Kate McKinley
9288d568fb
Bug 1311893 - HSTS Priming timing telemetry r=ckerschb,francois p=francois
...
MozReview-Commit-ID: WKmlCqDOKT
--HG--
extra : rebase_source : e41defed5b737b780e8f1d6616517f1204775514
2016-10-26 14:36:44 +09:00
Josh Matthews
9c847a5ac4
Bug 1277681 - Send HTTP request bodies in chunks. r=mayhemer
2016-09-28 18:38:26 -04:00
Honza Bambas
8568845401
Bug 1312695 - Let authprompt level reflect proxy security and not origin server security. r=mcmanus
2016-10-25 04:32:00 -04:00
Honza Bambas
91a67308bb
Bug 486508 - Prevent restart of connection-sticky transactions to not break NTLM negotiation. r=mcmanus
2016-10-21 08:08:00 -04:00
Phil Ringnalda
8cf1367dd8
Merge m-i to m-c, a=merge
...
MozReview-Commit-ID: FnnOWQ3xKPi
2016-10-25 22:03:31 -07:00
Honza Bambas
078f3bad66
Bug 1311720 - Stick HTTP connection to its channel when NTLM/Negotiate auth challenge is received more early, r=mcmanus
2016-10-21 09:49:00 +02:00
Kershaw Chang
02e0599818
Bug 1257782 - Limit the HTTP response header size, r=mcmanus
2016-10-24 09:01:00 +02:00
Ryan VanderMeulen
5c4d7020f2
Merge m-c to inbound. a=merge
2016-10-21 11:08:45 -04:00
Cykesiopka
660da8b92b
Bug 1312158 - Stop using Scoped.h NSS types under netwerk/. r=nwgh
...
Scoped.h is deprecated.
MozReview-Commit-ID: AKfsw0lqTfw
--HG--
extra : rebase_source : a2c28b8e1a77ba491e6c842e98b2c7457b793f12
2016-10-23 13:27:33 +08:00
Jonathan Hao
42cdd28f23
Bug 1264562 - Part 1: Add firstPartyDomain to socket transport (adapted from Tor Browser patch 13670) r=mayhemer
...
--HG--
extra : rebase_source : f10e38a44f592bcf0db32d98338f2d16edeab58b
2016-10-12 15:32:22 +08:00
Iris Hsiao
703b663355
Backed out changeset a0f243dead30 (bug 1301649) for developers' request
2016-10-20 15:24:50 +08:00
Valentin Gosu
92395971b8
Bug 1294719 - Make sure to check mIPCClosed before calling SendRedirect1Begin r=honzab
...
MozReview-Commit-ID: 7xE7p6tE2kR
2016-10-19 19:31:01 +02:00
Valentin Gosu
d746e122c8
Bug 1307491 - (Part 1) Remove support for per-app-offline in netwerk/ [nukeb2g] r=bagder
...
* * *
Bug 1307491 - Remove support for per-app-offline [nukeb2g] r=bagder
MozReview-Commit-ID: FoweWBv9QyE
--HG--
extra : rebase_source : 0f6e0f0d19f108c3aef8b25cb6d605ecd338ee2b
2016-10-17 03:54:46 +02:00
Valentin Gosu
8d0db35d9c
Bug 1302400 - Set docshell UA override for redirected channels in the child r=mcmanus
...
MozReview-Commit-ID: 3rmoAfpvml0
2016-10-13 15:50:50 +02:00
Carsten "Tomcat" Book
85979d0405
Merge mozilla-central to mozilla-inbound
2016-10-13 11:58:40 +02:00
Tim Huang
17d537f0e1
Bug 1277803 - Part 4 : Make the NS_CompareLoadInfoAndLoadContext() skiping test if the request is the favicon loading from the XUL image. r=honzab
2016-10-13 15:43:59 +08:00
Francois Marier
54d1778d66
Bug 1307596 - Add a preference for trimming third-party referrers. r=dragana
...
MozReview-Commit-ID: EL2L4yMnwAi
--HG--
extra : rebase_source : 6046849abb11560b7073b7fe30f46297e45d16e9
2016-10-05 16:36:16 -07:00
Francois Marier
65552ada0a
Bug 1308725 - Remove network.http.sendSecureXSiteReferrer pref. r=dragana
...
MozReview-Commit-ID: LQgxMijXIaF
--HG--
extra : rebase_source : 62482337ee35edbdcd0cb76efd8614f295ea9099
2016-10-08 12:06:03 -07:00
Wes Kocher
2142de26c1
Backed out 8 changesets (bug 1277803) for browser-chrome test failures a=backout
...
Backed out changeset 477890efdb88 (bug 1277803)
Backed out changeset 49da326bfe68 (bug 1277803)
Backed out changeset 2d17a40a9077 (bug 1277803)
Backed out changeset b1cb0a195ca1 (bug 1277803)
Backed out changeset c7d82459d152 (bug 1277803)
Backed out changeset 3be9a06248af (bug 1277803)
Backed out changeset 8d119ca96999 (bug 1277803)
Backed out changeset be767a6f7ecd (bug 1277803)
2016-10-12 14:26:00 -07:00
Tim Huang
6e27a2a6a1
Bug 1277803 - Part 4 : Make the NS_CompareLoadInfoAndLoadContext() skiping test if the request is the favicon loading from the XUL image. r=honzab
2016-10-12 17:32:08 +08:00
Carsten "Tomcat" Book
cd1be634c9
merge mozilla-inbound to mozilla-central a=merge
2016-10-11 12:01:35 +02:00
Ting-Yu Chou
cd6f9ab1d4
Bug 1293501 - Use VirtualProtect to track down a possible memory corruption. r=dragana
...
MozReview-Commit-ID: J4ZFzR1nE5n
2016-10-06 17:31:43 +08:00
Andrew McCreight
8d2799330c
Bug 1308652, part 1 - Remove about:bloat. r=froydnj
...
MozReview-Commit-ID: 1FmdvLlygjq
--HG--
extra : rebase_source : 9859f58f077c5bda48b848b2a67eb8cd6d589e3e
2016-10-10 10:48:34 -07:00
Ehsan Akhgari
7cbf03adb5
Bug 1307730 - Disallow CORS fetches when we have an expanded principal; r=bzbarsky
...
It's not possible to construct a useful Origin header when we have
an expanded principal and are about to perform a CORS fetch. Therefore,
instead of sending a CORS fetch with an |Origin: null| header, we
must fail the request.
2016-10-07 12:47:11 -04:00
Yoshi Huang
2a51f65d99
Bug 1237152 - rename clear-origin-data to clear-origin-attributes-data, r=smaug
...
find \( -name '*.cpp' -o -name '*.h' -o -name '*.js' -o -name '*.jsm' -o -name '*.idl' -o -name '*.html' \) \
-a -type f -exec sed -i 's/clear-origin-data/clear-origin-attributes-data/g' {} \;
2016-10-07 17:45:10 +08:00
Yoshi Huang
00f6846c07
Bug 1301649 - nits for bug 1260931. r=smaug
...
- use MOZ_ASSERT_IF
- always call inherit function
2016-10-07 17:42:03 +08:00
Iris Hsiao
5abee5efd3
Backed out changeset d17370e68325 (bug 1277803)
...
CLOSED TREE
2016-10-07 11:23:45 +08:00
Tim Huang
33effa2da2
Bug 1277803 - Part 4: Make the NS_CompareLoadInfoAndLoadContext() skiping test if the request is the favicon loading from the XUL image. r=honzab
2016-10-06 00:57:00 -04:00
David Keeler
c3c34a8853
bug 1301407 - ensure PSM is initialized on the main thread before doing a speculative connect r=mcmanus
...
MozReview-Commit-ID: Bc9KiN3Qw1E
--HG--
extra : rebase_source : f531db52fa1e3f17a354922dbf4f73160bcb9458
2016-09-22 14:54:48 -07:00
Wei-Cheng Pan
afc64a42d6
Bug 1307364 - Use MOZ_MUST_USE in netwerk/protocol/file r=valentin
...
MozReview-Commit-ID: 4EaTsMOpy0n
--HG--
extra : rebase_source : 75a381c4cd9d6e90a3e366c5e59eb0167216589b
2016-10-03 14:54:40 +08:00
Wei-Cheng Pan
bb8702d5d8
Bug 1307360 - Use MOZ_MUST_USE in netwerk/protocol/device r=valentin
...
MozReview-Commit-ID: Kc7a7GksoZl
--HG--
extra : rebase_source : 3c42b88d4780c21401a1e10c87d3e51b83faba5c
2016-10-03 14:54:10 +08:00
Wei-Cheng Pan
d82b36b981
Bug 1307331 - Use MOZ_MUST_USE in netwerk/protocol/data r=valentin
...
MozReview-Commit-ID: IikVyLjQN31
--HG--
extra : rebase_source : 574d28a6534c4a0e0ed92576896d9404e671fa7d
2016-10-03 14:54:01 +08:00
Wei-Cheng Pan
9c31ea2777
Bug 1307052 - Use MOZ_MUST_USE in netwerk/protocol/about r=valentin
...
MozReview-Commit-ID: 7G0vF9Jt7Hj
--HG--
extra : rebase_source : 03cb108736d9922e9569f718cf7ad3027ae60b2a
2016-10-03 14:53:30 +08:00
Christoph Kerschbaumer
b0951acfc5
Bug 1302539 - X-Content-Type-Options: nosniff should not apply to images (temporarily). r=dveditz
2016-09-30 09:38:44 +02:00
Nicholas Hurley
8739dd3c4e
Bug 1297554 - Perform a gNeckoParent-ectomy r=billm,mcmanus
...
MozReview-Commit-ID: 7WQE8MhWlYr
--HG--
extra : rebase_source : 46545fa7485c8ba7ce4b0b4dc48a377b68a2ff80
2016-09-21 12:21:00 -07:00
Carsten "Tomcat" Book
b5206d37f5
Merge mozilla-central to mozilla-inbound
2016-09-28 16:25:01 +02:00
Carsten "Tomcat" Book
572e74ee99
merge mozilla-inbound to mozilla-central a=merge
2016-09-28 15:56:33 +02:00
James Andreou
a47ce92ac2
Bug 1282124 - Remove nsILoadInfo.usePrivateBrowsing and the SEC_FORCE_PRIVATE_BROWSING flag; r=smaug,jryans
2016-09-27 16:56:44 -04:00
Kate McKinley
c57d400961
Bug 1246540 - HSTS Priming Proof of Concept. r=ckerschb, r=mayhemer, r=jld, r=smaug, r=dkeeler, r=jmaher, p=ally
...
HSTS priming changes the order of mixed-content blocking and HSTS
upgrades, and adds a priming request to check if a mixed-content load is
accesible over HTTPS and the server supports upgrading via the
Strict-Transport-Security header.
Every call site that uses AsyncOpen2 passes through the mixed-content
blocker, and has a LoadInfo. If the mixed-content blocker marks the load as
needing HSTS priming, nsHttpChannel will build and send an HSTS priming
request on the same URI with the scheme upgraded to HTTPS. If the server
allows the upgrade, then channel performs an internal redirect to the HTTPS URI,
otherwise use the result of mixed-content blocker to allow or block the
load.
nsISiteSecurityService adds an optional boolean out parameter to
determine if the HSTS state is already cached for negative assertions.
If the host has been probed within the previous 24 hours, no HSTS
priming check will be sent.
MozReview-Commit-ID: ES1JruCtDdX
--HG--
extra : rebase_source : 2ac6c93c49f2862fc0b9e595eb0598cd1ea4bedf
2016-09-27 11:27:00 -04:00
Valentin Gosu
29eff7dfe4
Bug 1231565 - (Part 3) Make alt-data responses report the correct content length r=michal
...
MozReview-Commit-ID: DvQP7NB4SqW
2016-09-27 10:26:00 +02:00
Andi-Bogdan Postelnicu
55e8cb71fa
Bug 1282408 - Add ignore-initialization-check annotation to variables mPeakSizeID and mPeakCountID from Http2BaseCompressor. r=valentin
...
MozReview-Commit-ID: H5DsehXu2nr
2016-09-28 11:08:44 +03:00
Francois Marier
16c0d80286
Bug 1302938 - Explain why user referrer trimming policy can be overriden. r=dragana
...
MozReview-Commit-ID: GfmeIu2WEGX
--HG--
extra : rebase_source : 386c056f51dd351e7713806cec2292f5a226e8ef
2016-09-27 13:25:35 -07:00
Sebastian Hengst
cc132d092f
Backed out changeset 04cda7684b40 (bug 1217876) for failing xpcshell test test_resumable_channel_wrap.js in debug builds. r=backout
2016-09-25 11:00:29 +02:00
Andrea Marchesini
ff1efcb34a
Bug 1217876 - nsIXMLHttpRequest must show the authentication prompt correctly when used by addons in e10s, r=mayhemer
2016-09-25 07:50:44 +02:00
Thomas Nguyen
8c6badef26
Bug 1276836 - Implement same-origin, strict-origin, strict-origin-when-cross-origin referrer policy. r=mcmanus,jdm
...
MozReview-Commit-ID: 39AFT4RgHpl
--HG--
extra : rebase_source : 1512555cb0da30a0fbbfd58c27e4a4d48a93586e
2016-09-22 16:27:42 -07:00
Valentin Gosu
76d2cd8b5d
Bug 1231565 - (Part 2) Allow storing alternate data in the HTTP cache r=honzab
...
* Add PAltDataOutputStream.ipdl to be able to open an OutputStream to the cache entry in the child process
* AltDataOutputStreamChild/Parent are Main Thread only for now.
* Adds methods for reading and writing alt-data to nsICacheInfoChannel.idl
* Keep a ref of the cache entry after OnStopRequest in case the consumer tries to open the alt-data output stream
MozReview-Commit-ID: jlraDI97Hg
2016-04-11 05:17:02 +02:00
Honza Bambas
26354e9b7b
Bug 1311682 - Rename LOG in PackagedAppService.cpp to avoid redefine of LOG directing to nsHttp log module. r=valentin
2016-10-20 06:47:00 -04:00
Josh Matthews
903b01d434
Bug 1300464 - Avoid overriding security info with null. r=orange
2016-09-23 13:04:33 -04:00
Josh Matthews
701a2f8248
Bug 1300464 - Propagate redirecting channel's security information to new HTTP channels when intercepted channels are redirected. r=mayhemer
...
--HG--
extra : rebase_source : 2655a88e05214b1c3fc5ab03be446e56b9afdb78
2016-09-16 13:38:07 -04:00
Nicholas Hurley
01c12cb1ef
Bug 1296280 (part 2) - Add pref for our SETTINGS_MAX_TABLE_SIZE. r=mcmanus
...
MozReview-Commit-ID: 44CYEvJOno0
--HG--
extra : rebase_source : 5317d25981bf83ab8cc9b921055cc9028a1d4470
2016-08-24 14:35:43 -07:00