1. 09 Jul, 2020 2 commits
  2. 08 Jul, 2020 1 commit
  3. 03 Jul, 2020 1 commit
  4. 06 Jul, 2020 1 commit
  5. 26 Jun, 2020 2 commits
  6. 07 Jul, 2020 1 commit
  7. 02 Jul, 2020 1 commit
  8. 06 Jul, 2020 1 commit
  9. 07 Jul, 2020 1 commit
    • Tim Huang's avatar
      Bug 1644738 - Propagate the IsOnContentBlockingAllowList in CookieJarSettings... · 39d13dcf
      Tim Huang authored
      Bug 1644738 - Propagate the IsOnContentBlockingAllowList in CookieJarSettings to the script generated document. r=baku, a=RyanVM
      
      We also need to propagate the IsOnContentBlockingAllowList to the script
      generated document. For this kind of document, it won't have the
      CookieJarSettings at the first place. It will generate its
      CookieJarSettings when someone requests it. And we need to propagate the
      flag when generating the CookieJarSettings in this case. Or the script
      generated document will have a wrong IsOnContentBlockingAllowList flag.
      
      Differential Revision: https://phabricator.services.mozilla.com/D81727
      39d13dcf
  10. 15 Jun, 2020 1 commit
  11. 10 Jun, 2020 2 commits
  12. 06 Jul, 2020 1 commit
  13. 03 Jul, 2020 1 commit
  14. 02 Jul, 2020 1 commit
  15. 29 Jun, 2020 1 commit
  16. 01 Jul, 2020 1 commit
  17. 23 Jun, 2020 1 commit
  18. 29 Jun, 2020 1 commit
  19. 13 Jun, 2020 1 commit
  20. 12 Jun, 2020 3 commits
  21. 11 Jun, 2020 1 commit
  22. 02 Jul, 2020 1 commit
  23. 06 Jul, 2020 1 commit
  24. 29 Jun, 2020 1 commit
  25. 24 Jun, 2020 1 commit
  26. 25 Jun, 2020 1 commit
    • J.C. Jones's avatar
      Bug 1644627 - Set the WebAuthn `appid` client extension result properly... · cecddaae
      J.C. Jones authored
      Bug 1644627 - Set the WebAuthn `appid` client extension result properly r=bbeurdouche,keeler a=RyanVM
      
      The semantics of what Firefox implemented for the AppID extension for WebAuthn
      were wrong. Notably: It was always emitted if the extension were used, and
      always set to `true`. The specification has more nuance so that RPs can use
      that result to determine what to validate against.
      
      As a reminder since it's been a while, this change has impacts to the WebAuthn
      Token Manager layer, so there's duplicative changes in the soft token and in
      the HID token, _and the automated tests only test the soft token_. Manual
      testing using webauthn.bin.coffee and other test sites are needed to verify
      behavior in U2FHIDTokenManager.
      
      Differential Revision: https://phabricator.services.mozilla.com/D79568
      cecddaae
  27. 24 Jun, 2020 1 commit
  28. 22 Jun, 2020 1 commit
  29. 23 Jun, 2020 1 commit
  30. 24 Jun, 2020 2 commits
    • Rob Wu's avatar
      Bug 1635781 - Fully replace the web page's CSP if modified by add-on. r=mixedpuppy, a=RyanVM · 2b9adec7
      Rob Wu authored
      The original addition of CSP to `headersAlreadySet` in bug 1462989 was
      to make sure that CSP response headers from different extensions are
      merged as expected. The logic did however not take into account that
      unconditionally merging modified headers means that the header would be
      merged with the original CSP from the web page, which prevented add-ons
      from relaxing a CSP from the web page.
      
      This commit fixes the bug by tracking the CSP status on the
      `ResponseHeaderChanger` instance, which is shared by all webRequest
      handlers of a single request.
      
      Differential Revision: https://phabricator.services.mozilla.com/D80761
      2b9adec7
    • Rob Wu's avatar
      Bug 1635781 - Fix broken logic in test_ext_webRequest_mergecsp.js. r=mixedpuppy, a=RyanVM · 15f747ab
      Rob Wu authored
      - Most importantly: Fix the `test_csp` helper to actually replace the
        page's CSP header. The existing tests verify that the web page's CSP
        is still applied, which is trivially true if the helper extension
        appends the CSP instead of replacing it.
      
      - Expand comment on the meaning of the parameters in `test_csp`.
      
      - `sendMessage` is not async, properly await the result.
      
      - Unload extensions before checking assertions, to avoid unhelpful error
        messages about extensions not having been unloaded at the end of the
        test.
      
      - Report which test case is being run to make debugging easier.
      
      Differential Revision: https://phabricator.services.mozilla.com/D80760
      15f747ab
  31. 11 Jun, 2020 1 commit
  32. 24 Jun, 2020 1 commit
  33. 12 Jun, 2020 1 commit
  34. 30 Jun, 2020 1 commit