Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-17 15:25:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
569,748 Commits 615 Branches 98 Tags 5.9 GiB
59de60ae4b
Commit Graph

696 Commits

Author SHA1 Message Date
Frederik Braun
17c2bf2604 Bug 1224225: Tests for punycode/unicode in CSP source matching code r=ckerschb,KWierso 
MozReview-Commit-ID: 21Mr9ekUvnk

--HG--
extra : rebase_source : be5d673efaa31e322fea5da5ff4e7e6fa749daca
 2017-03-15 13:22:55 +01:00
Frederik Braun
cef461241c Bug 1224225: Use GetAsciiHost in CSP source matching code r=ckerschb,KWierso 
MozReview-Commit-ID: B7SwUEMiVwc

--HG--
extra : rebase_source : d5dbec9f6aac4a627c35fb93f85f8e922fa695dd
 2017-03-15 13:22:06 +01:00
Carsten "Tomcat" Book
dba578960e merge mozilla-inbound to mozilla-central a=merge 2017-03-14 14:23:03 +01:00
Christoph Kerschbaumer
658552e990 Bug 1316305 - Add debug information for test_upgrade_insecure_requests. r=jmaher 2017-03-13 12:00:46 +01:00
David Major
dc67bfc9a3 Bug 1344629 - Part 6: Rewrite unnecessary uses of nsLiteralString. r=dbaron 
There's an antipattern where nsLiteralString is used as an unnecessary intermediary in converting from CharT* to CharT*,
e.g. CallAFunctionThatTakesACharPointer(NS_LITERAL_CSTRING("foo").get());
or
NS_NAMED_LITERAL_STRING(foo, "abc");
CallAFunctionThatTakesACharPointer(foo.get());

This patch rewrites the callsites that can be trivially changed to use char*/char16_t*.

I'd somewhat like to remove nsTLiteralString::get() altogether, but in code that's less straightforward than these examples, get() is useful enough to keep.

MozReview-Commit-ID: Kh1rUziVllo

--HG--
extra : rebase_source : c21a65694d6e1c42fd88f73632f7ac8f38d005ae
 2017-03-14 15:26:27 +13:00
Iris Hsiao
5cece96e1c Backed out 12 changesets (bug 1344629) for stylo build bustage 
Backed out changeset cf4273d3ac30 (bug 1344629)
Backed out changeset a96390e044e0 (bug 1344629)
Backed out changeset d9b330f9bc24 (bug 1344629)
Backed out changeset 2b460fe020af (bug 1344629)
Backed out changeset 0ada91b0452e (bug 1344629)
Backed out changeset 083304fcd6bd (bug 1344629)
Backed out changeset 53d7d1ce2c97 (bug 1344629)
Backed out changeset 55eee7078ae4 (bug 1344629)
Backed out changeset 7d3c06b3eca9 (bug 1344629)
Backed out changeset e5df14c3db61 (bug 1344629)
Backed out changeset 636095ff2815 (bug 1344629)
Backed out changeset 0be052ad24c1 (bug 1344629)
 2017-03-14 11:52:24 +08:00
David Major
40f4821701 Bug 1344629 - Part 6: Rewrite unnecessary uses of nsLiteralString. r=dbaron 
There's an antipattern where nsLiteralString is used as an unnecessary intermediary in converting from CharT* to CharT*,
e.g. CallAFunctionThatTakesACharPointer(NS_LITERAL_CSTRING("foo").get());
or
NS_NAMED_LITERAL_STRING(foo, "abc");
CallAFunctionThatTakesACharPointer(foo.get());

This patch rewrites the callsites that can be trivially changed to use char*/char16_t*.

I'd somewhat like to remove nsTLiteralString::get() altogether, but in code that's less straightforward than these examples, get() is useful enough to keep.

MozReview-Commit-ID: Kh1rUziVllo

--HG--
extra : rebase_source : c21a65694d6e1c42fd88f73632f7ac8f38d005ae
 2017-03-14 15:26:27 +13:00
Andrea Marchesini
e9195daa8d Bug 1345168 - Get rid of OriginAttributes::Inherit, r=tjr 2017-03-08 07:41:51 +01:00
Wei-Cheng Pan
510ba75c20 Bug 1310127 - Part 17: Use MOZ_MUST_USE in netwerk/protocol/http r=smaug 
MozReview-Commit-ID: 5gvVZtsa3yS

--HG--
extra : rebase_source : 5e1ab2fc06ae58f18abb8909ac93f9512abbe220
 2016-12-20 11:49:32 +08:00
Ursula Sarracini
6b1858e254 Bug 1340181 - Hide Activity Stream URL in URLbar r=fkiefer,mconley 
MozReview-Commit-ID: F0P5tn2wyG

--HG--
extra : rebase_source : a9f766913b8340e12a4f526dc741e8ed752e6acf
 2017-02-22 13:18:09 -05:00
Masatoshi Kimura
7be7b11a1c Bug 1342144 - Remove version parameter from the type attribute of script elements. r=jmaher 
This patch is generated by the following sed script:
find . ! -wholename '*/.hg*' -type f \( -iname '*.html' -o -iname '*.xhtml' -o -iname '*.xul' -o -iname '*.js' \) -exec sed -i -e 's/\(\(text\|application\)\/javascript\);version=1.[0-9]/\1/g' {} \;

MozReview-Commit-ID: AzhtdwJwVNg

--HG--
extra : rebase_source : e8f90249454c0779d926f87777f457352961748d
 2017-02-23 06:10:07 +09:00
Joel Maher
51bcce91f3 Bug 1316305 - Intermittent dom/security/test/csp/test_upgrade_insecure.html. disabled on osx. r=gbrown 
MozReview-Commit-ID: FyX1wqxhyT7
 2017-02-24 12:33:21 -05:00
Kate McKinley
c69d150710 Bug 1339669 - Update security.mixed_content.hsts_priming_cache_timeout default r=mayhemer 
MozReview-Commit-ID: CNFrPUyrdO8

--HG--
extra : rebase_source : 858da20cf65369ede5908b07921dfba501956b84
 2017-02-16 10:48:59 +09:00
Jonathan Hao
c23b7c4dcc Bug 1323644 - Isolate the HSTS and HPKP storage by first party domain (DOM/DocShell) r=baku,ckerschb 
MozReview-Commit-ID: AZUfZffsLxu

--HG--
extra : rebase_source : bcd831e5ba7e92dd142747dccacba5cd34da016e
 2017-02-14 10:29:24 +08:00
Xidorn Quan
3e72a08b95 Bug 1339394 - Don't serialize transparent color to transparent keyword when not necessary. r=heycam,jaws 
MozReview-Commit-ID: 59cmaCoFJMR

--HG--
extra : rebase_source : 3b927d3c056b66e98f457de1726cf9d459eb8708
 2017-02-16 10:26:13 +11:00
Tom Tromey
5f8f360823 Bug 1060419 - make log_print use Printf.h, r=froydnj 
MozReview-Commit-ID: BIZ1GQEZ1vs

--HG--
extra : rebase_source : 2f1f0aa12493c44f352d9a7e8683e7bb72d2d75b
 2016-12-15 20:16:31 -07:00
Ben Kelly
0e176007bb Bug 1322111 P1 Add TYPE_INTERNAL_WORKER_IMPORT_SCRIPTS content policy type. r=ckerschb 2017-02-15 09:55:58 -05:00
Carsten "Tomcat" Book
4bb208b812 Backed out changeset 4a964c3f1759 (bug 1339394) for suspicion of causing failures on OS X browser_selectpopup.js tests 2017-02-15 14:43:57 +01:00
Xidorn Quan
8a139d9ab8 Bug 1339394 - Don't serialize transparent color to transparent keyword when not necessary. r=heycam 
MozReview-Commit-ID: 59cmaCoFJMR

--HG--
extra : source : 6c2a110bb5f4c7d4b1efd81a5cf03878291f7591
extra : amend_source : e2cdd8e042f99c53dceb69e02b422d62cdc01e1f
 2017-02-15 20:47:26 +11:00
Ben Kelly
564ce2618f Bug 1338304 P1 Make nsCSPService cancel the channel if a redirect is blocked by CSP. r=ckerschb 2017-02-14 10:06:38 -05:00
Tooru Fujisawa
6582faf6eb Bug 1338251 - Remove remaining legacy generator from dom/security/test/hsts/. r=smaug 2017-02-11 01:53:23 +09:00
Tim Huang
756cf900c9 Bug 1336802 - Part 2: Updating the whole code base to make sure nsILoadInfo get null check. r=smaug 
--HG--
extra : rebase_source : 22149fd540fd02119afe9fe5c9a815d01cf959c1
 2017-02-07 11:49:34 +08:00
Carsten "Tomcat" Book
bb03ec5d0c Merge mozilla-central to autoland 2017-02-08 11:32:21 +01:00
Kate McKinley
af9b4969e3 Bug 1334838 - Avoid matching same host with a non-test URI a=testonly r=ckerschb 
MozReview-Commit-ID: 7Ok7FXFtMoH

--HG--
extra : rebase_source : 99e6beac73e043e9d6174277ab9458fe8d7556c7
 2017-02-08 11:28:29 +08:00
Franziskus Kiefer
456a4733d7 Bug 1336654 - update expired certs and signatures for content signature tests, r=mgoodwin 
--HG--
extra : rebase_source : ec6a62f2f8d651f6e2cc8d4dade93d9647d03a10
 2017-02-06 10:07:49 +01:00
Wes Kocher
f9c7eaa259 Bug 1336654 - Skip the suddenly permafailing tests to reopen the tree a=me CLOSED TREE 
MozReview-Commit-ID: 1KLjbaojvYc
 2017-02-03 17:17:51 -08:00
Andrea Marchesini
43b97e9ea3 Bug 1288768 - Better error reporting for network errors in workers - WPT, r=bz 2017-01-28 15:40:08 +01:00
Phil Ringnalda
5d4072a82c Merge m-i to m-c, a=merge 2017-01-28 13:09:00 -08:00
Phil Ringnalda
439b10ced6 Backed out 2 changesets (bug 1288768) for wptlint failure 
Backed out changeset 3361d527f683 (bug 1288768)
Backed out changeset d8b8219c20d6 (bug 1288768)
 2017-01-28 08:10:26 -08:00
Andrea Marchesini
cab859bea8 Bug 1288768 - Better error reporting for network errors in workers - WPT, r=bz 2017-01-28 15:40:08 +01:00
Kate McKinley
0baeefeea1 Bug 1328460 - Don't send priming to IP or non-standard ports r=ckerschb 
MozReview-Commit-ID: GLyLfp8gqYt

--HG--
extra : rebase_source : f722504803ed63c5d3be9b84d5053cb1abea984e
 2017-01-23 14:01:43 -08:00
Florian Quèze
b11907c7aa Bug 1334156 - script-generated patch to replace .ownerDocument.defaultView with .ownerGlobal, r=jaws. 2017-01-27 10:51:03 +01:00
Florian Quèze
2cf30507bd Bug 1334261 - script-generated patch to remove more newURI null parameters, r=jaws. 2017-01-27 10:51:02 +01:00
Florian Quèze
be4dbae285 Bug 1334199 - script-generated patch to omit getComputedStyle's second argument when it's falsy, r=jaws. 2017-01-27 10:51:02 +01:00
Wes Kocher
3317135d5c Backed out 3 changesets (bug 1073952) for test_iframe_srcdoc.html failures a=backout 
Backed out changeset e63233859ee1 (bug 1073952)
Backed out changeset 5534087efac3 (bug 1073952)
Backed out changeset 1e631015acc8 (bug 1073952)

MozReview-Commit-ID: Fmrv8mz4HYI
 2017-01-27 10:37:05 -08:00
Joel Maher
2c0ed9cf64 Bug 1334242 - add BUG_COMPONENT to dom/security/* files. r=ckerschb 
MozReview-Commit-ID: EeYWpLBI5G5
 2017-01-27 08:18:50 -05:00
Frederik Braun
d15c007015 Bug 1073952 - Part 2 - tests for iframe sandbox srcdoc and data URIs with CSP r=ckerschb,dveditz 
MozReview-Commit-ID: DPJRqEut5pu
 2017-01-27 01:05:00 +01:00
Frederik Braun
f72672a461 Bug 1073952: inherit CSP into iframe sandbox srcdoc r=ckerschb,dveditz 
MozReview-Commit-ID: KTzCLoDfYnd
 2017-01-27 01:05:00 +01:00
Brendan Dahl
b27f51d095 Bug 1277102 - Use nsIDocShellTreeItem::ItemType during nsCSPContext::PermitsAncestry. r=ckerschb 2017-02-01 14:58:00 -05:00
Christoph Kerschbaumer
52276acb40 Bug 1271173 - Test upgrade-insecure-requests for navigational requests. r=smaug,freddyb 2016-05-09 13:37:49 +02:00
Christoph Kerschbaumer
e7473c84f8 Bug 1329288: Allow content policy consumers to identify contentPolicy checks from docshell. r=bz,kmaglione 2017-01-22 18:05:03 +01:00
Christoph Kerschbaumer
dd581118f0 Bug 1329288 - Test ContentPolicy blocks opening a new window. r=smaug 2017-01-22 17:42:42 +01:00
Sebastian Hengst
040a162daf Backed out changeset 828efd8ce683 (bug 1329288) 2017-01-22 13:09:53 +01:00
Sebastian Hengst
a692f05c85 Backed out changeset 69fb2fc61535 (bug 1329288) 2017-01-22 13:09:48 +01:00
Christoph Kerschbaumer
130fcb1f75 Bug 1329288: Allow content policy consumers to identify contentPolicy checks from docshell. r=bz,kmaglione 2017-01-22 07:30:26 +01:00
Christoph Kerschbaumer
5b0e184329 Bug 1329288 - Test ContentPolicy blocks opening a new window. r=smaug 2017-01-22 07:30:10 +01:00
Mark Banner
16e6d381ac Bug 503613 - Remove old 'tail =' lines from xpcshell.ini files; r=gps 
MozReview-Commit-ID: 62Hp5ISxowJ

--HG--
extra : rebase_source : daa8efb3409031fea553f4fd0c9d0746e38dc308
extra : histedit_source : b4c23aacf678ba0d0ac9c09191a7c494ead11a08
 2017-01-18 10:30:39 +00:00
Ehsan Akhgari
4ef7762311 Bug 1331838 - Remove support for app URIs in CSP directives; r=ckerschb 2017-01-18 15:18:29 -05:00
Ehsan Akhgari
ee5969e9c2 Backout changeset 7040329487e9 (bug 1331838) because it was the wrong patch 2017-01-18 15:18:29 -05:00
Ehsan Akhgari
842ce9fb2d Bug 1331838 - Remove support for app URIs in CSP directives; r=ckerschb 2017-01-18 13:11:42 -05:00
Sebastian Hengst
5baf0e453e Backed out changeset 8acb67f2e136 (bug 1331838) for failing GTest CSPParser.SimplePolicies. r=backout on a CLOSED TREE 2017-01-18 17:28:03 +01:00
Ehsan Akhgari
42a8bbcbb1 Bug 1331838 - Remove support for app URIs in CSP directives; r=ckerschb 2017-01-18 08:57:13 -05:00
Florian Quèze
85611a7b6d Bug 1331081 - script generated patch to omit addEventListener/removeEventListener's third parameter when it's false, r=jaws. 
--HG--
extra : rebase_source : a22344ee1569f58f1f0a01017bfe0d46a6a14602
 2017-01-17 11:50:25 +01:00
Tuhina
265b3a3710 Bug 1303685: Add telemetry for CSP referrer directive. r=ckerschb,francois 2016-11-04 21:36:25 +05:30
Carsten "Tomcat" Book
054061a872 Merge mozilla-central to mozilla-inbound 2017-01-12 10:36:29 +01:00
Christoph Kerschbaumer
0c9692f60f Bug 1330035 - Explicitly use javascript: instead of URI_INHERITS_SECURITY_CONTEXT within subjectToCSP(). r=dveditz 2017-01-12 09:42:23 +01:00
Carsten "Tomcat" Book
b815edc5b6 Backed out changeset d5ba64015065 (bug 1329288) 2017-01-11 15:41:43 +01:00
Christoph Kerschbaumer
ca27de3795 Bug 1329288 - Update test_contentpolicytype_targeted_link_iframe to not call finish several times. r=me 2017-01-11 14:44:52 +01:00
Kate McKinley
edae411c07 Bug 1313595 - Lower HSTS priming timeout r=mayhemer 
MozReview-Commit-ID: 5wOqtYM1MfD

--HG--
extra : rebase_source : 78cb81a9223c80b93b2c574846111eb3bad91c03
 2016-12-08 11:07:55 -10:00
Geoff Brown
ab089bc866 Bug 1324870 - Skip test_bug803225.html and test_ext_downloads_misc.js on linux32 only, to enable taskcluster migration; r=jmaher 2017-01-05 16:34:47 -07:00
Iris Hsiao
8ca3b2dc24 Backed out changeset 724fdfe8f396 (bug 1324870) 2017-01-05 12:21:31 -05:00
Geoff Brown
4fdfff0c12 Bug 1324870 - Skip test_bug803225.html and test_ext_downloads_misc.js on linux32 only, to enable taskcluster migration; r=jmaher 
--HG--
extra : rebase_source : eb4c1e94381f46d54619f0a3ba65e3f5beed2221
 2017-01-05 09:15:11 -07:00
Thomas Nguyen
0aaea58b69 Bug 1304623 - Create a pref to control the default referrer policy - part 3. r=bkelly 
MozReview-Commit-ID: 1A6IHPeNYBQ
 2017-01-05 11:29:56 +08:00
Christoph Kerschbaumer
c88d12696d Bug 1182569: Update ContentSecurityManager to handle docshell loads. r=smaug 2017-01-03 20:59:30 +01:00
Thomas Wisniewski
47afdb3f0c Bug 1324542 - Code-quality tweaks for isValidBase64Value. r=ckerschb 
--HG--
extra : rebase_source : 6077893a7edc62c5842c3a1c9f5be9386a6e7e7c
 2016-12-20 11:56:14 -05:00
Tooru Fujisawa
515ef9ba45 Bug 1321218 - Remove legacy generator from dom/. r=smaug 2016-12-01 18:11:32 +09:00
André Bargull
8843a98210 Bug 1319936 - Remove String generics uses in dom. r=billm 
--HG--
extra : rebase_source : f2b40e5d4a423035d2de8739570a76305a058cf0
 2016-11-24 13:17:00 -08:00
Carsten "Tomcat" Book
450508f7f3 merge mozilla-inbound to mozilla-central a=merge 2016-11-29 11:39:49 +01:00
Carsten "Tomcat" Book
002a446aec Backed out changeset 3472d9d9dd47 (bug 1313595) for hopefully reducing crashes 2016-11-29 10:25:07 +01:00
Frederik Braun
29efcb86ac Bug 1316826 - Test for JS URLs and strict-dynamic. r=dveditz 
MozReview-Commit-ID: EKmYoZbap25
 2016-11-28 21:56:55 -05:00
Thomas Wisniewski
fe33117844 Bug 1309219 - Only allow valid base64-values for CSP nonce and hash sources, per spec. r=francois 2016-11-24 21:46:09 -05:00
Frederik Braun
53901256a5 Bug 1316826 - Test case for strict-dynamic blocks inline event handlers. r=dveditz 
MozReview-Commit-ID: 4TS4pUNeIS1

--HG--
extra : rebase_source : e517f4898d0a9873c77e2731152ce3255b7c5938
 2016-11-21 15:13:29 -05:00
Ryan VanderMeulen
e1487e92f8 Bug 1311599 - Disable HSTS tests on linux debug. 
--HG--
extra : rebase_source : 5ad7d6ea972d4a350091458b0cc47dd148f13bb6
 2016-11-21 12:30:56 -05:00
Andrea Marchesini
42cdd9436b Bug 1318273 - Improve the use of SpecialPowers.pushPrefEnv() - part 2, r=qdot 2016-11-18 09:33:50 +01:00
Andrea Marchesini
2f974ccbce Bug 1318273 - Improve the use of SpecialPowers.pushPrefEnv() - part 1, r=qdot 2016-11-18 09:33:33 +01:00
Sebastian Hengst
7110a88674 Backed out changeset d43b778d95c6 (bug 1318273) for failing mochitest fetch/test_formdataparsing.html. r=backout on a CLOSED TREE 2016-11-17 20:58:38 +01:00
Sebastian Hengst
fdfd8b91d1 Backed out changeset 2560659cda95 (bug 1318273) 2016-11-17 20:57:59 +01:00
Andrea Marchesini
a895bd31ae Bug 1318273 - Improve the use of SpecialPowers.pushPrefEnv() - part 2, r=qdot 2016-11-17 19:36:21 +01:00
Andrea Marchesini
cf2ad8072f Bug 1318273 - Improve the use of SpecialPowers.pushPrefEnv() - part 1, r=qdot 2016-11-17 19:36:01 +01:00
Kate McKinley
dcbe139332 Bug 1317115 turn off HSTS priming to suppress perma-orange a=test-only 
MozReview-Commit-ID: I1bNquP4yT7
 2016-11-15 10:52:45 +09:00
Kate McKinley
5565f4d518 Bug 1313595 Reduce timeout for HSTS priming channels r=mayhemer 
Default is 3 seconds

MozReview-Commit-ID: 47hoaTEL9hV
 2016-11-08 17:49:39 +09:00
Phil Ringnalda
8562d3859b Backed out changeset a8be4ebc85cf (bug 1313595) for permaorange unexpected assertion in test_referrerdirective.html, a=backout 
MozReview-Commit-ID: GxBqDrHHg7z
 2016-11-14 18:30:58 -08:00
Kate McKinley
b8eeda422c Bug 1313595 Reduce timeout for HSTS priming channels r=mayhemer 
Default is 3 seconds

MozReview-Commit-ID: 47hoaTEL9hV

--HG--
extra : rebase_source : 6954dc92966122b15c60f19f5e91086fcd859728
 2016-11-08 17:49:39 +09:00
Kate McKinley
5ef79ef9a4 Bug 1313596 - Increase HSTS Priming default cache timeout. r=mayhemer 
MozReview-Commit-ID: 6sHuB4wIEu4

--HG--
extra : rebase_source : 9672c18384efe24f6cb5e1aa455217e37a97db90
 2016-11-10 00:30:00 -05:00
Sebastian Hengst
115286c614 Backed out changeset 9c1069e2a42e (bug 1236222) for failing xpcshell test test_csp_reports.js. r=backout 2016-11-09 11:31:38 +01:00
Tanuja Sawant
134e80abde Bug 1236222 - CSP: Blocked URI should be empty for inline violations. r=ckerschb 2016-11-07 19:22:53 +05:30
Wes Kocher
41c087935b Merge m-c to inbound, a=merge 2016-11-08 14:08:34 -08:00
Christoph Kerschbaumer
eb1fcc9de6 Bug 1299483 - CSP: Implement 'strict-dynamic', test default-src. r=dveditz 2016-11-08 13:34:36 +01:00
Christoph Kerschbaumer
54b5ba8aa1 Bug 1299483 - CSP: Implement 'strict-dynamic', parser inserted mochitests. r=dveditz,freddyb 2016-11-08 13:33:58 +01:00
Christoph Kerschbaumer
7148985f09 Bug 1299483 - CSP: Implement 'strict-dynamic', mochitests. r=dveditz,freddyb 2016-11-08 13:33:27 +01:00
Christoph Kerschbaumer
d9efe93bac Bug 1299483 - CSP: Implement 'strict-dynamic', parser tests. r=dveditz,freddyb 2016-11-08 13:32:17 +01:00
Christoph Kerschbaumer
611dfdf9b7 Bug 1299483 - CSP: Implement 'strict-dynamic', parser changes. r=dveditz,freddyb 2016-11-08 13:08:33 +01:00
Christoph Kerschbaumer
c267f70f91 Bug 1299483 - CSP: Implement 'strict-dynamic', enforcement changes. r=dveditz,freddyb 2016-11-08 12:55:23 +01:00
Joel Maher
27b9e899b0 Bug 1311599 - Disable hsts tests on linux32-debug only. r=kmckinley 
MozReview-Commit-ID: 2V5Xrfpwy3a

--HG--
extra : rebase_source : c02f00ac03368b5ce52598c23964e39f892e6007
 2016-11-07 14:51:45 -05:00
Nicholas Nethercote
e13c48fba9 Bug 1315170 - gtestify dom/security/test/TestCSPParser.cpp. r=francois. 
--HG--
rename : dom/security/test/TestCSPParser.cpp => dom/security/test/gtest/TestCSPParser.cpp
extra : rebase_source : 52b30a4c063ce2d330108fa4b8382ff8e4adf1b0
 2016-11-04 17:02:26 +11:00
Phil Ringnalda
a7bc94158c Merge m-i to m-c, a=merge 
MozReview-Commit-ID: H4VKCYDq5cD

--HG--
rename : xpcom/tests/TestAutoRef.cpp => xpcom/tests/gtest/TestAutoRef.cpp
rename : xpcom/tests/TestCOMArray.cpp => xpcom/tests/gtest/TestCOMArray.cpp
rename : xpcom/tests/TestCOMPtr.cpp => xpcom/tests/gtest/TestCOMPtr.cpp
rename : xpcom/tests/TestCOMPtrEq.cpp => xpcom/tests/gtest/TestCOMPtrEq.cpp
rename : xpcom/tests/TestFile.cpp => xpcom/tests/gtest/TestFile.cpp
rename : xpcom/tests/TestHashtables.cpp => xpcom/tests/gtest/TestHashtables.cpp
rename : xpcom/tests/TestID.cpp => xpcom/tests/gtest/TestID.cpp
 2016-11-05 13:36:25 -07:00
Sebastian Hengst
4b45959d12 Bug 1310297 - Remove test annotations using b2g, mulet or gonk: dom/security. r=RyanVM 
MozReview-Commit-ID: 8G41CCQ1P01

--HG--
extra : rebase_source : d8f02480bc506c06e13d0d47fa123df6f8b2f18d
 2016-11-05 11:29:17 +01:00
Frederik Braun
e8f0bc4a89 Bug 1312272 - Test that marquee event handlers are subject to CSP. r=smaug 
MozReview-Commit-ID: 4KYon5u0ocf

--HG--
extra : histedit_source : 6de85932af364aba1960f16a51d20d32b8ec6b7c
 2016-11-04 22:54:19 -04:00
Frederik Braun
579a6043ca Bug 1312680 - Test that require-sri-for blocks style loads via @import r=francois 
MozReview-Commit-ID: A8DPWH2S3sD
 2016-11-03 03:18:00 +01:00
Carsten "Tomcat" Book
921f2dc51d Merge mozilla-central to mozilla-inbound 
--HG--
extra : amend_source : 754a1f5236bea4ec4fcaac985945aa89f6c29769
 2016-10-20 16:50:23 +02:00
Kate McKinley
26490f6904 Bug 1310955 - Fix nsSiteSecurityService cache retrieval r=ckerschb,keeler 
MozReview-Commit-ID: 55DpKrqcL1x

--HG--
extra : rebase_source : 5e068cc70c45dd1844a0e59559875cde659f202a
 2016-10-18 20:09:15 +09:00
Phil Ringnalda
6c91017f20 Merge m-i to m-c, a=merge 
MozReview-Commit-ID: FA9OZyjP59N
 2016-10-18 19:36:18 -07:00
Ehsan Akhgari
f13c011369 Bug 1310895 - Remove support for app default and manifest CSP enforcement; r=baku 2016-10-18 09:40:41 -04:00
Kate McKinley
5b82359aa3 Bug 1305993 - Break tests up to avoid timeouts r=philor 
MozReview-Commit-ID: 8y2gwNjnEnT

--HG--
extra : rebase_source : c24354dd7c60064b38bbbad067806d3c0a52c690
 2016-10-07 17:19:38 +09:00
Christoph Kerschbaumer
066a3827af Bug 1307321 - Use correct length of CSP report when sending violations. r=jrgm,freddyb 2016-10-14 20:07:32 +02:00
Sebastian Hengst
24324313f6 Backed out changeset f443b21ba9de (bug 1307321) for unexpected passing of scripthash-unicode-normalization.sub.html. r=backout 2016-10-14 17:51:22 +02:00
Christoph Kerschbaumer
0341cd9771 Bug 1307321 - Use correct length of CSP report when sending violations. r=jrgm,freddyb 2016-10-14 15:23:24 +02:00
Ehsan Akhgari
9de6bbbaec Bug 1261019 - Part 3: Remove Navigator.mozApps and code depending on it; r=myk,jryans,fabrice,mcmanus,peterv 2016-10-13 13:18:41 -04:00
Andrea Marchesini
793b227795 Bug 1309818 - Fixing some warning when compiling dom/*, r=smaug 2016-10-13 14:33:07 +02:00
Steven Englehardt
f4e92ab657 Bug 1277803 - Part 5 : A test to verify the loadingPrincipal of favicon loads. r=ckerschb 2016-10-13 15:44:00 +08:00
Tim Huang
372ec56ff4 Bug 1277803 - Part 1 : Add a new ContentPolicy TYPE_INTERNAL_IMAGE_FAVICON for indicating a favicon loading. r=ckerschb 2016-10-13 15:43:54 +08:00
Wes Kocher
2142de26c1 Backed out 8 changesets (bug 1277803) for browser-chrome test failures a=backout 
Backed out changeset 477890efdb88 (bug 1277803)
Backed out changeset 49da326bfe68 (bug 1277803)
Backed out changeset 2d17a40a9077 (bug 1277803)
Backed out changeset b1cb0a195ca1 (bug 1277803)
Backed out changeset c7d82459d152 (bug 1277803)
Backed out changeset 3be9a06248af (bug 1277803)
Backed out changeset 8d119ca96999 (bug 1277803)
Backed out changeset be767a6f7ecd (bug 1277803)
 2016-10-12 14:26:00 -07:00
Steven Englehardt
226661a0bc Bug 1277803 - Part 5 : A test to verify the loadingPrincipal of favicon loads. r=ckerschb 2016-10-12 17:32:11 +08:00
Tim Huang
0ceca5575d Bug 1277803 - Part 1 : Add a new ContentPolicy TYPE_INTERNAL_IMAGE_FAVICON for indicating a favicon loading. r=ckerschb 2016-10-12 17:32:03 +08:00
Richard Barnes
ea829544cd Bug 1308951 - Add a pref to whitelist specific domains as SecureContexts r=ckerschb,jcj 
MozReview-Commit-ID: AxihCLsBNRw

--HG--
extra : rebase_source : bd2800c65af839ef67f4ca9a841f08884ac9c539
 2016-10-10 11:32:24 -04:00
Yoshi Huang
06ba09a073 Bug 1264137 - Part 3: perform ContentPolicy check if the load is happening on this docshell. r=bz, smaug 2016-10-07 17:40:21 +08:00
Iris Hsiao
e6ab0adc40 Backed out changeset d283c59402ce (bug 1277803) 
CLOSED TREE
 2016-10-07 11:24:08 +08:00
Iris Hsiao
596b8e86ce Backed out changeset 76788d4f83ce (bug 1277803) 
CLOSED TREE
 2016-10-07 11:23:40 +08:00
Steven Englehardt
1925944f12 Bug 1277803 - Part 5: Add a test to verify the loadingPrincipal of favicon loads. r=ckerschb 2016-09-13 00:33:00 -04:00
Tim Huang
85a1cb6b99 Bug 1277803 - Part 1: Add a new ContentPolicy TYPE_INTERNAL_IMAGE_FAVICON for indicating a favicon loading. r=ckerschb 2016-09-07 00:38:00 -04:00
Nicolas B. Pierron
395abf823f Bug 1288104 part 2 - Instrument SRICheckDataVerifier to load/save the computed hash from the bytecode cache. r=francois 2016-10-20 09:44:33 +00:00
Frederik Braun
ae7fb1e8d0 Bug 1279139 - require-sri-for needs to govern scriptloading for workers. r=baku 
MozReview-Commit-ID: 3m21kbiV5qK

--HG--
extra : rebase_source : 30c784392e96c1b28c55d38959cc529093b9b568
 2016-10-04 02:36:00 +02:00
Christoph Kerschbaumer
b0951acfc5 Bug 1302539 - X-Content-Type-Options: nosniff should not apply to images (temporarily). r=dveditz 2016-09-30 09:38:44 +02:00
Edgar Chen
cf7304c3c6 Bug 1306007 - Part 1: Remove srcset/picture feature control preference; r=jdm,smaug 
MozReview-Commit-ID: BsyTHeqiGZL

--HG--
extra : rebase_source : 2add2510dbe16c641fe997a8349c1a36009bec20
 2016-04-16 18:07:56 -04:00
Samriddhi Jain
40e1a53f35 Bug 1303682 - Add deprecation warning before removing 'referrer' directive from CSP. r=ckerschb 2016-09-28 20:17:18 +05:30
Thomas Wisniewski
c190891418 Bug 1303121 - Do not fire one last progress event on XHR errors, to match a spec change. r=annevk 
--HG--
extra : rebase_source : 9a59934cfe8fc7f2ee8ef7788813f97e2355ce2a
 2016-09-28 13:05:32 -04:00
Kate McKinley
c57d400961 Bug 1246540 - HSTS Priming Proof of Concept. r=ckerschb, r=mayhemer, r=jld, r=smaug, r=dkeeler, r=jmaher, p=ally 
HSTS priming changes the order of mixed-content blocking and HSTS
upgrades, and adds a priming request to check if a mixed-content load is
accesible over HTTPS and the server supports upgrading via the
Strict-Transport-Security header.

Every call site that uses AsyncOpen2 passes through the mixed-content
blocker, and has a LoadInfo. If the mixed-content blocker marks the load as
needing HSTS priming, nsHttpChannel will build and send an HSTS priming
request on the same URI with the scheme upgraded to HTTPS. If the server
allows the upgrade, then channel performs an internal redirect to the HTTPS URI,
otherwise use the result of mixed-content blocker to allow or block the
load.

nsISiteSecurityService adds an optional boolean out parameter to
determine if the HSTS state is already cached for negative assertions.
If the host has been probed within the previous 24 hours, no HSTS
priming check will be sent.

MozReview-Commit-ID: ES1JruCtDdX

--HG--
extra : rebase_source : 2ac6c93c49f2862fc0b9e595eb0598cd1ea4bedf
 2016-09-27 11:27:00 -04:00
Xidorn Quan
f196d451ef Bug 1304302 part 7 - Break cycle reference between SRIMetadata.h and SRICheck.h. r=smaug 
MozReview-Commit-ID: 8UpAEXURuSg

--HG--
extra : source : 50604098e9e374611b02d82d765fa0b230d71373
 2016-09-26 22:03:25 +10:00
Iris Hsiao
767e1e9b11 merge mozilla-inbound to mozilla-central a=merge 2016-09-26 18:34:20 +08:00
Kate McKinley
694c12c743 Bug 1242019 - Truncate data URIs in CSP log messages. r=ckerschb 
MozReview-Commit-ID: DaiGESRI1rb

--HG--
extra : transplant_source : %EC%7B%3F%20O%3A%A7g%BAl%82%BC-Xg%23%84%E2%3C%EE
 2016-09-12 14:30:43 -07:00
Kate McKinley
ed0b5f06ee Bug 1271796 use raw bytes to calculate SRI hash r=francois 
MozReview-Commit-ID: F62t5CnsYlJ

--HG--
extra : rebase_source : 9c2148ffe99a51db5541ec6d9961597b578157ae
 2016-09-05 12:55:25 +02:00
Gabor Krizsanits
9f5afabda0 Bug 1294381 - Delayed process script for test_bug803225.html. r=mrbkap 2016-09-22 09:26:26 +02:00
Christoph Kerschbaumer
f41283f981 Bug 1298680 - Use uint64_t consistently for windowID within CSP. r=freddyb 2016-09-19 12:57:20 +02:00
Christoph Kerschbaumer
9f2e941749 Bug 1296027 - CSP: Include 'Source' within error message when logging to the console. r=freddyb,bgrins 2016-09-19 10:18:55 +02:00
Frederik Braun
fd99ac5cc2 Bug 1277248 - Add test to ensure that require-sri-for does not allow svg:scripts r=ckerschb 
MozReview-Commit-ID: 1knIYZ93UeY

--HG--
extra : rebase_source : 4c1385382ecdddf80ec45d46d440b37bf4ad47c1
 2016-09-13 11:05:37 +02:00
Tom Tung
db38e2111a Bug 1187335 - P6 - Support script/css to set integrity metadata to serviceWorker. r=bkelly. r=francois. 2016-09-07 10:30:21 +08:00
Tom Tung
6f314fb375 Bug 1187335 - P3 - modify SRI test to match current behavior. r=bkelly, r=francois. 2016-05-30 12:26:56 +08:00
Tom Tung
78670a91d5 Bug 1187335 - P2 - Modify the way to report to console for worker and use LoadTainting to decide CORS or not. r=bkelly. r=francois. 2016-09-08 09:59:40 +08:00
Henry Chang
6ea7c1b598 Bug 1229639 - Part 2: Test case. r=ckerschb 
MozReview-Commit-ID: GbofB6JoFil

--HG--
extra : rebase_source : dc4ac339817a052f687179988e28ec02764bd3e7
 2016-09-06 18:30:12 +08:00
Henry Chang
f9eeeb2620 Bug 1229639 - Part 1: Match CSP host source with percent-decoded URI. r=ckerschb 
MozReview-Commit-ID: CSGeoSR2qw8

--HG--
extra : rebase_source : f64cb0b9cab61ec09faa29139f72d28272fbbedb
 2016-09-06 18:29:26 +08:00
Tom Schuster
885c81fd09 Bug 1299267 - Test for wrong mime types. r=ckerschb 2016-09-05 20:02:52 +02:00
Nicholas Nethercote
b71747b2ac Bug 1299727 - Rename NS_WARN_IF_FALSE as NS_WARNING_ASSERTION. r=erahm. 
The new name makes the sense of the condition much clearer. E.g. compare:

  NS_WARN_IF_FALSE(!rv.Failed());

with:

  NS_WARNING_ASSERTION(!rv.Failed());

The new name also makes it clearer that it only has effect in debug builds,
because that's standard for assertions.

--HG--
extra : rebase_source : 886e57a9e433e0cb6ed635cc075b34b7ebf81853
 2016-09-01 15:01:16 +10:00
Nicholas Nethercote
742fc7eb48 Bug 1297961 (part 1) - Introduce nsURI::GetSpecOrDefault(). r=hurley. 
This function is an infallible alternative to nsIURI::GetSpec(). It's useful
when it's appropriate to handle a GetSpec() failure with a failure string, e.g.
for log/warning/error messages. It allows code like this:

  nsAutoCString spec;
  uri->GetSpec(spec);
  printf("uri: %s", spec.get());

to be changed to this:

  printf("uri: %s", uri->GetSpecOrDefault().get());

This introduces a slight behavioural change. Previously, if GetSpec() failed,
an empty string would be used here. Now, "[nsIURI::GetSpec failed]" will be
produced instead. In most cases this failure string will make for a clearer
log/warning/error message than the empty string.
* * *
Bug 1297961 (part 1b) - More GetSpecOrDefault() additions. r=hurley.

I will fold this into part 1 before landing.

--HG--
extra : rebase_source : ddc19a5624354ac098be019ca13cc24b99b80ddc
 2016-08-26 16:02:31 +10:00
Christoph Kerschbaumer
a80531eeb1 Bug 1298505 - CSP: Update StripURIForReporting to rely on NS_SecurityCompareURIs. r=dveditz 
--HG--
extra : rebase_source : b3cd4f3ebed2ee079d88c896aa08e2e99e5c20a5
 2016-08-27 08:30:43 +02:00
Christoph Kerschbaumer
9489473322 Bug 1297051 - Test CSPRO should not block mixed content. r=dveditz 2016-08-24 09:24:20 +02:00
Christoph Kerschbaumer
653bf080a7 Bug 1297051 - CSPRO should not block mixed content. r=dveditz 2016-08-24 09:24:55 +02:00
Christoph Kerschbaumer
4261d2f1f7 Bug 1288361 - Test block script with wrong MIME type. r=dveditz 2016-08-22 08:56:32 +02:00
Christoph Kerschbaumer
19b246a586 Bug 1290560 - Update TestCSPParser to include 'sandbox', 'require-sri' and 'report-uri' with no valid srcs. r=dveditz 2016-08-19 18:45:04 +02:00
Christoph Kerschbaumer
df1432e805 Bug 1290560 - Update CSPParser to handle 'sandbox', 'require-sri' and 'report-uri' with no valid srcs correctly. r=dveditz 2016-08-19 18:41:45 +02:00
Nicholas Nethercote
ca40b738e4 Bug 1294620 - Use infallible XPIDL attribute getters more. r=erahm. 
This makes a lot of code more compact, and also avoids some redundant nsresult
checks.

The patch also removes a handful of redundant checks on infallible setters.

--HG--
extra : rebase_source : f82426e7584d0d5cddf7c2524356f0f318fbea7d
 2016-08-12 15:19:29 +10:00
Nicholas Nethercote
3b0485fcdb Bug 1294645 - Don't use NS_CALLBACK for callbacks in nsI{Input,Output,UnicharInput},Stream.idl. r=froydnj. 
Slightly less than half (93 / 210) of the NS_METHOD instances in the codebase
are because of the use of NS_CALLBACK in
nsI{Input,Output,UnicharInput},Stream.idl. The use of __stdcall on Win32 isn't
important for these callbacks because they are only used as arguments to
[noscript] methods.

This patch converts them to vanilla |nsresult| functions. It increases the size
of xul.dll by about ~600 bytes, which is about 0.001%.

--HG--
extra : rebase_source : c15d85298e0975fd030cd8f8f8e54501f453959b
 2016-08-12 17:36:22 +10:00
Michael Layzell
8e946df619 Bug 1293001 - Part 2: Change the BinaryName of nsIContentSecurityPolicy::getPolicy from GetPolicy (which overloaded another virtual method), to GetPolicyString, r=froydnj 
MozReview-Commit-ID: 4XWRar3Uuw
 2016-08-11 15:49:40 -04:00
Nicholas Nethercote
e7f10a07fd Bug 1293603 (part 2) - Make Run() declarations consistent. r=erahm. 
This patch makes most Run() declarations in subclasses of nsIRunnable have the
same form: |NS_IMETHOD Run() override|.

As a result of these changes, I had to add |override| to a couple of other
functions to satisfy clang's -Winconsistent-missing-override warning.

--HG--
extra : rebase_source : 815d0018b0b13329bb5698c410f500dddcc3ee12
 2016-08-08 12:18:10 +10:00
Thomas Wisniewski
95d1c98761 Bug 918703 - Part 2: Correct progress event logic so events are sent in the correct order and with the correct values according to spec. r=baku 
--HG--
extra : rebase_source : da5305fdfb1b28404199733f68cb65803a087e38
 2016-08-05 23:47:40 -04:00
Gabor Krizsanits
f6bc83a18a Bug 1285894 - Fixing test_bug803225.html for e10s-multi. r=mrbkap 2016-08-01 12:26:38 +02:00
Christoph Kerschbaumer
886e7cd571 Bug 1289085: CSP - Test referrer with no valid src. r=dveditz 2016-07-29 22:53:59 +02:00
Christoph Kerschbaumer
ec59af86d9 Bug 1289085: CSP - Bail early if referrer directive has no valid src. r=dveditz 2016-07-31 07:57:22 +02:00
Thomas Wisniewski
6a1fb99d2b Bug 709991 - Fire onerror instead of throwing on network errors for async XHRs. r=bz 2016-07-30 00:24:56 -04:00
Iris Hsiao
caea40742f Backed out changeset 8dc198cd46ff (bug 1246540) for Mochitest failures 2016-07-27 13:14:07 +08:00
Kate McKinley
c6650db185 Bug 1246540 HSTS Priming Proof of Concept 
HSTS priming changes the order of mixed-content blocking and HSTS
upgrades, and adds a priming request to check if a mixed-content load is
accesible over HTTPS and the server supports upgrading via the
Strict-Transport-Security header.

Every call site that uses AsyncOpen2 passes through the mixed-content
blocker, and has a LoadInfo. If the mixed-content blocker marks the load as
needing HSTS priming, nsHttpChannel will build and send an HSTS priming
request on the same URI with the scheme upgraded to HTTPS. If the server
allows the upgrade, then channel performs an internal redirect to the HTTPS URI,
otherwise use the result of mixed-content blocker to allow or block the
load.

nsISiteSecurityService adds an optional boolean out parameter to
determine if the HSTS state is already cached for negative assertions.
If the host has been probed within the previous 24 hours, no HSTS
priming check will be sent.

(r=ckerschb,r=mayhemer,r=jld,r=smaug,r=dkeeler,r=jmaher,p=ally)
 2016-07-26 13:03:00 +08:00
Iris Hsiao
a7c8429fc4 Backed out changeset d7e39be85498 (bug 1246540) for Mochitest failures 2016-07-27 11:15:52 +08:00
Kate McKinley
567ebcf321 Bug 1246540 - HSTS Priming Proof of Concept. r=ckerschb, r=mayhemer, r=jld, r=smaug, r=dkeeler, r=jmaher, p=ally 
HSTS priming changes the order of mixed-content blocking and HSTS
upgrades, and adds a priming request to check if a mixed-content load is
accesible over HTTPS and the server supports upgrading via the
Strict-Transport-Security header.

Every call site that uses AsyncOpen2 passes through the mixed-content
blocker, and has a LoadInfo. If the mixed-content blocker marks the load as
needing HSTS priming, nsHttpChannel will build and send an HSTS priming
request on the same URI with the scheme upgraded to HTTPS. If the server
allows the upgrade, then channel performs an internal redirect to the HTTPS URI,
otherwise use the result of mixed-content blocker to allow or block the
load.

nsISiteSecurityService adds an optional boolean out parameter to
determine if the HSTS state is already cached for negative assertions.
If the host has been probed within the previous 24 hours, no HSTS
priming check will be sent.
 2016-07-26 13:03:00 -04:00
Carsten "Tomcat" Book
dcae5b0335 Merge mozilla-central to fx-team 2016-07-26 11:58:36 +02:00
Carsten "Tomcat" Book
a3904e8a8a Merge mozilla-central to mozilla-inbound 2016-07-25 15:59:01 +02:00
Carsten "Tomcat" Book
b9a6c687fa merge mozilla-inbound to mozilla-central a=merge 2016-07-25 15:50:41 +02:00
Franziskus Kiefer
249fa77287 Bug 1263793 - update SAN, r=mgoodwin,ulfr 
MozReview-Commit-ID: HtMKl2gP1xi

--HG--
extra : rebase_source : 5173dda521679b2ce6c8caabb3b54cce4f658640
 2016-07-25 09:44:19 +02:00
Carsten "Tomcat" Book
0a5622c093 Backed out changeset 640247e978ba (bug 1246540) for bustage 2016-07-24 15:59:31 +02:00
Kate McKinley
547500d5a7 Bug 1246540 - HSTS Priming Proof of Concept. r=honzab 
HSTS priming changes the order of mixed-content blocking and HSTS
upgrades, and adds a priming request to check if a mixed-content load is
accesible over HTTPS and the server supports upgrading via the
Strict-Transport-Security header.

Every call site that uses AsyncOpen2 passes through the mixed-content
blocker, and has a LoadInfo. If the mixed-content blocker marks the load as
needing HSTS priming, nsHttpChannel will build and send an HSTS priming
request on the same URI with the scheme upgraded to HTTPS. If the server
allows the upgrade, then channel performs an internal redirect to the HTTPS URI,
otherwise use the result of mixed-content blocker to allow or block the
load.

nsISiteSecurityService adds an optional boolean out parameter to
determine if the HSTS state is already cached for negative assertions.
If the host has been probed within the previous 24 hours, no HSTS
priming check will be sent.

(r=ckerschb,r=mayhemer,r=jld,r=smaug,r=dkeeler,r=jmaher,p=ally)
 2016-07-22 18:35:00 +02:00
Johann Hofmann
0e04940e1a Bug 1277524 - Add moz-extension to the list of potentially trustworthy origins. r=tanvi 
MozReview-Commit-ID: BvR7Xb0AE9N

--HG--
extra : rebase_source : dfe2d600b15a6cffd49be454b3394106c3ff9bb3
extra : histedit_source : 8b03564ebced1305ce79652d904e7bb95a92a2e8
 2016-06-02 17:14:27 +02:00
Christoph Kerschbaumer
022d9af2b3 Bug 1285003 - Test insecure http port :80 allows secure https port :443. r=dveditz 2016-07-22 11:32:21 +02:00
Christoph Kerschbaumer
3a9a5e2c83 Bug 1285003 - CSP: Insecure http port :80 should also allow secure https port :443. r=dveditz 2016-07-22 11:32:41 +02:00
Carsten "Tomcat" Book
c7846e126c Backed out changeset 16aa7041c009 (bug 1287107) for causing xpcshell and mac tests 2016-07-22 11:30:23 +02:00
Fabrice Desré
f5b619fb28 Bug 1287107 - Making transition alive with gaia as chrome:// r=bholley,fabrice 
MozReview-Commit-ID: 9uVUrmuVFXQ

--HG--
extra : rebase_source : d0c19fcda5c72ecdce3b0d0bbbafa5a7954d7a4c
 2016-03-03 09:58:47 -08:00
Tom Tromey
5538d692d3 Bug 1286877 - do not set c-basic-offset for python-mode; r=gps 
This removes the unnecessary setting of c-basic-offset from all
python-mode files.

This was automatically generated using

    perl -pi -e 's/; *c-basic-offset: *[0-9]+//'

... on the affected files.

The bulk of these files are moz.build files but there a few others as
well.

MozReview-Commit-ID: 2pPf3DEiZqx

--HG--
extra : rebase_source : 0a7dcac80b924174a2c429b093791148ea6ac204
 2016-07-14 10:16:42 -06:00
Franziskus Kiefer
dd5231632f Bug 1263793 - Using content signature verifier for verifying remote newtab, r=keeler,mayhemer 
MozReview-Commit-ID: ABXYYseKImq

--HG--
extra : rebase_source : 79614e5215e738dff9683ad447245bd830c887bf
 2016-05-19 10:59:48 +02:00
Chris Peterson
b175c9fdd5 Bug 1277106 - Part 2: Expand MOZ_UTF16() strings to u"" string literals. r=Waldo 2016-07-20 22:03:25 -07:00
Wes Kocher
e2d9911273 Backed out changeset 21d8bb5af7b4 (bug 1263793) for leaks in various jobs CLOSED TREE 2016-07-20 11:16:37 -07:00
Franziskus Kiefer
9b9c643025 Bug 1263793 - Using content signature verifier for verifying remote newtab, r=keeler,mayhemer 
MozReview-Commit-ID: CHUPgBr8WaC

--HG--
extra : rebase_source : 969bd058a157c7307b7a4d3c2a4c5d62e82b7489
 2016-05-19 10:59:48 +02:00
Christoph Kerschbaumer
f2c908b15d Bug 471020 - Test X-Content-Type-Options: nosniff. r=dveditz 2016-07-20 12:33:29 +02:00
Christoph Kerschbaumer
23f7b47719 Bug 1273430 - Test CSP upgrade-insecure-requests for doc.write(iframe). r=tanvi 2016-07-20 09:26:16 +02:00
Fabrice Desré
7846da76d6 Bug 1287107 - Making transition alive with gaia as chrome:// r=bholley,fabrice 
MozReview-Commit-ID: 9uVUrmuVFXQ

--HG--
extra : rebase_source : 20f6f0235667530c21aca4889b5d33e39c2d1a48
 2016-03-03 09:58:47 -08:00
Wes Kocher
c9783f64cb Backed out 4 changesets (bug 471020) for frequent Windows w(2) failures CLOSED TREE a=merge 
Backed out changeset d9675ab3d203 (bug 471020)
Backed out changeset 3ee328c56de0 (bug 471020)
Backed out changeset 000576e264bd (bug 471020)
Backed out changeset ffe60708c457 (bug 471020)
 2016-07-18 16:07:28 -07:00
Christoph Kerschbaumer
6166c48409 Bug 471020 - Test X-Content-Type-Options: nosniff. r=dveditz 2016-07-18 14:47:35 +02:00
Christoph Kerschbaumer
97e696739a Bug 1286376 - Do not call finish multiple times within test_contentpolicytype_targeted_link_iframe.html. r=smaug 2016-07-13 09:04:30 +02:00
Thomas Nguyen
941244dcc8 Bug 1286024 - Replace no document in SetRequestContext warning with a log. r=ckerschb 
MozReview-Commit-ID: IitqAt0iLQF

--HG--
extra : rebase_source : 72c6bd3b894d8a36f65bfd43ddd8f294de1f2d22
 2016-07-12 17:46:23 +08:00
Carsten "Tomcat" Book
442eb5511e Merge mozilla-central to mozilla-inbound 2016-07-12 11:06:19 +02:00
Christoph Kerschbaumer
0cd1f7698a Bug 1234813 - Tests for: sendBeacon should not throw if blocked by Content Policy. r=barnes 2016-07-12 07:26:37 +02:00
Christoph Kerschbaumer
68b180b34f Bug 1255240 - Test content policy types within content policies for targeted links in iframes. r=smaug 2016-07-11 20:58:57 +02:00
Christoph Kerschbaumer
84f2bb5302 Bug 1277557 - Test require-sri-for in meta tag r=francois 2016-07-08 07:26:34 +02:00
Francois Marier
11de73857c Bug 1269241 - Add SRI tests for UTF-8 stylesheets. r=ckerschb,r=jkt 2016-07-07 14:44:51 -07:00
Johann Hofmann
22b8fe594a Bug 1253771 - Add previous state info to mixed content callback. r=tanvi r=florian 
MozReview-Commit-ID: 5msNz97psok

--HG--
extra : rebase_source : 640f86c3cc0b9b5a842a0c104cb269915b727b4b
extra : histedit_source : 6ca75dac152d5135089f9053eb91440058b124e4
 2016-04-27 10:38:26 +02:00
Thomas Nguyen
6516ad9dae Bug 959388 - Deliver CSP from HTTP header. r=ckerschb, r=khuey 
MozReview-Commit-ID: 13ndERn6rrL

--HG--
extra : rebase_source : e0ec31f9d322b1385994eb7d66bd885c91d75df3
 2016-06-30 12:31:59 +08:00
Thomas Nguyen
bd8bba9788 Bug 959388 - Add csp worker test cases. r=kmckinley 
MozReview-Commit-ID: IhEAA89VyTr

--HG--
extra : rebase_source : 63d522eab0477706636aa2e9086f1b0cdc30889d
 2016-06-30 12:32:03 +08:00
Paul Roberts
edd71bdffd Bug 671389 - Extend CSP tests for iframe sandbox with CSP sandbox directive tests r=grobinson 
--HG--
extra : rebase_source : 4a37c0828701909f32870c0079b75b5c55144381
 2016-06-28 14:06:06 -07:00
Paul Roberts
6e2b739762 Bug 671389 - Tests for CSP sandbox directive. r=grobinson, r=smaug 
--HG--
extra : rebase_source : 8906837f0a8f0afdb3ba3db5463265ef62220f92
 2016-06-28 14:03:45 -07:00
Paul Roberts
ec18fc5ff7 Bug 671389 - Implement CSP sandbox directive. r=ckerschb r=smaug 
--HG--
extra : rebase_source : d9c5f5868c2558a3696cd489674da6f243be11ad
 2016-06-29 07:48:44 -07:00
Christoph Kerschbaumer
9e62aecdfc Bug 1278272 - Convert test_csp_upgrade_insecure_request_header.js to channel.asyncOpen2() r=jkt 2016-06-29 13:08:47 +02:00
Christoph Kerschbaumer
1a5fda4297 Bug 1240193 - Skip TYPE_DOCUMENT assertions for loads initiated by JS tests (r=tanvi) 2016-06-29 12:59:45 +02:00
Jonathan Kingston
daa6f72c59 Bug 1279420 - Adding in security.csp.experimentalEnabled pref check to require-sri-for directive in CSP. r=ckerschb 
MozReview-Commit-ID: 799ZZoW0YiG

--HG--
extra : transplant_source : %CAC%12%16%C6a%10AP%BEc%85%BA%93Z%7Cq%D43%8D
 2016-06-20 19:49:38 +01:00
Christoph Kerschbaumer
24fbc29c99 Bug 1188642 - Use channel->ascynOpen2 in dom/base/nsObjectLoadingContent.cpp r=smaug 2016-06-28 09:37:55 +02:00