61c17da3e9
Bug 1584993: Make CSP frame-ancestors work with fission enabled. r=jkt,farre,valentin
...
Differential Revision: https://phabricator.services.mozilla.com/D49147
--HG--
extra : moz-landing-system : lando
2019-10-22 10:57:43 +00:00
e1b6bc2222
Backed out changeset 8705284b50d4 (bug 1584993) for test_report_uri_missing_in_report_only_header.html failures CLOSED TREE
2019-10-22 13:25:49 +03:00
2d974555d2
Bug 1584993: Make CSP frame-ancestors work with fission enabled. r=jkt,farre,valentin
...
Differential Revision: https://phabricator.services.mozilla.com/D49147
--HG--
extra : moz-landing-system : lando
2019-10-22 08:53:47 +00:00
f5cd986818
Bug 1583044: Make nsMozIconURI serializeable. r=valentin
...
Differential Revision: https://phabricator.services.mozilla.com/D49442
--HG--
extra : moz-landing-system : lando
2019-10-21 14:16:49 +00:00
f1b8926d68
Backed out changeset fb8fb91d2a96 (bug 1583044) for causing perma fails on test_DownloadUtils.js and reftests. CLOSED TREE
2019-10-18 15:25:07 +03:00
89195abaf2
Bug 1583044: Make nsMozIconURI serializeable. r=valentin
...
Differential Revision: https://phabricator.services.mozilla.com/D49442
--HG--
extra : moz-landing-system : lando
2019-10-18 10:49:55 +00:00
ecf163cc61
Bug 1587417: Add about:logo to allowlist of CSP assertion. r=jkt
...
Differential Revision: https://phabricator.services.mozilla.com/D48703
--HG--
extra : moz-landing-system : lando
2019-10-09 13:33:15 +00:00
23ba7b6fe3
Bug 1583949 - Add a check for IsEvalAllowed to the worker callpath for eval() r=ckerschb,baku
...
This patch does several things. Because Workers aren't on the main thread,
many of the things done are in the name of off main thread access.
1) Changes a parameter in IsEvalAllowed from a nsIPrincipal to a bool.
We only used the principal to determined if it was the System Principal.
Principals aren't thread safe and can only be accessed on Main Thread, so
if we passed a Principal in, we would be in error. Instead only pass in
the bool which - for workers - comes from a thread-safe location.
2) Separates out the Telemetry Event Recording and sending a message to the
console into a new function nsContentSecurityUtils::NotifyEvalUsage. (And
creates a runnable that calls it.)
We do this because we will need to only call this method on the main thread.
Telemetry Event Recording has only ever been called on the Main Thread.
While I possibly-successfully cut it over to happen Off Main Thread (OMT)
by porting preferences to StaticPrefs, I don't know if there were other
threading assumptions in the Telemetry Code. So it would be much safer to
just continue recording Event Telemetry on the main thread.
Sending a message to the console requires calling GetStringBundleService()
which requires main thread. I didn't investigate if this could be made
thread-safe, I just threw it onto the main thread too.
If, in IsEvalAllowed, we are on the main thread - we call NotifyEvalUsage
directly. If we are not, we create a runnable which will then call
NotifyEvalUsage for us on the main thread.
3) Ports allow_eval_with_system_principal and allow_eval_in_parent_process
from bools to RelaxedAtomicBool - because we now check these prefs OMT.
4) In RuntimeService.cpp, adds the call to IsEvalAllowed.
5) Add resource://gre/modules/workers/require.js to the allowlist of eval
usage. This was the script that identified this gap in the first place.
It uses eval (twice) for structural reasons (scope and line number
massaging.) The contents of the eval are the result of a request to a
uri (which may be internal, like resource://). The whole point of this
is to implement a CommonJS require() api.
This usage of eval is safe because the only way an attacker can inject
into it is by either controlling the response of the uri request or
controlling (or appending to) the argument. If they can do that, they
are able to inject script into Firefox even if we cut this usage of eval
over to some other type of safe(r) script loader.
Bug 1584564 tracks making sure calls to require.js are safe.
6) Adds cld-worker.js to the allowlist. Bug 1584605 is for refactoring that
eval usage, which is decidedly non-trivial.
7) Does _not_ enforce the eval restrictions for workers. While I've gotten
try to be green and not throw up any instances of eval-usage by workers,
it is much safer to deploy this is Telemetry-only mode for Workers for
a little bit to see if anything pops up from the Nightly population.
Bug 1584602 is for enforcing the checks.
Differential Revision: https://phabricator.services.mozilla.com/D47480
--HG--
extra : moz-landing-system : lando
2019-10-08 17:31:35 +00:00
ceace3f3aa
Bug 1585055 - Flip Pref for XTCO-NoSniff and update test to match r=ckerschb
...
***
Use Window.opener in test
Differential Revision: https://phabricator.services.mozilla.com/D47635
--HG--
extra : moz-landing-system : lando
2019-10-07 12:05:36 +00:00
f12b9fa5c3
Bug 1519636 - Reformat recent changes to the Google coding style r=Ehsan
...
# ignore-this-changeset
Differential Revision: https://phabricator.services.mozilla.com/D47737
--HG--
extra : moz-landing-system : lando
2019-10-06 18:29:55 +00:00
e7760ef29c
Bug 1585604 - Remove telemetry for mixed object subrequst counting. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D47888
--HG--
extra : moz-landing-system : lando
2019-10-02 11:17:28 +00:00
ee3312ea5b
Backed out changeset 7978f68a5355 (bug 1585055) for multiple mochitest-plain-chunked failures. on a CLOSED TREE
2019-10-02 02:26:13 +03:00
cb72b07f82
Bug 1585055 - Flip Pref for XTCO-NoSniff and update test to match r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D47635
--HG--
extra : moz-landing-system : lando
2019-10-01 09:43:36 +00:00
a93eb8d621
Bug 1580643 - Skip test_navigate_to.html on fission; r=mccr8
...
Avoid frequent intermittent test failures on fission.
Differential Revision: https://phabricator.services.mozilla.com/D47695
--HG--
extra : moz-landing-system : lando
2019-10-01 17:21:41 +00:00
28f91efa92
Bug 1584992: Make upgrade-insecure-requests work with fission enabled. r=jkt
...
Differential Revision: https://phabricator.services.mozilla.com/D47650
--HG--
extra : moz-landing-system : lando
2019-09-30 21:33:28 +00:00
c494962b4b
Bug 1583932 - Remove aRequestOrigin from nsCSPContext::ShouldLoad r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D47125
--HG--
extra : moz-landing-system : lando
2019-09-30 10:38:32 +00:00
877c77623f
Bug 1583489: TIghten CSP assertion for about: pages. r=jkt
...
Differential Revision: https://phabricator.services.mozilla.com/D47423
--HG--
extra : moz-landing-system : lando
2019-09-27 12:33:27 +00:00
f1c694e18f
Bug 1582531 - Update fission annotations for skipped tests that are now passing succesfully, r=kmag
...
Differential Revision: https://phabricator.services.mozilla.com/D47347
--HG--
extra : moz-landing-system : lando
2019-09-27 14:25:10 +00:00
30285b4a58
Bug 1499354: Add object-src 'none' to the CSP of all about: pages. r=freddyb
...
Differential Revision: https://phabricator.services.mozilla.com/D46950
--HG--
extra : moz-landing-system : lando
2019-09-26 16:22:41 +00:00
68edbc8842
Backed out changeset c3579f540cd7 (bug 1583932) for causing xpcshell failures in test_csp_reports.js CLOSED TREE
...
--HG--
extra : rebase_source : 5c71e17d6c48d398a11aa919208963aa47209064
extra : amend_source : 8802cdb433e0f770c0648a91bb876dae7dd51100
2019-09-26 17:00:16 +03:00
245b87853c
Bug 1583932 - Remove aRequestOrigin from nsCSPContext::ShouldLoad r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D47125
--HG--
extra : moz-landing-system : lando
2019-09-26 12:34:17 +00:00
ba7231bd82
Backed out changeset af8ca81b90e4 (bug 1583932) for causing build bustages in nsCSPService.cpp CLOSED TREE
2019-09-26 14:31:33 +03:00
84f7f4dcb4
Bug 1583932 - Remove aRequestOrigin from nsCSPContext::ShouldLoad r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D47125
--HG--
extra : moz-landing-system : lando
2019-09-26 10:16:36 +00:00
154d7196d0
Bug 1581512 - Use plain or octetStream as default mime for XTCO -r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D46004
--HG--
extra : moz-landing-system : lando
2019-09-26 10:06:05 +00:00
8d86dd4c94
Bug 1573276 - Always allow localization in error pages r=johannh,peterv
...
Differential Revision: https://phabricator.services.mozilla.com/D43216
--HG--
extra : moz-landing-system : lando
2019-09-25 10:39:45 +00:00
53d5895e71
Bug 1497200: Apply Meta CSP to about:downloads. r=Gijs
...
Differential Revision: https://phabricator.services.mozilla.com/D45330
--HG--
extra : moz-landing-system : lando
2019-09-25 13:50:28 +00:00
ce89ff6a7a
Bug 1419222, Add test for correct handling of iFrame CSPs, r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D46452
--HG--
extra : moz-landing-system : lando
2019-09-25 12:30:23 +00:00
1a317c31b2
Bug 1583076 - Check navigate-to in ConsultCSPForRedirect since this runs for DocumentChannel. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D46742
--HG--
extra : moz-landing-system : lando
2019-09-25 08:25:42 +00:00
edbd9409af
Bug 1583076 - Make nsCSPService::ConsultCSPForRedirect return both the AsyncOnChannelRedirect result, as well as an optional result to cancel the old channel with. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D46740
--HG--
extra : moz-landing-system : lando
2019-09-25 08:25:22 +00:00
ff85d01d81
Bug 1580565 - Disable tests that crash on fission. r=kmag
...
Differential Revision: https://phabricator.services.mozilla.com/D46872
--HG--
extra : moz-landing-system : lando
2019-09-24 17:03:40 +00:00
89350c28cd
Backed out 4 changesets (bug 1583076) for causing build bustages on nsCSPService.cpp. CLOSED TREE
...
Backed out changeset e3e31e1dfc13 (bug 1583076)
Backed out changeset 97e4bfbc5578 (bug 1583076)
Backed out changeset 6ccf5880c324 (bug 1583076)
Backed out changeset b4140efc183d (bug 1583076)
2019-09-25 08:22:10 +03:00
f6c8016c29
Bug 1583076 - Check navigate-to in ConsultCSPForRedirect since this runs for DocumentChannel. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D46742
--HG--
extra : moz-landing-system : lando
2019-09-25 04:51:13 +00:00
6aa089f744
Bug 1583076 - Make nsCSPService::ConsultCSPForRedirect return both the AsyncOnChannelRedirect result, as well as an optional result to cancel the old channel with. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D46740
--HG--
extra : moz-landing-system : lando
2019-09-25 04:50:44 +00:00
f1b65b22c7
Backed out 5 changesets (bug 1583076) for href-location-redirected-blocked.sub.html failures CLOSED TREE
...
Backed out changeset dd4117098844 (bug 1583076)
Backed out changeset 97bc75b1cfe1 (bug 1583076)
Backed out changeset 084b244a33c0 (bug 1583076)
Backed out changeset 1baaf14e2451 (bug 1583076)
Backed out changeset 56c3918b5c21 (bug 1583076)
2019-09-25 00:53:46 +03:00
ca805e6ecb
Bug 1583076 - Fix bustages in nsCSPService.cpp:317:12 a=bustage-fix CLOSED TREE
2019-09-24 23:15:00 +03:00
ce6f028211
Bug 1583076 - Check navigate-to in ConsultCSPForRedirect since this runs for DocumentChannel. r=ckerschb
...
Depends on D46741
Differential Revision: https://phabricator.services.mozilla.com/D46742
--HG--
extra : moz-landing-system : lando
2019-09-24 12:13:51 +00:00
29c34b4b28
Bug 1583076 - Make nsCSPService::ConsultCSPForRedirect return both the AsyncOnChannelRedirect result, as well as an optional result to cancel the old channel with. r=ckerschb
...
Depends on D46739
Differential Revision: https://phabricator.services.mozilla.com/D46740
--HG--
extra : moz-landing-system : lando
2019-09-24 12:12:18 +00:00
e7cf747b38
Bug 1580771 - Set test_main.html to always fail on fission r=neha
...
Differential Revision: https://phabricator.services.mozilla.com/D46278
--HG--
extra : moz-landing-system : lando
2019-09-19 13:26:22 +00:00
c2e992ed6e
Bug 1570681 - Enforce eval restrictions in system contexts and the parent process r=ckerschb
...
We log to MOZ_LOG, report an error to the console, send telemetry, and in debug builds - crash
Differential Revision: https://phabricator.services.mozilla.com/D45055
--HG--
extra : moz-landing-system : lando
2019-09-19 02:32:41 +00:00
9621f537b0
Bug 1570681 - Move Eval testing logic from nsContentSecurityManager to nsContentSecurityUtils r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D45484
--HG--
extra : moz-landing-system : lando
2019-09-18 19:36:31 +00:00
9be69aefcb
Bug 1580750 - Enable more fission tests r=JuniorHsu
...
Differential Revision: https://phabricator.services.mozilla.com/D46175
--HG--
extra : moz-landing-system : lando
2019-09-17 19:35:00 +00:00
ecfde38ed8
Bug 1580710: Expose functionality on the CSP Object to allow skipping the inline style checks. r=bzbarsky
...
Differential Revision: https://phabricator.services.mozilla.com/D45631
--HG--
extra : moz-landing-system : lando
2019-09-16 23:47:19 +00:00
0d2253119a
Bug 1561964 - Re-enable all tests in dom/security/test on Android. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D37488
--HG--
extra : moz-landing-system : lando
2019-09-13 03:31:57 +00:00
f261e424d2
Bug 1580377: Re-disable test_reloadInFreshProcess under Fission. r=mccr8
...
Differential Revision: https://phabricator.services.mozilla.com/D45670
--HG--
extra : moz-landing-system : lando
2019-09-12 14:17:49 +00:00
7af5f952e6
Bug 1560110 - Remove skip-ifs for tests. r=kmag
...
Differential Revision: https://phabricator.services.mozilla.com/D45379
--HG--
extra : moz-landing-system : lando
2019-09-11 08:51:09 +00:00
934da4e096
Bug 1529068 - Implementation of the navigate-to CSP directive as defined in CSP Level 3. r=ckerschb,mccr8
...
https://www.w3.org/TR/CSP3/#directive-navigate-to
Differential Revision: https://phabricator.services.mozilla.com/D37139
--HG--
extra : moz-landing-system : lando
2019-09-10 22:33:51 +00:00
165096efe5
Bug 1579820 - Handle window.open() from remote subframes. r=nika
...
The CommonCreateWindow code requires having a BrowserHost for the tab that's
creating the window, which it tries to get from the requestor's BrowserParent.
For remote BrowserParents, though, there is no BrowserHost, so we need to get
it from the top-level embedder instead.
Differential Revision: https://phabricator.services.mozilla.com/D45172
--HG--
extra : moz-landing-system : lando
2019-09-10 09:04:17 +00:00
507cd448aa
Bug 1566386: Assert that every about: page on Android ships with a CSP. r=snorp
...
Differential Revision: https://phabricator.services.mozilla.com/D45193
--HG--
extra : moz-landing-system : lando
2019-09-10 06:26:14 +00:00
ab78b9be04
Bug 1579088 - Correct the expecting result for img in test_strict_dynamic_default_src.html; r=ckerschb
...
The description and expected result of some tests aren't matched.
Differential Revision: https://phabricator.services.mozilla.com/D44843
--HG--
extra : moz-landing-system : lando
2019-09-09 17:44:37 +00:00
1c24dc8c08
Bug 1579088 - Do not use img.complete check whether the img is loaded; r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D44842
--HG--
extra : moz-landing-system : lando
2019-09-09 17:44:36 +00:00
7a34c52f34
Bug 1579373 - Disabled geolocation permission for crossorigin iframe by default and add tests r=baku
...
Differential Revision: https://phabricator.services.mozilla.com/D45174
--HG--
extra : moz-landing-system : lando
2019-09-09 20:00:56 +00:00
b5a051c48e
Bug 1497584: Apply Meta CSP to about:preferences. r=Gijs
...
Differential Revision: https://phabricator.services.mozilla.com/D44474
--HG--
extra : moz-landing-system : lando
2019-09-06 11:59:19 +00:00
4144eb70e4
Bug 1578231: Hardcode whitelist of about: pages where we can not apply a CSP. r=jkt
...
Differential Revision: https://phabricator.services.mozilla.com/D44617
--HG--
extra : moz-landing-system : lando
2019-09-05 14:22:09 +00:00
3f262058ba
Backed out changeset e2927c8227d9 (bug 1578231) for Browser-chrome failures browser/base/content/test/performance/browser_preferences_usage.js
2019-09-05 14:47:53 +03:00
4e4f4a0bf6
Bug 1578231: Hardcode whitelist of about: pages where we can not apply a CSP. r=jkt
...
Differential Revision: https://phabricator.services.mozilla.com/D44617
--HG--
extra : moz-landing-system : lando
2019-09-05 09:44:13 +00:00
ec62854d68
Backed out changeset 890bcaee9b7d (bug 1529068) for causing massive tier2 failures on central in dom/security/test/csp/test_navigate_to.html. CLOSED TREE
2019-09-05 09:47:35 +03:00
9f3a3e9669
Bug 1578709 - Only set flash only pref for those tests that need it, r=mconley,ahal
...
Differential Revision: https://phabricator.services.mozilla.com/D44648
--HG--
extra : moz-landing-system : lando
2019-09-04 22:12:39 +00:00
2202fa3333
Bug 1529068 - Implementation of the navigate-to CSP directive as defined in CSP Level 3. r=ckerschb,mccr8
...
https://www.w3.org/TR/CSP3/#directive-navigate-to
Differential Revision: https://phabricator.services.mozilla.com/D37139
--HG--
extra : moz-landing-system : lando
2019-09-04 20:29:37 +00:00
f96e9cd73f
Backed out changeset 887d125d7f59 (bug 1578709) for failing at test_bug427744.html on a CLOSED TREE.
2019-09-04 21:34:11 +03:00
2dd3b18187
Backed out changeset 99b313550fb8 (bug 1529068) for eslint failure on test_navigate_to.html. CLOSED TREE
2019-09-04 21:15:18 +03:00
33379674f8
Bug 1529068 - Implementation of the navigate-to CSP directive as defined in CSP Level 3. r=ckerschb,mccr8
...
https://www.w3.org/TR/CSP3/#directive-navigate-to
Differential Revision: https://phabricator.services.mozilla.com/D37139
--HG--
extra : moz-landing-system : lando
2019-09-04 17:44:14 +00:00
bb899238e7
Bug 1578709 - Only set flash only pref for those tests that need it, r=mconley,ahal
...
Differential Revision: https://phabricator.services.mozilla.com/D44648
--HG--
extra : moz-landing-system : lando
2019-09-04 17:28:02 +00:00
4f940eeb9a
Bug 1578529 - Remove an Eval-Assert exception we don't need and accidently included r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D44527
--HG--
extra : moz-landing-system : lando
2019-09-04 11:51:59 +00:00
e579f452c1
Bug 1556489 - P8. Add CSPService::ConsultCSPForRedirect. r=mayhemer,ckerschb
...
We extract the code from CSPService::AsyncOnChannelRedirect so that we can use it in a follow-up change.
Differential Revision: https://phabricator.services.mozilla.com/D40965
2019-09-03 10:19:12 +10:00
6a4c76882f
Bug 1505412 - Skip CSP-Nonce check for CSP-Ro+Redirected Channels r=ckerschb
...
***
- Another test setup
Differential Revision: https://phabricator.services.mozilla.com/D36916
--HG--
extra : moz-landing-system : lando
2019-09-02 14:49:27 +00:00
709c7ccf0c
Bug 1577746 - Automatically enable more ESLint rules for dom/. r=baku
...
This enables:
- mozilla/no-useless-parameters
- mozilla/no-useless-run-test
- no-extra-boolean-cast
- no-unneeded-ternary
Depends on D44150
Differential Revision: https://phabricator.services.mozilla.com/D44151
--HG--
extra : moz-landing-system : lando
2019-09-02 11:23:26 +00:00
acd70816c6
Bug 1577746 - Enable ESLint rule dot-notation for dom/. r=baku
...
Depends on D44149
Differential Revision: https://phabricator.services.mozilla.com/D44150
--HG--
extra : moz-landing-system : lando
2019-09-02 11:23:05 +00:00
351d147e2f
Bug 1577746 - Enable ESLint rule object-shorthand for dom/. r=baku
...
Differential Revision: https://phabricator.services.mozilla.com/D44149
--HG--
extra : moz-landing-system : lando
2019-09-02 11:22:27 +00:00
625509f19c
Bug 1399803 - Consider all IPv4 loopback addresses as secure context; r=bzbarsky,dragana
...
Differential Revision: https://phabricator.services.mozilla.com/D43633
--HG--
extra : moz-landing-system : lando
2019-08-30 07:57:34 +00:00
6c326548a4
Bug 1577363 - Set dom/security/test/general/mochitest.ini as passing with fission. r=Ehsan
...
It got set as failing in bug 1576814 but passes after bug 1576316 added back fission-incompatible code.
Differential Revision: https://phabricator.services.mozilla.com/D44113
--HG--
extra : moz-landing-system : lando
2019-08-30 13:52:04 +00:00
178d154900
Backed out changeset 92848bd0c1e0 (bug 1561964) for dom/security android mochitest failures
2019-08-30 04:05:45 +03:00
426bf8391a
Bug 1561964 - Re-enable all tests in dom/security/test on Android. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D37488
--HG--
extra : moz-landing-system : lando
2019-08-29 16:04:14 +00:00
36bed861bf
Bug 1576814 - These tests are currently failing for fission r=kmag
...
Depends on D43571
Differential Revision: https://phabricator.services.mozilla.com/D43572
--HG--
extra : moz-landing-system : lando
2019-08-27 23:42:25 +00:00
0fac17f172
Bug 1576039 - Adding more Time to Prevent Timeouts r=pbz
...
Differential Revision: https://phabricator.services.mozilla.com/D43454
--HG--
extra : moz-landing-system : lando
2019-08-26 16:41:16 +00:00
2d0fff3267
Backed out changeset 4bedbc45e231 (bug 1505412) for failures in test_bug1505412.html CLOSED TREE
2019-08-22 19:52:49 +03:00
140ba11647
Bug 1536058 - Add a Test for cache isolation r=ckerschb,Ehsan
...
***
Adding Ehsans nits
***
Differential Revision: https://phabricator.services.mozilla.com/D40613
--HG--
extra : moz-landing-system : lando
2019-08-22 15:21:09 +00:00
5c3cba344d
Bug 1505412 - Skip CSP-Nonce check for CSP-Ro+Redirected Channels r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D36916
--HG--
extra : moz-landing-system : lando
2019-08-22 15:23:17 +00:00
ee73cb534e
Bug 1575343, part 2 - Avoid string copies when getting calling location in nsCSPContext. r=smaug
...
This code grabs the URI, then tries to overwrite it with information
from GetCallingLocation, then possibly overwrites it again with the
original information, then converts the string.
My patch reorders things so that we try GetCallingLocation() first, so
we only set the values once. In the case where GetCallingLocation()
succeeds it avoids a string copy from 8 to 16 bit.
Differential Revision: https://phabricator.services.mozilla.com/D42728
--HG--
extra : moz-landing-system : lando
2019-08-20 22:53:53 +00:00
62bd52a17f
Bug 1575343, part 1 - Avoid a gratuitous string copy by calling the nsAString overload of GetCallingLocation. r=smaug
...
The nsAString overload of GetCallingLocation directly converts the
original source file name string into an nsAString. A number of
callers that want the source file name in an nsAString are calling the
nsACString overload of GetCallingLocation, then calling
NS_ConvertUTF8toUTF16. This results in an extra intermediate copy of
the original string data.
Differential Revision: https://phabricator.services.mozilla.com/D42727
--HG--
extra : moz-landing-system : lando
2019-08-20 22:53:49 +00:00
cf20303f06
Bug 1528697 - Remove ReferrerPolicy.h and add utils to ReferrerInfo r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D41956
--HG--
extra : moz-landing-system : lando
2019-08-21 12:09:06 +00:00
bbd6f51a56
Bug 1528697 - Add cenum referrerpolicy in ReferrerInfo.idl r=ckerschb,Gijs
...
Differential Revision: https://phabricator.services.mozilla.com/D41955
--HG--
extra : moz-landing-system : lando
2019-08-21 13:28:23 +00:00
32ab8293ff
Bug 1528697 - Expose ReferrerPolicy.webidl and use referrerpolicy enum r=smaug
...
ReferrerPolicy gets tossed back and forth as a uint32_t and
ReferrerPolicy enum in header file. Expose ReferrerPolicyValues from
webidl file and use consistently in native code.
Differential Revision: https://phabricator.services.mozilla.com/D41954
--HG--
extra : moz-landing-system : lando
2019-08-21 13:24:45 +00:00
fe6a6a4285
Bug 1567940 Apply ReferrerInfo to Download and fix Go to Download Page button r=Gijs,dimi
...
In the old way, if referrer is ommited we will not be able to go to
download page. In that case, we should use originalReferrer in
ReferrerInfo object
Differential Revision: https://phabricator.services.mozilla.com/D39875
--HG--
extra : moz-landing-system : lando
2019-08-20 16:22:44 +00:00
952e8654d9
Backed out changeset 983ff93a11ad (bug 1505412) for debug-test-verify-e10s failure at dom/security/test/csp/test_bug1505412.html. On a CLOSED TREE
2019-08-16 13:19:32 +03:00
645ecf6d90
Bug 1505412 - Skip CSP-Nonce check for CSP-Ro+Redirected Channels r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D36916
--HG--
extra : moz-landing-system : lando
2019-08-15 15:51:33 +00:00
745a1d73ea
Merge mozilla-central to mozilla-inbound. a=merge CLOSED TREE
2019-08-15 01:06:23 +03:00
097aa52411
Bug 1573622 - Do not enforce eval() assertions if userchrome.css is enabled r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D41814
--HG--
extra : moz-landing-system : lando
2019-08-14 14:29:57 +00:00
d9aecc626c
Bug 1570658 - Add a Flag for Navigation-Nosniff r=ckerschb
...
***
Revert Changes to Test
Differential Revision: https://phabricator.services.mozilla.com/D40618
--HG--
extra : moz-landing-system : lando
2019-08-14 07:07:33 +00:00
f5df74c740
Bug 1573145: Create ContentSecurityUtils.h/cpp and move AssertAboutPageHasCSP into it. r=jkt
...
Differential Revision: https://phabricator.services.mozilla.com/D41537
--HG--
extra : moz-landing-system : lando
2019-08-14 10:15:09 +00:00
e92e3d02f6
Bug 1560699 - Download FTP resources instead of rendering them. r=michal
...
Differential Revision: https://phabricator.services.mozilla.com/D39702
--HG--
extra : moz-landing-system : lando
2019-08-11 20:46:06 +00:00
c706a636a8
Bug 1559489, part 4 - Remote-to-local window transplanting. r=tcampbell,bzbarsky
...
This patch cleans up remote outer window proxies when we navigate back
into the process.
It adds a flag to mDanglingRemoteOuterProxies that is set in between
BrowsingContext::SetDocShell(), where we can tell that the browsing
context is going from being remote to being local, to
nsGlobalWindowOuter::SetNewDocument(), where the local outer window
proxy is actually created. Once the outer window is created, the
remote window proxies can be cleaned up in
CleanUpDanglingRemoteOuterWindowProxies().
The clean up is done by a process that is similar to object
transplanting, except that instead of looking in the cross-compartment
wrapper table for each compartment to find objects to be turned into
CCWs to the new object, it looks in the remote proxy map for each
compartment. SpiderMonkey doesn't know about the proxy maps, so this
has to be done by a new callback object CompartmentTransplantCallback.
Now that this cleanup is being done, it shouldn't be possible to wrap
a remote outer window proxy when the browsing context is local, so
MaybeWrapWindowProxy() can be simplified. I had to drop the assert
here that the browsing context has a window proxy because during clean
up we call wrap on a local outer window proxy before the BC gets the
window proxy set on it. I had the assert because my original plan was
to implicitly fix remote proxies during wrapping, but that is no
longer necessary.
Differential Revision: https://phabricator.services.mozilla.com/D38343
--HG--
extra : moz-landing-system : lando
2019-08-13 19:09:59 +00:00
abdca609f0
Bug 1567059 - Add test for CSP and Bookmarklet interaction r=ckerschb,bzbarsky
...
Differential Revision: https://phabricator.services.mozilla.com/D40652
--HG--
extra : moz-landing-system : lando
2019-08-06 19:44:05 +00:00
c515db9854
Bug 1573134: Inline evalAllowList within AssertEvalNotRestricted. r=jkt
...
Differential Revision: https://phabricator.services.mozilla.com/D41529
--HG--
extra : moz-landing-system : lando
2019-08-13 11:59:11 +00:00
f134fff740
Bug 1571698 - Annotate tests that also crash on opt builds. r=kmag
...
Differential Revision: https://phabricator.services.mozilla.com/D41459
--HG--
extra : moz-landing-system : lando
2019-08-10 00:45:51 +00:00
e53a880b1c
Bug 1569262 - Rename nsIDocShellTreeItem::GetRootTreeItem to GetInProcessRootTreeItem for Fission marking. r=nika
...
Differential Revision: https://phabricator.services.mozilla.com/D41064
--HG--
extra : moz-landing-system : lando
2019-08-07 19:24:00 +00:00
95fbdde774
Bug 1572153 - Fix recording of Telemetry Events for Eval Usage r=chutten
...
Differential Revision: https://phabricator.services.mozilla.com/D41045
--HG--
extra : moz-landing-system : lando
2019-08-07 16:55:22 +00:00
c561f0a0ae
Bug 1376309 - Allow localhost ws:// connections from secure origins. r=jkt
...
We already allow HTTPS origins to use to plain HTTP active content when using
loopback URLs such as http://127.0.0.1 . Lets extend this to WebSocket
connections as well to match Chrome.
Differential Revision: https://phabricator.services.mozilla.com/D38290
--HG--
extra : moz-landing-system : lando
2019-08-07 00:19:59 +00:00
8f56db01f7
Backed out changeset d0aae34d9b95 (bug 1529068) for failing form-redirected-blocked.sub.html on a CLOSED TREE
...
--HG--
extra : rebase_source : 4d7a73e1f40de001031c61fba240c57961a902d8
2019-08-07 01:39:29 +03:00
455d7a7789
Bug 1529068 - navigate-to r=ckerschb,mccr8
...
Implementation of the navigate-to CSP directive as defined in CSP Level 3, https://www.w3.org/TR/CSP3/#directive-navigate-to
Differential Revision: https://phabricator.services.mozilla.com/D37139
--HG--
extra : moz-landing-system : lando
2019-08-06 18:27:45 +00:00
20c32a0175
Bug 1570738 - Record Telemetry if eval() is used in the Parent Process r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D40332
--HG--
extra : moz-landing-system : lando
2019-08-06 19:56:23 +00:00
4bcc3ac00a
Backed out changeset 8de4baa1dee3 (bug 1570658) for causing mochitest failures. CLOSED TREE
2019-08-06 14:19:31 +03:00
6f2b641d45
Bug 1570658 - Add a Flag for Navigation-Nosniff r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D40618
--HG--
extra : moz-landing-system : lando
2019-08-05 14:58:13 +00:00
6da1e7506f
Bug 1499000 - Make CORS use the right security flags to check whether an URL can be loaded. r=ckerschb
...
This fixes at least part of the problem. Without this patch, some of the flags
may get lost, like the ALLOW_CHROME flag which controls whether stuff like
resource:// URLs can be loaded or not.
Differential Revision: https://phabricator.services.mozilla.com/D40633
--HG--
extra : moz-landing-system : lando
2019-08-05 19:28:00 +00:00
dd63fcde4e
Bug 1570212 - Convert dom.securecontext.whitelist_onions to a static pref. r=mccr8
...
Differential Revision: https://phabricator.services.mozilla.com/D40160
--HG--
extra : moz-landing-system : lando
2019-08-02 11:59:06 +00:00
0b9efb84de
Bug 1567623 - Add Event Telemetry for cases where eval is triggered as System Principal r=chutten,bzbarsky,tcampbell
...
Differential Revision: https://phabricator.services.mozilla.com/D39559
--HG--
extra : moz-landing-system : lando
2019-08-01 20:45:31 +00:00
ef67c0b08b
Bug 1567623 - Update AssertEvalNotUsingSystemPrincipal and re-enable it r=ckerschb
...
We now correctly handle the following cases:
- Thunderbird
- the Browser Toolbox/Console
- Two safe and common idioms
- when general.config.filename is set and userChromeJS does shenanigans
We also change the function to only crash in Debug mode, and for Release channels
we report diagnostic information in a way that does not reveal user data.
Differential Revision: https://phabricator.services.mozilla.com/D39557
--HG--
extra : moz-landing-system : lando
2019-08-01 20:45:01 +00:00
88465c445c
Bug 1567623 - Rename whitelist to allowlist r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D39556
--HG--
extra : moz-landing-system : lando
2019-08-01 20:44:42 +00:00
255fd27415
Bug 1567623 - Change doContentSecurityCheck logging from Debug to Verbose r=ckerschb
...
They are too frequent and too verbose to see any other logging statements.
Differential Revision: https://phabricator.services.mozilla.com/D39555
--HG--
extra : moz-landing-system : lando
2019-08-01 20:44:38 +00:00
d7c7e749a4
Bug 1569832: Part 0 - Update crash annotations one last time. r=mccr8
...
Differential Revision: https://phabricator.services.mozilla.com/D40096
--HG--
extra : moz-landing-system : lando
2019-08-01 00:53:25 +00:00
6917b697b8
Bug 1428473 Support X-Content-Type-Options: nosniff when navigating r=ckerschb,dragana,alchen
...
***
Apply Requested Revision
Differential Revision: https://phabricator.services.mozilla.com/D33959
--HG--
extra : moz-landing-system : lando
2019-07-31 16:59:53 +00:00
af8f619ad2
Bug 1558915 - Use infallible nsIURI::SchemeIs in dom/security. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D39779
--HG--
extra : moz-landing-system : lando
2019-07-30 07:23:18 +00:00
ad40847192
Bug 1567877: Apply Meta CSP to about:devtools-toolbox. r=jdescottes,Ehsan
...
Differential Revision: https://phabricator.services.mozilla.com/D39328
--HG--
extra : moz-landing-system : lando
2019-07-30 07:14:09 +00:00
2bfaa83f89
Bug 1567573 - Apply Referrer-Policy header from redirect response r=michal
...
Differential Revision: https://phabricator.services.mozilla.com/D38879
--HG--
extra : moz-landing-system : lando
2019-07-29 13:51:17 +00:00
e0791bcabb
Bug 1566833 - Add a test of loading a page in different process r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D39657
--HG--
extra : moz-landing-system : lando
2019-07-29 10:41:30 +00:00
3736b292dc
Merge inbound to mozilla-central. a=merge
2019-07-27 00:38:36 +03:00
3fb6190ec6
Bug 1559414 - Rename unaudited pre-fission methods with SameProcess for future audit burndown. r=nika
...
Differential Revision: https://phabricator.services.mozilla.com/D39378
--HG--
extra : moz-landing-system : lando
2019-07-26 16:48:31 +00:00
87884612c0
Bug 1568035: Part 4 - Update test expections for Fission. r=mccr8
...
Some failures crept in and out after my last sets of annotations landed. This
patch updates most of the annotations to deal with them.
MANUAL PUSH: Lando won't let me land.
Differential Revision: https://phabricator.services.mozilla.com/D39462
--HG--
extra : rebase_source : 4cfccf95c5bb2521533a9f5c4c25d67f414fb6f5
extra : histedit_source : c19187a3b3002e0eebdd809738b57641e1e432cd
2019-07-24 13:06:57 -07:00
18fae65f38
Bug 1563139 - Remove StaticPrefs.h. r=glandium
...
This requires replacing inclusions of it with inclusions of more specific prefs
files.
The exception is that StaticPrefsAll.h, which is equivalent to StaticPrefs.h,
and is used in `Codegen.py` because doing something smarter is tricky and
suitable for a follow-up. As a result, any change to StaticPrefList.yaml will
still trigger recompilation of all the generated DOM bindings files, but that's
still a big improvement over trigger recompilation of every file that uses
static prefs.
Most of the changes in this commit are very boring. The only changes that are
not boring are modules/libpref/*, Codegen.py, and ServoBindings.toml.
Differential Revision: https://phabricator.services.mozilla.com/D39138
--HG--
extra : moz-landing-system : lando
2019-07-26 01:10:23 +00:00
d329aefed1
Bug 1498560 - Remove `new Function` from autocomplete.xml, r=mak
...
Differential Revision: https://phabricator.services.mozilla.com/D38041
--HG--
extra : moz-landing-system : lando
2019-07-25 13:56:57 +00:00
e4263c00eb
Merge mozilla-inbound to mozilla-central. a=merge
2019-07-25 08:59:39 +03:00
dc88f9a8eb
Bug 1550476 - Remove jsol.js from nsContentSecurityManager whitelist r=ckerschb
...
Depends on D38515
Differential Revision: https://phabricator.services.mozilla.com/D38621
--HG--
extra : moz-landing-system : lando
2019-07-19 07:26:32 +00:00
62f7f4274d
Bug 1550471 - Remove jszip.js from nsContentSecurityManager whitelist r=ckerschb
...
Depends on D38517
Differential Revision: https://phabricator.services.mozilla.com/D38620
--HG--
extra : moz-landing-system : lando
2019-07-19 07:26:54 +00:00
fd9d673a34
Bug 1550463 - Remove lodash.js from nsContentSecurityManager whitelist r=ckerschb
...
Depends on D38516
Differential Revision: https://phabricator.services.mozilla.com/D38619
--HG--
extra : moz-landing-system : lando
2019-07-19 07:27:11 +00:00
f25a6fd1fb
Bug 1550489 - Remove react-redux.js from nsContentSecurityManager whitelist r=ckerschb
...
Depends on D38513
Differential Revision: https://phabricator.services.mozilla.com/D38618
--HG--
extra : moz-landing-system : lando
2019-07-19 07:27:44 +00:00
39e4e14e35
Bug 1550485 - Remove redux.js from nsContentSecurityManager whitlelist r=ckerschb
...
Depends on D38514
Differential Revision: https://phabricator.services.mozilla.com/D38617
--HG--
extra : moz-landing-system : lando
2019-07-19 07:27:51 +00:00
9cd90ac210
Bug 1301529 - Remove X-Frame-Options allow-from. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D38672
--HG--
extra : moz-landing-system : lando
2019-07-24 12:23:32 +00:00
d19c155e9e
Bug 1100630 - Print Related JS-Line on CSP Violation (if any) r=ckerschb,dveditz
...
Differential Revision: https://phabricator.services.mozilla.com/D31420
--HG--
extra : moz-landing-system : lando
2019-07-22 09:31:57 +00:00
e40b418215
Bug 1566952: Part 2 - Update Fission failure annotations after skipping crashes. r=mccr8
...
When a test crashes, the harness skips all of the remaining tests in the
directory. That means that with crashes skipped, we now try to run a whole lot
more tests than we did before, and a lot of them fail under Fission.
This patch adds annotations to the new failures that show up after part 1.
Differential Revision: https://phabricator.services.mozilla.com/D38726
--HG--
extra : rebase_source : 292157039c88fc615f5de41679e96e72766ac4db
2019-07-19 12:30:10 -07:00
4bd4d680d4
Bug 1566952: Part 1 - Annotate mochitests that crash with Fission enabled. r=mccr8
...
Differential Revision: https://phabricator.services.mozilla.com/D38725
--HG--
extra : rebase_source : 3e8b32b86b12b22d038baa770070a5c8095043c9
2019-07-17 13:37:48 -07:00
20e4651f5b
Bug 1566417 - Update to use ReferrerInfo in prefetch and preload URI r=smaug
...
Differential Revision: https://phabricator.services.mozilla.com/D38323
--HG--
extra : moz-landing-system : lando
2019-07-19 11:42:09 +00:00
87cbad22ea
Bug 1564527 - Enable AssertEvalNotUsingSystemPrincipal on Nightly builds r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D37460
--HG--
extra : moz-landing-system : lando
2019-07-18 18:22:06 +00:00
1abe58c63c
Bug 1550414: Add CSP test for setting parent location to javascript:. r=jkt
...
Differential Revision: https://phabricator.services.mozilla.com/D31233
--HG--
extra : moz-landing-system : lando
2019-07-18 16:57:54 +00:00
0497bd7b16
Backed out changeset a98b795c2b3c (bug 1100630) for Linting failure CLOSED TREE
2019-07-18 19:19:48 +03:00
fa947e166a
Bug 1100630 - Print Related JS-Line on CSP Violation (if any) r=ckerschb,dveditz
...
Differential Revision: https://phabricator.services.mozilla.com/D31420
--HG--
extra : moz-landing-system : lando
2019-07-18 15:14:41 +00:00
d835b44a76
Merge inbound to mozilla-central. a=merge
2019-07-18 06:46:41 +03:00
0962c2b731
Bug 1566182: Annotate mochitests that fail with Fission enabled. r=mccr8
...
My preference was to annotate most of the failing tests with `fail-if` so that
if they start passing, the `fail-if` needs to be removed and they need to keep
passing. That doesn't work for tests that timeout, or which trigger failures
from their cleanup functions, however, so those tests need skip-if. And tests
with fail in their cleanup functions likely leave the browser in an
inconsistent state for subsequent tests, anyway, so really should be skipped
regardless.
There are some remaining tests which still fail because of crashes. I chose
not to skip them here, but to fix the crashes in separate bugs instead.
Differential Revision: https://phabricator.services.mozilla.com/D38247
--HG--
extra : rebase_source : 39ba8fec2e882cfe577c5f2b58ab7e4b461f1178
2019-07-15 16:19:32 -07:00
99aa2c2af6
Bug 1560915 - Hardcode minimal eval()-whitelist for test files into eval()-assertion, r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D37695
--HG--
extra : moz-landing-system : lando
2019-07-17 12:21:29 +00:00
a456952e71
Backed out changeset 8b0c5e44d937 (bug 1100630) for wpt failures at securitypolicyviolation/securitypolicyviolation-block-cross-origin-image-from-script.sub.html on a CLOSED TREE
2019-07-17 17:10:03 +03:00
975121a09a
Bug 1100630 - Print Related JS-Line on CSP Violation (if any) r=ckerschb,dveditz
...
Differential Revision: https://phabricator.services.mozilla.com/D31420
--HG--
extra : moz-landing-system : lando
2019-07-17 10:54:07 +00:00
fc05893051
Bug 1546334 - Use referrerInfo in style system. r=heycam
...
Differential Revision: https://phabricator.services.mozilla.com/D36478
--HG--
extra : moz-landing-system : lando
2019-07-16 11:43:56 +00:00
268b26c194
Bug 1546334 - Add hash and equals to make ReferrerInfo becomes key of hashtable. r=heycam
...
Differential Revision: https://phabricator.services.mozilla.com/D37577
--HG--
extra : moz-landing-system : lando
2019-07-16 15:03:56 +00:00
a4dabe848c
Bug 1546334 - Add function to create referrerInfo object to use for style system r=heycam
...
Differential Revision: https://phabricator.services.mozilla.com/D36474
--HG--
extra : moz-landing-system : lando
2019-07-16 15:03:56 +00:00
0204171ff0
Bug 1452037 - Fix Whitelisting of javascript-uris with csp hash r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D35412
--HG--
extra : moz-landing-system : lando
2019-07-16 13:25:05 +00:00
71a457f2bf
Backed out changeset c06eb27d0c64 (bug 1561964) for mochitest failures CLOSED TREE
2019-07-15 23:55:52 +03:00
4ea8939322
Bug 1561964 - Re-enable all tests in dom/security/test on Android. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D37488
--HG--
extra : moz-landing-system : lando
2019-07-15 19:42:38 +00:00
0d65cdff13
Bug 1565988 - fix typo in comment referencing follow-up work r=Pike
...
Differential Revision: https://phabricator.services.mozilla.com/D38050
--HG--
extra : moz-landing-system : lando
2019-07-15 10:16:28 +00:00
affddc7861
Backed out changeset 6e4d13741a0f (bug 1564527) for perma AddressSanitizer failures. CLOSED TREE
2019-07-13 02:05:25 +03:00
0ca0f2dea1
Bug 1564527 - Enable AssertEvalNotUsingSystemPrincipal on Nightly builds r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D37460
--HG--
extra : moz-landing-system : lando
2019-07-11 08:46:18 +00:00
b5b5d6a0ab
Bug 1560178 - fix miscellaneous tests to allow them to keep working when disallowing remote content in the parent process, r=aswan,ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D36310
--HG--
extra : moz-landing-system : lando
2019-07-12 16:27:58 +00:00
77d61d6a6f
Backed out 5 changesets (bug 1560178) for Browser-chrome failures in builds/worker/workspace/build/src/dom/base/Document.cpp. CLOSED TREE
...
Backed out changeset 1ff8a41dd3c1 (bug 15601781560178156017815601781560178
2019-07-12 18:38:34 +03:00
8b9bc73770
Bug 1560178 - fix miscellaneous tests to allow them to keep working when disallowing remote content in the parent process, r=aswan,ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D36310
--HG--
extra : moz-landing-system : lando
2019-07-12 12:35:59 +00:00
cb66417b55
Bug 1523706 - Use JavaScript mime type for two worker tests. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D37713
--HG--
extra : moz-landing-system : lando
2019-07-11 13:26:39 +00:00
c60f801089
Bug 1388015 - Add checks to respect CSP-wildcard + Ports r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D35432
--HG--
extra : moz-landing-system : lando
2019-07-04 11:30:17 +00:00
2beb089527
Bug 1557346 - Limit referer header length r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D35990
--HG--
extra : moz-landing-system : lando
2019-07-09 17:47:22 +00:00
5c79b4341a
Backed out changeset 9ba600ae3c02 (bug 1557346) for eslint failure at netwerk/test/unit/test_referrer.js on a CLOSED TREE.
2019-07-09 18:17:15 +03:00
64a9d9fea9
Bug 1557346 - Limit referer header length r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D35990
--HG--
extra : moz-landing-system : lando
2019-07-09 14:44:27 +00:00
31441f82ea
Bug 1560455 - rename CodebasePrincipal to ContentPrincipal. r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D35504
--HG--
extra : moz-landing-system : lando
2019-07-08 16:37:45 +00:00
a8b667f825
Bug 467035 - Avoid leaking browser language via DTD r=Gijs,bzbarsky
...
Differential Revision: https://phabricator.services.mozilla.com/D34187
--HG--
extra : moz-landing-system : lando
2019-07-08 10:47:05 +00:00
dbce01f2ff
Bug 467035 - Add new internal DTD content types r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D35232
--HG--
extra : moz-landing-system : lando
2019-07-03 17:28:25 +00:00
f9e570ba21
Bug 1514474 - Implement FeaturePolicy.features(), r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D35802
--HG--
extra : moz-landing-system : lando
2019-07-08 02:03:18 +00:00
e87202df68
Bug 1514296 - Rename Document.policy to Document.featurePolicy, r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D35801
--HG--
extra : moz-landing-system : lando
2019-07-08 00:10:56 +00:00
35fa9e2361
Backed out changeset fe8c2426d9d3 (bug 1514474) for causing beta simulation failures CLOSED TREE
2019-07-08 04:58:50 +03:00
d94259f899
Backed out 2 changesets (bug 1514296) for causing beta simulation failures CLOSED TREE
...
Backed out changeset 88f4a687f039 (bug 1514296)
Backed out changeset fe343795c247 (bug 1514296)
2019-07-08 03:03:22 +03:00
5a8e4fdbe9
Bug 1514474 - Implement FeaturePolicy.features(), r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D35802
--HG--
extra : moz-landing-system : lando
2019-07-06 15:11:23 +00:00
e01cab332f
Bug 1514296 - Rename Document.policy to Document.featurePolicy, r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D35801
--HG--
extra : moz-landing-system : lando
2019-07-06 15:10:59 +00:00
dcd795c16b
Bug 1561435 - Avoid formatting sensitive fixtures for dom/, r=standard8
...
# ignore-this-changeset
Differential Revision: https://phabricator.services.mozilla.com/D35954
--HG--
extra : source : 38fbb8d45dab9bb49aee901ed4f3e77843b531c3
extra : intermediate-source : d90b525c37ebb5d220a7fc5bac4c93d0736c3139
2019-07-04 19:39:31 +02:00
0a8ff0ad85
Bug 1561435 - Format dom/, a=automatic-formatting
...
# ignore-this-changeset
Differential Revision: https://phabricator.services.mozilla.com/D35951
--HG--
extra : source : 62f3501af4bc1c0bd1ee1977a28aee04706a6663
2019-07-05 10:44:55 +02:00
960e4c47d4
Merge mozilla-central to autoland. a=merge on a CLOSED TREE
2019-07-05 00:43:53 +03:00
2cf9034d70
Bug 1556827 - Dont send referrer in case of meta refresh redirect r=smaug
...
Differential Revision: https://phabricator.services.mozilla.com/D35810
--HG--
extra : moz-landing-system : lando
2019-07-04 19:58:35 +00:00
2ad74ef9f7
Merge mozilla-central to inbound. a=merge CLOSED TREE
2019-07-04 06:38:21 +03:00
56eaf048f5
Bug 1558745 - allow fxa to be loaded from systemprincipal (and then downgrade to content) r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D35770
--HG--
extra : moz-landing-system : lando
2019-07-03 13:59:28 +00:00
56754efbdb
Backed out 3 changesets (bug 1514474, bug 1514296) for mochitest failures on test_featureList.html. CLOSED TREE
...
Backed out changeset 52ae606e4cfa (bug 1514296)
Backed out changeset e74168e44dd7 (bug 1514474)
Backed out changeset a43f3aa0ea77 (bug 1514296)
2019-07-03 17:29:15 +03:00
34e8781b21
Bug 1514474 - Implement FeaturePolicy.features(), r=ckerschb
...
Depends on D35801
Differential Revision: https://phabricator.services.mozilla.com/D35802
--HG--
extra : moz-landing-system : lando
2019-07-03 13:16:36 +00:00
0bcffcfa72
Bug 1514296 - Rename Document.policy to Document.featurePolicy, r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D35801
--HG--
extra : moz-landing-system : lando
2019-07-03 13:02:05 +00:00
7bc47eec9b
Backed out 2 changesets (bug 1552168) for causing mochitest crashes on test_menubar.xul CLOSED TREE
...
Backed out changeset 83590619ce06 (bug 1552168)
Backed out changeset 7ff83cc5d33a (bug 1552168)
2019-07-03 16:08:23 +03:00
ce99ef5438
Bug 1552168 - Fix Tests that rely on data_uri.unique_opaque_origin r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D35006
--HG--
extra : moz-landing-system : lando
2019-07-03 10:23:46 +00:00
f70e67ad2d
Bug 1541557: Part 4 - Stop relying on synchronous preference getters/setters. r=nika
...
The SpecialPowers set*Pref/get*Pref APIs currently use synchronous messaging
to set and get preference values from the parent process. Aside from directly
affecting callers of those APIs, it also affects callers of `pushPrefEnv`,
which is meant to be asynchronous, but is in practice usually synchronous due
to the synchronous messaging it uses.
This patch updates the getPref APIs to use the in-process preference service
(which most callers are expecting anyway), and also updates the callers of
the setPref and pushPrefEnv APIs to await the result if they're relying on it
taking effect immediately.
Unfortunately, there are some corner cases in tests that appear to only work
because of the quirks of the current sync messaging approach. The synchronous
setPref APIs, for instance, trigger preference changes in the parent
instantly, but don't update the values in the child until we've returned to
the event loop and had a chance to process the notifications from the parent.
The differnce in timing leads some tests to fail in strange ways, which this
patch works around by just adding timeouts.
There should be follow-ups for test owners to fix the flakiness.
Differential Revision: https://phabricator.services.mozilla.com/D35054
--HG--
extra : rebase_source : 941298157e7c82f420cf50ce057154ce9b85301c
extra : source : 189dc8a359815e059a4a217f788d183260bb2bfe
2019-06-13 09:34:39 -07:00
cc64995f75
Bug 1504085 - P2 Let Origin: honor ReferrerPolicy for non-CORS r=tnguyen,valentin
...
Differential Revision: https://phabricator.services.mozilla.com/D34454
--HG--
extra : moz-landing-system : lando
2019-06-14 22:24:33 +00:00
e8ba0890cc
Bug 1504085 - P1 refactor ReferrerInfo for reuse referrer-policy algorithm r=tnguyen
...
Differential Revision: https://phabricator.services.mozilla.com/D34453
--HG--
extra : moz-landing-system : lando
2019-06-14 21:10:41 +00:00
93196dddee
Backed out changeset 94e779e03d4f (bug 1504085) Requested by the dev. CLOSED TREE
2019-06-15 00:31:57 +03:00
40846dd97d
Bug 1504085 - P2 Let Origin: honor ReferrerPolicy for non-CORS r=tnguyen,valentin
...
Differential Revision: https://phabricator.services.mozilla.com/D34454
--HG--
extra : moz-landing-system : lando
2019-06-14 20:15:27 +00:00
7e70d4b667
Backed out changeset b1068cbce572 (bug 1504085) requested by the dev. CLOSED TREE
2019-06-15 00:07:02 +03:00
18c1b2bdf4
Bug 1504085 - P1 refactor ReferrerInfo for reuse referrer-policy algorithm r=tnguyen
...
Differential Revision: https://phabricator.services.mozilla.com/D34453
--HG--
extra : moz-landing-system : lando
2019-06-14 20:15:09 +00:00
201255ab84
Bug 1558485 - Turn on ESLint for all of dom/ disabling most of the failing rules. r=smaug
...
Differential Revision: https://phabricator.services.mozilla.com/D34761
--HG--
extra : moz-landing-system : lando
2019-06-13 20:21:46 +00:00
1d636c1d2d
Bug 1557636 Use Referrer info in worker and fix sharedworker's wrong referrer r=baku
...
SharedWorker should use worker's referrer info instead of default value
Differential Revision: https://phabricator.services.mozilla.com/D34861
--HG--
extra : moz-landing-system : lando
2019-06-13 20:37:34 +00:00
d5a8a4a595
Bug 1557793 part 3. Change the signatures of various nsContentUtils localization methods to play nicer with the new stringbundle API. r=smaug
...
Differential Revision: https://phabricator.services.mozilla.com/D34201
--HG--
extra : moz-landing-system : lando
2019-06-08 21:26:12 +00:00
9de72a3ac6
Bug 1557793 part 2. Stop using [array] in nsIStringBundle. r=Pike
...
Differential Revision: https://phabricator.services.mozilla.com/D34196
--HG--
extra : moz-landing-system : lando
2019-06-11 15:51:51 +00:00
60c8666a31
Bug 1555050: Write test for large-allocation. r=bzbarsky
...
Differential Revision: https://phabricator.services.mozilla.com/D33611
--HG--
extra : moz-landing-system : lando
2019-06-07 11:07:28 +00:00
bde97b25f5
Backed out 2 changesets (bug 1555050) for test_reloadInFreshProcess.html failures CLOSED TREE
...
Backed out changeset f5e954d593f8 (bug 1555050)
Backed out changeset b5b99e78b753 (bug 1555050)
2019-06-06 23:13:52 +03:00
d8e1a292ea
Bug 1555050: Write test for large-allocation. r=bzbarsky
...
Differential Revision: https://phabricator.services.mozilla.com/D33611
--HG--
extra : moz-landing-system : lando
2019-06-06 18:09:03 +00:00
01ff0bf93f
Bug 1534681 Use ReferrerInfo class in document r=ckerschb,baku,Gijs
...
Also, in many place, we use document uri as referrer. It is not right
for the case srdoc iframe. We should use the last non-srdoc parent
document's uri
Differential Revision: https://phabricator.services.mozilla.com/D30191
--HG--
rename : testing/web-platform/tests/referrer-policy/generic/iframe-inheritance.html => testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-data.html
rename : testing/web-platform/tests/referrer-policy/generic/iframe-inheritance.html => testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-srcdoc.html
extra : moz-landing-system : lando
2019-06-06 07:23:37 +00:00
0f177b50b5
Bug 1551798 - SameSite=lax by default and SameSite=none only if secure - tests, r=Ehsan
...
Differential Revision: https://phabricator.services.mozilla.com/D31216
--HG--
extra : moz-landing-system : lando
2019-06-05 12:19:52 +00:00
a9be4620ee
Bug 1508939 - cpp serialization r=ckerschb,mccr8,mikedeboer
...
Migrating to pure Cpp
Differential Revision: https://phabricator.services.mozilla.com/D29221
--HG--
extra : moz-landing-system : lando
2019-06-03 12:37:12 +00:00
7cdbee6cd7
Bug 1496418: Update Content Policy checks and allow CSP checks for system principal triggered loads. r=mccr8,baku
...
Differential Revision: https://phabricator.services.mozilla.com/D32217
--HG--
extra : moz-landing-system : lando
2019-06-03 06:04:25 +00:00
a51ae3670f
Backed out 5 changesets (bug 1551798) for failures on test_rawSameSite.js. CLOSED TREE
...
Backed out changeset 11ddc433b632 (bug 1551798)
Backed out changeset f2ac8efb023d (bug 1551798)
Backed out changeset 0f6e797b434f (bug 1551798)
Backed out changeset eae7f88660c8 (bug 1551798)
Backed out changeset 2ba747afb3d0 (bug 1551798)
2019-05-30 10:17:01 +03:00
25006292a6
Bug 1551798 - SameSite=lax by default and SameSite=none only if secure - tests, r=Ehsan
...
Differential Revision: https://phabricator.services.mozilla.com/D31216
--HG--
extra : moz-landing-system : lando
2019-05-29 15:55:39 +00:00
944263f18a
Backed out 5 changesets (bug 1551798) for multiple build bustages on StaticPrefList.h CLOSED TREE
...
Backed out changeset c89daff34d97 (bug 1551798)
Backed out changeset bbc3f88b8c03 (bug 1551798)
Backed out changeset b87996b8a411 (bug 1551798)
Backed out changeset d88b0002d736 (bug 1551798)
Backed out changeset 0fe740c90e2b (bug 1551798)
2019-05-29 18:07:26 +03:00
310e7f246c
Bug 1551798 - SameSite=lax by default and SameSite=none only if secure - tests, r=Ehsan
...
Differential Revision: https://phabricator.services.mozilla.com/D31216
--HG--
extra : moz-landing-system : lando
2019-05-24 15:19:34 +00:00
d2dc3fe4d7
Bug 1552477 - Add "=" to the skip-if syntax. r=bustage CLOSED TREE
...
--HG--
extra : amend_source : 4a979521cb075b7a265883d23c5a6c65149937ee
2019-05-29 14:04:23 +03:00
2ff0dff5c2
Bug 1552477 - Disallow System Principal to load remote documents in nightly/early beta r=ckerschb
...
Differential Revision: https://phabricator.services.mozilla.com/D31763
--HG--
extra : moz-landing-system : lando
2019-05-29 10:06:15 +00:00
Christoph Kerschbaumer
Bogdan Tara
Razvan Maries
Tom Ritter
Sebastian Streich
Sylvestre Ledru
Jonathan Kingston
Oana Pop Rus
Geoff Brown
Anny Gakhokidze
Noemi Erli
Alex Catarineu
Jonas Allmann
Matt Woodrow
Cosmin Sabou
Mihai Alexandru Michis
Andreea Pavel
Valentin Gosu
Agi Sferro
Kris Maglione
Andreas Farre
Benjamin
Edgar Chen
Thomas Nguyen
Dorel Luca
Gijs Kruitbosch
Gurzau Raul
Csoregi Natalia
Mark Banner
Ehsan Akhgari
Sebastian Hengst
Paul Bone
Andrew McCreight
Daniel Varga
Jan Andre Ikenmeyer
Kannan Vijayan
Birunthan Mohanathas
Emilio Cobos Álvarez
Nicholas Nethercote
Tom Schuster
Julian Descottes
Ciure Andrei
Coroiu Cristina
Frederik Braun
Andrea Marchesini
Victor Porof
arthur.iakab
Junior Hsu
Boris Zbarsky