This means we won't try to build it when ac_add_options --enable-eme=widevine is
not present, and critically, we won't try to build it on Android, since the Chromium
Widevine plugin isn't available there.
MozReview-Commit-ID: 1jQvAbJP8HG
Before this patch, the default policy for the use of SHA1 in certificate
signatures was "allow all" due to compatibility concerns.
After gathering telemetry, we are confident that we can enforce the policy of
"allow for locally-installed roots" (or certificates valid before 2016) without
too much breakage.
MozReview-Commit-ID: 8GxtgdbaS3P
--HG--
extra : rebase_source : d1bed911f2d5d40229ea06556fee0848668e98b6
There are two parts to this change. The first is a module to drive kinto
collection sync. This gives server-provided last-update times to each module
managing collection information so that data is only fetched when updates are
necessary. This also keeps track of when pings last took place (for future use)
and any apparent difference between client and server clock (we need this later
for the content signing work).
Currently only one module (the kinto version of the OneCRL client) consumes this
information, though more will follow.
The second is a minor change to nsBlocklistService.js to ensure that this ping
takes place whenever the existing blocklist ping happens.
MozReview-Commit-ID: 7SN03AOJ4Wc
We are planning on running an e10s experiment on early builds of beta46, and in this experiment we want to get data from e10s on + APZ off.
MozReview-Commit-ID: 4eEtgNRPxtW
Modify the Mac sandbox to allow temporary files to be created in a
parent-specified subdirectory of NS_OS_TEMP_DIR. This is similar to the
Windows approach. The parent provides a UUID in a preference which is
used by the content process to form the subdirectory name.
MozReview-Commit-ID: 6BONpfZz8ZI
--HG--
extra : rebase_source : ad18e091918356a1a40c13f1453972b4512ad476
If a user must re-authenticate with FxA to view the settings page,
a `login` message needs to be sent to the browser with the updated
credentials. This does not occur for the settings page because
`context` and `service` are not specified.
--HG--
extra : rebase_source : 99676b50b599515db62eafa2873f1b1758662e50
Listen for an |fxaccounts:sync_preferences| WebChannel message. Open
about:preferences#sync in the tab that sent the message.
--HG--
extra : rebase_source : 8830abd3a3c3e7919e82a158eef3d39abbbf8dbc
Before this patch, we were measuring where SHA-1 was being used in TLS
certificates: nowhere, in end-entities, in intermediates, or in both. However,
the possible SHA-1 policies don't differentiate between end-entities and
intermediates and instead depended on whether or not each certificate has a
notBefore value after 2015 (i.e. >= 0:00:00 1 January 2016 UTC). We need to
gather telemetry on the possible policy configurations.
--HG--
extra : rebase_source : 301c821c8de16ffb924cd198dd0a4d3139536019