Commit Graph

2563 Commits

Author SHA1 Message Date
Olli Pettay
ecd90ac919 Bug 1905843, prevent unexpected use of result site origin, r=nika
Differential Revision: https://phabricator.services.mozilla.com/D215496
2024-09-17 15:01:43 +00:00
Sandor Molnar
5ac4c52a7e Backed out changeset 230299b03e10 (bug 1905843) for causing build bustages @ nsContentSecurityManager.cpp CLOSED TREE 2024-09-17 16:40:05 +03:00
Olli Pettay
5c584eed59 Bug 1905843, prevent unexpected use of result site origin, r=nika
Differential Revision: https://phabricator.services.mozilla.com/D215496
2024-09-17 12:55:39 +00:00
Masatoshi Kimura
7a6cd72300 Bug 1914286 - Remove NS_RelaxStrictFileOriginPolicy. r=smaug,necko-reviewers,kershaw
Differential Revision: https://phabricator.services.mozilla.com/D219921
2024-08-23 10:13:35 +00:00
Tim Huang
0b53a24daa Bug 1912810 - Don't call ShouldAllowAccessFor if GetURI returns null. r=bvandersloot
Differential Revision: https://phabricator.services.mozilla.com/D219614
2024-08-22 15:44:14 +00:00
Andrew McCreight
bedeac7f8f Bug 1912804 - Don't warn in BasePrincipal::IsL10nAllowed if GetURI return null. r=peterv,dom-core
GetURI can succeed, but still return null. In that case, BasePrincipal::IsL10nAllowed
will pass null into NS_URIChainHasFlags, causing it to fail, which will produce three
separate warnings, and then return NS_OK. A recent change caused this function to be
call much more frequently, so this is now the top source of log spam in debug builds.

This change should not affect the behavior, aside from the lack of warnings.

Differential Revision: https://phabricator.services.mozilla.com/D219065
2024-08-13 12:40:13 +00:00
Emilio Cobos Álvarez
e1ad6294bf Bug 1910698 - Remove nsIScriptError.sourceLine. r=smaug,devtools-reviewers,webdriver-reviewers,necko-reviewers,nchevobbe,kershaw,jdescottes,credential-management-reviewers,dimi
Afaict the source lines are not exposed anywhere in the UI.

Differential Revision: https://phabricator.services.mozilla.com/D218115
2024-08-01 17:12:48 +00:00
Emilio Cobos Álvarez
198c331213 Bug 1910698 - Add a struct to represent JS caller location and more general warning source location. r=smaug,necko-reviewers,anti-tracking-reviewers,dom-storage-reviewers,pbz,kershaw,janv
Use it liberally across the tree. This could be cleaned up even more in the future.

Differential Revision: https://phabricator.services.mozilla.com/D218114
2024-08-01 17:12:48 +00:00
Kagami Sascha Rosylight
c771068e58 Bug 1908664 - Add nsIPrincipal::GetIsInPrivateBrowsing r=media-playback-reviewers,anti-tracking-reviewers,dom-storage-reviewers,padenot,asuth,pbz
Differential Revision: https://phabricator.services.mozilla.com/D216993
2024-07-26 17:47:51 +00:00
Henri Sivonen
010aa5c448 Bug 1753352 - Inherit principal into about:blank with query string. r=nika
Differential Revision: https://phabricator.services.mozilla.com/D212093
2024-07-17 16:12:53 +00:00
Nika Layzell
1eb3c1d7cd Bug 1906734 - Switch WebExtension resources to use only static protocol flags, r=extension-reviewers,necko-reviewers,kershaw,robwu
Previously, the WebExtension protocol used dynamic protocol flags which
were based on the WebExtension policy in order to enforce things such as
availability in private browsing and the accessibility of certain
resources.

Since the shift to MV3, these checks have required more complex checks
than what was possible to specify with protocol flags, which required
the addition of WEBEXT_URI_WEB_ACCESSIBLE - a security flag which would
trigger further checks with the EPS to determine if the URI can be
loaded.

This was somewhat inefficient, as fetching the URI flags would require
looking up the policy each time dynamic flags were looked up, as well as
when policy specifics were being checked after loading flags. In
addition, it lead to a number of flags which were very specific to
extension protocols.

This patch changes extensions to no longer have dynamic flags, instead
specifying the static `URI_IS_WEBEXTENSION_RESOURCE` security flag. When
this flag is specified, security checks are made by querying the
ExtensionPolicyService to ask if the load should be permitted, combining
the specific security checks for Extension resources into a simpler
code-path, and avoids redundant checks.

Differential Revision: https://phabricator.services.mozilla.com/D216076
2024-07-17 16:02:34 +00:00
Nika Layzell
5fb9592e42 Bug 1901387 - Part 3: Make nsIPrincipal::CheckMayLoad threadsafe, r=asuth,ckerschb,extension-reviewers,robwu
This method was previously non-threadsafe due to it needing to access dynamic
URI flags. These flags were used to check the WEbExtensionPolicy to see if the
webextension resource being loaded should be accessible.

Making dynamic URI flags available off-main-thread in general would
unfortunately be quite difficult, due to some of them depending on things like
JS `nsIAboutModule` implementations, so that was not the approach taken.

Instead, all information required is already available in the threadsafe
WebExtensionPolicyCore, which is now directly queried, instead of being queried
indirectly through protocol flags.

Differential Revision: https://phabricator.services.mozilla.com/D215026
2024-06-28 17:34:08 +00:00
Tom Schuster
6613ec7689 Bug 1904004 - Use OriginAttributes::IsPrivateBrowsing instead of open coding PBM checks. r=timhuang,cookie-reviewers,anti-tracking-reviewers,profiler-reviewers,necko-reviewers,kershaw,dom-storage-reviewers,janv,canaltinova,dom-worker-reviewers,asuth
Differential Revision: https://phabricator.services.mozilla.com/D214532
2024-06-24 11:06:18 +00:00
Tom Schuster
64a746c174 Bug 1904004 - Add OriginAttributes::IsPrivateBrowsing. r=timhuang
Differential Revision: https://phabricator.services.mozilla.com/D214531
2024-06-24 11:06:17 +00:00
Ryan VanderMeulen
b5c7b70b7e Backed out changeset 25f376fb859f (bug 1873973) for causing various regressions.
CLOSED TREE
2024-05-31 15:08:52 -04:00
Sean
968eadeb66 Bug 1873973 - Fix nsStandardURL incorrectly escaped "^" in the path r=necko-reviewers,valentin
Differential Revision: https://phabricator.services.mozilla.com/D211898
2024-05-29 17:00:47 +00:00
Tamas Szentpeteri
1458cf5c1e No Bug - Fix for whitespace linting in mochitest.toml. CLOSED TREE 2024-05-23 18:20:46 +03:00
Tom Ritter
e7fd7f8a7c Bug 1894779: Allow loading fonts from resource:// URIs r=emilio,freddyb
Differential Revision: https://phabricator.services.mozilla.com/D209593
2024-05-23 13:46:30 +00:00
Cristian Tuns
4093c1bc12 Backed out changeset ad6f67ebee72 (bug 1894779) for causing failures in test_loadLocalFont.html CLOSED TREE 2024-05-22 10:47:48 -04:00
Tom Ritter
cdafa7a780 Bug 1894779: Allow loading fonts from resource:// URIs r=emilio,freddyb
Differential Revision: https://phabricator.services.mozilla.com/D209593
2024-05-22 14:11:05 +00:00
Emilio Cobos Álvarez
d55796be17 Bug 1892257 - Move nsStringBuffer to mfbt. r=nika,xpcom-reviewers,glandium
Inline Create() and Realloc() so that we don't get negative leaks, since
were that code end up in mozglue, it wouldn't have access to the logging
machinery.

Differential Revision: https://phabricator.services.mozilla.com/D209663
2024-05-14 14:24:26 +00:00
Nika Layzell
b3f3e9a04a Bug 1892481 - More consistently enforce noscript and builtinclass in xpidl, r=xpcom-reviewers,necko-reviewers,valentin,media-playback-reviewers,mccr8,padenot
These properties were previously being checked much later, during xptcodegen,
and causing methods to be treated as noscript implicitly.

This change enforces the noscript requirements earlier when possible in
xpidl.py, to produce better errors, and adds addiitonal checks to ensure that
types which need to be builtinclass are marked as such.

This required some changes to interfaces in order to satisfy the new checks.

Differential Revision: https://phabricator.services.mozilla.com/D207804
2024-04-22 18:19:58 +00:00
Nika Layzell
a48079cd72 Bug 1881863 - Part 1: Standardize on boolean over bool in xpidl, r=xpcom-reviewers,necko-reviewers,valentin,extension-reviewers,application-update-reviewers,media-playback-reviewers,credential-management-reviewers,search-reviewers,anti-tracking-reviewers,places-reviewers,nalexander,emilio,zombie,sgalich,karlt,lina,Standard8
Previously the `boolean` type was also declared using a `bool` typedef in
xpidl, meaning that both were used in various places. This patch standardizes
on the built-in `boolean` type, removing the typedef.

Differential Revision: https://phabricator.services.mozilla.com/D206382
2024-04-04 18:45:21 +00:00
Emilio Cobos Álvarez
e4ddf24147 Bug 1887719 - More consistently use UTF8String/nsCString for URLs. r=necko-reviewers,webidl,anti-tracking-reviewers,places-reviewers,jari,kershaw,janv,smaug,hsivonen
Sorry for the massive patch but I found it hard to split without
introducing a bunch of copies around...

This mostly makes necko and DOM agree on which strings to use, which
should result on less copies and conversions.

Differential Revision: https://phabricator.services.mozilla.com/D205601
2024-04-04 11:49:57 +00:00
Benjamin VanderSloot
d3ef19887a Bug 1876574 - Add SameSite bit to partition-key origin attribute for first-party partitioning - r=timhuang
This patch is a no-op for observable functionality. All it does is add a bit to the partitionKey for OA, and then adds plumbing to be able to set it, and where it is required, sets it to false.
This is serialized identically to the absence of the bit, so nothing changes at all.

Differential Revision: https://phabricator.services.mozilla.com/D203155
2024-04-02 18:53:25 +00:00
Cristian Tuns
3ba835953e Backed out 6 changesets (bug 1876574, bug 1876575) for causing multiple failures in TestGetPrincipalCookieBehavior5 CLOSED TREE
Backed out changeset f00e9fde550f (bug 1876575)
Backed out changeset ca1c6f8819f7 (bug 1876575)
Backed out changeset d65ac05bd9f8 (bug 1876575)
Backed out changeset 5dcfe3aa8497 (bug 1876575)
Backed out changeset 9ae9252761ac (bug 1876575)
Backed out changeset 704e94d28ad7 (bug 1876574)
2024-04-02 09:58:52 -04:00
Benjamin VanderSloot
880a6720e4 Bug 1876574 - Add SameSite bit to partition-key origin attribute for first-party partitioning - r=timhuang
This patch is a no-op for observable functionality. All it does is add a bit to the partitionKey for OA, and then adds plumbing to be able to set it, and where it is required, sets it to false.
This is serialized identically to the absence of the bit, so nothing changes at all.

Differential Revision: https://phabricator.services.mozilla.com/D203155
2024-04-02 12:50:00 +00:00
Stanca Serban
23caed9eac Backed out 6 changesets (bug 1876574, bug 1876575) for causing multiple failures. CLOSED TREE
Backed out changeset 8c7a9f405031 (bug 1876575)
Backed out changeset 49739f9ec590 (bug 1876575)
Backed out changeset 1c49f0c3b677 (bug 1876575)
Backed out changeset 1ca7a0f27bc0 (bug 1876575)
Backed out changeset bfa9862e3480 (bug 1876575)
Backed out changeset 58576ed7eb22 (bug 1876574)
2024-03-29 20:52:30 +02:00
Benjamin VanderSloot
6e1646cf81 Bug 1876574 - Add SameSite bit to partition-key origin attribute for first-party partitioning - r=timhuang
This patch is a no-op for observable functionality. All it does is add a bit to the partitionKey for OA, and then adds plumbing to be able to set it, and where it is required, sets it to false.
This is serialized identically to the absence of the bit, so nothing changes at all.

Differential Revision: https://phabricator.services.mozilla.com/D203155
2024-03-29 17:12:12 +00:00
Sandor Molnar
09e7cbd0b7 Backed out 6 changesets (bug 1876575, bug 1876574) for causing build bustages @ toolkit/components/resistfingerprinting/nsRFPService.cpp CLOSED TREE
Backed out changeset 455ce831c73c (bug 1876575)
Backed out changeset 4fa3fbf3a3ae (bug 1876575)
Backed out changeset ac4c41cb3b67 (bug 1876575)
Backed out changeset 15e06d10788e (bug 1876575)
Backed out changeset dcd6bbea816a (bug 1876575)
Backed out changeset cc547125fda9 (bug 1876574)
2024-03-29 16:29:47 +02:00
Benjamin VanderSloot
998c4499bd Bug 1876574 - Add SameSite bit to partition-key origin attribute for first-party partitioning - r=timhuang
This patch is a no-op for observable functionality. All it does is add a bit to the partitionKey for OA, and then adds plumbing to be able to set it, and where it is required, sets it to false.
This is serialized identically to the absence of the bit, so nothing changes at all.

Differential Revision: https://phabricator.services.mozilla.com/D203155
2024-03-29 13:11:26 +00:00
abhishekmadan30
6118a3b4b6 Bug 1884941 - Add an option to URLParams::Parse() for if it should decode the parameters or not. r=anti-tracking-reviewers,necko-reviewers,valentin,timhuang.
Differential Revision: https://phabricator.services.mozilla.com/D204914
2024-03-28 18:02:16 +00:00
Iulian Moraru
93ed708a97 Backed out 3 changesets (bug 1877419, bug 1884941) for causing non unified build bustages on URLQueryStringStripper.cpp. CLOSED TREE
Backed out changeset 53db0be27620 (bug 1877419)
Backed out changeset b7fab4b145f7 (bug 1877419)
Backed out changeset 78436da20d95 (bug 1884941)
2024-03-26 19:37:45 +02:00
abhishekmadan30
6053848bf6 Bug 1884941 - Add an option to URLParams::Parse() for if it should decode the parameters or not. r=anti-tracking-reviewers,necko-reviewers,valentin,timhuang.
Differential Revision: https://phabricator.services.mozilla.com/D204914
2024-03-26 14:42:07 +00:00
Noemi Erli
18b56b463a Backed out 3 changesets (bug 1884941, bug 1877419) for causing bustage in URLQueryStringStripper.cpp CLOSED TREE
Backed out changeset 32c74a4cd05b (bug 1877419)
Backed out changeset c2ca2f596c09 (bug 1877419)
Backed out changeset 45931e6db21e (bug 1884941)
2024-03-25 21:50:27 +02:00
abhishekmadan30
c4a54c7864 Bug 1884941 - Add an option to URLParams::Parse() for if it should decode the parameters or not. r=anti-tracking-reviewers,necko-reviewers,valentin,timhuang.
Differential Revision: https://phabricator.services.mozilla.com/D204914
2024-03-25 18:30:38 +00:00
aiunusov
fe9f006639 Bug 1883860 - nsDocShell::HandleSameDocumentNavigation() cause crash in SetDocumentURI, r=smaug
Differential Revision: https://phabricator.services.mozilla.com/D204611
2024-03-22 12:27:38 +00:00
Sandor Molnar
72c98c7f24 Backed out changeset 7b83373f7a9e (bug 1883860) for causing build bustages @ caps/tests/gtest/TestScriptSecurityManager.cpp CLOSED TREE 2024-03-22 02:35:03 +02:00
aiunusov
b201b63e61 Bug 1883860 - nsDocShell::HandleSameDocumentNavigation() cause crash in SetDocumentURI, r=smaug
Differential Revision: https://phabricator.services.mozilla.com/D204611
2024-03-22 00:07:27 +00:00
Dave Townsend
f35244e188 Bug 1864896: Autofix unused function arguments (general). r=nika,jfkthame,ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D203007
2024-03-19 14:59:22 +00:00
Artur Iunusov
f13c66340f Bug 1770944 - fixed isolatedMozBrowser related tests, r=smaug,necko-reviewers,jesup
Depends on D192468

Differential Revision: https://phabricator.services.mozilla.com/D192485
2024-03-07 13:04:25 +00:00
Artur Iunusov
b1d6f2eeb8 Bug 1770944 - Remove other references to inBrowserElement, r=cookie-reviewers,valentin,janv,decoder
Depends on D183230

Differential Revision: https://phabricator.services.mozilla.com/D189490
2024-03-07 13:04:23 +00:00
Artur Iunusov
67db960e48 Bug 1770944 - Remove isInIsolatedMozBrowserElement. r=smaug,necko-reviewers,kershaw,valentin
Depends on D183229

Differential Revision: https://phabricator.services.mozilla.com/D183230
2024-03-07 13:04:22 +00:00
Narcis Beleuzu
7eae8c1064 Backed out 16 changesets (bug 1770944) as req by asuth.
Backed out changeset 61af32f40777 (bug 1770944)
Backed out changeset 4ff0c45db93b (bug 1770944)
Backed out changeset 8a217eff7bcd (bug 1770944)
Backed out changeset 6435f48c96bf (bug 1770944)
Backed out changeset 0d2432765ca0 (bug 1770944)
Backed out changeset 58e02566db85 (bug 1770944)
Backed out changeset 0a8c4c2460ee (bug 1770944)
Backed out changeset 9416bafd9982 (bug 1770944)
Backed out changeset 79de4f83fe2e (bug 1770944)
Backed out changeset 63ac518aceb0 (bug 1770944)
Backed out changeset 14952f872b77 (bug 1770944)
Backed out changeset f65e0967ad75 (bug 1770944)
Backed out changeset bd53c42038f7 (bug 1770944)
Backed out changeset 36c378ba8212 (bug 1770944)
Backed out changeset 9ba54ab06348 (bug 1770944)
Backed out changeset fb5a54b3cbe9 (bug 1770944)
2024-02-23 21:11:08 +02:00
Artur Iunusov
72394b518c Bug 1770944 - fixed isolatedMozBrowser related tests, r=smaug,necko-reviewers,jesup
Depends on D192468

Differential Revision: https://phabricator.services.mozilla.com/D192485
2024-02-22 10:13:17 +00:00
Artur Iunusov
bb8df1117c Bug 1770944 - Remove other references to inBrowserElement, r=cookie-reviewers,valentin,janv,decoder
Depends on D183230

Differential Revision: https://phabricator.services.mozilla.com/D189490
2024-02-22 10:13:15 +00:00
Artur Iunusov
8a817efa45 Bug 1770944 - Remove isInIsolatedMozBrowserElement. r=smaug,necko-reviewers,kershaw,valentin
Depends on D183229

Differential Revision: https://phabricator.services.mozilla.com/D183230
2024-02-22 10:13:14 +00:00
Sandor Molnar
be27c149eb Backed out 16 changesets (bug 1770944) for causing asan failures @ dom/base/InProcessBrowserChildMessageManager.cpp
Backed out changeset b73885731e73 (bug 1770944)
Backed out changeset 23d0dc98eb51 (bug 1770944)
Backed out changeset 15661e24d8e1 (bug 1770944)
Backed out changeset 97aa839dc200 (bug 1770944)
Backed out changeset 0d4318bf3239 (bug 1770944)
Backed out changeset be28bb62e9f3 (bug 1770944)
Backed out changeset 708b2671410e (bug 1770944)
Backed out changeset 0a138f3b56b9 (bug 1770944)
Backed out changeset 3a149ef794c2 (bug 1770944)
Backed out changeset 4b6ae7dd0e69 (bug 1770944)
Backed out changeset e3960ad85182 (bug 1770944)
Backed out changeset 9ea253525227 (bug 1770944)
Backed out changeset 1828b66c2f7c (bug 1770944)
Backed out changeset 55b0886f9025 (bug 1770944)
Backed out changeset a4197071d10a (bug 1770944)
Backed out changeset 9b18524f541e (bug 1770944)
2024-02-20 20:34:55 +02:00
Artur Iunusov
5191fef9e8 Bug 1770944 - fixed isolatedMozBrowser related tests, r=smaug,necko-reviewers,jesup
Depends on D192468

Differential Revision: https://phabricator.services.mozilla.com/D192485
2024-02-20 16:53:26 +00:00
Artur Iunusov
981b9eb009 Bug 1770944 - Remove other references to inBrowserElement, r=cookie-reviewers,valentin,janv,decoder
Depends on D183230

Differential Revision: https://phabricator.services.mozilla.com/D189490
2024-02-20 16:53:24 +00:00