dom/security/nsContentSecurityManager.cpp
d7ce447d842cf7f5b6d6e2599971da1be0cfb2f5
created 2016-07-24 15:59 +0200
pushed 2016-10-31 18:13 +0000
Carsten "Tomcat" Book Carsten "Tomcat" Book - Backed out changeset 640247e978ba (bug 1246540) for bustage
640247e978ba7adf75b641218081f36eacae50d0
created 2016-07-22 18:35 +0200
pushed 2016-10-31 18:13 +0000
Kate McKinley Kate McKinley - Bug 1246540 - HSTS Priming Proof of Concept. r=honzab
3883d00c447ee8a27f56f8cd4e8bb2e6c167004f
created 2016-06-29 12:59 +0200
pushed 2016-10-31 18:13 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1240193 - Skip TYPE_DOCUMENT assertions for loads initiated by JS tests (r=tanvi)
2bae08c081185081c42cea4bac6822d109c0b55e
created 2016-06-28 09:37 +0200
pushed 2016-10-31 18:13 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1188642 - Use channel->ascynOpen2 in dom/base/nsObjectLoadingContent.cpp r=smaug
9ad3bd17f3e929697a9e2d8ebacb37e69f648bda
created 2016-05-17 12:04 +0200
pushed 2016-10-31 18:13 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1271198 - Convert Websockets to use AsyncOpen2(). r=jduell
0c174794580dcc4d40eace91fed1bdbd87491b2e
created 2016-05-29 20:40 +0200
pushed 2016-09-05 20:01 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1269254 - Skip CheckLoadURIWithPrincipal checks within ContentSecurityManager on loadingPrincipal if security flag indicates allow cross origin loads (r=sicking)
bbfbadb75603c46d8e87c6c321178836aac10e1c
created 2016-05-23 23:57 +0200
pushed 2016-09-05 20:01 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1196013 - Use channel->ascynOpen2 in toolkit/components/places. r=billm r=sicking r=mak
34e9970d625a335944f922ac9cc0ad460af8be32
created 2016-05-19 17:06 +0200
pushed 2016-09-05 20:01 +0000
Sebastian Hengst Sebastian Hengst - Backed out changeset 2292661153e3 (bug 1271198) for web-platform failures. r=backout on a CLOSED TREE
2292661153e3b6ecf94cecf63af8a66950f849e9
created 2016-05-19 15:42 +0200
pushed 2016-09-05 20:01 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1271198 - Convert Websockets to use AsyncOpen2() (r=jduell)
b8d15a27d1ecb0a533011438eb5f39599b9521ee
created 2016-05-19 14:23 +0200
pushed 2016-09-05 20:01 +0000
Sebastian Hengst Sebastian Hengst - Backed out changeset 854a8df494d3 (bug 1271198) for many assertions at nsHttpChannel.cpp:5204. r=backout on a CLOSED TREE
854a8df494d359f601e1bbc26883ffc1c48de362
created 2016-05-19 11:54 +0200
pushed 2016-09-05 20:01 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1271198 - Convert Websockets to use AsyncOpen2() (r=jduell)
65911fba80692730b42cd6bf474520c1568b69a6
created 2016-04-27 19:41 +0200
pushed 2016-09-05 20:01 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1206961 - Use channel->AsyncOpen2() for imageLoader; Remove security checks from callsites (r=bz)
915ddad130871308f16b78b8820ed6bff2f23f64
created 2016-04-26 11:30 +0100
pushed 2016-09-05 20:01 +0000
Jonathan Watt Jonathan Watt - Bug 1267509 - Make nsContentSecurityManager::IsURIPotentiallyTrustworthy act on an nsIPrincipal. r=bz
3430eb949ea6ea7d31c18212fedd7e8f0a2d96c4
created 2016-05-17 21:45 +0200
pushed 2016-07-25 16:35 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1269254 - Skip CheckLoadURIWithPrincipal checks within ContentSecurityManager on loadingPrincipal if security flag indicates allow cross origin loads. r=sicking, a=sylvestre
9ae70caf56c04ce2ee4d6d2494b819045781562d
created 2016-04-13 16:30 -0700
pushed 2016-07-25 16:35 +0000
Tanvi Vyas Tanvi Vyas - Bug 1105556 - Don't call CheckLoadURIWithPrincipal() in DoCheckLoadURIChecks() for TYPE_DOCUMENT loads where we don't have a loadingPrincipal. Ensure SEC_COOKIES_SAME_ORIGIN isn't set for TYPE_DOCUMENT loads in CheckChannel(). r=ckerschb, sicking
a80b31406b47c4b8dc6154f89758a16f8faa5ce3
created 2016-04-07 14:13 -0700
pushed 2016-07-25 16:35 +0000
Marcos Caceres Marcos Caceres - Bug 1250048 - CSP manifest-src doesn't override default-src. r=ckerschb,bkelly,ehsan
116e62eb5e971dbe1013e912cd20ec00401fa4ee
created 2016-03-18 16:14 -0700
pushed 2016-07-25 16:35 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1257650 - Skip Security checks if triggeringPrincipal is SystemPrincipal only for subresource loads. r=sicking
b8360b8b360f937dcf8147f943c485508e1fb4ee
created 2016-03-21 12:42 -0700
pushed 2016-07-25 16:35 +0000
Wes Kocher Wes Kocher - Backed out changeset 1d5e6c22fd3a (bug 1250048) for CSP failures/assertions in various tests/chunks CLOSED TREE
1d5e6c22fd3a5254e06fbbfe1f808481b931b85f
created 2016-03-20 23:24 -0400
pushed 2016-07-25 16:35 +0000
Marcos Caceres Marcos Caceres - Bug 1250048 - CSP manifest-src doesn't override default-src. r=ckerschb
80549d9e752805da90e2c294d6bb68abcccafe38
created 2016-03-01 16:11 -0800
pushed 2016-06-01 01:31 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1232903 - Skip Security checks if triggeringPrincipal is SystemPrincipal (r=sicking)
7251e33ee977c169ae0228472047acb275ecfb49
created 2016-03-01 13:06 -0800
pushed 2016-06-01 01:31 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1195172 - Use channel->ascynOpen2 layout/style/FontFaceSet.cpp (r=bz,cam)
86d0744f63c6e6b9e72c61b5d08574f74c450bc1
created 2016-02-02 20:35 -0800
pushed 2016-06-01 01:31 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1195173 - Use channel->ascynOpen2 layout/style/Loader.cpp (r=bz)
b1001182a8a2a6b8b404cad9e6eeba2760b7e62d
created 2016-01-27 20:24 +0100
pushed 2016-06-01 01:31 +0000
Sebastian Hengst Sebastian Hengst - Backed out 4 changesets (bug 1195173) for webtest failures. r=oranges on a CLOSED TREE
a75bb8d083e8ca46eed8187946ee84fade1883db
created 2016-01-26 15:30 -0800
pushed 2016-06-01 01:31 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1195173 - Use channel->ascynOpen2 layout/style/Loader.cpp (r=bz)
4e25ce8c02e7b78271a798fec15ed7872e4679ac
created 2016-03-01 16:11 -0800
pushed 2016-04-15 21:02 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1232903 - Skip Security checks if triggeringPrincipal is SystemPrincipal (r=sicking) a=sylvestre
041549a67f0991866abedcb829524660591ab2e2
created 2016-01-18 14:54 +0000
pushed 2016-04-15 21:02 +0000
Paolo Amadini Paolo Amadini - Bug 1217766 - All PDFs trigger the insecure password warning. r=MattN,bz
7b9b0ce58fbf2acad28fd85a2a0ff8a3978cb7ea
created 2015-12-06 18:33 -0500
pushed 2016-02-29 17:11 +0000
Jonas Sicking Jonas Sicking - Bug 1216687: Add nsILoadInfo flags for cookie policies. r=ckerschb
989bbde310f5d1cdc5bbdde44340ceb06f87e003
created 2015-12-06 18:33 -0500
pushed 2016-02-29 17:11 +0000
Jonas Sicking Jonas Sicking - Bug 1226909 part 4: Make AsyncOpen2 set taining information on channels. Use this information in XHR and fetch(). r=bkelly
e772b5154e0cc25c61307f812d5185296430a07e
created 2015-12-06 18:33 -0500
pushed 2016-02-29 17:11 +0000
Jonas Sicking Jonas Sicking - Bug 1226909 part 1: Do security checks in a redirect handler rather than when opening the redirected channel. r=ckerschb
e648ed99a3a2c93261b8b18647ca445f2e7f869b
created 2015-12-05 16:34 +0100
pushed 2016-02-29 17:11 +0000
Sebastian Hengst Sebastian Hengst - Backed out changeset 09d64535bcda (bug 1216687), a7f1a289dd78, 4dbf06183e6c, 26318a5e3006, 9ae2af3cf86d (bug 1226909) for M(1,2,5) oranges. r=backout
09d64535bcda005593b0e29fcfe813f07e128b79
created 2015-12-05 01:46 -0800
pushed 2016-02-29 17:11 +0000
Jonas Sicking Jonas Sicking - Bug 1216687: Add nsILoadInfo flags for cookie policies. r=ckerschb
a7f1a289dd7824cf9bfdd7be92770fe8a1a55b04
created 2015-12-05 01:46 -0800
pushed 2016-02-29 17:11 +0000
Jonas Sicking Jonas Sicking - Bug 1226909 part 4: Make AsyncOpen2 set taining information on channels. Use this information in XHR and fetch(). r=bkelly
9ae2af3cf86d7df085146971d1e55a9b13fe4c9c
created 2015-12-05 01:46 -0800
pushed 2016-02-29 17:11 +0000
Jonas Sicking Jonas Sicking - Bug 1226909 part 1: Do security checks in a redirect handler rather than when opening the redirected channel. r=ckerschb
7ace0805c2d399573ad74a25d8e0eaac16025acb
created 2015-11-25 13:38 -0800
pushed 2016-02-29 17:11 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1228116 - Relax Security checks for DTD loads. r=sicking
79240162428553ba63d4f918643f44ae77444adb
created 2015-11-20 10:55 -0800
pushed 2016-02-29 17:11 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1182546 - Use channel->Open2() in parser/htmlparser/nsExpatDriver.cpp (r=bz)
aff31c38715020c8fb3c878bee84a5fa0c3e4cec
created 2015-11-19 14:22 -0800
pushed 2016-02-29 17:11 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1226324 - Do not use NS_ENSURCE_SUCCESS(rv, NS_OK) within nsContentSecurityManager. r=tanvi
775cc28c73b31a5607abe07701ce9cb0f40f1c92
created 2015-11-19 14:26 +0530
pushed 2016-02-29 17:11 +0000
Nigel Babu Nigel Babu - Backed out changeset 95069f2ce648 (bug 1182546) for Android M(c) bustage ON A CLOSED TREE
95069f2ce6487177d7d639ba60677a3049b1094d
created 2015-11-18 19:23 -0800
pushed 2016-02-29 17:11 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1182546 - Use channel->Open2() in parser/htmlparser/nsExpatDriver.cpp (r=bz)
f793597159bc98cd5507f6d1ae728c6c9fdad5e1
created 2015-11-10 10:50 -0800
pushed 2016-02-29 17:11 +0000
Kit Cambridge Kit Cambridge - Bug 1223481 - Use the "potentially trustworthy origin" helper to validate Push server URLs. r=dragana
acc983ca0dec710088764398caba4eb10512de21
created 2015-07-27 11:57 -0700
pushed 2016-02-29 17:11 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1188028 - Use channel->ascynOpen2 in dom/security/nsCSPContext.cpp (r=sicking)
9814dd56b94ff808c2a036bbad902f16eba944c1
created 2015-11-06 11:10 -0800
pushed 2016-01-18 19:06 +0000
Matthew Noorenberghe Matthew Noorenberghe - Bug 1221365 - Move "Is origin potentially trustworthy?" logic outside ServiceWorkerManager.cpp. r=ckerschb, r=bkelly, a=ritu
6a0536d2bc26a85330ec19c862902b862c4c31c0
created 2015-11-04 00:05 -0800
pushed 2016-01-18 19:06 +0000
Jonas Sicking Jonas Sicking - Bug 1213646: Allow URI_IS_UI_RESOURCE and safe about: URIs when SEC_ALLOW_CHROME is set. r=bz a=ritu
5d5c5ddddff156f2f3f23e3da041ddd091c3dabc
created 2015-10-26 14:22 -0700
pushed 2016-01-18 19:06 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1191645 - Use channel->asycnOpen2 in dom/base/nsSyncLoadService.cpp. r=sicking
b8a9f98b9650e0d73c04ee1cbd90122227bc1c4b
created 2015-10-19 18:33 -0700
pushed 2016-01-18 19:06 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1194526 - Use channel->asycnOpen2 in dom/base/nsScriptLoader.cpp (r=sicking)
82ab1c1e478dabd3ed9f18f00c0956ef8976c8d6
created 2015-10-19 18:24 -0700
pushed 2016-01-18 19:06 +0000
Jonas Sicking Jonas Sicking - Bug 1195167 part 5: Make FetchDriver use AsyncOpen2. r=bkelly
ede755bf408567d1ff919e5e5c9fc20e7bff7a73
created 2015-10-19 18:24 -0700
pushed 2016-01-18 19:06 +0000
Jonas Sicking Jonas Sicking - Bug 1195167 part 1: Let necko handle all protocols. r=bkelly
ae826f6849c430ad1c32f5e1c89c4fb5aaa44831
created 2015-10-19 11:14 -0700
pushed 2016-01-18 19:06 +0000
Jonas Sicking Jonas Sicking - Bug 1182571: Make nsXMLHttpRequest use AsyncOpen2. r=ehsan
a31b2d7d07b80484ae2b66689559e39108a7ee71
created 2015-10-19 11:14 -0700
pushed 2016-01-18 19:06 +0000
Jonas Sicking Jonas Sicking - Bug 1182571: Fix nsILoadInfo->GetContentPolicyType API to be less ambigious. Audit and fix all users of it. r=ckerschb
eca8be0e5336302a3a3de263f90ae4bd40a649bf
created 2015-10-18 19:59 -0700
pushed 2016-01-18 19:06 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1208559 - Hook up ServicerWorkers with CSP (r=sicking,bkelly,dveditz)
e8c7dfe727cd970e2c3294934e2927b14143c205
created 2015-10-18 01:24 -0400
pushed 2016-01-18 19:06 +0000
Nathan Froyd Nathan Froyd - Bug 1207245 - part 6 - rename nsRefPtr<T> to RefPtr<T>; r=ehsan; a=Tomcat
c98f6e3162261dc6c7053af06babc5b134b74496
created 2015-10-15 14:07 -0700
pushed 2016-01-18 19:06 +0000
Wes Kocher Wes Kocher - Backed out 2 changesets (bug 1182571) for being a likely cause of the Android S4 errors
e2b3064dcaceda4294939be3ca8284b7c2ecfdad
created 2015-10-15 12:18 -0700
pushed 2016-01-18 19:06 +0000
Jonas Sicking Jonas Sicking - Bug 1182571: Make nsXMLHttpRequest use AsyncOpen2. r=ehsan
8153ae231d16ee572c78a9d1d8b38fd5967b1d42
created 2015-10-15 12:18 -0700
pushed 2016-01-18 19:06 +0000
Jonas Sicking Jonas Sicking - Bug 1182571: Fix nsILoadInfo->GetContentPolicyType API to be less ambigious. Audit and fix all users of it. r=ckerschb
41dea9df27ed995f8315ab4318c187a617937664
created 2015-10-07 10:19 -0700
pushed 2016-01-18 19:06 +0000
Wes Kocher Wes Kocher - Backed out changeset 91d4539e00ce (bug 1207245)
91d4539e00cecb658604e021675a923c60ef3235
created 2015-10-07 16:50 -0400
pushed 2016-01-18 19:06 +0000
Nathan Froyd Nathan Froyd - Bug 1207245 - part 6 - rename nsRefPtr<T> to RefPtr<T>; r=ehsan; a=Tomcat
bc7aa1e7670fcf9190ecc90c31171d41071f63b7
created 2015-09-28 16:34 -0700
pushed 2016-01-18 19:06 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1192333 - Use channel->ascynOpen2 in dom/xslt/xslt/txMozillaStylesheetCompiler.cpp (r=sicking)
7d24cb4584fcd92232dfdcd074c3616d2920587a
created 2015-11-04 00:05 -0800
pushed 2015-12-04 23:28 +0000
Jonas Sicking Jonas Sicking - Bug 1213646 - Allow URI_IS_UI_RESOURCE and safe about: URIs when SEC_ALLOW_CHROME is set. r=bz a=ritu, a=lizzard
9f7b7ab7dc1f3eaf14e35c2d066600520cc9b842
created 2015-09-18 09:27 -0700
pushed 2015-12-04 23:28 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1204703 - Make nsContentSecurityManager scriptable (r=sicking)
c2a2e73b931f46d7983b1433e7523e3c9a5c7f5d
created 2015-09-18 14:13 -0700
pushed 2015-12-04 23:28 +0000
Wes Kocher Wes Kocher - Backed out 3 changesets (bug 1143922) for landing with the wrong bug number
977d5b7ecba32a0617d40c231e2f16963bf4a4ef
created 2015-09-18 09:27 -0700
pushed 2015-12-04 23:28 +0000
Christoph Kerschbaumer Christoph Kerschbaumer - Bug 1143922 - Make nsContentSecurityManager scriptable (r=sicking)
less more (0) -60 tip