Commit message (Collapse) | Author | Age | Lines | |
---|---|---|---|---|
* | Issue #1280 - Follow-up: Get rid of HPKP pinning mode. | adesh | 2020-11-18 | -15/+3 |
| | | | | | | This was a leftover from HPKP removal. Also remove a couple of unused variables from security/manager/ssl/nsSiteSecurityService.cpp. | |||
* | Issue #1280 - Un-bust certerror pages and ForgetAboutSite | wolfbeast | 2020-04-14 | -18/+5 |
| | ||||
* | Issue #1280 - Part 2: Remove HPKP tests. | wolfbeast | 2020-04-14 | -1040/+0 |
| | ||||
* | Issue #1280 - Part 1: Remove HPKP components. | wolfbeast | 2020-04-14 | -2617/+32 |
| | | | | | This also removes leftover plumbing for storing preload information in SiteSecurityService since no service still uses it. | |||
* | Issue #1498 - Part 6: Remove STS preloadlist pref. | wolfbeast | 2020-04-14 | -8/+0 |
| | ||||
* | Issue #1498 - Part 5: Update SSService CID and correct mismatch. | wolfbeast | 2020-04-14 | -4/+4 |
| | ||||
* | Issue #1498 - Part 4: Remove clearPreloads. | wolfbeast | 2020-04-14 | -20/+0 |
| | | | | Also tag #1280 | |||
* | Issue #1498 - Part 3: Remove support for storing "knockout" values. | wolfbeast | 2020-04-14 | -10/+4 |
| | ||||
* | Issue #1498 - Part 2: Stop persisting preload states. | wolfbeast | 2020-04-14 | -6/+1 |
| | | | | | | Since we don't use preloading anymore for either HPKP or HSTS, we no longer need persistent storage in the profile for preload states. Tag #1280 also | |||
* | Issue #1498 - Part 1: Stop using HSTS preload lists. | wolfbeast | 2020-04-14 | -103881/+8 |
| | ||||
* | Take nsSiteSecurityService out of UNIFIED_SOURCES | Matt A. Tobin | 2020-04-14 | -1/+4 |
| | | | | It exceeded the obj file sections limit because of the HSTS preload list so it cannot be built in UNIFIED mode. | |||
* | Issue #447 - Update HSTS preload list | wolfbeast | 2020-04-14 | -9018/+14842 |
| | ||||
* | Issue #1467 - Part 4: Rename NSS_SQLSTORE to MOZ_SECURITY_SQLSTORE. | wolfbeast | 2020-04-14 | -3/+3 |
| | | | | Rename the build config option accordingly. | |||
* | Issue #1467 - Part 3: Use UTF-8 file paths for NSS-SQL database. | wolfbeast | 2020-04-14 | -2/+11 |
| | ||||
* | Issue #1467 - Part 1: Set up conditional NSS-SQL builds. | wolfbeast | 2020-04-14 | -0/+11 |
| | | | | | | | - Adds buildconfig option --enable-nss-sqlstore - Prefixes NSS dbinit with either sql: or dbm: depending on config - Pre-initializes mozStorage when NSS-SQL storage is used to prevent an sqlite3_config race in NSS Init | |||
* | Issue #1053 - Remove android support from nsNSSComponent.cpp | Matt A. Tobin | 2020-04-14 | -61/+17 |
| | ||||
* | Issue #447 - Update HSTS preload list & reduce debug spew | wolfbeast | 2020-04-14 | -8493/+14130 |
| | | | | | Commented out spewing dump() statements in loops. With the ever growing HSTS list it takes too much time and is pointless to display. | |||
* | Be more consistent about decoding IP addresses in PSM. | wolfbeast | 2020-01-09 | -2/+7 |
| | ||||
* | Issue #1118 - Part 6: Fix various tests that are no longer correct. | wolfbeast | 2019-12-22 | -1/+1 |
| | | | | | The behavior change of document.open() requires these tests to be changed to account for the new spec behavior. | |||
* | Issue #447 - Update HSTS preload list | wolfbeast | 2019-11-19 | -3828/+3982 |
| | ||||
* | Issue #1289 - Part 3: Update tests. | wolfbeast | 2019-11-14 | -0/+36 |
| | ||||
* | Issue #1289 - Part 2: Clear out the preload list except for test | wolfbeast | 2019-11-14 | -503/+2 |
| | | | | domains. | |||
* | Issue #1289 - Part 1: Add a pref to disable HPKP header processing. | wolfbeast | 2019-11-14 | -4/+37 |
| | ||||
* | Issue #447 - Improve the getHSTSPreloadList script | wolfbeast | 2019-11-09 | -12/+16 |
| | | | | | | | | | - Use HEAD instead of GET for probe to avoid loading pages - Reduce retries to 2 - Reduce timeout to 10 s (since we're just getting a HEAD this is royal) - Identify ourselves to websites as an automated tool - Improve performance of list merging (O(n^2) was getting too expensive) - Add a total counter and perform GC every 200 requests | |||
* | Issue #447 - Update HSTS preload list. | wolfbeast | 2019-11-09 | -11027/+26141 |
| | ||||
* | Issue #1064 - Part 3: Fix notifyObservers() call. | wolfbeast | 2019-11-04 | -1/+1 |
| | ||||
* | Issue #1064 - Part 2: Fix shorthand and services module import. | wolfbeast | 2019-11-04 | -3/+6 |
| | ||||
* | Merge branch 'master' into certexception-work | wolfbeast | 2019-11-04 | -16/+27 |
|\ | ||||
| * | Properly implement various HSTS states. | wolfbeast | 2019-09-05 | -16/+27 |
| | | | | | | | | | | | | | | | | Previously, HSTS preload list values could be overridden temporarily due to counter-intuitive behavior of the API's removeState function. This adds an explicit flag to the API for writing knockout values to the Site Security Service, with the default resetting to whatever the preload list state is. | |||
* | | No issue: Clean up `exceptionDialog.js` | wolfbeast | 2019-08-17 | -14/+11 |
| | | | | | | | | | | - Fix some quoting, comments and inconsistencies and code style - Swap manually grabbing service components out for using `Services.*` | |||
* | | Issue #1064: Don't get certificate details synchronously. | wolfbeast | 2019-08-17 | -51/+31 |
|/ | | | | | | | This avoids getting data synchronously on the main thread in an XHR (which has been deprecated for a long time and _may_ actually be blocked in our networking) and attempts to be more predictable by always firing an update request for the dialog from the XHR request handlers. | |||
* | Update HSTS preload list | trav90 | 2019-06-26 | -4115/+6505 |
| | | | | Tag #447 | |||
* | Update HSTS preload list | wolfbeast | 2019-05-28 | -8368/+16300 |
| | | | | Tag #447 | |||
* | Issue #1053 - Drop support Android and remove Fennec - Part 1b: Remove ↵ | Matt A. Tobin | 2019-04-23 | -1/+1 |
| | | | | MOZ_FENNEC | |||
* | Remove SecurityUI telemetry. | adeshkp | 2019-04-21 | -171/+0 |
| | ||||
* | Fix order of member variables in a couple of initializer lists | adeshkp | 2019-03-14 | -1/+1 |
| | ||||
* | Update HSTS preload list | trav90 | 2019-01-31 | -2982/+5618 |
| | | | | Tag #447 | |||
* | Fix check for HSTS when service is disabled. | Ascrod | 2019-01-17 | -1/+1 |
| | ||||
* | Add preference for fully disabling HSTS. | Ascrod | 2019-01-16 | -0/+25 |
| | ||||
* | Remove a pointless `switch` after telemetry cleanup | adeshkp | 2019-01-14 | -14/+0 |
| | ||||
* | Telemetry: Remove stubs and related code | adeshkp | 2019-01-12 | -782/+6 |
| | ||||
* | Update HSTS preload list | trav90 | 2019-01-02 | -1989/+1978 |
| | | | | Tag #447 | |||
* | Update HSTS preload list | trav90 | 2018-12-15 | -2240/+3430 |
| | | | | Tag #447 | |||
* | Update HSTS preload list | trav90 | 2018-11-27 | -2835/+4530 |
| | | | | Tag #447 | |||
* | Remove AccumulateCipherSuite() | wolfbeast | 2018-11-08 | -71/+2 |
| | | | | This resolves #858 | |||
* | Remove ancient workaround in client certificate code | wolfbeast | 2018-11-02 | -57/+1 |
| | | | | | | | | Apparently a prehistoric server implementation would send a certificate_authorities field that didn't include the outer DER SEQUENCE tag, so PSM attempted to detect this and work around it. This prehistoric server implementation isn't in use anywhere anymore, so this 18-yo server bug workaround can be removed. | |||
* | Make sure nsNSSCertList handling checks for valid certs. | wolfbeast | 2018-11-02 | -3/+36 |
| | ||||
* | Update HSTS preload list | trav90 | 2018-10-27 | -1940/+3077 |
| | | | | Tag #447 | |||
* | Update HSTS preload list | trav90 | 2018-10-12 | -1500/+2523 |
| | | | | Tag #447 | |||
* | Ensure we got an nsISSLStatus when deserializing in TransportSecurityInfo. | wolfbeast | 2018-10-04 | -1/+92 |
| |