Граф коммитов

1776 Коммитов

Автор SHA1 Сообщение Дата
Ehsan Akhgari e45aad00ec Bug 1297687 - Part 3: Ensure that the expanded principal of a sandbox has a sensible OriginAttributes; r=bholley
This patch allows specifying an OriginAttributes when creating a sandbox
using Components.utils.Sandbox() by specifying an originAttributes
member on the options dictionary.

If an OA is specified in this way, it is used for creating codebase
principals from the string arguments passed to the function.  Otherwise,
if one or more principals are passed in the array argument to Sandbox(),
the OA of the principal(s) is used to construct codebase principals from
the strings inside the array.  In this case, we check to make sure that
all of the passed principals have the same OA, otherwise we'll throw an
exception.

In case no explicit OA is specified and no principals are passed in the
array argument, we create the codebase principals using a default OA.
2016-09-22 13:27:51 -04:00
Ehsan Akhgari 5404c2dc93 Bug 1297687 - Part 2: Allow specifying an OriginAttribute when creating an expanded principal; r=bholley 2016-09-22 13:27:40 -04:00
Ehsan Akhgari 6b65aceec2 Bug 1297687 - Part 1: Remove nsIScriptSecurityManager.createExpandedPrincipal(); r=bholley 2016-09-22 13:27:33 -04:00
Christoph Kerschbaumer bc9a70d964 Bug 1297338 - Introduce concept of principalToInherit to docshell and scriptSecurityManager. r=bz 2016-09-20 08:36:25 +02:00
Nicholas Nethercote 8c9e80a613 Bug 1297300 - Add missing checks to GetSpec() calls in caps/ and js/. r=mrbkap.
This required making GetScriptLocation() fallible.

--HG--
extra : rebase_source : a678e86c443988897d88550bec1cd1d21c3e919e
2016-08-30 14:22:04 +10:00
Michael Layzell 36e08437d0 Bug 1018486 - Part 8: Various other changes, r=smaug
MozReview-Commit-ID: B0dsomkWgEk
2016-09-07 10:50:45 -04:00
Yoshi Huang 10b437080c Bug 1260931 - Part 3: Propagate firstPartyDomain. r=smaug 2016-09-06 10:25:58 +08:00
Yoshi Huang 85a594681d Bug 1260931 - Part 1: add firstPartyDomain. r=smaug
Add an origin attribute called 'firstPartyDomain'.
This value will be extracted from the URL bar.

And the purpose of this attribute is used to isolate the data-jars.
Please see the tor documentation.
https://www.torproject.org/projects/torbrowser/design/#identifier-linkability

The idea is like a superset of 'reject third party cookies', but not
only apply for cookies, it also applies to all data-jars like localStorage,
indexedDB and so on.

So basically an iframe will have its own data-jar, and this data-jar is
isolated by the URL from URL bar, for instance, an iframe
https://facebook.com inside https://cnn.com won't share data-jar with
the iframe (https://facebook.com) in https://bbc.com
2016-09-06 10:25:48 +08:00
Sebastian Hengst 60d03b201e Backed out changeset 935ffd53f193 (bug 1260931) for failing xpcshell test test_packaged_app_service.js. r=backout 2016-09-05 21:16:10 +02:00
Sebastian Hengst c9519f7c29 Backed out changeset b9afda2804fd (bug 1260931) 2016-09-05 21:15:29 +02:00
Yoshi Huang 6cca1d0c54 Bug 1260931 - Part 3: Propagate firstPartyDomain. r=smaug 2016-09-06 01:50:30 +08:00
Yoshi Huang 6c3b62e2fb Bug 1260931 - Part 1: add firstPartyDomain. r=smaug
Add an origin attribute called 'firstPartyDomain'.
This value will be extracted from the URL bar.

And the purpose of this attribute is used to isolate the data-jars.
Please see the tor documentation.
https://www.torproject.org/projects/torbrowser/design/#identifier-linkability

The idea is like a superset of 'reject third party cookies', but not
only apply for cookies, it also applies to all data-jars like localStorage,
indexedDB and so on.

So basically an iframe will have its own data-jar, and this data-jar is
isolated by the URL from URL bar, for instance, an iframe
https://facebook.com inside https://cnn.com won't share data-jar with
the iframe (https://facebook.com) in https://bbc.com
2016-09-06 01:50:15 +08:00
Wes Kocher a2ca4e17ce Backed out changeset 1e7eb0625d3e (bug 1297687) a=merge 2016-09-02 13:18:37 -07:00
Sebastian Hengst 7080f0c942 Backed out changeset dd200883aa79 (bug 1260931) for permafailing test_child_docshell.html on Android debug. r=backout 2016-09-02 15:33:51 +02:00
Sebastian Hengst df3ad10e28 Backed out changeset 10da0eca7bbb (bug 1260931) 2016-09-02 15:33:51 +02:00
Sebastian Hengst 31c5f85098 Backed out 5 changesets (bug 1260931)
Backed out changeset 86e1a437021b (bug 1260931)
Backed out changeset be65e87da9e3 (bug 1260931)
Backed out changeset 39cff1d988fd (bug 1260931)
Backed out changeset 2fa7c4d8a5bc (bug 1260931)
Backed out changeset 075d612841fb (bug 1260931)
2016-09-02 14:55:59 +02:00
Sebastian Hengst 7db44d87f4 Backed out changeset dd200883aa79 (bug 1260931) for permafailing test_child_docshell.html on Android debug. r=backout 2016-09-02 14:39:43 +02:00
Sebastian Hengst 5bbaac898b Backed out changeset 10da0eca7bbb (bug 1260931) 2016-09-02 14:38:42 +02:00
Yoshi Huang 88b9430165 Bug 1260931 - Part 3: Propagate firstPartyDomain. r=smaug 2016-09-02 15:04:40 +08:00
Yoshi Huang e48e6c5e6c Bug 1260931 - Part 1: add firstPartyDomain. r=smaug
Add an origin attribute called 'firstPartyDomain'.
This value will be extracted from the URL bar.

And the purpose of this attribute is used to isolate the data-jars.
Please see the tor documentation.
https://www.torproject.org/projects/torbrowser/design/#identifier-linkability

The idea is like a superset of 'reject third party cookies', but not
only apply for cookies, it also applies to all data-jars like localStorage,
indexedDB and so on.

So basically an iframe will have its own data-jar, and this data-jar is
isolated by the URL from URL bar, for instance, an iframe
https://facebook.com inside https://cnn.com won't share data-jar with
the iframe (https://facebook.com) in https://bbc.com
2016-09-02 15:04:40 +08:00
Nicholas Nethercote b71747b2ac Bug 1299727 - Rename NS_WARN_IF_FALSE as NS_WARNING_ASSERTION. r=erahm.
The new name makes the sense of the condition much clearer. E.g. compare:

  NS_WARN_IF_FALSE(!rv.Failed());

with:

  NS_WARNING_ASSERTION(!rv.Failed());

The new name also makes it clearer that it only has effect in debug builds,
because that's standard for assertions.

--HG--
extra : rebase_source : 886e57a9e433e0cb6ed635cc075b34b7ebf81853
2016-09-01 15:01:16 +10:00
Ehsan Akhgari 7d8261a6b9 Bug 1297687 - Use the OriginAttributes associated with a window principal when creating a Sandbox with an expanded principal; r=baku 2016-09-01 14:34:23 -04:00
Andrea Marchesini d4c8ccb2d4 Bug 1298664 - Indentation fix in nsPrincipal::SubsumesInternal, r=smaug 2016-08-29 05:26:41 +02:00
Yoshi Huang 69ed1a79e4 Bug 1244340 - Part 2: add setOriginAttributes in nsIXMLHttpRequest. r=sicking
Add a ChromeOnly method called 'setOriginAttributes' on the XMLHttpRequest,
so that we can override the origin attributes for those XHRs running by XUL
(which will use System Principal).
2016-08-26 18:59:00 +08:00
Kan-Ru Chen b6d880aca1 Bug 1297276 - Rename mfbt/unused.h to mfbt/Unused.h for consistency. r=froydnj
The patch is generated from following command:

  rgrep -l unused.h|xargs sed -i -e s,mozilla/unused.h,mozilla/Unused.h,

MozReview-Commit-ID: AtLcWApZfES


--HG--
rename : mfbt/unused.h => mfbt/Unused.h
2016-08-24 14:47:04 +08:00
Kan-Ru Chen 29b9a17a92 Bug 1295103 - Use MOZ_MUST_USE in OriginAttributes. r=allstars
MozReview-Commit-ID: PWUb81L8ya

--HG--
extra : rebase_source : 2bdc7adc7a6b5fd121a4621086fab6f87834dd20
2016-08-15 18:22:44 +08:00
Dragana Damjanovic 67635a6600 Bug 1295636 - SetHostPort should reset the port if the host parameter does not have a port number. r=valentin, r=smaug
--HG--
extra : rebase_source : 2e63afd5708c55810206f9bc47b6f078a0824400
2016-08-17 23:25:00 -04:00
Wes Kocher e9097643d5 Merge inbound to central, a=merge 2016-08-12 13:44:29 -07:00
Jan de Mooij 0ad12515f4 Bug 1292892 part 1 - Stop using JSRuntime outside SpiderMonkey. r=bz,terrence,fitzgen,kanru 2016-08-11 14:39:22 +02:00
Nicholas Nethercote bab6d17ebf Bug 1293117 (part 4) - Change many NS_IMETHODIMP occurrences to NS_IMETHOD. r=froydnj.
This patch makes the following changes on many in-class methods.

- NS_IMETHODIMP F() override;      --> NS_IMETHOD F() override;
- NS_IMETHODIMP F() override {...} --> NS_IMETHOD F() override {...}
- NS_IMETHODIMP F() final;         --> NS_IMETHOD F() final;
- NS_IMETHODIMP F() final {...}    --> NS_IMETHOD F() final {...}

Using NS_IMETHOD is the preferred way of marking in-class virtual methods.
Although these transformations add an explicit |virtual|, they are safe --
there's an implicit |virtual| anyway because |override| and |final| only work
with virtual methods.

--HG--
extra : rebase_source : 386ee4e4ea2ecd8d5001efabc3ac87b4d6c0659f
2016-08-08 10:54:47 +10:00
Rob Wu 9069fff35f Bug 1197451 - Add clipboardWrite permission r=billm
MozReview-Commit-ID: 6d1mQSVWRPe

--HG--
extra : rebase_source : 2f19bab5c9d6db25c60b2b19c06c7027384a04ca
2016-07-08 17:19:17 -07:00
James Andreou 3585e16752 Bug 1283281 - Remove PB Flag from DOMStorage. r=jdm 2016-06-29 14:01:00 +02:00
Andrew McCreight 20456a6f50 Bug 1292289, part 2 - Remove includes of xpcprivate.h in caps/. r=mrbkap
Also remove some unused nsIXPConnect headers.

With the prior patch and this patch, touching xpcprivate.h does not
require rebuilding the caps directory.

MozReview-Commit-ID: HAL0FscGqjM

--HG--
extra : rebase_source : 6d0fcb66d5b6e2654919eb0d035c4365fb30273f
2016-08-04 11:19:24 -07:00
Thomas Wisniewski 6a1fb99d2b Bug 709991 - Fire onerror instead of throwing on network errors for async XHRs. r=bz 2016-07-30 00:24:56 -04:00
Yoshi Huang 84039380cc Bug 1287073 - remove SEC_FORCE_INHERIT_PRINCIPAL_WAS_DROPPED from nsILoadInfo r=sicking 2016-07-28 15:56:32 +08:00
Gijs Kruitbosch 61094e5a36 Bug 1280584 - implement cloneWithNewRef and thereby make hash/ref links use a simple unified codepath in the IO service, r=valentin
MozReview-Commit-ID: 8FIyclkJPDp

--HG--
extra : rebase_source : 49fb2b12488bd57a5417c7c3bff2211d651c5de7
extra : amend_source : d9940a1d9009930dc2f499417a7e1446d4601c20
2016-07-26 23:38:46 +01:00
Fabrice Desré 7846da76d6 Bug 1287107 - Making transition alive with gaia as chrome:// r=bholley,fabrice
MozReview-Commit-ID: 9uVUrmuVFXQ

--HG--
extra : rebase_source : 20f6f0235667530c21aca4889b5d33e39c2d1a48
2016-03-03 09:58:47 -08:00
Carsten "Tomcat" Book c7846e126c Backed out changeset 16aa7041c009 (bug 1287107) for causing xpcshell and mac tests 2016-07-22 11:30:23 +02:00
Fabrice Desré f5b619fb28 Bug 1287107 - Making transition alive with gaia as chrome:// r=bholley,fabrice
MozReview-Commit-ID: 9uVUrmuVFXQ

--HG--
extra : rebase_source : d0c19fcda5c72ecdce3b0d0bbbafa5a7954d7a4c
2016-03-03 09:58:47 -08:00
Tom Tromey 5538d692d3 Bug 1286877 - do not set c-basic-offset for python-mode; r=gps
This removes the unnecessary setting of c-basic-offset from all
python-mode files.

This was automatically generated using

    perl -pi -e 's/; *c-basic-offset: *[0-9]+//'

... on the affected files.

The bulk of these files are moz.build files but there a few others as
well.

MozReview-Commit-ID: 2pPf3DEiZqx

--HG--
extra : rebase_source : 0a7dcac80b924174a2c429b093791148ea6ac204
2016-07-14 10:16:42 -06:00
Carsten "Tomcat" Book 4a64baa9d4 merge mozilla-inbound to mozilla-central a=merge 2016-07-21 16:24:36 +02:00
Rob Wu f8554fe4b9 Bug 1234677 - Introduce _generated_background_page.html r=billm
- Fixes bugzil.la/1234677
- Fixes bugzil.la/1286057
- Fixes bug: the URL failed to load if a query string or reference
  fragment was present.

MozReview-Commit-ID: 4oMwI3IS7OX

--HG--
extra : rebase_source : 621878e4f62febdc34899192e254f8ec315b789e
2016-07-12 13:55:14 -07:00
Chris Peterson b175c9fdd5 Bug 1277106 - Part 2: Expand MOZ_UTF16() strings to u"" string literals. r=Waldo 2016-07-20 22:03:25 -07:00
Gijs Kruitbosch 30cb692f62 Bug 1277583, tests, r=ckerschb
MozReview-Commit-ID: J3r7krW8dSH

--HG--
extra : rebase_source : 9505f797a770560c02461184dbc5cd0b8ac6bbe8
2016-06-02 19:42:29 +01:00
Gijs Kruitbosch ca0706d1c4 Bug 1281787, r=bz
MozReview-Commit-ID: JLdLD57pF87

--HG--
extra : rebase_source : c656044a8448d2fa70e484e9c126fc1955201579
2016-07-13 12:05:22 +01:00
Jan de Mooij e4ae5f26da Bug 1283855 part 20 - Make more principals code take JSContext instead of JSRuntime. r=luke
--HG--
extra : rebase_source : ad5f2f5b5bef9d20e4e248898a3c754adb306683
2016-07-05 16:49:46 +02:00
Jan de Mooij 078a91ca56 Bug 1283855 part 19 - Make security callbacks take JSContext instead of JSRuntime. r=jorendorff
--HG--
extra : rebase_source : c106826540912b00550b2d6162dcae6e1fb616d4
2016-07-05 16:49:44 +02:00
Carsten "Tomcat" Book 2266139ee3 Merge mozilla-central to mozilla-inbound 2016-06-10 15:44:04 +02:00
Gijs Kruitbosch 6b557997b2 Bug 1274480 - followup: use image that exists on android, rs=bustage
MozReview-Commit-ID: 86ioFu6GrmB
2016-06-09 15:35:11 +01:00
Paolo Amadini 5797203ab2 Bug 1274480 - Part 1 - Use SVG for permission icons and notifications. r=Gijs
MozReview-Commit-ID: Dk0PajOppVL

--HG--
extra : rebase_source : eed692400919f5c126debb14b3ae2c2d17c7cb7d
2016-06-08 16:34:10 +01:00
Nicholas Nethercote 5592622f09 Bug 1277104 - Add strings to high-frequency MOZ_CRASH() occurrences. mccr8.
Some of these are guesses; it's not always clear from a crash report stack
trace which MOZ_CRASH() was hit.
2016-06-09 13:09:58 +10:00
Jonathan Watt b15368cfcb Bug 1279451 - Remove a lot of unnecessary includes of nsAutoPtr.h. rs=sparky 2016-06-07 21:10:18 +01:00
Jan Varga af49dba19e Bug 1195930 - Part 8: Fixed support for origin clearing, reworked internal origin patterns to use OriginAttributesPattern; r=asuth 2016-06-05 21:42:48 +02:00
Masatoshi Kimura 107cbffdc0 Bug 1205027 - Only size <img> to broken-image size if it's actually broken. r=dholbert 2016-06-03 07:05:46 +09:00
James Andreou 1d32e86b9c Bug 1269361 - Add mPrivateBrowsingId to OriginAttributes r=ehsan,jdm 2016-06-02 17:03:11 -04:00
Gijs Kruitbosch 4d279191b4 Bug 1277583, r=bz
MozReview-Commit-ID: E9gNZAOQzG9

--HG--
extra : rebase_source : 302534c6ef5c064c3956188dd52fcf668db0d0e1
extra : histedit_source : c97f8279ebeea7b9a6c93d88f6809c38cac2ee14
2016-06-02 19:42:21 +01:00
Jonathan Hao 525c086187 Bug 1259871 - Replace getSimpleCodebasePrincipal with createCodebasePrincipal. r=sicking
MozReview-Commit-ID: Frx0CjBzuve

--HG--
extra : histedit_source : 036eb321d9ccb20e0e071ba588b0a1249eb34bdd
2016-05-24 18:01:34 +08:00
Boris Zbarsky dc120449d2 Bug 1275698. Get rid of nsScriptSecurityManager::ScriptAllowed and replace it with xpc::Scriptability::Get(obj).Allowed() for better performance and less indirection. r=khuey 2016-05-27 20:26:56 -04:00
Boris Zbarsky 4ec7cc4fc1 Bug 1276138. Remove the current/safe JSContext getters from nsScriptSecurityManager. r=mrbkap 2016-05-27 13:28:14 -04:00
Chris Peterson e343bcae34 Bug 1274415 - Fix -Wshadow warnings in caps/ directory. r=dveditz
caps/BasePrincipal.cpp:562:28 [-Wshadow] declaration shadows a local variable
caps/nsScriptSecurityManager.cpp:675:18 [-Wshadow] declaration shadows a local variable
caps/nsScriptSecurityManager.cpp:854:14 [-Wshadow] declaration shadows a local variable
2016-05-19 01:04:46 -07:00
Christoph Kerschbaumer d7757bf8dd Bug 1273364 - Trying to set a CSP on a SystemPrincipal should return NS_ERROR (r=njn) 2016-05-21 19:36:24 +02:00
Joel Maher b6788df19c Bug 1067022 - add expected assertion on windows for test_bug995943.xul. r=RyanVM
MozReview-Commit-ID: 3cg9fQgorhG

--HG--
extra : rebase_source : 76c75b2fab084240c33eab1311ebb6c8f7b9f856
2016-05-16 06:47:59 -04:00
Chris Peterson 353ee65255 Bug 1272513 - Part 1: Suppress -Wshadow warnings-as-errors in some directories. r=glandium 2016-05-11 00:00:01 -07:00
Andrea Marchesini 487efd0283 Bug 1270679 - Ensure blob URLs are only accessible within the same usercontextId, r=bz 2016-05-11 19:53:13 +02:00
Jonathan Watt 73ea9dd190 Bug 1162772, part 3 - Add a getChannelResultPrincipalIfNotSandboxed method to nsIScriptSecurityManager. r=bz
MozReview-Commit-ID: 4QwM1y6wRb
2016-04-28 11:13:09 +01:00
Sebastian Hengst bec59714da Backed out changeset c32539fd746a (bug 1162772) 2016-04-30 09:54:01 +02:00
Jonathan Watt c40b7e121f Bug 1162772, part 3 - Add a getChannelResultPrincipalIfNotSandboxed method to nsIScriptSecurityManager. r=bz
MozReview-Commit-ID: 4QwM1y6wRb
2016-04-28 11:13:09 +01:00
Yoshi Huang ba1bb72568 Bug 1263496 - Part 3: fix for nsNullPrincipal::Create
This fixed the locations listed by
http://searchfox.org/mozilla-central/search?q=nsNullPrincipal::Create(&redirect=true
that needs to inherit origin attributes.
2016-04-27 18:38:07 +08:00
Yoshi Huang 7ae2e09f40 Bug 1263496 - Part 2: fix for NS_NULLPRINCIPAL_CONTRACTID. r=bholley
This fixed the locations listed by
http://searchfox.org/mozilla-central/search?q=NS_NULLPRINCIPAL_CONTRACTID&redirect=true
2016-04-27 18:38:03 +08:00
Kris Maglione 6d36833e42 Bug 1254194: Apply a content security policy to all WebExtension documents. r=gabor
MozReview-Commit-ID: HsFFbWdq00b

--HG--
extra : rebase_source : 07e4b6ec8c32f696d5b5987091ffc5ebde2c3061
extra : histedit_source : 20983fe6a9590d7f410276fac248c3d2f711caaa
2016-04-23 20:56:56 -07:00
Kris Maglione 623a4f8665 Bug 1254194: [webext] Allow extensions to register custom content security policies. r=billm f=aswan
MozReview-Commit-ID: 8L6ZsyDjIpf

--HG--
extra : rebase_source : b6ccbcf849b0e7db835d14a0ba9de588c0188869
extra : histedit_source : 7f966c1d821641fc3551dc4c508f5ce8f990d5a3%2Cafa5697b301620119147292745a2007961907fa8
2016-04-23 21:29:15 -07:00
Kris Maglione cc1c10dbae Bug 1254194: Add a validator for custom add-on content security policies. r=billm f=aswan
MozReview-Commit-ID: LtBbXBCFc32

--HG--
extra : rebase_source : 1da81c92a1ffb75df071d1b32ff04b7d1a9b905a
2016-04-23 20:41:14 -07:00
Tanvi Vyas c73e96a53d Bug 1105556 - Call Create(originAttributes) when loadinfo->loadingPrincipal is null, instead of CreatePrincipalWithInheritedAttributes(). r=sicking 2016-04-13 16:30:22 -07:00
Dave Huseby c01e63f1a5 Bug 1238177 - fix extension content needs to use the correct user context id origin attribute. r=sicking
(HEAD -> oa, refs/patches/oa/Bug_1238177)
Fixes Bug 1238177 -- extension content needs to use the correct user context id origin attribute
2016-04-04 12:20:00 +02:00
Chris Manchester f7a1b3fb60 Bug 1242051 - Add inter-directory test support file dependencies to ini manifests. r=gps
Previously, every test and support file would be synced to the objdir
when running any test. Now that only those support files and tests requested
are synced, we note support files required beyond those in a test's
directory in ini manifests.

MozReview-Commit-ID: EmlDz9d4lqt
2016-04-04 14:56:52 -07:00
Carsten "Tomcat" Book 394034a83e Backed out changeset 0519406b6e57 (bug 1238177) for eslint test failures 2016-04-03 09:30:03 +02:00
Dave Huseby 32251ddc37 Bug 1238177 - Extension content needs to use the correct user context id origin attribute. r=bholley
--HG--
extra : amend_source : f8d3bb6f6b1426ac73669491b651900614f6461c
2016-04-02 13:14:00 -04:00
Dave Huseby b9cbf42ad8 Bug 1237479 -- nsScriptSecurityManager needs to use the correct user context id in the origin attributes in a few places. r=sicking 2016-04-01 22:36:00 -04:00
Matthew Wein 9c7f3d9e91 Bug 1185773 - Enable the moz-extension mochitest on android. r=kmag
MozReview-Commit-ID: ICxmwE1BI8A

--HG--
extra : transplant_source : %9B%BDd%0B%18%EC9Y%09%B9%25k%3F%9924%F2AaW
2016-03-28 10:04:59 -07:00
Benjamin Bouvier 70202e15a1 Bug 1251308; r=luke
MozReview-Commit-ID: AqsMX4m7Qh9

--HG--
extra : rebase_source : 519aef2cf8c0bb39771d4589069e8fd1a06970c3
2016-03-09 11:20:11 +01:00
Mike Hommey fed1d8ce2b Bug 1254906 - Change the annotation on JSPrincipals::dump's definition to match that of its declaration. r=bz
The current discrepancy works because gecko and js don't actually agree
on the meaning of JS_EXPORT_API and JS_PUBLIC_API, but moving the
configure flags that incluences their meaning is going to make them
agree, and that adds a fatal warning when building nsJSPrincipals.cpp
because of the discrepancy.
2016-03-11 09:38:28 +09:00
J. Ryan Stinnett 798c13a0fa Bug 1238160 - Test frame principal when toggling isolation. r=bz
Test frame principals in different configurations to verify the new isolated
attribute works as expected.

MozReview-Commit-ID: CQNRo2bK9iU
2016-03-02 10:35:56 -06:00
J. Ryan Stinnett 95f8000ac8 Bug 1238160 - Add assertions in non-desktop code paths. r=bz,fabrice
Several code paths try to ask the principal if it's in a browser element, but
the principal now only knows about *isolated* browser elements.  All such code
paths are currently unused on desktop.  The frame loader now asserts that
isolation remains enabled for cases where apps are used.

MozReview-Commit-ID: 775DZecc35t
2016-03-02 10:35:56 -06:00
J. Ryan Stinnett 2a55d065b7 Bug 1238160 - Rename OriginAttributes.mInBrowser and associated methods. r=bz,mayhemer
This change renames OriginAttributes.mInBrowser to mInIsolatedMozBrowser and
nsIPrincipal::GetIsInBrowserElement to GetIsInIsolatedMozBrowserElement.  Other
methods that pass these values around also have name changes.

Tokens such as "inBrowser" have previously been serialized into cache keys, used
as DB column names, stored in app registries, etc.  No changes are made to any
serialization formats.  Only runtime method and variable names are updated.

No behavior changes are made in this patch, so some renamed methods may have
nonsensical implementations.  These are corrected in subsequent patches
focused on behavior.

MozReview-Commit-ID: 66HfMlsXFLs
2016-03-02 10:35:56 -06:00
Dave Huseby 4fdeeb7cf9 Bug 1229222 - tests for bug 1229222. r=sicking
(HEAD -> oa, refs/patches/oa/Bug_1229222_Tests)
Tests Bug 1229222

--HG--
extra : rebase_source : baf12ec8819e0e82b7d6f7cf4975636172d98eb6
2016-02-29 12:27:00 +01:00
Dave Huseby 0c0cf070cf Bug 1229222 - add chromeutils for the creation of origin attributes with the correct default values. r=sicking
(HEAD -> oa, refs/patches/oa/Bug_1229222)
Fixes Bug 1229222

--HG--
extra : rebase_source : 299742335452d5b5ac3cf25a3bd2d71ec655049f
2016-02-29 12:26:00 +01:00
Boris Zbarsky 87574e4920 Bug 1251311. JS::DescribeScriptedCaller can't throw JS exceptions. Adjust some callers accordingly. r=khuey 2016-02-26 15:23:13 -05:00
Carsten "Tomcat" Book 9164177faa Backed out changeset 736daf4b4a56 (bug 1229222) for bc6 test failures in browser_339445.js 2016-02-19 15:56:27 +01:00
Dave Huseby 4f029016db Bug 1229222 - tests bug 1229222. r=sicking
(HEAD -> oa, refs/patches/oa/Bug_1229222_Tests)
Tests Bug 1229222
2016-02-17 12:19:00 +01:00
Bill McCloskey d70c91802b Bug 1210099 - Fix structured clone of expanded principal (r=bholley) 2016-02-04 22:30:21 -08:00
Yoshi Huang be5bd39145 Bug 1240651 - Annotate addonId into crash report (r=bholley) 2016-02-01 16:05:53 -08:00
Gijs Kruitbosch ef04fd0f90 Bug 1172165 - check all nested URI schemes in CAPS. Make view-source dangerous to load, and about: URIs use per-URI flags so they keep working, r=bz
Also, add an opt-out for crashtest/reftest for the view-source thing so they don't all break, r=bz

--HG--
extra : commitid : 8NqvmbphSgh
extra : rebase_source : bbe0b6f11a77d7e6241a5733931d9baa95bb3fed
2015-12-11 08:06:41 -05:00
Henry Chang b02a011eef Bug 1211590 - Inherits OriginAttributes from loading principal for GetChannelURIPrincipal. r=sicking 2016-01-13 05:30:00 +01:00
Luke Wagner 72ea23c63e Bug 1239601 - improve the UniquePtr situation (r=jandem)
--HG--
extra : commitid : JegWAoGsuQ9
extra : rebase_source : 995c1b6ab8e4fd3b83c44741cd84a2d7b0d934d7
2016-01-15 18:26:20 -06:00
Christoph Kerschbaumer fecee7be59 Bug 1224694 - Unify and clean up initialization of CSP (r=sicking) 2016-01-14 13:21:31 -08:00
Nigel Babu ccbf22eae8 Backed out changeset f001a01c85d7 (bug 1224694) for browser-chrome bustage on a CLOSED TREE
--HG--
extra : commitid : 5BUjoFsY8bv
2016-01-14 08:04:50 +05:30
Christoph Kerschbaumer 86457169b6 Bug 1224694 - Unify and clean up initialization of CSP (r=sicking) 2016-01-13 15:51:30 -08:00
Blake Kaplan 5749c2ed94 Bug 1237141 - Make this test pass in e10s. r=felipe
--HG--
extra : rebase_source : e9aad0388bea8401c08f137357ca10720622bc05
2016-01-07 10:28:27 -08:00
Andrea Marchesini a365470b87 Bug 1235657 - Session storage needs to handle origin attributes correctly - part 1 - createOriginAttributesWithUserContextId, r=huseby 2016-01-06 10:08:30 +00:00
Honza Bambas a0a6f7e23c Bug 1165214 - Use OriginAttributes in DOM Storage. r=smaug, r=bholley
--HG--
extra : rebase_source : b63ddb5a24a335f771a856cd20c69cdeb0c92ca0
2016-01-05 07:25:00 -05:00
Jonas Sicking 6cc5074df0 Bug 1226909 part 1: Do security checks in a redirect handler rather than when opening the redirected channel. r=ckerschb 2015-12-06 18:33:14 -05:00
Sebastian Hengst 774236075d Backed out changeset 09d64535bcda (bug 1216687), a7f1a289dd78, 4dbf06183e6c, 26318a5e3006, 9ae2af3cf86d (bug 1226909) for M(1,2,5) oranges. r=backout 2015-12-05 16:34:47 +01:00
Jonas Sicking df33e62850 Bug 1226909 part 1: Do security checks in a redirect handler rather than when opening the redirected channel. r=ckerschb 2015-12-05 01:46:20 -08:00
Yoshi Huang 4b500464f5 Bug 1209162 - Create OriginAttributes subtypes. IGNORE IDL r=sicking. 2015-11-03 09:50:54 +08:00
Christoph Kerschbaumer b967444f19 Bug 663570 - MetaCSP Part 2: Principal changes (r=bz) 2015-11-14 19:28:23 -08:00
Christoph Kerschbaumer a876eba5c9 Bug 1188028 - Use channel->ascynOpen2 in dom/security/nsCSPContext.cpp (r=sicking) 2015-07-27 11:57:56 -07:00
Gijs Kruitbosch f1d4d15e39 Bug 1210703 - followup: fix test file used in caps and fix assertions to have actual/expected value in the right order, rs=bustage on a CLOSED TREE
--HG--
extra : commitid : 29mAEwGdSuM
2015-11-09 19:10:23 +00:00
Jan de Mooij a84c33ecb0 Bug 1125423 part 1 - Attach WindowProxies to globals instead of using innerObject/outerObject hooks. r=bz,luke 2015-11-06 19:03:51 +01:00
Jonathan Watt 8c3ca7675f Bug 1220602 - Make the documentation for nsIPrincipal.domain useful. r=bholley IGNORE IDL 2015-09-24 00:36:04 +01:00
Birunthan Mohanathas 9985829ecc Bug 1219392 - Capitalize mozilla::unused to avoid conflicts. r=froydnj 2015-11-02 07:53:26 +02:00
Bobby Holley 86c97bb3f4 Bug 1218039 - Add a nice interface for both C++ and JS to access the principal kind. r=gabor 2015-10-26 11:18:14 -07:00
Nathan Froyd 01583602a9 Bug 1207245 - part 6 - rename nsRefPtr<T> to RefPtr<T>; r=ehsan; a=Tomcat
The bulk of this commit was generated with a script, executed at the top
level of a typical source code checkout.  The only non-machine-generated
part was modifying MFBT's moz.build to reflect the new naming.

CLOSED TREE makes big refactorings like this a piece of cake.

 # The main substitution.
find . -name '*.cpp' -o -name '*.cc' -o -name '*.h' -o -name '*.mm' -o -name '*.idl'| \
    xargs perl -p -i -e '
 s/nsRefPtr\.h/RefPtr\.h/g; # handle includes
 s/nsRefPtr ?</RefPtr</g;   # handle declarations and variables
'

 # Handle a special friend declaration in gfx/layers/AtomicRefCountedWithFinalize.h.
perl -p -i -e 's/::nsRefPtr;/::RefPtr;/' gfx/layers/AtomicRefCountedWithFinalize.h

 # Handle nsRefPtr.h itself, a couple places that define constructors
 # from nsRefPtr, and code generators specially.  We do this here, rather
 # than indiscriminantly s/nsRefPtr/RefPtr/, because that would rename
 # things like nsRefPtrHashtable.
perl -p -i -e 's/nsRefPtr/RefPtr/g' \
     mfbt/nsRefPtr.h \
     xpcom/glue/nsCOMPtr.h \
     xpcom/base/OwningNonNull.h \
     ipc/ipdl/ipdl/lower.py \
     ipc/ipdl/ipdl/builtin.py \
     dom/bindings/Codegen.py \
     python/lldbutils/lldbutils/utils.py

 # In our indiscriminate substitution above, we renamed
 # nsRefPtrGetterAddRefs, the class behind getter_AddRefs.  Fix that up.
find . -name '*.cpp' -o -name '*.h' -o -name '*.idl' | \
    xargs perl -p -i -e 's/nsRefPtrGetterAddRefs/RefPtrGetterAddRefs/g'

if [ -d .git ]; then
    git mv mfbt/nsRefPtr.h mfbt/RefPtr.h
else
    hg mv mfbt/nsRefPtr.h mfbt/RefPtr.h
fi

--HG--
rename : mfbt/nsRefPtr.h => mfbt/RefPtr.h
2015-10-18 01:24:48 -04:00
Yoshi Huang fb57af4ae6 Bug 1191653 - Listen to clear-origin-data in nsPermissionManager. r=bholley 2015-10-13 10:27:42 +08:00
Wes Kocher 5dc7315e7b Merge b2ginbound to central, a=merge 2015-10-07 11:04:26 -07:00
Carsten "Tomcat" Book 08997000eb Backed out 2 changesets (bug 1202902) to recking bug 1202902 to be able to reopen inbound on a CLOSED TREE
Backed out changeset 647025383676 (bug 1202902)
Backed out changeset d70c7fe532c6 (bug 1202902)
2015-10-07 14:03:21 +02:00
Carsten "Tomcat" Book e7ef778c9d Backed out 1 changesets (bug 1202902) for causing merge conflicts to mozilla-central
Backed out changeset cfc1820361f5 (bug 1202902)

--HG--
extra : rebase_source : 5d3db72337754bc7ab0ed0c30b2896100411ff92
2015-10-07 12:13:45 +02:00
Shu-yu Guo d06b6030f6 Bug 1202902 - Scripted fix the world. 2015-10-06 14:00:31 -07:00
Yoshi Huang 02f27f9218 Bug 1211636 - use ToInteger64 in PopulateFromSuffix. r=bholley
From 76c9c3f887d6bce8b15abd37d5921887a187e18d Mon Sep 17 00:00:00 2001
---
 caps/BasePrincipal.cpp                    | 16 ++++++-------
 caps/moz.build                            |  3 +++
 caps/tests/gtest/TestOriginAttributes.cpp | 37 +++++++++++++++++++++++++++++++
 caps/tests/gtest/moz.build                | 13 +++++++++++
 4 files changed, 61 insertions(+), 8 deletions(-)
 create mode 100644 caps/tests/gtest/TestOriginAttributes.cpp
 create mode 100644 caps/tests/gtest/moz.build
2015-10-06 15:36:10 +08:00
Nick Fitzgerald ee543a3018 Bug 1209263 - Allow embedders to tell SpiderMonkey how to structured clone principals; r=bz
--HG--
extra : rebase_source : 04835c034431953344e83203e7753043461474ba
2015-10-02 16:44:00 +02:00
Bobby Holley 073c406ca3 Bug 1208756 - Tests. r=billm 2015-10-02 15:02:09 -07:00
Bobby Holley 75a560dba5 Bug 1208756 - Introduce URI_FETCHABLE_BY_ANYONE and use it for moz-extension. r=bz
This matches the behavior described in
https://developer.chrome.com/extensions/manifest/web_accessible_resources
2015-10-02 15:02:07 -07:00
Bobby Holley dca7589731 Bug 1208756 - Hoist shared CheckMayLoad logic into BasePrincipal. r=bz
This is a pure refactoring.
2015-10-02 14:59:45 -07:00
Yoshi Huang f97211a451 Bug 1167100 - User originAttribute in ContentPrincipalInfo. r=bholley 2015-09-23 18:19:06 +08:00
Bobby Holley ca4a8095de Bug 1209843 - Stop checking for UNKNOWN_APP_ID in all places except those where AppId() is explicitly queried. r=sicking 2015-09-30 16:29:36 -07:00
Stephanie Ouillon 5e14a3b3a8 Bug 1178533 - Add nsIInstallPackagedWebapp for registering permissions when navigating to signed packages r=bholley,fabrice,valentin 2015-08-26 13:12:13 +02:00
Wes Kocher df21b43278 Backed out changeset d0e88c95f3c5 (bug 1167100) for crashes a=backout 2015-09-29 10:25:20 -07:00
Yoshi Huang 872722fe37 Bug 1167100 - User nsIPrincipal.originAttribute in ContentPrincipalInfo. r=bholley 2015-09-23 18:19:06 +08:00
Yoshi Huang d38b78ae54 Bug 1165466 - Fix up docshell and loadcontext inheriting code in nsIScriptSecurityManager. r=bholley 2015-09-23 16:10:21 +08:00
Henry Chang b6b5862949 Bug 1163254 - Add signedPkg to OriginAttributes. r=bholley 2015-09-18 15:11:58 +08:00
Bobby Holley 43144ea83c Bug 1205456 - Check for UNKNOWN_APP_ID when serializing principals. r=sicking 2015-09-18 16:20:06 -07:00
Andrew McCreight dd7dd30236 Bug 1204610 - Use a smart pointer in nsNullPrincipalURI. r=mrbkap 2015-09-14 12:43:00 +02:00
Carsten "Tomcat" Book c5551bace9 Backed out 2 changesets (bug 1169633, bug 1163254) for linux Mn-e10s test bustage on a CLOSED TREE
Backed out changeset 47ccf6689101 (bug 1169633)
Backed out changeset 503eab197a2d (bug 1163254)
2015-09-17 16:01:25 +02:00
hchang 2e884ff477 Bug 1163254 - Add signedPkg to OriginAttributes. r=bholley 2015-09-16 19:42:00 +02:00
Nicholas Nethercote f44287005f Bug 1198334 (part 1) - Replace the opt-in FAIL_ON_WARNINGS with the opt-out ALLOW_COMPILER_WARNINGS. r=glandium.
The patch removes 455 occurrences of FAIL_ON_WARNINGS from moz.build files, and
adds 78 instances of ALLOW_COMPILER_WARNINGS. About half of those 78 are in
code we control and which should be removable with a little effort.

--HG--
extra : rebase_source : 82e3387abfbd5f1471e953961d301d3d97ed2973
2015-08-27 20:44:53 -07:00
Yoshi Huang e6070e9062 Bug 1165272 - Part 2: replace getNoAppCodebasePrincipal. r=bholley 2015-08-18 15:01:42 +08:00
Yoshi Huang 4347bb2318 Bug 1165272 - Part 1: remove getAppCodebasePrincipal. r=bholley 2015-08-17 17:03:19 +08:00
Bobby Holley edfe287f26 Backed out 3 changesets (bug 1165272) for b2g sanity blocker. 2015-08-25 11:16:21 -07:00
Ryan VanderMeulen 1d04070e5b Merge fx-team to m-c. a=merge 2015-08-24 20:57:36 -04:00
Dave Townsend cbedcf3b95 Bug 1042699: Block cross-origin add-on install requests. r=dveditz
--HG--
extra : commitid : FdVvNum7B1w
extra : rebase_source : db8d8aff572798f35b80e20feb6aaaa9094cf79c
extra : amend_source : 14e54c9a677784e9f520a454ee579208f8385384
2015-08-18 17:21:05 -07:00
Yoshi Huang de47f4b89f Bug 1165272 - Part 2: Replace getNoAppCodebasePrincipal. r=bholley 2015-08-24 01:18:00 -04:00
Yoshi Huang 12efacfa8c Bug 1165272 - Part 1: Remove getAppCodebasePrincipal. r=bholley 2015-08-24 01:31:00 -04:00
Bobby Holley ce93138568 Bug 1196371 - Add a runtime assertion against illegal string characters in OriginAttributes suffix creation. r=janv,r=mystor 2015-08-19 21:14:34 -07:00
Wes Kocher dab7b8a1ea Backed out changeset f00b7bf7b9f8 (bug 1196371) for build bustage CLOSED TREE 2015-08-19 15:49:30 -07:00
Bobby Holley 36e1d5fccf Bug 1196371 - Add a runtime assertion against illegal string characters in OriginAttributes suffix creation. r=janv,r=mystor 2015-08-19 14:51:58 -07:00
Michael Layzell 945c9a35f4 Bug 1195415 - Add asciiHostPort field to nsIURI, and use it in the implementation of nsPrincipal::GetOriginForURI, r=bholley 2015-08-18 14:52:24 -04:00
Michael Layzell 274d644ee1 Bug 1192666 - Emit '[]' around origin strings for ipv6 origins, r=ehsan 2015-08-11 15:09:52 -04:00
Bobby Holley a281e74201 Bug 1184387 - Bail out of file:// loads for all non-chrome:// URIs. r=Gijs 2015-08-06 16:37:00 -07:00
Ryan VanderMeulen f2cc7352a6 Backed out changesets f4fa8c49ebc6 and 78e2ba8842d4 (bug 1184387) for browser_parsable_css.js failures.
CLOSED TREE
2015-08-05 14:39:28 -04:00
Bobby Holley 82a19a631c Bug 1184387 - Bail out of file:// loads for all non-chrome:// URIs. r=Gijs 2015-08-05 10:43:22 -07:00
Steven Englehardt 754fd36b97 Bug 1179557 - Add getters for userContextId. r=bholley, r=tanvi
--HG--
extra : histedit_source : 29a5fb5f2a3204d27d0f620d6f3c03e134699fb9
2015-07-30 14:15:00 -04:00
Steven Englehardt 9d4063da89 Bug 1179557 - Add userContextId to originAttributes with tests. r=bholley, r=tanvi
--HG--
extra : histedit_source : 4d033ad9aef7b71c7ebbbe77242c94e9b8e94f0c
2015-07-28 17:32:00 -04:00
Bobby Holley 5da44c2396 Bug 1186732 - Implement an about:blank page inside of moz-extension. r=billm 2015-07-28 17:18:05 -07:00
Bobby Holley 4fefff8e42 Bug 1186152 - Implement nsIProtocolHandlerWithDynamicFlags and use it for moz-extension. r=bz 2015-07-28 12:26:51 -07:00
Bobby Holley 5689b3b6a6 Bug 1161831 - Tests. r=billm 2015-07-21 12:57:24 -07:00
Bobby Holley 0ead8c2e5e Bug 1161831 - Associate extension URIs with the appropriate addon ID. r=billm,sr=bz 2015-07-21 12:57:23 -07:00
Bobby Holley f925835ed9 Bug 1161831 - Implement moz-extension protocol. r=bz,r=billm,sr=mcmanus
The heavy lifting all happened in the previous patch, so this is easy now.
2015-07-21 12:57:22 -07:00
Christoph Kerschbaumer d79403aa15 Bug 1143922 - Add AsyncOpen2 to nsIChannel and perform security checks when opening a channel - scriptSecurityManager changes (r=sicking,bholley) 2015-07-19 19:12:26 -07:00
Michael Layzell 017f50b6d7 Bug 1172080 - Part 2: Use ^ instead of ! to delimit originAttributes from the URI in nsIPrincipal.origin, r=bholley 2015-07-16 14:50:07 -04:00
Michael Layzell d45aee21b9 Bug 1172080 - Part 1: Throw when requesting origin for poorly behaved URIs, r=bholley 2015-07-16 14:50:05 -04:00
Bobby Holley 6955ea7475 Bug 1182610 - Check for UNKNOWN_APP_ID in nsIPrincipal::GetOrigin. r=gabor 2015-07-16 11:23:49 -07:00
Andrew McCreight 8701d0794e Bug 1182966 - Part 3: Add some final annotations to DomainSet. r=mrbkap 2015-07-14 07:59:00 -04:00
Andrew McCreight 460ac92adc Bug 1182966 - Part 2: Stop referring to the nsI class for no apparent reason in DomainPolicy. r=mrbkap 2015-07-14 07:59:00 -04:00
Andrew McCreight 1f979114af Bug 1182966 - Part 1: Use nsTHashTable::Iterator in DomainSet::CloneSet. r=mrbkap 2015-07-14 07:58:00 -04:00
Bobby Holley 87abc69fb0 Bug 1182357 - Add an API to mint nsExpandedPrincipals. r=mrbkap 2015-07-15 16:59:09 -07:00
Bobby Holley b4fdabe37d Bug 1182347 - Remove nsIPrincipal::cookieJar. r=sicking 2015-07-14 19:56:33 -07:00
Bobby Holley 8397689ce8 Bug 1182347 - Implement OriginAttributesPattern. r=sicking,f=allstars.chh 2015-07-14 19:56:32 -07:00
Wes Kocher ff2f0d32cf Backed out 24 changesets (bug 1173523, bug 1172080, bug 817007, bug 1165263) for android reftest bustage CLOSED TREE
Backed out changeset 84fe04b2e7d1 (bug 1172080)
Backed out changeset 0ff004760a1f (bug 1172080)
Backed out changeset af147585ad55 (bug 1165263)
Backed out changeset c3af8ebb6db0 (bug 1165263)
Backed out changeset cd3f33a888fe (bug 1165263)
Backed out changeset e5db39044a1e (bug 1165263)
Backed out changeset c01c9ed77061 (bug 1165263)
Backed out changeset fb723aaa4267 (bug 1165263)
Backed out changeset f754e52e74dc (bug 1165263)
Backed out changeset c6bda3a0afd6 (bug 817007)
Backed out changeset bfa100253349 (bug 817007)
Backed out changeset b787b3f9aadc (bug 1173523)
Backed out changeset 4a0676b73f77 (bug 1173523)
Backed out changeset 82034a4560c5 (bug 1173523)
Backed out changeset 4bdb91114c7a (bug 1173523)
Backed out changeset 72406261eccc (bug 1173523)
Backed out changeset 541b6faf7196 (bug 1173523)
Backed out changeset 1caac4569616 (bug 1173523)
Backed out changeset 0d4f9f9e1b4e (bug 1173523)
Backed out changeset 2d5661eb966c (bug 1173523)
Backed out changeset 89833c0bb0cd (bug 1173523)
Backed out changeset ea64d70eacfe (bug 1173523)
Backed out changeset a8e4f1c0c445 (bug 1173523)
Backed out changeset cf498d466b85 (bug 1173523)
2015-07-14 14:00:32 -07:00
Michael Layzell 52f1ea5402 Bug 1172080 - Part 2: Use ^ instead of ! to delimit originAttributes from the URI in nsIPrincipal.origin, r=bholley 2015-07-14 15:06:42 -04:00
Michael Layzell 4d57018268 Bug 1172080 - Part 1: Throw when requesting origin for poorly behaved URIs, r=bholley 2015-07-14 15:06:41 -04:00
Birunthan Mohanathas a8939590de Bug 1182996 - Fix and add missing namespace comments. rs=ehsan
The bulk of this commit was generated by running:

  run-clang-tidy.py \
    -checks='-*,llvm-namespace-comment' \
    -header-filter=^/.../mozilla-central/.* \
    -fix
2015-07-13 08:25:42 -07:00
Bobby Holley 260bd0121f Bug 1180921 - Support custom callbacks for allowing access per-addon load access to cross-origin URIs. r=bz,r=billm 2015-07-11 10:32:56 -04:00
Bobby Holley 94c6f14615 Bug 1180921 - Add the addonId OriginAttribute. r=bholley 2015-07-11 10:32:55 -04:00
Bobby Holley da74a54e5c Bug 1180921 - Generalize test_origin to make it easier to add new origin attributes. r=gabor 2015-07-11 10:32:54 -04:00
Geoff Brown 52d4e225a0 Bug 1026290 - Update mochitest-chrome manifests for android; r=jgriffin 2015-07-10 14:41:59 -06:00
Wes Kocher 45be9b06a3 Backed out 5 changesets (bug 1180921) for build failures in BasePrincipal.cpp
Backed out changeset d8c1a2e11a9a (bug 1180921)
Backed out changeset f4dd8c53df5f (bug 1180921)
Backed out changeset b272a0ebf5d8 (bug 1180921)
Backed out changeset 8e86b6a7d201 (bug 1180921)
Backed out changeset bbdebd7b8881 (bug 1180921)
2015-07-09 17:43:08 -07:00
Bobby Holley c9102e3238 Bug 1180921 - Support custom callbacks for allowing access per-addon load access to cross-origin URIs. r=bz,r=billm 2015-07-09 17:25:14 -07:00
Bobby Holley 24ce1d8fe4 Bug 1180921 - Add the addonId OriginAttribute. r=bholley 2015-07-09 17:25:05 -07:00
Bobby Holley 01a5c316e5 Bug 1180921 - Generalize test_origin to make it easier to add new origin attributes. r=gabor 2015-07-09 17:21:42 -07:00
Dragana Damjanovic 7987d2203e Bug 905127 - Part 2 - remove unnecessary nsNetUtil.h includes r=jduell 2015-07-06 07:55:00 +02:00
Emanuel Hoogeveen 7d1e52f2ff Bug 905127 - Part 1 - Make some functions from nsNetUtil not inline. r=jduell 2015-07-07 04:17:00 +02:00
Juan Gomez 258ad59e3f Bug 1171931 - Refactor duplicated code using XRE_IsParent/ContentProcess. r=froydnj 2015-07-03 18:29:00 -07:00
Andrew McCreight 10dd21a3ef Bug 886459, part 3 - Remove simple uses of nsIJSRuntimeService to get the JSRuntime. r=bholley 2015-06-26 18:44:14 -07:00
Andrew McCreight f4abeb8aba Bug 886459, part 1 - Remove unused includes of nsIJSRuntimeService.h. r=bholley 2015-06-26 18:44:13 -07:00
Ryan VanderMeulen 5f5c327690 Backed out changeset 8b4e4083639e (bug 1171931) for B2G debug emulator bustage. 2015-06-25 19:48:42 -04:00
Juan Gomez 702a59d135 Bug 1171931 - Refactor duplicated code using XRE_IsParent/ContentProcess. r=froydnj
--HG--
extra : rebase_source : 2ecbe6c1dd8a7ad8dc529b53349ad431cf1116c9
2015-06-24 14:11:00 -04:00
Nikhil Marathe b52b66ebf5 Bug 1169044 - Patch 3 - Store and set principal with script URI on ServiceWorkers. r=ehsan
The ServiceWorkerRegistrationInfo's principal is the principal of the document
that called register(). If we create WorkerPrivate instances based off of
this, they have a valid principal in terms of security and same-origin-ness,
but the URI path is wrong. When fetching the script from the network, the
channel's principal is used to update the worker principal. We need to do the
same when the script is loaded from Cache. This patch adds support to store the
channel principal in the cache.

--HG--
extra : rebase_source : e7d527335aa4f0d4ee52e58915c8b0ef4ad26983
2015-06-04 21:39:34 -07:00
Nikhil Marathe 8dccad6eaa Bug 1169044 - Patch 2 - Split URLSearchParams parsing logic into non-CCed URLParams. r=baku
--HG--
extra : rebase_source : f68696ff1b2f2fabbb0ed015509477c65573768d
2015-06-04 13:45:24 -07:00
Andrea Marchesini 46ed66e379 Bug 1174731 - patch 1 - Make searchParams attribute readonly, r=smaug 2015-06-24 12:15:59 -07:00
Ms2ger 2ae824d1e0 Bug 1174093 - Don't recurse into caps/tests/mochitest during the build; r=mshal
--HG--
extra : commitid : DR79qSofZlS
2015-06-20 09:16:50 +02:00
Yoshi Huang a1b1318d82 Bug 1170097 - Part 2: Add originAttributesToCookieJar. r=bholley 2015-06-03 14:38:55 +08:00
Yoshi Huang b6596ba507 Bug 1170097 - Part 1: Move OriginAttributeDictionary. r=bholley 2015-06-03 14:35:09 +08:00
Andrea Marchesini dcdcd94a06 Bug 1155153 - about:serviceworkers should work in e10s mode, r=nsm, r=bholley 2015-06-04 19:51:57 +01:00
Mike Taylor d0ba71e646 Bug 1170375 - Add 4th batch of top .jp sites to CSS unprefixing service whitelists. r=dholbert 2015-06-08 21:26:00 -04:00
Carsten "Tomcat" Book e7e949f08a Backed out changeset bc305c9b5d05 (bug 1155153) for b2g xpshell test failure on a CLOSED TREE 2015-06-05 13:07:51 +02:00
Andrea Marchesini 42cd5b397c Bug 1155153 - about:serviceworkers should work in e10s mode, r=nsm, r=bholley 2015-06-04 19:51:57 +01:00
Bobby Holley 7df20a2925 Bug 1171175 - Improve BasePrincipal::IsCodebasePrincipal. r=baku 2015-06-04 10:01:40 -07:00
Andrea Marchesini a71e717b67 Bug 1162088 - patch 1 - ServiceWorkerManager should use OriginAttributes from the principal as scopeKey, r=nsm, r=bholley 2015-06-03 09:43:43 +01:00
Bobby Holley ab5b0aa248 Bug 1170311 - Stop asserting non-null argument to nsIPrincipal::{subsumes,equals}{,ConsideringDomain}. r=gabor 2015-06-02 10:45:10 -07:00
Christoph Kerschbaumer f679dfded5 Bug 1129999 - Implement CSP devtool using GCLI; CSP to JSON (r=sstamm,bholley) 2015-05-21 11:16:04 -07:00
Mike Taylor e6b3ee7267 Bug 1166792 - Add 3rd batch of top .jp sites to CSS unprefixing service whitelists. r=dholbert 2015-05-20 13:04:00 -04:00
Bobby Holley 078bd82f31 Bug 1165162 - Introduce a helper for converting from origin strings to a principal. rpending=Yoshi
I didn't end up needing this in bug, but I think it's handy to have around.
2015-05-20 17:11:53 -07:00
Bobby Holley 497b7c5b80 Bug 1165162 - Add nsIPrincipal::cookieJar. r=sicking 2015-05-20 17:11:52 -07:00
Bobby Holley 9514cd6d70 Bug 1165162 - Tests. r=gabor 2015-05-20 17:11:51 -07:00
Bobby Holley 3b6ba803a8 Bug 1165162 - Serialize originSuffix into .origin. r=gabor,sr=sicking
We also provide an opt-out for the original behavior, and use it in various
consumers that look like they need fixing up. Most of the usage here is in
code with persistence considerations, where we may need some sort of migration
path.
2015-05-20 17:11:49 -07:00
Bobby Holley 9a937e13f4 Bug 1165162 - Hoist GetOrigin onto BasePrincipal. r=gabor 2015-05-20 17:11:48 -07:00
Bobby Holley 8ee7426f3a Bug 1165162 - Fix up nsScriptSecurityManager::AppStatusForPrincipal to compare principals rather than origins. r=gabor, sr=sicking
The current check will fail once we start munging the format of nsIPrincipal::Origin.
2015-05-20 17:11:47 -07:00
Bobby Holley 91e0c12696 Bug 1165162 - Rework the nsIScriptSecurityManager principal-minting API to be originAttributes-centric. r=gabor,r=bholley,sr=sicking 2015-05-20 17:11:41 -07:00
Bobby Holley eea636ee0c Bug 1165162 - Make OriginAttributes a dictionary, and make it accessible as both a jsval and a canonical string. r=gabor,r=bholley,sr=sicking 2015-05-20 17:09:53 -07:00
Daniel Holbert 6fe02add87 Bug 1165834: Add alicdn.com (used by taobao.com) to the CSS Unprefixing Service whitelist. r=miketaylr 2015-05-19 10:38:06 -07:00
Bobby Holley d6082103c1 Bug 1164977 - Hoist attribute serialization into BasePrincipal. r=gabor 2015-05-18 15:52:34 -07:00
Bobby Holley f8d1d0c840 Bug 1164977 - Hoist app attributes into a struct on BasePrincipal and refer to them as 'origin attributes'. r=gabor
This sets the stage for the upcoming work for signed apps.
2015-05-18 15:52:34 -07:00
Bobby Holley 213bf81699 Bug 1164977 - Unify subsumes/equals logic on BasePrincipal and reduce duplicated code. r=gabor 2015-05-18 15:52:33 -07:00
Bobby Holley 9438ba6505 Bug 1164977 - Hoist all the app attribute handling into BasePrincipal. r=gabor 2015-05-18 15:52:33 -07:00
Mike Taylor 913d8b5a1a Bug 1163826 - Add remainder of top .jp sites to CSS unprefixing service whitelist. r=dholbert 2015-05-14 10:32:00 -04:00
Neil Rashbrook cf42e317ab Bug 1155963 Only allow NS_LITERAL_CSTRING to be used on compile-time literals r=froydnj,ehsan 2015-05-16 09:07:10 +01:00
Daniel Holbert e2ee3711db Bug 1164292 followup: Add 'override' annotations to BasePrincipal & nsSystemPrincipal GetCsp()/SetCsp() methods. rs=ehsan 2015-05-15 14:54:21 -07:00
Bobby Holley 8444c671f4 Bug 1164292 - Tests. r=gabor 2015-05-15 11:51:54 -07:00
Bobby Holley bd42cbf003 Bug 1164292 - Twiddle format of GetScriptLocation to match what we use for GetOrigin. r=gabor 2015-05-15 11:51:53 -07:00
Bobby Holley 2d6160ec06 Bug 1164292 - Properly implement nsExpandedPrincipal::GetOrigin. r=gabor 2015-05-15 11:51:52 -07:00
Bobby Holley d7f3ecfc0a Bug 1164292 - Order the nsEP whitelist array. r=gabor 2015-05-15 11:51:51 -07:00
Bobby Holley e61971d74b Bug 1164292 - Switch nsIPrincipal::origin to ACString. r=gabor 2015-05-15 11:51:51 -07:00
Bobby Holley 93d7d50247 Bug 1164292 - Make all nsIPrincipal implementations inherit BasePrincipal and hoist some repeated code. r=gabor
Losing the NS_DECL_NSIPRINCIPAL isn't great, but I think it's worth it to share
more code.
2015-05-15 11:51:50 -07:00
Bobby Holley 9e3345280e Bug 1164292 - Rebrand nsBasePrincipal into mozilla::BasePrincipal and give it its own file. r=gabor
The goal here is to provide a common superclass for _all_ the principal
implementations, rather than just nsPrincipal and nsExpandedPrincipal.
2015-05-15 11:51:49 -07:00
Bobby Holley 6882fa756b Bug 1164292 - Re-implement dumpImpl in terms of GetScriptLocation. r=gabor
The existing setup adds a lot of complication and not a lot of value.
2015-05-15 11:51:48 -07:00
Bobby Holley 46b43e4f8b Bug 1164292 - Hoist refcounting into nsJSPrincipals. r=gabor
This is a special-snowflake reference counting system that's tied to
JSPrincipals, so it makes sense to consolidate this on nsJSPrincipals.
2015-05-15 11:51:47 -07:00
Wes Kocher 3c714c42eb Backed out changeset 17cfad44e12b (bug 1155963) for breaking b2g builds 2015-05-14 16:35:18 -07:00
Neil Rashbrook ae441fafa2 Bug 1155963 Only allow NS_LITERAL_CSTRING to be used on compile-time literals r=froydnj,ehsan 2015-05-15 00:00:33 +01:00
Daniel Holbert fb12c84213 Bug 1132745 followup: Fix a typo in a CSS Unprefixing Service whitelisted domain. (no review) 2015-05-08 09:08:27 -07:00
Mike Taylor 4a15da718a Bug 1162106: Add top .jp sites to CSS unprefixing service whitelist. r=dholbert
At the request of the Japan team. See Bug 1162245 to track
removing these from this list.
---
 caps/nsPrincipal.cpp | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
2015-05-07 09:04:42 -07:00
Daniel Holbert 2d69d081ad Bug 1132745 part 2: Add Mozilla China team's requested additional domains to CSSUnprefixingService whitelist. r=miketaylr 2015-05-05 09:04:23 -07:00
Daniel Holbert 5a9765f82b Bug 1132745 part 1: remove music.baidu.com from CSSUnprefixingService whitelist. r=miketaylr 2015-05-05 09:04:22 -07:00
David Major ebde6b9f4f Bug 1157835: Remove the MSVC_ENABLE_PGO flag from the build system. r=glandium
--HG--
extra : rebase_source : 0c47c99bb8b92f8361a51fd81b20a2cc8647a986
2015-04-27 19:59:27 -04:00
Andrea Marchesini cb54385682 Bug 1156632 - Remove unused forward class declarations - patch 4 - netwerk image and dom, r=ehsan 2015-04-22 08:29:20 +02:00
Wes Kocher e005d7be52 Merge m-c to fx-team a=merge CLOSED TREE 2015-04-14 15:40:46 -07:00
David Rajchenbach-Teller 2f31f8bdf2 Bug 1150045 - De-anonymize Expanded Principals. r=bholley 2015-04-10 17:52:29 +02:00
Ms2ger f1fc41b0e5 Bug 949614 - Use === for SimpleTest.is; r=Waldo
This is more likely to be correct, and a necessary step in case we ever want
to move to Object.is.

This keeps ise as an alias for is, and introduces is_loosely for the old
behaviour.
2015-04-14 15:28:13 +02:00
Christoph Kerschbaumer e6a1d175c3 Bug 1134096 - Revise docs for ::NewChannel2, ::GetChannelPrincipal and add deprecation warnings (r=tanvi,sicking) 2015-04-13 13:37:14 -07:00
Mike Hommey b077d9624d Bug 1134920 - Use moz_xmalloc/moz_xrealloc/free instead of nsMemory::Alloc/Realloc/Free. r=nfroyd 2015-04-01 13:51:45 +09:00
Boris Zbarsky f5ee2614a8 Bug 1149280 part 2. Drop the useless mScheme member of nsNullPrincipalURI. r=smaug 2015-03-31 13:11:04 -04:00
Boris Zbarsky ab624ae20e Bug 1149280 part 1. Make nullprincipal creation faster. r=smaug 2015-03-31 13:11:00 -04:00
Andrea Marchesini e6f385fb3d Bug 1148527 - Indentation fix after bug 1145631, r=ehsan 2015-03-27 18:52:19 +00:00
Gabor Krizsanits 9ae27c5155 Bug 1126014 - DomainPolicy support for e10s. r=mrbkap 2015-03-24 15:29:16 +01:00
Ehsan Akhgari 883849ee32 Bug 1145631 - Part 1: Replace MOZ_OVERRIDE and MOZ_FINAL with override and final in the tree; r=froydnj
This patch was automatically generated using the following script:

function convert() {
echo "Converting $1 to $2..."
find . \
       ! -wholename "*/.git*" \
       ! -wholename "obj-ff-dbg*" \
         -type f \
      \( -iname "*.cpp" \
         -o -iname "*.h" \
         -o -iname "*.c" \
         -o -iname "*.cc" \
         -o -iname "*.idl" \
         -o -iname "*.ipdl" \
         -o -iname "*.ipdlh" \
         -o -iname "*.mm" \) | \
    xargs -n 1 sed -i -e "s/\b$1\b/$2/g"
}

convert MOZ_OVERRIDE override
convert MOZ_FINAL final
2015-03-21 12:28:04 -04:00
Boris Zbarsky 1f28a7b068 Bug 1144991 another followup, to fix the stupid compile issue. r=must-reopen-the-CLOSED TREE 2015-03-19 21:16:22 -04:00
Boris Zbarsky 3535d21268 Bug 1144991 followup. Allow the hidden window to link to chrome things even though most resource:// URIs can't. r=bholley and I sneer upon the CLOSED TREE. 2015-03-19 21:04:25 -04:00
Boris Zbarsky 94fe221522 Bug 1144991 - Be a bit more restrictive about when a URI_IS_UI_RESOURCE source is allowed to link to a URI_IS_UI_RESOURCE URI that doesn't have the same scheme. r=bholley, a=me 2015-03-19 18:58:44 -04:00
Daniel Holbert 988454ac8a Bug 1132743 followup: hook up nsPrincipal.cpp's "gCodeBasePrincipalSupport" in new InitializeStatics method, instead of lazily. implicit rs=dbaron CLOSED TREE
--HG--
extra : amend_source : c779dbbb74b5563ab9b4ee33dd61438fbbd6a356
2015-03-13 13:16:01 -07:00
Daniel Holbert 908a699328 Bug 1132743: Only allow CSS Unprefixing Service to be activated for hosts on a small, hardcoded whitelist. r=dbaron f=bz
--HG--
rename : layout/style/test/test_unprefixing_service.html => layout/style/test/unprefixing_service_iframe.html
2015-03-13 13:15:09 -07:00
Wes Kocher bbd726bf8c Backed out 2 changesets (bug 1132743) for asan mochitest-e10s-1 bustage CLOSED TREE
Backed out changeset 4e00f10f5a2d (bug 1132743)
Backed out changeset 720842726906 (bug 1132743)
2015-03-13 15:16:33 -07:00
Daniel Holbert 6130329261 Bug 1132743 followup: hook up nsPrincipal.cpp's "gCodeBasePrincipalSupport" in new InitializeStatics method, instead of lazily. implicit rs=dbaron 2015-03-13 13:16:01 -07:00