summaryrefslogtreecommitdiff
path: root/dom/security
Commit message (Collapse)AuthorAge
* nsIContentPolicy::TYPE_DOCUMENT - Use "aLoadInfo->ContextForTopLevelLoad()" ↵janekptacijarabaci2018-07-05
| | | | | | instead of "aLoadInfo->LoadingNode()" Issue #600
* Bug 1469150 - CSP: Scripts with valid nonce get blocked if URL redirects is ↵janekptacijarabaci2018-06-23
| | | | fixed (follow up)
* Bug 1469150 - Tests added to check scripts with valid nonce is allowed if ↵janekptacijarabaci2018-06-23
| | | | URL redirects (follow up)
* Bug 1469150 - CSP: Scripts with valid nonce get blocked if URL redirectsjanekptacijarabaci2018-06-21
| | | | https://bugzilla.mozilla.org/show_bug.cgi?id=1469150
* Bug 1430758 - No CSP directive for nsIContentPolicy::TYPE_SAVEAS_DOWNLOADjanekptacijarabaci2018-06-17
|
* Bug 1398229 - Save-link-as feature should use the loading principal - ↵janekptacijarabaci2018-06-17
| | | | implementation of nsIContentPolicy.TYPE_SAVE_AS_DOWNLOAD
* Remove support and tests for HSTS priming from the tree. Fixes #384Gaming4JC2018-05-26
|
* Remove MOZ_B2G leftovers and some dead B2G-only components.wolfbeast2018-05-12
|
* Bug 1359204 - Do not query nested URI within CheckChannel in ↵janekptacijarabaci2018-04-30
| | | | ContentSecurityManager
* Bug 1182569: Update ContentSecurityManager to handle docshell loadsjanekptacijarabaci2018-04-30
|
* moebius#187: DOM - nsIContentPolicy - context (document)janekptacijarabaci2018-04-23
| | | | https://github.com/MoonchildProductions/moebius/pull/187
* Revert "Bug 1182569: Update ContentSecurityManager to handle docshell loads"janekptacijarabaci2018-04-22
| | | | This reverts commit 2e33335820b2816bee111e78588ac82e401c86ae.
* Bug 1182569: Update ContentSecurityManager to handle docshell loadsjanekptacijarabaci2018-04-22
| | | | native in moebius
* Bug 1329288: Allow content policy consumers to identify contentPolicy checks ↵janekptacijarabaci2018-04-22
| | | | from docshell
* Bug 1329288 - Test ContentPolicy blocks opening a new windowjanekptacijarabaci2018-04-22
|
* moebius#230: Consider blocking top level window data: URIs (part 3/3 without ↵janekptacijarabaci2018-04-22
| | | | | | tests) https://github.com/MoonchildProductions/moebius/pull/230
* moebius#226: Consider blocking top level window data: URIs (part 2/2 without ↵janekptacijarabaci2018-04-22
| | | | | | tests) https://github.com/MoonchildProductions/moebius/pull/226
* moebius#223: Consider blocking top level window data: URIs (part 1/3 without ↵janekptacijarabaci2018-04-22
| | | | | | tests) https://github.com/MoonchildProductions/moebius/pull/223
* moebius#159: CSP - support for "frame-ancestors" in ↵janekptacijarabaci2018-04-14
| | | | | | "Content-Security-Policy-Report-Only" https://github.com/MoonchildProductions/moebius/pull/159
* Bug 1288768 - Better error reporting for network errors in workersjanekptacijarabaci2018-04-04
|
* Add support for CSP v3 "worker-src" directivewolfbeast2018-03-03
|
* CSP: connect-src 'self' should always include https: and wss: schemesjanekptacijarabaci2018-02-22
|
* CSP: Support IDNs in connect-srcjanekptacijarabaci2018-02-22
|
* CSP: Ignore nonces on <img> per specjanekptacijarabaci2018-02-22
|
* CSP: Upgrade SO navigational requests per spec.janekptacijarabaci2018-02-22
|
* CSP 2 - ignore (x-)frame-options if CSP with frame-ancestors directive existsjanekptacijarabaci2018-02-22
|
* Explicitly cancel channel after mixed content redirect.wolfbeast2018-02-08
|
* CSP should only check host (not including path) when performing frame ↵wolfbeast2018-02-06
| | | | | | ancestors checks. This has been explicitly stated in the CSP-3 spec.
* Add m-esr52 at 52.6.0Matt A. Tobin2018-02-02
generated by cgit v1.2.3 (git 2.26.2) at 2024-11-10 06:51:53 +0000