re-use the logging code in MediaKeySystemAccess to log
the configuration we end up instantiating the MediaKeySystemAccess with.
MozReview-Commit-ID: AMnauhMLJ1R
--HG--
extra : rebase_source : a2dfeb7b263108ac1c60bfe2f47755e0a73d6324
Preliminary telemetry indicated 15% of users of EME are in an insecure
context. We'd better log a warning to the web console to inform authors
that their sites will stop working, rather than just breaking them!
MozReview-Commit-ID: CZasdbcC1jS
--HG--
extra : rebase_source : 008b9669d06a77bb133459df6479625ed47249a0
Preliminary telemetry indicated 15% of users of EME are in an insecure
context. We'd better log a warning to the web console to inform authors
that their sites will stop working, rather than just breaking them!
MozReview-Commit-ID: CZasdbcC1jS
--HG--
extra : rebase_source : 685a36be1601215aff4e962fd206d1332abbff79
The EME spec requires EME to be only usuable from a secure context, for example
from an origin served over HTTPS. We still don't enforce this, and Chrome is
going to start enforcing this in M58. So to inform our decision as to when to
start enforcing this, it would be useful to know how many sites we'd break if
we started enforcing this.
So this patch adds telemetry to tell us the how often EME is used on secure
and non-secure contexts.
MozReview-Commit-ID: BKS5iY4V3wK
--HG--
extra : rebase_source : 77b98516e0d8a0471f8c7a1e5bf54bcf9f74b7da
- I have refactored the Oculus and OpenVR interfaces in gfx/vr
so that initialization of the VR libraries only happens once
a WebVR site is detected.
- The Oculus interface has been cleaned up and updated to unload the Oculus
runtime library when not in use.
- The browser can now re-connect to Oculus home if it was restarted, without
restarting the browser.
- We no longer submit a black frame at the end of VR presentation, as this
appears to be handled by the latest Oculus runtime automatically.
- As we only hold on to the Oculus runtime when needed, this should
reduce the likelihood of the GPU process being killed by the Oculus
software updater.
MozReview-Commit-ID: AyWeD4CxXLD
--HG--
extra : rebase_source : 9eae07ef30b1a7559b5fe80e6698c248a55b970e
Necko computes this information in order to set the User-Agent header in
the parent process. This header is set on all outgoing requests, and
therefore in the content process we can easily copy the value of this
header from the document channel object instead of the inefficient sync
IPC that currently happens in order to access the JavaScript
implementation living in the parent process.
This patch implements the W3C Web Authentication API from
https://www.w3.org/TR/webauthn/, currently the 28 September 2016
working draft.
It utilizes a tentative binding of the U2F NSS Soft Token to provide
authentication services while waiting on Bug 1245527 to support USB HID-based
U2F tokens. This binding is not in the specification yet, so it should be
considered an experiment to help the specification move fowrard.
There are also a handful of deviations from the specification's WebIDL, which
are annotated with comments in WebAuthentication.webidl.
There are no tests in this commit; they are in Part 4 of this commit series.
There is a small script online at https://webauthn.bin.coffee/ to exercise this
code, but it doesn't do any automated checks.
There are also a handful of TODOS:
1) The algorithm to relax the same-origin restriction is in Part 3.
2) The use of AlgorithmIdentifier and having a way to coerce an object to a
string is still missing.
3) Timeouts and deadlines aren't there, and are pending reworking how
the nsIU2FToken interface works.
UPDATED:
- Address qdot, keeler review comments (thanks!)
- Address more qdot, keeler review comments (thanks!)
MozReview-Commit-ID: JITapI38iOh
--HG--
extra : rebase_source : 9a09e852dd0c8dc47f42dabbcf8b845a6828b225
Kyle Machulis
shindli
Boris Zbarsky
Johann Hofmann
Nika Layzell
Adam Gashlin
Tooru Fujisawa
Amy Chung
Kearwood "Kip" Gilbert
Nicholas Nethercote
Tim Huang
David Keeler
Kearwood Gilbert
Chris Pearce
Andrea Marchesini
Phil Ringnalda
Mike Hommey
Ehsan Akhgari
Thomas Nguyen
Wei-Cheng Pan
Daosheng Mu
Bevis Tseng
J.C. Jones
Olli Pettay
Carsten "Tomcat" Book