Commit message (Collapse) | Author | Age | Lines | ||
---|---|---|---|---|---|
... | |||||
* | Get rid of the incorrect mechanism to remove insecure fallback hosts. | wolfbeast | 2018-09-29 | -12/+0 | |
| | | | | This fixes #797. | ||||
* | Update HSTS preload list | trav90 | 2018-09-11 | -1799/+3198 | |
| | | | | Tag #447 | ||||
* | Remove all C++ Telemetry Accumulation calls. | wolfbeast | 2018-09-03 | -295/+4 | |
| | | | | | This creates a number of stubs and leaves some surrounding code that may be irrelevant (eg. recorded time stamps, status variables). Stub resolution/removal should be a follow-up to this. | ||||
* | Remove support for TLS session caches in TLSServerSocket. | wolfbeast | 2018-09-01 | -15/+0 | |
| | | | | This resolves #738 | ||||
* | Update HSTS preload list | trav90 | 2018-08-27 | -2462/+4464 | |
| | | | | Tag #447 | ||||
* | Fix missed in32->int64 in df852120098dc7ba5df4a76126c6297c6d2d1b7b | wolfbeast | 2018-08-17 | -1/+1 | |
| | | | | Tag #709. | ||||
* | Reinstate RC4 and mark 3DES weak. | wolfbeast | 2018-08-17 | -1/+7 | |
| | | | | Tag #709 | ||||
* | Extend {EnabledWeakCiphers} bit field to allow more cipher suites. | wolfbeast | 2018-08-17 | -8/+8 | |
| | | | | Tag #709. | ||||
* | Update HSTS preload list | trav90 | 2018-08-01 | -1735/+1719 | |
| | | | | Tag #447 | ||||
* | replace "certErrorCodePrefix2" with "certErrorCodePrefix" | yami | 2018-07-22 | -4/+3 | |
| | |||||
* | Update HSTS preload list | trav90 | 2018-07-17 | -2555/+4080 | |
| | | | | Tag #447 | ||||
* | Remove SSL Error Reporting telemetry | wolfbeast | 2018-06-29 | -136/+0 | |
| | |||||
* | Update HSTS preload list | trav90 | 2018-06-21 | -1865/+2637 | |
| | | | | Tag #447 | ||||
* | Fix SSL status ambiguity. | wolfbeast | 2018-06-20 | -6/+25 | |
| | | | | | - Adds CipherSuite string with the full suite - Changes CipherName to be the actual cipher name instead of the (erroneous) full suite like Firefox does. | ||||
* | [PALEMOON] Add missed strings required by page info | JustOff | 2018-06-08 | -1/+3 | |
| | |||||
* | Merge pull request #461 from trav90/HSTS | Moonchild | 2018-06-07 | -64341/+42935 | |
|\ | | | | | Improve HSTS preload list generation | ||||
| * | Regenerate the HSTS preload list | trav90 | 2018-06-07 | -64270/+42907 | |
| | | |||||
| * | Restore clearly-delimited format for the HSTS preload list | trav90 | 2018-06-06 | -65/+23 | |
| | | |||||
| * | Increase concurrent lookups to 15 when generating HSTS preload list | trav90 | 2018-06-05 | -1/+1 | |
| | | |||||
| * | Update HSTS preload list generation script | trav90 | 2018-06-05 | -5/+4 | |
| | | | | | | | | | | | | | | | | Previous behavior: if an entry was in the previously-used list, and there would be an error connecting to or processing the host, it would adopt it using the previous status, with a new minimum required max age TTL. New behavior: if an entry is in the previously-used list, and there is an error connecting to or processing the host, it will be dropped from the preload list. The old behavior would allow entries to persist on the HSTS preload list when they drop off the 'net. Considering domain churn, it would cause issues for new owners for having a persisted HSTS entry preloaded in the browser. Bonus: it keeps our HSTS preload list lean. | ||||
* | | Request NSS to use DBM as the storage file format | JustOff | 2018-06-06 | -2/+2 | |
|/ | |||||
* | Remove support and tests for HSTS priming from the tree. Fixes #384 | Gaming4JC | 2018-05-26 | -17/+0 | |
| | |||||
* | Remove MOZ_WIDGET_GONK [1/2] | wolfbeast | 2018-05-12 | -6/+0 | |
| | | | | Tag #288 | ||||
* | Fix unsafe "instanceof" negations | janekptacijarabaci | 2018-05-02 | -3/+0 | |
| | | | | https://github.com/MoonchildProductions/Pale-Moon/pull/1173 | ||||
* | moebius#119: (Windows) Security - Certificate Stores - NSSCertDBTrustDomain ↵ | janekptacijarabaci | 2018-04-23 | -3/+25 | |
| | | | | | | allows end-entities to be their own trust anchors https://github.com/MoonchildProductions/moebius/pull/119 | ||||
* | Fix build system translation errors. | wolfbeast | 2018-03-04 | -1/+1 | |
| | | | | Follow-up to 11a8a39f6d2e057d51559c52c1bf0ba74bbfe189 | ||||
* | Merge pull request #34 from janekptacijarabaci/devtools_import-from-moebius_1 | Moonchild | 2018-03-02 | -1/+147 | |
|\ | | | | | Port across devtools enhancements | ||||
| * | DevTools - network - security (improvements) | janekptacijarabaci | 2018-03-01 | -1/+147 | |
| | | | | | | | | | | | | https://github.com/MoonchildProductions/moebius/pull/113 https://github.com/MoonchildProductions/moebius/pull/118 https://github.com/MoonchildProductions/moebius/pull/127 | ||||
* | | Use MOZ_FENNEC and MOZ_XULRUNNER instead of checking MOZ_BUILD_APP in most ↵ | Matt A. Tobin | 2018-03-01 | -1/+1 | |
|/ | | | | places | ||||
* | Disable 3DES cipher by default + re-order a few things. | wolfbeast | 2018-02-02 | -6/+9 | |
| | | | | Issue #4 point 4 | ||||
* | Add RSA-AES + SHA256/384 suites for web compatibility. | wolfbeast | 2018-02-02 | -0/+8 | |
| | | | | | | Sites with these ciphers (commonly IIS) would otherwise fall back to weak 3DES that will be disabled by default. Issue #4 points 2 and 3 | ||||
* | Add Camellia to the active cipher suites. | wolfbeast | 2018-02-02 | -0/+8 | |
| | | | | | | | Issue #4 point 1. Camellia is a strong, modern, safe cipher with no known weaknesses or reduced strength attacks. The cipher has been approved for use by the ISO/IEC, the European Union's NESSIE project and the Japanese CRYPTREC project. | ||||
* | Remove kinto client, Firefox kinto storage adapter, blocklist update client ↵ | Matt A. Tobin | 2018-02-02 | -22/+3 | |
| | | | | and integration with sync, OneCRL and the custom time check for derives system time. | ||||
* | Add m-esr52 at 52.6.0 | Matt A. Tobin | 2018-02-02 | -0/+158028 | |