Граф коммитов

2056 Коммитов

Автор SHA1 Сообщение Дата
Sebastian Streich b4ebe9b54a Bug 1592701 - Remove usage of GetURI in nsGlobalWindowInner r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D51258

--HG--
extra : moz-landing-system : lando
2019-11-07 13:42:37 +00:00
Dorel Luca a0370f2bc4 Backed out changeset 955256297d6d (bug 1579367) for causing a top crash in Bug 1594404. a=backout 2019-11-06 23:19:09 +02:00
Jan de Mooij 96cc0b5247 Bug 1579367 - Initialize XPCJSContext explicitly, after loading user prefs. r=kmag
This way we get the correct values for start-up prefs in the parent process.

Differential Revision: https://phabricator.services.mozilla.com/D51061

--HG--
extra : moz-landing-system : lando
2019-11-05 06:29:13 +00:00
Nicholas Nethercote a518709339 Bug 1587162 - Fix UBSAN complaints about pref callbacks. r=erahm
Lots of these callbacks have a non-`void*` final parameter, which UBSAN
complains about. This commit changes them to have a `void*` parameter.

This requires undoing the machinery added in the first two commits of bug
1473631: `TypePrefChangeFunc` and `PREF_CHANGE_METHOD`. The resulting code is
simpler (which is good) and more boilerplate-y (which is bad) but avoids the
undefined behaviour (which is good).

Differential Revision: https://phabricator.services.mozilla.com/D50901

--HG--
extra : moz-landing-system : lando
2019-11-01 02:57:20 +00:00
Shane Caraveo 4c305ddd57 Bug 1587939 enforce addon content script CSP in eval r=ckerschb,robwu
Differential Revision: https://phabricator.services.mozilla.com/D48924

--HG--
extra : moz-landing-system : lando
2019-11-01 06:03:35 +00:00
Shane Caraveo f800952de9 Bug 1581611 Part 1: add content_scripts to the extension content_security_policy r=rpl,bzbarsky
This patch adds support for including content_scripts CSP in the extensions
manifest, along with all interfaces necessary to access the CSP value.  This does not
implement actual use of the CSP for content scripts.

Differential Revision: https://phabricator.services.mozilla.com/D46824

--HG--
extra : moz-landing-system : lando
2019-11-01 06:02:45 +00:00
Shane Caraveo 9ca23aa397 Bug 1581609 rename extension contentSecurityPolicy to support multiple V3 CSP values r=rpl,webidl
Differential Revision: https://phabricator.services.mozilla.com/D46818

--HG--
extra : moz-landing-system : lando
2019-11-01 06:02:22 +00:00
Paul Zuehlcke 7b483252bd Bug 1588461 - Added OA StripAttributes flag for privateBrowsingId. r=johannh,ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D49174

--HG--
extra : moz-landing-system : lando
2019-10-24 14:18:54 +00:00
Tim Huang 336cd10b0e Bug 1590032 - Propagate the first party domain when creating new browser in Fission. r=smaug
In this patch, we add the propagation of the first party domain through
the tabContext while creating OOP browsers. In the window.open() case,
we will propagate the first party domain from the opener's browser parent.
And in the frame case, we will propagate it from the manager of the
browserBridgeParent of the OOP frame.

Differential Revision: https://phabricator.services.mozilla.com/D49886

--HG--
extra : moz-landing-system : lando
2019-10-24 08:51:06 +00:00
Liang-Heng Chen 489786654f Bug 1534339 - make OriginAttributes deserializable; r=baku
`CreateSuffix` is irreversible by `PopulateFromSuffix` because it uses a multi-to-one mapping.
Since only ':' will happen in a IPv6 format, we can make it a 1-to-1 mapping so that the `firstPartyDomain` is consistent after `CreateSuffix` and `PopulateFromSuffix`.

Differential Revision: https://phabricator.services.mozilla.com/D47910

--HG--
extra : moz-landing-system : lando
2019-10-23 14:10:19 +00:00
Sebastian Streich f4b2f14328 Bug 1585664 - Add GetAsciiSpecForLogging and update callers r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D47909

--HG--
extra : moz-landing-system : lando
2019-10-22 16:03:27 +00:00
Sylvestre Ledru 7c309095ea Bug 1519636 - Reformat recent changes to the Google coding style r=Ehsan
Please note that it is the first reformat with clang-format 9
I only saw a fix in the .mm file

# ignore-this-changeset

Differential Revision: https://phabricator.services.mozilla.com/D49056

--HG--
extra : moz-landing-system : lando
2019-10-21 14:13:44 +00:00
Sebastian Streich 854f9b5f12 Bug 1585331 - Add nsIPrincipal::GetAboutModuleFlags r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D47775

--HG--
extra : moz-landing-system : lando
2019-10-17 13:54:41 +00:00
Marco Bonardo cff612c7b4 Bug 1586681 - Ensure URIFIxup uses the right engine when there's a separate PB engine. r=Standard8,Gijs
Add a new FIXUP_FLAG_PRIVATE_CONTEXT to nsIURIFixup, make it use the default
private search engine when it's set.
Update consumers to pass the new flag when necessary.

Differential Revision: https://phabricator.services.mozilla.com/D48741

--HG--
extra : moz-landing-system : lando
2019-10-12 12:37:51 +00:00
Tom Ritter 23ba7b6fe3 Bug 1583949 - Add a check for IsEvalAllowed to the worker callpath for eval() r=ckerschb,baku
This patch does several things.  Because Workers aren't on the main thread,
many of the things done are in the name of off main thread access.

1) Changes a parameter in IsEvalAllowed from a nsIPrincipal to a bool.
   We only used the principal to determined if it was the System Principal.
   Principals aren't thread safe and can only be accessed on Main Thread, so
   if we passed a Principal in, we would be in error. Instead only pass in
   the bool which - for workers - comes from a thread-safe location.

2) Separates out the Telemetry Event Recording and sending a message to the
   console into a new function nsContentSecurityUtils::NotifyEvalUsage. (And
   creates a runnable that calls it.)

   We do this because we will need to only call this method on the main thread.

   Telemetry Event Recording has only ever been called on the Main Thread.
   While I possibly-successfully cut it over to happen Off Main Thread (OMT)
   by porting preferences to StaticPrefs, I don't know if there were other
   threading assumptions in the Telemetry Code. So it would be much safer to
   just continue recording Event Telemetry on the main thread.

   Sending a message to the console requires calling GetStringBundleService()
   which requires main thread. I didn't investigate if this could be made
   thread-safe, I just threw it onto the main thread too.

   If, in IsEvalAllowed, we are on the main thread - we call NotifyEvalUsage
   directly. If we are not, we create a runnable which will then call
   NotifyEvalUsage for us on the main thread.

3) Ports allow_eval_with_system_principal and allow_eval_in_parent_process
   from bools to RelaxedAtomicBool - because we now check these prefs OMT.

4) In RuntimeService.cpp, adds the call to IsEvalAllowed.

5) Add resource://gre/modules/workers/require.js to the allowlist of eval
   usage. This was the script that identified this gap in the first place.
   It uses eval (twice) for structural reasons (scope and line number
   massaging.)  The contents of the eval are the result of a request to a
   uri (which may be internal, like resource://). The whole point of this
   is to implement a CommonJS require() api.

   This usage of eval is safe because the only way an attacker can inject
   into it is by either controlling the response of the uri request or
   controlling (or appending to) the argument. If they can do that, they
   are able to inject script into Firefox even if we cut this usage of eval
   over to some other type of safe(r) script loader.

   Bug 1584564 tracks making sure calls to require.js are safe.

6) Adds cld-worker.js to the allowlist. Bug 1584605 is for refactoring that
   eval usage, which is decidedly non-trivial.

7) Does _not_ enforce the eval restrictions for workers. While I've gotten
   try to be green and not throw up any instances of eval-usage by workers,
   it is much safer to deploy this is Telemetry-only mode for Workers for
   a little bit to see if anything pops up from the Nightly population.

   Bug 1584602 is for enforcing the checks.

Differential Revision: https://phabricator.services.mozilla.com/D47480

--HG--
extra : moz-landing-system : lando
2019-10-08 17:31:35 +00:00
Johann Hofmann c9dbb0c14e Bug 1554805 - Never set firstPartyDomain on origin attributes for moz-extension. r=rpl,Ehsan,tjr
Differential Revision: https://phabricator.services.mozilla.com/D47425

--HG--
extra : moz-landing-system : lando
2019-10-06 15:43:39 +00:00
Tom Ritter 117e232bdc Bug 1576254 - Add isSystemOrAddonPrincipal to JSPrincipal and nsJSPrincipals r=luke
Finally, here we add the virtual method isSystemOrAddonPrincipal to the
JSPrincipal object.

We also add it to nsJSPrincipal (where it has an easy implementation), and
to carry classes that are used by JS tests and the shell.

Differential Revision: https://phabricator.services.mozilla.com/D47477

--HG--
extra : moz-landing-system : lando
2019-10-04 17:37:36 +00:00
Sebastian Streich 1aa0b1244d Bug 1583871 Refactor ThirdpartyUtil.cpp r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D47099

--HG--
extra : moz-landing-system : lando
2019-10-02 15:10:40 +00:00
Ehsan Akhgari 7ddd78221e Bug 1577298 - Do not stop at the current document when computing the top-level principal for storage partitioning; r=baku
Differential Revision: https://phabricator.services.mozilla.com/D47339

--HG--
rename : toolkit/components/antitracking/test/browser/browser_subResources.js => toolkit/components/antitracking/test/browser/browser_subResourcesPartitioned.js
extra : moz-landing-system : lando
2019-09-27 14:05:13 +00:00
Sebastian Streich d53a4d8d9a Bug 1580782 - Expose SchemeIs on nsIPrincipal r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D45653

--HG--
extra : moz-landing-system : lando
2019-09-26 10:47:03 +00:00
Johann Hofmann ac725e0bf7 Bug 1583233 - Add MOZ_DBG support for nsIPrincipal. r=nika
Differential Revision: https://phabricator.services.mozilla.com/D46796

--HG--
extra : moz-landing-system : lando
2019-09-24 07:56:40 +00:00
Tom Ritter c2e992ed6e Bug 1570681 - Enforce eval restrictions in system contexts and the parent process r=ckerschb
We log to MOZ_LOG, report an error to the console, send telemetry, and in debug builds - crash

Differential Revision: https://phabricator.services.mozilla.com/D45055

--HG--
extra : moz-landing-system : lando
2019-09-19 02:32:41 +00:00
Tom Ritter 9621f537b0 Bug 1570681 - Move Eval testing logic from nsContentSecurityManager to nsContentSecurityUtils r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D45484

--HG--
extra : moz-landing-system : lando
2019-09-18 19:36:31 +00:00
Karl Tomlinson fb83797145 Bug 1578623 implement WorkletPrincipals::write() r=bzbarsky
Differential Revision: https://phabricator.services.mozilla.com/D44605

--HG--
extra : moz-landing-system : lando
2019-09-09 00:41:50 +00:00
Andrea Marchesini 41fd92503f Bug 1579357 - Check the arguments in BasePrincipal XPCOM methods, r=jkt
Differential Revision: https://phabricator.services.mozilla.com/D45001

--HG--
extra : moz-landing-system : lando
2019-09-09 16:45:29 +00:00
Noemi Erli d988a687b9 Backed out 9 changesets (bug 1578623) for causing Windows build bustages CLOSED TREE
Backed out changeset 52a86c60c866 (bug 1578623)
Backed out changeset e4fddd3d24b4 (bug 1578623)
Backed out changeset 65a7c4daec27 (bug 1578623)
Backed out changeset 3badf9215788 (bug 1578623)
Backed out changeset 71e58ee8f684 (bug 1578623)
Backed out changeset 0128e12a910f (bug 1578623)
Backed out changeset 8242877392bd (bug 1578623)
Backed out changeset 6d7be8a22f8b (bug 1578623)
Backed out changeset 3be609a9be36 (bug 1578623)

--HG--
extra : amend_source : b76d374926d247982773b58d12cb26e33d9972e8
2019-09-09 03:37:09 +03:00
Karl Tomlinson 18d04e5d8f Bug 1578623 implement WorkletPrincipals::write() r=bzbarsky
Differential Revision: https://phabricator.services.mozilla.com/D44605

--HG--
extra : moz-landing-system : lando
2019-09-06 02:10:31 +00:00
Karl Tomlinson 6b19f33045 Bug 1578623 create worklet global with JSPrincipals having reference to WorkletImpl r=baku,bzbarsky
This will permit implementation of JSPrincipals::write().

Differential Revision: https://phabricator.services.mozilla.com/D44604

--HG--
rename : dom/worklet/WorkletPrincipal.cpp => dom/worklet/WorkletPrincipals.cpp
rename : dom/worklet/WorkletPrincipal.h => dom/worklet/WorkletPrincipals.h
extra : moz-landing-system : lando
2019-09-06 02:01:44 +00:00
Nicholas Nethercote 5e22e64603 Bug 1573720 - Convert security.view-source.reachable-from-inner-protocol to a static pref. r=bzbarsky
Differential Revision: https://phabricator.services.mozilla.com/D41912

--HG--
extra : moz-landing-system : lando
2019-08-15 05:29:35 +00:00
Sylvestre Ledru 645f2d5773 Bug 1519636 - Reformat recent changes to the Google coding style r=Ehsan
# ignore-this-changeset

Differential Revision: https://phabricator.services.mozilla.com/D41559

--HG--
extra : moz-landing-system : lando
2019-08-13 07:15:25 +00:00
Brendan Dahl 0a8d6f243d Bug 1551344 - Part 2: Update outdated comments referencing XULDocument. r=smaug
Differential Revision: https://phabricator.services.mozilla.com/D41239

--HG--
extra : moz-landing-system : lando
2019-08-09 17:47:41 +00:00
Gabriele Svelto e71120d4fe Bug 1572229 - Use modern jsoncpp readers/writers when (de)serializing principals r=jkt
Differential Revision: https://phabricator.services.mozilla.com/D41088

--HG--
extra : moz-landing-system : lando
2019-08-08 22:39:07 +00:00
Ehsan Akhgari 1676b3dd3c Bug 1572258 - Prevent concurrent instances of TemporaryAccessGrantObserver from being created for the same (principal, permission type) pair; r=baku
Differential Revision: https://phabricator.services.mozilla.com/D41115

--HG--
extra : moz-landing-system : lando
2019-08-08 22:00:44 +00:00
Coroiu Cristina 73cc2c909a Backed out changeset b7a4b4f41c3b (bug 1572258) for causing leaks on a CLOSED TREE 2019-08-08 21:41:19 +03:00
Ehsan Akhgari 75723b9e3d Bug 1572258 - Prevent concurrent instances of TemporaryAccessGrantObserver from being created for the same (principal, permission type) pair; r=baku
Differential Revision: https://phabricator.services.mozilla.com/D41115

--HG--
extra : moz-landing-system : lando
2019-08-08 15:17:59 +00:00
Tom Schuster 0e913c22c4 Bug 1558915 - Use infallible nsIURI::SchemeIs in various places r=Ehsan
Differential Revision: https://phabricator.services.mozilla.com/D40677

--HG--
extra : moz-landing-system : lando
2019-08-07 19:49:40 +00:00
Cosmin Sabou c3430326e6 Backed out changeset ca88862d6b63 (bug 1558915) for causing build bustages on StartupCacheUtils. CLOSED TREE 2019-08-07 13:20:32 +03:00
Tom Schuster 8bc1f5ada8 Bug 1558915 - Use infallible nsIURI::SchemeIs in various places r=Ehsan
Differential Revision: https://phabricator.services.mozilla.com/D40677

--HG--
extra : moz-landing-system : lando
2019-08-07 09:36:56 +00:00
Razvan Maries eedbf1137f Backed out changeset b197ca57677a (bug 1558915) for build bustages. CLOSED TREE 2019-08-07 01:04:43 +03:00
Tom Schuster 03c7998ef2 Bug 1558915 - Use infallible nsIURI::SchemeIs in various places r=Ehsan
Differential Revision: https://phabricator.services.mozilla.com/D40677

--HG--
extra : moz-landing-system : lando
2019-08-06 20:19:41 +00:00
Tom Ritter 20c32a0175 Bug 1570738 - Record Telemetry if eval() is used in the Parent Process r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D40332

--HG--
extra : moz-landing-system : lando
2019-08-06 19:56:23 +00:00
Tom Ritter ef67c0b08b Bug 1567623 - Update AssertEvalNotUsingSystemPrincipal and re-enable it r=ckerschb
We now correctly handle the following cases:
 - Thunderbird
 - the Browser Toolbox/Console
 - Two safe and common idioms
 - when general.config.filename is set and userChromeJS does shenanigans

We also change the function to only crash in Debug mode, and for Release channels
we report diagnostic information in a way that does not reveal user data.

Differential Revision: https://phabricator.services.mozilla.com/D39557

--HG--
extra : moz-landing-system : lando
2019-08-01 20:45:01 +00:00
Nicholas Nethercote c27392026e Bug 1570212 - Convert security.all_resource_uri_content_accessible to a static pref. r=tjr
Differential Revision: https://phabricator.services.mozilla.com/D40004

--HG--
extra : moz-landing-system : lando
2019-08-01 06:01:40 +00:00
Nicholas Nethercote c0069262ff Bug 1570212 - Convert privacy.firstparty.isolate* prefs to static prefs. r=tjr
Differential Revision: https://phabricator.services.mozilla.com/D40001

--HG--
extra : moz-landing-system : lando
2019-08-01 06:00:22 +00:00
Eugen Sawin 532f60a55d Bug 1501108 - [1.7] Add GeckoView Session Context ID support. r=snorp,baku,mayhemer
Differential Revision: https://phabricator.services.mozilla.com/D19182

--HG--
extra : moz-landing-system : lando
2019-07-21 17:18:37 +00:00
Tom Ritter 87cbad22ea Bug 1564527 - Enable AssertEvalNotUsingSystemPrincipal on Nightly builds r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D37460

--HG--
extra : moz-landing-system : lando
2019-07-18 18:22:06 +00:00
Sylvestre Ledru e77bfc655d Bug 1519636 - Reformat recent changes to the Google coding style r=Ehsan
# ignore-this-changeset

Differential Revision: https://phabricator.services.mozilla.com/D38057

--HG--
extra : moz-landing-system : lando
2019-07-16 07:33:44 +00:00
Boris Zbarsky 5062731c15 Bug 1565688. Remove unused IOService arg from NS_NewURI. r=mayhemer
Differential Revision: https://phabricator.services.mozilla.com/D37968

--HG--
extra : moz-landing-system : lando
2019-07-15 13:39:51 +00:00
Razvan Maries affddc7861 Backed out changeset 6e4d13741a0f (bug 1564527) for perma AddressSanitizer failures. CLOSED TREE 2019-07-13 02:05:25 +03:00
Tom Ritter 0ca0f2dea1 Bug 1564527 - Enable AssertEvalNotUsingSystemPrincipal on Nightly builds r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D37460

--HG--
extra : moz-landing-system : lando
2019-07-11 08:46:18 +00:00