index
:
uxp
1210
1791
1805-stacksize
1970-form-focusring-styling
1992
28.9-platform
28.9-platform-old
ANGLE-update
Basilisk-release
CCW-perf
Pale_Moon-release
RFC6367
VS2017
aruba
dynamic-module-import
eme
fetchstreams-work
freebsd-support
getnativepath-work
js-modules
libaom-update
lzma-updater
master
modulefix
nss-gyp
nss-gyp-GREport
nss-gyp-work
nss-update-work
pref-dual-guid
re-unify
redwood
release
release-29
restore-dual-guid
scroll-anchoring-wip
v8re-shim-build
v8re-shim-work
xpiprovider-work
uxp [Local Fork]
khronosschoty@posteo.org
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
dom
/
security
Commit message (
Expand
)
Author
Age
*
Issue mcp-graveyard/UXP#1710 - Check for triggering principal URI in FTP subr...
Moonchild
2021-01-09
*
Issue mcp-graveyard/UXP#1656 - Part 6: Clean up the build files
Moonchild
2020-09-23
*
Issue mcp-graveyard/UXP#1656 - Part 2: Unmangle some unfortunate UTF-8 victims.
Moonchild
2020-09-23
*
Issue mcp-graveyard/UXP#1656 - Part 1: Nuke most vim config lines in the tree.
Moonchild
2020-09-23
*
Issue mcp-graveyard/UXP#1525 - Kill marquee element
Moonchild
2020-06-01
*
Issue mcp-graveyard/UXP#80 - De-unify dom/security
Moonchild
2020-04-23
*
[CSP] Allow not having a Port for RessourceURI if the Scheme has no
wolfbeast
2020-02-11
*
Fix whitelisting of JavaScript-uris by CSP hash.
wolfbeast
2019-09-05
*
Add checks to respect CSP-wildcard + Ports.
Sebastian Streich
2019-09-05
*
Convert dom/base/nsImageLoadingContent.cpp to use AsyncOpen2 and followups al...
win7-7
2019-08-08
*
Selectively allow ftp subresources in the blocked mode.
wolfbeast
2019-07-15
*
Add preference to allow the loading of FTP subresources for corner cases
wolfbeast
2019-07-14
*
Prevent loading of document subresources over FTP.
wolfbeast
2019-03-09
*
Telemetry: Remove stubs and related code
adeshkp
2019-01-12
*
backport mozbug 1334776 - CVE-2017-7797 Header name interning leaks across or...
Gaming4JC
2018-09-25
*
Remove all C++ Telemetry Accumulation calls.
wolfbeast
2018-09-03
*
nsIContentPolicy::TYPE_DOCUMENT - Use "aLoadInfo->ContextForTopLevelLoad()" i...
janekptacijarabaci
2018-07-05
*
Bug 1469150 - CSP: Scripts with valid nonce get blocked if URL redirects is f...
janekptacijarabaci
2018-06-23
*
Bug 1469150 - Tests added to check scripts with valid nonce is allowed if URL...
janekptacijarabaci
2018-06-23
*
Bug 1469150 - CSP: Scripts with valid nonce get blocked if URL redirects
janekptacijarabaci
2018-06-21
*
Bug 1430758 - No CSP directive for nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD
janekptacijarabaci
2018-06-17
*
Bug 1398229 - Save-link-as feature should use the loading principal - impleme...
janekptacijarabaci
2018-06-17
*
Remove support and tests for HSTS priming from the tree. Fixes #384
Gaming4JC
2018-05-26
*
Remove MOZ_B2G leftovers and some dead B2G-only components.
wolfbeast
2018-05-12
*
Bug 1359204 - Do not query nested URI within CheckChannel in ContentSecurityM...
janekptacijarabaci
2018-04-30
*
Bug 1182569: Update ContentSecurityManager to handle docshell loads
janekptacijarabaci
2018-04-30
*
moebius#187: DOM - nsIContentPolicy - context (document)
janekptacijarabaci
2018-04-23
*
Revert "Bug 1182569: Update ContentSecurityManager to handle docshell loads"
janekptacijarabaci
2018-04-22
*
Bug 1182569: Update ContentSecurityManager to handle docshell loads
janekptacijarabaci
2018-04-22
*
Bug 1329288: Allow content policy consumers to identify contentPolicy checks ...
janekptacijarabaci
2018-04-22
*
Bug 1329288 - Test ContentPolicy blocks opening a new window
janekptacijarabaci
2018-04-22
*
moebius#230: Consider blocking top level window data: URIs (part 3/3 without ...
janekptacijarabaci
2018-04-22
*
moebius#226: Consider blocking top level window data: URIs (part 2/2 without ...
janekptacijarabaci
2018-04-22
*
moebius#223: Consider blocking top level window data: URIs (part 1/3 without ...
janekptacijarabaci
2018-04-22
*
moebius#159: CSP - support for "frame-ancestors" in "Content-Security-Policy-...
janekptacijarabaci
2018-04-14
*
Bug 1288768 - Better error reporting for network errors in workers
janekptacijarabaci
2018-04-04
*
Add support for CSP v3 "worker-src" directive
wolfbeast
2018-03-03
*
CSP: connect-src 'self' should always include https: and wss: schemes
janekptacijarabaci
2018-02-22
*
CSP: Support IDNs in connect-src
janekptacijarabaci
2018-02-22
*
CSP: Ignore nonces on <img> per spec
janekptacijarabaci
2018-02-22
*
CSP: Upgrade SO navigational requests per spec.
janekptacijarabaci
2018-02-22
*
CSP 2 - ignore (x-)frame-options if CSP with frame-ancestors directive exists
janekptacijarabaci
2018-02-22
*
Explicitly cancel channel after mixed content redirect.
wolfbeast
2018-02-08
*
CSP should only check host (not including path) when performing frame ancesto...
wolfbeast
2018-02-06
*
Add m-esr52 at 52.6.0
Matt A. Tobin
2018-02-02