This patch includes the implementation of propagating declared playback state from the media session in the content process to the media session controller in the chrome process.
Differential Revision: https://phabricator.services.mozilla.com/D66341
--HG--
extra : moz-landing-system : lando
Before this patch, PSM would register content type handlers to handle certain
certificate types. This was an easy way to install a client certificate after
generating a key with <keygen>, but keygen has been removed. This was also an
easy way to install root certificates, but that's actually a considerable
security risk. We kept this functionality for so long because it was the only
way to add a 3rd-party root certificate to Fennec's certificate store. Now that
Fennec is EOL, we can remove it. (Fenix will need a way to trust 3rd party root
certificates, but the path forward there is to implement the enterprise roots
feature for Android.)
Differential Revision: https://phabricator.services.mozilla.com/D66118
--HG--
extra : moz-landing-system : lando
For Win32k lockdown, we need to remove the content processes' ability to
call GetICMProfileW(). Since it needs this to retrieve the output color
profile, a new synchronous call is added that allows it to request the
parent process to read this file on its behalf.
The contents of the file are now being cached as well, as this should help
ease some of the increased parent process I/O caused by the children not
being able to do this in their process anymore.
Differential Revision: https://phabricator.services.mozilla.com/D66126
--HG--
extra : moz-landing-system : lando
AudioSession, which handles things like making sure that the volume slider in the system tray has the right name and icon and is aligned for all processes, is not needed in content processes any longer since bug 1432303 remoted audio use away from content.
Differential Revision: https://phabricator.services.mozilla.com/D64445
--HG--
extra : moz-landing-system : lando
Crash annotations in content processes are currently sent over IPC via
shared memory buffers. To pave the way for the Rust rewrite of the exception
handler we are removing this code and gathering all the crash annotations
within the content processes themselves. This patch causes annotations to be
stored in the global table of each content process. They are then streamed
out to the parent process by the exception handler together with the
exception-time annotations.
This has a number of benefits:
* we have one less channel to exchange data between content processes and
the parent process
* we save memory because we don't need to allocate the shared memory buffers
* annotations are faster because we don't stream them all out every time one
changes
* we won't truncate annotations anymore if we run out of space in the shared
segment.
* we don't need delayed annotations anymore, so we can get rid of the
associated machinery
As I refactored the code I tried to adjust all the obsolete comments,
consolidate shared code and remove the redundant steps that were sometimes
present. In many places we had two entire crash annotation tables we merged to
change just a couple; that comes from the fact that historically we loaded
them from disk. Now it doesn't matter anymore and we can just go ahead and
change the ones we care about.
Differential Revision: https://phabricator.services.mozilla.com/D62586
--HG--
extra : moz-landing-system : lando
WalkHistoryEntries function gets called by nsSHistory::CloneAndReplaceChild
and nsSHistory::SetChildHistoryEntry recursively, so those have to be moved
into the parent process. This eliminates many sync IPC calls.
To facilitate transition to a new session history design,
we are mirroring mOSHE and mLSHE SH entries from docshell to browsing context.
Whenever we update those entries in docshell, we will also update those in BC,
and vice versa.
Differential Revision: https://phabricator.services.mozilla.com/D56201
--HG--
extra : moz-landing-system : lando
Whenever media session's metadata changes in the content process, we would like to propogate the updated metadata to the media controller in the parent process in order to show that in the virtual media control interface, which would only be set in the chrome process.
Differential Revision: https://phabricator.services.mozilla.com/D64846
--HG--
extra : moz-landing-system : lando
Given that we are going to add ContentBlockingAllowList in
CookieSettings, so CookieSettings will be responsible for more stuff than the
cookie behavior and cookie permission. We should use a proper name to
reflect the purpose of it. The name 'CookieSettings' is misleading that
this is only for cookie related stuff. So, we decide to rename
'CookieSettins' to 'CookieJarSettings' which serves better meaning here.
Differential Revision: https://phabricator.services.mozilla.com/D63935
--HG--
rename : netwerk/cookie/CookieSettings.cpp => netwerk/cookie/CookieJarSettings.cpp
rename : netwerk/cookie/nsICookieSettings.idl => netwerk/cookie/nsICookieJarSettings.idl
extra : moz-landing-system : lando
Now that we're guaranteed to not have an existing ClientSource in the old process, we no longer need to allocate a new ClientInfo in the new process.
This lets us just create a ClientSource around the ClientInfo already on the channel (exactly as we do for same-process loads), and we no longer need to reconcile changes with the parent.
Differential Revision: https://phabricator.services.mozilla.com/D63808
--HG--
extra : moz-landing-system : lando
These serializers have been superceded by the new
MaybeDiscarded<BrowsingContext> and MaybeDiscarded<WindowContext> serializers
added in earlier parts.
Differential Revision: https://phabricator.services.mozilla.com/D62838
--HG--
extra : moz-landing-system : lando
Update media session status from the content process to the chrome process in order to track all alive media session.
Differential Revision: https://phabricator.services.mozilla.com/D60936
--HG--
extra : moz-landing-system : lando
clang-10 hits a -Werror in IPDL headers about Principal's copy constructor not being explicitly defined. We could go and fix that constructor, but in light of bug 1443956, I'm guessing it's not really a bad thing to have a discouragement against Principal when nsIPrincipal is now usable directly.
Differential Revision: https://phabricator.services.mozilla.com/D62284
--HG--
extra : moz-landing-system : lando
ServiceWorkerShutdownState encapsulates the shutdown progress for a particular
ServiceWorker. The shutdown process involves a "shutdown message" passing
multiple threads in both parent/content processes; we report a progress update
when it's known that a shutdown message has reached a particular thread. The
idea is that in the event of a shutdown timeout, ServiceWorkerShutdownBlocker
will be able to provide diagnostics for where shutdown processes are stalled.
Differential Revision: https://phabricator.services.mozilla.com/D60791
--HG--
extra : moz-landing-system : lando
ServiceWorkerShutdownState encapsulates the shutdown progress for a particular
ServiceWorker. The shutdown process involves a "shutdown message" passing
multiple threads in both parent/content processes; we report a progress update
when it's known that a shutdown message has reached a particular thread. The
idea is that in the event of a shutdown timeout, ServiceWorkerShutdownBlocker
will be able to provide diagnostics for where shutdown processes are stalled.
Differential Revision: https://phabricator.services.mozilla.com/D60791
--HG--
extra : moz-landing-system : lando
1. Rename mCallerDocumentURI field of PostMessageEvent to mCallerURI as we
might not always have a document, e.g. when we have a sandbox.
2. When we neither have caller's inner window (and thus we have no caller's
window ID) nor caller's URI, use script location as a source name for the error
object when reporting errors to console.
3. When the caller of postMessage has its window in a different process, pass along
the caller's window ID so that the error can be reported correctly.
Differential Revision: https://phabricator.services.mozilla.com/D59526
--HG--
extra : moz-landing-system : lando
Under some (yet) unclear conditions it's possible for a content
process to send session storage data for a browsing context that's
already been discarded. This leads to an assertion failure when
deserializing the IPC message. This commit works around this issue
by sending the browsing context's ID over IPC and issuing a warning
instead of asserting that the browsing context still exists.
Differential Revision: https://phabricator.services.mozilla.com/D59096
--HG--
extra : moz-landing-system : lando
Modify IPC method to support notify `ControlledMediaState` to the media controller, and remove the previous implementation.
Differential Revision: https://phabricator.services.mozilla.com/D57572
--HG--
extra : moz-landing-system : lando
Granted origins cause a third-party tracker browsing context to not get
full first-party storage access after successfully calling the storage
access API or a heuristic granting ephemeral access.
For example, after https://tracker.example calls the storage access API
successfully in the third-party context, they embed
https://other-tracker.example, and that load fails because of ETP
restrictions. Here what happens is that https://other-tracker.example
is mistakenly considered the granted origin, and because such a
permission doesn't exist, access is denied.
Differential Revision: https://phabricator.services.mozilla.com/D57493
--HG--
extra : moz-landing-system : lando
Add a document.addCertException function to about:certerror pages, and use it on the desktop certerror page.
Also, as the CallerIsTrusted* functions expect URLs like about:certerror, but GeckoView error pages are data URLs, and so need to be handled differently for these special error-page methods to be exposed on their documents.
Example usage of document.addCertException:
document.addCertException(
true|false /* true == temporary, false == permanent */
).then(
() => {
location.reload();
},
err => {
console.error(err);
}
);
Differential Revision: https://phabricator.services.mozilla.com/D56974
--HG--
extra : moz-landing-system : lando
Granted origins cause a third-party tracker browsing context to not get
full first-party storage access after successfully calling the storage
access API or a heuristic granting ephemeral access.
For example, after https://tracker.example calls the storage access API
successfully in the third-party context, they embed
https://other-tracker.example, and that load fails because of ETP
restrictions. Here what happens is that https://other-tracker.example
is mistakenly considered the granted origin, and because such a
permission doesn't exist, access is denied.
Differential Revision: https://phabricator.services.mozilla.com/D57493
--HG--
extra : moz-landing-system : lando
Granted origins cause a third-party tracker browsing context to not get
full first-party storage access after successfully calling the storage
access API or a heuristic granting ephemeral access.
For example, after https://tracker.example calls the storage access API
successfully in the third-party context, they embed
https://other-tracker.example, and that load fails because of ETP
restrictions. Here what happens is that https://other-tracker.example
is mistakenly considered the granted origin, and because such a
permission doesn't exist, access is denied.
Differential Revision: https://phabricator.services.mozilla.com/D57493
--HG--
extra : moz-landing-system : lando
Add a document.addCertException function to about:certerror pages, and use it on the desktop certerror page.
Also, as the CallerIsTrusted* functions expect URLs like about:certerror, but GeckoView error pages are data URLs, and so need to be handled differently for these special error-page methods to be exposed on their documents.
Example usage of document.addCertException:
document.addCertException(
true|false /* true == temporary, false == permanent */
).then(
() => {
location.reload();
},
err => {
console.error(err);
}
);
Differential Revision: https://phabricator.services.mozilla.com/D56974
--HG--
extra : moz-landing-system : lando
alwu
Mihai Alexandru Michis
Dana Keeler
Chris Martin
David Parks
Henri Sivonen
Kashav Madan
Bogdan Tara
Gabriele Svelto
Anny Gakhokidze
Jonathan Kew
Tim Huang
Matt Woodrow
Andrew McCreight
Ciure Andrei
Nika Layzell
David Major
Perry Jiang
Narcis Beleuzu
Dimi Lee
Andreas Farre
pbz
Andrea Marchesini
Yaron Tausky
Ehsan Akhgari
Gurzau Raul
Thomas Wisniewski
Cosmin Sabou
Oana Pop Rus