Commit Graph

431 Commits

Author SHA1 Message Date
Richard Barnes
ea829544cd Bug 1308951 - Add a pref to whitelist specific domains as SecureContexts r=ckerschb,jcj
MozReview-Commit-ID: AxihCLsBNRw

--HG--
extra : rebase_source : bd2800c65af839ef67f4ca9a841f08884ac9c539
2016-10-10 11:32:24 -04:00
Yoshi Huang
06ba09a073 Bug 1264137 - Part 3: perform ContentPolicy check if the load is happening on this docshell. r=bz, smaug 2016-10-07 17:40:21 +08:00
Iris Hsiao
e6ab0adc40 Backed out changeset d283c59402ce (bug 1277803)
CLOSED TREE
2016-10-07 11:24:08 +08:00
Iris Hsiao
596b8e86ce Backed out changeset 76788d4f83ce (bug 1277803)
CLOSED TREE
2016-10-07 11:23:40 +08:00
Steven Englehardt
1925944f12 Bug 1277803 - Part 5: Add a test to verify the loadingPrincipal of favicon loads. r=ckerschb 2016-09-13 00:33:00 -04:00
Tim Huang
85a1cb6b99 Bug 1277803 - Part 1: Add a new ContentPolicy TYPE_INTERNAL_IMAGE_FAVICON for indicating a favicon loading. r=ckerschb 2016-09-07 00:38:00 -04:00
Frederik Braun
ae7fb1e8d0 Bug 1279139 - require-sri-for needs to govern scriptloading for workers. r=baku
MozReview-Commit-ID: 3m21kbiV5qK

--HG--
extra : rebase_source : 30c784392e96c1b28c55d38959cc529093b9b568
2016-10-04 02:36:00 +02:00
Christoph Kerschbaumer
b0951acfc5 Bug 1302539 - X-Content-Type-Options: nosniff should not apply to images (temporarily). r=dveditz 2016-09-30 09:38:44 +02:00
Edgar Chen
cf7304c3c6 Bug 1306007 - Part 1: Remove srcset/picture feature control preference; r=jdm,smaug
MozReview-Commit-ID: BsyTHeqiGZL

--HG--
extra : rebase_source : 2add2510dbe16c641fe997a8349c1a36009bec20
2016-04-16 18:07:56 -04:00
Samriddhi Jain
40e1a53f35 Bug 1303682 - Add deprecation warning before removing 'referrer' directive from CSP. r=ckerschb 2016-09-28 20:17:18 +05:30
Thomas Wisniewski
c190891418 Bug 1303121 - Do not fire one last progress event on XHR errors, to match a spec change. r=annevk
--HG--
extra : rebase_source : 9a59934cfe8fc7f2ee8ef7788813f97e2355ce2a
2016-09-28 13:05:32 -04:00
Kate McKinley
c57d400961 Bug 1246540 - HSTS Priming Proof of Concept. r=ckerschb, r=mayhemer, r=jld, r=smaug, r=dkeeler, r=jmaher, p=ally
HSTS priming changes the order of mixed-content blocking and HSTS
upgrades, and adds a priming request to check if a mixed-content load is
accesible over HTTPS and the server supports upgrading via the
Strict-Transport-Security header.

Every call site that uses AsyncOpen2 passes through the mixed-content
blocker, and has a LoadInfo. If the mixed-content blocker marks the load as
needing HSTS priming, nsHttpChannel will build and send an HSTS priming
request on the same URI with the scheme upgraded to HTTPS. If the server
allows the upgrade, then channel performs an internal redirect to the HTTPS URI,
otherwise use the result of mixed-content blocker to allow or block the
load.

nsISiteSecurityService adds an optional boolean out parameter to
determine if the HSTS state is already cached for negative assertions.
If the host has been probed within the previous 24 hours, no HSTS
priming check will be sent.

MozReview-Commit-ID: ES1JruCtDdX

--HG--
extra : rebase_source : 2ac6c93c49f2862fc0b9e595eb0598cd1ea4bedf
2016-09-27 11:27:00 -04:00
Xidorn Quan
f196d451ef Bug 1304302 part 7 - Break cycle reference between SRIMetadata.h and SRICheck.h. r=smaug
MozReview-Commit-ID: 8UpAEXURuSg

--HG--
extra : source : 50604098e9e374611b02d82d765fa0b230d71373
2016-09-26 22:03:25 +10:00
Iris Hsiao
767e1e9b11 merge mozilla-inbound to mozilla-central a=merge 2016-09-26 18:34:20 +08:00
Kate McKinley
694c12c743 Bug 1242019 - Truncate data URIs in CSP log messages. r=ckerschb
MozReview-Commit-ID: DaiGESRI1rb

--HG--
extra : transplant_source : %EC%7B%3F%20O%3A%A7g%BAl%82%BC-Xg%23%84%E2%3C%EE
2016-09-12 14:30:43 -07:00
Kate McKinley
ed0b5f06ee Bug 1271796 use raw bytes to calculate SRI hash r=francois
MozReview-Commit-ID: F62t5CnsYlJ

--HG--
extra : rebase_source : 9c2148ffe99a51db5541ec6d9961597b578157ae
2016-09-05 12:55:25 +02:00
Gabor Krizsanits
9f5afabda0 Bug 1294381 - Delayed process script for test_bug803225.html. r=mrbkap 2016-09-22 09:26:26 +02:00
Christoph Kerschbaumer
f41283f981 Bug 1298680 - Use uint64_t consistently for windowID within CSP. r=freddyb 2016-09-19 12:57:20 +02:00
Christoph Kerschbaumer
9f2e941749 Bug 1296027 - CSP: Include 'Source' within error message when logging to the console. r=freddyb,bgrins 2016-09-19 10:18:55 +02:00
Frederik Braun
fd99ac5cc2 Bug 1277248 - Add test to ensure that require-sri-for does not allow svg:scripts r=ckerschb
MozReview-Commit-ID: 1knIYZ93UeY

--HG--
extra : rebase_source : 4c1385382ecdddf80ec45d46d440b37bf4ad47c1
2016-09-13 11:05:37 +02:00
Tom Tung
db38e2111a Bug 1187335 - P6 - Support script/css to set integrity metadata to serviceWorker. r=bkelly. r=francois. 2016-09-07 10:30:21 +08:00
Tom Tung
6f314fb375 Bug 1187335 - P3 - modify SRI test to match current behavior. r=bkelly, r=francois. 2016-05-30 12:26:56 +08:00
Tom Tung
78670a91d5 Bug 1187335 - P2 - Modify the way to report to console for worker and use LoadTainting to decide CORS or not. r=bkelly. r=francois. 2016-09-08 09:59:40 +08:00
Henry Chang
6ea7c1b598 Bug 1229639 - Part 2: Test case. r=ckerschb
MozReview-Commit-ID: GbofB6JoFil

--HG--
extra : rebase_source : dc4ac339817a052f687179988e28ec02764bd3e7
2016-09-06 18:30:12 +08:00
Henry Chang
f9eeeb2620 Bug 1229639 - Part 1: Match CSP host source with percent-decoded URI. r=ckerschb
MozReview-Commit-ID: CSGeoSR2qw8

--HG--
extra : rebase_source : f64cb0b9cab61ec09faa29139f72d28272fbbedb
2016-09-06 18:29:26 +08:00
Tom Schuster
885c81fd09 Bug 1299267 - Test for wrong mime types. r=ckerschb 2016-09-05 20:02:52 +02:00
Nicholas Nethercote
b71747b2ac Bug 1299727 - Rename NS_WARN_IF_FALSE as NS_WARNING_ASSERTION. r=erahm.
The new name makes the sense of the condition much clearer. E.g. compare:

  NS_WARN_IF_FALSE(!rv.Failed());

with:

  NS_WARNING_ASSERTION(!rv.Failed());

The new name also makes it clearer that it only has effect in debug builds,
because that's standard for assertions.

--HG--
extra : rebase_source : 886e57a9e433e0cb6ed635cc075b34b7ebf81853
2016-09-01 15:01:16 +10:00
Nicholas Nethercote
742fc7eb48 Bug 1297961 (part 1) - Introduce nsURI::GetSpecOrDefault(). r=hurley.
This function is an infallible alternative to nsIURI::GetSpec(). It's useful
when it's appropriate to handle a GetSpec() failure with a failure string, e.g.
for log/warning/error messages. It allows code like this:

  nsAutoCString spec;
  uri->GetSpec(spec);
  printf("uri: %s", spec.get());

to be changed to this:

  printf("uri: %s", uri->GetSpecOrDefault().get());

This introduces a slight behavioural change. Previously, if GetSpec() failed,
an empty string would be used here. Now, "[nsIURI::GetSpec failed]" will be
produced instead. In most cases this failure string will make for a clearer
log/warning/error message than the empty string.
* * *
Bug 1297961 (part 1b) - More GetSpecOrDefault() additions. r=hurley.

I will fold this into part 1 before landing.

--HG--
extra : rebase_source : ddc19a5624354ac098be019ca13cc24b99b80ddc
2016-08-26 16:02:31 +10:00
Christoph Kerschbaumer
a80531eeb1 Bug 1298505 - CSP: Update StripURIForReporting to rely on NS_SecurityCompareURIs. r=dveditz
--HG--
extra : rebase_source : b3cd4f3ebed2ee079d88c896aa08e2e99e5c20a5
2016-08-27 08:30:43 +02:00
Christoph Kerschbaumer
9489473322 Bug 1297051 - Test CSPRO should not block mixed content. r=dveditz 2016-08-24 09:24:20 +02:00
Christoph Kerschbaumer
653bf080a7 Bug 1297051 - CSPRO should not block mixed content. r=dveditz 2016-08-24 09:24:55 +02:00
Christoph Kerschbaumer
4261d2f1f7 Bug 1288361 - Test block script with wrong MIME type. r=dveditz 2016-08-22 08:56:32 +02:00
Christoph Kerschbaumer
19b246a586 Bug 1290560 - Update TestCSPParser to include 'sandbox', 'require-sri' and 'report-uri' with no valid srcs. r=dveditz 2016-08-19 18:45:04 +02:00
Christoph Kerschbaumer
df1432e805 Bug 1290560 - Update CSPParser to handle 'sandbox', 'require-sri' and 'report-uri' with no valid srcs correctly. r=dveditz 2016-08-19 18:41:45 +02:00
Nicholas Nethercote
ca40b738e4 Bug 1294620 - Use infallible XPIDL attribute getters more. r=erahm.
This makes a lot of code more compact, and also avoids some redundant nsresult
checks.

The patch also removes a handful of redundant checks on infallible setters.

--HG--
extra : rebase_source : f82426e7584d0d5cddf7c2524356f0f318fbea7d
2016-08-12 15:19:29 +10:00
Nicholas Nethercote
3b0485fcdb Bug 1294645 - Don't use NS_CALLBACK for callbacks in nsI{Input,Output,UnicharInput},Stream.idl. r=froydnj.
Slightly less than half (93 / 210) of the NS_METHOD instances in the codebase
are because of the use of NS_CALLBACK in
nsI{Input,Output,UnicharInput},Stream.idl. The use of __stdcall on Win32 isn't
important for these callbacks because they are only used as arguments to
[noscript] methods.

This patch converts them to vanilla |nsresult| functions. It increases the size
of xul.dll by about ~600 bytes, which is about 0.001%.

--HG--
extra : rebase_source : c15d85298e0975fd030cd8f8f8e54501f453959b
2016-08-12 17:36:22 +10:00
Michael Layzell
8e946df619 Bug 1293001 - Part 2: Change the BinaryName of nsIContentSecurityPolicy::getPolicy from GetPolicy (which overloaded another virtual method), to GetPolicyString, r=froydnj
MozReview-Commit-ID: 4XWRar3Uuw
2016-08-11 15:49:40 -04:00
Nicholas Nethercote
e7f10a07fd Bug 1293603 (part 2) - Make Run() declarations consistent. r=erahm.
This patch makes most Run() declarations in subclasses of nsIRunnable have the
same form: |NS_IMETHOD Run() override|.

As a result of these changes, I had to add |override| to a couple of other
functions to satisfy clang's -Winconsistent-missing-override warning.

--HG--
extra : rebase_source : 815d0018b0b13329bb5698c410f500dddcc3ee12
2016-08-08 12:18:10 +10:00
Thomas Wisniewski
95d1c98761 Bug 918703 - Part 2: Correct progress event logic so events are sent in the correct order and with the correct values according to spec. r=baku
--HG--
extra : rebase_source : da5305fdfb1b28404199733f68cb65803a087e38
2016-08-05 23:47:40 -04:00
Gabor Krizsanits
f6bc83a18a Bug 1285894 - Fixing test_bug803225.html for e10s-multi. r=mrbkap 2016-08-01 12:26:38 +02:00
Christoph Kerschbaumer
886e7cd571 Bug 1289085: CSP - Test referrer with no valid src. r=dveditz 2016-07-29 22:53:59 +02:00
Christoph Kerschbaumer
ec59af86d9 Bug 1289085: CSP - Bail early if referrer directive has no valid src. r=dveditz 2016-07-31 07:57:22 +02:00
Thomas Wisniewski
6a1fb99d2b Bug 709991 - Fire onerror instead of throwing on network errors for async XHRs. r=bz 2016-07-30 00:24:56 -04:00
Iris Hsiao
caea40742f Backed out changeset 8dc198cd46ff (bug 1246540) for Mochitest failures 2016-07-27 13:14:07 +08:00
Kate McKinley
c6650db185 Bug 1246540 HSTS Priming Proof of Concept
HSTS priming changes the order of mixed-content blocking and HSTS
upgrades, and adds a priming request to check if a mixed-content load is
accesible over HTTPS and the server supports upgrading via the
Strict-Transport-Security header.

Every call site that uses AsyncOpen2 passes through the mixed-content
blocker, and has a LoadInfo. If the mixed-content blocker marks the load as
needing HSTS priming, nsHttpChannel will build and send an HSTS priming
request on the same URI with the scheme upgraded to HTTPS. If the server
allows the upgrade, then channel performs an internal redirect to the HTTPS URI,
otherwise use the result of mixed-content blocker to allow or block the
load.

nsISiteSecurityService adds an optional boolean out parameter to
determine if the HSTS state is already cached for negative assertions.
If the host has been probed within the previous 24 hours, no HSTS
priming check will be sent.

(r=ckerschb,r=mayhemer,r=jld,r=smaug,r=dkeeler,r=jmaher,p=ally)
2016-07-26 13:03:00 +08:00
Iris Hsiao
a7c8429fc4 Backed out changeset d7e39be85498 (bug 1246540) for Mochitest failures 2016-07-27 11:15:52 +08:00
Kate McKinley
567ebcf321 Bug 1246540 - HSTS Priming Proof of Concept. r=ckerschb, r=mayhemer, r=jld, r=smaug, r=dkeeler, r=jmaher, p=ally
HSTS priming changes the order of mixed-content blocking and HSTS
upgrades, and adds a priming request to check if a mixed-content load is
accesible over HTTPS and the server supports upgrading via the
Strict-Transport-Security header.

Every call site that uses AsyncOpen2 passes through the mixed-content
blocker, and has a LoadInfo. If the mixed-content blocker marks the load as
needing HSTS priming, nsHttpChannel will build and send an HSTS priming
request on the same URI with the scheme upgraded to HTTPS. If the server
allows the upgrade, then channel performs an internal redirect to the HTTPS URI,
otherwise use the result of mixed-content blocker to allow or block the
load.

nsISiteSecurityService adds an optional boolean out parameter to
determine if the HSTS state is already cached for negative assertions.
If the host has been probed within the previous 24 hours, no HSTS
priming check will be sent.
2016-07-26 13:03:00 -04:00
Carsten "Tomcat" Book
dcae5b0335 Merge mozilla-central to fx-team 2016-07-26 11:58:36 +02:00
Carsten "Tomcat" Book
a3904e8a8a Merge mozilla-central to mozilla-inbound 2016-07-25 15:59:01 +02:00
Carsten "Tomcat" Book
b9a6c687fa merge mozilla-inbound to mozilla-central a=merge 2016-07-25 15:50:41 +02:00