dom/security/nsCSPService.cpp
50f5048d3b938dc22b2f065de9329fd4b9b5cdc6
created 2019-01-10 10:52 +0100
pushed 2019-01-10 17:21 +0000
Andrea Marchesini Andrea Marchesini - Bug 1518948 - Wrong loadInfo check in CSPService::AsyncOnChannelRedirect, r=ckerschb
c6dc02dcffe28a80ad6e27f0e0be13b91a932496
created 2018-04-11 12:52 -0700
pushed 2019-01-09 16:06 +0000
Dave Townsend Dave Townsend - Bug 1515863, r=valentin,ckerschb
6f3709b3878117466168c40affa7bca0b60cf75b
created 2018-11-30 11:46 +0100
pushed 2018-11-30 11:01 +0000
Sylvestre Ledru Sylvestre Ledru - Bug 1511181 - Reformat everything to the Google coding style r=ehsan a=clang-format
aa75768d1747d1cc839baacd274645ae38e7755b
created 2018-10-31 15:35 +0100
pushed 2018-10-31 21:42 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1503575 - Remove unused mAppStatusCache from nsCSPService. r=baku
f09bd717691e8e913764e560377def8d5b7581f5
created 2018-10-22 14:50 +0200
pushed 2018-10-30 22:07 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1500083 - Exempt TYPE_XBL loads from CSP. r=dveditz
29f0a8f38d05b8d0d7ad63aebe715590f9813e02
created 2018-10-23 08:17 +0200
pushed 2018-10-23 09:27 +0000
Andrea Marchesini Andrea Marchesini - Bug 1498510 - Move nsICSPEventListener out of CSP object, r=ckerschb
840113981a53244e0342ce3ab8c6e5edfc56ca40
created 2018-09-18 08:17 +0000
pushed 2018-09-19 02:13 +0000
Timothy Guan-tin Chien Timothy Guan-tin Chien - Bug 1490793 - Localization DTDs should not be subject to CSP r=ckerschb
42983355094d0bb4151673575907394b0b05b7c0
created 2018-08-01 06:35 +0200
pushed 2018-08-01 09:52 +0000
Andrea Marchesini Andrea Marchesini - Bug 1476592 - Remove the cache from nsCSPContext - part 2 - sendViolationReports parameter, r=ckerschb, r=aosmond
1134174a8b6a87d484d9bb09234629e79b4446c0
created 2018-07-19 10:43 +1000
pushed 2018-07-20 09:57 +0000
Nicholas Nethercote Nicholas Nethercote - Bug 1476820 - Convert some VarCache prefs in dom/security/ to use StaticPrefs. r=ckerschb
8a66951dd403316aba45f36c3502df83cc5ed5f1
created 2018-07-19 13:25 +0200
pushed 2018-07-19 16:10 +0000
Andrea Marchesini Andrea Marchesini - Bug 1332422 - CSP should not use 'aExtra' to indicate redirects within ContentPolicy, r=ckerschb
4b1d446faee677ac36221b66a3c13baa980cceda
created 2018-06-22 20:35 +0300
pushed 2018-06-22 21:50 +0000
vinoth vinoth - Bug 1469150 - CSP: Scripts with valid nonce get blocked if URL redirects is fixed r=ckerschb
6f59d1bfa8bf4f760ea7f8aa0bdd16908508f5e9
created 2018-05-30 21:21 +0200
pushed 2018-05-31 10:04 +0000
Andrea Marchesini Andrea Marchesini - Bug 1446922 - Remove the leading 'a' from variables within the various ::ShouldLoad() implementations, r=qdot
22d7899c79f85237e8590843efd729e69996deb2
created 2018-03-29 12:16 +0200
pushed 2018-03-29 22:07 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1439713 - Change nsIContentPolicy shouldLoad to take an <uri, loadInfo> pair instead of the various args. r=bz
93507e0f2d3d6aef495299ee61e451406edb643c
created 2018-03-01 13:45 +0100
pushed 2018-03-01 22:09 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1439444: resource and chrome images and styles should not be subject to CSP. r=gijs
fc871960d805efc5b3c4ac9e0682312d7bb23bda
created 2018-01-25 14:20 +0100
pushed 2018-02-18 21:55 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1432358: Make resource URIs subject to CSP. r=gijs
5d726f46260f0d96dba2ec23d5b01375f588c6e1
created 2018-02-12 19:58 +0200
pushed 2018-02-12 22:08 +0000
Sebastian Hengst Sebastian Hengst - Backed out 4 changesets (bug 1432358) for failing xpcshell's test_ext_contentscript_triggeringPrincipal.js
91c948c94506089d6f40dc59d13c75ab78ce914d
created 2018-01-25 14:20 +0100
pushed 2018-02-12 22:08 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1432358: Make resource URIs subject to CSP. r=gijs
a824791e0d28623e928f9b5314cb6d948b2218ef
created 2018-02-09 23:46 +0200
pushed 2018-02-10 09:58 +0000
Sebastian Hengst Sebastian Hengst - Backed out 3 changesets (bug 1432358) for failing xpcshell's test_ext_contentscript_triggeringPrincipal.js on Windows debug. CLOSED TREE
60852dec9e041887bea80313a70ad2a4cba745a6
created 2018-01-25 14:20 +0100
pushed 2018-02-10 09:58 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1432358: Make resource URIs subject to CSP. r=gijs
41e5a4b54c93e40e92e1e697efa936e90a4c5a41
created 2017-10-07 14:53 -0700
pushed 2017-10-13 09:13 +0000
Kris Maglione Kris Maglione - Bug 1407056: Part 2 - Override page CSP for loads by expanded principals. r=bz,krizsa
a8b48c193197fdcd3075db581e5b7e7de34c7b39
created 2017-03-22 11:39 +0100
pushed 2017-03-23 00:10 +0000
Andrea Marchesini Andrea Marchesini - Bug 1343933 - Renaming Principal classes - part 4 - ContentPrincipal, r=qdot
d334627447da754b1d463accd17d456a6d6605ed
created 2017-02-14 10:06 -0500
pushed 2017-02-14 21:12 +0000
Ben Kelly Ben Kelly - Bug 1338304 P1 Make nsCSPService cancel the channel if a redirect is blocked by CSP. r=ckerschb
4a1f0be6fa1d318be2799b5066a098a9c931fa70
created 2017-01-12 09:42 +0100
pushed 2017-01-13 00:03 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1330035 - Explicitly use javascript: instead of URI_INHERITS_SECURITY_CONTEXT within subjectToCSP(). r=dveditz
b516e1d6e46165d5553ec894fadc55ce514f862c
created 2016-08-26 16:02 +1000
pushed 2016-09-02 20:19 +0000
Nicholas Nethercote Nicholas Nethercote - Bug 1297961 (part 1) - Introduce nsURI::GetSpecOrDefault(). r=hurley.
82092aed0171cf6f9073d224c8b766b7bce41c4f
created 2016-05-18 22:02 -0400
pushed 2016-05-24 12:54 +0000
Patrick McManus Patrick McManus - Bug 1274376 - more mozilla::net namespaces r=dragana
7ca9567ed5c7f2055b9911dee5b41e62398361c7
created 2016-03-24 23:09 -0400
pushed 2016-03-28 20:04 +0000
Tanvi Vyas Tanvi Vyas - Bug 1259678 - Refactor SubjectToCSP to avoid calling ShouldLoad if CSP doesn't apply to the content type. r=ckerschb
bf293d7d7ac6177bd73bddefce083847607f5bb7
created 2014-08-05 11:47 -0700
pushed 2016-02-25 22:25 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 908933 - Part1 - CSP: Call ShouldLoad inside ShouldProcess for TYPE_OBJECT. r=ckerschb
8ebc41358b44cbd1e4ce2209a7a354e18727bcf8
created 2016-01-19 09:10 -0800
pushed 2016-01-20 14:34 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1239397: Send Internal ContentPolicyType to CSP and MixedContent (r=sicking)
257051f3218b135671c7a21708d6af85b36515f7
created 2015-12-17 12:07 +0800
pushed 2015-12-18 14:24 +0000
Ethan Tseng Ethan Tseng - Bug 1030936 - [CSP] remove fast-path for certified apps once the C++ backend is activated. r=ckerschb
c728b4bd9be62afcfda73eba03edc3bd07aee33f
created 2015-11-23 11:09 -0800
pushed 2015-11-24 21:54 +0000
sajitk sajitk - Bug 1219478: Replace PRLogModuleInfo usage with LazyLogModule in dom folders except media.r=amerchesini
149cc9f89a2e6ac17e10ee926f739b0e2f4a2180
created 2015-11-14 19:29 -0800
pushed 2015-11-15 17:11 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 663570 - MetaCSP Part 6: CSP preload changes (r=sicking)
58d4c3876d0cd4ee42a48276a2c4ed6f7ee6e339
created 2015-10-28 16:32 -0700
pushed 2015-11-11 11:43 +0000
Kate McKinley Kate McKinley - Bug 1045891 - CSP 2 child-src implementation r=ckerschb
2d2e821fa20de7c6ee9878eab4c769fbcb74d053
created 2015-11-06 09:36 -0800
pushed 2015-11-09 13:56 +0000
Wes Kocher Wes Kocher - Backed out 4 changesets (bug 1045891) for b2g mochitest 7 failures
14818a2329a4846757098689aa0ef880ce8aee15
created 2015-10-28 16:32 -0700
pushed 2015-11-09 13:56 +0000
Kate McKinley Kate McKinley - Bug 1045891 - CSP 2 child-src implementation. r=ckerschb
fdb7c98c48141252b0ec48aba27fc545977182d3
created 2015-11-02 10:37 +0100
pushed 2015-11-02 23:12 +0000
Carsten "Tomcat" Book Carsten "Tomcat" Book - Backed out changeset 895c42544609 (bug 1045891)
895c42544609ed7e968ba2ef2c3940340331a1f2
created 2015-10-28 16:32 -0700
pushed 2015-11-02 23:12 +0000
Kate McKinley Kate McKinley - Bug 1045891 - CSP 2 child-src implementation r=ckerschb
a31b2d7d07b80484ae2b66689559e39108a7ee71
created 2015-10-19 11:14 -0700
pushed 2015-10-20 10:01 +0000
Jonas Sicking Jonas Sicking - Bug 1182571: Fix nsILoadInfo->GetContentPolicyType API to be less ambigious. Audit and fix all users of it. r=ckerschb
eca8be0e5336302a3a3de263f90ae4bd40a649bf
created 2015-10-18 19:59 -0700
pushed 2015-10-20 10:01 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1208559 - Hook up ServicerWorkers with CSP (r=sicking,bkelly,dveditz)
c98f6e3162261dc6c7053af06babc5b134b74496
created 2015-10-15 14:07 -0700
pushed 2015-10-16 11:18 +0000
Wes Kocher Wes Kocher - Backed out 2 changesets (bug 1182571) for being a likely cause of the Android S4 errors
8153ae231d16ee572c78a9d1d8b38fd5967b1d42
created 2015-10-15 12:18 -0700
pushed 2015-10-16 11:18 +0000
Jonas Sicking Jonas Sicking - Bug 1182571: Fix nsILoadInfo->GetContentPolicyType API to be less ambigious. Audit and fix all users of it. r=ckerschb
0e81b19b0f22e1a80930549b937cf62ced688068
created 2015-09-20 14:56 -0700
pushed 2015-09-22 10:41 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1048048 - add preload content policy types - csp changes (r=dveditz)
2f837630f5566d281aa6f51adb9cc2374da7fedc
created 2015-09-21 09:08 -0700
pushed 2015-09-22 10:41 +0000
Wes Kocher Wes Kocher - Backed out 7 changesets (bug 1048048) for android crashes in various chunks CLOSED TREE
4f91b10e8be000ee5408461c74099ca96156c0cf
created 2015-09-20 14:56 -0700
pushed 2015-09-22 10:41 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1048048 - add preload content policy types - csp changes (r=dveditz)
0086cb0ada91f77c6f0dcc115ca8b5051c2869ee
created 2015-06-16 08:49 -0400
pushed 2015-06-17 18:57 +0000
Ehsan Akhgari Ehsan Akhgari - Bug 1175114 - Translate the content policy type obtained in CSPService::AsyncOnChannelRedirect to an external one before invoking the content policy implementation; r=smaug
cc6436db5756bd60be9f01326f208d8f9bfb456b
created 2015-06-16 09:24 -0400
pushed 2015-06-16 18:38 +0000
Ehsan Akhgari Ehsan Akhgari - Bug 1175122 - Add more assertions to the in-tree content policy implementations to ensure that they receive external content policy types; r=baku
1eefebfb86eb72ac66b6a5707bcdff3fd1043974
created 2015-06-12 16:52 -0400
pushed 2015-06-16 14:11 +0000
Ehsan Akhgari Ehsan Akhgari - Bug 1174307 - Add some internal content policy types for the purpose of reflecting them on RequestContext; r=sicking
f52c18aac7ce0949190da943ec5d4ee86627d0f8
created 2015-06-03 15:25 -0700
pushed 2015-06-04 12:39 +0000
Eric Rahm Eric Rahm - Bug 1165515 - Part 13-2: Replace usage of PRLogModuleLevel and PR_LOG_*. rs=froydnj
0abfbc98614806464c6d932627eabd699bb47cc4
created 2015-06-03 15:22 -0700
pushed 2015-06-04 12:39 +0000
Eric Rahm Eric Rahm - Bug 1165515 - Part 3: Convert PR_LOG_TEST to MOZ_LOG_TEST. r=froydnj
3c8ed81098ddbe4a4c09e7aa652b5288dc4ce0d3
created 2015-06-02 13:05 +0200
pushed 2015-06-03 01:20 +0000
Carsten "Tomcat" Book Carsten "Tomcat" Book - Backed out 14 changesets (bug 1165515) for linux x64 e10s m2 test failures
7c3b45a47811b55f4e973d996dd149c5d575721b
created 2015-06-01 22:17 -0700
pushed 2015-06-03 01:20 +0000
Eric Rahm Eric Rahm - Bug 1165515 - Part 13-2: Replace usage of PRLogModuleLevel and PR_LOG_*. rs=froydnj
ffa4eb6d24b94146df5838e10b039e8b176c8edb
created 2015-06-01 22:17 -0700
pushed 2015-06-03 01:20 +0000
Eric Rahm Eric Rahm - Bug 1165515 - Part 3: Convert PR_LOG_TEST to MOZ_LOG_TEST. r=froydnj
3f1f9238e02fe107701bf3ab4237c0cb3b125710
created 2015-06-01 17:57 -0700
pushed 2015-06-02 11:11 +0000
Wes Kocher Wes Kocher - Backed out 14 changesets (bug 1165515) for b2g mochitest-6 permafail CLOSED TREE
150606c022a29517f43ee6907075170db825c947
created 2015-06-01 14:31 -0700
pushed 2015-06-02 11:11 +0000
Eric Rahm Eric Rahm - Bug 1165515 - Part 13-2: Replace usage of PRLogModuleLevel and PR_LOG_*. rs=froydnj
0ec74176f8def91d7b05ed05a03c92dd6283eeaa
created 2015-06-01 14:31 -0700
pushed 2015-06-02 11:11 +0000
Eric Rahm Eric Rahm - Bug 1165515 - Part 3: Convert PR_LOG_TEST to MOZ_LOG_TEST. r=froydnj
8a03e892db51e07a20a85f97abe073cee7be0fa0
created 2015-05-21 13:22 -0700
pushed 2015-05-22 18:02 +0000
Eric Rahm Eric Rahm - Bug 1165515 - Part 1: Convert PR_LOG to MOZ_LOG. r=froydnj
9fb7acc6f108dd473fae5df9a29b8ff4ddac915f
created 2015-05-19 11:15 -0700
pushed 2015-05-20 13:54 +0000
Eric Rahm Eric Rahm - Bug 1165518 - Part 2: Replace prlog.h with Logging.h. rs=froydnj
f86c4ccf1d175ee44cc54ed888c8486470a2b953
created 2015-05-11 14:22 -0700
pushed 2015-05-12 14:11 +0000
Eric Rahm Eric Rahm - Bug 1163196 - Part 2: Wrap expensive calls in PR_LOG_TEST. r=froydnj
e24aa2dd0e9a1d808569287ed9f69a570902b58d
created 2015-05-11 14:22 -0700
pushed 2015-05-12 14:11 +0000
Eric Rahm Eric Rahm - Bug 1163196 - Part 1: Remove instances of #ifdef PR_LOGGING in dom/security. r=froydnj
bd079aadd3feeee3f9b9f73c5e0bc4bd6a870722
created 2015-05-03 15:32 -0400
pushed 2015-05-04 11:42 +0000
Andrew McCreight Andrew McCreight - Bug 1152551, part 2 - Fix mode lines in dom/. r=jst
183190289b9c69fff9812491924005f2c1e8fbc9
created 2015-03-25 15:54 -0700
pushed 2015-04-07 01:19 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1086999 - CSP: Asterisk (*) wildcard should not allow blob:, data:, or filesystem: when matching source expressions (r=fabrice,pauljt)
less more (0) -60 tip