Commit Graph

309 Commits

Author SHA1 Message Date
Christoph Kerschbaumer
d82c07bf27 Bug 1262635 - Don't strip URIs of ftp: when sending reports. r=dveditz 2016-04-17 20:09:18 +02:00
Matt Robenolt
1d82e1412f Bug 1192840 - Fix CSP report content-type. r=ckerschb 2016-04-14 12:51:31 +02:00
Frederik Braun
6c12520100 Bug 1192840 - fix tests to expect correct csp report content-type r=ckerschb
MozReview-Commit-ID: TzpGH63EPF

--HG--
extra : transplant_source : %1548%CC%97%F5%3Ca%D6_%0Df%96.%5C%F0%B0%3BE%21
2016-04-08 14:14:38 +02:00
Tanvi Vyas
9c0a7ac154 Bug 1105556 - Add a hidden preference that is checked in debug mode to determine whether the main LoadInfo() constructor should assert that the ContentPolicyType is not TYPE_DOCUMENT.
Set the preference in xpcshell tests that create TYPE_DOCUMENT loads in javascript and hence end up using the main constructor. r=sicking, ckerschb
2016-04-13 16:30:36 -07:00
Tanvi Vyas
b58752765c Bug 1105556 - Don't call CheckLoadURIWithPrincipal() in DoCheckLoadURIChecks() for TYPE_DOCUMENT loads where we don't have a loadingPrincipal. Ensure SEC_COOKIES_SAME_ORIGIN isn't set for TYPE_DOCUMENT loads in CheckChannel(). r=ckerschb, sicking 2016-04-13 16:30:28 -07:00
Sebastian Hengst
4ee65db5e7 Backed out changeset 0c21f872515b (bug 1192840) for failure in modified test_csp_reports.js. r=backout 2016-04-13 19:32:44 +02:00
Frederik Braun
ae7f565803 Bug 1192840 - fix tests to expect correct csp report content-type r=ckerschb
MozReview-Commit-ID: TzpGH63EPF

--HG--
extra : transplant_source : %1548%CC%97%F5%3Ca%D6_%0Df%96.%5C%F0%B0%3BE%21
2016-04-08 14:14:38 +02:00
Marcos Caceres
387bd9e686 Bug 1258005 - Remove setTimeout to avoid intermittent issue. r=bkelly 2016-04-12 00:39:00 +02:00
Jonathan Hao
e1331785d7 Bug 1241634 - Reflow before clicking in mixedcontentblocker test r=mckinley
MozReview-Commit-ID: 5rbeuVjaw0B

--HG--
extra : rebase_source : f0f603c31e0e2ee43f8bbac575de3dab0660e333
2016-03-25 16:52:49 +08:00
Marcos Caceres
f7ad23868a Bug 1250048 - CSP manifest-src doesn't override default-src. r=ckerschb,bkelly,ehsan
MozReview-Commit-ID: Ceu3sYUcML4
2016-04-07 14:13:09 -07:00
Chris Manchester
f7a1b3fb60 Bug 1242051 - Add inter-directory test support file dependencies to ini manifests. r=gps
Previously, every test and support file would be synced to the objdir
when running any test. Now that only those support files and tests requested
are synced, we note support files required beyond those in a test's
directory in ini manifests.

MozReview-Commit-ID: EmlDz9d4lqt
2016-04-04 14:56:52 -07:00
Tanvi Vyas
74153c556f Bug 1260153 - remove unreachable code in nsMixedContentBlocker. if/else blocks above all return. r=ckerschb 2016-03-28 12:48:00 +02:00
Christoph Kerschbaumer
adb02c6c4f Bug 1243586 - Test Upgrade-Insecure-Requests HTTP Request Header Field. r=rbarnes 2016-03-01 09:19:28 -08:00
Christoph Kerschbaumer
254dd8f12a Bug 1216365 - nsMixedContentBlocker should use innerMostURI for aContentLocation. r=tanvi 2016-03-28 22:03:26 -07:00
Tanvi Vyas
1de9e6ab9d Bug 1259678 - Refactor SubjectToCSP to avoid calling ShouldLoad if CSP doesn't apply to the content type. r=ckerschb
--HG--
extra : rebase_source : 76f914a9dfab38bd5d21ddca519f47a2a5d68963
2016-03-24 23:09:00 -04:00
Christoph Kerschbaumer
36d3e09fd4 Bug 1257650 - Skip Security checks if triggeringPrincipal is SystemPrincipal only for subresource loads. r=sicking
--HG--
extra : rebase_source : fb8d0827788e70ca87e8cd680e2cdd56941e3c2a
2016-03-18 16:14:03 -07:00
Christoph Kerschbaumer
20549b7fe0 Bug 1251043 - Test form submission blocked by CSP. r=francois 2016-03-23 13:38:05 -07:00
Wes Kocher
fe9aec58c3 Backed out changeset 1d5e6c22fd3a (bug 1250048) for CSP failures/assertions in various tests/chunks CLOSED TREE
MozReview-Commit-ID: I21ELiYYqdD

--HG--
extra : amend_source : 83d8554e6046153a3cf16ffefed7d6602e822241
2016-03-21 12:42:36 -07:00
Marcos Caceres
2e3ca60562 Bug 1250048 - CSP manifest-src doesn't override default-src. r=ckerschb
--HG--
extra : rebase_source : 1f8a65dcb9ea909588991cd5e8970560c3651426
2016-03-20 23:24:00 -04:00
Carsten "Tomcat" Book
0db9291841 merge mozilla-inbound to mozilla-central a=merge 2016-03-21 15:30:59 +01:00
Benjamin Peterson
752343237e No bug - fix typo r=me
DONTBUILD CLOSED TREE

--HG--
extra : rebase_source : 25f0600425dec249f838ed221dde71d401571eb9
extra : amend_source : 49f7ccab9e47083df9e8b7776acc6de73a880473
2016-03-19 21:28:19 -07:00
Franziskus Kiefer
1a47cfb77a Bug 1186072 - Add trailing slash to origin referer header when policy is set. r=sworkman
MozReview-Commit-ID: 3PYuODmqpbL

--HG--
extra : source : ac4148f22b2d6f76762dac3fd94a6452da80bdde
2016-02-24 10:51:54 +01:00
Jonathan Hao
f750d8988e Bug 1235572 - Tests of enforcing SRI on remote about:newtab. r=francois
MozReview-Commit-ID: 6epw8D4M0FX

--HG--
extra : transplant_source : %87t%D0%60a%B4%14%24%E6%B9%97Q%CDXr%B69%12%E9%0D
2016-03-16 11:19:20 +08:00
Marcos Caceres
84cb2023d7 Bug 1176824 - Intermittent browser_test_web_manifest.js. r=ckerschb 2016-03-16 16:07:00 +01:00
Franziskus Kiefer
bf87c6c564 Bug 1252829 - CSP Telemetry. r=ckerschb, p=bsmedberg
MozReview-Commit-ID: CiNAxh2ZrHB

--HG--
extra : transplant_source : %B8%00%E0%83%1B%29%BDI%DE%09%CDPN%AE%7B9Tk%8B%99
2016-03-02 13:00:09 +01:00
Christoph Kerschbaumer
a35cb7baf1 Bug 1122236 - CSP: block-all-mixed-content - test frame navigation (r=tanvi) 2016-03-15 16:08:07 -07:00
Christoph Kerschbaumer
18d0d6e8d6 Bug 1122236 - CSP: block-all-mixed-content tests (r=tanvi) 2016-03-15 16:07:49 -07:00
Christoph Kerschbaumer
39f2d53360 Bug 1122236 - CSP: Implement block-all-mixed-content (r=tanvi,kate,mrbkap) 2016-01-13 20:58:16 -08:00
Ryan VanderMeulen
5f15eed746 Bug 1241634 - Skip test_frameNavigation.html on Windows and OSX for frequent failures. a=test-only
--HG--
extra : rebase_source : ba229e6a62c82ad8c59ae89943fd6181df4275a9
2016-03-15 12:50:07 -04:00
Marco Castelluccio
2fb9c40ec1 Bug 1250453 - Remove DOMApplicationRegistry.allAppsLaunchable property and related testing API. r=myk 2016-03-14 16:29:11 +00:00
Franziskus Kiefer
2b22d469bb Bug 1226928 - content-signature verification tests for about:newtab, r=mconley 2016-03-14 11:57:16 +01:00
Franziskus Kiefer
bd54ab19d3 Bug 1226928 - signature verification for content-signing, r=keeler,mayhemer 2016-03-14 11:56:35 +01:00
Christoph Kerschbaumer
5e6ba24562 Bug 1227813 - CSP: Ignore unsafe-inline within style-src if hash or nonce specified. r=kmckinley 2016-03-11 15:35:39 -08:00
Blake Kaplan
40da91e7a5 Bug 1242775 - Run parent-process code in the parent. r=mccr8 2016-03-10 17:14:35 -08:00
Carsten "Tomcat" Book
25fbf67b66 Backed out changeset 878c54ec3954 (bug 1250453) 2016-03-10 14:45:59 +01:00
Marco Castelluccio
1902f1c620 Bug 1250453 - Remove DOMApplicationRegistry.allAppsLaunchable property and related testing API. r=myk 2016-03-10 11:12:38 +00:00
Carsten "Tomcat" Book
eb98199ac0 Backed out changeset ac4148f22b2d (bug 1186072) for referrer test failures
--HG--
extra : rebase_source : 124130bb041418eb97862a131ae6365df5cfbdc6
2016-03-03 09:23:59 +01:00
Franziskus Kiefer
55e0623947 Bug 1186072 - add trailing slash to origin referer header when policy is set, r=sworkman
MozReview-Commit-ID: 3PYuODmqpbL

--HG--
extra : transplant_source : %E5P%B1%1F%82%08%07%2A%1C%26%AF%C5%C8%29%B1y%97O%877
2016-02-24 10:51:54 +01:00
Christoph Kerschbaumer
8414718c57 Bug 1232903 - Skip Security checks if triggeringPrincipal is SystemPrincipal (r=sicking) 2016-03-01 16:11:37 -08:00
Christoph Kerschbaumer
41b26f4a9b Bug 1195172 - Test Fonts governed by CSP (r=bz) 2016-03-01 13:06:26 -08:00
Christoph Kerschbaumer
9ab1648f67 Bug 1195172 - Use channel->ascynOpen2 layout/style/FontFaceSet.cpp (r=bz,cam) 2016-03-01 13:06:13 -08:00
Boris Zbarsky
7aa5d59bc7 Bug 1251518. Fix js::ErrorReportToString to make a bit more sense, and change worker code to not use it anyway, so it matches the mainthread code. r=bholley,terrence 2016-03-01 13:49:21 -05:00
Ehsan Akhgari
8a0731fdde Bug 1251875 - Part 1: Remove the dom.serviceWorkers.interception.enabled pref; r=bkelly 2016-03-01 09:16:38 -05:00
Wes Kocher
4712647d7d Backed out 2 changesets (bug 1243586) for dt5 bustage in netmonitor tests
Backed out changeset 06a4d2d48fb2 (bug 1243586)
Backed out changeset 846e31fe5eb2 (bug 1243586)

MozReview-Commit-ID: 69kiDIULtm2
2016-02-29 10:39:04 -08:00
Christoph Kerschbaumer
f7017a06c3 Bug 1243586 - Test Upgrade-Insecure-Requests HTTP Request Header Field (r=rbarnes) 2016-02-29 08:46:48 -08:00
Franziskus Kiefer
56bdfe820a Bug 1244116 - Telemetry for mixed content requests by plugins. r=smaug, p=ally
MozReview-Commit-ID: F9rOb1SdPnL

--HG--
extra : rebase_source : 0b2aa83761880fb6e5a18c3a80ac86fe5ca16923
2016-02-16 15:46:36 +01:00
Boris Zbarsky
7413f2bf46 Bug 1251369. Use an AutoJSAPI that reports its own exceptions around the main runloop in workers. r=khuey
The silly leading ": " on the error messages is due to bug 1251518.
2016-02-26 15:23:13 -05:00
Ethan Tseng
eb71a675d8 Bug 908933 - Part2 - CSP tests: ShouldProcess should block TYPE_OBJECT. r=ckerschb
--HG--
extra : rebase_source : 6dcf8d477656e4d5cdb9362b1f1ec561aba420a7
2016-01-27 01:35:53 +08:00
Christoph Kerschbaumer
ec146d5159 Bug 908933 - Part1 - CSP: Call ShouldLoad inside ShouldProcess for TYPE_OBJECT. r=ckerschb
--HG--
extra : rebase_source : ee8875120e45d84413ab8ed3c9553d3d42e88acd
2014-08-05 11:47:08 -07:00
Christoph Kerschbaumer
1f7d8b69b3 Bug 1243178: CSP - Skip sending reports for non http schemes. r=dveditz 2016-01-27 15:56:39 -08:00