We do clearStoragsForPrincipal based on the result from listOrigin, so it's fine
to not clear all stroages that match the prefix here. Also, since the passing
principals can contain origin attributes which is not allowed to be used with
aClearAll.
Differential Revision: https://phabricator.services.mozilla.com/D73417
This removes processing of HTTP Public Key Pinning headers, remotely modifying
pinning information, and using cached pinning information, all of which was
already disabled in bug 1412438. Static pins that ship with the browser are
still enforced.
Differential Revision: https://phabricator.services.mozilla.com/D73352
Phase 1 is still "profile-change-teardown", where the workers are
terminated. Phase 2 is "profile-before-change-qm", where the
PServiceWorkerManager actors are terminated. This split lets
ServiceWorkerCleanup perform any unregistering needed during
"profile-before-change" (which uses the SWM actors).
Differential Revision: https://phabricator.services.mozilla.com/D58058
--HG--
extra : moz-landing-system : lando
Granted origins cause a third-party tracker browsing context to not get
full first-party storage access after successfully calling the storage
access API or a heuristic granting ephemeral access.
For example, after https://tracker.example calls the storage access API
successfully in the third-party context, they embed
https://other-tracker.example, and that load fails because of ETP
restrictions. Here what happens is that https://other-tracker.example
is mistakenly considered the granted origin, and because such a
permission doesn't exist, access is denied.
Differential Revision: https://phabricator.services.mozilla.com/D57493
--HG--
extra : moz-landing-system : lando
Granted origins cause a third-party tracker browsing context to not get
full first-party storage access after successfully calling the storage
access API or a heuristic granting ephemeral access.
For example, after https://tracker.example calls the storage access API
successfully in the third-party context, they embed
https://other-tracker.example, and that load fails because of ETP
restrictions. Here what happens is that https://other-tracker.example
is mistakenly considered the granted origin, and because such a
permission doesn't exist, access is denied.
Differential Revision: https://phabricator.services.mozilla.com/D57493
--HG--
extra : moz-landing-system : lando
Granted origins cause a third-party tracker browsing context to not get
full first-party storage access after successfully calling the storage
access API or a heuristic granting ephemeral access.
For example, after https://tracker.example calls the storage access API
successfully in the third-party context, they embed
https://other-tracker.example, and that load fails because of ETP
restrictions. Here what happens is that https://other-tracker.example
is mistakenly considered the granted origin, and because such a
permission doesn't exist, access is denied.
Differential Revision: https://phabricator.services.mozilla.com/D57493
--HG--
extra : moz-landing-system : lando
This is generally pretty straightforward, and rewrites nearly all calls. It
skips the ones that it can detect using frame script globals like
`sendAsyncMessage`, though.
Differential Revision: https://phabricator.services.mozilla.com/D53740
--HG--
extra : moz-landing-system : lando
This test (which currently fails) verifies that when the browser
is configured to delete caches on shutdown, service worker
registrations are cleared as well.
Differential Revision: https://phabricator.services.mozilla.com/D56421
--HG--
extra : moz-landing-system : lando
The idea of this patch is to try to not use oberver mechanism as possible. To
achieve that, it introduces deleteByOriginAttributes() to cleaners. Different
from other methods, it would only be executed if it's implemented from a
cleaner.
It doesn't remove oberver mechanism entirely since some cleaners are still using
that for other deleteByXXX() functions. So, it only applies removing stuff to
PushService, QuotaManagerService, ServiceWorkerManager, nsPermissionManager,
nsApplicationCacheService, and nsCookieService.
Since the original issue is related to QuotaManagerService, it adds xpcshell
test under the dom/quota/test/unit/ to ensure the behavior won't be changed
accidentally in the future.
Differential Revision: https://phabricator.services.mozilla.com/D33758
--HG--
extra : moz-landing-system : lando
* storage-mozStorage was used by Fenenc but that is no longer built from m-c.
* Existing Android tests need to be disabled since they rely on being able to manipulate storage but this commit only stubs searching for logins.
* A later commit will actually filter the logins returned by a GV delegate.
Differential Revision: https://phabricator.services.mozilla.com/D54139
--HG--
rename : toolkit/components/passwordmgr/storage-json.js => toolkit/components/passwordmgr/storage-geckoview.js
extra : moz-landing-system : lando
This is generally pretty straightforward, and rewrites nearly all calls. It
skips the ones that it can detect using frame script globals like
`sendAsyncMessage`, though.
Differential Revision: https://phabricator.services.mozilla.com/D53740
--HG--
extra : moz-landing-system : lando
This is generally pretty straightforward, and rewrites nearly all calls. It
skips the ones that it can detect using frame script globals like
`sendAsyncMessage`, though.
Differential Revision: https://phabricator.services.mozilla.com/D53740
--HG--
extra : moz-landing-system : lando
This is generally pretty straightforward, and rewrites nearly all calls. It
skips the ones that it can detect using frame script globals like
`sendAsyncMessage`, though.
Differential Revision: https://phabricator.services.mozilla.com/D53740
--HG--
extra : moz-landing-system : lando
