index
:
UXP
master
webbrowser
Unnamed repository; edit this file 'description' to name the repository.
User &
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
dom
/
security
Commit message (
Expand
)
Author
Age
Lines
*
Issue #1525 - Kill marquee element (uplift)
Moonchild
2020-09-05
-34
/
+0
*
Issue #80 - De-unify dom/security
Moonchild
2020-04-26
-3
/
+47
*
[CSP] Allow not having a Port for RessourceURI if the Scheme has no
wolfbeast
2020-04-14
-1
/
+15
*
Fix whitelisting of JavaScript-uris by CSP hash.
wolfbeast
2019-09-05
-2
/
+13
*
Add checks to respect CSP-wildcard + Ports.
Sebastian Streich
2019-09-05
-14
/
+18
*
Convert dom/base/nsImageLoadingContent.cpp to use AsyncOpen2 and followups al...
win7-7
2019-08-08
-1
/
+4
*
Selectively allow ftp subresources in the blocked mode.
wolfbeast
2019-07-15
-1
/
+21
*
Add preference to allow the loading of FTP subresources for corner cases
wolfbeast
2019-07-14
-0
/
+3
*
Prevent loading of document subresources over FTP.
wolfbeast
2019-03-09
-0
/
+57
*
Telemetry: Remove stubs and related code
adeshkp
2019-01-12
-17
/
+1
*
backport mozbug 1334776 - CVE-2017-7797 Header name interning leaks across or...
Gaming4JC
2018-09-25
-1
/
+1
*
Remove all C++ Telemetry Accumulation calls.
wolfbeast
2018-09-03
-40
/
+1
*
nsIContentPolicy::TYPE_DOCUMENT - Use "aLoadInfo->ContextForTopLevelLoad()" i...
janekptacijarabaci
2018-07-05
-1
/
+1
*
Bug 1469150 - CSP: Scripts with valid nonce get blocked if URL redirects is f...
janekptacijarabaci
2018-06-23
-2
/
+2
*
Bug 1469150 - Tests added to check scripts with valid nonce is allowed if URL...
janekptacijarabaci
2018-06-23
-0
/
+0
*
Bug 1469150 - CSP: Scripts with valid nonce get blocked if URL redirects
janekptacijarabaci
2018-06-21
-1
/
+100
*
Bug 1430758 - No CSP directive for nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD
janekptacijarabaci
2018-06-17
-0
/
+3
*
Bug 1398229 - Save-link-as feature should use the loading principal - impleme...
janekptacijarabaci
2018-06-17
-0
/
+13
*
Remove support and tests for HSTS priming from the tree. Fixes #384
Gaming4JC
2018-05-26
-948
/
+8
*
Remove MOZ_B2G leftovers and some dead B2G-only components.
wolfbeast
2018-05-12
-9
/
+0
*
Bug 1359204 - Do not query nested URI within CheckChannel in ContentSecurityM...
janekptacijarabaci
2018-04-30
-7
/
+0
*
Bug 1182569: Update ContentSecurityManager to handle docshell loads
janekptacijarabaci
2018-04-30
-17
/
+64
*
moebius#187: DOM - nsIContentPolicy - context (document)
janekptacijarabaci
2018-04-23
-20
/
+43
*
Revert "Bug 1182569: Update ContentSecurityManager to handle docshell loads"
janekptacijarabaci
2018-04-22
-64
/
+17
*
Bug 1182569: Update ContentSecurityManager to handle docshell loads
janekptacijarabaci
2018-04-22
-17
/
+64
*
Bug 1329288: Allow content policy consumers to identify contentPolicy checks ...
janekptacijarabaci
2018-04-22
-2
/
+3
*
Bug 1329288 - Test ContentPolicy blocks opening a new window
janekptacijarabaci
2018-04-22
-0
/
+1
*
moebius#230: Consider blocking top level window data: URIs (part 3/3 without ...
janekptacijarabaci
2018-04-22
-0
/
+49
*
moebius#226: Consider blocking top level window data: URIs (part 2/2 without ...
janekptacijarabaci
2018-04-22
-57
/
+149
*
moebius#223: Consider blocking top level window data: URIs (part 1/3 without ...
janekptacijarabaci
2018-04-22
-0
/
+476
*
moebius#159: CSP - support for "frame-ancestors" in "Content-Security-Policy-...
janekptacijarabaci
2018-04-14
-8
/
+74
*
Bug 1288768 - Better error reporting for network errors in workers
janekptacijarabaci
2018-04-04
-11
/
+2
*
Add support for CSP v3 "worker-src" directive
wolfbeast
2018-03-03
-44
/
+463
*
CSP: connect-src 'self' should always include https: and wss: schemes
janekptacijarabaci
2018-02-22
-11
/
+168
*
CSP: Support IDNs in connect-src
janekptacijarabaci
2018-02-22
-2
/
+135
*
CSP: Ignore nonces on <img> per spec
janekptacijarabaci
2018-02-22
-4
/
+111
*
CSP: Upgrade SO navigational requests per spec.
janekptacijarabaci
2018-02-22
-0
/
+184
*
CSP 2 - ignore (x-)frame-options if CSP with frame-ancestors directive exists
janekptacijarabaci
2018-02-22
-0
/
+104
*
Explicitly cancel channel after mixed content redirect.
wolfbeast
2018-02-08
-1
/
+6
*
CSP should only check host (not including path) when performing frame ancesto...
wolfbeast
2018-02-06
-0
/
+19
*
Add m-esr52 at 52.6.0
Matt A. Tobin
2018-02-02
-0
/
+31574