582caa399f
Bug 1142332 - Prevent calling CSP_EnumToKeyword with CSP_HASH. r=ckerschb
...
MozReview-Commit-ID: I1w9QrWJeEo
--HG--
extra : histedit_source : 1258cfc50d32c10f0de90ba1e863e21ae3ebf0f8
2016-04-24 14:56:22 -04:00
f3feb0cfd3
Bug 1254194: Allow iterating over and inspecting sources of parsed CSP directives. r=ckerschb
...
MozReview-Commit-ID: G8b86UvSv0y
--HG--
extra : rebase_source : c7857e88af0d94dd1162dccfe12aae6567945f2c
2016-04-23 20:42:43 -07:00
d82c07bf27
Bug 1262635 - Don't strip URIs of ftp: when sending reports. r=dveditz
2016-04-17 20:09:18 +02:00
1d82e1412f
Bug 1192840 - Fix CSP report content-type. r=ckerschb
2016-04-14 12:51:31 +02:00
6c12520100
Bug 1192840 - fix tests to expect correct csp report content-type r=ckerschb
...
MozReview-Commit-ID: TzpGH63EPF
--HG--
extra : transplant_source : %1548%CC%97%F5%3Ca%D6_%0Df%96.%5C%F0%B0%3BE%21
2016-04-08 14:14:38 +02:00
9c0a7ac154
Bug 1105556 - Add a hidden preference that is checked in debug mode to determine whether the main LoadInfo() constructor should assert that the ContentPolicyType is not TYPE_DOCUMENT.
...
Set the preference in xpcshell tests that create TYPE_DOCUMENT loads in javascript and hence end up using the main constructor. r=sicking, ckerschb
2016-04-13 16:30:36 -07:00
b58752765c
Bug 1105556 - Don't call CheckLoadURIWithPrincipal() in DoCheckLoadURIChecks() for TYPE_DOCUMENT loads where we don't have a loadingPrincipal. Ensure SEC_COOKIES_SAME_ORIGIN isn't set for TYPE_DOCUMENT loads in CheckChannel(). r=ckerschb, sicking
2016-04-13 16:30:28 -07:00
4ee65db5e7
Backed out changeset 0c21f872515b (bug 1192840) for failure in modified test_csp_reports.js. r=backout
2016-04-13 19:32:44 +02:00
ae7f565803
Bug 1192840 - fix tests to expect correct csp report content-type r=ckerschb
...
MozReview-Commit-ID: TzpGH63EPF
--HG--
extra : transplant_source : %1548%CC%97%F5%3Ca%D6_%0Df%96.%5C%F0%B0%3BE%21
2016-04-08 14:14:38 +02:00
387bd9e686
Bug 1258005 - Remove setTimeout to avoid intermittent issue. r=bkelly
2016-04-12 00:39:00 +02:00
e1331785d7
Bug 1241634 - Reflow before clicking in mixedcontentblocker test r=mckinley
...
MozReview-Commit-ID: 5rbeuVjaw0B
--HG--
extra : rebase_source : f0f603c31e0e2ee43f8bbac575de3dab0660e333
2016-03-25 16:52:49 +08:00
f7ad23868a
Bug 1250048 - CSP manifest-src doesn't override default-src. r=ckerschb,bkelly,ehsan
...
MozReview-Commit-ID: Ceu3sYUcML4
2016-04-07 14:13:09 -07:00
f7a1b3fb60
Bug 1242051 - Add inter-directory test support file dependencies to ini manifests. r=gps
...
Previously, every test and support file would be synced to the objdir
when running any test. Now that only those support files and tests requested
are synced, we note support files required beyond those in a test's
directory in ini manifests.
MozReview-Commit-ID: EmlDz9d4lqt
2016-04-04 14:56:52 -07:00
74153c556f
Bug 1260153 - remove unreachable code in nsMixedContentBlocker. if/else blocks above all return. r=ckerschb
2016-03-28 12:48:00 +02:00
adb02c6c4f
Bug 1243586 - Test Upgrade-Insecure-Requests HTTP Request Header Field. r=rbarnes
2016-03-01 09:19:28 -08:00
254dd8f12a
Bug 1216365 - nsMixedContentBlocker should use innerMostURI for aContentLocation. r=tanvi
2016-03-28 22:03:26 -07:00
1de9e6ab9d
Bug 1259678 - Refactor SubjectToCSP to avoid calling ShouldLoad if CSP doesn't apply to the content type. r=ckerschb
...
--HG--
extra : rebase_source : 76f914a9dfab38bd5d21ddca519f47a2a5d68963
2016-03-24 23:09:00 -04:00
36d3e09fd4
Bug 1257650 - Skip Security checks if triggeringPrincipal is SystemPrincipal only for subresource loads. r=sicking
...
--HG--
extra : rebase_source : fb8d0827788e70ca87e8cd680e2cdd56941e3c2a
2016-03-18 16:14:03 -07:00
20549b7fe0
Bug 1251043 - Test form submission blocked by CSP. r=francois
2016-03-23 13:38:05 -07:00
fe9aec58c3
Backed out changeset 1d5e6c22fd3a (bug 1250048) for CSP failures/assertions in various tests/chunks CLOSED TREE
...
MozReview-Commit-ID: I21ELiYYqdD
--HG--
extra : amend_source : 83d8554e6046153a3cf16ffefed7d6602e822241
2016-03-21 12:42:36 -07:00
2e3ca60562
Bug 1250048 - CSP manifest-src doesn't override default-src. r=ckerschb
...
--HG--
extra : rebase_source : 1f8a65dcb9ea909588991cd5e8970560c3651426
2016-03-20 23:24:00 -04:00
0db9291841
merge mozilla-inbound to mozilla-central a=merge
2016-03-21 15:30:59 +01:00
752343237e
No bug - fix typo r=me
...
DONTBUILD CLOSED TREE
--HG--
extra : rebase_source : 25f0600425dec249f838ed221dde71d401571eb9
extra : amend_source : 49f7ccab9e47083df9e8b7776acc6de73a880473
2016-03-19 21:28:19 -07:00
1a47cfb77a
Bug 1186072 - Add trailing slash to origin referer header when policy is set. r=sworkman
...
MozReview-Commit-ID: 3PYuODmqpbL
--HG--
extra : source : ac4148f22b2d6f76762dac3fd94a6452da80bdde
2016-02-24 10:51:54 +01:00
f750d8988e
Bug 1235572 - Tests of enforcing SRI on remote about:newtab. r=francois
...
MozReview-Commit-ID: 6epw8D4M0FX
--HG--
extra : transplant_source : %87t%D0%60a%B4%14%24%E6%B9%97Q%CDXr%B69%12%E9%0D
2016-03-16 11:19:20 +08:00
84cb2023d7
Bug 1176824 - Intermittent browser_test_web_manifest.js. r=ckerschb
2016-03-16 16:07:00 +01:00
bf87c6c564
Bug 1252829 - CSP Telemetry. r=ckerschb, p=bsmedberg
...
MozReview-Commit-ID: CiNAxh2ZrHB
--HG--
extra : transplant_source : %B8%00%E0%83%1B%29%BDI%DE%09%CDPN%AE%7B9Tk%8B%99
2016-03-02 13:00:09 +01:00
a35cb7baf1
Bug 1122236 - CSP: block-all-mixed-content - test frame navigation (r=tanvi)
2016-03-15 16:08:07 -07:00
18d0d6e8d6
Bug 1122236 - CSP: block-all-mixed-content tests (r=tanvi)
2016-03-15 16:07:49 -07:00
39f2d53360
Bug 1122236 - CSP: Implement block-all-mixed-content (r=tanvi,kate,mrbkap)
2016-01-13 20:58:16 -08:00
5f15eed746
Bug 1241634 - Skip test_frameNavigation.html on Windows and OSX for frequent failures. a=test-only
...
--HG--
extra : rebase_source : ba229e6a62c82ad8c59ae89943fd6181df4275a9
2016-03-15 12:50:07 -04:00
2fb9c40ec1
Bug 1250453 - Remove DOMApplicationRegistry.allAppsLaunchable property and related testing API. r=myk
2016-03-14 16:29:11 +00:00
2b22d469bb
Bug 1226928 - content-signature verification tests for about:newtab, r=mconley
2016-03-14 11:57:16 +01:00
bd54ab19d3
Bug 1226928 - signature verification for content-signing, r=keeler,mayhemer
2016-03-14 11:56:35 +01:00
5e6ba24562
Bug 1227813 - CSP: Ignore unsafe-inline within style-src if hash or nonce specified. r=kmckinley
2016-03-11 15:35:39 -08:00
40da91e7a5
Bug 1242775 - Run parent-process code in the parent. r=mccr8
2016-03-10 17:14:35 -08:00
25fbf67b66
Backed out changeset 878c54ec3954 (bug 1250453)
2016-03-10 14:45:59 +01:00
1902f1c620
Bug 1250453 - Remove DOMApplicationRegistry.allAppsLaunchable property and related testing API. r=myk
2016-03-10 11:12:38 +00:00
eb98199ac0
Backed out changeset ac4148f22b2d (bug 1186072) for referrer test failures
...
--HG--
extra : rebase_source : 124130bb041418eb97862a131ae6365df5cfbdc6
2016-03-03 09:23:59 +01:00
55e0623947
Bug 1186072 - add trailing slash to origin referer header when policy is set, r=sworkman
...
MozReview-Commit-ID: 3PYuODmqpbL
--HG--
extra : transplant_source : %E5P%B1%1F%82%08%07%2A%1C%26%AF%C5%C8%29%B1y%97O%877
2016-02-24 10:51:54 +01:00
8414718c57
Bug 1232903 - Skip Security checks if triggeringPrincipal is SystemPrincipal (r=sicking)
2016-03-01 16:11:37 -08:00
41b26f4a9b
Bug 1195172 - Test Fonts governed by CSP (r=bz)
2016-03-01 13:06:26 -08:00
9ab1648f67
Bug 1195172 - Use channel->ascynOpen2 layout/style/FontFaceSet.cpp (r=bz,cam)
2016-03-01 13:06:13 -08:00
7aa5d59bc7
Bug 1251518. Fix js::ErrorReportToString to make a bit more sense, and change worker code to not use it anyway, so it matches the mainthread code. r=bholley,terrence
2016-03-01 13:49:21 -05:00
8a0731fdde
Bug 1251875 - Part 1: Remove the dom.serviceWorkers.interception.enabled pref; r=bkelly
2016-03-01 09:16:38 -05:00
4712647d7d
Backed out 2 changesets (bug 1243586) for dt5 bustage in netmonitor tests
...
Backed out changeset 06a4d2d48fb2 (bug 1243586)
Backed out changeset 846e31fe5eb2 (bug 1243586)
MozReview-Commit-ID: 69kiDIULtm2
2016-02-29 10:39:04 -08:00
f7017a06c3
Bug 1243586 - Test Upgrade-Insecure-Requests HTTP Request Header Field (r=rbarnes)
2016-02-29 08:46:48 -08:00
56bdfe820a
Bug 1244116 - Telemetry for mixed content requests by plugins. r=smaug, p=ally
...
MozReview-Commit-ID: F9rOb1SdPnL
--HG--
extra : rebase_source : 0b2aa83761880fb6e5a18c3a80ac86fe5ca16923
2016-02-16 15:46:36 +01:00
7413f2bf46
Bug 1251369. Use an AutoJSAPI that reports its own exceptions around the main runloop in workers. r=khuey
...
The silly leading ": " on the error messages is due to bug 1251518
2016-02-26 15:23:13 -05:00
eb71a675d8
Bug 908933 - Part2 - CSP tests: ShouldProcess should block TYPE_OBJECT. r=ckerschb
...
--HG--
extra : rebase_source : 6dcf8d477656e4d5cdb9362b1f1ec561aba420a7
2016-01-27 01:35:53 +08:00
ec146d5159
Bug 908933 - Part1 - CSP: Call ShouldLoad inside ShouldProcess for TYPE_OBJECT. r=ckerschb
...
--HG--
extra : rebase_source : ee8875120e45d84413ab8ed3c9553d3d42e88acd
2014-08-05 11:47:08 -07:00
1f7d8b69b3
Bug 1243178: CSP - Skip sending reports for non http schemes. r=dveditz
2016-01-27 15:56:39 -08:00
4be3856258
Bug 1241634: Use is instead of ok in tests. r=me
...
--HG--
extra : rebase_source : 42e2a1dde47957d813f11379bba173f62e8f8d70
2016-02-18 17:32:34 -08:00
694b1fd843
Bug 1247464 - Run CSP report URIs through the URL classifier. r=ckerschb
...
MozReview-Commit-ID: ERoZAbw1nbf
--HG--
extra : rebase_source : 431e443f563138055f9893d9ccf537040659f103
2016-02-11 17:36:13 -08:00
10c0856d69
Backed out changeset b9aecc2e6334 (bug 1234813) for test failures in connect-src-beacon-blocked.sub.html
...
--HG--
extra : rebase_source : 1b9441481b7da04393d5cf12617078376757d447
2016-02-11 11:33:06 +01:00
eac10123df
Bug 1234813 - Tests for: sendBeacon should not throw if blocked by Content Policy. r=rbarnes
2015-12-23 11:45:26 -08:00
0bcca14aa1
Bug 1238954 P2 Fix csp service worker tests to register and unregister separate scopes. r=ehsan
2016-02-09 19:33:40 -08:00
0916871a27
Bug 1241634 - Increase timeout from 5 to 10 seconds. r=tanvi
2016-02-08 18:49:00 +01:00
a6aff185d2
Bug 1238576 - disable mozApps API on desktop/Android; r=ehsan,ochameau,bz,mcmanus,jmaher,marco
2016-02-08 11:24:22 -08:00
44c631e968
Bug 1237726, part 4 - Convert test_bug803225.html to use pushPrefEnv() to set preferences. r=tanvi
...
This gets the test closer to working with e10s.
2016-02-08 09:52:19 -08:00
c6c65b3c73
Bug 1237726, part 3 - Don't load an iframe until we're actually ready to run the test in test_bug803225.html. r=tanvi
...
This needs to wait for onload to do the reloadFrame(), or the
.getElementById() will return null.
2016-02-08 09:52:19 -08:00
4cf4ea2fd9
Bug 1237726, part 2 - Don't start running mixedcontentblocker/test_main.html until the page has finished loading. r=tanvi
...
If the script runs before the page finishes loading, you get an error
about getElementById being null. This doesn't seem to usually happen
with this particular test, but it looks like it can happen at least
sometimes.
2016-02-08 09:52:19 -08:00
164c42ece5
Bug 1237726, part 1 - Set prefs with pushPrefEnv in mixedcontentblocker/test_main.html. r=tanvi
2016-02-08 09:52:19 -08:00
de9089189c
Bug 1195173 - Use channel->ascynOpen2 layout/style/Loader.cpp (r=bz)
2016-02-02 20:35:02 -08:00
dcd9fa1424
Bug 1242899 - consolidate mozApps tests into dom/apps/tests/ dir; r=marco
...
--HG--
rename : dom/tests/mochitest/webapps/apps/bad_content_type.webapp => dom/apps/tests/apps/bad_content_type.webapp
rename : dom/tests/mochitest/webapps/apps/basic.webapp => dom/apps/tests/apps/basic.webapp
rename : dom/tests/mochitest/webapps/apps/basic.webapp^headers^ => dom/apps/tests/apps/basic.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/installs_allowed_from_chrome_mochitests.webapp => dom/apps/tests/apps/installs_allowed_from_chrome_mochitests.webapp
rename : dom/tests/mochitest/webapps/apps/installs_allowed_from_chrome_mochitests.webapp^headers^ => dom/apps/tests/apps/installs_allowed_from_chrome_mochitests.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/installs_allowed_from_example.com.webapp => dom/apps/tests/apps/installs_allowed_from_example.com.webapp
rename : dom/tests/mochitest/webapps/apps/installs_allowed_from_example.com.webapp^headers^ => dom/apps/tests/apps/installs_allowed_from_example.com.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_activity_href.webapp => dom/apps/tests/apps/invalid_activity_href.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_activity_href.webapp^headers^ => dom/apps/tests/apps/invalid_activity_href.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_activity_href2.webapp => dom/apps/tests/apps/invalid_activity_href2.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_activity_href2.webapp^headers^ => dom/apps/tests/apps/invalid_activity_href2.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_entry_point.webapp => dom/apps/tests/apps/invalid_entry_point.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_entry_point.webapp^headers^ => dom/apps/tests/apps/invalid_entry_point.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_launch_path.webapp => dom/apps/tests/apps/invalid_launch_path.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_launch_path.webapp^headers^ => dom/apps/tests/apps/invalid_launch_path.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_launch_path2.webapp => dom/apps/tests/apps/invalid_launch_path2.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_launch_path2.webapp^headers^ => dom/apps/tests/apps/invalid_launch_path2.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_locale_entry_point.webapp => dom/apps/tests/apps/invalid_locale_entry_point.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_locale_entry_point.webapp^headers^ => dom/apps/tests/apps/invalid_locale_entry_point.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/invalid_message.webapp => dom/apps/tests/apps/invalid_message.webapp
rename : dom/tests/mochitest/webapps/apps/invalid_message.webapp^headers^ => dom/apps/tests/apps/invalid_message.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/json_syntax_error.webapp => dom/apps/tests/apps/json_syntax_error.webapp
rename : dom/tests/mochitest/webapps/apps/json_syntax_error.webapp^headers^ => dom/apps/tests/apps/json_syntax_error.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/launch_paths.webapp => dom/apps/tests/apps/launch_paths.webapp
rename : dom/tests/mochitest/webapps/apps/launch_paths.webapp^headers^ => dom/apps/tests/apps/launch_paths.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/missing_required_field.webapp => dom/apps/tests/apps/missing_required_field.webapp
rename : dom/tests/mochitest/webapps/apps/missing_required_field.webapp^headers^ => dom/apps/tests/apps/missing_required_field.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/no_delegated_install.webapp => dom/apps/tests/apps/no_delegated_install.webapp
rename : dom/tests/mochitest/webapps/apps/no_delegated_install.webapp^headers^ => dom/apps/tests/apps/no_delegated_install.webapp^headers^
rename : dom/tests/mochitest/webapps/apps/utf8.webapp => dom/apps/tests/apps/utf8.webapp
rename : dom/tests/mochitest/webapps/apps/utf8.webapp^headers^ => dom/apps/tests/apps/utf8.webapp^headers^
rename : dom/tests/mochitest/webapps/cross_origin.html => dom/apps/tests/cross_origin.html
rename : dom/tests/mochitest/webapps/file_bug_779982.html => dom/apps/tests/file_bug_779982.html
rename : dom/tests/mochitest/webapps/head.js => dom/apps/tests/head.js
rename : dom/tests/mochitest/webapps/test_bug_779982.html => dom/apps/tests/test_bug_779982.html
rename : dom/tests/mochitest/webapps/test_list_api.xul => dom/apps/tests/test_list_api.xul
2016-01-31 15:04:54 -08:00
318722bcf1
Bug 1242909, r=ckerschb
...
--HG--
extra : commitid : 4MmsATsPR5X
2016-01-26 11:52:31 +00:00
66aa150bc3
Bug 1007634 - Add a test to show that Worker construction is no longer allowed by CSP script-src directive. r=ckerschb
...
--HG--
extra : amend_source : 0acea47a18c3a40be6e7fe50db1c71bc9dd91b3a
2016-01-21 16:57:00 -05:00
b0483f9b8c
Bug 1213633 - Test childDocument prior to use. r=tanvi
2016-01-04 16:37:14 -08:00
248f7a3dee
merge mozilla-inbound to mozilla-central a=merge
2016-01-20 15:34:34 +01:00
3ae375bf1c
Bug 1217766 - All PDFs trigger the insecure password warning. r=MattN,bz
...
--HG--
extra : commitid : 1aP0he1jDxh
extra : rebase_source : 49375a644ff345fe479b060945f6fe61efe52df7
2016-01-18 14:54:18 +00:00
fecee7be59
Bug 1224694 - Unify and clean up initialization of CSP (r=sicking)
2016-01-14 13:21:31 -08:00
071f422450
Bug 1233098 - Refactor CSP upgrade insecure requests flag within loadInfo (r=sicking)
2016-01-14 12:38:15 -08:00
238b5ed942
Bug 1208946 - Update tests for URI stripping in CSP reports (r=dveditz)
2016-01-14 12:37:15 -08:00
3d4a5ddffa
Bug 1208946 - Strip URIs in CSP reports (r=dveditz)
2016-01-14 12:36:50 -08:00
0e30d8b611
Bug 1237455 P1 Make file_CrossSiteXHR_server.sjs check headers on redirects. r=ehsan
2016-01-19 13:54:14 -08:00
18e28eaf42
Bug 1239397: Send Internal ContentPolicyType to CSP and MixedContent (r=sicking)
2016-01-19 09:10:50 -08:00
7089beabc7
Backed out changeset f51b921e1ccf (bug 1233098) for browser-chrome bustage
...
--HG--
extra : commitid : ytS8fc4lFu
2016-01-14 08:04:37 +05:30
c42851930c
Bug 1233098 - Refactor CSP upgrade insecure requests flag within loadInfo (r=sicking)
2016-01-13 15:51:43 -08:00
9c67777407
Bug 1237799, part 2 - Use setTestPluginEnabledState in various tests. r=gfritzsche
...
This make these tests pass with e10s.
Also, add a missing open quote to test_bug827160.html.
2016-01-12 16:50:34 -08:00
1768759efb
Bug 1220564 - Update chrome code uses of genexprs and legacy comprehensions. (r=billm)
2016-01-06 16:02:16 -08:00
caf218fa3e
Bug 1030936 - [CSP] remove fast-path for certified apps once the C++ backend is activated. r=ckerschb
2015-12-17 12:07:37 +08:00
93de65860e
Bug 1223743 - Test CSP enforcement for multipart channels (r=sicking)
2015-12-14 10:06:47 -08:00
9811f5c2eb
Bug 1228497 - initialize 3 members in class. r=christophkerschbaumer
2015-12-10 00:33:00 +01:00
0bb4231605
Bug 1216687: Add nsILoadInfo flags for cookie policies. r=ckerschb
2015-12-06 18:33:15 -05:00
f7193fdf30
Bug 1226909 part 4: Make AsyncOpen2 set taining information on channels. Use this information in XHR and fetch(). r=bkelly
2015-12-06 18:33:15 -05:00
28de02f687
Bug 1226909 part 3: Move logic of when to initiate CORS preflight into channels. Allow CORS preflight to happen when doing a same-origin to cross-origin redirect. r=ckerschb
2015-12-06 18:33:14 -05:00
6cc5074df0
Bug 1226909 part 1: Do security checks in a redirect handler rather than when opening the redirected channel. r=ckerschb
2015-12-06 18:33:14 -05:00
774236075d
Backed out changeset 09d64535bcda (bug 1216687), a7f1a289dd78, 4dbf06183e6c, 26318a5e3006, 9ae2af3cf86d (bug 1226909) for M(1,2,5) oranges. r=backout
2015-12-05 16:34:47 +01:00
993136c2c9
Bug 1216687: Add nsILoadInfo flags for cookie policies. r=ckerschb
2015-12-05 01:46:21 -08:00
7fae3fd853
Bug 1226909 part 4: Make AsyncOpen2 set taining information on channels. Use this information in XHR and fetch(). r=bkelly
2015-12-05 01:46:20 -08:00
ff12f48c5a
Bug 1226909 part 3: Move logic of when to initiate CORS preflight into channels. Allow CORS preflight to happen when doing a same-origin to cross-origin redirect. r=ckerschb
2015-12-05 01:46:20 -08:00
df33e62850
Bug 1226909 part 1: Do security checks in a redirect handler rather than when opening the redirected channel. r=ckerschb
2015-12-05 01:46:20 -08:00
5576308d8c
Bug 1218029 - Implements progressive Unicode chars decoding in nsScriptLoader. r=djvj
...
--HG--
extra : commitid : 4fqBUFXilM5
2015-11-30 08:54:52 -06:00
aeaf497a64
Bug 1218029 - Adds SRICheckDataVerifier for progressing data handling. r=francois
...
--HG--
extra : commitid : DLkHFWfJFxT
2015-11-30 08:54:40 -06:00
66199890c4
Bug 1218029 - Adds IncrementalStreamLoader interface stubs. r=djvj
...
--HG--
extra : commitid : J0UubFG9gvz
2015-11-30 08:54:11 -06:00
20d9928a1b
Bug 1228116 - Relax Security checks for DTD loads. r=sicking
...
--HG--
extra : rebase_source : 53f2deeb44dd29dbb4d6f50a8435763cb07df8a1
2015-11-25 13:38:05 -08:00
5fb2c53074
Bug 1219478: Replace PRLogModuleInfo usage with LazyLogModule in dom folders except media.r=amerchesini
2015-11-23 11:09:25 -08:00
76fa5db947
Bug 1210302 - Part 4: Add automated tests; r=sicking
2015-11-20 16:32:53 -05:00
143b334dd4
Bug 1182546 - Use channel->Open2() in parser/htmlparser/nsExpatDriver.cpp (r=bz)
2015-11-20 10:55:54 -08:00
d4843470df
Bug 1226324 - Do not use NS_ENSURCE_SUCCESS(rv, NS_OK) within nsContentSecurityManager. r=tanvi
2015-11-19 14:22:57 -08:00
ba8444d785
Backed out changeset 95069f2ce648 (bug 1182546) for Android M(c) bustage ON A CLOSED TREE
2015-11-19 14:26:33 +05:30
ab10273998
Bug 1182546 - Use channel->Open2() in parser/htmlparser/nsExpatDriver.cpp (r=bz)
2015-11-18 19:23:28 -08:00
36e922b9b7
Bug 1218433 - Use AsyncOpen2 in dom/workers/ScriptLoader.cpp - part 2 - WPT, r=sicking, r=Ms2ger
2015-11-16 22:41:54 +00:00
9d1f194cbb
Backed out 2 changesets (bug 1218433) for wpt failures CLOSED TREE
...
Backed out changeset 1cc8cc0444c0 (bug 1218433)
Backed out changeset 5418ca0e0378 (bug 1218433)
--HG--
extra : commitid : H1h8VHrzxx8
2015-11-16 11:13:43 -08:00
76aba80dc5
Bug 1218433 - Use AsyncOpen2 in dom/workers/ScriptLoader.cpp - part 2 - WPT, r=sicking, r=Ms2ger
2015-11-16 16:57:29 +00:00
a0cf7d50ad
Backed out 2 changesets (22360424ed15, 325a67608df0) (bug 1218433) for W(1,2) failures. r=backout on a CLOSED TREE
...
Backed out changeset 22360424ed15 (bug 1218433)
Backed out changeset 325a67608df0 (bug 1218433)
2015-11-15 15:56:45 +01:00
3285721a07
Bug 1218433 - Use AsyncOpen2 in dom/workers/ScriptLoader.cpp - part 2 - WPT, r=sicking
2015-11-15 11:57:22 +00:00
c941fd4008
Bug 663570 - Test 5: doc.write(meta csp) (r=sicking)
2015-11-14 19:30:24 -08:00
749afb19d4
Bug 663570 - Test 4: update referrer tests (r=sicking)
2015-11-14 19:30:16 -08:00
74f7445a35
Bug 663570 - Test 3: update upgrade-insecure-requests tests (r=sicking)
2015-11-14 19:30:08 -08:00
55d2e60a7e
Bug 663570 - Test 2: meta and header dual test (r=sicking)
2015-11-14 19:29:58 -08:00
82df3d1b9b
Bug 663570 - Test 1: baseline tests (r=sicking)
2015-11-14 19:29:45 -08:00
3bac30dca9
Bug 663570 - MetaCSP Part 6: CSP preload changes (r=sicking)
2015-11-14 19:29:18 -08:00
96f42dd458
Bug 663570 - MetaCSP Part 1: CSP parser changes (r=sicking)
2015-11-14 19:27:59 -08:00
27c89ea082
Bug 1223647: CSP erroneously inherited into dedicated workers. r=ckerschb
...
--HG--
rename : dom/workers/test/serviceworkers/test_eval_not_allowed.html^headers^ => dom/workers/test/serviceworkers/test_eval_allowed.html^headers^
2015-11-10 21:16:12 -08:00
2e6d1e7dfb
Backed out changeset d12f758f5f36 (bug 1223647) for android csp test failures
...
--HG--
extra : commitid : GRTvvKDy9Ki
2015-11-11 14:27:52 -08:00
ea6cf63b0f
Bug 1223647: CSP erroneously inherited into dedicated workers. r=ckerschb
2015-11-10 21:16:12 -08:00
8431cd65cd
Bug 1223481 - Use the "potentially trustworthy origin" helper to validate Push server URLs. r=dragana
...
--HG--
extra : commitid : 6RrHT77kcOj
extra : rebase_source : b5b498cc266e2c1c97459ace3da3febbb6a34e65
2015-11-10 10:50:46 -08:00
1873ead519
Bug 1219931 - CSP: Don't allow removing a policy (r=sicking)
2015-11-02 08:04:15 -08:00
50588ca7c1
Bug 1188028 - Queue up CSP console messages till windowID is available (r=sicking)
2015-11-11 06:23:57 -08:00
a876eba5c9
Bug 1188028 - Use channel->ascynOpen2 in dom/security/nsCSPContext.cpp (r=sicking)
2015-07-27 11:57:56 -07:00
b98d58e46d
Back out changeset 4d6d9c1e52e4 (bug 1223647) for failures in test_csp.html, csp/test_redirects.html and csp/test_worker_redirect.html
...
--HG--
extra : rebase_source : a4a53053968cfa19e6544dd3e59e36ef23fcf353
2015-11-10 23:10:04 -08:00
426e42e7f9
Bug 1223647: CSP erroneously inherited into dedicated workers. r=ckerschb
2015-11-10 21:16:12 -08:00
00b9a85bd6
Bug 1045891 - Tests for child-src r=ckerschb
2015-11-09 16:42:26 +09:00
67f4155fe6
Bug 1045891 - CSP 2 child-src implementation r=ckerschb
2015-10-28 16:32:27 -07:00
4d6f05d2f8
merge mozilla-inbound to mozilla-central a=merge
2015-11-09 14:55:30 +01:00
96837db759
Bug 1222478 - Enable more mulet tests. r=gerard-majax
2015-11-06 20:01:45 +01:00
9d98f9a481
Bug 1215235 - Drop support for jar: URIs by default, r=bz
2015-11-04 11:19:02 +00:00
c9e5049446
Bug 1213646: Allow URI_IS_UI_RESOURCE and safe about: URIs when SEC_ALLOW_CHROME is set. r=bz
2015-11-04 00:05:16 -08:00
0d2779ef10
Bug 1222105 - Make test_report.html and test_blocked_uri_in_reports.html work with e10s. r=ckerschb
2015-11-06 16:03:03 -08:00
0238bd1276
Bug 1221365 - Tests for "Is origin potentially trustworthy?" logic. r=ckerschb,bkelly
2015-11-06 11:10:08 -08:00
a0a2b249c4
Bug 1221365 - Move "Is origin potentially trustworthy?" logic outside ServiceWorkerManager.cpp. r=ckerschb,bkelly
2015-11-06 11:10:17 -08:00
f8ad8afb5a
Backed out 4 changesets (bug 1045891) for b2g mochitest 7 failures
...
Backed out changeset c590b18c5885 (bug 1045891104589110458911045891
2015-11-06 09:36:49 -08:00
3b59b81c93
Bug 1045891 - CSP 2 child-src implementation. r=ckerschb
2015-10-28 16:32:27 -07:00
ad73bf4611
Bug 1045891 - Tests for child-src. r=ckerschb
2015-09-30 15:26:25 -07:00
30ff2fd956
Backed out changeset 26e162e72ae1 (bug 1045891)
2015-11-02 10:37:52 +01:00
deb9310786
Backed out changeset 895c42544609 (bug 1045891)
2015-11-02 10:37:51 +01:00
d4da8266d4
Bug 1045891 - CSP 2 child-src implementation r=ckerschb
2015-10-28 16:32:27 -07:00
38bf8db214
Bug 1045891 - Tests for child-src r=ckerschb
2015-09-30 15:26:25 -07:00
5981b92f78
Bug 1219842 - Enable a bunch of mochitest-plain tests under e10s. r=mrbkap
2015-10-31 06:26:44 -07:00
1929f6c7c4
Bug 1218315 - Replace NS_LITERAL_STRING(...).get() with MOZ_UTF16(...) on dom. r=nfroyd
2015-10-28 14:29:57 +09:00
d4eaf0fdf6
Bug 1191645 - Use channel->asycnOpen2 in dom/base/nsSyncLoadService.cpp. r=sicking
2015-10-26 14:22:59 -07:00
ddb2d645e5
Bug 1194526 - Use channel->asycnOpen2 in dom/base/nsScriptLoader.cpp (r=sicking)
2015-10-19 18:33:37 -07:00
d3a92a7fa1
Bug 1195167 part 5: Make FetchDriver use AsyncOpen2. r=bkelly
2015-10-19 18:24:36 -07:00
be2deca017
Bug 1195167 part 1: Let necko handle all protocols. r=bkelly
2015-10-19 18:24:36 -07:00
cc10dd7ad3
Bug 1182571: Make nsXMLHttpRequest use AsyncOpen2. r=ehsan
2015-10-19 11:14:54 -07:00
4316c13003
Bug 1182571: Fix nsILoadInfo->GetContentPolicyType API to be less ambigious. Audit and fix all users of it. r=ckerschb
2015-10-19 11:14:54 -07:00
643f27c257
Bug 1208559 - Hook up ServicerWorkers with CSP (r=sicking,bkelly,dveditz)
2015-10-18 19:59:18 -07:00
733163ef2b
Bug 1208559 - Tests. r=bholley
2015-10-18 19:37:40 -07:00
01583602a9
Bug 1207245 - part 6 - rename nsRefPtr<T> to RefPtr<T>; r=ehsan; a=Tomcat
...
The bulk of this commit was generated with a script, executed at the top
level of a typical source code checkout. The only non-machine-generated
part was modifying MFBT's moz.build to reflect the new naming.
CLOSED TREE makes big refactorings like this a piece of cake.
# The main substitution.
find . -name '*.cpp' -o -name '*.cc' -o -name '*.h' -o -name '*.mm' -o -name '*.idl'| \
xargs perl -p -i -e '
s/nsRefPtr\.h/RefPtr\.h/g; # handle includes
s/nsRefPtr ?</RefPtr</g; # handle declarations and variables
'
# Handle a special friend declaration in gfx/layers/AtomicRefCountedWithFinalize.h.
perl -p -i -e 's/::nsRefPtr;/::RefPtr;/' gfx/layers/AtomicRefCountedWithFinalize.h
# Handle nsRefPtr.h itself, a couple places that define constructors
# from nsRefPtr, and code generators specially. We do this here, rather
# than indiscriminantly s/nsRefPtr/RefPtr/, because that would rename
# things like nsRefPtrHashtable.
perl -p -i -e 's/nsRefPtr/RefPtr/g' \
mfbt/nsRefPtr.h \
xpcom/glue/nsCOMPtr.h \
xpcom/base/OwningNonNull.h \
ipc/ipdl/ipdl/lower.py \
ipc/ipdl/ipdl/builtin.py \
dom/bindings/Codegen.py \
python/lldbutils/lldbutils/utils.py
# In our indiscriminate substitution above, we renamed
# nsRefPtrGetterAddRefs, the class behind getter_AddRefs. Fix that up.
find . -name '*.cpp' -o -name '*.h' -o -name '*.idl' | \
xargs perl -p -i -e 's/nsRefPtrGetterAddRefs/RefPtrGetterAddRefs/g'
if [ -d .git ]; then
git mv mfbt/nsRefPtr.h mfbt/RefPtr.h
else
hg mv mfbt/nsRefPtr.h mfbt/RefPtr.h
fi
--HG--
rename : mfbt/nsRefPtr.h => mfbt/RefPtr.h
2015-10-18 01:24:48 -04:00
Frederik Braun
Kris Maglione
Christoph Kerschbaumer
Matt Robenolt
Frederik Braun
Tanvi Vyas
Sebastian Hengst
Marcos Caceres
Jonathan Hao
Chris Manchester
Christoph Kerschbaumer
Wes Kocher
Carsten "Tomcat" Book
Benjamin Peterson
Franziskus Kiefer
Ryan VanderMeulen
Marco Castelluccio
Blake Kaplan
Boris Zbarsky
Ehsan Akhgari
Ethan Tseng
Kyle Huey
Francois Marier
Ben Kelly
Kate McKinley
Myk Melez
Andrew McCreight
Gijs Kruitbosch
Paolo Amadini
Nigel Babu
Shu-yu Guo
Bogdan Postelnicu
Jonas Sicking
Yury Delendik
sajitk
Andrea Marchesini
Kit Cambridge
Phil Ringnalda
Gregor Wagner
Matthew Noorenberghe
Makoto Kato
Nathan Froyd