978f461b95
Bug 1200869 - Empty the header value for code hygiene; r=sicking
2015-09-02 19:53:35 -04:00
a01e0f79fc
Bug 1200856 - Avoid the extra variable to make the string manipulation faster; r=sicking
2015-09-02 19:52:46 -04:00
f44287005f
Bug 1198334 (part 1) - Replace the opt-in FAIL_ON_WARNINGS with the opt-out ALLOW_COMPILER_WARNINGS. r=glandium.
...
The patch removes 455 occurrences of FAIL_ON_WARNINGS from moz.build files, and
adds 78 instances of ALLOW_COMPILER_WARNINGS. About half of those 78 are in
code we control and which should be removable with a little effort.
--HG--
extra : rebase_source : 82e3387abfbd5f1471e953961d301d3d97ed2973
2015-08-27 20:44:53 -07:00
b930db3a55
Bug 1196592: Make retargeting Fetch to another thread actually work. r=nsm
...
--HG--
extra : rebase_source : 24801ef2546f6aa3d74b9193a104bb35e8103699
2015-08-28 13:49:07 -07:00
a2daed5950
Bug 1198422 - CSP: Test fallback for nonce-src and hash-src (r=devitz)
2015-08-27 09:02:32 -07:00
0500c010b8
Bug 1198422 - CSP: Allow nonce to load if default-src is not specified in second policy (r=dveditz)
2015-08-25 16:11:04 -07:00
1dda7b7d34
Bug 1194847 - Part 2: Bypass CORS checks if the response of a channel has been synthesized; r=nsm
2015-08-25 21:43:40 -04:00
f04275bd0b
Bug 1196740 - Consider redirects when looking for SRI-eligibility. r=ckerschb
...
--HG--
rename : dom/security/test/sri/iframe_style_sameorigin.html => dom/security/test/sri/iframe_style_crossdomain.html
rename : dom/security/test/sri/script_crossdomain4.js => dom/security/test/sri/script_crossdomain5.js
rename : dom/security/test/sri/style1.css => dom/security/test/sri/style_301.css
rename : dom/security/test/sri/test_style_sameorigin.html => dom/security/test/sri/test_style_crossdomain.html
2015-08-25 13:38:39 -07:00
be38f76461
Bug 1096724 - Update csp/test_base-uri to rely on postmessage instead of observers. r=dveditz
2015-08-18 11:42:43 -07:00
ec860a87f6
No bug - Use the correct requestLongerTimeout syntax. a=bustage
2015-08-18 12:53:55 -04:00
210ad6260a
No bug - Request a longer timeout for test_CrossSiteXHR_origin.html due to teetering on the edge of timing out on B2G debug.
2015-08-18 10:39:17 -04:00
a196b8ef35
Bug 1195572 - Enable -Wformat-security in DOM::Security. r=ckerschb
2015-08-17 21:48:07 -07:00
550a74f51e
Bug 1182551 - HTTP top level page with HTTPS mixed passive frame should have STATE_IS_INSECURE. r=ttaubert
2015-08-13 17:13:51 -07:00
aa87627fac
Bug 1182551 - Don't set STATE_IS_BROKEN on HTTP pages when mixed content is allowed by default. r=smaug
2015-08-13 17:13:43 -07:00
dad90516d6
Bug 1192955 - Use channel->ascynOpen2 for PING in docshell/base/nsDocShell.cpp (r=sicking)
2015-08-13 08:53:28 -07:00
2a4ad76933
Bug 992096 - Implement Sub Resource Integrity [2/2]. r=ckerschb
...
Mochitests
2015-08-12 20:19:16 -07:00
34de332db0
Bug 992096 - Implement Sub Resource Integrity [1/2]. r=baku,r=ckerschb
...
Code changes
2015-08-12 20:19:11 -07:00
4b7d4aaed5
Bug 1187165 - Use channel->ascynOpen2 in dom/base/ImportManager (r=sicking)
2015-08-10 10:25:20 -07:00
b7e53859ad
Bug 1182544 - Use channel->ascynOpen2 in dom/xml/XMLDocument.cpp (r=sicking)
2015-08-10 10:19:08 -07:00
9b31f6bcfe
Bug 661604 - Re-enable this test because it works now. rs=wchen and try
2015-08-06 10:35:49 -07:00
5dfe6ac07d
Bug 1188637 - Use channel->ascynOpen2 in dom/base/EventSource.cpp (r=sicking)
2015-08-04 20:06:19 -07:00
221df08158
Bug 1182543 - Use channel->ascynOpen2 in dom/plugins/base/nsPluginHost.cpp (r=sicking)
2015-08-04 20:05:37 -07:00
57a966656a
merge mozilla-inbound to mozilla-central a=merge
2015-08-04 13:01:07 +02:00
87164ced3c
Bug 1181683 - Mark ping and beacon as blockable mixed content instead of optionally blockable. r=smaug
2015-08-03 15:25:21 -07:00
f7e2152921
Bug 1096724 - Fix intermittent test_base-uri.html failures. r=ryanvm
2015-07-29 14:16:37 -07:00
5d6e8c751f
Bug 1152574 - Do not report aborted XHR requests in web console (r=sicking)
2015-07-20 13:59:19 -07:00
f75b477899
Bug 1182539 - Use channel->ascynOpen2 in dom/base/nsDocument.cpp (r=sicking)
2015-07-31 08:58:14 -07:00
90fee9adce
Bug 1182537 - Use channel->ascynOpen2 in dom/security/nsCORSListenerProxy (r=sicking)
2015-07-30 08:59:20 -07:00
8f5542d747
Bug 1182537 - Use channel->ascynOpen2 in dom/base/Navigator.cpp (r=sicking,bz)
2015-07-27 20:39:17 -07:00
2465cf3a99
Bug 1171200 - Add means of checking if a document links to a manifest. r=billm
...
--HG--
rename : dom/manifest/ImageObjectProcessor.js => dom/manifest/ImageObjectProcessor.jsm
rename : dom/manifest/ManifestProcessor.js => dom/manifest/ManifestProcessor.jsm
rename : dom/manifest/ValueExtractor.js => dom/manifest/ValueExtractor.jsm
2015-07-30 11:56:12 -04:00
401a15426c
Backed out changeset 4b328a6f7448 (bug 1171200) for frequent asan m1 test failures on a CLOSED TREE
...
--HG--
rename : dom/manifest/ImageObjectProcessor.jsm => dom/manifest/ImageObjectProcessor.js
rename : dom/manifest/ManifestProcessor.jsm => dom/manifest/ManifestProcessor.js
rename : dom/manifest/ValueExtractor.jsm => dom/manifest/ValueExtractor.js
extra : amend_source : 0a9fc98e1c76d4ede43714bac63bba8b43efe5d7
2015-07-30 15:11:48 +02:00
79d86a6353
Bug 1171200 - Add means of checking if a document links to a manifest. r=billm
...
--HG--
rename : dom/manifest/ImageObjectProcessor.js => dom/manifest/ImageObjectProcessor.jsm
rename : dom/manifest/ManifestProcessor.js => dom/manifest/ManifestProcessor.jsm
rename : dom/manifest/ValueExtractor.js => dom/manifest/ValueExtractor.jsm
2015-07-29 16:58:00 +02:00
7080a1190a
Bug 1187711 - Restrict -Wshadow to gcc and clang. r=KWierso CLOSED TREE
2015-07-27 17:12:58 -07:00
5556697f0b
Bug 1187711 - Enable -Wshadow in DOM::Security. r=ckerschb
2015-07-27 16:14:56 -07:00
9d66aa4b3b
Bug 1182540 - Use channel->ascynOpen2 in dom/html/HTMLTrackElement.cpp (r=sicking)
2015-07-25 10:29:22 -07:00
4130ff6d80
Bug 1186589 - Ensure CORS preflight requests are never intercepted. r=sicking
2015-07-23 10:25:12 -04:00
25bee46b21
Bug 1173708 - Fix intermittent test_inlinescript error. r=dveditz
...
--HG--
rename : dom/security/test/csp/file_inlinescript_main_allowed.html => dom/security/test/csp/file_inlinescript.html
2015-07-20 11:25:24 -07:00
f821af7776
Backed out changeset cc377dd50503 (bug 1152574) for causing memory leaks on a CLOSED TREE
...
--HG--
extra : rebase_source : 819a2a12c3fd9adb5a756292a287288efbdc01a3
2015-07-21 11:50:45 +02:00
6b484e43cd
Bug 1152574 - Do not report aborted XHR requests in web console. r=sicking
2015-07-20 13:59:19 -07:00
bab1940d4a
Bug 1143922 - Add AsyncOpen2 to nsIChannel and perform security checks when opening a channel - securitymanager (r=sicking,tanvi)
2015-07-19 19:12:11 -07:00
fa8ccba8c3
Backed out changeset 01d03b6be047 (bug 1171200)
...
--HG--
rename : dom/manifest/ImageObjectProcessor.jsm => dom/manifest/ImageObjectProcessor.js
rename : dom/manifest/ManifestProcessor.jsm => dom/manifest/ManifestProcessor.js
rename : dom/manifest/ValueExtractor.jsm => dom/manifest/ValueExtractor.js
2015-07-17 11:45:59 +10:00
a8939590de
Bug 1182996 - Fix and add missing namespace comments. rs=ehsan
...
The bulk of this commit was generated by running:
run-clang-tidy.py \
-checks='-*,llvm-namespace-comment' \
-header-filter=^/.../mozilla-central/.* \
-fix
2015-07-13 08:25:42 -07:00
69eba2fa6a
Bug 1139297 - Implement CSP upgrade-insecure-requests directive - cors tests (r=smaug)
...
--HG--
extra : rebase_source : 59ab74d90890d6756de82b64808ff35a947f0c2c
2015-07-10 09:17:17 -07:00
bf74850156
Bug 1139297 - Implement CSP upgrade-insecure-requests directive - tests referrer (r=sstamm)
...
--HG--
extra : rebase_source : be32f99f26715ba0816e9ea35b0e08bb73035a82
2015-07-10 09:17:02 -07:00
ab68e4a840
Bug 1139297 - Implement CSP upgrade-insecure-requests directive - reports (r=sstamm)
...
--HG--
extra : rebase_source : 55ff799deb95a3d66cfb7d37bf6892891913d5b3
2015-07-10 09:16:46 -07:00
1e39bd8852
Bug 1139297 - Implement CSP upgrade-insecure-requests directive - simple upgrade tests (r=tanvi,sstamm)
...
--HG--
extra : rebase_source : 4473c88aa0ab3e5b9bb31ed6b2e45dfeb68b3a2a
2015-07-10 09:16:32 -07:00
41b6908773
Bug 1139297 - Implement CSP upgrade-insecure-requests directive - parser tests (r=sstamm)
...
--HG--
extra : rebase_source : 2c24dfe4a44e8485b1f207f065668a4fbdf2b31c
2015-07-10 09:16:15 -07:00
a900bc2910
Bug 1139297 - Implement CSP upgrade-insecure-requests directive - devtool changes (r=sstamm,bholley)
...
--HG--
extra : rebase_source : db910acac278e591c6cfbbf897238a5b5159fd42
2015-07-10 09:16:01 -07:00
d261954005
Bug 1139297 - Implement CSP upgrade-insecure-requests directive - cors changes (r=smaug)
...
--HG--
extra : rebase_source : f7faab7a9cceb962b4eaf4598f1a45fb0f73a756
2015-07-10 09:15:03 -07:00
9ea890b6d7
Bug 1139297 - Implement CSP upgrade-insecure-requests directive - mcb changes (r=tanvi)
...
--HG--
extra : rebase_source : 055dda3713d13e0fa8f4e4d97a5371900df0ff4e
2015-07-10 09:14:42 -07:00
Ehsan Akhgari
Nicholas Nethercote
Kyle Huey
Christoph Kerschbaumer
Francois Marier
Ryan VanderMeulen
Tanvi Vyas
Blake Kaplan
Carsten "Tomcat" Book
Marcos Caceres
Josh Matthews
mcaceres@mozilla.com
Birunthan Mohanathas