Граф коммитов

64 Коммитов

Автор SHA1 Сообщение Дата
Jon Coppeard f47569e9d9 Bug 1654523 - Insist that iteration callbacks don't GC r=sfink,mccr8
Differential Revision: https://phabricator.services.mozilla.com/D84500
2020-07-23 02:31:57 +00:00
Simon Giesecke cd8b8939b9 Bug 1648010 - Replace uses of NS_LITERAL_STRING/NS_LITERAL_CSTRING macros by _ns literals. r=geckoview-reviewers,jgilbert,agi,hsivonen,froydnj
Differential Revision: https://phabricator.services.mozilla.com/D80860
2020-07-01 08:29:29 +00:00
Kris Maglione 6aa06b33a7 Bug 1645510: Part 2 - Avoid using the unprivileged junk scope where possible. r=bholley
Differential Revision: https://phabricator.services.mozilla.com/D79720
2020-06-27 03:06:28 +00:00
Sylvestre Ledru 03a5604053 Bug 1643347 - set hasFlag default value to avoid a -Wuninitialized-const-reference warning in ContentPrincipal.cpp r=dmajor
Differential Revision: https://phabricator.services.mozilla.com/D78289
2020-06-04 14:46:32 +00:00
Cosmin Sabou a02a553ad4 Backed out changeset 8523af037d8f (bug 1629763) for causing assertion failures on WorkerPrivate.cpp. CLOSED TREE 2020-04-14 16:03:09 +03:00
Andrea Marchesini 2be753c938 Bug 1629763 - ContentPrincipal::GetBaseDomain returns a void-string for resource: URIs, r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D70804

--HG--
extra : moz-landing-system : lando
2020-04-14 08:47:48 +00:00
Michal Novotny 2a483b2bc4 Bug 1622409 - Put FTP code behind a pref r=marionette-reviewers,valentin,whimboo,mixedpuppy
Disables FTP protocol handler on nightly. FTP scheme is handled by external protocol handler if it isn't explicitly disabled with preference network.protocol-handler.external.ftp = false.

Differential Revision: https://phabricator.services.mozilla.com/D68974

--HG--
extra : moz-landing-system : lando
2020-04-07 19:49:26 +00:00
Sebastian Streich c7989b585d Bug 1621310 - Remove geturi in ContentPrincipal.cpp r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D66250

--HG--
extra : moz-landing-system : lando
2020-03-12 19:47:56 +00:00
Sebastian Streich 8b390d55c7 Bug 1601941 - Refactor GetURI usage in nsScriptSecurityManager.cpp r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D56185

--HG--
extra : moz-landing-system : lando
2019-12-11 16:21:18 +00:00
Nathan Froyd c4d5bb1a19 Bug 1600963 - remove some duplicate includes from ContentPrincipal.cpp; r=mccr8
Depends on D55689

Differential Revision: https://phabricator.services.mozilla.com/D55690

--HG--
extra : moz-landing-system : lando
2019-12-03 17:30:26 +00:00
Tom Schuster 0e913c22c4 Bug 1558915 - Use infallible nsIURI::SchemeIs in various places r=Ehsan
Differential Revision: https://phabricator.services.mozilla.com/D40677

--HG--
extra : moz-landing-system : lando
2019-08-07 19:49:40 +00:00
Cosmin Sabou c3430326e6 Backed out changeset ca88862d6b63 (bug 1558915) for causing build bustages on StartupCacheUtils. CLOSED TREE 2019-08-07 13:20:32 +03:00
Tom Schuster 8bc1f5ada8 Bug 1558915 - Use infallible nsIURI::SchemeIs in various places r=Ehsan
Differential Revision: https://phabricator.services.mozilla.com/D40677

--HG--
extra : moz-landing-system : lando
2019-08-07 09:36:56 +00:00
Razvan Maries eedbf1137f Backed out changeset b197ca57677a (bug 1558915) for build bustages. CLOSED TREE 2019-08-07 01:04:43 +03:00
Tom Schuster 03c7998ef2 Bug 1558915 - Use infallible nsIURI::SchemeIs in various places r=Ehsan
Differential Revision: https://phabricator.services.mozilla.com/D40677

--HG--
extra : moz-landing-system : lando
2019-08-06 20:19:41 +00:00
Jonathan Kingston 31441f82ea Bug 1560455 - rename CodebasePrincipal to ContentPrincipal. r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D35504

--HG--
extra : moz-landing-system : lando
2019-07-08 16:37:45 +00:00
Jonathan Kingston a9be4620ee Bug 1508939 - cpp serialization r=ckerschb,mccr8,mikedeboer
Migrating to pure Cpp

Differential Revision: https://phabricator.services.mozilla.com/D29221

--HG--
extra : moz-landing-system : lando
2019-06-03 12:37:12 +00:00
Sylvestre Ledru d57d4905f1 Bug 1519636 - Reformat recent changes to the Google coding style r=Ehsan
# ignore-this-changeset

Differential Revision: https://phabricator.services.mozilla.com/D30883

--HG--
extra : moz-landing-system : lando
2019-05-25 17:46:15 +00:00
arthur.iakab af8e458c5f Backed out changeset a296439a25ff (bug 1519636) for frequent Windows cppunit failures CLOSED TREE 2019-05-24 14:26:01 +03:00
Sylvestre Ledru c82ea97226 Bug 1519636 - Reformat recent changes to the Google coding style r=Ehsan
# ignore-this-changeset

Differential Revision: https://phabricator.services.mozilla.com/D30883

--HG--
extra : moz-landing-system : lando
2019-05-24 09:59:17 +00:00
Christoph Kerschbaumer b633427366 Bug 965637: Move CSP from Principal into Client, part 1: backend changes. r=mccr8
Differential Revision: https://phabricator.services.mozilla.com/D27654

--HG--
extra : moz-landing-system : lando
2019-05-21 23:14:27 +00:00
Sylvestre Ledru 4aa92e3091 Bug 1519636 - Reformat recent changes to the Google coding style r=Ehsan
# ignore-this-changeset

Differential Revision: https://phabricator.services.mozilla.com/D22514
2019-03-13 10:19:06 +01:00
Jan Varga 4ecb0bc14c Bug 1526891 - Part 2: Make it possible to use MozURL by QuotaManager for all URIs (instead of using nsIPrincipal); r=nika,asuth
Differential Revision: https://phabricator.services.mozilla.com/D20906
2019-02-23 10:13:08 +01:00
Jan Varga ecbb521e47 Bug 1526891 - Part 1: Change handling of indexeddb:// from simple URI to standard URL; r=asuth
Differential Revision: https://phabricator.services.mozilla.com/D20905
2019-02-23 04:20:29 +01:00
Ryan Hunt 945f9686c0 Bug 1523969 part 2 - Move method definition inline comments to new line in 'caps/'. r=bzbarsky
Differential Revision: https://phabricator.services.mozilla.com/D21102

--HG--
extra : rebase_source : b425a584c7f754a52a32362ea08ebcecc5941c78
2019-02-25 16:03:35 -06:00
Boris Zbarsky 36e6030c74 Bug 1514050 part 2. Stop recomputing cross-compartment wrappers on document.domain changes. r=bholley
The change to test_clonewrapper.xul is because in the new setup we've already
tried handing an object across origins via chrome code, so it has a cached
(opaque) wrapper.  When we set document.domain and pass the same object again,
we end up picking up the cached wrapper when we try to wrap across the
compartment boundary, so don't grant access when perhaps we should...

This does lead to a possible spec violation in the following situation:

1) Two documents (A, B) start out same-site but different-origin.
2) Privileged code (system or extension) puts a reference to an object from
site A into site B.  This object gets an opaque CCW.
3) Both sites set document.domain to become same-effective-script-origin and
then site B goes through the site A Window and the object graph hanging off it
and gets to the object involved.  It gets an opaque CCW when it should have a
transparent CCW.

We could fix this if we kept recomputing wrappers on document.domain change and
just fixed the compartment filter used by the recomputation.  But this seems
like a pretty rare situation, and not one web sites can get into without an
assist from a somewhat buggy extension or system code, so let's see whether we
can just live with it and remove the recomputation.

Differential Revision: https://phabricator.services.mozilla.com/D18032

--HG--
extra : moz-landing-system : lando
2019-01-30 19:02:34 +00:00
Gijs Kruitbosch ceecd61c16 Bug 1515863, r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D15221

--HG--
extra : rebase_source : 64431f64e9af7a961ffcd47c7b8e01dbecc71b07
2018-12-21 11:56:47 +00:00
Jan de Mooij cccc414b7a Bug 1512029 part 1 - Stop calling JS_GetCompartmentPrincipals for system compartments. r=bzbarsky
Because it release-asserts the compartment has a single realm.

I also renamed JS_GetCompartmentPrincipals to JS_DeprecatedGetCompartmentPrincipals
to discourage people from using it.

Differential Revision: https://phabricator.services.mozilla.com/D14252

--HG--
extra : moz-landing-system : lando
2018-12-16 14:59:46 +00:00
Sylvestre Ledru 265e672179 Bug 1511181 - Reformat everything to the Google coding style r=ehsan a=clang-format
# ignore-this-changeset

--HG--
extra : amend_source : 4d301d3b0b8711c4692392aa76088ba7fd7d1022
2018-11-30 11:46:48 +01:00
Jan Varga de23109c58 Bug 1286798 - Part 21: Base domain needs to be handled too if strict file origin policy is not in effect; r=bholley,asuth,dholbert 2018-11-29 21:48:22 +01:00
Boris Zbarsky b88f0dc956 Bug 1507540 part 1. Use more notxpcom attributes in caps/. r=mrbkap 2018-11-19 20:17:52 -05:00
Jan de Mooij cfc1f8fa90 Bug 1491728 - Fix ContentPrincipal::GetSiteOrigin to handle IPv6 addresses correctly. r=bzbarsky
The problem is that we used ThirdPartyUtil.getBaseDomain and for IP addresses that
returns the host, and for IPv6 addresses GetHost strips the '[' and ']' brackets.
Then when we passed that IP address to SetHost, we failed because SetHost wants
the brackets to be present.

This patch changes GetSiteOrigin to call getBaseDomain on the TLD service instead,
so we can handle this case ourselves by not calling SetHost when we have an IP
address. GetBaseDomain still uses ThirdPartyUtil.

I tried to add a test for this (with an iframe + postMessage) but the mochitest
http server doesn't support IPv6.

Differential Revision: https://phabricator.services.mozilla.com/D6523

--HG--
extra : moz-landing-system : lando
2018-10-01 12:16:39 +00:00
Andrea Marchesini d654a2915d Bug 1422456 - Origin for about: URL should not contain query or ref parts, r=smaug 2018-09-14 20:07:22 +02:00
Jan de Mooij cb90b553cd Bug 1487032 - Store origin/site info in CompartmentPrivate. r=bholley
This will let us answer the following questions (in a performant way):

1) What's the compartment's origin? Necessary to implement compartment-per-origin.
2) What's the origin's site? Necessary for the new Wrap() algorithm.
3) Has any realm in the compartment set document.domain? Necessary for the new Wrap() algorithm.

Differential Revision: https://phabricator.services.mozilla.com/D5423

--HG--
extra : moz-landing-system : lando
2018-09-11 09:01:14 +00:00
Jan de Mooij 9a0c648a30 Bug 1489196 - Don't call SetDomain in ContentPrincipal::Read. r=bholley
This fixes two issues:

1) We no longer SetHasExplicitDomain() when the domain is null.
2) We avoid the unnecessary (because new principal) wrapper recomputation.

Differential Revision: https://phabricator.services.mozilla.com/D5160

--HG--
extra : moz-landing-system : lando
2018-09-06 16:40:56 +00:00
Nika Layzell 933f7fe4d4 Bug 1485177 - Add |siteOrigin| information to nsIPrincipal r=Ehsan
Differential Revision: https://phabricator.services.mozilla.com/D4140

--HG--
extra : moz-landing-system : lando
2018-09-05 03:22:16 +00:00
Tiberius Oros 2fe7330f2d Backed out changeset 33c7b0ea5caa (bug 1485177) for assertion failure at builds/worker/workspace/build/src/caps/ContentPrincipal.cpp on a CLOSED TREE 2018-09-01 05:06:55 +03:00
Nika Layzell 452350d97c Bug 1485177 - Add |siteOrigin| information to nsIPrincipal, r=Ehsan
Differential Revision: https://phabricator.services.mozilla.com/D4140

--HG--
extra : moz-landing-system : lando
2018-09-01 00:52:00 +00:00
Jorg K ba1be252a0 Bug 1478441 - Introduce nsIURIWithSpecialOrigin needed for Thunderbird. r=baku 2018-07-31 11:27:00 +03:00
Andrea Marchesini f6768a8ff6 Bug 1228139 - Remove nsIURIWithPrincipal - part 3 - main part, r=bz
nsIURIWithPrincipal is currently used to retrieve the nsIPrincipal from a
BlobURL object.  BlobURLProtocolHandler has a hashtable containing, for each
blobURL, a BlobImpl and its nsIPrincipal. This patch introduces
BlobURLProtocolHandler::GetBlobURLPrincipal() that retrieves the nsIPrincipal
from this hashtable.

This patch fixes also a bug in how the revocation of blobURLs is broadcasted to
other processes. This should be done immediately because each process creates
its own timer to revoke them after 5 seconds.

An important change is related to NS_SecurityCompareURIs() where, if 1 (or
both) of the 2 URIs to compare, is a revoked BlobURL, we will QI its URL to
nsIStandardURL and fail out at that point.
2018-07-24 22:15:57 +02:00
Andrea Marchesini 212fc6788b Bug 1228139 - Remove nsIURIWithPrincipal - part 1 - Use of NullPrincipal when nsIURIWithPrincipal.getPrincipal() returns a nullptr, r=bz 2018-07-24 22:15:17 +02:00
Gijs Kruitbosch faf68417dc Bug 1461407 - make about:home unlinkable again and improve behavior of serialized principals across changes to URLs, r=bz,Mardak,mikedeboer
Making about:home unlinkable changes its URL structure. Prior to this change,
it is a nested URL. After this change, it no longer is.

We store serialized versions of principals in some cases. These include
details about whether the URI is nested etc. This is problematic for the
about:home change because the change in nesting changes the origin of the
page, so the origin  would mismatch between the principal and its URL.
To avoid this, we always re-create URIs for about: URIs when deserializing
them from strings, ensuring we don't create bogus principals.

MozReview-Commit-ID: 87zVUFgbusn

--HG--
extra : rebase_source : a7ad0dc3b1ea39521517da648f234d35d9a1729f
2018-05-14 22:04:49 +01:00
Valentin Gosu bd4365d7e7 Bug 1448058 - Remove nsIMutable from URI implementations r=mayhemer
* Also removes NS_TryToMakeImmutable, NS_TryToSetImmutable, URIIsImmutable
* NS_EnsureSafeToReturn, nsINetUtil.toImmutableURI

MozReview-Commit-ID: 5eFtFm2CQt7

--HG--
extra : rebase_source : 1f3d23ec646883e76844d42113bc1c71c01a1ad7
2018-05-09 18:21:24 +02:00
Chris Peterson 71422dcaa9 Bug 1457813 - Part 2: Replace non-asserting NS_PRECONDITIONs with MOZ_ASSERTs. r=froydnj
s/NS_PRECONDITION/MOZ_ASSERT/ and reindent

MozReview-Commit-ID: KuUsnVe2h8L

--HG--
extra : source : c14655ab3df2c9b1465dd8102b9d25683359a37b
2018-04-28 12:50:58 -07:00
Jason Orendorff e7c94fff59 Bug 1439063 - Part 1: Move several public headers from js/src to js/public. r=jandem.
js/src/jsalloc.h -> js/public/AllocPolicy.h
jsalloc.cpp -> js/src/util/AllocPolicy.cpp
jsbytecode.h -> merge into js/public/TypeDecls.h
jsprf.h -> js/public/Printf.h
jsprf.cpp -> js/src/util/Printf.cpp
jsprototypes.h -> public/ProtoKey.h
jswrapper.h -> js/Wrapper.h

--HG--
rename : js/src/jsalloc.h => js/public/AllocPolicy.h
rename : js/src/jsprf.h => js/public/Printf.h
rename : js/src/jsprototypes.h => js/public/ProtoKey.h
rename : js/src/jswrapper.h => js/public/Wrapper.h
rename : js/src/jsalloc.cpp => js/src/util/AllocPolicy.cpp
rename : js/src/jsprf.cpp => js/src/util/Printf.cpp
extra : rebase_source : 98b16d94c469202eab0303a8da844f1d0b6aa809
extra : amend_source : e0b16c1077226d6fe240f4d7096537f93b43f2b8
extra : histedit_source : d94e0ba7904a7d66742c7fac43f638aaec4fa4e5
2018-02-21 10:30:19 -06:00
Andrew McCreight 589eaa7bb4 Bug 1434952 - Remove signed.applets.codebase_principal_support pref. r=mrbkap
MozReview-Commit-ID: K8nic9kw8gF

--HG--
extra : rebase_source : 2f99d4594c88a4e6f38cbe740af8e10a5a528a81
2018-02-01 12:44:59 -08:00
Kris Maglione b3ba0520ee Bug 1396449: Part 1 - Use WebExtensionPolicy objects in extension content principals. r=krizsa
Going through the extension policy service rather than using
WebExtensionPolicy objects directly adds a lot of unnecessary overhead to
common operations on extension principals, and also makes the code more
complicated than it needs to be.

We also use weak references to policy objects here, since principals should
ideally lose as much of their elevated privileges as possible once the
extension instance that created them has been destroyed (which is something we
couldn't handle easily when we simply tracked ID strings).

MozReview-Commit-ID: KDNvVdvLkIt

--HG--
extra : rebase_source : 1b567919d2461bd0315d1a7d89f330cbd585f579
2017-09-05 11:04:43 -07:00
Jorg K e09c6c1b10 Bug 1353204 - Follow-up: Use entire spec for origin for Thunderbird. r=bz
--HG--
extra : rebase_source : a1847772dc26a5042e9cd71b066e0d5843daf4de
2017-04-10 14:04:11 +02:00
Bobby Holley 564ee797a4 Bug 1353204 - Move the hostPort case after the nsIStandardURL check. r=bz
MozReview-Commit-ID: HIqxhEE41G0
2017-04-05 21:35:07 -07:00
Bobby Holley 4e4b492742 Bug 1353204 - Factor out the full-spec-to-origin machinery and use it if the Thunderbird-only flag is set. r=bz
MozReview-Commit-ID: 8acGT0n6O3X
2017-04-05 21:35:07 -07:00