Граф коммитов

184 Коммитов

Автор SHA1 Сообщение Дата
Michael Layzell 8e946df619 Bug 1293001 - Part 2: Change the BinaryName of nsIContentSecurityPolicy::getPolicy from GetPolicy (which overloaded another virtual method), to GetPolicyString, r=froydnj
MozReview-Commit-ID: 4XWRar3Uuw
2016-08-11 15:49:40 -04:00
Thomas Wisniewski 95d1c98761 Bug 918703 - Part 2: Correct progress event logic so events are sent in the correct order and with the correct values according to spec. r=baku
--HG--
extra : rebase_source : da5305fdfb1b28404199733f68cb65803a087e38
2016-08-05 23:47:40 -04:00
Gabor Krizsanits f6bc83a18a Bug 1285894 - Fixing test_bug803225.html for e10s-multi. r=mrbkap 2016-08-01 12:26:38 +02:00
Christoph Kerschbaumer 886e7cd571 Bug 1289085: CSP - Test referrer with no valid src. r=dveditz 2016-07-29 22:53:59 +02:00
Thomas Wisniewski 6a1fb99d2b Bug 709991 - Fire onerror instead of throwing on network errors for async XHRs. r=bz 2016-07-30 00:24:56 -04:00
Iris Hsiao caea40742f Backed out changeset 8dc198cd46ff (bug 1246540) for Mochitest failures 2016-07-27 13:14:07 +08:00
Kate McKinley c6650db185 Bug 1246540 HSTS Priming Proof of Concept
HSTS priming changes the order of mixed-content blocking and HSTS
upgrades, and adds a priming request to check if a mixed-content load is
accesible over HTTPS and the server supports upgrading via the
Strict-Transport-Security header.

Every call site that uses AsyncOpen2 passes through the mixed-content
blocker, and has a LoadInfo. If the mixed-content blocker marks the load as
needing HSTS priming, nsHttpChannel will build and send an HSTS priming
request on the same URI with the scheme upgraded to HTTPS. If the server
allows the upgrade, then channel performs an internal redirect to the HTTPS URI,
otherwise use the result of mixed-content blocker to allow or block the
load.

nsISiteSecurityService adds an optional boolean out parameter to
determine if the HSTS state is already cached for negative assertions.
If the host has been probed within the previous 24 hours, no HSTS
priming check will be sent.

(r=ckerschb,r=mayhemer,r=jld,r=smaug,r=dkeeler,r=jmaher,p=ally)
2016-07-26 13:03:00 +08:00
Iris Hsiao a7c8429fc4 Backed out changeset d7e39be85498 (bug 1246540) for Mochitest failures 2016-07-27 11:15:52 +08:00
Kate McKinley 567ebcf321 Bug 1246540 - HSTS Priming Proof of Concept. r=ckerschb, r=mayhemer, r=jld, r=smaug, r=dkeeler, r=jmaher, p=ally
HSTS priming changes the order of mixed-content blocking and HSTS
upgrades, and adds a priming request to check if a mixed-content load is
accesible over HTTPS and the server supports upgrading via the
Strict-Transport-Security header.

Every call site that uses AsyncOpen2 passes through the mixed-content
blocker, and has a LoadInfo. If the mixed-content blocker marks the load as
needing HSTS priming, nsHttpChannel will build and send an HSTS priming
request on the same URI with the scheme upgraded to HTTPS. If the server
allows the upgrade, then channel performs an internal redirect to the HTTPS URI,
otherwise use the result of mixed-content blocker to allow or block the
load.

nsISiteSecurityService adds an optional boolean out parameter to
determine if the HSTS state is already cached for negative assertions.
If the host has been probed within the previous 24 hours, no HSTS
priming check will be sent.
2016-07-26 13:03:00 -04:00
Carsten "Tomcat" Book dcae5b0335 Merge mozilla-central to fx-team 2016-07-26 11:58:36 +02:00
Carsten "Tomcat" Book a3904e8a8a Merge mozilla-central to mozilla-inbound 2016-07-25 15:59:01 +02:00
Carsten "Tomcat" Book b9a6c687fa merge mozilla-inbound to mozilla-central a=merge 2016-07-25 15:50:41 +02:00
Franziskus Kiefer 249fa77287 Bug 1263793 - update SAN, r=mgoodwin,ulfr
MozReview-Commit-ID: HtMKl2gP1xi

--HG--
extra : rebase_source : 5173dda521679b2ce6c8caabb3b54cce4f658640
2016-07-25 09:44:19 +02:00
Carsten "Tomcat" Book 0a5622c093 Backed out changeset 640247e978ba (bug 1246540) for bustage 2016-07-24 15:59:31 +02:00
Kate McKinley 547500d5a7 Bug 1246540 - HSTS Priming Proof of Concept. r=honzab
HSTS priming changes the order of mixed-content blocking and HSTS
upgrades, and adds a priming request to check if a mixed-content load is
accesible over HTTPS and the server supports upgrading via the
Strict-Transport-Security header.

Every call site that uses AsyncOpen2 passes through the mixed-content
blocker, and has a LoadInfo. If the mixed-content blocker marks the load as
needing HSTS priming, nsHttpChannel will build and send an HSTS priming
request on the same URI with the scheme upgraded to HTTPS. If the server
allows the upgrade, then channel performs an internal redirect to the HTTPS URI,
otherwise use the result of mixed-content blocker to allow or block the
load.

nsISiteSecurityService adds an optional boolean out parameter to
determine if the HSTS state is already cached for negative assertions.
If the host has been probed within the previous 24 hours, no HSTS
priming check will be sent.

(r=ckerschb,r=mayhemer,r=jld,r=smaug,r=dkeeler,r=jmaher,p=ally)
2016-07-22 18:35:00 +02:00
Johann Hofmann 0e04940e1a Bug 1277524 - Add moz-extension to the list of potentially trustworthy origins. r=tanvi
MozReview-Commit-ID: BvR7Xb0AE9N

--HG--
extra : rebase_source : dfe2d600b15a6cffd49be454b3394106c3ff9bb3
extra : histedit_source : 8b03564ebced1305ce79652d904e7bb95a92a2e8
2016-06-02 17:14:27 +02:00
Christoph Kerschbaumer 022d9af2b3 Bug 1285003 - Test insecure http port :80 allows secure https port :443. r=dveditz 2016-07-22 11:32:21 +02:00
Carsten "Tomcat" Book c7846e126c Backed out changeset 16aa7041c009 (bug 1287107) for causing xpcshell and mac tests 2016-07-22 11:30:23 +02:00
Fabrice Desré f5b619fb28 Bug 1287107 - Making transition alive with gaia as chrome:// r=bholley,fabrice
MozReview-Commit-ID: 9uVUrmuVFXQ

--HG--
extra : rebase_source : d0c19fcda5c72ecdce3b0d0bbbafa5a7954d7a4c
2016-03-03 09:58:47 -08:00
Tom Tromey 5538d692d3 Bug 1286877 - do not set c-basic-offset for python-mode; r=gps
This removes the unnecessary setting of c-basic-offset from all
python-mode files.

This was automatically generated using

    perl -pi -e 's/; *c-basic-offset: *[0-9]+//'

... on the affected files.

The bulk of these files are moz.build files but there a few others as
well.

MozReview-Commit-ID: 2pPf3DEiZqx

--HG--
extra : rebase_source : 0a7dcac80b924174a2c429b093791148ea6ac204
2016-07-14 10:16:42 -06:00
Franziskus Kiefer dd5231632f Bug 1263793 - Using content signature verifier for verifying remote newtab, r=keeler,mayhemer
MozReview-Commit-ID: ABXYYseKImq

--HG--
extra : rebase_source : 79614e5215e738dff9683ad447245bd830c887bf
2016-05-19 10:59:48 +02:00
Wes Kocher e2d9911273 Backed out changeset 21d8bb5af7b4 (bug 1263793) for leaks in various jobs CLOSED TREE 2016-07-20 11:16:37 -07:00
Franziskus Kiefer 9b9c643025 Bug 1263793 - Using content signature verifier for verifying remote newtab, r=keeler,mayhemer
MozReview-Commit-ID: CHUPgBr8WaC

--HG--
extra : rebase_source : 969bd058a157c7307b7a4d3c2a4c5d62e82b7489
2016-05-19 10:59:48 +02:00
Christoph Kerschbaumer f2c908b15d Bug 471020 - Test X-Content-Type-Options: nosniff. r=dveditz 2016-07-20 12:33:29 +02:00
Christoph Kerschbaumer 23f7b47719 Bug 1273430 - Test CSP upgrade-insecure-requests for doc.write(iframe). r=tanvi 2016-07-20 09:26:16 +02:00
Fabrice Desré 7846da76d6 Bug 1287107 - Making transition alive with gaia as chrome:// r=bholley,fabrice
MozReview-Commit-ID: 9uVUrmuVFXQ

--HG--
extra : rebase_source : 20f6f0235667530c21aca4889b5d33e39c2d1a48
2016-03-03 09:58:47 -08:00
Wes Kocher c9783f64cb Backed out 4 changesets (bug 471020) for frequent Windows w(2) failures CLOSED TREE a=merge
Backed out changeset d9675ab3d203 (bug 471020)
Backed out changeset 3ee328c56de0 (bug 471020)
Backed out changeset 000576e264bd (bug 471020)
Backed out changeset ffe60708c457 (bug 471020)
2016-07-18 16:07:28 -07:00
Christoph Kerschbaumer 6166c48409 Bug 471020 - Test X-Content-Type-Options: nosniff. r=dveditz 2016-07-18 14:47:35 +02:00
Christoph Kerschbaumer 97e696739a Bug 1286376 - Do not call finish multiple times within test_contentpolicytype_targeted_link_iframe.html. r=smaug 2016-07-13 09:04:30 +02:00
Christoph Kerschbaumer 0cd1f7698a Bug 1234813 - Tests for: sendBeacon should not throw if blocked by Content Policy. r=barnes 2016-07-12 07:26:37 +02:00
Christoph Kerschbaumer 68b180b34f Bug 1255240 - Test content policy types within content policies for targeted links in iframes. r=smaug 2016-07-11 20:58:57 +02:00
Christoph Kerschbaumer 84f2bb5302 Bug 1277557 - Test require-sri-for in meta tag r=francois 2016-07-08 07:26:34 +02:00
Francois Marier 11de73857c Bug 1269241 - Add SRI tests for UTF-8 stylesheets. r=ckerschb,r=jkt 2016-07-07 14:44:51 -07:00
Thomas Nguyen bd8bba9788 Bug 959388 - Add csp worker test cases. r=kmckinley
MozReview-Commit-ID: IhEAA89VyTr

--HG--
extra : rebase_source : 63d522eab0477706636aa2e9086f1b0cdc30889d
2016-06-30 12:32:03 +08:00
Paul Roberts edd71bdffd Bug 671389 - Extend CSP tests for iframe sandbox with CSP sandbox directive tests r=grobinson
--HG--
extra : rebase_source : 4a37c0828701909f32870c0079b75b5c55144381
2016-06-28 14:06:06 -07:00
Paul Roberts 6e2b739762 Bug 671389 - Tests for CSP sandbox directive. r=grobinson, r=smaug
--HG--
extra : rebase_source : 8906837f0a8f0afdb3ba3db5463265ef62220f92
2016-06-28 14:03:45 -07:00
Paul Roberts ec18fc5ff7 Bug 671389 - Implement CSP sandbox directive. r=ckerschb r=smaug
--HG--
extra : rebase_source : d9c5f5868c2558a3696cd489674da6f243be11ad
2016-06-29 07:48:44 -07:00
Christoph Kerschbaumer 9e62aecdfc Bug 1278272 - Convert test_csp_upgrade_insecure_request_header.js to channel.asyncOpen2() r=jkt 2016-06-29 13:08:47 +02:00
Jonathan Kingston daa6f72c59 Bug 1279420 - Adding in security.csp.experimentalEnabled pref check to require-sri-for directive in CSP. r=ckerschb
MozReview-Commit-ID: 799ZZoW0YiG

--HG--
extra : transplant_source : %CAC%12%16%C6a%10AP%BEc%85%BA%93Z%7Cq%D43%8D
2016-06-20 19:49:38 +01:00
Christoph Kerschbaumer 25f6f710d7 Bug 1100181 - CSP: Enforce connect-src when submitting pings. r=arroway 2016-06-24 15:25:11 +02:00
Christoph Kerschbaumer 76f6cc7739 Bug 1268327 - ReferrerPolicy should not be delivered through CSPRO r=tnguyen
--HG--
extra : rebase_source : 92bd320351de91b72304c2fc386f1ae295837a9e
2016-06-22 14:13:03 +02:00
Frederik Braun e8df1f59be Bug 1265318: tests for require-sri-for CSP directive. r=ckerschb
MozReview-Commit-ID: Ji14cwB8D3P
2016-05-31 08:30:00 +02:00
Jonathan Hao 525c086187 Bug 1259871 - Replace getSimpleCodebasePrincipal with createCodebasePrincipal. r=sicking
MozReview-Commit-ID: Frx0CjBzuve

--HG--
extra : histedit_source : 036eb321d9ccb20e0e071ba588b0a1249eb34bdd
2016-05-24 18:01:34 +08:00
Carsten "Tomcat" Book 9214312096 Backed out changeset 9feb9c89d33a (bug 959388) 2016-05-23 11:36:10 +02:00
Thomas Nguyen 61fe1800b8 Bug 959388 - Add csp worker test cases. r=kmckinley
MozReview-Commit-ID: Ahx419BHWrS

--HG--
extra : rebase_source : 2016c1e68f990a8ba9cd471e18778c87b08546e1
2016-05-19 11:59:54 +08:00
Christoph Kerschbaumer 52a84afc5c Bug 1273418 - CSP: Test evaluate upgrade-insecure-requests before block-all-mixed-content (r=tanvi) 2016-05-21 19:36:02 +02:00
Henry Chang dc7cba21ef Bug 1251152 - Part 3: Test case. r=franziskus 2016-05-05 11:11:34 +08:00
Christoph Kerschbaumer 9944442791 Bug 1261634 - Tests for whitespace skipping within meta csp. r=dveditz 2016-04-21 21:19:50 +02:00
Jonathan Watt 2bb448cbb2 Bug 1267509 - Make nsContentSecurityManager::IsURIPotentiallyTrustworthy act on an nsIPrincipal. r=bz
MozReview-Commit-ID: Zu1zU4Brkx

--HG--
rename : dom/security/test/unit/test_isURIPotentiallyTrustworthy.js => dom/security/test/unit/test_isOriginPotentiallyTrustworthy.js
2016-04-26 11:30:43 +01:00
Christoph Kerschbaumer c607e5cac1 Bug 1263286 - Update csp base-uri tests. r=bz
--HG--
rename : dom/security/test/csp/file_base-uri.html => dom/security/test/csp/file_base_uri_server.sjs
2016-04-26 12:38:06 +02:00