Граф коммитов

111 Коммитов

Автор SHA1 Сообщение Дата
Dave Huseby ce82855c42 Bug 1189086 - Eliminate nsIPrincipal::jarPrefix. r=dveditz 2016-10-24 13:52:00 +02:00
Jonathan Hao 8a70bfa5fc Bug 1302047 - Ignore userContextId and firstPartyDomain when matching permissions. r=baku
--HG--
extra : rebase_source : da81c21da92810d808ebe865a456cc9d04058ce3
2016-09-20 16:35:21 +08:00
Yoshi Huang 10b437080c Bug 1260931 - Part 3: Propagate firstPartyDomain. r=smaug 2016-09-06 10:25:58 +08:00
Yoshi Huang 85a594681d Bug 1260931 - Part 1: add firstPartyDomain. r=smaug
Add an origin attribute called 'firstPartyDomain'.
This value will be extracted from the URL bar.

And the purpose of this attribute is used to isolate the data-jars.
Please see the tor documentation.
https://www.torproject.org/projects/torbrowser/design/#identifier-linkability

The idea is like a superset of 'reject third party cookies', but not
only apply for cookies, it also applies to all data-jars like localStorage,
indexedDB and so on.

So basically an iframe will have its own data-jar, and this data-jar is
isolated by the URL from URL bar, for instance, an iframe
https://facebook.com inside https://cnn.com won't share data-jar with
the iframe (https://facebook.com) in https://bbc.com
2016-09-06 10:25:48 +08:00
Sebastian Hengst 60d03b201e Backed out changeset 935ffd53f193 (bug 1260931) for failing xpcshell test test_packaged_app_service.js. r=backout 2016-09-05 21:16:10 +02:00
Sebastian Hengst c9519f7c29 Backed out changeset b9afda2804fd (bug 1260931) 2016-09-05 21:15:29 +02:00
Yoshi Huang 6cca1d0c54 Bug 1260931 - Part 3: Propagate firstPartyDomain. r=smaug 2016-09-06 01:50:30 +08:00
Yoshi Huang 6c3b62e2fb Bug 1260931 - Part 1: add firstPartyDomain. r=smaug
Add an origin attribute called 'firstPartyDomain'.
This value will be extracted from the URL bar.

And the purpose of this attribute is used to isolate the data-jars.
Please see the tor documentation.
https://www.torproject.org/projects/torbrowser/design/#identifier-linkability

The idea is like a superset of 'reject third party cookies', but not
only apply for cookies, it also applies to all data-jars like localStorage,
indexedDB and so on.

So basically an iframe will have its own data-jar, and this data-jar is
isolated by the URL from URL bar, for instance, an iframe
https://facebook.com inside https://cnn.com won't share data-jar with
the iframe (https://facebook.com) in https://bbc.com
2016-09-06 01:50:15 +08:00
Yoshi Huang 69ed1a79e4 Bug 1244340 - Part 2: add setOriginAttributes in nsIXMLHttpRequest. r=sicking
Add a ChromeOnly method called 'setOriginAttributes' on the XMLHttpRequest,
so that we can override the origin attributes for those XHRs running by XUL
(which will use System Principal).
2016-08-26 18:59:00 +08:00
Kan-Ru Chen 29b9a17a92 Bug 1295103 - Use MOZ_MUST_USE in OriginAttributes. r=allstars
MozReview-Commit-ID: PWUb81L8ya

--HG--
extra : rebase_source : 2bdc7adc7a6b5fd121a4621086fab6f87834dd20
2016-08-15 18:22:44 +08:00
Rob Wu 9069fff35f Bug 1197451 - Add clipboardWrite permission r=billm
MozReview-Commit-ID: 6d1mQSVWRPe

--HG--
extra : rebase_source : 2f19bab5c9d6db25c60b2b19c06c7027384a04ca
2016-07-08 17:19:17 -07:00
James Andreou 3585e16752 Bug 1283281 - Remove PB Flag from DOMStorage. r=jdm 2016-06-29 14:01:00 +02:00
Jan Varga af49dba19e Bug 1195930 - Part 8: Fixed support for origin clearing, reworked internal origin patterns to use OriginAttributesPattern; r=asuth 2016-06-05 21:42:48 +02:00
James Andreou 1d32e86b9c Bug 1269361 - Add mPrivateBrowsingId to OriginAttributes r=ehsan,jdm 2016-06-02 17:03:11 -04:00
Kris Maglione 6d36833e42 Bug 1254194: Apply a content security policy to all WebExtension documents. r=gabor
MozReview-Commit-ID: HsFFbWdq00b

--HG--
extra : rebase_source : 07e4b6ec8c32f696d5b5987091ffc5ebde2c3061
extra : histedit_source : 20983fe6a9590d7f410276fac248c3d2f711caaa
2016-04-23 20:56:56 -07:00
J. Ryan Stinnett 2a55d065b7 Bug 1238160 - Rename OriginAttributes.mInBrowser and associated methods. r=bz,mayhemer
This change renames OriginAttributes.mInBrowser to mInIsolatedMozBrowser and
nsIPrincipal::GetIsInBrowserElement to GetIsInIsolatedMozBrowserElement.  Other
methods that pass these values around also have name changes.

Tokens such as "inBrowser" have previously been serialized into cache keys, used
as DB column names, stored in app registries, etc.  No changes are made to any
serialization formats.  Only runtime method and variable names are updated.

No behavior changes are made in this patch, so some renamed methods may have
nonsensical implementations.  These are corrected in subsequent patches
focused on behavior.

MozReview-Commit-ID: 66HfMlsXFLs
2016-03-02 10:35:56 -06:00
Christoph Kerschbaumer fecee7be59 Bug 1224694 - Unify and clean up initialization of CSP (r=sicking) 2016-01-14 13:21:31 -08:00
Nigel Babu ccbf22eae8 Backed out changeset f001a01c85d7 (bug 1224694) for browser-chrome bustage on a CLOSED TREE
--HG--
extra : commitid : 5BUjoFsY8bv
2016-01-14 08:04:50 +05:30
Christoph Kerschbaumer 86457169b6 Bug 1224694 - Unify and clean up initialization of CSP (r=sicking) 2016-01-13 15:51:30 -08:00
Yoshi Huang 4b500464f5 Bug 1209162 - Create OriginAttributes subtypes. IGNORE IDL r=sicking. 2015-11-03 09:50:54 +08:00
Christoph Kerschbaumer b967444f19 Bug 663570 - MetaCSP Part 2: Principal changes (r=bz) 2015-11-14 19:28:23 -08:00
Bobby Holley 86c97bb3f4 Bug 1218039 - Add a nice interface for both C++ and JS to access the principal kind. r=gabor 2015-10-26 11:18:14 -07:00
Bobby Holley dca7589731 Bug 1208756 - Hoist shared CheckMayLoad logic into BasePrincipal. r=bz
This is a pure refactoring.
2015-10-02 14:59:45 -07:00
Yoshi Huang f97211a451 Bug 1167100 - User originAttribute in ContentPrincipalInfo. r=bholley 2015-09-23 18:19:06 +08:00
Stephanie Ouillon 5e14a3b3a8 Bug 1178533 - Add nsIInstallPackagedWebapp for registering permissions when navigating to signed packages r=bholley,fabrice,valentin 2015-08-26 13:12:13 +02:00
Wes Kocher df21b43278 Backed out changeset d0e88c95f3c5 (bug 1167100) for crashes a=backout 2015-09-29 10:25:20 -07:00
Yoshi Huang 872722fe37 Bug 1167100 - User nsIPrincipal.originAttribute in ContentPrincipalInfo. r=bholley 2015-09-23 18:19:06 +08:00
Yoshi Huang d38b78ae54 Bug 1165466 - Fix up docshell and loadcontext inheriting code in nsIScriptSecurityManager. r=bholley 2015-09-23 16:10:21 +08:00
Henry Chang b6b5862949 Bug 1163254 - Add signedPkg to OriginAttributes. r=bholley 2015-09-18 15:11:58 +08:00
Carsten "Tomcat" Book c5551bace9 Backed out 2 changesets (bug 1169633, bug 1163254) for linux Mn-e10s test bustage on a CLOSED TREE
Backed out changeset 47ccf6689101 (bug 1169633)
Backed out changeset 503eab197a2d (bug 1163254)
2015-09-17 16:01:25 +02:00
hchang 2e884ff477 Bug 1163254 - Add signedPkg to OriginAttributes. r=bholley 2015-09-16 19:42:00 +02:00
Steven Englehardt 754fd36b97 Bug 1179557 - Add getters for userContextId. r=bholley, r=tanvi
--HG--
extra : histedit_source : 29a5fb5f2a3204d27d0f620d6f3c03e134699fb9
2015-07-30 14:15:00 -04:00
Steven Englehardt 9d4063da89 Bug 1179557 - Add userContextId to originAttributes with tests. r=bholley, r=tanvi
--HG--
extra : histedit_source : 4d033ad9aef7b71c7ebbbe77242c94e9b8e94f0c
2015-07-28 17:32:00 -04:00
Bobby Holley b4fdabe37d Bug 1182347 - Remove nsIPrincipal::cookieJar. r=sicking 2015-07-14 19:56:33 -07:00
Bobby Holley 8397689ce8 Bug 1182347 - Implement OriginAttributesPattern. r=sicking,f=allstars.chh 2015-07-14 19:56:32 -07:00
Bobby Holley 260bd0121f Bug 1180921 - Support custom callbacks for allowing access per-addon load access to cross-origin URIs. r=bz,r=billm 2015-07-11 10:32:56 -04:00
Bobby Holley 94c6f14615 Bug 1180921 - Add the addonId OriginAttribute. r=bholley 2015-07-11 10:32:55 -04:00
Wes Kocher 45be9b06a3 Backed out 5 changesets (bug 1180921) for build failures in BasePrincipal.cpp
Backed out changeset d8c1a2e11a9a (bug 1180921)
Backed out changeset f4dd8c53df5f (bug 1180921)
Backed out changeset b272a0ebf5d8 (bug 1180921)
Backed out changeset 8e86b6a7d201 (bug 1180921)
Backed out changeset bbdebd7b8881 (bug 1180921)
2015-07-09 17:43:08 -07:00
Bobby Holley c9102e3238 Bug 1180921 - Support custom callbacks for allowing access per-addon load access to cross-origin URIs. r=bz,r=billm 2015-07-09 17:25:14 -07:00
Bobby Holley 24ce1d8fe4 Bug 1180921 - Add the addonId OriginAttribute. r=bholley 2015-07-09 17:25:05 -07:00
Nikhil Marathe b52b66ebf5 Bug 1169044 - Patch 3 - Store and set principal with script URI on ServiceWorkers. r=ehsan
The ServiceWorkerRegistrationInfo's principal is the principal of the document
that called register(). If we create WorkerPrivate instances based off of
this, they have a valid principal in terms of security and same-origin-ness,
but the URI path is wrong. When fetching the script from the network, the
channel's principal is used to update the worker principal. We need to do the
same when the script is loaded from Cache. This patch adds support to store the
channel principal in the cache.

--HG--
extra : rebase_source : e7d527335aa4f0d4ee52e58915c8b0ef4ad26983
2015-06-04 21:39:34 -07:00
Yoshi Huang a1b1318d82 Bug 1170097 - Part 2: Add originAttributesToCookieJar. r=bholley 2015-06-03 14:38:55 +08:00
Yoshi Huang b6596ba507 Bug 1170097 - Part 1: Move OriginAttributeDictionary. r=bholley 2015-06-03 14:35:09 +08:00
Andrea Marchesini dcdcd94a06 Bug 1155153 - about:serviceworkers should work in e10s mode, r=nsm, r=bholley 2015-06-04 19:51:57 +01:00
Carsten "Tomcat" Book e7e949f08a Backed out changeset bc305c9b5d05 (bug 1155153) for b2g xpshell test failure on a CLOSED TREE 2015-06-05 13:07:51 +02:00
Andrea Marchesini 42cd5b397c Bug 1155153 - about:serviceworkers should work in e10s mode, r=nsm, r=bholley 2015-06-04 19:51:57 +01:00
Bobby Holley 7df20a2925 Bug 1171175 - Improve BasePrincipal::IsCodebasePrincipal. r=baku 2015-06-04 10:01:40 -07:00
Andrea Marchesini a71e717b67 Bug 1162088 - patch 1 - ServiceWorkerManager should use OriginAttributes from the principal as scopeKey, r=nsm, r=bholley 2015-06-03 09:43:43 +01:00
Christoph Kerschbaumer f679dfded5 Bug 1129999 - Implement CSP devtool using GCLI; CSP to JSON (r=sstamm,bholley) 2015-05-21 11:16:04 -07:00
Bobby Holley 497b7c5b80 Bug 1165162 - Add nsIPrincipal::cookieJar. r=sicking 2015-05-20 17:11:52 -07:00
Bobby Holley 3b6ba803a8 Bug 1165162 - Serialize originSuffix into .origin. r=gabor,sr=sicking
We also provide an opt-out for the original behavior, and use it in various
consumers that look like they need fixing up. Most of the usage here is in
code with persistence considerations, where we may need some sort of migration
path.
2015-05-20 17:11:49 -07:00
Bobby Holley 9a937e13f4 Bug 1165162 - Hoist GetOrigin onto BasePrincipal. r=gabor 2015-05-20 17:11:48 -07:00
Bobby Holley 91e0c12696 Bug 1165162 - Rework the nsIScriptSecurityManager principal-minting API to be originAttributes-centric. r=gabor,r=bholley,sr=sicking 2015-05-20 17:11:41 -07:00
Bobby Holley eea636ee0c Bug 1165162 - Make OriginAttributes a dictionary, and make it accessible as both a jsval and a canonical string. r=gabor,r=bholley,sr=sicking 2015-05-20 17:09:53 -07:00
Bobby Holley d6082103c1 Bug 1164977 - Hoist attribute serialization into BasePrincipal. r=gabor 2015-05-18 15:52:34 -07:00
Bobby Holley f8d1d0c840 Bug 1164977 - Hoist app attributes into a struct on BasePrincipal and refer to them as 'origin attributes'. r=gabor
This sets the stage for the upcoming work for signed apps.
2015-05-18 15:52:34 -07:00
Bobby Holley 213bf81699 Bug 1164977 - Unify subsumes/equals logic on BasePrincipal and reduce duplicated code. r=gabor 2015-05-18 15:52:33 -07:00
Bobby Holley 9438ba6505 Bug 1164977 - Hoist all the app attribute handling into BasePrincipal. r=gabor 2015-05-18 15:52:33 -07:00
Daniel Holbert e2ee3711db Bug 1164292 followup: Add 'override' annotations to BasePrincipal & nsSystemPrincipal GetCsp()/SetCsp() methods. rs=ehsan 2015-05-15 14:54:21 -07:00
Bobby Holley 93d7d50247 Bug 1164292 - Make all nsIPrincipal implementations inherit BasePrincipal and hoist some repeated code. r=gabor
Losing the NS_DECL_NSIPRINCIPAL isn't great, but I think it's worth it to share
more code.
2015-05-15 11:51:50 -07:00
Bobby Holley 9e3345280e Bug 1164292 - Rebrand nsBasePrincipal into mozilla::BasePrincipal and give it its own file. r=gabor
The goal here is to provide a common superclass for _all_ the principal
implementations, rather than just nsPrincipal and nsExpandedPrincipal.
2015-05-15 11:51:49 -07:00