16dba8baf1
Bug 1432137 - Add test to verify insecure redirects to data: URIs are blocked for script modules. r=jonco
2018-01-23 14:04:21 +01:00
d8e2caf90a
Bug 1428793: Test block insecure redirects to data: URIs. r=smaug
2018-01-23 09:58:06 +01:00
47e37d6df2
Bug 1428793: Block insecure redirects to data: URIs. r=smaug
2018-01-23 09:57:47 +01:00
0319902c5b
Bug 1418243 - Fix mochitest failures due to violationDirective change. r=ckerschb
...
MozReview-Commit-ID: AphtAxYo6Hr
--HG--
extra : rebase_source : 24cd7773cb1f3583c524d142908f859ff5e88e8a
2018-01-16 23:00:00 +02:00
d1124b72c7
Bug 1418243 - Fix SecurityPolicyViolationEvent.violatedDirective. r=ckerschb
...
MozReview-Commit-ID: 8DQ7CI5exUL
--HG--
extra : rebase_source : 69181c5e5f61f6fee5224def74c54985c3b47dee
2018-01-16 22:59:00 +02:00
a1765c1a3c
Bug 1430758 - No CSP directive for nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD, r=ckerschb
2018-01-16 15:03:02 +01:00
77efdcf21a
Backed out 2 changesets (bug 1418243) for failing mochitest at dom/security/test/csp/test_frame_ancestors_ro.html and mochitest devtools at devtools/client/webconsole/test/browser_webconsole_bug_1010953_cspro.js a=merge
...
Backed out changeset 5357dbb6df2b (bug 1418243)
Backed out changeset 778a37000696 (bug 1418243)
2018-01-16 13:02:32 +02:00
eaddf31393
Bug 1418243 - Fix SecurityPolicyViolationEvent.violatedDirective. r=ckerschb
...
MozReview-Commit-ID: 8DQ7CI5exUL
2018-01-15 23:30:00 +02:00
37efe4d0e6
Bug 1428535 - Add missing override specifiers to overridden virtual functions. r=froydnj
...
MozReview-Commit-ID: DCPTnyBooIe
--HG--
extra : rebase_source : cfec2d96faeb11656d86d760a34e0a04cacddb13
extra : intermediate-source : 6176724d63788b0fe8caa3f91607c2d93dbaa7ec
extra : source : eebbb0600447f9b64aae3bcd47b4be66c02a51ea
2017-11-05 19:37:28 -08:00
c3f3b8d161
Bug 1391277 - Investigative logging in CSP: log when 'upgrade-insecure-requests' CSP is added to the CSP context, r=bz
2018-01-11 10:57:00 +02:00
9d094a2464
Bug 1427302 - Stop supporting type=content-* on XUL <browser>s, r=bz
...
Was: Backed out changeset 83fbff91e9d2 (bug 1328605).
MozReview-Commit-ID: 2itUgw8Ogkl
--HG--
extra : rebase_source : bad855f0292b28eb61b1549a1d96914a792c0fb6
2018-01-10 19:37:29 +00:00
e97980a95e
Bug 1424917 - Remove support for HSTS Priming. r=mayhemer, r=ckerschb
...
This patch removes support and tests for HSTS priming from the tree.
2018-01-10 11:07:00 -05:00
41dae4c2d2
Bug 1425968 - Skip HSTS browser-chrome tests because the feature is being removed and they depend on an expiring Telemetry probe. r=kmckinley
2018-01-03 16:46:35 -05:00
392a4bf408
Bug 725490 - Change XFO sameorigin to check all ancestors for same origin. r=smaug
...
MozReview-Commit-ID: 5fPxGpcdVms
--HG--
extra : rebase_source : 48fb23e477a49c71e4f09735efd05dd02c46be8d
2017-11-03 15:37:10 +00:00
032c961e0a
Bug 1421992 - script-generated patch to replace do_check_* functions with their Assert.* equivalents, rs=Gijs.
2017-12-21 11:08:17 +01:00
ffc0ed12d2
Bug 1425363 - remove onWindowTitleChanged given that nobody uses it, r=bgrins
...
MozReview-Commit-ID: ALslAwZo4K9
--HG--
extra : rebase_source : ca1add0015eea86128c0c5f209252ebb6a228998
2017-12-14 21:55:44 -06:00
4f18e92ffb
Bug 1334189 - Enable mochitest-plain for linux64-qr. r=jrmuizel
...
MozReview-Commit-ID: nbcWhDq5de
--HG--
extra : rebase_source : 25e2c2b8b996ae11cd25dee07d9092ba574a9e40
2017-12-13 18:38:39 -05:00
9f4d083047
Bug 1412456 - Test changes to no longer use interposition (r=felipe,bgrins,mrbkap)
...
MozReview-Commit-ID: 2nQPOSGTr1s
2017-12-07 12:55:24 -08:00
89531e8dc3
Backed out 9 changesets (bug 1412456) for crashing talos g2 and unexpected network connections in browser-chrome's browser_searchEngine_behaviors.js r=backout a=backout on a CLOSED TREE
...
Backed out changeset 0c01a98f4fd5 (bug 1412456)
Backed out changeset 27077db47231 (bug 1412456)
Backed out changeset f35ec2a884f8 (bug 1412456)
Backed out changeset 602b30ac3c69 (bug 1412456)
Backed out changeset b1ff1050c589 (bug 1412456)
Backed out changeset f100d953f9eb (bug 1412456)
Backed out changeset d85af60fe259 (bug 1412456)
Backed out changeset 736f38486832 (bug 1412456)
Backed out changeset 13a637602dc2 (bug 1412456)
2017-12-07 12:20:21 +02:00
bef7c122df
Bug 1412456 - Test changes to no longer use interposition (r=felipe,bgrins,mrbkap)
...
MozReview-Commit-ID: 2nQPOSGTr1s
2017-12-06 21:17:05 -08:00
eb65c24c7b
Backed out 8 changesets (bug 1412456) for ESlint failure on browser_urlbarKeepStateAcrossTabSwitches.js:13:49 r=backout on a CLOSED TREE
...
Backed out changeset 0e88de036c55 (bug 1412456)
Backed out changeset 49b93f807db0 (bug 1412456)
Backed out changeset 039e980b7dc6 (bug 1412456)
Backed out changeset c7698410ddbd (bug 1412456)
Backed out changeset e56a1ba26b7c (bug 1412456)
Backed out changeset 0c4506e124ac (bug 1412456)
Backed out changeset a7aec2ce903b (bug 1412456)
Backed out changeset 3e9fb71f1e8e (bug 1412456)
2017-12-07 07:09:33 +02:00
be77cf4a01
Bug 1412456 - Test changes to no longer use interposition (r=felipe,bgrins,mrbkap)
...
MozReview-Commit-ID: 2nQPOSGTr1s
2017-12-06 20:46:58 -08:00
e77ee731e9
Bug 1222924 - stop allowing webpages to link to moz-icon: , r=mrbkap
...
MozReview-Commit-ID: FKEDboWIfFQ
--HG--
extra : rebase_source : 801317b5746c6e84431c6a8f2097b83523646016
2017-11-22 21:31:41 +00:00
63739feac3
Bug 1037335 - Add a pref to enable only within Nightly and Early Beta. r=ckerschb,smaug
...
MozReview-Commit-ID: Bi82dHm53qX
--HG--
extra : rebase_source : 61a7c517afb2759d672a1c486213a73ef505a324
extra : amend_source : 572a2c8613fe36ae1ebd613a361bb23acc019912
2017-11-29 16:55:00 +02:00
a3b493b9ca
Bug 1037335 - Add a mochitest for security policy violation event. r=ckerschb
...
MozReview-Commit-ID: 7l5jJFEtIaT
--HG--
extra : rebase_source : 49b6794482f0be79919b20226aa571d6ebe066de
2017-11-29 16:54:00 +02:00
8dd7eb1b95
Bug 1037335 - Implement security policy violation event. r=ckerschb,smaug
...
MozReview-Commit-ID: 4BYThUXduI4
--HG--
extra : rebase_source : 5d4a34c5e6bb7fd3774fafb1de72e761bce4591f
2017-11-29 16:53:00 +02:00
513ba7660d
Backed out changeset b3d1e9847a7a (bug 725490) for mochitest failures in dom/base/test/test_x-frame-options.html r=backout on a CLOSED TREE
2017-11-29 12:01:19 +02:00
099e4fa549
Bug 1421458 - Add more initial configuration setup and prepare .eslintignore for enabling ESLint on more xpcshell-test directories. r=mossop
...
MozReview-Commit-ID: 4nbTuNNnAdZ
--HG--
extra : rebase_source : 7131f0ddad79d28615a5799c657972bd84a69180
2017-11-28 22:57:08 +00:00
6986c42dfa
Bug 1190623 - Add a pref to consider object sub requests as active. r=tanvi, r=ckerschb
...
MozReview-Commit-ID: Br2F89IfWng
2017-11-11 01:15:06 +00:00
5565689b54
Bug 725490 - Change XFO sameorigin to check all ancestors for same origin. r=smaug
...
MozReview-Commit-ID: 5fPxGpcdVms
--HG--
extra : rebase_source : f25e525c1e5f6cfe2c5002779fefe17263896d02
2017-11-03 15:37:10 +00:00
326ce05075
Bug 1415352: Part 3a - Add preference to increase max length of CSP report source sample. r=ckerschb
...
This is necessary for tests which need to verify that reports are being sent
for the correct inline sources, where the current sample size is not enough to
completely distinguish them.
MozReview-Commit-ID: 2k2vAhJhIsi
--HG--
extra : rebase_source : 268a53d1450be6666081bf5093aa170352b398e1
2017-11-06 14:01:32 -08:00
e011d320e1
Bug 1398229 - Save-link-as feature should use the loading principal - part 4 - Comment updated, r=me
2017-11-19 08:53:47 +01:00
92d28bd8f2
Merge inbound to mozilla-central r=merge a=merge
2017-11-17 11:59:03 +02:00
97baa05333
Bug 1398229 - Save-link-as feature should use the loading principal - part 3 - implementation of nsIContentPolicy.TYPE_SAVE_AS_DOWNLOAD, r=ckerschb, r=tanvi
2017-11-16 12:27:01 +01:00
59de60ae4b
Bug 1407343 Silence multiple classes of warnings for the MinGW build, including not enabling format warnings unless -Wformat is set r=froydnj,glandium
...
MozReview-Commit-ID: ALmo1hbqVxC
--HG--
extra : rebase_source : a68475b90372cd5679c37474fb6705b2a5d48ddf
2017-11-16 12:36:33 -06:00
6c1d6be6fb
Backed out 3 changesets (bug 1398229) for failing own browser-chrome browser/components/contextualidentity/test/browser/browser_saveLink.js. r=backout on a CLOSED TREE
...
Backed out changeset 5b3b0a38b2d1 (bug 1398229)
Backed out changeset a726fc7506ca (bug 1398229)
Backed out changeset 53dae7764e58 (bug 1398229)
2017-11-15 20:49:09 +02:00
11eefa61bb
Bug 1398229 - Save-link-as feature should use the loading principal - part 3 - implementation of nsIContentPolicy.TYPE_SAVE_AS_DOWNLOAD, r=ckerschb
2017-11-15 18:16:29 +01:00
c848c91be9
Bug 1415612: Allow all plain text types when navigating top-level data URIs. r=bz
2017-11-13 21:25:02 +01:00
1ea20715d4
Bug 1407891: Test navigation for right-click view-image on data:image/svg. r=bz
2017-11-08 17:43:26 +01:00
6584da597b
Bug 1407891: Allow view-image to open a data: URI by setting a flag on the loadinfo. r=bz
2017-11-08 20:01:41 +01:00
d5958a52e0
Bug 1403870: Test toplevel data URI navigation to application/json is allowed. r=smaug
2017-11-03 13:27:01 +01:00
078474c979
Bug 1403870: Allow toplevel data URI navigation data:application/json. r=smaug
2017-11-03 13:26:28 +01:00
3d0a1f002e
Bug 1403814 - Block toplevel data: URI navigations only if openend in the browser. r=smaug
2017-11-03 13:23:11 +01:00
60bd93b916
Bug 1403814 - Update tests for toplevel data URI blocking because we know block after we have received the response. r=smaug
2017-11-03 13:22:57 +01:00
8f13729a0f
Bug 1403814: Test navigation to data:text/csv. r=smaug
2017-10-11 22:47:12 +02:00
5703b12317
Bug 1302667 - CSP: Update test_child-src_worker.html because child-src falls back to script-src. r=dveditz,mckinley
2017-10-30 18:46:34 +01:00
67c85139df
Bug 1302667 - CSP: Test 'frame-src'. r=dveditz,mckinley
2017-10-30 18:46:19 +01:00
d1b704d00d
Bug 1302667 - CSP: Test 'worker-src'. r=dveditz,mckinley
2017-10-30 18:46:05 +01:00
5d54a394cc
Bug 1302667 - CSP: Add Parser test for 'worker-src'. r=dveditz,mckinley
2017-10-30 18:45:50 +01:00
2fd8493f7f
Bug 1302667 - CSP: Implement 'worker-src'. r=baku,dveditz,mckinley
2017-10-30 18:45:36 +01:00
Christoph Kerschbaumer
Chung-Sheng Fu
Andrea Marchesini
Andreea Pavel
Chris Peterson
Honza Bambas
Gijs Kruitbosch
Kate McKinley
Ryan VanderMeulen
Jonathan Kingston
Florian Quèze
Kartikaya Gupta
Bill McCloskey
Dorel Luca
arthur.iakab
Mark Banner
Kris Maglione
Ciure Andrei
Tom Ritter
Sebastian Hengst