64737c752ac4af4766ad6f82720818521f3aca24: Bug 1432966: Sanitize HTML fragments created for chrome-privileged documents. r=bz f=gijs a=jcristau DEVEDITION_59_0b5_BUILD1 DEVEDITION_59_0b5_RELEASE FENNEC_59_0b5_BUILD1 FENNEC_59_0b5_RELEASE FIREFOX_59_0b5_BUILD1 FIREFOX_59_0b5_RELEASE
Kris Maglione <maglione.k@gmail.com> - Wed, 24 Jan 2018 14:56:48 -0800 - rev 452084
Push 8603 by jcristau@mozilla.com at Sun, 28 Jan 2018 19:14:56 +0000
Bug 1432966: Sanitize HTML fragments created for chrome-privileged documents. r=bz f=gijs a=jcristau This is a short-term solution to our inability to apply CSP to chrome-privileged documents. Ideally, we should be preventing all inline script execution in chrome-privileged documents, since the reprecussions of XSS in chrome documents are much worse than in content documents. Unfortunately, that's not possible in the near term because a) we don't support CSP in system principal documents at all, and b) we rely heavily on inline JS in our static XUL. This stop-gap solution at least prevents some of the most common vectors of XSS attack, by automatically sanitizing any HTML fragment created for a chrome-privileged document. MozReview-Commit-ID: 5w17celRFr
fa9e35ab29b4eeb344b9446ef21cb220dc966b52: no bug - Bumping Firefox l10n changesets DONTBUILD r=release a=l10n-bump
L10n Bumper Bot <release+l10nbumper@mozilla.com> - Sun, 28 Jan 2018 04:20:26 -0800 - rev 452083
Push 8602 by ffxbld at Sun, 28 Jan 2018 12:20:34 +0000
no bug - Bumping Firefox l10n changesets DONTBUILD r=release a=l10n-bump ar -> f7357fc90548 bn-BD -> e73b507e9b77 cak -> d58bdf731afe el -> 347f08c6b2de es-CL -> 0e2bee625eb4 hu -> 83d5e6aed1aa ia -> 73af9228d1c8 id -> 8e7a701b5bf5 it -> 2be25087236f lt -> 86362c6fc999
8bbf09599b6b4f0546e0452b314106b5b6cd36e4: no bug - Bumping Fennec l10n changesets DONTBUILD r=release a=l10n-bump
L10n Bumper Bot <release+l10nbumper@mozilla.com> - Sun, 28 Jan 2018 04:20:20 -0800 - rev 452082
Push 8602 by ffxbld at Sun, 28 Jan 2018 12:20:34 +0000
no bug - Bumping Fennec l10n changesets DONTBUILD r=release a=l10n-bump ar -> 722f9f85dd4b bn-BD -> e73b507e9b77 cak -> d58bdf731afe es-CL -> 0e2bee625eb4 hu -> 83d5e6aed1aa id -> e193e90ef5fd lt -> 86362c6fc999
c4e3f5f11cc23269a63c56a15acbc08e86a39b72: no bug - Bumping Firefox l10n changesets DONTBUILD r=release a=l10n-bump
L10n Bumper Bot <release+l10nbumper@mozilla.com> - Sun, 28 Jan 2018 03:20:29 -0800 - rev 452081
Push 8601 by ffxbld at Sun, 28 Jan 2018 11:20:39 +0000
no bug - Bumping Firefox l10n changesets DONTBUILD r=release a=l10n-bump cs -> 04afe7f5089e hr -> 96849aa35136 ms -> 5cd5d235cd2c
b7ada171505fe23c331d684c4eeb89afc7f63797: no bug - Bumping Fennec l10n changesets DONTBUILD r=release a=l10n-bump
L10n Bumper Bot <release+l10nbumper@mozilla.com> - Sun, 28 Jan 2018 03:20:23 -0800 - rev 452080
Push 8601 by ffxbld at Sun, 28 Jan 2018 11:20:39 +0000
no bug - Bumping Fennec l10n changesets DONTBUILD r=release a=l10n-bump ms -> 1cd3afc908ea
a6ee1ad603bc14d465ab146be8f1aafdd7cc233d: Bug 1429373 - If a perspective transform is excluded from an APZC's ancestor transform, include it in the ancestor transforms of its child APZCs. r=kats, a=lizzard
Botond Ballo <botond@mozilla.com> - Fri, 19 Jan 2018 19:22:34 -0500 - rev 452079
Push 8600 by ryanvm@gmail.com at Fri, 26 Jan 2018 22:55:49 +0000
Bug 1429373 - If a perspective transform is excluded from an APZC's ancestor transform, include it in the ancestor transforms of its child APZCs. r=kats, a=lizzard MozReview-Commit-ID: 4EcTuD8otA7
bbfc4a42c3624469f13ad4a699386276898d78c2: Bug 1429373 - During hit-testing, ignore clips on layers whose parent has a perspective transform. r=kats, a=lizzard
Botond Ballo <botond@mozilla.com> - Wed, 17 Jan 2018 18:45:25 -0500 - rev 452078
Push 8600 by ryanvm@gmail.com at Fri, 26 Jan 2018 22:55:49 +0000
Bug 1429373 - During hit-testing, ignore clips on layers whose parent has a perspective transform. r=kats, a=lizzard This corresponds to the treatment of such layers in AsyncCompositionManager added in bug 1168263. MozReview-Commit-ID: 34IKk5TH9vV
eab542b07371a08034544dd6d319a0b8c036f578: Bug 1429373 - Add a clarifying comment to the declaration of APZCTreeManager::SetTargetAPZC(). r=kats, a=lizzard
Botond Ballo <botond@mozilla.com> - Wed, 17 Jan 2018 18:46:07 -0500 - rev 452077
Push 8600 by ryanvm@gmail.com at Fri, 26 Jan 2018 22:55:49 +0000
Bug 1429373 - Add a clarifying comment to the declaration of APZCTreeManager::SetTargetAPZC(). r=kats, a=lizzard MozReview-Commit-ID: CT1H5TH3UXn
70c7f54a57756fe54208167d66ede1556b412431: Bug 1426807 - Prevent the a11y code running on static clone (printing) docs. r=surkov, a=lizzard
Jonathan Watt <jwatt@jwatt.org> - Wed, 24 Jan 2018 20:02:15 +0000 - rev 452076
Push 8600 by ryanvm@gmail.com at Fri, 26 Jan 2018 22:55:49 +0000
Bug 1426807 - Prevent the a11y code running on static clone (printing) docs. r=surkov, a=lizzard MozReview-Commit-ID: COUmRqt2dIo
130679feb369f7f3cc0f0893a85ed078bee4deba: Bug 1430187 - Part 2: Add a test of find-in-page with overflowed textareas. r=mikedeboer, a=lizzard
Brad Werth <bwerth@mozilla.com> - Mon, 22 Jan 2018 13:16:51 -0800 - rev 452075
Push 8600 by ryanvm@gmail.com at Fri, 26 Jan 2018 22:55:49 +0000
Bug 1430187 - Part 2: Add a test of find-in-page with overflowed textareas. r=mikedeboer, a=lizzard MozReview-Commit-ID: dKXyp826Y5
ad738f287aa1411eddcac4841cf929f63e5fb593: Bug 1430187 - Part 1: Allow find-in-page to unilaterally find text that's out of view in a scrollable container. r=mikedeboer, a=lizzard
Brad Werth <bwerth@mozilla.com> - Fri, 19 Jan 2018 15:58:03 -0800 - rev 452074
Push 8600 by ryanvm@gmail.com at Fri, 26 Jan 2018 22:55:49 +0000
Bug 1430187 - Part 1: Allow find-in-page to unilaterally find text that's out of view in a scrollable container. r=mikedeboer, a=lizzard MozReview-Commit-ID: KBh9PxuUWhT
e4ed154c002a8fbfff664d70015631d83d9d21be: Bug 1433143 - Back out changeset 35425d2a0d90 for causing bug 1424264 and bug 1424823. r=Gijs, a=lizzard
Paolo Amadini <paolo.mozmail@amadzone.org> - Thu, 25 Jan 2018 17:21:29 +0000 - rev 452073
Push 8600 by ryanvm@gmail.com at Fri, 26 Jan 2018 22:55:49 +0000
Bug 1433143 - Back out changeset 35425d2a0d90 for causing bug 1424264 and bug 1424823. r=Gijs, a=lizzard MozReview-Commit-ID: 3VfLfacD1E
27c0ba4c8dad19386568b6430c6f4e55d4d82c81: Bug 1432354 - Turn off Stylo on Android beta and release. r=snorp, a=lizzard
Makoto Kato <m_kato@ga2.so-net.ne.jp> - Tue, 23 Jan 2018 21:57:00 -0500 - rev 452072
Push 8600 by ryanvm@gmail.com at Fri, 26 Jan 2018 22:55:49 +0000
Bug 1432354 - Turn off Stylo on Android beta and release. r=snorp, a=lizzard
a27738f5d32829645eb0e7e44022a5cfe11216db: Bug 1432354 - Skip test_restyles.html on Android. r=hiro, a=lizzard
Makoto Kato <m_kato@ga2.so-net.ne.jp> - Wed, 24 Jan 2018 21:03:00 -0500 - rev 452071
Push 8600 by ryanvm@gmail.com at Fri, 26 Jan 2018 22:55:49 +0000
Bug 1432354 - Skip test_restyles.html on Android. r=hiro, a=lizzard
5cc8d4931fc2b24bd1a560a839204c99ddbf00c6: no bug - Bumping Firefox l10n changesets DONTBUILD r=release a=l10n-bump
L10n Bumper Bot <release+l10nbumper@mozilla.com> - Fri, 26 Jan 2018 10:20:31 -0800 - rev 452070
Push 8599 by ffxbld at Fri, 26 Jan 2018 18:20:38 +0000
no bug - Bumping Firefox l10n changesets DONTBUILD r=release a=l10n-bump eo -> 9e3382ef60fc es-MX -> 6653cfbb216c sv-SE -> 298dec2b85d5 tr -> 2f0dd924361e
42c37062425b57cb14674686f64f7aef3e74bea7: no bug - Bumping Fennec l10n changesets DONTBUILD r=release a=l10n-bump
L10n Bumper Bot <release+l10nbumper@mozilla.com> - Fri, 26 Jan 2018 10:20:25 -0800 - rev 452069
Push 8599 by ffxbld at Fri, 26 Jan 2018 18:20:38 +0000
no bug - Bumping Fennec l10n changesets DONTBUILD r=release a=l10n-bump eo -> 9e3382ef60fc es-MX -> 6653cfbb216c tr -> 2f0dd924361e
16f033a971d9cad00b2f7bd9ae692705f7a896f7: no bug - Bumping Firefox l10n changesets DONTBUILD r=release a=l10n-bump
L10n Bumper Bot <release+l10nbumper@mozilla.com> - Fri, 26 Jan 2018 08:20:58 -0800 - rev 452068
Push 8598 by ffxbld at Fri, 26 Jan 2018 16:21:06 +0000
no bug - Bumping Firefox l10n changesets DONTBUILD r=release a=l10n-bump br -> b3a68c56c46b gd -> 1f6e16f96d9d sr -> 0abc1bbb0bd7
998cc1158315db18820ad3a1a923c5453c8720cd: no bug - Bumping Fennec l10n changesets DONTBUILD r=release a=l10n-bump
L10n Bumper Bot <release+l10nbumper@mozilla.com> - Fri, 26 Jan 2018 08:20:52 -0800 - rev 452067
Push 8598 by ffxbld at Fri, 26 Jan 2018 16:21:06 +0000
no bug - Bumping Fennec l10n changesets DONTBUILD r=release a=l10n-bump gd -> 1f6e16f96d9d sr -> 0abc1bbb0bd7
d6ef34d46512fc7e3ae86b7bd5ad3be35a5ae1f5: No bug - Tagging 783507b1b80d927d5ef408c6ff87f8c52f2c8af9 with DEVEDITION_59_0b4_BUILD1, DEVEDITION_59_0b4_RELEASE a=release CLOSED TREE
ffxbld <release@mozilla.com> - Fri, 26 Jan 2018 07:45:41 -0800 - rev 452066
Push 8597 by ffxbld at Fri, 26 Jan 2018 15:45:51 +0000
No bug - Tagging 783507b1b80d927d5ef408c6ff87f8c52f2c8af9 with DEVEDITION_59_0b4_BUILD1, DEVEDITION_59_0b4_RELEASE a=release CLOSED TREE
ea21319643d91c2e37d982ea011238a1755ba4fe: No bug - Tagging 783507b1b80d927d5ef408c6ff87f8c52f2c8af9 with FIREFOX_59_0b4_BUILD1, FIREFOX_59_0b4_RELEASE a=release CLOSED TREE
ffxbld <release@mozilla.com> - Fri, 26 Jan 2018 07:43:25 -0800 - rev 452065
Push 8596 by ffxbld at Fri, 26 Jan 2018 15:43:35 +0000
No bug - Tagging 783507b1b80d927d5ef408c6ff87f8c52f2c8af9 with FIREFOX_59_0b4_BUILD1, FIREFOX_59_0b4_RELEASE a=release CLOSED TREE
(0) -300000 -100000 -30000 -10000 -3000 -1000 -300 -100 -50 -20 +20 +50 +100 +300 +1000 +3000 +10000 +30000 tip