Граф коммитов

2043 Коммитов

Автор SHA1 Сообщение Дата
Marco Bonardo cff612c7b4 Bug 1586681 - Ensure URIFIxup uses the right engine when there's a separate PB engine. r=Standard8,Gijs
Add a new FIXUP_FLAG_PRIVATE_CONTEXT to nsIURIFixup, make it use the default
private search engine when it's set.
Update consumers to pass the new flag when necessary.

Differential Revision: https://phabricator.services.mozilla.com/D48741

--HG--
extra : moz-landing-system : lando
2019-10-12 12:37:51 +00:00
Tom Ritter 23ba7b6fe3 Bug 1583949 - Add a check for IsEvalAllowed to the worker callpath for eval() r=ckerschb,baku
This patch does several things.  Because Workers aren't on the main thread,
many of the things done are in the name of off main thread access.

1) Changes a parameter in IsEvalAllowed from a nsIPrincipal to a bool.
   We only used the principal to determined if it was the System Principal.
   Principals aren't thread safe and can only be accessed on Main Thread, so
   if we passed a Principal in, we would be in error. Instead only pass in
   the bool which - for workers - comes from a thread-safe location.

2) Separates out the Telemetry Event Recording and sending a message to the
   console into a new function nsContentSecurityUtils::NotifyEvalUsage. (And
   creates a runnable that calls it.)

   We do this because we will need to only call this method on the main thread.

   Telemetry Event Recording has only ever been called on the Main Thread.
   While I possibly-successfully cut it over to happen Off Main Thread (OMT)
   by porting preferences to StaticPrefs, I don't know if there were other
   threading assumptions in the Telemetry Code. So it would be much safer to
   just continue recording Event Telemetry on the main thread.

   Sending a message to the console requires calling GetStringBundleService()
   which requires main thread. I didn't investigate if this could be made
   thread-safe, I just threw it onto the main thread too.

   If, in IsEvalAllowed, we are on the main thread - we call NotifyEvalUsage
   directly. If we are not, we create a runnable which will then call
   NotifyEvalUsage for us on the main thread.

3) Ports allow_eval_with_system_principal and allow_eval_in_parent_process
   from bools to RelaxedAtomicBool - because we now check these prefs OMT.

4) In RuntimeService.cpp, adds the call to IsEvalAllowed.

5) Add resource://gre/modules/workers/require.js to the allowlist of eval
   usage. This was the script that identified this gap in the first place.
   It uses eval (twice) for structural reasons (scope and line number
   massaging.)  The contents of the eval are the result of a request to a
   uri (which may be internal, like resource://). The whole point of this
   is to implement a CommonJS require() api.

   This usage of eval is safe because the only way an attacker can inject
   into it is by either controlling the response of the uri request or
   controlling (or appending to) the argument. If they can do that, they
   are able to inject script into Firefox even if we cut this usage of eval
   over to some other type of safe(r) script loader.

   Bug 1584564 tracks making sure calls to require.js are safe.

6) Adds cld-worker.js to the allowlist. Bug 1584605 is for refactoring that
   eval usage, which is decidedly non-trivial.

7) Does _not_ enforce the eval restrictions for workers. While I've gotten
   try to be green and not throw up any instances of eval-usage by workers,
   it is much safer to deploy this is Telemetry-only mode for Workers for
   a little bit to see if anything pops up from the Nightly population.

   Bug 1584602 is for enforcing the checks.

Differential Revision: https://phabricator.services.mozilla.com/D47480

--HG--
extra : moz-landing-system : lando
2019-10-08 17:31:35 +00:00
Johann Hofmann c9dbb0c14e Bug 1554805 - Never set firstPartyDomain on origin attributes for moz-extension. r=rpl,Ehsan,tjr
Differential Revision: https://phabricator.services.mozilla.com/D47425

--HG--
extra : moz-landing-system : lando
2019-10-06 15:43:39 +00:00
Tom Ritter 117e232bdc Bug 1576254 - Add isSystemOrAddonPrincipal to JSPrincipal and nsJSPrincipals r=luke
Finally, here we add the virtual method isSystemOrAddonPrincipal to the
JSPrincipal object.

We also add it to nsJSPrincipal (where it has an easy implementation), and
to carry classes that are used by JS tests and the shell.

Differential Revision: https://phabricator.services.mozilla.com/D47477

--HG--
extra : moz-landing-system : lando
2019-10-04 17:37:36 +00:00
Sebastian Streich 1aa0b1244d Bug 1583871 Refactor ThirdpartyUtil.cpp r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D47099

--HG--
extra : moz-landing-system : lando
2019-10-02 15:10:40 +00:00
Ehsan Akhgari 7ddd78221e Bug 1577298 - Do not stop at the current document when computing the top-level principal for storage partitioning; r=baku
Differential Revision: https://phabricator.services.mozilla.com/D47339

--HG--
rename : toolkit/components/antitracking/test/browser/browser_subResources.js => toolkit/components/antitracking/test/browser/browser_subResourcesPartitioned.js
extra : moz-landing-system : lando
2019-09-27 14:05:13 +00:00
Sebastian Streich d53a4d8d9a Bug 1580782 - Expose SchemeIs on nsIPrincipal r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D45653

--HG--
extra : moz-landing-system : lando
2019-09-26 10:47:03 +00:00
Johann Hofmann ac725e0bf7 Bug 1583233 - Add MOZ_DBG support for nsIPrincipal. r=nika
Differential Revision: https://phabricator.services.mozilla.com/D46796

--HG--
extra : moz-landing-system : lando
2019-09-24 07:56:40 +00:00
Tom Ritter c2e992ed6e Bug 1570681 - Enforce eval restrictions in system contexts and the parent process r=ckerschb
We log to MOZ_LOG, report an error to the console, send telemetry, and in debug builds - crash

Differential Revision: https://phabricator.services.mozilla.com/D45055

--HG--
extra : moz-landing-system : lando
2019-09-19 02:32:41 +00:00
Tom Ritter 9621f537b0 Bug 1570681 - Move Eval testing logic from nsContentSecurityManager to nsContentSecurityUtils r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D45484

--HG--
extra : moz-landing-system : lando
2019-09-18 19:36:31 +00:00
Karl Tomlinson fb83797145 Bug 1578623 implement WorkletPrincipals::write() r=bzbarsky
Differential Revision: https://phabricator.services.mozilla.com/D44605

--HG--
extra : moz-landing-system : lando
2019-09-09 00:41:50 +00:00
Andrea Marchesini 41fd92503f Bug 1579357 - Check the arguments in BasePrincipal XPCOM methods, r=jkt
Differential Revision: https://phabricator.services.mozilla.com/D45001

--HG--
extra : moz-landing-system : lando
2019-09-09 16:45:29 +00:00
Noemi Erli d988a687b9 Backed out 9 changesets (bug 1578623) for causing Windows build bustages CLOSED TREE
Backed out changeset 52a86c60c866 (bug 1578623)
Backed out changeset e4fddd3d24b4 (bug 1578623)
Backed out changeset 65a7c4daec27 (bug 1578623)
Backed out changeset 3badf9215788 (bug 1578623)
Backed out changeset 71e58ee8f684 (bug 1578623)
Backed out changeset 0128e12a910f (bug 1578623)
Backed out changeset 8242877392bd (bug 1578623)
Backed out changeset 6d7be8a22f8b (bug 1578623)
Backed out changeset 3be609a9be36 (bug 1578623)

--HG--
extra : amend_source : b76d374926d247982773b58d12cb26e33d9972e8
2019-09-09 03:37:09 +03:00
Karl Tomlinson 18d04e5d8f Bug 1578623 implement WorkletPrincipals::write() r=bzbarsky
Differential Revision: https://phabricator.services.mozilla.com/D44605

--HG--
extra : moz-landing-system : lando
2019-09-06 02:10:31 +00:00
Karl Tomlinson 6b19f33045 Bug 1578623 create worklet global with JSPrincipals having reference to WorkletImpl r=baku,bzbarsky
This will permit implementation of JSPrincipals::write().

Differential Revision: https://phabricator.services.mozilla.com/D44604

--HG--
rename : dom/worklet/WorkletPrincipal.cpp => dom/worklet/WorkletPrincipals.cpp
rename : dom/worklet/WorkletPrincipal.h => dom/worklet/WorkletPrincipals.h
extra : moz-landing-system : lando
2019-09-06 02:01:44 +00:00
Nicholas Nethercote 5e22e64603 Bug 1573720 - Convert security.view-source.reachable-from-inner-protocol to a static pref. r=bzbarsky
Differential Revision: https://phabricator.services.mozilla.com/D41912

--HG--
extra : moz-landing-system : lando
2019-08-15 05:29:35 +00:00
Sylvestre Ledru 645f2d5773 Bug 1519636 - Reformat recent changes to the Google coding style r=Ehsan
# ignore-this-changeset

Differential Revision: https://phabricator.services.mozilla.com/D41559

--HG--
extra : moz-landing-system : lando
2019-08-13 07:15:25 +00:00
Brendan Dahl 0a8d6f243d Bug 1551344 - Part 2: Update outdated comments referencing XULDocument. r=smaug
Differential Revision: https://phabricator.services.mozilla.com/D41239

--HG--
extra : moz-landing-system : lando
2019-08-09 17:47:41 +00:00
Gabriele Svelto e71120d4fe Bug 1572229 - Use modern jsoncpp readers/writers when (de)serializing principals r=jkt
Differential Revision: https://phabricator.services.mozilla.com/D41088

--HG--
extra : moz-landing-system : lando
2019-08-08 22:39:07 +00:00
Ehsan Akhgari 1676b3dd3c Bug 1572258 - Prevent concurrent instances of TemporaryAccessGrantObserver from being created for the same (principal, permission type) pair; r=baku
Differential Revision: https://phabricator.services.mozilla.com/D41115

--HG--
extra : moz-landing-system : lando
2019-08-08 22:00:44 +00:00
Coroiu Cristina 73cc2c909a Backed out changeset b7a4b4f41c3b (bug 1572258) for causing leaks on a CLOSED TREE 2019-08-08 21:41:19 +03:00
Ehsan Akhgari 75723b9e3d Bug 1572258 - Prevent concurrent instances of TemporaryAccessGrantObserver from being created for the same (principal, permission type) pair; r=baku
Differential Revision: https://phabricator.services.mozilla.com/D41115

--HG--
extra : moz-landing-system : lando
2019-08-08 15:17:59 +00:00
Tom Schuster 0e913c22c4 Bug 1558915 - Use infallible nsIURI::SchemeIs in various places r=Ehsan
Differential Revision: https://phabricator.services.mozilla.com/D40677

--HG--
extra : moz-landing-system : lando
2019-08-07 19:49:40 +00:00
Cosmin Sabou c3430326e6 Backed out changeset ca88862d6b63 (bug 1558915) for causing build bustages on StartupCacheUtils. CLOSED TREE 2019-08-07 13:20:32 +03:00
Tom Schuster 8bc1f5ada8 Bug 1558915 - Use infallible nsIURI::SchemeIs in various places r=Ehsan
Differential Revision: https://phabricator.services.mozilla.com/D40677

--HG--
extra : moz-landing-system : lando
2019-08-07 09:36:56 +00:00
Razvan Maries eedbf1137f Backed out changeset b197ca57677a (bug 1558915) for build bustages. CLOSED TREE 2019-08-07 01:04:43 +03:00
Tom Schuster 03c7998ef2 Bug 1558915 - Use infallible nsIURI::SchemeIs in various places r=Ehsan
Differential Revision: https://phabricator.services.mozilla.com/D40677

--HG--
extra : moz-landing-system : lando
2019-08-06 20:19:41 +00:00
Tom Ritter 20c32a0175 Bug 1570738 - Record Telemetry if eval() is used in the Parent Process r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D40332

--HG--
extra : moz-landing-system : lando
2019-08-06 19:56:23 +00:00
Tom Ritter ef67c0b08b Bug 1567623 - Update AssertEvalNotUsingSystemPrincipal and re-enable it r=ckerschb
We now correctly handle the following cases:
 - Thunderbird
 - the Browser Toolbox/Console
 - Two safe and common idioms
 - when general.config.filename is set and userChromeJS does shenanigans

We also change the function to only crash in Debug mode, and for Release channels
we report diagnostic information in a way that does not reveal user data.

Differential Revision: https://phabricator.services.mozilla.com/D39557

--HG--
extra : moz-landing-system : lando
2019-08-01 20:45:01 +00:00
Nicholas Nethercote c27392026e Bug 1570212 - Convert security.all_resource_uri_content_accessible to a static pref. r=tjr
Differential Revision: https://phabricator.services.mozilla.com/D40004

--HG--
extra : moz-landing-system : lando
2019-08-01 06:01:40 +00:00
Nicholas Nethercote c0069262ff Bug 1570212 - Convert privacy.firstparty.isolate* prefs to static prefs. r=tjr
Differential Revision: https://phabricator.services.mozilla.com/D40001

--HG--
extra : moz-landing-system : lando
2019-08-01 06:00:22 +00:00
Eugen Sawin 532f60a55d Bug 1501108 - [1.7] Add GeckoView Session Context ID support. r=snorp,baku,mayhemer
Differential Revision: https://phabricator.services.mozilla.com/D19182

--HG--
extra : moz-landing-system : lando
2019-07-21 17:18:37 +00:00
Tom Ritter 87cbad22ea Bug 1564527 - Enable AssertEvalNotUsingSystemPrincipal on Nightly builds r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D37460

--HG--
extra : moz-landing-system : lando
2019-07-18 18:22:06 +00:00
Sylvestre Ledru e77bfc655d Bug 1519636 - Reformat recent changes to the Google coding style r=Ehsan
# ignore-this-changeset

Differential Revision: https://phabricator.services.mozilla.com/D38057

--HG--
extra : moz-landing-system : lando
2019-07-16 07:33:44 +00:00
Boris Zbarsky 5062731c15 Bug 1565688. Remove unused IOService arg from NS_NewURI. r=mayhemer
Differential Revision: https://phabricator.services.mozilla.com/D37968

--HG--
extra : moz-landing-system : lando
2019-07-15 13:39:51 +00:00
Razvan Maries affddc7861 Backed out changeset 6e4d13741a0f (bug 1564527) for perma AddressSanitizer failures. CLOSED TREE 2019-07-13 02:05:25 +03:00
Tom Ritter 0ca0f2dea1 Bug 1564527 - Enable AssertEvalNotUsingSystemPrincipal on Nightly builds r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D37460

--HG--
extra : moz-landing-system : lando
2019-07-11 08:46:18 +00:00
Barret Rennie 7a6747e284 Bug 1289211 - Rename InfallibleTArray to nsTArray in caps/ r=bzbarsky
Differential Revision: https://phabricator.services.mozilla.com/D36938

--HG--
extra : moz-landing-system : lando
2019-07-10 03:24:29 +00:00
Jonathan Kingston 31441f82ea Bug 1560455 - rename CodebasePrincipal to ContentPrincipal. r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D35504

--HG--
extra : moz-landing-system : lando
2019-07-08 16:37:45 +00:00
Victor Porof c24167d198 Bug 1561435 - Format caps/, a=automatic-formatting
# ignore-this-changeset

Differential Revision: https://phabricator.services.mozilla.com/D35897

--HG--
extra : source : d4805a576be19af1130a6b52810d4108c49178d5
2019-07-05 09:58:41 +02:00
Jonathan Kingston 54d34973fd Bug 1547707 - Add in origin attributes to ExpandedPrincipal serialization. r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D33613

--HG--
extra : moz-landing-system : lando
2019-06-05 11:27:16 +00:00
Jonathan Kingston 29cb8e9035 Bug 1556747 - Remove UUIDGenerator dependency of NullPrincipalURI.cpp r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D33641

--HG--
extra : moz-landing-system : lando
2019-06-05 12:07:33 +00:00
Boris Zbarsky 9de72a3ac6 Bug 1557793 part 2. Stop using [array] in nsIStringBundle. r=Pike
Differential Revision: https://phabricator.services.mozilla.com/D34196

--HG--
extra : moz-landing-system : lando
2019-06-11 15:51:51 +00:00
Jonathan Kingston a9be4620ee Bug 1508939 - cpp serialization r=ckerschb,mccr8,mikedeboer
Migrating to pure Cpp

Differential Revision: https://phabricator.services.mozilla.com/D29221

--HG--
extra : moz-landing-system : lando
2019-06-03 12:37:12 +00:00
Christoph Kerschbaumer 7cdbee6cd7 Bug 1496418: Update Content Policy checks and allow CSP checks for system principal triggered loads. r=mccr8,baku
Differential Revision: https://phabricator.services.mozilla.com/D32217

--HG--
extra : moz-landing-system : lando
2019-06-03 06:04:25 +00:00
Sylvestre Ledru d57d4905f1 Bug 1519636 - Reformat recent changes to the Google coding style r=Ehsan
# ignore-this-changeset

Differential Revision: https://phabricator.services.mozilla.com/D30883

--HG--
extra : moz-landing-system : lando
2019-05-25 17:46:15 +00:00
arthur.iakab af8e458c5f Backed out changeset a296439a25ff (bug 1519636) for frequent Windows cppunit failures CLOSED TREE 2019-05-24 14:26:01 +03:00
Sylvestre Ledru c82ea97226 Bug 1519636 - Reformat recent changes to the Google coding style r=Ehsan
# ignore-this-changeset

Differential Revision: https://phabricator.services.mozilla.com/D30883

--HG--
extra : moz-landing-system : lando
2019-05-24 09:59:17 +00:00
Andrea Marchesini 37d54b0154 Bug 1551056 - Get rid of BasePrincipal::CloneForcingFirstPartyDomain, r=Ehsan
Differential Revision: https://phabricator.services.mozilla.com/D30803

--HG--
extra : moz-landing-system : lando
2019-05-22 22:35:40 +00:00
Christoph Kerschbaumer b633427366 Bug 965637: Move CSP from Principal into Client, part 1: backend changes. r=mccr8
Differential Revision: https://phabricator.services.mozilla.com/D27654

--HG--
extra : moz-landing-system : lando
2019-05-21 23:14:27 +00:00