summaryrefslogtreecommitdiff
path: root/netwerk/base
Commit message (Collapse)AuthorAge
* Prep for GREMatt A. Tobin2022-02-12
|
* Make nsAtomicFileOutputStream::DoOpen() fail if the file is read-only.Pale Moon2018-07-10
| | | | This means we don't leave behind prefs-<n>.js files when prefs.js is read-only.
* Disable TLS 1.3 draft support.Pale Moon2018-03-04
|
* Avoid a race condition in AutoClose.Pale Moon2018-01-28
|
* Don't propagate LOAD_FROM_CACHE to the whole load group on charset reload.Pale Moon2017-11-24
| | | | This improves our cache consistency when the charset declaration is not within the first 1024 bytes of the document, properly re-fetching resources from the net where we should.
* Enable Camellia FS cipher suites by default.Pale Moon2017-05-29
| | | | Exception to the DHE rule because of lack of ECDHE for Camellia in NSS, offering Forward Secrecy with Camellia that would otherwise not be possible.
* Enable TLS 1.3 by default.Pale Moon2017-04-30
| | | | This resolves #1057.
* Security - added support for TLS 1.3 (the next part)janekptacijarabaci2017-04-26
|
* Security - added support for TLS 1.3janekptacijarabaci2017-04-25
|
* Allocate more memory for processing (stupidly) large PAC files.Pale Moon2017-04-09
|
* A channel suspend()-ed in http-on-modify-request shouldn't send out any ↵janekptacijarabaci2017-04-04
| | | | traffic until resume()-d
* The referrer policy specification where origin-when-crossorigin should ↵janekptacijarabaci2017-03-31
| | | | actually be origin-when-cross-origin (fix typo)
* Reconfigure network security:Pale Moon2017-03-25
| | | | | | | | - Enable 128-bit RSA+AES+SHA256 suites - Disable all static DHE suites because: * There's no way to negotiate DH key sizes. * It's barely in use and when it is, it can fall back to RSA * We now have broader RSA/AES support with stronger SHA-HMAC
* Add support for RSA+AES+SHA256/384 suites for web compatibility.Pale Moon2017-03-22
| | | | | | | | | | | | | This adds the following suites for web compatibility despite the deprecated RSA key exchange that makes little sense with a very strong HMAC or GCM: TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA256 Only the 256-bit ones are enabled by default.
* Enable AES256-GCM for accessibility to overly-strict sites that do not offer ↵Pale Moon2017-02-25
| | | | ChaCha20.
* Add AES256-GCM suites to secmanager.Pale Moon2017-02-25
| | | | Disabled by default for known wasted performance (40%) on a suite weaker to key attacks than AES128.
* Enable ChaCha20-Poly1305 suites.Pale Moon2017-02-25
|
* Temporarily disable Camellia-GCM suites in secmanager.Pale Moon2017-02-24
|
* Crypto Services (utils): Support for SHA256-512 (+ 224)janekptacijarabaci2017-02-24
|
* Make ArrayBufferInputStream copy its input buffer.Pale Moon2016-12-13
|
* Part 1: Revert Bug 1125784Pale Moon2016-09-18
|
* Post-merge cleanup.Pale Moon2016-09-07
|
* Merge branch 'Tycho'Pale Moon2016-09-07
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: browser/components/sessionstore/src/SessionStore.jsm browser/devtools/commandline/BuiltinCommands.jsm browser/devtools/scratchpad/scratchpad.js configure.in content/base/src/nsXSSUtils.cpp content/media/AudioStream.cpp content/media/MediaDecoder.cpp content/media/gstreamer/GStreamerFormatHelper.cpp content/media/gstreamer/GStreamerFormatHelper.h content/media/gstreamer/GStreamerFunctionList.h content/media/gstreamer/GStreamerReader.cpp content/media/gstreamer/GStreamerReader.h modules/libpref/src/init/all.js netwerk/base/public/security-prefs.js security/manager/boot/src/nsSTSPreloadList.inc
| * Fix SSL status ambiguity.wolfbeast2016-09-06
| | | | | | | | | | | | | | - Adds CipherSuite string with the full suite - Changes CipherName to be the actual cipher name instead of the (erroneous) full suite like Firefox does. This is a reimplementation of 811ce3ff4939b7ece26ad5f99878fc58b92edf7c for Tycho.
| * Base import of Tycho code (warning: huge commit)Pale Moon2016-09-01
| |
* | Update security prefs for SWEET32.Pale Moon2016-08-30
|/ | | | This also re-organizes the pref blocks and adds comments supplying reason(s) for disabled suites.
* Fix path typo.Pale Moon2016-06-13
| | | | This resolves issue #443
* Potential crash fix for bogus URLs v2Pale Moon2016-04-26
|
* Revert "Potential crash fix for bogus URLs"Pale Moon2016-04-25
| | | | This reverts commit 9b5af7d876cc02787d8aa041aab2789f68858281.
* Potential crash fix for bogus URLsPale Moon2016-04-25
|
* Implement main URL API (funcs+constructor)Pale Moon2016-03-01
|
* Add ODMR to banned port list + clarify 587 and 601Pale Moon2015-11-29
|
* Crash fix: check for empty host string as well as NULL in Valid IPv6 or ↵Pale Moon2015-11-19
| | | | hostname check.
* Fix line endings.Pale Moon2015-11-04
|
* Split out Host/IPv6 validation and improve its checksPale Moon2015-11-04
|
* Implement 128-bit Camellia-GCM ciphers (ECC+RSA)Pale Moon2015-10-07
|
* Merge branch 'master' into GoannaPale Moon2015-08-01
|\ | | | | | | | | | | Conflicts: browser/config/version.txt xpcom/build/nsXPComInit.cpp
| * no more "visual event tracer"Ketmar Dark2015-07-28
| |
* | Wholesale switch remaining code to GoannaPale Moon2015-05-27
|/
* Only support GIO in nsIOServicetrav902015-04-30
|
* Remove telemetry includes (except where still required)Pale Moon2015-04-14
|
* Remove Telemetry part9: HTTP and LoadGroupPale Moon2015-04-12
|
* Remove Telemetry part1: Autotimers, accumulator callsPale Moon2015-03-21
|
* Disable RC4 ciphers by default.Pale Moon2015-02-23
|
* Bug 802895 - add srcdoc support to (InputStream|ViewSource)Channels (Part 1)Matt A. Tobin2014-11-09
|
* By default, disable the SSL 3.0 protocol.Pale Moon2014-10-15
|
* Expose security.ssl.allow_unsafe_ocsp_response prefPale Moon2014-09-29
|
* Remove OS/2 code part 1Pale Moon2014-09-24
|
* Properly derive the host of a URLValentin Gosu2014-08-15
|
* Port over misc patches from m-cPale Moon2014-06-07
|
generated by cgit v1.2.3 (git 2.26.2) at 2024-11-14 04:53:01 +0000