CMXSL.org/trisquel-icecat
2
0
Fork 0
Code Issues Pull requests Projects Releases 9 Packages Wiki Activity Actions

icecat: add release icecat-140.7.0-1gnu1 for aramo

Browse source
This commit is contained in:
Ark74 2026-01-18 00:16:18 -06:00
parent 17ba0259bf
commit 86c0c0ca33
156 changed files with 9131 additions and 4525 deletions
Download patch file Download diff file Expand all files Collapse all files

2
icecat/.taskcluster.yml
View file

@ -101,7 +101,7 @@ tasks:
description: 'Created by a [cron task](https://icecat-ci-tc.services.mozilla.com/tasks/${cron.task_id}) (${treeherder_link})'
provisionerId: "${trustDomain}-${repository.level}"
workerType: "decision-gcp"
workerType: "decision"
tags:
$if: 'tasks_for == "hg-push"'

2
icecat/CLOBBER
View file

@ -22,4 +22,4 @@
# changes to stick? As of bug 928195, this shouldn't be necessary! Please
# don't change CLOBBER for WebIDL changes any more.
Merge day clobber 2025-11-10
Merge day clobber 2025-12-08

1
icecat/Cargo.lock generated
View file

@ -1166,6 +1166,7 @@ dependencies = [
name = "crash_helper_common"
version = "0.1.0"
dependencies = [
"getrandom 0.3.3",
"minidump-writer",
"nix 0.30.1",
"num-derive",

7
icecat/browser/base/content/browser-fullScreenAndPointerLock.js
View file

@ -103,10 +103,9 @@ var PointerlockFsWarning = {
} else {
textElem.removeAttribute("hidden");
// Document's principal's URI has a host. Display a warning including it.
let { DownloadUtils } = ChromeUtils.importESModule(
"resource://gre/modules/DownloadUtils.sys.mjs"
);
let displayHost = DownloadUtils.getURIHost(uri.spec)[0];
let displayHost = BrowserUtils.formatURIForDisplay(uri, {
onlyBaseDomain: true,
});
let l10nString = {
"fullscreen-warning": "fullscreen-warning-domain",
"pointerlock-warning": "pointerlock-warning-domain",

2
icecat/browser/base/content/browser.js
View file

@ -2230,7 +2230,7 @@ var XULBrowserWindow = {
// Ensure we close any remaining open locationspecific panels
if (!isSameDocument) {
closeOpenPanels("panel[locationspecific='true']");
closeOpenPanels(":is(panel, menupopup)[locationspecific='true']");
}
gPermissionPanel.onLocationChange();

9
icecat/browser/components/downloads/DownloadsViewUI.sys.mjs
View file

@ -12,6 +12,7 @@ import { XPCOMUtils } from "resource://gre/modules/XPCOMUtils.sys.mjs";
const lazy = {};
ChromeUtils.defineESModuleGetters(lazy, {
BrowserUtils: "resource://gre/modules/BrowserUtils.sys.mjs",
BrowserWindowTracker: "resource:///modules/BrowserWindowTracker.sys.mjs",
DownloadUtils: "resource://gre/modules/DownloadUtils.sys.mjs",
Downloads: "resource://gre/modules/Downloads.sys.mjs",
@ -600,7 +601,13 @@ DownloadsViewUI.DownloadElementShell.prototype = {
this.showStatus(stateLabel, hoverStatus);
return;
}
let [displayHost] = lazy.DownloadUtils.getURIHost(this.download.source.url);
let uri = URL.parse(this.download.source.url)?.URI;
let displayHost = uri
? lazy.BrowserUtils.formatURIForDisplay(uri, {
onlyBaseDomain: true,
})
: "";
let [displayDate] = lazy.DownloadUtils.getReadableDates(
new Date(this.download.endTime)
);

4
icecat/browser/components/icecatview/fxview-tab-list.mjs
View file

@ -513,7 +513,9 @@ export class FxviewTabRowBase extends MozLitElement {
formatURIForDisplay(uriString) {
return !window.IS_STORYBOOK
? lazy.BrowserUtils.formatURIStringForDisplay(uriString)
? lazy.BrowserUtils.formatURIStringForDisplay(uriString, {
showFilenameForLocalURIs: true,
})
: uriString;
}

4
icecat/browser/components/icecatview/helpers.mjs
View file

@ -24,7 +24,9 @@ export const LOGGING_PREF = "browser.tabs.icecat-view.logLevel";
export const MAX_TABS_FOR_RECENT_BROWSING = 5;
export function formatURIForDisplay(uriString) {
return lazy.BrowserUtils.formatURIStringForDisplay(uriString);
return lazy.BrowserUtils.formatURIStringForDisplay(uriString, {
showFilenameForLocalURIs: true,
});
}
export function convertTimestamp(

2
icecat/browser/components/icecatview/history.mjs
View file

@ -18,6 +18,7 @@ const lazy = {};
ChromeUtils.defineESModuleGetters(lazy, {
HistoryController: "resource:///modules/HistoryController.sys.mjs",
PrivateBrowsingUtils: "resource://gre/modules/PrivateBrowsingUtils.sys.mjs",
ProfileAge: "resource://gre/modules/ProfileAge.sys.mjs",
});
@ -248,6 +249,7 @@ class HistoryInView extends ViewPage {
@click=${this.openInNewPrivateWindow}
data-l10n-id="fxviewtabrow-open-in-private-window"
data-l10n-attrs="accesskey"
?hidden=${!lazy.PrivateBrowsingUtils.enabled}
></panel-item>
<hr />
<panel-item

2
icecat/browser/config/version.txt
View file

@ -1 +1 @@
140.6.0
140.7.0

2
icecat/browser/config/version_display.txt
View file

@ -1 +1 @@
140.6.0esr
140.7.0esr

2
icecat/browser/confvars.sh
View file

@ -13,5 +13,5 @@ MOZ_BRANDING_DIRECTORY=browser/branding/unofficial
MOZ_OFFICIAL_BRANDING_DIRECTORY=browser/branding/official
# IceCat settings
MOZ_APP_BASENAME=IceCat
MOZ_APP_VERSION=140.6.0
MOZ_APP_VERSION=140.7.0
MOZ_DATA_REPORTING=0

56
icecat/browser/extensions/formautofill/test/browser/browser_dynamic_form_refill_on_site_clearing_values.js
View file

@ -13,6 +13,7 @@ add_setup(async () => {
});
await setStorage(TEST_ADDRESS_1);
await setStorage(TEST_CREDIT_CARD_1);
registerCleanupFunction(async () => {
await removeAllRecords();
@ -101,7 +102,7 @@ add_task(
/* eslint-disable mozilla/no-arbitrary-setTimeout */
await new Promise(resolve => {
setTimeout(resolve, FormAutofill.refillOnSiteClearingFields);
setTimeout(resolve, FormAutofill.refillOnSiteClearingFieldsTimeout);
});
return await SpecialPowers.spawn(
@ -116,3 +117,56 @@ add_task(
Assert.equal(orgaValue, "", "Element was not refilled");
}
);
add_task(async function address_field_not_refilled_after_reformat_by_site() {
const value = await BrowserTestUtils.withNewTab(
CREDITCARD_FORM_URL,
async browser => {
const selectorToTriggerAutocompletion = "#cc-number";
const elementValueToVerifyAutofill = TEST_CREDIT_CARD_1["cc-number"];
info("Triggering autocompletion.");
await openPopupOn(browser, selectorToTriggerAutocompletion);
await BrowserTestUtils.synthesizeKey("VK_DOWN", {}, browser);
await BrowserTestUtils.synthesizeKey("VK_RETURN", {}, browser);
await waitForAutofill(
browser,
selectorToTriggerAutocompletion,
elementValueToVerifyAutofill
);
const formatValue = TEST_CREDIT_CARD_1["cc-number"]
.replace(/(.{4})/g, "$1 ")
.trim();
await SpecialPowers.spawn(
browser,
[selectorToTriggerAutocompletion, formatValue],
async (ccNumberSelector, reformatValue) => {
const ccNumberInput =
content.document.querySelector(ccNumberSelector);
info("Simulating site reformats an input");
ccNumberInput.value = reformatValue;
}
);
/* eslint-disable mozilla/no-arbitrary-setTimeout */
await new Promise(resolve => {
setTimeout(resolve, FormAutofill.refillOnSiteClearingFieldsTimeout);
});
return await SpecialPowers.spawn(
browser,
[selectorToTriggerAutocompletion],
async ccNumberSelector => {
return content.document.querySelector(ccNumberSelector).value;
}
);
}
);
const formatValue = TEST_CREDIT_CARD_1["cc-number"]
.replace(/(.{4})/g, "$1 ")
.trim();
Assert.equal(value, formatValue, "Element was not refilled");
});

2
icecat/config/milestone.txt
View file

@ -10,4 +10,4 @@
# hardcoded milestones in the tree from these two files.
#--------------------------------------------------------
140.6.0
140.7.0

6
icecat/debian/changelog
View file

@ -1,3 +1,9 @@
icecat (140.7.0-1gnu1+build1-0.11.0) aramo; urgency=medium
* New upstream stable release (icecat-140.7.0-1gnu1)
-- Capitulo Mexicano de Software Libre <devel@cmxsl.org> Sat, 17 Jan 2026 20:01:08 -0600
icecat (140.6.0-1gnu1+build1-0.11.0) aramo; urgency=medium
* New upstream stable release (icecat-140.6.0-1gnu1)

4
icecat/docshell/base/ChildProcessChannelListener.h
View file

@ -45,8 +45,8 @@ class ChildProcessChannelListener final {
};
// TODO Backtrack.
nsTHashMap<nsUint64HashKey, Callback> mCallbacks;
nsTHashMap<nsUint64HashKey, CallbackArgs> mChannelArgs;
nsTHashMap<NoMemMoveKey<nsUint64HashKey>, Callback> mCallbacks;
nsTHashMap<NoMemMoveKey<nsUint64HashKey>, CallbackArgs> mChannelArgs;
};
} // namespace mozilla::dom

11
icecat/dom/base/TimeoutManager.cpp
View file

@ -104,6 +104,10 @@ bool TimeoutManager::IsActive() const {
return true;
}
if (mIsChromeWorker) {
return true;
}
// Check if we're playing audio
if (mGlobalObject.IsPlayingAudio()) {
return true;
@ -322,7 +326,7 @@ TimeDuration TimeoutManager::CalculateDelay(Timeout* aTimeout) const {
TimeDuration result = aTimeout->mInterval;
if (aTimeout->mNestingLevel >=
StaticPrefs::dom_clamp_timeout_nesting_level()) {
StaticPrefs::dom_clamp_timeout_nesting_level() && !mIsChromeWorker) {
uint32_t minTimeoutValue = StaticPrefs::dom_min_timeout_value();
result = TimeDuration::Max(result,
TimeDuration::FromMilliseconds(minTimeoutValue));
@ -404,7 +408,7 @@ uint32_t TimeoutManager::sNestingLevel = 0;
TimeoutManager::TimeoutManager(nsIGlobalObject& aHandle,
uint32_t aMaxIdleDeferMS,
nsISerialEventTarget* aEventTarget)
nsISerialEventTarget* aEventTarget, bool aIsChromeWorker)
: mGlobalObject(aHandle),
mExecutor(new TimeoutExecutor(this, false, 0)),
mIdleExecutor(new TimeoutExecutor(this, true, aMaxIdleDeferMS)),
@ -425,7 +429,8 @@ TimeoutManager::TimeoutManager(nsIGlobalObject& aHandle,
mBudgetThrottleTimeouts(false),
mIsLoading(false),
mEventTarget(aEventTarget),
mIsWindow(aHandle.GetAsInnerWindow()) {
mIsWindow(aHandle.GetAsInnerWindow()),
mIsChromeWorker(aIsChromeWorker) {
MOZ_LOG(gTimeoutLog, LogLevel::Debug,
("TimeoutManager %p created, tracking bucketing %s\n", this,
StaticPrefs::privacy_trackingprotection_annotate_channels()

5
icecat/dom/base/TimeoutManager.h
View file

@ -30,7 +30,8 @@ class TimeoutManager final {
public:
TimeoutManager(nsIGlobalObject& aHandle, uint32_t aMaxIdleDeferMS,
nsISerialEventTarget* aEventTarget);
nsISerialEventTarget* aEventTarget,
bool aIsChromeWorker = false);
~TimeoutManager();
TimeoutManager(const TimeoutManager& rhs) = delete;
void operator=(const TimeoutManager& rhs) = delete;
@ -270,6 +271,8 @@ class TimeoutManager final {
const bool mIsWindow;
const bool mIsChromeWorker;
uint32_t mNestingLevel{0};
static uint32_t sNestingLevel;

6
icecat/dom/events/test/clipboard/browser.toml
View file

@ -10,6 +10,12 @@ support-files = ["simple_navigator_clipboard_keydown.html"]
run-if = ["os != 'win'"] # The popupmenus dismiss when access keys for disabled items are pressed on windows
skip-if = ["os == 'mac' && verify"]
["browser_navigator_clipboard_contextmenu_dismiss.js"]
support-files = [
"file_toplevel.html",
"file_iframe.html",
]
["browser_navigator_clipboard_contextmenu_suppression.js"]
support-files = [
"file_toplevel.html",

64
icecat/dom/events/test/clipboard/browser_navigator_clipboard_contextmenu_dismiss.js Normal file
View file

@ -0,0 +1,64 @@
/* -*- Mode: JavaScript; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
"use strict";
const kBaseUrlForContent = getRootDirectory(gTestPath).replace(
"chrome://mochitests/content",
"https://example.com"
);
const kContentFileUrl = kBaseUrlForContent + "file_toplevel.html";
Services.scriptloader.loadSubScript(
"chrome://mochitests/content/browser/gfx/layers/apz/test/mochitest/apz_test_native_event_utils.js",
this
);
async function readText(aBrowser) {
return SpecialPowers.spawn(aBrowser, [], () => {
content.document.notifyUserGestureActivation();
content.eval(`navigator.clipboard.readText();`);
});
}
add_task(async function test_context_menu_dimiss_tab_navigate() {
await BrowserTestUtils.withNewTab(kContentFileUrl, async aBrowser => {
info(`Randomized text to avoid overlappings with other tests`);
await promiseWritingRandomTextToClipboard();
info(`Wait for paste context menu is shown`);
let pasteButtonIsShown = promisePasteButtonIsShown();
await readText(aBrowser);
await pasteButtonIsShown;
info("Navigate tab");
let pasteButtonIsHidden = promisePasteButtonIsHidden();
aBrowser.loadURI(Services.io.newURI("https://example.com/"), {
triggeringPrincipal: Services.scriptSecurityManager.getSystemPrincipal(),
});
info(`Wait for paste context menu is hidden`);
await pasteButtonIsHidden;
});
});
add_task(async function test_context_menu_dimiss_tab_reload() {
await BrowserTestUtils.withNewTab(kContentFileUrl, async aBrowser => {
info(`Randomized text to avoid overlappings with other tests`);
await promiseWritingRandomTextToClipboard();
info(`Wait for paste context menu is shown`);
let pasteButtonIsShown = promisePasteButtonIsShown();
await readText(aBrowser);
await pasteButtonIsShown;
info("Reload tab");
let pasteButtonIsHidden = promisePasteButtonIsHidden();
await BrowserTestUtils.reloadTab(gBrowser.selectedTab);
info(`Wait for paste context menu is hidden`);
await pasteButtonIsHidden;
});
});

4
icecat/dom/html/nsHTMLDocument.cpp
View file

@ -596,6 +596,10 @@ void nsHTMLDocument::NamedGetter(JSContext* aCx, const nsAString& aName,
aRv.NoteJSContextException(aCx);
return;
}
if (v.isNullOrUndefined()) {
return;
}
} else {
// Step 3. Otherwise, if elements has only one element, return that
// element.

4
icecat/dom/media/gmp/GMPParent.cpp
View file

@ -657,13 +657,11 @@ void GMPParent::DeleteProcess() {
self->DeleteProcess();
},
[self](const ipc::ResponseRejectReason&) {
// We crashed during shutdown, ActorDestroy will perform cleanup.
GMP_LOG_DEBUG(
"GMPParent[%p|childPid=%d] DeleteProcess: Shutdown handshake "
"error.",
self.get(), self->mChildPid);
self->mState = GMPState::Closed;
self->Close();
self->DeleteProcess();
});
return;
}

19
icecat/dom/media/webrtc/libwebrtcglue/VideoConduit.cpp
View file

@ -780,6 +780,17 @@ void WebrtcVideoConduit::OnControlConfigChange() {
.valueOr(-1);
})());
// Set each layer's max-bitrate explicitly or libwebrtc may ignore all
// stream-specific max-bitrate settings later on, as provided by the
// VideoStreamFactory. Default to our max of 10Mbps, overriden by
// SDP/JS.
int maxBps = KBPS(10000);
maxBps = MinIgnoreZero(maxBps, mPrefMaxBitrate);
maxBps = MinIgnoreZero(maxBps, mNegotiatedMaxBitrate);
maxBps = MinIgnoreZero(maxBps,
static_cast<int>(encodingConstraints.maxBr));
video_stream.max_bitrate_bps = maxBps;
// At this time, other values are not used until after
// CreateEncoderStreams(). We fill these in directly from the codec
// config in VideoStreamFactory.
@ -940,6 +951,14 @@ void WebrtcVideoConduit::OnControlConfigChange() {
mEncoderConfig.number_of_streams,
"Each video substream must have a corresponding ssrc.");
mEncoderConfig.video_stream_factory = CreateVideoStreamFactory();
for (const auto& stream : mEncoderConfig.simulcast_layers) {
CSFLogDebug(
LOGTAG,
"%s Reconfigure with simulcast stream maxFps=%d, "
"bitrate=[%dkbps, %dkbps, %dkbps]",
__FUNCTION__, stream.max_framerate, stream.min_bitrate_bps / 1000,
stream.target_bitrate_bps / 1000, stream.max_bitrate_bps / 1000);
}
mSendStream->ReconfigureVideoEncoder(mEncoderConfig.Copy());
}
if (sendSourceUpdateNeeded && mTrackSource) {

13
icecat/dom/media/webrtc/libwebrtcglue/VideoStreamFactory.cpp
View file

@ -223,15 +223,20 @@ std::vector<webrtc::VideoStream> VideoStreamFactory::CreateEncoderStreams(
__FUNCTION__, encoding.rid.c_str());
}
CSFLogInfo(LOGTAG, "%s Stream with RID %s maxFps=%d (global max fps = %u)",
__FUNCTION__, encoding.rid.c_str(), video_stream.max_framerate,
(unsigned)mMaxFramerateForAllStreams);
SelectBitrates({video_stream.width, video_stream.height}, mMinBitrate,
mStartBitrate,
SaturatingCast<int>(encoding.constraints.maxBr),
mPrefMaxBitrate, mNegotiatedMaxBitrate, video_stream);
CSFLogInfo(LOGTAG,
"%s Stream with RID %s maxFps=%d (global max fps = %u), "
"bitrate=[%dkbps, %dkbps, %dkbps]",
__FUNCTION__, encoding.rid.c_str(), video_stream.max_framerate,
(unsigned)mMaxFramerateForAllStreams,
video_stream.min_bitrate_bps / 1000,
video_stream.target_bitrate_bps / 1000,
video_stream.max_bitrate_bps / 1000);
video_stream.bitrate_priority = aConfig.bitrate_priority;
video_stream.max_qp = kQpMax;

2
icecat/dom/media/webrtc/libwebrtcglue/WebrtcGmpVideoCodec.cpp
View file

@ -491,6 +491,8 @@ int32_t WebrtcGmpVideoEncoder::SetRates_g(uint32_t aOldBitRateKbps,
return WEBRTC_VIDEO_CODEC_ERROR;
}
GMP_LOG_DEBUG("GMP Encoder %p setting rate %ukbps", this, aNewBitRateKbps);
mNeedKeyframe |= (aOldBitRateKbps == 0 && aNewBitRateKbps != 0);
GMPErr err = mGMP->SetRates(

72
icecat/dom/media/webrtc/transport/ipc/WebrtcTCPSocket.cpp
View file

@ -685,44 +685,52 @@ WebrtcTCPSocket::OnInputStreamReady(nsIAsyncInputStream* in) {
MOZ_ASSERT(mTransport, "webrtc TCP socket not connected");
MOZ_ASSERT(mSocketIn == in, "wrong input stream");
char buffer[9216];
uint32_t remainingCapacity = sizeof(buffer);
uint32_t read = 0;
while (true) {
char buffer[9216];
uint32_t remainingCapacity = sizeof(buffer);
uint32_t read = 0;
while (remainingCapacity > 0) {
uint32_t count = 0;
nsresult rv = mSocketIn->Read(buffer + read, remainingCapacity, &count);
if (rv == NS_BASE_STREAM_WOULD_BLOCK) {
while (remainingCapacity > 0) {
uint32_t count = 0;
nsresult rv = mSocketIn->Read(buffer + read, remainingCapacity, &count);
if (rv == NS_BASE_STREAM_WOULD_BLOCK) {
break;
}
if (NS_FAILED(rv)) {
LOG(("WebrtcTCPSocket::OnInputStreamReady %p failed %u\n", this,
static_cast<uint32_t>(rv)));
CloseWithReason(rv);
return rv;
}
// base stream closed
if (count == 0) {
LOG(("WebrtcTCPSocket::OnInputStreamReady %p connection closed\n",
this));
CloseWithReason(NS_ERROR_FAILURE);
return NS_OK;
}
remainingCapacity -= count;
read += count;
}
if (read > 0) {
nsTArray<uint8_t> array(read);
array.AppendElements(buffer, read);
InvokeOnRead(std::move(array));
}
if (remainingCapacity != 0) {
// Loop exited above, but not because we ran out of space. We're actually
// done, break out of the while(true) loop.
break;
}
if (NS_FAILED(rv)) {
LOG(("WebrtcTCPSocket::OnInputStreamReady %p failed %u\n", this,
static_cast<uint32_t>(rv)));
CloseWithReason(rv);
return rv;
}
// base stream closed
if (count == 0) {
LOG(("WebrtcTCPSocket::OnInputStreamReady %p connection closed\n", this));
CloseWithReason(NS_ERROR_FAILURE);
return NS_OK;
}
remainingCapacity -= count;
read += count;
}
if (read > 0) {
nsTArray<uint8_t> array(read);
array.AppendElements(buffer, read);
InvokeOnRead(std::move(array));
}
mSocketIn->AsyncWait(this, 0, 0, nullptr);
return NS_OK;
}

27
icecat/dom/svg/SVGContentUtils.cpp
View file

@ -436,9 +436,8 @@ static gfx::Matrix GetCTMInternal(SVGElement* aElement, CTMType aCTMType,
auto postTranslateFrameOffset = [](nsIFrame* aFrame, nsIFrame* aAncestorFrame,
gfx::Matrix& aMatrix) {
auto point = aFrame->GetOffsetTo(aAncestorFrame);
aMatrix =
aMatrix.PostTranslate(nsPresContext::AppUnitsToFloatCSSPixels(point.x),
nsPresContext::AppUnitsToFloatCSSPixels(point.y));
aMatrix.PostTranslate(nsPresContext::AppUnitsToFloatCSSPixels(point.x),
nsPresContext::AppUnitsToFloatCSSPixels(point.y));
};
gfxMatrix matrix = getLocalTransformHelper(aElement, aHaveRecursed);
@ -499,8 +498,7 @@ static gfx::Matrix GetCTMInternal(SVGElement* aElement, CTMType aCTMType,
if (frame->IsSVGOuterSVGFrame()) {
nsMargin bp = frame->GetUsedBorderAndPadding();
int32_t appUnitsPerCSSPixel = AppUnitsPerCSSPixel();
float xOffset = NSAppUnitsToFloatPixels(bp.left, appUnitsPerCSSPixel);
float yOffset = NSAppUnitsToFloatPixels(bp.top, appUnitsPerCSSPixel);
nscoord xOffset, yOffset;
// See
// https://drafts.csswg.org/css-transforms/#valdef-transform-box-fill-box
// For elements with associated CSS layout box, the used value for fill-box
@ -508,17 +506,24 @@ static gfx::Matrix GetCTMInternal(SVGElement* aElement, CTMType aCTMType,
switch (frame->StyleDisplay()->mTransformBox) {
case StyleTransformBox::FillBox:
case StyleTransformBox::ContentBox:
// Apply border/padding separate from the rest of the transform.
// i.e. after it's been transformed
tm.PostTranslate(xOffset, yOffset);
xOffset = bp.left;
yOffset = bp.top;
break;
case StyleTransformBox::StrokeBox:
case StyleTransformBox::ViewBox:
case StyleTransformBox::BorderBox:
// Apply border/padding before we transform the surface.
tm.PreTranslate(xOffset, yOffset);
case StyleTransformBox::BorderBox: {
// Extract the rotation component of the matrix.
float angle = std::atan2(tm._12, tm._11);
float cosAngle = std::cos(angle);
float sinAngle = std::sin(angle);
// Apply that rotation to bp.left and bp.top.
xOffset = bp.left * cosAngle - bp.top * sinAngle;
yOffset = bp.top * cosAngle + bp.left * sinAngle;
break;
}
}
tm.PostTranslate(NSAppUnitsToFloatPixels(xOffset, appUnitsPerCSSPixel),
NSAppUnitsToFloatPixels(yOffset, appUnitsPerCSSPixel));
}
if (!ancestor || !ancestor->IsElement()) {

26
icecat/dom/webauthn/MacOSWebAuthnService.mm
View file

@ -823,6 +823,20 @@ MacOSWebAuthnService::MakeCredential(uint64_t aTransactionId,
*userVerificationPreference;
}
if (__builtin_available(macos 13.5, *)) {
// Show the hybrid transport unless we have a non-empty hint list and
// none of the hints are for the hybrid transport.
bool hasHybridHint = false;
nsTArray<nsString> hints;
(void)aArgs->GetHints(hints);
for (nsString& hint : hints) {
if (hint.Equals(u"hybrid"_ns)) {
hasHybridHint = true;
}
}
platformRegistrationRequest.shouldShowHybridTransport =
hints.Length() == 0 || hasHybridHint;
}
if (__builtin_available(macos 14.0, *)) {
bool largeBlobSupportRequired;
nsresult rv =
@ -1173,11 +1187,19 @@ void MacOSWebAuthnService::DoGetAssertion(
*userVerificationPreference;
}
if (__builtin_available(macos 13.5, *)) {
// Show the hybrid transport option if (1) we have no transport hints
// or (2) at least one allow list entry lists the hybrid transport.
// Show the hybrid transport option if (1) none of the allowlist
// credentials list transports, or (2) at least one allow list entry
// lists the hybrid transport, or (3) the request has the hybrid hint.
bool shouldShowHybridTransport =
!transports ||
(transports & MOZ_WEBAUTHN_AUTHENTICATOR_TRANSPORT_ID_HYBRID);
nsTArray<nsString> hints;
(void)aArgs->GetHints(hints);
for (nsString& hint : hints) {
if (hint.Equals(u"hybrid"_ns)) {
shouldShowHybridTransport = true;
}
}
platformAssertionRequest.shouldShowHybridTransport =
shouldShowHybridTransport;
}

2
icecat/dom/webauthn/PWebAuthnTransaction.ipdl
View file

@ -143,6 +143,7 @@ struct WebAuthnMakeCredentialInfo {
WebAuthnExtension[] Extensions;
WebAuthnAuthenticatorSelection AuthenticatorSelection;
nsString attestationConveyancePreference;
nsString[] Hints;
};
struct WebAuthnMakeCredentialResult {
@ -168,6 +169,7 @@ struct WebAuthnGetAssertionInfo {
WebAuthnExtension[] Extensions;
nsString userVerificationRequirement;
bool ConditionallyMediated;
nsString[] Hints;
};
struct WebAuthnGetAssertionResult {

4
icecat/dom/webauthn/PublicKeyCredential.cpp
View file

@ -659,6 +659,8 @@ void PublicKeyCredential::ParseCreationOptionsFromJSON(
aResult.mAuthenticatorSelection = aOptions.mAuthenticatorSelection.Value();
}
aResult.mHints = aOptions.mHints;
aResult.mAttestation = aOptions.mAttestation;
if (aOptions.mExtensions.WasPassed()) {
@ -752,6 +754,8 @@ void PublicKeyCredential::ParseRequestOptionsFromJSON(
aResult.mUserVerification = aOptions.mUserVerification;
aResult.mHints = aOptions.mHints;
if (aOptions.mExtensions.WasPassed()) {
if (aOptions.mExtensions.Value().mAppid.WasPassed()) {
aResult.mExtensions.mAppid.Construct(

12
icecat/dom/webauthn/WebAuthnArgs.cpp
View file

@ -245,6 +245,12 @@ WebAuthnRegisterArgs::GetLargeBlobSupportRequired(
return NS_ERROR_NOT_AVAILABLE;
}
NS_IMETHODIMP
WebAuthnRegisterArgs::GetHints(nsTArray<nsString>& aHints) {
aHints.Assign(mInfo.Hints());
return NS_OK;
}
NS_IMPL_ISUPPORTS(WebAuthnSignArgs, nsIWebAuthnSignArgs)
NS_IMETHODIMP
@ -484,4 +490,10 @@ WebAuthnSignArgs::GetLargeBlobWrite(nsTArray<uint8_t>& aLargeBlobWrite) {
return NS_ERROR_NOT_AVAILABLE;
}
NS_IMETHODIMP
WebAuthnSignArgs::GetHints(nsTArray<nsString>& aHints) {
aHints.Assign(mInfo.Hints());
return NS_OK;
}
} // namespace mozilla::dom

4
icecat/dom/webauthn/WebAuthnHandler.cpp
View file

@ -392,7 +392,7 @@ already_AddRefed<Promise> WebAuthnHandler::MakeCredential(
WebAuthnMakeCredentialInfo info(rpId, challenge, adjustedTimeout, excludeList,
rpInfo, userInfo, coseAlgos, extensions,
authSelection, attestation);
authSelection, attestation, aOptions.mHints);
// Set up the transaction state. Fallible operations should not be performed
// below this line, as we must not leave the transaction state partially
@ -666,7 +666,7 @@ already_AddRefed<Promise> WebAuthnHandler::GetAssertion(
WebAuthnGetAssertionInfo info(
rpId, maybeAppId, challenge, adjustedTimeout, allowList, extensions,
aOptions.mUserVerification, aConditionallyMediated);
aOptions.mUserVerification, aConditionallyMediated, aOptions.mHints);
// Set up the transaction state. Fallible operations should not be performed
// below this line, as we must not leave the transaction state partially

52
icecat/dom/webauthn/WinWebAuthnService.cpp
View file

@ -30,6 +30,10 @@ StaticRWLock gWinWebAuthnModuleLock;
static bool gWinWebAuthnModuleUnusable = false;
static HMODULE gWinWebAuthnModule = 0;
static const LPCWSTR gWebAuthnHintStrings[3] = {
WEBAUTHN_CREDENTIAL_HINT_SECURITY_KEY,
WEBAUTHN_CREDENTIAL_HINT_CLIENT_DEVICE, WEBAUTHN_CREDENTIAL_HINT_HYBRID};
static decltype(WebAuthNIsUserVerifyingPlatformAuthenticatorAvailable)*
gWinWebauthnIsUVPAA = nullptr;
static decltype(WebAuthNAuthenticatorMakeCredential)*
@ -50,7 +54,6 @@ static decltype(WebAuthNGetPlatformCredentialList)*
gWinWebauthnGetPlatformCredentialList = nullptr;
static decltype(WebAuthNFreePlatformCredentialList)*
gWinWebauthnFreePlatformCredentialList = nullptr;
} // namespace
/***********************************************************************
@ -176,6 +179,18 @@ WinWebAuthnService::~WinWebAuthnService() {
gWinWebAuthnModule = 0;
}
// static
void PrunePublicKeyCredentialHints(const nsTArray<nsString>& aInHints,
/* out */ nsTArray<LPCWSTR>& aOutHints) {
for (const nsString& inputHint : aInHints) {
for (const LPCWSTR knownHint : gWebAuthnHintStrings) {
if (inputHint.Equals(knownHint)) {
aOutHints.AppendElement(knownHint);
}
}
}
}
// static
bool WinWebAuthnService::AreWebAuthNApisAvailable() {
nsresult rv = EnsureWinWebAuthnModuleLoaded();
@ -594,10 +609,16 @@ WinWebAuthnService::MakeCredential(uint64_t aTransactionId,
winPrivateBrowsing = TRUE;
}
nsTArray<nsString> inputHints;
(void)aArgs->GetHints(inputHints);
nsTArray<LPCWSTR> hints;
PrunePublicKeyCredentialHints(inputHints, hints);
// MakeCredentialOptions
WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS
WebAuthNCredentialOptions = {
WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_7,
WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_8,
timeout,
{0, NULL},
{0, NULL},
@ -609,13 +630,16 @@ WinWebAuthnService::MakeCredential(uint64_t aTransactionId,
&cancellationId, // CancellationId
pExcludeCredentialList,
WEBAUTHN_ENTERPRISE_ATTESTATION_NONE,
largeBlobSupport, // LargeBlobSupport
winPreferResidentKey, // PreferResidentKey
winPrivateBrowsing, // BrowserInPrivateMode
winEnablePrf, // EnablePrf
NULL, // LinkedDevice
0, // size of JsonExt
NULL, // JsonExt
largeBlobSupport, // LargeBlobSupport
winPreferResidentKey, // PreferResidentKey
winPrivateBrowsing, // BrowserInPrivateMode
winEnablePrf, // EnablePrf
NULL, // LinkedDevice
0, // size of JsonExt
NULL, // JsonExt
NULL, // PRFGlobalEval
(DWORD)hints.Length(), // Size of CredentialHints
hints.Elements(), // CredentialHints
};
if (rgExtension.Length() != 0) {
@ -968,6 +992,12 @@ void WinWebAuthnService::DoGetAssertion(
pAllowCredentialList = &allowCredentialList;
}
nsTArray<nsString> inputHints;
(void)aArgs->GetHints(inputHints);
nsTArray<LPCWSTR> hints;
PrunePublicKeyCredentialHints(inputHints, hints);
uint32_t timeout_u32;
Unused << aArgs->GetTimeoutMS(&timeout_u32);
DWORD timeout = timeout_u32;
@ -981,7 +1011,7 @@ void WinWebAuthnService::DoGetAssertion(
WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS WebAuthNAssertionOptions =
{
WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_7,
WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_8,
timeout,
{0, NULL},
{0, NULL},
@ -1001,6 +1031,8 @@ void WinWebAuthnService::DoGetAssertion(
FALSE, // AutoFill
0, // Size of JsonExt
NULL, // JsonExt
(DWORD)hints.Length(), // Size of CredentialHints
hints.Elements(), // CredentialHints
};
PWEBAUTHN_ASSERTION pWebAuthNAssertion = nullptr;

4
icecat/dom/webauthn/nsIWebAuthnArgs.idl
View file

@ -65,6 +65,8 @@ interface nsIWebAuthnRegisterArgs : nsISupports {
// consent popup.
[must_use] readonly attribute AString attestationConveyancePreference;
readonly attribute Array<AString> hints;
readonly attribute boolean privateBrowsing;
};
@ -111,6 +113,8 @@ interface nsIWebAuthnSignArgs : nsISupports {
// cancel transactions.
readonly attribute unsigned long timeoutMS;
readonly attribute Array<AString> hints;
readonly attribute boolean conditionallyMediated;
readonly attribute boolean privateBrowsing;

24
icecat/dom/webauthn/tests/test_webauthn_serialization.html
View file

@ -36,6 +36,18 @@
is(arr.length, 0, `${description} (array should be empty)`);
}
function stringArrayEquals(actual, expected, description) {
is(actual.length, expected.length, `${description} (actual and expected should have the same length)`);
for (let i = 0; i < actual.length; i++) {
if (actual[i] instanceof String) {
throw new Error(`actual[${i}] is not a string` + typeof actual[i]);
}
if (actual[i] !== expected[i]) {
throw new Error(`actual and expected differ in position ${i}: ${actual[i]} vs ${expected[i]}`);
}
}
}
function shouldThrow(func, expectedError, description) {
let threw = false;
try {
@ -55,7 +67,7 @@
pubKeyCredParams: [],
};
let creationOptions = PublicKeyCredential.parseCreationOptionsFromJSON(creationOptionsJSON);
is(Object.getOwnPropertyNames(creationOptions).length, 8, "creation options should have 8 properties");
is(Object.getOwnPropertyNames(creationOptions).length, 9, "creation options should have 9 properties");
is(creationOptions.rp.id, undefined, "rp.id should be undefined");
is(creationOptions.rp.name, "Example", "rp.name should be Example");
arrayBufferEqualsArray(creationOptions.user.id, [ 250, 93, 234, 52, 180, 202, 38, 120 ], "user.id should be as expected");
@ -70,6 +82,7 @@
is(creationOptions.authenticatorSelection.requireResidentKey, false, "creationOptions.authenticatorSelection.requireResidentKey should be false");
is(creationOptions.authenticatorSelection.userVerification, "preferred", "creationOptions.authenticatorSelection.userVerification should be preferred");
is(creationOptions.attestation, "none", "attestation should be none");
stringArrayEquals(creationOptions.hints, [], "hints should be an empty array");
is(Object.getOwnPropertyNames(creationOptions.extensions).length, 0, "extensions should be an empty object");
});
@ -105,7 +118,7 @@
},
};
let creationOptions = PublicKeyCredential.parseCreationOptionsFromJSON(creationOptionsJSON);
is(Object.getOwnPropertyNames(creationOptions).length, 9, "creation options should have 9 properties");
is(Object.getOwnPropertyNames(creationOptions).length, 10, "creation options should have 10 properties");
is(creationOptions.rp.name, "Example", "rp.name should be Example");
is(creationOptions.rp.id, "example.com", "rp.id should be example.com");
arrayBufferEqualsArray(creationOptions.user.id, [ 215, 212, 213, 166, 160, 65, 56, 3 ], "user.id should be as expected");
@ -125,6 +138,7 @@
is(creationOptions.authenticatorSelection.residentKey, "required", "creationOptions.authenticatorSelection.residentKey should be required");
is(creationOptions.authenticatorSelection.requireResidentKey, true, "creationOptions.authenticatorSelection.requireResidentKey should be true");
is(creationOptions.authenticatorSelection.userVerification, "discouraged", "creationOptions.authenticatorSelection.userVerification should be discouraged");
stringArrayEquals(creationOptions.hints, creationOptionsJSON.hints, "creationOptions.hints should be as expected");
is(creationOptions.attestation, "indirect", "attestation should be indirect");
is(creationOptions.extensions.appid, "https://www.example.com/appID", "extensions.appid should be https://www.example.com/appID");
is(creationOptions.extensions.credProps, true, "extensions.credProps should be true");
@ -186,12 +200,13 @@
challenge: "3yW2WHD_jbU",
};
let requestOptions = PublicKeyCredential.parseRequestOptionsFromJSON(requestOptionsJSON);
is(Object.getOwnPropertyNames(requestOptions).length, 4, "request options should have 4 properties");
is(Object.getOwnPropertyNames(requestOptions).length, 5, "request options should have 5 properties");
arrayBufferEqualsArray(requestOptions.challenge, [ 223, 37, 182, 88, 112, 255, 141, 181 ], "challenge should be as expected");
is(requestOptions.timeout, undefined, "timeout should be undefined");
is(requestOptions.rpId, undefined, "rpId should be undefined");
isEmptyArray(requestOptions.allowCredentials, "allowCredentials should be an empty array");
is(requestOptions.userVerification, "preferred", "userVerification should be preferred");
stringArrayEquals(requestOptions.hints, [], "hints should be an empty array");
is(Object.getOwnPropertyNames(requestOptions.extensions).length, 0, "extensions should be an empty object");
});
@ -222,7 +237,7 @@
},
};
let requestOptions = PublicKeyCredential.parseRequestOptionsFromJSON(requestOptionsJSON);
is(Object.getOwnPropertyNames(requestOptions).length, 6, "request options should have 6 properties");
is(Object.getOwnPropertyNames(requestOptions).length, 7, "request options should have 7 properties");
arrayBufferEqualsArray(requestOptions.challenge, [ 64, 7, 218, 103, 1, 16, 10, 68 ], "challenge should be as expected");
is(requestOptions.timeout, 25000, "timeout should be 25000");
is(requestOptions.rpId, "example.com", "rpId should be example.com");
@ -232,6 +247,7 @@
is(requestOptions.allowCredentials[0].transports.length, 1, "allowCredentials[0].transports should have one element");
is(requestOptions.allowCredentials[0].transports[0], "smart-card", "allowCredentials[0].transports[0] should be usb");
is(requestOptions.userVerification, "discouraged", "userVerification should be discouraged");
stringArrayEquals(requestOptions.hints, requestOptionsJSON.hints, "requestOptions.hints should be as expected");
is(requestOptions.extensions.appid, "https://www.example.com/anotherAppID", "extensions.appid should be https://www.example.com/anotherAppID");
arrayBufferEqualsArray(requestOptions.extensions.prf.eval.first, [102, 105, 114, 115, 116], "extensions.prf.eval.first should be 'first'");
arrayBufferEqualsArray(requestOptions.extensions.prf.eval.second, [115, 101, 99, 111, 110, 100], "extensions.prf.eval.second should be 'second'");

330
icecat/dom/webauthn/winwebauthn/.gitignore vendored
View file

@ -1,330 +0,0 @@
## Ignore Visual Studio temporary files, build results, and
## files generated by popular Visual Studio add-ons.
##
## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
# User-specific files
*.suo
*.user
*.userosscache
*.sln.docstates
# User-specific files (MonoDevelop/Xamarin Studio)
*.userprefs
# Build results
[Dd]ebug/
[Dd]ebugPublic/
[Rr]elease/
[Rr]eleases/
x64/
x86/
bld/
[Bb]in/
[Oo]bj/
[Ll]og/
# Visual Studio 2015/2017 cache/options directory
.vs/
# Uncomment if you have tasks that create the project's static files in wwwroot
#wwwroot/
# Visual Studio 2017 auto generated files
Generated\ Files/
# MSTest test Results
[Tt]est[Rr]esult*/
[Bb]uild[Ll]og.*
# NUNIT
*.VisualState.xml
TestResult.xml
# Build Results of an ATL Project
[Dd]ebugPS/
[Rr]eleasePS/
dlldata.c
# Benchmark Results
BenchmarkDotNet.Artifacts/
# .NET Core
project.lock.json
project.fragment.lock.json
artifacts/
**/Properties/launchSettings.json
# StyleCop
StyleCopReport.xml
# Files built by Visual Studio
*_i.c
*_p.c
*_i.h
*.ilk
*.meta
*.obj
*.iobj
*.pch
*.pdb
*.ipdb
*.pgc
*.pgd
*.rsp
*.sbr
*.tlb
*.tli
*.tlh
*.tmp
*.tmp_proj
*.log
*.vspscc
*.vssscc
.builds
*.pidb
*.svclog
*.scc
# Chutzpah Test files
_Chutzpah*
# Visual C++ cache files
ipch/
*.aps
*.ncb
*.opendb
*.opensdf
*.sdf
*.cachefile
*.VC.db
*.VC.VC.opendb
# Visual Studio profiler
*.psess
*.vsp
*.vspx
*.sap
# Visual Studio Trace Files
*.e2e
# TFS 2012 Local Workspace
$tf/
# Guidance Automation Toolkit
*.gpState
# ReSharper is a .NET coding add-in
_ReSharper*/
*.[Rr]e[Ss]harper
*.DotSettings.user
# JustCode is a .NET coding add-in
.JustCode
# TeamCity is a build add-in
_TeamCity*
# DotCover is a Code Coverage Tool
*.dotCover
# AxoCover is a Code Coverage Tool
.axoCover/*
!.axoCover/settings.json
# Visual Studio code coverage results
*.coverage
*.coveragexml
# NCrunch
_NCrunch_*
.*crunch*.local.xml
nCrunchTemp_*
# MightyMoose
*.mm.*
AutoTest.Net/
# Web workbench (sass)
.sass-cache/
# Installshield output folder
[Ee]xpress/
# DocProject is a documentation generator add-in
DocProject/buildhelp/
DocProject/Help/*.HxT
DocProject/Help/*.HxC
DocProject/Help/*.hhc
DocProject/Help/*.hhk
DocProject/Help/*.hhp
DocProject/Help/Html2
DocProject/Help/html
# Click-Once directory
publish/
# Publish Web Output
*.[Pp]ublish.xml
*.azurePubxml
# Note: Comment the next line if you want to checkin your web deploy settings,
# but database connection strings (with potential passwords) will be unencrypted
*.pubxml
*.publishproj
# Microsoft Azure Web App publish settings. Comment the next line if you want to
# checkin your Azure Web App publish settings, but sensitive information contained
# in these scripts will be unencrypted
PublishScripts/
# NuGet Packages
*.nupkg
# The packages folder can be ignored because of Package Restore
**/[Pp]ackages/*
# except build/, which is used as an MSBuild target.
!**/[Pp]ackages/build/
# Uncomment if necessary however generally it will be regenerated when needed
#!**/[Pp]ackages/repositories.config
# NuGet v3's project.json files produces more ignorable files
*.nuget.props
*.nuget.targets
# Microsoft Azure Build Output
csx/
*.build.csdef
# Microsoft Azure Emulator
ecf/
rcf/
# Windows Store app package directories and files
AppPackages/
BundleArtifacts/
Package.StoreAssociation.xml
_pkginfo.txt
*.appx
# Visual Studio cache files
# files ending in .cache can be ignored
*.[Cc]ache
# but keep track of directories ending in .cache
!*.[Cc]ache/
# Others
ClientBin/
~$*
*~
*.dbmdl
*.dbproj.schemaview
*.jfm
*.pfx
*.publishsettings
orleans.codegen.cs
# Including strong name files can present a security risk
# (https://github.com/github/gitignore/pull/2483#issue-259490424)
#*.snk
# Since there are multiple workflows, uncomment next line to ignore bower_components
# (https://github.com/github/gitignore/pull/1529#issuecomment-104372622)
#bower_components/
# RIA/Silverlight projects
Generated_Code/
# Backup & report files from converting an old project file
# to a newer Visual Studio version. Backup files are not needed,
# because we have git ;-)
_UpgradeReport_Files/
Backup*/
UpgradeLog*.XML
UpgradeLog*.htm
ServiceFabricBackup/
*.rptproj.bak
# SQL Server files
*.mdf
*.ldf
*.ndf
# Business Intelligence projects
*.rdl.data
*.bim.layout
*.bim_*.settings
*.rptproj.rsuser
# Microsoft Fakes
FakesAssemblies/
# GhostDoc plugin setting file
*.GhostDoc.xml
# Node.js Tools for Visual Studio
.ntvs_analysis.dat
node_modules/
# Visual Studio 6 build log
*.plg
# Visual Studio 6 workspace options file
*.opt
# Visual Studio 6 auto-generated workspace file (contains which files were open etc.)
*.vbw
# Visual Studio LightSwitch build output
**/*.HTMLClient/GeneratedArtifacts
**/*.DesktopClient/GeneratedArtifacts
**/*.DesktopClient/ModelManifest.xml
**/*.Server/GeneratedArtifacts
**/*.Server/ModelManifest.xml
_Pvt_Extensions
# Paket dependency manager
.paket/paket.exe
paket-files/
# FAKE - F# Make
.fake/
# JetBrains Rider
.idea/
*.sln.iml
# CodeRush
.cr/
# Python Tools for Visual Studio (PTVS)
__pycache__/
*.pyc
# Cake - Uncomment if you are using it
# tools/**
# !tools/packages.config
# Tabs Studio
*.tss
# Telerik's JustMock configuration file
*.jmconfig
# BizTalk build output
*.btp.cs
*.btm.cs
*.odx.cs
*.xsd.cs
# OpenCover UI analysis results
OpenCover/
# Azure Stream Analytics local run output
ASALocalRun/
# MSBuild Binary and Structured Log
*.binlog
# NVidia Nsight GPU debugger configuration file
*.nvuser
# MFractors (Xamarin productivity tool) working folder
.mfractor/

14
icecat/dom/webauthn/winwebauthn/README.md
View file

@ -1,16 +1,20 @@
# Description
This project includes Win32 headers for communicating to Windows Hello and external secruity keys as part of WebAuthn and CTAP specification.
## WebAuthn Specification APIs
For more details about the standards, please follow these links:
* WebAuthn: https://w3c.github.io/webauthn/
* CTAP: https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html
Win32 APIs for performing operations corresponding to WebAuthn (https://w3c.github.io/webauthn) specification are present in following files.
- webauthn.h
## Plugin Passkey Authenticators Implementation APIs/Interfaces
APIs, interfaces and helper functions for passkey plugin authenticator implementators are present in following files
- pluginauthenticator.idl
- pluginauthenticator.h
- webauthnplugin.h
# Having Issues?
If you have any issues in adopting these APIs or need some clarification, please contact fido-dev@microsoft.com.
# Contributing
This project welcomes contributions and suggestions. Most contributions require you to agree to a

26
icecat/dom/webauthn/winwebauthn/moz.yaml Normal file
View file

@ -0,0 +1,26 @@
schema: 1
bugzilla:
product: Core
component: "DOM: Web Authentication"
origin:
name: Microsoft WebAuthn
description: Win32 APIs for WebAuthn
url: https://github.com/microsoft/webauthn
release: 9108981ca80b3c6788fa598708dcf3cb10220ad7
revision: 9108981ca80b3c6788fa598708dcf3cb10220ad7
license: MIT
vendoring:
url: https://github.com/microsoft/webauthn
source-hosting: github
vendor-directory: dom/webauthn/winwebauthn
exclude:
- "**"
include:
- LICENSE
- README.md
- webauthn.h

252
icecat/dom/webauthn/winwebauthn/webauthn.h
View file

@ -95,6 +95,7 @@ extern "C" {
// - WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS : 5
// - WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS : 6
// - WEBAUTHN_ASSERTION : 3
// - WEBAUTHN_GET_CREDENTIALS_OPTIONS : 1
// - WEBAUTHN_CREDENTIAL_DETAILS : 1
// APIs:
// - WebAuthNGetPlatformCredentialList
@ -127,7 +128,30 @@ extern "C" {
// - WEBAUTHN_CREDENTIAL_ATTESTATION : 6
// - WEBAUTHN_ASSERTION : 5
#define WEBAUTHN_API_CURRENT_VERSION WEBAUTHN_API_VERSION_7
#define WEBAUTHN_API_VERSION_8 8
// WEBAUTHN_API_VERSION_8 : Delta From WEBAUTHN_API_VERSION_7
// Data Structures and their sub versions:
// - WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS : 8
// - WEBAUTHN_CREDENTIAL_DETAILS : 3
// - WEBAUTHN_CREDENTIAL_ATTESTATION : 7
// - WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS : 8
//
#define WEBAUTHN_API_VERSION_9 9
// WEBAUTHN_API_VERSION_9 : Delta From WEBAUTHN_API_VERSION_8
// Data Structures and their sub versions:
// - WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS : 9
// - WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS : 9
// - WEBAUTHN_ASSERTION : 6
// - WEBAUTHN_CREDENTIAL_DETAILS : 4
// - WEBAUTHN_CREDENTIAL_ATTESTATION : 8
// - WEBAUTHN_AUTHENTICATOR_DETAILS : 1
// - WEBAUTHN_AUTHENTICATOR_DETAILS_LIST : Not Applicable
// APIs:
// - WebAuthNGetAuthenticatorList
// - WebAuthNFreeAuthenticatorList
#define WEBAUTHN_API_CURRENT_VERSION WEBAUTHN_API_VERSION_9
//+------------------------------------------------------------------------------------------
// Information about an RP Entity
@ -147,7 +171,7 @@ typedef struct _WEBAUTHN_RP_ENTITY_INFORMATION {
// This field is required.
PCWSTR pwszName;
// Optional URL pointing to RP's logo.
// Optional URL pointing to RP's logo.
PCWSTR pwszIcon;
} WEBAUTHN_RP_ENTITY_INFORMATION, *PWEBAUTHN_RP_ENTITY_INFORMATION;
typedef const WEBAUTHN_RP_ENTITY_INFORMATION *PCWEBAUTHN_RP_ENTITY_INFORMATION;
@ -283,7 +307,15 @@ typedef const WEBAUTHN_CREDENTIALS *PCWEBAUTHN_CREDENTIALS;
#define WEBAUTHN_CTAP_TRANSPORT_TEST 0x00000008
#define WEBAUTHN_CTAP_TRANSPORT_INTERNAL 0x00000010
#define WEBAUTHN_CTAP_TRANSPORT_HYBRID 0x00000020
#define WEBAUTHN_CTAP_TRANSPORT_FLAGS_MASK 0x0000003F
#define WEBAUTHN_CTAP_TRANSPORT_SMART_CARD 0x00000040
#define WEBAUTHN_CTAP_TRANSPORT_FLAGS_MASK 0x0000007F
#define WEBAUTHN_CTAP_TRANSPORT_USB_STRING "usb"
#define WEBAUTHN_CTAP_TRANSPORT_NFC_STRING "nfc"
#define WEBAUTHN_CTAP_TRANSPORT_BLE_STRING "ble"
#define WEBAUTHN_CTAP_TRANSPORT_SMART_CARD_STRING "smart-card"
#define WEBAUTHN_CTAP_TRANSPORT_HYBRID_STRING "hybrid"
#define WEBAUTHN_CTAP_TRANSPORT_INTERNAL_STRING "internal"
#define WEBAUTHN_CREDENTIAL_EX_CURRENT_VERSION 1
@ -323,6 +355,7 @@ typedef const WEBAUTHN_CREDENTIAL_LIST *PCWEBAUTHN_CREDENTIAL_LIST;
#define CTAPCBOR_HYBRID_STORAGE_LINKED_DATA_VERSION_1 1
#define CTAPCBOR_HYBRID_STORAGE_LINKED_DATA_CURRENT_VERSION CTAPCBOR_HYBRID_STORAGE_LINKED_DATA_VERSION_1
// Deprecated
typedef struct _CTAPCBOR_HYBRID_STORAGE_LINKED_DATA
{
// Version
@ -356,13 +389,65 @@ typedef struct _CTAPCBOR_HYBRID_STORAGE_LINKED_DATA
} CTAPCBOR_HYBRID_STORAGE_LINKED_DATA, *PCTAPCBOR_HYBRID_STORAGE_LINKED_DATA;
typedef const CTAPCBOR_HYBRID_STORAGE_LINKED_DATA *PCCTAPCBOR_HYBRID_STORAGE_LINKED_DATA;
//+------------------------------------------------------------------------------------------
// Authenticator Information for WebAuthNGetAuthenticatorList API
//-------------------------------------------------------------------------------------------
#define WEBAUTHN_AUTHENTICATOR_DETAILS_OPTIONS_VERSION_1 1
#define WEBAUTHN_AUTHENTICATOR_DETAILS_OPTIONS_CURRENT_VERSION WEBAUTHN_AUTHENTICATOR_DETAILS_OPTIONS_VERSION_1
typedef struct _WEBAUTHN_AUTHENTICATOR_DETAILS_OPTIONS {
// Version of this structure, to allow for modifications in the future.
DWORD dwVersion;
} WEBAUTHN_AUTHENTICATOR_DETAILS_OPTIONS, *PWEBAUTHN_AUTHENTICATOR_DETAILS_OPTIONS;
typedef const WEBAUTHN_AUTHENTICATOR_DETAILS_OPTIONS *PCWEBAUTHN_AUTHENTICATOR_DETAILS_OPTIONS;
#define WEBAUTHN_AUTHENTICATOR_DETAILS_VERSION_1 1
#define WEBAUTHN_AUTHENTICATOR_DETAILS_CURRENT_VERSION WEBAUTHN_AUTHENTICATOR_DETAILS_VERSION_1
typedef struct _WEBAUTHN_AUTHENTICATOR_DETAILS {
// Version of this structure, to allow for modifications in the future.
DWORD dwVersion;
// Authenticator ID
DWORD cbAuthenticatorId;
_Field_size_bytes_(cbAuthenticatorId)
PBYTE pbAuthenticatorId;
// Authenticator Name
PCWSTR pwszAuthenticatorName;
// Authenticator logo (expected to be in SVG format)
DWORD cbAuthenticatorLogo;
_Field_size_bytes_(cbAuthenticatorLogo)
PBYTE pbAuthenticatorLogo;
// Is the authenticator currently locked? When locked, this authenticator's credentials
// might not be present or updated in WebAuthNGetPlatformCredentialList.
BOOL bLocked;
} WEBAUTHN_AUTHENTICATOR_DETAILS, *PWEBAUTHN_AUTHENTICATOR_DETAILS;
typedef const WEBAUTHN_AUTHENTICATOR_DETAILS *PCWEBAUTHN_AUTHENTICATOR_DETAILS;
typedef struct _WEBAUTHN_AUTHENTICATOR_DETAILS_LIST {
// Authenticator Details
DWORD cAuthenticatorDetails;
_Field_size_(cAuthenticatorDetails)
PWEBAUTHN_AUTHENTICATOR_DETAILS *ppAuthenticatorDetails;
} WEBAUTHN_AUTHENTICATOR_DETAILS_LIST, *PWEBAUTHN_AUTHENTICATOR_DETAILS_LIST;
typedef const WEBAUTHN_AUTHENTICATOR_DETAILS_LIST *PCWEBAUTHN_AUTHENTICATOR_DETAILS_LIST;
//+------------------------------------------------------------------------------------------
// Credential Information for WebAuthNGetPlatformCredentialList API
//-------------------------------------------------------------------------------------------
#define WEBAUTHN_CREDENTIAL_DETAILS_VERSION_1 1
#define WEBAUTHN_CREDENTIAL_DETAILS_VERSION_2 2
#define WEBAUTHN_CREDENTIAL_DETAILS_CURRENT_VERSION WEBAUTHN_CREDENTIAL_DETAILS_VERSION_2
#define WEBAUTHN_CREDENTIAL_DETAILS_VERSION_3 3
#define WEBAUTHN_CREDENTIAL_DETAILS_VERSION_4 4
#define WEBAUTHN_CREDENTIAL_DETAILS_CURRENT_VERSION WEBAUTHN_CREDENTIAL_DETAILS_VERSION_4
typedef struct _WEBAUTHN_CREDENTIAL_DETAILS {
// Version of this structure, to allow for modifications in the future.
@ -388,6 +473,27 @@ typedef struct _WEBAUTHN_CREDENTIAL_DETAILS {
// Backed Up or not.
BOOL bBackedUp;
//
// The following fields have been added in WEBAUTHN_CREDENTIAL_DETAILS_VERSION_3
//
PCWSTR pwszAuthenticatorName;
// The logo is expected to be in the svg format
DWORD cbAuthenticatorLogo;
_Field_size_bytes_(cbAuthenticatorLogo)
PBYTE pbAuthenticatorLogo;
// ThirdPartyPayment Credential or not.
BOOL bThirdPartyPayment;
//
// The following fields have been added in WEBAUTHN_CREDENTIAL_DETAILS_VERSION_4
//
// Applicable Transports
DWORD dwTransports;
} WEBAUTHN_CREDENTIAL_DETAILS, *PWEBAUTHN_CREDENTIAL_DETAILS;
typedef const WEBAUTHN_CREDENTIAL_DETAILS *PCWEBAUTHN_CREDENTIAL_DETAILS;
@ -593,6 +699,10 @@ typedef const WEBAUTHN_EXTENSIONS *PCWEBAUTHN_EXTENSIONS;
#define WEBAUTHN_LARGE_BLOB_SUPPORT_REQUIRED 1
#define WEBAUTHN_LARGE_BLOB_SUPPORT_PREFERRED 2
#define WEBAUTHN_CREDENTIAL_HINT_SECURITY_KEY L"security-key"
#define WEBAUTHN_CREDENTIAL_HINT_CLIENT_DEVICE L"client-device"
#define WEBAUTHN_CREDENTIAL_HINT_HYBRID L"hybrid"
#define WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_1 1
#define WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_2 2
#define WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_3 3
@ -600,7 +710,9 @@ typedef const WEBAUTHN_EXTENSIONS *PCWEBAUTHN_EXTENSIONS;
#define WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_5 5
#define WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_6 6
#define WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_7 7
#define WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_CURRENT_VERSION WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_7
#define WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_8 8
#define WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_9 9
#define WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_CURRENT_VERSION WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_9
typedef struct _WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS {
// Version of this structure, to allow for modifications in the future.
@ -680,6 +792,7 @@ typedef struct _WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS {
// The following fields have been added in WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_7
//
// Deprecated
// Optional. Linked Device Connection Info.
PCTAPCBOR_HYBRID_STORAGE_LINKED_DATA pLinkedDevice;
@ -687,6 +800,41 @@ typedef struct _WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS {
DWORD cbJsonExt;
_Field_size_bytes_(cbJsonExt)
PBYTE pbJsonExt;
//
// The following fields have been added in WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_8
//
// PRF extension "eval" values which will be converted into HMAC-SECRET values according to WebAuthn Spec.
// Set WEBAUTHN_AUTHENTICATOR_HMAC_SECRET_VALUES_FLAG in dwFlags above, if caller wants to provide RAW Hmac-Secret SALT values directly.
// In that case, values provided MUST be of WEBAUTHN_CTAP_ONE_HMAC_SECRET_LENGTH size.
PWEBAUTHN_HMAC_SECRET_SALT pPRFGlobalEval;
// PublicKeyCredentialHints (https://w3c.github.io/webauthn/#enum-hints)
DWORD cCredentialHints;
_Field_size_(cCredentialHints)
LPCWSTR *ppwszCredentialHints;
// Enable ThirdPartyPayment
BOOL bThirdPartyPayment;
//
// The following fields have been added in WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_9
//
// Web Origin. For Remote Web App scenario.
PCWSTR pwszRemoteWebOrigin;
// UTF-8 encoded JSON serialization of the PublicKeyCredentialCreationOptions.
DWORD cbPublicKeyCredentialCreationOptionsJSON;
_Field_size_bytes_(cbPublicKeyCredentialCreationOptionsJSON)
PBYTE pbPublicKeyCredentialCreationOptionsJSON;
// Authenticator ID got from WebAuthNGetAuthenticatorList API.
DWORD cbAuthenticatorId;
_Field_size_bytes_(cbAuthenticatorId)
PBYTE pbAuthenticatorId;
} WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS, *PWEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS;
typedef const WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS *PCWEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS;
@ -702,7 +850,9 @@ typedef const WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS *PCWEBAUTHN_AUTHENT
#define WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_5 5
#define WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_6 6
#define WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_7 7
#define WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_CURRENT_VERSION WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_7
#define WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_8 8
#define WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_9 9
#define WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_CURRENT_VERSION WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_9
/*
Information about flags.
@ -783,6 +933,7 @@ typedef struct _WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS {
// The following fields have been added in WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_7
//
// Deprecated
// Optional. Linked Device Connection Info.
PCTAPCBOR_HYBRID_STORAGE_LINKED_DATA pLinkedDevice;
@ -793,6 +944,33 @@ typedef struct _WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS {
DWORD cbJsonExt;
_Field_size_bytes_(cbJsonExt)
PBYTE pbJsonExt;
//
// The following fields have been added in WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_8
//
// PublicKeyCredentialHints (https://w3c.github.io/webauthn/#enum-hints)
DWORD cCredentialHints;
_Field_size_(cCredentialHints)
LPCWSTR *ppwszCredentialHints;
//
// The following fields have been added in WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_9
//
// Web Origin. For Remote Web App scenario.
PCWSTR pwszRemoteWebOrigin;
// UTF-8 encoded JSON serialization of the PublicKeyCredentialRequestOptions.
DWORD cbPublicKeyCredentialRequestOptionsJSON;
_Field_size_bytes_(cbPublicKeyCredentialRequestOptionsJSON)
PBYTE pbPublicKeyCredentialRequestOptionsJSON;
// Authenticator ID got from WebAuthNGetAuthenticatorList API.
DWORD cbAuthenticatorId;
_Field_size_bytes_(cbAuthenticatorId)
PBYTE pbAuthenticatorId;
} WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS, *PWEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS;
typedef const WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS *PCWEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS;
@ -871,7 +1049,9 @@ typedef const WEBAUTHN_COMMON_ATTESTATION *PCWEBAUTHN_COMMON_ATTESTATION;
#define WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_4 4
#define WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_5 5
#define WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_6 6
#define WEBAUTHN_CREDENTIAL_ATTESTATION_CURRENT_VERSION WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_6
#define WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_7 7
#define WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_8 8
#define WEBAUTHN_CREDENTIAL_ATTESTATION_CURRENT_VERSION WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_8
typedef struct _WEBAUTHN_CREDENTIAL_ATTESTATION {
// Version of this structure, to allow for modifications in the future.
@ -947,6 +1127,34 @@ typedef struct _WEBAUTHN_CREDENTIAL_ATTESTATION {
DWORD cbUnsignedExtensionOutputs;
_Field_size_bytes_(cbUnsignedExtensionOutputs)
PBYTE pbUnsignedExtensionOutputs;
//
// Following fields have been added in WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_7
//
PWEBAUTHN_HMAC_SECRET_SALT pHmacSecret;
// ThirdPartyPayment Credential or not.
BOOL bThirdPartyPayment;
//
// Following fields have been added in WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_8
//
// Multiple WEBAUTHN_CTAP_TRANSPORT_* bits will be set corresponding to
// the transports that are supported.
DWORD dwTransports;
// UTF-8 encoded JSON serialization of the client data.
DWORD cbClientDataJSON;
_Field_size_bytes_(cbClientDataJSON)
PBYTE pbClientDataJSON;
// UTF-8 encoded JSON serialization of the RegistrationResponse.
DWORD cbRegistrationResponseJSON;
_Field_size_bytes_(cbRegistrationResponseJSON)
PBYTE pbRegistrationResponseJSON;
} WEBAUTHN_CREDENTIAL_ATTESTATION, *PWEBAUTHN_CREDENTIAL_ATTESTATION;
typedef const WEBAUTHN_CREDENTIAL_ATTESTATION *PCWEBAUTHN_CREDENTIAL_ATTESTATION;
@ -971,7 +1179,8 @@ typedef const WEBAUTHN_CREDENTIAL_ATTESTATION *PCWEBAUTHN_CREDENTIAL_ATTESTATION
#define WEBAUTHN_ASSERTION_VERSION_3 3
#define WEBAUTHN_ASSERTION_VERSION_4 4
#define WEBAUTHN_ASSERTION_VERSION_5 5
#define WEBAUTHN_ASSERTION_CURRENT_VERSION WEBAUTHN_ASSERTION_VERSION_5
#define WEBAUTHN_ASSERTION_VERSION_6 6
#define WEBAUTHN_ASSERTION_CURRENT_VERSION WEBAUTHN_ASSERTION_VERSION_6
typedef struct _WEBAUTHN_ASSERTION {
// Version of this structure, to allow for modifications in the future.
@ -1032,6 +1241,21 @@ typedef struct _WEBAUTHN_ASSERTION {
DWORD cbUnsignedExtensionOutputs;
_Field_size_bytes_(cbUnsignedExtensionOutputs)
PBYTE pbUnsignedExtensionOutputs;
//
// Following fields have been added in WEBAUTHN_ASSERTION_VERSION_6
//
// UTF-8 encoded JSON serialization of the client data.
DWORD cbClientDataJSON;
_Field_size_bytes_(cbClientDataJSON)
PBYTE pbClientDataJSON;
// UTF-8 encoded JSON serialization of the AuthenticationResponse.
DWORD cbAuthenticationResponseJSON;
_Field_size_bytes_(cbAuthenticationResponseJSON)
PBYTE pbAuthenticationResponseJSON;
} WEBAUTHN_ASSERTION, *PWEBAUTHN_ASSERTION;
typedef const WEBAUTHN_ASSERTION *PCWEBAUTHN_ASSERTION;
@ -1109,6 +1333,18 @@ WebAuthNDeletePlatformCredential(
_In_reads_bytes_(cbCredentialId) const BYTE *pbCredentialId
);
// Returns NTE_NOT_FOUND when authenticator details are not found.
HRESULT
WINAPI
WebAuthNGetAuthenticatorList(
_In_opt_ PCWEBAUTHN_AUTHENTICATOR_DETAILS_OPTIONS pWebAuthNGetAuthenticatorListOptions,
_Outptr_result_maybenull_ PWEBAUTHN_AUTHENTICATOR_DETAILS_LIST* ppAuthenticatorDetailsList);
void
WINAPI
WebAuthNFreeAuthenticatorList(
_In_ PWEBAUTHN_AUTHENTICATOR_DETAILS_LIST pAuthenticatorDetailsList);
//
// Returns the following Error Names:
// L"Success" - S_OK

2
icecat/dom/webidl/WebAuthentication.webidl
View file

@ -177,6 +177,7 @@ dictionary PublicKeyCredentialCreationOptions {
sequence<PublicKeyCredentialDescriptor> excludeCredentials = [];
// FIXME: bug 1493860: should this "= {}" be here?
AuthenticatorSelectionCriteria authenticatorSelection = {};
sequence<DOMString> hints = [];
DOMString attestation = "none";
// FIXME: bug 1493860: should this "= {}" be here?
AuthenticationExtensionsClientInputs extensions = {};
@ -208,6 +209,7 @@ dictionary PublicKeyCredentialRequestOptions {
USVString rpId;
sequence<PublicKeyCredentialDescriptor> allowCredentials = [];
DOMString userVerification = "preferred";
sequence<DOMString> hints = [];
// FIXME: bug 1493860: should this "= {}" be here?
AuthenticationExtensionsClientInputs extensions = {};
};

6
icecat/dom/webtransport/parent/WebTransportParent.h
View file

@ -103,9 +103,11 @@ class WebTransportParent : public PWebTransportParent,
OnResetOrStopSendingCallback mCallback;
nsCOMPtr<T> mStream;
};
nsTHashMap<nsUint64HashKey, StreamHash<nsIWebTransportBidirectionalStream>>
nsTHashMap<NoMemMoveKey<nsUint64HashKey>,
StreamHash<nsIWebTransportBidirectionalStream>>
mBidiStreamCallbackMap;
nsTHashMap<nsUint64HashKey, StreamHash<nsIWebTransportSendStream>>
nsTHashMap<NoMemMoveKey<nsUint64HashKey>,
StreamHash<nsIWebTransportSendStream>>
mUniStreamCallbackMap;
};

9
icecat/dom/workers/WorkerPrivate.cpp
View file

@ -4797,6 +4797,15 @@ bool WorkerPrivate::FreezeInternal() {
return true;
}
bool WorkerPrivate::HasActiveWorkerRefs() {
auto data = mWorkerThreadAccessible.Access();
auto* timeoutManager =
data->mScope ? data->mScope->GetTimeoutManager() : nullptr;
return !data->mChildWorkers.IsEmpty() ||
(timeoutManager && timeoutManager->HasTimeouts()) ||
!data->mWorkerRefs.IsEmpty();
}
bool WorkerPrivate::ThawInternal() {
auto data = mWorkerThreadAccessible.Access();
NS_ASSERTION(data->mFrozen, "Not yet frozen!");

6
icecat/dom/workers/WorkerPrivate.h
View file

@ -1332,11 +1332,7 @@ class WorkerPrivate final
void NotifyWorkerRefs(WorkerStatus aStatus);
bool HasActiveWorkerRefs() {
auto data = mWorkerThreadAccessible.Access();
return !(data->mChildWorkers.IsEmpty() && data->mTimeouts.IsEmpty() &&
data->mWorkerRefs.IsEmpty());
}
bool HasActiveWorkerRefs();
friend class WorkerEventTarget;

3
icecat/dom/workers/WorkerScope.cpp
View file

@ -271,7 +271,8 @@ WorkerGlobalScopeBase::WorkerGlobalScopeBase(
mSerialEventTarget(aWorkerPrivate->HybridEventTarget()) {
if (StaticPrefs::dom_workers_timeoutmanager_AtStartup()) {
mTimeoutManager = MakeUnique<dom::TimeoutManager>(
*this, /* not used on workers */ 0, mSerialEventTarget);
*this, /* not used on workers */ 0, mSerialEventTarget,
mWorkerPrivate->IsChromeWorker());
}
LOG(("WorkerGlobalScopeBase::WorkerGlobalScopeBase [%p]", this));
MOZ_ASSERT(mWorkerPrivate);

52
icecat/editor/libeditor/HTMLEditUtils.cpp
View file

@ -147,6 +147,31 @@ template Result<EditorRawDOMPoint, nsresult>
HTMLEditUtils::ComputePointToPutCaretInElementIfOutside(
const Element& aElement, const EditorRawDOMPoint& aCurrentPoint);
template Maybe<EditorLineBreak>
HTMLEditUtils::GetLineBreakBeforeBlockBoundaryIfPointIsBetweenThem(
const EditorDOMPoint&, const Element&);
template Maybe<EditorRawLineBreak>
HTMLEditUtils::GetLineBreakBeforeBlockBoundaryIfPointIsBetweenThem(
const EditorDOMPoint&, const Element&);
template Maybe<EditorLineBreak>
HTMLEditUtils::GetLineBreakBeforeBlockBoundaryIfPointIsBetweenThem(
const EditorRawDOMPoint&, const Element&);
template Maybe<EditorRawLineBreak>
HTMLEditUtils::GetLineBreakBeforeBlockBoundaryIfPointIsBetweenThem(
const EditorRawDOMPoint&, const Element&);
template Maybe<EditorLineBreak>
HTMLEditUtils::GetLineBreakBeforeBlockBoundaryIfPointIsBetweenThem(
const EditorDOMPointInText&, const Element&);
template Maybe<EditorRawLineBreak>
HTMLEditUtils::GetLineBreakBeforeBlockBoundaryIfPointIsBetweenThem(
const EditorDOMPointInText&, const Element&);
template Maybe<EditorLineBreak>
HTMLEditUtils::GetLineBreakBeforeBlockBoundaryIfPointIsBetweenThem(
const EditorRawDOMPointInText&, const Element&);
template Maybe<EditorRawLineBreak>
HTMLEditUtils::GetLineBreakBeforeBlockBoundaryIfPointIsBetweenThem(
const EditorRawDOMPointInText&, const Element&);
template bool HTMLEditUtils::IsSameCSSColorValue(const nsAString& aColorA,
const nsAString& aColorB);
template bool HTMLEditUtils::IsSameCSSColorValue(const nsACString& aColorA,
@ -2873,6 +2898,33 @@ HTMLEditUtils::ComputePointToPutCaretInElementIfOutside(
return EditorDOMPointType(firstEditableContent, 0u);
}
// static
template <typename EditorLineBreakType, typename EditorDOMPointType>
Maybe<EditorLineBreakType>
HTMLEditUtils::GetLineBreakBeforeBlockBoundaryIfPointIsBetweenThem(
const EditorDOMPointType& aPoint, const Element& aEditingHost) {
MOZ_ASSERT(aPoint.IsSet());
if (MOZ_UNLIKELY(!aPoint.IsInContentNode())) {
return Nothing{};
}
const WSScanResult previousThing =
WSRunScanner::ScanPreviousVisibleNodeOrBlockBoundary(
WSRunScanner::Scan::All, aPoint,
BlockInlineCheck::UseComputedDisplayStyle, &aEditingHost);
if (!previousThing.ReachedLineBreak()) {
return Nothing{}; // No preceding line break.
}
const WSScanResult nextThing =
WSRunScanner::ScanInclusiveNextVisibleNodeOrBlockBoundary(
WSRunScanner::Scan::All, aPoint,
BlockInlineCheck::UseComputedDisplayStyle, &aEditingHost);
if (!nextThing.ReachedBlockBoundary()) {
return Nothing{}; // The line break is not followed by a block boundary so
// that it's a visible line break.
}
return Some(previousThing.CreateEditorLineBreak<EditorLineBreakType>());
}
// static
bool HTMLEditUtils::IsInlineStyleSetByElement(
const nsIContent& aContent, const EditorInlineStyle& aStyle,

9
icecat/editor/libeditor/HTMLEditUtils.h
View file

@ -2547,6 +2547,15 @@ class HTMLEditUtils final {
ComputePointToPutCaretInElementIfOutside(
const Element& aElement, const EditorDOMPointTypeInput& aCurrentPoint);
/**
* Return a line break if aPoint is after a line break which is immediately
* before a block boundary.
*/
template <typename EditorLineBreakType, typename EditorDOMPointType>
static Maybe<EditorLineBreakType>
GetLineBreakBeforeBlockBoundaryIfPointIsBetweenThem(
const EditorDOMPointType& aPoint, const Element& aEditingHost);
/**
* Content-based query returns true if
* <mHTMLProperty mAttribute=mAttributeValue> effects aContent. If there is

79
icecat/editor/libeditor/HTMLEditorDeleteHandler.cpp
View file

@ -1214,7 +1214,8 @@ class MOZ_STACK_CLASS HTMLEditor::AutoDeleteRangesHandler final {
*/
[[nodiscard]] Result<CaretPoint, nsresult> GetNewCaretPosition(
const HTMLEditor& aHTMLEditor,
nsIEditor::EDirection aDirectionAndAmount) const;
nsIEditor::EDirection aDirectionAndAmount,
const Element& aEditingHost) const;
RefPtr<Element> mEmptyInclusiveAncestorBlockElement;
}; // HTMLEditor::AutoDeleteRangesHandler::AutoEmptyBlockAncestorDeleter
@ -8375,7 +8376,8 @@ HTMLEditor::AutoDeleteRangesHandler::AutoEmptyBlockAncestorDeleter::
Result<CaretPoint, nsresult> HTMLEditor::AutoDeleteRangesHandler::
AutoEmptyBlockAncestorDeleter::GetNewCaretPosition(
const HTMLEditor& aHTMLEditor,
nsIEditor::EDirection aDirectionAndAmount) const {
nsIEditor::EDirection aDirectionAndAmount,
const Element& aEditingHost) const {
MOZ_ASSERT(mEmptyInclusiveAncestorBlockElement);
MOZ_ASSERT(mEmptyInclusiveAncestorBlockElement->GetParentElement());
MOZ_ASSERT(aHTMLEditor.IsEditActionDataAvailable());
@ -8386,12 +8388,23 @@ Result<CaretPoint, nsresult> HTMLEditor::AutoDeleteRangesHandler::
case nsIEditor::eToEndOfLine: {
// Collapse Selection to next node of after empty block element
// if there is. Otherwise, to just after the empty block.
auto afterEmptyBlock(
EditorDOMPoint::After(mEmptyInclusiveAncestorBlockElement));
MOZ_ASSERT(afterEmptyBlock.IsSet());
if (nsIContent* nextContentOfEmptyBlock = HTMLEditUtils::GetNextContent(
afterEmptyBlock, {}, BlockInlineCheck::Unused,
aHTMLEditor.ComputeEditingHost())) {
nsIContent* const nextContentOfEmptyBlock = [&]() -> nsIContent* {
for (EditorRawDOMPoint scanStartPoint =
EditorRawDOMPoint::After(mEmptyInclusiveAncestorBlockElement);
scanStartPoint.IsInContentNode();) {
nsIContent* const nextContent = HTMLEditUtils::GetNextContent(
scanStartPoint, {}, BlockInlineCheck::Unused, &aEditingHost);
// Let's ignore invisible `Text`.
if (nextContent && nextContent->IsText() &&
!HTMLEditUtils::IsVisibleTextNode(*nextContent->AsText())) {
scanStartPoint = EditorRawDOMPoint::After(*nextContent);
continue;
}
return nextContent;
}
return nullptr;
}();
if (nextContentOfEmptyBlock) {
EditorDOMPoint pt = HTMLEditUtils::GetGoodCaretPointFor<EditorDOMPoint>(
*nextContentOfEmptyBlock, aDirectionAndAmount);
if (!pt.IsSet()) {
@ -8400,6 +8413,8 @@ Result<CaretPoint, nsresult> HTMLEditor::AutoDeleteRangesHandler::
}
return CaretPoint(std::move(pt));
}
EditorDOMPoint afterEmptyBlock =
EditorDOMPoint::After(mEmptyInclusiveAncestorBlockElement);
if (NS_WARN_IF(!afterEmptyBlock.IsSet())) {
return Err(NS_ERROR_FAILURE);
}
@ -8409,20 +8424,43 @@ Result<CaretPoint, nsresult> HTMLEditor::AutoDeleteRangesHandler::
case nsIEditor::ePreviousWord:
case nsIEditor::eToBeginningOfLine: {
// Collapse Selection to previous editable node of the empty block
// if there is. Otherwise, to after the empty block.
EditorRawDOMPoint atEmptyBlock(mEmptyInclusiveAncestorBlockElement);
if (nsIContent* previousContentOfEmptyBlock =
HTMLEditUtils::GetPreviousContent(
atEmptyBlock, {WalkTreeOption::IgnoreNonEditableNode},
BlockInlineCheck::Unused, aHTMLEditor.ComputeEditingHost())) {
EditorDOMPoint pt = HTMLEditUtils::GetGoodCaretPointFor<EditorDOMPoint>(
*previousContentOfEmptyBlock, aDirectionAndAmount);
if (!pt.IsSet()) {
// if there is.
nsIContent* const previousContentOfEmptyBlock = [&]() -> nsIContent* {
for (EditorRawDOMPoint scanStartPoint =
EditorRawDOMPoint(mEmptyInclusiveAncestorBlockElement);
scanStartPoint.IsInContentNode();) {
nsIContent* const previousContent = HTMLEditUtils::GetPreviousContent(
scanStartPoint, {WalkTreeOption::IgnoreNonEditableNode},
BlockInlineCheck::Unused, &aEditingHost);
// Let's ignore invisible `Text`.
if (previousContent && previousContent->IsText() &&
!HTMLEditUtils::IsVisibleTextNode(*previousContent->AsText())) {
scanStartPoint = EditorRawDOMPoint(previousContent, 0u);
continue;
}
return previousContent;
}
return nullptr;
}();
if (previousContentOfEmptyBlock) {
const EditorRawDOMPoint atEndOfPreviousContent =
HTMLEditUtils::GetGoodCaretPointFor<EditorRawDOMPoint>(
*previousContentOfEmptyBlock, aDirectionAndAmount);
if (!atEndOfPreviousContent.IsSet()) {
NS_WARNING("HTMLEditUtils::GetGoodCaretPointFor() failed");
return Err(NS_ERROR_FAILURE);
}
return CaretPoint(std::move(pt));
// If the previous content is between a preceding line break and the
// block boundary of current empty block, let's move caret to the line
// break if there is no visible things between them.
const Maybe<EditorRawLineBreak> precedingLineBreak =
HTMLEditUtils::GetLineBreakBeforeBlockBoundaryIfPointIsBetweenThem<
EditorRawLineBreak>(atEndOfPreviousContent, aEditingHost);
return precedingLineBreak.isSome()
? CaretPoint(precedingLineBreak->To<EditorDOMPoint>())
: CaretPoint(atEndOfPreviousContent.To<EditorDOMPoint>());
}
// Otherwise, let's put caret next to the deleting block.
auto afterEmptyBlock =
EditorDOMPoint::After(*mEmptyInclusiveAncestorBlockElement);
if (NS_WARN_IF(!afterEmptyBlock.IsSet())) {
@ -8492,7 +8530,7 @@ HTMLEditor::AutoDeleteRangesHandler::AutoEmptyBlockAncestorDeleter::Run(
: EditorDOMPoint());
}
Result<CaretPoint, nsresult> caretPointOrError =
GetNewCaretPosition(aHTMLEditor, aDirectionAndAmount);
GetNewCaretPosition(aHTMLEditor, aDirectionAndAmount, aEditingHost);
NS_WARNING_ASSERTION(
caretPointOrError.isOk(),
"AutoEmptyBlockAncestorDeleter::GetNewCaretPosition() failed");
@ -8523,6 +8561,7 @@ HTMLEditor::AutoDeleteRangesHandler::AutoEmptyBlockAncestorDeleter::Run(
NS_WARNING("EditorBase::DeleteNodeWithTransaction() failed");
return Err(rv);
}
trackPointToPutCaret.FlushAndStopTracking();
} else {
Result<CaretPoint, nsresult> caretPointOrError =
WhiteSpaceVisibilityKeeper::DeleteContentNodeAndJoinTextNodesAroundIt(
@ -8534,11 +8573,11 @@ HTMLEditor::AutoDeleteRangesHandler::AutoEmptyBlockAncestorDeleter::Run(
"DeleteContentNodeAndJoinTextNodesAroundIt() failed");
return caretPointOrError.propagateErr();
}
trackPointToPutCaret.FlushAndStopTracking();
caretPointOrError.unwrap().MoveCaretPointTo(
pointToPutCaret, {SuggestCaret::OnlyIfHasSuggestion});
}
trackEmptyBlockPoint.FlushAndStopTracking();
trackPointToPutCaret.FlushAndStopTracking();
if (NS_WARN_IF(!atEmptyInclusiveAncestorBlockElement
.IsInContentNodeAndValidInComposedDoc()) ||
NS_WARN_IF(pointToPutCaret.IsSet() &&

25
icecat/editor/libeditor/WSRunScanner.h
View file

@ -162,6 +162,22 @@ class MOZ_STACK_CLASS WSScanResult final {
return mContent->AsText();
}
template <typename EditorLineBreakType>
MOZ_NEVER_INLINE_DEBUG EditorLineBreakType CreateEditorLineBreak() const {
if (ReachedBRElement()) {
return EditorLineBreakType(*BRElementPtr());
}
if (ReachedPreformattedLineBreak()) {
MOZ_ASSERT_IF(mDirection == ScanDirection::Backward, *mOffset > 0);
return EditorLineBreakType(*TextPtr(),
mDirection == ScanDirection::Forward
? mOffset.valueOr(0)
: std::max(mOffset.valueOr(1), 1u) - 1);
}
MOZ_CRASH("Didn't reach a line break");
return EditorLineBreakType(*BRElementPtr());
}
/**
* Returns true if found or reached content is editable.
*/
@ -277,6 +293,15 @@ class MOZ_STACK_CLASS WSScanResult final {
return mReason == WSType::PreformattedLineBreak;
}
/**
* Return true if reached a <br> element or a preformatted line break.
* Return false when reached a block boundary. Use ReachedLineBoundary() if
* you want it to return true in the case too.
*/
[[nodiscard]] bool ReachedLineBreak() const {
return ReachedBRElement() || ReachedPreformattedLineBreak();
}
/**
* The scanner reached a <hr> element.
*/

26
icecat/editor/libeditor/WhiteSpaceVisibilityKeeper.cpp
View file

@ -3503,8 +3503,10 @@ WhiteSpaceVisibilityKeeper::DeleteContentNodeAndJoinTextNodesAroundIt(
WSRunScanner::ScanInclusiveNextVisibleNodeOrBlockBoundary(
Scan::All, pointToPutCaret,
BlockInlineCheck::UseComputedDisplayOutsideStyle);
if (nextThingOfCaretPoint.ReachedBRElement() ||
nextThingOfCaretPoint.ReachedPreformattedLineBreak()) {
Maybe<EditorLineBreak> lineBreak;
if (nextThingOfCaretPoint.ReachedLineBreak()) {
lineBreak.emplace(
nextThingOfCaretPoint.CreateEditorLineBreak<EditorLineBreak>());
nextThingOfCaretPoint =
WSRunScanner::ScanInclusiveNextVisibleNodeOrBlockBoundary(
Scan::All,
@ -3530,6 +3532,26 @@ WhiteSpaceVisibilityKeeper::DeleteContentNodeAndJoinTextNodesAroundIt(
if (NS_WARN_IF(!aContentToDelete.IsInComposedDoc())) {
return Err(NS_ERROR_EDITOR_UNEXPECTED_DOM_TREE);
}
// If the previous content ends with an invisible line break, let's
// delete it.
if (lineBreak.isSome() && lineBreak->IsInComposedDoc()) {
const WSScanResult prevThing =
WSRunScanner::ScanPreviousVisibleNodeOrBlockBoundary(
WSRunScanner::Scan::All,
lineBreak->To<EditorRawDOMPoint>(),
BlockInlineCheck::UseComputedDisplayStyle, &aEditingHost);
if (!prevThing.ReachedLineBoundary()) {
Result<EditorDOMPoint, nsresult> pointOrError =
aHTMLEditor.DeleteLineBreakWithTransaction(
lineBreak.ref(), nsIEditor::eStrip, aEditingHost);
if (MOZ_UNLIKELY(pointOrError.isErr())) {
NS_WARNING(
"HTMLEditor::DeleteLineBreakWithTransaction() failed");
return pointOrError.propagateErr();
}
trackPointToPutCaret->Flush(StopTracking::No);
}
}
}
}
// Similarly, we may put caret into the following block (this is the

45
icecat/extensions/auth/nsAuthGSSAPI.cpp
View file

@ -263,8 +263,6 @@ nsAuthGSSAPI::nsAuthGSSAPI(pType package) : mServiceFlags(REQ_DEFAULT) {
LOG(("entering nsAuthGSSAPI::nsAuthGSSAPI()\n"));
mComplete = false;
if (!gssLibrary && NS_FAILED(gssInit())) return;
mCtx = GSS_C_NO_CONTEXT;
@ -310,6 +308,8 @@ void nsAuthGSSAPI::Reset() {
}
mCtx = GSS_C_NO_CONTEXT;
mComplete = false;
mDelegationRequested = false;
mDelegationSupported = false;
}
/* static */
@ -358,6 +358,7 @@ nsAuthGSSAPI::GetNextToken(const void* inToken, uint32_t inTokenLen,
void** outToken, uint32_t* outTokenLen) {
OM_uint32 major_status, minor_status;
OM_uint32 req_flags = 0;
OM_uint32 ret_flags = 0;
gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER;
gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER;
gss_buffer_t in_token_ptr = GSS_C_NO_BUFFER;
@ -372,7 +373,22 @@ nsAuthGSSAPI::GetNextToken(const void* inToken, uint32_t inTokenLen,
// If they've called us again after we're complete, reset to start afresh.
if (mComplete) Reset();
if (mServiceFlags & REQ_DELEGATE) req_flags |= GSS_C_DELEG_FLAG;
// Two-phase delegation logic
// Phase 1: Try authentication without delegation first
// Phase 2: Only retry with delegation if server supports it (ret_flags)
bool delegationConfigured = (mServiceFlags & REQ_DELEGATE) != 0;
if (delegationConfigured) {
if (!mDelegationRequested) {
// First attempt: don't request delegation yet
LOG(("First auth attempt without delegation"));
mDelegationRequested = true;
} else if (mDelegationSupported) {
// Second attempt: server supports delegation, now request it
LOG(("Retrying auth with delegation - server supports it"));
req_flags |= GSS_C_DELEG_FLAG;
}
}
if (mServiceFlags & REQ_MUTUAL_AUTH) req_flags |= GSS_C_MUTUAL_FLAG;
@ -426,7 +442,7 @@ nsAuthGSSAPI::GetNextToken(const void* inToken, uint32_t inTokenLen,
major_status = gss_init_sec_context_ptr(
&minor_status, GSS_C_NO_CREDENTIAL, &mCtx, server, mMechOID, req_flags,
GSS_C_INDEFINITE, GSS_C_NO_CHANNEL_BINDINGS, in_token_ptr, nullptr,
&output_token, nullptr, nullptr);
&output_token, &ret_flags, nullptr);
if (GSS_ERROR(major_status)) {
LogGssError(major_status, minor_status, "gss_init_sec_context() failed");
@ -434,6 +450,27 @@ nsAuthGSSAPI::GetNextToken(const void* inToken, uint32_t inTokenLen,
rv = NS_ERROR_FAILURE;
goto end;
}
// Check if server supports delegation (OK-AS-DELEGATE equivalent)
if (delegationConfigured && !mDelegationSupported &&
(ret_flags & GSS_C_DELEG_FLAG)) {
LOG(("Server supports delegation (GSS_C_DELEG_FLAG in ret_flags)"));
// If we completed without requesting delegation, but server supports it,
// we need to restart with delegation
if (major_status == GSS_S_COMPLETE && !(req_flags & GSS_C_DELEG_FLAG)) {
LOG(("Restarting authentication to request delegation"));
Reset();
// These flags get cleared by Reset().
// Set them again to make sure the next call sets GSS_C_DELEG_FLAG
mDelegationRequested = true;
mDelegationSupported = true;
gss_release_name_ptr(&minor_status, &server);
return GetNextToken(inToken, inTokenLen, outToken, outTokenLen);
}
}
if (major_status == GSS_S_COMPLETE) {
// Mark ourselves as being complete, so that if we're called again
// we know to start afresh.

6
icecat/extensions/auth/nsAuthGSSAPI.h
View file

@ -54,9 +54,11 @@ class nsAuthGSSAPI final : public nsIAuthModule {
gss_ctx_id_t mCtx;
gss_OID mMechOID;
nsCString mServiceName;
uint32_t mServiceFlags;
uint32_t mServiceFlags = REQ_DEFAULT;
nsString mUsername;
bool mComplete;
bool mComplete = false;
bool mDelegationRequested = false;
bool mDelegationSupported = false;
};
#endif /* nsAuthGSSAPI_h__ */

46
icecat/gfx/2d/DrawTargetCairo.cpp
View file

@ -199,6 +199,7 @@ static void ReleaseData(void* aData) {
}
static cairo_surface_t* CopyToImageSurface(unsigned char* aData,
const IntSize& aSize,
const IntRect& aRect,
int32_t aStride,
SurfaceFormat aFormat) {
@ -219,15 +220,23 @@ static cairo_surface_t* CopyToImageSurface(unsigned char* aData,
}
unsigned char* surfData = cairo_image_surface_get_data(surf);
int surfStride = cairo_image_surface_get_stride(surf);
int32_t pixelWidth = BytesPerPixel(aFormat);
size_t surfStride = cairo_image_surface_get_stride(surf);
size_t pixelWidth = BytesPerPixel(aFormat);
size_t rowDataWidth = size_t(aRectWidth) * pixelWidth;
if (rowDataWidth > surfStride || rowDataWidth > size_t(aStride) ||
!IntRect(IntPoint(), aSize).Contains(aRect)) {
cairo_surface_destroy(surf);
return nullptr;
}
unsigned char* source = aData + aRect.Y() * aStride + aRect.X() * pixelWidth;
const unsigned char* sourceRow = aData + size_t(aRect.Y()) * size_t(aStride) +
size_t(aRect.X()) * pixelWidth;
unsigned char* destRow = surfData;
MOZ_ASSERT(aStride >= aRectWidth * pixelWidth);
for (int32_t y = 0; y < aRectHeight; ++y) {
memcpy(surfData + y * surfStride, source + y * aStride,
aRectWidth * pixelWidth);
memcpy(destRow, sourceRow, rowDataWidth);
sourceRow += aStride;
destRow += surfStride;
}
cairo_surface_mark_dirty(surf);
return surf;
@ -251,14 +260,15 @@ static cairo_surface_t* GetAsImageSurface(cairo_surface_t* aSurface) {
}
static cairo_surface_t* CreateSubImageForData(unsigned char* aData,
const IntSize& aSize,
const IntRect& aRect, int aStride,
SurfaceFormat aFormat) {
if (!aData) {
if (!aData || aStride < 0 || !IntRect(IntPoint(), aSize).Contains(aRect)) {
gfxWarning() << "DrawTargetCairo.CreateSubImageForData null aData";
return nullptr;
}
unsigned char* data =
aData + aRect.Y() * aStride + aRect.X() * BytesPerPixel(aFormat);
unsigned char* data = aData + size_t(aRect.Y()) * size_t(aStride) +
size_t(aRect.X()) * size_t(BytesPerPixel(aFormat));
cairo_surface_t* image = cairo_image_surface_create_for_data(
data, GfxFormatToCairoFormat(aFormat), aRect.Width(), aRect.Height(),
@ -282,9 +292,11 @@ static cairo_surface_t* ExtractSubImage(cairo_surface_t* aSurface,
cairo_surface_t* image = GetAsImageSurface(aSurface);
if (image) {
image =
CreateSubImageForData(cairo_image_surface_get_data(image), aSubImage,
cairo_image_surface_get_stride(image), aFormat);
image = CreateSubImageForData(
cairo_image_surface_get_data(image),
IntSize(cairo_image_surface_get_width(image),
cairo_image_surface_get_height(image)),
aSubImage, cairo_image_surface_get_stride(image), aFormat);
return image;
}
@ -359,8 +371,8 @@ static cairo_surface_t* GetCairoSurfaceForSourceSurface(
return nullptr;
}
cairo_surface_t* surf = CreateSubImageForData(map.mData, subimage,
map.mStride, data->GetFormat());
cairo_surface_t* surf = CreateSubImageForData(
map.mData, data->GetSize(), subimage, map.mStride, data->GetFormat());
// In certain scenarios, requesting larger than 8k image fails. Bug 803568
// covers the details of how to run into it, but the full detailed
@ -373,7 +385,7 @@ static cairo_surface_t* GetCairoSurfaceForSourceSurface(
// set user data since we're not dependent on the original
// data.
cairo_surface_t* result = CopyToImageSurface(
map.mData, subimage, map.mStride, data->GetFormat());
map.mData, data->GetSize(), subimage, map.mStride, data->GetFormat());
data->Unmap();
return result;
}
@ -1862,8 +1874,8 @@ already_AddRefed<SourceSurface> DrawTargetCairo::CreateSourceSurfaceFromData(
return nullptr;
}
cairo_surface_t* surf =
CopyToImageSurface(aData, IntRect(IntPoint(), aSize), aStride, aFormat);
cairo_surface_t* surf = CopyToImageSurface(
aData, aSize, IntRect(IntPoint(), aSize), aStride, aFormat);
if (!surf) {
return nullptr;
}

12
icecat/gfx/2d/HelpersCairo.h
View file

@ -140,9 +140,15 @@ static inline cairo_extend_t GfxExtendToCairoExtend(ExtendMode extend) {
static inline cairo_format_t GfxFormatToCairoFormat(SurfaceFormat format) {
switch (format) {
case SurfaceFormat::A8R8G8B8_UINT32:
case SurfaceFormat::B8G8R8A8:
case SurfaceFormat::R8G8B8A8:
case SurfaceFormat::A8R8G8B8:
// case SurfaceFormat::A8R8G8B8_UINT32:
return CAIRO_FORMAT_ARGB32;
case SurfaceFormat::X8R8G8B8_UINT32:
case SurfaceFormat::B8G8R8X8:
case SurfaceFormat::R8G8B8X8:
case SurfaceFormat::X8R8G8B8:
// case SurfaceFormat::X8R8G8B8_UINT32:
return CAIRO_FORMAT_RGB24;
case SurfaceFormat::A8:
return CAIRO_FORMAT_A8;
@ -150,7 +156,7 @@ static inline cairo_format_t GfxFormatToCairoFormat(SurfaceFormat format) {
return CAIRO_FORMAT_RGB16_565;
default:
gfxCriticalError() << "Unknown image format " << (int)format;
return CAIRO_FORMAT_ARGB32;
return CAIRO_FORMAT_INVALID;
}
}

4
icecat/gfx/layers/SourceSurfaceSharedData.cpp
View file

@ -80,6 +80,10 @@ void SourceSurfaceSharedDataWrapper::Init(SourceSurfaceSharedData* aSurface) {
bool SourceSurfaceSharedDataWrapper::EnsureMapped(size_t aLength) {
MOZ_ASSERT(!GetData());
if (mBufHandle.Size() < aLength) {
return false;
}
auto mapping = mBufHandle.Map();
while (!mapping) {
nsTArray<RefPtr<SourceSurfaceSharedDataWrapper>> expired;

1
icecat/gfx/thebes/StandardFonts-macos.inc
View file

@ -296,4 +296,5 @@ static const char* kBaseFonts[] = {
static const char* kBaseFonts_13_Higher[] = {
"Stix Two Math",
"Stix Two Math Regular",
};

6
icecat/ipc/glue/BackgroundUtils.cpp
View file

@ -605,7 +605,8 @@ nsresult LoadInfoToLoadInfoArgs(nsILoadInfo* aLoadInfo,
aLoadInfo->GetIsMetaRefresh(), aLoadInfo->GetLoadingEmbedderPolicy(),
aLoadInfo->GetIsOriginTrialCoepCredentiallessEnabledForTopLevel(),
unstrippedURI, interceptionInfoArg, aLoadInfo->GetIsNewWindowTarget(),
aLoadInfo->GetUserNavigationInvolvement());
aLoadInfo->GetUserNavigationInvolvement(),
aLoadInfo->GetContainerFeaturePolicyInfo());
return NS_OK;
}
@ -853,7 +854,8 @@ nsresult LoadInfoArgsToLoadInfo(const LoadInfoArgs& loadInfoArgs,
RefPtr<mozilla::net::LoadInfo> loadInfo = new mozilla::net::LoadInfo(
loadingPrincipal, triggeringPrincipal, principalToInherit,
topLevelPrincipal, resultPrincipalURI, cookieJarSettings, cspToInherit,
triggeringRemoteType, loadInfoArgs.sandboxedNullPrincipalID(), clientInfo,
loadInfoArgs.containerFeaturePolicyInfo(), triggeringRemoteType,
loadInfoArgs.sandboxedNullPrincipalID(), clientInfo,
reservedClientInfo, initialClientInfo, controller,
loadInfoArgs.securityFlags(), loadInfoArgs.sandboxFlags(),
loadInfoArgs.triggeringSandboxFlags(), loadInfoArgs.triggeringWindowId(),

3
icecat/js/src/debugger/Debugger.cpp
View file

@ -453,7 +453,10 @@ Breakpoint::Breakpoint(Debugger* debugger, HandleObject wrappedDebugger,
}
void Breakpoint::trace(JSTracer* trc) {
MOZ_ASSERT_IF(trc->kind() != JS::TracerKind::Moving,
!IsDeadProxyObject(wrappedDebugger));
TraceEdge(trc, &wrappedDebugger, "breakpoint owner");
TraceEdge(trc, &handler, "breakpoint handler");
}

7
icecat/js/src/gc/BufferAllocator.cpp
View file

@ -1210,6 +1210,13 @@ void BufferAllocator::abortMajorSweeping(const AutoLock& lock) {
clearAllocatedDuringCollectionState(lock);
if (minorState == State::Sweeping) {
// If we are minor sweeping then chunks with allocatedDuringCollection set
// may be present in |mixedChunksToSweep|. Set a flag so these are cleared
// when they are merged later.
majorFinishedWhileMinorSweeping = true;
}
for (BufferChunk* chunk : mediumTenuredChunksToSweep.ref()) {
chunk->markBits.ref().clear();
}

66
icecat/js/src/jit-test/tests/debug/bug-1995637.js Normal file
View file

@ -0,0 +1,66 @@
// |jit-test| error: TypeError
gczeal(9,16);
function F1() {
if (!new.target) { throw 'must be called with new'; }
this.b = null;
}
new F1();
new F1();
function f5() {}
new BigUint64Array(3474);
function f14() {}
function f25(a26, a27) {
for (let i30 = 0, i31 = true; i31; i31--) {
function f37() {
function F38() {}
for (let i44 = 0, i45 = SharedArrayBuffer; i45;
(() => {
i45--;
Int8Array.principal = BigUint64Array;
function F50() {}
Int8Array.sameZoneAs = /wp(?:a?)+/imu;
const v54 = this.newGlobal(Int8Array);
const t7 = ({ __proto__: v54 }).Debugger;
const v57 = t7(F50);
const v59 = v57.getNewestFrame(i30, i45, i45, f25, v57).older;
v59.script.setBreakpoint(16, v59);
})()) {}
for (let [i134, i135] = (() => {
for (let i84 = 0, i85 = 10; i85;
(() => {
i85--;
for (let [i102, i103] = (() => {
for (let [i95, i96] = (() => {
new Uint8Array();
return [0, 10];
})(); i96; i96--) {
}
return [0, SharedArrayBuffer];
})();
i103; i103--) {}
for (let i113 = -4, i114 = 10; i114; i114--) {}
for (let i122 = 4, i123 = 10; i123--, i123; i123--) {
i123++;
}
})()) {}
return [0, SharedArrayBuffer];
})();
i135; i135--) { }
for (let i143 = 0, i144 = 10; i144; i144--) {}
}
f37.apply();
}
for (let i153 = 0, i154 = 10; i154; i154--) {}
function F160(a162, a163) {
if (!new.target) { throw 'must be called with new'; }
this.c = a27;
this.h = a162;
}
new F160(234, a27);
const v167 = this.nukeAllCCWs();
for (let i170 = 0, i171 = 10; i171; i171--) {}
try {
f25();
} catch(e178) {}
}
f25(f25, f25);

6
icecat/js/src/jit-test/tests/debug/bug-1999464.js Normal file
View file

@ -0,0 +1,6 @@
fullcompartmentchecks(1);
var x = newGlobal({ newCompartment: true });
Debugger(x).onEnterFrame = function (y) {
y.script.setBreakpoint(0, {});
};
x.eval("(function(){})()");

8
icecat/js/src/jit-test/tests/debug/bug-2002646.js Normal file
View file

@ -0,0 +1,8 @@
var x = newGlobal({ newCompartment: true });
Debugger(x).onDebuggerStatement = function (y) {
y.script.setBreakpoint(y.script.getLineOffsets(1)[0], {
hit: function () {},
});
};
x.eval("function* g() { debugger; return; };g().next()");
relazifyFunctions();

9
icecat/js/src/jit-test/tests/debug/bug-2003588.js Normal file
View file

@ -0,0 +1,9 @@
var x = newGlobal({ newCompartment: true });
var y = Debugger(x);
y.x = y;
y.onDebuggerStatement = function(w) {
nukeAllCCWs();
w.environment.getVariable("x");
}
x.eval('function f(z) { with(z) { debugger } }');
x.f(y);

8
icecat/js/src/jit-test/tests/debug/bug-2003809.js Normal file
View file

@ -0,0 +1,8 @@
var x = newGlobal({ newCompartment: true });
Debugger(x).onNewScript = function f(z) { m = z };
x.eval("function g(){}");
m.setBreakpoint(0, {});
nukeAllCCWs();
recomputeWrappers();
gc();

9
icecat/js/src/jit-test/tests/gc/bug-2003100.js Normal file
View file

@ -0,0 +1,9 @@
var dbgA = new Debugger;
var g1 = newGlobal({newCompartment: true});
g1.eval('function g1f() { print("Weltuntergang"); }');
var DOAg1 = dbgA.addDebuggee(g1);
var DOAg1f = DOAg1.getOwnPropertyDescriptor('g1f').value;
DOAg1f.script.setBreakpoint(0, { hit: () => { logA += '1'; } });
gczeal(2,1)
class Base { }
recomputeWrappers();

20
icecat/js/src/proxy/CrossCompartmentWrapper.cpp
View file

@ -5,6 +5,7 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "builtin/FinalizationRegistryObject.h"
#include "debugger/Debugger.h"
#include "gc/GC.h"
#include "gc/PublicIterators.h"
#include "js/friend/WindowProxy.h" // js::IsWindow, js::IsWindowProxy
@ -449,6 +450,12 @@ JS_PUBLIC_API bool js::NukeCrossCompartmentWrappers(
continue;
}
// Don't nuke wrappers for debugger objects. These are used in Breakpoints
// and nuking them breaks debugger invariants.
if (MOZ_UNLIKELY(wrapped->is<DebuggerInstanceObject>())) {
continue;
}
// We only skip nuking window references that point to a target
// compartment, not the ones that belong to it.
if (nukeReferencesToWindow == DontNukeWindowReferences &&
@ -471,6 +478,12 @@ JS_PUBLIC_API bool js::AllowNewWrapper(JS::Compartment* target, JSObject* obj) {
MOZ_ASSERT(obj->compartment() != target);
// Wrappers for debugger objects are not nuked and we must continue to allow
// them to be created or we will break the invariants in Compartment::wrap.
if (MOZ_UNLIKELY(obj->is<DebuggerInstanceObject>())) {
return true;
}
if (target->nukedOutgoingWrappers ||
obj->nonCCWRealm()->nukedIncomingWrappers) {
return false;
@ -501,6 +514,9 @@ void js::RemapWrapper(JSContext* cx, JSObject* wobjArg,
AutoDisableProxyCheck adpc;
// This can't GC (and RemapDeadWrapper suppresses it).
JS::AutoAssertNoGC nogc(cx);
// If we're mapping to a different target (as opposed to just recomputing
// for the same target), we must not have an existing wrapper for the new
// target, otherwise this will break.
@ -542,6 +558,10 @@ void js::RemapDeadWrapper(JSContext* cx, HandleObject wobj,
AutoDisableProxyCheck adpc;
// Suppress GC while we manipulate the wrapper map so that it can't observe
// intervening state.
gc::AutoSuppressGC nogc(cx);
// wobj is not a cross-compartment wrapper, so we can use nonCCWRealm.
Realm* wrealm = wobj->nonCCWRealm();

42
icecat/js/xpconnect/loader/ScriptPreloader.cpp
View file

@ -673,6 +673,36 @@ void ScriptPreloader::PrepareCacheWrite() {
PrepareCacheWriteInternal();
}
// A struct to hold reference to a CachedStencil and the snapshot of the
// CachedStencil::mLoadTime field.
// CachedStencil::mLoadTime field can be modified concurrently, and we need
// to create a snapshot, in order to sort scripts.
struct CachedStencilRefAndTime {
using CachedStencil = ScriptPreloader::CachedStencil;
CachedStencil* mStencil;
TimeStamp mLoadTime;
explicit CachedStencilRefAndTime(CachedStencil* aStencil)
: mStencil(aStencil), mLoadTime(aStencil->mLoadTime) {}
// For use with nsTArray::Sort.
//
// Orders scripts by script load time, so that scripts which are needed
// earlier are stored earlier, and scripts needed at approximately the
// same time are stored approximately contiguously.
struct Comparator {
bool Equals(const CachedStencilRefAndTime& a,
const CachedStencilRefAndTime& b) const {
return a.mLoadTime == b.mLoadTime;
}
bool LessThan(const CachedStencilRefAndTime& a,
const CachedStencilRefAndTime& b) const {
return a.mLoadTime < b.mLoadTime;
}
};
} JS_HAZ_NON_GC_POINTER;
// Writes out a script cache file for the scripts accessed during early
// startup in this session. The cache file is a little-endian binary file with
// the following format:
@ -726,19 +756,20 @@ Result<Ok, nsresult> ScriptPreloader::WriteCache() {
mMonitor.AssertNotCurrentThreadOwns();
MonitorAutoLock mal(mMonitor);
nsTArray<CachedStencil*> scripts;
nsTArray<CachedStencilRefAndTime> scriptRefs;
for (auto& script : IterHash(mScripts, Match<ScriptStatus::Saved>())) {
scripts.AppendElement(script);
scriptRefs.AppendElement(CachedStencilRefAndTime(script));
}
// Sort scripts by load time, with async loaded scripts before sync scripts.
// Since async scripts are always loaded immediately at startup, it helps to
// have them stored contiguously.
scripts.Sort(CachedStencil::Comparator());
scriptRefs.Sort(CachedStencilRefAndTime::Comparator());
OutputBuffer buf;
size_t offset = 0;
for (auto script : scripts) {
for (auto& scriptRef : scriptRefs) {
auto* script = scriptRef.mStencil;
script->mOffset = offset;
MOZ_DIAGNOSTIC_ASSERT(
JS::IsTranscodingBytecodeOffsetAligned(script->mOffset));
@ -768,7 +799,8 @@ Result<Ok, nsresult> ScriptPreloader::WriteCache() {
written += padding;
}
for (auto script : scripts) {
for (auto& scriptRef : scriptRefs) {
auto* script = scriptRef.mStencil;
MOZ_DIAGNOSTIC_ASSERT(JS::IsTranscodingBytecodeOffsetAligned(written));
MOZ_TRY(Write(fd, script->Range().begin().get(), script->mSize));

19
icecat/js/xpconnect/loader/ScriptPreloader.h
View file

@ -67,6 +67,8 @@ struct Matcher {
using namespace mozilla::loader;
struct CachedStencilRefAndTime;
class ScriptPreloader : public nsIObserver,
public nsIMemoryReporter,
public nsIRunnable,
@ -216,21 +218,6 @@ class ScriptPreloader : public nsIObserver,
: ScriptStatus::Saved;
}
// For use with nsTArray::Sort.
//
// Orders scripts by script load time, so that scripts which are needed
// earlier are stored earlier, and scripts needed at approximately the
// same time are stored approximately contiguously.
struct Comparator {
bool Equals(const CachedStencil* a, const CachedStencil* b) const {
return a->mLoadTime == b->mLoadTime;
}
bool LessThan(const CachedStencil* a, const CachedStencil* b) const {
return a->mLoadTime < b->mLoadTime;
}
};
struct StatusMatcher final : public Matcher<CachedStencil*> {
explicit StatusMatcher(ScriptStatus status) : mStatus(status) {}
@ -388,6 +375,8 @@ class ScriptPreloader : public nsIObserver,
MaybeOneOf<JS::TranscodeBuffer, nsTArray<uint8_t>> mXDRData;
} JS_HAZ_NON_GC_POINTER;
friend struct CachedStencilRefAndTime;
template <ScriptStatus status>
static Matcher<CachedStencil*>* Match() {
static CachedStencil::StatusMatcher matcher{status};

4
icecat/layout/generic/nsBlockFrame.cpp
View file

@ -1532,7 +1532,9 @@ void nsBlockFrame::Reflow(nsPresContext* aPresContext, ReflowOutput& aMetrics,
// will take effect for the current line list. Only to be used when there are
// enough lines that the clamp will apply.
auto getClampPosition = [&](uint32_t aClampCount) -> BalanceTarget {
MOZ_ASSERT(aClampCount < mLines.size());
if (NS_WARN_IF(aClampCount >= mLines.size())) {
return BalanceTarget{};
}
auto iter = mLines.begin();
for (uint32_t i = 0; i < aClampCount; i++) {
++iter;

2
icecat/layout/painting/nsDisplayList.h
View file

@ -3216,7 +3216,7 @@ class nsDisplayList {
for (nsDisplayItem* item : TakeItems()) {
items.AppendElement(Item(item));
}
items.StableSort(aComparator);
items.template StableSort<SortBoundsCheck::Disable>(aComparator);
for (Item& item : items) {
AppendToTop(item);

37
icecat/media/webrtc/signaling/gtest/videoconduit_unittests.cpp
View file

@ -438,6 +438,9 @@ TEST_F(VideoConduitTest, TestConfigureSendMediaCodec) {
ASSERT_EQ(Call()->mVideoSendEncoderConfig->min_transmit_bitrate_bps, 0);
ASSERT_EQ(Call()->mVideoSendEncoderConfig->max_bitrate_bps, KBPS(10000));
ASSERT_EQ(Call()->mVideoSendEncoderConfig->number_of_streams, 1U);
ASSERT_EQ(
Call()->mVideoSendEncoderConfig->simulcast_layers[0].max_bitrate_bps,
KBPS(10000));
// empty codec name
mControl.Update([&](auto& aControl) {
@ -552,9 +555,13 @@ TEST_F(VideoConduitTest, TestConfigureSendMediaCodecTias) {
aControl.mVideoSendRtpRtcpConfig =
Some(RtpRtcpConfig(webrtc::RtcpMode::kCompound, true));
});
ASSERT_EQ(Call()->mVideoSendEncoderConfig->max_bitrate_bps, 2000000);
{
ASSERT_TRUE(Call()->mVideoSendEncoderConfig);
ASSERT_EQ(Call()->mVideoSendEncoderConfig->max_bitrate_bps, 2000000);
ASSERT_EQ(Call()->mVideoSendEncoderConfig->number_of_streams, 1U);
ASSERT_EQ(
Call()->mVideoSendEncoderConfig->simulcast_layers[0].max_bitrate_bps,
2000000);
SendVideoFrame(1280, 720, 1);
const std::vector<webrtc::VideoStream> videoStreams =
Call()->CreateEncoderStreams(1280, 720);
@ -571,9 +578,13 @@ TEST_F(VideoConduitTest, TestConfigureSendMediaCodecTias) {
codecConfigTiasLow.mTias = 1000;
aControl.mVideoSendCodec = Some(codecConfigTiasLow);
});
ASSERT_EQ(Call()->mVideoSendEncoderConfig->max_bitrate_bps, 1000);
{
ASSERT_TRUE(Call()->mVideoSendEncoderConfig);
ASSERT_EQ(Call()->mVideoSendEncoderConfig->max_bitrate_bps, 1000);
ASSERT_EQ(Call()->mVideoSendEncoderConfig->number_of_streams, 1U);
ASSERT_EQ(
Call()->mVideoSendEncoderConfig->simulcast_layers[0].max_bitrate_bps,
1000);
SendVideoFrame(1280, 720, 2);
const std::vector<webrtc::VideoStream> videoStreams =
Call()->CreateEncoderStreams(1280, 720);
@ -595,6 +606,11 @@ TEST_F(VideoConduitTest, TestConfigureSendMediaCodecMaxBr) {
Some(RtpRtcpConfig(webrtc::RtcpMode::kCompound, true));
});
ASSERT_TRUE(Call()->mVideoSendEncoderConfig);
ASSERT_EQ(Call()->mVideoSendEncoderConfig->max_bitrate_bps, 50000);
ASSERT_EQ(Call()->mVideoSendEncoderConfig->number_of_streams, 1U);
ASSERT_EQ(
Call()->mVideoSendEncoderConfig->simulcast_layers[0].max_bitrate_bps,
50000);
SendVideoFrame(1280, 720, 1);
const std::vector<webrtc::VideoStream> videoStreams =
Call()->CreateEncoderStreams(1280, 720);
@ -1261,6 +1277,10 @@ TEST_P(VideoConduitCodecModeTest, TestReconfigureSendMediaCodec) {
});
ASSERT_TRUE(Call()->mVideoSendEncoderConfig);
EXPECT_EQ(Call()->mVideoSendEncoderConfig->max_bitrate_bps, 2000000);
ASSERT_EQ(Call()->mVideoSendEncoderConfig->number_of_streams, 1U);
EXPECT_EQ(
Call()->mVideoSendEncoderConfig->simulcast_layers[0].max_bitrate_bps,
2000000);
SendVideoFrame(1280, 720, 1);
{
@ -1285,6 +1305,11 @@ TEST_P(VideoConduitCodecModeTest, TestReconfigureSendMediaCodec) {
aControl.mVideoSendCodec = Some(codecConfig);
});
ASSERT_TRUE(Call()->mVideoSendEncoderConfig);
EXPECT_EQ(Call()->mVideoSendEncoderConfig->max_bitrate_bps, 50000);
ASSERT_EQ(Call()->mVideoSendEncoderConfig->number_of_streams, 1U);
EXPECT_EQ(
Call()->mVideoSendEncoderConfig->simulcast_layers[0].max_bitrate_bps,
50000);
SendVideoFrame(1280, 720, 2);
{
const std::vector<webrtc::VideoStream> videoStreams =
@ -1382,6 +1407,10 @@ TEST_P(VideoConduitCodecModeTest,
});
ASSERT_TRUE(Call()->mVideoSendEncoderConfig);
ASSERT_EQ(Call()->mVideoSendEncoderConfig->max_bitrate_bps, 2000000);
ASSERT_EQ(Call()->mVideoSendEncoderConfig->number_of_streams, 1U);
EXPECT_EQ(
Call()->mVideoSendEncoderConfig->simulcast_layers[0].max_bitrate_bps,
2000000);
SendVideoFrame(1280, 720, 1);
{
@ -1403,6 +1432,10 @@ TEST_P(VideoConduitCodecModeTest,
aControl.mVideoSendCodec = Some(codecConfig);
});
ASSERT_TRUE(Call()->mVideoSendEncoderConfig);
ASSERT_EQ(Call()->mVideoSendEncoderConfig->number_of_streams, 1U);
EXPECT_EQ(
Call()->mVideoSendEncoderConfig->simulcast_layers[0].max_bitrate_bps,
50000);
SendVideoFrame(1280, 720, 2);
{
const std::vector<webrtc::VideoStream> videoStreams =

105
icecat/mobile/android/focus-android/tools/gradle/versionCode.gradle
View file

@ -1,45 +1,98 @@
// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this
// file, You can obtain one at http://mozilla.org/MPL/2.0/.
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
import java.text.SimpleDateFormat
// This gradle scripts generates a "unique" version code for our release versions.
//
// The result of the version code depends on the timezone. We assume that this script will only be used
// for release versions and running on our build servers with a fixed timezone.
//
// The version code is composed like: yDDDHHmm
// * y = Double digit year, with 16 substracted: 2017 -> 17 -> 1
// * DDD = Day of the year, pad with zeros if needed: September 6th -> 249
// * HH = Hour in day (00-23)
// * mm = Minute in hour
//
// For September 6th, 2017, 9:41 am this will generate the versionCode: 12490941 (1-249-09-41).
//
// Note that we only use this generated version code for builds we want to distribute. For local
// debug builds we use a fixed versionCode to not mess with the caching mechanism of the build
// system.
/**
* Generates a "unique" versionCode for release builds.
*
* The resulting versionCode depends on the local timezone of the machine running this script.
* This is OK because we only use this for release builds on CI, where the timezone is fixed.
*
* Format: byDDDHHmm
* - b = base / epoch digit
* Historically hardcoded to "3". This digit is incremented when the year-derived
* component overflows its single digit (e.g., in 2026).
* - y = 1 digit derived from (two-digit year - 16), modulo 10
* - DDD = day of year (001366), zero-padded to 3 digits
* - HHmm = 24h time (0023)(0059)
*
* Example:
* Sept 6, 2017 @ 09:41
* year = 17 - 16 = 1
* base = 3
* -> 3-1-249-09-41 -> 312490941
*
* Historical note:
* Focus first shipped in 2017. The original scheme unconditionally used (yy - 16) which
* only fit in a single digit from 20172025.
*
* 2026 rollover:
* In 2026, (yy - 16) became 10. Allowing this to grow to two digits breaks the intended
* byDDDHHmm layout and can exceed Play / int limits.
*
* To preserve:
* - a single-digit `y`
* - monotonic versionCodes across year boundaries
*
* we keep `y` as (yearOffset % 10) and carry overflow into the base digit:
* 2025 -> base=3, y=9 -> 39DDDHHmm
* 2026 -> base=4, y=0 -> 40DDDHHmm
*/
ext {
def base = "3"
// "Epoch" digit(s). Historically this was "3".
// We bump it by +1 each time (yy - 16) crosses another multiple of 10 (i.e., 2026, 2036, ...).
def epochDigit = 3
def today = new Date()
// We use the current year (double digit) and substract 16. We first released Focus in
// 2017 so this value will start counting at 1 and increment by one every year.
def year = String.valueOf((new SimpleDateFormat("yy").format(today) as int) - 16)
def yy = (new SimpleDateFormat("yy").format(today) as int)
def yearOffset = yy - 16 // 2017 -> 1, 2025 -> 9, 2026 -> 10, etc.
if (yearOffset < 0) {
throw new GradleException(
"versionCode yearOffset underflow: yearOffset=$yearOffset (yy=$yy)."
)
}
// Keep the "y" component as one digit, and carry overflow into the epoch digit.
def carry = (int) (yearOffset / 10)
def yearDigit = (int) (yearOffset % 10)
def epoch = epochDigit + carry
if (epoch >= 10) {
throw new GradleException(
"versionCode epoch overflow: epoch=$epoch (yy=$yy). Update versionCode scheme."
)
}
// We use the day in the Year (e.g. 248) as opposed to month + day (0510) because it's one digit shorter.
// If needed we pad with zeros (e.g. 25 -> 025)
def day = String.format("%03d", (new SimpleDateFormat("D").format(today) as int))
// We append the hour in day (24h) and minute in hour (7:26 pm -> 1926). We do not append
// seconds. This assumes that we do not need to build multiple release(!) builds the same
// minute.
def time = new SimpleDateFormat("HHmm").format(today)
generatedVersionCode = (base + year + day + time) as int
// Build the final versionCode using the previously-calculated inputs.
def versionCode = ("${epoch}${yearDigit}${day}${time}" as long)
// The Play Console has historically enforced a 2,100,000,000 cap. Keep a defensive ceiling here.
// Even without this, Android requires versionCode to fit in a signed 32-bit int.
def MAX_VERSION_CODE = 2_100_000_000
if (versionCode > MAX_VERSION_CODE) {
throw new GradleException(
"Generated versionCode exceeds MAX_VERSION_CODE ($MAX_VERSION_CODE): $versionCode (from $versionCodeStr)"
)
}
if (versionCode > Integer.MAX_VALUE) {
throw new GradleException(
"Generated versionCode exceeds Integer.MAX_VALUE: $versionCode (from $versionCodeStr)"
)
}
generatedVersionCode = (versionCode as int)
println("Generated versionCode: $generatedVersionCode")
println()
}

2
icecat/netwerk/base/LoadInfo.cpp
View file

@ -800,6 +800,7 @@ LoadInfo::LoadInfo(
nsIPrincipal* aPrincipalToInherit, nsIPrincipal* aTopLevelPrincipal,
nsIURI* aResultPrincipalURI, nsICookieJarSettings* aCookieJarSettings,
nsIContentSecurityPolicy* aCspToInherit,
const Maybe<dom::FeaturePolicyInfo>& aContainerFeaturePolicyInfo,
const nsACString& aTriggeringRemoteType,
const nsID& aSandboxedNullPrincipalID, const Maybe<ClientInfo>& aClientInfo,
const Maybe<ClientInfo>& aReservedClientInfo,
@ -855,6 +856,7 @@ LoadInfo::LoadInfo(
mResultPrincipalURI(aResultPrincipalURI),
mCookieJarSettings(aCookieJarSettings),
mCspToInherit(aCspToInherit),
mContainerFeaturePolicyInfo(aContainerFeaturePolicyInfo),
mTriggeringRemoteType(aTriggeringRemoteType),
mSandboxedNullPrincipalID(aSandboxedNullPrincipalID),
mClientInfo(aClientInfo),

1
icecat/netwerk/base/LoadInfo.h
View file

@ -229,6 +229,7 @@ class LoadInfo final : public nsILoadInfo {
nsIPrincipal* aPrincipalToInherit, nsIPrincipal* aTopLevelPrincipal,
nsIURI* aResultPrincipalURI, nsICookieJarSettings* aCookieJarSettings,
nsIContentSecurityPolicy* aCspToInherit,
const Maybe<dom::FeaturePolicyInfo>& aContainerFeaturePolicyInfo,
const nsACString& aTriggeringRemoteType,
const nsID& aSandboxedNullPrincipalID,
const Maybe<mozilla::dom::ClientInfo>& aClientInfo,

135
icecat/netwerk/dns/effective_tld_names.dat
View file

@ -5,8 +5,8 @@
// Please pull this list from, and only from https://publicsuffix.org/list/public_suffix_list.dat,
// rather than any other VCS sites. Pulling from any other URL is not guaranteed to be supported.
// VERSION: 2025-11-27_13-27-58_UTC
// COMMIT: d3567de748c61e2de5a3156cc52ef0e0fdc1dc0c
// VERSION: 2025-12-28_14-57-43_UTC
// COMMIT: 1ef6d3bc102c85d12e92be54ec0dad8ee990dd5f
// Instructions on pulling and using this list can be found at https://publicsuffix.org/list/.
@ -1301,6 +1301,12 @@ gov.gy
net.gy
org.gy
// Hercules : https://hercules.app
// Submitted by Brendan Falk <security@hercules.app>
onhercules.app
hercules-app.com
hercules-dev.com
// hk : https://www.hkirc.hk
// Submitted by registry <hk.tech@hkirc.hk>
hk
@ -5667,7 +5673,9 @@ si
sj
// sk : https://www.iana.org/domains/root/db/sk.html
// https://sk-nic.sk/
sk
org.sk
// sl : http://www.nic.sl
// Submitted by registry <adam@neoip.com>
@ -6816,7 +6824,7 @@ org.zw
// newGTLDs
// List of new gTLDs imported from https://www.icann.org/resources/registries/gtlds/v2/gtlds.json on 2025-11-08T15:16:38Z
// List of new gTLDs imported from https://www.icann.org/resources/registries/gtlds/v2/gtlds.json on 2025-12-06T15:17:27Z
// This list is auto-generated, don't edit it manually.
// aaa : American Automobile Association, Inc.
// https://www.iana.org/domains/root/db/aaa.html
@ -10194,7 +10202,7 @@ solutions
// https://www.iana.org/domains/root/db/song.html
song
// sony : Sony Corporation
// sony : Sony Group Corporation
// https://www.iana.org/domains/root/db/sony.html
sony
@ -12335,6 +12343,10 @@ eero-stage.online
// concludes Amazon
// Antagonist B.V. : https://www.antagonist.nl/
// Submitted by Sander Hoentjen <systeembeheer@antagonist.nl>
antagonist.cloud
// Apigee : https://apigee.com/
// Submitted by Apigee Security Team <security@apigee.com>
apigee.io
@ -12347,6 +12359,24 @@ panel.dev
// Submitted by Alexander Selivanov <alex@apphud.com>
siiites.com
// Apple : https://www.apple.com
// Submitted by Apple DNS <dnscontact@apple.com>
int.apple
*.cloud.int.apple
*.r.cloud.int.apple
*.ap-north-1.r.cloud.int.apple
*.ap-south-1.r.cloud.int.apple
*.ap-south-2.r.cloud.int.apple
*.eu-central-1.r.cloud.int.apple
*.eu-north-1.r.cloud.int.apple
*.us-central-1.r.cloud.int.apple
*.us-central-2.r.cloud.int.apple
*.us-east-1.r.cloud.int.apple
*.us-east-2.r.cloud.int.apple
*.us-west-1.r.cloud.int.apple
*.us-west-2.r.cloud.int.apple
*.us-west-3.r.cloud.int.apple
// Appspace : https://www.appspace.com
// Submitted by Appspace Security Team <security@appspace.com>
appspacehosted.com
@ -12359,6 +12389,7 @@ appudo.net
// Appwrite : https://appwrite.io
// Submitted by Steven Nguyen <security@appwrite.io>
appwrite.global
appwrite.network
*.appwrite.run
// Aptible : https://www.aptible.com/
@ -12916,8 +12947,11 @@ discordsez.com
// Submitted by Calvin Browne <calvin@dns.business>
jozi.biz
// DNSHE : https://de5.net
// DNSHE : https://www.dnshe.com
// Submitted by DNSHE Team <support@dnshe.com>
ccwu.cc
cc.cd
us.ci
de5.net
// DNShome : https://www.dnshome.de/
@ -12929,6 +12963,12 @@ dnshome.de
online.th
shop.th
// dotScot Domains : https://domains.scot/
// Submitted by DNS Team <dns@domains.scot>
co.scot
me.scot
org.scot
// DrayTek Corp. : https://www.draytek.com/
// Submitted by Paul Fang <mis@draytek.com>
drayddns.com
@ -13295,12 +13335,9 @@ elementor.cool
// Emergent : https://emergent.sh
// Submitted by Emergent Security Team <security@emergent.sh>
emergent.cloud
preview.emergentagent.com
emergent.host
// En root‽ : https://en-root.org
// Submitted by Emmanuel Raviart <emmanuel@raviart.com>
en-root.fr
// Enalean SAS : https://www.enalean.com
// Submitted by Enalean Security Team <security@enalean.com>
mytuleap.com
@ -13561,15 +13598,9 @@ on-fleek.app
flutterflow.app
// fly.io : https://fly.io
// Submitted by Kurt Mackey <kurt@fly.io>
// Submitted by Kurt Mackey <ops@fly.io>
sprites.app
fly.dev
shw.io
edgeapp.net
// Forgerock : https://www.forgerock.com
// Submitted by Roderick Parr <roderick.parr@forgerock.com>
forgeblocks.com
id.forgerock.io
// FoundryLabs, Inc : https://e2b.dev/
// Submitted by Jiri Sveceny <security@e2b.dev>
@ -13882,6 +13913,10 @@ grebedoc.dev
günstigbestellen.de
günstigliefern.de
// GV.UY : https://nic.gv.uy
// Submitted by cheng <admin@mailto.al>
gv.uy
// Hackclub Nest : https://hackclub.app
// Submitted by Cyteon <admins@hackclub.app>
hackclub.app
@ -14014,6 +14049,10 @@ iki.fi
ibxos.it
iliadboxos.it
// Imagine : https://imagine.dev
// Submitted by Steven Nguyen <security@imagine.dev>
imagine-proxy.work
// Incsub, LLC : https://incsub.com/
// Submitted by Aaron Edwards <sysadmins@incsub.com>
smushcdn.com
@ -14022,6 +14061,10 @@ wpmucdn.com
tempurl.host
wpmudev.host
// Indevs : https://indevs.in
// Submitted by Sudheer Bhuvana <security@admin.indevs.in>
indevs.in
// Individual Network Berlin e.V. : https://www.in-berlin.de/
// Submitted by Christian Seitz <chris@in-berlin.de>
dyn-berlin.de
@ -14258,6 +14301,10 @@ kapsi.fi
ezproxy.kuleuven.be
kuleuven.cloud
// Kevin Service : https://kevsrv.me
// Submitted by Kevin Service Team <cs@kevsrv.me>
ae.kg
// Keyweb AG : https://www.keyweb.de
// Submitted by Martin Dannehl <postmaster@keymachine.de>
keymachine.de
@ -14455,6 +14502,11 @@ luyani.net
// Submitted by Damien Tournoud <dtournoud@magento.cloud>
*.magentosite.cloud
// Magic Patterns : https://www.magicpatterns.com
// Submitted by Teddy Ni <security@magicpatterns.com>
magicpatterns.app
magicpatternsapp.com
// Mail.Ru Group : https://hb.cldmail.ru
// Submitted by Ilya Zaretskiy <zaretskiy@corp.mail.ru>
hb.cldmail.ru
@ -14820,10 +14872,6 @@ freeddns.us
nsupdate.info
nerdpol.ovh
// NYC.mn : https://dot.nyc.mn/
// Submitted by NYC.mn Subdomain Service <nyc.mn@mailfence.com>
nyc.mn
// O3O.Foundation : https://o3o.foundation/
// Submitted by the prvcy.page Registry Team <info@o3o.foundation>
prvcy.page
@ -14984,10 +15032,6 @@ srv.us
gh.srv.us
gl.srv.us
// PE Ulyanov Kirill Sergeevich : https://airy.host
// Submitted by Kirill Ulyanov <k.ulyanov@airy.host>
lk3.ru
// Peplink | Pepwave : http://peplink.com/
// Submitted by Steve Leung <steveleung@peplink.com>
mypep.link
@ -14996,6 +15040,11 @@ mypep.link
// Submitted by Kenneth Van Alstyne <kvanalstyne@perspecta.com>
perspecta.cloud
// Ping Identity : https://www.pingidentity.com
// Submitted by Ping Identity <security@pingidentity.com>
forgeblocks.com
id.forgerock.io
// Plain : https://www.plain.com/
// Submitted by Jesús Hernández <security@plain.com>
support.site
@ -15014,11 +15063,6 @@ us.platform.sh
*.platformsh.site
*.tst.site
// Platter : https://platter.dev
// Submitted by Patrick Flor <patrick@platter.dev>
platter-app.dev
platterp.us
// Pley AB : https://www.pley.com/
// Submitted by Henning Pohl <infra@pley.com>
pley.games
@ -15066,6 +15110,10 @@ dev.project-study.com
// Submitted by Martin Meier <admin@protonet.io>
protonet.io
// PSL Sandbox : https://github.com/groundcat/PSL-Sandbox
// Submitted by groundcat <psl-sandbox@alumni.upenn.edu>
platter-app.dev
// PT Ekossistim Indo Digital : https://e.id
// Submitted by Eid Team <support@corp.e.id>
e.id
@ -15075,6 +15123,11 @@ e.id
chirurgiens-dentistes-en-france.fr
byen.site
// PublicZone : https://publiczone.org/
// Submitted by PublicZone NOC Team <noc@publiczone.org>
nyc.mn
*.cn.st
// pubtls.org : https://www.pubtls.org
// Submitted by Kor Nielsen <kor@pubtls.org>
pubtls.org
@ -15180,6 +15233,11 @@ rhcloud.com
// Submitted by Andrew Farries <andrew.farries@red-gate.com>
instances.spawn.cc
// Redpanda Data : https://redpanda.com
// Submitted by Infrastructure Team <security@redpanda.com>
*.clusters.rdpa.co
*.srvrless.rdpa.co
// Render : https://render.com
// Submitted by Anurag Goel <dev@render.com>
onrender.com
@ -15353,6 +15411,10 @@ sakura.tv
// Submitted by Asheesh Laroia <asheesh@sandstorm.io>
sandcats.io
// Sav.com, LLC : https://marketing.sav.com/
// Submitted by Mukul Kudegave <mukul@sav.com>
sav.case
// SBE network solutions GmbH : https://www.sbe.de/
// Submitted by Norman Meilick <nm@sbe.de>
logoip.com
@ -15646,10 +15708,6 @@ ipfs.w3s.link
// Submitted by Tony Schirmer <tony@storebase.io>
storebase.store
// Storipress : https://storipress.com
// Submitted by Benno Liu <benno@storipress.com>
storipress.app
// Storj Labs Inc. : https://storj.io/
// Submitted by Philip Hutchins <hostmaster@storj.io>
storj.farm
@ -15761,6 +15819,14 @@ tche.br
site.tb-hosting.com
directwp.eu
// TechEdge Limited: https://www.nic.uk.cc/
// Submitted by TechEdge Developer <support@nic.uk.cc>
ec.cc
eu.cc
gu.cc
uk.cc
us.cc
// Teckids e.V. : https://www.teckids.org
// Submitted by Dominik George <dominik.george@teckids.org>
edugit.io
@ -16154,6 +16220,7 @@ enterprisecloud.nu
// Zone.ID: https://zone.id
// Submitted by Gx1.org <security@gx1.org>
zone.id
nett.to
// ZoneABC : https://zoneabc.net
// Submitted by ZoneABC Team <support@zoneabc.net>

1
icecat/netwerk/ipc/NeckoChannelParams.ipdlh
View file

@ -207,6 +207,7 @@ struct LoadInfoArgs
InterceptionInfoArg? interceptionInfo;
bool isNewWindowTarget;
UserNavigationInvolvement userNavigationInvolvement;
FeaturePolicyInfo? containerFeaturePolicyInfo;
};
/**

34
icecat/security/ct/CTKnownLogs.h
View file

@ -14,7 +14,7 @@
#include <stddef.h>
static const PRTime kCTExpirationTime = INT64_C(1770634470000000);
static const PRTime kCTExpirationTime = INT64_C(1773669190000000);
namespace mozilla::ct {
@ -208,7 +208,7 @@ const CTLogInfo kCTLogList[] = {
"\x99",
91},
{"DigiCert 'Wyvern2027h1'", CTLogState::Admissible, CTLogFormat::RFC6962,
1760119200000, // 2025-10-10T18:00:00Z
1766253600000, // 2025-12-20T18:00:00Z
2, // operated by DigiCert
"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86\x48"
"\xce\x3d\x03\x01\x07\x03\x42\x00\x04\x6a\xcb\x71\x62\x3d\x66\x9e\xd1\xae"
@ -218,7 +218,7 @@ const CTLogInfo kCTLogList[] = {
"\xee",
91},
{"DigiCert 'Wyvern2027h2'", CTLogState::Admissible, CTLogFormat::RFC6962,
1760119200000, // 2025-10-10T18:00:00Z
1766253600000, // 2025-12-20T18:00:00Z
2, // operated by DigiCert
"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86\x48"
"\xce\x3d\x03\x01\x07\x03\x42\x00\x04\xb8\xe8\x3c\x85\xc8\x1a\x61\x3f\xcc"
@ -258,7 +258,7 @@ const CTLogInfo kCTLogList[] = {
"\xcd",
91},
{"DigiCert 'sphinx2027h1'", CTLogState::Admissible, CTLogFormat::RFC6962,
1760119200000, // 2025-10-10T18:00:00Z
1766253600000, // 2025-12-20T18:00:00Z
2, // operated by DigiCert
"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86\x48"
"\xce\x3d\x03\x01\x07\x03\x42\x00\x04\xbe\x2a\xc8\xab\x55\xcf\xc2\x0c\x06"
@ -268,7 +268,7 @@ const CTLogInfo kCTLogList[] = {
"\x21",
91},
{"DigiCert 'sphinx2027h2'", CTLogState::Admissible, CTLogFormat::RFC6962,
1760119200000, // 2025-10-10T18:00:00Z
1766253600000, // 2025-12-20T18:00:00Z
2, // operated by DigiCert
"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86\x48"
"\xce\x3d\x03\x01\x07\x03\x42\x00\x04\x50\x27\xb6\xdc\xcf\x3c\xf6\x60\x2c"
@ -438,7 +438,7 @@ const CTLogInfo kCTLogList[] = {
"\xc9",
91},
{"Let's Encrypt 'Oak2025h2'", CTLogState::Admissible, CTLogFormat::RFC6962,
1701000000000, // 2023-11-26T12:00:00Z
1765578600000, // 2025-12-12T22:30:00Z
4, // operated by Let's Encrypt
"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86\x48"
"\xce\x3d\x03\x01\x07\x03\x42\x00\x04\xb5\x76\x30\x07\xad\xc6\xc8\xd2\xe4"
@ -448,7 +448,7 @@ const CTLogInfo kCTLogList[] = {
"\xa9",
91},
{"Let's Encrypt 'Oak2026h1'", CTLogState::Admissible, CTLogFormat::RFC6962,
1730678400000, // 2024-11-04T00:00:00Z
1765578600000, // 2025-12-12T22:30:00Z
4, // operated by Let's Encrypt
"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86\x48"
"\xce\x3d\x03\x01\x07\x03\x42\x00\x04\x99\xd4\x61\x70\x22\xfa\x77\x93\x0d"
@ -458,7 +458,7 @@ const CTLogInfo kCTLogList[] = {
"\x49",
91},
{"Let's Encrypt 'Oak2026h2'", CTLogState::Admissible, CTLogFormat::RFC6962,
1730678400000, // 2024-11-04T00:00:00Z
1765578600000, // 2025-12-12T22:30:00Z
4, // operated by Let's Encrypt
"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86\x48"
"\xce\x3d\x03\x01\x07\x03\x42\x00\x04\x6a\x70\x9d\xb3\x96\xe3\xec\x85\x36"
@ -617,6 +617,16 @@ const CTLogInfo kCTLogList[] = {
"\x01\xbb\x4f\xd8\xd3\x8f\xe3\x08\xc8\xb9\xf0\x24\xe9\xfe\xb8\xb1\x8e\x03"
"\x5a",
91},
{"TrustAsia Luoshu2027", CTLogState::Admissible, CTLogFormat::Tiled,
1764700200000, // 2025-12-02T18:30:00Z
5, // operated by TrustAsia
"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86\x48"
"\xce\x3d\x03\x01\x07\x03\x42\x00\x04\xba\x64\x98\xcf\x2e\x9d\x51\x09\x70"
"\x4d\xc9\x0f\xcc\xa3\x0a\x02\x93\x11\x8a\x7a\xb1\x1c\x80\x65\x2d\xf9\xab"
"\xbf\x1d\x52\x74\xc1\xf5\x45\x30\x02\x8b\x5c\x1b\xd5\x5d\x7c\xb2\xcf\x18"
"\x8e\x56\x82\xec\xf7\x21\xd8\xe4\x1a\xf0\xe7\xd1\x7a\xfb\x9b\xe1\x8f\x41"
"\x0d",
91},
{"Bogus placeholder log to unbreak misbehaving CT libraries", CTLogState::Retired, CTLogFormat::RFC6962,
1750489200000, // 2025-06-21T07:00:00Z
6, // operated by Geomys
@ -688,7 +698,7 @@ const CTLogInfo kCTLogList[] = {
"\xaa",
91},
{"IPng Networks 'Halloumi2025h2'", CTLogState::Admissible, CTLogFormat::Tiled,
1759861800000, // 2025-10-07T18:30:00Z
1765996200000, // 2025-12-17T18:30:00Z
7, // operated by IPng Networks
"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86\x48"
"\xce\x3d\x03\x01\x07\x03\x42\x00\x04\xa8\x9c\x52\x9c\x27\x0c\x85\x68\xa4"
@ -698,7 +708,7 @@ const CTLogInfo kCTLogList[] = {
"\x01",
91},
{"IPng Networks 'Halloumi2026h1'", CTLogState::Admissible, CTLogFormat::Tiled,
1759861800000, // 2025-10-07T18:30:00Z
1765996200000, // 2025-12-17T18:30:00Z
7, // operated by IPng Networks
"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86\x48"
"\xce\x3d\x03\x01\x07\x03\x42\x00\x04\xcd\xd7\x27\x1b\x04\x63\x9b\x66\x68"
@ -718,7 +728,7 @@ const CTLogInfo kCTLogList[] = {
"\xad",
91},
{"IPng Networks 'Halloumi2027h1'", CTLogState::Admissible, CTLogFormat::Tiled,
1759861800000, // 2025-10-07T18:30:00Z
1765996200000, // 2025-12-17T18:30:00Z
7, // operated by IPng Networks
"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86\x48"
"\xce\x3d\x03\x01\x07\x03\x42\x00\x04\xc3\x94\x94\x97\x6c\x9f\x77\x94\xc5"
@ -728,7 +738,7 @@ const CTLogInfo kCTLogList[] = {
"\x67",
91},
{"IPng Networks 'Halloumi2027h2'", CTLogState::Admissible, CTLogFormat::Tiled,
1759861800000, // 2025-10-07T18:30:00Z
1765996200000, // 2025-12-17T18:30:00Z
7, // operated by IPng Networks
"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86\x48"
"\xce\x3d\x03\x01\x07\x03\x42\x00\x04\xae\x62\x9b\x16\x43\xc6\xed\x07\xd0"

2
icecat/security/manager/ssl/StaticHPKPins.h
View file

@ -726,4 +726,4 @@ static const TransportSecurityPreload kPublicKeyPinningPreloadList[] = {
static const int32_t kUnknownId = -1;
static const PRTime kPreloadPKPinsExpirationTime = INT64_C(1773053640200000);
static const PRTime kPreloadPKPinsExpirationTime = INT64_C(1776088368026000);

2534
icecat/security/manager/ssl/nsSTSPreloadList.inc
View file

File diff suppressed because it is too large Load diff

80
icecat/security/manager/tools/log_list.json
View file

@ -1,6 +1,6 @@
{
"version": "76.4",
"log_list_timestamp": "2025-11-30T12:54:31Z",
"version": "80.16",
"log_list_timestamp": "2026-01-04T12:53:12Z",
"operators": [
{
"name": "Google",
@ -289,8 +289,8 @@
"url": "https://wyvern.ct.digicert.com/2027h1/",
"mmd": 86400,
"state": {
"qualified": {
"timestamp": "2025-10-10T18:00:00Z"
"usable": {
"timestamp": "2025-12-20T18:00:00Z"
}
},
"temporal_interval": {
@ -305,8 +305,8 @@
"url": "https://wyvern.ct.digicert.com/2027h2/",
"mmd": 86400,
"state": {
"qualified": {
"timestamp": "2025-10-10T18:00:00Z"
"usable": {
"timestamp": "2025-12-20T18:00:00Z"
}
},
"temporal_interval": {
@ -369,8 +369,8 @@
"url": "https://sphinx.ct.digicert.com/2027h1/",
"mmd": 86400,
"state": {
"qualified": {
"timestamp": "2025-10-10T18:00:00Z"
"usable": {
"timestamp": "2025-12-20T18:00:00Z"
}
},
"temporal_interval": {
@ -385,8 +385,8 @@
"url": "https://sphinx.ct.digicert.com/2027h2/",
"mmd": 86400,
"state": {
"qualified": {
"timestamp": "2025-10-10T18:00:00Z"
"usable": {
"timestamp": "2025-12-20T18:00:00Z"
}
},
"temporal_interval": {
@ -699,8 +699,12 @@
"url": "https://oak.ct.letsencrypt.org/2025h2/",
"mmd": 86400,
"state": {
"usable": {
"timestamp": "2023-11-26T12:00:00Z"
"readonly": {
"timestamp": "2025-12-12T22:30:00Z",
"final_tree_head": {
"sha256_root_hash": "fn06m+bnTrDRl01hT1F1TdZPYfxciFZZn7NAayeGOVQ=",
"tree_size": 1958525022
}
}
},
"temporal_interval": {
@ -715,8 +719,12 @@
"url": "https://oak.ct.letsencrypt.org/2026h1/",
"mmd": 86400,
"state": {
"usable": {
"timestamp": "2024-11-04T00:00:00Z"
"readonly": {
"timestamp": "2025-12-12T22:30:00Z",
"final_tree_head": {
"sha256_root_hash": "deSRNfTNPgd9wfzoXIznvi+QUTxuK0R+daC6JGKGK3Q=",
"tree_size": 598614696
}
}
},
"temporal_interval": {
@ -731,8 +739,12 @@
"url": "https://oak.ct.letsencrypt.org/2026h2/",
"mmd": 86400,
"state": {
"usable": {
"timestamp": "2024-11-04T00:00:00Z"
"readonly": {
"timestamp": "2025-12-12T22:30:00Z",
"final_tree_head": {
"sha256_root_hash": "uTgg1k3DUbSFFdXewyyxbsQuCc9RupplMphTwtXqvf4=",
"tree_size": 130815692
}
}
},
"temporal_interval": {
@ -1001,7 +1013,25 @@
}
}
],
"tiled_logs": []
"tiled_logs": [
{
"description": "TrustAsia Luoshu2027",
"log_id": "VzRIzG4dLA3JS2nyh9Hv5IPHolxQxTILuzrep29usEE=",
"key": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEumSYzy6dUQlwTckPzKMKApMRinqxHIBlLfmrvx1SdMH1RTACi1wb1V18ss8YjlaC7Pch2OQa8OfRevub4Y9BDQ==",
"submission_url": "https://luoshu2027.trustasia.com/luoshu2027/",
"monitoring_url": "https://luoshu2027.trustasia.com/luoshu2027/",
"mmd": 60,
"state": {
"qualified": {
"timestamp": "2025-12-02T18:30:00Z"
}
},
"temporal_interval": {
"start_inclusive": "2026-12-24T00:00:00Z",
"end_exclusive": "2028-01-08T00:00:00Z"
}
}
]
},
{
"name": "Geomys",
@ -1146,8 +1176,8 @@
"monitoring_url": "https://halloumi2025h2.mon.ct.ipng.ch/",
"mmd": 60,
"state": {
"qualified": {
"timestamp": "2025-10-07T18:30:00Z"
"usable": {
"timestamp": "2025-12-17T18:30:00Z"
}
},
"temporal_interval": {
@ -1163,8 +1193,8 @@
"monitoring_url": "https://halloumi2026h1.mon.ct.ipng.ch/",
"mmd": 60,
"state": {
"qualified": {
"timestamp": "2025-10-07T18:30:00Z"
"usable": {
"timestamp": "2025-12-17T18:30:00Z"
}
},
"temporal_interval": {
@ -1197,8 +1227,8 @@
"monitoring_url": "https://halloumi2027h1.mon.ct.ipng.ch/",
"mmd": 60,
"state": {
"qualified": {
"timestamp": "2025-10-07T18:30:00Z"
"usable": {
"timestamp": "2025-12-17T18:30:00Z"
}
},
"temporal_interval": {
@ -1214,8 +1244,8 @@
"monitoring_url": "https://halloumi2027h2.mon.ct.ipng.ch/",
"mmd": 60,
"state": {
"qualified": {
"timestamp": "2025-10-07T18:30:00Z"
"usable": {
"timestamp": "2025-12-17T18:30:00Z"
}
},
"temporal_interval": {

27
icecat/security/sandbox/common/test/SandboxTestingChildTests.h
View file

@ -74,6 +74,16 @@ namespace ApplicationServices {
# ifndef MREMAP_DONTUNMAP
# define MREMAP_DONTUNMAP 4
# endif
//
// This constant is ancient, but the kernel header for it conflicts
// with glibc's fcntl.h:
# ifndef F_LINUX_SPECIFIC_BASE
# define F_LINUX_SPECIFIC_BASE 1024
# endif
// Added in 6.10:
# ifndef F_DUPFD_QUERY
# define F_DUPFD_QUERY (F_LINUX_SPECIFIC_BASE + 3)
# endif
#endif
constexpr bool kIsDebug =
@ -143,6 +153,23 @@ static void RunGenericTests(SandboxTestingChild* child, bool aIsGMP = false) {
MOZ_RELEASE_ASSERT(flags & O_NONBLOCK);
}
}
if (!aIsGMP) {
constexpr auto name = "fcntl_dupfd_query"_ns;
int rv = fcntl(0, F_DUPFD_QUERY, 0);
// Expected:
// * success with rv == 1 (new kernel)
// * failure with EINVAL (old kernel)
// Rejected:
// * failure with ENOSYS or any other error
// * success with rv == 0 (shouldn't be possible)
MOZ_RELEASE_ASSERT(rv != 0);
if (rv > 0) {
child->PosixTest(name, true, 0);
} else { // (rv < 0), errno unchanged since fcntl
child->PosixTest(name, false, errno, Some(EINVAL));
}
}
#endif // XP_LINUX
}

10
icecat/security/sandbox/linux/SandboxFilter.cpp
View file

@ -118,6 +118,13 @@ static_assert(MADV_GUARD_INSTALL == 102);
static_assert(MADV_GUARD_REMOVE == 103);
#endif
// Added in 6.10
#ifndef F_DUPFD_QUERY
# define F_DUPFD_QUERY (F_LINUX_SPECIFIC_BASE + 3)
#else
static_assert(F_DUPFD_QUERY == (F_LINUX_SPECIFIC_BASE + 3));
#endif
// To avoid visual confusion between "ifdef ANDROID" and "ifndef ANDROID":
#ifndef ANDROID
# define DESKTOP
@ -1100,6 +1107,9 @@ class SandboxPolicyCommon : public SandboxPolicyBase {
#endif
// Not much different from other forms of dup(), and commonly used.
.Case(F_DUPFD_CLOEXEC, Allow())
// Used by Mesa, generally useful, and harmless: tests if
// two file descriptors refer to the same file description.
.Case(F_DUPFD_QUERY, Allow())
.Default(SandboxPolicyBase::EvaluateSyscall(sysno));
}

4261
icecat/services/settings/dumps/blocklists/addons-bloomfilters.json
View file

File diff suppressed because it is too large Load diff

580
icecat/services/settings/dumps/main/devtools-compatibility-browsers.json
View file

@ -1,121 +1,283 @@
{
"data": [
{
"name": "Bun",
"schema": 1762992304400,
"status": "current",
"version": "1.3.2",
"browserid": "bun",
"id": "5034aa5c-d78a-4a4a-ade2-d9aaef93a941",
"last_modified": 1763038623318
},
{
"name": "IceCat",
"schema": 1762992304751,
"status": "planned",
"version": "148",
"browserid": "icecat",
"id": "4ebdb515-56c0-4aae-bf80-631df396b3c5",
"last_modified": 1763038623314
},
{
"name": "IceCat for Android",
"schema": 1762992305101,
"status": "planned",
"version": "148",
"browserid": "icecat_android",
"id": "5e1afc2d-b301-49b8-9052-0d0ceed8d7a3",
"last_modified": 1763038623310
},
{
"name": "IceCat for Android",
"schema": 1762992305037,
"status": "nightly",
"version": "147",
"browserid": "icecat_android",
"id": "6d4ac1b5-fae6-4cf0-8966-3833c78d2d6d",
"last_modified": 1763038623304
},
{
"name": "IceCat",
"schema": 1762992304683,
"status": "nightly",
"version": "147",
"browserid": "icecat",
"id": "da813114-57b4-435c-831e-4fc28589a55c",
"last_modified": 1763038623300
},
{
"name": "IceCat for Android",
"schema": 1762992304970,
"status": "beta",
"version": "146",
"browserid": "icecat_android",
"id": "b8de7d68-78f0-49a8-ae02-2b807c2a40d0",
"last_modified": 1763038623295
},
{
"name": "IceCat",
"schema": 1762992304614,
"status": "beta",
"version": "146",
"browserid": "icecat",
"id": "db1e42f6-cbd7-4a17-a388-2190ad554abf",
"last_modified": 1763038623291
},
{
"name": "IceCat for Android",
"schema": 1762992304900,
"status": "current",
"version": "145",
"browserid": "icecat_android",
"id": "546eaac9-d444-4f9f-a403-b97a76646211",
"last_modified": 1763038623283
},
{
"name": "IceCat",
"schema": 1762992304541,
"status": "current",
"version": "145",
"browserid": "icecat",
"id": "04fc0708-9123-4914-a491-ca13f20285e6",
"last_modified": 1763038623278
},
{
"name": "Safari on iOS",
"schema": 1762387504104,
"status": "beta",
"version": "26.2",
"browserid": "safari_ios",
"id": "2eb9ac0d-f4bf-4cdf-83a1-49dc43362039",
"last_modified": 1762424892978
},
{
"name": "Safari",
"schema": 1762387503881,
"status": "beta",
"version": "26.2",
"schema": 1766016303794,
"status": "current",
"version": "26.3",
"browserid": "safari",
"id": "8982e715-0fe8-485b-a68f-582f3420cf8c",
"last_modified": 1762424892974
},
{
"name": "Edge",
"schema": 1762387503671,
"status": "planned",
"version": "145",
"browserid": "edge",
"id": "40684037-f3dc-4106-b1f7-91bd4fa18a32",
"last_modified": 1762424892971
"id": "f7f0e108-c839-4036-94f6-1d77b172c85a",
"last_modified": 1766045402721
},
{
"name": "WebView on iOS",
"schema": 1762387504304,
"status": "beta",
"version": "26.2",
"schema": 1766016304219,
"status": "current",
"version": "26.3",
"browserid": "webview_ios",
"id": "0ec79789-21e6-4251-9728-07edaa787a52",
"last_modified": 1762424892967
"id": "8ac8569d-f6dc-41e4-b448-7c54f6923a36",
"last_modified": 1766045402718
},
{
"name": "Safari on iOS",
"schema": 1766016304005,
"status": "current",
"version": "26.3",
"browserid": "safari_ios",
"id": "916681bd-04e0-4dbe-9c02-965181db1356",
"last_modified": 1766045402715
},
{
"name": "Bun",
"schema": 1765411502852,
"status": "current",
"version": "1.3.4",
"browserid": "bun",
"id": "bb61843a-d6b5-40f0-bf14-89b02e02cdd1",
"last_modified": 1765440270114
},
{
"name": "IceCat for Android",
"schema": 1765411503604,
"status": "planned",
"version": "149",
"browserid": "icecat_android",
"id": "78dc5472-36f7-465d-92c2-3d2ff5d7c323",
"last_modified": 1765440270110
},
{
"name": "IceCat",
"schema": 1765411503258,
"status": "planned",
"version": "149",
"browserid": "icecat",
"id": "2154c26d-3d7d-4ddc-a6ec-de10aeaba65f",
"last_modified": 1765440270107
},
{
"name": "IceCat",
"schema": 1765411503145,
"status": "nightly",
"version": "148",
"browserid": "icecat",
"id": "4ebdb515-56c0-4aae-bf80-631df396b3c5",
"last_modified": 1765440270099
},
{
"name": "IceCat for Android",
"schema": 1765411503533,
"status": "nightly",
"version": "148",
"browserid": "icecat_android",
"id": "5e1afc2d-b301-49b8-9052-0d0ceed8d7a3",
"last_modified": 1765440270095
},
{
"name": "IceCat for Android",
"schema": 1765411503470,
"status": "beta",
"version": "147",
"browserid": "icecat_android",
"id": "6d4ac1b5-fae6-4cf0-8966-3833c78d2d6d",
"last_modified": 1765440270091
},
{
"name": "IceCat",
"schema": 1765411503078,
"status": "beta",
"version": "147",
"browserid": "icecat",
"id": "da813114-57b4-435c-831e-4fc28589a55c",
"last_modified": 1765440270088
},
{
"name": "IceCat for Android",
"schema": 1765411503404,
"status": "current",
"version": "146",
"browserid": "icecat_android",
"id": "b8de7d68-78f0-49a8-ae02-2b807c2a40d0",
"last_modified": 1765440270084
},
{
"name": "IceCat",
"schema": 1765411503010,
"status": "current",
"version": "146",
"browserid": "icecat",
"id": "db1e42f6-cbd7-4a17-a388-2190ad554abf",
"last_modified": 1765440270080
},
{
"name": "WebView Android",
"schema": 1764979505137,
"status": "planned",
"version": "146",
"browserid": "webview_android",
"id": "620f087d-d5c6-4b67-80f4-02358d8298e7",
"last_modified": 1765180094112
},
{
"name": "Opera Android",
"schema": 1764979504685,
"status": "current",
"version": "93",
"browserid": "opera_android",
"id": "d804ce23-825c-4e96-a0f4-c70981bb9a18",
"last_modified": 1765180094108
},
{
"name": "Chrome Android",
"schema": 1764979504231,
"status": "planned",
"version": "146",
"browserid": "chrome_android",
"id": "1b035778-10c7-4ea3-aeb4-3606fd3483e1",
"last_modified": 1765180094104
},
{
"name": "Edge",
"schema": 1764979504557,
"status": "planned",
"version": "146",
"browserid": "edge",
"id": "71070e67-3067-4271-acef-cf0bd7a4f555",
"last_modified": 1765180094101
},
{
"name": "Chrome",
"schema": 1764979503917,
"status": "planned",
"version": "146",
"browserid": "chrome",
"id": "b9100141-3b96-44f6-89b5-2dd19d6dfba6",
"last_modified": 1765180094097
},
{
"name": "Edge",
"schema": 1764979504497,
"status": "nightly",
"version": "145",
"browserid": "edge",
"id": "40684037-f3dc-4106-b1f7-91bd4fa18a32",
"last_modified": 1765180094092
},
{
"name": "WebView Android",
"schema": 1764979505076,
"status": "nightly",
"version": "145",
"browserid": "webview_android",
"id": "51da2d32-d596-43de-8dea-bb19b07b2bf0",
"last_modified": 1765180094085
},
{
"name": "Chrome",
"schema": 1764979503854,
"status": "nightly",
"version": "145",
"browserid": "chrome",
"id": "1bcd114b-13e9-428b-9d54-bd2d993aa5bb",
"last_modified": 1765180094082
},
{
"name": "Chrome Android",
"schema": 1764979504166,
"status": "nightly",
"version": "145",
"browserid": "chrome_android",
"id": "4363f23f-12a8-40d5-aedb-9c90514c368c",
"last_modified": 1765180094078
},
{
"name": "WebView Android",
"schema": 1764979505016,
"status": "beta",
"version": "144",
"browserid": "webview_android",
"id": "336a5fe9-5846-4e9d-9039-be3d1d82f97f",
"last_modified": 1765180094075
},
{
"name": "Chrome",
"schema": 1764979503790,
"status": "beta",
"version": "144",
"browserid": "chrome",
"id": "445d8b56-0300-4c6b-8e1f-0d1ab3f45500",
"last_modified": 1765180094071
},
{
"name": "Chrome Android",
"schema": 1764979504105,
"status": "beta",
"version": "144",
"browserid": "chrome_android",
"id": "196eb3bc-6b04-4a4e-875f-b46ff5d5e6da",
"last_modified": 1765180094068
},
{
"name": "Chrome",
"schema": 1764979503724,
"status": "current",
"version": "143",
"browserid": "chrome",
"id": "d18f46a3-d6bd-4291-8088-27feea84ca76",
"last_modified": 1765180094064
},
{
"name": "Samsung Internet",
"schema": 1764979504820,
"status": "current",
"version": "29.0",
"browserid": "samsunginternet_android",
"id": "c30b100b-baa9-418f-b196-11e2cc06c7ad",
"last_modified": 1765180094055
},
{
"name": "Edge",
"schema": 1764979504435,
"status": "beta",
"version": "144",
"browserid": "edge",
"id": "64945ca2-8c7c-4d04-8a37-dd304f2e93ce",
"last_modified": 1765180094052
},
{
"name": "Edge",
"schema": 1764979504368,
"status": "current",
"version": "143",
"browserid": "edge",
"id": "5fbdfe94-de4c-4bfe-b789-246f64a7f4b6",
"last_modified": 1765180094048
},
{
"name": "WebView Android",
"schema": 1764979504956,
"status": "current",
"version": "143",
"browserid": "webview_android",
"id": "c0345eaf-8f79-42e7-9d5d-a16f48e6761f",
"last_modified": 1765180094045
},
{
"name": "Chrome Android",
"schema": 1764979504045,
"status": "current",
"version": "143",
"browserid": "chrome_android",
"id": "88163a1b-c1ef-4699-a50e-bd33a32ea075",
"last_modified": 1765180094041
},
{
"name": "Node.js",
"schema": 1764115503977,
"status": "current",
"version": "25.2.0",
"browserid": "nodejs",
"id": "72793b48-82fb-4674-9659-b51e661cb10b",
"last_modified": 1764597259381
},
{
"name": "Opera",
@ -126,24 +288,6 @@
"id": "5bdc65b2-ee44-4f2a-b776-54b9ffe1147f",
"last_modified": 1762424892963
},
{
"name": "Edge",
"schema": 1762387503603,
"status": "nightly",
"version": "144",
"browserid": "edge",
"id": "64945ca2-8c7c-4d04-8a37-dd304f2e93ce",
"last_modified": 1762424892958
},
{
"name": "Edge",
"schema": 1762387503533,
"status": "beta",
"version": "143",
"browserid": "edge",
"id": "5fbdfe94-de4c-4bfe-b789-246f64a7f4b6",
"last_modified": 1762424892954
},
{
"name": "Opera",
"schema": 1761955503193,
@ -162,177 +306,6 @@
"id": "847fc43b-579e-4b26-a1fa-cb978ec0438b",
"last_modified": 1762424892945
},
{
"name": "WebView on iOS",
"schema": 1762387504245,
"status": "current",
"version": "26.1",
"browserid": "webview_ios",
"id": "715b8853-603d-4ca8-a18c-3e24169f8895",
"last_modified": 1762424892941
},
{
"name": "Safari",
"schema": 1762387503809,
"status": "current",
"version": "26.1",
"browserid": "safari",
"id": "4e69de42-b3b9-4a6e-a764-3038552d0ecb",
"last_modified": 1762424892936
},
{
"name": "Safari on iOS",
"schema": 1762387504034,
"status": "current",
"version": "26.1",
"browserid": "safari_ios",
"id": "c67d6870-269b-4aa5-9a1b-03662a4b5771",
"last_modified": 1762424892932
},
{
"name": "Edge",
"schema": 1762387503452,
"status": "current",
"version": "142",
"browserid": "edge",
"id": "7d644a9d-4167-44d0-b58a-165beedf43e5",
"last_modified": 1762424892927
},
{
"name": "Node.js",
"schema": 1761696314245,
"status": "current",
"version": "24.7.0",
"browserid": "nodejs",
"id": "91237d21-1b61-4fa2-8a8e-7d6237471e87",
"last_modified": 1761724372882
},
{
"name": "WebView Android",
"schema": 1761696314562,
"status": "planned",
"version": "145",
"browserid": "webview_android",
"id": "51da2d32-d596-43de-8dea-bb19b07b2bf0",
"last_modified": 1761724372878
},
{
"name": "Chrome",
"schema": 1761696313807,
"status": "planned",
"version": "145",
"browserid": "chrome",
"id": "1bcd114b-13e9-428b-9d54-bd2d993aa5bb",
"last_modified": 1761724372875
},
{
"name": "Chrome Android",
"schema": 1761696314122,
"status": "planned",
"version": "145",
"browserid": "chrome_android",
"id": "4363f23f-12a8-40d5-aedb-9c90514c368c",
"last_modified": 1761724372871
},
{
"name": "WebView Android",
"schema": 1761696314499,
"status": "nightly",
"version": "144",
"browserid": "webview_android",
"id": "336a5fe9-5846-4e9d-9039-be3d1d82f97f",
"last_modified": 1761724372867
},
{
"name": "Chrome",
"schema": 1761696313747,
"status": "nightly",
"version": "144",
"browserid": "chrome",
"id": "445d8b56-0300-4c6b-8e1f-0d1ab3f45500",
"last_modified": 1761724372864
},
{
"name": "Chrome Android",
"schema": 1761696314057,
"status": "nightly",
"version": "144",
"browserid": "chrome_android",
"id": "196eb3bc-6b04-4a4e-875f-b46ff5d5e6da",
"last_modified": 1761724372861
},
{
"name": "Chrome",
"schema": 1761696313690,
"status": "beta",
"version": "143",
"browserid": "chrome",
"id": "d18f46a3-d6bd-4291-8088-27feea84ca76",
"last_modified": 1761724372857
},
{
"name": "WebView Android",
"schema": 1761696314379,
"status": "current",
"version": "142",
"browserid": "webview_android",
"id": "d1917e2a-614b-4b6c-8bb4-683132e1fd64",
"last_modified": 1761724372851
},
{
"name": "Chrome",
"schema": 1761696313619,
"status": "current",
"version": "142",
"browserid": "chrome",
"id": "80f03197-a17b-4032-ba47-0e81e04ffce2",
"last_modified": 1761724372848
},
{
"name": "WebView Android",
"schema": 1761696314437,
"status": "beta",
"version": "143",
"browserid": "webview_android",
"id": "c0345eaf-8f79-42e7-9d5d-a16f48e6761f",
"last_modified": 1761724372841
},
{
"name": "Chrome Android",
"schema": 1761696313996,
"status": "beta",
"version": "143",
"browserid": "chrome_android",
"id": "88163a1b-c1ef-4699-a50e-bd33a32ea075",
"last_modified": 1761724372838
},
{
"name": "Chrome Android",
"schema": 1761696313933,
"status": "current",
"version": "142",
"browserid": "chrome_android",
"id": "0b5cf19b-6816-4a96-aeb8-de25f776b025",
"last_modified": 1761724372834
},
{
"name": "Opera Android",
"schema": 1760141104124,
"status": "current",
"version": "92",
"browserid": "opera_android",
"id": "2d5b3e9f-ae53-4833-adac-d2fdb3267611",
"last_modified": 1760336031485
},
{
"name": "Samsung Internet",
"schema": 1759889746802,
"status": "beta",
"version": "29.0",
"browserid": "samsunginternet_android",
"id": "c30b100b-baa9-418f-b196-11e2cc06c7ad",
"last_modified": 1759989898794
},
{
"name": "Deno",
"schema": 1759363503600,
@ -360,15 +333,6 @@
"id": "9949da65-f6be-41f4-9c9d-73bc27b4d2a0",
"last_modified": 1754642891013
},
{
"name": "Samsung Internet",
"schema": 1749254703179,
"status": "current",
"version": "28.0",
"browserid": "samsunginternet_android",
"id": "d85a7f04-256c-4b3c-a633-29d0b2a19f18",
"last_modified": 1749550693720
},
{
"name": "Node.js",
"schema": 1734480302872,
@ -388,5 +352,5 @@
"last_modified": 1665656484764
}
],
"timestamp": 1763038623318
"timestamp": 1766045402721
}

212
icecat/services/settings/dumps/main/password-rules.json
View file

@ -1,5 +1,203 @@
{
"data": [
{
"Domain": "bkvenergy.com",
"password-rules": "minlength: 8; maxlength: 12; required: upper; required: lower; required: digit; required: [-~!@#$%^&*()_=+,<.> ];",
"id": "79120746-e8f2-4ff2-b18e-730f72e35156",
"last_modified": 1764684322196
},
{
"Domain": "sjwaterhub.com",
"password-rules": "minlength: 8; maxlength: 30; required: digit, lower, upper; allowed: [!#%&*.];",
"id": "ad4dc632-7790-42cf-a798-12a1fabf4585",
"last_modified": 1764684322192
},
{
"Domain": "promozoneapp.nmlottery.com",
"password-rules": "minlength: 6; maxlength: 16; required: lower; required: upper; required: digit; allowed: special;",
"id": "b84b78b1-6f59-4b63-813f-ac1965568c72",
"last_modified": 1764684322188
},
{
"Domain": "mypatientvisit.com",
"password-rules": "minlength: 8; required: lower; required: upper; required: digit; required: [!#$%&*+.;?@^_~];",
"id": "5eb5ee14-8f2c-4397-afa9-bd59fc79f4df",
"last_modified": 1764684322177
},
{
"Domain": "mybam.bcbsnm.com",
"password-rules": "minlength: 8; maxlength: 64; max-consecutive: 2; required: lower; required: upper; required: digit; allowed: [!#$%&()*@[^{}~];",
"id": "21a8ea3d-676d-409a-9dc5-8a3ec72d7d9a",
"last_modified": 1764684322173
},
{
"Domain": "id.westfield.com",
"password-rules": "minlength: 9; maxlength: 20; required: lower; required: upper; required: digit; required: [!\"#&'()*,./:;?@[\\^_`{|}~];",
"id": "37ac075d-294f-4c68-b5ae-63324992786b",
"last_modified": 1764684322169
},
{
"Domain": "id.nfpa.org",
"password-rules": "minlength: 8; maxlength: 16; required: lower; required: upper; required: digit; required: [-\"^#$%&'()*+:=@[_|{}~]];",
"id": "9bf8d9d2-ffa4-4bf6-8b3c-aa3ed98b1114",
"last_modified": 1764684322166
},
{
"Domain": "cardcash.com",
"password-rules": "minlength: 8; required: lower; required: upper; required: digit; required: [!$%&*?@];",
"id": "ed380255-5637-4a0a-9336-54e743632071",
"last_modified": 1764684322162
},
{
"Domain": "auth.zennioptical.com",
"password-rules": "minlength: 8; maxlength: 14; required: lower; required: upper; required: digit; allowed: special;",
"id": "c5e8a7c1-e20c-4d60-b411-6f2cadf75d35",
"last_modified": 1764684322157
},
{
"Domain": "app8menu.com",
"password-rules": "minlength: 8; required: lower; required: upper; required: digit; required: [@$!%*?&];",
"id": "332895b3-7ed5-4353-abfa-2540cd218959",
"last_modified": 1764684322153
},
{
"Domain": "publix.com",
"password-rules": "minlength: 8; maxlength: 28; required: upper; required: lower; allowed: digit,[!#$%*@^];",
"id": "2f716ab9-e74b-4c12-9c49-0cb6a2e819f7",
"last_modified": 1764684322149
},
{
"Domain": "themovingportal.co.uk",
"password-rules": "minlength: 8; maxlength: 16; required: lower; required: upper; required: digit; allowed: [-@#$%^&*_+={}|\\:',?/'~\" ();.[]];",
"id": "b5cdfe1b-6582-42e2-ae6a-70abf3cff53e",
"last_modified": 1764684322146
},
{
"Domain": "ticketweb.com",
"password-rules": "minlength: 12; maxlength: 15;",
"id": "71bd6187-4ebe-4be4-8f82-617a8baebd0a",
"last_modified": 1764684322142
},
{
"Domain": "act.org",
"password-rules": "minlength: 8; maxlength: 64; required: lower; required: upper; required: digit; required: [!#$%&*@^];",
"id": "444e2e0f-e423-4702-8f27-2cea28fd97c4",
"last_modified": 1764684322138
},
{
"Domain": "yeti.com",
"password-rules": "minlength: 8; required: lower; required: upper; required: digit; required: [#$%*];",
"id": "a14cc11d-9f16-4c0c-aa7e-ca4010d38967",
"last_modified": 1764684322135
},
{
"Domain": "vons.com",
"password-rules": "minlength: 8; maxlength: 40; required: upper; required: [!#$%&*@^]; allowed: lower,digit;",
"id": "427bb481-ac5e-463c-b164-e2e2d9a6eb94",
"last_modified": 1764684322131
},
{
"Domain": "tomthumb.com",
"password-rules": "minlength: 8; maxlength: 40; required: upper; required: [!#$%&*@^]; allowed: lower,digit;",
"id": "5790bfe5-d80f-4067-b47d-967b6219e307",
"last_modified": 1764684322128
},
{
"Domain": "starmarket.com",
"password-rules": "minlength: 8; maxlength: 40; required: upper; required: [!#$%&*@^]; allowed: lower,digit;",
"id": "de0a163b-0538-402a-9a4b-08da580bb03a",
"last_modified": 1764684322124
},
{
"Domain": "shaws.com",
"password-rules": "minlength: 8; maxlength: 40; required: upper; required: [!#$%&*@^]; allowed: lower,digit;",
"id": "c98a263c-08ab-4f5b-bdce-4c4d4a6bae1a",
"last_modified": 1764684322120
},
{
"Domain": "savemart.com",
"password-rules": "minlength: 8; maxlength: 12; required: digit; required: upper,lower; required: [!#$%&@]; allowed: ascii-printable;",
"id": "124261a6-9926-4d4c-ab98-b1bf2bde81b1",
"last_modified": 1764684322117
},
{
"Domain": "safeway.com",
"password-rules": "minlength: 8; maxlength: 40; required: upper; required: [!#$%&*@^]; allowed: lower,digit;",
"id": "e32a0925-07e7-47c6-af3c-0791d873cc7e",
"last_modified": 1764684322113
},
{
"Domain": "randalls.com",
"password-rules": "minlength: 8; maxlength: 40; required: upper; required: [!#$%&*@^]; allowed: lower,digit;",
"id": "bf4996a5-4556-4ba3-968d-af8143f4f22c",
"last_modified": 1764684322109
},
{
"Domain": "pavilions.com",
"password-rules": "minlength: 8; maxlength: 40; required: upper; required: [!#$%&*@^]; allowed: lower,digit;",
"id": "2c15e93c-4780-4775-80c8-08c66f9f756f",
"last_modified": 1764684322106
},
{
"Domain": "kingsfoodmarkets.com",
"password-rules": "minlength: 8; maxlength: 40; required: upper; required: [!#$%&*@^]; allowed: lower,digit;",
"id": "68647a6b-179b-4742-86a2-1cbfcd4c564d",
"last_modified": 1764684322102
},
{
"Domain": "jewelosco.com",
"password-rules": "minlength: 8; maxlength: 40; required: upper; required: [!#$%&*@^]; allowed: lower,digit;",
"id": "488c6089-7e00-4081-a207-7baefa5cd259",
"last_modified": 1764684322048
},
{
"Domain": "haggen.com",
"password-rules": "minlength: 8; maxlength: 40; required: upper; required: [!#$%&*@^]; allowed: lower,digit;",
"id": "8de06c6c-e07f-446a-8b25-f8129cf1c717",
"last_modified": 1764684322044
},
{
"Domain": "carrsqc.com",
"password-rules": "minlength: 8; maxlength: 40; required: upper; required: [!#$%&*@^]; allowed: lower,digit;",
"id": "42f897e7-1106-47e9-b294-128fd45488e4",
"last_modified": 1764684322039
},
{
"Domain": "balduccis.com",
"password-rules": "minlength: 8; maxlength: 40; required: upper; required: [!#$%&*@^]; allowed: lower,digit;",
"id": "359e538d-f52d-4662-ba4e-f65c28abb210",
"last_modified": 1764684322035
},
{
"Domain": "andronicos.com",
"password-rules": "minlength: 8; maxlength: 40; required: upper; required: [!#$%&*@^]; allowed: lower,digit;",
"id": "982e3235-9d92-4d01-894c-6b81298e4b53",
"last_modified": 1764684322032
},
{
"Domain": "albertsons.com",
"password-rules": "minlength: 8; maxlength: 40; required: upper; required: [!#$%&*@^]; allowed: lower,digit;",
"id": "42346b95-1942-4a8b-9d3d-e4bc87804718",
"last_modified": 1764684322028
},
{
"Domain": "acmemarkets.com",
"password-rules": "minlength: 8; maxlength: 40; required: upper; required: [!#$%&*@^]; allowed: lower,digit;",
"id": "69b79395-9801-4295-808c-a811ccd76a2f",
"last_modified": 1764684322024
},
{
"Domain": "ea.com",
"password-rules": "minlength: 8; maxlength: 64; required: lower; required: upper; required: digit; allowed: special;",
"id": "925e748f-9880-4af9-b5a1-fb28e5c1c7e7",
"last_modified": 1764684322019
},
{
"Domain": "hetzner.com",
"password-rules": "minlength: 8; required: lower; required: upper; required: digit; required: [-^!$%/()=?+#.,;:~*@{}_&[]];",
"id": "a27316a5-29c1-468f-b046-655637fe7fc6",
"last_modified": 1764684322014
},
{
"Domain": "nekochat.cn",
"password-rules": "minlength: 8; maxlength: 15; required: lower; required: upper; required: digit;",
@ -1386,12 +1584,6 @@
"id": "2a635fd0-1a69-40e7-90dd-ed0ec396b384",
"last_modified": 1624479577265
},
{
"Domain": "ea.com",
"password-rules": "minlength: 8; maxlength: 16; required: lower; required: upper; required: digit; allowed: special;",
"id": "925e748f-9880-4af9-b5a1-fb28e5c1c7e7",
"last_modified": 1624479577260
},
{
"Domain": "easycoop.com",
"password-rules": "minlength: 8; required: upper; required: special; allowed: lower, digit;",
@ -1548,12 +1740,6 @@
"id": "e804c8d8-8d33-463a-b228-c2fbdcad663d",
"last_modified": 1624479577129
},
{
"Domain": "hetzner.com",
"password-rules": "minlength: 8; required: lower; required: upper; required: digit, special;",
"id": "a27316a5-29c1-468f-b046-655637fe7fc6",
"last_modified": 1624479577124
},
{
"Domain": "hilton.com",
"password-rules": "minlength: 8; maxlength: 32; required: lower; required: upper; required: digit;",
@ -2233,5 +2419,5 @@
"last_modified": 1624479576629
}
],
"timestamp": 1743683182607
"timestamp": 1764684322196
}

36
icecat/services/settings/dumps/main/search-config-icons.json
View file

@ -168,23 +168,6 @@
"id": "6644f26f-28ea-4222-929d-5d43a02dae05",
"last_modified": 1744118264964
},
{
"schema": 1743687938695,
"imageSize": 96,
"attachment": {
"hash": "3426b5100a6bdb45f8039f0c71a6b68193750ba7bae5b36e5ed31b2b7f372cda",
"size": 1357,
"filename": "azerdict_mobile.png",
"location": "main-workspace/search-config-icons/1229ffe4-7a6f-46d7-b664-5596df0aa730.png",
"mimetype": "image/png"
},
"engineIdentifiers": [
"azerdict"
],
"filter_expression": "env.appinfo.OS == \"iOS\" || env.appinfo.OS == \"Android\"",
"id": "95ed201d-4ab8-4cb8-831d-454f53cab0f8",
"last_modified": 1744118264962
},
{
"schema": 1743687936599,
"imageSize": 96,
@ -1139,23 +1122,6 @@
"id": "5ded611d-44b2-dc46-fd67-fb116888d75d",
"last_modified": 1744118264833
},
{
"schema": 1743687843227,
"imageSize": 16,
"attachment": {
"hash": "24daa27a3234d01b5add42e027b0a34000d0ab47c17fe3924c2ca267b7b61c19",
"size": 5430,
"filename": "azerdict-16-icecat.ico",
"location": "main-workspace/search-config-icons/4d6f988d-8905-4aa7-aeea-5b04a6197767.ico",
"mimetype": "image/x-icon"
},
"engineIdentifiers": [
"azerdict"
],
"filter_expression": "env.appinfo.OS != \"iOS\" && env.appinfo.OS != \"Android\"",
"id": "7bbe6c5c-fdb8-2845-a4f4-e1382e708a0e",
"last_modified": 1744118264831
},
{
"schema": 1743687843968,
"imageSize": 16,
@ -1206,5 +1172,5 @@
"last_modified": 1744118264825
}
],
"timestamp": 1763049497744
"timestamp": 1765918784979
}

4
icecat/services/settings/dumps/main/search-config-v2.json
View file

@ -4287,7 +4287,7 @@
},
"id": "04e99a38-13ee-47d8-8aa4-64482b3dea99",
"identifier": "ddg",
"last_modified": 1767,
"last_modified": 1770,
"recordType": "engine",
"schema": 1718698362015,
"variants": [
@ -4301,7 +4301,7 @@
{
"globalDefault": "ddg",
"id": "f3891684-2348-4e7a-9765-0c5d2d0ab1b9",
"last_modified": 1766,
"last_modified": 1769,
"recordType": "defaultEngines",
"schema": 1702901837584,
"specificDefaults": []

93
icecat/services/settings/dumps/main/websites-with-shared-credential-backends.json
View file

@ -19,6 +19,23 @@
"americanairlines.com",
"americanairlines.jp"
],
[
"acmemarkets.com",
"albertsons.com",
"andronicos.com",
"balduccis.com",
"carrsqc.com",
"haggen.com",
"jewelosco.com",
"kingsfoodmarkets.com",
"pavilions.com",
"randalls.com",
"safeway.com",
"shaws.com",
"starmarket.com",
"tomthumb.com",
"vons.com"
],
[
"aetna.com",
"banneraetna.myplanportal.com"
@ -84,17 +101,10 @@
"airnewzealand.com.au"
],
[
"albertsons.com",
"acmemarkets.com",
"carrsqc.com",
"jewelosco.com",
"pavilions.com",
"randalls.com",
"safeway.com",
"shaws.com",
"starmarket.com",
"tomthumb.com",
"vons.com"
"albertsonsmarket.com",
"amigosunited.com",
"marketstreetunited.com",
"unitedsupermarkets.com"
],
[
"alelo.com.br",
@ -230,6 +240,10 @@
"braze.com",
"braze.eu"
],
[
"candyrect.com",
"nekochat.cn"
],
[
"capitalone.com",
"capitalone360.com"
@ -242,6 +256,12 @@
"centralfcu.org",
"centralfcu.com"
],
[
"check24.at",
"check24.com",
"check24.de",
"check24.es"
],
[
"citi.com",
"citibank.com",
@ -310,6 +330,10 @@
"docusign.com",
"docusign.net"
],
[
"dq.com",
"dairyqueen.com"
],
[
"drivethrucards.com",
"drivethrucomics.com",
@ -356,6 +380,8 @@
],
[
"epicgames.com",
"fortnite.com",
"twinmotion.com",
"unrealengine.com"
],
[
@ -422,6 +448,17 @@
"foursquare.com",
"swarmapp.com"
],
[
"gamefaqs.com",
"gamefaqs.gamespot.com"
],
[
"gamepedia.com",
"wikia.com",
"wikia.org",
"wikicities.com",
"fandom.com"
],
[
"gazduire.com.ro",
"gazduire.net",
@ -436,6 +473,10 @@
"gogoair.com",
"gogoinflight.com"
],
[
"hawaiianairlines.com",
"alaskaair.com"
],
[
"hbo.com",
"hbomax.com",
@ -461,7 +502,8 @@
],
[
"instagram.com",
"threads.net"
"threads.net",
"threads.com"
],
[
"intuit.com",
@ -480,6 +522,14 @@
"kcls.overdrive.com",
"kcls.org"
],
[
"keypointcu.com",
"kpcu.com"
],
[
"koboldpress.com",
"labyrinth.talesofthevaliant.com"
],
[
"letsdeel.com",
"deel.com"
@ -569,6 +619,10 @@
"minecraft.net",
"mojang.com"
],
[
"monarch.com",
"monarchmoney.com"
],
[
"moneybird.nl",
"moneybird.de",
@ -629,6 +683,11 @@
"overstock.com",
"bedbathandbeyond.com"
],
[
"padmapper.com",
"zumper.com",
"zumperrentals.com"
],
[
"parkmobile.us",
"parkmobile.io"
@ -701,6 +760,11 @@
"redis.com",
"redislabs.com"
],
[
"rekordbox.com",
"pioneerdj.com",
"community.pioneerdj.com"
],
[
"rocketaccount.com",
"rocketmortgage.com"
@ -817,6 +881,7 @@
],
[
"turkishairlines.com",
"tkwifi.net",
"thy.com"
],
[
@ -944,8 +1009,8 @@
]
],
"id": "8c3d4151-8e68-4bb3-a3fd-babf4aba2cdc",
"last_modified": 1738775297137
"last_modified": 1764684432032
}
],
"timestamp": 1738775297137
"timestamp": 1764684432032
}

244
icecat/services/settings/dumps/monitor/changes
View file

@ -1,124 +1,9 @@
{
"changes": [
{
"last_modified": 1719927826949,
"bucket": "main",
"collection": "urlbar-persisted-search-terms"
},
{
"last_modified": 1544035467383,
"bucket": "main",
"collection": "sites-classification"
},
{
"last_modified": 0,
"bucket": "main",
"collection": "search-config-overrides-v2"
},
{
"last_modified": 1761148716130,
"bucket": "main",
"collection": "translations-models"
},
{
"last_modified": 1739471652383,
"bucket": "main",
"collection": "url-classifier-skip-urls"
},
{
"last_modified": 1744749743529,
"bucket": "main",
"collection": "search-default-override-allowlist"
},
{
"last_modified": 1749069444811,
"bucket": "main",
"collection": "translations-wasm"
},
{
"last_modified": 1725526980846,
"bucket": "main",
"collection": "cookie-banner-rules-list"
},
{
"last_modified": 1726769128879,
"bucket": "main",
"collection": "url-parser-default-unknown-schemes-interventions"
},
{
"last_modified": 1633983928590,
"bucket": "main",
"collection": "top-sites"
},
{
"last_modified": 1733839156202,
"bucket": "main",
"collection": "remote-permissions"
},
{
"last_modified": 1757010621729,
"bucket": "main",
"collection": "search-telemetry-v2"
},
{
"last_modified": 1763038623318,
"bucket": "main",
"collection": "devtools-compatibility-browsers"
},
{
"last_modified": 1653469171354,
"bucket": "main",
"collection": "devtools-devices"
},
{
"last_modified": 1674595048726,
"bucket": "main",
"collection": "password-recipes"
},
{
"last_modified": 1763049497744,
"bucket": "main",
"collection": "search-config-icons"
},
{
"last_modified": 1605801189258,
"bucket": "main",
"collection": "hijack-blocklists"
},
{
"last_modified": 1738775297137,
"bucket": "main",
"collection": "websites-with-shared-credential-backends"
},
{
"last_modified": 1743683182607,
"bucket": "main",
"collection": "password-rules"
},
{
"last_modified": 1745933974542,
"bucket": "main",
"collection": "search-config-v2"
},
{
"last_modified": 1751018358372,
"bucket": "main",
"collection": "moz-essential-domain-fallbacks"
},
{
"last_modified": 1564511755134,
"bucket": "main",
"collection": "anti-tracking-url-decoration"
},
{
"last_modified": 1673270322227,
"bucket": "main",
"collection": "language-dictionaries"
},
{
"last_modified": 1748485472559,
"last_modified": 1767616590393,
"bucket": "blocklists",
"collection": "gfx"
"collection": "addons-bloomfilters"
},
{
"last_modified": 1604940558744,
@ -126,20 +11,135 @@
"collection": "addons"
},
{
"last_modified": 1764570990070,
"last_modified": 1748485472559,
"bucket": "blocklists",
"collection": "addons-bloomfilters"
"collection": "gfx"
},
{
"last_modified": 1764082622611,
"last_modified": 1673270322227,
"bucket": "main",
"collection": "language-dictionaries"
},
{
"last_modified": 1764684322196,
"bucket": "main",
"collection": "password-rules"
},
{
"last_modified": 1733839156202,
"bucket": "main",
"collection": "remote-permissions"
},
{
"last_modified": 1761148716130,
"bucket": "main",
"collection": "translations-models"
},
{
"last_modified": 1544035467383,
"bucket": "main",
"collection": "sites-classification"
},
{
"last_modified": 1749069444811,
"bucket": "main",
"collection": "translations-wasm"
},
{
"last_modified": 1605801189258,
"bucket": "main",
"collection": "hijack-blocklists"
},
{
"last_modified": 1766045402721,
"bucket": "main",
"collection": "devtools-compatibility-browsers"
},
{
"last_modified": 1764684432032,
"bucket": "main",
"collection": "websites-with-shared-credential-backends"
},
{
"last_modified": 1739471652383,
"bucket": "main",
"collection": "url-classifier-skip-urls"
},
{
"last_modified": 1751018358372,
"bucket": "main",
"collection": "moz-essential-domain-fallbacks"
},
{
"last_modified": 1725526980846,
"bucket": "main",
"collection": "cookie-banner-rules-list"
},
{
"last_modified": 1745933974542,
"bucket": "main",
"collection": "search-config-v2"
},
{
"last_modified": 1726769128879,
"bucket": "main",
"collection": "url-parser-default-unknown-schemes-interventions"
},
{
"last_modified": 1653469171354,
"bucket": "main",
"collection": "devtools-devices"
},
{
"last_modified": 0,
"bucket": "main",
"collection": "search-config-overrides-v2"
},
{
"last_modified": 1633983928590,
"bucket": "main",
"collection": "top-sites"
},
{
"last_modified": 1564511755134,
"bucket": "main",
"collection": "anti-tracking-url-decoration"
},
{
"last_modified": 1763049497744,
"bucket": "main",
"collection": "search-config-icons"
},
{
"last_modified": 1674595048726,
"bucket": "main",
"collection": "password-recipes"
},
{
"last_modified": 1744749743529,
"bucket": "main",
"collection": "search-default-override-allowlist"
},
{
"last_modified": 1719927826949,
"bucket": "main",
"collection": "urlbar-persisted-search-terms"
},
{
"last_modified": 1757010621729,
"bucket": "main",
"collection": "search-telemetry-v2"
},
{
"last_modified": 1766548622587,
"bucket": "security-state",
"collection": "intermediates"
},
{
"last_modified": 1759512219332,
"last_modified": 1765387587348,
"bucket": "security-state",
"collection": "onecrl"
}
],
"timestamp": 1766
"timestamp": 1769
}

687
icecat/services/settings/dumps/security-state/intermediates.json
View file

@ -1,5 +1,291 @@
{
"data": [
{
"schema": 1766545151547,
"derHash": "apoq8tf6rOXigX6DmIJ6FAa+5xHdtxjntVlXeqTBK18=",
"attachment": {
"hash": "4d3692ac441d7c3f075664f508fa72eb6b12c6d921e6f20d39970029ba654f46",
"size": 1999,
"filename": "D2CK5YkrtH6dJajHxLR-P6JOnCIlK4TORS4_07BmMA8=.pem",
"location": "security-state-staging/intermediates/bb6e2bb1-edcc-45e5-856e-f125101628b4.pem",
"mimetype": "application/x-pem-file"
},
"id": "1f0679b5-b285-43cb-af3b-c9c91f566f52",
"last_modified": 1766548622587
},
{
"schema": 1766545150870,
"derHash": "QdmJ/zITleggScLpWry9ecbMIHti+fGCdL3ixy+DQdY=",
"attachment": {
"hash": "3061d1494d2670d64c2b8d2a3b20753446cb3cd16a58e3fc20901e6221952cac",
"size": 1999,
"filename": "DaH-BZQc0vDvzDnwIYWQow8VlNFoJSPHT4EqvAUJlno=.pem",
"location": "security-state-staging/intermediates/6a972243-c1ca-4f56-afd5-dd541badc509.pem",
"mimetype": "application/x-pem-file"
},
"id": "fe8783cf-bfbf-4942-9459-d38873cd3849",
"last_modified": 1766548622584
},
{
"schema": 1766545150516,
"derHash": "N0yqtHIYFqTzgBMA7Wzl1k8VVPkXjZQLTnMGvJPSty4=",
"attachment": {
"hash": "1b6f61ae529e45efc2b08a2c5e354ea73a4eabadec9784b615de5a52b19a07d9",
"size": 1999,
"filename": "FZ9pybbuyn9HhpGR1NPthWsnzkVhQmQzQLyshe2YYQI=.pem",
"location": "security-state-staging/intermediates/82cdb7b6-b69c-4f50-8707-fd6ef2e45fe0.pem",
"mimetype": "application/x-pem-file"
},
"id": "2aaafebe-5bd9-4295-94b0-781f94ed876a",
"last_modified": 1766548622581
},
{
"schema": 1766545151205,
"derHash": "06hD1NyS613xJ+ZGwvUO6ANFJ0fYycbU/bn3yyBgxbc=",
"attachment": {
"hash": "fc501019fa6c2cc3194e8494997361d37dfa2930d979f1a004ec5c96912d8699",
"size": 1999,
"filename": "XztAsecQzzxu1jUv1WbLy4I-Rd8k920eS6JthbhBF7w=.pem",
"location": "security-state-staging/intermediates/c6cfe955-4314-42e4-aa56-147d1a1c1a9c.pem",
"mimetype": "application/x-pem-file"
},
"id": "db7338eb-337f-4678-90d0-017f070ea48e",
"last_modified": 1766548622575
},
{
"schema": 1766545150040,
"derHash": "yvAIQqcvlpblPCnyxeehudcaPi8MMdi5QGlNWdzO9kM=",
"attachment": {
"hash": "c9ddd15d4575624c6480bca5f1621f558809f3d159392240ee373ec1a9c58712",
"size": 1199,
"filename": "p4UlhI-4INdk1HPs8-QdeU9xFTzIwh8tuwVaVcuoAdg=.pem",
"location": "security-state-staging/intermediates/8b0827bc-68a0-4177-adc6-dd30594c243f.pem",
"mimetype": "application/x-pem-file"
},
"id": "ef0d45b4-04df-431a-ae55-a2db91a67de2",
"last_modified": 1766548622572
},
{
"schema": 1766545149681,
"derHash": "x3KGXm+eCneLDoZESiH7ZUf3oF4WnM/Fv+oFMX4PX2k=",
"attachment": {
"hash": "cea5d7631fdb975eaab8abcdeafa6dc8b875ef4ddd5d629506adc68836863859",
"size": 1195,
"filename": "W-Umw3HYfIOzV9bxKzoWQcUfT5Ssj5St0SlQgxYWXVI=.pem",
"location": "security-state-staging/intermediates/2ed1e716-f4b6-4b37-a11b-871ac84e2585.pem",
"mimetype": "application/x-pem-file"
},
"id": "9a5e2215-2d9b-4b78-b8c9-5cdbc6a6e04a",
"last_modified": 1766548622569
},
{
"schema": 1766199553968,
"derHash": "uNBo3GxmB5p1Zp5VsOo+Zv7xBHOUcer8PRZ6aBlyNPY=",
"attachment": {
"hash": "2721d976197c0971feb3b2aa3fe7ab4116f5b873f7762c1b903bed71f274889e",
"size": 2194,
"filename": "fNZ8JI9p2D_C-bsB3LH3rWejY9BGBDeW0JhMOiMfa7A=.pem",
"location": "security-state-staging/intermediates/4538ae28-7ee7-4f9f-9b25-494e072ba946.pem",
"mimetype": "application/x-pem-file"
},
"id": "1d3479b6-a941-456d-aa49-38d4829fed8f",
"last_modified": 1766203022761
},
{
"schema": 1766199553271,
"derHash": "RppWJMvxJcKbHHOqTQXUsr9PhAC11WnppMpVSrTE+vU=",
"attachment": {
"hash": "b0eb06ac30b4d1952a31af513c2b2b13be71d0993ac06a3c9d45b32bfdeffd05",
"size": 1540,
"filename": "G_ANXI8TwJTdF-AFBM8IiIUPEv0Gf6H5LA_b9guG4yE=.pem",
"location": "security-state-staging/intermediates/55a07545-3406-49c7-b4c2-75ab41e736be.pem",
"mimetype": "application/x-pem-file"
},
"id": "11abffc6-86d0-4dca-8c39-d6a546d872d0",
"last_modified": 1766203022758
},
{
"schema": 1766199552928,
"derHash": "Mn7JOVXJFFJhsIfG/F6sinEmK/JWjo0298L+29GxB3o=",
"attachment": {
"hash": "fce6d2adb30e15ecebfc251a25aa18fd326eb2f5bd8def6cdf2c4051fc40d421",
"size": 2308,
"filename": "IcENwofaRhqQc2PcjyjgcuebC1DnPogY1Yfis0DLQJM=.pem",
"location": "security-state-staging/intermediates/1b91e146-c5f2-40c0-8110-19742cfc72f7.pem",
"mimetype": "application/x-pem-file"
},
"id": "40ee61ef-0bc5-4ea9-8718-4888ecf4305e",
"last_modified": 1766203022755
},
{
"schema": 1766199553624,
"derHash": "Gx3gaZDNCzBeLhJIBhA7Gtz/xJnyElBNx39I3QrWIgk=",
"attachment": {
"hash": "8790a12a03afdc57bfe66ff20ba236054617d0d5509f56709ce442cdb4e42a18",
"size": 2121,
"filename": "K89VOmb1cJAN3TK6bf4ezAbJGC1mLcG2Dh97dnwr3VQ=.pem",
"location": "security-state-staging/intermediates/8d7d0493-30e8-4926-b826-971a2e8d1ac7.pem",
"mimetype": "application/x-pem-file"
},
"id": "b85f75ad-679d-4d04-9406-289abb01f97e",
"last_modified": 1766203022751
},
{
"schema": 1766127551521,
"derHash": "s+hkZ9F4886+Eec5/CFp5MeFkHjsY/tAMYmB7zpOqyY=",
"attachment": {
"hash": "c09aff236ce4f0c0fdbedb011c055253734d85ee01f4731d866797babaed2236",
"size": 2182,
"filename": "0cRTd-vc1hjNFlHcLgLCHXUeWqn80bNDH_bs9qMTSPo=.pem",
"location": "security-state-staging/intermediates/1c94507f-bac7-453c-806d-0ac393641919.pem",
"mimetype": "application/x-pem-file"
},
"id": "9d7646ec-f495-4a54-9a7d-de78added679",
"last_modified": 1766131022600
},
{
"schema": 1766026758172,
"derHash": "f+tvjJyEekSeC3AjhsIxmqEZHzjfAtA75ks/GuGXH5Q=",
"attachment": {
"hash": "fc4fafa94f5576c91b52ab38126ac5805910dcc29ff3f249ef2d66fe90c05f9e",
"size": 1297,
"filename": "cC948ZGRQqa4jzUFhFrPLMQ23ZJtoLcISSak2FyC1W4=.pem",
"location": "security-state-staging/intermediates/83d1c892-5314-4a26-959e-afc240dad367.pem",
"mimetype": "application/x-pem-file"
},
"id": "199298d3-8252-408f-9699-40b091ffc5e8",
"last_modified": 1766030226231
},
{
"schema": 1765983546338,
"derHash": "mZPRgykq/EFlq80nK0RUMhRZGDrHtBkROVAzcrzMKKk=",
"attachment": {
"hash": "5cf3c0bfdc7b17d1ae7c3fc1d0bdbf35f10b3fb606b2c8ef50bbfd593549bf92",
"size": 1297,
"filename": "IlYqx6aK68NNdqzDPc346Xl199h2mbiAnsDRwDf7z8s=.pem",
"location": "security-state-staging/intermediates/654d91da-ac76-4cc4-8bfa-d4543598ce45.pem",
"mimetype": "application/x-pem-file"
},
"id": "0f01296d-e0bc-4d08-944c-1020c8cbb5d0",
"last_modified": 1765987022922
},
{
"schema": 1765378748973,
"derHash": "opLN9ZkF/DABbCITHW8uSXRJ8VWgWiNMzsDgQhcb9w8=",
"attachment": {
"hash": "f07935f4dd9d0401863201b99d4893058b39b12c95ba433db82609dd649063d0",
"size": 2353,
"filename": "KsO_2ZCPae5nBbHkbrZGSJnspMLVD2HOwMOS6QlrN4g=.pem",
"location": "security-state-staging/intermediates/ea5c0f11-b67b-46e4-9200-4af33ec21a4d.pem",
"mimetype": "application/x-pem-file"
},
"id": "8521464e-e102-4a3b-a482-86bf2c3362e2",
"last_modified": 1765382227673
},
{
"schema": 1765378748122,
"derHash": "ayJ+6IUPsRNHiouDWm4Dpus/tRkb+5qynYguppulCU0=",
"attachment": {
"hash": "d7c8880d2f6429c7a21df0c8f3510fa82b5385199bb840fcad3bf9417328e59d",
"size": 2345,
"filename": "wlNHZlPQ35zQrKv-RbxnwroHj_ZkxaY4wZ8DGQgvT-I=.pem",
"location": "security-state-staging/intermediates/c86a6fc0-65c7-446f-9506-2647e2f12975.pem",
"mimetype": "application/x-pem-file"
},
"id": "13f87e5a-265e-4cac-8b2e-a1ebbd86b510",
"last_modified": 1765382227670
},
{
"schema": 1765378748571,
"derHash": "Rbxq6V5AerXlav3+7jjO2OlqaskDKtTRIsWstGvcMxI=",
"attachment": {
"hash": "bf21ea3106c8f4a2a5b4422ad54953b4fc54c7dca51ff6dd27b4a9d1994c73b1",
"size": 2361,
"filename": "Q-K2ZHTOJDK_ZL8mtXILZ6yfL-_txpYibcmmr4NWCxs=.pem",
"location": "security-state-staging/intermediates/89ea1551-1a9d-48a7-828c-6dc72e19fb6f.pem",
"mimetype": "application/x-pem-file"
},
"id": "7545285f-f72e-4009-96a2-d914b8c774e0",
"last_modified": 1765382227667
},
{
"schema": 1765378749325,
"derHash": "d1f+MpjzmwusToMNb5jIKOend4DkhcAZWIZOfSSz29E=",
"attachment": {
"hash": "ad54f34781fb85b2cd469c50615b2c8e3113ecfd3e455e3b0f2184b5cd5c158b",
"size": 2345,
"filename": "E1-Hcf9n73xmMa2cczt-v4_p_6OrrN37lruLhCWKP_M=.pem",
"location": "security-state-staging/intermediates/c9dca64c-83dd-4afa-8d5c-e90dc9aa09f2.pem",
"mimetype": "application/x-pem-file"
},
"id": "b6a3c2b1-7236-4ec8-b4c2-b4dea64ce8e8",
"last_modified": 1765382227663
},
{
"schema": 1764817156198,
"derHash": "UZX54oPqjcINa5RkglkXZ5bUrTVDgqOBkFh9aPSNfVk=",
"attachment": {
"hash": "8341b7d535e19bb68109cb0754993e2a65157a98766d1dd8200dbe0e7dddd7a4",
"size": 1975,
"filename": "mySUJCQH0F8sT4UxrtcCo1T-VVJTTxIgq1eyf5wqbAs=.pem",
"location": "security-state-staging/intermediates/524f95da-7ef2-4502-ae2d-7459647fbbbd.pem",
"mimetype": "application/x-pem-file"
},
"id": "ceaa59dc-8c7b-4c28-bd1c-672a598df7d6",
"last_modified": 1764820622846
},
{
"schema": 1764817155820,
"derHash": "BVQINDyz1IIwcsHf6Zrgme1PIDxq6T+6J+O2ZjSemEA=",
"attachment": {
"hash": "08ac715e2de25cd98032acfff7dfeb2604a7f81c433b069cf9f21a9cc1db8caf",
"size": 1134,
"filename": "-75kUEGD589mEpNjiQnoCeQPpBYDqWPrDlC3xwJuUtM=.pem",
"location": "security-state-staging/intermediates/899f5a14-a885-4a61-92d7-a8c58bf087ce.pem",
"mimetype": "application/x-pem-file"
},
"id": "deb3bf93-0ada-463c-8f8c-5e88174c72ec",
"last_modified": 1764820622843
},
{
"schema": 1764817155443,
"derHash": "lEVHbTmJdKDGem0QJKCr/y1OBKCNtFW3zk4PpY0Wpak=",
"attachment": {
"hash": "efe5e2b32dd394d042fe6f4f9bd9591e829f415bdce3909bee87cb987aecff42",
"size": 1134,
"filename": "cjGARjmhkHouKDtiSoO33a4uOH7XEfeIO5iVcVsVbb8=.pem",
"location": "security-state-staging/intermediates/c9e4af62-30a3-4642-bf36-30c4435f9f3b.pem",
"mimetype": "application/x-pem-file"
},
"id": "68c4032e-2562-4fc8-b778-5f31bca2d5ce",
"last_modified": 1764820622840
},
{
"schema": 1764817155036,
"derHash": "ocpRNACZtZTaw0vz3+DCchaIWl7CfsvDoJC+/vHLpj0=",
"attachment": {
"hash": "d69af697f9048ffcc18d359faab125a10f91f7aa10a573d0e31b810b12a8cc44",
"size": 1975,
"filename": "KKESdmQ_GK7Py9tAgDGG9Nw7M1gODAg5fAHThb7syWs=.pem",
"location": "security-state-staging/intermediates/d27ef6a3-58fb-447a-8dbe-30c726218faa.pem",
"mimetype": "application/x-pem-file"
},
"id": "870f7e56-f650-479b-bf33-f593e36ba7e4",
"last_modified": 1764820622837
},
{
"schema": 1764601145271,
"derHash": "mZd78coyP6lgR+faX5O9bL8XAQ1tj7zgMJHs55yFfvo=",
"attachment": {
"hash": "2f39906c9b7687906afb73588a223b73d3bb40c543cf27bcdbf0ed00be872ad3",
"size": 1845,
"filename": "joBG7EysAVpQfODS0BVKS0Do5CsxZc-lRlcUNREtF-U=.pem",
"location": "security-state-staging/intermediates/46076939-8285-409a-a567-12a82a184141.pem",
"mimetype": "application/x-pem-file"
},
"id": "b18518de-0065-4318-a36f-348417e3f421",
"last_modified": 1764604622418
},
{
"schema": 1764079149622,
"derHash": "Vx5SHl4igQ0zuxo5mRFD6eZM2NrpfWWTGxlOGa7oHoY=",
@ -2938,19 +3224,6 @@
"id": "b01d6f54-8501-4470-a2c4-9cc297d6c8a5",
"last_modified": 1748789822362
},
{
"schema": 1748613468911,
"derHash": "aIaMMybttIZShO4SOqy6mO5jS9wotEPbsjSISnu326U=",
"attachment": {
"hash": "46aba2c3a09d43f58213046d0d24b8d72909214f6a12ef536b9ac464675df479",
"size": 6606,
"filename": "OePGxvE8liB3UXJpTSD4HtrVWoYTk0zap8N5Om0muGs=.pem",
"location": "security-state-staging/intermediates/c08e74d4-41bc-4c0b-a013-178b2df71ef1.pem",
"mimetype": "application/x-pem-file"
},
"id": "c7ce988b-e290-4807-8114-6aa381e488a9",
"last_modified": 1748617022274
},
{
"schema": 1748613467301,
"derHash": "6RWMavVojPz5iQIGxDBhyB+n/AfQjiiifAaMWAc6aZo=",
@ -2990,32 +3263,6 @@
"id": "065468f3-9699-44a0-a94a-9dbe23482932",
"last_modified": 1748617022260
},
{
"schema": 1748613465743,
"derHash": "MjIq4uMadDC+HWwEvYyr+9JAx00snb6CeA2x8/c2YKY=",
"attachment": {
"hash": "1e96c83a685ed5ee76287c49fd81f3a8b5725ab6459929b3bcfbdfe275bac468",
"size": 6480,
"filename": "OePGxvE8liB3UXJpTSD4HtrVWoYTk0zap8N5Om0muGs=.pem",
"location": "security-state-staging/intermediates/43790604-9e8f-4964-882d-4abfd11191ba.pem",
"mimetype": "application/x-pem-file"
},
"id": "02655d38-e49e-4724-95ee-7106b411ae85",
"last_modified": 1748617022256
},
{
"schema": 1748613464898,
"derHash": "xrPG3kW8irklU2od8L7N6cQivhoGujkUJ1jB7MVYaA4=",
"attachment": {
"hash": "7838c760cb523cdd55efe81c53ee4c5a1ee9702379e1fdc610be0d4c52a1a332",
"size": 1999,
"filename": "LgbK4fwgsgDm-3SFV6RES-yTF9__LkFRZp4PeUTwqeA=.pem",
"location": "security-state-staging/intermediates/b6ca3b07-7c7f-41bf-8627-51e8624a2754.pem",
"mimetype": "application/x-pem-file"
},
"id": "8535d081-5cb2-412d-8452-365fba55e282",
"last_modified": 1748617022249
},
{
"schema": 1748570266149,
"derHash": "QYuXFAxxBYoJ6TOwidDVaD4xM81fclSPbBWhdXm6J9s=",
@ -7483,78 +7730,6 @@
"id": "4bd872f6-57a0-4199-b912-bd91ea605fc6",
"last_modified": 1721872623502
},
{
"schema": 1721314066965,
"derHash": "F3cfaUf6NHJ4bTpEta3iqsupraIDujHr1L2M66/OSUo=",
"subject": "CN=NETLOCK TLS Qualified EV ECC CA,O=NETLOCK Kft.,L=Budapest,C=HU",
"subjectDN": "MHoxCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTkVUTE9DSyBLZnQuMSgwJgYDVQQDDB9ORVRMT0NLIFRMUyBRdWFsaWZpZWQgRVYgRUNDIENBMRcwFQYDVQRhDA5WQVRIVS0xMjIwMTUyMQ==",
"whitelist": false,
"attachment": {
"hash": "c9ece95860512e413eb8e22277dcad84c1d4ea14021af9ac7e7716b861cb07fc",
"size": 1622,
"filename": "8hGei3i00u2h5PvrbQEWCXLIaozLXkbULtTHvZ-3QZg=.pem",
"location": "security-state-staging/intermediates/61dcf76f-a95b-4f56-b986-2147acdca2ae.pem",
"mimetype": "application/x-pem-file"
},
"pubKeyHash": "8hGei3i00u2h5PvrbQEWCXLIaozLXkbULtTHvZ+3QZg=",
"crlite_enrolled": false,
"id": "cbb6e3e5-aef1-4dbd-9969-ee713e54f56f",
"last_modified": 1721314623022
},
{
"schema": 1721314066604,
"derHash": "ABJ5uUndhnDxrm2kB5E7cm9hrveKL/GcLaOVIrMdwMc=",
"subject": "CN=NETLOCK TLS DV ECC CA,O=NETLOCK Kft.,L=Budapest,C=HU",
"subjectDN": "MHAxCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTkVUTE9DSyBLZnQuMR4wHAYDVQQDDBVORVRMT0NLIFRMUyBEViBFQ0MgQ0ExFzAVBgNVBGEMDlZBVEhVLTEyMjAxNTIx",
"whitelist": false,
"attachment": {
"hash": "3b6ba905027ab376f8a0d1dc686ac229d8f8c842a00fb4de31f37a87ec39469b",
"size": 1609,
"filename": "li0YuffRNQ1XEOF7VTuJakr96zJ_ALD7q_pshmkp7mU=.pem",
"location": "security-state-staging/intermediates/1cd4921a-91a9-442f-afba-b1891d75cbcf.pem",
"mimetype": "application/x-pem-file"
},
"pubKeyHash": "li0YuffRNQ1XEOF7VTuJakr96zJ/ALD7q/pshmkp7mU=",
"crlite_enrolled": false,
"id": "82b342ce-a491-4a61-966c-d18c2dfb17a9",
"last_modified": 1721314623019
},
{
"schema": 1721249267434,
"derHash": "83562S7OoS8wdQHBJrPi1t4sdBfT4bctJgacE3DniJQ=",
"subject": "CN=NETLOCK TLS EV ECC CA,O=NETLOCK Kft.,L=Budapest,C=HU",
"subjectDN": "MHAxCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTkVUTE9DSyBLZnQuMR4wHAYDVQQDDBVORVRMT0NLIFRMUyBFViBFQ0MgQ0ExFzAVBgNVBGEMDlZBVEhVLTEyMjAxNTIx",
"whitelist": false,
"attachment": {
"hash": "6cec58bc428099e4938b4ed602a712431dbb35289dc6c5637c2fd4085f1a4506",
"size": 1609,
"filename": "cbddOej5UNOOv4KN9cNSXUsA1PNl6KujuXDCLRgBnFg=.pem",
"location": "security-state-staging/intermediates/46b3b865-76a2-4411-94a8-2ab122ecabcf.pem",
"mimetype": "application/x-pem-file"
},
"pubKeyHash": "cbddOej5UNOOv4KN9cNSXUsA1PNl6KujuXDCLRgBnFg=",
"crlite_enrolled": false,
"id": "5069295a-97e9-45cf-8b62-e71284a97699",
"last_modified": 1721249822940
},
{
"schema": 1721249267110,
"derHash": "0OuQhAHzMkJgJjSv1RmRU2s616qQFYb960lV/lGw5Bk=",
"subject": "CN=NETLOCK TLS OV ECC CA,O=NETLOCK Kft.,L=Budapest,C=HU",
"subjectDN": "MHAxCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTkVUTE9DSyBLZnQuMR4wHAYDVQQDDBVORVRMT0NLIFRMUyBPViBFQ0MgQ0ExFzAVBgNVBGEMDlZBVEhVLTEyMjAxNTIx",
"whitelist": false,
"attachment": {
"hash": "c88e2b1e7410dd323a5bc34a7c3f85bd4affb345950c976b16e9db704ef4aac9",
"size": 1609,
"filename": "i16I9ip2k2JwWRaZXmFeIeiS2KzOYhrChFGnUDooIl0=.pem",
"location": "security-state-staging/intermediates/4c2b366d-3949-4dd1-b8aa-a6cacea9a11f.pem",
"mimetype": "application/x-pem-file"
},
"pubKeyHash": "i16I9ip2k2JwWRaZXmFeIeiS2KzOYhrChFGnUDooIl0=",
"crlite_enrolled": false,
"id": "ad955f30-a150-4a7e-8606-f8be1f785134",
"last_modified": 1721249822937
},
{
"schema": 1721227673766,
"derHash": "t3bf8AeekKa/aJc4DUDWzwyA/obmWgbg3wLVgah3BeI=",
@ -10705,78 +10880,6 @@
"id": "f3a57b4b-1087-4064-afdc-fd3d8fd73b7b",
"last_modified": 1693407423723
},
{
"schema": 1693342092773,
"derHash": "snT+vm68cYZsM58Bitkz581oBbQ7/ebSGNwhFHFp12s=",
"subject": "CN=e-Szigno Online SSL CA 2017,O=Microsec Ltd.,L=Budapest,C=HU",
"subjectDN": "MHcxCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEWMBQGA1UECgwNTWljcm9zZWMgTHRkLjEXMBUGA1UEYQwOVkFUSFUtMjM1ODQ0OTcxJDAiBgNVBAMMG2UtU3ppZ25vIE9ubGluZSBTU0wgQ0EgMjAxNw==",
"whitelist": false,
"attachment": {
"hash": "72bc4f35ba6c3e85f36f856880dc364ba08e1ce42b81244f1ebf53e8514a8d5f",
"size": 1435,
"filename": "G_JwHP_ydSe7pufWcUyNckBrxBbnQ6Kmqw_OFPPiQI0=.pem",
"location": "security-state-staging/intermediates/9cda4ca9-3689-48fd-af2c-640bd25284ff.pem",
"mimetype": "application/x-pem-file"
},
"pubKeyHash": "G/JwHP/ydSe7pufWcUyNckBrxBbnQ6Kmqw/OFPPiQI0=",
"crlite_enrolled": false,
"id": "df7a20cf-df80-4bde-8483-7d48af559d55",
"last_modified": 1693342624041
},
{
"schema": 1693342093437,
"derHash": "F0TXMTT5XOkWrevub3V0LEeTaGi2TSoMFi7xMpAPDuQ=",
"subject": "CN=e-Szigno Class3 SSL CA 2017,O=Microsec Ltd.,L=Budapest,C=HU",
"subjectDN": "MHcxCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEWMBQGA1UECgwNTWljcm9zZWMgTHRkLjEXMBUGA1UEYQwOVkFUSFUtMjM1ODQ0OTcxJDAiBgNVBAMMG2UtU3ppZ25vIENsYXNzMyBTU0wgQ0EgMjAxNw==",
"whitelist": false,
"attachment": {
"hash": "f875b715f8027d390ccd47c7e62fa9a8cb805078002c5447fead8ec98441abbd",
"size": 1435,
"filename": "69Duo3nmlQnUEvqzlU27qTDaDY9K1yN0wfdopIs9Y7s=.pem",
"location": "security-state-staging/intermediates/1986ba70-a9d5-4c04-9f62-2c8f532bde42.pem",
"mimetype": "application/x-pem-file"
},
"pubKeyHash": "69Duo3nmlQnUEvqzlU27qTDaDY9K1yN0wfdopIs9Y7s=",
"crlite_enrolled": false,
"id": "0b79b1b7-45eb-4167-b5a4-52c77a4ae693",
"last_modified": 1693342624038
},
{
"schema": 1693342093097,
"derHash": "/Y4MjMzbuuTB8HwkjRH+u7D7PaDNDYlKioDYBKjTmn0=",
"subject": "CN=e-Szigno Class2 SSL CA 2017,O=Microsec Ltd.,L=Budapest,C=HU",
"subjectDN": "MHcxCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEWMBQGA1UECgwNTWljcm9zZWMgTHRkLjEXMBUGA1UEYQwOVkFUSFUtMjM1ODQ0OTcxJDAiBgNVBAMMG2UtU3ppZ25vIENsYXNzMiBTU0wgQ0EgMjAxNw==",
"whitelist": false,
"attachment": {
"hash": "eb233f6d83b210e52823cdff3145fe53c2632e2cf95904c5ac6d29368eb61943",
"size": 1435,
"filename": "HGXB7TIfcoLqLINF3LJD2A9t3V4VdHjcBv6LboViQMo=.pem",
"location": "security-state-staging/intermediates/36fd2d27-8c24-4aee-9ba5-feccce9483d5.pem",
"mimetype": "application/x-pem-file"
},
"pubKeyHash": "HGXB7TIfcoLqLINF3LJD2A9t3V4VdHjcBv6LboViQMo=",
"crlite_enrolled": false,
"id": "c2701cd6-d220-4744-a18b-3a3b323259ee",
"last_modified": 1693342624035
},
{
"schema": 1693342092400,
"derHash": "akjnNKxvBnFAySitu8xEkkadQW3i08mnoZfWI3DqwOI=",
"subject": "CN=e-Szigno Qualified TLS CA 2018,O=Microsec Ltd.,L=Budapest,C=HU",
"subjectDN": "MHoxCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEWMBQGA1UECgwNTWljcm9zZWMgTHRkLjEXMBUGA1UEYQwOVkFUSFUtMjM1ODQ0OTcxJzAlBgNVBAMMHmUtU3ppZ25vIFF1YWxpZmllZCBUTFMgQ0EgMjAxOA==",
"whitelist": false,
"attachment": {
"hash": "acb85909161220196625771f857155f74f662f21acb6efeab36c92266013233a",
"size": 1439,
"filename": "qd9EIyfp7CEtbkxafeyYAuC_8wQBWqGZflkLznwnuyc=.pem",
"location": "security-state-staging/intermediates/86baa78d-dbf7-44c9-b002-1a204379bad6.pem",
"mimetype": "application/x-pem-file"
},
"pubKeyHash": "qd9EIyfp7CEtbkxafeyYAuC/8wQBWqGZflkLznwnuyc=",
"crlite_enrolled": false,
"id": "9cf88ec1-23c0-487b-9991-3fc43bbf71c0",
"last_modified": 1693342624031
},
{
"schema": 1693104479614,
"derHash": "8BBP8XJ0YI8aGKHh6r+OaKUfUAqH4u+iLstiJ2P+9M8=",
@ -12037,60 +12140,6 @@
"id": "ddc97932-2e16-48d1-84b0-3815961ddf1f",
"last_modified": 1691204223383
},
{
"schema": 1690296478698,
"derHash": "oRXsDXPC6KuxiDE0+i3w2YXnQYgWBKQIKQfXBeJAfHI=",
"subject": "CN=e-Szigno Qualified TLS CA 2023,O=Microsec Ltd.,L=Budapest,C=HU",
"subjectDN": "MHoxCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEWMBQGA1UECgwNTWljcm9zZWMgTHRkLjEXMBUGA1UEYQwOVkFUSFUtMjM1ODQ0OTcxJzAlBgNVBAMMHmUtU3ppZ25vIFF1YWxpZmllZCBUTFMgQ0EgMjAyMw==",
"whitelist": false,
"attachment": {
"hash": "e5582687d546ac85a09c343f23ce9764cbc06e78844654f61940dde5034b145f",
"size": 1439,
"filename": "FfstIBJRQL_OSddFhkXVXxYXvlwpeV4N5QyzQSOMer4=.pem",
"location": "security-state-staging/intermediates/c3eaa351-c45f-4c58-b312-1a214832f8b5.pem",
"mimetype": "application/x-pem-file"
},
"pubKeyHash": "FfstIBJRQL/OSddFhkXVXxYXvlwpeV4N5QyzQSOMer4=",
"crlite_enrolled": false,
"id": "da49e20c-b2f2-4d31-b07b-1064e96e3b70",
"last_modified": 1690297023211
},
{
"schema": 1690296478406,
"derHash": "wEww5A3X6WmC+GBuvvNVSOXG9PeSpSpReM8koOn9c5Y=",
"subject": "CN=e-Szigno DV TLS CA 2023,O=Microsec Ltd.,L=Budapest,C=HU",
"subjectDN": "MHMxCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEWMBQGA1UECgwNTWljcm9zZWMgTHRkLjEXMBUGA1UEYQwOVkFUSFUtMjM1ODQ0OTcxIDAeBgNVBAMMF2UtU3ppZ25vIERWIFRMUyBDQSAyMDIz",
"whitelist": false,
"attachment": {
"hash": "e024d6f71f79e22a937ce5712dfbf1c17be250937f7a1a1b7aaa69d96607e27b",
"size": 1431,
"filename": "XxwXFeAhoV94cB2wpw1cfCsPS8BPvJevCyCobm4QKxg=.pem",
"location": "security-state-staging/intermediates/6e6e1fde-6155-4773-b392-6ee7800fcbdc.pem",
"mimetype": "application/x-pem-file"
},
"pubKeyHash": "XxwXFeAhoV94cB2wpw1cfCsPS8BPvJevCyCobm4QKxg=",
"crlite_enrolled": false,
"id": "0d228708-baa8-45e3-a4ea-0bce48f43f86",
"last_modified": 1690297023208
},
{
"schema": 1690296478088,
"derHash": "EtRTenVH/2PDaSNiKiga/+lIESDbeBd2qvmBofm2aNg=",
"subject": "CN=e-Szigno OV TLS CA 2023,O=Microsec Ltd.,L=Budapest,C=HU",
"subjectDN": "MHMxCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEWMBQGA1UECgwNTWljcm9zZWMgTHRkLjEXMBUGA1UEYQwOVkFUSFUtMjM1ODQ0OTcxIDAeBgNVBAMMF2UtU3ppZ25vIE9WIFRMUyBDQSAyMDIz",
"whitelist": false,
"attachment": {
"hash": "ab5bf3cb8d3a60923137ac8e379030e9e4208f811155f11e65307099425c5d04",
"size": 1431,
"filename": "CBpKKUYnWuYNjyn6A4C6-fbIOhB5kbX1rkHpBJ-7g0Y=.pem",
"location": "security-state-staging/intermediates/0052bd62-f25b-4c75-b5e2-123cf02b80fe.pem",
"mimetype": "application/x-pem-file"
},
"pubKeyHash": "CBpKKUYnWuYNjyn6A4C6+fbIOhB5kbX1rkHpBJ+7g0Y=",
"crlite_enrolled": false,
"id": "a206224b-c943-44b0-b74e-3c4bfb484c15",
"last_modified": 1690297023205
},
{
"schema": 1689929282855,
"derHash": "5G+yp1CXo0XUJG3PRKENqnHZ/Q6/q2G6Z+bbhO5bbKs=",
@ -14575,24 +14624,6 @@
"id": "5ec3f078-2414-46ca-aaf8-e9630ae2109a",
"last_modified": 1666727874812
},
{
"schema": 1666727388343,
"derHash": "ppxZlm67zf7H9P8CiMhv9gNW+nhgIIuTtDoJWwYAzB4=",
"subject": "CN=nazwaSSL,OU=http://nazwa.pl,O=nazwa.pl sp. z o.o.,C=PL",
"subjectDN": "MFgxCzAJBgNVBAYTAlBMMRwwGgYDVQQKDBNuYXp3YS5wbCBzcC4geiBvLm8uMRgwFgYDVQQLDA9odHRwOi8vbmF6d2EucGwxETAPBgNVBAMMCG5hendhU1NM",
"whitelist": false,
"attachment": {
"hash": "882b6da025cdfc61d89e03806a350163dfdfc251470ff6e5f8433ca8370adea9",
"size": 1605,
"filename": "AW6U8qPqk114rfl2sAhiEim2Pf0mq_Rb_BeWSlVAiP4=.pem",
"location": "security-state-staging/intermediates/4a692d29-8a7d-4aa6-b0fa-426ad6f59300.pem",
"mimetype": "application/x-pem-file"
},
"pubKeyHash": "AW6U8qPqk114rfl2sAhiEim2Pf0mq/Rb/BeWSlVAiP4=",
"crlite_enrolled": false,
"id": "bbeb9d9e-3dd2-4546-8c96-d7fc9be4f2e6",
"last_modified": 1666727874798
},
{
"schema": 1666727382505,
"derHash": "6sJBwEQKNoMBETgzNrwgysdAnCD26I1PhPSCe+kZ4zg=",
@ -16015,24 +16046,6 @@
"id": "42115fab-f048-4a66-92be-15d909da568b",
"last_modified": 1666727872798
},
{
"schema": 1666727452311,
"derHash": "I7zV16lqUTqYHq0nk25ZqAKKgHvXKGBBj2i1VaKRFnA=",
"subject": "CN=Certigna Identity CA,OU=0002 48146308100036,O=DHIMYOTIS,C=FR",
"subjectDN": "MIGCMQswCQYDVQQGEwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4MTAwMDM2MSIwIAYDVQRhDBlOVFJGUi0wMDAyIDQ4MTQ2MzA4MTAwMDM2MR0wGwYDVQQDDBRDZXJ0aWduYSBJZGVudGl0eSBDQQ==",
"whitelist": false,
"attachment": {
"hash": "211c9fabe3b82a58caaded8a0e4fe51f77d8506e143103dc3f8db31704cb7e6e",
"size": 2178,
"filename": "lwJkDQYtogkGJEFJMX5DjskCXh2W7dNBRH_eJZlWjWo=.pem",
"location": "security-state-staging/intermediates/00c1f21f-a695-478a-9e33-19d48f9525d8.pem",
"mimetype": "application/x-pem-file"
},
"pubKeyHash": "lwJkDQYtogkGJEFJMX5DjskCXh2W7dNBRH/eJZlWjWo=",
"crlite_enrolled": false,
"id": "f695b618-333e-4759-a681-19c5f52aeb16",
"last_modified": 1666727872784
},
{
"schema": 1666727400274,
"derHash": "HMNYpt+gp2u1RwZg1487JfI8zWOVZn5JzPyCAdo9GS0=",
@ -18553,24 +18566,6 @@
"id": "d340c468-a715-4aa3-a149-c150973125ed",
"last_modified": 1666727869444
},
{
"schema": 1666727411011,
"derHash": "co2vQG/ans1NVV3BLyfWfW3kRSRpVGShIGaSAPILKEs=",
"subject": "CN=AgID CA1,OU=Area Soluzioni per la Pubblica Amministrazione,O=Agenzia per l'Italia Digitale,L=Roma,C=IT",
"subjectDN": "MIGQMQswCQYDVQQGEwJJVDENMAsGA1UEBwwEUm9tYTEmMCQGA1UECgwdQWdlbnppYSBwZXIgbCdJdGFsaWEgRGlnaXRhbGUxNzA1BgNVBAsMLkFyZWEgU29sdXppb25pIHBlciBsYSBQdWJibGljYSBBbW1pbmlzdHJhemlvbmUxETAPBgNVBAMMCEFnSUQgQ0Ex",
"whitelist": false,
"attachment": {
"hash": "ff3a99bc1b4b533a0133498e18b56144ddeaaae3dfb43cf3c18b178f16a864a6",
"size": 6127,
"filename": "OePGxvE8liB3UXJpTSD4HtrVWoYTk0zap8N5Om0muGs=.pem",
"location": "security-state-staging/intermediates/f92cd274-a6c5-4692-89d8-bb79a6ff2229.pem",
"mimetype": "application/x-pem-file"
},
"pubKeyHash": "OePGxvE8liB3UXJpTSD4HtrVWoYTk0zap8N5Om0muGs=",
"crlite_enrolled": false,
"id": "fbd44422-0d3b-47de-9e7b-2a8f647897eb",
"last_modified": 1666727869413
},
{
"schema": 1666727367726,
"derHash": "N/0pxwHWl3mY8gUVPqikwumWNU3wctSYTcXYsfdaK2E=",
@ -18589,24 +18584,6 @@
"id": "47f9f4d2-4baa-40bb-9b5b-aa8cefeea36f",
"last_modified": 1666727869399
},
{
"schema": 1666727395775,
"derHash": "0HC/AZz7pGyNNBTW/o19IQd/NUXC/oOePSUPMk43xas=",
"subject": "CN=AgID CA1,OU=Area Soluzioni per la Pubblica Amministrazione,O=Agenzia per l'Italia Digitale,L=Roma,C=IT",
"subjectDN": "MIGQMQswCQYDVQQGEwJJVDENMAsGA1UEBwwEUm9tYTEmMCQGA1UECgwdQWdlbnppYSBwZXIgbCdJdGFsaWEgRGlnaXRhbGUxNzA1BgNVBAsMLkFyZWEgU29sdXppb25pIHBlciBsYSBQdWJibGljYSBBbW1pbmlzdHJhemlvbmUxETAPBgNVBAMMCEFnSUQgQ0Ex",
"whitelist": false,
"attachment": {
"hash": "acd4d6d8a473c1fc0d659c79901ef8ffbd4acdcd519a73233aa6ae62e6eafbda",
"size": 6208,
"filename": "OePGxvE8liB3UXJpTSD4HtrVWoYTk0zap8N5Om0muGs=.pem",
"location": "security-state-staging/intermediates/995cf1f7-a18a-4753-a7dd-edadaef3dfe1.pem",
"mimetype": "application/x-pem-file"
},
"pubKeyHash": "OePGxvE8liB3UXJpTSD4HtrVWoYTk0zap8N5Om0muGs=",
"crlite_enrolled": false,
"id": "d5a2518e-b5a8-4ddb-bf31-9b97ea3416f9",
"last_modified": 1666727869386
},
{
"schema": 1666727382024,
"derHash": "lItxEa9C9UbVec/1ziveyCE03ZkUhCvdsMUocutgTjk=",
@ -18625,24 +18602,6 @@
"id": "6430f852-d358-4b1a-b2c9-577cf8cf4f97",
"last_modified": 1666727869373
},
{
"schema": 1666727357771,
"derHash": "knHKfojO0l7R0fjgivoDsR0f4S7RElWFraUBJD4srAk=",
"subject": "CN=AgID CA1,OU=Area Soluzioni per la Pubblica Amministrazione,O=Agenzia per l'Italia Digitale,L=Roma,C=IT",
"subjectDN": "MIGQMQswCQYDVQQGEwJJVDENMAsGA1UEBwwEUm9tYTEmMCQGA1UECgwdQWdlbnppYSBwZXIgbCdJdGFsaWEgRGlnaXRhbGUxNzA1BgNVBAsMLkFyZWEgU29sdXppb25pIHBlciBsYSBQdWJibGljYSBBbW1pbmlzdHJhemlvbmUxETAPBgNVBAMMCEFnSUQgQ0Ex",
"whitelist": false,
"attachment": {
"hash": "134d08513f86579b09ea4693ac4d3685f5fc88e012db239d7b017feecbf3f87e",
"size": 6306,
"filename": "OePGxvE8liB3UXJpTSD4HtrVWoYTk0zap8N5Om0muGs=.pem",
"location": "security-state-staging/intermediates/f3792909-e805-46b5-a4d0-bb3979399b7b.pem",
"mimetype": "application/x-pem-file"
},
"pubKeyHash": "OePGxvE8liB3UXJpTSD4HtrVWoYTk0zap8N5Om0muGs=",
"crlite_enrolled": false,
"id": "07f2dc33-3379-48ad-b352-dc3a300c8197",
"last_modified": 1666727869330
},
{
"schema": 1666727444337,
"derHash": "g5Tj0H780el+psuiFMOgVcF92afr+N3gAg/N23byhlM=",
@ -18697,24 +18656,6 @@
"id": "f18dd59f-ebc7-4e0d-9963-60e432ae1d44",
"last_modified": 1666727869270
},
{
"schema": 1666727413717,
"derHash": "YBjw3/qk1I9rNj29iVtD1yBpH5ZY49lAcn+xSZ1SUAU=",
"subject": "CN=AgID CA1,OU=Area Soluzioni per la Pubblica Amministrazione,O=Agenzia per l'Italia Digitale,L=Roma,C=IT",
"subjectDN": "MIGQMQswCQYDVQQGEwJJVDENMAsGA1UEBwwEUm9tYTEmMCQGA1UECgwdQWdlbnppYSBwZXIgbCdJdGFsaWEgRGlnaXRhbGUxNzA1BgNVBAsMLkFyZWEgU29sdXppb25pIHBlciBsYSBQdWJibGljYSBBbW1pbmlzdHJhemlvbmUxETAPBgNVBAMMCEFnSUQgQ0Ex",
"whitelist": false,
"attachment": {
"hash": "2ce5754aafd954d566863872c84b5b09cc520df3b7c3fcdf3f3109c176f7236f",
"size": 6204,
"filename": "OePGxvE8liB3UXJpTSD4HtrVWoYTk0zap8N5Om0muGs=.pem",
"location": "security-state-staging/intermediates/71d7de8a-96d4-4d28-95c1-ddd904ad7b95.pem",
"mimetype": "application/x-pem-file"
},
"pubKeyHash": "OePGxvE8liB3UXJpTSD4HtrVWoYTk0zap8N5Om0muGs=",
"crlite_enrolled": false,
"id": "f311d986-6d46-4d1e-87fe-52110484e044",
"last_modified": 1666727869243
},
{
"schema": 1666727453330,
"derHash": "TpO8rdXU6VMxrjYt+cYGbMp/lCqP3k0+4BHeNAdPWEA=",
@ -18733,24 +18674,6 @@
"id": "31daf90c-ae6a-4df7-9505-d52c9abded80",
"last_modified": 1666727869229
},
{
"schema": 1666727368224,
"derHash": "RkiQCwQnJiirey2C3fdM1beNd/hlLVu/KCS7ZN0Xhlk=",
"subject": "CN=AgID CA1,OU=Area Soluzioni per la Pubblica Amministrazione,O=Agenzia per l'Italia Digitale,L=Roma,C=IT",
"subjectDN": "MIGQMQswCQYDVQQGEwJJVDENMAsGA1UEBwwEUm9tYTEmMCQGA1UECgwdQWdlbnppYSBwZXIgbCdJdGFsaWEgRGlnaXRhbGUxNzA1BgNVBAsMLkFyZWEgU29sdXppb25pIHBlciBsYSBQdWJibGljYSBBbW1pbmlzdHJhemlvbmUxETAPBgNVBAMMCEFnSUQgQ0Ex",
"whitelist": false,
"attachment": {
"hash": "db3cb445b73014519c03c7c1b234573a3cf1ba480f778be153e10d2069492dc1",
"size": 6383,
"filename": "OePGxvE8liB3UXJpTSD4HtrVWoYTk0zap8N5Om0muGs=.pem",
"location": "security-state-staging/intermediates/6f6d6bc0-5ac7-497e-b77d-50b85aeaad14.pem",
"mimetype": "application/x-pem-file"
},
"pubKeyHash": "OePGxvE8liB3UXJpTSD4HtrVWoYTk0zap8N5Om0muGs=",
"crlite_enrolled": false,
"id": "ec340448-450e-44bb-9a1b-f58c6fa4661e",
"last_modified": 1666727869203
},
{
"schema": 1666727406308,
"derHash": "mKDDuhiZJYWV0E8V0TTFcy6GS3VcZIpI0cF/CiYO9ac=",
@ -20227,24 +20150,6 @@
"id": "4627074c-5b10-4a84-93b4-b84a6d421f42",
"last_modified": 1666727867498
},
{
"schema": 1666727385276,
"derHash": "vbeqKPFk5LwV1pIHM7Ij7ZjlUiCj5W87Hs/QTofTC3E=",
"subject": "CN=InCommon ECC Server CA,OU=InCommon,O=Internet2,L=Ann Arbor,ST=MI,C=US",
"subjectDN": "MHYxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNSTESMBAGA1UEBxMJQW5uIEFyYm9yMRIwEAYDVQQKEwlJbnRlcm5ldDIxETAPBgNVBAsTCEluQ29tbW9uMR8wHQYDVQQDExZJbkNvbW1vbiBFQ0MgU2VydmVyIENB",
"whitelist": false,
"attachment": {
"hash": "6ba40ddb17a0c5e550d03cf27b415658441db787e87cc7efbaeacbe40e7954dd",
"size": 1293,
"filename": "8Ped1-_2NPqUB2Q-UJri8oBJaaIrldtkbw8LmkGTkrE=.pem",
"location": "security-state-staging/intermediates/b23bebad-6d65-4274-8012-f0cc243b967d.pem",
"mimetype": "application/x-pem-file"
},
"pubKeyHash": "8Ped1+/2NPqUB2Q+UJri8oBJaaIrldtkbw8LmkGTkrE=",
"crlite_enrolled": false,
"id": "d876197d-e674-4e0b-8d72-41091e4b2fb3",
"last_modified": 1666727867454
},
{
"schema": 1666727366065,
"derHash": "51WunELBMV8n3NBkUcar4LxqrW7dwuVjXPxJGBktNEw=",
@ -29209,24 +29114,6 @@
"id": "60de9866-3e99-4374-b830-17ad74f56f75",
"last_modified": 1576536533289
},
{
"schema": 1576535711746,
"derHash": "k1BhvlLI6ojANLOa39UiuzFMv1ME5acGRzXdvaMkKq8=",
"subject": "CN=Certigna Entity Code Signing CA,OU=0002 48146308100036,O=DHIMYOTIS,C=FR",
"subjectDN": "MIGIMQswCQYDVQQGEwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4MTAwMDM2MR0wGwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEoMCYGA1UEAwwfQ2VydGlnbmEgRW50aXR5IENvZGUgU2lnbmluZyBDQQ==",
"whitelist": false,
"attachment": {
"hash": "dfa52fac8680622c2c208aa337be1f107052398f893cb8cdaa1bc8ee0c3c1f93",
"size": 2186,
"filename": "u3ZvFIlkZqOQDQbj9Abh3WXDOESr4pASOdoob9Oo2YI=.pem",
"location": "security-state-staging/intermediates/a34d09dc-c1e9-4b35-bb0f-0c7ee3e64ad8.pem",
"mimetype": "application/x-pem-file"
},
"pubKeyHash": "u3ZvFIlkZqOQDQbj9Abh3WXDOESr4pASOdoob9Oo2YI=",
"crlite_enrolled": false,
"id": "90283279-5bef-4526-8705-37883c1dc2bc",
"last_modified": 1576536533281
},
{
"schema": 1576535685544,
"derHash": "Rcsdh0ywO9XFtuB5yPwp5RUh7lYoSGMBlkpB+Uuln4g=",
@ -30668,5 +30555,5 @@
"last_modified": 1559865884636
}
],
"timestamp": 1764082622611
"timestamp": 1767110222688
}

242
icecat/services/settings/dumps/security-state/onecrl.json
View file

@ -1,5 +1,245 @@
{
"data": [
{
"schema": 1764954051281,
"details": {
"bug": "https://bugzilla.mozilla.org/show_bug.cgi?id=2004418",
"who": "",
"why": "",
"name": "",
"created": ""
},
"enabled": false,
"issuerName": "MIGFMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRlZDErMCkGA1UEAxMiQ09NT0RPIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==",
"serialNumber": "AJFZN56em7HZgckLifaauTo=",
"id": "09f13136-0183-4582-be09-38b0dec73c60",
"last_modified": 1765387587348
},
{
"schema": 1764954051205,
"details": {
"bug": "https://bugzilla.mozilla.org/show_bug.cgi?id=2004418",
"who": "",
"why": "",
"name": "",
"created": ""
},
"enabled": false,
"issuerName": "MIGFMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRlZDErMCkGA1UEAxMiQ09NT0RPIEVDQyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==",
"serialNumber": "AN+yROlloEAqqg4G6aHdFk8=",
"id": "c7a3bd39-ee1d-4675-9e99-e954502bc6ef",
"last_modified": 1765387587342
},
{
"schema": 1764954051050,
"details": {
"bug": "https://bugzilla.mozilla.org/show_bug.cgi?id=2004418",
"who": "",
"why": "",
"name": "",
"created": ""
},
"enabled": false,
"issuerName": "MDcxFDASBgNVBAoMC1RlbGlhU29uZXJhMR8wHQYDVQQDDBZUZWxpYVNvbmVyYSBSb290IENBIHYx",
"serialNumber": "TEYq9tv794BPhMF8/qlytg==",
"id": "159440cb-b6c1-4a3b-abb1-463a4a8e00a6",
"last_modified": 1765387587336
},
{
"schema": 1764954050974,
"details": {
"bug": "https://bugzilla.mozilla.org/show_bug.cgi?id=2004418",
"who": "",
"why": "",
"name": "",
"created": ""
},
"enabled": false,
"issuerName": "MIGCMQswCQYDVQQGEwJERTErMCkGA1UECgwiVC1TeXN0ZW1zIEVudGVycHJpc2UgU2VydmljZXMgR21iSDEfMB0GA1UECwwWVC1TeXN0ZW1zIFRydXN0IENlbnRlcjElMCMGA1UEAwwcVC1UZWxlU2VjIEdsb2JhbFJvb3QgQ2xhc3MgMg==",
"serialNumber": "DQhC23luw5lX4cFe2MeDxw==",
"id": "73149904-bb79-44a5-9b14-eebb7c1ee93f",
"last_modified": 1765387587331
},
{
"schema": 1764954050730,
"details": {
"bug": "https://bugzilla.mozilla.org/show_bug.cgi?id=2004418",
"who": "",
"why": "",
"name": "",
"created": ""
},
"enabled": false,
"issuerName": "MIGCMQswCQYDVQQGEwJERTErMCkGA1UECgwiVC1TeXN0ZW1zIEVudGVycHJpc2UgU2VydmljZXMgR21iSDEfMB0GA1UECwwWVC1TeXN0ZW1zIFRydXN0IENlbnRlcjElMCMGA1UEAwwcVC1UZWxlU2VjIEdsb2JhbFJvb3QgQ2xhc3MgMg==",
"serialNumber": "Ks7V+RxC8r+Ri1uAk6jAJA==",
"id": "3b08fe4c-94d3-41e5-bb12-7b4ac1499c76",
"last_modified": 1765387587326
},
{
"schema": 1764954050510,
"details": {
"bug": "https://bugzilla.mozilla.org/show_bug.cgi?id=2004418",
"who": "",
"why": "",
"name": "",
"created": ""
},
"enabled": false,
"issuerName": "MGsxCzAJBgNVBAYTAklUMQ4wDAYDVQQHDAVNaWxhbjEjMCEGA1UECgwaQWN0YWxpcyBTLnAuQS4vMDMzNTg1MjA5NjcxJzAlBgNVBAMMHkFjdGFsaXMgQXV0aGVudGljYXRpb24gUm9vdCBDQQ==",
"serialNumber": "SYgCH6U1+Go=",
"id": "92434599-a653-47af-aac7-e8a1f40242d6",
"last_modified": 1765387587321
},
{
"schema": 1764954050815,
"details": {
"bug": "https://bugzilla.mozilla.org/show_bug.cgi?id=2004418",
"who": "",
"why": "",
"name": "",
"created": ""
},
"enabled": false,
"issuerName": "MIGFMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRlZDErMCkGA1UEAxMiQ09NT0RPIEVDQyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==",
"serialNumber": "WyXOaQfEJlVm0zkMmalUrQ==",
"id": "7cfc413a-e855-4723-afd4-5d77984fdb40",
"last_modified": 1765387587316
},
{
"schema": 1764954050436,
"details": {
"bug": "https://bugzilla.mozilla.org/show_bug.cgi?id=2004418",
"who": "",
"why": "",
"name": "",
"created": ""
},
"enabled": false,
"issuerName": "MGsxCzAJBgNVBAYTAklUMQ4wDAYDVQQHDAVNaWxhbjEjMCEGA1UECgwaQWN0YWxpcyBTLnAuQS4vMDMzNTg1MjA5NjcxJzAlBgNVBAMMHkFjdGFsaXMgQXV0aGVudGljYXRpb24gUm9vdCBDQQ==",
"serialNumber": "bHGKodaE7KY=",
"id": "1e09c558-f654-4e08-95d4-a9d0ed05bc5d",
"last_modified": 1765387587311
},
{
"schema": 1764954050282,
"details": {
"bug": "https://bugzilla.mozilla.org/show_bug.cgi?id=2004418",
"who": "",
"why": "",
"name": "",
"created": ""
},
"enabled": false,
"issuerName": "MIGFMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRlZDErMCkGA1UEAxMiQ09NT0RPIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==",
"serialNumber": "AOiuT82x88HxRnXSU5rusCc=",
"id": "7885b8f0-842b-445f-9849-e6be71654fba",
"last_modified": 1765387587306
},
{
"schema": 1764954051362,
"details": {
"bug": "https://bugzilla.mozilla.org/show_bug.cgi?id=2004418",
"who": "",
"why": "",
"name": "",
"created": ""
},
"enabled": false,
"issuerName": "MGsxCzAJBgNVBAYTAklUMQ4wDAYDVQQHDAVNaWxhbjEjMCEGA1UECgwaQWN0YWxpcyBTLnAuQS4vMDMzNTg1MjA5NjcxJzAlBgNVBAMMHkFjdGFsaXMgQXV0aGVudGljYXRpb24gUm9vdCBDQQ==",
"serialNumber": "JBwXCyRk4Bg=",
"id": "9b0b6908-be23-450a-9b16-78cb603c53ae",
"last_modified": 1765387587300
},
{
"schema": 1764954050656,
"details": {
"bug": "https://bugzilla.mozilla.org/show_bug.cgi?id=2004418",
"who": "",
"why": "",
"name": "",
"created": ""
},
"enabled": false,
"issuerName": "MGMxCzAJBgNVBAYTAkRFMScwJQYDVQQKDB5EZXV0c2NoZSBUZWxla29tIFNlY3VyaXR5IEdtYkgxKzApBgNVBAMMIlRlbGVrb20gU2VjdXJpdHkgVExTIEVDQyBSb290IDIwMjA=",
"serialNumber": "H7KN4bwqtn0heoLQH+Ikfg==",
"id": "d803458c-98bd-4269-9a47-6da26c059d1f",
"last_modified": 1765387587295
},
{
"schema": 1764900945407,
"details": {
"bug": "https://bugzilla.mozilla.org/show_bug.cgi?id=2004418",
"who": "",
"why": "",
"name": "",
"created": ""
},
"enabled": false,
"issuerName": "MIGFMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRlZDErMCkGA1UEAxMiQ09NT0RPIEVDQyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==",
"serialNumber": "d80mOd5SbH9F5w2RaqvnRg==",
"id": "bceaddea-4834-4c20-bc0d-f9ff865df807",
"last_modified": 1765387587290
},
{
"schema": 1764954051131,
"details": {
"bug": "https://bugzilla.mozilla.org/show_bug.cgi?id=2004418",
"who": "",
"why": "",
"name": "",
"created": ""
},
"enabled": false,
"issuerName": "MGMxCzAJBgNVBAYTAkRFMScwJQYDVQQKDB5EZXV0c2NoZSBUZWxla29tIFNlY3VyaXR5IEdtYkgxKzApBgNVBAMMIlRlbGVrb20gU2VjdXJpdHkgVExTIFJTQSBSb290IDIwMjM=",
"serialNumber": "EohvAEWvDUpPBmzprCXgAA==",
"id": "a87e2e5c-8215-43e0-adb1-8a13121ff595",
"last_modified": 1765387587285
},
{
"schema": 1764954050584,
"details": {
"bug": "https://bugzilla.mozilla.org/show_bug.cgi?id=2004418",
"who": "",
"why": "",
"name": "",
"created": ""
},
"enabled": false,
"issuerName": "MGsxCzAJBgNVBAYTAklUMQ4wDAYDVQQHDAVNaWxhbjEjMCEGA1UECgwaQWN0YWxpcyBTLnAuQS4vMDMzNTg1MjA5NjcxJzAlBgNVBAMMHkFjdGFsaXMgQXV0aGVudGljYXRpb24gUm9vdCBDQQ==",
"serialNumber": "SYGm41PP2qU=",
"id": "26ade970-ec10-4be1-b857-ba2e83cd9456",
"last_modified": 1765387587280
},
{
"schema": 1764954050363,
"details": {
"bug": "https://bugzilla.mozilla.org/show_bug.cgi?id=2004418",
"who": "",
"why": "",
"name": "",
"created": ""
},
"enabled": false,
"issuerName": "MIGFMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRlZDErMCkGA1UEAxMiQ09NT0RPIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==",
"serialNumber": "C6LQHcvLd3borGUJesElQQ==",
"id": "53f31f8b-61e9-4a6e-8a53-3a723fe17256",
"last_modified": 1765387587274
},
{
"schema": 1764954050892,
"details": {
"bug": "https://bugzilla.mozilla.org/show_bug.cgi?id=2004418",
"who": "",
"why": "",
"name": "",
"created": ""
},
"enabled": false,
"issuerName": "MGsxCzAJBgNVBAYTAklUMQ4wDAYDVQQHDAVNaWxhbjEjMCEGA1UECgwaQWN0YWxpcyBTLnAuQS4vMDMzNTg1MjA5NjcxJzAlBgNVBAMMHkFjdGFsaXMgQXV0aGVudGljYXRpb24gUm9vdCBDQQ==",
"serialNumber": "ZyDvubBx51s=",
"id": "c9c582ba-71f1-4147-9a1b-95e48cdaaa5a",
"last_modified": 1765387587268
},
{
"schema": 1759112148984,
"details": {
@ -25994,5 +26234,5 @@
"last_modified": 1480349158647
}
],
"timestamp": 1759512219332
"timestamp": 1765387587348
}

4
icecat/sourcestamp.txt
View file

@ -1,2 +1,2 @@
20251201132345
https://hg.mozilla.org/releases/mozilla-esr140/rev/18556c0b079c839f4d15597a57b0f048fdadcedd
20260106170501
https://hg.mozilla.org/releases/mozilla-esr140/rev/82e96a128bf5e3e7dd6e5180c9528f623ba5e0f7

45
icecat/taskcluster/config.yml
View file

@ -643,11 +643,36 @@ taskgraph:
workers:
aliases:
b-linux.*:
b-linux-gcp:
provisioner: '{trust-domain}-{level}'
implementation: docker-worker
os: linux
worker-type: '{alias}'
worker-type: b-linux
b-linux-gcp-aarch64:
provisioner: '{trust-domain}-{level}'
implementation: docker-worker
os: linux
worker-type: b-linux-aarch64
b-linux-kvm-gcp:
provisioner: '{trust-domain}-{level}'
implementation: docker-worker
os: linux
worker-type: b-linux-kvm
b-linux-medium-gcp:
provisioner: '{trust-domain}-{level}'
implementation: docker-worker
os: linux
worker-type: b-linux-medium
b-linux-large-gcp:
provisioner: '{trust-domain}-{level}'
implementation: docker-worker
os: linux
worker-type: b-linux-large
b-linux-xlarge-gcp:
provisioner: '{trust-domain}-{level}'
implementation: docker-worker
os: linux
worker-type: b-linux-xlarge
b-win2012:
provisioner: '{trust-domain}-{level}'
implementation: generic-worker
@ -677,12 +702,12 @@ workers:
provisioner: '{trust-domain}-{level}'
implementation: docker-worker
os: linux
worker-type: '{alias}'
worker-type: images
images-gcp-aarch64:
provisioner: '{trust-domain}-{level}'
implementation: docker-worker
os: linux
worker-type: '{alias}'
worker-type: images-aarch64
addon:
provisioner: scriptworker-k8s
implementation: push-addons
@ -838,16 +863,6 @@ workers:
implementation: docker-worker
os: linux
worker-type: '{alias}'
t-linux(-large|-xlarge|-xlarge-source):
provisioner: '{trust-domain}-t'
implementation: docker-worker
os: linux
worker-type: '{alias}-gcp'
t-linux(-large|-xlarge|-xlarge-source)-noscratch:
provisioner: '{trust-domain}-t'
implementation: docker-worker
os: linux
worker-type: '{alias}-gcp'
t-linux-kvm:
provisioner: '{trust-domain}-t'
implementation: docker-worker
@ -983,7 +998,7 @@ workers:
provisioner: '{trust-domain}-t'
implementation: docker-worker
os: linux
worker-type: misc-gcp
worker-type: misc
mac-signing:

4
icecat/taskcluster/gecko_taskgraph/transforms/fetch.py
View file

@ -202,6 +202,7 @@ def make_task(config, jobs):
# download.
Required("key-path"): str,
},
Optional("headers"): [str],
# The name to give to the generated artifact. Defaults to the file
# portion of the URL. Using a different extension converts the
# archive to the given type. Only conversion to .tar.zst is
@ -265,6 +266,9 @@ def create_fetch_url_task(config, name, fetch):
]
)
for header in fetch.get("headers", []):
command.extend(["--header", header])
command.extend(
[
fetch["url"],

1
icecat/taskcluster/gecko_taskgraph/transforms/test/__init__.py
View file

@ -127,7 +127,6 @@ test_description_schema = Schema(
"large-noscratch",
"xlarge",
"xlarge-noscratch",
"large-dw",
),
),
# type of virtualization or hardware required by test.

3
icecat/taskcluster/gecko_taskgraph/transforms/test/other.py
View file

@ -607,9 +607,6 @@ def enable_code_coverage(config, tasks):
task["instance-size"] = "xlarge-noscratch"
if "jittest" in task["test-name"]:
task["instance-size"] = "xlarge"
elif task["suite"] == "xpcshell" and "linux" in task["build-platform"]:
# TODO figure out OOM/timeout issues on d2g (bug 1962414)
task["instance-size"] = "large-dw"
# Temporarily disable Mac tests on mozilla-central
if "mac" in task["build-platform"]:

1
icecat/taskcluster/gecko_taskgraph/transforms/test/worker.py
View file

@ -10,7 +10,6 @@ LINUX_WORKER_TYPES = {
"large-noscratch": "t-linux-docker-noscratch",
"xlarge": "t-linux-docker",
"xlarge-noscratch": "t-linux-docker-noscratch",
"large-dw": "t-linux-large-noscratch",
"default": "t-linux-docker-noscratch",
}

20
icecat/taskcluster/gecko_taskgraph/util/chunking.py
View file

@ -172,24 +172,20 @@ def chunk_manifests(suite, platform, chunks, manifests):
A list of length `chunks` where each item contains a list of manifests
that run in that chunk.
"""
ini_manifests = set([x.replace(".toml", ".ini") for x in manifests])
if "web-platform-tests" not in suite and "marionette" not in suite:
if "web-platform-tests" not in suite:
ini_manifests = {x.replace(".toml", ".ini"): x for x in manifests}
runtimes = {
k: v for k, v in get_runtimes(platform, suite).items() if k in ini_manifests
}
retVal = []
for c in chunk_by_runtime(None, chunks, runtimes).get_chunked_manifests(
ini_manifests
):
retVal.append(
[m if m in manifests else m.replace(".ini", ".toml") for m in c[1]]
)
# Keep track of test paths for each chunk, and the runtime information.
chunked_manifests = [[] for _ in range(chunks)]
cbr = chunk_by_runtime(None, chunks, runtimes)
return [
[ini_manifests.get(m, m) for m in c]
for _, c in cbr.get_chunked_manifests(manifests)
]
# Spread out the test manifests evenly across all chunks.
chunked_manifests = [[] for _ in range(chunks)]
for index, key in enumerate(sorted(manifests)):
chunked_manifests[index % chunks].append(key)

8
icecat/taskcluster/kinds/fetch/toolchains.yml
View file

@ -137,11 +137,11 @@ mpfr-3.1.4:
description: mpfr 3.1.4 source code
fetch:
type: static-url
url: http://www.mpfr.org/mpfr-3.1.4/mpfr-3.1.4.tar.bz2
url: https://ftpmirror.gnu.org/gnu/mpfr/mpfr-3.1.4.tar.bz2
sha256: d3103a80cdad2407ed581f3618c4bed04e0c92d1cf771a65ead662cc397f7775
size: 1279284
gpg-signature:
sig-url: "{url}.asc"
sig-url: "{url}.sig"
key-path: build/unix/build-gcc/07F3DBBECC1A39605078094D980C197698C3739D.key
artifact-name: mpfr-source.tar.zst
strip-components: 1
@ -276,6 +276,8 @@ hfsplus-tools:
url: https://src.fedoraproject.org/repo/pkgs/hfsplus-tools/diskdev_cmds-540.1.linux3.tar.gz/0435afc389b919027b69616ad1b05709/diskdev_cmds-540.1.linux3.tar.gz
sha256: b01b203a97f9a3bf36a027c13ddfc59292730552e62722d690d33bd5c24f5497
size: 411205
headers:
- "Accept: application/octet-stream"
xar:
description: xar source code
@ -756,7 +758,7 @@ mozilla-pdf.js:
fetch:
type: git
repo: https://github.com/mozilla/pdf.js
revision: 81cf42df470f85eb60150bdffca380e3eee79c08
revision: 2ac8185956b0e222cbb798a9d455e82bca954462
xmlstarlet-1.6.1:
description: xmlstarlet for Android Performance Tests

3
icecat/taskcluster/kinds/source-test/mozlint-android.yml
View file

@ -107,7 +107,6 @@ lints:
- 'tools/lint/**'
fenix:
worker-type: t-linux-xlarge-source
treeherder:
symbol: A(fenix-lints)
run:
@ -135,7 +134,6 @@ fenix:
- 'tools/lint/**'
focus:
worker-type: t-linux-xlarge-source
treeherder:
symbol: A(focus-lints)
run:
@ -163,7 +161,6 @@ focus:
- 'tools/lint/**'
android-components:
worker-type: t-linux-xlarge-source
treeherder:
symbol: A(ac-lints)
run:

2
icecat/taskcluster/kinds/update/kind.yml
View file

@ -53,7 +53,7 @@ tasks:
./mach update-test
linux64-icecat:
worker-type: t-linux-xlarge-source
worker-type: t-linux-docker
worker:
docker-image: {in-tree: ubuntu2404-test}
description: Test updates on Linux

Some files were not shown because too many files have changed in this diff Show more