mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
778 089 коммитов 615 Ветки 98 Теги 5,7 GiB
Граф коммитов

2269 Коммитов

Автор SHA1 Сообщение Дата
Tim Huang 4cca7fc573 Bug 1720869 - Part 1: Add a telemetry probe for referrer policy. r=ckerschb,necko-reviewers,valentin 
Differential Revision: https://phabricator.services.mozilla.com/D121344
 2021-08-02 19:24:54 +00:00
Karl Tomlinson b486854ffc Bug 1577199 add speaker-selection feature policy r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D119866
 2021-08-02 00:13:56 +00:00
Tom Ritter 3fe12c0596 Bug 1722775: Exempt Firefox Translation users from having their script security checked r=andrenatal 
Differential Revision: https://phabricator.services.mozilla.com/D121207
 2021-07-31 00:52:40 +00:00
Sebastian Streich 24b5b729d8 Bug 1706871 - Fix HandleInternally + Insecure Downloads r=mak 
Differential Revision: https://phabricator.services.mozilla.com/D117412
 2021-07-30 13:16:38 +00:00
Christoph Kerschbaumer 7aa6219ad0 Bug 1723086: Annotate all mixed content tests so that https-first does not interfere with them r=lyavor 
Differential Revision: https://phabricator.services.mozilla.com/D121341
 2021-07-30 09:12:46 +00:00
Tim Huang 943d4764a6 Bug 1720294 - Part 4: Add tests for disallowing relaxing default referrer policy. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D119974
 2021-07-29 15:23:07 +00:00
Tim Huang 126fbe99cd Bug 1720294 - Part 3: Flip off 'network.http.referer.disallowCrossSiteRelaxingDefault' for tests. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D119973
 2021-07-29 15:23:06 +00:00
Tim Huang faebb3494f Bug 1720294 - Part 2: Ignore less restricted referrer policies for cross-site channels. r=ckerschb 
We will ignore less restricted policies, including 'unsafe-url',
'no_referrer_when_downgrade' and 'origin_when_cross_origin' for
cross-site requests. Note that this will not apply to privilege
requests, i.e. the requests for the system or the extension.

Differential Revision: https://phabricator.services.mozilla.com/D119972
 2021-07-29 15:23:06 +00:00
Christoph Kerschbaumer 4a6250387f Bug 1719272: Annotate failing browser/ tests to potentially enable https-first mode in Nightly r=webcompat-reviewers,denschub,webdriver-reviewers,preferences-reviewers,Gijs,whimboo 
Differential Revision: https://phabricator.services.mozilla.com/D119177
 2021-07-28 19:16:16 +00:00
Sandor Molnar 68cdec0548 Backed out changeset 7eb8945dd8e3 (bug 1719272) for causing bustages in gecko decision task. CLOSED TREE 2021-07-28 19:47:06 +03:00
Christoph Kerschbaumer bb716f0701 Bug 1719272: Annotate failing browser/ tests to potentially enable https-first mode in Nightly r=webcompat-reviewers,denschub,webdriver-reviewers,preferences-reviewers,Gijs,whimboo 
Differential Revision: https://phabricator.services.mozilla.com/D119177
 2021-07-28 16:08:07 +00:00
Niklas Goegge 06d69eb77d Bug 1551886: Check the parent scheme for NullPrincipals via the precusor principal. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D119977
 2021-07-28 11:23:15 +00:00
lyavor a154e109a7 Bug 1721410 - HTTPS-First: Add test for HSTS redirection. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D120361
 2021-07-27 16:29:39 +00:00
Noemi Erli d5e136a2e7 Backed out changeset 9f9da0718a44 (bug 1721410) for causing failures in test_redirect_downgrade.html CLOSED TREE 2021-07-27 17:24:50 +03:00
lyavor 2ab98ad6bc Bug 1721410 - HTTPS-First: Add test for multiple redirections. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D120361
 2021-07-27 12:15:55 +00:00
Csoregi Natalia 91127acdb7 Backed out changeset 06b855d93dad (bug 1660452) for causing failures on test_bug1660452_https.html. CLOSED TREE 2021-07-22 19:30:49 +03:00
Niklas Goegge 2f22235706 Bug 1660452: Use precusor URIs to determine if a NullPrincipal was spun off of a Secure Context. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D120493
 2021-07-22 14:25:25 +00:00
Csoregi Natalia 6e4e85c04c Backed out changeset 27644fd8810b (bug 1551886) for causing wpt failures on /mixed-content/. CLOSED TREE 2021-07-22 16:02:47 +03:00
Niklas Goegge 22a59e14de Bug 1551886: Check the parent scheme for NullPrincipals via the precusor principal. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D119977
 2021-07-22 10:18:57 +00:00
Dorel Luca b00338e9b9 Backed out changeset ec131014f7fd (bug 1551886) for WPT failures in worker-classic-data.http-rp/opt-in/fetch.https.html. CLOSED TREE 2021-07-21 19:20:36 +03:00
Niklas Goegge a2a0eb99b1 Bug 1551886: Check the parent scheme for NullPrincipals via the precusor principal. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D119977
 2021-07-21 10:57:12 +00:00
lyavor 3ebe6a7c5d Bug 1720103 - Https-first: Do not upgrade form submissions (for now) r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D119882
 2021-07-14 15:53:00 +00:00
lyavor 34292f2736 Bug 1719309 - HTTPS-First test for bad certifactes. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D119779
 2021-07-14 12:34:01 +00:00
Sandor Molnar 14a27523eb Bug 1432170 - fix lint failure. CLOSED TREE 2021-07-13 17:22:28 +03:00
vinoth eedf3ef13e Bug 1432170 - Add tests for CSP sandbox bypass with Blob. r=ckerschb,dveditz 
Differential Revision: https://phabricator.services.mozilla.com/D118008
 2021-07-13 13:54:32 +00:00
Tooru Fujisawa cc92ef732d Bug 1708448 - Move property and element functions into js/public/PropertyAndElement.h. r=nbp 
Differential Revision: https://phabricator.services.mozilla.com/D119619
 2021-07-13 11:52:42 +00:00
Marcos Cáceres 77d16c7a16 Bug 1718221 - Set gamepad policy allow list to 'all' r=smaug 
temporarily setting the allow list to all until we can figure out why "self" is not working.

Differential Revision: https://phabricator.services.mozilla.com/D119471
 2021-07-13 03:46:22 +00:00
Noemi Erli f6510e1b99 Backed out changeset cac8db928ff6 (bug 1718221) for causing failures in gamepad-default-feature-policy.https.sub.html CLOSED TREE 2021-07-12 08:26:20 +03:00
Marcos Cáceres 6f5d36675b Bug 1718221 - Set gamepad policy allow list to 'all' r=smaug 
temporarily setting the allow list to all until we can figure out why "self" is not working.

Differential Revision: https://phabricator.services.mozilla.com/D119471
 2021-07-12 00:51:42 +00:00
Alexandru Michis 88d34a31f5 Backed out changeset 19de2822bc0c (bug 1711168) for causing Bug 1719063. 
CLOSED TREE
 2021-07-08 22:56:34 +03:00
Scott a550183af4 Bug 1719539 - Fix Pocket button csp for saved panel in debug mode r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D119332
 2021-07-08 13:59:00 +00:00
lyavor cc7f254576 Bug 1706126 - HTTPS- First doesn't upgrade redirection from exempt target domain to subdomain (which supports https) r=ckerschb,necko-reviewers,dragana 
Differential Revision: https://phabricator.services.mozilla.com/D118704
 2021-07-07 14:19:09 +00:00
Christoph Kerschbaumer 7bc1e1cf16 Bug 1577572: Make sure a CSP of '\FF' does not crash r=freddyb 
Differential Revision: https://phabricator.services.mozilla.com/D118830
 2021-07-05 09:27:46 +00:00
Christoph Kerschbaumer 3860b64792 Bug 1718034: Add and include logging for https-first mode to the ContentSecurityManager r=freddyb 
Differential Revision: https://phabricator.services.mozilla.com/D118707
 2021-06-24 12:32:23 +00:00
Kershaw Chang 1cbf5d7e80 Bug 1716069 - P2: Use nsHTTPSOnlyUtils::IsUpgradeDowngradeEndlessLoop to check if there is an endless loop when HTTPS RR is presented, r=ckerschb 
Depends on D118598

Differential Revision: https://phabricator.services.mozilla.com/D118599
 2021-06-24 09:27:54 +00:00
Kershaw Chang c4bbb92b2d Bug 1716069 - P1: Skip user gesture check in IsUpgradeDowngradeEndlessLoop(), r=ckerschb 
The main reason that I think we can skip this check is that `mHasValidUserGestureActivation` of the load info will be copied to the redirected channel's load info.
Take the website in this bug (www.animechiby.com) as an example.
1. When a user types http://www.animechiby.com in the address bar and press enter, we create an http channel to load.  At this point, `mHasValidUserGestureActivation` of this channel's load info is true.
2. The channel is redirect to `https` because of HTTPS RR (could be also HTTPS-only mode).
3. The web server returns 302 with a location header: `http://www.animechiby.com`.
4. We create a new channel and start redirecting to `http://www.animechiby.com`, and `mHasValidUserGestureActivation`  is copied to the new channel's load info.
5. IsUpgradeDowngradeEndlessLoop() returns false because GetHasValidUserGestureActivation() returns true.
6. IsUpgradeDowngradeEndlessLoop() failed to detect this endless loop case.

Differential Revision: https://phabricator.services.mozilla.com/D118598
 2021-06-24 09:27:54 +00:00
lyavor 5898eccd89 Bug 1716706 - Write referrer-policy tests for https-first. r=freddyb 
Differential Revision: https://phabricator.services.mozilla.com/D118362
 2021-06-24 07:13:09 +00:00
Kris Maglione 62ff8ab909 Bug 1705910: Remove NS_WARN_IF for expected case in FramingChecker. ckerschb r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D118417
 2021-06-23 22:02:10 +00:00
Shane Caraveo 7a0db3609f Bug 1711168 support extension matching in webAccessibleResources r=zombie,smaug 
Differential Revision: https://phabricator.services.mozilla.com/D115114
 2021-06-23 21:52:38 +00:00
Christoph Kerschbaumer 2224c15d86 Bug 1717797: HTTPS-First and HTTPS-Only: Convert static 3000ms background request delay to rely on a pref r=freddyb 
Differential Revision: https://phabricator.services.mozilla.com/D118581
 2021-06-23 11:46:50 +00:00
Christoph Kerschbaumer fdcd24393c Bug 1715253: Break endless upgrade downgrade loops within https-first r=necko-reviewers,kershaw 
Differential Revision: https://phabricator.services.mozilla.com/D118204
 2021-06-22 14:56:44 +00:00
Iulian Moraru 27bb808f36 Backed out changeset a713faa51ebb (bug 1706871) for causing bc failures on browser_test_mixed_content_download.js. CLOSED TREE 2021-06-16 16:25:09 +03:00
Sebastian Streich 5982f7b637 Bug 1706871 - Fix HandleInternally + Insecure Downloads r=mak 
Differential Revision: https://phabricator.services.mozilla.com/D117412
 2021-06-16 12:39:09 +00:00
Andrew Halberstadt 7a16af4434 Bug 1700781 - Skip failing mochitest-plain tests with fission + xorigin, r=jmaher 
Differential Revision: https://phabricator.services.mozilla.com/D117704
 2021-06-15 18:24:18 +00:00
lyavor 762ecaa032 Bug 1711453 HTTPS-First: Add test for cookies r=freddyb 
Differential Revision: https://phabricator.services.mozilla.com/D115468
 2021-06-15 14:54:21 +00:00
Mats Palmgren 58a3ef1c19 Bug 1542807 part 5 - Don't apply CSP rules for the document to fonts loaded from User and UserAgent origin sheets. r=ckerschb 
As for document.fonts, I don't think we intentionally meant to apply
CSP to User/UserAgent fonts.  The document certainly has no authority
to block those from loading.  (We already have a separate principal
for these which is further evidence that this was unintentional
and we can use the same bit (mUseOriginPrincipal) to avoid CSP.)

Differential Revision: https://phabricator.services.mozilla.com/D111695
 2021-06-14 01:22:06 +00:00
Dana Keeler ef0a88c6f2 Bug 1715142 - introduce nsIPublicKeyPinningService and remove 'type' parameter from nsISiteSecurityService r=rmf,necko-reviewers 
The public key pinning implementation is much less complex than the HSTS
implementation, and only needs a small subset of the parameters of the latter.
Furthermore, the information it relies on is static, and so is safe to access
from content processes. This patch separates the two implementations, thus
simplifying both of them and avoiding some unnecessary IPC calls in the
process.

Differential Revision: https://phabricator.services.mozilla.com/D117096
 2021-06-12 01:12:25 +00:00
Butkovits Atila ed3da455ae Backed out 7 changesets (bug 1542807) for causing failures at inert-retargeting-iframe.tentative.html. CLOSED TREE 
Backed out changeset e9ef32fa2f2e (bug 1542807)
Backed out changeset 8fa0cb199975 (bug 1542807)
Backed out changeset 38daf64afe59 (bug 1542807)
Backed out changeset e3aee052c495 (bug 1542807)
Backed out changeset a71056d4c7cc (bug 1542807)
Backed out changeset cf91e7d0a37f (bug 1542807)
Backed out changeset eee949e5fd67 (bug 1542807)
 2021-06-12 01:38:25 +03:00
Mats Palmgren 2047e29464 Bug 1542807 part 5 - Don't apply CSP rules for the document to fonts loaded from User and UserAgent origin sheets. r=ckerschb 
As for document.fonts, I don't think we intentionally meant to apply
CSP to User/UserAgent fonts.  The document certainly has no authority
to block those from loading.  (We already have a separate principal
for these which is further evidence that this was unintentional
and we can use the same bit (mUseOriginPrincipal) to avoid CSP.)

Differential Revision: https://phabricator.services.mozilla.com/D111695
 2021-06-11 18:10:39 +00:00
Butkovits Atila e4394b27a2 Backed out 3 changesets (bug 1715142) for causing build bustages. CLOSED TREE 
Backed out changeset 7e67994f6a65 (bug 1715142)
Backed out changeset f58d5156f332 (bug 1715142)
Backed out changeset f8a7bd4519c6 (bug 1715142)
 2021-06-11 21:20:02 +03:00
Dana Keeler f84faf1bf5 Bug 1715142 - introduce nsIPublicKeyPinningService and remove 'type' parameter from nsISiteSecurityService r=rmf,necko-reviewers 
The public key pinning implementation is much less complex than the HSTS
implementation, and only needs a small subset of the parameters of the latter.
Furthermore, the information it relies on is static, and so is safe to access
from content processes. This patch separates the two implementations, thus
simplifying both of them and avoiding some unnecessary IPC calls in the
process.

Differential Revision: https://phabricator.services.mozilla.com/D117096
 2021-06-11 17:58:19 +00:00
Iulian Moraru 955a3ab572 Backed out 2 changesets (bug 1715142) for causing marionette failures on test_navigation.py and mochitest failures on browser_setIgnoreCertificateErrors.js. CLOSED TREE 
Backed out changeset 83206685ca0b (bug 1715142)
Backed out changeset ab3060a5f69e (bug 1715142)
 2021-06-11 02:45:34 +03:00
Dana Keeler f3c620e4c3 Bug 1715142 - introduce nsIPublicKeyPinningService and remove 'type' parameter from nsISiteSecurityService r=rmf,necko-reviewers 
The public key pinning implementation is much less complex than the HSTS
implementation, and only needs a small subset of the parameters of the latter.
Furthermore, the information it relies on is static, and so is safe to access
from content processes. This patch separates the two implementations, thus
simplifying both of them and avoiding some unnecessary IPC calls in the
process.

Differential Revision: https://phabricator.services.mozilla.com/D117096
 2021-06-10 22:13:32 +00:00
Niklas Goegge 75b4aba015 Bug 1704473 - Remove <head> requirement for <meta name=referrer>. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D116618
 2021-06-09 09:21:53 +00:00
lyavor 0e97d943bc Bug 1713593 - HTTPS-First: Add test for mixed content blocker. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D116465
 2021-06-08 09:08:08 +00:00
Marcos Cáceres 5c4b5feaa0 Bug 1704005 - Add SecureContext and Permissions Policy to Gamepad API r=johannh,emilio 
Differential Revision: https://phabricator.services.mozilla.com/D111360
 2021-06-04 15:04:33 +00:00
Butkovits Atila 0c11966e33 Backed out changeset e4e70f6b0108 (bug 1704005) for causing failures in Event-timestamp-high-resolution.html. CLOSED TREE 2021-06-04 10:01:31 +03:00
Marcos Cáceres c9f80b3c63 Bug 1704005 - Add SecureContext and Permissions Policy to Gamepad API r=johannh,emilio 
Differential Revision: https://phabricator.services.mozilla.com/D111360
 2021-06-04 04:28:50 +00:00
Niklas Goegge d90d1a148c Bug 1712749 - Land remaining sec-fetch browser navigation tests. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D116586
 2021-06-02 14:30:07 +00:00
lyavor 8c341a47c7 Bug 1709552 HTTPS-First: 4xx and 5xx error responses might need a downgrade. r=ckerschb,necko-reviewers,valentin,JulianWels 
Differential Revision: https://phabricator.services.mozilla.com/D114749
 2021-06-02 08:35:22 +00:00
Csoregi Natalia cdd2783d2a Backed out changeset 039d90d5ec6b (bug 1704005) for failures on test_hide_gamepad_info.html. CLOSED TREE 2021-06-02 10:45:13 +03:00
Marcos Cáceres 0ede67a3ea Bug 1704005 - Add SecureContext and Permissions Policy to Gamepad API r=johannh,emilio 
Differential Revision: https://phabricator.services.mozilla.com/D111360
 2021-06-02 01:54:07 +00:00
Valentin Gosu 7c670aecf4 Bug 1708125 - Remove some remaining FTP references from the tree r=necko-reviewers,dragana,Gijs 
Differential Revision: https://phabricator.services.mozilla.com/D114067
 2021-05-31 13:08:12 +00:00
Brindusan Cristian 2a324428d6 Backed out changeset 8fea79dcd428 (bug 1708125) for causing xpcshell failures in test_DownloadCore.js. 
CLOSED TREE
 2021-05-31 15:28:19 +03:00
Valentin Gosu 02335617c8 Bug 1708125 - Remove some remaining FTP references from the tree r=necko-reviewers,dragana,Gijs 
Differential Revision: https://phabricator.services.mozilla.com/D114067
 2021-05-31 07:33:29 +00:00
Christoph Kerschbaumer d9f27f416f Bug 1713074: CSP - Add moz logging for origin of policy r=freddyb 
Differential Revision: https://phabricator.services.mozilla.com/D116082
 2021-05-27 09:15:17 +00:00
Niklas Goegge 643d999174 Bug 1648825 - Ensure that Sec-Fetch-Site is only 'none' if the load was user triggered. r=ckerschb,marionette-reviewers,whimboo 
Differential Revision: https://phabricator.services.mozilla.com/D109643
 2021-05-25 17:37:08 +00:00
lyavor bd85d490ae Bug 1707856: Test redirect downgrades with https-first. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D113511
 2021-05-25 11:49:00 +00:00
Gijs Kruitbosch 84a607d2f1 Bug 1706487 - honour browser.tabs.loadInBackground for 'Open Image/Video/Audio in New Tab', r=mconley,fluent-reviewers,flod 
Differential Revision: https://phabricator.services.mozilla.com/D115545
 2021-05-21 17:58:05 +00:00
Andreea Pavel 87ae6eae9f Backed out 3 changesets (bug 1695911, bug 1648825) for bc failures at browser_navigation.js on a CLOSED TREE 
Backed out changeset 1d7e78cac600 (bug 1695911)
Backed out changeset d90566e41269 (bug 1648825)
Backed out changeset 5aece2a17f5d (bug 1648825)
 2021-05-20 18:59:30 +03:00
Frederik Braun 527db54989 Bug 1658564 - Sanitizer API parse options - r=hsivonen 
Differential Revision: https://phabricator.services.mozilla.com/D113663
 2021-05-20 11:44:39 +00:00
Niklas Goegge f361b2288f Bug 1648825 - Ensure that Sec-Fetch-Site is only 'none' if the load was user triggered. r=ckerschb,marionette-reviewers,whimboo 
Differential Revision: https://phabricator.services.mozilla.com/D109643
 2021-05-20 11:06:11 +00:00
lyavor 77ad045bc1 Bug 1710234 Crash in [@ TestHTTPAnswerRunnable::IsBackgroundRequestRedirected]. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D114840
 2021-05-11 12:27:51 +00:00
Frederik Braun 5b4bb711be Bug 1708114 - when doing unexpected systemprincipal loads, record redirected schemes - r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D113763
 2021-05-11 08:27:47 +00:00
Christoph Kerschbaumer 65efd6810d Bug 1710467: HTTPS-First Mode should only upgrade schemes using the default port r=arthuredelstein 
Differential Revision: https://phabricator.services.mozilla.com/D114760
 2021-05-11 07:50:25 +00:00
Noemi Erli cc61c075ad Backed out changeset 00f13360743a (bug 1707856) for causing mochitest failures in test_fragment.html CLOSED TREE 2021-05-10 20:20:28 +03:00
lyavor 9dc5e2e4d4 Bug 1707856: Test redirect downgrades with https-first. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D113511
 2021-05-10 16:32:16 +00:00
Valentin Gosu c46e217683 Bug 1708116 - Use NetAddr::InitFromString instead of PR_StringToNetAddr r=necko-reviewers,dragana 
Differential Revision: https://phabricator.services.mozilla.com/D113752
 2021-05-10 09:26:01 +00:00
Dorel Luca 0a5ef97272 Backed out changeset 73abb8b1b4b5 (bug 1708125) for xpcshell failures in browser/components/urlbar/tests/unit/test_avoid_stripping_to_empty_tokens.js. CLOSED TREE 2021-05-07 12:15:35 +03:00
Valentin Gosu bf24e6a36f Bug 1708125 - Remove some remaining FTP references from the tree r=necko-reviewers,dragana,Gijs 
Differential Revision: https://phabricator.services.mozilla.com/D114067
 2021-05-07 08:20:14 +00:00
Brindusan Cristian 31acb9e00c Backed out 2 changesets (bug 1708116) for causing xpcshell failures in test_udpsocket_offline.js and bc failures in browser_cookies_ipv6.js. CLOSED TREE 
Backed out changeset 0c9b303226f1 (bug 1708116)
Backed out changeset e3be13d3c045 (bug 1708116)
 2021-05-06 16:35:48 +03:00
Valentin Gosu 301361bdfb Bug 1708116 - Use NetAddr::InitFromString instead of PR_StringToNetAddr r=necko-reviewers,dragana 
Differential Revision: https://phabricator.services.mozilla.com/D113752
 2021-05-06 10:06:46 +00:00
Paul Bone 6191ca4916 Bug 1709526 - Fix all the lint errors for .ini files in dom/ r=jmaher 
Differential Revision: https://phabricator.services.mozilla.com/D114321
 2021-05-06 01:29:31 +00:00
lyavor 3e9de81554 Bug 1709069: Test that Data URI which makes a top-level request gets updated in https-first. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D114086
 2021-05-05 15:03:29 +00:00
Iulian Moraru 0c7ef5cde0 Backed out changeset c09cb1410f56 (bug 1707856) for causing mochitest failures on test_fragment.html. CLOSED TREE 2021-05-05 13:24:24 +03:00
lyavor dc8fb2b8d5 Bug 1707856: Test redirect downgrades with https-first. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D113511
 2021-05-05 09:39:59 +00:00
Sandor Molnar f7b8c6b3d1 Backed out 2 changesets (bug 1708116) for causing build bustages. CLOSED TREE 
Backed out changeset d1488e9d64a6 (bug 1708116)
Backed out changeset 44ed91f0b7b4 (bug 1708116)
 2021-05-04 18:41:36 +03:00
Sandor Molnar c5f7ff6b65 Backed out changeset fda42a745baf (bug 1708114) for causing Gtest failures in UnexpectedPrivilegedLoadsTelemetryTest. CLOSED TREE 2021-05-04 18:13:00 +03:00
Valentin Gosu 5ae9a468e0 Bug 1708116 - Use NetAddr::InitFromString instead of PR_StringToNetAddr r=necko-reviewers,dragana 
Differential Revision: https://phabricator.services.mozilla.com/D113752
 2021-05-04 14:05:59 +00:00
Frederik Braun 886cc45e9a Bug 1708114 - when doing unexpected systemprincipal loads, record redirected schemes - r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D113763
 2021-05-04 13:04:18 +00:00
lyavor d8cb699cc0 Bug 1704454 - Copy and adapt test https-only/test_resource_upgrade.html for https-first. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D113314
 2021-05-04 07:51:26 +00:00
Christoph Kerschbaumer ca97a5eee9 Bug 1705340: Ensure .onion URLs are handled properly within HTTPS-First Mode r=JulianWels 
Differential Revision: https://phabricator.services.mozilla.com/D112161
 2021-04-30 08:35:19 +00:00
lyavor e4937e72d8 Bug 1706351 Copy and adapt test https-only/test_redirect_upgrade.html for https-first. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D113315
 2021-04-27 12:35:10 +00:00
Frederik Braun bc3093469d Bug 1670913 - use inert document within Sanitizer API r=hsivonen 
Differential Revision: https://phabricator.services.mozilla.com/D113488
 2021-04-27 12:34:56 +00:00
imoraru 6da5939ee7 Backed out changeset 3907dd86dd71 (bug 1670913) it was not intended to land. 2021-04-27 15:27:37 +03:00
Frederik Braun d079e38109 Bug 1670913 - use inert document within Sanitizer API r=hsivonen 
Differential Revision: https://phabricator.services.mozilla.com/D113488
 2021-04-27 11:31:41 +00:00
lyavor 64526e2041 Bug 1683015 HTTPS-Only Mode Alert appears on site which supports https. r=ckerschb,JulianWels 
Differential Revision: https://phabricator.services.mozilla.com/D112702
 2021-04-26 11:45:20 +00:00
Christoph Kerschbaumer 3d007777ee Bug 1706577: HTTPS-First should handle fragment navigation correctly. r=JulianWels 
Differential Revision: https://phabricator.services.mozilla.com/D113107
 2021-04-22 11:58:19 +00:00
Dave Townsend 30b4f94dd3 Bug 1700972: Remove profile-per-install onboarding UI. r=Gijs 
Differential Revision: https://phabricator.services.mozilla.com/D112292
 2021-04-21 20:06:31 +00:00
Christoph Kerschbaumer fb0cf1ec76 Bug 1706552: Change HTTPS First Mode pref to dom.security.https_first r=lyavor 
Differential Revision: https://phabricator.services.mozilla.com/D112918
 2021-04-21 10:56:54 +00:00
Christoph Kerschbaumer 1ea077e3b9 Bug 1704502: Create https-first and https-only test setting all combinations of prefs r=JulianWels 
Differential Revision: https://phabricator.services.mozilla.com/D112062
 2021-04-20 17:42:14 +00:00
Butkovits Atila 19ebeecdba Backed out changeset 6af1c50f4499 (bug 1705340) for casuing failures at browser_upgrade_top_level_exceptions.js. CLOSED TREE 2021-04-20 19:30:50 +03:00
Christoph Kerschbaumer bb9d21868f Bug 1705340: Ensure localhost and .onion are handled properly within HTTPS-First Mode r=JulianWels 
Differential Revision: https://phabricator.services.mozilla.com/D112161
 2021-04-20 12:40:07 +00:00
Rob Wu d4860b1581 Bug 1705523 - Use StripURIForReporting for source-file + tests r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D112266
 2021-04-19 16:42:03 +00:00
Mark Banner 6d7ec21683 Bug 1705127 - Enable more ESLint rules for some more dom/security/test directories. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D112053
 2021-04-15 11:11:18 +00:00
Christoph Kerschbaumer 3bd53d697c Bug 1687342 - Test blocked-uri in csp-reports after frame redirect. r=freddyb,dveditz 
Differential Revision: https://phabricator.services.mozilla.com/D102929
 2021-04-15 07:56:07 +00:00
Christoph Kerschbaumer 2688122af1 Bug 1704719: Introduce Pref for HTTPS-First in Private Browsing Mode r=JulianWels 
Differential Revision: https://phabricator.services.mozilla.com/D112011
 2021-04-14 11:10:39 +00:00
Christoph Kerschbaumer b273e401dc Bug 1542194: Test blockedURI in CSP violation events in certain redirect scenarios r=dveditz,freddyb 
Differential Revision: https://phabricator.services.mozilla.com/D103476
 2021-04-14 10:45:55 +00:00
Claudia 69e599d847 Bug 1651012 - Organize certerror code into its own directory in browser/base/content/ r=prathiksha,Gijs 
Differential Revision: https://phabricator.services.mozilla.com/D110951
 2021-04-14 10:24:38 +00:00
Alexandru Michis 9b58a1c6f5 Backed out changeset 8a21200047bb (bug 1651012) for causing bc failures in browser_parsable_script.js 
CLOSED TREE
 2021-04-14 01:52:26 +03:00
Claudia d6b7c6e76b Bug 1651012 - Organize certerror code into its own directory in browser/base/content/ r=prathiksha,Gijs 
Differential Revision: https://phabricator.services.mozilla.com/D110951
 2021-04-13 18:54:28 +00:00
Christoph Kerschbaumer e1c35fda94 Bug 1658924: Implement HTTPS-First and automatically fall back to http if secure top-level connection is not available r=necko-reviewers,JulianWels,mattwoodrow,dragana 
Differential Revision: https://phabricator.services.mozilla.com/D111686
 2021-04-13 17:43:12 +00:00
Niklas Goegge 35b1cdb734 Bug 1703466 - Set sec-fetch-site to 'none' for browser issued requests. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D111792
 2021-04-13 11:18:25 +00:00
lyavor 75c83b4a52 Bug 1702001 Https-only mode does not reload pages after clicking "Continue to HTTP Site", when url contains navigation r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D110395
 2021-04-08 14:32:57 +00:00
Csoregi Natalia cfad2d513e Backed out changeset b09095eaf7d9 (bug 1702001) for causing failures on test_insecure_reload.html. CLOSED TREE 2021-04-08 12:28:19 +03:00
lyavor 3322a7eb35 Bug 1702001 Https-only mode does not reload pages after clicking "Continue to HTTP Site", when url contains navigation r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D110395
 2021-04-08 08:21:34 +00:00
Tom Ritter 2390cf13c1 Bug 1702295: Collect the about: page that unexpected-security violations occur on r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D110443
 2021-04-06 14:04:07 +00:00
lyavor 0eda688c65 Bug 1694932 - Https-only mode reloads the page in certain cases when there should be just a fragment navigation r=ckerschb,smaug 
Differential Revision: https://phabricator.services.mozilla.com/D107999
 2021-03-29 12:56:33 +00:00
Tim Huang 38c07544f4 Bug 1695050 - Part 7: Update the call-site of CookieJarSettings::Create() for ReferrerInfo. r=ckerschb 
This patch updates the call-site of CookieJarSetting::Create() to pass
the enum according to the fact that if it is in the private browsing
mode.

Differential Revision: https://phabricator.services.mozilla.com/D109050
 2021-03-29 11:01:53 +00:00
Shane Caraveo 7601b1edfd Bug 1700762 iframe sandboxed extensions pages are allowed to load their own resources r=ckerschb,robwu 
Differential Revision: https://phabricator.services.mozilla.com/D100834
 2021-03-26 15:27:19 +00:00
Simon Giesecke 760cc7e936 Bug 1679522 - Fix include directives and forward declarations. r=andi,necko-reviewers,jgilbert 
- Add missing include directives and forward declarations.
- Remove some extra include directives.
- Add missing namespace qualifications.
- Move include directives out of namespace in toolkit/xre/GlobalSemaphore.h

Differential Revision: https://phabricator.services.mozilla.com/D98894
 2021-03-25 10:19:44 +00:00
Frederik Braun 9e740e0d37 Bug 1699101 - annotate WebExtension Content Style data URL loads r=rpl,ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D108772
 2021-03-23 15:28:03 +00:00
Cosmin Sabou 1b347c5c49 Backed out 2 changesets (bug 1699627) for bc failures on browser_startup_content.js. 
Backed out changeset 02e74b497dfc (bug 1699627)
Backed out changeset 270e0f9613a6 (bug 1699627)
 2021-03-22 20:24:53 +02:00
Henrik Skupin f01757f544 Bug 1699627 - Use nsIMarionette service to get enabled state of Marionette within the Content Security Manager. r=freddyb 
Differential Revision: https://phabricator.services.mozilla.com/D109363
 2021-03-22 16:44:41 +00:00
Niklas Goegge bf279d8795 Bug 1698768 - Bundle sec-fetch-* tests within dom/security/tests/sec-fetch/ r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D108942
 2021-03-18 15:00:37 +00:00
Niklas Goegge abde84c961 Bug 1698767 - Use ExtContentPolicyType instead of InternalContentPolicyType in SecFetch::IsUserTriggeredForSecFetchSite r=ckerschb 
The internal content policy type of `TYPE_INTERNAL_IFRAME` gets mapped to `ExtContentPolicy::TYPE_SUBDOCUMENT`, so there is no need to use the internal type.

Differential Revision: https://phabricator.services.mozilla.com/D108640
 2021-03-17 11:43:34 +00:00
Niklas Gögge ed5eaf624b Bug 1647128 - Detect webby navs caused by meta refreshes in IsUserTriggeredForSecFetchSite check r=necko-reviewers,ckerschb,valentin 
Differential Revision: https://phabricator.services.mozilla.com/D108035
 2021-03-17 11:42:55 +00:00
Christoph Kerschbaumer 659f418fa5 Bug 1697976: Increase timeout for test test_break_endless_upgrade_downgrade_loop.html. r=valentin 
Differential Revision: https://phabricator.services.mozilla.com/D108401
 2021-03-15 15:06:15 +00:00
Neil Deakin 37cd19a3dc Bug 1690030, change view image on context menu to default to open in a new tab, r=Gijs,fluent-reviewers 
Differential Revision: https://phabricator.services.mozilla.com/D107336
 2021-03-11 19:54:41 +00:00
Christoph Kerschbaumer 39ef03a187 Bug 1691888: Break endless upgrade downgrade loops when using https-only r=necko-reviewers,valentin,JulianWels 
Differential Revision: https://phabricator.services.mozilla.com/D106475
 2021-03-11 18:02:27 +00:00
leli 18f2473013 Bug 1665057 - Add www button on https-only error page - test r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D103700
 2021-03-11 17:10:07 +00:00
leli bb2e8e2911 Bug 1665057 - Add www button on https-only error page r=ckerschb,JulianWels,Gijs 
Differential Revision: https://phabricator.services.mozilla.com/D101468
 2021-03-11 17:10:06 +00:00
Frederik Braun 2100e901b0 Bug 1697163 - restrict systemprincipal telemetry to scripts and styles r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D107643
 2021-03-11 09:43:54 +00:00
Sebastian Streich 239f9451dc Bug 1685570 Backed out changeset 92d71744323a r=necko-reviewers,kershaw 
Differential Revision: https://phabricator.services.mozilla.com/D107670
 2021-03-10 15:15:24 +00:00
Bogdan Tara 69d8f06dc7 Backed out changeset 37aae4f2c6cf (bug 1691888) for test_break_endless_upgrade_downgrade_loop.html failures CLOSED TREE 2021-03-10 10:28:49 +02:00
Christoph Kerschbaumer 37c822edfd Bug 1691888: Break endless upgrade downgrade loops when using https-only r=necko-reviewers,valentin,JulianWels 
Differential Revision: https://phabricator.services.mozilla.com/D106475
 2021-03-10 07:30:25 +00:00
Tom Ritter 250cd8fa5d Bug 1696306: Fix javascriptLoad Telemetry r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D107169
 2021-03-04 15:23:50 +00:00
Neil Deakin af1fcf5634 Bug 1686931, merge view image and view background image commands on context menu, r=Gijs 
Differential Revision: https://phabricator.services.mozilla.com/D103775
 2021-03-04 08:50:30 +00:00
Simon Giesecke b5855b89fc Bug 1634281 - Remove unused nsDataHashtable.h includes. r=xpcom-reviewers,nika 
Differential Revision: https://phabricator.services.mozilla.com/D106007
 2021-03-03 08:58:52 +00:00
leli e238e3a1fd Bug 1695254 - change test test_http_background_auth.html to work with fission r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D106633
 2021-03-01 14:35:40 +00:00
Julian Descottes 6e37958c88 Bug 1694140 - [devtools] Stop using TargetFactory.forTab outside of devtools r=rpl,ochameau 
Depends on D106000

Differential Revision: https://phabricator.services.mozilla.com/D106001
 2021-02-25 18:02:52 +00:00
Frederik Braun 85f139b0d2 Bug 1664485 - make sanitize/sanitizeToString param's non-optional r=ckerschb,emilio 
Differential Revision: https://phabricator.services.mozilla.com/D105953
 2021-02-24 08:01:01 +00:00
Cosmin Sabou 31a3457890 Backed out changeset cffeff2a2803 (bug 1664485) for wpt sanitizer-api related failures. CLOSED TREE 2021-02-23 17:59:59 +02:00
Frederik Braun 8bc870864d Bug 1664485 - make sanitize/sanitizeToString param's non-optional r=ckerschb,emilio 
Differential Revision: https://phabricator.services.mozilla.com/D105953
 2021-02-23 12:35:21 +00:00
Alexis Beingessner 07f2f659c6 Bug 1686616 - make StringBundle use Components instead of Services. r=kmag 
Differential Revision: https://phabricator.services.mozilla.com/D105531
 2021-02-18 13:26:32 +00:00
Alexis Beingessner 8fea71cdd5 Bug 1686616 - make PermissionManager use Components instead of Services. r=kmag 
Differential Revision: https://phabricator.services.mozilla.com/D105528
 2021-02-18 13:26:31 +00:00
Christoph Kerschbaumer 6bc25cbfd9 Bug 1353608: Make test_frameNavigation.html work with fission enabled r=smaug 
Differential Revision: https://phabricator.services.mozilla.com/D105297
 2021-02-16 14:14:22 +00:00
Christoph Kerschbaumer 6692f87581 Bug 1542194: Update blocked-uri in CSP reporting by treating frame naviations as redirects r=freddyb,dveditz,mixedpuppy 
Differential Revision: https://phabricator.services.mozilla.com/D103697
 2021-02-11 09:09:17 +00:00
Mihai Alexandru Michis d5b753448d Backed out changeset 4ffa919d35f9 (bug 1687364) as requested by kershaw. 
CLOSED TREE
 2021-02-10 16:47:51 +02:00
Cosmin Sabou d8118867b5 Backed out changeset 0abd871c4920 (bug 1542194) for xpcshell failures on test_ext_contentscript_triggeringPrincipal.js. CLOSED TREE 2021-02-09 21:57:05 +02:00
Christoph Kerschbaumer 2b003274b2 Bug 1687342: Blocked-URI in CSP reports should be URI before redirects with ref removed r=freddyb,dveditz 
Differential Revision: https://phabricator.services.mozilla.com/D103450
 2021-02-09 18:42:03 +00:00
Christoph Kerschbaumer d14708a4c5 Bug 1542194: Update blocked-uri in CSP reporting by treating frame naviations as redirects r=freddyb,dveditz 
Differential Revision: https://phabricator.services.mozilla.com/D103697
 2021-02-09 18:41:59 +00:00
Jan Varga 89ca2a95fb Bug 1690515 - Add missing do_get_profile calls to appropriate tests; r=dom-workers-and-storage-reviewers,necko-reviewers,sg,valentin 
Differential Revision: https://phabricator.services.mozilla.com/D103886
 2021-02-09 05:30:57 +00:00
Kershaw Chang 22a60154b9 Bug 1685942 - Only fallback to original conn info when network error happens r=necko-reviewers,valentin,dragana 
Differential Revision: https://phabricator.services.mozilla.com/D102703
 2021-02-08 11:46:51 +00:00
Kershaw Chang 5c2914628b Bug 1687364 - Authorization header can't be wildcarded for Access-Control-Allow-Headers r=necko-reviewers,dragana 
Differential Revision: https://phabricator.services.mozilla.com/D102932
 2021-02-02 18:39:32 +00:00
Tom Ritter 692a5351d2 Bug 1688800: Carve out more edge cases for javascriptLoad restrictions, and let Telemetry ride the trains r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D103043
 2021-01-29 13:35:31 +00:00
Kris Maglione 9ab2b48df3 Bug 1685801: Part 3 - Remove BrowserUtils.makeURI and makeFileURI. r=mccr8 
Differential Revision: https://phabricator.services.mozilla.com/D101483
 2021-01-28 20:58:24 +00:00
Brindusan Cristian b33ce66d55 Backed out changeset 2ade9dd19ad1 (bug 1688800) for build bustages at nsContentSecurityUtils.cpp. CLOSED TREE 2021-01-28 23:26:05 +02:00
Tom Ritter fc87a63477 Bug 1688800: Carve out more edge cases for javascriptLoad restrictions, and let Telemetry ride the trains r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D103043
 2021-01-28 20:40:40 +00:00
Mihai Alexandru Michis 040e2ea5d0 Backed out 12 changesets (bug 1685801) for causing bc failures in browser_ctrlTab.js 
CLOSED TREE

Backed out changeset 021924b62f13 (bug 1685801)
Backed out changeset 38cc10101c1f (bug 1685801)
Backed out changeset 9ab9574ac72a (bug 1685801)
Backed out changeset 1a7f259cc2ec (bug 1685801)
Backed out changeset b267b19a7f6e (bug 1685801)
Backed out changeset 7dfcf0257487 (bug 1685801)
Backed out changeset ee0d0169b079 (bug 1685801)
Backed out changeset 0c358ee51951 (bug 1685801)
Backed out changeset 338ab91af557 (bug 1685801)
Backed out changeset a49415007aaf (bug 1685801)
Backed out changeset b91098299143 (bug 1685801)
Backed out changeset edf6209861a8 (bug 1685801)
 2021-01-28 22:55:11 +02:00
Kris Maglione d7b8eeedcc Bug 1685801: Part 3 - Remove BrowserUtils.makeURI and makeFileURI. r=mccr8 
Differential Revision: https://phabricator.services.mozilla.com/D101483
 2021-01-28 05:25:10 +00:00
Butkovits Atila 7decdccbdc Backed out 12 changesets (bug 1685801) for causing failures on browser_fission_maxOrigins.js. CLOSED TREE 
Backed out changeset 0d7153110519 (bug 1685801)
Backed out changeset 5175062925c7 (bug 1685801)
Backed out changeset 2c1250e786f0 (bug 1685801)
Backed out changeset 0ce3c773ba74 (bug 1685801)
Backed out changeset 9d51c6e24dee (bug 1685801)
Backed out changeset 3f4dc6349441 (bug 1685801)
Backed out changeset a80de9abb9f8 (bug 1685801)
Backed out changeset 30786893a5e7 (bug 1685801)
Backed out changeset 8007b12d6e32 (bug 1685801)
Backed out changeset fa814f4b7125 (bug 1685801)
Backed out changeset 14e4e47ee99f (bug 1685801)
Backed out changeset d9f1feba9454 (bug 1685801)
 2021-01-28 07:15:59 +02:00
Kris Maglione 70ccb5bca1 Bug 1685801: Part 3 - Remove BrowserUtils.makeURI and makeFileURI. r=mccr8 
Differential Revision: https://phabricator.services.mozilla.com/D101483
 2021-01-28 03:32:33 +00:00
Valentin Gosu d2046a6e97 Bug 1687618 - Remove browser.cache.cache_isolation r=necko-reviewers,dragana 
Differential Revision: https://phabricator.services.mozilla.com/D102711
 2021-01-26 10:32:07 +00:00
smolnar 4bdd1a3ecd Backed out 5 changesets (bug 1687618) for causing mochitest failures in browser_networkIsolation. CLOSED TREE 
Backed out changeset afb6bcdbdf4f (bug 1687618)
Backed out changeset b67677b3f710 (bug 1687618)
Backed out changeset 0cb1cb5bf7a8 (bug 1687618)
Backed out changeset 5308d27acd05 (bug 1687618)
Backed out changeset 984a9f8e8b5e (bug 1687618)
 2021-01-26 11:36:32 +02:00
Valentin Gosu 7c1e084192 Bug 1687618 - Remove browser.cache.cache_isolation r=necko-reviewers,dragana 
Differential Revision: https://phabricator.services.mozilla.com/D102711
 2021-01-26 07:52:33 +00:00
Dimi Lee 09d83a6839 Bug 1589074 - Fix dom mochitest failures after changing default referrer policy to strict-origin-when-cross-origin. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D88552
 2021-01-25 13:26:55 +00:00
Dimi Lee a777fb5474 Bug 1589074 - Set referrer policy default to strict-origin-when-cross-origin. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D88547
 2021-01-25 13:26:36 +00:00
Butkovits Atila 69babd862d Backed out 11 changesets (bug 1589074) for causing failures on test_DownloadCore.js. 
Backed out changeset 10e37ec238ee (bug 1589074)
Backed out changeset a306f2483d73 (bug 1589074)
Backed out changeset b7a0d73a2885 (bug 1589074)
Backed out changeset da996dc79d5d (bug 1589074)
Backed out changeset 3cffd4570c8e (bug 1589074)
Backed out changeset 9fe67741eb5a (bug 1589074)
Backed out changeset e8e6d9a6b90d (bug 1589074)
Backed out changeset 78df7f0ccb31 (bug 1589074)
Backed out changeset 712f147c5a41 (bug 1589074)
Backed out changeset f093f3c48807 (bug 1589074)
Backed out changeset 454beae0f635 (bug 1589074)
 2021-01-25 14:57:00 +02:00
Dimi Lee 6940624a72 Bug 1589074 - Fix dom mochitest failures after changing default referrer policy to strict-origin-when-cross-origin. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D88552
 2021-01-22 08:48:00 +00:00
Dimi Lee bb1e1baac7 Bug 1589074 - Set referrer policy default to strict-origin-when-cross-origin. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D88547
 2021-01-22 08:47:37 +00:00
Masatoshi Kimura 54c1b8dee1 Bug 1687108 - Remove unused content policy types. r=ckerschb,remote-protocol-reviewers,smaug 
Differential Revision: https://phabricator.services.mozilla.com/D102083
 2021-01-19 09:42:13 +00:00
Masatoshi Kimura a29e207781 Bug 1685900 - Split internal and external contentPolicyType. r=ckerschb,smaug 
Differential Revision: https://phabricator.services.mozilla.com/D101271
 2021-01-15 12:07:16 +00:00
Narcis Beleuzu 0322452233 Backed out changeset a52961071dcd (bug 1685900) for Build bustage in nsContentSecurityManager.cpp. CLOSED TREE 2021-01-15 04:04:37 +02:00
Masatoshi Kimura b384f14cde Bug 1685900 - Split internal and external contentPolicyType. r=ckerschb,smaug 
Differential Revision: https://phabricator.services.mozilla.com/D101271
 2021-01-15 04:02:41 +02:00
Dorel Luca 9ed19e2828 Backed out changeset a52961071dcd (bug 1685900) for Build bustage in nsContentSecurityManager.cpp. CLOSED TREE 2021-01-15 02:45:34 +02:00
Masatoshi Kimura 87e50835c4 Bug 1685900 - Split internal and external contentPolicyType. r=ckerschb,smaug 
Differential Revision: https://phabricator.services.mozilla.com/D101271
 2021-01-14 20:44:54 +00:00
Andi-Bogdan Postelnicu e161d1f5a1 Bug 1685580 - fix `non-unified` build issue caused by Bug 1662138. r=botond 
Differential Revision: https://phabricator.services.mozilla.com/D101200
 2021-01-08 19:24:54 +00:00
Masatoshi Kimura 64e86892a9 Bug 1683464 - Improve nsCSPParser::directiveName. r=ckerschb 
This function converts between enums and strings over and over. It is
sufficient to call CSP_StringToCSPDirective only once.

Differential Revision: https://phabricator.services.mozilla.com/D100183
 2021-01-07 15:19:23 +00:00
Masatoshi Kimura 4b3e1792af Bug 1683464 - Remove InternalContentPolicyTypeToExternalOrWorker. r=ckerschb 
Now this function is used just to create a parameter to
CSP_ContentTypeToDirective.

Differential Revision: https://phabricator.services.mozilla.com/D100182
 2021-01-07 15:19:05 +00:00
Masatoshi Kimura 3f402bfcc4 Bug 1683464 - Reduce nsContentPolicyType usage. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D100181
 2021-01-07 15:18:52 +00:00
Masatoshi Kimura ada333728d Bug 1683464 - Remove aIsPreload. r=ckerschb 
The only effect of this parameter is suppressing the violation reports and it
is redundant because aSendViolationReports is present.

Differential Revision: https://phabricator.services.mozilla.com/D100180
 2021-01-07 15:18:19 +00:00
Sebastian Streich 9f99b10883 Bug 1662138 - Do not rely on Type::SaveAs for MCB download check r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D88865
 2021-01-07 12:19:27 +00:00
Daniel Holbert ac4480af11 Bug 1685231: Fix the typo "ot" in various code-comments (to "to", "of", or "not"). r=mccr8 
DONTBUILD because this is a comment-only change and hence doesn't affect
behavior at all.

I ran across this typo in nsPageFrame.cpp, and figured I might as well grep for
it and fix it more comprehensively. And while I'm at it, I also fixed some
neighboring instances of a duplicated word around a linebreak, in
nsXMLContentSerializer.h.

Differential Revision: https://phabricator.services.mozilla.com/D100852
 2021-01-06 04:54:51 +00:00
Razvan Maries 6a4eb25b10 Backed out 4 changesets (bug 1683464) for multiple perma failures. CLOSED TREE 
Backed out changeset a5d315c017d0 (bug 1683464)
Backed out changeset 5f91001e4923 (bug 1683464)
Backed out changeset 1b7fe904e8af (bug 1683464)
Backed out changeset eb1c479fddca (bug 1683464)
 2021-01-05 16:47:22 +02:00
Masatoshi Kimura a37aa9ff1e Bug 1683464 - Improve nsCSPParser::directiveName. r=ckerschb 
This function converts between enums and strings over and over. It is
sufficient to call CSP_StringToCSPDirective only once.

Depends on D100182

Differential Revision: https://phabricator.services.mozilla.com/D100183
 2021-01-05 12:24:00 +00:00
Masatoshi Kimura 0fa6b4d30c Bug 1683464 - Remove InternalContentPolicyTypeToExternalOrWorker. r=ckerschb 
Now this function is used just to create a parameter to
CSP_ContentTypeToDirective.

Depends on D100181

Differential Revision: https://phabricator.services.mozilla.com/D100182
 2021-01-05 12:22:22 +00:00
Masatoshi Kimura dfb97ca7cf Bug 1683464 - Reduce nsContentPolicyType usage. r=ckerschb 
Depends on D100180

Differential Revision: https://phabricator.services.mozilla.com/D100181
 2021-01-05 12:21:46 +00:00
Masatoshi Kimura 672dd7fa13 Bug 1683464 - Remove aIsPreload. r=ckerschb 
The only effect of this parameter is suppressing the violation reports and it
is redundant because aSendViolationReports is present.

Depends on D100179

Differential Revision: https://phabricator.services.mozilla.com/D100180
 2021-01-05 12:19:10 +00:00
Masatoshi Kimura 44274c030b Bug 1683464 - Remove aMimeTypeGuess from nsIContentSecurityPolicy::ShouldLoad. r=ckerschb 
This parameter is unused.

Depends on D100178

Differential Revision: https://phabricator.services.mozilla.com/D100179
 2021-01-04 17:05:01 +00:00
Sebastian Streich 4e9a38f624 Bug 1676221 - Add UX nits to unblock UI r=ckerschb,Gijs 
Show save dialogue
***
Automaticly show Panel On Block
***
Keep Open/Save Dialogue with open panel
***
Keep User choise in downloadsView
***
Add Unblock option to Unblock panel
***
lint
***
add test

Differential Revision: https://phabricator.services.mozilla.com/D96448
 2020-12-18 15:30:33 +00:00
Simon Giesecke 9758d919eb Bug 1583109 - Use StringJoin(Append) where easily possible. r=nika 
Bug 1583109 introduced new function templates StringJoin and StringJoinAppend.
These are now used to replace several custom loops across the codebase that
implement string-joining algorithms to simplify the code.

Differential Revision: https://phabricator.services.mozilla.com/D98750
 2020-12-17 14:58:18 +00:00
Butkovits Atila a5ae3506b7 Backed out changeset 234ae5cb0ff8 (bug 1676221) for causing leaks. CLOSED TREE 2020-12-17 10:54:31 +02:00
Sebastian Streich ac54bcd9d6 Bug 1676221 - Add UX nits to unblock UI r=ckerschb,Gijs 
Show save dialogue
***
Automaticly show Panel On Block
***
Keep Open/Save Dialogue with open panel
***
Keep User choise in downloadsView
***
Add Unblock option to Unblock panel
***
lint
***
add test

Differential Revision: https://phabricator.services.mozilla.com/D96448
 2020-12-16 22:55:12 +00:00
Masatoshi Kimura 3424a95ee0 Bug 1682103 - Make nsContentPolicyType a CEnum type. r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D99580
 2020-12-16 11:36:47 +00:00
Csoregi Natalia d8c9489b13 Backed out changeset 16d174e7c342 (bug 1583109) for bustage on nsReadableUtils.h. CLOSED TREE 2020-12-16 22:51:26 +02:00
Simon Giesecke 72babae175 Bug 1583109 - Use StringJoin(Append) where easily possible. r=nika 
Bug 1583109 introduced new function templates StringJoin and StringJoinAppend.
These are now used to replace several custom loops across the codebase that
implement string-joining algorithms to simplify the code.

Differential Revision: https://phabricator.services.mozilla.com/D98750
 2020-12-16 19:38:23 +00:00
Simon Giesecke 9379d0240f Bug 1679987 - Use nsTokenizedRange where easily possible. r=xpcom-reviewers,nika 
Differential Revision: https://phabricator.services.mozilla.com/D98308
 2020-12-16 19:10:34 +00:00
Dimi Lee bf8688ff88 Bug 1678545 - P3. Fix test_referrer_redirect failures r=ckerschb 
Differential Revision: https://phabricator.services.mozilla.com/D99883
 2020-12-16 13:22:26 +00:00
Dimi Lee 9b4b8eb426 Bug 1678545 - P1. Use previously computed referrer as the original referrer in ReferrerInfo::CreateFromOtherAndPolicyOverride r=ckerschb,smaug 
Differential Revision: https://phabricator.services.mozilla.com/D99358
 2020-12-16 08:46:53 +00:00