forked from mirrors/gecko-dev
399a2f946d
The previous part introduced a new mechanism to track the triggering remote type for a specific load in a reliable way. This adds some basic checks based on the triggering remote type to the nsContentSecurityManager, while also providing the potential infrastructure to expand these checks in the future. As these checks are performed before some other content security checks (to ensure that they are performed before InitialSecurityCheckDone() is checked), they may reject a load which would otherwise have been rejected by a later check. For this reason, the diagnostic assertions added in this part are only fired if the check appears as though it would otherwise have succeeded. This check is not fully accurate, however, so may miss some cases. This is important, as we have some tests, such as service worker navigation tests, which will try to load file:/// URIs in content processes, and only fail in the later content security checks. For now, no checks are performed for non-document loads, though that may change in the future. Differential Revision: https://phabricator.services.mozilla.com/D161199 |
||
|---|---|---|
| .. | ||
| 307redirect.sjs | ||
| browser.ini | ||
| browser_documentChannel.js | ||
| browser_externalLinkBlanksPage.js | ||
| browser_httpCrossOriginOpenerPolicy.js | ||
| browser_httpToFileHistory.js | ||
| browser_oopProcessSwap.js | ||
| browser_RemoteWebNavigation.js | ||
| coop_header.sjs | ||
| dummy_page.html | ||
| file_postmsg_parent.html | ||
| head.js | ||
| print_postdata.sjs | ||