Граф коммитов

246 Коммитов

Автор SHA1 Сообщение Дата
Andrew McCreight 139398a824 Bug 1599569 - Make nsScriptSecurityManager::ClearJSCallbacks into a static method. r=kmag
XPConnect calls this method during shutdown after the pointer to the
singleton nsScriptSecurityManager has been cleared, so it is actually
calling it with a null |this|. Nobody noticed this because it isn't
actually using |this|. This patch turns it into a static method to
make the sanitizers happy.

Differential Revision: https://phabricator.services.mozilla.com/D54846

--HG--
extra : moz-landing-system : lando
2019-11-27 20:57:43 +00:00
Jan de Mooij 83d309574b Bug 1579367 - Initialize XPCJSContext explicitly, after loading user prefs. r=kmag
This way we get the correct values for start-up prefs in the parent process.

Differential Revision: https://phabricator.services.mozilla.com/D51061

--HG--
extra : moz-landing-system : lando
2019-11-22 12:40:17 +00:00
Dorel Luca a0370f2bc4 Backed out changeset 955256297d6d (bug 1579367) for causing a top crash in Bug 1594404. a=backout 2019-11-06 23:19:09 +02:00
Jan de Mooij 96cc0b5247 Bug 1579367 - Initialize XPCJSContext explicitly, after loading user prefs. r=kmag
This way we get the correct values for start-up prefs in the parent process.

Differential Revision: https://phabricator.services.mozilla.com/D51061

--HG--
extra : moz-landing-system : lando
2019-11-05 06:29:13 +00:00
Nicholas Nethercote a518709339 Bug 1587162 - Fix UBSAN complaints about pref callbacks. r=erahm
Lots of these callbacks have a non-`void*` final parameter, which UBSAN
complains about. This commit changes them to have a `void*` parameter.

This requires undoing the machinery added in the first two commits of bug
1473631: `TypePrefChangeFunc` and `PREF_CHANGE_METHOD`. The resulting code is
simpler (which is good) and more boilerplate-y (which is bad) but avoids the
undefined behaviour (which is good).

Differential Revision: https://phabricator.services.mozilla.com/D50901

--HG--
extra : moz-landing-system : lando
2019-11-01 02:57:20 +00:00
Shane Caraveo 4c305ddd57 Bug 1587939 enforce addon content script CSP in eval r=ckerschb,robwu
Differential Revision: https://phabricator.services.mozilla.com/D48924

--HG--
extra : moz-landing-system : lando
2019-11-01 06:03:35 +00:00
Marco Bonardo cff612c7b4 Bug 1586681 - Ensure URIFIxup uses the right engine when there's a separate PB engine. r=Standard8,Gijs
Add a new FIXUP_FLAG_PRIVATE_CONTEXT to nsIURIFixup, make it use the default
private search engine when it's set.
Update consumers to pass the new flag when necessary.

Differential Revision: https://phabricator.services.mozilla.com/D48741

--HG--
extra : moz-landing-system : lando
2019-10-12 12:37:51 +00:00
Tom Ritter 23ba7b6fe3 Bug 1583949 - Add a check for IsEvalAllowed to the worker callpath for eval() r=ckerschb,baku
This patch does several things.  Because Workers aren't on the main thread,
many of the things done are in the name of off main thread access.

1) Changes a parameter in IsEvalAllowed from a nsIPrincipal to a bool.
   We only used the principal to determined if it was the System Principal.
   Principals aren't thread safe and can only be accessed on Main Thread, so
   if we passed a Principal in, we would be in error. Instead only pass in
   the bool which - for workers - comes from a thread-safe location.

2) Separates out the Telemetry Event Recording and sending a message to the
   console into a new function nsContentSecurityUtils::NotifyEvalUsage. (And
   creates a runnable that calls it.)

   We do this because we will need to only call this method on the main thread.

   Telemetry Event Recording has only ever been called on the Main Thread.
   While I possibly-successfully cut it over to happen Off Main Thread (OMT)
   by porting preferences to StaticPrefs, I don't know if there were other
   threading assumptions in the Telemetry Code. So it would be much safer to
   just continue recording Event Telemetry on the main thread.

   Sending a message to the console requires calling GetStringBundleService()
   which requires main thread. I didn't investigate if this could be made
   thread-safe, I just threw it onto the main thread too.

   If, in IsEvalAllowed, we are on the main thread - we call NotifyEvalUsage
   directly. If we are not, we create a runnable which will then call
   NotifyEvalUsage for us on the main thread.

3) Ports allow_eval_with_system_principal and allow_eval_in_parent_process
   from bools to RelaxedAtomicBool - because we now check these prefs OMT.

4) In RuntimeService.cpp, adds the call to IsEvalAllowed.

5) Add resource://gre/modules/workers/require.js to the allowlist of eval
   usage. This was the script that identified this gap in the first place.
   It uses eval (twice) for structural reasons (scope and line number
   massaging.)  The contents of the eval are the result of a request to a
   uri (which may be internal, like resource://). The whole point of this
   is to implement a CommonJS require() api.

   This usage of eval is safe because the only way an attacker can inject
   into it is by either controlling the response of the uri request or
   controlling (or appending to) the argument. If they can do that, they
   are able to inject script into Firefox even if we cut this usage of eval
   over to some other type of safe(r) script loader.

   Bug 1584564 tracks making sure calls to require.js are safe.

6) Adds cld-worker.js to the allowlist. Bug 1584605 is for refactoring that
   eval usage, which is decidedly non-trivial.

7) Does _not_ enforce the eval restrictions for workers. While I've gotten
   try to be green and not throw up any instances of eval-usage by workers,
   it is much safer to deploy this is Telemetry-only mode for Workers for
   a little bit to see if anything pops up from the Nightly population.

   Bug 1584602 is for enforcing the checks.

Differential Revision: https://phabricator.services.mozilla.com/D47480

--HG--
extra : moz-landing-system : lando
2019-10-08 17:31:35 +00:00
Ehsan Akhgari 7ddd78221e Bug 1577298 - Do not stop at the current document when computing the top-level principal for storage partitioning; r=baku
Differential Revision: https://phabricator.services.mozilla.com/D47339

--HG--
rename : toolkit/components/antitracking/test/browser/browser_subResources.js => toolkit/components/antitracking/test/browser/browser_subResourcesPartitioned.js
extra : moz-landing-system : lando
2019-09-27 14:05:13 +00:00
Tom Ritter c2e992ed6e Bug 1570681 - Enforce eval restrictions in system contexts and the parent process r=ckerschb
We log to MOZ_LOG, report an error to the console, send telemetry, and in debug builds - crash

Differential Revision: https://phabricator.services.mozilla.com/D45055

--HG--
extra : moz-landing-system : lando
2019-09-19 02:32:41 +00:00
Tom Ritter 9621f537b0 Bug 1570681 - Move Eval testing logic from nsContentSecurityManager to nsContentSecurityUtils r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D45484

--HG--
extra : moz-landing-system : lando
2019-09-18 19:36:31 +00:00
Nicholas Nethercote 5e22e64603 Bug 1573720 - Convert security.view-source.reachable-from-inner-protocol to a static pref. r=bzbarsky
Differential Revision: https://phabricator.services.mozilla.com/D41912

--HG--
extra : moz-landing-system : lando
2019-08-15 05:29:35 +00:00
Brendan Dahl 0a8d6f243d Bug 1551344 - Part 2: Update outdated comments referencing XULDocument. r=smaug
Differential Revision: https://phabricator.services.mozilla.com/D41239

--HG--
extra : moz-landing-system : lando
2019-08-09 17:47:41 +00:00
Tom Schuster 0e913c22c4 Bug 1558915 - Use infallible nsIURI::SchemeIs in various places r=Ehsan
Differential Revision: https://phabricator.services.mozilla.com/D40677

--HG--
extra : moz-landing-system : lando
2019-08-07 19:49:40 +00:00
Cosmin Sabou c3430326e6 Backed out changeset ca88862d6b63 (bug 1558915) for causing build bustages on StartupCacheUtils. CLOSED TREE 2019-08-07 13:20:32 +03:00
Tom Schuster 8bc1f5ada8 Bug 1558915 - Use infallible nsIURI::SchemeIs in various places r=Ehsan
Differential Revision: https://phabricator.services.mozilla.com/D40677

--HG--
extra : moz-landing-system : lando
2019-08-07 09:36:56 +00:00
Razvan Maries eedbf1137f Backed out changeset b197ca57677a (bug 1558915) for build bustages. CLOSED TREE 2019-08-07 01:04:43 +03:00
Tom Schuster 03c7998ef2 Bug 1558915 - Use infallible nsIURI::SchemeIs in various places r=Ehsan
Differential Revision: https://phabricator.services.mozilla.com/D40677

--HG--
extra : moz-landing-system : lando
2019-08-06 20:19:41 +00:00
Tom Ritter 20c32a0175 Bug 1570738 - Record Telemetry if eval() is used in the Parent Process r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D40332

--HG--
extra : moz-landing-system : lando
2019-08-06 19:56:23 +00:00
Tom Ritter ef67c0b08b Bug 1567623 - Update AssertEvalNotUsingSystemPrincipal and re-enable it r=ckerschb
We now correctly handle the following cases:
 - Thunderbird
 - the Browser Toolbox/Console
 - Two safe and common idioms
 - when general.config.filename is set and userChromeJS does shenanigans

We also change the function to only crash in Debug mode, and for Release channels
we report diagnostic information in a way that does not reveal user data.

Differential Revision: https://phabricator.services.mozilla.com/D39557

--HG--
extra : moz-landing-system : lando
2019-08-01 20:45:01 +00:00
Nicholas Nethercote c27392026e Bug 1570212 - Convert security.all_resource_uri_content_accessible to a static pref. r=tjr
Differential Revision: https://phabricator.services.mozilla.com/D40004

--HG--
extra : moz-landing-system : lando
2019-08-01 06:01:40 +00:00
Nicholas Nethercote c0069262ff Bug 1570212 - Convert privacy.firstparty.isolate* prefs to static prefs. r=tjr
Differential Revision: https://phabricator.services.mozilla.com/D40001

--HG--
extra : moz-landing-system : lando
2019-08-01 06:00:22 +00:00
Tom Ritter 87cbad22ea Bug 1564527 - Enable AssertEvalNotUsingSystemPrincipal on Nightly builds r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D37460

--HG--
extra : moz-landing-system : lando
2019-07-18 18:22:06 +00:00
Boris Zbarsky 5062731c15 Bug 1565688. Remove unused IOService arg from NS_NewURI. r=mayhemer
Differential Revision: https://phabricator.services.mozilla.com/D37968

--HG--
extra : moz-landing-system : lando
2019-07-15 13:39:51 +00:00
Razvan Maries affddc7861 Backed out changeset 6e4d13741a0f (bug 1564527) for perma AddressSanitizer failures. CLOSED TREE 2019-07-13 02:05:25 +03:00
Tom Ritter 0ca0f2dea1 Bug 1564527 - Enable AssertEvalNotUsingSystemPrincipal on Nightly builds r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D37460

--HG--
extra : moz-landing-system : lando
2019-07-11 08:46:18 +00:00
Jonathan Kingston 31441f82ea Bug 1560455 - rename CodebasePrincipal to ContentPrincipal. r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D35504

--HG--
extra : moz-landing-system : lando
2019-07-08 16:37:45 +00:00
Boris Zbarsky 9de72a3ac6 Bug 1557793 part 2. Stop using [array] in nsIStringBundle. r=Pike
Differential Revision: https://phabricator.services.mozilla.com/D34196

--HG--
extra : moz-landing-system : lando
2019-06-11 15:51:51 +00:00
Jonathan Kingston a9be4620ee Bug 1508939 - cpp serialization r=ckerschb,mccr8,mikedeboer
Migrating to pure Cpp

Differential Revision: https://phabricator.services.mozilla.com/D29221

--HG--
extra : moz-landing-system : lando
2019-06-03 12:37:12 +00:00
Christoph Kerschbaumer b633427366 Bug 965637: Move CSP from Principal into Client, part 1: backend changes. r=mccr8
Differential Revision: https://phabricator.services.mozilla.com/D27654

--HG--
extra : moz-landing-system : lando
2019-05-21 23:14:27 +00:00
Jonas Allmann adabaeabe2 Bug 1541858, AssertEvalNotUsingSystemPrincipal into the ContentSecurityManager and also call it for worker code r=ckerschb
Bug 1541858 - Extended eval()-Assertion whitelist, r=ckerschb

Differential Revision: https://phabricator.services.mozilla.com/D28052

--HG--
extra : moz-landing-system : lando
2019-04-18 13:54:43 +00:00
Andrea Marchesini a438b12ebd Bug 1536411 - StoragePrincipal - part 1 - Implementation, r=Ehsan
Differential Revision: https://phabricator.services.mozilla.com/D24025

--HG--
extra : moz-landing-system : lando
2019-04-12 05:31:32 +00:00
Cosmin Sabou af07021e88 Backed out 10 changesets (bug 1536411) for causing leaks in CondVar, MessagePortService, MessagePortServiceData.
Backed out changeset eda5854cd7e8 (bug 1536411)
Backed out changeset f94dfbf2476c (bug 1536411)
Backed out changeset c68dc3152faa (bug 1536411)
Backed out changeset f67d157e8baf (bug 1536411)
Backed out changeset 1107a9767f38 (bug 1536411)
Backed out changeset ccbe1af00fb9 (bug 1536411)
Backed out changeset 552c4b588524 (bug 1536411)
Backed out changeset 2eb20578159b (bug 1536411)
Backed out changeset 45708d22bb6d (bug 1536411)
Backed out changeset 87601ef1d4d4 (bug 1536411)
2019-04-11 22:48:49 +03:00
Andrea Marchesini 5cfeeda19e Bug 1536411 - StoragePrincipal - part 1 - Implementation, r=Ehsan
Differential Revision: https://phabricator.services.mozilla.com/D24025

--HG--
extra : moz-landing-system : lando
2019-04-11 16:27:12 +00:00
Eden Chuang 72b79c6fbd Bug 1442778 - Add "chromeContext" parameter to console API and console service messages. r=smaug
1. Adding a new attribute chromeContext in ConsoleEvent
2. Adding a new boolean attribute isFromChromeContext in nsIConsoleMessage
3. Sending IsFromChromeContext to the parent process

Differential Revision: https://phabricator.services.mozilla.com/D23330

--HG--
extra : moz-landing-system : lando
2019-04-01 22:42:34 +00:00
Sylvestre Ledru ef0bfc3822 Bug 1519636 - Reformat recent changes to the Google coding style r=Ehsan
# ignore-this-changeset

Differential Revision: https://phabricator.services.mozilla.com/D24168

--HG--
extra : moz-landing-system : lando
2019-03-31 15:12:55 +00:00
Cosmin Sabou 78fc71e3c3 Backed out changeset 7fa7d6e6dedc (bug 1442778) for devtools failures on browser_webconsole_check_stubs_console_api.js CLOSED TREE 2019-03-26 20:27:55 +02:00
Eden Chuang 5e4df764d9 Bug 1442778 - Add "chromeContext" parameter to console API and console service messages. r=smaug
1. Adding a new attribute chromeContext in ConsoleEvent
2. Adding a new boolean attribute isFromChromeContext in nsIConsoleMessage
3. Sending IsFromChromeContext to the parent process

Differential Revision: https://phabricator.services.mozilla.com/D23330

--HG--
extra : moz-landing-system : lando
2019-03-26 15:18:20 +00:00
sakshaat d781937a67 Bug 1517483 - Get rid of nsIScriptSecurityManager::IsSystemPrincipal r=bzbarsky
Replaced instances of callers in both C++ and JS files to query the state from the principal directly.

Differential Revision: https://phabricator.services.mozilla.com/D22532

--HG--
extra : moz-landing-system : lando
2019-03-24 20:36:25 +00:00
Christoph Kerschbaumer 23b1d42b45 Bug 1534971: Add helper function within CSP to check if two CSPs are equal. r=jkt
Differential Revision: https://phabricator.services.mozilla.com/D23567

--HG--
extra : moz-landing-system : lando
2019-03-15 12:20:52 +00:00
Christoph Kerschbaumer 980f75a172 Bug 1530854: Always create CSP on Principal so the explicit CSP in the nsISHEntry holds a reference to the potentially dynamically modified CSP in case of a meta CSP. r=bzbarsky
Differential Revision: https://phabricator.services.mozilla.com/D21919

--HG--
extra : moz-landing-system : lando
2019-03-14 06:26:29 +00:00
Ryan Hunt 945f9686c0 Bug 1523969 part 2 - Move method definition inline comments to new line in 'caps/'. r=bzbarsky
Differential Revision: https://phabricator.services.mozilla.com/D21102

--HG--
extra : rebase_source : b425a584c7f754a52a32362ea08ebcecc5941c78
2019-02-25 16:03:35 -06:00
Christoph Kerschbaumer 54df1cb98c Bug 1528677: Remove nullchecks for loadinfo since we have loadinfo on all channels. r=baku 2019-02-20 13:27:25 +01:00
shindli 011ea038cb Merge mozilla-central to inbound. a=merge CLOSED TREE 2019-01-29 23:54:31 +02:00
Shane Caraveo 3e429f056f Bug 1521573 web_accessible incognito support, r=kmag,smaug
Prevent web_accessible_resources resources loading in private contexts when extension does not have permission.

Differential Revision: https://phabricator.services.mozilla.com/D17138

--HG--
extra : moz-landing-system : lando
2019-01-29 15:40:09 +00:00
Andreea Pavel b839d65d3c Backed out changeset 546ee20723b6 (bug 1521573) for failing test_ext_web_accessible_incognito.html 2019-01-29 06:07:40 +02:00
Shane Caraveo 6004d08141 Bug 1521573 web_accessible incognito support, r=kmag,smaug
Prevent web_accessible_resources resources loading in private contexts when extension does not have permission.

Differential Revision: https://phabricator.services.mozilla.com/D17138

--HG--
extra : moz-landing-system : lando
2019-01-29 01:42:34 +00:00
Gijs Kruitbosch ceecd61c16 Bug 1515863, r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D15221

--HG--
extra : rebase_source : 64431f64e9af7a961ffcd47c7b8e01dbecc71b07
2018-12-21 11:56:47 +00:00
Kris Maglione eb14dd1d2c Bug 1478124: Part 8b - Update DocShell module to use a static component manifest. r=bzbarsky
Differential Revision: https://phabricator.services.mozilla.com/D15040

--HG--
extra : rebase_source : d89ac470241cb6f6a43c29c6e90b1c0e4fc78028
extra : source : b0444e0bc801f828b49f9953a73498cf5ff5024b
2018-12-16 17:27:58 -08:00
arthur.iakab c1fae83952 Backed out 16 changesets (bug 1478124) for failing android geckoview-junit CLOSED TREE
Backed out changeset fce62c77a56b (bug 1478124)
Backed out changeset eb2fa3b5edf7 (bug 1478124)
Backed out changeset 8dacce59fcc0 (bug 1478124)
Backed out changeset 012fd0107204 (bug 1478124)
Backed out changeset 496aaf774697 (bug 1478124)
Backed out changeset 21f4fda03159 (bug 1478124)
Backed out changeset b0444e0bc801 (bug 1478124)
Backed out changeset d94039b19943 (bug 1478124)
Backed out changeset 5d85deac61c2 (bug 1478124)
Backed out changeset 929fd654c9df (bug 1478124)
Backed out changeset 1ddd80d9e91a (bug 1478124)
Backed out changeset b8d2dfdfc324 (bug 1478124)
Backed out changeset f500020a273a (bug 1478124)
Backed out changeset dd00365ebb55 (bug 1478124)
Backed out changeset 538e40c5ee13 (bug 1478124)
Backed out changeset bedaa9c437ad (bug 1478124)
2019-01-29 10:03:06 +02:00