Commit message (Collapse) | Author | Age | Lines | |
---|---|---|---|---|
* | [PALEMOON] Use message manager to detect full-screen HTML5 video in S4E module | JustOff | 2018-10-01 | -20/+69 |
| | ||||
* | Remove telemetry from cache v1 service locking (part2). | wolfbeast | 2018-10-01 | -81/+65 |
| | | | | | | | - Fold Lock(TelemetryID) into Lock(); - Fold nsCacheServiceAutoLock(TelemetryID) into nsCacheServiceAutoLock(); Tag #21. | |||
* | Remove telemetry from cache v1 service locking (part1). | wolfbeast | 2018-10-01 | -11/+2 |
| | | | | Tag #21. | |||
* | Remove unused telemetry functions/variables. | wolfbeast | 2018-10-01 | -29/+1 |
| | | | | Tag #21. | |||
* | Remove cache I/O telemetry. | wolfbeast | 2018-09-30 | -126/+0 |
| | | | | Tag #21. | |||
* | Remove telemetry probes to get detailed disk cache hit rate. | wolfbeast | 2018-09-30 | -212/+0 |
| | | | | Tag #21. | |||
* | Remove telemetry probes for cache file system. | wolfbeast | 2018-09-29 | -99/+0 |
| | ||||
* | Clean up a number of unused variables. | wolfbeast | 2018-09-29 | -77/+0 |
| | | | | Tag #21. | |||
* | Update telemetry whitelists. | wolfbeast | 2018-09-29 | -3/+0 |
| | | | | Tag #21. | |||
* | Merge branch 'master' of https://github.com/MoonchildProductions/UXP | wolfbeast | 2018-09-29 | -2021/+3191 |
|\ | ||||
| * | Merge pull request #800 from trav90/update-from-upstream | Moonchild | 2018-09-29 | -114/+268 |
| |\ | | | | | | | Update libnestegg from upstream | |||
| | * | Update test files for libnestegg update | trav90 | 2018-09-29 | -3/+5 |
| | | | ||||
| | * | Update libnestegg from upstream | trav90 | 2018-09-28 | -108/+260 |
| | | | ||||
| | * | Update upstream URL and update script for libnestegg | trav90 | 2018-09-28 | -3/+3 |
| | | | ||||
| * | | Update HSTS preload list | trav90 | 2018-09-29 | -1907/+2923 |
| | | | | | | | | | | | | Tag #447 | |||
* | | | Remove telemetry to find optimal cache entry hash size | wolfbeast | 2018-09-29 | -117/+0 |
|/ / | | | | | | | Tag #21. | |||
* / | Get rid of the incorrect mechanism to remove insecure fallback hosts. | wolfbeast | 2018-09-29 | -12/+0 |
|/ | | | | This fixes #797. | |||
* | Merge branch 'master' of https://github.com/MoonchildProductions/UXP | wolfbeast | 2018-09-29 | -3/+3 |
|\ | ||||
| * | Only opt-in to esr52 search service for select applications | Matt A. Tobin | 2018-09-28 | -3/+3 |
| | | ||||
* | | Rename address bar back to location bar | wolfbeast | 2018-09-29 | -2/+2 |
|/ | | | | Tag Issue #765 | |||
* | Remove IndexedDB for content pref. | wolfbeast | 2018-09-29 | -32/+0 |
| | | | | Tag Issue #765 | |||
* | Update permissions manager strings. | wolfbeast | 2018-09-28 | -1/+1 |
| | | | | Tag Issue #765 | |||
* | Rename "Cookies" to "Cookies and Site Data" in preferences where applicable. | wolfbeast | 2018-09-28 | -13/+13 |
| | | | | Tag Issue #765 | |||
* | Add a conditional to not build the platform so the build system can be ↵ | Matt A. Tobin | 2018-09-27 | -44/+45 |
| | | | | exploited for non-binary projects | |||
* | Merge pull request #791 from g4jc/session_supercookie | Moonchild | 2018-09-27 | -101/+238 |
|\ | | | | | Issue #792 - backport mozbug 1334776 - CVE-2017-7797 Header name interning leaks across origins | |||
| * | backport mozbug 1334776 - CVE-2017-7797 Header name interning leaks across ↵ | Gaming4JC | 2018-09-25 | -101/+238 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | origins Potential attack: session supercookie. [Moz Notes](https://bugzilla.mozilla.org/show_bug.cgi?id=1334776#c5): "The problem is that for unknown header names we store the first one we see and then later we case-insensitively match against that name *globally*. That means you can track if a user agent has already seen a certain header name used (by using a different casing and observing whether it gets normalized). This would allow you to see if a user has used a sensitive service that uses custom header names, or allows you to track a user across sites, by teaching the browser about a certain header case once and then observing if different casings get normalized to that. What we should do instead is only store the casing for a header name for each header list and not globally. That way it only leaks where it's expected (and necessary) to leak." [Moz fix note](https://bugzilla.mozilla.org/show_bug.cgi?id=1334776#c8): "nsHttpAtom now holds the old nsHttpAtom and a string that is case sensitive (only for not standard headers). So nsHttpAtom holds a pointer to a header name. (header names are store on a static structure). This is how it used to be. I left that part the same but added a nsCString which holds a string that was used to resoled the header name. So when we parse headers we call ResolveHeader with a char*. If it is a new header name the char* will be stored in a HttpHeapAtom, nsHttpAtom::_val will point to HttpHeapAtom::value and the same strings will be stored in mLocalCaseSensitiveHeader. For the first resolve request they will be the same but for the following maybe not. At the end this nsHttpAtom will be stored in nsHttpHeaderArray. For all operation we will used the old char* except when we are returning it to a script using VisitHeaders." | |||
* | | Merge pull request #789 from g4jc/sha256_leakfix | Moonchild | 2018-09-27 | -14/+8 |
|\ \ | | | | | | | backport mozbug 1444532 - fix a leak in SHA256 in nsHttpConnectionInfo.cpp r=mayhemer | |||
| * | | backport mozbug 1444532 - fix a leak in SHA256 in nsHttpConnectionInfo.cpp ↵ | Gaming4JC | 2018-09-26 | -14/+8 |
| |/ | | | | | | | | | | | | | | | r=mayhemer The original code (from bug 1200802) declared an XPCOM object as a static bare pointer, which for future reference is probably never the right thing to do. It might have worked if it was cleared before shutdown but it never was. | |||
* | | Build nsJSInspector regardless of devtools | Matt A. Tobin | 2018-09-26 | -14/+23 |
| | | ||||
* | | Merge pull request #790 from g4jc/nsSOCKSIOLayer_nullptr | Moonchild | 2018-09-26 | -0/+1 |
|\ \ | | | | | | | backport mozbug 1344613 - Avoid possibility of null pointer crash in nsSOCKSIOLayer.cpp r=mayhemer | |||
| * | | backport mozbug 1344613 - Avoid possibility of null pointer crash in ↵ | Gaming4JC | 2018-09-25 | -0/+1 |
| |/ | | | | | | | nsSOCKSIOLayer.cpp r=mayhemer | |||
* | | Merge pull request #788 from alaviss/apz-experimental | Moonchild | 2018-09-26 | -5/+10 |
|\ \ | |/ |/| | gfx: add pref for enabling APZ without e10s | |||
| * | gfx: add pref for enabling APZ without e10s | Leorize | 2018-09-25 | -5/+10 |
| | | ||||
* | | Merge branch 'master' of https://github.com/MoonchildProductions/UXP | wolfbeast | 2018-09-25 | -2/+0 |
|\| | ||||
| * | Merge pull request #786 from JustOff/PR_auth_dialog_overflow | Moonchild | 2018-09-24 | -2/+0 |
| |\ | | | | | | | Remove window.sizeToContent() from commonDialog.js, as it's useless and leads to overflow in the basic auth dialog | |||
| | * | Remove window.sizeToContent() from commonDialog.js, as it's useless and ↵ | JustOff | 2018-09-23 | -2/+0 |
| |/ | | | | | | | leads to overflow in the basic auth dialog | |||
* / | Regression fix: enable ICC v4 profiles by default. | wolfbeast | 2018-09-25 | -1/+1 |
|/ | ||||
* | Remove code that prevents binary extensions | Matt A. Tobin | 2018-09-23 | -13/+0 |
| | ||||
* | Update list of IDs to never send to AUS in AddonUpdateChecker.jsm | Matt A. Tobin | 2018-09-23 | -5/+6 |
| | ||||
* | Use SSM's createCodebasePrincipalFromOrigin() instead of the nonexistent ↵ | wolfbeast | 2018-09-22 | -2/+2 |
| | | | | | | BrowserUtils.principalFromOrigin() This resolves #734. | |||
* | Merge pull request #782 from trav90/class-memaccess-errors | Moonchild | 2018-09-21 | -19/+31 |
|\ | | | | | Fix more -Wclass-memaccess warnings (part 3) | |||
| * | Rename TypeSet::clone to TypeSet::cloneIntoUninitialized to indicate that it ↵ | trav90 | 2018-09-19 | -9/+11 |
| | | | | | | | | | | | | freshly initializes the TemporaryTypeSet* provided to it. Also removes existing code that, quite unnecessarily, partly initialized that argument. | |||
| * | Don't use PodCopy/PodMove to implement typed-array element-to-element copying | trav90 | 2018-09-19 | -4/+17 |
| | | | | | | | | Standard std::copy and std::copy_n are readily optimized to the same thing, and they don't have a non-obvious requirement that the type being copied be trivial. | |||
| * | Give uint8_clamped a defaulted (and also trivial) default constructor, copy ↵ | trav90 | 2018-09-19 | -6/+3 |
| | | | | | | | | | | | | constructor, and copy-assignment operator. This also allows uint8_clamped to be permissibly memmove'd and memcpy'd. | |||
* | | Merge pull request #781 from JustOff/PR_fileExecutableSecurityWarning | Moonchild | 2018-09-20 | -0/+3 |
|\ \ | |/ |/| | [PALEMOON] Restore strings mistakenly removed from downloads.properties | |||
| * | [PALEMOON] Restore strings mistakenly removed by ↵ | JustOff | 2018-09-20 | -0/+3 |
|/ | | | | [8be0c16be614d54183ee3d4877e2243cb9e468c8] | |||
* | Merge pull request #778 from MihailZenkov/master | Moonchild | 2018-09-20 | -4/+8 |
|\ | | | | | Fix timer overflow on converting from sec to msec in idleService | |||
| * | Fix timer overflow on converting from sec to msec in idleService | Mihail Zenkov | 2018-09-20 | -4/+8 |
|/ | ||||
* | Add a null check in nsHttpTransaction::Close. | wolfbeast | 2018-09-19 | -1/+3 |
| | | | | This resolves #776. | |||
* | Merge branch 'worker-fix' | wolfbeast | 2018-09-18 | -54/+44 |
|\ |