59f79d44b0
Merge mozilla-central to inbound a=merge on a CLOSED TREE
2018-12-12 00:01:36 +02:00
8c00ef3f30
Bug 1512052 - Add more .eslintrc.js files for test directories. r=mossop
...
Differential Revision: https://phabricator.services.mozilla.com/D13746
--HG--
extra : moz-landing-system : lando
2018-12-11 13:15:08 +00:00
87c8fc7bca
Bug 1513152 - Load .sjs scripts in httpd.js as UTF-8, updating consumers of the in-tree .sjs scripts as necessary for the change. r=kmag
...
--HG--
extra : rebase_source : ff77d84433fa3fc78aea9a6c2a0e897981fd7b84
2018-12-08 18:00:33 -05:00
4f94342ed3
Bug 1403815 - Disable browser_test_toplevel_data_navigations.js on mac and linux debug for frequent failures. r=jmaher
2018-12-06 07:13:00 +02:00
ed617be144
Backed out 2 changesets (bug 1512052)for causing build bustages CLOSED TREE
...
Backed out changeset 4773a3f46c22 (bug 1512052)
Backed out changeset 2f48c5afbe57 (bug 1512052)
--HG--
rename : browser/components/attribution/test/xpcshell/.eslintrc.js => browser/components/attribution/test/.eslintrc.js
2018-12-05 05:47:39 +02:00
8256078237
Bug 1512052 - Add more .eslintrc.js files for test directories. r=mossop
...
Depends on D13745
Differential Revision: https://phabricator.services.mozilla.com/D13746
--HG--
extra : moz-landing-system : lando
2018-12-04 22:27:35 +00:00
a9178e878d
Bug 1510911 - Part 3: Backout changeset d0997972e4d4 (bug 1493563 - Part 4) for regressing performance
2018-12-03 14:27:53 -05:00
ace9fa800a
Bug 1508310 - Implement Report-to header support - part 4 - IPC to get endpoint from content process, r=smaug
2018-12-01 21:26:09 +01:00
265e672179
Bug 1511181 - Reformat everything to the Google coding style r=ehsan a=clang-format
...
# ignore-this-changeset
--HG--
extra : amend_source : 4d301d3b0b8711c4692392aa76088ba7fd7d1022
2018-11-30 11:46:48 +01:00
fbd301ecde
Merge mozilla-central to inbound. CLOSED TREE
2018-11-28 12:02:34 +02:00
f399725b04
Bug 1503681 - rel=noopener implicit for target=_blank in anchor and area elements when no rel attribute is set - fix tests, r=me
2018-11-28 08:22:06 +01:00
025923e8bc
Backed out 3 changesets (bug 1503681) for geckoview failures on org.mozilla.geckoview.test.GeckoSessionTestRuleTest.waitForChromeJS. CLOSED TREE
...
Backed out changeset 211c7dfdc408 (bug 1503681)
Backed out changeset 076cc5bece1d (bug 1503681)
Backed out changeset 7a19fe6be68c (bug 1503681)
2018-11-28 11:10:48 +02:00
d69ebc1ae7
Bug 1503681 - rel=noopener implicit for target=_blank in anchor and area elements when no rel attribute is set - fix tests, r=me
2018-11-28 08:22:06 +01:00
c241567f0f
Bug 1505601 - Turn nsIDocShell XPIDL const lists into cenums; r=bzbarsky
...
Turn all const lists and related attributes into cenums, to provide a
vague sense of type safety.
Depends on D11715
Differential Revision: https://phabricator.services.mozilla.com/D11716
--HG--
extra : moz-landing-system : lando
2018-11-28 03:30:56 +00:00
2febd96e7e
Bug 1508472 - Part 2: Second batch of comment fix-ups in preparation for the tree reformat r=sylvestre
...
This is a best effort attempt at ensuring that the adverse impact of
reformatting the entire tree over the comments would be minimal. I've used a
combination of strategies including disabling of formatting, some manual
formatting and some changes to formatting to work around some clang-format
limitations.
Differential Revision: https://phabricator.services.mozilla.com/D13073
--HG--
extra : moz-landing-system : lando
2018-11-28 00:54:56 +00:00
0afa5aa670
Backed out 2 changesets (bug 1508472) for causing build bustages on JobScheduler_posix.cpp. CLOSED TREE
...
Backed out changeset af951294cf96 (bug 1508472)
Backed out changeset 2320933cb7bc (bug 1508472)
2018-11-28 00:08:11 +02:00
7c937c2747
Bug 1508472 - Part 2: Second batch of comment fix-ups in preparation for the tree reformat r=sylvestre
...
This is a best effort attempt at ensuring that the adverse impact of
reformatting the entire tree over the comments would be minimal. I've used a
combination of strategies including disabling of formatting, some manual
formatting and some changes to formatting to work around some clang-format
limitations.
Differential Revision: https://phabricator.services.mozilla.com/D13073
--HG--
extra : moz-landing-system : lando
2018-11-27 21:36:18 +00:00
945463d394
Backed out changeset 11d6688b953f (bug 1508472) for build bustages on a CLOSED TREE
2018-11-27 18:28:30 +02:00
d0a3a76106
Bug 1508472 - Part 2: Second batch of comment fix-ups in preparation for the tree reformat r=sylvestre
...
This is a best effort attempt at ensuring that the adverse impact of
reformatting the entire tree over the comments would be minimal. I've used a
combination of strategies including disabling of formatting, some manual
formatting and some changes to formatting to work around some clang-format
limitations.
Differential Revision: https://phabricator.services.mozilla.com/D13073
--HG--
extra : moz-landing-system : lando
2018-11-27 15:18:32 +00:00
69eaef00a7
Bug 1509504: Trunacte outStr within nsCSPContext::GetPolicyString. r=baku
2018-11-23 16:05:24 +01:00
dbb1bf7e31
Bug 1438945 - Part 6: CSP via IPC. r=ckerschb
...
--HG--
extra : rebase_source : 8ea27a931619ec0bf75035039c9b4d66d23d7e70
2018-11-19 15:18:21 -08:00
f8cc48bd62
Bug 1508180 - Use uppercase names for high-order macros in dom/ r=mccr8
...
Differential Revision: https://phabricator.services.mozilla.com/D12232
--HG--
extra : moz-landing-system : lando
2018-11-19 17:31:17 +00:00
c0b26c4076
Merge inbound to mozilla-central a=merge
2018-11-15 11:54:15 +02:00
9cabbb0b47
Merge mozilla-central to autoland. a=merge on a CLOSED TREE
2018-11-15 00:35:07 +02:00
aaf586c2ce
Bug 1506839 - Implement document-domain feature policy, r=annevk, r=ckerschb
2018-11-14 15:55:02 +01:00
31083cb05a
Bug 1495313 - Fix xhr/fetch tests to allow passwords with no username in URLs r=baku
...
Differential Revision: https://phabricator.services.mozilla.com/D11255
--HG--
extra : moz-landing-system : lando
2018-11-14 19:11:02 +00:00
52d37a8c05
Bug 1505178: CSP - Do not strip blockedURI in reports for WebSocket. r=april
2018-11-13 20:29:54 +01:00
5e3dc65e1b
Bug 1507230 - dom.security.featurePolicy.webidl.enabled pref controls the exposing of document.policy and HTMLIFrameElement.policy attributes, r=ckerschb
2018-11-14 23:58:52 +01:00
3c9a4a719c
Bug 1507230 - dom.security.featurePolicy.header.enabled pref controls the using of FeaturePolicy header, r=ckerschb
2018-11-14 23:58:35 +01:00
33c61a5c80
Bug 1492036 - Reporting API - part 6 - FeaturePolicy, r=smaug
2018-11-14 20:02:33 +01:00
079a123093
Bug 1467712 - Simplify calls to ok to use only 2 arguments;r=Standard8
...
Differential Revision: https://phabricator.services.mozilla.com/D10416
--HG--
extra : moz-landing-system : lando
2018-11-01 13:48:48 +00:00
faba2c8c15
Backed out 4 changesets (bug 1467712) for multiple failures with: Too many arguments passed to ok. CLOSED TREE
...
Backed out changeset 9ce0ac2b9d71 (bug 1467712)
Backed out changeset 026eb1f6dc6e (bug 1467712)
Backed out changeset 0088a09d869a (bug 1467712)
Backed out changeset 1b19ea76aad6 (bug 1467712)
2018-11-01 15:22:52 +02:00
b50a5ba4dc
Bug 1467712 - Simplify calls to ok to use only 2 arguments;r=Standard8
...
Differential Revision: https://phabricator.services.mozilla.com/D10416
--HG--
extra : moz-landing-system : lando
2018-11-01 11:09:48 +00:00
41900a475a
Merge mozilla-central to autoland. a=merge CLOSED TREE
2018-10-31 23:44:15 +02:00
3d5e6205ca
Merge inbound to mozilla-central. a=merge
2018-10-31 23:41:40 +02:00
266ef73c96
Bug 1503207 - Remove nsWeakPtr.h and cleanup all files including weak reference-related headers r=froydnj
...
Differential Revision: https://phabricator.services.mozilla.com/D10251
--HG--
extra : moz-landing-system : lando
2018-10-31 20:39:03 +00:00
42992765b4
Bug 1496505: Use the triggering principal rather than the loading principal for CORS checks. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D9881
--HG--
extra : moz-landing-system : lando
2018-10-31 18:02:46 +00:00
ed1f7a623a
Bug 1503575 - Remove unused mAppStatusCache from nsCSPService. r=baku
2018-10-31 15:35:27 +01:00
3501594596
Bug 1447784 - Upgrade insecure requests should not be applied to potentially trustworthy loopback r=baku
...
Differential Revision: https://phabricator.services.mozilla.com/D10367
--HG--
extra : moz-landing-system : lando
2018-10-31 16:04:58 +00:00
8b14b77870
Bug 1500083 - Exempt TYPE_XBL loads from CSP. r=dveditz
...
--HG--
extra : rebase_source : 0812c9ad5704e7804c8e0c630a35735b65c7469b
2018-10-22 14:50:58 +02:00
8919a215c2
Bug 1501204: Update the FeaturePolicy inherit algorithm implementation, r=ckerschb
2018-10-25 19:03:38 +02:00
4439acd683
Bug 1498510 - Move nsICSPEventListener out of CSP object, r=ckerschb
2018-10-23 08:17:13 +02:00
0788132d62
Bug 1499384: add debug logging for expandedprincipals r=ckerschb
...
Extending the MOZ_LOGging for content security checks to provide a proper serialization of expanded principals
Differential Revision: https://phabricator.services.mozilla.com/D8958
--HG--
extra : moz-landing-system : lando
2018-10-22 12:49:10 +00:00
d4e4884960
Bug 1499788 - midi feature policy should have 'self' as default allowlist, r=qdot
2018-10-18 11:08:37 +02:00
39b3c89ada
Bug 1499768 - camera, microphone and speaker feature policies should have 'self' as default allowlist, r=jib
2018-10-18 11:08:37 +02:00
e2aaaa397f
Bug 1499791 - Remove extra spaces in FeaturePolicyUtils.cpp, r=me
2018-10-17 19:22:59 +02:00
7b887cfbbc
Bug 1498885 - Assertion added in ContentSecurityPolicyPermitsJSAction() to not allow eval with SystemPrincipal r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D8683
--HG--
extra : moz-landing-system : lando
2018-10-15 08:02:04 +00:00
dd5741407b
Bug 1498586 - Add clang-format off to avoid the reformatting of the data structures r=Ehsan
...
Too hard/impossible for the tool to format correctly these structs
Differential Revision: https://phabricator.services.mozilla.com/D8569
--HG--
extra : moz-landing-system : lando
2018-10-12 20:48:24 +00:00
721aaab922
Bug 1496034 - Apply bz's comments to FeaturePolicy, r=bz
2018-10-12 09:36:33 +02:00
38a1af1893
Bug 1497141 - FeaturePolicy: microphone, r=jib
2018-10-10 16:54:18 +02:00
172ef9c621
Bug 1497141 - FeaturePolicy: camera, r=jib
2018-10-10 16:54:17 +02:00
e60ca6394e
Bug 1497034 - FeaturePolicy: autoplay, r=cpearce
2018-10-09 14:22:19 +02:00
42109ceb33
Bug 1495364 - FeaturePolicy: geolocation, r=smaug
2018-10-06 13:10:30 +02:00
cf687d4b6a
Bug 1495362 - FeaturePolicy: fullscreen, r=smaug
2018-10-04 14:34:37 +02:00
4c9dc7e143
Bug 1495983: Assert system privileged about: pages have CSP. r=smaug
2018-10-03 09:47:08 +02:00
77bbe19e42
Bug 1496037 - Default value for FeaturePolicy should be '*', r=ckerschb
2018-10-03 18:54:17 +02:00
555e8747e8
Backed out changeset 56ffd7466acc (bug 1496037) for failing payment-default-feature-policy tests CLOSED TREE
2018-10-03 19:13:07 +03:00
fb30178a76
Bug 1496037 - Default value for FeaturePolicy should be '*', r=ckerschb
2018-10-03 17:01:34 +02:00
9c943359e1
Bug 1495358 - FeaturePolicy: vr, r=kip
2018-10-03 12:39:44 +02:00
ca3641419f
Merge inbound to mozilla-central. a=merge
...
--HG--
rename : docshell/test/bug123696-subframe.html => docshell/test/mochitest/bug123696-subframe.html
rename : docshell/test/bug404548-subframe.html => docshell/test/mochitest/bug404548-subframe.html
rename : docshell/test/bug404548-subframe_window.html => docshell/test/mochitest/bug404548-subframe_window.html
rename : docshell/test/bug413310-post.sjs => docshell/test/mochitest/bug413310-post.sjs
rename : docshell/test/bug413310-subframe.html => docshell/test/mochitest/bug413310-subframe.html
rename : docshell/test/bug529119-window.html => docshell/test/mochitest/bug529119-window.html
rename : docshell/test/bug530396-noref.sjs => docshell/test/mochitest/bug530396-noref.sjs
rename : docshell/test/bug530396-subframe.html => docshell/test/mochitest/bug530396-subframe.html
rename : docshell/test/bug570341_recordevents.html => docshell/test/mochitest/bug570341_recordevents.html
rename : docshell/test/bug668513_redirect.html => docshell/test/mochitest/bug668513_redirect.html
rename : docshell/test/bug668513_redirect.html^headers^ => docshell/test/mochitest/bug668513_redirect.html^headers^
rename : docshell/test/bug691547_frame.html => docshell/test/mochitest/bug691547_frame.html
rename : docshell/test/dummy_page.html => docshell/test/mochitest/dummy_page.html
rename : docshell/test/file_anchor_scroll_after_document_open.html => docshell/test/mochitest/file_anchor_scroll_after_document_open.html
rename : docshell/test/file_bfcache_plus_hash_1.html => docshell/test/mochitest/file_bfcache_plus_hash_1.html
rename : docshell/test/file_bfcache_plus_hash_2.html => docshell/test/mochitest/file_bfcache_plus_hash_2.html
rename : docshell/test/file_bug1121701_1.html => docshell/test/mochitest/file_bug1121701_1.html
rename : docshell/test/file_bug1121701_2.html => docshell/test/mochitest/file_bug1121701_2.html
rename : docshell/test/file_bug1151421.html => docshell/test/mochitest/file_bug1151421.html
rename : docshell/test/file_bug1186774.html => docshell/test/mochitest/file_bug1186774.html
rename : docshell/test/file_bug1450164.html => docshell/test/mochitest/file_bug1450164.html
rename : docshell/test/file_bug385434_1.html => docshell/test/mochitest/file_bug385434_1.html
rename : docshell/test/file_bug385434_2.html => docshell/test/mochitest/file_bug385434_2.html
rename : docshell/test/file_bug385434_3.html => docshell/test/mochitest/file_bug385434_3.html
rename : docshell/test/file_bug475636.sjs => docshell/test/mochitest/file_bug475636.sjs
rename : docshell/test/file_bug509055.html => docshell/test/mochitest/file_bug509055.html
rename : docshell/test/file_bug511449.html => docshell/test/mochitest/file_bug511449.html
rename : docshell/test/file_bug540462.html => docshell/test/mochitest/file_bug540462.html
rename : docshell/test/file_bug580069_1.html => docshell/test/mochitest/file_bug580069_1.html
rename : docshell/test/file_bug580069_2.sjs => docshell/test/mochitest/file_bug580069_2.sjs
rename : docshell/test/file_bug590573_1.html => docshell/test/mochitest/file_bug590573_1.html
rename : docshell/test/file_bug590573_2.html => docshell/test/mochitest/file_bug590573_2.html
rename : docshell/test/file_bug598895_1.html => docshell/test/mochitest/file_bug598895_1.html
rename : docshell/test/file_bug598895_2.html => docshell/test/mochitest/file_bug598895_2.html
rename : docshell/test/file_bug634834.html => docshell/test/mochitest/file_bug634834.html
rename : docshell/test/file_bug598895_1.html => docshell/test/mochitest/file_bug637644_1.html
rename : docshell/test/file_bug598895_2.html => docshell/test/mochitest/file_bug637644_2.html
rename : docshell/test/file_bug640387.html => docshell/test/mochitest/file_bug640387.html
rename : docshell/test/file_bug653741.html => docshell/test/mochitest/file_bug653741.html
rename : docshell/test/file_bug660404 => docshell/test/mochitest/file_bug660404
rename : docshell/test/file_bug660404-1.html => docshell/test/mochitest/file_bug660404-1.html
rename : docshell/test/file_bug660404^headers^ => docshell/test/mochitest/file_bug660404^headers^
rename : docshell/test/file_bug653741.html => docshell/test/mochitest/file_bug662170.html
rename : docshell/test/file_bug668513.html => docshell/test/mochitest/file_bug668513.html
rename : docshell/test/file_bug669671.sjs => docshell/test/mochitest/file_bug669671.sjs
rename : docshell/test/file_bug675587.html => docshell/test/mochitest/file_bug675587.html
rename : docshell/test/file_bug680257.html => docshell/test/mochitest/file_bug680257.html
rename : docshell/test/file_bug703855.html => docshell/test/mochitest/file_bug703855.html
rename : docshell/test/file_bug728939.html => docshell/test/mochitest/file_bug728939.html
rename : docshell/test/file_close_onpagehide1.html => docshell/test/mochitest/file_close_onpagehide1.html
rename : docshell/test/file_close_onpagehide2.html => docshell/test/mochitest/file_close_onpagehide2.html
rename : docshell/test/file_framedhistoryframes.html => docshell/test/mochitest/file_framedhistoryframes.html
rename : docshell/test/file_pushState_after_document_open.html => docshell/test/mochitest/file_pushState_after_document_open.html
rename : docshell/test/historyframes.html => docshell/test/mochitest/historyframes.html
rename : docshell/test/mochitest.ini => docshell/test/mochitest/mochitest.ini
rename : docshell/test/start_historyframe.html => docshell/test/mochitest/start_historyframe.html
rename : docshell/test/test_anchor_scroll_after_document_open.html => docshell/test/mochitest/test_anchor_scroll_after_document_open.html
rename : docshell/test/test_bfcache_plus_hash.html => docshell/test/mochitest/test_bfcache_plus_hash.html
rename : docshell/test/test_bug1045096.html => docshell/test/mochitest/test_bug1045096.html
rename : docshell/test/test_bug1121701.html => docshell/test/mochitest/test_bug1121701.html
rename : docshell/test/test_bug1151421.html => docshell/test/mochitest/test_bug1151421.html
rename : docshell/test/test_bug1186774.html => docshell/test/mochitest/test_bug1186774.html
rename : docshell/test/test_bug123696.html => docshell/test/mochitest/test_bug123696.html
rename : docshell/test/test_bug1450164.html => docshell/test/mochitest/test_bug1450164.html
rename : docshell/test/test_bug384014.html => docshell/test/mochitest/test_bug384014.html
rename : docshell/test/test_bug385434.html => docshell/test/mochitest/test_bug385434.html
rename : docshell/test/test_bug387979.html => docshell/test/mochitest/test_bug387979.html
rename : docshell/test/test_bug402210.html => docshell/test/mochitest/test_bug402210.html
rename : docshell/test/test_bug404548.html => docshell/test/mochitest/test_bug404548.html
rename : docshell/test/test_bug413310.html => docshell/test/mochitest/test_bug413310.html
rename : docshell/test/test_bug475636.html => docshell/test/mochitest/test_bug475636.html
rename : docshell/test/test_bug509055.html => docshell/test/mochitest/test_bug509055.html
rename : docshell/test/test_bug511449.html => docshell/test/mochitest/test_bug511449.html
rename : docshell/test/test_bug529119-1.html => docshell/test/mochitest/test_bug529119-1.html
rename : docshell/test/test_bug529119-2.html => docshell/test/mochitest/test_bug529119-2.html
rename : docshell/test/test_bug530396.html => docshell/test/mochitest/test_bug530396.html
rename : docshell/test/test_bug540462.html => docshell/test/mochitest/test_bug540462.html
rename : docshell/test/test_bug551225.html => docshell/test/mochitest/test_bug551225.html
rename : docshell/test/test_bug570341.html => docshell/test/mochitest/test_bug570341.html
rename : docshell/test/test_bug580069.html => docshell/test/mochitest/test_bug580069.html
rename : docshell/test/test_bug590573.html => docshell/test/mochitest/test_bug590573.html
rename : docshell/test/test_bug598895.html => docshell/test/mochitest/test_bug598895.html
rename : docshell/test/test_bug634834.html => docshell/test/mochitest/test_bug634834.html
rename : docshell/test/test_bug637644.html => docshell/test/mochitest/test_bug637644.html
rename : docshell/test/test_bug640387_1.html => docshell/test/mochitest/test_bug640387_1.html
rename : docshell/test/test_bug640387_2.html => docshell/test/mochitest/test_bug640387_2.html
rename : docshell/test/test_bug653741.html => docshell/test/mochitest/test_bug653741.html
rename : docshell/test/test_bug660404.html => docshell/test/mochitest/test_bug660404.html
rename : docshell/test/test_bug662170.html => docshell/test/mochitest/test_bug662170.html
rename : docshell/test/test_bug668513.html => docshell/test/mochitest/test_bug668513.html
rename : docshell/test/test_bug669671.html => docshell/test/mochitest/test_bug669671.html
rename : docshell/test/test_bug675587.html => docshell/test/mochitest/test_bug675587.html
rename : docshell/test/test_bug680257.html => docshell/test/mochitest/test_bug680257.html
rename : docshell/test/test_bug691547.html => docshell/test/mochitest/test_bug691547.html
rename : docshell/test/test_bug694612.html => docshell/test/mochitest/test_bug694612.html
rename : docshell/test/test_bug703855.html => docshell/test/mochitest/test_bug703855.html
rename : docshell/test/test_bug728939.html => docshell/test/mochitest/test_bug728939.html
rename : docshell/test/test_bug797909.html => docshell/test/mochitest/test_bug797909.html
rename : docshell/test/test_close_onpagehide_by_history_back.html => docshell/test/mochitest/test_close_onpagehide_by_history_back.html
rename : docshell/test/test_close_onpagehide_by_window_close.html => docshell/test/mochitest/test_close_onpagehide_by_window_close.html
rename : docshell/test/test_forceinheritprincipal_overrule_owner.html => docshell/test/mochitest/test_forceinheritprincipal_overrule_owner.html
rename : docshell/test/test_framedhistoryframes.html => docshell/test/mochitest/test_framedhistoryframes.html
rename : docshell/test/test_pushState_after_document_open.html => docshell/test/mochitest/test_pushState_after_document_open.html
rename : docshell/test/test_triggeringprincipal_location_seturi.html => docshell/test/mochitest/test_triggeringprincipal_location_seturi.html
rename : docshell/test/test_windowedhistoryframes.html => docshell/test/mochitest/test_windowedhistoryframes.html
rename : docshell/test/url1_historyframe.html => docshell/test/mochitest/url1_historyframe.html
rename : docshell/test/url2_historyframe.html => docshell/test/mochitest/url2_historyframe.html
rename : third_party/rust/syn/src/parsers.rs => third_party/rust/syn-0.14.6/src/parsers.rs
rename : third_party/rust/syn/src/verbatim.rs => third_party/rust/syn-0.14.6/src/verbatim.rs
rename : third_party/rust/uuid/.travis.yml => third_party/rust/uuid-0.5.1/.travis.yml
rename : third_party/rust/uuid/src/rustc_serialize.rs => third_party/rust/uuid-0.5.1/src/rustc_serialize.rs
rename : third_party/rust/uuid/src/serde.rs => third_party/rust/uuid-0.5.1/src/serde.rs
2018-10-02 19:03:40 +03:00
837f0af066
Bug 1493737 - Fix many trivial calls to do_QueryInterface r=smaug
...
If class A is derived from class B, then an instance of class A can be
converted to B via a static cast, so a slower QI is not needed.
Differential Revision: https://phabricator.services.mozilla.com/D6861
--HG--
extra : moz-landing-system : lando
2018-10-01 21:38:01 +00:00
319c43d823
Bug 1495303 - FeaturePolicy: payment, r=marcosc
2018-10-01 11:59:57 +02:00
b5ec6b9d2b
Backed out changeset 6daf4f561843 (bug 1495303)for failing web-platform tests on /payment-allowed-by-feature-policy-attribute-redirect-on-load.https.sub.html
2018-10-01 14:51:26 +03:00
f48b6e8ca4
Bug 1495303 - FeaturePolicy: payment, r=marcosc
2018-10-01 11:59:57 +02:00
999343a4f0
Bug 1390801 - FeaturePolicy - part 3 - Enabling WPTs, r=ckerschb
2018-10-01 08:09:44 +02:00
4be054a731
Bug 1390801 - FeaturePolicy - part 2 - WebIDL + DOM integration, r=ckerschb
2018-10-01 08:09:44 +02:00
4729f26e6e
Bug 1390801 - FeaturePolicy - part 1 - HTTP header and attribute parser, r=ckerschb
2018-10-01 08:09:43 +02:00
355485be9f
Bug 1493563 - Part 4: Present the old state and the content blocking log to the security event sink; r=baku
...
Differential Revision: https://phabricator.services.mozilla.com/D6594
2018-09-28 14:46:02 -04:00
4419e20e14
Backed out 12 changesets (bug 1493563) for failures in test_css-logic-getCssPath.html CLOSED TREE
...
Backed out changeset d2e83655082f (bug 1493563)
Backed out changeset 1ce58f004593 (bug 1493563)
Backed out changeset 344298c73ee7 (bug 1493563)
Backed out changeset 02b8b073f7d7 (bug 1493563)
Backed out changeset 3ef707008502 (bug 1493563)
Backed out changeset bb2720a401fe (bug 1493563)
Backed out changeset ce0211be57a1 (bug 1493563)
Backed out changeset 83d6c2bf8dc6 (bug 1493563)
Backed out changeset 1844af4cc25b (bug 1493563)
Backed out changeset c8ab17addb7a (bug 1493563)
Backed out changeset a1ff0cd62563 (bug 1493563)
Backed out changeset 932b41e211e0 (bug 1493563)
2018-09-28 21:31:18 +03:00
4895fd4963
Bug 1493563 - Part 4: Present the old state and the content blocking log to the security event sink; r=baku
...
Differential Revision: https://phabricator.services.mozilla.com/D6594
2018-09-28 13:24:40 -04:00
4f7300a921
Bug 1491825: add MOZ_LOG for content security checks r=ckerschb
...
Summary:
This patch adds a new log module 'CSMLog' for checks in nsContentSecurityManager::doContentSecurityCheck.
With log level 4 (debug) only HTTP URLs will be logged. Level 5 (verbose) logs for all loads.
The logger shows the following information: - channel URI - loadingPrincipal - triggeringPrincipal - principal to be inherited - load flags from loadinfo
Test Plan: n/a
Reviewers: jkt, ckerschb
Reviewed By: jkt, ckerschb
Bug #: 1491825
Differential Revision: https://phabricator.services.mozilla.com/D6125
--HG--
extra : rebase_source : 673df7f627da05ff60a6d55fb86b1cf31e94ccf4
extra : histedit_source : 56d1880a1f34e09b37d5115eba2c6659824faa1b
2018-09-28 16:06:29 +03:00
1b26aadbdb
Bug 1259908 - Fix intermittent failure for dom/security/test/mixedcontentblocker/test_main.html, r=ckerschb
2018-09-28 12:00:46 +02:00
99eef68114
Bug 1495359 - FeaturePolicy: encrypted-media, r=cpearce
2018-10-02 11:55:27 +02:00
dfb9eb8319
Bug 1495304 - Remove unsupported feature policies, r=ckerschb
2018-10-02 11:55:11 +02:00
7b93c4f163
Bug 1495302 - FeaturePolicy: midi, r=qdot
2018-10-02 11:54:58 +02:00
70e8d3a299
Backed out 11 changesets (bug 1493563) for failures on dom/workers/test/test_sharedworker_event_listener_leaks.html on a CLOSED TREE
...
Backed out changeset 0bb55b604bfd (bug 1493563)
Backed out changeset 8e25c301675a (bug 1493563)
Backed out changeset 4f608b8801d4 (bug 1493563)
Backed out changeset f58d0b1ca088 (bug 1493563)
Backed out changeset eae105f2bf6d (bug 1493563)
Backed out changeset 7a8a0d1cfd69 (bug 1493563)
Backed out changeset dbba8451aab1 (bug 1493563)
Backed out changeset a6141dbd0328 (bug 1493563)
Backed out changeset f4ca3d8fa90e (bug 1493563)
Backed out changeset 56bab7fae64d (bug 1493563)
Backed out changeset 66787e603401 (bug 1493563)
2018-09-26 06:16:22 +03:00
69860e8e2e
Bug 1493563 - Part 4: Present the old state and the content blocking log to the security event sink; r=baku
...
Differential Revision: https://phabricator.services.mozilla.com/D6594
2018-09-25 21:02:51 -04:00
8acb878ef1
Backed out 11 changesets (bug 1493563) for failures on browser_blockingCookies.js on a CLOSED TREE
...
Backed out changeset d755b96837ac (bug 1493563)
Backed out changeset 651f87dca51f (bug 1493563)
Backed out changeset 68de8f0866d0 (bug 1493563)
Backed out changeset 205d69890f50 (bug 1493563)
Backed out changeset 5f922cd6c21e (bug 1493563)
Backed out changeset 84dc54c1a9c1 (bug 1493563)
Backed out changeset 287666ecdd17 (bug 1493563)
Backed out changeset c64a2ea15b7b (bug 1493563)
Backed out changeset 9085269938cd (bug 1493563)
Backed out changeset de06604fefcb (bug 1493563)
Backed out changeset f9bac5e73bd4 (bug 1493563)
2018-09-25 23:12:03 +03:00
4765aaccd1
Bug 1493563 - Part 4: Present the old state and the content blocking log to the security event sink; r=baku
...
Differential Revision: https://phabricator.services.mozilla.com/D6594
2018-09-25 13:51:47 -04:00
60e3239dee
Bug 1490874: Log Principal based Security Errors to the Security pane in the console. r=smaug
2018-09-25 07:25:05 +02:00
fc8714580a
Bug 1485676 - Rename TabTarget.makeRemote to TabTarget.attach. r=jdescottes
...
Summary:
Now that all the "remoting" of this method has been moved to TargetFactory.createTargetForTab,
we should rename this method to what it does now. It mostly call attach requests
of the target actor and its child console actor.
It also "connect" the webextension target actor, but I would like to eventually move that
outside of TabTarget.attach, like makeRemote.
Depends On D4078
Reviewers: yulia!
Tags: #secure-revision
Bug #: 1485676
Differential Revision: https://phabricator.services.mozilla.com/D6161
MozReview-Commit-ID: KmFi1LIUBga
2018-09-24 09:52:57 -07:00
082e20e693
Bug 1485676 - Connect to local server from TargetFactory.forTab and make TabTarget always remote-like. r=yulia
...
Tags: #secure-revision
Bug #: 1485676
Differential Revision: https://phabricator.services.mozilla.com/D4078
MozReview-Commit-ID: JAwiySsBZBu
2018-09-24 09:52:55 -07:00
51a3c01ced
Backed out 9 changesets (bug 1485676) for failures in browser/tools/mozscreenshots/devtools/browser_devtools.js CLOSED TREE
...
Backed out changeset d358feec4ca1 (bug 1485676)
Backed out changeset ed554dbb062f (bug 1485676)
Backed out changeset 6e78058df94d (bug 1485676)
Backed out changeset 3a6f1b0e71f4 (bug 1485676)
Backed out changeset 16d2403aa787 (bug 1485676)
Backed out changeset 454eddf52157 (bug 1485676)
Backed out changeset 926f725f2183 (bug 1485676)
Backed out changeset fb03f174bd5f (bug 1485676)
Backed out changeset ceb93dd1799a (bug 1485676)
2018-09-24 15:27:27 +03:00
0b6d93ef4d
Backed out changeset 510e95767aeb (bug 1490874) for security failures in browser/components/payments/test/mochitest/test_basic_card_form.html CLOSED TREE
2018-09-24 11:43:30 +03:00
796f22b354
Bug 1485676 - Rename TabTarget.makeRemote to TabTarget.attach. r=jdescottes
...
Summary:
Now that all the "remoting" of this method has been moved to TargetFactory.createTargetForTab,
we should rename this method to what it does now. It mostly call attach requests
of the target actor and its child console actor.
It also "connect" the webextension target actor, but I would like to eventually move that
outside of TabTarget.attach, like makeRemote.
Depends On D4078
Reviewers: yulia!
Tags: #secure-revision
Bug #: 1485676
Differential Revision: https://phabricator.services.mozilla.com/D6161
MozReview-Commit-ID: KmFi1LIUBga
2018-09-24 01:25:02 -07:00
631e7bfdf9
Bug 1485676 - Connect to local server from TargetFactory.forTab and make TabTarget always remote-like. r=yulia
...
Tags: #secure-revision
Bug #: 1485676
Differential Revision: https://phabricator.services.mozilla.com/D4078
MozReview-Commit-ID: JAwiySsBZBu
2018-09-24 01:25:01 -07:00
0df81cd9f4
Bug 1490874: Log Principal based Security Errors to the Security pane in the console. r=smaug
2018-09-24 09:34:04 +02:00
ad28ad0169
Backed out 9 changesets (bug 1485676) for failing at damp inspector/cold-open.js on a CLOSED TREE
...
Backed out changeset 4de2e71debfe (bug 1485676)
Backed out changeset e63025150c7a (bug 1485676)
Backed out changeset f9ef30ae3f7f (bug 1485676)
Backed out changeset a83636fab16a (bug 1485676)
Backed out changeset b1fd24929e09 (bug 1485676)
Backed out changeset acb27b915742 (bug 1485676)
Backed out changeset ba2157632772 (bug 1485676)
Backed out changeset d1d6b9bc2372 (bug 1485676)
Backed out changeset d7646ea8640b (bug 1485676)
2018-09-22 19:42:04 +03:00
8724260e30
Bug 1485676 - Rename TabTarget.makeRemote to TabTarget.attach. r=jdescottes
...
Summary:
Now that all the "remoting" of this method has been moved to TargetFactory.createTargetForTab,
we should rename this method to what it does now. It mostly call attach requests
of the target actor and its child console actor.
It also "connect" the webextension target actor, but I would like to eventually move that
outside of TabTarget.attach, like makeRemote.
Depends On D4078
Reviewers: yulia!
Tags: #secure-revision
Bug #: 1485676
Differential Revision: https://phabricator.services.mozilla.com/D6161
MozReview-Commit-ID: KmFi1LIUBga
2018-09-22 08:34:21 -07:00
48f5790c9b
Bug 1485676 - Connect to local server from TargetFactory.forTab and make TabTarget always remote-like. r=yulia
...
Tags: #secure-revision
Bug #: 1485676
Differential Revision: https://phabricator.services.mozilla.com/D4078
MozReview-Commit-ID: JAwiySsBZBu
2018-09-22 08:34:20 -07:00
6877b6a75c
Backed out 9 changesets (bug 1485676)for perma failures in devtools/client/canvasdebugger/test/browser_canvas-actor-test-01.js CLOSED TREE
...
Backed out changeset 9f5ec2aa7109 (bug 1485676)
Backed out changeset 0d530c1316a4 (bug 1485676)
Backed out changeset 03278e6fe685 (bug 1485676)
Backed out changeset 275463260056 (bug 1485676)
Backed out changeset 4c5a956b33f7 (bug 1485676)
Backed out changeset d8fe80bb0e3c (bug 1485676)
Backed out changeset 56240996921f (bug 1485676)
Backed out changeset ec0a322f5cc9 (bug 1485676)
Backed out changeset f0f4f9407970 (bug 1485676)
2018-09-21 12:48:48 +03:00
c023333832
Bug 1485676 - Rename TabTarget.makeRemote to TabTarget.attach. r=jdescottes
...
Now that all the "remoting" of this method has been moved to TargetFactory.createTargetForTab,
we should rename this method to what it does now. It mostly call attach requests
of the target actor and its child console actor.
It also "connect" the webextension target actor, but I would like to eventually move that
outside of TabTarget.attach, like makeRemote.
Depends On D4078
Differential Revision: https://phabricator.services.mozilla.com/D6161
--HG--
extra : moz-landing-system : lando
2018-09-21 08:08:11 +00:00
196d295b46
Bug 1485676 - Connect to local server from TargetFactory.forTab and make TabTarget always remote-like. r=yulia
...
Differential Revision: https://phabricator.services.mozilla.com/D4078
--HG--
extra : moz-landing-system : lando
2018-09-21 08:07:48 +00:00
71dcfa26fc
Bug 1485305 - dom/ Ensure loadURI always passes a triggeringPrincipal() r=Nika
...
Differential Revision: https://phabricator.services.mozilla.com/D4557
--HG--
extra : source : 310e601c80a7d6c76b1ee986a7bfb98786150870
extra : intermediate-source : 43b6b33227f000090d6fb8fc20979a54c814918b
2018-08-29 15:47:29 +01:00
1db0587c0e
Backed out 10 changesets (bug 1485305) for browser-chrome failures on docshell/test/browser/browser_loadURI.js. CLOSED TREE
...
Backed out changeset 50439ec01661 (bug 1485305)
Backed out changeset a05e40ef7215 (bug 1485305)
Backed out changeset c99b97b4348b (bug 1485305)
Backed out changeset 75220b2f6669 (bug 1485305)
Backed out changeset e698f2fc1c1a (bug 1485305)
Backed out changeset acce14683c13 (bug 1485305)
Backed out changeset 323773a395cc (bug 1485305)
Backed out changeset 1b74152cabc1 (bug 1485305)
Backed out changeset 4b5c9d5929fc (bug 1485305)
Backed out changeset 238d92348159 (bug 1485305)
2018-09-19 18:47:27 +03:00
b4e3ef054c
Bug 1485305 - dom/ Ensure loadURI always passes a triggeringPrincipal() r=Nika
...
Differential Revision: https://phabricator.services.mozilla.com/D4557
--HG--
extra : source : 546a2e9c719c4162e26ea216148ac0a3ca2ef9ac
2018-08-29 15:47:29 +01:00
18859e6634
Bug 1490977: Assert content privileged about page has CSP. r=smaug
2018-09-19 06:50:23 +02:00
1ee75a928a
Merge inbound to mozilla-central a=merge
2018-09-19 05:18:50 +03:00
9464df5529
Bug 1490793 - Localization DTDs should not be subject to CSP r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D5713
--HG--
extra : moz-landing-system : lando
2018-09-18 08:17:41 +00:00
cfe495e70b
Bug 1490165 - Workers.setTimeout/setInterval must handle CSP rejections, r=ckerschb
2018-09-17 17:53:10 +02:00
d2e647e133
Backed out 10 changesets (bug 1485305)for failing browser chrome tests on browser_loadDisallowInherit.js
...
Backed out changeset 138b8596a9cd (bug 1485305)
Backed out changeset d9f04aeeeef7 (bug 1485305)
Backed out changeset cd063d8afe4e (bug 1485305)
Backed out changeset 2f8a5a03ccb5 (bug 1485305)
Backed out changeset 8085d1eefd7c (bug 1485305)
Backed out changeset 3aaccb374a59 (bug 1485305)
Backed out changeset 3a111e9e5c9c (bug 1485305)
Backed out changeset 61aa1cfb0b01 (bug 1485305)
Backed out changeset bca973d90acc (bug 1485305)
Backed out changeset 4eb33bf25d6f (bug 1485305)
2018-09-18 20:30:07 +03:00
0b01108591
Bug 1489098 - Remove useless use of PromiseFlatString. r=peterv
...
MozReview-Commit-ID: 10JE4PRp8i0
Differential Revision: https://phabricator.services.mozilla.com/D5237
--HG--
extra : moz-landing-system : lando
2018-09-11 17:17:05 +00:00
1008c25689
Bug 1485305 - dom/ Ensure loadURI always passes a triggeringPrincipal() r=Nika
...
Differential Revision: https://phabricator.services.mozilla.com/D4557
--HG--
extra : source : 68ea8072f3c7967ede482e9a087a588a0008df35
2018-08-29 15:47:29 +01:00
fd049cea10
Bug 1492059 - x-frame-options blocking should use NullPrincipal when loading about:blank, r=ckerschb
2018-09-18 16:57:04 +02:00
d3e1e4728d
Backed out changeset b4ac15e18538 (bug 1490977) for assertion failures at build/build/src/dom/base/nsDocument.cpp on a CLOSED TREE
2018-09-18 18:08:03 +03:00
b98d3b1ba2
Bug 1490977: Assert content privileged about page has CSP. r=smaug
2018-09-18 15:27:32 +02:00
3235f6720f
Backed out 10 changesets (bug 1485305) for failures at browser/content/browser.js on a CLOSED TREE
...
Backed out changeset 63c50fd60ae4 (bug 1485305)
Backed out changeset bf0f2adb765e (bug 1485305)
Backed out changeset 721871bb64f1 (bug 1485305)
Backed out changeset e9da73786c5f (bug 1485305)
Backed out changeset e02038177b6b (bug 1485305)
Backed out changeset 35bd32f99f60 (bug 1485305)
Backed out changeset f40900bf8621 (bug 1485305)
Backed out changeset 03632075ac2c (bug 1485305)
Backed out changeset 2fee48378f73 (bug 1485305)
Backed out changeset 6263695b3cb8 (bug 1485305)
2018-09-18 14:46:54 +03:00
c9dd3d1bdb
Bug 1485305 - dom/ Ensure loadURI always passes a triggeringPrincipal() r=Nika
...
Differential Revision: https://phabricator.services.mozilla.com/D4557
--HG--
extra : source : b55b6968de5a1c12e459a4e07a69ca5f46e5b1a1
2018-08-29 15:47:29 +01:00
32627430f6
Bug 1489363 - Replace some string.Append* with AppendLiteral. r=froydnj
...
Depends on D5224
Differential Revision: https://phabricator.services.mozilla.com/D5225
--HG--
extra : moz-landing-system : lando
2018-09-07 22:12:04 +00:00
aa37bde79b
Bug 1489454 - Remove all trailing whitespaces (again) r=Ehsan
...
This also includes moving some files to the regular format.
Differential Revision: https://phabricator.services.mozilla.com/D5249
--HG--
extra : moz-landing-system : lando
2018-09-07 14:47:51 +00:00
6f5be00d2a
Bug 1488628 - Change some nsIWebNavigation method arguments from wstring to AString. r=nika
...
--HG--
extra : rebase_source : a64af3af30b05e6a97b25550e6983121cc47add9
2018-09-05 13:42:16 +10:00
9290eb7909
Bug 1488165 - Remove security.csp.enable_violation_events pref, r=dveditz
2018-09-06 09:05:10 +02:00
9a8512dd92
Bug 1475448 - Add ContentSecurityPolicyParser fuzzing target. r=ckerschb, sr=decoder
2018-08-24 08:30:24 +00:00
3edc601325
Bug 1402247 - Use encoding_rs for XPCOM string encoding conversions. r=Nika,erahm,froydnj.
...
Correctness improvements:
* UTF errors are handled safely per spec instead of dangerously truncating
strings.
* There are fewer converter implementations.
Performance improvements:
* The old code did exact buffer length math, which meant doing UTF math twice
on each input string (once for length calculation and another time for
conversion). Exact length math is more complicated when handling errors
properly, which the old code didn't do. The new code does UTF math on the
string content only once (when converting) but risks allocating more than
once. There are heuristics in place to lower the probability of
reallocation in cases where the double math avoidance isn't enough of a
saving to absorb an allocation and memcpy.
* Previously, in UTF-16 <-> UTF-8 conversions, an ASCII prefix was optimized
but a single non-ASCII code point pessimized the rest of the string. The
new code tries to get back on the fast ASCII path.
* UTF-16 to Latin1 conversion guarantees less about handling of out-of-range
input to eliminate an operation from the inner loop on x86/x86_64.
* When assigning to a pre-existing string, the new code tries to reuse the
old buffer instead of first releasing the old buffer and then allocating a
new one.
* When reallocating from the new code, the memcpy covers only the data that
is part of the logical length of the old string instead of memcpying the
whole capacity. (For old callers old excess memcpy behavior is preserved
due to bogus callers. See bug 1472113.)
* UTF-8 strings in XPConnect that are in the Latin1 range are passed to
SpiderMonkey as Latin1.
New features:
* Conversion between UTF-8 and Latin1 is added in order to enable faster
future interop between Rust code (or otherwise UTF-8-using code) and text
node and SpiderMonkey code that uses Latin1.
MozReview-Commit-ID: JaJuExfILM9
2018-08-14 14:43:42 +03:00
44ce53c72e
Bug 1476592 - Remove the cache from nsCSPContext - part 2 - sendViolationReports parameter, r=ckerschb, r=aosmond
2018-08-01 06:35:24 +02:00
277949ed10
Bug 1476592 - Remove the cache from nsCSPContext - part 1, r=ckerschb
2018-08-01 06:35:21 +02:00
02ba563399
Bug 1463016: Part 5 - Add domWindow property to DocShellTreeItem and update callers to use it. r=nika
...
MozReview-Commit-ID: FRRAdxLHRtG
--HG--
extra : source : 0d69b4fb1ed43751cfcbc0b4f2fe3b6a49bc0494
extra : histedit_source : d0ce31513ffaae2fd7f01f6567a97b6d2d96b797%2Cfff837de7a00fa90809d2c3e755097180dfd56d8
2018-05-20 18:10:16 -07:00
561ccb2ceb
Backed out 2 changesets (bug 1463016, bug 1463291) for geckoview failures
...
Backed out changeset fcfb99baa0f0 (bug 1463291)
Backed out changeset 0d69b4fb1ed4 (bug 1463016)
2018-07-29 03:55:23 +03:00
636f1839e5
Bug 1463016: Part 5 - Add domWindow property to DocShellTreeItem and update callers to use it. r=nika
...
MozReview-Commit-ID: FRRAdxLHRtG
--HG--
extra : rebase_source : 36565ef5e74360aad14062005e5bdab2939e888b
2018-05-20 18:10:16 -07:00
eddde0891e
Bug 1475849 - Refactor worker tests within test_CSP.html r=ckerschb
...
Summary: MozReview-Commit-ID: 8ACGbm2htCF
Reviewers: ckerschb
Reviewed By: ckerschb
Bug #: 1475849
Differential Revision: https://phabricator.services.mozilla.com/D2257
--HG--
extra : rebase_source : 3697cc7c5e73add52936b5ee08c07512e0612511
2018-07-23 18:55:56 +03:00
7937c7c4cc
Bug 1476928 - Remove nsIURI.CloneIgnoringRef and nsIURI.CloneWithNewRef r=JuniorHsu
...
The patch introduces NS_GetURIWithNewRef and NS_GetURIWithNewRef which perform the same function.
Differential Revision: https://phabricator.services.mozilla.com/D2239
--HG--
extra : moz-landing-system : lando
2018-07-23 11:28:47 +00:00
49eaf535cb
Bug 1474537 - CSP 'self' should translate to 'self' and not be resolved to actual self URI. r=dveditz
2018-07-22 18:08:17 +02:00
adac33969a
Bug 1304645: Pass individual CSP errors as categories to web console error messages. r=baku
2018-07-20 19:57:21 +02:00
b5a482c899
Backed out 3 changesets (bug 1475073, bug 1304645, bug 1474537) for failing wpt and mochitest on a CLOSED TREE
...
Backed out changeset 4fbeea69b10d (bug 1475073)
Backed out changeset d3ac68d9ead9 (bug 1304645)
Backed out changeset 113b601a3b59 (bug 1474537)
2018-07-20 14:00:09 +03:00
1de27c0297
Bug 1304645: Pass individual CSP errors as categories to web console error messages. r=baku
2018-07-20 10:42:46 +02:00
f33c5faa8f
Bug 1474537 - CSP 'self' should translate to 'self' and not be resolved to actual self URI. r=dveditz
2018-07-20 10:39:31 +02:00
fc1f4bb4ae
Bug 1476820 - Convert some VarCache prefs in dom/security/ to use StaticPrefs. r=ckerschb
...
Specifically:
- "security.csp.enable"
- "security.csp.experimentalEnabled"
- "security.csp.enableStrictDynamic"
- "security.csp.reporting.script-sample.max-length"
- "security.csp.enable_violation_events"
MozReview-Commit-ID: G1ie4ut9QaK
--HG--
extra : rebase_source : d6b5a0e79eb7046a13a8b4fe957c82c11831c86c
2018-07-19 10:43:29 +10:00
d3cf48d4ba
Bug 1332422 - CSP should not use 'aExtra' to indicate redirects within ContentPolicy, r=ckerschb
...
Instead, let's pass a nsIURI object to indicate when we have to check a
redirect CSP loading.
2018-07-19 13:25:50 +02:00
6c9f589b45
Bug 1476589 - Fix a wrong use of a char16_t string in nsCSPUtils, r=ckerschb
2018-07-19 11:11:43 +02:00
595fee0d91
Bug 1476280 - SecurityPolicyViolationEvent.blockedURI should contain the original URL in case of redirects, r=ckerschb
2018-07-18 16:49:18 +02:00
a053cf1c15
Bug 1476306 - Moving NullPrincipal/ContentPrincipal/SystemPrincipal under mozilla namespace - part 1 - NullPrincipal, r=ckerschb
2018-07-17 21:37:48 +02:00
14262bdc7c
Bug 1418241 - CSP violation: blockedURI inline/eval, r=ckerschb
2018-07-17 11:13:12 +02:00
ceea0172b0
Bug 1473587 - CSP Violation events should have the correct sample for inline contexts, r=jorendorff, r=ckerschb
2018-07-16 17:58:04 +02:00
8fe4d55300
Bug 1472927 - Fix CSP violation events in workers, r=asuth, r=ckerschb
2018-07-10 18:53:03 +02:00
5fff1762ad
Bug 1418236 - Correct EventTarget for CSP violation events, r=ckerschb
2018-07-10 17:40:21 +02:00
33326b442d
Bug 1312864 - Allow redirects for requests that require preflight
...
Reviewers: ckerschb, mrbkap
Reviewed By: ckerschb, mrbkap
Subscribers: ckerschb
Bug #: 1312864
Differential Revision: https://phabricator.services.mozilla.com/D1875
--HG--
extra : rebase_source : 06ae50d91816955ab6bdaa2741ddccb1eb2a3206
2018-07-10 15:48:03 +03:00
11176d20f1
Bug 1473827 - Fix a typo in nsCSPContext related to columnNumber, r=me
2018-07-06 10:28:44 +02:00
9042bfbc94
Bug 1473218 - Implement report-sample support for CSP directives, r=ckerschb
2018-07-06 08:01:49 +02:00
14d462eeb3
Bug 1418246 - Return valid columnNumber value in CSP violation events, r=ckerschb
2018-07-05 08:21:04 +02:00
d8b7fb22e3
Bug 1453751: Load favicons in the content process. r=mak, r=gijs, r=aswan, r=mixedpuppy
...
Summary:
This moves the load of favicons into the content process. We use the same logic
for finding favicons (based on waiting until none have shown up for a short
time) but then load the favicon and convert it to a data uri which we then
dispatch to the parent process. Along the way this fixes asssociating the load
with the tab for WebExtension and devtools, fixes CSP usage for the load, fixes
expiry detection of the favicon and stops us from loading the same resource
twice.
This change also merges the prefs browser.chrome.site_icons and
browser.chrome.favicons leaving just the former controlling favicon loading. It
adds the pref browser.chrome.guess_favicon to allow disabling guessing where
a favicon might be located for a site (at <hostname>/favicon.ico). This is
mainly to allow disabling this in tests where those additional yet automatic
requests are uninteresting for the test.
There are multiple clean-ups that can follow this but this is a first step along
that path.
MozReview-Commit-ID: E0Cs59UnxaF
Reviewers: mak
Tags: #secure-revision
Bug #: 1453751
Differential Revision: https://phabricator.services.mozilla.com/D1672
Differential Revision: https://phabricator.services.mozilla.com/D1673
Differential Revision: https://phabricator.services.mozilla.com/D1674
Differential Revision: https://phabricator.services.mozilla.com/D1850
Differential Revision: https://phabricator.services.mozilla.com/D1869
--HG--
rename : browser/base/content/test/general/browser_bug408415.js => browser/base/content/test/favicons/browser_bug408415.js
rename : browser/base/content/test/general/browser_bug550565.js => browser/base/content/test/favicons/browser_bug550565.js
rename : browser/base/content/test/general/browser_favicon_change.js => browser/base/content/test/favicons/browser_favicon_change.js
rename : browser/base/content/test/general/browser_favicon_change_not_in_document.js => browser/base/content/test/favicons/browser_favicon_change_not_in_document.js
rename : browser/base/content/test/general/browser_subframe_favicons_not_used.js => browser/base/content/test/favicons/browser_subframe_favicons_not_used.js
rename : browser/base/content/test/general/file_bug970276_favicon1.ico => browser/base/content/test/favicons/file_bug970276_favicon1.ico
rename : browser/base/content/test/general/file_bug970276_favicon1.ico => browser/base/content/test/favicons/file_bug970276_favicon2.ico
rename : browser/base/content/test/general/file_bug970276_popup1.html => browser/base/content/test/favicons/file_bug970276_popup1.html
rename : browser/base/content/test/general/file_bug970276_popup2.html => browser/base/content/test/favicons/file_bug970276_popup2.html
rename : browser/base/content/test/general/file_favicon_change.html => browser/base/content/test/favicons/file_favicon_change.html
rename : browser/base/content/test/general/file_favicon_change_not_in_document.html => browser/base/content/test/favicons/file_favicon_change_not_in_document.html
rename : browser/base/content/test/general/file_bug970276_favicon1.ico => browser/base/content/test/favicons/file_generic_favicon.ico
rename : browser/base/content/test/general/file_with_favicon.html => browser/base/content/test/favicons/file_with_favicon.html
extra : rebase_source : 6372b2681a59d267f966e9fa2ca9a54e3ff0cea0
extra : intermediate-source : b11aa832c41ac5beef9065f804d11fb7c9887990
extra : source : 638eb8a41245f6d9932861afda21edd5e0b2618a
2018-06-28 16:06:09 -07:00
51f77cdfc4
Backed out changeset b11aa832c41a (bug 1453751) for Mochitest-15 failures in toolkit/components/extensions/test/mochitest/test_ext_webrequest_filter.html. CLOSED TREE
...
--HG--
rename : browser/base/content/test/favicons/browser_bug408415.js => browser/base/content/test/general/browser_bug408415.js
rename : browser/base/content/test/favicons/browser_bug550565.js => browser/base/content/test/general/browser_bug550565.js
rename : browser/base/content/test/favicons/browser_favicon_change.js => browser/base/content/test/general/browser_favicon_change.js
rename : browser/base/content/test/favicons/browser_favicon_change_not_in_document.js => browser/base/content/test/general/browser_favicon_change_not_in_document.js
rename : browser/base/content/test/favicons/browser_subframe_favicons_not_used.js => browser/base/content/test/general/browser_subframe_favicons_not_used.js
rename : browser/base/content/test/favicons/file_generic_favicon.ico => browser/base/content/test/general/file_bug970276_favicon1.ico
rename : browser/base/content/test/favicons/file_bug970276_popup1.html => browser/base/content/test/general/file_bug970276_popup1.html
rename : browser/base/content/test/favicons/file_bug970276_popup2.html => browser/base/content/test/general/file_bug970276_popup2.html
rename : browser/base/content/test/favicons/file_favicon_change.html => browser/base/content/test/general/file_favicon_change.html
rename : browser/base/content/test/favicons/file_favicon_change_not_in_document.html => browser/base/content/test/general/file_favicon_change_not_in_document.html
rename : browser/base/content/test/favicons/file_with_favicon.html => browser/base/content/test/general/file_with_favicon.html
2018-06-28 23:15:49 +03:00
ae4e60478a
Bug 1453751: Load favicons in the content process. r=mak, r=gijs, r=aswan
...
Summary:
This moves the load of favicons into the content process. We use the same logic
for finding favicons (based on waiting until none have shown up for a short
time) but then load the favicon and convert it to a data uri which we then
dispatch to the parent process. Along the way this fixes asssociating the load
with the tab for WebExtension and devtools, fixes CSP usage for the load, fixes
expiry detection of the favicon and stops us from loading the same resource
twice.
This change also merges the prefs browser.chrome.site_icons and
browser.chrome.favicons leaving just the former controlling favicon loading. It
adds the pref browser.chrome.guess_favicon to allow disabling guessing where
a favicon might be located for a site (at <hostname>/favicon.ico). This is
mainly to allow disabling this in tests where those additional yet automatic
requests are uninteresting for the test.
There are multiple clean-ups that can follow this but this is a first step along
that path.
MozReview-Commit-ID: E0Cs59UnxaF
Reviewers: mak
Tags: #secure-revision
Bug #: 1453751
Differential Revision: https://phabricator.services.mozilla.com/D1672
Differential Revision: https://phabricator.services.mozilla.com/D1673
Differential Revision: https://phabricator.services.mozilla.com/D1674
Differential Revision: https://phabricator.services.mozilla.com/D1850
--HG--
rename : browser/base/content/test/general/browser_bug408415.js => browser/base/content/test/favicons/browser_bug408415.js
rename : browser/base/content/test/general/browser_bug550565.js => browser/base/content/test/favicons/browser_bug550565.js
rename : browser/base/content/test/general/browser_favicon_change.js => browser/base/content/test/favicons/browser_favicon_change.js
rename : browser/base/content/test/general/browser_favicon_change_not_in_document.js => browser/base/content/test/favicons/browser_favicon_change_not_in_document.js
rename : browser/base/content/test/general/browser_subframe_favicons_not_used.js => browser/base/content/test/favicons/browser_subframe_favicons_not_used.js
rename : browser/base/content/test/general/file_bug970276_favicon1.ico => browser/base/content/test/favicons/file_bug970276_favicon1.ico
rename : browser/base/content/test/general/file_bug970276_favicon1.ico => browser/base/content/test/favicons/file_bug970276_favicon2.ico
rename : browser/base/content/test/general/file_bug970276_popup1.html => browser/base/content/test/favicons/file_bug970276_popup1.html
rename : browser/base/content/test/general/file_bug970276_popup2.html => browser/base/content/test/favicons/file_bug970276_popup2.html
rename : browser/base/content/test/general/file_favicon_change.html => browser/base/content/test/favicons/file_favicon_change.html
rename : browser/base/content/test/general/file_favicon_change_not_in_document.html => browser/base/content/test/favicons/file_favicon_change_not_in_document.html
rename : browser/base/content/test/general/file_bug970276_favicon1.ico => browser/base/content/test/favicons/file_generic_favicon.ico
rename : browser/base/content/test/general/file_with_favicon.html => browser/base/content/test/favicons/file_with_favicon.html
extra : rebase_source : 1e72949e4e1012025ccf87642cc239ea5f15217d
extra : source : 638eb8a41245f6d9932861afda21edd5e0b2618a
2018-06-04 12:53:55 -07:00
eb4431c0f5
Backed out changeset 638eb8a41245 (bug 1453751) for frequent linux debug e-10s failures on test_ext_webrequest_filter.html
...
--HG--
rename : browser/base/content/test/favicons/browser_bug408415.js => browser/base/content/test/general/browser_bug408415.js
rename : browser/base/content/test/favicons/browser_bug550565.js => browser/base/content/test/general/browser_bug550565.js
rename : browser/base/content/test/favicons/browser_favicon_change.js => browser/base/content/test/general/browser_favicon_change.js
rename : browser/base/content/test/favicons/browser_favicon_change_not_in_document.js => browser/base/content/test/general/browser_favicon_change_not_in_document.js
rename : browser/base/content/test/favicons/browser_subframe_favicons_not_used.js => browser/base/content/test/general/browser_subframe_favicons_not_used.js
rename : browser/base/content/test/favicons/file_generic_favicon.ico => browser/base/content/test/general/file_bug970276_favicon1.ico
rename : browser/base/content/test/favicons/file_bug970276_popup1.html => browser/base/content/test/general/file_bug970276_popup1.html
rename : browser/base/content/test/favicons/file_bug970276_popup2.html => browser/base/content/test/general/file_bug970276_popup2.html
rename : browser/base/content/test/favicons/file_favicon_change.html => browser/base/content/test/general/file_favicon_change.html
rename : browser/base/content/test/favicons/file_favicon_change_not_in_document.html => browser/base/content/test/general/file_favicon_change_not_in_document.html
rename : browser/base/content/test/favicons/file_with_favicon.html => browser/base/content/test/general/file_with_favicon.html
extra : rebase_source : 77bf32209022e0351c2a3b69affaac4cf33aa9a6
2018-06-26 07:29:35 +03:00
9cbfdc7c2d
Bug 1453751: Load favicons in the content process. r=mak, r=gijs, r=aswan
...
Summary:
This moves the load of favicons into the content process. We use the same logic
for finding favicons (based on waiting until none have shown up for a short
time) but then load the favicon and convert it to a data uri which we then
dispatch to the parent process. Along the way this fixes asssociating the load
with the tab for WebExtension and devtools, fixes CSP usage for the load, fixes
expiry detection of the favicon and stops us from loading the same resource
twice.
This change also merges the prefs browser.chrome.site_icons and
browser.chrome.favicons leaving just the former controlling favicon loading. It
adds the pref browser.chrome.guess_favicon to allow disabling guessing where
a favicon might be located for a site (at <hostname>/favicon.ico). This is
mainly to allow disabling this in tests where those additional yet automatic
requests are uninteresting for the test.
There are multiple clean-ups that can follow this but this is a first step along
that path.
MozReview-Commit-ID: E0Cs59UnxaF
Reviewers: mak
Tags: #secure-revision
Bug #: 1453751
Differential Revision: https://phabricator.services.mozilla.com/D1672
Differential Revision: https://phabricator.services.mozilla.com/D1673
Differential Revision: https://phabricator.services.mozilla.com/D1674
--HG--
rename : browser/base/content/test/general/browser_bug408415.js => browser/base/content/test/favicons/browser_bug408415.js
rename : browser/base/content/test/general/browser_bug550565.js => browser/base/content/test/favicons/browser_bug550565.js
rename : browser/base/content/test/general/browser_favicon_change.js => browser/base/content/test/favicons/browser_favicon_change.js
rename : browser/base/content/test/general/browser_favicon_change_not_in_document.js => browser/base/content/test/favicons/browser_favicon_change_not_in_document.js
rename : browser/base/content/test/general/browser_subframe_favicons_not_used.js => browser/base/content/test/favicons/browser_subframe_favicons_not_used.js
rename : browser/base/content/test/general/file_bug970276_favicon1.ico => browser/base/content/test/favicons/file_bug970276_favicon1.ico
rename : browser/base/content/test/general/file_bug970276_favicon1.ico => browser/base/content/test/favicons/file_bug970276_favicon2.ico
rename : browser/base/content/test/general/file_bug970276_popup1.html => browser/base/content/test/favicons/file_bug970276_popup1.html
rename : browser/base/content/test/general/file_bug970276_popup2.html => browser/base/content/test/favicons/file_bug970276_popup2.html
rename : browser/base/content/test/general/file_favicon_change.html => browser/base/content/test/favicons/file_favicon_change.html
rename : browser/base/content/test/general/file_favicon_change_not_in_document.html => browser/base/content/test/favicons/file_favicon_change_not_in_document.html
rename : browser/base/content/test/general/file_bug970276_favicon1.ico => browser/base/content/test/favicons/file_generic_favicon.ico
rename : browser/base/content/test/general/file_with_favicon.html => browser/base/content/test/favicons/file_with_favicon.html
extra : rebase_source : 53dc0c682bf61d5135fbca172ac5238b414a1771
2018-06-04 12:53:55 -07:00
22ce31c828
Bug 1469150 - Tests added to check scripts with valid nonce is allowed if URL redirects. r=ckerschb
...
Reviewers: ckerschb
Reviewed By: ckerschb
Subscribers: ckerschb
Bug #: 1469150
Differential Revision: https://phabricator.services.mozilla.com/D1721
--HG--
extra : rebase_source : f600e601123f90ad3ab08b4fef6a791183419cd4
extra : amend_source : 854510827f78b43bf40cdbf7d782c25981190cf1
2018-06-22 20:38:05 +03:00
d2f222b912
Bug 1469150 - CSP: Scripts with valid nonce get blocked if URL redirects is fixed r=ckerschb
...
Reviewers: ckerschb
Reviewed By: ckerschb
Subscribers: ckerschb
Bug #: 1469150
Differential Revision: https://phabricator.services.mozilla.com/D1720
--HG--
extra : rebase_source : 2dd2e731426dad07c834b0826c588e6cd23932d5
extra : amend_source : c93b71f04eaedbfbc4831ddabe041fc3d4face92
2018-06-22 20:35:14 +03:00
58828f18c8
Bug 1470295 - Allow save-as download of FTP files on HTTP pages. r=ckerschb
...
--HG--
extra : rebase_source : 0254446f8d477d0214b602b1e7ab2cc8b762d115
2018-06-21 23:31:13 +02:00
df59deb701
Bug 1469536 - Allow the system principal to load FTP subresources. r=ckerschb
...
--HG--
extra : rebase_source : 3b972ef960559af148f934cb95b03cf8cac87948
extra : histedit_source : 2f6e91be2722274bbdc2c2e60dddbe8b3270cf6b
2018-06-19 13:58:41 +02:00
0a2b645117
Bug 1453795 - Dom/Security - Initialize member fields in classes/ structures. r=ckerschb
2018-06-13 23:47:53 +03:00
50b91c0a14
Bug 1405428 - skip-if = verify on mochitests which do not pass test-verify. r=gbrown
2018-06-10 05:01:47 -04:00
4f25cf9dc0
Bug 1402554 - disable test_main.html for frequent failures on quantum-renderer platforms. r=jmaher
2018-06-02 18:37:00 +03:00
fffb25b74f
Bug 1465585: Switch from mozilla::Move to std::move. r=froydnj
...
This was done automatically replacing:
s/mozilla::Move/std::move/
s/ Move(/ std::move(/
s/(Move(/(std::move(/
Removing the 'using mozilla::Move;' lines.
And then with a few manual fixups, see the bug for the split series..
MozReview-Commit-ID: Jxze3adipUh
2018-06-01 10:45:27 +02:00
cd08fcc02b
Bug 1328695 GTests for isOriginPotentiallyTrustworthy, r=ckerschb
2018-05-31 07:51:43 +02:00
fa06a45b28
Bug 1328695 - Use protocol flags to determine if a URI is potentially trustworthy r=ckerschb, r=dveditz, r=mcmanus, r=bz
...
Before this change, the trusted URI schemes, based on a string whitelist, were:
https, file, resource, app, moz-extension and wss.
This change removes "app" from the list (since we don't implement it),
and adds "about" to the list (because we control the delivery of that).
2018-05-31 07:51:42 +02:00
9023e7c7b4
Bug 1446937 - Have ContextForTopLevelLoad return already_AddRefed<nsISupports> within LoadInfo, r=qdot
2018-05-30 21:21:18 +02:00
1273dc5391
Bug 1446933 - Remove 'using namespace mozilla::net' from BackgroundUtils.h, r=qdot
2018-05-30 21:21:17 +02:00
4dbf30fc68
Bug 1446922 - Remove the leading 'a' from variables within the various ::ShouldLoad() implementations, r=qdot
2018-05-30 21:21:17 +02:00
bea3100e53
Bug 1455676 part 14. Remove most use of nsIDOMNode in dom/. r=qdot
2018-05-29 22:58:49 -04:00
074d88de5a
Bug 1460940 - Convert nsIPrincipal to use nsIDocument. r=bz
...
MozReview-Commit-ID: z1TGWtS1KG
--HG--
extra : rebase_source : e5291c40eb017c1e3fd69333ac108dda852fb8cd
2018-05-11 19:46:15 +02:00
0b8777495c
Bug 1456704 - Fix CSP empty directive test by ignoring errors that aren't from CSP. r=ckerschb
...
MozReview-Commit-ID: DOlNKATQSY1
--HG--
extra : rebase_source : 63af38fb97af04847c815d545a12b7befa67171a
2018-05-14 10:44:06 +01:00
737e9338c6
Bug 1456721 - Add automated test to check new CORS console message. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D1144
2018-05-13 14:45:34 -04:00
b5118e1ddf
Bug 1302449 - Remove the "referrer" directive in CSP, r=ckerschb
2018-05-09 13:15:08 +02:00
920a60992c
Bug 1458504 - Move Tokenizer into it's own file so it can be shared by the CSP Parser and the Feature Policy Parser. r=jkt
2018-05-02 16:36:51 +02:00
71422dcaa9
Bug 1457813 - Part 2: Replace non-asserting NS_PRECONDITIONs with MOZ_ASSERTs. r=froydnj
...
s/NS_PRECONDITION/MOZ_ASSERT/ and reindent
MozReview-Commit-ID: KuUsnVe2h8L
--HG--
extra : source : c14655ab3df2c9b1465dd8102b9d25683359a37b
2018-04-28 12:50:58 -07:00
4220b1f019
Bug 1439330 - Test added to check if eval is blocked if 'strict-dynamic' is enabled. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D1011
2018-05-07 15:01:22 -04:00
ea1f6cdedb
Bug 1439330 - Condition added to block eval if only strict-dynamic is present without unsafe-eval keyword. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D859
2018-05-07 14:59:51 -04:00
5a642e8bf6
Bug 1458449 - Allow FTP subresource in FTP documents. r=ckerschb
...
--HG--
extra : rebase_source : 035bd3782abb6deeff4aaf1d227ce7197f9234a6
2018-05-02 13:32:08 +02:00
09f2e3f364
Bug 1353608 - Disabled test_frameNavigation.html on Win7 and Win10. r=jmaher
...
--HG--
extra : histedit_source : e020d87a947376884dae2e796ed1b7b7f50f31da
2018-04-29 00:04:00 +03:00
fc66c485b6
Bug 1456882 - Enable some passing mochitests on linux64-qr. r=jrmuizel
...
MozReview-Commit-ID: 5VIHjwx6A2j
--HG--
extra : rebase_source : d986028cff52ba52a58887225e272bf04ad88de3
2018-04-25 11:29:07 -04:00
59f801793b
Merge inbound to mozilla-central. a=merge
2018-04-25 00:50:59 +03:00
e45c9ffe52
Bug 1456407: Add test for same site cookies using a meta refresh. r=mgoodwin
...
--HG--
extra : rebase_source : ac0ef378dbd480ecd4fdaca6ef6d4a4c2da374f1
2018-04-24 11:08:00 +02:00
be5f3caad5
Bug 1422710 Block opaque tainted requests that do not follow redirects. r=ckerschb
2018-04-23 09:43:36 -07:00
0d79353b7d
Bug 1439425 - Ignore empty CSP directives. r=ckerschb
...
MozReview-Commit-ID: 67Ach2vCs8A
--HG--
rename : dom/security/test/csp/file_self_none_as_hostname_confusion.html => dom/security/test/csp/file_empty_directive.html
rename : dom/security/test/csp/file_self_none_as_hostname_confusion.html^headers^ => dom/security/test/csp/file_empty_directive.html^headers^
rename : dom/security/test/csp/test_self_none_as_hostname_confusion.html => dom/security/test/csp/test_empty_directive.html
extra : rebase_source : 1270d3d1aa8d53389e8708d29d2e363e52c02029
2018-03-06 18:48:26 -08:00
e9186f7449
Merge mozilla-central to inbound. a=merge CLOSED TREE
...
--HG--
rename : testing/mozharness/mozharness/mozilla/testing/verify_tools.py => testing/mozharness/mozharness/mozilla/testing/per_test_base.py
2018-04-20 01:38:32 +03:00
f1f4e87948
Bug 1454813: Part 1b - Stop automatically exposing Task singleton to browser tests. r=florian
...
Now that Task.jsm is deprecated and add_task no longer accepts generators, it
doesn't make sense to continue making this automatically available in test
scopes.
MozReview-Commit-ID: AckO5nnFngG
--HG--
extra : rebase_source : 826b7cce67d9ab000d6385663c543bc72eef174b
2018-04-19 14:52:47 -07:00
708b70167e
Bug 1455162 - Test about: URLs with and without same-site.enabled. r=ckerschb
...
MozReview-Commit-ID: Wi8SXkGIci
--HG--
extra : rebase_source : 88305c0be0117e538bd996626aace14a5a952749
2018-04-18 17:01:01 -07:00
12b47687b7
Merge mozilla-central to mozilla-inbound. CLOSED TREE
2018-04-18 14:09:24 +03:00
374b919ce6
Merge inbound to mozilla-central a=merge
2018-04-18 13:44:22 +03:00
0d9a8521e4
Bug 1454721 - Add same-site cookie test for about:blank and about:srcdoc. r=dveditz
2018-04-18 10:27:28 +02:00
e9579ce027
Bug 1454027 - Test SameSite cookie handling inside iframes.r=mgoodwin
2018-04-17 18:26:15 +02:00
3f98737f56
Bug 1454460 - Hoist SRI helper into Loader.cpp. r=bz
...
MozReview-Commit-ID: 2wgVAJDgHDl
2018-04-17 16:27:09 -07:00
055086766b
Bug 1454460 - Buffer the potentially-BOM-related bytes separately and handle them on the fly. r=bz
...
MozReview-Commit-ID: 5zrKyadBppO
2018-04-17 16:27:08 -07:00
805cb19c1d
Merge mozilla-central to autoland. a=merge CLOSED TREE
2018-04-17 01:45:58 +03:00
4faa99b475
Bug 1454242: Test samesite cookie on top-level page from cross-origin context. r=mgoodwin
2018-04-16 08:51:33 +02:00
15cc8023f7
Bug 1453814: Test redirects and same-site cookies. r=mgoodwin on a CLOSED TREE
...
--HG--
extra : source : 86a4c50c98f64dd8b86900274147e7ca2855e586
extra : amend_source : 299c2c905d56933681fa4445e6f76c7b473998f5
2018-04-13 15:42:12 +02:00
c98766975d
Backed out 2 changesets (bug 1453814) for failing dom/base/test/chrome/test_bug884693.xul on a CLOSED TREE
...
Backed out changeset 86a4c50c98f6 (bug 1453814)
Backed out changeset 4d37ff0c232e (bug 1453814)
2018-04-13 20:19:39 +03:00
804d7c0625
Bug 1453814: Test redirects and same-site cookies. r=mgoodwin
2018-04-13 15:42:12 +02:00
0819f35e51
Backed out 4 changesets (bug 525063) on request from Andi. a=backout
...
Backed out changeset 516c4fb1e4b8 (bug 525063)
Backed out changeset 6ff8aaef2866 (bug 525063)
Backed out changeset bf13e4103150 (bug 525063)
Backed out changeset d7d2f08e051c (bug 525063)
2018-04-13 16:01:28 +03:00
d8d0197f4e
Bug 1452496: Test for discarding same-site cookies using inline scripts in cross origin context. r=mgoodwin
2018-04-12 12:53:48 +02:00
3117bd6483
Bug 1452496: Test for discarding same-site cookie in cross site context. r=mgoodwin
2018-04-12 12:53:33 +02:00
29ba7b4974
Merge mozilla-central to mozilla-inbound. a=merge on a CLOSED TREE
2018-04-11 17:40:37 +03:00
a3a77c0312
Bug 525063 - Initialize uninitialized class attributes in m-c. r=ehsan
2018-04-10 21:11:02 +02:00
719a001ee1
Backed out 2 changesets (bug 1452496) for bustage on build/src/netwerk/test/TestNamedPipeService.cpp on a CLOSED TREE
...
Backed out changeset 071ecf5e3680 (bug 1452496)
Backed out changeset 8bf36c469e22 (bug 1452496)
2018-04-10 19:22:01 +03:00
818bd556c8
Bug 1452496: Test for diiscarding same-site cookie in cross site context. r=mgoodwin
2018-04-10 17:18:04 +02:00
8ac645b0cd
Bug 1452699 - Add a temporary pref to disable same-site cookies. r=ckerschb,valentin
...
MozReview-Commit-ID: LRnaSmdSgVW
--HG--
extra : rebase_source : 9dd301f4d49b0fe6f81531d81bac2466032cc3a3
2018-04-13 18:52:28 -07:00
b3433d151f
Bug 1452699 - Work-around caching issues in test_same_site_cookies_*. r=ckerschb
...
MozReview-Commit-ID: cTH2uyPMTA
--HG--
extra : rebase_source : e17cf902fe4df3fb209805f02838a0c01ab032be
2018-04-13 18:49:58 -07:00
f6a05ddbd5
Bug 1427726 - remove support for remote JAR files, r=michal
...
MozReview-Commit-ID: H7aaTmj3FI1
--HG--
rename : modules/libjar/test/mochitest/bug403331.zip => modules/libjar/test/mochitest/bug1173171.zip
rename : modules/libjar/test/mochitest/bug403331.zip^headers^ => modules/libjar/test/mochitest/bug1173171.zip^headers^
extra : rebase_source : 30a8e937840bbfed5fe7e66202a5d2893b19c037
2018-02-07 13:54:39 +00:00
f9b34d3781
Backed out 5 changesets (bug 1427726) for failing linux asan at modules/libjar/test/unit/test_bug407303.js on a CLOSED TREE
...
Backed out changeset ee9abd6f1ba5 (bug 1427726)
Backed out changeset b1b76f9dff73 (bug 1427726)
Backed out changeset f41cf7811770 (bug 1427726)
Backed out changeset cb35e7b10235 (bug 1427726)
Backed out changeset 753ece6c9f1b (bug 1427726)
--HG--
rename : modules/libjar/test/mochitest/bug1173171.zip => modules/libjar/test/mochitest/bug403331.zip
rename : modules/libjar/test/mochitest/bug1173171.zip^headers^ => modules/libjar/test/mochitest/bug403331.zip^headers^
2018-04-11 12:46:20 +03:00
1f5038413e
Bug 1427726 - remove support for remote JAR files, r=michal
...
MozReview-Commit-ID: H7aaTmj3FI1
--HG--
rename : modules/libjar/test/mochitest/bug403331.zip => modules/libjar/test/mochitest/bug1173171.zip
rename : modules/libjar/test/mochitest/bug403331.zip^headers^ => modules/libjar/test/mochitest/bug1173171.zip^headers^
extra : rebase_source : 0fbe2ed07a3ccdb3693973e966e1ea3e43dd1623
2018-02-07 13:54:39 +00:00
b0dadb57b5
Bug 1452701 - Add pref to allow FTP subresources. r=ckerschb
...
--HG--
extra : rebase_source : 571060a866cc46ab253b0718d33dcbbd0f7e0a87
2018-04-09 21:07:01 +02:00
1c93e06911
Bug 1286861: Add tests for same site top-level. r=mgoodwin
2018-04-08 19:53:08 +02:00
fc9d4babcc
Bug 1286861: Add tests for same site subrequests. r=mgoodwin
2018-04-08 19:52:49 +02:00
b12501054b
Bug 1404744 - Check for FTP subresource after applying CSP. r=ckerschb
...
--HG--
extra : rebase_source : 642ba0d40d6b1d2e7ef85fdc52dffa72b5a24f5b
extra : histedit_source : 117afa5310977211fd18007e5ed7d2991a8b8837
2018-04-06 00:27:02 +02:00
4292bca4ee
Bug 1449631 part 6. Remove nsIDOMEventTarget::DispatchEvent. r=smaug
...
MozReview-Commit-ID: 8YMgmMwZkAL
2018-04-05 13:42:41 -04:00
f2161b8a15
Bug 1404744 - Simple sub-resource only test. r=ckerschb
...
--HG--
extra : rebase_source : b9f35ec37ae00eb4c3a8d3fbcb3eb0e488351527
2018-04-01 20:07:06 +02:00
8e3324212f
Bug 1404744 - Block loading FTP as a subresource everywhere. r=ckerschb
...
--HG--
extra : rebase_source : 479f1b7f55c3133c7f46c1a343a394fef15e9f59
2018-03-26 21:05:08 +02:00
27171aed4f
Bug 1236222 - CSP: Blocked URI should be empty for inline violations. r=ckerschb
...
MozReview-Commit-ID: 6bMAVJl9RTG
--HG--
extra : rebase_source : e2cceb777ac659f7fd1a84f6d8408dc7e7179a35
2018-03-08 16:23:03 -08:00
e2dffad4ac
Bug 1448500: Add speculative request content policy type. r=bz, r=kmag
...
Adds a new TYPE_SPECULATIVE to nsIContentPolicy uses it as the type for
speculative connection channels from the IO service. I believe I've added it to
all the content policies in tree to make sure it behaves the same as TYPE_OTHER
used to.
The webextension test shows that the webextension proxy API sees speculative
lookups requested through the IO service.
MozReview-Commit-ID: DQ4Kq0xdUOD
--HG--
extra : rebase_source : d9460fdac118bc68f0db79749a16f181b580f2e7
2018-03-23 15:27:08 -07:00
109ffb9beb
Bug 1420680: Remove the mechanism to buffer CSP violations. r=bz
...
With the previous patch it's unused.
MozReview-Commit-ID: 4EKufeNu0Jz
2018-04-03 16:22:51 +02:00
c6574d2c99
Bug 1400487 - Move img src declaration after onload and onerror declaration in file_meta_element.html. r=ckerschb
2018-03-29 15:22:53 -04:00
4197b7d96d
Bug 1439713 - Update tests relying on nsIContentPolicy. r=bz
2018-03-29 11:14:58 +02:00
a929955d1f
Bug 1439713 - Change nsIContentPolicy shouldLoad to take an <uri, loadInfo> pair instead of the various args. r=bz
2018-03-29 12:16:23 +02:00
302a55b534
Merge inbound to mozilla-central. a=merge
2018-03-27 12:12:57 +03:00
eaa2f6b46b
Bug 1395114 - Remove nsIUnicharStreamLoader. r=emilio,michal
...
MozReview-Commit-ID: ECKNnJt80oK
--HG--
extra : rebase_source : 6f09937e0648c65d035dfb4935d6e9a06d0223df
2018-03-26 12:45:31 +03:00
42549de27c
Bug 1440582 - Add CSP test with default-src 'none' that uses window.open() r=ckerschb
...
--HG--
extra : amend_source : 1d5a5367f7eabaa06fb7a75216eaca892be1b1e7
2018-03-26 18:33:43 +03:00
24cafeec62
Bug 1416045. r=mayhemer CLOSED TREE
...
Reviewers: mayhemer
Reviewed By: mayhemer
Subscribers: freddyb, dveditz, mayhemer, ckerschb, vinoth
Tags: PHID-PROJ-wkydohdk6pajyfn2llkb
Bug #: 1416045
Differential Revision: https://phabricator.services.mozilla.com/D675
--HG--
extra : rebase_source : 65fb235d787b6955da1433ea2ffd56082cab0b30
extra : amend_source : affac492394597daf9b3294d4aca2f61bc27fc73
2018-03-22 21:02:16 +02:00
c28a0c2d53
Bug 1414541 - Intermittent failure fixed for toplevel data: URI. r=ckerschb
2018-03-21 17:18:00 -04:00
28c7245f64
Bug 1391823 - Don't run |finish() called multiple times| for dom/security/test/mixedcontentblocker/test_frameNavigation.html. r=ckerschb
...
Reviewers: ckerschb
Reviewed By: ckerschb
Subscribers: ckerschb
Bug #: 1391823
Differential Revision: https://phabricator.services.mozilla.com/D562
--HG--
extra : rebase_source : 0ff9fc78d2ca00c2c347f14167de34e31ded1967
extra : amend_source : f2a350607bb0645e3140b51cc57353a50f7c2261
2018-03-19 12:00:55 +02:00
1adba8c1fc
Bug 1442465 - Part 4.2: Stop unnecessarily awaiting on BrowserTestUtils.removeTab (simple part). r=dao
2018-03-19 11:16:45 +09:00
10ebc30d5d
Bug 1440701 - Adding in telemetry for upgrading display content. r=ckerschb,valentin
...
MozReview-Commit-ID: 7oEIith4Ehv
--HG--
extra : rebase_source : 454d56277aa5dc08bf8cfd7cd9c1e24d31014838
2018-03-04 14:33:33 +00:00
5784769019
Bug 1443079 - nsScriptError.isFromPrivateWindow must match the correct value also in e10s mode, r=smaug
2018-03-13 06:40:38 +01:00
aebd2b4f26
Bug 1391823 - Disable dom/security/test/mixedcontentblocker/test_frameNavigation.html for frequent failures. r=jmaher
2018-03-03 05:16:00 +02:00
118e03a936
merge mozilla-central to mozilla-inbound
2018-03-01 20:32:20 +02:00
61d400da1c
Merge inbound to mozilla-central. a=merge
2018-03-01 19:29:00 +02:00
f58841a715
Tests updated/added for bug 1382359 r=ckerschb CLOSED TREE
2018-03-01 10:13:22 +01:00
dd4fb3ba9f
Bug 1382359: Treat .onion as a secure context
...
Websites which collect passwords but don't use HTTPS start showing scary
warnings from Firefox 51 onwards and mixed context blocking has been
available even longer.
.onion sites without HTTPS support are affected as well, although their
traffic is encrypted and authenticated. This patch addresses this
shortcoming by making sure .onion sites are treated as potentially
trustworthy origins.
The secure context specification
(https://w3c.github.io/webappsec-secure-contexts/ ) is pretty much focused
on tying security and trustworthiness to the protocol over which domains
are accessed. However, it is not obvious why .onion sites should not be
treated as potentially trustworthy given:
"A potentially trustworthy origin is one which a user agent can
generally trust as delivering data securely.
This algorithms [sic] considers certain hosts, scheme, and origins as
potentially trustworthy, even though they might not be authenticated and
encrypted in the traditional sense."
(https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy )
We use step 8 in the algorithm to establish trustworthiness of .onion
sites by whitelisting them given the encrypted and authenticated nature
of their traffic.
2018-03-01 09:44:30 +01:00
fc42b2fa73
Bug 1355166 - Remove remote newtab's dead code. r=ursula
2018-02-28 16:44:00 +02:00
8ea55ce28a
Bug 1382606 - Switch webconsole to new event-emitter; r=Honza.
...
MozReview-Commit-ID: HBogPeOI7WM
--HG--
extra : rebase_source : 4ad1fb922ffc818d175ae3c09820ce31ba416487
2018-02-23 09:10:36 +01:00
c714053d73
Bug 1433175 - scripted patch to replace Components.classes[, Components.interfaces.nsI, Components.utils. and Components.results. with Cc, Ci, Cu and Cr, r=Mossop.
2018-02-28 18:51:33 +01:00
84b854ce2c
Bug 1433958 - Change code that sets nsIURI.userPass to use nsIURIMutator r=mayhemer
...
* Code in XMLHttpRequestMainThread is converted to set the username and password individually. This is because when the parameters are empty, it ended up calling SetUserPass(":") which always returns an error.
MozReview-Commit-ID: 3cK5HeyzjFE
--HG--
extra : rebase_source : f34400c11245d88648b0ae9c196637628afa9517
2018-02-26 20:43:46 +01:00
e8f5150467
Bug 1439444: resource and chrome images and styles should not be subject to CSP. r=gijs
2018-03-01 13:45:04 +01:00
eab7568bd9
Bug 1441794 - Add deprecation warning to passive OBJECT_SUBREQUEST loads. r=ckerschb
...
MozReview-Commit-ID: 3j2t5FDZFmp
--HG--
extra : rebase_source : f18623e42ba4fd54335d26536e4d40deab15c584
2018-02-28 13:56:35 +00:00
2a77281049
Merge mozilla-central to autoland. a=merge CLOSED TREE
2018-02-21 19:30:44 +02:00
a6c1ffb498
Bug 1434357: Exempt Web Extensions from insecure redirects to data: URIs. r=kmag,mayhemer
2018-02-18 19:52:52 +01:00
8afc412494
Bug 1435733 - Upgrade mixed display content pref. r=baku,ckerschb,francois,mayhemer
...
MozReview-Commit-ID: ETIgVF3zhRu
--HG--
extra : rebase_source : e4c59f50584158f4b31527347b10424b56692fa1
2018-02-05 15:37:27 +00:00
1407489a4b
Bug 1432358: Make resource URIs subject to CSP. r=gijs
...
--HG--
extra : source : 60852dec9e041887bea80313a70ad2a4cba745a6
extra : intermediate-source : 91c948c94506089d6f40dc59d13c75ab78ce914d
2018-01-25 14:20:31 +01:00
a6cab8c4e8
Backed out 4 changesets (bug 1432358) for failing xpcshell's test_ext_contentscript_triggeringPrincipal.js
...
Backed out changeset ef7b8eef07c1 (bug 1432358)
Backed out changeset 2fa11c525da3 (bug 1432358)
Backed out changeset a67e95bd0ccf (bug 1432358)
Backed out changeset 91c948c94506 (bug 1432358)
2018-02-12 19:58:28 +02:00
6575d66c41
Bug 1432358: Make resource URIs subject to CSP. r=gijs
...
--HG--
extra : source : 60852dec9e041887bea80313a70ad2a4cba745a6
2018-01-25 14:20:31 +01:00
b7bb86d0d4
Bug 1436184 - Remove definitions of Ci, Cr, Cc, and Cu from httpd.js and .sjs files. r=florian
...
MozReview-Commit-ID: IKKb9zr2OSf
--HG--
extra : rebase_source : 72d949405c18e6d421422e7865182352eee0c407
2018-02-06 15:03:13 -08:00
5dec0e0beb
Bug 1432992, part 1 - Remove definitions of Ci, Cr, Cc, and Cu. r=florian
...
This patch was autogenerated by my decomponents.py
It covers almost every file with the extension js, jsm, html, py,
xhtml, or xul.
It removes blank lines after removed lines, when the removed lines are
preceded by either blank lines or the start of a new block. The "start
of a new block" is defined fairly hackily: either the line starts with
//, ends with */, ends with {, <
Coroiu Cristina
Mark Banner
Jeff Walden
Natalia Csoregi
Ciure Andrei
Ehsan Akhgari
Andrea Marchesini
Sylvestre Ledru
Narcis Beleuzu
Brindusan Cristian
Kyle Machulis
Cosmin Sabou
Andreea Pavel
Christoph Kerschbaumer
Ted Campbell
arthur.iakab
Valentin Gosu
Julian Descottes
Gabriele Svelto
Brad Werth
Jonathan Kingston
Frederik Braun
vinoth
Gurzau Raul
Andrew McCreight
Noemi Erli
Tiberius Oros
Alexandre Poirot
shindli
Timothy Guan-tin Chien
Henri Sivonen
Mike Hommey
Nicholas Nethercote
Thomas P.
Kris Maglione
Thomas Nguyen
Dave Townsend
Tom Schuster
Andi-Bogdan Postelnicu
Joel Maher
Emilio Cobos Álvarez
Kate McKinley
Boris Zbarsky
Adrian Wielgosik
Chris Peterson
Kartikaya Gupta
Ben Kelly
Francois Marier
Dorel Luca
Bobby Holley
Sebastian Hengst
Tristan Bourvon
Gijs Kruitbosch
Bogdan Tara
Vinothkumar Nagasayanan
Tooru Fujisawa
Cristian Brindusan
Georg Koppen
Adam Kasztenny
Nicolas Chevobbe
Florian Quèze