Skip to content
Permalink
Branch: 21340+5
Commits on Apr 12, 2017
  1. Bug 1323644 - Isolate the HSTS and HPKP storage by first party domain…

    johnathan79717 authored and arthuredelstein committed Feb 14, 2017
    … (DOM/DocShell) r=baku,ckerschb
    
    MozReview-Commit-ID: AZUfZffsLxu
    
    --HG--
    extra : rebase_source : bcd831e5ba7e92dd142747dccacba5cd34da016e
    
    Conflicts:
    	dom/ipc/ContentParent.cpp
    	dom/ipc/ContentParent.h
  2. Bug 1323644 - Isolate the HSTS and HPKP storage by first party domain…

    johnathan79717 authored and arthuredelstein committed Feb 14, 2017
    … (Necko) r=ckerschb
    
    MozReview-Commit-ID: 6DFPXTXoykc
    
    --HG--
    extra : rebase_source : 4c69a918b289f76a75ac463f08a6e43f7b625571
    
    Conflicts:
    	netwerk/protocol/http/nsHttpHandler.cpp
  3. Bug 1323644 - Isolate the HSTS and HPKP storage by first party domain…

    johnathan79717 authored and arthuredelstein committed Feb 14, 2017
    … (PSM) r=Cykesiopka,keeler
    
    MozReview-Commit-ID: HhFFqtpBNjO
    
    --HG--
    extra : rebase_source : 980dfd035efc4886a7ca393923c2c2783cc76a7d
  4. Bug 1323644 - Isolate the HSTS and HPKP storage by first party domain…

    johnathan79717 authored and arthuredelstein committed Feb 14, 2017
    … (ForgetAboutSite) r=keeler,mossop
    
    MozReview-Commit-ID: LjYb5coVxJl
    
    --HG--
    extra : rebase_source : 0a1cc4b70b266958c478ff48d9edc1e669ebb33f
  5. Bug 1318299 - Replace string literals containing escaped characters w…

    abpostelnicu authored and arthuredelstein committed Nov 17, 2016
    …ith raw string literals in security/manager. r=keeler
    
    MozReview-Commit-ID: Al4QjodbJ2S
    
    --HG--
    extra : rebase_source : 94667e62678f10224be6b7f185ce461afb361827
  6. Bug 1329237 - Avoid non-smart string IDL types in nsISiteSecurityServ…

    Cykesiopka authored and arthuredelstein committed Jan 14, 2017
    …ice.idl. r=keeler
    
    Smart string IDL types give us nsA[C]String in C++ code, which is safer than
    raw char strings.
    
    MozReview-Commit-ID: KJ3Z4qK9i61
    
    --HG--
    extra : rebase_source : a24101d876d1120bd3b6c757fc48a2b76a8b489f
  7. Bug 1315869 - gtestify security/manager/ssl/tests/compiled/*.cpp. r=c…

    nnethercote authored and arthuredelstein committed Nov 8, 2016
    …ykesiopka.
    
    --HG--
    rename : security/manager/ssl/tests/compiled/TestCertDB.cpp => security/manager/ssl/tests/gtest/CertDBTest.cpp
    rename : security/manager/ssl/tests/compiled/TestSTSParser.cpp => security/manager/ssl/tests/gtest/STSParserTest.cpp
  8. Bug 1336867 - Remove unsafeProcessHeader and isSecureHost in nsISiteS…

    johnathan79717 authored and arthuredelstein committed Feb 8, 2017
    …ecurityService r=keeler,mgoodwin,past
    
    --HG--
    extra : rebase_source : 3b14ddfcb4107eeeb15ba5498d0b516310847c58
    
    Conflicts:
    	devtools/client/debugger/new/debugger.js
    	security/manager/ssl/tests/unit/test_sts_parser.js
    	services/common/tests/unit/test_blocklist_pinning.js
  9. Bug 1336867 - Move STSParserTest.cpp to test_sts_parser.js r=keeler

    johnathan79717 authored and arthuredelstein committed Feb 7, 2017
    --HG--
    rename : security/manager/ssl/tests/gtest/STSParserTest.cpp => security/manager/ssl/tests/unit/test_sts_parser.js
    extra : rebase_source : dfadaa8f9f0030e07a4ea7bf64e36a7b4d959521
  10. Bug 1115712 - make DataStorage for HPKP and HSTS enumerable via xpcom…

    johnathan79717 authored and arthuredelstein committed Jan 12, 2017
    …. r=Cykesiopka,keeler
    
    MozReview-Commit-ID: GEOtuTAiPIX
    
    --HG--
    extra : rebase_source : 88b060d57e269e238d9283ac386b9ffff9ff2764
    
    Conflicts:
    	security/manager/ssl/nsSiteSecurityService.cpp
  11. bug 1338701 - constify all TransportSecurityPreloads, use mozilla::Bi…

    mozkeeler authored and arthuredelstein committed Feb 10, 2017
    …narySearch over bsearch r=Cykesiopka
    
    MozReview-Commit-ID: Lu3H9SpyJgR
    
    --HG--
    extra : rebase_source : 7a958793523bc8d4e9d34a7b3b26760a3c1da0f9
  12. Bug 1329237 - Avoid non-smart string IDL types in nsISiteSecurityServ…

    Cykesiopka authored and arthuredelstein committed Jan 14, 2017
    …ice.idl. r=keeler
    
    Smart string IDL types give us nsA[C]String in C++ code, which is safer than
    raw char strings.
    
    MozReview-Commit-ID: KJ3Z4qK9i61
    
    --HG--
    extra : rebase_source : a24101d876d1120bd3b6c757fc48a2b76a8b489f
  13. Bug 1290529 - Clear HSTS and HPKP for subdomains in ForgetAboutSite. …

    johnathan79717 authored and arthuredelstein committed Jan 24, 2017
    …r=keeler,MattN
    
    --HG--
    extra : rebase_source : 98c1da830f74f96f90092d81b0d24cfef2ffe483
  14. Bug 1321780 - Modify SiteSecurityService to allow dynamic STS preload…

    mozmark authored and arthuredelstein committed Dec 20, 2016
    …s rr=?keeler r=keeler
    
    MozReview-Commit-ID: 2a75179pIH4
    
    --HG--
    extra : rebase_source : 686263f5feac7de343d5af4cf5835c8684e64cf6
  15. Bug 1282655 - Test if site permissions are universal across origin at…

    johnathan79717 authored and arthuredelstein committed Dec 27, 2016
    …tributes. r=tanvi
    
    --HG--
    extra : rebase_source : 6155960b626c29092c96ea7fbc605cc0b637d918
  16. Bug 1274020 - Tests that shows the Cache Web API is separated by orig…

    johnathan79717 authored and arthuredelstein committed Dec 13, 2016
    …in attributes. r=baku
    
    --HG--
    extra : rebase_source : 8964090126795ed45650e76c4f9e02b2e60f62cf
  17. Bug 1315602 - Remove the assertion of FirstPartyDomain should be empt…

    allstarschh authored and arthuredelstein committed Nov 7, 2016
    …y in HTTP redirect. r=smaug
Commits on Apr 11, 2017
  1. Bug 21876: Always use esr policies for e10s.

    Kathy Brade
    Kathy Brade committed Apr 11, 2017
    Always use the policies associated with the esr update channel so that
    the e10s behavior is the same for all Tor Browser builds.
Commits on Apr 10, 2017
  1. Revert "Bug 19212: SIGSEGV with developer tools open"

    arthuredelstein committed Apr 10, 2017
    This reverts commit 6fd5ac8.
Commits on Apr 8, 2017
  1. fixup! TB3: Tor Browser's official .mozconfigs.

    Georg Koppen
    Georg Koppen committed Apr 8, 2017
    Use GTK2 for hardened-builds as well.
Commits on Apr 7, 2017
  1. Bug 21849: Don't allow SSL key logging

    arthuredelstein authored and Georg Koppen committed Apr 7, 2017
Commits on Apr 5, 2017
  1. fixup! TB3: Tor Browser's official .mozconfigs.

    Georg Koppen
    Georg Koppen committed Apr 5, 2017
    Update the user agent we set to a Windows ESR 52 one.
  2. squash! TB3: Tor Browser's official .mozconfigs.

    Georg Koppen
    Georg Koppen committed Mar 14, 2017
    Bug 21239: Use GTK2 for ESR52 Linux builds
  3. Bug 1336527 Define RegisterIdlePeriod r=baku

    Tom Ritter Georg Koppen
    Tom Ritter authored and Georg Koppen committed Feb 17, 2017
    MozReview-Commit-ID: A41UJ6OHvP7
    
    --HG--
    extra : rebase_source : 0191c1bbece94bb9dabbf2daf56351a624efa481
  4. Fix SSE2 compilation for mingw-w64

    Georg Koppen
    Georg Koppen committed Mar 30, 2017
    This is tjr's workaround for bug 1331335.
  5. Getting Tor Browser to build with accessibility enabled on Windows

    Georg Koppen
    Georg Koppen committed Feb 10, 2017
    Patch by Jacek Caban
  6. Backport of tjr's patch for bug 1331349

    Georg Koppen
    Georg Koppen committed Feb 1, 2017
  7. Backport of tjr's patch for bug 1314979

    Georg Koppen
    Georg Koppen committed Feb 1, 2017
  8. fixup! TB3: Tor Browser's official .mozconfigs.

    Georg Koppen
    Georg Koppen committed Mar 30, 2017
  9. Bug 805173 - Enable HeapEnableTerminationOnCorruption for chrome proc…

    Alex Gaynor Georg Koppen
    Alex Gaynor authored and Georg Koppen committed Mar 31, 2017
    …esses on Windows. r=mhowell,tjr
    
    This is an exploit mitigation which causes the Windows system allocator to abort
    in the event it is in a corrupted state, rather than attempt to proceed in a
    potentially exploitable state.
    
    Because we use jemalloc, this only affects system libraries or plugins which
    still use the system allocator.
    
    The has been enabled on our content processes for a while without incident.
    
    r=mhowell,tjr
    
    MozReview-Commit-ID: 5ctXugtbI1A
    
    --HG--
    extra : rebase_source : f6f134404be3b258a8e522c22fa061c32a47e313
  10. Bug #5741: Prevent WebSocket DNS leak.

    mikeperry-tor authored and Georg Koppen committed Sep 11, 2013
    This is due to an improper implementation of the WebSocket spec by Mozilla.
    
    "There MUST be no more than one connection in a CONNECTING state.  If multiple
    connections to the same IP address are attempted simultaneously, the client
    MUST serialize them so that there is no more than one connection at a time
    running through the following steps.
    
    If the client cannot determine the IP address of the remote host (for
    example, because all communication is being done through a proxy server that
    performs DNS queries itself), then the client MUST assume for the purposes of
    this step that each host name refers to a distinct remote host,"
    
    https://tools.ietf.org/html/rfc6455#page-15
    
    They implmented the first paragraph, but not the second...
    
    While we're at it, we also prevent the DNS service from being used to look up
    anything other than IP addresses if socks_remote_dns is set to true, so this
    bug can't turn up in other components or due to 3rd party addons.
  11. Bug 21723: Fix inconsistent generation of MOZ_MACBUNDLE_ID

    teor2345 authored and Georg Koppen committed Mar 13, 2017
    CFBundleIdentifiers can only contain [A-Za-z.-], and by convention
    the app component is lowercase and does not contain '.'.
    
    Make configure delete all characters other than [a-z-] when generating
    MOZ_MACBUNDLE_ID from MOZ_APP_DISPLAYNAME.
    
    (This affects "Tor Browser", but not "Firefox".)
  12. Bug 21724: Make Firefox and Tor Browser distinct macOS apps

    teor2345 authored and Georg Koppen committed Mar 13, 2017
    When macOS opens a document or selects a default browser, it sometimes
    uses the CFBundleSignature. Changing from the Firefox MOZB signature to
    a different signature TORB allows macOS to distinguish between Firefox
    and Tor Browser.
  13. Workaround for broken ASan builds (bug 1272498)

    Georg Koppen
    Georg Koppen committed Apr 4, 2017
    ASan builds with GCC are broken without this patch. The much more involved
    one landed on mozilla-central a while ago but missed the ESR 52 train by
    three days.
Older
You can’t perform that action at this time.