Mark Banner
ceaeb93550
Bug 1486741 - Enable ESLint rule comma-dangle for all of mozilla-central (automatic fixes). r=mossop
...
Differential Revision: https://phabricator.services.mozilla.com/D8389
--HG--
extra : moz-landing-system : lando
2018-10-19 12:55:39 +00:00
Kris Maglione
219ed0cc06
Bug 1454813: Part 2b - Rename SpawnTask.js to AddTask.js. r=florian
...
The old name no longer makes sense, since it no longer exports an spawn_task
symbol, and add_task is what we really care about.
MozReview-Commit-ID: IE7B8Czv8DH
--HG--
rename : testing/mochitest/tests/SimpleTest/SpawnTask.js => testing/mochitest/tests/SimpleTest/AddTask.js
extra : rebase_source : 03bca5aa69a7625a49b4455a6c96ce4c59de3a5a
2018-04-18 11:43:45 -07:00
Tim Taubert
43fb829da9
Bug 1444605 - Fix perma-orange browser_active_document.js r=johannh
...
Reviewers: johannh
Reviewed By: johannh
Bug #: 1444605
Differential Revision: https://phabricator.services.mozilla.com/D706
--HG--
extra : amend_source : f84c2e30200b9afe42defa8eeca1dcbe828061b1
2018-03-12 11:51:05 +01:00
Tim Taubert
afe259f21f
Bug 1409202 - Web Authentication - Restrict to selected tabs in the active window r=jcj
...
Summary:
This patch restricts any calls to navigator.credentials.* methods to selected
tabs. Any active WebAuthn request will be aborted when the parent chrome
window loses focus, or the <browser> is backgrounded.
Reviewers: jcj
Reviewed By: jcj
Bug #: 1409202
Differential Revision: https://phabricator.services.mozilla.com/D688
--HG--
extra : amend_source : 112378a1ab2e883d7603e8a28ff3f8e944d57b5f
2018-03-10 06:43:20 +01:00
Tim Taubert
e7bbf534a6
Bug 1439805 - Implement CredentialsContainer.preventSilentAccess() r=jcj,smaug
...
Reviewers: jcj, smaug
Reviewed By: jcj, smaug
Bug #: 1439805
Differential Revision: https://phabricator.services.mozilla.com/D629
2018-02-22 14:36:08 +01:00
J.C. Jones
bce88244c0
Bug 1407789 - Prohibit cross-site iframes for Credential Management r=baku,keeler,ttaubert
...
Credential Management defines a parameter `sameOriginWithAncestors` which is
set true if the responsible document is not either in a top-level browsing
context, or is in a nested context whose heirarchy is all loaded from the
same origin as the top-level context [1][2]. The individual credential types
of CredMan can use this flag to make decisions on whether to error or not.
Our Credential Management implementation right now is a shim to Web
Authentication, which says that if `sameOriginWithAncestors` is false, return
`"NotAllowedError"`.
This ensures that
https://webauthn.bin.coffee/iframe.html
works, but the cross-origin
https://u2f.bin.coffee/iframe-webauthn.html
does not.
[1] https://w3c.github.io/webappsec-credential-management/#algorithm-request
[2] https://w3c.github.io/webappsec-credential-management/#algorithm-create
[3] https://w3c.github.io/webauthn/#createCredential
[4] https://w3c.github.io/webauthn/#getAssertion
MozReview-Commit-ID: KIyakgl0kGv
--HG--
extra : rebase_source : dace4f4d73823913bff759fce8255da8e18ad5e3
2017-10-12 18:18:39 -07:00