wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity
241,711 Commits 1 Branch 166 Tags 1.2 GiB
29f0f96441
Commit Graph

51 Commits

Author SHA1 Message Date
Boris Zbarsky
ee1cd19f1a Bug 1157451. Make nsCORSListenerProxy::Init take an enum, not a boolean, to indicate what to do with data: URIs. And make it required, not defaulted to disallowing. r=smaug 2015-04-22 20:30:10 -04:00
Andrea Marchesini
eff949a801 Bug 1156632 - Remove unused forward class declarations - patch 4 - netwerk image and dom, r=ehsan 2015-04-22 08:29:20 +02:00
Nathan Froyd
fba75178ed Bug 1153988 - create nsNullPrincipals directly, rather than going through do_CreateInstance; r=smaug 
There's a better way to create null principals than
do_CreateInstance("@mozilla.org/nullprincipal;1").  Let's do that and
save ourselves some XPCOM overhead.
 2015-04-13 14:47:41 -04:00
Tanvi Vyas
dad0ba9181 Bug 1148732 - When checking a document's scheme, check the innermost uri. r=dveditz, smaug 2015-04-15 10:18:27 -07:00
Wes Kocher
599525318e Backed out changeset 050848a5273c (bug 1153988) for Windows build bustage CLOSED TREE 2015-04-14 14:42:59 -07:00
Nathan Froyd
5ba322e426 Bug 1153988 - create nsNullPrincipals directly, rather than going through do_CreateInstance; r=smaug 
There's a better way to create null principals than
do_CreateInstance("@mozilla.org/nullprincipal;1").  Let's do that and
save ourselves some XPCOM overhead.
 2015-04-13 14:47:41 -04:00
Christoph Kerschbaumer
c6b14e7e90 Bug 1004703 - ignore 'unsafe-inline' if nonce- or hash-source specified (r=sstamm) 2015-04-07 09:06:05 -07:00
Christoph Kerschbaumer
e4a73f690c Bug 1086999 - CSP: Asterisk (*) wildcard should not allow blob:, data:, or filesystem: when matching source expressions (r=fabrice,pauljt) 2015-03-25 15:54:13 -07:00
Christoph Kerschbaumer
9f6f8915d8 Bug 1086999 - CSP: Asterisk (*) wildcard should not allow blob:, data:, or filesystem: when matching source expressions (r=sstamm) 2015-02-06 14:54:11 -08:00
Ehsan Akhgari
f2fdcdb534 Bug 1147996 - Enable interception of CSP reports through service workers; r=nsm 
Currently when sending a CSP report, HttpBaseChannel::ShouldIntercept tries to
get access to the nsINetworkInterceptController interface through the channel's
notification callbacks, but in this case the notification callback is the
CSPReportRedirectSink object (thanks to nsCORSListenerProxy::Init).

This patch extends CSPReportRedirectSink to make it aware of
nsINetworkInterceptController, and have it route the request for
nsINetworkInterceptController correctly to the docshell without the need to
mess with the notification callbacks.

This will be tested in bug 1147699.
 2015-03-28 16:28:40 -04:00
Ehsan Akhgari
b5cfb9bee0 Bug 1147695 - Enable interception of beacons through service workers; r=nsm 
Currently when sending a beacon, HttpBaseChannel::ShouldIntercept tries
to get access to the nsINetworkInterceptController interface through the
channel's notification callbacks, but in this case the notification
callback is the nsCORSListenerProxy object (thanks to
nsCORSListenerProxy::Init).

nsCORSListenerProxy already knows how to forward calls to
nsIInterfaceRequestor::GetInterface to mOuterNotificationCallbacks, and
ShouldIntercept calls GetInterfce.  But mOuterNotificationCallbacks is
set by default to the callbacks of the channel at the time
nsCORSListenerProxy is called, and the callbacks on this channel is
intentionally null, so ShouldIntercept bails out and the beacon never
gets intercepted.

This patch extends nsCORSListenerProxy to make it aware of
nsINetworkInterceptController, and have it route the request for
nsINetworkInterceptController correctly to the docshell without the need
to mess with the notification callbacks.

This will be tested in bug 1147699.
 2015-03-28 16:28:37 -04:00
Andrea Marchesini
94545cbb2e Bug 1148527 - Indentation fix after bug 1145631, r=ehsan 2015-03-27 18:52:19 +00:00
Christoph Kerschbaumer
d1707b1b87 Bug 1147026 - CSP should ignore query string when checking a resource load (r=dveditz) 2015-03-25 22:09:10 -07:00
Tanvi Vyas
3564d8631d Bug 1082947 - Make sure the security state is set properly in nsMixedContentBlocker. r=smaug 2015-03-25 11:23:42 -07:00
Tanvi Vyas
40ecefd3d9 Bug 1082837 - Use nsresult for static ShouldLoad and use NS_IMETHODIMP for nsIContentPolicy::ShouldLoad(). CLOSED TREE 2015-03-24 10:51:15 -07:00
Tanvi Vyas
6455ea6848 Bug 1082837 - Call content policies on cached image redirects in imgLoader::ValidateSecurityInfo. Content policies check the last hop (final uri) of the cached image. For Mixed Content Blocker, we do an additional check to see if any of the intermediary hops went through an insecure redirect. r=smaug, feedback=seth 2015-03-24 09:18:48 -07:00
Nikhil Marathe
d7a9e5691b Bug 1134324 - Set CORS mode and credentials on Fetch event Request. r=michal 
renames fetch to fetchXHR() since fetch() is now a superpower.
 2015-03-17 08:47:02 -07:00
Ryan VanderMeulen
321d8637a6 Backed out changesets 772945b1130d, cb83b6efa9ea, and 5f23080673ee (bug 1086999) for Gaia context_menu_test.js failures. 
CLOSED TREE
 2015-03-23 14:22:23 -04:00
Christoph Kerschbaumer
a3e5541984 Bug 1086999 - CSP: Asterisk (*) wildcard should not allow blob:, data:, or filesystem: when matching source expressions (r=sstamm) 2015-02-06 14:54:11 -08:00
Ehsan Akhgari
5cccea6f0f Bug 1145631 - Part 1: Replace MOZ_OVERRIDE and MOZ_FINAL with override and final in the tree; r=froydnj 
This patch was automatically generated using the following script:

function convert() {
echo "Converting $1 to $2..."
find . \
       ! -wholename "*/.git*" \
       ! -wholename "obj-ff-dbg*" \
         -type f \
      \( -iname "*.cpp" \
         -o -iname "*.h" \
         -o -iname "*.c" \
         -o -iname "*.cc" \
         -o -iname "*.idl" \
         -o -iname "*.ipdl" \
         -o -iname "*.ipdlh" \
         -o -iname "*.mm" \) | \
    xargs -n 1 sed -i -e "s/\b$1\b/$2/g"
}

convert MOZ_OVERRIDE override
convert MOZ_FINAL final
 2015-03-21 12:28:04 -04:00
Alexandre Lissy
d834b67bad Bug 1138895 - Use proper origin for CSP fast path cache. r=geekboy 2015-03-08 09:21:00 -04:00
Tanvi Vyas
4df1ca192f Bug 1084504 - fix Mixed Content Blocking for redirects in e10s. r=mrbkap 2015-02-19 17:01:04 -08:00
Honza Bambas
241148d1bd Bug 881830 - Make CORS redirect handling ignore redirects due to an STS upgrade. r=bz 2015-02-10 08:00:00 -05:00
Ryan VanderMeulen
d495ea5eb4 Backed out 4 changesets (bug 671389) for frequent B2G debug test_tcpsocket_client_and_server_basics.html crashes. 
Backed out changeset b782435e5640 (bug 671389)
Backed out changeset 0f8d62109bfe (bug 671389)
Backed out changeset 8d6021f66c49 (bug 671389)
Backed out changeset cd3e227df9dc (bug 671389)
 2015-02-05 16:48:18 -05:00
Deian Stefan
9c223b02e1 Bug 671389 - Part 1: Implement CSP sandbox directive r=ckerschb,smaug 2015-02-03 23:40:00 +01:00
Christoph Kerschbaumer
76bbe3bb9f Bug 1121824 - Improve CORS console messages when request is blocked (r=sicking) 2015-01-22 17:20:58 -08:00
Carsten "Tomcat" Book
308953e270 Backed out changeset 0287d2e29d56 (bug 1121824) for m-1 test failures on a CLOSED TREE 2015-01-22 08:29:13 +01:00
Christoph Kerschbaumer
445d680ce3 Bug 1121824 - Improve CORS console messages when request is blocked (r=sicking) 2015-01-21 19:44:43 -08:00
Christoph Kerschbaumer
480ea3b45f Bug 1122445 - CSP: don't normalize path for CSP checks (r=sstamm) 2015-01-21 13:48:03 -08:00
Wes Kocher
0f016d6a1b Backed out 2 changesets (bug 1122445) for cppunit failures 
Backed out changeset 1481719fc830 (bug 1122445)
Backed out changeset b685648927c6 (bug 1122445)
 2015-01-21 15:16:05 -08:00
Christoph Kerschbaumer
ba75ca4b71 Bug 1122445 - CSP: don't normalize path for CSP checks (r=sstamm) 2015-01-21 13:48:03 -08:00
Phil Ringnalda
cd848381e8 Backed out 4 changesets (bug 1117650) because moving tests causes WebRTC tests to move from running first in a linux64 debug mochitest-e10s chunk to running last in another chunk, and they fail if they run last in a chunk 
CLOSED TREE

Backed out changeset 9318cab3bd13 (bug 1117650)
Backed out changeset aff44058c799 (bug 1117650)
Backed out changeset eef01ed4d406 (bug 1117650)
Backed out changeset 1b25392be437 (bug 1117650)
 2015-01-20 22:48:32 -08:00
James Kitchener
6a912052bb Bug 1100184 - Flatten netwerk/base/{public,src}/ directories. r=mcmanus, r=poiru 2015-01-20 03:58:00 -05:00
Christoph Kerschbaumer
fedb3d2381 Bug 1117650 - Part 3 - Move all CORS tests into dom/security/test (r=sicking) 2015-01-05 09:47:13 -08:00
Christoph Kerschbaumer
aabcc49d6f Bug 1117650 - Part 2 - Move all MixedContentBlocker tests into dom/security/test (r=tanvi) 2015-01-04 22:02:17 -08:00
Christoph Kerschbaumer
fa454cff91 Bug 1117650 - Part 1 - Move all CSP tests into dom/security/test (r=sstamm) 2015-01-04 22:01:02 -08:00
Christoph Kerschbaumer
6871cab9fd Bug 1117311 - CSP: Allowing paths that start with '_' (r=sstamm) 2015-01-04 19:58:38 -08:00
Christoph Kerschbaumer
dd4b91b6b5 Bug 1116624 - Move CORS into dom/security (r=sicking) 
--HG--
rename : dom/base/nsCrossSiteListenerProxy.cpp => dom/security/nsCORSListenerProxy.cpp
rename : dom/base/nsCrossSiteListenerProxy.h => dom/security/nsCORSListenerProxy.h
 2014-12-30 15:54:59 -08:00
Masatoshi Kimura
f56eb289a0 Bug 1115668 - Fix inappropriate mixed content warning messages. r=tanvi 2014-12-30 23:09:33 +09:00
Carsten "Tomcat" Book
31adb424e6 Backed out changeset 470c550c782b (bug 1115668) for breaking dt tests on a CLOSED TREE 2014-12-30 08:09:15 +01:00
Masatoshi Kimura
1f0c27e143 Bug 1115668 - Fix inappropriate mixed content warning messages. r=tanvi 2014-12-30 14:37:15 +09:00
Christoph Kerschbaumer
684b6821d2 Bug 1112782 - Update Redirect handling for CSP followup - CLOSED TREE (r=me) 2014-12-17 17:04:16 -08:00
Christoph Kerschbaumer
6b41d6eef4 Bug 1112782 - Update Redirect handling for CSP (r=sstamm) 2014-12-17 14:19:25 -08:00
Sid Stamm
2dc6b0fbef Bug 965727 - Implement referrer directive for CSP. (r=jst,ckerschb) 2014-12-17 14:14:04 -05:00
Sid Stamm
f6c54bcc92 Bug 999656 - Fix mappings between content type and CSP directives and refactor permits functions in CSP. r=ckerschb 2014-12-10 13:54:00 +01:00
Chris Peterson
edef43a958 Bug 1108932 - Fix -Wunused-const-variable warning-as-error in nsCSPParser.cpp. r=ckerschb 2014-12-08 21:16:51 -08:00
Christoph Kerschbaumer
ab647ecb2f Bug 1094067 - CSP: Parser should follow path production from RFC 3986 (r=sstamm) 2014-11-14 15:05:36 -08:00
Christoph Kerschbaumer
82aabf73bf Bug 1021669 - Use protocol flags to whiteliste protocols not suspect to CSP (r=sstamm) 2014-11-20 14:59:53 -08:00
Francois Marier
1c1155b8a6 Bug 529697 - (CSP 1.1) Implement form-action directive [1/4], r=geekboy 
Teach CSP about the form-action directive from CSP Level 2.
 2014-11-18 01:12:00 +01:00
Christoph Kerschbaumer
6cef496a8e Bug 1089912: Part 2, move mixedcontentblocker into dom/security (r=tanvi,jst) 
--HG--
rename : dom/base/nsMixedContentBlocker.cpp => dom/security/nsMixedContentBlocker.cpp
rename : dom/base/nsMixedContentBlocker.h => dom/security/nsMixedContentBlocker.h
 2014-10-28 09:44:11 -07:00