author | Christoph Kerschbaumer <ckerschb@christophkerschbaumer.com> |
Mon, 03 Jun 2019 06:04:25 +0000 (2019-06-03) | |
changeset 476569 | 45edf42e870a703b67104fd92f49614d50152bb5 |
parent 476568 | 62b73610a2f7d80d7eb5f402d59757868e4521a0 |
child 476570 | abf29aea4d1edd7cc377f18d1b25149b020bcabf |
child 476588 | af8569c103d2ae0c6b3ee749c341cc0332e56d43 |
push id | 36101 |
push user | csabou@mozilla.com |
push date | Mon, 03 Jun 2019 10:13:37 +0000 (2019-06-03) |
treeherder | mozilla-central@45edf42e870a [default view] [failures only] |
perfherder | [talos] [build metrics] [platform microbench] (compared to previous push) |
bugs | 1496010 |
milestone | 69.0a1 |
first release with | nightly linux32
45edf42e870a
/
69.0a1
/
20190603101337
/
files
nightly linux64
45edf42e870a
/
69.0a1
/
20190603101337
/
files
nightly mac
45edf42e870a
/
69.0a1
/
20190603101337
/
files
nightly win32
45edf42e870a
/
69.0a1
/
20190603101337
/
files
nightly win64
45edf42e870a
/
69.0a1
/
20190603101337
/
files
|
last release without | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
releases | nightly linux32
69.0a1
/
20190603101337
/
pushlog to previous
nightly linux64
69.0a1
/
20190603101337
/
pushlog to previous
nightly mac
69.0a1
/
20190603101337
/
pushlog to previous
nightly win32
69.0a1
/
20190603101337
/
pushlog to previous
nightly win64
69.0a1
/
20190603101337
/
pushlog to previous
|
--- a/modules/libpref/init/all.js +++ b/modules/libpref/init/all.js @@ -2633,17 +2633,17 @@ pref("font.blacklist.underline_offset", pref("security.directory", ""); // security-sensitive dialogs should delay button enabling. In milliseconds. pref("security.dialog_enable_delay", 1000); pref("security.notification_enable_delay", 500); #if defined(DEBUG) && !defined(ANDROID) -pref("csp.about_uris_without_csp", "blank,printpreview,srcdoc,about,addons,cache-entry,config,crashes,debugging,devtools,downloads,home,memory,networking,newtab,performance,plugins,policies,profiles,restartrequired,serviceworkers,sessionrestore,support,sync-log,telemetry,url-classifier,webrtc,welcomeback"); +pref("csp.about_uris_without_csp", "blank,printpreview,srcdoc,addons,cache-entry,config,crashes,debugging,devtools,downloads,home,memory,networking,newtab,performance,plugins,policies,profiles,restartrequired,serviceworkers,sessionrestore,support,sync-log,telemetry,url-classifier,webrtc,welcomeback"); // the following prefs are for testing purposes only. pref("csp.overrule_about_uris_without_csp_whitelist", false); pref("csp.skip_about_page_has_csp_assert", false); // assertion flag will be set to false after fixing Bug 1473549 pref("security.allow_eval_with_system_principal", false); pref("security.uris_using_eval_with_system_principal", "autocomplete.xml,redux.js,react-redux.js,content-task.js,preferencesbindings.js,lodash.js,jszip.js,sinon-7.2.7.js,jsol.js"); #endif
--- a/testing/mochitest/tests/browser/dummy.html +++ b/testing/mochitest/tests/browser/dummy.html @@ -1,6 +1,7 @@ <!DOCTYPE html> <html> + <meta http-equiv="Content-Security-Policy" content="default-src 'none'"></meta> <title>This is a dummy page</title> <meta charset="utf-8"> <body>This is a dummy page</body> </html>
--- a/toolkit/content/aboutAbout.xhtml +++ b/toolkit/content/aboutAbout.xhtml @@ -2,16 +2,17 @@ <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <!-- This Source Code Form is subject to the terms of the Mozilla Public - License, v. 2.0. If a copy of the MPL was not distributed with this - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> <html xmlns="http://www.w3.org/1999/xhtml"> <head> + <meta http-equiv="Content-Security-Policy" content="default-src chrome:" /> <title data-l10n-id="about-about-title"></title> <link rel="stylesheet" href="chrome://global/skin/in-content/info-pages.css" type="text/css"/> <link rel="localization" href="toolkit/about/aboutAbout.ftl"/> <script src="chrome://global/content/aboutAbout.js"></script> </head> <body>