Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-22 17:55:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
634,180 Commits 615 Branches 98 Tags 5.9 GiB
14486004b6
Commit Graph

49 Commits

Author SHA1 Message Date
Andrea Marchesini
4439acd683 Bug 1498510 - Move nsICSPEventListener out of CSP object, r=ckerschb 2018-10-23 08:17:13 +02:00
Andrea Marchesini
44ce53c72e Bug 1476592 - Remove the cache from nsCSPContext - part 2 - sendViolationReports parameter, r=ckerschb, r=aosmond 2018-08-01 06:35:24 +02:00
Andrea Marchesini
d3cf48d4ba Bug 1332422 - CSP should not use 'aExtra' to indicate redirects within ContentPolicy, r=ckerschb 
Instead, let's pass a nsIURI object to indicate when we have to check a
redirect CSP loading.
 2018-07-19 13:25:50 +02:00
Andrea Marchesini
8fe4d55300 Bug 1472927 - Fix CSP violation events in workers, r=asuth, r=ckerschb 2018-07-10 18:53:03 +02:00
Andrea Marchesini
5fff1762ad Bug 1418236 - Correct EventTarget for CSP violation events, r=ckerschb 2018-07-10 17:40:21 +02:00
Andrea Marchesini
14d462eeb3 Bug 1418246 - Return valid columnNumber value in CSP violation events, r=ckerschb 2018-07-05 08:21:04 +02:00
Adrian Wielgosik
074d88de5a Bug 1460940 - Convert nsIPrincipal to use nsIDocument. r=bz 
MozReview-Commit-ID: z1TGWtS1KG

--HG--
extra : rebase_source : e5291c40eb017c1e3fd69333ac108dda852fb8cd
 2018-05-11 19:46:15 +02:00
Andrea Marchesini
b5118e1ddf Bug 1302449 - Remove the "referrer" directive in CSP, r=ckerschb 2018-05-09 13:15:08 +02:00
Chung-Sheng Fu
8dd7eb1b95 Bug 1037335 - Implement security policy violation event. r=ckerschb,smaug 
MozReview-Commit-ID: 4BYThUXduI4

--HG--
extra : rebase_source : 5d4a34c5e6bb7fd3774fafb1de72e761bce4591f
 2017-11-29 16:53:00 +02:00
Christoph Kerschbaumer
2fd8493f7f Bug 1302667 - CSP: Implement 'worker-src'. r=baku,dveditz,mckinley 2017-10-30 18:45:36 +01:00
Coroiu Cristina
44d1b50592 Backed out changeset 70ccfda99dbc::ca6ae38c0432 (bug 1302667) for frequently failing mochitest in security/test/csp/test_worker_src.html r=backout a=backout on a CLOSED TREE 
Backed out changeset ca6ae38c0432 (bug 1302667)
Backed out changeset ff86e185e09d (bug 1302667)
Backed out changeset 8ec6b8bf8c6c (bug 1302667)
Backed out changeset 21c73f9d8fac (bug 1302667)
Backed out changeset e982481dbf2c (bug 1302667)
Backed out changeset 70ccfda99dbc (bug 1302667)
 2017-10-30 14:19:29 +02:00
Christoph Kerschbaumer
58b63c1576 Bug 1302667 - CSP: Implement 'worker-src'. r=baku,dveditz,mckinley 2017-10-30 09:10:36 +01:00
Kate McKinley
092434c08c Bug 1376651 - Pass the nsIScriptElement instead of allocating a string every time r=ckerschb 
Change the interface to GetAlowsInline to take an nsISupports* instead
of a string, and pass the nsIScriptElement directly. If we don't have an
element, then pass nullptr or the mock string created as an
nsISupportsString.

MozReview-Commit-ID: pgIMxtplsi

--HG--
extra : rebase_source : 4691643bb67ff6c78a74a4886a04c4816cff6219
 2017-07-27 11:01:24 -07:00
Christoph Kerschbaumer
632fd14dfa Bug 1024557 - Ignore x-frame-options if CSP with frame-ancestors exists. r=smaug 2017-06-07 21:17:49 +02:00
Thomas Nguyen
afaba58d52 Bug 1339004 - Do DocGroup labeling in dom/security. r=ckerschb,smaug 
MozReview-Commit-ID: 3QoH8P4J85I

--HG--
extra : rebase_source : 6f62454001fc02380f8aea99a56eff38de0e9fb6
 2017-03-29 10:20:32 +08:00
Joel Maher
f297f17181 Bug 1339232 - annotate more dom/* moz.build files with BUG_COMPONENT. r=overholt 
MozReview-Commit-ID: 2HbPxGkrVfv
 2017-03-01 08:20:25 -05:00
Christoph Kerschbaumer
c267f70f91 Bug 1299483 - CSP: Implement 'strict-dynamic', enforcement changes. r=dveditz,freddyb 2016-11-08 12:55:23 +01:00
Michael Layzell
8e946df619 Bug 1293001 - Part 2: Change the BinaryName of nsIContentSecurityPolicy::getPolicy from GetPolicy (which overloaded another virtual method), to GetPolicyString, r=froydnj 
MozReview-Commit-ID: 4XWRar3Uuw
 2016-08-11 15:49:40 -04:00
Tom Tromey
5538d692d3 Bug 1286877 - do not set c-basic-offset for python-mode; r=gps 
This removes the unnecessary setting of c-basic-offset from all
python-mode files.

This was automatically generated using

    perl -pi -e 's/; *c-basic-offset: *[0-9]+//'

... on the affected files.

The bulk of these files are moz.build files but there a few others as
well.

MozReview-Commit-ID: 2pPf3DEiZqx

--HG--
extra : rebase_source : 0a7dcac80b924174a2c429b093791148ea6ac204
 2016-07-14 10:16:42 -06:00
Paul Roberts
ec18fc5ff7 Bug 671389 - Implement CSP sandbox directive. r=ckerschb r=smaug 
--HG--
extra : rebase_source : d9c5f5868c2558a3696cd489674da6f243be11ad
 2016-06-29 07:48:44 -07:00
Frederik Braun
404a0bbb99 Bug 1265318: add require-sri-for CSP directive. r=ckerschb 
MozReview-Commit-ID: 200PAvKtBME
 2016-05-31 11:14:00 +02:00
Jonathan Watt
2bb448cbb2 Bug 1267509 - Make nsContentSecurityManager::IsURIPotentiallyTrustworthy act on an nsIPrincipal. r=bz 
MozReview-Commit-ID: Zu1zU4Brkx

--HG--
rename : dom/security/test/unit/test_isURIPotentiallyTrustworthy.js => dom/security/test/unit/test_isOriginPotentiallyTrustworthy.js
 2016-04-26 11:30:43 +01:00
Kris Maglione
f3feb0cfd3 Bug 1254194: Allow iterating over and inspecting sources of parsed CSP directives. r=ckerschb 
MozReview-Commit-ID: G8b86UvSv0y

--HG--
extra : rebase_source : c7857e88af0d94dd1162dccfe12aae6567945f2c
 2016-04-23 20:42:43 -07:00
Christoph Kerschbaumer
39f2d53360 Bug 1122236 - CSP: Implement block-all-mixed-content (r=tanvi,kate,mrbkap) 2016-01-13 20:58:16 -08:00
Christoph Kerschbaumer
96f42dd458 Bug 663570 - MetaCSP Part 1: CSP parser changes (r=sicking) 2015-11-14 19:27:59 -08:00
Wes Kocher
ea2623adb5 Merge m-c to inbound, a=merge 
--HG--
extra : commitid : 93SodIi80b2
 2015-11-11 17:12:26 -08:00
Carsten "Tomcat" Book
f2915b700e Merge mozilla-central to fx-team 2015-11-11 12:44:56 +01:00
Panos Astithas
a45cc8a956 Bug 1217133 - Don't warn about insecure passwords on localhost pages. r=paolo,MattN 2015-11-11 08:39:06 +02:00
Kate McKinley
67f4155fe6 Bug 1045891 - CSP 2 child-src implementation r=ckerschb 2015-10-28 16:32:27 -07:00
Christoph Kerschbaumer
1873ead519 Bug 1219931 - CSP: Don't allow removing a policy (r=sicking) 2015-11-02 08:04:15 -08:00
Matthew Noorenberghe
a0a2b249c4 Bug 1221365 - Move "Is origin potentially trustworthy?" logic outside ServiceWorkerManager.cpp. r=ckerschb,bkelly 2015-11-06 11:10:17 -08:00
Wes Kocher
f8ad8afb5a Backed out 4 changesets (bug 1045891) for b2g mochitest 7 failures 
Backed out changeset c590b18c5885 (bug 1045891)
Backed out changeset 14818a2329a4 (bug 1045891)
Backed out changeset e44d41985fed (bug 1045891)
Backed out changeset 781a76befe01 (bug 1045891)

--HG--
extra : commitid : 77UlfZzjWcg
 2015-11-06 09:36:49 -08:00
Kate McKinley
3b59b81c93 Bug 1045891 - CSP 2 child-src implementation. r=ckerschb 2015-10-28 16:32:27 -07:00
Christoph Kerschbaumer
a876eba5c9 Bug 1188028 - Use channel->ascynOpen2 in dom/security/nsCSPContext.cpp (r=sicking) 2015-07-27 11:57:56 -07:00
Carsten "Tomcat" Book
deb9310786 Backed out changeset 895c42544609 (bug 1045891) 2015-11-02 10:37:51 +01:00
Kate McKinley
d4da8266d4 Bug 1045891 - CSP 2 child-src implementation r=ckerschb 2015-10-28 16:32:27 -07:00
Christoph Kerschbaumer
6d3847c487 Bug 1204703 - Make nsContentSecurityManager scriptable (r=sicking) 
--HG--
extra : source : 977d5b7ecba32a0617d40c231e2f16963bf4a4ef
 2015-09-18 09:27:15 -07:00
Wes Kocher
8414be2356 Backed out 3 changesets (bug 1143922) for landing with the wrong bug number 
Backed out changeset 309b4d1ab81c (bug 1143922)
Backed out changeset deda472458fd (bug 1143922)
Backed out changeset 977d5b7ecba3 (bug 1143922)
 2015-09-18 14:13:33 -07:00
Christoph Kerschbaumer
b01fc3ad90 Bug 1143922 - Make nsContentSecurityManager scriptable (r=sicking) 2015-09-18 09:27:15 -07:00
Christoph Kerschbaumer
8001d76219 Bug 1026520 - CSP: Inline report sending into allows - csp changes (r=dveditz) 2015-09-17 22:34:16 -07:00
Christoph Kerschbaumer
d338b7f9d9 Bug 1139297 - Implement CSP upgrade-insecure-requests directive - csp changes (r=sstamm) 
--HG--
extra : rebase_source : 34377eb11cf33beef768bd11883c048c37351a8d
 2015-07-10 09:13:54 -07:00
Marcos Caceres
8fc79cb285 Bug 1089255 - Implement and test manifest-src CSP directive. r=bholley, r=dveditz, r=ckerschb 
---
 dom/base/nsContentPolicyUtils.h                    |   1 +
 dom/base/nsDataDocumentContentPolicy.cpp           |   3 +-
 dom/base/nsIContentPolicy.idl                      |   2 +-
 dom/base/nsIContentPolicyBase.idl                  |   7 +-
 dom/base/nsISimpleContentPolicy.idl                |   2 +-
 dom/base/test/csp/browser.ini                      |   4 +
 dom/base/test/csp/browser_test_web_manifest.js     | 265 +++++++++++++++++++++
 .../csp/browser_test_web_manifest_mixed_content.js |  55 +++++
 dom/base/test/csp/file_CSP_web_manifest.html       |   6 +
 dom/base/test/csp/file_CSP_web_manifest.json       |   1 +
 .../test/csp/file_CSP_web_manifest.json^headers^   |   1 +
 dom/base/test/csp/file_CSP_web_manifest_https.html |   4 +
 dom/base/test/csp/file_CSP_web_manifest_https.json |   1 +
 .../csp/file_CSP_web_manifest_mixed_content.html   |   9 +
 .../test/csp/file_CSP_web_manifest_remote.html     |   8 +
 dom/base/test/csp/file_csp_testserver.sjs          |  14 +-
 dom/base/test/csp/mochitest.ini                    |   7 +
 dom/base/test/moz.build                            |   5 +-
 dom/fetch/InternalRequest.cpp                      |   3 +
 dom/fetch/InternalRequest.h                        |   2 +-
 .../security/nsIContentSecurityPolicy.idl          |   3 +-
 dom/ipc/manifestMessages.js                        |  25 +-
 dom/security/nsCSPUtils.cpp                        |   7 +
 dom/security/nsCSPUtils.h                          |  10 +-
 dom/security/nsMixedContentBlocker.cpp             |   1 +
 dom/webidl/CSPDictionaries.webidl                  |   1 +
 extensions/permissions/nsContentBlocker.cpp        |   6 +-
 netwerk/mime/nsMimeTypes.h                         |   1 +
 28 files changed, 439 insertions(+), 15 deletions(-)
 create mode 100644 dom/base/test/csp/browser.ini
 create mode 100644 dom/base/test/csp/browser_test_web_manifest.js
 create mode 100644 dom/base/test/csp/browser_test_web_manifest_mixed_content.js
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest.html
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest.json
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest.json^headers^
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest_https.html
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest_https.json
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest_mixed_content.html
 create mode 100644 dom/base/test/csp/file_CSP_web_manifest_remote.html
 2015-06-02 15:42:19 -04:00
Christoph Kerschbaumer
f679dfded5 Bug 1129999 - Implement CSP devtool using GCLI; CSP to JSON (r=sstamm,bholley) 2015-05-21 11:16:04 -07:00
Ryan VanderMeulen
b83ba6b825 Backed out 4 changesets (bug 671389) for frequent B2G debug test_tcpsocket_client_and_server_basics.html crashes. 
Backed out changeset b782435e5640 (bug 671389)
Backed out changeset 0f8d62109bfe (bug 671389)
Backed out changeset 8d6021f66c49 (bug 671389)
Backed out changeset cd3e227df9dc (bug 671389)
 2015-02-05 16:48:18 -05:00
Deian Stefan
53375db2ef Bug 671389 - Part 1: Implement CSP sandbox directive r=ckerschb,smaug 2015-02-03 23:40:00 +01:00
Sid Stamm
7ddbe36414 Bug 965727 - Implement referrer directive for CSP. (r=jst,ckerschb) 2014-12-17 14:14:04 -05:00
Sid Stamm
5dc1b5b39c Bug 999656 - Fix mappings between content type and CSP directives and refactor permits functions in CSP. r=ckerschb 2014-12-10 13:54:00 +01:00
Francois Marier
e1f5653f32 Bug 529697 - (CSP 1.1) Implement form-action directive [1/4], r=geekboy 
Teach CSP about the form-action directive from CSP Level 2.
 2014-11-18 01:12:00 +01:00
Christoph Kerschbaumer
ab97bec4cb Bug 1089912: Part 1, move csp into dom/security (r=sstamm,jst) 
--HG--
rename : dom/base/nsIContentSecurityPolicy.idl => dom/interfaces/security/nsIContentSecurityPolicy.idl
rename : dom/base/nsCSPContext.cpp => dom/security/nsCSPContext.cpp
rename : dom/base/nsCSPContext.h => dom/security/nsCSPContext.h
rename : dom/base/nsCSPParser.cpp => dom/security/nsCSPParser.cpp
rename : dom/base/nsCSPParser.h => dom/security/nsCSPParser.h
rename : dom/base/nsCSPService.cpp => dom/security/nsCSPService.cpp
rename : dom/base/nsCSPService.h => dom/security/nsCSPService.h
rename : dom/base/nsCSPUtils.cpp => dom/security/nsCSPUtils.cpp
rename : dom/base/nsCSPUtils.h => dom/security/nsCSPUtils.h
 2014-10-27 16:58:20 -07:00