d82c07bf27
Bug 1262635 - Don't strip URIs of ftp: when sending reports. r=dveditz
2016-04-17 20:09:18 +02:00
1d82e1412f
Bug 1192840 - Fix CSP report content-type. r=ckerschb
2016-04-14 12:51:31 +02:00
6c12520100
Bug 1192840 - fix tests to expect correct csp report content-type r=ckerschb
...
MozReview-Commit-ID: TzpGH63EPF
--HG--
extra : transplant_source : %1548%CC%97%F5%3Ca%D6_%0Df%96.%5C%F0%B0%3BE%21
2016-04-08 14:14:38 +02:00
9c0a7ac154
Bug 1105556 - Add a hidden preference that is checked in debug mode to determine whether the main LoadInfo() constructor should assert that the ContentPolicyType is not TYPE_DOCUMENT.
...
Set the preference in xpcshell tests that create TYPE_DOCUMENT loads in javascript and hence end up using the main constructor. r=sicking, ckerschb
2016-04-13 16:30:36 -07:00
b58752765c
Bug 1105556 - Don't call CheckLoadURIWithPrincipal() in DoCheckLoadURIChecks() for TYPE_DOCUMENT loads where we don't have a loadingPrincipal. Ensure SEC_COOKIES_SAME_ORIGIN isn't set for TYPE_DOCUMENT loads in CheckChannel(). r=ckerschb, sicking
2016-04-13 16:30:28 -07:00
4ee65db5e7
Backed out changeset 0c21f872515b (bug 1192840) for failure in modified test_csp_reports.js. r=backout
2016-04-13 19:32:44 +02:00
ae7f565803
Bug 1192840 - fix tests to expect correct csp report content-type r=ckerschb
...
MozReview-Commit-ID: TzpGH63EPF
--HG--
extra : transplant_source : %1548%CC%97%F5%3Ca%D6_%0Df%96.%5C%F0%B0%3BE%21
2016-04-08 14:14:38 +02:00
387bd9e686
Bug 1258005 - Remove setTimeout to avoid intermittent issue. r=bkelly
2016-04-12 00:39:00 +02:00
e1331785d7
Bug 1241634 - Reflow before clicking in mixedcontentblocker test r=mckinley
...
MozReview-Commit-ID: 5rbeuVjaw0B
--HG--
extra : rebase_source : f0f603c31e0e2ee43f8bbac575de3dab0660e333
2016-03-25 16:52:49 +08:00
f7ad23868a
Bug 1250048 - CSP manifest-src doesn't override default-src. r=ckerschb,bkelly,ehsan
...
MozReview-Commit-ID: Ceu3sYUcML4
2016-04-07 14:13:09 -07:00
f7a1b3fb60
Bug 1242051 - Add inter-directory test support file dependencies to ini manifests. r=gps
...
Previously, every test and support file would be synced to the objdir
when running any test. Now that only those support files and tests requested
are synced, we note support files required beyond those in a test's
directory in ini manifests.
MozReview-Commit-ID: EmlDz9d4lqt
2016-04-04 14:56:52 -07:00
74153c556f
Bug 1260153 - remove unreachable code in nsMixedContentBlocker. if/else blocks above all return. r=ckerschb
2016-03-28 12:48:00 +02:00
adb02c6c4f
Bug 1243586 - Test Upgrade-Insecure-Requests HTTP Request Header Field. r=rbarnes
2016-03-01 09:19:28 -08:00
254dd8f12a
Bug 1216365 - nsMixedContentBlocker should use innerMostURI for aContentLocation. r=tanvi
2016-03-28 22:03:26 -07:00
1de9e6ab9d
Bug 1259678 - Refactor SubjectToCSP to avoid calling ShouldLoad if CSP doesn't apply to the content type. r=ckerschb
...
--HG--
extra : rebase_source : 76f914a9dfab38bd5d21ddca519f47a2a5d68963
2016-03-24 23:09:00 -04:00
36d3e09fd4
Bug 1257650 - Skip Security checks if triggeringPrincipal is SystemPrincipal only for subresource loads. r=sicking
...
--HG--
extra : rebase_source : fb8d0827788e70ca87e8cd680e2cdd56941e3c2a
2016-03-18 16:14:03 -07:00
20549b7fe0
Bug 1251043 - Test form submission blocked by CSP. r=francois
2016-03-23 13:38:05 -07:00
fe9aec58c3
Backed out changeset 1d5e6c22fd3a (bug 1250048) for CSP failures/assertions in various tests/chunks CLOSED TREE
...
MozReview-Commit-ID: I21ELiYYqdD
--HG--
extra : amend_source : 83d8554e6046153a3cf16ffefed7d6602e822241
2016-03-21 12:42:36 -07:00
2e3ca60562
Bug 1250048 - CSP manifest-src doesn't override default-src. r=ckerschb
...
--HG--
extra : rebase_source : 1f8a65dcb9ea909588991cd5e8970560c3651426
2016-03-20 23:24:00 -04:00
0db9291841
merge mozilla-inbound to mozilla-central a=merge
2016-03-21 15:30:59 +01:00
752343237e
No bug - fix typo r=me
...
DONTBUILD CLOSED TREE
--HG--
extra : rebase_source : 25f0600425dec249f838ed221dde71d401571eb9
extra : amend_source : 49f7ccab9e47083df9e8b7776acc6de73a880473
2016-03-19 21:28:19 -07:00
1a47cfb77a
Bug 1186072 - Add trailing slash to origin referer header when policy is set. r=sworkman
...
MozReview-Commit-ID: 3PYuODmqpbL
--HG--
extra : source : ac4148f22b2d6f76762dac3fd94a6452da80bdde
2016-02-24 10:51:54 +01:00
f750d8988e
Bug 1235572 - Tests of enforcing SRI on remote about:newtab. r=francois
...
MozReview-Commit-ID: 6epw8D4M0FX
--HG--
extra : transplant_source : %87t%D0%60a%B4%14%24%E6%B9%97Q%CDXr%B69%12%E9%0D
2016-03-16 11:19:20 +08:00
84cb2023d7
Bug 1176824 - Intermittent browser_test_web_manifest.js. r=ckerschb
2016-03-16 16:07:00 +01:00
bf87c6c564
Bug 1252829 - CSP Telemetry. r=ckerschb, p=bsmedberg
...
MozReview-Commit-ID: CiNAxh2ZrHB
--HG--
extra : transplant_source : %B8%00%E0%83%1B%29%BDI%DE%09%CDPN%AE%7B9Tk%8B%99
2016-03-02 13:00:09 +01:00
a35cb7baf1
Bug 1122236 - CSP: block-all-mixed-content - test frame navigation (r=tanvi)
2016-03-15 16:08:07 -07:00
18d0d6e8d6
Bug 1122236 - CSP: block-all-mixed-content tests (r=tanvi)
2016-03-15 16:07:49 -07:00
39f2d53360
Bug 1122236 - CSP: Implement block-all-mixed-content (r=tanvi,kate,mrbkap)
2016-01-13 20:58:16 -08:00
5f15eed746
Bug 1241634 - Skip test_frameNavigation.html on Windows and OSX for frequent failures. a=test-only
...
--HG--
extra : rebase_source : ba229e6a62c82ad8c59ae89943fd6181df4275a9
2016-03-15 12:50:07 -04:00
2fb9c40ec1
Bug 1250453 - Remove DOMApplicationRegistry.allAppsLaunchable property and related testing API. r=myk
2016-03-14 16:29:11 +00:00
2b22d469bb
Bug 1226928 - content-signature verification tests for about:newtab, r=mconley
2016-03-14 11:57:16 +01:00
bd54ab19d3
Bug 1226928 - signature verification for content-signing, r=keeler,mayhemer
2016-03-14 11:56:35 +01:00
5e6ba24562
Bug 1227813 - CSP: Ignore unsafe-inline within style-src if hash or nonce specified. r=kmckinley
2016-03-11 15:35:39 -08:00
40da91e7a5
Bug 1242775 - Run parent-process code in the parent. r=mccr8
2016-03-10 17:14:35 -08:00
25fbf67b66
Backed out changeset 878c54ec3954 (bug 1250453)
2016-03-10 14:45:59 +01:00
1902f1c620
Bug 1250453 - Remove DOMApplicationRegistry.allAppsLaunchable property and related testing API. r=myk
2016-03-10 11:12:38 +00:00
eb98199ac0
Backed out changeset ac4148f22b2d (bug 1186072) for referrer test failures
...
--HG--
extra : rebase_source : 124130bb041418eb97862a131ae6365df5cfbdc6
2016-03-03 09:23:59 +01:00
55e0623947
Bug 1186072 - add trailing slash to origin referer header when policy is set, r=sworkman
...
MozReview-Commit-ID: 3PYuODmqpbL
--HG--
extra : transplant_source : %E5P%B1%1F%82%08%07%2A%1C%26%AF%C5%C8%29%B1y%97O%877
2016-02-24 10:51:54 +01:00
8414718c57
Bug 1232903 - Skip Security checks if triggeringPrincipal is SystemPrincipal (r=sicking)
2016-03-01 16:11:37 -08:00
41b26f4a9b
Bug 1195172 - Test Fonts governed by CSP (r=bz)
2016-03-01 13:06:26 -08:00
9ab1648f67
Bug 1195172 - Use channel->ascynOpen2 layout/style/FontFaceSet.cpp (r=bz,cam)
2016-03-01 13:06:13 -08:00
7aa5d59bc7
Bug 1251518. Fix js::ErrorReportToString to make a bit more sense, and change worker code to not use it anyway, so it matches the mainthread code. r=bholley,terrence
2016-03-01 13:49:21 -05:00
8a0731fdde
Bug 1251875 - Part 1: Remove the dom.serviceWorkers.interception.enabled pref; r=bkelly
2016-03-01 09:16:38 -05:00
4712647d7d
Backed out 2 changesets (bug 1243586) for dt5 bustage in netmonitor tests
...
Backed out changeset 06a4d2d48fb2 (bug 1243586)
Backed out changeset 846e31fe5eb2 (bug 1243586)
MozReview-Commit-ID: 69kiDIULtm2
2016-02-29 10:39:04 -08:00
f7017a06c3
Bug 1243586 - Test Upgrade-Insecure-Requests HTTP Request Header Field (r=rbarnes)
2016-02-29 08:46:48 -08:00
56bdfe820a
Bug 1244116 - Telemetry for mixed content requests by plugins. r=smaug, p=ally
...
MozReview-Commit-ID: F9rOb1SdPnL
--HG--
extra : rebase_source : 0b2aa83761880fb6e5a18c3a80ac86fe5ca16923
2016-02-16 15:46:36 +01:00
7413f2bf46
Bug 1251369. Use an AutoJSAPI that reports its own exceptions around the main runloop in workers. r=khuey
...
The silly leading ": " on the error messages is due to bug 1251518
2016-02-26 15:23:13 -05:00
eb71a675d8
Bug 908933 - Part2 - CSP tests: ShouldProcess should block TYPE_OBJECT. r=ckerschb
...
--HG--
extra : rebase_source : 6dcf8d477656e4d5cdb9362b1f1ec561aba420a7
2016-01-27 01:35:53 +08:00
ec146d5159
Bug 908933 - Part1 - CSP: Call ShouldLoad inside ShouldProcess for TYPE_OBJECT. r=ckerschb
...
--HG--
extra : rebase_source : ee8875120e45d84413ab8ed3c9553d3d42e88acd
2014-08-05 11:47:08 -07:00
1f7d8b69b3
Bug 1243178: CSP - Skip sending reports for non http schemes. r=dveditz
2016-01-27 15:56:39 -08:00
Christoph Kerschbaumer
Matt Robenolt
Frederik Braun
Tanvi Vyas
Sebastian Hengst
Marcos Caceres
Jonathan Hao
Chris Manchester
Christoph Kerschbaumer
Wes Kocher
Carsten "Tomcat" Book
Benjamin Peterson
Franziskus Kiefer
Ryan VanderMeulen
Marco Castelluccio
Blake Kaplan
Boris Zbarsky
Ehsan Akhgari
Ethan Tseng