Граф коммитов

328 Коммитов

Автор SHA1 Сообщение Дата
Christoph Kerschbaumer 52a84afc5c Bug 1273418 - CSP: Test evaluate upgrade-insecure-requests before block-all-mixed-content (r=tanvi) 2016-05-21 19:36:02 +02:00
Christoph Kerschbaumer 3713fd6352 Bug 1273418 - CSP: Evaluate upgrade-insecure-requests before block-all-mixed-content (r=tanvi) 2016-05-21 19:35:45 +02:00
Sebastian Hengst 468fcc6924 Backed out changeset 2292661153e3 (bug 1271198) for web-platform failures. r=backout on a CLOSED TREE 2016-05-19 17:06:04 +02:00
Christoph Kerschbaumer bbc661631e Bug 1271198 - Convert Websockets to use AsyncOpen2() (r=jduell) 2016-05-19 15:42:01 +02:00
Sebastian Hengst d6e3286232 Backed out changeset 854a8df494d3 (bug 1271198) for many assertions at nsHttpChannel.cpp:5204. r=backout on a CLOSED TREE 2016-05-19 14:23:51 +02:00
Christoph Kerschbaumer 0e2d46a840 Bug 1271198 - Convert Websockets to use AsyncOpen2() (r=jduell) 2016-05-19 11:54:02 +02:00
Trevor Saunders 1e81548029 bug 1271436 - use nsIDocShellTreeItem::GetDocument() more r=smaug 2016-05-17 18:16:07 -04:00
Chris Peterson 8a9e2d2bd4 Bug 1272513 - Part 2: Remove redundant -Wshadow CXXFLAGS from moz.build files. r=glandium 2016-05-14 00:54:55 -07:00
Henry Chang dc7cba21ef Bug 1251152 - Part 3: Test case. r=franziskus 2016-05-05 11:11:34 +08:00
Andreas Farre 51e42c28d2 Bug 1268851 - Add SRILogHelper to hold GetSriLog r=baku
MozReview-Commit-ID: BqW7LXOFirn

--HG--
extra : rebase_source : cf0d1c8f1f88e05912830cef673e866b7c2756c4
2016-05-03 17:43:33 -07:00
Christoph Kerschbaumer 9944442791 Bug 1261634 - Tests for whitespace skipping within meta csp. r=dveditz 2016-04-21 21:19:50 +02:00
Christoph Kerschbaumer a9a95d1918 Bug 1261634 - Update whitespace skipping for meta csp. r=dveditz 2016-04-21 21:15:06 +02:00
Aryeh Gregor f14f1babe8 Bug 1193762 part 8 - Fix things that will break; r=froydnj
It looks like VC++ doesn't like comparisons of nsCOMPtr to 0 after this
change, but those are bad style anyway, so I removed them from
TestCOMPtr.cpp instead of trying to make them work.
2016-05-01 21:29:23 +03:00
Christoph Kerschbaumer da0d241d98 Bug 1206961 - Use channel->AsyncOpen2() for imageLoader; Remove security checks from callsites (r=bz) 2016-04-27 19:41:13 +02:00
Jonathan Watt 2bb448cbb2 Bug 1267509 - Make nsContentSecurityManager::IsURIPotentiallyTrustworthy act on an nsIPrincipal. r=bz
MozReview-Commit-ID: Zu1zU4Brkx

--HG--
rename : dom/security/test/unit/test_isURIPotentiallyTrustworthy.js => dom/security/test/unit/test_isOriginPotentiallyTrustworthy.js
2016-04-26 11:30:43 +01:00
Christoph Kerschbaumer c607e5cac1 Bug 1263286 - Update csp base-uri tests. r=bz
--HG--
rename : dom/security/test/csp/file_base-uri.html => dom/security/test/csp/file_base_uri_server.sjs
2016-04-26 12:38:06 +02:00
Kyle Huey c73656947b Bug 1265927: Move nsRunnable to mozilla::Runnable, CancelableRunnable to mozilla::CancelableRunnable. r=froydnj 2016-04-25 17:23:21 -07:00
Frederik Braun 582caa399f Bug 1142332 - Prevent calling CSP_EnumToKeyword with CSP_HASH. r=ckerschb
MozReview-Commit-ID: I1w9QrWJeEo

--HG--
extra : histedit_source : 1258cfc50d32c10f0de90ba1e863e21ae3ebf0f8
2016-04-24 14:56:22 -04:00
Kris Maglione f3feb0cfd3 Bug 1254194: Allow iterating over and inspecting sources of parsed CSP directives. r=ckerschb
MozReview-Commit-ID: G8b86UvSv0y

--HG--
extra : rebase_source : c7857e88af0d94dd1162dccfe12aae6567945f2c
2016-04-23 20:42:43 -07:00
Christoph Kerschbaumer d82c07bf27 Bug 1262635 - Don't strip URIs of ftp: when sending reports. r=dveditz 2016-04-17 20:09:18 +02:00
Matt Robenolt 1d82e1412f Bug 1192840 - Fix CSP report content-type. r=ckerschb 2016-04-14 12:51:31 +02:00
Frederik Braun 6c12520100 Bug 1192840 - fix tests to expect correct csp report content-type r=ckerschb
MozReview-Commit-ID: TzpGH63EPF

--HG--
extra : transplant_source : %1548%CC%97%F5%3Ca%D6_%0Df%96.%5C%F0%B0%3BE%21
2016-04-08 14:14:38 +02:00
Tanvi Vyas 9c0a7ac154 Bug 1105556 - Add a hidden preference that is checked in debug mode to determine whether the main LoadInfo() constructor should assert that the ContentPolicyType is not TYPE_DOCUMENT.
Set the preference in xpcshell tests that create TYPE_DOCUMENT loads in javascript and hence end up using the main constructor. r=sicking, ckerschb
2016-04-13 16:30:36 -07:00
Tanvi Vyas b58752765c Bug 1105556 - Don't call CheckLoadURIWithPrincipal() in DoCheckLoadURIChecks() for TYPE_DOCUMENT loads where we don't have a loadingPrincipal. Ensure SEC_COOKIES_SAME_ORIGIN isn't set for TYPE_DOCUMENT loads in CheckChannel(). r=ckerschb, sicking 2016-04-13 16:30:28 -07:00
Sebastian Hengst 4ee65db5e7 Backed out changeset 0c21f872515b (bug 1192840) for failure in modified test_csp_reports.js. r=backout 2016-04-13 19:32:44 +02:00
Frederik Braun ae7f565803 Bug 1192840 - fix tests to expect correct csp report content-type r=ckerschb
MozReview-Commit-ID: TzpGH63EPF

--HG--
extra : transplant_source : %1548%CC%97%F5%3Ca%D6_%0Df%96.%5C%F0%B0%3BE%21
2016-04-08 14:14:38 +02:00
Marcos Caceres 387bd9e686 Bug 1258005 - Remove setTimeout to avoid intermittent issue. r=bkelly 2016-04-12 00:39:00 +02:00
Jonathan Hao e1331785d7 Bug 1241634 - Reflow before clicking in mixedcontentblocker test r=mckinley
MozReview-Commit-ID: 5rbeuVjaw0B

--HG--
extra : rebase_source : f0f603c31e0e2ee43f8bbac575de3dab0660e333
2016-03-25 16:52:49 +08:00
Marcos Caceres f7ad23868a Bug 1250048 - CSP manifest-src doesn't override default-src. r=ckerschb,bkelly,ehsan
MozReview-Commit-ID: Ceu3sYUcML4
2016-04-07 14:13:09 -07:00
Chris Manchester f7a1b3fb60 Bug 1242051 - Add inter-directory test support file dependencies to ini manifests. r=gps
Previously, every test and support file would be synced to the objdir
when running any test. Now that only those support files and tests requested
are synced, we note support files required beyond those in a test's
directory in ini manifests.

MozReview-Commit-ID: EmlDz9d4lqt
2016-04-04 14:56:52 -07:00
Tanvi Vyas 74153c556f Bug 1260153 - remove unreachable code in nsMixedContentBlocker. if/else blocks above all return. r=ckerschb 2016-03-28 12:48:00 +02:00
Christoph Kerschbaumer adb02c6c4f Bug 1243586 - Test Upgrade-Insecure-Requests HTTP Request Header Field. r=rbarnes 2016-03-01 09:19:28 -08:00
Christoph Kerschbaumer 254dd8f12a Bug 1216365 - nsMixedContentBlocker should use innerMostURI for aContentLocation. r=tanvi 2016-03-28 22:03:26 -07:00
Tanvi Vyas 1de9e6ab9d Bug 1259678 - Refactor SubjectToCSP to avoid calling ShouldLoad if CSP doesn't apply to the content type. r=ckerschb
--HG--
extra : rebase_source : 76f914a9dfab38bd5d21ddca519f47a2a5d68963
2016-03-24 23:09:00 -04:00
Christoph Kerschbaumer 36d3e09fd4 Bug 1257650 - Skip Security checks if triggeringPrincipal is SystemPrincipal only for subresource loads. r=sicking
--HG--
extra : rebase_source : fb8d0827788e70ca87e8cd680e2cdd56941e3c2a
2016-03-18 16:14:03 -07:00
Christoph Kerschbaumer 20549b7fe0 Bug 1251043 - Test form submission blocked by CSP. r=francois 2016-03-23 13:38:05 -07:00
Wes Kocher fe9aec58c3 Backed out changeset 1d5e6c22fd3a (bug 1250048) for CSP failures/assertions in various tests/chunks CLOSED TREE
MozReview-Commit-ID: I21ELiYYqdD

--HG--
extra : amend_source : 83d8554e6046153a3cf16ffefed7d6602e822241
2016-03-21 12:42:36 -07:00
Marcos Caceres 2e3ca60562 Bug 1250048 - CSP manifest-src doesn't override default-src. r=ckerschb
--HG--
extra : rebase_source : 1f8a65dcb9ea909588991cd5e8970560c3651426
2016-03-20 23:24:00 -04:00
Carsten "Tomcat" Book 0db9291841 merge mozilla-inbound to mozilla-central a=merge 2016-03-21 15:30:59 +01:00
Benjamin Peterson 752343237e No bug - fix typo r=me
DONTBUILD CLOSED TREE

--HG--
extra : rebase_source : 25f0600425dec249f838ed221dde71d401571eb9
extra : amend_source : 49f7ccab9e47083df9e8b7776acc6de73a880473
2016-03-19 21:28:19 -07:00
Franziskus Kiefer 1a47cfb77a Bug 1186072 - Add trailing slash to origin referer header when policy is set. r=sworkman
MozReview-Commit-ID: 3PYuODmqpbL

--HG--
extra : source : ac4148f22b2d6f76762dac3fd94a6452da80bdde
2016-02-24 10:51:54 +01:00
Jonathan Hao f750d8988e Bug 1235572 - Tests of enforcing SRI on remote about:newtab. r=francois
MozReview-Commit-ID: 6epw8D4M0FX

--HG--
extra : transplant_source : %87t%D0%60a%B4%14%24%E6%B9%97Q%CDXr%B69%12%E9%0D
2016-03-16 11:19:20 +08:00
Marcos Caceres 84cb2023d7 Bug 1176824 - Intermittent browser_test_web_manifest.js. r=ckerschb 2016-03-16 16:07:00 +01:00
Franziskus Kiefer bf87c6c564 Bug 1252829 - CSP Telemetry. r=ckerschb, p=bsmedberg
MozReview-Commit-ID: CiNAxh2ZrHB

--HG--
extra : transplant_source : %B8%00%E0%83%1B%29%BDI%DE%09%CDPN%AE%7B9Tk%8B%99
2016-03-02 13:00:09 +01:00
Christoph Kerschbaumer a35cb7baf1 Bug 1122236 - CSP: block-all-mixed-content - test frame navigation (r=tanvi) 2016-03-15 16:08:07 -07:00
Christoph Kerschbaumer 18d0d6e8d6 Bug 1122236 - CSP: block-all-mixed-content tests (r=tanvi) 2016-03-15 16:07:49 -07:00
Christoph Kerschbaumer 39f2d53360 Bug 1122236 - CSP: Implement block-all-mixed-content (r=tanvi,kate,mrbkap) 2016-01-13 20:58:16 -08:00
Ryan VanderMeulen 5f15eed746 Bug 1241634 - Skip test_frameNavigation.html on Windows and OSX for frequent failures. a=test-only
--HG--
extra : rebase_source : ba229e6a62c82ad8c59ae89943fd6181df4275a9
2016-03-15 12:50:07 -04:00
Marco Castelluccio 2fb9c40ec1 Bug 1250453 - Remove DOMApplicationRegistry.allAppsLaunchable property and related testing API. r=myk 2016-03-14 16:29:11 +00:00
Franziskus Kiefer 2b22d469bb Bug 1226928 - content-signature verification tests for about:newtab, r=mconley 2016-03-14 11:57:16 +01:00