9fe7a4201d
Bug 1378377 Part 1: Expose file:// URI whitelist check to chrome JS. r=bz
...
This is required so that we can check the whitelist and run domains that are
allowed to use file:// URIs in the file content process.
2017-07-19 09:37:25 +01:00
c86dc10505
Bug 1380227 - Avoid many UTF16toUTF8 and UTF8toUTF16 conversions in nsStringBundle. r=emk.
...
Most of the names passed to nsIStringBundle::{Get,Format}StringFromUTF8Name
have one of the two following forms:
- a 16-bit C string literal, which is then converted to an 8-bit string in
order for the lookup to occur;
- an 8-bit C string literal converted to a 16-bit string, which is then
converted back to an 8-bit string in order for the lookup to occur.
This patch introduces and uses alternative methods that can take an 8-bit C
string literal, which requires changing some signatures in other methods and
functions. It replaces all C++ uses of the old methods.
The patch also changes the existing {Get,Format}StringFromName() methods so
they take an AUTF8String argument for the name instead of a wstring, because
that's nicer for JS code.
Even though there is a method for C++ code and a different one for JS code,
|binaryname| is used so that the existing method names can be used for the
common case in both languages.
The change reduces the number of NS_ConvertUTF8toUTF16 and
NS_ConvertUTF16toUTF8 conversions while running Speedometer v2 from ~270,000 to
~160,000. (Most of these conversions involved the string
"deprecatedReferrerDirective" in nsCSPParser.cpp.)
--HG--
extra : rebase_source : 3bee57a501035f76a81230d95186f8c3f460ff8e
2017-07-12 15:13:37 +10:00
9b9495bf79
Bug 1252211 - Remove DOMCI for TreeSelection, XULCommandDispatcher and XULControllers. r=bz.
...
--HG--
extra : rebase_source : 5a24af4928dbd7754850c6e3ceff6646bfe58c93
2017-05-18 09:07:25 +02:00
4a5a3d9f30
Backed out changeset 2c51cdd42834 (bug 1252211) for bustage
2017-06-13 12:20:33 +02:00
9d549d2f23
Bug 1252211 - Remove DOMCI for TreeSelection, XULCommandDispatcher and XULControllers. r=bz.
...
--HG--
extra : rebase_source : db24985f7e8f6d4ca4df13015d565ec0063ba355
extra : source : f361697cb50b47dc4db94a6730b6604ab69217f5
2017-05-18 09:07:25 +02:00
e7eda19b3d
Bug 1369323 - Get rid of nsScriptSecurityManager::GetNoAppCodebasePrincipal, r=bholley
2017-06-02 11:05:28 +02:00
1cb008c2f2
Bug 1369314 - Get rid of nsScriptSecurityManager::GetAppCodebasePrincipal, r=bholley
2017-06-02 11:05:28 +02:00
a81cfadca0
Bug 1356193 - rename securityFlags local variable for code clarity reasons, r=ckerschb
...
MozReview-Commit-ID: DmU4ORvXHNY
--HG--
extra : rebase_source : 687cf2ee500839182c4a2f785fc51e9b71476f3c
2017-04-13 11:36:18 +01:00
067b18b9f3
Bug 1316683 - Part 5: Avoid going into SpiderMonkey for retrieving origin attributes; r=baku
...
Our caller is C++ code, and the implementations are all also written in C++,
so there is no reason to go through SpiderMonkey here. This patch also makes
nsILoadContext builtinclass to ensure that the implementation is always native.
2017-04-12 11:32:19 -04:00
3d9add57b3
Bug 1349517 - Don't set CSP on NullPrincipal if it already has one. r=ckerschb
...
MozReview-Commit-ID: EKqDr7RxjWE
--HG--
extra : transplant_source : %21C%0D%CC%E1%96%2Aw%D1%DE%0B%D5%CE%019%8F%C5%95ER
2017-03-23 13:21:13 +01:00
8a8722824e
Bug 1352513 - re-add the hidden window exception behind a pref, r=bholley
...
MozReview-Commit-ID: 3q1CZ5QCuus
--HG--
extra : rebase_source : adb93e2ee26e17f8ce03023deebc85d657dfe498
2017-04-03 11:47:22 +01:00
17162a90b4
Bug 1145470 - remove hiddenWindow specialcasing from CheckLoadURI code, r=bholley
...
All the consumers relying on this have disappeared, so we can (finally!) get
rid of this ugly bit of special-casing.
MozReview-Commit-ID: HSeeG21O0p4
--HG--
extra : rebase_source : faebaf646308fe29b1c23e4117db2c1ea52ad658
2017-03-30 11:16:17 +01:00
f5e68bc3e1
Backed out changeset ef22dba0dac5 (bug 1316683) for various test failures, e.g. xpcshell netwerk/test/unit/test_bug826063.js and browser-chrome browser/components/downloads/test/browser/browser_iframe_gone_mid_download.js. r=backout on a CLOSED TREE
2017-03-22 20:28:39 +01:00
101a58b3c6
Bug 1316683 - Avoid going into SpiderMonkey for retrieving origin attributes; r=baku
...
Our caller is C++ code, and the implementations are all also written in C++,
so there is no reason to go through SpiderMonkey here. This patch also makes
nsILoadContext builtinclass to ensure that the implementation is always native.
2017-03-22 14:13:31 -04:00
20fb8455d6
Backed out changeset 7e47807067a6 (bug 1316683) for Windows bustage. r=backout
2017-03-22 15:15:27 +01:00
9093d5f005
Bug 1316683 - Avoid going into SpiderMonkey for retrieving origin attributes; r=baku
...
Our caller is C++ code, and the implementations are all also written in C++,
so there is no reason to go through SpiderMonkey here. This patch also makes
nsILoadContext builtinclass to ensure that the implementation is always native.
2017-03-22 10:03:26 -04:00
507c00cb9f
Bug 1343933 - Renaming Principal classes - part 4 - ContentPrincipal, r=qdot
...
--HG--
rename : caps/nsPrincipal.cpp => caps/ContentPrincipal.cpp
rename : caps/nsPrincipal.h => caps/ContentPrincipal.h
2017-03-22 11:39:31 +01:00
f91cb666bb
Bug 1343933 - Renaming Principal classes - part 3 - SystemPrincipal, r=qdot
...
--HG--
rename : caps/nsSystemPrincipal.cpp => caps/SystemPrincipal.cpp
rename : caps/nsSystemPrincipal.h => caps/SystemPrincipal.h
2017-03-22 11:39:08 +01:00
1fd1bc3935
Bug 1343933 - Renaming Principal classes - part 2 - NullPrincipal, r=qdot
...
--HG--
rename : caps/nsNullPrincipal.cpp => caps/NullPrincipal.cpp
rename : caps/nsNullPrincipal.h => caps/NullPrincipal.h
rename : caps/nsNullPrincipalURI.cpp => caps/NullPrincipalURI.cpp
rename : caps/nsNullPrincipalURI.h => caps/NullPrincipalURI.h
2017-03-22 11:38:40 +01:00
622080220c
Bug 1073952: proper indentation for nsScriptSecurityManager::GetChannelResultPrincipal r=Tomcat
...
MozReview-Commit-ID: 84qywpARPwI
--HG--
extra : rebase_source : fd0bc97039e95d93ba0eb7688ef3e1571ef1bba3
2017-01-30 14:13:13 +01:00
390a075c26
Bug 1073952: inherit CSP into iframe sandbox srcdoc r=ckerschb,Tomcat
...
MozReview-Commit-ID: 3fhWCGwgG4A
--HG--
extra : rebase_source : 7e84fafe0ef69b7f6695de825fc254ee0e4209ba
2017-01-30 14:09:37 +01:00
e9195daa8d
Bug 1345168 - Get rid of OriginAttributes::Inherit, r=tjr
2017-03-08 07:41:51 +01:00
087da3f0d9
merge mozilla-inbound to mozilla-central a=merge
2017-03-07 15:13:31 +01:00
3169d6c35c
Bug 1340710 - Part 6: Store BasePrincipal::{mOriginNoSuffix,mOriginSuffix} as a pair of atoms; r=bholley
...
This has the nice side effect of making nsIPrincipal::GetOrigin() a bit faster
by avoiding computing the origin each time.
2017-03-06 22:27:53 -05:00
ed0b8f8653
Bug 1344615: Remove nsXPCOMStrings.{h,cpp} r=bsmedberg
...
These are now dead code.
MozReview-Commit-ID: AClU0Qx3kmN
--HG--
extra : rebase_source : df83cf89292da1519bb26027c11e14923d5c54a0
2017-03-06 17:52:54 +13:00
45dbac3bdd
Bug 1314361 - Part 4: Stop setting addonId origin attribute. r=billm
2016-11-04 18:22:45 -07:00
f3a30cf48d
Bug 1339213 - Inline IsRestrictOpenerAccessForFPI, r=tihuang
2017-02-14 13:45:35 +02:00
e4b6ebfe64
Bug 1335272 - fix about:cache internal links, r=bz
...
MozReview-Commit-ID: QzgsTTulJC
--HG--
extra : rebase_source : 8604d1ea660a6c5c811f47fd3ed98ab136e73c6e
2017-02-02 15:10:11 +00:00
0bf506240a
Bug 1335311. Remove the file:/resource: special case in CheckLoadURIFromScript. r=bholley
2017-02-01 15:29:45 -05:00
b62bca9af3
Bug 1335526 - Ensure that sandboxed channel's result principal is unique; r=bzbarsky
2017-02-01 13:47:26 -05:00
53d59b106f
Backed out changeset a273aee1be72 (bug 1335526) for bustage. r=backout
2017-02-01 17:41:29 +01:00
9b36bf10cd
Bug 1335526 - Ensure that sandboxed channel's result principal is unique; r=bzbarsky
2017-02-01 11:24:49 -05:00
359ae91eac
Bug 1328653 - Merging all the various *OriginAttributes to just one, r=huseby
2017-01-12 17:38:48 +01:00
fe7f4239c6
Bug 1322146 - initialize mFlags variable in constructor. r=dveditz
2016-12-19 12:56:23 +01:00
d1260ddfab
Bug 1318664 - fix about pages linking to themselves with query parameters, r=bz
...
MozReview-Commit-ID: Dsqj0L4aIlv
--HG--
extra : rebase_source : 5fde285885cfa4a14200aefc70d1f2395d67d92f
2016-11-23 18:26:44 +00:00
898f6d8b2a
Bug 1317641 - Some loadinfo security flags should not apply in case of a redirect. r=bz
...
--HG--
extra : rebase_source : aaebbb8628801871e09bc583b3b11a9908b77b92
2016-11-23 17:54:58 -05:00
d07f79a266
Bug 1318210 - Remove nsIAppsService; r=baku
2016-11-17 10:41:36 -05:00
5cc591dc59
Bug 1318209 - Remove mozIApplication; r=baku
2016-11-17 10:12:43 -05:00
82d475be93
Bug 1309310, r=bz
...
MozReview-Commit-ID: KLaMv6zfxR8
--HG--
extra : rebase_source : ccb4d19c874230c512010d3891aae33a69947f62
2016-11-09 18:25:11 +00:00
f2776f1b8d
Bug 1308889 - Try to explicitly pass aTriggeringPrincipal and aPrincipalToInherit to DoURILoad(). r=bz
2016-11-08 07:23:12 +01:00
ce82855c42
Bug 1189086 - Eliminate nsIPrincipal::jarPrefix. r=dveditz
2016-10-24 13:52:00 +02:00
0dc689acdd
Bug 553032 - use MOZ_FORMAT_PRINTF in js; r=evilpie
...
MozReview-Commit-ID: DD3DJRkOxmC
--HG--
extra : rebase_source : 61cdf0da1a82b626abc79209ee41e43c3bb152ca
2016-10-11 12:44:40 -06:00
9e31a95f74
Backed out changeset 2bfd163f23f9 (bug 553032)
2016-10-19 18:29:36 +02:00
5b851428f8
Bug 553032 - use MOZ_FORMAT_PRINTF in js; r=evilpie
...
MozReview-Commit-ID: DD3DJRkOxmC
--HG--
extra : rebase_source : 4f98705e5e2c5ff9860f04384abbc6f5dc18a7a9
2016-10-11 12:44:40 -06:00
fb07f658e3
Bug 1305012 - Downgrade a new channel's principal to NullPrincipal. r=smaug
2016-10-05 21:19:51 +02:00
418bfe72a3
Bug 1300720 - Part 2: Lazily initialize nsScriptSecurityManager::mFileURIWhitelist. r=bholley
...
MozReview-Commit-ID: 8cqHUlOnsEH
2016-10-03 12:43:17 +08:00
9f0454f829
Bug 1306300, null check nsILoadContext in GetLoadContextCodebasePrincipal, r=baku
2016-09-29 20:31:50 +03:00
7de765df42
Bug 1290668 - unbreak view-source links between http and https pages, r=smaug
...
MozReview-Commit-ID: B4nXTkMC5LE
--HG--
extra : rebase_source : ad7086b7ff58f44b12c3eaaf9b7be8c8955762a5
2016-09-27 13:31:53 +01:00
10dd75211d
Bug 1289050 - Part 2: Use ASCII or Latin1 variants of JS_ReportError in not-simple cases. r=jwalden
2016-08-15 19:20:01 +09:00
6b65aceec2
Bug 1297687 - Part 1: Remove nsIScriptSecurityManager.createExpandedPrincipal(); r=bholley
2016-09-22 13:27:33 -04:00
Bob Owen
Nicholas Nethercote
Peter Van der Beken
Carsten "Tomcat" Book
Andrea Marchesini
Gijs Kruitbosch
Ehsan Akhgari
Frederik Braun
Sebastian Hengst
David Major
Kris Maglione
Olli Pettay
Boris Zbarsky
Jean-Luc Bonnafoux
Dragana Damjanovic
Christoph Kerschbaumer
Dave Huseby
Tom Tromey
Cameron McCormack
Tooru Fujisawa