mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
488 415 коммитов 615 Ветки 98 Теги 5,7 GiB
Граф коммитов

23 Коммитов

Автор SHA1 Сообщение Дата
Christoph Kerschbaumer df1432e805 Bug 1290560 - Update CSPParser to handle 'sandbox', 'require-sri' and 'report-uri' with no valid srcs correctly. r=dveditz 2016-08-19 18:41:45 +02:00
Thomas Nguyen 6516ad9dae Bug 959388 - Deliver CSP from HTTP header. r=ckerschb, r=khuey 
MozReview-Commit-ID: 13ndERn6rrL

--HG--
extra : rebase_source : e0ec31f9d322b1385994eb7d66bd885c91d75df3
 2016-06-30 12:31:59 +08:00
Paul Roberts ec18fc5ff7 Bug 671389 - Implement CSP sandbox directive. r=ckerschb r=smaug 
--HG--
extra : rebase_source : d9c5f5868c2558a3696cd489674da6f243be11ad
 2016-06-29 07:48:44 -07:00
Frederik Braun 404a0bbb99 Bug 1265318: add require-sri-for CSP directive. r=ckerschb 
MozReview-Commit-ID: 200PAvKtBME
 2016-05-31 11:14:00 +02:00
Carsten "Tomcat" Book 927b1a0b3a Backed out changeset 7469725d7461 (bug 959388) 2016-05-23 11:36:12 +02:00
Thomas Nguyen 32e38271c9 Bug 959388 - Deliver CSP from HTTP header. r=ckerschb r=khuey 
MozReview-Commit-ID: LUl5LyO94m3

--HG--
extra : rebase_source : f2ddfcbf6237b11ebb19adfabf346cf76f4a6ab8
 2016-05-19 11:57:32 +08:00
Frederik Braun 582caa399f Bug 1142332 - Prevent calling CSP_EnumToKeyword with CSP_HASH. r=ckerschb 
MozReview-Commit-ID: I1w9QrWJeEo

--HG--
extra : histedit_source : 1258cfc50d32c10f0de90ba1e863e21ae3ebf0f8
 2016-04-24 14:56:22 -04:00
Kris Maglione f3feb0cfd3 Bug 1254194: Allow iterating over and inspecting sources of parsed CSP directives. r=ckerschb 
MozReview-Commit-ID: G8b86UvSv0y

--HG--
extra : rebase_source : c7857e88af0d94dd1162dccfe12aae6567945f2c
 2016-04-23 20:42:43 -07:00
Christoph Kerschbaumer 39f2d53360 Bug 1122236 - CSP: Implement block-all-mixed-content (r=tanvi,kate,mrbkap) 2016-01-13 20:58:16 -08:00
Kate McKinley 67f4155fe6 Bug 1045891 - CSP 2 child-src implementation r=ckerschb 2015-10-28 16:32:27 -07:00
Birunthan Mohanathas a8939590de Bug 1182996 - Fix and add missing namespace comments. rs=ehsan 
The bulk of this commit was generated by running:

  run-clang-tidy.py \
    -checks='-*,llvm-namespace-comment' \
    -header-filter=^/.../mozilla-central/.* \
    -fix
 2015-07-13 08:25:42 -07:00
Christoph Kerschbaumer d338b7f9d9 Bug 1139297 - Implement CSP upgrade-insecure-requests directive - csp changes (r=sstamm) 
--HG--
extra : rebase_source : 34377eb11cf33beef768bd11883c048c37351a8d
 2015-07-10 09:13:54 -07:00
Marcos Caceres 8fc79cb285 Bug 1089255 - Implement and test manifest-src CSP directive. r=bholley, r=dveditz, r=ckerschb 
---
 dom/base/nsContentPolicyUtils.h                    |   1 +
 dom/base/nsDataDocumentContentPolicy.cpp           |   3 +-
 dom/base/nsIContentPolicy.idl                      |   2 +-
 dom/base/nsIContentPolicyBase.idl                  |   7 +-
 dom/base/nsISimpleContentPolicy.idl                |   2 +-
 dom/base/test/csp/browser.ini                      |   4 +
 dom/base/test/csp/browser_test_web_manifest.js     | 265 +++++++++++++++++++++
 .../csp/browser_test_web_manifest_mixed_content.js |  55 +++++
 dom/base/test/csp/file_CSP_web_manifest.html       |   6 +
 dom/base/test/csp/file_CSP_web_manifest.json       |   1 +
 .../test/csp/file_CSP_web_manifest.json^headers^   |   1 +
 dom/base/test/csp/file_CSP_web_manifest_https.html |   4 +
 dom/base/test/csp/file_CSP_web_manifest_https.json |   1 +
 .../csp/file_CSP_web_manifest_mixed_content.html   |   9 +
 .../test/csp/file_CSP_web_manifest_remote.html     |   8 +
 dom/base/test/csp/file_csp_testserver.sjs          |  14 +-
 dom/base/test/csp/mochitest.ini                    |   7 +
 dom/base/test/moz.build                            |   5 +-
 dom/fetch/InternalRequest.cpp                      |   3 +
 dom/fetch/InternalRequest.h                        |   2 +-
 .../security/nsIContentSecurityPolicy.idl          |   3 +-
 dom/ipc/manifestMessages.js                        |  25 +-
 dom/security/nsCSPUtils.cpp                        |   7 +
 dom/security/nsCSPUtils.h                          |  10 +-
 dom/security/nsMixedContentBlocker.cpp             |   1 +
 dom/webidl/CSPDictionaries.webidl                  |   1 +
 extensions/permissions/nsContentBlocker.cpp        |   6 +-
 netwerk/mime/nsMimeTypes.h                         |   1 +
 28 files changed, 439 insertions(+), 15 deletions(-)
 create mode 100644 dom/base/test/csp/browser.ini
 create mode 100644 dom/base/test/csp/browser_test_web_manifest.js
 create mode 100644 dom/base/test/csp/browser_test_web_manifest_mixed_content.js
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest.html
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest.json
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest.json^headers^
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest_https.html
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest_https.json
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest_mixed_content.html
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest_remote.html
 2015-06-02 15:42:19 -04:00
Christoph Kerschbaumer f679dfded5 Bug 1129999 - Implement CSP devtool using GCLI; CSP to JSON (r=sstamm,bholley) 2015-05-21 11:16:04 -07:00
Eric Rahm 4879ae86f4 Bug 1165518 - Part 2: Replace prlog.h with Logging.h. rs=froydnj 2015-05-19 11:15:34 -07:00
Andrew McCreight 9e8f4b219e Bug 1152551, part 2 - Fix mode lines in dom/. r=jst 2015-05-03 15:32:37 -04:00
Christoph Kerschbaumer b2c8937b41 Bug 1004703 - ignore 'unsafe-inline' if nonce- or hash-source specified (r=sstamm) 
--HG--
extra : rebase_source : 119d3903ba156300f49f097efe2d18bbf8c8a6b5
 2015-04-07 09:06:05 -07:00
Ryan VanderMeulen b83ba6b825 Backed out 4 changesets (bug 671389) for frequent B2G debug test_tcpsocket_client_and_server_basics.html crashes. 
Backed out changeset b782435e5640 (bug 671389)
Backed out changeset 0f8d62109bfe (bug 671389)
Backed out changeset 8d6021f66c49 (bug 671389)
Backed out changeset cd3e227df9dc (bug 671389)
 2015-02-05 16:48:18 -05:00
Deian Stefan 53375db2ef Bug 671389 - Part 1: Implement CSP sandbox directive r=ckerschb,smaug 2015-02-03 23:40:00 +01:00
Sid Stamm 7ddbe36414 Bug 965727 - Implement referrer directive for CSP. (r=jst,ckerschb) 2014-12-17 14:14:04 -05:00
Sid Stamm 5dc1b5b39c Bug 999656 - Fix mappings between content type and CSP directives and refactor permits functions in CSP. r=ckerschb 2014-12-10 13:54:00 +01:00
Francois Marier e1f5653f32 Bug 529697 - (CSP 1.1) Implement form-action directive [1/4], r=geekboy 
Teach CSP about the form-action directive from CSP Level 2.
 2014-11-18 01:12:00 +01:00
Christoph Kerschbaumer ab97bec4cb Bug 1089912: Part 1, move csp into dom/security (r=sstamm,jst) 
--HG--
rename : dom/base/nsIContentSecurityPolicy.idl => dom/interfaces/security/nsIContentSecurityPolicy.idl
rename : dom/base/nsCSPContext.cpp => dom/security/nsCSPContext.cpp
rename : dom/base/nsCSPContext.h => dom/security/nsCSPContext.h
rename : dom/base/nsCSPParser.cpp => dom/security/nsCSPParser.cpp
rename : dom/base/nsCSPParser.h => dom/security/nsCSPParser.h
rename : dom/base/nsCSPService.cpp => dom/security/nsCSPService.cpp
rename : dom/base/nsCSPService.h => dom/security/nsCSPService.h
rename : dom/base/nsCSPUtils.cpp => dom/security/nsCSPUtils.cpp
rename : dom/base/nsCSPUtils.h => dom/security/nsCSPUtils.h
 2014-10-27 16:58:20 -07:00