Граф коммитов

1937 Коммитов

Автор SHA1 Сообщение Дата
Boris Zbarsky 36e6030c74 Bug 1514050 part 2. Stop recomputing cross-compartment wrappers on document.domain changes. r=bholley
The change to test_clonewrapper.xul is because in the new setup we've already
tried handing an object across origins via chrome code, so it has a cached
(opaque) wrapper.  When we set document.domain and pass the same object again,
we end up picking up the cached wrapper when we try to wrap across the
compartment boundary, so don't grant access when perhaps we should...

This does lead to a possible spec violation in the following situation:

1) Two documents (A, B) start out same-site but different-origin.
2) Privileged code (system or extension) puts a reference to an object from
site A into site B.  This object gets an opaque CCW.
3) Both sites set document.domain to become same-effective-script-origin and
then site B goes through the site A Window and the object graph hanging off it
and gets to the object involved.  It gets an opaque CCW when it should have a
transparent CCW.

We could fix this if we kept recomputing wrappers on document.domain change and
just fixed the compartment filter used by the recomputation.  But this seems
like a pretty rare situation, and not one web sites can get into without an
assist from a somewhat buggy extension or system code, so let's see whether we
can just live with it and remove the recomputation.

Differential Revision: https://phabricator.services.mozilla.com/D18032

--HG--
extra : moz-landing-system : lando
2019-01-30 19:02:34 +00:00
Myk Melez 25349d2601 Bug 1518283 - prohibit blank lines at the beginning and end of blocks (eslint padded-blocks) r=mossop,Standard8
Differential Revision: https://phabricator.services.mozilla.com/D17526

--HG--
extra : moz-landing-system : lando
2019-01-30 17:26:25 +00:00
shindli 011ea038cb Merge mozilla-central to inbound. a=merge CLOSED TREE 2019-01-29 23:54:31 +02:00
Shane Caraveo 3e429f056f Bug 1521573 web_accessible incognito support, r=kmag,smaug
Prevent web_accessible_resources resources loading in private contexts when extension does not have permission.

Differential Revision: https://phabricator.services.mozilla.com/D17138

--HG--
extra : moz-landing-system : lando
2019-01-29 15:40:09 +00:00
Kris Maglione e930b89c34 Bug 1514594: Part 3 - Change ChromeUtils.import API.
***
Bug 1514594: Part 3a - Change ChromeUtils.import to return an exports object; not pollute global. r=mccr8

This changes the behavior of ChromeUtils.import() to return an exports object,
rather than a module global, in all cases except when `null` is passed as a
second argument, and changes the default behavior not to pollute the global
scope with the module's exports. Thus, the following code written for the old
model:

  ChromeUtils.import("resource://gre/modules/Services.jsm");

is approximately the same as the following, in the new model:

  var {Services} = ChromeUtils.import("resource://gre/modules/Services.jsm");

Since the two behaviors are mutually incompatible, this patch will land with a
scripted rewrite to update all existing callers to use the new model rather
than the old.
***
Bug 1514594: Part 3b - Mass rewrite all JS code to use the new ChromeUtils.import API. rs=Gijs

This was done using the followng script:

https://bitbucket.org/kmaglione/m-c-rewrites/src/tip/processors/cu-import-exports.jsm
***
Bug 1514594: Part 3c - Update ESLint plugin for ChromeUtils.import API changes. r=Standard8

Differential Revision: https://phabricator.services.mozilla.com/D16747
***
Bug 1514594: Part 3d - Remove/fix hundreds of duplicate imports from sync tests. r=Gijs

Differential Revision: https://phabricator.services.mozilla.com/D16748
***
Bug 1514594: Part 3e - Remove no-op ChromeUtils.import() calls. r=Gijs

Differential Revision: https://phabricator.services.mozilla.com/D16749
***
Bug 1514594: Part 3f.1 - Cleanup various test corner cases after mass rewrite. r=Gijs
***
Bug 1514594: Part 3f.2 - Cleanup various non-test corner cases after mass rewrite. r=Gijs

Differential Revision: https://phabricator.services.mozilla.com/D16750

--HG--
extra : rebase_source : 359574ee3064c90f33bf36c2ebe3159a24cc8895
extra : histedit_source : b93c8f42808b1599f9122d7842d2c0b3e656a594%2C64a3a4e3359dc889e2ab2b49461bab9e27fc10a7
2019-01-17 10:18:31 -08:00
Ehsan Akhgari 7426dccfc0 Bug 1522596 - Remove nsIIPCSerializableURI and move its only member to nsIURI; r=valentin
Differential Revision: https://phabricator.services.mozilla.com/D17531

--HG--
extra : moz-landing-system : lando
2019-01-25 13:32:36 +00:00
Kyle Machulis d9173f8644 Bug 1518991 - Make nsIPrincipal URI getter infallible; r=bholley
nsIPrincipal::GetURI returns NS_OK for all implementations. Make it
infallible so we can clean up status checks in C++ code that uses principals.

Differential Revision: https://phabricator.services.mozilla.com/D16145

--HG--
extra : moz-landing-system : lando
2019-01-10 05:44:33 +00:00
Gijs Kruitbosch 7de2c5899e Bug 1515863, r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D15957

--HG--
extra : rebase_source : 748d4849050c3f2042f45f083cc7c99137963721
2019-01-08 16:59:21 +01:00
Gijs Kruitbosch ceecd61c16 Bug 1515863, r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D15221

--HG--
extra : rebase_source : 64431f64e9af7a961ffcd47c7b8e01dbecc71b07
2018-12-21 11:56:47 +00:00
Kris Maglione eb14dd1d2c Bug 1478124: Part 8b - Update DocShell module to use a static component manifest. r=bzbarsky
Differential Revision: https://phabricator.services.mozilla.com/D15040

--HG--
extra : rebase_source : d89ac470241cb6f6a43c29c6e90b1c0e4fc78028
extra : source : b0444e0bc801f828b49f9953a73498cf5ff5024b
2018-12-16 17:27:58 -08:00
arthur.iakab c1fae83952 Backed out 16 changesets (bug 1478124) for failing android geckoview-junit CLOSED TREE
Backed out changeset fce62c77a56b (bug 1478124)
Backed out changeset eb2fa3b5edf7 (bug 1478124)
Backed out changeset 8dacce59fcc0 (bug 1478124)
Backed out changeset 012fd0107204 (bug 1478124)
Backed out changeset 496aaf774697 (bug 1478124)
Backed out changeset 21f4fda03159 (bug 1478124)
Backed out changeset b0444e0bc801 (bug 1478124)
Backed out changeset d94039b19943 (bug 1478124)
Backed out changeset 5d85deac61c2 (bug 1478124)
Backed out changeset 929fd654c9df (bug 1478124)
Backed out changeset 1ddd80d9e91a (bug 1478124)
Backed out changeset b8d2dfdfc324 (bug 1478124)
Backed out changeset f500020a273a (bug 1478124)
Backed out changeset dd00365ebb55 (bug 1478124)
Backed out changeset 538e40c5ee13 (bug 1478124)
Backed out changeset bedaa9c437ad (bug 1478124)
2019-01-29 10:03:06 +02:00
Kris Maglione 586d1722ec Bug 1478124: Part 8b - Update DocShell module to use a static component manifest. r=bzbarsky
Differential Revision: https://phabricator.services.mozilla.com/D15040

--HG--
extra : rebase_source : 4de6207229742168f534f618fe4881f19e3135c9
extra : absorb_source : 63106bea2b2a9c9a90e2d8cd08429b5de0f2cd09
extra : histedit_source : 02a263131b092b1d1ac4901f1a37a1b842b3103f
2018-12-16 17:27:58 -08:00
Dave Townsend 4e82401311 Bug 1515863, r=valentin,ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D15728

--HG--
extra : rebase_source : 2e1c705dd97d458080387896fd7a1f0e88523e06
2018-04-11 12:52:47 -07:00
Ciure Andrei 7a748ae68f Merge mozilla-central to autoland. a=merge CLOSED TREE 2019-01-04 01:03:06 +02:00
Boris Zbarsky 058f83508f Bug 1517434 part 2. Convert existing callers of GetIsSystemPrincipal() to IsSystemPrincipal(). r=mccr8
Differential Revision: https://phabricator.services.mozilla.com/D15673

--HG--
extra : moz-landing-system : lando
2019-01-03 20:55:38 +00:00
Boris Zbarsky 2c0124d662 Bug 1517434 part 1. Add a fast inline nsIPrincipal::IsSystemPrincipal. r=mccr8
Differential Revision: https://phabricator.services.mozilla.com/D15672

--HG--
extra : moz-landing-system : lando
2019-01-03 20:08:55 +00:00
Emilio Cobos Álvarez 63814207cb Bug 1516853 - Merge nsIDocument and nsDocument. r=smaug
Differential Revision: https://phabricator.services.mozilla.com/D15498

--HG--
extra : moz-landing-system : lando
2018-12-31 14:10:19 +00:00
Emilio Cobos Álvarez d2ed260822 Bug 1517241 - Rename nsIDocument to mozilla::dom::Document. r=smaug
Summary: Really sorry for the size of the patch. It's mostly automatic
s/nsIDocument/Document/ but I had to fix up in a bunch of places manually to
add the right namespacing and such.

Overall it's not a very interesting patch I think.

nsDocument.cpp turns into Document.cpp, nsIDocument.h into Document.h and
nsIDocumentInlines.h into DocumentInlines.h.

I also changed a bunch of nsCOMPtr usage to RefPtr, but not all of it.

While fixing up some of the bits I also removed some unneeded OwnerDoc() null
checks and such, but I didn't do anything riskier than that.
2019-01-03 17:48:33 +01:00
Jan de Mooij cccc414b7a Bug 1512029 part 1 - Stop calling JS_GetCompartmentPrincipals for system compartments. r=bzbarsky
Because it release-asserts the compartment has a single realm.

I also renamed JS_GetCompartmentPrincipals to JS_DeprecatedGetCompartmentPrincipals
to discourage people from using it.

Differential Revision: https://phabricator.services.mozilla.com/D14252

--HG--
extra : moz-landing-system : lando
2018-12-16 14:59:46 +00:00
vinoth 7a5f2bb9db Bug 1508282 - Temporary whitelist of files to skip Eval Assertion r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D13520

--HG--
extra : moz-landing-system : lando
2018-12-14 13:21:41 +00:00
Tooru Fujisawa 7983faeb5d Bug 1511393 - Use c-basic-offset: 2 in Emacs mode line for C/C++ code. r=nbp 2018-12-01 04:52:05 +09:00
Benjamin Bouvier a7f1d173a0 Bug 1511383: Update vim modelines after clang-format; r=sylvestre
- modify line wrap up to 80 chars; (tw=80)
- modify size of tab to 2 chars everywhere; (sts=2, sw=2)

--HG--
extra : rebase_source : 7eedce0311b340c9a5a1265dc42d3121cc0f32a0
extra : amend_source : 9cb4ffdd5005f5c4c14172390dd00b04b2066cd7
2018-11-30 16:39:55 +01:00
Sylvestre Ledru 265e672179 Bug 1511181 - Reformat everything to the Google coding style r=ehsan a=clang-format
# ignore-this-changeset

--HG--
extra : amend_source : 4d301d3b0b8711c4692392aa76088ba7fd7d1022
2018-11-30 11:46:48 +01:00
Jan Varga de23109c58 Bug 1286798 - Part 21: Base domain needs to be handled too if strict file origin policy is not in effect; r=bholley,asuth,dholbert 2018-11-29 21:48:22 +01:00
Timothy Guan-tin Chien b4eeedcbf1 Bug 1497940 - Part IV, Move pluginProblem resources from chrome://mozapps to chrome://global r=mossop
This is needed because UA Widget cannot load resources from chrome://mozapps.

Depends on D11701

Differential Revision: https://phabricator.services.mozilla.com/D11702

--HG--
rename : toolkit/themes/osx/mozapps/plugins/pluginHelp-16.png => toolkit/themes/osx/global/plugins/pluginHelp-16.png
rename : toolkit/themes/osx/mozapps/plugins/pluginHelp-16.png => toolkit/themes/windows/global/plugins/pluginHelp-16.png
extra : moz-landing-system : lando
2018-11-22 05:49:22 +00:00
Dorel Luca 30a79bc822 Backed out 3 changesets (bug 1497940) for Browser-chrome in toolkit/mozapps/extensions/test/browser/browser_CTP_plugins.js
Backed out changeset 493083d55865 (bug 1497940)
Backed out changeset b503b1a1552c (bug 1497940)
Backed out changeset 6918f8e2f38c (bug 1497940)

--HG--
rename : toolkit/themes/windows/global/plugins/pluginHelp-16.png => toolkit/themes/osx/mozapps/plugins/pluginHelp-16.png
2018-11-22 05:04:55 +02:00
Timothy Guan-tin Chien 809372b7ab Bug 1497940 - Part IV, Move pluginProblem resources from chrome://mozapps to chrome://global r=mossop
This is needed because UA Widget cannot load resources from chrome://mozapps.

Depends on D11701

Differential Revision: https://phabricator.services.mozilla.com/D11702

--HG--
rename : toolkit/themes/osx/mozapps/plugins/pluginHelp-16.png => toolkit/themes/osx/global/plugins/pluginHelp-16.png
rename : toolkit/themes/osx/mozapps/plugins/pluginHelp-16.png => toolkit/themes/windows/global/plugins/pluginHelp-16.png
extra : moz-landing-system : lando
2018-11-22 02:12:12 +00:00
Boris Zbarsky 9691e7ba88 Bug 1507540 part 3. Use more notxpcom attributes in netwerk/. r=valentin 2018-11-19 20:17:53 -05:00
Boris Zbarsky b88f0dc956 Bug 1507540 part 1. Use more notxpcom attributes in caps/. r=mrbkap 2018-11-19 20:17:52 -05:00
Jan de Mooij bccfe7c569 Bug 1508065 - Change JS_PUBLIC_{API,DATA} and JS_FRIEND_{API,DATA} to be more like similar macros to avoid confusing clang-format. r=tcampbell
Differential Revision: https://phabricator.services.mozilla.com/D12256

--HG--
extra : moz-landing-system : lando
2018-11-19 17:02:47 +00:00
Jonathan Kingston 2a8b750345 Bug 1502743 - Replace black/whitelist within caps to block/allowlist r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D10013

--HG--
extra : moz-landing-system : lando
2018-10-31 17:56:43 +00:00
Kyle Machulis 6d3b4e7492 Bug 1492648 - Move from nsDocShellLoadInfo to nsDocShellLoadState; r=bz, nika
Creates the nsDocShellLoadState object, which is basically
nsDocShellLoadInfo plus a few extra fields to make it usable as a
single argument to nsDocShell::LoadURI (and eventually
nsDocShell::InternalLoad).

Subframe history handling is a huge logic block in
nsDocShell::LoadURI, which is only used on history loads. This patch
also extracts the logic out into its own function to make the body of
LoadURI clearer.
2018-10-29 17:13:29 -07:00
Kyle Machulis ee8ccacb05 Backed out changeset fa8487b94a38 due to a=BUSTAGE on comm-central 2018-10-29 12:28:02 -07:00
Tim Huang 15c3ab7c9c Bug 1492607 - Part 1: Making postMessage to be aware of OAs when the targetOrigin is "*." r=arthuredelstein,baku
This patch adds a MOZ_DIAGNOSTIC_ASSERT for assuring the OAs
are matching when the targetOrigin is "*" for the postMessage().
But it ignores the FPD in OA since the FPDs are possible to be
different.

We also add a new pref 'privacy.firstparty.isolate.block_post_message'
for allowing blocking postMessage across different FPDs.

Differential Revision: https://phabricator.services.mozilla.com/D8521

--HG--
extra : moz-landing-system : lando
2018-10-25 06:47:08 +00:00
Kyle Machulis ca0550b32b Bug 1492648 - Move from nsDocShellLoadInfo to nsDocShellLoadState r=bzbarsky,nika
Creates the nsDocShellLoadState object, which is basically
nsDocShellLoadInfo plus a few extra fields to make it usable as a
single argument to nsDocShell::LoadURI (and eventually
nsDocShell::InternalLoad).

Subframe history handling is a huge logic block in
nsDocShell::LoadURI, which is only used on history loads. This patch
also extracts the logic out into its own function to make the body of
LoadURI clearer.

Differential Revision: https://phabricator.services.mozilla.com/D6944

--HG--
rename : docshell/base/nsDocShellLoadInfo.cpp => docshell/base/nsDocShellLoadState.cpp
rename : docshell/base/nsDocShellLoadInfo.h => docshell/base/nsDocShellLoadState.h
extra : moz-landing-system : lando
2018-10-26 03:50:37 +00:00
Collin Wing 795a861aad Bug 1497087 Remove eula support from addons manager r=Gijs,aswan
Differential Revision: https://phabricator.services.mozilla.com/D8149

--HG--
extra : rebase_source : 906a5e7e38ba1293002579e699425c7410601d92
extra : source : 2d0174d68cec998537cb529f688c96cfa729a892
2018-10-19 21:52:20 +00:00
Margareta Eliza Balazs 1a7c7d8823 Merge mozilla-central to autoland. a=merge CLOSED TREE 2018-10-23 12:31:53 +03:00
Andrea Marchesini 4439acd683 Bug 1498510 - Move nsICSPEventListener out of CSP object, r=ckerschb 2018-10-23 08:17:13 +02:00
Julian Descottes 73e3a16c0d Bug 1499096 - Use ok() with 2 arguments instead of 3 when possible;r=Standard8
Depends on D8740.
This changeset replaces calls to ok with 3 arguments to calls with 2 arguments
in situations where the switch does not have a significant impact on the assert.

Differential Revision: https://phabricator.services.mozilla.com/D8741

--HG--
extra : moz-landing-system : lando
2018-10-23 07:13:35 +00:00
Mark Banner ceaeb93550 Bug 1486741 - Enable ESLint rule comma-dangle for all of mozilla-central (automatic fixes). r=mossop
Differential Revision: https://phabricator.services.mozilla.com/D8389

--HG--
extra : moz-landing-system : lando
2018-10-19 12:55:39 +00:00
Narcis Beleuzu 5d00f78a13 Backed out changeset 8dd09fad1f35 (bug 1492648) for bc failures on browser_auto_close_window.js
--HG--
rename : docshell/base/nsDocShellLoadState.cpp => docshell/base/nsDocShellLoadInfo.cpp
rename : docshell/base/nsDocShellLoadState.h => docshell/base/nsDocShellLoadInfo.h
2018-10-19 10:11:33 +03:00
Kyle Machulis 0bb3246aa5 Bug 1492648 - Move from nsDocShellLoadInfo to nsDocShellLoadState r=bzbarsky,nika
Creates the nsDocShellLoadState object, which is basically
nsDocShellLoadInfo plus a few extra fields to make it usable as a
single argument to nsDocShell::LoadURI (and eventually
nsDocShell::InternalLoad).

Subframe history handling is a huge logic block in
nsDocShell::LoadURI, which is only used on history loads. This patch
also extracts the logic out into its own function to make the body of
LoadURI clearer.

Differential Revision: https://phabricator.services.mozilla.com/D6944

--HG--
rename : docshell/base/nsDocShellLoadInfo.cpp => docshell/base/nsDocShellLoadState.cpp
rename : docshell/base/nsDocShellLoadInfo.h => docshell/base/nsDocShellLoadState.h
extra : moz-landing-system : lando
2018-10-18 22:14:54 +00:00
Christoph Kerschbaumer bf820bc9d2 Bug 1499355: EnsurePreloadCSP on SystemPrincipal should return error. r=baku 2018-10-17 07:05:55 +02:00
vinoth 7b887cfbbc Bug 1498885 - Assertion added in ContentSecurityPolicyPermitsJSAction() to not allow eval with SystemPrincipal r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D8683

--HG--
extra : moz-landing-system : lando
2018-10-15 08:02:04 +00:00
Jan de Mooij cfc1f8fa90 Bug 1491728 - Fix ContentPrincipal::GetSiteOrigin to handle IPv6 addresses correctly. r=bzbarsky
The problem is that we used ThirdPartyUtil.getBaseDomain and for IP addresses that
returns the host, and for IPv6 addresses GetHost strips the '[' and ']' brackets.
Then when we passed that IP address to SetHost, we failed because SetHost wants
the brackets to be present.

This patch changes GetSiteOrigin to call getBaseDomain on the TLD service instead,
so we can handle this case ourselves by not calling SetHost when we have an IP
address. GetBaseDomain still uses ThirdPartyUtil.

I tried to add a test for this (with an iframe + postMessage) but the mochitest
http server doesn't support IPv6.

Differential Revision: https://phabricator.services.mozilla.com/D6523

--HG--
extra : moz-landing-system : lando
2018-10-01 12:16:39 +00:00
Kris Maglione b9ad1e41b7 Bug 1473933: Remove xpinstallConfirm dialog. r=aswan
Differential Revision: https://phabricator.services.mozilla.com/D6854

--HG--
extra : rebase_source : 15a43212697a02ef7aa35eccc4b3c09bd195d7ed
2018-09-25 15:33:52 -07:00
Christoph Kerschbaumer 60e3239dee Bug 1490874: Log Principal based Security Errors to the Security pane in the console. r=smaug 2018-09-25 07:25:05 +02:00
shindli 0b6d93ef4d Backed out changeset 510e95767aeb (bug 1490874) for security failures in browser/components/payments/test/mochitest/test_basic_card_form.html CLOSED TREE 2018-09-24 11:43:30 +03:00
Christoph Kerschbaumer 0df81cd9f4 Bug 1490874: Log Principal based Security Errors to the Security pane in the console. r=smaug 2018-09-24 09:34:04 +02:00
Jan de Mooij 4a02cf562c Bug 1491342 - Ignore document.domain in ShouldWaiveXray. r=bholley
We want to get rid of JS_GetCompartmentPrincipals. The origin stored in CompartmentPrivate does not account for document.domain changes because that's a per-realm thing.

Fortunately we should not have waivers in any cases that involve document.domain.

Differential Revision: https://phabricator.services.mozilla.com/D6035

--HG--
extra : moz-landing-system : lando
2018-09-21 07:13:15 +00:00