Граф коммитов

1893 Коммитов

Автор SHA1 Сообщение Дата
Phil Ringnalda 858a553b02 Backed out 2 changesets (bug 1386103) for Android x86 build bustage
Backed out changeset eec506d87d03 (bug 1386103)
Backed out changeset 3f9ec011c9bd (bug 1386103)

MozReview-Commit-ID: 8ak71R7vUOC
2017-08-08 22:08:54 -07:00
Nicholas Nethercote 7512aa2dea Bug 1386103 (part 2) - Convert nsFixed[C]String uses to nsAuto[C]String. r=erahm.
In all of these cases the fixed buffer has the same lifetime as the string
object, so we can use nsAuto[C]String for simplicity.

For the 128-length ones in dom/xul/ I just switched to the default of 64 for
simplicity, because the choice of 128 didn't seem that important. (These code
paths weren't hit when I started the browser and opened a few sites.)

Finally, the patch also changes LoggingIdString to use
nsAutoCStringN<NSID_LENGTH>, similar to NullPrincipalURI.
2017-08-01 11:58:56 +10:00
Nicholas Nethercote f941156987 Bug 1386600 - Change nsIStringBundle methods to return |AString| instead of |wstring|. r=emk,sr=dbaron.
This removes about 2/3 of the occurrences of nsXPIDLString in the tree. The
places where nsXPIDLStrings are null-checked are replaced with |rv| checks.

The patch also removes a couple of unused declarations from
nsIStringBundle.idl.

Note that nsStringBundle::GetStringFromNameHelper() was merged into
GetStringFromName(), because they both would have had the same signature.

--HG--
extra : rebase_source : ac40bc31c2a4997f2db0bd5069cc008757a2df6d
2017-08-04 14:40:52 +10:00
Masatoshi Kimura 8b713b2b0f Bug 1375125 - Stop using nsILocalFile in the tree. r=froydnj
This mechanically replaces nsILocalFile with nsIFile in
*.js, *.jsm, *.sjs, *.html, *.xul, *.xml, and *.py.

MozReview-Commit-ID: 4ecl3RZhOwC

--HG--
extra : rebase_source : 412880ea27766118c38498d021331a3df6bccc70
2017-08-04 17:49:22 +09:00
Christoph Kerschbaumer 256e249566 Bug 1381761 - Treating 'data:' documents as unique, opaque origins should still inherit the CSP. r=smaug,dveditz 2017-08-04 14:11:17 +02:00
Masatoshi Kimura 8ed4a80a4e Bug 1322874 - Get rid of nsIURI.originCharset. r=valentin.gosu
nsIURI.originCharset had two use cases:
 1) Dealing with the spec-incompliant feature of escapes in the hash
    (reference) part of the URL.
 2) For UI display of non-UTF-8 URLs.

For hash part handling, we use the document charset instead. For pretty
display of query strings on legacy-encoded pages, we no longer care to them
(see bug 817374 comment 18).

Also, the URL Standard has no concept of "origin charset". This patch
removes nsIURI.originCharset for reducing complexity and spec compliance.

MozReview-Commit-ID: 3tHd0VCWSqF

--HG--
extra : rebase_source : b2caa01f75e5dd26078a7679fd7caa319a65af14
2017-08-02 20:43:30 +09:00
Masatoshi Kimura f143125cc2 Bug 1326520 - Rename nsIURI.path to pathQueryRef. r=valentin.gosu
MozReview-Commit-ID: DqJdTGopR9G

--HG--
extra : rebase_source : e8c9eb03468c075b79013b6e0bd8b367229c24cd
2017-07-29 20:50:21 +09:00
Rajesh Kathiriya 48e6bc2124 Bug 1374620 - Enabled the ESLint dot-notation rule across mozilla-central r=standard8
MozReview-Commit-ID: FadrI2li43G

--HG--
extra : rebase_source : b455e846ab79c8141150517e67e542e3e06d630e
2017-07-25 23:45:41 +05:30
Nicholas Nethercote 72c884bf74 Bug 1384835 (part 3, attempt 2) - Remove the Preferences::Get*CString() variants that return nsAdoptingCString. r=froydnj.
--HG--
extra : rebase_source : d317b25be2ec21d1a60d25da3689e46cdce0b649
2017-07-31 14:28:48 +10:00
Nicholas Nethercote d4f9aa5530 Bug 1384835 (part 2, attempt 2) - Remove the Preferences::Get*String() variants that return nsAdoptingString. r=froydnj.
--HG--
extra : rebase_source : 6c24fbacb03d4adebe5f22b5e7fc60b069913f20
2017-07-31 14:23:50 +10:00
Bob Owen 9fe7a4201d Bug 1378377 Part 1: Expose file:// URI whitelist check to chrome JS. r=bz
This is required so that we can check the whitelist and run domains that are
allowed to use file:// URIs in the file content process.
2017-07-19 09:37:25 +01:00
Nicholas Nethercote c86dc10505 Bug 1380227 - Avoid many UTF16toUTF8 and UTF8toUTF16 conversions in nsStringBundle. r=emk.
Most of the names passed to nsIStringBundle::{Get,Format}StringFromUTF8Name
have one of the two following forms:

- a 16-bit C string literal, which is then converted to an 8-bit string in
  order for the lookup to occur;

- an 8-bit C string literal converted to a 16-bit string, which is then
  converted back to an 8-bit string in order for the lookup to occur.

This patch introduces and uses alternative methods that can take an 8-bit C
string literal, which requires changing some signatures in other methods and
functions. It replaces all C++ uses of the old methods.

The patch also changes the existing {Get,Format}StringFromName() methods so
they take an AUTF8String argument for the name instead of a wstring, because
that's nicer for JS code.

Even though there is a method for C++ code and a different one for JS code,
|binaryname| is used so that the existing method names can be used for the
common case in both languages.

The change reduces the number of NS_ConvertUTF8toUTF16 and
NS_ConvertUTF16toUTF8 conversions while running Speedometer v2 from ~270,000 to
~160,000. (Most of these conversions involved the string
"deprecatedReferrerDirective" in nsCSPParser.cpp.)

--HG--
extra : rebase_source : 3bee57a501035f76a81230d95186f8c3f460ff8e
2017-07-12 15:13:37 +10:00
Valentin Gosu f957fd9eef Bug 945240 - Make nsIURI.host & variants return ASCII strings r=mcmanus
* nsStandardURL::GetHost/GetHostPort/GetSpec contain an punycode encoded hostname.
* Added nsIURI::GetDisplayHost/GetDisplayHostPort/GetDisplaySpec which have unicode hostnames, depending on the hostname, character blacklist and the network.IDN_show_punycode pref
* remove mHostEncoding since it's not needed anymore (the hostname is always ASCII encoded)
* Add mCheckedIfHostA to know when GetDisplayHost can return the regular host, or when we need to use the cached mDisplayHost

MozReview-Commit-ID: 4qV9Ynhr2Jl
* * *
Bug 945240 - Make sure nsIURI.specIgnoringRef/.getSensitiveInfoHiddenSpec/.prePath contain unicode hosts when network.standard-url.punycode-host is set to false r=mcmanus

MozReview-Commit-ID: F6bZuHOWEsj

--HG--
extra : rebase_source : d8ae8bf774eb22b549370ca96565bafc930faf51
2017-07-11 19:09:10 +02:00
Haik Aftandilian 676e702f00 Bug 1334550 - Part 2 - Add nsISubstitutionObserver and update test_extensionURL.html; r=jimm
Adds nsISubstitutionObserver so that substitutions set on a
parent nsISubstitutingProtocolHandler which are then propagated
to child processes can be observed in the child.

Updates test_extensionURL.html to set substitutions on the parent
ExtensionProtocolHandler before trying to load moz-extension URI's
using those substitutions.

MozReview-Commit-ID: JaW1A3uZpoO

--HG--
extra : rebase_source : b908a3ef51c2b077809614fd39595c3255dff7ad
2017-06-21 16:13:23 -07:00
Florian Quèze 2924991bf6 Bug 1368456 - remove Promise.jsm imports in tests, r=mconley. 2017-06-23 11:25:52 +02:00
Kris Maglione 5a4378940a Bug 1375654: Package file_data.txt for chrome mochitests. r=mccr8
MozReview-Commit-ID: 9W8o69z5WUJ

--HG--
extra : rebase_source : a815c5c147f4a70905a87f27b436fc169daa4e1e
extra : amend_source : 3977a27ea9a68312e5d8a648aaeec4d843ff367f
2017-06-22 14:57:52 -07:00
Florian Quèze 5b8f8b884c Bug 1374282 - script generated patch to remove Promise.defer calls, r=Mossop. 2017-06-22 12:51:42 +02:00
Florian Quèze 66f6d259bc Bug 1374282 - script generated patch to remove Task.jsm calls, r=Mossop. 2017-06-22 12:51:42 +02:00
Honza Bambas 9e38f7b8fc Bug 1319111 - Expose 'result principal URI' on LoadInfo as a source for NS_GetFinalChannelURI (removes some use of LOAD_REPLACE flag). r=bz, r=mikedeboer
--HG--
extra : rebase_source : c9690f4b8decd39a10da676bd50ec09cb2ad8892
2017-05-30 18:07:59 +02:00
Peter Van der Beken 9b9495bf79 Bug 1252211 - Remove DOMCI for TreeSelection, XULCommandDispatcher and XULControllers. r=bz.
--HG--
extra : rebase_source : 5a24af4928dbd7754850c6e3ceff6646bfe58c93
2017-05-18 09:07:25 +02:00
Carsten "Tomcat" Book 4a5a3d9f30 Backed out changeset 2c51cdd42834 (bug 1252211) for bustage 2017-06-13 12:20:33 +02:00
Peter Van der Beken 9d549d2f23 Bug 1252211 - Remove DOMCI for TreeSelection, XULCommandDispatcher and XULControllers. r=bz.
--HG--
extra : rebase_source : db24985f7e8f6d4ca4df13015d565ec0063ba355
extra : source : f361697cb50b47dc4db94a6730b6604ab69217f5
2017-05-18 09:07:25 +02:00
Kris Maglione e51750a9c4 Bug 1322235: Part 6 - Replace AddonPolicyService with a stub implementation in ExtensionPolicyService. r=mixedpuppy,zombie
This replaces the JS policy service stubs with a pure C++ version which
directly makes policy decisions based on active WebExtensionPolicy objects.

This is the first step in a larger refactoring, which will remove the
ExtensionManagement module entirely, and replace the current add-on policy
service with direct, non-virtual access to native WebExtensionPolicy objects.

It will also be followed by related changes to migrate the content script and
extension page matching to native code, based on the existing MatchPattern and
WebExtensionPolicy bindings.

MozReview-Commit-ID: 2MpbmXZGiPZ

--HG--
extra : rebase_source : 8b268618164b45605143e858665e592de829a6fa
2017-06-03 17:12:14 -07:00
Andrea Marchesini e7eda19b3d Bug 1369323 - Get rid of nsScriptSecurityManager::GetNoAppCodebasePrincipal, r=bholley 2017-06-02 11:05:28 +02:00
Andrea Marchesini 9eee06711a Bug 1369314 - Fixing comments related to appId in nsIScriptSecurityManager, r=bholley 2017-06-02 11:05:28 +02:00
Andrea Marchesini 1cb008c2f2 Bug 1369314 - Get rid of nsScriptSecurityManager::GetAppCodebasePrincipal, r=bholley 2017-06-02 11:05:28 +02:00
Andrea Marchesini 884d9efc73 Bug 1369316 - Get rid of nsIPrincipal.unknownAppId, r=bholley 2017-06-02 11:05:28 +02:00
Andrea Marchesini cead0b042c Bug 1369310 - Get rid of nsIPrincipal.appStatus, r=bholley 2017-06-02 11:05:28 +02:00
Mark Banner 0ce286101c Bug 1359011 - Make the mozilla/recommended eslint configuration the default for the whole tree. r=mossop
MozReview-Commit-ID: HtUW43tCli1

--HG--
extra : rebase_source : 6496bc47860d9c1ab522a78e73b41550700021cb
2017-04-25 20:12:21 +01:00
Dan Banner 04aa928f5b Bug 1348362 - Cleanup chrome://global/skin/icons - Remove unused files. r=dao
MozReview-Commit-ID: EZVP5SeYDGw

--HG--
extra : rebase_source : 9224d4a8d71e2ed932206640057fbcbd74bf3396
2017-05-07 19:16:27 +01:00
Hemant Singh Patwal 6acadff2d1 Bug 1362421 - Enable eslint on caps/tests/mochitest/browser_checkloaduri.js. r=standard8
MozReview-Commit-ID: ZIec0SdBaa

--HG--
extra : rebase_source : 7bf902837ab737ddb8fbeacae96030403fcce57f
2017-05-12 20:06:39 +05:30
Geoff Brown 21d0203054 Bug 1361859 - Enable eslint on caps/ directory; r=standard8
Stop excluding caps/ from eslint runs and apply mozilla/recommended rules.
This generally affects xpcshell and mochitest files under caps/tests.
Includes many mechanical changes to comply with mozilla recommended
formatting rules.
2017-05-08 07:49:06 -06:00
Yoshi Huang 332addc285 Bug 1344170: set firstPartyDomai on blob: URI. r=smaug
A web page could generate an URL by URl.createObjectURL(new Blob(...));
then navigate to this generated URL.

In this case the (top-level) document URI will be blob:{origin}:{uuid}.
And we try to add firstPartyDomain on this top-level document with blob URI, so
the following request from this document could have correct origin
attributes.
2017-04-24 14:12:03 +08:00
Andrea Marchesini 9a3ddb1908 Bug 1357208 - No warning message when the creation of the principal origin fails, r=bholley 2017-04-19 08:00:11 +02:00
Gijs Kruitbosch a81cfadca0 Bug 1356193 - rename securityFlags local variable for code clarity reasons, r=ckerschb
MozReview-Commit-ID: DmU4ORvXHNY

--HG--
extra : rebase_source : 687cf2ee500839182c4a2f785fc51e9b71476f3c
2017-04-13 11:36:18 +01:00
Ehsan Akhgari 067b18b9f3 Bug 1316683 - Part 5: Avoid going into SpiderMonkey for retrieving origin attributes; r=baku
Our caller is C++ code, and the implementations are all also written in C++,
so there is no reason to go through SpiderMonkey here.  This patch also makes
nsILoadContext builtinclass to ensure that the implementation is always native.
2017-04-12 11:32:19 -04:00
Yoshi Huang 34f66889f3 Bug 1346713 - Generate unique firstPartyDomain value for NullPrincipal. r=smaug
In the past we used a fixed value for the firstPartyDomain of
NullPrincipal, now we derive it from the path of NullPrincipal, so it
will be unique everytime we create it.
2017-04-11 16:48:34 +08:00
Frederik Braun 3d9add57b3 Bug 1349517 - Don't set CSP on NullPrincipal if it already has one. r=ckerschb
MozReview-Commit-ID: EKqDr7RxjWE

--HG--
extra : transplant_source : %21C%0D%CC%E1%96%2Aw%D1%DE%0B%D5%CE%019%8F%C5%95ER
2017-03-23 13:21:13 +01:00
Jorg K e09c6c1b10 Bug 1353204 - Follow-up: Use entire spec for origin for Thunderbird. r=bz
--HG--
extra : rebase_source : a1847772dc26a5042e9cd71b066e0d5843daf4de
2017-04-10 14:04:11 +02:00
Bobby Holley 564ee797a4 Bug 1353204 - Move the hostPort case after the nsIStandardURL check. r=bz
MozReview-Commit-ID: HIqxhEE41G0
2017-04-05 21:35:07 -07:00
Bobby Holley 4e4b492742 Bug 1353204 - Factor out the full-spec-to-origin machinery and use it if the Thunderbird-only flag is set. r=bz
MozReview-Commit-ID: 8acGT0n6O3X
2017-04-05 21:35:07 -07:00
Gijs Kruitbosch 8a8722824e Bug 1352513 - re-add the hidden window exception behind a pref, r=bholley
MozReview-Commit-ID: 3q1CZ5QCuus

--HG--
extra : rebase_source : adb93e2ee26e17f8ce03023deebc85d657dfe498
2017-04-03 11:47:22 +01:00
Gijs Kruitbosch 17162a90b4 Bug 1145470 - remove hiddenWindow specialcasing from CheckLoadURI code, r=bholley
All the consumers relying on this have disappeared, so we can (finally!) get
rid of this ugly bit of special-casing.

MozReview-Commit-ID: HSeeG21O0p4

--HG--
extra : rebase_source : faebaf646308fe29b1c23e4117db2c1ea52ad658
2017-03-30 11:16:17 +01:00
Andrea Marchesini 2c716cd273 Bug 1347817 - Principal must always have a valid origin - part 6 - fixing tests, r=ehsan 2017-03-29 15:28:46 +02:00
Andrea Marchesini 3c0ea7282d Bug 1347817 - Principal must always have a valid origin - part 4 - origin passed as argument when a principal is created, r=bholley 2017-03-29 08:24:01 +02:00
Andrea Marchesini 6ad34a8c5e Bug 1347817 - Principal must always have a valid origin - part 3 - move origin to BasePrincipal, r=bholley 2017-03-29 08:22:26 +02:00
Andrea Marchesini 8d4516d1d9 Bug 1347817 - Principal must always have a valid origin - part 2 - move OriginAttributes to the BasePrincipal, r=bholley 2017-03-29 08:21:03 +02:00
Andrea Marchesini d0aca06da7 Bug 1347817 - Principal must always have a valid origin - part 1 - renaming GetOriginInternal to GetOriginNoSuffixInternal, r=qdot 2017-03-29 08:19:41 +02:00
Sebastian Hengst 65459a7f0a Backed out changeset a70b549ac35d (bug 1347817) for failing test_websocket-transport.html on OSX 10.10 debug. r=backout 2017-03-29 11:18:41 +02:00
Sebastian Hengst 2d288e10b9 Backed out changeset c0e8522353bd (bug 1347817) 2017-03-29 11:17:22 +02:00
Sebastian Hengst 32c96bb13a Backed out changeset d71d95c73542 (bug 1347817) 2017-03-29 11:17:18 +02:00
Sebastian Hengst f61a4826a3 Backed out changeset 059bcee1ccda (bug 1347817) 2017-03-29 11:17:13 +02:00
Sebastian Hengst eadf7b5c6e Backed out changeset 4af10700c64c (bug 1347817) 2017-03-29 11:17:04 +02:00
Andrea Marchesini 4b77f4a4b9 Bug 1347817 - Principal must always have a valid origin - part 6 - fixing tests, r=ehsan 2017-03-29 08:27:17 +02:00
Andrea Marchesini 0c636438cd Bug 1347817 - Principal must always have a valid origin - part 4 - origin passed as argument when a principal is created, r=bholley 2017-03-29 08:24:01 +02:00
Andrea Marchesini 9ff7505132 Bug 1347817 - Principal must always have a valid origin - part 3 - move origin to BasePrincipal, r=bholley 2017-03-29 08:22:26 +02:00
Andrea Marchesini 6328758fcf Bug 1347817 - Principal must always have a valid origin - part 2 - move OriginAttributes to the BasePrincipal, r=bholley 2017-03-29 08:21:03 +02:00
Andrea Marchesini d775e1a0a0 Bug 1347817 - Principal must always have a valid origin - part 1 - renaming GetOriginInternal to GetOriginNoSuffixInternal, r=qdot 2017-03-29 08:19:41 +02:00
Eric Rahm f9c9fc67cf Bug 1349805 - Convert NS_ENSURE_TRUE in ContentPrincipal::GetOriginInternal to an if statement. r=baku
MozReview-Commit-ID: IgT8ZQ6ByKG
2017-03-23 14:30:16 -07:00
Sebastian Hengst f5e68bc3e1 Backed out changeset ef22dba0dac5 (bug 1316683) for various test failures, e.g. xpcshell netwerk/test/unit/test_bug826063.js and browser-chrome browser/components/downloads/test/browser/browser_iframe_gone_mid_download.js. r=backout on a CLOSED TREE 2017-03-22 20:28:39 +01:00
Ehsan Akhgari 101a58b3c6 Bug 1316683 - Avoid going into SpiderMonkey for retrieving origin attributes; r=baku
Our caller is C++ code, and the implementations are all also written in C++,
so there is no reason to go through SpiderMonkey here.  This patch also makes
nsILoadContext builtinclass to ensure that the implementation is always native.
2017-03-22 14:13:31 -04:00
Andrea Marchesini 8d7c2746ea Bug 1349512 - Move OriginAttributes class in separate files, r=qdot
--HG--
rename : caps/BasePrincipal.cpp => caps/OriginAttributes.cpp
rename : caps/BasePrincipal.h => caps/OriginAttributes.h
2017-03-22 18:45:40 +01:00
Sebastian Hengst 20fb8455d6 Backed out changeset 7e47807067a6 (bug 1316683) for Windows bustage. r=backout 2017-03-22 15:15:27 +01:00
Ehsan Akhgari 9093d5f005 Bug 1316683 - Avoid going into SpiderMonkey for retrieving origin attributes; r=baku
Our caller is C++ code, and the implementations are all also written in C++,
so there is no reason to go through SpiderMonkey here.  This patch also makes
nsILoadContext builtinclass to ensure that the implementation is always native.
2017-03-22 10:03:26 -04:00
Andrea Marchesini 507c00cb9f Bug 1343933 - Renaming Principal classes - part 4 - ContentPrincipal, r=qdot
--HG--
rename : caps/nsPrincipal.cpp => caps/ContentPrincipal.cpp
rename : caps/nsPrincipal.h => caps/ContentPrincipal.h
2017-03-22 11:39:31 +01:00
Andrea Marchesini f91cb666bb Bug 1343933 - Renaming Principal classes - part 3 - SystemPrincipal, r=qdot
--HG--
rename : caps/nsSystemPrincipal.cpp => caps/SystemPrincipal.cpp
rename : caps/nsSystemPrincipal.h => caps/SystemPrincipal.h
2017-03-22 11:39:08 +01:00
Andrea Marchesini 1fd1bc3935 Bug 1343933 - Renaming Principal classes - part 2 - NullPrincipal, r=qdot
--HG--
rename : caps/nsNullPrincipal.cpp => caps/NullPrincipal.cpp
rename : caps/nsNullPrincipal.h => caps/NullPrincipal.h
rename : caps/nsNullPrincipalURI.cpp => caps/NullPrincipalURI.cpp
rename : caps/nsNullPrincipalURI.h => caps/NullPrincipalURI.h
2017-03-22 11:38:40 +01:00
Andrea Marchesini 68207654f2 Bug 1343933 - Renaming Principal classes - part 1 - ExpandedPrincipal, r=qdot
--HG--
rename : caps/nsExpandedPrincipal.cpp => caps/ExpandedPrincipal.cpp
rename : caps/nsExpandedPrincipal.h => caps/ExpandedPrincipal.h
2017-03-22 11:38:17 +01:00
Wes Kocher 4f5262444c Merge inbound to central, a=merge
MozReview-Commit-ID: 2omKclRg40c
2017-03-20 18:19:52 -07:00
Andrea Marchesini 50f7937e84 Bug 1340163 - Introducing originNoSuffix as attribute in ContentPrincipalInfo, r=smaug 2017-03-20 16:03:45 +01:00
Sebastian Hengst a472d9b04f Backed out changeset 54a1f0cb64d9 (bug 1340163) for crashing e.g. in browser/components/originattributes/test/browser/browser_cacheAPI.js. r=backout 2017-03-20 15:38:19 +01:00
Andrea Marchesini 38c6ab4035 Bug 1340163 - Introducing originNoSuffix as attribute in ContentPrincipalInfo, r=smaug 2017-03-20 14:51:54 +01:00
Frederik Braun 622080220c Bug 1073952: proper indentation for nsScriptSecurityManager::GetChannelResultPrincipal r=Tomcat
MozReview-Commit-ID: 84qywpARPwI

--HG--
extra : rebase_source : fd0bc97039e95d93ba0eb7688ef3e1571ef1bba3
2017-01-30 14:13:13 +01:00
Frederik Braun 390a075c26 Bug 1073952: inherit CSP into iframe sandbox srcdoc r=ckerschb,Tomcat
MozReview-Commit-ID: 3fhWCGwgG4A

--HG--
extra : rebase_source : 7e84fafe0ef69b7f6695de825fc254ee0e4209ba
2017-01-30 14:09:37 +01:00
Ehsan Akhgari 15bd78db3c Bug 1347369 - Avoid dynamic allocation of URLParams in OriginAttributes methods; r=baku
These show up in some profiles sometimes, and there is no reason why
the variables can't simply live on the stack.
2017-03-15 23:03:31 -04:00
Yoshi Huang 996e0349b3 Bug 1300671 - set firstPartyDomain on about: pages. r=smaug
When we load about:blank in a remote tab, it will have
LOAD_FLAGS_DISALLOW_INHERIT_PRINCIPAL flag set, which will make
NullPrinicipal as its document principal. So we add
NULL_PRINCIPAL_FIRST_PARTY_DOMAIN as its firstPartyDomain.

So when we load data:, or javascript: URI in a remote tab, it will inherit the
principal from about:blank, hence also inherit the origin attributes.

There are also some about: pages will use codebase principal, so we also
set ABOUT_URI_FIRST_PARTY_DOMAIN as firstPartyDomain on their
principals.
2017-03-14 16:22:02 +08:00
Andrea Marchesini e9195daa8d Bug 1345168 - Get rid of OriginAttributes::Inherit, r=tjr 2017-03-08 07:41:51 +01:00
Carsten "Tomcat" Book 087da3f0d9 merge mozilla-inbound to mozilla-central a=merge 2017-03-07 15:13:31 +01:00
Ehsan Akhgari 9b370e9857 Bug 1344974 - Part 2: Make the non-virtual helpers for principal equality/subsumption checks inline; r=bholley 2017-03-07 00:29:27 -05:00
Ehsan Akhgari 0f5f27679b Bug 1344974 - Part 1: Factor out more non-virtual helpers for principal equality/subsumption checks; r=bholley 2017-03-07 00:22:21 -05:00
Ehsan Akhgari e3ddbde083 Bug 1340710 - Part 10 - Remove BasePrincipal::EqualsIgnoringAddonId which somehow crept back in during the last rebase
Landed on a CLOSED TREE
2017-03-06 23:22:01 -05:00
Ehsan Akhgari 3812e3f854 Bug 1340710 - Part 9: Speed up the OriginAttributes comparison in BasePrincipal::Subsumes(); r=bholley 2017-03-06 22:31:05 -05:00
Ehsan Akhgari 513af88e99 Bug 1340710 - Part 8: Add a fast path for nsIPrincipal::EqualsConsideringDomain() and nsIPrincipal::SubsumesConsideringDomain(); r=bholley 2017-03-06 22:30:54 -05:00
Ehsan Akhgari e6073c48a5 Bug 1340710 - Part 7: Add a fast path for nsIPrincipal::Equals() and nsIPrincipal::EqualsConsideringDomain(); r=bholley 2017-03-06 22:27:59 -05:00
Ehsan Akhgari 3169d6c35c Bug 1340710 - Part 6: Store BasePrincipal::{mOriginNoSuffix,mOriginSuffix} as a pair of atoms; r=bholley
This has the nice side effect of making nsIPrincipal::GetOrigin() a bit faster
by avoiding computing the origin each time.
2017-03-06 22:27:53 -05:00
Ehsan Akhgari 5a95757626 Bug 1340710 - Part 5: Make nsIPrincipal.origin throw for about:blank codebase URI principals; r=bholley
Two about:blank codebase URI principals are only equal if their
object identities are the same, but not if their string
serializations happen to be equal (as they always will be.)  In order
to ensure that we always get this right in places where we compare
the origin properties of two principals to check for their equality,
we should ensure that the origin getter would throw so that we never
incorrectly conclude that two such principals are equal.

We will soon start returning a null principal instead of a codebase
principal under this situation.
2017-03-06 22:27:51 -05:00
Ehsan Akhgari 57d1fd125b Bug 1340710 - Part 4: Fix nsIPrincipal::GetOrigin()'s handling of non-strict file:// URI origin policy; r=bholley 2017-03-06 22:27:45 -05:00
Ehsan Akhgari f3dc163eaf Bug 1340710 - Part 3: Add an assertion to ensure that codebase principals are never constructed with URI schemes such as javascript:, about: and data:; r=bholley 2017-03-06 22:27:40 -05:00
Ehsan Akhgari 8f6e8510f6 Bug 1340710 - Part 2: De-virtualize BasePrincipal::Kind(); r=bholley 2017-03-06 22:27:37 -05:00
Ehsan Akhgari c669405410 Bug 1340710 - Part 1: Remove nsPrincipal::SetURI() since it's unused; r=bholley 2017-03-06 22:27:31 -05:00
David Major ed0b8f8653 Bug 1344615: Remove nsXPCOMStrings.{h,cpp} r=bsmedberg
These are now dead code.

MozReview-Commit-ID: AClU0Qx3kmN

--HG--
extra : rebase_source : df83cf89292da1519bb26027c11e14923d5c54a0
2017-03-06 17:52:54 +13:00
Kris Maglione ee306e28c0 Bug 1314361 - Part 6: Remove the addonId origin attribute. r=bholley 2016-11-08 17:11:32 -08:00
Kris Maglione 7c5ab514b7 Bug 1314361 - Part 5: Remove origin attribute comparison helpers for ignoring addonId. r=bholley 2016-11-04 14:32:26 -07:00
Kris Maglione 45dbac3bdd Bug 1314361 - Part 4: Stop setting addonId origin attribute. r=billm 2016-11-04 18:22:45 -07:00
Kris Maglione af57bdc417 Bug 1314361 - Part 2: Stop using addonId origin attribute for permission checks. r=billm 2016-11-04 15:16:50 -07:00
Kris Maglione 7f01119247 Bug 1314361 - Part 1: Generate nsIPrincipal.addonId from AddonPolicyService rather than origin attributes. r=billm 2016-11-05 22:38:17 -07:00
Masatoshi Kimura 7be7b11a1c Bug 1342144 - Remove version parameter from the type attribute of script elements. r=jmaher
This patch is generated by the following sed script:
find . ! -wholename '*/.hg*' -type f \( -iname '*.html' -o -iname '*.xhtml' -o -iname '*.xul' -o -iname '*.js' \) -exec sed -i -e 's/\(\(text\|application\)\/javascript\);version=1.[0-9]/\1/g' {} \;

MozReview-Commit-ID: AzhtdwJwVNg

--HG--
extra : rebase_source : e8f90249454c0779d926f87777f457352961748d
2017-02-23 06:10:07 +09:00
Andrea Marchesini d0b50071c8 Bug 1341218 - nsNullPrincipal should serialize its URL, r=qdot 2017-02-23 14:30:23 +01:00
Andrea Marchesini e7a1e33581 Bug 1341250 - Moving nsExpandedPrincipal in separate files, r=qdot
--HG--
rename : caps/nsPrincipal.cpp => caps/nsExpandedPrincipal.cpp
rename : caps/nsPrincipal.h => caps/nsExpandedPrincipal.h
2017-02-22 10:01:43 +01:00
Olli Pettay 5a13988731 Bug 1339251 - Make Equals/Subsumes faster when comparing same objects, r=bholley
--HG--
extra : rebase_source : 977c790f03188c4fda83297db026af62ee56a870
2017-02-22 13:19:03 +02:00
Sebastian Hengst c171511b3c Backed out changeset a6267555a244 (bug 1341218) for various test failures, e.g. xpcshell test dom/push/test/xpcshell/test_service_parent.js. r=backout 2017-02-22 11:21:37 +01:00
Sebastian Hengst 0ea43f8182 Backed out changeset f0886e3477a5 (bug 1341250) 2017-02-22 11:20:46 +01:00
Andrea Marchesini c83982c31f Bug 1341250 - Moving nsExpandedPrincipal in separate files, r=qdot
--HG--
rename : caps/nsPrincipal.cpp => caps/nsExpandedPrincipal.cpp
rename : caps/nsPrincipal.h => caps/nsExpandedPrincipal.h
2017-02-22 10:01:43 +01:00
Andrea Marchesini 0626b9d52e Bug 1341218 - nsNullPrincipal should consider its URI in ::Write/::Read, r=qdot 2017-02-22 10:01:43 +01:00
Olli Pettay f3a30cf48d Bug 1339213 - Inline IsRestrictOpenerAccessForFPI, r=tihuang 2017-02-14 13:45:35 +02:00
Shane Caraveo c7c7bd4f51 Bug 1308640 bypass TP when addon has explicit permission to url, r=bz,kmag,mrbkap
MozReview-Commit-ID: BIhoUY2Ug8k

--HG--
extra : rebase_source : 29cc48becfa958ba8f50d254fa6f30fd1820aef9
2017-02-09 21:08:06 -08:00
Gijs Kruitbosch e4b6ebfe64 Bug 1335272 - fix about:cache internal links, r=bz
MozReview-Commit-ID: QzgsTTulJC

--HG--
extra : rebase_source : 8604d1ea660a6c5c811f47fd3ed98ab136e73c6e
2017-02-02 15:10:11 +00:00
Brad Lassey a5e07b93bf bug 1303096 - Stop sending sync messages soon after content process start-up r=billm 2017-02-05 00:52:38 -05:00
Sebastian Hengst 122ebc553b Backed out changeset e9d8a75a0dcc (bug 1303096) for failing various tests on Android 4.3 debug (e.g. test_saveHeapSnapshot_e10s_01.html). r=backout 2017-02-05 10:26:28 +01:00
Brad Lassey ecdf363246 bug 1303096 - Stop sending sync messages soon after content process start-up r=billm 2017-02-05 00:52:38 -05:00
Daniel Holbert c280ee0009 Bug 1259348 part 1: Remove CSSUnprefixingService.js and associated code (since it's been supplanted by built-in webkit-prefixed-CSS support). r=mats
MozReview-Commit-ID: CXCJJWhHc8G

--HG--
extra : rebase_source : a09745ce568c9afde78065d9e837da958e7b252e
2017-02-03 14:56:13 -08:00
Tim Huang 4e31b183a6 Bug 1319773 - Part 2: Add a pref 'privacy.firstparty.isolate.restrict_opener_access' which controls the access of window.opener for different first party domain. r=baku
--HG--
extra : rebase_source : 052dfb3554ba050af85247bcf2587ade26710aac
2017-01-23 10:50:22 +08:00
Tim Huang 3e5d172c95 Bug 1319773 - Part 1: Add a SubsumesConsideringDomainIgnoringFPD in BasePrincipal. r=baku
--HG--
extra : rebase_source : db853a600e666cd11a140153536427c1f4e5882c
2017-01-18 20:17:19 +08:00
Boris Zbarsky 0bf506240a Bug 1335311. Remove the file:/resource: special case in CheckLoadURIFromScript. r=bholley 2017-02-01 15:29:45 -05:00
Ehsan Akhgari b62bca9af3 Bug 1335526 - Ensure that sandboxed channel's result principal is unique; r=bzbarsky 2017-02-01 13:47:26 -05:00
Sebastian Hengst 53d59b106f Backed out changeset a273aee1be72 (bug 1335526) for bustage. r=backout 2017-02-01 17:41:29 +01:00
Ehsan Akhgari 9b36bf10cd Bug 1335526 - Ensure that sandboxed channel's result principal is unique; r=bzbarsky 2017-02-01 11:24:49 -05:00
Florian Quèze 2cf30507bd Bug 1334261 - script-generated patch to remove more newURI null parameters, r=jaws. 2017-01-27 10:51:02 +01:00
Geoff Brown 677d00071c Bug 1305241 - Allow more assertions in test_bug995943.xul; r=jmaher 2017-01-26 07:26:33 -07:00
Eric Rahm 6af429ff8a Bug 1332202 - Convert most infallible NS_EscapeURL calls to fallible version. r=froydnj
This makes most users of |NS_EscapeURL| use the fallible version. A few are
left infallible as it seems like the entire function is assumed to be
infallible.

MozReview-Commit-ID: Cy1L5jQwjO1
2017-01-24 11:11:44 -08:00
Dave Townsend c5f0e2be67 Bug 1331968: Implement the moz: protocol handler to redirect to a fixed website. r=gijs
The protocol handler is intentionally simple. It works for the entering into the
urlbar case but not a lot else. Included some basic tests.

MozReview-Commit-ID: 4FQ1irdt3Nj

--HG--
extra : rebase_source : 30d9fc7ba2c500f268d282e47d291724d9899ba4
2017-01-18 14:10:46 -08:00
Mark Banner 16e6d381ac Bug 503613 - Remove old 'tail =' lines from xpcshell.ini files; r=gps
MozReview-Commit-ID: 62Hp5ISxowJ

--HG--
extra : rebase_source : daa8efb3409031fea553f4fd0c9d0746e38dc308
extra : histedit_source : b4c23aacf678ba0d0ac9c09191a7c494ead11a08
2017-01-18 10:30:39 +00:00
Andrea Marchesini d63b101bc3 Bug 1331751 - Fix the use of nsIURIWithPrincipal in nsPrincipal::GetOriginInternal, r=bkelly 2017-01-18 15:52:24 +01:00
Andrea Marchesini 359ae91eac Bug 1328653 - Merging all the various *OriginAttributes to just one, r=huseby 2017-01-12 17:38:48 +01:00
Joel Maher 160093df2f Bug 1328383 - add BUG_COMPONENT to caps/* files. r=bholley
MozReview-Commit-ID: 64bkvdcsHL9
2017-01-10 12:46:28 -05:00
Florian Quèze fc6379e827 Bug 1329182 - remove trailing newURI null parameters in the rest of the tree, r=jaws. 2017-01-09 20:27:26 +01:00
Andrea Marchesini 2781835fb3 Bug 1321550 - origin should not contain ref part of the URL, r=valentin 2017-01-04 14:53:57 +01:00
Jean-Luc Bonnafoux fe7f4239c6 Bug 1322146 - initialize mFlags variable in constructor. r=dveditz 2016-12-19 12:56:23 +01:00
dimi bcd217b3c0 Bug 1320402 - Move url-classifier off of using appIds. r=ehsan, gcp
MozReview-Commit-ID: IqnAVrv2c9W
2017-01-03 14:21:58 +08:00
Masatoshi Kimura 0c6dc2ea73 Bug 1323683 - Fold nsIURIWithQuery into nsIURI. r=valentin.gosu
MozReview-Commit-ID: BFfgr42sNyx

--HG--
extra : rebase_source : a28d6a3c96f0c86dd7269147f130b3195b1f1faf
2016-12-28 20:40:21 +09:00
Yoshi Huang 2b7e1dceb6 Bug 1324115 - Part 1: add a C++ helper in nsIPrincipal. r=smaug 2016-12-21 14:59:20 +08:00
Andrea Marchesini 912e678ea6 Bug 1322514 - nsIPrincipal::GetOrigin should use the parent principal when dealing with blobURL, r=ehsan 2016-12-08 10:44:59 -10:00
Andrea Marchesini f7f5990527 Bug 1317927 - Media caching needs to use origin attributes, r=cpearce, r=jesup 2016-12-07 07:07:09 -10:00
Gijs Kruitbosch d1260ddfab Bug 1318664 - fix about pages linking to themselves with query parameters, r=bz
MozReview-Commit-ID: Dsqj0L4aIlv

--HG--
extra : rebase_source : 5fde285885cfa4a14200aefc70d1f2395d67d92f
2016-11-23 18:26:44 +00:00
Andrea Marchesini 43e2ee7f71 Bug 1318727 - BroadcastChannel should support data URL - part 2, r=me 2016-11-30 15:31:09 +01:00
Andrea Marchesini a9a05a834d Bug 1318727 - BroadcastChannel should support data URL, r=smaug 2016-11-30 15:13:27 +01:00
Dragana Damjanovic 898f6d8b2a Bug 1317641 - Some loadinfo security flags should not apply in case of a redirect. r=bz
--HG--
extra : rebase_source : aaebbb8628801871e09bc583b3b11a9908b77b92
2016-11-23 17:54:58 -05:00
Andrea Marchesini dd1d53bd2b Bug 1319045 - Get rid of nsPrincipal::GetOriginFromURI, r=qdot 2016-11-22 12:38:41 +01:00
Andrea Marchesini 2f974ccbce Bug 1318273 - Improve the use of SpecialPowers.pushPrefEnv() - part 1, r=qdot 2016-11-18 09:33:33 +01:00
Sebastian Hengst 7110a88674 Backed out changeset d43b778d95c6 (bug 1318273) for failing mochitest fetch/test_formdataparsing.html. r=backout on a CLOSED TREE 2016-11-17 20:58:38 +01:00
Andrea Marchesini cf2ad8072f Bug 1318273 - Improve the use of SpecialPowers.pushPrefEnv() - part 1, r=qdot 2016-11-17 19:36:01 +01:00
Ehsan Akhgari d07f79a266 Bug 1318210 - Remove nsIAppsService; r=baku 2016-11-17 10:41:36 -05:00
Ehsan Akhgari 5cc591dc59 Bug 1318209 - Remove mozIApplication; r=baku 2016-11-17 10:12:43 -05:00
Andrea Marchesini d5b0cbe35a Bug 1315905 - Cleanup Necko http security check - part 1, r=valentin 2016-11-17 14:52:16 +01:00
Ehsan Akhgari eac76d9772 Bug 1310845 - Remove support for mozapp iframes; r=fabrice,jryans,baku,mcmanus
This patch removes support for mozapp iframes, leaving support for
mozbrowser iframes intact.  Some of the code has been rewritten in order
to phrase things in terms of mozbrowser only, as opposed to mozbrowser
or app.  In some places, code that was only useful with apps has been
completely removed, so that the APIs consumed can also be removed.  In
some places where the notion of appId was bleeding out of this API, now
we use NO_APP_ID.  Other notions of appId which were restricted to this
API have been removed.
2016-11-16 09:13:38 -05:00
Carsten "Tomcat" Book 3eacc680db Backed out changeset 7d1f7dd996f7 (bug 1310845) 2016-11-16 14:50:44 +01:00
Ehsan Akhgari cb369370b3 Bug 1310845 - Remove support for mozapp iframes; r=fabrice,jryans,baku,mcmanus
This patch removes support for mozapp iframes, leaving support for
mozbrowser iframes intact.  Some of the code has been rewritten in order
to phrase things in terms of mozbrowser only, as opposed to mozbrowser
or app.  In some places, code that was only useful with apps has been
completely removed, so that the APIs consumed can also be removed.  In
some places where the notion of appId was bleeding out of this API, now
we use NO_APP_ID.  Other notions of appId which were restricted to this
API have been removed.
2016-11-15 18:31:46 -05:00
Gijs Kruitbosch 82d475be93 Bug 1309310, r=bz
MozReview-Commit-ID: KLaMv6zfxR8

--HG--
extra : rebase_source : ccb4d19c874230c512010d3891aae33a69947f62
2016-11-09 18:25:11 +00:00
Tim Huang 950b86072e Bug 1313627 - Get the firstPartyDomain from the nodePrincipal of the document in nsDocShell::CanAccessItem() if the first party isolation is on. r=smaug 2016-11-10 14:20:38 +08:00
Christoph Kerschbaumer f2776f1b8d Bug 1308889 - Try to explicitly pass aTriggeringPrincipal and aPrincipalToInherit to DoURILoad(). r=bz 2016-11-08 07:23:12 +01:00
Valentin Gosu 656872593e Bug 1315302 - Remove signedPkg from origin attributes r=baku
MozReview-Commit-ID: L1xvRgeO6De

--HG--
extra : rebase_source : dee943054af499b6e3f0aca2801fa9414f5567be
2016-11-06 16:15:36 +01:00
Sebastian Hengst 8ed57a9dc8 Bug 1310297 - Remove test annotations using b2g, mulet or gonk: caps. r=RyanVM
MozReview-Commit-ID: DXTWNHWatEv

--HG--
extra : rebase_source : da5e99ba431f1bc826101d8cc1e1bcb599aaa5fb
2016-11-05 11:29:13 +01:00
Kris Maglione 8b10d432c1 Bug 1308920: Part 1 - Add an EqualsIgnoringAddonId method to BasePrincipal. r=bholley
This is meant as a temporary stopgap until we can stop using origin attributes
to store add-on IDs.

MozReview-Commit-ID: DHstOTyu7pR

--HG--
extra : rebase_source : adb8fbfaadf6e914b5aa15c2693a35056669506c
2016-11-02 10:04:13 -07:00
Dave Huseby ce82855c42 Bug 1189086 - Eliminate nsIPrincipal::jarPrefix. r=dveditz 2016-10-24 13:52:00 +02:00
Tom Tromey 0dc689acdd Bug 553032 - use MOZ_FORMAT_PRINTF in js; r=evilpie
MozReview-Commit-ID: DD3DJRkOxmC

--HG--
extra : rebase_source : 61cdf0da1a82b626abc79209ee41e43c3bb152ca
2016-10-11 12:44:40 -06:00
Sebastian Hengst 9e31a95f74 Backed out changeset 2bfd163f23f9 (bug 553032) 2016-10-19 18:29:36 +02:00
Tom Tromey 5b851428f8 Bug 553032 - use MOZ_FORMAT_PRINTF in js; r=evilpie
MozReview-Commit-ID: DD3DJRkOxmC

--HG--
extra : rebase_source : 4f98705e5e2c5ff9860f04384abbc6f5dc18a7a9
2016-10-11 12:44:40 -06:00
Ehsan Akhgari 4a51ebacfa Bug 1310378 - Remove support for mozwidget; r=baku 2016-10-17 13:15:36 -04:00
Ehsan Akhgari 9de6bbbaec Bug 1261019 - Part 3: Remove Navigator.mozApps and code depending on it; r=myk,jryans,fabrice,mcmanus,peterv 2016-10-13 13:18:41 -04:00
Christoph Kerschbaumer fb07f658e3 Bug 1305012 - Downgrade a new channel's principal to NullPrincipal. r=smaug 2016-10-05 21:19:51 +02:00
Cameron McCormack 418bfe72a3 Bug 1300720 - Part 2: Lazily initialize nsScriptSecurityManager::mFileURIWhitelist. r=bholley
MozReview-Commit-ID: 8cqHUlOnsEH
2016-10-03 12:43:17 +08:00
Olli Pettay 9f0454f829 Bug 1306300, null check nsILoadContext in GetLoadContextCodebasePrincipal, r=baku 2016-09-29 20:31:50 +03:00
Gijs Kruitbosch 7de765df42 Bug 1290668 - unbreak view-source links between http and https pages, r=smaug
MozReview-Commit-ID: B4nXTkMC5LE

--HG--
extra : rebase_source : ad7086b7ff58f44b12c3eaaf9b7be8c8955762a5
2016-09-27 13:31:53 +01:00
Tooru Fujisawa 10dd75211d Bug 1289050 - Part 2: Use ASCII or Latin1 variants of JS_ReportError in not-simple cases. r=jwalden 2016-08-15 19:20:01 +09:00
Jonathan Hao 8a70bfa5fc Bug 1302047 - Ignore userContextId and firstPartyDomain when matching permissions. r=baku
--HG--
extra : rebase_source : da81c21da92810d808ebe865a456cc9d04058ce3
2016-09-20 16:35:21 +08:00
Tracy Walker ab9e34053d Bug 1279087 - In caps/tests/mochitests/bug995943.xul, widen range of assertion check for OSX 10.10 to 5-9 to reduce intermittent test timeouts. r=emk 2016-09-26 08:13:38 -05:00
Ehsan Akhgari 9d56bec7a1 Bug 1297687 - Part 5: Require passing an OriginAttribute when constructing an nsExpandedPrincipal; r=bholley 2016-09-22 13:28:04 -04:00
Ehsan Akhgari e45aad00ec Bug 1297687 - Part 3: Ensure that the expanded principal of a sandbox has a sensible OriginAttributes; r=bholley
This patch allows specifying an OriginAttributes when creating a sandbox
using Components.utils.Sandbox() by specifying an originAttributes
member on the options dictionary.

If an OA is specified in this way, it is used for creating codebase
principals from the string arguments passed to the function.  Otherwise,
if one or more principals are passed in the array argument to Sandbox(),
the OA of the principal(s) is used to construct codebase principals from
the strings inside the array.  In this case, we check to make sure that
all of the passed principals have the same OA, otherwise we'll throw an
exception.

In case no explicit OA is specified and no principals are passed in the
array argument, we create the codebase principals using a default OA.
2016-09-22 13:27:51 -04:00
Ehsan Akhgari 5404c2dc93 Bug 1297687 - Part 2: Allow specifying an OriginAttribute when creating an expanded principal; r=bholley 2016-09-22 13:27:40 -04:00
Ehsan Akhgari 6b65aceec2 Bug 1297687 - Part 1: Remove nsIScriptSecurityManager.createExpandedPrincipal(); r=bholley 2016-09-22 13:27:33 -04:00
Christoph Kerschbaumer bc9a70d964 Bug 1297338 - Introduce concept of principalToInherit to docshell and scriptSecurityManager. r=bz 2016-09-20 08:36:25 +02:00
Nicholas Nethercote 8c9e80a613 Bug 1297300 - Add missing checks to GetSpec() calls in caps/ and js/. r=mrbkap.
This required making GetScriptLocation() fallible.

--HG--
extra : rebase_source : a678e86c443988897d88550bec1cd1d21c3e919e
2016-08-30 14:22:04 +10:00
Michael Layzell 36e08437d0 Bug 1018486 - Part 8: Various other changes, r=smaug
MozReview-Commit-ID: B0dsomkWgEk
2016-09-07 10:50:45 -04:00
Yoshi Huang 10b437080c Bug 1260931 - Part 3: Propagate firstPartyDomain. r=smaug 2016-09-06 10:25:58 +08:00
Yoshi Huang 85a594681d Bug 1260931 - Part 1: add firstPartyDomain. r=smaug
Add an origin attribute called 'firstPartyDomain'.
This value will be extracted from the URL bar.

And the purpose of this attribute is used to isolate the data-jars.
Please see the tor documentation.
https://www.torproject.org/projects/torbrowser/design/#identifier-linkability

The idea is like a superset of 'reject third party cookies', but not
only apply for cookies, it also applies to all data-jars like localStorage,
indexedDB and so on.

So basically an iframe will have its own data-jar, and this data-jar is
isolated by the URL from URL bar, for instance, an iframe
https://facebook.com inside https://cnn.com won't share data-jar with
the iframe (https://facebook.com) in https://bbc.com
2016-09-06 10:25:48 +08:00
Sebastian Hengst 60d03b201e Backed out changeset 935ffd53f193 (bug 1260931) for failing xpcshell test test_packaged_app_service.js. r=backout 2016-09-05 21:16:10 +02:00
Sebastian Hengst c9519f7c29 Backed out changeset b9afda2804fd (bug 1260931) 2016-09-05 21:15:29 +02:00
Yoshi Huang 6cca1d0c54 Bug 1260931 - Part 3: Propagate firstPartyDomain. r=smaug 2016-09-06 01:50:30 +08:00
Yoshi Huang 6c3b62e2fb Bug 1260931 - Part 1: add firstPartyDomain. r=smaug
Add an origin attribute called 'firstPartyDomain'.
This value will be extracted from the URL bar.

And the purpose of this attribute is used to isolate the data-jars.
Please see the tor documentation.
https://www.torproject.org/projects/torbrowser/design/#identifier-linkability

The idea is like a superset of 'reject third party cookies', but not
only apply for cookies, it also applies to all data-jars like localStorage,
indexedDB and so on.

So basically an iframe will have its own data-jar, and this data-jar is
isolated by the URL from URL bar, for instance, an iframe
https://facebook.com inside https://cnn.com won't share data-jar with
the iframe (https://facebook.com) in https://bbc.com
2016-09-06 01:50:15 +08:00
Wes Kocher a2ca4e17ce Backed out changeset 1e7eb0625d3e (bug 1297687) a=merge 2016-09-02 13:18:37 -07:00
Sebastian Hengst 7080f0c942 Backed out changeset dd200883aa79 (bug 1260931) for permafailing test_child_docshell.html on Android debug. r=backout 2016-09-02 15:33:51 +02:00
Sebastian Hengst df3ad10e28 Backed out changeset 10da0eca7bbb (bug 1260931) 2016-09-02 15:33:51 +02:00
Sebastian Hengst 31c5f85098 Backed out 5 changesets (bug 1260931)
Backed out changeset 86e1a437021b (bug 1260931)
Backed out changeset be65e87da9e3 (bug 1260931)
Backed out changeset 39cff1d988fd (bug 1260931)
Backed out changeset 2fa7c4d8a5bc (bug 1260931)
Backed out changeset 075d612841fb (bug 1260931)
2016-09-02 14:55:59 +02:00
Sebastian Hengst 7db44d87f4 Backed out changeset dd200883aa79 (bug 1260931) for permafailing test_child_docshell.html on Android debug. r=backout 2016-09-02 14:39:43 +02:00
Sebastian Hengst 5bbaac898b Backed out changeset 10da0eca7bbb (bug 1260931) 2016-09-02 14:38:42 +02:00
Yoshi Huang 88b9430165 Bug 1260931 - Part 3: Propagate firstPartyDomain. r=smaug 2016-09-02 15:04:40 +08:00
Yoshi Huang e48e6c5e6c Bug 1260931 - Part 1: add firstPartyDomain. r=smaug
Add an origin attribute called 'firstPartyDomain'.
This value will be extracted from the URL bar.

And the purpose of this attribute is used to isolate the data-jars.
Please see the tor documentation.
https://www.torproject.org/projects/torbrowser/design/#identifier-linkability

The idea is like a superset of 'reject third party cookies', but not
only apply for cookies, it also applies to all data-jars like localStorage,
indexedDB and so on.

So basically an iframe will have its own data-jar, and this data-jar is
isolated by the URL from URL bar, for instance, an iframe
https://facebook.com inside https://cnn.com won't share data-jar with
the iframe (https://facebook.com) in https://bbc.com
2016-09-02 15:04:40 +08:00
Nicholas Nethercote b71747b2ac Bug 1299727 - Rename NS_WARN_IF_FALSE as NS_WARNING_ASSERTION. r=erahm.
The new name makes the sense of the condition much clearer. E.g. compare:

  NS_WARN_IF_FALSE(!rv.Failed());

with:

  NS_WARNING_ASSERTION(!rv.Failed());

The new name also makes it clearer that it only has effect in debug builds,
because that's standard for assertions.

--HG--
extra : rebase_source : 886e57a9e433e0cb6ed635cc075b34b7ebf81853
2016-09-01 15:01:16 +10:00
Ehsan Akhgari 7d8261a6b9 Bug 1297687 - Use the OriginAttributes associated with a window principal when creating a Sandbox with an expanded principal; r=baku 2016-09-01 14:34:23 -04:00
Andrea Marchesini d4c8ccb2d4 Bug 1298664 - Indentation fix in nsPrincipal::SubsumesInternal, r=smaug 2016-08-29 05:26:41 +02:00
Yoshi Huang 69ed1a79e4 Bug 1244340 - Part 2: add setOriginAttributes in nsIXMLHttpRequest. r=sicking
Add a ChromeOnly method called 'setOriginAttributes' on the XMLHttpRequest,
so that we can override the origin attributes for those XHRs running by XUL
(which will use System Principal).
2016-08-26 18:59:00 +08:00
Kan-Ru Chen b6d880aca1 Bug 1297276 - Rename mfbt/unused.h to mfbt/Unused.h for consistency. r=froydnj
The patch is generated from following command:

  rgrep -l unused.h|xargs sed -i -e s,mozilla/unused.h,mozilla/Unused.h,

MozReview-Commit-ID: AtLcWApZfES


--HG--
rename : mfbt/unused.h => mfbt/Unused.h
2016-08-24 14:47:04 +08:00
Kan-Ru Chen 29b9a17a92 Bug 1295103 - Use MOZ_MUST_USE in OriginAttributes. r=allstars
MozReview-Commit-ID: PWUb81L8ya

--HG--
extra : rebase_source : 2bdc7adc7a6b5fd121a4621086fab6f87834dd20
2016-08-15 18:22:44 +08:00
Dragana Damjanovic 67635a6600 Bug 1295636 - SetHostPort should reset the port if the host parameter does not have a port number. r=valentin, r=smaug
--HG--
extra : rebase_source : 2e63afd5708c55810206f9bc47b6f078a0824400
2016-08-17 23:25:00 -04:00
Wes Kocher e9097643d5 Merge inbound to central, a=merge 2016-08-12 13:44:29 -07:00
Jan de Mooij 0ad12515f4 Bug 1292892 part 1 - Stop using JSRuntime outside SpiderMonkey. r=bz,terrence,fitzgen,kanru 2016-08-11 14:39:22 +02:00
Nicholas Nethercote bab6d17ebf Bug 1293117 (part 4) - Change many NS_IMETHODIMP occurrences to NS_IMETHOD. r=froydnj.
This patch makes the following changes on many in-class methods.

- NS_IMETHODIMP F() override;      --> NS_IMETHOD F() override;
- NS_IMETHODIMP F() override {...} --> NS_IMETHOD F() override {...}
- NS_IMETHODIMP F() final;         --> NS_IMETHOD F() final;
- NS_IMETHODIMP F() final {...}    --> NS_IMETHOD F() final {...}

Using NS_IMETHOD is the preferred way of marking in-class virtual methods.
Although these transformations add an explicit |virtual|, they are safe --
there's an implicit |virtual| anyway because |override| and |final| only work
with virtual methods.

--HG--
extra : rebase_source : 386ee4e4ea2ecd8d5001efabc3ac87b4d6c0659f
2016-08-08 10:54:47 +10:00
Rob Wu 9069fff35f Bug 1197451 - Add clipboardWrite permission r=billm
MozReview-Commit-ID: 6d1mQSVWRPe

--HG--
extra : rebase_source : 2f19bab5c9d6db25c60b2b19c06c7027384a04ca
2016-07-08 17:19:17 -07:00
James Andreou 3585e16752 Bug 1283281 - Remove PB Flag from DOMStorage. r=jdm 2016-06-29 14:01:00 +02:00
Andrew McCreight 20456a6f50 Bug 1292289, part 2 - Remove includes of xpcprivate.h in caps/. r=mrbkap
Also remove some unused nsIXPConnect headers.

With the prior patch and this patch, touching xpcprivate.h does not
require rebuilding the caps directory.

MozReview-Commit-ID: HAL0FscGqjM

--HG--
extra : rebase_source : 6d0fcb66d5b6e2654919eb0d035c4365fb30273f
2016-08-04 11:19:24 -07:00