From 40bbb212b001b945321a75ce96b0c1848b029507 Mon Sep 17 00:00:00 2001 From: Felipe Gomes Date: Wed, 22 Oct 2014 18:05:17 -0200 Subject: [PATCH 1/4] Bug 1068360 - [e10s] Fix mixed content doorhanger and enable its test under e10s. r=Mossop,mmc --- browser/base/content/content.js | 4 ++++ browser/base/content/test/general/browser.ini | 1 - browser/base/content/urlbarBindings.xml | 4 ++-- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/browser/base/content/content.js b/browser/base/content/content.js index de0a89dba55a..30351d937e2b 100644 --- a/browser/base/content/content.js +++ b/browser/base/content/content.js @@ -74,6 +74,10 @@ addMessageListener("Browser:Reload", function(message) { } }); +addMessageListener("MixedContent:ReenableProtection", function() { + docShell.mixedContentChannel = null; +}); + addEventListener("DOMFormHasPassword", function(event) { InsecurePasswordUtils.checkForInsecurePasswords(event.target); LoginManagerContent.onFormPassword(event); diff --git a/browser/base/content/test/general/browser.ini b/browser/base/content/test/general/browser.ini index 64e2ca7a0fa8..53527b1edda5 100644 --- a/browser/base/content/test/general/browser.ini +++ b/browser/base/content/test/general/browser.ini @@ -503,7 +503,6 @@ skip-if = e10s [browser_addCertException.js] skip-if = e10s # Bug ?????? - test directly manipulates content (content.document.getElementById) [browser_bug1045809.js] -skip-if = e10s # Bug 1068360 - [e10s] Mixed content blocker doorhanger doesn't work [browser_e10s_switchbrowser.js] [browser_blockHPKP.js] skip-if = e10s # bug ?????? - test directly manipulates content (content.document.getElementById) diff --git a/browser/base/content/urlbarBindings.xml b/browser/base/content/urlbarBindings.xml index f0a9893b8c6f..6cf6c8723a48 100644 --- a/browser/base/content/urlbarBindings.xml +++ b/browser/base/content/urlbarBindings.xml @@ -1853,8 +1853,8 @@ From f4be403c0851256471ec0b882994d4cf40201aa4 Mon Sep 17 00:00:00 2001 From: Margaret Leibovic Date: Fri, 19 Sep 2014 14:41:44 -0700 Subject: [PATCH 2/4] Bug 1042135 - Change three-state DNT back to two state and update text in Fennec. (r=liuche) * * * Bug 1042135 - Update robocop tests --- .../base/locales/en-US/android_strings.dtd | 6 +- .../android/base/resources/values/arrays.xml | 10 ---- .../resources/xml/preferences_privacy.xml | 10 ++-- mobile/android/base/strings.xml.in | 6 +- mobile/android/base/tests/StringHelper.java | 2 +- .../base/tests/testSettingsMenuItems.java | 2 +- mobile/android/chrome/content/browser.js | 56 +++++-------------- 7 files changed, 25 insertions(+), 67 deletions(-) diff --git a/mobile/android/base/locales/en-US/android_strings.dtd b/mobile/android/base/locales/en-US/android_strings.dtd index 5f1526de3e5d..4c90fd656e29 100644 --- a/mobile/android/base/locales/en-US/android_strings.dtd +++ b/mobile/android/base/locales/en-US/android_strings.dtd @@ -172,10 +172,8 @@ - - - - + + diff --git a/mobile/android/base/resources/values/arrays.xml b/mobile/android/base/resources/values/arrays.xml index 8285bb86ce2c..62b30adc650f 100644 --- a/mobile/android/base/resources/values/arrays.xml +++ b/mobile/android/base/resources/values/arrays.xml @@ -54,16 +54,6 @@ 0 1 2 - - - @string/pref_donottrack_disallow_tracking - @string/pref_donottrack_allow_tracking - @string/pref_donottrack_no_pref - - - 1 - 2 - 0 @string/bookmarks_title diff --git a/mobile/android/base/resources/xml/preferences_privacy.xml b/mobile/android/base/resources/xml/preferences_privacy.xml index fe7dc6402911..1b0378d6666d 100644 --- a/mobile/android/base/resources/xml/preferences_privacy.xml +++ b/mobile/android/base/resources/xml/preferences_privacy.xml @@ -8,11 +8,11 @@ android:title="@string/pref_category_privacy_short" android:enabled="false"> - + &pref_cookies_not_accept_foreign; &pref_cookies_disabled; - &pref_donottrack_menu; - &pref_donottrack_disallow_tracking; - &pref_donottrack_allow_tracking; - &pref_donottrack_no_pref; + &pref_donottrack_title; + &pref_donottrack_summary; &pref_char_encoding; &pref_char_encoding_on; diff --git a/mobile/android/base/tests/StringHelper.java b/mobile/android/base/tests/StringHelper.java index d0731830d94b..d33ba81bfc83 100644 --- a/mobile/android/base/tests/StringHelper.java +++ b/mobile/android/base/tests/StringHelper.java @@ -171,7 +171,7 @@ public class StringHelper { public static final String SHOW_PAGE_ADDRESS_LABEL = "Show page address"; // Privacy - public static final String TRACKING_LABEL = "Tracking"; + public static final String TRACKING_LABEL = "Do not track"; public static final String COOKIES_LABEL = "Cookies"; public static final String REMEMBER_PASSWORDS_LABEL = "Remember passwords"; public static final String MASTER_PASSWORD_LABEL = "Use master password"; diff --git a/mobile/android/base/tests/testSettingsMenuItems.java b/mobile/android/base/tests/testSettingsMenuItems.java index 6016ca52b449..ba874704818c 100644 --- a/mobile/android/base/tests/testSettingsMenuItems.java +++ b/mobile/android/base/tests/testSettingsMenuItems.java @@ -60,7 +60,7 @@ public class testSettingsMenuItems extends PixelTest { // Privacy menu items. String[] PATH_PRIVACY = { StringHelper.PRIVACY_SECTION_LABEL }; String[][] OPTIONS_PRIVACY = { - { StringHelper.TRACKING_LABEL, "Do not tell sites anything about my tracking preferences", "Tell sites that I do not want to be tracked", "Tell sites that I want to be tracked", "Do not tell sites anything about my tracking preferences" }, + { StringHelper.TRACKING_LABEL }, { StringHelper.COOKIES_LABEL, "Enabled", "Enabled, excluding 3rd party", "Disabled" }, { StringHelper.REMEMBER_PASSWORDS_LABEL }, { StringHelper.MASTER_PASSWORD_LABEL }, diff --git a/mobile/android/chrome/content/browser.js b/mobile/android/chrome/content/browser.js index e5301c11649a..aef3d56b0a2f 100644 --- a/mobile/android/chrome/content/browser.js +++ b/mobile/android/chrome/content/browser.js @@ -198,12 +198,6 @@ const kDefaultCSSViewportHeight = 480; const kViewportRemeasureThrottle = 500; -const kDoNotTrackPrefState = Object.freeze({ - NO_PREF: "0", - DISALLOW_TRACKING: "1", - ALLOW_TRACKING: "2", -}); - let Log = Cu.import("resource://gre/modules/AndroidLog.jsm", {}).AndroidLog; // Define the "dump" function as a binding of the Log.d function so it specifies @@ -838,6 +832,20 @@ var BrowserApp = { Services.prefs.clearUserPref("plugins.click_to_play"); } + // Migrate the "privacy.donottrackheader.value" pref. See bug 1042135. + if (Services.prefs.prefHasUserValue("privacy.donottrackheader.value")) { + // Make sure the doNotTrack value conforms to the conversion from + // three-state to two-state. (This reverts a setting of "please track me" + // to the default "don't say anything"). + if (Services.prefs.getBoolPref("privacy.donottrackheader.enabled") && + (Services.prefs.getIntPref("privacy.donottrackheader.value") != 1)) { + Services.prefs.clearUserPref("privacy.donottrackheader.enabled"); + } + + // This pref has been removed, so always clear it. + Services.prefs.clearUserPref("privacy.donottrackheader.value"); + } + // Set the search activity default pref on app upgrade if it has not been set already. if (this._startupStatus === "upgrade" && !Services.prefs.prefHasUserValue("searchActivity.default.migrated")) { @@ -1281,21 +1289,6 @@ var BrowserApp = { case "privacy.masterpassword.enabled": pref.type = "bool"; pref.value = MasterPassword.enabled; - prefs.push(pref); - continue; - // Handle do-not-track preference - case "privacy.donottrackheader": - pref.type = "string"; - - let enableDNT = Services.prefs.getBoolPref("privacy.donottrackheader.enabled"); - if (!enableDNT) { - pref.value = kDoNotTrackPrefState.NO_PREF; - } else { - let dntState = Services.prefs.getIntPref("privacy.donottrackheader.value"); - pref.value = (dntState === 0) ? kDoNotTrackPrefState.ALLOW_TRACKING : - kDoNotTrackPrefState.DISALLOW_TRACKING; - } - prefs.push(pref); continue; #ifdef MOZ_CRASHREPORTER @@ -1379,27 +1372,6 @@ var BrowserApp = { MasterPassword.setPassword(json.value); return; - // "privacy.donottrackheader" is not "real" pref name, it's used in the setting menu. - case "privacy.donottrackheader": - switch (json.value) { - // Don't tell anything about tracking me - case kDoNotTrackPrefState.NO_PREF: - Services.prefs.setBoolPref("privacy.donottrackheader.enabled", false); - Services.prefs.clearUserPref("privacy.donottrackheader.value"); - break; - // Accept tracking me - case kDoNotTrackPrefState.ALLOW_TRACKING: - Services.prefs.setBoolPref("privacy.donottrackheader.enabled", true); - Services.prefs.setIntPref("privacy.donottrackheader.value", 0); - break; - // Not accept tracking me - case kDoNotTrackPrefState.DISALLOW_TRACKING: - Services.prefs.setBoolPref("privacy.donottrackheader.enabled", true); - Services.prefs.setIntPref("privacy.donottrackheader.value", 1); - break; - } - return; - // Enabling or disabling suggestions will prevent future prompts case SearchEngines.PREF_SUGGEST_ENABLED: Services.prefs.setBoolPref(SearchEngines.PREF_SUGGEST_PROMPTED, true); From 7c18fd1d5d08473b1fe1eaed07c742469d449be6 Mon Sep 17 00:00:00 2001 From: ffxbld Date: Wed, 22 Oct 2014 14:02:46 -0700 Subject: [PATCH 3/4] No bug, Automated HSTS preload list update from host bld-linux64-spot-1094 - a=hsts-update --- .../manager/boot/src/nsSTSPreloadList.errors | 141 +++++++++++- .../manager/boot/src/nsSTSPreloadList.inc | 207 +++++++++++++++++- 2 files changed, 333 insertions(+), 15 deletions(-) diff --git a/security/manager/boot/src/nsSTSPreloadList.errors b/security/manager/boot/src/nsSTSPreloadList.errors index 0ac9b7b3af7b..bde2707c1bc1 100644 --- a/security/manager/boot/src/nsSTSPreloadList.errors +++ b/security/manager/boot/src/nsSTSPreloadList.errors @@ -1,6 +1,9 @@ admin.google.com: did not receive HSTS header (error ignored - included regardless) adsfund.org: could not connect to host airbnb.com: did not receive HSTS header +aiticon.de: did not receive HSTS header +alpha.irccloud.com: could not connect to host +amigogeek.net: could not connect to host api.lookout.com: could not connect to host api.mega.co.nz: could not connect to host api.recurly.com: did not receive HSTS header @@ -8,36 +11,63 @@ apis.google.com: did not receive HSTS header (error ignored - included regardles app.manilla.com: could not connect to host appengine.google.com: did not receive HSTS header (error ignored - included regardless) appseccalifornia.org: did not receive HSTS header +at.search.yahoo.com: did not receive HSTS header +au.search.yahoo.com: did not receive HSTS header +az.search.yahoo.com: did not receive HSTS header azprep.us: did not receive HSTS header bassh.net: did not receive HSTS header bccx.com: could not connect to host +be.search.yahoo.com: did not receive HSTS header bedeta.de: could not connect to host betnet.fr: could not connect to host +bi.search.yahoo.com: did not receive HSTS header bigshinylock.minazo.net: could not connect to host +bitfarm-archiv.com: did not receive HSTS header +bitfarm-archiv.de: did not receive HSTS header blog.lookout.com: did not receive HSTS header -boxcryptor.com: could not connect to host +br.search.yahoo.com: did not receive HSTS header braintreegateway.com: did not receive HSTS header braintreepayments.com: did not receive HSTS header browserid.org: did not receive HSTS header business.medbank.com.mt: did not receive HSTS header -calyxinstitute.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 126" data: no] +ca.search.yahoo.com: did not receive HSTS header +calibreapp.com: did not receive HSTS header +calyxinstitute.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 134" data: no] carlolly.co.uk: did not receive HSTS header cartucce24.it: could not connect to host +cd.search.yahoo.com: did not receive HSTS header celltek-server.de: did not receive HSTS header cert.se: max-age too low: 2628001 +cg.search.yahoo.com: did not receive HSTS header +ch.search.yahoo.com: did not receive HSTS header checkout.google.com: did not receive HSTS header (error ignored - included regardless) +chfr.search.yahoo.com: did not receive HSTS header +chit.search.yahoo.com: did not receive HSTS header chrome-devtools-frontend.appspot.com: did not receive HSTS header (error ignored - included regardless) chrome.google.com: did not receive HSTS header (error ignored - included regardless) +cimballa.com: did not receive HSTS header +cl.search.yahoo.com: did not receive HSTS header cloud.google.com: did not receive HSTS header (error ignored - included regardless) +cn.search.yahoo.com: did not receive HSTS header +co.search.yahoo.com: did not receive HSTS header code.google.com: did not receive HSTS header (error ignored - included regardless) codereview.chromium.org: did not receive HSTS header (error ignored - included regardless) +cr.search.yahoo.com: did not receive HSTS header crate.io: did not receive HSTS header crbug.com: did not receive HSTS header crowdcurity.com: did not receive HSTS header crypto.is: did not receive HSTS header csawctf.poly.edu: did not receive HSTS header +ct.search.yahoo.com: did not receive HSTS header +cube.de: max-age too low: 0 +daylightcompany.com: could not connect to host +de.search.yahoo.com: did not receive HSTS header +decibelios.li: did not receive HSTS header +digitaldaddy.net: could not connect to host discovery.lookout.com: did not receive HSTS header +dk.search.yahoo.com: did not receive HSTS header dl.google.com: did not receive HSTS header (error ignored - included regardless) +do.search.yahoo.com: did not receive HSTS header docs.google.com: did not receive HSTS header (error ignored - included regardless) drive.google.com: did not receive HSTS header (error ignored - included regardless) dropbox.com: max-age too low: 2592000 @@ -45,56 +75,95 @@ dropcam.com: did not receive HSTS header ed.gs: did not receive HSTS header edmodo.com: did not receive HSTS header email.lookout.com: could not connect to host +en-maktoob.search.yahoo.com: did not receive HSTS header encrypted.google.com: did not receive HSTS header (error ignored - included regardless) epoxate.com: did not receive HSTS header +es.search.yahoo.com: did not receive HSTS header +espanol.search.yahoo.com: did not receive HSTS header espra.com: could not connect to host -f-droid.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 126" data: no] +f-droid.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 134" data: no] fatzebra.com.au: did not receive HSTS header +fi.search.yahoo.com: did not receive HSTS header +filedir.com: did not receive HSTS header +fj.search.yahoo.com: did not receive HSTS header +fr.search.yahoo.com: did not receive HSTS header +freenetproject.org: max-age too low: 864000 gamesdepartment.co.uk: did not receive HSTS header get.zenpayroll.com: did not receive HSTS header getlantern.org: did not receive HSTS header +gl.search.yahoo.com: did not receive HSTS header glass.google.com: did not receive HSTS header (error ignored - included regardless) -globalcs.co.uk: did not receive HSTS header +gm.search.yahoo.com: did not receive HSTS header gmail.com: did not receive HSTS header (error ignored - included regardless) googlemail.com: did not receive HSTS header (error ignored - included regardless) googleplex.com: could not connect to host googleplex.com: could not connect to host (error ignored - included regardless) goto.google.com: did not receive HSTS header (error ignored - included regardless) gparent.org: did not receive HSTS header +gr.search.yahoo.com: did not receive HSTS header greplin.com: could not connect to host groups.google.com: did not receive HSTS header (error ignored - included regardless) hackerone-user-content.com: could not connect to host haste.ch: could not connect to host history.google.com: did not receive HSTS header (error ignored - included regardless) +hk.search.yahoo.com: did not receive HSTS header +hn.search.yahoo.com: did not receive HSTS header hoerbuecher-und-hoerspiele.de: did not receive HSTS header -honeytracks.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 126" data: no] +honeytracks.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 134" data: no] +horosho.in: did not receive HSTS header hostedtalkgadget.google.com: did not receive HSTS header (error ignored - included regardless) howrandom.org: could not connect to host +hu.search.yahoo.com: did not receive HSTS header +id.search.yahoo.com: did not receive HSTS header +ie.search.yahoo.com: did not receive HSTS header +ilmconpm.de: did not receive HSTS header +in.search.yahoo.com: did not receive HSTS header in.xero.com: max-age too low: 3600 intercom.io: did not receive HSTS header iop.intuit.com: max-age too low: 86400 -irccloud.com: did not receive HSTS header +irccloud.com: could not connect to host +it.search.yahoo.com: did not receive HSTS header itriskltd.com: did not receive HSTS header jottit.com: could not connect to host keymaster.lookout.com: did not receive HSTS header +khmath.com: did not receive HSTS header kiwiirc.com: max-age too low: 5256000 +klaxn.org: could not connect to host +knowledgehook.com: did not receive HSTS header +kr.search.yahoo.com: did not receive HSTS header +kz.search.yahoo.com: did not receive HSTS header ledgerscope.net: did not receive HSTS header +li.search.yahoo.com: did not receive HSTS header liberty.lavabit.com: could not connect to host -lifeguard.aecom.com: did not receive HSTS header +lifeguard.aecom.com: max-age too low: 86400 lists.mayfirst.org: did not receive HSTS header -logentries.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 126" data: no] +logentries.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 134" data: no] login.corp.google.com: max-age too low: 7776000 (error ignored - included regardless) logotype.se: did not receive HSTS header -ludwig.im: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 126" data: no] -lumi.do: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 126" data: no] +lovelycorral.com: did not receive HSTS header +lt.search.yahoo.com: did not receive HSTS header +lu.search.yahoo.com: did not receive HSTS header +ludwig.im: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 134" data: no] +lumi.do: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 134" data: no] +luxus-russen.de: did not receive HSTS header +lv.search.yahoo.com: did not receive HSTS header m.gparent.org: could not connect to host mail.google.com: did not receive HSTS header (error ignored - included regardless) +maktoob.search.yahoo.com: did not receive HSTS header +malaysia.search.yahoo.com: did not receive HSTS header market.android.com: did not receive HSTS header (error ignored - included regardless) markusueberallassetmanagement.de: could not connect to host matteomarescotti.name: max-age too low: 0 +megashur.se: did not receive HSTS header +minikneet.nl: did not receive HSTS header mobilethreat.net: could not connect to host mobilethreatnetwork.net: could not connect to host +mqas.net: could not connect to host +mt.search.yahoo.com: did not receive HSTS header +mu.search.yahoo.com: did not receive HSTS header mudcrab.us: could not connect to host +mw.search.yahoo.com: did not receive HSTS header +mx.search.yahoo.com: did not receive HSTS header my.alfresco.com: did not receive HSTS header mydigipass.com: did not receive HSTS header mykolab.com: did not receive HSTS header @@ -103,33 +172,57 @@ netzpolitik.org: did not receive HSTS header nexth.de: could not connect to host nexth.net: could not connect to host nexth.us: could not connect to host +ni.search.yahoo.com: did not receive HSTS header +nl.search.yahoo.com: did not receive HSTS header +no.search.yahoo.com: did not receive HSTS header noexpect.org: could not connect to host +np.search.yahoo.com: did not receive HSTS header +nz.search.yahoo.com: did not receive HSTS header openshift.redhat.com: did not receive HSTS header ottospora.nl: could not connect to host +pa.search.yahoo.com: did not receive HSTS header passwordbox.com: did not receive HSTS header +passwords.google.com: did not receive HSTS header (error ignored - included regardless) paypal.com: max-age too low: 14400 payroll.xero.com: max-age too low: 3600 +pe.search.yahoo.com: did not receive HSTS header +ph.search.yahoo.com: did not receive HSTS header piratenlogin.de: did not receive HSTS header +pk.search.yahoo.com: did not receive HSTS header +pl.search.yahoo.com: did not receive HSTS header platform.lookout.com: could not connect to host play.google.com: did not receive HSTS header (error ignored - included regardless) +pr.search.yahoo.com: did not receive HSTS header pressfreedomfoundation.org: did not receive HSTS header prodpad.com: did not receive HSTS header profiles.google.com: did not receive HSTS header (error ignored - included regardless) promecon-gmbh.de: did not receive HSTS header +py.search.yahoo.com: did not receive HSTS header +qc.search.yahoo.com: did not receive HSTS header rapidresearch.me: could not connect to host +redlatam.org: did not receive HSTS header +regar42.fr: could not connect to host riseup.net: did not receive HSTS header rme.li: did not receive HSTS header +ro.search.yahoo.com: did not receive HSTS header robteix.com: did not receive HSTS header +ru.search.yahoo.com: did not receive HSTS header +rw.search.yahoo.com: did not receive HSTS header sah3.net: could not connect to host saturngames.co.uk: did not receive HSTS header script.google.com: did not receive HSTS header (error ignored - included regardless) +se.search.yahoo.com: did not receive HSTS header +search.yahoo.com: did not receive HSTS header security.google.com: did not receive HSTS header (error ignored - included regardless) +segu-info.com.ar: did not receive HSTS header semenkovich.com: did not receive HSTS header serverdensity.io: did not receive HSTS header +sg.search.yahoo.com: did not receive HSTS header shops.neonisi.com: could not connect to host siammedia.co: did not receive HSTS header silentcircle.org: could not connect to host simon.butcher.name: max-age too low: 2629743 +simplyfixit.co.uk: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 134" data: no] sites.google.com: did not receive HSTS header (error ignored - included regardless) sol.io: could not connect to host souyar.de: could not connect to host @@ -142,16 +235,34 @@ ssl.panoramio.com: did not receive HSTS header stocktrade.de: could not connect to host sunshinepress.org: could not connect to host surfeasy.com: did not receive HSTS header +sv.search.yahoo.com: did not receive HSTS header talk.google.com: did not receive HSTS header (error ignored - included regardless) talkgadget.google.com: did not receive HSTS header (error ignored - included regardless) tektoria.de: did not receive HSTS header +temehu.com: did not receive HSTS header +terrax.berlin: could not connect to host +th.search.yahoo.com: did not receive HSTS header +tobias-kluge.de: could not connect to host +tr.search.yahoo.com: did not receive HSTS header translate.googleapis.com: did not receive HSTS header (error ignored - included regardless) +tv.search.yahoo.com: could not connect to host +tw.search.yahoo.com: did not receive HSTS header +ua.search.yahoo.com: did not receive HSTS header +uk.search.yahoo.com: did not receive HSTS header uprotect.it: could not connect to host +uy.search.yahoo.com: did not receive HSTS header +uz.search.yahoo.com: did not receive HSTS header +ve.search.yahoo.com: did not receive HSTS header +vn.search.yahoo.com: did not receive HSTS header wallet.google.com: did not receive HSTS header (error ignored - included regardless) webmail.mayfirst.org: did not receive HSTS header +wf-training-master.appspot.com: could not connect to host +wf-training-master.appspot.com: could not connect to host (error ignored - included regardless) whonix.org: did not receive HSTS header +wikidsystems.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 134" data: no] wiz.biz: did not receive HSTS header -www.calyxinstitute.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 126" data: no] +wohnungsbau-ludwigsburg.de: did not receive HSTS header +www.calyxinstitute.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 134" data: no] www.cueup.com: could not connect to host www.developer.mydigipass.com: could not connect to host www.dropbox.com: max-age too low: 2592000 @@ -159,6 +270,7 @@ www.elanex.biz: did not receive HSTS header www.gmail.com: did not receive HSTS header (error ignored - included regardless) www.googlemail.com: did not receive HSTS header (error ignored - included regardless) www.greplin.com: could not connect to host +www.irccloud.com: could not connect to host www.jitsi.org: did not receive HSTS header www.ledgerscope.net: did not receive HSTS header www.logentries.com: did not receive HSTS header @@ -169,4 +281,11 @@ www.rme.li: did not receive HSTS header www.roddis.net: did not receive HSTS header www.sandbox.mydigipass.com: could not connect to host www.surfeasy.com: did not receive HSTS header +xa.search.yahoo.com: did not receive HSTS header +xtream-hosting.com: could not connect to host +xtream-hosting.de: could not connect to host +xtream-hosting.eu: could not connect to host +xtreamhosting.eu: could not connect to host +za.search.yahoo.com: did not receive HSTS header +zh.search.yahoo.com: did not receive HSTS header zoo24.de: max-age too low: 2592000 diff --git a/security/manager/boot/src/nsSTSPreloadList.inc b/security/manager/boot/src/nsSTSPreloadList.inc index 9ba118fb3afc..06265db5a7da 100644 --- a/security/manager/boot/src/nsSTSPreloadList.inc +++ b/security/manager/boot/src/nsSTSPreloadList.inc @@ -8,7 +8,7 @@ /*****************************************************************************/ #include -const PRTime gPreloadListExpirationTime = INT64_C(1424513391772000); +const PRTime gPreloadListExpirationTime = INT64_C(1424897629315000); class nsSTSPreload { @@ -18,6 +18,10 @@ class nsSTSPreload }; static const nsSTSPreload kSTSPreloadList[] = { + { "17hats.com", true }, + { "1a-diamantscheiben.de", true }, + { "1a-vermessung.at", true }, + { "1a-werkstattgeraete.de", true }, { "accounts.firefox.com", true }, { "accounts.google.com", true }, { "aclu.org", false }, @@ -26,10 +30,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "addvocate.com", true }, { "admin.google.com", true }, { "adsfund.org", true }, + { "ahoyconference.com", true }, { "aie.de", true }, + { "aiticon.com", true }, { "aladdinschools.appspot.com", false }, { "alexsexton.com", true }, { "alpha.irccloud.com", false }, + { "andreasbreitenlohner.de", true }, + { "anetaben.nl", true }, + { "angularjs.org", true }, + { "annahmeschluss.de", true }, + { "annevankesteren.com", true }, + { "annevankesteren.nl", true }, + { "annevankesteren.org", true }, { "ansdell.net", true }, { "anycoin.me", true }, { "apadvantage.com", true }, @@ -44,22 +57,31 @@ static const nsSTSPreload kSTSPreloadList[] = { { "app.simpletax.ca", false }, { "app.yinxiang.com", false }, { "appengine.google.com", true }, + { "aprz.de", true }, { "archlinux.de", true }, { "arivo.com.br", true }, + { "arlen.io", true }, { "auf-feindgebiet.de", true }, { "baer.im", true }, + { "balcan-underground.net", true }, + { "baldwinkoo.com", true }, { "bank.simple.com", false }, { "barcodeberlin.com", true }, + { "barslecht.com", true }, + { "barslecht.nl", true }, { "baruch.me", true }, + { "bautied.de", true }, { "bayrisch-fuer-anfaenger.de", true }, { "bccx.com", true }, { "bcrook.com", false }, { "beastowner.com", true }, { "beastowner.li", true }, { "bedeta.de", true }, + { "bedreid.dk", true }, { "beneathvt.com", true }, { "benjamins.com", true }, { "best-wedding-quotes.com", true }, + { "bigbrownpromotions.com.au", true }, { "bitbucket.org", false }, { "bitfactory.ws", true }, { "bl4ckb0x.com", true }, @@ -68,46 +90,58 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bl4ckb0x.net", true }, { "bl4ckb0x.org", true }, { "blacklane.com", true }, + { "blessnet.jp", true }, { "blocksatz-medien.de", true }, { "blog.cyveillance.com", true }, { "blog.gparent.org", true }, { "blog.linode.com", false }, { "blog.torproject.org", false }, + { "bodo-wolff.de", true }, { "bohramt.de", true }, { "boxcryptor.com", true }, { "brunosouza.org", true }, { "buddhistische-weisheiten.org", true }, { "bugzil.la", true }, { "bugzilla.mozilla.org", true }, + { "bulktrade.de", true }, { "business.lookout.com", false }, + { "buzzconcert.com", true }, { "bytepark.de", false }, { "ca.gparent.org", false }, + { "call.me", true }, { "carezone.com", false }, { "cartouche24.eu", true }, + { "cdnb.co", true }, { "certible.com", true }, { "check.torproject.org", false }, { "checkout.google.com", true }, + { "chrisjean.com", true }, { "chrome-devtools-frontend.appspot.com", true }, { "chrome.google.com", true }, { "chromiumcodereview.appspot.com", false }, + { "chulado.com", true }, { "clapping-rhymes.com", true }, { "cloud.google.com", true }, { "cloudcert.org", true }, { "cloudns.com.au", true }, { "cloudsecurityalliance.org", true }, + { "cloudstoragemaus.com", true }, { "cloudup.com", true }, { "code-poets.co.uk", true }, { "code.google.com", true }, + { "codepref.com", true }, { "codereview.appspot.com", false }, { "codereview.chromium.org", true }, + { "comdurav.com", true }, { "config.schokokeks.org", false }, { "conformal.com", true }, { "conrad-kostecki.de", true }, { "controlcenter.gigahost.dk", true }, + { "cotonea.de", true }, { "crm.onlime.ch", false }, { "crypto.cat", false }, { "cryptopartyatx.org", true }, - { "cube.de", true }, + { "cujanovic.com", true }, { "cupcake.io", true }, { "cupcake.is", true }, { "cybershambles.com", true }, @@ -118,72 +152,105 @@ static const nsSTSPreload kSTSPreloadList[] = { { "data.qld.gov.au", false }, { "datenkeks.de", true }, { "davidlyness.com", true }, + { "deadbeef.ninja", true }, + { "debtkit.co.uk", true }, { "dedimax.de", true }, + { "denh.am", true }, { "derhil.de", true }, { "detectify.com", false }, { "developer.mydigipass.com", false }, + { "devh.de", true }, + { "diamante.ro", true }, { "die-besten-weisheiten.de", true }, { "dillonkorman.com", true }, { "dist.torproject.org", false }, { "dl.google.com", true }, + { "dlc.viasinc.com", true }, { "dm.lookout.com", false }, { "dm.mylookout.com", false }, { "docs.google.com", true }, { "docs.python.org", true }, { "domains.google.com", true }, + { "domaris.de", true }, { "donmez.ws", false }, { "download.jitsi.org", false }, { "drive.google.com", true }, { "ebanking.indovinabank.com.vn", false }, { "ecosystem.atlassian.net", true }, + { "edit.yahoo.com", false }, { "edyou.eu", true }, { "eff.org", true }, + { "eldietista.es", true }, + { "elnutricionista.es", true }, { "emailprivacytester.com", true }, { "encircleapp.com", true }, + { "encryptallthethings.net", true }, { "encrypted.google.com", true }, { "energy-drink-magazin.de", true }, + { "enorekcah.com", true }, { "entropia.de", false }, { "errors.zenpayroll.com", false }, + { "esec.rs", true }, { "espra.com", true }, { "ethitter.com", true }, { "eurotramp.com", true }, + { "everhome.de", true }, + { "evstatus.com", true }, { "explodie.org", true }, { "f-droid.org", true }, { "factor.cc", false }, { "fairbill.com", true }, { "faq.lookout.com", false }, + { "fedorapeople.org", true }, { "feedbin.com", false }, { "ferienhaus-polchow-ruegen.de", false }, { "fiken.no", true }, { "firemail.io", true }, { "fischer-its.com", true }, + { "fixingdns.com", true }, { "fj.simple.com", false }, + { "flamer-scene.com", true }, + { "fleximus.org", false }, + { "floobits.com", true }, { "flynn.io", true }, { "forewordreviews.com", true }, { "forodeespanol.com", true }, { "forum.linode.com", false }, { "forum.quantifiedself.com", true }, + { "frederik-braun.com", true }, { "freeshell.de", true }, + { "fronteers.nl", true }, + { "fundingempire.com", true }, + { "futos.de", true }, + { "gamercredo.com", true }, + { "garron.net", true }, { "gemeinfreie-lieder.de", true }, + { "gerardozamudio.mx", true }, { "gernert-server.de", true }, { "getcloak.com", false }, { "getdigitized.net", true }, + { "getssl.uz", true }, { "giacomopelagatti.it", true }, + { "github.com", true }, { "glass.google.com", true }, { "globuli-info.de", true }, { "gmail.com", false }, { "gmantra.org", true }, + { "gmcd.co", true }, { "go.xero.com", false }, { "gocardless.com", true }, { "googlemail.com", false }, { "googleplex.com", true }, { "goto.google.com", true }, + { "gplintegratedit.com", true }, { "grc.com", false }, { "greensolid.biz", true }, { "grepular.com", true }, { "groups.google.com", true }, + { "gunnarhafdal.com", true }, { "guphi.net", true }, { "guthabenkarten-billiger.de", true }, + { "hack.li", true }, { "hackerone.com", true }, { "harvestapp.com", true }, { "hasilocke.de", true }, @@ -191,22 +258,37 @@ static const nsSTSPreload kSTSPreloadList[] = { { "haufschild.de", true }, { "hausverbrauch.de", true }, { "heha.co", true }, + { "heid.ws", true }, + { "heijblok.com", true }, { "helichat.de", true }, { "help.simpletax.ca", false }, { "helpium.de", true }, { "hex2013.com", true }, + { "hexony.com", true }, { "history.google.com", true }, + { "honeybadger.io", false }, { "hostedtalkgadget.google.com", true }, { "hostinginnederland.nl", true }, { "hostix.de", true }, { "howrandom.org", true }, + { "howsmyssl.com", true }, + { "howsmytls.com", true }, + { "hpac-portal.com", true }, + { "html5.org", true }, + { "ian.sh", true }, { "iban.is", true }, + { "id-co.in", true }, { "id.atlassian.com", false }, { "id.mayfirst.org", false }, + { "ideaweb.de", true }, { "ihrlotto.de", true }, + { "ilikerainbows.co.uk", false }, { "imouto.my", false }, { "inertianetworks.com", true }, + { "inleaked.com", true }, + { "insouciant.org", true }, { "irische-segenswuensche.info", true }, + { "ironfistdesign.com", true }, { "isitchristmas.com", true }, { "it-schwerin.de", true }, { "jackyyf.com", false }, @@ -218,14 +300,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jitsi.org", false }, { "jonas-keidel.de", true }, { "jonaswitmer.ch", true }, + { "jonnybarnes.uk", true }, { "julian-kipka.de", true }, + { "jwilsson.me", true }, { "k-dev.de", true }, + { "kaheim.de", true }, { "kardize24.pl", true }, + { "kdex.de", true }, { "keeperapp.com", true }, { "keepersecurity.com", true }, { "kernel-error.de", true }, + { "kevincox.ca", true }, { "keyerror.com", true }, { "kinderbuecher-kostenlos.de", true }, + { "kinogb.net", false }, { "kinsights.com", false }, { "kitsta.com", true }, { "klatschreime.de", true }, @@ -236,6 +324,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "koordinate.net", true }, { "kraken.io", true }, { "kura.io", true }, + { "labina.com.tr", true }, { "lagerauftrag.info", true }, { "lasst-uns-beten.de", true }, { "lastpass.com", false }, @@ -243,9 +332,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lavalite.de", true }, { "lb-toner.de", true }, { "library.linode.com", false }, + { "liebel.org", true }, + { "limpid.nl", true }, + { "lingolia.com", true }, { "linode.com", false }, - { "linx.net", false }, + { "linx.net", true }, + { "ljs.io", true }, { "lockify.com", true }, + { "lodash.com", true }, { "loenshotel.de", true }, { "loftboard.eu", true }, { "logentries.com", false }, @@ -253,6 +347,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "login.persona.org", true }, { "login.sapo.pt", true }, { "login.xero.com", false }, + { "login.yahoo.com", false }, { "lolicore.ch", true }, { "lookout.com", false }, { "lumi.do", false }, @@ -260,32 +355,47 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mach-politik.ch", true }, { "mail.de", true }, { "mail.google.com", true }, + { "mail.yahoo.com", false }, { "mailbox.org", false }, { "makeyourlaws.org", true }, { "malnex.de", true }, + { "man3s.jp", true }, { "manage.zenpayroll.com", false }, { "manageprojects.com", true }, { "manager.linode.com", false }, { "mandala-ausmalbilder.de", true }, { "market.android.com", true }, { "markusueberallassetmanagement.de", true }, + { "matatall.com", true }, { "mathiasbynens.be", true }, + { "matteomarescotti.it", true }, { "mattmccutchen.net", true }, { "mbp.banking.co.at", false }, + { "md5file.com", true }, { "mediacru.sh", true }, { "medium.com", true }, { "mega.co.nz", false }, + { "meinebo.it", true }, { "members.mayfirst.org", false }, { "members.nearlyfreespeech.net", false }, + { "miasarafina.de", true }, { "mig5.net", true }, { "mikewest.org", true }, { "miku.hatsune.my", true }, + { "minez-nightswatch.com", true }, + { "minikneet.com", true }, + { "minnesotadata.com", true }, { "miskatonic.org", true }, + { "mkcert.org", true }, { "mnsure.org", true }, { "mobile.usaa.com", false }, { "mondwandler.de", true }, + { "mothereff.in", true }, + { "mountainmusicpromotions.com", true }, { "mountainroseherbs.com", true }, { "movlib.org", true }, + { "msc-seereisen.net", true }, + { "mths.be", true }, { "mudcrab.us", true }, { "munich-rage.de", true }, { "musicgamegalaxy.de", true }, @@ -293,25 +403,42 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mwe.st", true }, { "my.onlime.ch", false }, { "my.xero.com", false }, + { "mygadgetguardian.lookout.com", false }, + { "mykreuzfahrt.de", true }, { "mylookout.com", false }, { "mynigma.org", true }, { "nachsenden.info", true }, { "neg9.org", false }, { "neilwynne.com", false }, + { "net-safe.info", true }, { "netzbit.de", true }, + { "newstarnootropics.com", true }, { "ng-security.com", true }, + { "nmctest.net", true }, { "npw.net", true }, + { "okmx.de", true }, + { "omitech.co.uk", true }, + { "onedot.nl", true }, { "onedrive.com", true }, { "onedrive.live.com", false }, { "oplop.appspot.com", true }, { "opsmate.com", false }, { "optimus.io", true }, + { "orbograph-hrcm.com", true }, + { "oscarvk.ch", true }, + { "osterkraenzchen.de", true }, + { "otakurepublic.com", true }, { "otakuworld.de", true }, { "oversight.io", true }, { "p.linode.com", false }, { "packagist.org", false }, { "pajonzeck.de", true }, { "palava.tv", true }, + { "parent5446.us", true }, + { "partyvan.eu", true }, + { "partyvan.it", true }, + { "partyvan.nl", true }, + { "partyvan.se", true }, { "passport.yandex.by", false }, { "passport.yandex.com", false }, { "passport.yandex.com.tr", false }, @@ -319,20 +446,29 @@ static const nsSTSPreload kSTSPreloadList[] = { { "passport.yandex.ru", false }, { "passport.yandex.ua", false }, { "passwd.io", true }, + { "password.codes", true }, + { "passwords.google.com", true }, { "paste.linode.com", false }, { "pastebin.linode.com", false }, + { "patt.us", true }, { "pay.gigahost.dk", true }, { "paymill.com", true }, { "paymill.de", true }, { "pdf.yt", true }, + { "peercraft.com", true }, { "picksin.club", true }, { "pierre-schmitz.com", true }, + { "pisidia.de", true }, { "pixi.me", true }, - { "play.google.com", false }, + { "play.google.com", true }, + { "plothost.com", true }, { "plus.google.com", false }, { "plus.sandbox.google.com", false }, { "portal.tirol.gv.at", true }, { "posteo.de", true }, + { "powerplannerapp.com", true }, + { "prakharprasad.com", true }, + { "prefontaine.name", true }, { "profiles.google.com", true }, { "projektzentrisch.de", true }, { "prowhisky.de", true }, @@ -342,10 +478,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pypi.python.org", true }, { "python.org", false }, { "qetesh.de", true }, + { "quuz.org", true }, { "rad-route.de", true }, { "raiseyourflag.com", true }, + { "ravchat.com", true }, { "redports.org", true }, { "reedloden.com", true }, + { "reishunger.de", true }, { "reserve-online.net", true }, { "reviews.anime.my", true }, { "riccy.org", true }, @@ -353,66 +492,106 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rippleunion.com", true }, { "roddis.net", false }, { "romab.com", true }, + { "room-checkin24.de", true }, { "rosenkeller.org", true }, { "roundcube.mayfirst.org", false }, + { "ru-sprachstudio.ch", true }, { "rws-vertriebsportal.de", true }, { "s-c.se", true }, { "sakaki.anime.my", true }, { "salaervergleich.com", true }, + { "sale4ru.ru", true }, + { "salserocafe.com", true }, + { "samizdat.cz", true }, { "sandbox.mydigipass.com", false }, + { "schachburg.de", true }, { "schokokeks.org", false }, + { "schreiber-netzwerk.eu", true }, { "schwarzer.it", true }, + { "sciencex.com", true }, + { "scotthelme.co.uk", true }, { "scrambl.is", true }, { "script.google.com", true }, { "sdsl-speedtest.de", true }, + { "securify.nl", true }, { "security-carpet.com", true }, { "security.google.com", true }, { "securityheaders.com", true }, { "secuvera.de", true }, { "seifried.org", true }, { "servethecity-karlsruhe.de", true }, + { "shaaaaaaaaaaaaa.com", true }, { "sherbers.de", true }, + { "shiinko.com", true }, + { "shipard.com", true }, { "shodan.io", true }, + { "shohruh.uz", false }, + { "shopontarget.com", true }, { "silentcircle.com", false }, { "simbolo.co.uk", false }, { "simple.com", false }, { "simpletax.ca", false }, { "simplystudio.com", true }, + { "siraweb.org", true }, { "sites.google.com", true }, { "skydrive.live.com", false }, + { "slattery.co", true }, + { "slidebatch.com", true }, + { "smartship.co.jp", true }, + { "southside-crew.com", true }, + { "spdysync.com", true }, + { "spideroak.com", true }, { "spreadsheets.google.com", true }, { "sprueche-zum-valentinstag.de", true }, { "sprueche-zur-geburt.info", true }, { "sprueche-zur-hochzeit.de", true }, { "sprueche-zur-konfirmation.de", true }, { "squareup.com", false }, + { "sro.center", true }, { "ssl.google-analytics.com", true }, + { "sslmate.com", true }, { "stage.wepay.com", false }, + { "standardssuck.org", true }, { "static.wepay.com", false }, { "stationary-traveller.eu", true }, + { "steventress.com", true }, { "stocktrade.de", false }, { "stripe.com", true }, { "strongest-privacy.com", true }, { "studydrive.net", true }, { "subrosa.io", true }, + { "suite73.org", true }, { "supplies24.at", true }, { "supplies24.es", true }, { "support.mayfirst.org", false }, { "surkatty.org", true }, + { "sylaps.com", true }, + { "sysctl.se", true }, + { "syss.de", true }, { "tageau.com", true }, { "talk.google.com", true }, { "talkgadget.google.com", true }, { "tatort-fanpage.de", true }, + { "tauchkater.de", true }, + { "tekshrek.com", true }, { "tent.io", true }, + { "testsuite.org", true }, { "texte-zur-taufe.de", true }, + { "thecustomizewindows.com", true }, { "thepaymentscompany.com", true }, { "therapynotes.com", false }, + { "theshadestore.com", true }, + { "thorncreek.net", false }, + { "tickopa.co.uk", true }, { "tinfoilsecurity.com", false }, { "tinte24.de", true }, { "tintenfix.net", true }, { "tipps-fuer-den-haushalt.de", true }, { "tittelbach.at", true }, + { "tno.io", true }, + { "tollmanz.com", true }, { "tomfisher.eu", true }, + { "tomvote.com", true }, { "toner24.at", true }, { "toner24.co.uk", true }, { "toner24.es", true }, @@ -430,8 +609,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tonex.de", true }, { "tonex.nl", true }, { "torproject.org", false }, + { "toshnix.com", true }, { "translate.googleapis.com", true }, + { "translatoruk.co.uk", true }, { "trauertexte.info", true }, + { "tresorit.com", true }, { "tunebitfm.de", true }, { "twitter.com", false }, { "ub3rk1tten.com", true }, @@ -439,11 +621,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ukrainians.ch", true }, { "unterfrankenclan.de", true }, { "usaa.com", false }, + { "uzstyle.com", false }, + { "vaddder.com", true }, + { "viasinc.com", false }, { "viennan.net", true }, { "vmoagents.com", false }, { "vocaloid.my", true }, + { "vortexhobbies.com", true }, { "w-spotlight.appspot.com", true }, { "wallet.google.com", true }, + { "warrencreative.com", false }, { "webandmore.de", true }, { "webcollect.org.uk", true }, { "webfilings-eu-mirror.appspot.com", true }, @@ -454,8 +641,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "webmail.onlime.ch", false }, { "webmail.schokokeks.org", false }, { "websenat.de", true }, + { "weggeweest.nl", true }, { "welches-kinderfahrrad.de", true }, { "wepay.com", false }, + { "wepay.in.th", true }, { "wf-bigsky-master.appspot.com", true }, { "wf-demo-eu.appspot.com", true }, { "wf-demo-hrd.appspot.com", true }, @@ -465,10 +654,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wf-training-hrd.appspot.com", true }, { "wf-training-master.appspot.com", true }, { "wf-trial-hrd.appspot.com", true }, + { "whatwg.org", true }, + { "when-release.ru", true }, + { "wieninternational.at", true }, { "wiki.python.org", true }, { "wildbee.org", true }, + { "willnorris.com", true }, { "winhistory-forum.net", true }, { "writeapp.me", false }, + { "wubthecaptain.eu", true }, { "wunderlist.com", true }, { "www.aclu.org", false }, { "www.airbnb.com", true }, @@ -488,6 +682,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "www.gov.uk", false }, { "www.grc.com", false }, { "www.heliosnet.com", true }, + { "www.honeybadger.io", false }, { "www.intercom.io", false }, { "www.irccloud.com", false }, { "www.lastpass.com", false }, @@ -508,13 +703,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "www.torproject.org", false }, { "www.twitter.com", false }, { "www.usaa.com", false }, + { "www.viasinc.com", true }, { "www.wepay.com", false }, { "www.zenpayroll.com", false }, { "xbrlsuccess.appspot.com", true }, + { "xn--maraa-rta.org", true }, { "xps2pdf.co.uk", true }, { "y-o-w.com", true }, { "z.ai", true }, { "zenpayroll.com", false }, + { "zeplin.io", false }, { "zeropush.com", true }, + { "zixiao.wang", true }, { "zotero.org", true }, }; From 918c518e8b6b1909c59b5e38c05c2085d5b60dc2 Mon Sep 17 00:00:00 2001 From: ffxbld Date: Wed, 22 Oct 2014 14:02:48 -0700 Subject: [PATCH 4/4] No bug, Automated HPKP preload list update from host bld-linux64-spot-1094 - a=hpkp-update --- security/manager/boot/src/StaticHPKPins.h | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/security/manager/boot/src/StaticHPKPins.h b/security/manager/boot/src/StaticHPKPins.h index b055c0bad65c..f189e71dcfef 100644 --- a/security/manager/boot/src/StaticHPKPins.h +++ b/security/manager/boot/src/StaticHPKPins.h @@ -1040,9 +1040,10 @@ static const TransportSecurityPreload kPublicKeyPinningPreloadList[] = { { "media.mozilla.com", true, false, true, -1, &kPinset_mozilla }, { "mobile.twitter.com", true, false, false, -1, &kPinset_twitterCom }, { "oauth.twitter.com", true, false, false, -1, &kPinset_twitterCom }, + { "passwords.google.com", true, false, false, -1, &kPinset_google_root_pems }, { "pinningtest.appspot.com", true, false, false, -1, &kPinset_test }, { "platform.twitter.com", true, false, false, -1, &kPinset_twitterCDN }, - { "play.google.com", false, false, false, -1, &kPinset_google_root_pems }, + { "play.google.com", true, false, false, -1, &kPinset_google_root_pems }, { "plus.google.com", true, false, false, -1, &kPinset_google_root_pems }, { "plus.sandbox.google.com", true, false, false, -1, &kPinset_google_root_pems }, { "profiles.google.com", true, false, false, -1, &kPinset_google_root_pems }, @@ -1088,8 +1089,8 @@ static const TransportSecurityPreload kPublicKeyPinningPreloadList[] = { { "ytimg.com", true, false, false, -1, &kPinset_google_root_pems }, }; -// Pinning Preload List Length = 331; +// Pinning Preload List Length = 332; static const int32_t kUnknownId = -1; -static const PRTime kPreloadPKPinsExpirationTime = INT64_C(1422094197058000); +static const PRTime kPreloadPKPinsExpirationTime = INT64_C(1422478437605000);