Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-25 11:15:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
479,929 Commits 615 Branches 98 Tags 5.9 GiB
a896cc25ca
Commit Graph

345 Commits

Author SHA1 Message Date
Christoph Kerschbaumer
76f6cc7739 Bug 1268327 - ReferrerPolicy should not be delivered through CSPRO r=tnguyen 
--HG--
extra : rebase_source : 92bd320351de91b72304c2fc386f1ae295837a9e
 2016-06-22 14:13:03 +02:00
Christoph Kerschbaumer
1b81dcec35 Bug 1271198 - Convert Websockets to use AsyncOpen2(). r=jduell 2016-05-17 12:04:11 +02:00
Thomas Nguyen
4b7ad0e2c5 Bug 1223838 - Fix wrong policy associated with empty string. r=fkiefer,hsivonen 
MozReview-Commit-ID: 7kFH39cegmH
 2016-05-30 15:17:45 +08:00
Dimi Lee
83ab2f2e39 Bug 1148732 - (CVE-2015-4483) feed: protocol + POST method => mixed scripting. r=tanvi 2016-05-23 12:11:02 +08:00
Stephanie Ouillon
e4fbe1d9ac Bug 1247459 - Meta and header CSP are merged without a semicolon. r=ckerschb 2016-05-17 15:34:53 +02:00
Frederik Braun
404a0bbb99 Bug 1265318: add require-sri-for CSP directive. r=ckerschb 
MozReview-Commit-ID: 200PAvKtBME
 2016-05-31 11:14:00 +02:00
Frederik Braun
e8df1f59be Bug 1265318: tests for require-sri-for CSP directive. r=ckerschb 
MozReview-Commit-ID: Ji14cwB8D3P
 2016-05-31 08:30:00 +02:00
Jonathan Hao
525c086187 Bug 1259871 - Replace getSimpleCodebasePrincipal with createCodebasePrincipal. r=sicking 
MozReview-Commit-ID: Frx0CjBzuve

--HG--
extra : histedit_source : 036eb321d9ccb20e0e071ba588b0a1249eb34bdd
 2016-05-24 18:01:34 +08:00
Sebastian Hengst
4a29890033 Backed out changeset c970fb57fedd (bug 1247459) for failing its own test on Windows. r=backout 2016-05-31 08:36:02 +02:00
Stephanie Ouillon
fc06857f8e Bug 1247459 - Meta and header CSP are merged without a semicolon. r=ckerschb 2016-05-17 15:34:53 +02:00
Christoph Kerschbaumer
8a208322fb Bug 1269254 - Skip CheckLoadURIWithPrincipal checks within ContentSecurityManager on loadingPrincipal if security flag indicates allow cross origin loads (r=sicking) 2016-05-29 20:40:16 +02:00
Christoph Kerschbaumer
031a59734b Bug 1196013 - Use channel->ascynOpen2 in toolkit/components/places. r=billm r=sicking r=mak 2016-05-23 23:57:31 +02:00
Patrick McManus
2cd574f25f Bug 1274376 - more mozilla::net namespaces r=dragana 
--HG--
extra : rebase_source : 914d48f23a4a5db052a789b9e21c1ff922533d35
 2016-05-18 22:02:57 -04:00
Carsten "Tomcat" Book
927b1a0b3a Backed out changeset 7469725d7461 (bug 959388) 2016-05-23 11:36:12 +02:00
Carsten "Tomcat" Book
9214312096 Backed out changeset 9feb9c89d33a (bug 959388) 2016-05-23 11:36:10 +02:00
Thomas Nguyen
61fe1800b8 Bug 959388 - Add csp worker test cases. r=kmckinley 
MozReview-Commit-ID: Ahx419BHWrS

--HG--
extra : rebase_source : 2016c1e68f990a8ba9cd471e18778c87b08546e1
 2016-05-19 11:59:54 +08:00
Thomas Nguyen
32e38271c9 Bug 959388 - Deliver CSP from HTTP header. r=ckerschb r=khuey 
MozReview-Commit-ID: LUl5LyO94m3

--HG--
extra : rebase_source : f2ddfcbf6237b11ebb19adfabf346cf76f4a6ab8
 2016-05-19 11:57:32 +08:00
Christoph Kerschbaumer
52a84afc5c Bug 1273418 - CSP: Test evaluate upgrade-insecure-requests before block-all-mixed-content (r=tanvi) 2016-05-21 19:36:02 +02:00
Christoph Kerschbaumer
3713fd6352 Bug 1273418 - CSP: Evaluate upgrade-insecure-requests before block-all-mixed-content (r=tanvi) 2016-05-21 19:35:45 +02:00
Sebastian Hengst
468fcc6924 Backed out changeset 2292661153e3 (bug 1271198) for web-platform failures. r=backout on a CLOSED TREE 2016-05-19 17:06:04 +02:00
Christoph Kerschbaumer
bbc661631e Bug 1271198 - Convert Websockets to use AsyncOpen2() (r=jduell) 2016-05-19 15:42:01 +02:00
Sebastian Hengst
d6e3286232 Backed out changeset 854a8df494d3 (bug 1271198) for many assertions at nsHttpChannel.cpp:5204. r=backout on a CLOSED TREE 2016-05-19 14:23:51 +02:00
Christoph Kerschbaumer
0e2d46a840 Bug 1271198 - Convert Websockets to use AsyncOpen2() (r=jduell) 2016-05-19 11:54:02 +02:00
Trevor Saunders
1e81548029 bug 1271436 - use nsIDocShellTreeItem::GetDocument() more r=smaug 2016-05-17 18:16:07 -04:00
Chris Peterson
8a9e2d2bd4 Bug 1272513 - Part 2: Remove redundant -Wshadow CXXFLAGS from moz.build files. r=glandium 2016-05-14 00:54:55 -07:00
Henry Chang
dc7cba21ef Bug 1251152 - Part 3: Test case. r=franziskus 2016-05-05 11:11:34 +08:00
Andreas Farre
51e42c28d2 Bug 1268851 - Add SRILogHelper to hold GetSriLog r=baku 
MozReview-Commit-ID: BqW7LXOFirn

--HG--
extra : rebase_source : cf0d1c8f1f88e05912830cef673e866b7c2756c4
 2016-05-03 17:43:33 -07:00
Christoph Kerschbaumer
9944442791 Bug 1261634 - Tests for whitespace skipping within meta csp. r=dveditz 2016-04-21 21:19:50 +02:00
Christoph Kerschbaumer
a9a95d1918 Bug 1261634 - Update whitespace skipping for meta csp. r=dveditz 2016-04-21 21:15:06 +02:00
Aryeh Gregor
f14f1babe8 Bug 1193762 part 8 - Fix things that will break; r=froydnj 
It looks like VC++ doesn't like comparisons of nsCOMPtr to 0 after this
change, but those are bad style anyway, so I removed them from
TestCOMPtr.cpp instead of trying to make them work.
 2016-05-01 21:29:23 +03:00
Christoph Kerschbaumer
da0d241d98 Bug 1206961 - Use channel->AsyncOpen2() for imageLoader; Remove security checks from callsites (r=bz) 2016-04-27 19:41:13 +02:00
Jonathan Watt
2bb448cbb2 Bug 1267509 - Make nsContentSecurityManager::IsURIPotentiallyTrustworthy act on an nsIPrincipal. r=bz 
MozReview-Commit-ID: Zu1zU4Brkx

--HG--
rename : dom/security/test/unit/test_isURIPotentiallyTrustworthy.js => dom/security/test/unit/test_isOriginPotentiallyTrustworthy.js
 2016-04-26 11:30:43 +01:00
Christoph Kerschbaumer
c607e5cac1 Bug 1263286 - Update csp base-uri tests. r=bz 
--HG--
rename : dom/security/test/csp/file_base-uri.html => dom/security/test/csp/file_base_uri_server.sjs
 2016-04-26 12:38:06 +02:00
Kyle Huey
c73656947b Bug 1265927: Move nsRunnable to mozilla::Runnable, CancelableRunnable to mozilla::CancelableRunnable. r=froydnj 2016-04-25 17:23:21 -07:00
Frederik Braun
582caa399f Bug 1142332 - Prevent calling CSP_EnumToKeyword with CSP_HASH. r=ckerschb 
MozReview-Commit-ID: I1w9QrWJeEo

--HG--
extra : histedit_source : 1258cfc50d32c10f0de90ba1e863e21ae3ebf0f8
 2016-04-24 14:56:22 -04:00
Kris Maglione
f3feb0cfd3 Bug 1254194: Allow iterating over and inspecting sources of parsed CSP directives. r=ckerschb 
MozReview-Commit-ID: G8b86UvSv0y

--HG--
extra : rebase_source : c7857e88af0d94dd1162dccfe12aae6567945f2c
 2016-04-23 20:42:43 -07:00
Christoph Kerschbaumer
d82c07bf27 Bug 1262635 - Don't strip URIs of ftp: when sending reports. r=dveditz 2016-04-17 20:09:18 +02:00
Matt Robenolt
1d82e1412f Bug 1192840 - Fix CSP report content-type. r=ckerschb 2016-04-14 12:51:31 +02:00
Frederik Braun
6c12520100 Bug 1192840 - fix tests to expect correct csp report content-type r=ckerschb 
MozReview-Commit-ID: TzpGH63EPF

--HG--
extra : transplant_source : %1548%CC%97%F5%3Ca%D6_%0Df%96.%5C%F0%B0%3BE%21
 2016-04-08 14:14:38 +02:00
Tanvi Vyas
9c0a7ac154 Bug 1105556 - Add a hidden preference that is checked in debug mode to determine whether the main LoadInfo() constructor should assert that the ContentPolicyType is not TYPE_DOCUMENT. 
Set the preference in xpcshell tests that create TYPE_DOCUMENT loads in javascript and hence end up using the main constructor. r=sicking, ckerschb
 2016-04-13 16:30:36 -07:00
Tanvi Vyas
b58752765c Bug 1105556 - Don't call CheckLoadURIWithPrincipal() in DoCheckLoadURIChecks() for TYPE_DOCUMENT loads where we don't have a loadingPrincipal. Ensure SEC_COOKIES_SAME_ORIGIN isn't set for TYPE_DOCUMENT loads in CheckChannel(). r=ckerschb, sicking 2016-04-13 16:30:28 -07:00
Sebastian Hengst
4ee65db5e7 Backed out changeset 0c21f872515b (bug 1192840) for failure in modified test_csp_reports.js. r=backout 2016-04-13 19:32:44 +02:00
Frederik Braun
ae7f565803 Bug 1192840 - fix tests to expect correct csp report content-type r=ckerschb 
MozReview-Commit-ID: TzpGH63EPF

--HG--
extra : transplant_source : %1548%CC%97%F5%3Ca%D6_%0Df%96.%5C%F0%B0%3BE%21
 2016-04-08 14:14:38 +02:00
Marcos Caceres
387bd9e686 Bug 1258005 - Remove setTimeout to avoid intermittent issue. r=bkelly 2016-04-12 00:39:00 +02:00
Jonathan Hao
e1331785d7 Bug 1241634 - Reflow before clicking in mixedcontentblocker test r=mckinley 
MozReview-Commit-ID: 5rbeuVjaw0B

--HG--
extra : rebase_source : f0f603c31e0e2ee43f8bbac575de3dab0660e333
 2016-03-25 16:52:49 +08:00
Marcos Caceres
f7ad23868a Bug 1250048 - CSP manifest-src doesn't override default-src. r=ckerschb,bkelly,ehsan 
MozReview-Commit-ID: Ceu3sYUcML4
 2016-04-07 14:13:09 -07:00
Chris Manchester
f7a1b3fb60 Bug 1242051 - Add inter-directory test support file dependencies to ini manifests. r=gps 
Previously, every test and support file would be synced to the objdir
when running any test. Now that only those support files and tests requested
are synced, we note support files required beyond those in a test's
directory in ini manifests.

MozReview-Commit-ID: EmlDz9d4lqt
 2016-04-04 14:56:52 -07:00
Tanvi Vyas
74153c556f Bug 1260153 - remove unreachable code in nsMixedContentBlocker. if/else blocks above all return. r=ckerschb 2016-03-28 12:48:00 +02:00
Christoph Kerschbaumer
adb02c6c4f Bug 1243586 - Test Upgrade-Insecure-Requests HTTP Request Header Field. r=rbarnes 2016-03-01 09:19:28 -08:00
Christoph Kerschbaumer
254dd8f12a Bug 1216365 - nsMixedContentBlocker should use innerMostURI for aContentLocation. r=tanvi 2016-03-28 22:03:26 -07:00