Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-22 17:55:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
475,013 Commits 615 Branches 98 Tags 5.9 GiB
62ecdfc256
Commit Graph

321 Commits

Author SHA1 Message Date
Jonas Sicking
ff12f48c5a Bug 1226909 part 3: Move logic of when to initiate CORS preflight into channels. Allow CORS preflight to happen when doing a same-origin to cross-origin redirect. r=ckerschb 2015-12-05 01:46:20 -08:00
Jonas Sicking
df33e62850 Bug 1226909 part 1: Do security checks in a redirect handler rather than when opening the redirected channel. r=ckerschb 2015-12-05 01:46:20 -08:00
Yury Delendik
5576308d8c Bug 1218029 - Implements progressive Unicode chars decoding in nsScriptLoader. r=djvj 
--HG--
extra : commitid : 4fqBUFXilM5
 2015-11-30 08:54:52 -06:00
Yury Delendik
aeaf497a64 Bug 1218029 - Adds SRICheckDataVerifier for progressing data handling. r=francois 
--HG--
extra : commitid : DLkHFWfJFxT
 2015-11-30 08:54:40 -06:00
Yury Delendik
66199890c4 Bug 1218029 - Adds IncrementalStreamLoader interface stubs. r=djvj 
--HG--
extra : commitid : J0UubFG9gvz
 2015-11-30 08:54:11 -06:00
Christoph Kerschbaumer
20d9928a1b Bug 1228116 - Relax Security checks for DTD loads. r=sicking 
--HG--
extra : rebase_source : 53f2deeb44dd29dbb4d6f50a8435763cb07df8a1
 2015-11-25 13:38:05 -08:00
sajitk
5fb2c53074 Bug 1219478: Replace PRLogModuleInfo usage with LazyLogModule in dom folders except media.r=amerchesini 2015-11-23 11:09:25 -08:00
Ehsan Akhgari
76fa5db947 Bug 1210302 - Part 4: Add automated tests; r=sicking 2015-11-20 16:32:53 -05:00
Christoph Kerschbaumer
143b334dd4 Bug 1182546 - Use channel->Open2() in parser/htmlparser/nsExpatDriver.cpp (r=bz) 2015-11-20 10:55:54 -08:00
Christoph Kerschbaumer
d4843470df Bug 1226324 - Do not use NS_ENSURCE_SUCCESS(rv, NS_OK) within nsContentSecurityManager. r=tanvi 2015-11-19 14:22:57 -08:00
Nigel Babu
ba8444d785 Backed out changeset 95069f2ce648 (bug 1182546) for Android M(c) bustage ON A CLOSED TREE 2015-11-19 14:26:33 +05:30
Christoph Kerschbaumer
ab10273998 Bug 1182546 - Use channel->Open2() in parser/htmlparser/nsExpatDriver.cpp (r=bz) 2015-11-18 19:23:28 -08:00
Andrea Marchesini
36e922b9b7 Bug 1218433 - Use AsyncOpen2 in dom/workers/ScriptLoader.cpp - part 2 - WPT, r=sicking, r=Ms2ger 2015-11-16 22:41:54 +00:00
Wes Kocher
9d1f194cbb Backed out 2 changesets (bug 1218433) for wpt failures CLOSED TREE 
Backed out changeset 1cc8cc0444c0 (bug 1218433)
Backed out changeset 5418ca0e0378 (bug 1218433)

--HG--
extra : commitid : H1h8VHrzxx8
 2015-11-16 11:13:43 -08:00
Andrea Marchesini
76aba80dc5 Bug 1218433 - Use AsyncOpen2 in dom/workers/ScriptLoader.cpp - part 2 - WPT, r=sicking, r=Ms2ger 2015-11-16 16:57:29 +00:00
Sebastian Hengst
a0cf7d50ad Backed out 2 changesets (22360424ed15, 325a67608df0) (bug 1218433) for W(1,2) failures. r=backout on a CLOSED TREE 
Backed out changeset 22360424ed15 (bug 1218433)
Backed out changeset 325a67608df0 (bug 1218433)
 2015-11-15 15:56:45 +01:00
Andrea Marchesini
3285721a07 Bug 1218433 - Use AsyncOpen2 in dom/workers/ScriptLoader.cpp - part 2 - WPT, r=sicking 2015-11-15 11:57:22 +00:00
Christoph Kerschbaumer
c941fd4008 Bug 663570 - Test 5: doc.write(meta csp) (r=sicking) 2015-11-14 19:30:24 -08:00
Christoph Kerschbaumer
749afb19d4 Bug 663570 - Test 4: update referrer tests (r=sicking) 2015-11-14 19:30:16 -08:00
Christoph Kerschbaumer
74f7445a35 Bug 663570 - Test 3: update upgrade-insecure-requests tests (r=sicking) 2015-11-14 19:30:08 -08:00
Christoph Kerschbaumer
55d2e60a7e Bug 663570 - Test 2: meta and header dual test (r=sicking) 2015-11-14 19:29:58 -08:00
Christoph Kerschbaumer
82df3d1b9b Bug 663570 - Test 1: baseline tests (r=sicking) 2015-11-14 19:29:45 -08:00
Christoph Kerschbaumer
3bac30dca9 Bug 663570 - MetaCSP Part 6: CSP preload changes (r=sicking) 2015-11-14 19:29:18 -08:00
Christoph Kerschbaumer
96f42dd458 Bug 663570 - MetaCSP Part 1: CSP parser changes (r=sicking) 2015-11-14 19:27:59 -08:00
Jonas Sicking
27c89ea082 Bug 1223647: CSP erroneously inherited into dedicated workers. r=ckerschb 
--HG--
rename : dom/workers/test/serviceworkers/test_eval_not_allowed.html^headers^ => dom/workers/test/serviceworkers/test_eval_allowed.html^headers^
 2015-11-10 21:16:12 -08:00
Wes Kocher
2e6d1e7dfb Backed out changeset d12f758f5f36 (bug 1223647) for android csp test failures 
--HG--
extra : commitid : GRTvvKDy9Ki
 2015-11-11 14:27:52 -08:00
Jonas Sicking
ea6cf63b0f Bug 1223647: CSP erroneously inherited into dedicated workers. r=ckerschb 2015-11-10 21:16:12 -08:00
Kit Cambridge
8431cd65cd Bug 1223481 - Use the "potentially trustworthy origin" helper to validate Push server URLs. r=dragana 
--HG--
extra : commitid : 6RrHT77kcOj
extra : rebase_source : b5b498cc266e2c1c97459ace3da3febbb6a34e65
 2015-11-10 10:50:46 -08:00
Christoph Kerschbaumer
1873ead519 Bug 1219931 - CSP: Don't allow removing a policy (r=sicking) 2015-11-02 08:04:15 -08:00
Christoph Kerschbaumer
50588ca7c1 Bug 1188028 - Queue up CSP console messages till windowID is available (r=sicking) 2015-11-11 06:23:57 -08:00
Christoph Kerschbaumer
a876eba5c9 Bug 1188028 - Use channel->ascynOpen2 in dom/security/nsCSPContext.cpp (r=sicking) 2015-07-27 11:57:56 -07:00
Phil Ringnalda
b98d58e46d Back out changeset 4d6d9c1e52e4 (bug 1223647) for failures in test_csp.html, csp/test_redirects.html and csp/test_worker_redirect.html 
--HG--
extra : rebase_source : a4a53053968cfa19e6544dd3e59e36ef23fcf353
 2015-11-10 23:10:04 -08:00
Jonas Sicking
426e42e7f9 Bug 1223647: CSP erroneously inherited into dedicated workers. r=ckerschb 2015-11-10 21:16:12 -08:00
Kate McKinley
00b9a85bd6 Bug 1045891 - Tests for child-src r=ckerschb 2015-11-09 16:42:26 +09:00
Kate McKinley
67f4155fe6 Bug 1045891 - CSP 2 child-src implementation r=ckerschb 2015-10-28 16:32:27 -07:00
Carsten "Tomcat" Book
4d6f05d2f8 merge mozilla-inbound to mozilla-central a=merge 2015-11-09 14:55:30 +01:00
Gregor Wagner
96837db759 Bug 1222478 - Enable more mulet tests. r=gerard-majax 2015-11-06 20:01:45 +01:00
Andrea Marchesini
9d98f9a481 Bug 1215235 - Drop support for jar: URIs by default, r=bz 2015-11-04 11:19:02 +00:00
Jonas Sicking
c9e5049446 Bug 1213646: Allow URI_IS_UI_RESOURCE and safe about: URIs when SEC_ALLOW_CHROME is set. r=bz 2015-11-04 00:05:16 -08:00
Andrew McCreight
0d2779ef10 Bug 1222105 - Make test_report.html and test_blocked_uri_in_reports.html work with e10s. r=ckerschb 2015-11-06 16:03:03 -08:00
Paolo Amadini
0238bd1276 Bug 1221365 - Tests for "Is origin potentially trustworthy?" logic. r=ckerschb,bkelly 2015-11-06 11:10:08 -08:00
Matthew Noorenberghe
a0a2b249c4 Bug 1221365 - Move "Is origin potentially trustworthy?" logic outside ServiceWorkerManager.cpp. r=ckerschb,bkelly 2015-11-06 11:10:17 -08:00
Wes Kocher
f8ad8afb5a Backed out 4 changesets (bug 1045891) for b2g mochitest 7 failures 
Backed out changeset c590b18c5885 (bug 1045891)
Backed out changeset 14818a2329a4 (bug 1045891)
Backed out changeset e44d41985fed (bug 1045891)
Backed out changeset 781a76befe01 (bug 1045891)

--HG--
extra : commitid : 77UlfZzjWcg
 2015-11-06 09:36:49 -08:00
Kate McKinley
3b59b81c93 Bug 1045891 - CSP 2 child-src implementation. r=ckerschb 2015-10-28 16:32:27 -07:00
Kate McKinley
ad73bf4611 Bug 1045891 - Tests for child-src. r=ckerschb 2015-09-30 15:26:25 -07:00
Carsten "Tomcat" Book
30ff2fd956 Backed out changeset 26e162e72ae1 (bug 1045891) 2015-11-02 10:37:52 +01:00
Carsten "Tomcat" Book
deb9310786 Backed out changeset 895c42544609 (bug 1045891) 2015-11-02 10:37:51 +01:00
Kate McKinley
d4da8266d4 Bug 1045891 - CSP 2 child-src implementation r=ckerschb 2015-10-28 16:32:27 -07:00
Kate McKinley
38bf8db214 Bug 1045891 - Tests for child-src r=ckerschb 2015-09-30 15:26:25 -07:00
Andrew McCreight
5981b92f78 Bug 1219842 - Enable a bunch of mochitest-plain tests under e10s. r=mrbkap 2015-10-31 06:26:44 -07:00
Makoto Kato
1929f6c7c4 Bug 1218315 - Replace NS_LITERAL_STRING(...).get() with MOZ_UTF16(...) on dom. r=nfroyd 2015-10-28 14:29:57 +09:00
Christoph Kerschbaumer
d4eaf0fdf6 Bug 1191645 - Use channel->asycnOpen2 in dom/base/nsSyncLoadService.cpp. r=sicking 2015-10-26 14:22:59 -07:00
Christoph Kerschbaumer
ddb2d645e5 Bug 1194526 - Use channel->asycnOpen2 in dom/base/nsScriptLoader.cpp (r=sicking) 2015-10-19 18:33:37 -07:00
Jonas Sicking
d3a92a7fa1 Bug 1195167 part 5: Make FetchDriver use AsyncOpen2. r=bkelly 2015-10-19 18:24:36 -07:00
Jonas Sicking
be2deca017 Bug 1195167 part 1: Let necko handle all protocols. r=bkelly 2015-10-19 18:24:36 -07:00
Jonas Sicking
cc10dd7ad3 Bug 1182571: Make nsXMLHttpRequest use AsyncOpen2. r=ehsan 2015-10-19 11:14:54 -07:00
Jonas Sicking
4316c13003 Bug 1182571: Fix nsILoadInfo->GetContentPolicyType API to be less ambigious. Audit and fix all users of it. r=ckerschb 2015-10-19 11:14:54 -07:00
Christoph Kerschbaumer
643f27c257 Bug 1208559 - Hook up ServicerWorkers with CSP (r=sicking,bkelly,dveditz) 2015-10-18 19:59:18 -07:00
Christoph Kerschbaumer
733163ef2b Bug 1208559 - Tests. r=bholley 2015-10-18 19:37:40 -07:00
Nathan Froyd
01583602a9 Bug 1207245 - part 6 - rename nsRefPtr<T> to RefPtr<T>; r=ehsan; a=Tomcat 
The bulk of this commit was generated with a script, executed at the top
level of a typical source code checkout.  The only non-machine-generated
part was modifying MFBT's moz.build to reflect the new naming.

CLOSED TREE makes big refactorings like this a piece of cake.

 # The main substitution.
find . -name '*.cpp' -o -name '*.cc' -o -name '*.h' -o -name '*.mm' -o -name '*.idl'| \
    xargs perl -p -i -e '
 s/nsRefPtr\.h/RefPtr\.h/g; # handle includes
 s/nsRefPtr ?</RefPtr</g;   # handle declarations and variables
'

 # Handle a special friend declaration in gfx/layers/AtomicRefCountedWithFinalize.h.
perl -p -i -e 's/::nsRefPtr;/::RefPtr;/' gfx/layers/AtomicRefCountedWithFinalize.h

 # Handle nsRefPtr.h itself, a couple places that define constructors
 # from nsRefPtr, and code generators specially.  We do this here, rather
 # than indiscriminantly s/nsRefPtr/RefPtr/, because that would rename
 # things like nsRefPtrHashtable.
perl -p -i -e 's/nsRefPtr/RefPtr/g' \
     mfbt/nsRefPtr.h \
     xpcom/glue/nsCOMPtr.h \
     xpcom/base/OwningNonNull.h \
     ipc/ipdl/ipdl/lower.py \
     ipc/ipdl/ipdl/builtin.py \
     dom/bindings/Codegen.py \
     python/lldbutils/lldbutils/utils.py

 # In our indiscriminate substitution above, we renamed
 # nsRefPtrGetterAddRefs, the class behind getter_AddRefs.  Fix that up.
find . -name '*.cpp' -o -name '*.h' -o -name '*.idl' | \
    xargs perl -p -i -e 's/nsRefPtrGetterAddRefs/RefPtrGetterAddRefs/g'

if [ -d .git ]; then
    git mv mfbt/nsRefPtr.h mfbt/RefPtr.h
else
    hg mv mfbt/nsRefPtr.h mfbt/RefPtr.h
fi

--HG--
rename : mfbt/nsRefPtr.h => mfbt/RefPtr.h
 2015-10-18 01:24:48 -04:00
Wes Kocher
c2b3d9275b Backed out 2 changesets (bug 1182571) for being a likely cause of the Android S4 errors 
Backed out changeset e2b3064dcace (bug 1182571)
Backed out changeset 8153ae231d16 (bug 1182571)
 2015-10-15 14:07:06 -07:00
Jonas Sicking
2578b19458 Bug 1182571: Make nsXMLHttpRequest use AsyncOpen2. r=ehsan 2015-10-15 12:18:21 -07:00
Jonas Sicking
81a15a3362 Bug 1182571: Fix nsILoadInfo->GetContentPolicyType API to be less ambigious. Audit and fix all users of it. r=ckerschb 2015-10-15 12:18:20 -07:00
Ben Kelly
d803731730 Bug 1210413 P2 Test CORS credentials on cross-origin redirects. r=sicking a=dveditz 2015-10-07 14:33:31 -07:00
Francois Marier
5adc75d084 Bug 1208629 - Properly support data: and blob: URIs with an integrity atribute. r=ckerschb 2015-10-07 11:27:19 -07:00
Carsten "Tomcat" Book
08997000eb Backed out 2 changesets (bug 1202902) to recking bug 1202902 to be able to reopen inbound on a CLOSED TREE 
Backed out changeset 647025383676 (bug 1202902)
Backed out changeset d70c7fe532c6 (bug 1202902)
 2015-10-07 14:03:21 +02:00
Carsten "Tomcat" Book
e7ef778c9d Backed out 1 changesets (bug 1202902) for causing merge conflicts to mozilla-central 
Backed out changeset cfc1820361f5 (bug 1202902)

--HG--
extra : rebase_source : 5d3db72337754bc7ab0ed0c30b2896100411ff92
 2015-10-07 12:13:45 +02:00
Shu-yu Guo
d06b6030f6 Bug 1202902 - Scripted fix the world. 2015-10-06 14:00:31 -07:00
Ehsan Akhgari
48e01cb303 Tests for bug 1200869; r=sicking 2015-09-29 23:12:52 -04:00
Ehsan Akhgari
1b07208138 Tests for bug 1200856; r=sicking 2015-09-29 23:12:51 -04:00
Christoph Kerschbaumer
fda3fd3cbf Bug 1192333 - Use channel->ascynOpen2 in dom/xslt/xslt/txMozillaStylesheetCompiler.cpp (r=sicking) 2015-09-28 16:34:47 -07:00
Christoph Kerschbaumer
a28aacf667 Bug 1048048 - add preload content policy types - tests (r=dveditz) 
CLOSED TREE

--HG--
extra : source : 02c6d6aef163530bafee0d39761f18ca3aa1f40c
extra : amend_source : bff4f1c8ed0fe42addb24774b8c6dd89fe2c7905
 2014-10-31 13:37:59 -07:00
Christoph Kerschbaumer
f3e1d73e58 Bug 1048048 - add preload content policy types - csp changes (r=dveditz) 
--HG--
extra : source : 4f91b10e8be000ee5408461c74099ca96156c0cf
 2015-09-20 14:56:34 -07:00
Wes Kocher
cd079d2bf9 Backed out 7 changesets (bug 1048048) for android crashes in various chunks CLOSED TREE 
Backed out changeset b5abe23a4ea5 (bug 1048048)
Backed out changeset 4f91b10e8be0 (bug 1048048)
Backed out changeset 450d4a13c90e (bug 1048048)
Backed out changeset 6a727c40eb68 (bug 1048048)
Backed out changeset 88c2333ff745 (bug 1048048)
Backed out changeset 740ab1ecd079 (bug 1048048)
Backed out changeset 02c6d6aef163 (bug 1048048)
 2015-09-21 09:08:34 -07:00
Christoph Kerschbaumer
b2de9adb18 Bug 1048048 - add preload content policy types - csp changes (r=dveditz) 2015-09-20 14:56:34 -07:00
Christoph Kerschbaumer
47de316d52 Bug 1048048 - add preload content policy types - tests (r=dveditz) 2014-10-31 13:37:59 -07:00
Christoph Kerschbaumer
6d3847c487 Bug 1204703 - Make nsContentSecurityManager scriptable (r=sicking) 
--HG--
extra : source : 977d5b7ecba32a0617d40c231e2f16963bf4a4ef
 2015-09-18 09:27:15 -07:00
Wes Kocher
8414be2356 Backed out 3 changesets (bug 1143922) for landing with the wrong bug number 
Backed out changeset 309b4d1ab81c (bug 1143922)
Backed out changeset deda472458fd (bug 1143922)
Backed out changeset 977d5b7ecba3 (bug 1143922)
 2015-09-18 14:13:33 -07:00
Christoph Kerschbaumer
b01fc3ad90 Bug 1143922 - Make nsContentSecurityManager scriptable (r=sicking) 2015-09-18 09:27:15 -07:00
Christoph Kerschbaumer
796647f603 Bug 1026520 - CSP: Inline report sending into allows - test updates (r=dveditz) 2015-09-17 22:34:49 -07:00
Christoph Kerschbaumer
8001d76219 Bug 1026520 - CSP: Inline report sending into allows - csp changes (r=dveditz) 2015-09-17 22:34:16 -07:00
Ehsan Akhgari
59c135c176 Bug 1198078 - Add support for TYPE_INTERNAL_SERVICE_WORKER; r=ckerschb,tanvi 2015-09-16 19:15:30 -04:00
Chris Peterson
bfd0628cd5 Bug 1203234 - Re-enable -Wshadow warnings in /dom/security. r=ckerschb 2015-09-14 22:54:22 -07:00
Christoph Kerschbaumer
1e5ee64415 Bug 1195162 - Use channel->ascynOpen2 dom/xbl/nsXBLService.cpp (r=sicking) 2015-09-14 18:59:35 -07:00
Ehsan Akhgari
a4ac3ec0b4 Bug 1199049 - Part 1: Move nsCORSListenerProxy.* to necko; r=jduell 
--HG--
rename : dom/security/nsCORSListenerProxy.cpp => netwerk/protocol/http/nsCORSListenerProxy.cpp
rename : dom/security/nsCORSListenerProxy.h => netwerk/protocol/http/nsCORSListenerProxy.h
 2015-09-12 19:20:52 -04:00
Michael Layzell
092e4a4b9e Bug 1188932 - Allow the User-Agent header to be explicitly set by requests, r=bkelly, r=jgraham 2015-09-12 12:46:09 -04:00
Christoph Kerschbaumer
60c4905182 Bug 1069762 - CSP: blocked-uri in violation reports should not contain sensitive data - tests (r=sstamm) 2014-10-17 14:22:27 -07:00
Richard Barnes
cba82e6dbd Bug 1198572 - Add telemetry for how often HSTS would fix mixed content problems r=smaug r=tanvi 2015-09-09 15:14:27 -04:00
Francois Marier
14eac63103 Bug 1202027 - Make SRI require CORS loads for cross-origin resources. r=ckerschb 2015-09-09 00:11:38 -07:00
Francois Marier
e510ad6b31 Bug 1202015 - Better document the SRI strings for translators. r=ckerschb 2015-09-09 00:10:25 -07:00
Ehsan Akhgari
6ac40622c3 Bug 1201229 - Return an empty string for a header when an error occurs; r=dragana 
This fixes nsIHttpChannel::GetRequestHeader() and
nsIHttpChannel::GetResponseHeader() to always empty out their string
argument even when they fail.  This prevents programming mistakes of
passing the same string object to multiple of these calls and using the
string value without checking the nsresult error code, since otherwise
the string value may be unchanged from a previous call.

Note that this doesn't affect JS consumers of these APIs since we only
empty out the string argument in case the method fails, which will be
translated to a JS exception, and the JS code will never get to see the
emptied string.
 2015-09-08 20:08:35 -04:00
Ehsan Akhgari
978f461b95 Bug 1200869 - Empty the header value for code hygiene; r=sicking 2015-09-02 19:53:35 -04:00
Ehsan Akhgari
a01e0f79fc Bug 1200856 - Avoid the extra variable to make the string manipulation faster; r=sicking 2015-09-02 19:52:46 -04:00
Nicholas Nethercote
f44287005f Bug 1198334 (part 1) - Replace the opt-in FAIL_ON_WARNINGS with the opt-out ALLOW_COMPILER_WARNINGS. r=glandium. 
The patch removes 455 occurrences of FAIL_ON_WARNINGS from moz.build files, and
adds 78 instances of ALLOW_COMPILER_WARNINGS. About half of those 78 are in
code we control and which should be removable with a little effort.

--HG--
extra : rebase_source : 82e3387abfbd5f1471e953961d301d3d97ed2973
 2015-08-27 20:44:53 -07:00
Kyle Huey
b930db3a55 Bug 1196592: Make retargeting Fetch to another thread actually work. r=nsm 
--HG--
extra : rebase_source : 24801ef2546f6aa3d74b9193a104bb35e8103699
 2015-08-28 13:49:07 -07:00
Christoph Kerschbaumer
a2daed5950 Bug 1198422 - CSP: Test fallback for nonce-src and hash-src (r=devitz) 2015-08-27 09:02:32 -07:00
Christoph Kerschbaumer
0500c010b8 Bug 1198422 - CSP: Allow nonce to load if default-src is not specified in second policy (r=dveditz) 2015-08-25 16:11:04 -07:00
Ehsan Akhgari
1dda7b7d34 Bug 1194847 - Part 2: Bypass CORS checks if the response of a channel has been synthesized; r=nsm 2015-08-25 21:43:40 -04:00
Francois Marier
f04275bd0b Bug 1196740 - Consider redirects when looking for SRI-eligibility. r=ckerschb 
--HG--
rename : dom/security/test/sri/iframe_style_sameorigin.html => dom/security/test/sri/iframe_style_crossdomain.html
rename : dom/security/test/sri/script_crossdomain4.js => dom/security/test/sri/script_crossdomain5.js
rename : dom/security/test/sri/style1.css => dom/security/test/sri/style_301.css
rename : dom/security/test/sri/test_style_sameorigin.html => dom/security/test/sri/test_style_crossdomain.html
 2015-08-25 13:38:39 -07:00
Christoph Kerschbaumer
be38f76461 Bug 1096724 - Update csp/test_base-uri to rely on postmessage instead of observers. r=dveditz 2015-08-18 11:42:43 -07:00
Ryan VanderMeulen
ec860a87f6 No bug - Use the correct requestLongerTimeout syntax. a=bustage 2015-08-18 12:53:55 -04:00
Ryan VanderMeulen
210ad6260a No bug - Request a longer timeout for test_CrossSiteXHR_origin.html due to teetering on the edge of timing out on B2G debug. 2015-08-18 10:39:17 -04:00
Francois Marier
a196b8ef35 Bug 1195572 - Enable -Wformat-security in DOM::Security. r=ckerschb 2015-08-17 21:48:07 -07:00
Tanvi Vyas
550a74f51e Bug 1182551 - HTTP top level page with HTTPS mixed passive frame should have STATE_IS_INSECURE. r=ttaubert 2015-08-13 17:13:51 -07:00
Tanvi Vyas
aa87627fac Bug 1182551 - Don't set STATE_IS_BROKEN on HTTP pages when mixed content is allowed by default. r=smaug 2015-08-13 17:13:43 -07:00
Christoph Kerschbaumer
dad90516d6 Bug 1192955 - Use channel->ascynOpen2 for PING in docshell/base/nsDocShell.cpp (r=sicking) 2015-08-13 08:53:28 -07:00
Francois Marier
2a4ad76933 Bug 992096 - Implement Sub Resource Integrity [2/2]. r=ckerschb 
Mochitests
 2015-08-12 20:19:16 -07:00
Francois Marier
34de332db0 Bug 992096 - Implement Sub Resource Integrity [1/2]. r=baku,r=ckerschb 
Code changes
 2015-08-12 20:19:11 -07:00
Christoph Kerschbaumer
4b7d4aaed5 Bug 1187165 - Use channel->ascynOpen2 in dom/base/ImportManager (r=sicking) 2015-08-10 10:25:20 -07:00
Christoph Kerschbaumer
b7e53859ad Bug 1182544 - Use channel->ascynOpen2 in dom/xml/XMLDocument.cpp (r=sicking) 2015-08-10 10:19:08 -07:00
Blake Kaplan
9b31f6bcfe Bug 661604 - Re-enable this test because it works now. rs=wchen and try 2015-08-06 10:35:49 -07:00
Christoph Kerschbaumer
5dfe6ac07d Bug 1188637 - Use channel->ascynOpen2 in dom/base/EventSource.cpp (r=sicking) 2015-08-04 20:06:19 -07:00
Christoph Kerschbaumer
221df08158 Bug 1182543 - Use channel->ascynOpen2 in dom/plugins/base/nsPluginHost.cpp (r=sicking) 2015-08-04 20:05:37 -07:00
Carsten "Tomcat" Book
57a966656a merge mozilla-inbound to mozilla-central a=merge 2015-08-04 13:01:07 +02:00
Tanvi Vyas
87164ced3c Bug 1181683 - Mark ping and beacon as blockable mixed content instead of optionally blockable. r=smaug 2015-08-03 15:25:21 -07:00
Christoph Kerschbaumer
f7e2152921 Bug 1096724 - Fix intermittent test_base-uri.html failures. r=ryanvm 2015-07-29 14:16:37 -07:00
Christoph Kerschbaumer
5d6e8c751f Bug 1152574 - Do not report aborted XHR requests in web console (r=sicking) 2015-07-20 13:59:19 -07:00
Christoph Kerschbaumer
f75b477899 Bug 1182539 - Use channel->ascynOpen2 in dom/base/nsDocument.cpp (r=sicking) 2015-07-31 08:58:14 -07:00
Christoph Kerschbaumer
90fee9adce Bug 1182537 - Use channel->ascynOpen2 in dom/security/nsCORSListenerProxy (r=sicking) 2015-07-30 08:59:20 -07:00
Christoph Kerschbaumer
8f5542d747 Bug 1182537 - Use channel->ascynOpen2 in dom/base/Navigator.cpp (r=sicking,bz) 2015-07-27 20:39:17 -07:00
Marcos Caceres
2465cf3a99 Bug 1171200 - Add means of checking if a document links to a manifest. r=billm 
--HG--
rename : dom/manifest/ImageObjectProcessor.js => dom/manifest/ImageObjectProcessor.jsm
rename : dom/manifest/ManifestProcessor.js => dom/manifest/ManifestProcessor.jsm
rename : dom/manifest/ValueExtractor.js => dom/manifest/ValueExtractor.jsm
 2015-07-30 11:56:12 -04:00
Carsten "Tomcat" Book
401a15426c Backed out changeset 4b328a6f7448 (bug 1171200) for frequent asan m1 test failures on a CLOSED TREE 
--HG--
rename : dom/manifest/ImageObjectProcessor.jsm => dom/manifest/ImageObjectProcessor.js
rename : dom/manifest/ManifestProcessor.jsm => dom/manifest/ManifestProcessor.js
rename : dom/manifest/ValueExtractor.jsm => dom/manifest/ValueExtractor.js
extra : amend_source : 0a9fc98e1c76d4ede43714bac63bba8b43efe5d7
 2015-07-30 15:11:48 +02:00
Marcos Caceres
79d86a6353 Bug 1171200 - Add means of checking if a document links to a manifest. r=billm 
--HG--
rename : dom/manifest/ImageObjectProcessor.js => dom/manifest/ImageObjectProcessor.jsm
rename : dom/manifest/ManifestProcessor.js => dom/manifest/ManifestProcessor.jsm
rename : dom/manifest/ValueExtractor.js => dom/manifest/ValueExtractor.jsm
 2015-07-29 16:58:00 +02:00
Francois Marier
7080a1190a Bug 1187711 - Restrict -Wshadow to gcc and clang. r=KWierso CLOSED TREE 2015-07-27 17:12:58 -07:00
Francois Marier
5556697f0b Bug 1187711 - Enable -Wshadow in DOM::Security. r=ckerschb 2015-07-27 16:14:56 -07:00
Christoph Kerschbaumer
9d66aa4b3b Bug 1182540 - Use channel->ascynOpen2 in dom/html/HTMLTrackElement.cpp (r=sicking) 2015-07-25 10:29:22 -07:00
Josh Matthews
4130ff6d80 Bug 1186589 - Ensure CORS preflight requests are never intercepted. r=sicking 2015-07-23 10:25:12 -04:00
Christoph Kerschbaumer
25bee46b21 Bug 1173708 - Fix intermittent test_inlinescript error. r=dveditz 
--HG--
rename : dom/security/test/csp/file_inlinescript_main_allowed.html => dom/security/test/csp/file_inlinescript.html
 2015-07-20 11:25:24 -07:00
Carsten "Tomcat" Book
f821af7776 Backed out changeset cc377dd50503 (bug 1152574) for causing memory leaks on a CLOSED TREE 
--HG--
extra : rebase_source : 819a2a12c3fd9adb5a756292a287288efbdc01a3
 2015-07-21 11:50:45 +02:00
Christoph Kerschbaumer
6b484e43cd Bug 1152574 - Do not report aborted XHR requests in web console. r=sicking 2015-07-20 13:59:19 -07:00
Christoph Kerschbaumer
bab1940d4a Bug 1143922 - Add AsyncOpen2 to nsIChannel and perform security checks when opening a channel - securitymanager (r=sicking,tanvi) 2015-07-19 19:12:11 -07:00
mcaceres@mozilla.com
fa8ccba8c3 Backed out changeset 01d03b6be047 (bug 1171200) 
--HG--
rename : dom/manifest/ImageObjectProcessor.jsm => dom/manifest/ImageObjectProcessor.js
rename : dom/manifest/ManifestProcessor.jsm => dom/manifest/ManifestProcessor.js
rename : dom/manifest/ValueExtractor.jsm => dom/manifest/ValueExtractor.js
 2015-07-17 11:45:59 +10:00
Birunthan Mohanathas
a8939590de Bug 1182996 - Fix and add missing namespace comments. rs=ehsan 
The bulk of this commit was generated by running:

  run-clang-tidy.py \
    -checks='-*,llvm-namespace-comment' \
    -header-filter=^/.../mozilla-central/.* \
    -fix
 2015-07-13 08:25:42 -07:00
Christoph Kerschbaumer
69eba2fa6a Bug 1139297 - Implement CSP upgrade-insecure-requests directive - cors tests (r=smaug) 
--HG--
extra : rebase_source : 59ab74d90890d6756de82b64808ff35a947f0c2c
 2015-07-10 09:17:17 -07:00
Christoph Kerschbaumer
bf74850156 Bug 1139297 - Implement CSP upgrade-insecure-requests directive - tests referrer (r=sstamm) 
--HG--
extra : rebase_source : be32f99f26715ba0816e9ea35b0e08bb73035a82
 2015-07-10 09:17:02 -07:00
Christoph Kerschbaumer
ab68e4a840 Bug 1139297 - Implement CSP upgrade-insecure-requests directive - reports (r=sstamm) 
--HG--
extra : rebase_source : 55ff799deb95a3d66cfb7d37bf6892891913d5b3
 2015-07-10 09:16:46 -07:00
Christoph Kerschbaumer
1e39bd8852 Bug 1139297 - Implement CSP upgrade-insecure-requests directive - simple upgrade tests (r=tanvi,sstamm) 
--HG--
extra : rebase_source : 4473c88aa0ab3e5b9bb31ed6b2e45dfeb68b3a2a
 2015-07-10 09:16:32 -07:00
Christoph Kerschbaumer
41b6908773 Bug 1139297 - Implement CSP upgrade-insecure-requests directive - parser tests (r=sstamm) 
--HG--
extra : rebase_source : 2c24dfe4a44e8485b1f207f065668a4fbdf2b31c
 2015-07-10 09:16:15 -07:00
Christoph Kerschbaumer
a900bc2910 Bug 1139297 - Implement CSP upgrade-insecure-requests directive - devtool changes (r=sstamm,bholley) 
--HG--
extra : rebase_source : db910acac278e591c6cfbbf897238a5b5159fd42
 2015-07-10 09:16:01 -07:00
Christoph Kerschbaumer
d261954005 Bug 1139297 - Implement CSP upgrade-insecure-requests directive - cors changes (r=smaug) 
--HG--
extra : rebase_source : f7faab7a9cceb962b4eaf4598f1a45fb0f73a756
 2015-07-10 09:15:03 -07:00
Christoph Kerschbaumer
9ea890b6d7 Bug 1139297 - Implement CSP upgrade-insecure-requests directive - mcb changes (r=tanvi) 
--HG--
extra : rebase_source : 055dda3713d13e0fa8f4e4d97a5371900df0ff4e
 2015-07-10 09:14:42 -07:00
Christoph Kerschbaumer
d338b7f9d9 Bug 1139297 - Implement CSP upgrade-insecure-requests directive - csp changes (r=sstamm) 
--HG--
extra : rebase_source : 34377eb11cf33beef768bd11883c048c37351a8d
 2015-07-10 09:13:54 -07:00
Geoff Brown
52d4e225a0 Bug 1026290 - Update mochitest-chrome manifests for android; r=jgriffin 2015-07-10 14:41:59 -06:00
Marcos Caceres
9424ebb117 Bug 1171200 - Add means of checking if a document links to a manifest. r=billm. 
---
 dom/ipc/manifestMessages.js                        | 166 +++++++++-----------
 ...ObjectProcessor.js => ImageObjectProcessor.jsm} |   0
 dom/manifest/ManifestFinder.jsm                    |  58 +++++++
 dom/manifest/ManifestObtainer.js                   |  92 -----------
 dom/manifest/ManifestObtainer.jsm                  | 170 +++++++++++++++++++++
 ...{ManifestProcessor.js => ManifestProcessor.jsm} |  18 +--
 .../{ValueExtractor.js => ValueExtractor.jsm}      |   4 +-
 dom/manifest/WebManifest.jsm                       |  19 ---
 dom/manifest/moz.build                             |  10 +-
 dom/manifest/test/browser.ini                      |   3 +-
 .../test/browser_ManifestObtainer_obtain.js        |   2 +-
 dom/manifest/test/browser_hasManifestLink.js       | 109 +++++++++++++
 dom/manifest/test/common.js                        |   4 +-
 dom/security/test/csp/browser_test_web_manifest.js |  12 +-
 .../csp/browser_test_web_manifest_mixed_content.js |  10 +-
 toolkit/modules/PromiseMessage.jsm                 |  36 +++++
 toolkit/modules/moz.build                          |   1 +
 17 files changed, 467 insertions(+), 247 deletions(-)
 rename dom/manifest/{ImageObjectProcessor.js => ImageObjectProcessor.jsm} (100%)
 create mode 100644 dom/manifest/ManifestFinder.jsm
 delete mode 100644 dom/manifest/ManifestObtainer.js
 create mode 100644 dom/manifest/ManifestObtainer.jsm
 rename dom/manifest/{ManifestProcessor.js => ManifestProcessor.jsm} (95%)
 rename dom/manifest/{ValueExtractor.js => ValueExtractor.jsm} (96%)
 delete mode 100644 dom/manifest/WebManifest.jsm
 create mode 100644 dom/manifest/test/browser_hasManifestLink.js
 create mode 100644 toolkit/modules/PromiseMessage.jsm

--HG--
rename : dom/manifest/ImageObjectProcessor.js => dom/manifest/ImageObjectProcessor.jsm
rename : dom/manifest/ManifestProcessor.js => dom/manifest/ManifestProcessor.jsm
rename : dom/manifest/ValueExtractor.js => dom/manifest/ValueExtractor.jsm
 2015-07-08 13:26:32 +10:00
Birunthan Mohanathas
89f3f916ee Bug 968520 - Use move assignment instead of fallible copy assignment in nsCSPUtils.cpp. r=froydnj 2015-07-07 11:27:03 -07:00
Dragana Damjanovic
7987d2203e Bug 905127 - Part 2 - remove unnecessary nsNetUtil.h includes r=jduell 2015-07-06 07:55:00 +02:00
Emanuel Hoogeveen
7d1e52f2ff Bug 905127 - Part 1 - Make some functions from nsNetUtil not inline. r=jduell 2015-07-07 04:17:00 +02:00
Ehsan Akhgari
3b2798f9f5 Bug 1175299 - Translate the content policy type obtained in nsMixedContentBlocker::AsyncOnChannelRedirect to an external one before invoking the content policy implementation; r=smaug 2015-06-16 21:17:01 -04:00
Ehsan Akhgari
554db0e419 Bug 1175114 - Translate the content policy type obtained in CSPService::AsyncOnChannelRedirect to an external one before invoking the content policy implementation; r=smaug 2015-06-16 14:49:56 -04:00
Ehsan Akhgari
72aef1875b Bug 1175122 - Add more assertions to the in-tree content policy implementations to ensure that they receive external content policy types; r=baku 2015-06-16 11:38:53 -04:00