Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-17 15:25:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
587,599 Commits 615 Branches 98 Tags 5.9 GiB
302a55b534
Commit Graph

777 Commits

Author SHA1 Message Date
Bogdan Tara
302a55b534 Merge inbound to mozilla-central. a=merge 2018-03-27 12:12:57 +03:00
Henri Sivonen
eaa2f6b46b Bug 1395114 - Remove nsIUnicharStreamLoader. r=emilio,michal 
MozReview-Commit-ID: ECKNnJt80oK

--HG--
extra : rebase_source : 6f09937e0648c65d035dfb4935d6e9a06d0223df
 2018-03-26 12:45:31 +03:00
Vinothkumar Nagasayanan
42549de27c Bug 1440582 - Add CSP test with default-src 'none' that uses window.open() r=ckerschb 
--HG--
extra : amend_source : 1d5a5367f7eabaa06fb7a75216eaca892be1b1e7
 2018-03-26 18:33:43 +03:00
vinoth
24cafeec62 Bug 1416045. r=mayhemer CLOSED TREE 
Reviewers: mayhemer

Reviewed By: mayhemer

Subscribers: freddyb, dveditz, mayhemer, ckerschb, vinoth

Tags: PHID-PROJ-wkydohdk6pajyfn2llkb

Bug #: 1416045

Differential Revision: https://phabricator.services.mozilla.com/D675

--HG--
extra : rebase_source : 65fb235d787b6955da1433ea2ffd56082cab0b30
extra : amend_source : affac492394597daf9b3294d4aca2f61bc27fc73
 2018-03-22 21:02:16 +02:00
vinoth
c28a0c2d53 Bug 1414541 - Intermittent failure fixed for toplevel data: URI. r=ckerschb 2018-03-21 17:18:00 -04:00
vinoth
28c7245f64 Bug 1391823 - Don't run |finish() called multiple times| for dom/security/test/mixedcontentblocker/test_frameNavigation.html. r=ckerschb 
Reviewers: ckerschb

Reviewed By: ckerschb

Subscribers: ckerschb

Bug #: 1391823

Differential Revision: https://phabricator.services.mozilla.com/D562

--HG--
extra : rebase_source : 0ff9fc78d2ca00c2c347f14167de34e31ded1967
extra : amend_source : f2a350607bb0645e3140b51cc57353a50f7c2261
 2018-03-19 12:00:55 +02:00
Tooru Fujisawa
1adba8c1fc Bug 1442465 - Part 4.2: Stop unnecessarily awaiting on BrowserTestUtils.removeTab (simple part). r=dao 2018-03-19 11:16:45 +09:00
Jonathan Kingston
10ebc30d5d Bug 1440701 - Adding in telemetry for upgrading display content. r=ckerschb,valentin 
MozReview-Commit-ID: 7oEIith4Ehv

--HG--
extra : rebase_source : 454d56277aa5dc08bf8cfd7cd9c1e24d31014838
 2018-03-04 14:33:33 +00:00
Andrea Marchesini
5784769019 Bug 1443079 - nsScriptError.isFromPrivateWindow must match the correct value also in e10s mode, r=smaug 2018-03-13 06:40:38 +01:00
Cristian Brindusan
aebd2b4f26 Bug 1391823 - Disable dom/security/test/mixedcontentblocker/test_frameNavigation.html for frequent failures. r=jmaher 2018-03-03 05:16:00 +02:00
Sebastian Hengst
118e03a936 merge mozilla-central to mozilla-inbound 2018-03-01 20:32:20 +02:00
Tiberius Oros
61d400da1c Merge inbound to mozilla-central. a=merge 2018-03-01 19:29:00 +02:00
Georg Koppen
f58841a715 Tests updated/added for bug 1382359 r=ckerschb CLOSED TREE 2018-03-01 10:13:22 +01:00
Georg Koppen
dd4fb3ba9f Bug 1382359: Treat .onion as a secure context 
Websites which collect passwords but don't use HTTPS start showing scary
warnings from Firefox 51 onwards and mixed context blocking has been
available even longer.

.onion sites without HTTPS support are affected as well, although their
traffic is encrypted and authenticated. This patch addresses this
shortcoming by making sure .onion sites are treated as potentially
trustworthy origins.

The secure context specification
(https://w3c.github.io/webappsec-secure-contexts/) is pretty much focused
on tying security and trustworthiness to the protocol over which domains
are accessed. However, it is not obvious why .onion sites should not be
treated as potentially trustworthy given:

"A potentially trustworthy origin is one which a user agent can
generally trust as delivering data securely.

This algorithms [sic] considers certain hosts, scheme, and origins as
potentially trustworthy, even though they might not be authenticated and
encrypted in the traditional sense."
(https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy)

We use step 8 in the algorithm to establish trustworthiness of .onion
sites by whitelisting them given the encrypted and authenticated nature
of their traffic.
 2018-03-01 09:44:30 +01:00
Adam Kasztenny
fc42b2fa73 Bug 1355166 - Remove remote newtab's dead code. r=ursula 2018-02-28 16:44:00 +02:00
Nicolas Chevobbe
8ea55ce28a Bug 1382606 - Switch webconsole to new event-emitter; r=Honza. 
MozReview-Commit-ID: HBogPeOI7WM

--HG--
extra : rebase_source : 4ad1fb922ffc818d175ae3c09820ce31ba416487
 2018-02-23 09:10:36 +01:00
Florian Quèze
c714053d73 Bug 1433175 - scripted patch to replace Components.classes[, Components.interfaces.nsI, Components.utils. and Components.results. with Cc, Ci, Cu and Cr, r=Mossop. 2018-02-28 18:51:33 +01:00
Valentin Gosu
84b854ce2c Bug 1433958 - Change code that sets nsIURI.userPass to use nsIURIMutator r=mayhemer 
* Code in XMLHttpRequestMainThread is converted to set the username and password individually. This is because when the parameters are empty, it ended up calling SetUserPass(":") which always returns an error.

MozReview-Commit-ID: 3cK5HeyzjFE

--HG--
extra : rebase_source : f34400c11245d88648b0ae9c196637628afa9517
 2018-02-26 20:43:46 +01:00
Christoph Kerschbaumer
e8f5150467 Bug 1439444: resource and chrome images and styles should not be subject to CSP. r=gijs 2018-03-01 13:45:04 +01:00
Jonathan Kingston
eab7568bd9 Bug 1441794 - Add deprecation warning to passive OBJECT_SUBREQUEST loads. r=ckerschb 
MozReview-Commit-ID: 3j2t5FDZFmp

--HG--
extra : rebase_source : f18623e42ba4fd54335d26536e4d40deab15c584
 2018-02-28 13:56:35 +00:00
Gurzau Raul
2a77281049 Merge mozilla-central to autoland. a=merge CLOSED TREE 2018-02-21 19:30:44 +02:00
Christoph Kerschbaumer
a6c1ffb498 Bug 1434357: Exempt Web Extensions from insecure redirects to data: URIs. r=kmag,mayhemer 2018-02-18 19:52:52 +01:00
Jonathan Kingston
8afc412494 Bug 1435733 - Upgrade mixed display content pref. r=baku,ckerschb,francois,mayhemer 
MozReview-Commit-ID: ETIgVF3zhRu

--HG--
extra : rebase_source : e4c59f50584158f4b31527347b10424b56692fa1
 2018-02-05 15:37:27 +00:00
Christoph Kerschbaumer
1407489a4b Bug 1432358: Make resource URIs subject to CSP. r=gijs 
--HG--
extra : source : 60852dec9e041887bea80313a70ad2a4cba745a6
extra : intermediate-source : 91c948c94506089d6f40dc59d13c75ab78ce914d
 2018-01-25 14:20:31 +01:00
Sebastian Hengst
a6cab8c4e8 Backed out 4 changesets (bug 1432358) for failing xpcshell's test_ext_contentscript_triggeringPrincipal.js 
Backed out changeset ef7b8eef07c1 (bug 1432358)
Backed out changeset 2fa11c525da3 (bug 1432358)
Backed out changeset a67e95bd0ccf (bug 1432358)
Backed out changeset 91c948c94506 (bug 1432358)
 2018-02-12 19:58:28 +02:00
Christoph Kerschbaumer
6575d66c41 Bug 1432358: Make resource URIs subject to CSP. r=gijs 
--HG--
extra : source : 60852dec9e041887bea80313a70ad2a4cba745a6
 2018-01-25 14:20:31 +01:00
Andrew McCreight
b7bb86d0d4 Bug 1436184 - Remove definitions of Ci, Cr, Cc, and Cu from httpd.js and .sjs files. r=florian 
MozReview-Commit-ID: IKKb9zr2OSf

--HG--
extra : rebase_source : 72d949405c18e6d421422e7865182352eee0c407
 2018-02-06 15:03:13 -08:00
Andrew McCreight
5dec0e0beb Bug 1432992, part 1 - Remove definitions of Ci, Cr, Cc, and Cu. r=florian 
This patch was autogenerated by my decomponents.py

It covers almost every file with the extension js, jsm, html, py,
xhtml, or xul.

It removes blank lines after removed lines, when the removed lines are
preceded by either blank lines or the start of a new block. The "start
of a new block" is defined fairly hackily: either the line starts with
//, ends with */, ends with {, <![CDATA[, """ or '''. The first two
cover comments, the third one covers JS, the fourth covers JS embedded
in XUL, and the final two cover JS embedded in Python. This also
applies if the removed line was the first line of the file.

It covers the pattern matching cases like "var {classes: Cc,
interfaces: Ci, utils: Cu, results: Cr} = Components;". It'll remove
the entire thing if they are all either Ci, Cr, Cc or Cu, or it will
remove the appropriate ones and leave the residue behind. If there's
only one behind, then it will turn it into a normal, non-pattern
matching variable definition. (For instance, "const { classes: Cc,
Constructor: CC, interfaces: Ci, utils: Cu } = Components" becomes
"const CC = Components.Constructor".)

MozReview-Commit-ID: DeSHcClQ7cG

--HG--
extra : rebase_source : d9c41878036c1ef7766ef5e91a7005025bc1d72b
 2018-02-06 09:36:57 -08:00
Florian Quèze
2b1c8dccb6 Bug 1339461 - script-generated patch to convert foo.indexOf(...) == -1 to foo.includes(), r=Mossop. 2018-02-01 20:45:22 +01:00
Kris Maglione
918ed6c474 Bug 1431533: Part 5a - Auto-rewrite code to use ChromeUtils import methods. r=florian 
This was done using the following script:
37e3803c7a/processors/chromeutils-import.jsm

MozReview-Commit-ID: 1Nc3XDu0wGl

--HG--
extra : source : 12fc4dee861c812fd2bd032c63ef17af61800c70
extra : intermediate-source : 34c999fa006bffe8705cf50c54708aa21a962e62
extra : histedit_source : b2be2c5e5d226e6c347312456a6ae339c1e634b0
 2018-01-29 15:20:18 -08:00
Boris Zbarsky
7c392f077e Bug 1418085 part 6. Remove nsIDOMHTMLElement. r=mystor 
MozReview-Commit-ID: 5QUyFeAQYZQ
 2018-01-30 00:25:36 -05:00
Boris Zbarsky
9da3878bc9 Bug 1418076 part 11. Eliminate the nsIDOMHTMLDocument interface. r=mystor 
MozReview-Commit-ID: 4lEcUeenbg3
 2018-01-26 01:03:25 -05:00
Cosmin Sabou
9a65a40178 Backed out 3 changesets (bug 1431533) for Android mochitest failures on testEventDispatcher on a CLOSED TREE 
Backed out changeset a1eca62826a1 (bug 1431533)
Backed out changeset 34c999fa006b (bug 1431533)
Backed out changeset e2674287e57f (bug 1431533)
 2018-01-30 07:17:48 +02:00
Boris Zbarsky
e565b1fe1b Bug 1432944 part 11. Remove nsIDOMElement::GetAttribute. r=mccr8 
MozReview-Commit-ID: 2f1vFvRdCPG
 2018-01-29 23:28:00 -05:00
Boris Zbarsky
f60fd673d6 Bug 1432186 part 19. Remove the nsIDOMNode::*_NODE constants. r=mccr8 
MozReview-Commit-ID: KvKjeKIOB9K
 2018-01-29 23:10:53 -05:00
Kris Maglione
6476f95b13 Bug 1431533: Part 5a - Auto-rewrite code to use ChromeUtils import methods. r=florian 
This was done using the following script:
37e3803c7a/processors/chromeutils-import.jsm

MozReview-Commit-ID: 1Nc3XDu0wGl

--HG--
extra : source : 12fc4dee861c812fd2bd032c63ef17af61800c70
 2018-01-29 15:20:18 -08:00
Brindusan Cristian
af8879d1eb Backed out 2 changesets (bug 1431533) for ESlint failures on a CLOSED TREE 
Backed out changeset 6e56f4c8843e (bug 1431533)
Backed out changeset 12fc4dee861c (bug 1431533)
 2018-01-30 02:32:43 +02:00
Kris Maglione
c276bb9375 Bug 1431533: Part 5a - Auto-rewrite code to use ChromeUtils import methods. r=florian 
This was done using the following script:
37e3803c7a/processors/chromeutils-import.jsm

MozReview-Commit-ID: 1Nc3XDu0wGl

--HG--
extra : rebase_source : c004a023389f1f6bf3d2f3efe93c13d423b23ccd
 2018-01-29 15:20:18 -08:00
vinoth
7b23ba9165 Bug 1397740 - Removed security.xcto_nosniff_block_images from about:config r=ckerschb,fkiefer 
MozReview-Commit-ID: HTalMWq694W

--HG--
extra : rebase_source : 0ce03ae0ed6bb754791f7aadb52bc6c55aa6c7cd
 2018-01-05 10:43:17 +01:00
vinoth
9d7a2186b4 Bug 1370468 - frame-ancestor tests added for userpass r=ckerschb,fkiefer 
MozReview-Commit-ID: 4wW24JnxaKh

--HG--
extra : rebase_source : b926ea06208c1fbd91fe1a9fdee100f8cb21e8d1
 2017-08-30 15:58:20 +02:00
Andrea Marchesini
c6da271117 Bug 1425458 - Resource timing entries Workers - part 0 - NS_NewChannel, r=smaug 
* * *
Bug 1425458 - Resource timing entries Workers - part 10 - Correct parameters in NS_NewChannel in nsDataObj.cpp, r=me
 2018-01-24 17:17:31 +01:00
Kris Maglione
aec63e140c Backed out 3 changesets (bug 1431533) for Android mochitest bustage. CLOSED TREE 
MozReview-Commit-ID: 5ubE9EMQpZ9

--HG--
extra : histedit_source : df68d7595925c07d9d6e8bacc2c46e69556f479a%2C72b768b9825e20ede6603ead75f871c50dc041f7
 2018-01-24 22:04:59 -08:00
Kris Maglione
30b3a49bfd Bug 1431533: Part 5a - Auto-rewrite code to use ChromeUtils import methods. r=florian 
MozReview-Commit-ID: 8V1ZT53ReiP

--HG--
extra : rebase_source : 12b5f8c3e125111db7382eb3d7d20a99fb2c35b3
extra : absorb_source : e99fa7f6eee02e7e6cadeb898c7fcf6dac9c902a
extra : histedit_source : d0dfc31fadc2b81d341c9d0cd1efec02923c003b
 2018-01-24 15:48:47 -08:00
Brindusan Cristian
368c3d5b6b Backed out 12 changesets (bug 1425458) for mochitest failures on WorkerPrivate.cpp on a CLOSED TREE 
Backed out changeset 11997de13778 (bug 1425458)
Backed out changeset 100b9d4f36bc (bug 1425458)
Backed out changeset a29e9dbb8c42 (bug 1425458)
Backed out changeset b96d58fd945c (bug 1425458)
Backed out changeset f140da44ba68 (bug 1425458)
Backed out changeset af56400233d9 (bug 1425458)
Backed out changeset 7034af4332e4 (bug 1425458)
Backed out changeset f70500179140 (bug 1425458)
Backed out changeset 793bbfc23257 (bug 1425458)
Backed out changeset 2efb375a8ffc (bug 1425458)
Backed out changeset 07e781e37451 (bug 1425458)
Backed out changeset e875f3702a5f (bug 1425458)
 2018-01-24 20:47:48 +02:00
Andrea Marchesini
6480b95ba3 Bug 1425458 - Resource timing entries Workers - part 0 - NS_NewChannel, r=smaug 2018-01-24 17:17:31 +01:00
Christoph Kerschbaumer
16dba8baf1 Bug 1432137 - Add test to verify insecure redirects to data: URIs are blocked for script modules. r=jonco 2018-01-23 14:04:21 +01:00
Christoph Kerschbaumer
d8e2caf90a Bug 1428793: Test block insecure redirects to data: URIs. r=smaug 2018-01-23 09:58:06 +01:00
Christoph Kerschbaumer
47e37d6df2 Bug 1428793: Block insecure redirects to data: URIs. r=smaug 2018-01-23 09:57:47 +01:00
Chung-Sheng Fu
0319902c5b Bug 1418243 - Fix mochitest failures due to violationDirective change. r=ckerschb 
MozReview-Commit-ID: AphtAxYo6Hr

--HG--
extra : rebase_source : 24cd7773cb1f3583c524d142908f859ff5e88e8a
 2018-01-16 23:00:00 +02:00
Chung-Sheng Fu
d1124b72c7 Bug 1418243 - Fix SecurityPolicyViolationEvent.violatedDirective. r=ckerschb 
MozReview-Commit-ID: 8DQ7CI5exUL

--HG--
extra : rebase_source : 69181c5e5f61f6fee5224def74c54985c3b47dee
 2018-01-16 22:59:00 +02:00