searching for reviewer(ckerschb)
06b855d93dad8babd10c8ce37ed642974d383914: Bug 1660452: Use precusor URIs to determine if a NullPrincipal was spun off of a Secure Context. r=ckerschb
Niklas Goegge <ngogge@mozilla.com> - Thu, 22 Jul 2021 14:25:25 +0000 - rev 586429
Push 38635 by dluca@mozilla.com at Thu, 22 Jul 2021 21:48:15 +0000
Bug 1660452: Use precusor URIs to determine if a NullPrincipal was spun off of a Secure Context. r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D120493
27644fd8810b665cb0bcfc9f5f6e93622e64f5e5: Bug 1551886: Check the parent scheme for NullPrincipals via the precusor principal. r=ckerschb
Niklas Goegge <ngogge@mozilla.com> - Thu, 22 Jul 2021 10:18:57 +0000 - rev 586415
Push 38635 by dluca@mozilla.com at Thu, 22 Jul 2021 21:48:15 +0000
Bug 1551886: Check the parent scheme for NullPrincipals via the precusor principal. r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D119977
fb5d74a6cad38e32bf02a26818c8b66869edeaf7: Bug 1719838 - Assert that OriginAttributes are pristine in PopulateFromSuffix. r=ckerschb
Stefan Zabka <szabka@mozilla.com> - Wed, 21 Jul 2021 12:10:58 +0000 - rev 586294
Push 38631 by apavel@mozilla.com at Wed, 21 Jul 2021 21:26:17 +0000
Bug 1719838 - Assert that OriginAttributes are pristine in PopulateFromSuffix. r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D120381
ec131014f7fda0a016a8b0ea085e9c4edaff9b8e: Bug 1551886: Check the parent scheme for NullPrincipals via the precusor principal. r=ckerschb
Niklas Goegge <ngogge@mozilla.com> - Wed, 21 Jul 2021 10:57:12 +0000 - rev 586293
Push 38631 by apavel@mozilla.com at Wed, 21 Jul 2021 21:26:17 +0000
Bug 1551886: Check the parent scheme for NullPrincipals via the precusor principal. r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D119977
a4673b141461c42173fe9fa05285eefcfef450e0: Bug 1676024: Websockets triggered by extensions should not be subject to a page's CSP. r=ckerschb,mixedpuppy
Niklas Goegge <ngogge@mozilla.com> - Tue, 20 Jul 2021 14:11:13 +0000 - rev 586155
Push 38627 by smolnar@mozilla.com at Tue, 20 Jul 2021 21:56:01 +0000
Bug 1676024: Websockets triggered by extensions should not be subject to a page's CSP. r=ckerschb,mixedpuppy Needs ReviewPublic Differential Revision: https://phabricator.services.mozilla.com/D104671
99863d6b8f8a7b10cbf558c97385d8a7c034c03d: Bug 1715167 - Part 7: Add tests for precursor principals, r=ckerschb,ngogge
Nika Layzell <nika@thelayzells.com> - Thu, 15 Jul 2021 21:09:16 +0000 - rev 585621
Push 38616 by smolnar@mozilla.com at Fri, 16 Jul 2021 03:37:24 +0000
Bug 1715167 - Part 7: Add tests for precursor principals, r=ckerschb,ngogge These test various ways of loading documents which will end up with null principals, and verify that they are loaded with the expected precursor URI. Depends on D119693 Differential Revision: https://phabricator.services.mozilla.com/D119694
70f7bc70e89fabc23c50651a4416161362a76a26: Bug 1715167 - Part 6: Use the unsandboxed result principal as precursor for sandbox principals, r=ckerschb,ngogge
Nika Layzell <nika@thelayzells.com> - Thu, 15 Jul 2021 21:09:15 +0000 - rev 585620
Push 38616 by smolnar@mozilla.com at Fri, 16 Jul 2021 03:37:24 +0000
Bug 1715167 - Part 6: Use the unsandboxed result principal as precursor for sandbox principals, r=ckerschb,ngogge This change stores a generated nsID directly on the LoadInfo, rather than the full SandboxedLoadingPrincipal. This allows for the sandboxed principal to be constructed from GetChannelResultPrincipal using the unsandboxed result principal as a precursor, rather than the loading principal. The nsID is reset by HttpChannelBase whenever a non-internal redirect occurs to reduce the chance of multiple null result principals during a redirect with the same nsID, but different precursors. Depends on D119692 Differential Revision: https://phabricator.services.mozilla.com/D119693
116910d82bf14bb2e6f074260f4584edfd6fbbd8: Bug 1715167 - Part 5: Add a precursorPrincipal attribute to nsIPrincipal, r=ckerschb,ngogge
Nika Layzell <nika@thelayzells.com> - Thu, 15 Jul 2021 21:09:15 +0000 - rev 585619
Push 38616 by smolnar@mozilla.com at Fri, 16 Jul 2021 03:37:24 +0000
Bug 1715167 - Part 5: Add a precursorPrincipal attribute to nsIPrincipal, r=ckerschb,ngogge This provides a getter which can be used to interact with the precursor attribute of the null principal. Depends on D119691 Differential Revision: https://phabricator.services.mozilla.com/D119692
60f3609def052b5382bde04e2b1dbc8c491c870a: Bug 1715167 - Part 4: Set precursor for redirect principal to inherit, r=ckerschb,necko-reviewers,ngogge,kershaw
Nika Layzell <nika@thelayzells.com> - Thu, 15 Jul 2021 21:09:14 +0000 - rev 585618
Push 38616 by smolnar@mozilla.com at Fri, 16 Jul 2021 03:37:24 +0000
Bug 1715167 - Part 4: Set precursor for redirect principal to inherit, r=ckerschb,necko-reviewers,ngogge,kershaw When a navigation redirects, the principalToInherit is reset back to a null principal for security reasons. This helps prevent a redirect from loading attacker controlled content with the wrong principal. This patch gives this new principalToInherit a precursor origin based on the resource which is being redirected. One time when this may come up is when an extension redirects a http: request to a `data:` URI through the request API. Before this change, the load would complete with a precursorless null principal, but after this change the precursor refers to the redirected-from URL. Depends on D119690 Differential Revision: https://phabricator.services.mozilla.com/D119691
a928d061642f0364575f84c7db298d3cc21e2023: Bug 1715167 - Part 3: Track precursor origins for URI_INHERITS_SECURITY_CONTEXT responses, r=ckerschb,ngogge
Nika Layzell <nika@thelayzells.com> - Thu, 15 Jul 2021 21:09:14 +0000 - rev 585617
Push 38616 by smolnar@mozilla.com at Fri, 16 Jul 2021 03:37:24 +0000
Bug 1715167 - Part 3: Track precursor origins for URI_INHERITS_SECURITY_CONTEXT responses, r=ckerschb,ngogge If a URI has the URI_INHERITS_SECURITY_CONTEXT flag it will not be given a content principal by CreateContentPrincipal. This patch changes the algorithm for creating result principals for network requests such that the null principal created in this situation has a precursor principal tracked on it. Depends on D119689 Differential Revision: https://phabricator.services.mozilla.com/D119690
06ae8315c75d9c5a267fe4dedb1b8688eb67cefc: Bug 1715167 - Part 2: Track precursor origins through CreateWithInheritedAttributes, r=ckerschb,ngogge
Nika Layzell <nika@thelayzells.com> - Thu, 15 Jul 2021 21:09:14 +0000 - rev 585616
Push 38616 by smolnar@mozilla.com at Fri, 16 Jul 2021 03:37:24 +0000
Bug 1715167 - Part 2: Track precursor origins through CreateWithInheritedAttributes, r=ckerschb,ngogge This method will be the primary way to track the precursor for a null principal, and will automatically handle tracking precursors in some common cases. While sandboxed principals are created with `CreateWithInheritedAttributes`, they unfortunately currently use the wrong precursor principal, which will be fixed in a later part. Depends on D119688 Differential Revision: https://phabricator.services.mozilla.com/D119689
95615f0cb5de9a0bc4dfd4c26050cf39d6ed0c54: Bug 1715167 - Part 1: Add the ability to track precursor origin on null principals, r=ckerschb
Nika Layzell <nika@thelayzells.com> - Thu, 15 Jul 2021 21:09:13 +0000 - rev 585615
Push 38616 by smolnar@mozilla.com at Fri, 16 Jul 2021 03:37:24 +0000
Bug 1715167 - Part 1: Add the ability to track precursor origin on null principals, r=ckerschb This patch only adds the machinery for tracking a precursor origin to the principal, and does not actually track the precursor origin in any situations. That is done in follow-up patches. Differential Revision: https://phabricator.services.mozilla.com/D119688
0285a22b4d667ee52f073a7d65a4189a2ace4c08: Bug 1720103 - Https-first: Do not upgrade form submissions (for now) r=ckerschb
lyavor <lyavor@mozilla.com> - Wed, 14 Jul 2021 15:53:00 +0000 - rev 585505
Push 38613 by ncsoregi@mozilla.com at Wed, 14 Jul 2021 21:50:10 +0000
Bug 1720103 - Https-first: Do not upgrade form submissions (for now) r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D119882
e207e7944cd2d5dcf647006791de063be96e2844: Bug 1719309 - HTTPS-First test for bad certifactes. r=ckerschb
lyavor <lyavor@mozilla.com> - Wed, 14 Jul 2021 12:34:01 +0000 - rev 585484
Push 38613 by ncsoregi@mozilla.com at Wed, 14 Jul 2021 21:50:10 +0000
Bug 1719309 - HTTPS-First test for bad certifactes. r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D119779
4d96de82d4d01828e658fd33fe26ec54b298cebc: Bug 1432170 - Add tests for CSP sandbox bypass with Blob. r=ckerschb,dveditz
vinoth <cegvinoth@gmail.com> - Tue, 13 Jul 2021 13:54:32 +0000 - rev 585411
Push 38611 by dluca@mozilla.com at Tue, 13 Jul 2021 21:42:32 +0000
Bug 1432170 - Add tests for CSP sandbox bypass with Blob. r=ckerschb,dveditz Differential Revision: https://phabricator.services.mozilla.com/D118008
129be2dc2ff28d5ea455e7b0dc9ae8258e32900d: Bug 1719539 - Fix Pocket button csp for saved panel in debug mode r=ckerschb
Scott <scott.downe@gmail.com> - Thu, 08 Jul 2021 13:59:00 +0000 - rev 585086
Push 38595 by dluca@mozilla.com at Thu, 08 Jul 2021 21:46:16 +0000
Bug 1719539 - Fix Pocket button csp for saved panel in debug mode r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D119332
912174f1a355276bf4ef08d7890efa7e37b92aeb: Bug 1706126 - HTTPS- First doesn't upgrade redirection from exempt target domain to subdomain (which supports https) r=ckerschb,necko-reviewers,dragana
lyavor <lyavor@mozilla.com> - Wed, 07 Jul 2021 14:19:09 +0000 - rev 584986
Push 38591 by mlaza@mozilla.com at Wed, 07 Jul 2021 21:52:19 +0000
Bug 1706126 - HTTPS- First doesn't upgrade redirection from exempt target domain to subdomain (which supports https) r=ckerschb,necko-reviewers,dragana Differential Revision: https://phabricator.services.mozilla.com/D118704
003db85b60d01fa3dde0f026a44719cee8b7c912: Bug 1712652: Expect service-workers/service-worker/update-module-request-mode.https.html to pass. r=ckerschb,jgraham
Niklas Goegge <ngogge@mozilla.com> - Tue, 06 Jul 2021 11:37:49 +0000 - rev 584835
Push 38588 by apavel@mozilla.com at Tue, 06 Jul 2021 21:42:42 +0000
Bug 1712652: Expect service-workers/service-worker/update-module-request-mode.https.html to pass. r=ckerschb,jgraham Differential Revision: https://phabricator.services.mozilla.com/D117129
5a283b91c1022f13972d35dfd037433fa2c77b95: Bug 1714645: Remove NullPrincipalURI. r=ckerschb,nika
Niklas Goegge <ngogge@mozilla.com> - Tue, 06 Jul 2021 08:23:12 +0000 - rev 584830
Push 38588 by apavel@mozilla.com at Tue, 06 Jul 2021 21:42:42 +0000
Bug 1714645: Remove NullPrincipalURI. r=ckerschb,nika Differential Revision: https://phabricator.services.mozilla.com/D118490
2cf5c443e107ee76e10d1b9dc04ef7d9bd8c2b92: Bug 1714645: Use nsSimpleURI instead of NullPrincipalURI. r=ckerschb,nika
Niklas Goegge <ngogge@mozilla.com> - Tue, 06 Jul 2021 08:23:11 +0000 - rev 584829
Push 38588 by apavel@mozilla.com at Tue, 06 Jul 2021 21:42:42 +0000
Bug 1714645: Use nsSimpleURI instead of NullPrincipalURI. r=ckerschb,nika Differential Revision: https://phabricator.services.mozilla.com/D118489
d6716c153f0ef8d2530046a062883c86561752b0: Bug 1676024: Websockets triggered by extensions should not be subject to a page's CSP. r=ckerschb,mixedpuppy
Niklas Goegge <ngogge@mozilla.com> - Tue, 06 Jul 2021 08:05:49 +0000 - rev 584827
Push 38588 by apavel@mozilla.com at Tue, 06 Jul 2021 21:42:42 +0000
Bug 1676024: Websockets triggered by extensions should not be subject to a page's CSP. r=ckerschb,mixedpuppy Needs ReviewPublic Differential Revision: https://phabricator.services.mozilla.com/D104671
60d705792e3a71df76d57f1de7a2e44756bbfe3d: Bug 1716069 - P2: Use nsHTTPSOnlyUtils::IsUpgradeDowngradeEndlessLoop to check if there is an endless loop when HTTPS RR is presented, r=ckerschb
Kershaw Chang <kershaw@mozilla.com> - Thu, 24 Jun 2021 09:27:54 +0000 - rev 584244
Push 38563 by cbrindusan@mozilla.com at Fri, 25 Jun 2021 09:34:36 +0000
Bug 1716069 - P2: Use nsHTTPSOnlyUtils::IsUpgradeDowngradeEndlessLoop to check if there is an endless loop when HTTPS RR is presented, r=ckerschb Depends on D118598 Differential Revision: https://phabricator.services.mozilla.com/D118599
9c9774f5b0bc236c69dca1335fd8ef17b49e2735: Bug 1716069 - P1: Skip user gesture check in IsUpgradeDowngradeEndlessLoop(), r=ckerschb
Kershaw Chang <kershaw@mozilla.com> - Thu, 24 Jun 2021 09:27:54 +0000 - rev 584243
Push 38563 by cbrindusan@mozilla.com at Fri, 25 Jun 2021 09:34:36 +0000
Bug 1716069 - P1: Skip user gesture check in IsUpgradeDowngradeEndlessLoop(), r=ckerschb The main reason that I think we can skip this check is that `mHasValidUserGestureActivation` of the load info will be copied to the redirected channel's load info. Take the website in this bug (www.animechiby.com) as an example. 1. When a user types http://www.animechiby.com in the address bar and press enter, we create an http channel to load. At this point, `mHasValidUserGestureActivation` of this channel's load info is true. 2. The channel is redirect to `https` because of HTTPS RR (could be also HTTPS-only mode). 3. The web server returns 302 with a location header: `http://www.animechiby.com`. 4. We create a new channel and start redirecting to `http://www.animechiby.com`, and `mHasValidUserGestureActivation` is copied to the new channel's load info. 5. IsUpgradeDowngradeEndlessLoop() returns false because GetHasValidUserGestureActivation() returns true. 6. IsUpgradeDowngradeEndlessLoop() failed to detect this endless loop case. Differential Revision: https://phabricator.services.mozilla.com/D118598
f7a9f14f727f07ea10fa107086f2dc363be31ce4: Bug 1714065 - Allow matching partition key fields via OriginAttributesPattern. r=timhuang,ckerschb
Paul Zuehlcke <pbz@mozilla.com> - Thu, 24 Jun 2021 09:13:30 +0000 - rev 584237
Push 38563 by cbrindusan@mozilla.com at Fri, 25 Jun 2021 09:34:36 +0000
Bug 1714065 - Allow matching partition key fields via OriginAttributesPattern. r=timhuang,ckerschb Differential Revision: https://phabricator.services.mozilla.com/D116606
faa061d58d3763b282e6abd23fbc0a6ff71dc96a: Bug 1705910: Remove NS_WARN_IF for expected case in FramingChecker. ckerschb r=ckerschb
Kris Maglione <maglione.k@gmail.com> - Wed, 23 Jun 2021 22:02:10 +0000 - rev 584212
Push 38561 by nbeleuzu@mozilla.com at Thu, 24 Jun 2021 02:39:52 +0000
Bug 1705910: Remove NS_WARN_IF for expected case in FramingChecker. ckerschb r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D118417
e7fa285d160af2f17fa6bc2c7e7ccdc0616f4c73: Bug 1716734 - Updated comment in nsIPrincipal.idl r=ckerschb DONTBUILD
Stefan Zabka <szabka@mozilla.com> - Wed, 16 Jun 2021 15:53:18 +0000 - rev 583555
Push 38543 by apavel@mozilla.com at Wed, 16 Jun 2021 21:42:00 +0000
Bug 1716734 - Updated comment in nsIPrincipal.idl r=ckerschb DONTBUILD Updated the origin attributes comment to use the current delimiter Differential Revision: https://phabricator.services.mozilla.com/D117990
5c912a806605cfb4e452a453b3d7460752fbd4c8: Bug 1542807 part 5 - Don't apply CSP rules for the document to fonts loaded from User and UserAgent origin sheets. r=ckerschb
Mats Palmgren <mats@mozilla.com> - Mon, 14 Jun 2021 01:22:06 +0000 - rev 582930
Push 38537 by mlaza@mozilla.com at Mon, 14 Jun 2021 09:53:07 +0000
Bug 1542807 part 5 - Don't apply CSP rules for the document to fonts loaded from User and UserAgent origin sheets. r=ckerschb As for document.fonts, I don't think we intentionally meant to apply CSP to User/UserAgent fonts. The document certainly has no authority to block those from loading. (We already have a separate principal for these which is further evidence that this was unintentional and we can use the same bit (mUseOriginPrincipal) to avoid CSP.) Differential Revision: https://phabricator.services.mozilla.com/D111695
38daf64afe59defed512d5c53d44752789b9a5b2: Bug 1542807 part 5 - Don't apply CSP rules for the document to fonts loaded from User and UserAgent origin sheets. r=ckerschb
Mats Palmgren <mats@mozilla.com> - Fri, 11 Jun 2021 18:10:39 +0000 - rev 582853
Push 38533 by nerli@mozilla.com at Sat, 12 Jun 2021 09:41:20 +0000
Bug 1542807 part 5 - Don't apply CSP rules for the document to fonts loaded from User and UserAgent origin sheets. r=ckerschb As for document.fonts, I don't think we intentionally meant to apply CSP to User/UserAgent fonts. The document certainly has no authority to block those from loading. (We already have a separate principal for these which is further evidence that this was unintentional and we can use the same bit (mUseOriginPrincipal) to avoid CSP.) Differential Revision: https://phabricator.services.mozilla.com/D111695
7b5d3986ef966c2a33ad6d38aaa29e1557998c4c: Bug 1704473 - Remove <head> requirement for <meta name=referrer>. r=ckerschb
Niklas Goegge <ngogge@mozilla.com> - Wed, 09 Jun 2021 09:21:53 +0000 - rev 582418
Push 38527 by ncsoregi@mozilla.com at Thu, 10 Jun 2021 03:46:06 +0000
Bug 1704473 - Remove <head> requirement for <meta name=referrer>. r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D116618
a5021586700fde2e70f3f39ca335557c874832fa: Bug 1713593 - HTTPS-First: Add test for mixed content blocker. r=ckerschb
lyavor <lyavor@mozilla.com> - Tue, 08 Jun 2021 09:08:08 +0000 - rev 582205
Push 38523 by imoraru@mozilla.com at Tue, 08 Jun 2021 15:57:50 +0000
Bug 1713593 - HTTPS-First: Add test for mixed content blocker. r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D116465
a0fc709aac587f627bc5a1d8d5c3f8339b558d54: Bug 1703091: Add a random ID the Message Manager logging so we can associate logging messages r=ckerschb
Tom Ritter <tom@mozilla.com> - Mon, 07 Jun 2021 20:02:33 +0000 - rev 582135
Push 38521 by cbrindusan@mozilla.com at Tue, 08 Jun 2021 04:08:33 +0000
Bug 1703091: Add a random ID the Message Manager logging so we can associate logging messages r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D110857
37917f824eb062be6768d43d4bc66e03def133ed: Bug 1712749 - Land remaining sec-fetch browser navigation tests. r=ckerschb
Niklas Goegge <ngogge@mozilla.com> - Wed, 02 Jun 2021 14:30:07 +0000 - rev 581707
Push 38511 by cbrindusan@mozilla.com at Wed, 02 Jun 2021 21:44:47 +0000
Bug 1712749 - Land remaining sec-fetch browser navigation tests. r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D116586
8fe07e36277113377f066209d3322a04f808e95e: Bug 1709552 HTTPS-First: 4xx and 5xx error responses might need a downgrade. r=ckerschb,necko-reviewers,valentin,JulianWels
lyavor <lyavor@mozilla.com> - Wed, 02 Jun 2021 08:35:22 +0000 - rev 581675
Push 38511 by cbrindusan@mozilla.com at Wed, 02 Jun 2021 21:44:47 +0000
Bug 1709552 HTTPS-First: 4xx and 5xx error responses might need a downgrade. r=ckerschb,necko-reviewers,valentin,JulianWels Differential Revision: https://phabricator.services.mozilla.com/D114749
fce39bf3b22200b89026848c087e7baee126919e: Bug 1710334 - Fix misplacement of about:netError "Try Again" button. r=ckerschb,johannh
Geoff Lankow <geoff@darktrojan.net> - Sun, 30 May 2021 22:48:07 +0000 - rev 581447
Push 38504 by cbrindusan@mozilla.com at Mon, 31 May 2021 09:54:24 +0000
Bug 1710334 - Fix misplacement of about:netError "Try Again" button. r=ckerschb,johannh Reverses a slight change in logic introduced in bug 1496524. Also tidies up some really badly formatted comments. Differential Revision: https://phabricator.services.mozilla.com/D114703
455afdd12fcd5da20b21aded881b990464b0a268: Bug 1712965 - Expect update-module-request-mode.https.html.ini to pass on beta and release. r=ckerschb,aryx
Niklas Goegge <ngogge@mozilla.com> - Thu, 27 May 2021 13:03:25 +0000 - rev 580953
Push 38496 by dluca@mozilla.com at Thu, 27 May 2021 16:27:39 +0000
Bug 1712965 - Expect update-module-request-mode.https.html.ini to pass on beta and release. r=ckerschb,aryx Differential Revision: https://phabricator.services.mozilla.com/D116022
a883bc7752febaced855ab14751980c6866724fd: Bug 1695911 - Flip dom.security.secFetch.enabled pref to true. r=ckerschb,annevk
Niklas Goegge <ngogge@mozilla.com> - Tue, 25 May 2021 17:37:09 +0000 - rev 580642
Push 38491 by malexandru@mozilla.com at Wed, 26 May 2021 09:48:46 +0000
Bug 1695911 - Flip dom.security.secFetch.enabled pref to true. r=ckerschb,annevk Differential Revision: https://phabricator.services.mozilla.com/D115484
a84a2e535ffda2f1a7bc9f49cfff00063c8f350d: Bug 1648825 - Ensure that Sec-Fetch-Site is only 'none' if the load was user triggered. r=ckerschb,marionette-reviewers,whimboo
Niklas Goegge <ngogge@mozilla.com> - Tue, 25 May 2021 17:37:08 +0000 - rev 580641
Push 38491 by malexandru@mozilla.com at Wed, 26 May 2021 09:48:46 +0000
Bug 1648825 - Ensure that Sec-Fetch-Site is only 'none' if the load was user triggered. r=ckerschb,marionette-reviewers,whimboo Differential Revision: https://phabricator.services.mozilla.com/D109643
a25184e549adecdd70b8c376d81545c56dce2558: Bug 1648825 - Add nsISHEntry::hasUserActivation r=ckerschb,smaug
Niklas Goegge <ngogge@mozilla.com> - Tue, 25 May 2021 17:37:08 +0000 - rev 580640
Push 38491 by malexandru@mozilla.com at Wed, 26 May 2021 09:48:46 +0000
Bug 1648825 - Add nsISHEntry::hasUserActivation r=ckerschb,smaug Differential Revision: https://phabricator.services.mozilla.com/D113818
45685c6215f9547d8c76584b654ca5be59854724: Bug 1707856: Test redirect downgrades with https-first. r=ckerschb
lyavor <lyavor@mozilla.com> - Tue, 25 May 2021 11:49:00 +0000 - rev 580601
Push 38491 by malexandru@mozilla.com at Wed, 26 May 2021 09:48:46 +0000
Bug 1707856: Test redirect downgrades with https-first. r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D113511
1d7e78cac600060aef1c721a488185ed32beff2d: Bug 1695911 - Flip dom.security.secFetch.enabled pref to true. r=ckerschb,annevk
Niklas Goegge <ngogge@mozilla.com> - Thu, 20 May 2021 11:06:11 +0000 - rev 580222
Push 38479 by malexandru@mozilla.com at Fri, 21 May 2021 09:57:54 +0000
Bug 1695911 - Flip dom.security.secFetch.enabled pref to true. r=ckerschb,annevk Differential Revision: https://phabricator.services.mozilla.com/D115484
d90566e41269d3f7824c1c9b6a457dd0437ab0a7: Bug 1648825 - Ensure that Sec-Fetch-Site is only 'none' if the load was user triggered. r=ckerschb,marionette-reviewers,whimboo
Niklas Goegge <ngogge@mozilla.com> - Thu, 20 May 2021 11:06:11 +0000 - rev 580221
Push 38479 by malexandru@mozilla.com at Fri, 21 May 2021 09:57:54 +0000
Bug 1648825 - Ensure that Sec-Fetch-Site is only 'none' if the load was user triggered. r=ckerschb,marionette-reviewers,whimboo Differential Revision: https://phabricator.services.mozilla.com/D109643
5aece2a17f5d24eff876db2a97e76768e72d984a: Bug 1648825 - Add nsISHEntry::hasUserActivation r=ckerschb,smaug
Niklas Goegge <ngogge@mozilla.com> - Thu, 20 May 2021 11:06:10 +0000 - rev 580220
Push 38479 by malexandru@mozilla.com at Fri, 21 May 2021 09:57:54 +0000
Bug 1648825 - Add nsISHEntry::hasUserActivation r=ckerschb,smaug Differential Revision: https://phabricator.services.mozilla.com/D113818
45c659bd4922fa3b4a7b602c6214f16092a31284: Bug 1704843 - Part 2: Add a test to verify HSTS parameter includeSubDomains works correctly when network partitioning is enabled. r=ckerschb
Tim Huang <tihuang@mozilla.com> - Thu, 20 May 2021 08:12:32 +0000 - rev 580191
Push 38478 by imoraru@mozilla.com at Thu, 20 May 2021 09:57:45 +0000
Bug 1704843 - Part 2: Add a test to verify HSTS parameter includeSubDomains works correctly when network partitioning is enabled. r=ckerschb Depends on D114614 Differential Revision: https://phabricator.services.mozilla.com/D114615
776d2e2ecd043cdc269753bc75ae06bd6a938e14: Bug 1704843 - Part 1: Use the OAs with the partitionKey to get HSTS state in nsDocShell. r=ckerschb
Tim Huang <tihuang@mozilla.com> - Thu, 20 May 2021 08:12:31 +0000 - rev 580190
Push 38478 by imoraru@mozilla.com at Thu, 20 May 2021 09:57:45 +0000
Bug 1704843 - Part 1: Use the OAs with the partitionKey to get HSTS state in nsDocShell. r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D114614
d5ef33ba49754144481008d627df172c8f75a15e: Bug 1711697 Update PBM tests within browser/components/extensions/test/browser/browser_ext_incognito_popup.js to work with https-first-mode enabled r=ckerschb
lyavor <lyavor@mozilla.com> - Wed, 19 May 2021 12:16:57 +0000 - rev 580019
Push 38476 by dluca@mozilla.com at Wed, 19 May 2021 21:47:56 +0000
Bug 1711697 Update PBM tests within browser/components/extensions/test/browser/browser_ext_incognito_popup.js to work with https-first-mode enabled r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D115373
368d0fd83186cc406ad6cb06afe82dc87ccbc38d: Bug 1711714 Update PBM tests within browser/components/extensions/test/browser/browser_ext_tabs_zoom to work with https-first-mode enabled. r=kmag,ckerschb
lyavor <lyavor@mozilla.com> - Wed, 19 May 2021 12:13:36 +0000 - rev 580018
Push 38476 by dluca@mozilla.com at Wed, 19 May 2021 21:47:56 +0000
Bug 1711714 Update PBM tests within browser/components/extensions/test/browser/browser_ext_tabs_zoom to work with https-first-mode enabled. r=kmag,ckerschb Differential Revision: https://phabricator.services.mozilla.com/D115378
0eaf4b701fa2bdd387eb97bc1949b6469ce18ce0: Bug 1711078 - Part 2: Mark immutable fields in principal types as const, r=ckerschb
Nika Layzell <nika@thelayzells.com> - Mon, 17 May 2021 20:50:09 +0000 - rev 579816
Push 38469 by ncsoregi@mozilla.com at Tue, 18 May 2021 09:45:31 +0000
Bug 1711078 - Part 2: Mark immutable fields in principal types as const, r=ckerschb This is a step towards separating the mutable state on principals from const state which can be made threadsafe. The remaining mutable fields will either need to be moved off of nsIPrincipal or made threadsafe to destroy (e.g. using nsMainThreadPtrHandle) and stored behind a mutex. Serialization is handled for most types using a separate Deserializer class, like how it was handled with `nsIURI` mutators. SystemPrincipal wasn't changed as the `Read` method is a no-op for that class. Differential Revision: https://phabricator.services.mozilla.com/D115092
f8e166c5eb17d1bb9e94a48efcb059a16a06117f: Bug 1711078 - Part 1: Stop using the component manager to create non-system principals, r=ckerschb
Nika Layzell <nika@thelayzells.com> - Mon, 17 May 2021 20:50:08 +0000 - rev 579815
Push 38469 by ncsoregi@mozilla.com at Tue, 18 May 2021 09:45:31 +0000
Bug 1711078 - Part 1: Stop using the component manager to create non-system principals, r=ckerschb This is necessary to remove the Init methods from principals, allowing immutable fields to be marked as const and clearly separated from mutable fields to improve threadsafety. Differential Revision: https://phabricator.services.mozilla.com/D115091
abc01a080c12068162ad1dd2f15e4e6a83bb2353: Bug 1711455 Update URL in test cases of browser/components/extensions/test/browser/browser_ext_incognito_views.js. r=ckerschb
lyavor <lyavor@mozilla.com> - Mon, 17 May 2021 17:32:44 +0000 - rev 579796
Push 38469 by ncsoregi@mozilla.com at Tue, 18 May 2021 09:45:31 +0000
Bug 1711455 Update URL in test cases of browser/components/extensions/test/browser/browser_ext_incognito_views.js. r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D115210
6f1d11e15050a7c997ae4eefe944e2800b42bdfa: Bug 1697334 implement matches property in web_accessible_resources r=zombie,ckerschb,necko-reviewers,smaug
Shane Caraveo <scaraveo@mozilla.com> - Fri, 14 May 2021 03:15:15 +0000 - rev 579622
Push 38462 by smolnar@mozilla.com at Fri, 14 May 2021 09:42:22 +0000
Bug 1697334 implement matches property in web_accessible_resources r=zombie,ckerschb,necko-reviewers,smaug This patch implements support for the manifest V3 matches property which limits what hosts may load an extensions web_accessible_resources. Differential Revision: https://phabricator.services.mozilla.com/D107746