summaryrefslogtreecommitdiff
path: root/netwerk
Commit message (Collapse)AuthorAge
* [network] Prepare for requiring Authorization in CORS ACAH preflightMoonchild2023-07-05
| | | | | | | | | | | | | | | | | | The Authorization header with a JSON Web Token (JWT) can be sent via XMLHttpRequest without explicit authorization via Access-Control headers. According to the spec, this must always explicitly be mentioned in ACAH request headers and isn't allowed to be wildcarded. However, nobody currently obeys this rule and many websites are misconfigured because Chromium and Firefox always allowed it. This patch adds the more stricter code but keeps it behind an #ifdef 0 to be released later on if and when there is enough consensus on the web to obey this spec. This patch explicitly avoids the added complexity Mozilla added to educate web devs since our role in that respect is not significant. it's not preffed and it won't throw an explicit deprecation warning. See Mozilla bugs 1687364 and 1841019.
* Issue #1656 - Remove more vim control lines.Moonchild2023-05-05
| | | | | | | Vim control lines were re-introduced or not entirely cleaned up. This nukes them again. Removing from modules, netwerk, security, storage, testing, toolkit, and a few scattered misc files. More to come.
* Issue #1691 - Part 8: Fix --enable-debug builds and continue dynamic module ↵Brian Smith2023-04-27
| | | | | | | | | | | | | import changes. https://bugzilla.mozilla.org/show_bug.cgi?id=1342012 Support import from timeout handlers by associating the initiating script with the compiled JSScript. Fix error message that covers all import() failures that don't throw a JS exception. https://bugzilla.mozilla.org/show_bug.cgi?id=1331662 Partial - Replace nsJSUtils::EvaluateString calls by ExecutionContext scopes. Left EvaluateString() in nsXBLProtoImplField.cpp until ExecutionContext errors can be fixed. (cherry picked from commit 22fcfc77971a9bb204df664c474681f4dcf54211)
* [network] Improve checks while parsing MIME parameters.Moonchild2023-04-12
|
* No issue - Use inet_ntop() for converting IPv4 network addresses instead of ↵FranklinDM2023-04-07
| | | | | | the deprecated inet_ntoa() The original implementation opted to silence the warnings instead and use the deprecated inet_ntoa() as a Windows XP consideration (bug 1240932). Since we've removed support for that platform, it makes sense to use the modern inet_ntop() API instead.
* Issue #2180 - Add pref to control NSS TLS 1.3 protocol downgrade sentinelMoonchild2023-03-28
|
* Issue #2146 - Remove nsChannelClassifier/nsIURIClassifierMoonchild2023-03-08
| | | | Resolves #2146
* Issue #2133 - Part 4: Remove TrackingProtection var in classifier.Moonchild2023-03-07
|
* Issue #2133 - Part 3: Remove TrackingProtection plumbingMoonchild2023-03-07
|
* Issue #2133 - Part 2: Remove nsIPrivateBrowsingTrackingProtectionWhitelistMoonchild2023-03-07
| | | | This removes the in-memory whitelist for PB mode.
* [network] Avoid queue manipulation inside a loopMoonchild2023-01-18
|
* Issue #2073 - m-c 1546500: Avoid dispatching synchronous thread shutdown ↵Martok2023-01-04
| | | | runnables
* Issue #2070 - When multiple HSTS headers are received, only consider the first.Moonchild2022-12-25
| | | | | | | | | | | | | This implements a plain interpretations of RFC 6797, which says to only consider the first HSTS header. This slightly conflicts with RFC 7230, which says that sending multiple headers which can't be merged is illegal (except for a specific whitelist which HSTS isn't in), so this situation should never occur in the first place (and would therefore not need the explicit entry in RFC 6797). It improves HSTS robustness dealing with non-compliant servers. Resolves #2070
* [network] Align cookie checks with RFC 6265 (bis)Moonchild2022-12-15
|
* [network] move some generic websocket code to the baseclassMoonchild2022-12-15
|
* [No issue] Add executable bit to shell scripts in treetrav902022-11-25
|
* [network] Fix Mac buffer overflow.Moonchild2022-11-19
|
* WebSocketChannel::CleanupConnection should run on the socket threadMoonchild2022-11-19
|
* [Network, DOM] Align our implementation with the current CORS/Fetch spec.Moonchild2022-11-18
|
* Merge branch 'master' into 1769-take2Moonchild2022-11-07
|\
| * Issue #2024 - Part 2: Add wildcard to Access-Control-Allow-{Method|Headers}Moonchild2022-11-06
| | | | | | | | | | | | | | For requests without credentials, add wildcard to Access-Control-Allow-Headers and Access-Control-Allow-Method. Resolves #2024
| * Fix some debug assertions.Moonchild2022-10-04
| | | | | | | | refactored code porting in assertions causing debug build failures.
| * [network] Reject cookies with no name and a __Secure- or __Host- prefixMoonchild2022-09-21
| |
| * Issue #80 - reinstated unified building for some large chunks of our code.Moonchild2022-09-04
| | | | | | | | This should reduce compile complexity saving time and reducing linker stress.
| * Issue #1991 - backport Mozilla bug 1266667Basilisk-Dev2022-08-20
| |
| * Issue #1975 - Implement Origin header CSRF mitigation.Job Bautista2022-07-25
| | | | | | | | Backported from Mozilla bug 446344.
| * [network] Clear PAC loader when the load failedMoonchild2022-07-03
| |
* | Issue #1769 - Part 2: Implement JPEG-XL decoder and about:config and MIME ↵Job Bautista2022-06-29
|/ | | | | | plumbing. Backported from Mozilla bug 1707590 whereever possible.
* Issue #21 - Follow-up: Remove some left-over telemetry plumbing.Moonchild2022-06-27
|
* Issue #326 - Part 4: Update Unicode data to release 10.0Job Bautista2022-06-23
| | | | | | | | | | | genUnicodePropertyData.pl's output: unknown ICU script MASARAM_GONDI at ../tools/genUnicodePropertyData.pl line 442, <FH> line 2641. unknown ICU script SOYOMBO at ../tools/genUnicodePropertyData.pl line 442, <FH> line 2663. unknown ICU script ZANABAZAR_SQUARE at ../tools/genUnicodePropertyData.pl line 442, <FH> line 2679. Data for CharProp2 = 14864 Data for FullWidth = 2176 Data for FullWidthInverse = 2688 Total data = 19728
* Issue #326 - Part 1a: Update character property table generator script for ↵Job Bautista2022-06-22
| | | | | | Unicode 9, and adjust APIs to fit the new identifier-type property model Backported from Mozilla bug 1281448.
* Issue #1905 - Part 4c - Follow Firefox and Safari in reporting "Intel" for ↵Brian Smith2022-06-15
| | | | | | Mac ARM64 devices. Based on Mozilla bug 1655285.
* [network] Fix typo in nsSocketTransport2.cppMoonchild2022-05-30
| | | | Follow-up to 7322bc0e9df42bd43d84ec9be22b00c47a09f3d7
* [network] SocketTransport2 cleanupMoonchild2022-05-30
|
* [Network] Add a socket thread check and early exit for corner cases.Moonchild2022-05-30
|
* [Network] Only call nsWSAdmissionManager::ConnectNext on the main thread.Moonchild2022-05-30
|
* Issue #1829 - Revert "Issue #1751 -- Remove XP_DARWIN"Brian Smith2022-04-26
| | | | This reverts commit 3d671e4275c73a1484c72713304c6e04ec4ffc7c.
* Issue #1829 - Revert “Issue #1751 - Remove Mac code behind ↵Brian Smith2022-04-26
| | | | | | MOZ_WIDGET_TOOLKIT == 'cocoa’” This reverts commit 1fe9c19305dadf2d5bcaa0e589fcd250389dfa8a.
* Issue #1877 - Resolve RELEASE_OR_BETA conditionals.Moonchild2022-04-19
|
* Issue #1804 - Fix building with GCC 11trav902022-04-16
|
* Issue #953 - Neuter the user-facing controls for e10sMoonchild2022-04-08
| | | | | This should prevent people using a massive footgun that would blow off their entire legs. Requires appropriate FE changes.
* [Network] Escape external protocol handler URLsMoonchild2022-04-07
|
* Use brace initialization for Atomics.Moonchild2022-04-04
| | | | Remind me to always build BEFORE committing :P
* [network] Make several variables atomic in nsSocketTransport2.Moonchild2022-04-04
| | | | | | | | Fixes potential thread races between: - nsSocketTransport::OnInputClosed and nsSocketTransport::OpenInputStream. - nsSocketTransport::OnOutputClosed and nsSocketTransport::OpenOutputStream. - nsSocketTransport::Close and nsSocketTransport::RecoverFromError called from OnSocketDetached.
* [network] Use a COM pointer instead of NS_ADDREF in nsSocketTransport2.cppMoonchild2022-04-04
|
* [network] Align IDN normalization with the current spec.Moonchild2022-04-04
|
* [network] Tighten checks for ACE (punycode) encoding.Moonchild2022-04-04
|
* [network] Clean up IDN logic and add some corner case use.Moonchild2022-04-04
|
* Issue #21 - Remove remaining telemetry structs, callers and flags.Moonchild2022-04-02
|
* Issue #21 - Remove Telemetry plumbing and fix build.Moonchild2022-04-02
| | | | | Note this won't give working applications. Requires FE changes and additional js module changes (next part).
generated by cgit v1.2.3 (git 2.26.2) at 2024-11-13 00:38:37 +0000