| Commit message (Collapse) | Author | Age | Lines |
|
|
|
|
|
| |
Apparently there is some functional and naming confusion here.
Backing out to re-land after evaluation and possible changes.
Tag #863.
|
|
|
|
|
|
|
| |
This adds a pref "network.http.opportunistic-encryption" that controls whether
we send an "Upgrade-Insecure-Requests : 1" header on document navigation or not.
This patch modifies the platform network parts. Default for the platform is "true".
Part 1 for #863
|
| |
|
|
|
|
| |
Port of Bug 1488061.
|
| |
|
|
|
|
| |
NS_ENSURE_SUCCESS in nsNetUtilInlines.h:180
|
|
|
|
| |
Log spam fix. Suppresses 1,100 instances of NS_ENSURE_SUCCESS(rv, rv) failed with result 0x80520012 emitted from netwerk/base/nsIOService.cpp during linux64 debug testing. Backports [m-c 1333174](https://bugzilla.mozilla.org/show_bug.cgi?id=1333174).
|
|
|
|
|
|
|
| |
- Fold Lock(TelemetryID) into Lock();
- Fold nsCacheServiceAutoLock(TelemetryID) into nsCacheServiceAutoLock();
Tag #21.
|
|
|
|
| |
Tag #21.
|
|
|
|
| |
Tag #21.
|
|
|
|
| |
Tag #21.
|
|
|
|
| |
Tag #21.
|
| |
|
|
|
|
| |
Tag #21.
|
|
|
|
| |
Tag #21.
|
|\
| |
| | |
Issue #792 - backport mozbug 1334776 - CVE-2017-7797 Header name interning leaks across origins
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
origins
Potential attack: session supercookie.
[Moz Notes](https://bugzilla.mozilla.org/show_bug.cgi?id=1334776#c5):
"The problem is that for unknown header names we store the first one we see and then later we case-insensitively match against that name *globally*. That means you can track if a user agent has already seen a certain header name used (by using a different casing and observing whether it gets normalized). This would allow you to see if a user has used a sensitive service that uses custom header names, or allows you to track a user across sites, by teaching the browser about a certain header case once and then observing if different casings get normalized to that.
What we should do instead is only store the casing for a header name for each header list and not globally. That way it only leaks where it's expected (and necessary) to leak."
[Moz fix note](https://bugzilla.mozilla.org/show_bug.cgi?id=1334776#c8):
"nsHttpAtom now holds the old nsHttpAtom and a string that is case sensitive (only for not standard headers).
So nsHttpAtom holds a pointer to a header name. (header names are store on a static structure). This is how it used to be. I left that part the same but added a nsCString which holds a string that was used to resoled the header name. So when we parse headers we call ResolveHeader with a char*. If it is a new header name the char* will be stored in a HttpHeapAtom, nsHttpAtom::_val will point to HttpHeapAtom::value and the same strings will be stored in mLocalCaseSensitiveHeader. For the first resolve request they will be the same but for the following maybe not. At the end this nsHttpAtom will be stored in nsHttpHeaderArray. For all operation we will used the old char* except when we are returning it to a script using VisitHeaders."
|
|\ \
| | |
| | | |
backport mozbug 1444532 - fix a leak in SHA256 in nsHttpConnectionInfo.cpp r=mayhemer
|
| |/
| |
| |
| |
| |
| |
| |
| | |
r=mayhemer
The original code (from bug 1200802) declared an XPCOM object as a static bare pointer,
which for future reference is probably never the right thing to do. It might have worked if
it was cleared before shutdown but it never was.
|
|/
|
|
| |
nsSOCKSIOLayer.cpp r=mayhemer
|
|
|
|
| |
This resolves #776.
|
| |
|
|
|
|
|
| |
This creates a number of stubs and leaves some surrounding code that may be irrelevant (eg. recorded time stamps, status variables).
Stub resolution/removal should be a follow-up to this.
|
|
|
|
| |
This resolves #738
|
|
|
|
| |
changed
|
|
|
|
| |
Tag #709
|
| |
|
| |
|
| |
|
|
|
|
| |
This means we don't leave behind prefs-<n>.js files when prefs.js is read-only.
|
|
|
|
|
|
| |
- Renames browser.cache.use_new_backend to browser.cache.backend
- Sets browser.cache.backend to 1 (use cache v2)
- Removes browser.cache.use_new_backend_temp
|
| |
|
|\ |
|
| | |
|
|/ |
|
| |
|
|\
| |
| | |
Fix CSP: Scripts with valid nonce should not be blocked if URL redirects
|
| |
| |
| |
| |
| |
| | |
"LoadInfo::GetLoadingContextXPCOM()"
https://bugzilla.mozilla.org/show_bug.cgi?id=1439713 (partially)
|
|/
|
|
|
| |
- Adds CipherSuite string with the full suite
- Changes CipherName to be the actual cipher name instead of the (erroneous) full suite like Firefox does.
|
|
|
|
|
|
| |
Also add test for faulty nsStandardURL deserialization.
See Bug 1392739.
|
|
|
|
|
|
| |
the latest spec."
This reverts commit 6c3f95480a191ce432ddfb2aa400a6d70c4884a8.
|
|
|
|
| |
This addresses the critical section of #449.
|
|
|
|
| |
PR #412
|
|\
| |
| | |
Remove support and tests for HSTS priming from the tree. Fixes #384
|
| | |
|
|/
|
|
| |
Some prefs were incorrectly in all.js (ocsp and hpkp)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The DBus specification allows passing an empty string as the interface to the
org.freedesktop.DBus.Properties.GetAll call to get all properties, throwing away the namespace
(interface) information.
However, GDBus does not allow this. When NetworkManager moved to using GDBus, Firefox lost the
ability to retrieve access points from NetworkManager.
Since we're only interested in properties from the org.freedesktop.NetworkManager.AccessPoint
interface, name it explicitly. This works with both the old and the new NetworkManager.
MozReview-Commit-ID: Kc5HaYvwfRZ
--HG--
extra : rebase_source : e1550d327e5a4ea05b8d35d98ef7b27c0add709b
|
| |
|
|
|
|
| |
Tag #288.
|
|
|
|
| |
Tag #288.
|