mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
569 032 коммитов 613 Ветки 98 Теги 5,8 GiB
Граф коммитов

36 Коммитов

Автор SHA1 Сообщение Дата
Christoph Kerschbaumer 2fd8493f7f Bug 1302667 - CSP: Implement 'worker-src'. r=baku,dveditz,mckinley 2017-10-30 18:45:36 +01:00
Coroiu Cristina 44d1b50592 Backed out changeset 70ccfda99dbc::ca6ae38c0432 (bug 1302667) for frequently failing mochitest in security/test/csp/test_worker_src.html r=backout a=backout on a CLOSED TREE 
Backed out changeset ca6ae38c0432 (bug 1302667)
Backed out changeset ff86e185e09d (bug 1302667)
Backed out changeset 8ec6b8bf8c6c (bug 1302667)
Backed out changeset 21c73f9d8fac (bug 1302667)
Backed out changeset e982481dbf2c (bug 1302667)
Backed out changeset 70ccfda99dbc (bug 1302667)
 2017-10-30 14:19:29 +02:00
Christoph Kerschbaumer 58b63c1576 Bug 1302667 - CSP: Implement 'worker-src'. r=baku,dveditz,mckinley 2017-10-30 09:10:36 +01:00
Nicholas Nethercote 159f6b5627 Bug 1406794 - Provide the CSP keywords in both UTF8 and UTF16 forms. r=ckerschb 
This avoids the need for numerous 8-to-16-bit and 16-to-8-bit string
conversions.

The patch also introduces a higher-order macro, FOR_EACH_CSP_KEYWORD, which
defines all the stuff about the keywords in a single place and makes the code
nicer.

--HG--
extra : rebase_source : b0f655546aa397749bb18dc7d6d27fbc12fe8fca
 2017-10-06 16:16:52 +11:00
Christoph Kerschbaumer 79a239cba5 Bug 1387684 - CSP: Special case 'self' for unique opaque origins. r=dveditz 2017-08-23 10:05:12 +02:00
Nicholas Nethercote f941156987 Bug 1386600 - Change nsIStringBundle methods to return |AString| instead of |wstring|. r=emk,sr=dbaron. 
This removes about 2/3 of the occurrences of nsXPIDLString in the tree. The
places where nsXPIDLStrings are null-checked are replaced with |rv| checks.

The patch also removes a couple of unused declarations from
nsIStringBundle.idl.

Note that nsStringBundle::GetStringFromNameHelper() was merged into
GetStringFromName(), because they both would have had the same signature.

--HG--
extra : rebase_source : ac40bc31c2a4997f2db0bd5069cc008757a2df6d
 2017-08-04 14:40:52 +10:00
Nicholas Nethercote c86dc10505 Bug 1380227 - Avoid many UTF16toUTF8 and UTF8toUTF16 conversions in nsStringBundle. r=emk. 
Most of the names passed to nsIStringBundle::{Get,Format}StringFromUTF8Name
have one of the two following forms:

- a 16-bit C string literal, which is then converted to an 8-bit string in
  order for the lookup to occur;

- an 8-bit C string literal converted to a 16-bit string, which is then
  converted back to an 8-bit string in order for the lookup to occur.

This patch introduces and uses alternative methods that can take an 8-bit C
string literal, which requires changing some signatures in other methods and
functions. It replaces all C++ uses of the old methods.

The patch also changes the existing {Get,Format}StringFromName() methods so
they take an AUTF8String argument for the name instead of a wstring, because
that's nicer for JS code.

Even though there is a method for C++ code and a different one for JS code,
|binaryname| is used so that the existing method names can be used for the
common case in both languages.

The change reduces the number of NS_ConvertUTF8toUTF16 and
NS_ConvertUTF16toUTF8 conversions while running Speedometer v2 from ~270,000 to
~160,000. (Most of these conversions involved the string
"deprecatedReferrerDirective" in nsCSPParser.cpp.)

--HG--
extra : rebase_source : 3bee57a501035f76a81230d95186f8c3f460ff8e
 2017-07-12 15:13:37 +10:00
Sylvestre Ledru 4e9cf83ee8 Bug 1378712 - Remove all trailing whitespaces r=Ehsan 
MozReview-Commit-ID: Kdz2xtTF9EG

--HG--
extra : rebase_source : 7235b3802f25bab29a8c6ba40a181a722f3df0ce
 2017-07-06 14:00:35 +02:00
Christoph Kerschbaumer 4956d67907 Bug 1367531: CSP should only check host (not including path) when performing frame ancestors checks. r=dveditz 2017-06-06 09:12:13 +02:00
Christoph Kerschbaumer f18a8897be Bug 1345615: Allow websocket schemes when using 'self' in CSP. r=freddyb,dveditz 2017-04-27 09:59:16 +02:00
Christoph Kerschbaumer c267f70f91 Bug 1299483 - CSP: Implement 'strict-dynamic', enforcement changes. r=dveditz,freddyb 2016-11-08 12:55:23 +01:00
Christoph Kerschbaumer f41283f981 Bug 1298680 - Use uint64_t consistently for windowID within CSP. r=freddyb 2016-09-19 12:57:20 +02:00
Henry Chang f9eeeb2620 Bug 1229639 - Part 1: Match CSP host source with percent-decoded URI. r=ckerschb 
MozReview-Commit-ID: CSGeoSR2qw8

--HG--
extra : rebase_source : f64cb0b9cab61ec09faa29139f72d28272fbbedb
 2016-09-06 18:29:26 +08:00
Christoph Kerschbaumer df1432e805 Bug 1290560 - Update CSPParser to handle 'sandbox', 'require-sri' and 'report-uri' with no valid srcs correctly. r=dveditz 2016-08-19 18:41:45 +02:00
Thomas Nguyen 6516ad9dae Bug 959388 - Deliver CSP from HTTP header. r=ckerschb, r=khuey 
MozReview-Commit-ID: 13ndERn6rrL

--HG--
extra : rebase_source : e0ec31f9d322b1385994eb7d66bd885c91d75df3
 2016-06-30 12:31:59 +08:00
Paul Roberts ec18fc5ff7 Bug 671389 - Implement CSP sandbox directive. r=ckerschb r=smaug 
--HG--
extra : rebase_source : d9c5f5868c2558a3696cd489674da6f243be11ad
 2016-06-29 07:48:44 -07:00
Frederik Braun 404a0bbb99 Bug 1265318: add require-sri-for CSP directive. r=ckerschb 
MozReview-Commit-ID: 200PAvKtBME
 2016-05-31 11:14:00 +02:00
Carsten "Tomcat" Book 927b1a0b3a Backed out changeset 7469725d7461 (bug 959388) 2016-05-23 11:36:12 +02:00
Thomas Nguyen 32e38271c9 Bug 959388 - Deliver CSP from HTTP header. r=ckerschb r=khuey 
MozReview-Commit-ID: LUl5LyO94m3

--HG--
extra : rebase_source : f2ddfcbf6237b11ebb19adfabf346cf76f4a6ab8
 2016-05-19 11:57:32 +08:00
Frederik Braun 582caa399f Bug 1142332 - Prevent calling CSP_EnumToKeyword with CSP_HASH. r=ckerschb 
MozReview-Commit-ID: I1w9QrWJeEo

--HG--
extra : histedit_source : 1258cfc50d32c10f0de90ba1e863e21ae3ebf0f8
 2016-04-24 14:56:22 -04:00
Kris Maglione f3feb0cfd3 Bug 1254194: Allow iterating over and inspecting sources of parsed CSP directives. r=ckerschb 
MozReview-Commit-ID: G8b86UvSv0y

--HG--
extra : rebase_source : c7857e88af0d94dd1162dccfe12aae6567945f2c
 2016-04-23 20:42:43 -07:00
Christoph Kerschbaumer 39f2d53360 Bug 1122236 - CSP: Implement block-all-mixed-content (r=tanvi,kate,mrbkap) 2016-01-13 20:58:16 -08:00
Kate McKinley 67f4155fe6 Bug 1045891 - CSP 2 child-src implementation r=ckerschb 2015-10-28 16:32:27 -07:00
Birunthan Mohanathas a8939590de Bug 1182996 - Fix and add missing namespace comments. rs=ehsan 
The bulk of this commit was generated by running:

  run-clang-tidy.py \
    -checks='-*,llvm-namespace-comment' \
    -header-filter=^/.../mozilla-central/.* \
    -fix
 2015-07-13 08:25:42 -07:00
Christoph Kerschbaumer d338b7f9d9 Bug 1139297 - Implement CSP upgrade-insecure-requests directive - csp changes (r=sstamm) 
--HG--
extra : rebase_source : 34377eb11cf33beef768bd11883c048c37351a8d
 2015-07-10 09:13:54 -07:00
Marcos Caceres 8fc79cb285 Bug 1089255 - Implement and test manifest-src CSP directive. r=bholley, r=dveditz, r=ckerschb 
---
 dom/base/nsContentPolicyUtils.h                    |   1 +
 dom/base/nsDataDocumentContentPolicy.cpp           |   3 +-
 dom/base/nsIContentPolicy.idl                      |   2 +-
 dom/base/nsIContentPolicyBase.idl                  |   7 +-
 dom/base/nsISimpleContentPolicy.idl                |   2 +-
 dom/base/test/csp/browser.ini                      |   4 +
 dom/base/test/csp/browser_test_web_manifest.js     | 265 +++++++++++++++++++++
 .../csp/browser_test_web_manifest_mixed_content.js |  55 +++++
 dom/base/test/csp/file_CSP_web_manifest.html       |   6 +
 dom/base/test/csp/file_CSP_web_manifest.json       |   1 +
 .../test/csp/file_CSP_web_manifest.json^headers^   |   1 +
 dom/base/test/csp/file_CSP_web_manifest_https.html |   4 +
 dom/base/test/csp/file_CSP_web_manifest_https.json |   1 +
 .../csp/file_CSP_web_manifest_mixed_content.html   |   9 +
 .../test/csp/file_CSP_web_manifest_remote.html     |   8 +
 dom/base/test/csp/file_csp_testserver.sjs          |  14 +-
 dom/base/test/csp/mochitest.ini                    |   7 +
 dom/base/test/moz.build                            |   5 +-
 dom/fetch/InternalRequest.cpp                      |   3 +
 dom/fetch/InternalRequest.h                        |   2 +-
 .../security/nsIContentSecurityPolicy.idl          |   3 +-
 dom/ipc/manifestMessages.js                        |  25 +-
 dom/security/nsCSPUtils.cpp                        |   7 +
 dom/security/nsCSPUtils.h                          |  10 +-
 dom/security/nsMixedContentBlocker.cpp             |   1 +
 dom/webidl/CSPDictionaries.webidl                  |   1 +
 extensions/permissions/nsContentBlocker.cpp        |   6 +-
 netwerk/mime/nsMimeTypes.h                         |   1 +
 28 files changed, 439 insertions(+), 15 deletions(-)
 create mode 100644 dom/base/test/csp/browser.ini
 create mode 100644 dom/base/test/csp/browser_test_web_manifest.js
 create mode 100644 dom/base/test/csp/browser_test_web_manifest_mixed_content.js
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest.html
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest.json
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest.json^headers^
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest_https.html
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest_https.json
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest_mixed_content.html
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest_remote.html
 2015-06-02 15:42:19 -04:00
Christoph Kerschbaumer f679dfded5 Bug 1129999 - Implement CSP devtool using GCLI; CSP to JSON (r=sstamm,bholley) 2015-05-21 11:16:04 -07:00
Eric Rahm 4879ae86f4 Bug 1165518 - Part 2: Replace prlog.h with Logging.h. rs=froydnj 2015-05-19 11:15:34 -07:00
Andrew McCreight 9e8f4b219e Bug 1152551, part 2 - Fix mode lines in dom/. r=jst 2015-05-03 15:32:37 -04:00
Christoph Kerschbaumer b2c8937b41 Bug 1004703 - ignore 'unsafe-inline' if nonce- or hash-source specified (r=sstamm) 
--HG--
extra : rebase_source : 119d3903ba156300f49f097efe2d18bbf8c8a6b5
 2015-04-07 09:06:05 -07:00
Ryan VanderMeulen b83ba6b825 Backed out 4 changesets (bug 671389) for frequent B2G debug test_tcpsocket_client_and_server_basics.html crashes. 
Backed out changeset b782435e5640 (bug 671389)
Backed out changeset 0f8d62109bfe (bug 671389)
Backed out changeset 8d6021f66c49 (bug 671389)
Backed out changeset cd3e227df9dc (bug 671389)
 2015-02-05 16:48:18 -05:00
Deian Stefan 53375db2ef Bug 671389 - Part 1: Implement CSP sandbox directive r=ckerschb,smaug 2015-02-03 23:40:00 +01:00
Sid Stamm 7ddbe36414 Bug 965727 - Implement referrer directive for CSP. (r=jst,ckerschb) 2014-12-17 14:14:04 -05:00
Sid Stamm 5dc1b5b39c Bug 999656 - Fix mappings between content type and CSP directives and refactor permits functions in CSP. r=ckerschb 2014-12-10 13:54:00 +01:00
Francois Marier e1f5653f32 Bug 529697 - (CSP 1.1) Implement form-action directive [1/4], r=geekboy 
Teach CSP about the form-action directive from CSP Level 2.
 2014-11-18 01:12:00 +01:00
Christoph Kerschbaumer ab97bec4cb Bug 1089912: Part 1, move csp into dom/security (r=sstamm,jst) 
--HG--
rename : dom/base/nsIContentSecurityPolicy.idl => dom/interfaces/security/nsIContentSecurityPolicy.idl
rename : dom/base/nsCSPContext.cpp => dom/security/nsCSPContext.cpp
rename : dom/base/nsCSPContext.h => dom/security/nsCSPContext.h
rename : dom/base/nsCSPParser.cpp => dom/security/nsCSPParser.cpp
rename : dom/base/nsCSPParser.h => dom/security/nsCSPParser.h
rename : dom/base/nsCSPService.cpp => dom/security/nsCSPService.cpp
rename : dom/base/nsCSPService.h => dom/security/nsCSPService.h
rename : dom/base/nsCSPUtils.cpp => dom/security/nsCSPUtils.cpp
rename : dom/base/nsCSPUtils.h => dom/security/nsCSPUtils.h
 2014-10-27 16:58:20 -07:00