Kate McKinley
d082c41757
Bug 1322044 - Only mark a subdomain cached when includeSubDomains is true r=ckerschb,keeler
...
MozReview-Commit-ID: 3lFkuLauyGg
--HG--
extra : rebase_source : c356f1d4bef73b634eed6ca4d8078281ebc3ce3c
2017-02-13 13:36:01 +09:00
Thomas Nguyen
afaba58d52
Bug 1339004 - Do DocGroup labeling in dom/security. r=ckerschb,smaug
...
MozReview-Commit-ID: 3QoH8P4J85I
--HG--
extra : rebase_source : 6f62454001fc02380f8aea99a56eff38de0e9fb6
2017-03-29 10:20:32 +08:00
Andrea Marchesini
2c716cd273
Bug 1347817 - Principal must always have a valid origin - part 6 - fixing tests, r=ehsan
2017-03-29 15:28:46 +02:00
Sebastian Hengst
eadf7b5c6e
Backed out changeset 4af10700c64c (bug 1347817)
2017-03-29 11:17:04 +02:00
Andrea Marchesini
4b77f4a4b9
Bug 1347817 - Principal must always have a valid origin - part 6 - fixing tests, r=ehsan
2017-03-29 08:27:17 +02:00
Christoph Kerschbaumer
f49ee1fdca
Bug 1316305 - Explicilty call .close() for websocket in test. r=baku
2017-03-22 13:04:02 +01:00
Andrea Marchesini
507c00cb9f
Bug 1343933 - Renaming Principal classes - part 4 - ContentPrincipal, r=qdot
...
--HG--
rename : caps/nsPrincipal.cpp => caps/ContentPrincipal.cpp
rename : caps/nsPrincipal.h => caps/ContentPrincipal.h
2017-03-22 11:39:31 +01:00
Frederik Braun
56207a1b8b
Bug 1073952: tests for iframe sandbox srcdoc and data URIs with CSP r=ckerschb,Tomcat
...
MozReview-Commit-ID: 5Q8XIJPrRPk
--HG--
extra : rebase_source : 391431d3585173d096ab58747a854542dfd3adca
2017-01-30 14:12:15 +01:00
Frederik Braun
17c2bf2604
Bug 1224225: Tests for punycode/unicode in CSP source matching code r=ckerschb,KWierso
...
MozReview-Commit-ID: 21Mr9ekUvnk
--HG--
extra : rebase_source : be5d673efaa31e322fea5da5ff4e7e6fa749daca
2017-03-15 13:22:55 +01:00
Frederik Braun
cef461241c
Bug 1224225: Use GetAsciiHost in CSP source matching code r=ckerschb,KWierso
...
MozReview-Commit-ID: B7SwUEMiVwc
--HG--
extra : rebase_source : d5dbec9f6aac4a627c35fb93f85f8e922fa695dd
2017-03-15 13:22:06 +01:00
Carsten "Tomcat" Book
dba578960e
merge mozilla-inbound to mozilla-central a=merge
2017-03-14 14:23:03 +01:00
Christoph Kerschbaumer
658552e990
Bug 1316305 - Add debug information for test_upgrade_insecure_requests. r=jmaher
2017-03-13 12:00:46 +01:00
David Major
dc67bfc9a3
Bug 1344629 - Part 6: Rewrite unnecessary uses of nsLiteralString. r=dbaron
...
There's an antipattern where nsLiteralString is used as an unnecessary intermediary in converting from CharT* to CharT*,
e.g. CallAFunctionThatTakesACharPointer(NS_LITERAL_CSTRING("foo").get());
or
NS_NAMED_LITERAL_STRING(foo, "abc");
CallAFunctionThatTakesACharPointer(foo.get());
This patch rewrites the callsites that can be trivially changed to use char*/char16_t*.
I'd somewhat like to remove nsTLiteralString::get() altogether, but in code that's less straightforward than these examples, get() is useful enough to keep.
MozReview-Commit-ID: Kh1rUziVllo
--HG--
extra : rebase_source : c21a65694d6e1c42fd88f73632f7ac8f38d005ae
2017-03-14 15:26:27 +13:00
Iris Hsiao
5cece96e1c
Backed out 12 changesets (bug 1344629) for stylo build bustage
...
Backed out changeset cf4273d3ac30 (bug 1344629)
Backed out changeset a96390e044e0 (bug 1344629)
Backed out changeset d9b330f9bc24 (bug 1344629)
Backed out changeset 2b460fe020af (bug 1344629)
Backed out changeset 0ada91b0452e (bug 1344629)
Backed out changeset 083304fcd6bd (bug 1344629)
Backed out changeset 53d7d1ce2c97 (bug 1344629)
Backed out changeset 55eee7078ae4 (bug 1344629)
Backed out changeset 7d3c06b3eca9 (bug 1344629)
Backed out changeset e5df14c3db61 (bug 1344629)
Backed out changeset 636095ff2815 (bug 1344629)
Backed out changeset 0be052ad24c1 (bug 1344629)
2017-03-14 11:52:24 +08:00
David Major
40f4821701
Bug 1344629 - Part 6: Rewrite unnecessary uses of nsLiteralString. r=dbaron
...
There's an antipattern where nsLiteralString is used as an unnecessary intermediary in converting from CharT* to CharT*,
e.g. CallAFunctionThatTakesACharPointer(NS_LITERAL_CSTRING("foo").get());
or
NS_NAMED_LITERAL_STRING(foo, "abc");
CallAFunctionThatTakesACharPointer(foo.get());
This patch rewrites the callsites that can be trivially changed to use char*/char16_t*.
I'd somewhat like to remove nsTLiteralString::get() altogether, but in code that's less straightforward than these examples, get() is useful enough to keep.
MozReview-Commit-ID: Kh1rUziVllo
--HG--
extra : rebase_source : c21a65694d6e1c42fd88f73632f7ac8f38d005ae
2017-03-14 15:26:27 +13:00
Andrea Marchesini
e9195daa8d
Bug 1345168 - Get rid of OriginAttributes::Inherit, r=tjr
2017-03-08 07:41:51 +01:00
Wei-Cheng Pan
510ba75c20
Bug 1310127 - Part 17: Use MOZ_MUST_USE in netwerk/protocol/http r=smaug
...
MozReview-Commit-ID: 5gvVZtsa3yS
--HG--
extra : rebase_source : 5e1ab2fc06ae58f18abb8909ac93f9512abbe220
2016-12-20 11:49:32 +08:00
Ursula Sarracini
6b1858e254
Bug 1340181 - Hide Activity Stream URL in URLbar r=fkiefer,mconley
...
MozReview-Commit-ID: F0P5tn2wyG
--HG--
extra : rebase_source : a9f766913b8340e12a4f526dc741e8ed752e6acf
2017-02-22 13:18:09 -05:00
Masatoshi Kimura
7be7b11a1c
Bug 1342144 - Remove version parameter from the type attribute of script elements. r=jmaher
...
This patch is generated by the following sed script:
find . ! -wholename '*/.hg*' -type f \( -iname '*.html' -o -iname '*.xhtml' -o -iname '*.xul' -o -iname '*.js' \) -exec sed -i -e 's/\(\(text\|application\)\/javascript\);version=1.[0-9]/\1/g' {} \;
MozReview-Commit-ID: AzhtdwJwVNg
--HG--
extra : rebase_source : e8f90249454c0779d926f87777f457352961748d
2017-02-23 06:10:07 +09:00
Joel Maher
51bcce91f3
Bug 1316305 - Intermittent dom/security/test/csp/test_upgrade_insecure.html. disabled on osx. r=gbrown
...
MozReview-Commit-ID: FyX1wqxhyT7
2017-02-24 12:33:21 -05:00
Kate McKinley
c69d150710
Bug 1339669 - Update security.mixed_content.hsts_priming_cache_timeout default r=mayhemer
...
MozReview-Commit-ID: CNFrPUyrdO8
--HG--
extra : rebase_source : 858da20cf65369ede5908b07921dfba501956b84
2017-02-16 10:48:59 +09:00
Jonathan Hao
c23b7c4dcc
Bug 1323644
- Isolate the HSTS and HPKP storage by first party domain (DOM/DocShell) r=baku,ckerschb
...
MozReview-Commit-ID: AZUfZffsLxu
--HG--
extra : rebase_source : bcd831e5ba7e92dd142747dccacba5cd34da016e
2017-02-14 10:29:24 +08:00
Xidorn Quan
3e72a08b95
Bug 1339394 - Don't serialize transparent color to transparent keyword when not necessary. r=heycam,jaws
...
MozReview-Commit-ID: 59cmaCoFJMR
--HG--
extra : rebase_source : 3b927d3c056b66e98f457de1726cf9d459eb8708
2017-02-16 10:26:13 +11:00
Tom Tromey
5f8f360823
Bug 1060419 - make log_print use Printf.h, r=froydnj
...
MozReview-Commit-ID: BIZ1GQEZ1vs
--HG--
extra : rebase_source : 2f1f0aa12493c44f352d9a7e8683e7bb72d2d75b
2016-12-15 20:16:31 -07:00
Ben Kelly
0e176007bb
Bug 1322111 P1 Add TYPE_INTERNAL_WORKER_IMPORT_SCRIPTS content policy type. r=ckerschb
2017-02-15 09:55:58 -05:00
Carsten "Tomcat" Book
4bb208b812
Backed out changeset 4a964c3f1759 (bug 1339394) for suspicion of causing failures on OS X browser_selectpopup.js tests
2017-02-15 14:43:57 +01:00
Xidorn Quan
8a139d9ab8
Bug 1339394 - Don't serialize transparent color to transparent keyword when not necessary. r=heycam
...
MozReview-Commit-ID: 59cmaCoFJMR
--HG--
extra : source : 6c2a110bb5f4c7d4b1efd81a5cf03878291f7591
extra : amend_source : e2cdd8e042f99c53dceb69e02b422d62cdc01e1f
2017-02-15 20:47:26 +11:00
Ben Kelly
564ce2618f
Bug 1338304 P1 Make nsCSPService cancel the channel if a redirect is blocked by CSP. r=ckerschb
2017-02-14 10:06:38 -05:00
Tooru Fujisawa
6582faf6eb
Bug 1338251 - Remove remaining legacy generator from dom/security/test/hsts/. r=smaug
2017-02-11 01:53:23 +09:00
Tim Huang
756cf900c9
Bug 1336802 - Part 2: Updating the whole code base to make sure nsILoadInfo get null check. r=smaug
...
--HG--
extra : rebase_source : 22149fd540fd02119afe9fe5c9a815d01cf959c1
2017-02-07 11:49:34 +08:00
Carsten "Tomcat" Book
bb03ec5d0c
Merge mozilla-central to autoland
2017-02-08 11:32:21 +01:00
Kate McKinley
af9b4969e3
Bug 1334838 - Avoid matching same host with a non-test URI a=testonly r=ckerschb
...
MozReview-Commit-ID: 7Ok7FXFtMoH
--HG--
extra : rebase_source : 99e6beac73e043e9d6174277ab9458fe8d7556c7
2017-02-08 11:28:29 +08:00
Franziskus Kiefer
456a4733d7
Bug 1336654 - update expired certs and signatures for content signature tests, r=mgoodwin
...
--HG--
extra : rebase_source : ec6a62f2f8d651f6e2cc8d4dade93d9647d03a10
2017-02-06 10:07:49 +01:00
Wes Kocher
f9c7eaa259
Bug 1336654 - Skip the suddenly permafailing tests to reopen the tree a=me CLOSED TREE
...
MozReview-Commit-ID: 1KLjbaojvYc
2017-02-03 17:17:51 -08:00
Andrea Marchesini
43b97e9ea3
Bug 1288768 - Better error reporting for network errors in workers - WPT, r=bz
2017-01-28 15:40:08 +01:00
Phil Ringnalda
5d4072a82c
Merge m-i to m-c, a=merge
2017-01-28 13:09:00 -08:00
Phil Ringnalda
439b10ced6
Backed out 2 changesets (bug 1288768) for wptlint failure
...
Backed out changeset 3361d527f683 (bug 1288768)
Backed out changeset d8b8219c20d6 (bug 1288768)
2017-01-28 08:10:26 -08:00
Andrea Marchesini
cab859bea8
Bug 1288768 - Better error reporting for network errors in workers - WPT, r=bz
2017-01-28 15:40:08 +01:00
Kate McKinley
0baeefeea1
Bug 1328460 - Don't send priming to IP or non-standard ports r=ckerschb
...
MozReview-Commit-ID: GLyLfp8gqYt
--HG--
extra : rebase_source : f722504803ed63c5d3be9b84d5053cb1abea984e
2017-01-23 14:01:43 -08:00
Florian Quèze
b11907c7aa
Bug 1334156 - script-generated patch to replace .ownerDocument.defaultView with .ownerGlobal, r=jaws.
2017-01-27 10:51:03 +01:00
Florian Quèze
2cf30507bd
Bug 1334261 - script-generated patch to remove more newURI null parameters, r=jaws.
2017-01-27 10:51:02 +01:00
Florian Quèze
be4dbae285
Bug 1334199 - script-generated patch to omit getComputedStyle's second argument when it's falsy, r=jaws.
2017-01-27 10:51:02 +01:00
Wes Kocher
3317135d5c
Backed out 3 changesets (bug 1073952) for test_iframe_srcdoc.html failures a=backout
...
Backed out changeset e63233859ee1 (bug 1073952)
Backed out changeset 5534087efac3 (bug 1073952)
Backed out changeset 1e631015acc8 (bug 1073952)
MozReview-Commit-ID: Fmrv8mz4HYI
2017-01-27 10:37:05 -08:00
Joel Maher
2c0ed9cf64
Bug 1334242 - add BUG_COMPONENT to dom/security/* files. r=ckerschb
...
MozReview-Commit-ID: EeYWpLBI5G5
2017-01-27 08:18:50 -05:00
Frederik Braun
d15c007015
Bug 1073952 - Part 2 - tests for iframe sandbox srcdoc and data URIs with CSP r=ckerschb,dveditz
...
MozReview-Commit-ID: DPJRqEut5pu
2017-01-27 01:05:00 +01:00
Frederik Braun
f72672a461
Bug 1073952: inherit CSP into iframe sandbox srcdoc r=ckerschb,dveditz
...
MozReview-Commit-ID: KTzCLoDfYnd
2017-01-27 01:05:00 +01:00
Brendan Dahl
b27f51d095
Bug 1277102 - Use nsIDocShellTreeItem::ItemType during nsCSPContext::PermitsAncestry. r=ckerschb
2017-02-01 14:58:00 -05:00
Christoph Kerschbaumer
52276acb40
Bug 1271173 - Test upgrade-insecure-requests for navigational requests. r=smaug,freddyb
2016-05-09 13:37:49 +02:00
Christoph Kerschbaumer
e7473c84f8
Bug 1329288: Allow content policy consumers to identify contentPolicy checks from docshell. r=bz,kmaglione
2017-01-22 18:05:03 +01:00
Christoph Kerschbaumer
dd581118f0
Bug 1329288 - Test ContentPolicy blocks opening a new window. r=smaug
2017-01-22 17:42:42 +01:00