diff options
668 files changed, 20664 insertions, 17258 deletions
@@ -3,8 +3,10 @@ codebase which lives in this repository. If you make a contribution here, you may add your name and, optionally, email address in the appropriate place. -For a full list of the people who are credited with making a -contribution to Mozilla, see http://www.mozilla.org/credits/ . +For a more comprehensive list of the people who are credited with +making a contribution to this project and its Mozilla roots, see +http://www.palemoon.org/Contributors.shtml + <1010mozilla@Ostermiller.com> Aaron Boodman <aa@google.com> @@ -650,6 +652,7 @@ Mark Mentovai <mark@moxienet.com> Mark Pilgrim <pilgrim@gmail.com> Mark Smith <mcs@pearlcrescent.com> Mark Steele <mwsteele@gmail.com> +Mark Straver <moonchild@palemoon.org> Markus G. Kuhn <mkuhn@acm.org> Markus Stange <mstange@themasta.com> Martijn Pieters <mj@digicool.com> @@ -22,4 +22,4 @@ # changes to stick? As of bug 928195, this shouldn't be necessary! Please # don't change CLOBBER for WebIDL changes any more. -Clobber for updating NSPR+NSS +Clobber required for updating NSS to 3.38 (poly1305 symbol changes) @@ -18,6 +18,9 @@ Additional documentation relevant to this source code can be found in the `/docs directory. This will contain relevant documentation regarding contributing, using and distributing this code and its binaries. +If you are interested in the development and building side of things, some +information will be available on the [Pale Moon developer wiki](http://developer.palemoon.org). + ### A note about trademarks and branding Although this repository is licensed under Mozilla Public License v2.0, the diff --git a/accessible/base/NotificationController.cpp b/accessible/base/NotificationController.cpp index 73d3646417..3545ce6c17 100644 --- a/accessible/base/NotificationController.cpp +++ b/accessible/base/NotificationController.cpp @@ -591,7 +591,6 @@ void NotificationController::WillRefresh(mozilla::TimeStamp aTime) { PROFILER_LABEL_FUNC(js::ProfileEntry::Category::OTHER); - Telemetry::AutoTimer<Telemetry::A11Y_UPDATE_TIME> updateTimer; // If the document accessible that notification collector was created for is // now shut down, don't process notifications anymore. diff --git a/accessible/base/Statistics.h b/accessible/base/Statistics.h index c9f1832b23..f5a9a85b8e 100644 --- a/accessible/base/Statistics.h +++ b/accessible/base/Statistics.h @@ -14,22 +14,22 @@ namespace a11y { namespace statistics { inline void A11yInitialized() - { Telemetry::Accumulate(Telemetry::A11Y_INSTANTIATED_FLAG, true); } + { /* STUB */ } inline void A11yConsumers(uint32_t aConsumer) - { Telemetry::Accumulate(Telemetry::A11Y_CONSUMERS, aConsumer); } + { /* STUB */ } /** * Report that ISimpleDOM* has been used. */ inline void ISimpleDOMUsed() - { Telemetry::Accumulate(Telemetry::A11Y_ISIMPLEDOM_USAGE_FLAG, true); } + { /* STUB */ } /** * Report that IAccessibleTable has been used. */ inline void IAccessibleTableUsed() - { Telemetry::Accumulate(Telemetry::A11Y_IATABLE_USAGE_FLAG, true); } + { /* STUB */ } } // namespace statistics } // namespace a11y diff --git a/application/basilisk/app/macbuild/Contents/Info.plist.in b/application/basilisk/app/macbuild/Contents/Info.plist.in index d6902fffde..3f93806067 100644 --- a/application/basilisk/app/macbuild/Contents/Info.plist.in +++ b/application/basilisk/app/macbuild/Contents/Info.plist.in @@ -143,7 +143,7 @@ </dict> </array> <key>CFBundleExecutable</key> - <string>firefox</string> + <string>basilisk</string> <key>CFBundleGetInfoString</key> <string>%MAC_APP_NAME% %APP_VERSION%</string> <key>CFBundleIconFile</key> @@ -213,7 +213,7 @@ <key>LSFileQuarantineEnabled</key> <true/> <key>LSMinimumSystemVersion</key> - <string>10.9.0</string> + <string>10.7.0</string> <key>NSSupportsAutomaticGraphicsSwitching</key> <true/> <key>NSPrincipalClass</key> diff --git a/application/basilisk/app/profile/basilisk.js b/application/basilisk/app/profile/basilisk.js index 2df95a97fb..fd81e82041 100644 --- a/application/basilisk/app/profile/basilisk.js +++ b/application/basilisk/app/profile/basilisk.js @@ -543,9 +543,10 @@ pref("browser.gesture.tap", "cmd_fullZoomReset"); pref("browser.snapshots.limit", 0); // 0: Nothing happens -// 1: Scrolling contents +// 1: Scroll contents // 2: Go back or go forward, in your history -// 3: Zoom in or out. +// 3: Zoom in or out +// 4: Scroll contents with X and Y swapped #ifdef XP_MACOSX // On OS X, if the wheel has one axis only, shift+wheel comes through as a // horizontal scroll event. Thus, we can't assign anything other than normal diff --git a/application/basilisk/base/content/aboutNetError.xhtml b/application/basilisk/base/content/aboutNetError.xhtml index 609725c9ea..3296600c8a 100644 --- a/application/basilisk/base/content/aboutNetError.xhtml +++ b/application/basilisk/base/content/aboutNetError.xhtml @@ -123,13 +123,6 @@ document.getElementById("advancedButton") .addEventListener("click", function togglePanelVisibility() { toggleDisplay(panel); - if (gIsCertError) { - // Toggling the advanced panel must ensure that the debugging - // information panel is hidden as well, since it's opened by the - // error code link in the advanced panel. - var div = document.getElementById("certificateErrorDebugInformation"); - div.style.display = "none"; - } if (panel.style.display == "block") { // send event to trigger telemetry ping @@ -149,11 +142,6 @@ if (getCSSClass() == "expertBadCert") { toggleDisplay(document.getElementById("badCertAdvancedPanel")); - // Toggling the advanced panel must ensure that the debugging - // information panel is hidden as well, since it's opened by the - // error code link in the advanced panel. - var div = document.getElementById("certificateErrorDebugInformation"); - div.style.display = "none"; } disallowCertOverridesIfNeeded(); @@ -224,9 +212,6 @@ } if (err == "sslv3Used") { - document.getElementById("learnMoreContainer").style.display = "block"; - var learnMoreLink = document.getElementById("learnMoreLink"); - learnMoreLink.href = "https://support.mozilla.org/kb/how-resolve-sslv3-error-messages-firefox"; document.body.className = "certerror"; } @@ -270,17 +255,6 @@ window.addEventListener("AboutNetErrorOptions", function(evt) { // Pinning errors are of type nssFailure2 if (getErrorCode() == "nssFailure2" || getErrorCode() == "weakCryptoUsed") { - document.getElementById("learnMoreContainer").style.display = "block"; - var learnMoreLink = document.getElementById("learnMoreLink"); - // nssFailure2 also gets us other non-overrideable errors. Choose - // a "learn more" link based on description: - if (getDescription().includes("mozilla_pkix_error_key_pinning_failure")) { - learnMoreLink.href = "https://support.mozilla.org/kb/certificate-pinning-reports"; - } - if (getErrorCode() == "weakCryptoUsed") { - learnMoreLink.href = "https://support.mozilla.org/kb/how-resolve-weak-crypto-error-messages-firefox"; - } - const hasPrefStyleError = [ "interrupted", // This happens with subresources that are above the max tls "SSL_ERROR_PROTOCOL_VERSION_ALERT", @@ -312,7 +286,7 @@ } } - addDomainErrorLinks(); + addDomainErrorLink(); } function initPageCaptivePortal() @@ -329,7 +303,7 @@ addAutofocus("openPortalLoginPageButton"); setupAdvancedButton(true); - addDomainErrorLinks(); + addDomainErrorLink(); // When the portal is freed, an event is generated by the frame script // that we can pick up and attempt to reload the original page. @@ -348,12 +322,10 @@ addAutofocus("returnButton"); setupAdvancedButton(true); - document.getElementById("learnMoreContainer").style.display = "block"; - let event = new CustomEvent("AboutNetErrorLoad", {bubbles:true}); document.getElementById("advancedButton").dispatchEvent(event); - addDomainErrorLinks(); + addDomainErrorLink(); } /* Only do autofocus if we're the toplevel frame; otherwise we @@ -372,16 +344,13 @@ } } - /* Try to preserve the links contained in the error description, like - the error code. - - Also, in the case of SSL error pages about domain mismatch, see if + /* In the case of SSL error pages about domain mismatch, see if we can hyperlink the user to the correct site. We don't want to do this generically since it allows MitM attacks to redirect users to a site under attacker control, but in certain cases it is safe (and helpful!) to do so. Bug 402210 */ - function addDomainErrorLinks() { + function addDomainErrorLink() { // Rather than textContent, we need to treat description as HTML var sdid = gIsCertError ? "badCertTechnicalInfo" : "errorShortDescText"; var sd = document.getElementById(sdid); @@ -390,50 +359,28 @@ // sanitize description text - see bug 441169 - // First, find the index of the <a> tags we care about, being + // First, find the index of the <a> tag we care about, being // careful not to use an over-greedy regex. - var codeRe = /<a id="errorCode" title="([^"]+)">/; - var codeResult = codeRe.exec(desc); - var domainRe = /<a id="cert_domain_link" title="([^"]+)">/; - var domainResult = domainRe.exec(desc); - - // The order of these links in the description is fixed in - // TransportSecurityInfo.cpp:formatOverridableCertErrorMessage. - var firstResult = domainResult; - if (!domainResult) - firstResult = codeResult; - if (!firstResult) + var re = /<a id="cert_domain_link" title="([^"]+)">/; + var result = domainRe.exec(desc); + + if (!result) return; // Remove sd's existing children sd.textContent = ""; - // Everything up to the first link should be text content. - sd.appendChild(document.createTextNode(desc.slice(0, firstResult.index))); + // Everything up to the link should be text content. + sd.appendChild(document.createTextNode(desc.slice(0, result.index))); - // Now create the actual links. - if (domainResult) { - createLink(sd, "cert_domain_link", domainResult[1]) - // Append text for anything between the two links. - sd.appendChild(document.createTextNode(desc.slice(desc.indexOf("</a>") + "</a>".length, codeResult.index))); - } - createLink(sd, "errorCode", codeResult[1]) + // Now create the link itself. + var anchorEl = document.createElement("a"); + anchorEl.setAttribute("id", "cert_domain_link"); + anchorEl.setAttribute("title", result[1]); + anchorEl.appendChild(document.createTextNode(result[1])); + sd.appendChild(anchorEl); - // Finally, append text for anything after the last closing </a>. - sd.appendChild(document.createTextNode(desc.slice(desc.lastIndexOf("</a>") + "</a>".length))); - } - - if (gIsCertError) { - // Initialize the error code link embedded in the error message to - // display debug information about the cert error. - var errorCode = document.getElementById("errorCode"); - if (errorCode) { - errorCode.href = "javascript:void(0)"; - errorCode.addEventListener("click", () => { - let debugInfo = document.getElementById("certificateErrorDebugInformation"); - debugInfo.style.display = "block"; - debugInfo.scrollIntoView({block: "start", behavior: "smooth"}); - }, false); - } + // Finally, append text for anything after the closing </a>. + sd.appendChild(document.createTextNode(desc.slice(desc.indexOf("</a>") + "</a>".length))); } // Initialize the cert domain link. @@ -479,23 +426,8 @@ if (link.href && getCSSClass() != "expertBadCert") { var panelId = gIsCertError ? "badCertAdvancedPanel" : "weakCryptoAdvancedPanel" toggleDisplay(document.getElementById(panelId)); - if (gIsCertError) { - // Toggling the advanced panel must ensure that the debugging - // information panel is hidden as well, since it's opened by the - // error code link in the advanced panel. - var div = document.getElementById("certificateErrorDebugInformation"); - div.style.display = "none"; - } } } - - function createLink(el, id, text) { - var anchorEl = document.createElement("a"); - anchorEl.setAttribute("id", id); - anchorEl.setAttribute("title", text); - anchorEl.appendChild(document.createTextNode(text)); - el.appendChild(anchorEl); - } ]]></script> </head> @@ -628,12 +560,6 @@ </div> - <div id="certificateErrorDebugInformation"> - <button id="copyToClipboard">&certerror.copyToClipboard.label;</button> - <div id="certificateErrorText"/> - <button id="copyToClipboard">&certerror.copyToClipboard.label;</button> - </div> - <!-- - Note: It is important to run the script this way, instead of using - an onload handler. This is because error pages are loaded as diff --git a/application/basilisk/base/content/browser-fullScreenAndPointerLock.js b/application/basilisk/base/content/browser-fullScreenAndPointerLock.js index dbc9478c1f..ebe55377fc 100644 --- a/application/basilisk/base/content/browser-fullScreenAndPointerLock.js +++ b/application/basilisk/base/content/browser-fullScreenAndPointerLock.js @@ -379,12 +379,10 @@ var FullScreen = { let topWin = event.target.ownerGlobal.top; browser = gBrowser.getBrowserForContentWindow(topWin); } - TelemetryStopwatch.start("FULLSCREEN_CHANGE_MS"); this.enterDomFullscreen(browser); break; } case "MozDOMFullscreen:Exited": - TelemetryStopwatch.start("FULLSCREEN_CHANGE_MS"); this.cleanupDomFullscreen(); break; } @@ -410,7 +408,6 @@ var FullScreen = { } case "DOMFullscreen:Painted": { Services.obs.notifyObservers(window, "fullscreen-painted", ""); - TelemetryStopwatch.finish("FULLSCREEN_CHANGE_MS"); break; } } diff --git a/application/basilisk/base/content/browser-fxaccounts.js b/application/basilisk/base/content/browser-fxaccounts.js index 0bbce3e26d..94a591f1e5 100644 --- a/application/basilisk/base/content/browser-fxaccounts.js +++ b/application/basilisk/base/content/browser-fxaccounts.js @@ -4,8 +4,6 @@ var gFxAccounts = { - SYNC_MIGRATION_NOTIFICATION_TITLE: "fxa-migration", - _initialized: false, _inCustomizationMode: false, _cachedProfile: null, @@ -26,7 +24,6 @@ var gFxAccounts = { "weave:service:setup-complete", "weave:service:sync:error", "weave:ui:login:error", - "fxa-migration:state-changed", this.FxAccountsCommon.ONLOGIN_NOTIFICATION, this.FxAccountsCommon.ONLOGOUT_NOTIFICATION, this.FxAccountsCommon.ON_PROFILE_CHANGE_NOTIFICATION, @@ -122,9 +119,6 @@ var gFxAccounts = { observe: function (subject, topic, data) { switch (topic) { - case "fxa-migration:state-changed": - this.onMigrationStateChanged(data, subject); - break; case this.FxAccountsCommon.ON_PROFILE_CHANGE_NOTIFICATION: this._cachedProfile = null; // Fallthrough intended @@ -134,48 +128,6 @@ var gFxAccounts = { } }, - onMigrationStateChanged: function () { - // Since we nuked most of the migration code, this notification will fire - // once after legacy Sync has been disconnected (and should never fire - // again) - let nb = window.document.getElementById("global-notificationbox"); - - let msg = this.strings.GetStringFromName("autoDisconnectDescription") - let signInLabel = this.strings.GetStringFromName("autoDisconnectSignIn.label"); - let signInAccessKey = this.strings.GetStringFromName("autoDisconnectSignIn.accessKey"); - let learnMoreLink = this.fxaMigrator.learnMoreLink; - - let buttons = [ - { - label: signInLabel, - accessKey: signInAccessKey, - callback: () => { - this.openPreferences(); - } - } - ]; - - let fragment = document.createDocumentFragment(); - let msgNode = document.createTextNode(msg); - fragment.appendChild(msgNode); - if (learnMoreLink) { - let link = document.createElement("label"); - link.className = "text-link"; - link.setAttribute("value", learnMoreLink.text); - link.href = learnMoreLink.href; - fragment.appendChild(link); - } - - nb.appendNotification(fragment, - this.SYNC_MIGRATION_NOTIFICATION_TITLE, - undefined, - nb.PRIORITY_WARNING_LOW, - buttons); - - // ensure the hamburger menu reflects the newly disconnected state. - this.updateAppMenuItem(); - }, - handleEvent: function (event) { this._inCustomizationMode = event.type == "customizationstarting"; this.updateAppMenuItem(); diff --git a/application/basilisk/base/content/browser-gestureSupport.js b/application/basilisk/base/content/browser-gestureSupport.js index f472e5c9a2..6c21a6ad59 100644 --- a/application/basilisk/base/content/browser-gestureSupport.js +++ b/application/basilisk/base/content/browser-gestureSupport.js @@ -1001,13 +1001,10 @@ var gHistorySwipeAnimation = { ctx.DRAWWINDOW_ASYNC_DECODE_IMAGES | ctx.DRAWWINDOW_USE_WIDGET_LAYERS); - TelemetryStopwatch.start("FX_GESTURE_INSTALL_SNAPSHOT_OF_PAGE"); try { this._installCurrentPageSnapshot(canvas); this._assignSnapshotToCurrentBrowser(canvas); - } finally { - TelemetryStopwatch.finish("FX_GESTURE_INSTALL_SNAPSHOT_OF_PAGE"); - } + } catch (e) {} }, /** @@ -1058,7 +1055,6 @@ var gHistorySwipeAnimation = { return; } - TelemetryStopwatch.start("FX_GESTURE_COMPRESS_SNAPSHOT_OF_PAGE"); try { let browser = gBrowser.selectedBrowser; let snapshots = browser.snapshots; @@ -1072,9 +1068,7 @@ var gHistorySwipeAnimation = { } }, "image/png" ); - } finally { - TelemetryStopwatch.finish("FX_GESTURE_COMPRESS_SNAPSHOT_OF_PAGE"); - } + } catch (e) {} }, /** diff --git a/application/basilisk/base/content/browser.js b/application/basilisk/base/content/browser.js index 9ec7715fae..4f4ebb08f0 100644 --- a/application/basilisk/base/content/browser.js +++ b/application/basilisk/base/content/browser.js @@ -45,7 +45,6 @@ Cu.import("resource://gre/modules/NotificationDB.jsm"); ["SitePermissions", "resource:///modules/SitePermissions.jsm"], ["TabCrashHandler", "resource:///modules/ContentCrashHandlers.jsm"], ["Task", "resource://gre/modules/Task.jsm"], - ["TelemetryStopwatch", "resource://gre/modules/TelemetryStopwatch.jsm"], ["Translation", "resource:///modules/translation/Translation.jsm"], ["UpdateUtils", "resource://gre/modules/UpdateUtils.jsm"], ["Weave", "resource://services-sync/main.js"], @@ -2888,24 +2887,7 @@ var BrowserOnClick = { secHistogram.add(Ci.nsISecurityUITelemetry.WARNING_BAD_CERT_TOP_UNDERSTAND_RISKS); } - securityInfo = getSecurityInfo(securityInfoAsString); - let errorInfo = getDetailedCertErrorInfo(location, - securityInfo); - browser.messageManager.sendAsyncMessage( "CertErrorDetails", { - code: securityInfo.errorCode, - info: errorInfo - }); - break; - - case "copyToClipboard": - const gClipboardHelper = Cc["@mozilla.org/widget/clipboardhelper;1"] - .getService(Ci.nsIClipboardHelper); - securityInfo = getSecurityInfo(securityInfoAsString); - let detailedInfo = getDetailedCertErrorInfo(location, - securityInfo); - gClipboardHelper.copyString(detailedInfo); break; - } }, @@ -3145,81 +3127,6 @@ function getSecurityInfo(securityInfoAsString) { return securityInfo; } -/** - * Returns a string with detailed information about the certificate validation - * failure from the specified URI that can be used to send a report. - */ -function getDetailedCertErrorInfo(location, securityInfo) { - if (!securityInfo) - return ""; - - let certErrorDetails = location; - let code = securityInfo.errorCode; - let errors = Cc["@mozilla.org/nss_errors_service;1"] - .getService(Ci.nsINSSErrorsService); - - certErrorDetails += "\r\n\r\n" + errors.getErrorMessage(errors.getXPCOMFromNSSError(code)); - - const sss = Cc["@mozilla.org/ssservice;1"] - .getService(Ci.nsISiteSecurityService); - // SiteSecurityService uses different storage if the channel is - // private. Thus we must give isSecureHost correct flags or we - // might get incorrect results. - let flags = PrivateBrowsingUtils.isWindowPrivate(window) ? - Ci.nsISocketProvider.NO_PERMANENT_STORAGE : 0; - - let uri = Services.io.newURI(location, null, null); - - let hasHSTS = sss.isSecureHost(sss.HEADER_HSTS, uri.host, flags); - let hasHPKP = sss.isSecureHost(sss.HEADER_HPKP, uri.host, flags); - certErrorDetails += "\r\n\r\n" + - gNavigatorBundle.getFormattedString("certErrorDetailsHSTS.label", - [hasHSTS]); - certErrorDetails += "\r\n" + - gNavigatorBundle.getFormattedString("certErrorDetailsKeyPinning.label", - [hasHPKP]); - - let certChain = ""; - if (securityInfo.failedCertChain) { - let certs = securityInfo.failedCertChain.getEnumerator(); - while (certs.hasMoreElements()) { - let cert = certs.getNext(); - cert.QueryInterface(Ci.nsIX509Cert); - certChain += getPEMString(cert); - } - } - - certErrorDetails += "\r\n\r\n" + - gNavigatorBundle.getString("certErrorDetailsCertChain.label") + - "\r\n\r\n" + certChain; - - return certErrorDetails; -} - -// TODO: can we pull getDERString and getPEMString in from pippki.js instead of -// duplicating them here? -function getDERString(cert) -{ - var length = {}; - var derArray = cert.getRawDER(length); - var derString = ''; - for (var i = 0; i < derArray.length; i++) { - derString += String.fromCharCode(derArray[i]); - } - return derString; -} - -function getPEMString(cert) -{ - var derb64 = btoa(getDERString(cert)); - // Wrap the Base64 string into lines of 64 characters, - // with CRLF line breaks (as specified in RFC 1421). - var wrapped = derb64.replace(/(\S{64}(?!$))/g, "$1\r\n"); - return "-----BEGIN CERTIFICATE-----\r\n" - + wrapped - + "\r\n-----END CERTIFICATE-----\r\n"; -} - var PrintPreviewListener = { _printPreviewTab: null, _tabBeforePrintPreview: null, @@ -3910,8 +3817,6 @@ function toOpenWindowByType(inType, uri, features) function OpenBrowserWindow(options) { - var telemetryObj = {}; - TelemetryStopwatch.start("FX_NEW_WINDOW_MS", telemetryObj); function newDocumentShown(doc, topic, data) { if (topic == "document-shown" && @@ -3919,7 +3824,6 @@ function OpenBrowserWindow(options) doc.defaultView == win) { Services.obs.removeObserver(newDocumentShown, "document-shown"); Services.obs.removeObserver(windowClosed, "domwindowclosed"); - TelemetryStopwatch.finish("FX_NEW_WINDOW_MS", telemetryObj); } } @@ -4715,25 +4619,6 @@ var TabsProgressListener = { _startedLoadTimer: new WeakSet(), onStateChange: function (aBrowser, aWebProgress, aRequest, aStateFlags, aStatus) { - // Collect telemetry data about tab load times. - if (aWebProgress.isTopLevel && (!aRequest.originalURI || aRequest.originalURI.spec.scheme != "about")) { - if (aStateFlags & Ci.nsIWebProgressListener.STATE_IS_WINDOW) { - if (aStateFlags & Ci.nsIWebProgressListener.STATE_START) { - this._startedLoadTimer.add(aBrowser); - TelemetryStopwatch.start("FX_PAGE_LOAD_MS", aBrowser); - Services.telemetry.getHistogramById("FX_TOTAL_TOP_VISITS").add(true); - } else if (aStateFlags & Ci.nsIWebProgressListener.STATE_STOP && - this._startedLoadTimer.has(aBrowser)) { - this._startedLoadTimer.delete(aBrowser); - TelemetryStopwatch.finish("FX_PAGE_LOAD_MS", aBrowser); - } - } else if (aStateFlags & Ci.nsIWebProgressListener.STATE_STOP && - aStatus == Cr.NS_BINDING_ABORTED && - this._startedLoadTimer.has(aBrowser)) { - this._startedLoadTimer.delete(aBrowser); - TelemetryStopwatch.cancel("FX_PAGE_LOAD_MS", aBrowser); - } - } // We used to listen for clicks in the browser here, but when that // became unnecessary, removing the code below caused focus issues. diff --git a/application/basilisk/base/content/browser.xul b/application/basilisk/base/content/browser.xul index 982edfcd99..74a90f5e0d 100644 --- a/application/basilisk/base/content/browser.xul +++ b/application/basilisk/base/content/browser.xul @@ -521,8 +521,7 @@ tabbrowser="content" flex="1" setfocus="false" - tooltip="tabbrowser-tab-tooltip" - stopwatchid="FX_TAB_CLICK_MS"> + tooltip="tabbrowser-tab-tooltip"> <tab class="tabbrowser-tab" selected="true" visuallyselected="true" fadein="true"/> </tabs> diff --git a/application/basilisk/base/content/content.js b/application/basilisk/base/content/content.js index 88e58b5015..5accbdf7b7 100644 --- a/application/basilisk/base/content/content.js +++ b/application/basilisk/base/content/content.js @@ -298,12 +298,10 @@ var AboutNetAndCertErrorListener = { onCertErrorDetails(msg) { let div = content.document.getElementById("certificateErrorText"); div.textContent = msg.data.info; - let learnMoreLink = content.document.getElementById("learnMoreLink"); let baseURL = Services.urlFormatter.formatURLPref("app.support.baseURL"); switch (msg.data.code) { case SEC_ERROR_UNKNOWN_ISSUER: - learnMoreLink.href = baseURL + "security-error"; break; // in case the certificate expired we make sure the system clock @@ -336,7 +334,6 @@ var AboutNetAndCertErrorListener = { content.document.getElementById("wrongSystemTimePanel") .style.display = "block"; } - learnMoreLink.href = baseURL + "time-errors"; break; } }, diff --git a/application/basilisk/base/content/sanitize.js b/application/basilisk/base/content/sanitize.js index 8413765806..0a00defa4c 100644 --- a/application/basilisk/base/content/sanitize.js +++ b/application/basilisk/base/content/sanitize.js @@ -19,8 +19,6 @@ XPCOMUtils.defineLazyModuleGetter(this, "Task", "resource://gre/modules/Task.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "DownloadsCommon", "resource:///modules/DownloadsCommon.jsm"); -XPCOMUtils.defineLazyModuleGetter(this, "TelemetryStopwatch", - "resource://gre/modules/TelemetryStopwatch.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "console", "resource://gre/modules/Console.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "Preferences", @@ -154,8 +152,6 @@ Sanitizer.prototype = { // we catch and store them, but continue to sanitize as much as possible. // Callers should check returned errors and give user feedback // about items that could not be sanitized - let refObj = {}; - TelemetryStopwatch.start("FX_SANITIZE_TOTAL", refObj); let annotateError = (name, ex) => { progress[name] = "failed"; @@ -188,7 +184,7 @@ Sanitizer.prototype = { } // Sanitization is complete. - TelemetryStopwatch.finish("FX_SANITIZE_TOTAL", refObj); + // Reset the inProgress preference since we were not killed during // sanitization. Preferences.reset(Sanitizer.PREF_SANITIZE_IN_PROGRESS); @@ -210,8 +206,6 @@ Sanitizer.prototype = { cache: { clear: Task.async(function* (range) { let seenException; - let refObj = {}; - TelemetryStopwatch.start("FX_SANITIZE_CACHE", refObj); try { // Cache doesn't consult timespan, nor does it have the @@ -232,7 +226,6 @@ Sanitizer.prototype = { seenException = ex; } - TelemetryStopwatch.finish("FX_SANITIZE_CACHE", refObj); if (seenException) { throw seenException; } @@ -243,10 +236,8 @@ Sanitizer.prototype = { clear: Task.async(function* (range) { let seenException; let yieldCounter = 0; - let refObj = {}; // Clear cookies. - TelemetryStopwatch.start("FX_SANITIZE_COOKIES_2", refObj); try { let cookieMgr = Components.classes["@mozilla.org/cookiemanager;1"] .getService(Ci.nsICookieManager); @@ -274,8 +265,6 @@ Sanitizer.prototype = { } } catch (ex) { seenException = ex; - } finally { - TelemetryStopwatch.finish("FX_SANITIZE_COOKIES_2", refObj); } // Clear deviceIds. Done asynchronously (returns before complete). @@ -332,13 +321,6 @@ Sanitizer.prototype = { if (!range || age >= 0) { let tags = ph.getPluginTags(); for (let tag of tags) { - let refObj = {}; - let probe = ""; - if (/\bFlash\b/.test(tag.name)) { - probe = tag.loaded ? "FX_SANITIZE_LOADED_FLASH" - : "FX_SANITIZE_UNLOADED_FLASH"; - TelemetryStopwatch.start(probe, refObj); - } try { let rv = yield new Promise(resolve => ph.clearSiteData(tag, null, FLAG_CLEAR_ALL, age, resolve) @@ -349,14 +331,8 @@ Sanitizer.prototype = { ph.clearSiteData(tag, null, FLAG_CLEAR_ALL, -1, resolve) ); } - if (probe) { - TelemetryStopwatch.finish(probe, refObj); - } } catch (ex) { // Ignore errors from plug-ins - if (probe) { - TelemetryStopwatch.cancel(probe, refObj); - } } } } @@ -413,8 +389,6 @@ Sanitizer.prototype = { history: { clear: Task.async(function* (range) { let seenException; - let refObj = {}; - TelemetryStopwatch.start("FX_SANITIZE_HISTORY", refObj); try { if (range) { yield PlacesUtils.history.removeVisitsByFilter({ @@ -427,8 +401,6 @@ Sanitizer.prototype = { } } catch (ex) { seenException = ex; - } finally { - TelemetryStopwatch.finish("FX_SANITIZE_HISTORY", refObj); } try { @@ -455,8 +427,6 @@ Sanitizer.prototype = { formdata: { clear: Task.async(function* (range) { let seenException; - let refObj = {}; - TelemetryStopwatch.start("FX_SANITIZE_FORMDATA", refObj); try { // Clear undo history of all searchBars let windows = Services.wm.getEnumerator("navigator:browser"); @@ -504,7 +474,6 @@ Sanitizer.prototype = { seenException = ex; } - TelemetryStopwatch.finish("FX_SANITIZE_FORMDATA", refObj); if (seenException) { throw seenException; } @@ -513,8 +482,6 @@ Sanitizer.prototype = { downloads: { clear: Task.async(function* (range) { - let refObj = {}; - TelemetryStopwatch.start("FX_SANITIZE_DOWNLOADS", refObj); try { let filterByTime = null; if (range) { @@ -528,16 +495,13 @@ Sanitizer.prototype = { // Clear all completed/cancelled downloads let list = yield Downloads.getList(Downloads.ALL); list.removeFinished(filterByTime); - } finally { - TelemetryStopwatch.finish("FX_SANITIZE_DOWNLOADS", refObj); - } + } catch (ex) { + } }) }, sessions: { clear: Task.async(function* (range) { - let refObj = {}; - TelemetryStopwatch.start("FX_SANITIZE_SESSIONS", refObj); try { // clear all auth tokens @@ -547,17 +511,14 @@ Sanitizer.prototype = { // clear FTP and plain HTTP auth sessions Services.obs.notifyObservers(null, "net:clear-active-logins", null); - } finally { - TelemetryStopwatch.finish("FX_SANITIZE_SESSIONS", refObj); - } + } catch (ex) { + } }) }, siteSettings: { clear: Task.async(function* (range) { let seenException; - let refObj = {}; - TelemetryStopwatch.start("FX_SANITIZE_SITESETTINGS", refObj); let startDateMS = range ? range[0] / 1000 : null; @@ -615,7 +576,6 @@ Sanitizer.prototype = { seenException = ex; } - TelemetryStopwatch.finish("FX_SANITIZE_SITESETTINGS", refObj); if (seenException) { throw seenException; } @@ -672,9 +632,6 @@ Sanitizer.prototype = { // If/once we get here, we should actually be able to close all windows. - let refObj = {}; - TelemetryStopwatch.start("FX_SANITIZE_OPENWINDOWS", refObj); - // First create a new window. We do this first so that on non-mac, we don't // accidentally close the app by closing all the windows. let handler = Cc["@mozilla.org/browser/clh;1"].getService(Ci.nsIBrowserHandler); @@ -719,7 +676,6 @@ Sanitizer.prototype = { newWindowOpened = true; // If we're the last thing to happen, invoke callback. if (numWindowsClosing == 0) { - TelemetryStopwatch.finish("FX_SANITIZE_OPENWINDOWS", refObj); resolve(); } } @@ -731,7 +687,6 @@ Sanitizer.prototype = { Services.obs.removeObserver(onWindowClosed, "xul-window-destroyed"); // If we're the last thing to happen, invoke callback. if (newWindowOpened) { - TelemetryStopwatch.finish("FX_SANITIZE_OPENWINDOWS", refObj); resolve(); } } diff --git a/application/basilisk/base/content/tabbrowser.xml b/application/basilisk/base/content/tabbrowser.xml index f8dbcf364d..76ea5d167d 100644 --- a/application/basilisk/base/content/tabbrowser.xml +++ b/application/basilisk/base/content/tabbrowser.xml @@ -1042,11 +1042,6 @@ </body> </method> - <!-- Holds a unique ID for the tab change that's currently being timed. - Used to make sure that multiple, rapid tab switches do not try to - create overlapping timers. --> - <field name="_tabSwitchID">null</field> - <method name="updateCurrentBrowser"> <parameter name="aForceUpdate"/> <body> @@ -1055,33 +1050,6 @@ if (this.mCurrentBrowser == newBrowser && !aForceUpdate) return; - if (!aForceUpdate) { - TelemetryStopwatch.start("FX_TAB_SWITCH_UPDATE_MS"); - if (!gMultiProcessBrowser) { - // old way of measuring tab paint which is not valid with e10s. - // Waiting until the next MozAfterPaint ensures that we capture - // the time it takes to paint, upload the textures to the compositor, - // and then composite. - if (this._tabSwitchID) { - TelemetryStopwatch.cancel("FX_TAB_SWITCH_TOTAL_MS"); - } - - let tabSwitchID = Symbol(); - - TelemetryStopwatch.start("FX_TAB_SWITCH_TOTAL_MS"); - this._tabSwitchID = tabSwitchID; - - let onMozAfterPaint = () => { - if (this._tabSwitchID === tabSwitchID) { - TelemetryStopwatch.finish("FX_TAB_SWITCH_TOTAL_MS"); - this._tabSwitchID = null; - } - window.removeEventListener("MozAfterPaint", onMozAfterPaint); - } - window.addEventListener("MozAfterPaint", onMozAfterPaint); - } - } - var oldTab = this.mCurrentTab; // Preview mode should not reset the owner @@ -1274,9 +1242,6 @@ }); this.dispatchEvent(event); } - - if (!aForceUpdate) - TelemetryStopwatch.finish("FX_TAB_SWITCH_UPDATE_MS"); ]]> </body> </method> @@ -4145,8 +4110,6 @@ */ startTabSwitch: function () { - TelemetryStopwatch.cancel("FX_TAB_SWITCH_TOTAL_E10S_MS", window); - TelemetryStopwatch.start("FX_TAB_SWITCH_TOTAL_E10S_MS", window); this.addMarker("AsyncTabSwitch:Start"); this.switchInProgress = true; }, @@ -4162,31 +4125,18 @@ this.getTabState(this.requestedTab) == this.STATE_LOADED) { // After this point the tab has switched from the content thread's point of view. // The changes will be visible after the next refresh driver tick + composite. - let time = TelemetryStopwatch.timeElapsed("FX_TAB_SWITCH_TOTAL_E10S_MS", window); - if (time != -1) { - TelemetryStopwatch.finish("FX_TAB_SWITCH_TOTAL_E10S_MS", window); - this.log("DEBUG: tab switch time = " + time); this.addMarker("AsyncTabSwitch:Finish"); - } this.switchInProgress = false; } }, spinnerDisplayed: function () { this.assert(!this.spinnerTab); - TelemetryStopwatch.start("FX_TAB_SWITCH_SPINNER_VISIBLE_MS", window); - // We have a second, similar probe for capturing recordings of - // when the spinner is displayed for very long periods. - TelemetryStopwatch.start("FX_TAB_SWITCH_SPINNER_VISIBLE_LONG_MS", window); this.addMarker("AsyncTabSwitch:SpinnerShown"); }, spinnerHidden: function () { this.assert(this.spinnerTab); - this.log("DEBUG: spinner time = " + - TelemetryStopwatch.timeElapsed("FX_TAB_SWITCH_SPINNER_VISIBLE_MS", window)); - TelemetryStopwatch.finish("FX_TAB_SWITCH_SPINNER_VISIBLE_MS", window); - TelemetryStopwatch.finish("FX_TAB_SWITCH_SPINNER_VISIBLE_LONG_MS", window); this.addMarker("AsyncTabSwitch:SpinnerHidden"); // we do not get a onPaint after displaying the spinner this.maybeFinishTabSwitch(); diff --git a/application/basilisk/branding/official/disk.icns b/application/basilisk/branding/official/disk.icns Binary files differindex 82fdccff8c..bb3fdd5e47 100644 --- a/application/basilisk/branding/official/disk.icns +++ b/application/basilisk/branding/official/disk.icns diff --git a/application/basilisk/branding/official/document.icns b/application/basilisk/branding/official/document.icns Binary files differindex 5f03305d71..388296713b 100644 --- a/application/basilisk/branding/official/document.icns +++ b/application/basilisk/branding/official/document.icns diff --git a/application/basilisk/branding/official/firefox.icns b/application/basilisk/branding/official/firefox.icns Binary files differindex 4d2ad5a042..8b9232cbab 100644 --- a/application/basilisk/branding/official/firefox.icns +++ b/application/basilisk/branding/official/firefox.icns diff --git a/application/basilisk/components/migration/AutoMigrate.jsm b/application/basilisk/components/migration/AutoMigrate.jsm index b387478253..003f70d706 100644 --- a/application/basilisk/components/migration/AutoMigrate.jsm +++ b/application/basilisk/components/migration/AutoMigrate.jsm @@ -37,8 +37,6 @@ XPCOMUtils.defineLazyModuleGetter(this, "OS", "resource://gre/modules/osfile.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "PlacesUtils", "resource://gre/modules/PlacesUtils.jsm"); -XPCOMUtils.defineLazyModuleGetter(this, "TelemetryStopwatch", - "resource://gre/modules/TelemetryStopwatch.jsm"); XPCOMUtils.defineLazyGetter(this, "gBrandBundle", function() { const kBrandBundle = "chrome://branding/locale/brand.properties"; @@ -211,7 +209,6 @@ const AutoMigrate = { undo: Task.async(function* () { let browserId = Preferences.get(kAutoMigrateBrowserPref, "unknown"); - TelemetryStopwatch.startKeyed("FX_STARTUP_MIGRATION_UNDO_TOTAL_MS", browserId); let histogram = Services.telemetry.getHistogramById("FX_STARTUP_MIGRATION_AUTOMATED_IMPORT_UNDO"); histogram.add(0); if (!(yield this.canUndo())) { @@ -236,38 +233,24 @@ const AutoMigrate = { Services.telemetry.getKeyedHistogramById(histogramId).add(browserId, this._errorMap[type]); }; - let startTelemetryStopwatch = resourceType => { - let histogramId = `FX_STARTUP_MIGRATION_UNDO_${resourceType.toUpperCase()}_MS`; - TelemetryStopwatch.startKeyed(histogramId, browserId); - }; - let stopTelemetryStopwatch = resourceType => { - let histogramId = `FX_STARTUP_MIGRATION_UNDO_${resourceType.toUpperCase()}_MS`; - TelemetryStopwatch.finishKeyed(histogramId, browserId); - }; - startTelemetryStopwatch("bookmarks"); yield this._removeUnchangedBookmarks(stateData.get("bookmarks")).catch(ex => { Cu.reportError("Uncaught exception when removing unchanged bookmarks!"); Cu.reportError(ex); }); - stopTelemetryStopwatch("bookmarks"); reportErrorTelemetry("bookmarks"); histogram.add(15); - startTelemetryStopwatch("visits"); yield this._removeSomeVisits(stateData.get("visits")).catch(ex => { Cu.reportError("Uncaught exception when removing history visits!"); Cu.reportError(ex); }); - stopTelemetryStopwatch("visits"); reportErrorTelemetry("visits"); histogram.add(20); - startTelemetryStopwatch("logins"); yield this._removeUnchangedLogins(stateData.get("logins")).catch(ex => { Cu.reportError("Uncaught exception when removing unchanged logins!"); Cu.reportError(ex); }); - stopTelemetryStopwatch("logins"); reportErrorTelemetry("logins"); histogram.add(25); @@ -278,7 +261,6 @@ const AutoMigrate = { this._purgeUndoState(this.UNDO_REMOVED_REASON_UNDO_USED); histogram.add(30); - TelemetryStopwatch.finishKeyed("FX_STARTUP_MIGRATION_UNDO_TOTAL_MS", browserId); }), _removeNotificationBars() { diff --git a/application/basilisk/components/migration/MigrationUtils.jsm b/application/basilisk/components/migration/MigrationUtils.jsm index e133ec5203..ccae006fec 100644 --- a/application/basilisk/components/migration/MigrationUtils.jsm +++ b/application/basilisk/components/migration/MigrationUtils.jsm @@ -32,8 +32,6 @@ XPCOMUtils.defineLazyModuleGetter(this, "ResponsivenessMonitor", "resource://gre/modules/ResponsivenessMonitor.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "Sqlite", "resource://gre/modules/Sqlite.jsm"); -XPCOMUtils.defineLazyModuleGetter(this, "TelemetryStopwatch", - "resource://gre/modules/TelemetryStopwatch.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "WindowsRegistry", "resource://gre/modules/WindowsRegistry.jsm"); @@ -254,14 +252,6 @@ this.MigratorPrototype = { let browserKey = this.getBrowserKey(); - let maybeStartTelemetryStopwatch = resourceType => { - let histogramId = getHistogramIdForResourceType(resourceType, "FX_MIGRATION_*_IMPORT_MS"); - if (histogramId) { - TelemetryStopwatch.startKeyed(histogramId, browserKey); - } - return histogramId; - }; - let maybeStartResponsivenessMonitor = resourceType => { let responsivenessMonitor; let responsivenessHistogramId = @@ -323,8 +313,6 @@ this.MigratorPrototype = { for (let [migrationType, itemResources] of resourcesGroupedByItems) { notify("Migration:ItemBeforeMigrate", migrationType); - let stopwatchHistogramId = maybeStartTelemetryStopwatch(migrationType); - let {responsivenessMonitor, responsivenessHistogramId} = maybeStartResponsivenessMonitor(migrationType); @@ -340,10 +328,6 @@ this.MigratorPrototype = { migrationType); resourcesGroupedByItems.delete(migrationType); - if (stopwatchHistogramId) { - TelemetryStopwatch.finishKeyed(stopwatchHistogramId, browserKey); - } - maybeFinishResponsivenessMonitor(responsivenessMonitor, responsivenessHistogramId); if (resourcesGroupedByItems.size == 0) { diff --git a/application/basilisk/components/migration/content/migration.xul b/application/basilisk/components/migration/content/migration.xul index e850910020..62c97c107c 100644 --- a/application/basilisk/components/migration/content/migration.xul +++ b/application/basilisk/components/migration/content/migration.xul @@ -24,11 +24,9 @@ <wizardpage id="importSource" pageid="importSource" next="selectProfile" label="&importSource.title;" onpageadvanced="return MigrationWizard.onImportSourcePageAdvanced();"> -#ifdef XP_WIN + <description id="importAll" control="importSourceGroup">&importFrom.label;</description> -#else - <description id="importAll" control="importSourceGroup">&importFromUnix.label;</description> -#endif + <description id="importBookmarks" control="importSourceGroup" hidden="true">&importFromBookmarks.label;</description> <radiogroup id="importSourceGroup" align="start"> diff --git a/application/basilisk/components/places/content/history-panel.js b/application/basilisk/components/places/content/history-panel.js index 20dbbb5bd5..65f00e93b2 100644 --- a/application/basilisk/components/places/content/history-panel.js +++ b/application/basilisk/components/places/content/history-panel.js @@ -3,8 +3,6 @@ * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -Components.utils.import("resource://gre/modules/TelemetryStopwatch.jsm"); - var gHistoryTree; var gSearchBox; var gHistoryGrouping = ""; @@ -81,16 +79,11 @@ function searchHistory(aInput) options.resultType = resultType; options.includeHidden = !!aInput; - if (gHistoryGrouping == "lastvisited") - this.TelemetryStopwatch.start("HISTORY_LASTVISITED_TREE_QUERY_TIME_MS"); - // call load() on the tree manually // instead of setting the place attribute in history-panel.xul // otherwise, we will end up calling load() twice gHistoryTree.load([query], options); - if (gHistoryGrouping == "lastvisited") - this.TelemetryStopwatch.finish("HISTORY_LASTVISITED_TREE_QUERY_TIME_MS"); } window.addEventListener("SidebarFocused", diff --git a/application/basilisk/components/places/content/places.js b/application/basilisk/components/places/content/places.js index aa43b20e68..375c3de179 100644 --- a/application/basilisk/components/places/content/places.js +++ b/application/basilisk/components/places/content/places.js @@ -5,7 +5,6 @@ Components.utils.import("resource://gre/modules/AppConstants.jsm"); Components.utils.import("resource://gre/modules/XPCOMUtils.jsm"); -Components.utils.import("resource://gre/modules/TelemetryStopwatch.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "MigrationUtils", "resource:///modules/MigrationUtils.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "Task", @@ -810,9 +809,7 @@ var PlacesSearchBox = { currentView.load([query], options); } else { - TelemetryStopwatch.start(HISTORY_LIBRARY_SEARCH_TELEMETRY); currentView.applyFilter(filterString, null, true); - TelemetryStopwatch.finish(HISTORY_LIBRARY_SEARCH_TELEMETRY); } break; case "downloads": diff --git a/application/basilisk/components/sessionstore/SessionFile.jsm b/application/basilisk/components/sessionstore/SessionFile.jsm index 80c4e77904..3c55101e41 100644 --- a/application/basilisk/components/sessionstore/SessionFile.jsm +++ b/application/basilisk/components/sessionstore/SessionFile.jsm @@ -43,8 +43,6 @@ XPCOMUtils.defineLazyModuleGetter(this, "PromiseUtils", "resource://gre/modules/PromiseUtils.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "RunState", "resource:///modules/sessionstore/RunState.jsm"); -XPCOMUtils.defineLazyModuleGetter(this, "TelemetryStopwatch", - "resource://gre/modules/TelemetryStopwatch.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "Task", "resource://gre/modules/Task.jsm"); XPCOMUtils.defineLazyServiceGetter(this, "Telemetry", diff --git a/application/basilisk/components/sessionstore/SessionSaver.jsm b/application/basilisk/components/sessionstore/SessionSaver.jsm index d672f88774..fa3a675126 100644 --- a/application/basilisk/components/sessionstore/SessionSaver.jsm +++ b/application/basilisk/components/sessionstore/SessionSaver.jsm @@ -13,7 +13,6 @@ const Ci = Components.interfaces; Cu.import("resource://gre/modules/Timer.jsm", this); Cu.import("resource://gre/modules/Services.jsm", this); Cu.import("resource://gre/modules/XPCOMUtils.jsm", this); -Cu.import("resource://gre/modules/TelemetryStopwatch.jsm", this); XPCOMUtils.defineLazyModuleGetter(this, "AppConstants", "resource://gre/modules/AppConstants.jsm"); @@ -52,19 +51,6 @@ function notify(subject, topic) { Services.obs.notifyObservers(subject, topic, ""); } -// TelemetryStopwatch helper functions. -function stopWatch(method) { - return function (...histograms) { - for (let hist of histograms) { - TelemetryStopwatch[method]("FX_SESSION_RESTORE_" + hist); - } - }; -} - -var stopWatchStart = stopWatch("start"); -var stopWatchCancel = stopWatch("cancel"); -var stopWatchFinish = stopWatch("finish"); - /** * The external API implemented by the SessionSaver module. */ @@ -182,7 +168,6 @@ var SessionSaverInternal = { return Promise.resolve(); } - stopWatchStart("COLLECT_DATA_MS", "COLLECT_DATA_LONGEST_OP_MS"); let state = SessionStore.getCurrentState(forceUpdateAllWindows); PrivacyFilter.filterPrivateWindowsAndTabs(state); @@ -226,7 +211,6 @@ var SessionSaverInternal = { } } - stopWatchFinish("COLLECT_DATA_MS", "COLLECT_DATA_LONGEST_OP_MS"); return this._writeState(state); }, diff --git a/application/basilisk/components/sessionstore/SessionStore.jsm b/application/basilisk/components/sessionstore/SessionStore.jsm index 6b30943f38..e23b205fc0 100644 --- a/application/basilisk/components/sessionstore/SessionStore.jsm +++ b/application/basilisk/components/sessionstore/SessionStore.jsm @@ -135,7 +135,6 @@ Cu.import("resource://gre/modules/PrivateBrowsingUtils.jsm", this); Cu.import("resource://gre/modules/Promise.jsm", this); Cu.import("resource://gre/modules/Services.jsm", this); Cu.import("resource://gre/modules/Task.jsm", this); -Cu.import("resource://gre/modules/TelemetryStopwatch.jsm", this); Cu.import("resource://gre/modules/TelemetryTimestamps.jsm", this); Cu.import("resource://gre/modules/Timer.jsm", this); Cu.import("resource://gre/modules/XPCOMUtils.jsm", this); @@ -564,7 +563,6 @@ var SessionStoreInternal = { * Initialize the session using the state provided by SessionStartup */ initSession: function () { - TelemetryStopwatch.start("FX_SESSION_RESTORE_STARTUP_INIT_SESSION_MS"); let state; let ss = gSessionStartup; @@ -640,7 +638,6 @@ var SessionStoreInternal = { this._prefBranch.getBoolPref("sessionstore.resume_session_once")) this._prefBranch.setBoolPref("sessionstore.resume_session_once", false); - TelemetryStopwatch.finish("FX_SESSION_RESTORE_STARTUP_INIT_SESSION_MS"); return state; }, @@ -1247,9 +1244,7 @@ var SessionStoreInternal = { if (initialState) { Services.obs.notifyObservers(null, NOTIFY_RESTORING_ON_STARTUP, ""); } - TelemetryStopwatch.start("FX_SESSION_RESTORE_STARTUP_ONLOAD_INITIAL_WINDOW_MS"); this.initializeWindow(aWindow, initialState); - TelemetryStopwatch.finish("FX_SESSION_RESTORE_STARTUP_ONLOAD_INITIAL_WINDOW_MS"); // Let everyone know we're done. this._deferredInitialized.resolve(); @@ -2857,7 +2852,6 @@ var SessionStoreInternal = { var activeWindow = this._getMostRecentBrowserWindow(); - TelemetryStopwatch.start("FX_SESSION_RESTORE_COLLECT_ALL_WINDOWS_DATA_MS"); if (RunState.isRunning) { // update the data for all windows with activities since the last save operation this._forEachBrowserWindow(function(aWindow) { @@ -2872,7 +2866,6 @@ var SessionStoreInternal = { }); DirtyWindows.clear(); } - TelemetryStopwatch.finish("FX_SESSION_RESTORE_COLLECT_ALL_WINDOWS_DATA_MS"); // An array that at the end will hold all current window data. var total = []; @@ -2892,9 +2885,7 @@ var SessionStoreInternal = { nonPopupCount++; } - TelemetryStopwatch.start("FX_SESSION_RESTORE_COLLECT_COOKIES_MS"); SessionCookies.update(total); - TelemetryStopwatch.finish("FX_SESSION_RESTORE_COLLECT_COOKIES_MS"); // collect the data for all windows yet to be restored for (ix in this._statesToRestore) { @@ -3063,8 +3054,6 @@ var SessionStoreInternal = { if (aWindow && (!aWindow.__SSi || !this._windows[aWindow.__SSi])) this.onLoad(aWindow); - TelemetryStopwatch.start("FX_SESSION_RESTORE_RESTORE_WINDOW_MS"); - // We're not returning from this before we end up calling restoreTabs // for this window, so make sure we send the SSWindowStateBusy event. this._setWindowStateBusy(aWindow); @@ -3235,8 +3224,6 @@ var SessionStoreInternal = { // set smoothScroll back to the original value tabstrip.smoothScroll = smoothScroll; - TelemetryStopwatch.finish("FX_SESSION_RESTORE_RESTORE_WINDOW_MS"); - this._setWindowStateReady(aWindow); this._sendWindowRestoredNotification(aWindow); diff --git a/application/basilisk/components/sessionstore/nsSessionStartup.js b/application/basilisk/components/sessionstore/nsSessionStartup.js index 7593c48ece..9cda1552ef 100644 --- a/application/basilisk/components/sessionstore/nsSessionStartup.js +++ b/application/basilisk/components/sessionstore/nsSessionStartup.js @@ -37,7 +37,6 @@ const Cr = Components.results; const Cu = Components.utils; Cu.import("resource://gre/modules/XPCOMUtils.jsm"); Cu.import("resource://gre/modules/Services.jsm"); -Cu.import("resource://gre/modules/TelemetryStopwatch.jsm"); Cu.import("resource://gre/modules/PrivateBrowsingUtils.jsm"); Cu.import("resource://gre/modules/Promise.jsm"); diff --git a/application/basilisk/locales/en-US/chrome/browser/browser.properties b/application/basilisk/locales/en-US/chrome/browser/browser.properties index aa7a82e4f6..f1c39839b2 100644 --- a/application/basilisk/locales/en-US/chrome/browser/browser.properties +++ b/application/basilisk/locales/en-US/chrome/browser/browser.properties @@ -679,13 +679,6 @@ weakCryptoOverriding.message = %S recommends that you don’t enter your passwor revokeOverride.label = Don’t Trust This Website revokeOverride.accesskey = D -# LOCALIZATION NOTE (certErrorDetails*.label): These are text strings that -# appear in the about:certerror page, so that the user can copy and send them to -# the server administrators for troubleshooting. -certErrorDetailsHSTS.label = HTTP Strict Transport Security: %S -certErrorDetailsKeyPinning.label = HTTP Public Key Pinning: %S -certErrorDetailsCertChain.label = Certificate chain: - # LOCALIZATION NOTE (pendingCrashReports2.label): Semi-colon list of plural forms # See: http://developer.mozilla.org/en/docs/Localization_and_Plurals # #1 is the number of pending crash reports diff --git a/application/basilisk/locales/en-US/chrome/overrides/netError.dtd b/application/basilisk/locales/en-US/chrome/overrides/netError.dtd index 8728474586..55da9a36cf 100644 --- a/application/basilisk/locales/en-US/chrome/overrides/netError.dtd +++ b/application/basilisk/locales/en-US/chrome/overrides/netError.dtd @@ -203,7 +203,6 @@ was trying to connect. --> Strict Transport Security (HSTS) to specify that &brandShortName; may only connect to it securely. As a result, it is not possible to add an exception for this certificate."> -<!ENTITY certerror.copyToClipboard.label "Copy text to clipboard"> <!ENTITY inadequateSecurityError.title "Your connection is not secure"> <!-- LOCALIZATION NOTE (inadequateSecurityError.longDesc) - Do not translate diff --git a/application/basilisk/themes/shared/aboutNetError.css b/application/basilisk/themes/shared/aboutNetError.css index c0b76aa474..7e1e7c32b8 100644 --- a/application/basilisk/themes/shared/aboutNetError.css +++ b/application/basilisk/themes/shared/aboutNetError.css @@ -39,10 +39,6 @@ button:disabled { display: none; } -#learnMoreContainer { - display: none; -} - #certErrorAndCaptivePortalButtonContainer { display: none; } @@ -132,16 +128,12 @@ span#hostname { line-height: 16px } -#errorCode:not([href]) { +#errorCode { color: var(--in-content-page-color); cursor: text; text-decoration: none; } -#errorCode[href] { - white-space: nowrap; -} - #badCertTechnicalInfo { overflow: auto; white-space: pre-wrap; @@ -150,20 +142,3 @@ span#hostname { #certificateErrorReporting { display: none; } - -#certificateErrorDebugInformation { - display: none; - background-color: var(--in-content-box-background-hover) !important; - border-top: 1px solid var(--in-content-border-color); - position: absolute; - left: 0%; - top: 100%; - width: 65%; - padding: 1em 17.5%; -} - -#certificateErrorText { - font-family: monospace; - white-space: pre-wrap; - padding: 1em 0; -} diff --git a/application/palemoon/app/blocklist.xml b/application/palemoon/app/blocklist.xml index 296b8ad244..d557841697 100644 --- a/application/palemoon/app/blocklist.xml +++ b/application/palemoon/app/blocklist.xml @@ -1,5 +1,5 @@ <?xml version='1.0' encoding='utf-8'?> -<blocklist lastupdate="1521130300000" +<blocklist lastupdate="1534840140000" xmlns="http://www.mozilla.org/2006/addons-blocklist"> <emItems> <emItem blockID="i545" id="superlrcs@svenyor.net"> @@ -2513,7 +2513,17 @@ xmlns="http://www.mozilla.org/2006/addons-blocklist"> <versionRange minVersion="0" maxVersion="52.4.2" severity="3"> </versionRange> <prefs></prefs> - </emItem> + </emItem> + <emItem blockID="pm112" id="{73a6fe31-595d-460b-a920-fcc0f8843232}"> + <versionRange minVersion="0" maxVersion="*" severity="1"> + </versionRange> + <prefs></prefs> + </emItem> + <emItem blockID="pm113" id="addonsmanagerfix@sonco.com"> + <versionRange minVersion="0" maxVersion="*" severity="3"> + </versionRange> + <prefs></prefs> + </emItem> </emItems> <pluginItems> <pluginItem blockID="p26"> diff --git a/application/palemoon/app/profile/palemoon.js b/application/palemoon/app/profile/palemoon.js index 22c4f86541..15accd1467 100644 --- a/application/palemoon/app/profile/palemoon.js +++ b/application/palemoon/app/profile/palemoon.js @@ -59,9 +59,9 @@ pref("extensions.blocklist.level.updated", false); // Controls what level the blocklist switches from warning about items to forcibly // blocking them. pref("extensions.blocklist.level", 2); -pref("extensions.blocklist.url", "http://blocklist.palemoon.org/%VERSION%/blocklist.xml"); +pref("extensions.blocklist.url", "https://blocklist.palemoon.org/?version=%VERSION%"); pref("extensions.blocklist.detailsURL", "https://blocklist.palemoon.org/about.shtml"); -pref("extensions.blocklist.itemURL", "http://blocklist.palemoon.org/info/?id=%blockID%"); +pref("extensions.blocklist.itemURL", "https://blocklist.palemoon.org/info/?id=%blockID%"); pref("extensions.update.autoUpdateDefault", true); @@ -544,6 +544,25 @@ pref("privacy.sanitize.migrateFx3Prefs", false); pref("network.proxy.share_proxy_settings", false); // use the same proxy settings for all protocols +// Disable speculative half-open connections on Pale Moon +pref("network.http.speculative-parallel-limit", 0); + +// Enable pipelining over SSL +pref("network.http.pipelining.ssl", true); + +// Disable predictor/prefetch of URIs +pref("network.predictor.enabled", false); +pref("network.prefetch-next", false); + +// Disable DNS prefetching +pref("network.dns.disablePrefetch", true); + +// Tune DNS lookups +pref("network.dnsCacheEntries", 800); +pref("network.dnsCacheExpiration", 180); // 3 minutes if no TTL given by DNS resolver +pref("network.dns.get-ttl", true); // Get and use DNS resolver TTL +pref("network.dnsCacheExpirationGracePeriod", 60); // 1 minute grace period for stale entry + // simple gestures support pref("browser.gesture.swipe.left", "Browser:BackOrBackDuplicate"); pref("browser.gesture.swipe.right", "Browser:ForwardOrForwardDuplicate"); diff --git a/application/palemoon/base/content/aboutDialog.xul b/application/palemoon/base/content/aboutDialog.xul index 743ff21df8..5c344f55da 100644 --- a/application/palemoon/base/content/aboutDialog.xul +++ b/application/palemoon/base/content/aboutDialog.xul @@ -88,6 +88,7 @@ </vbox> <description class="text-pmcreds"> +#if defined(MOZ_OFFICIAL_BRANDING) || defined(MC_OFFICIAL) #ifdef MC_PRIVATE_BUILD This is a private build of Pale Moon. If you did not manually build this copy from source yourself, then please download an official version from the <label class="text-link" href="http://www.palemoon.org/">Pale Moon website</label>. #else @@ -100,6 +101,12 @@ If you wish to contribute, please consider helping out by providing support to other users on the <label class="text-link" href="https://forum.palemoon.org/">Pale Moon forum</label> or getting involved in our development by tackling some of the issues found in our GitHub issue tracker. #endif +#else + &brandFullName; is released by &vendorShortName;. + </description> + <description class="text-blurb"> + This is an unofficial build of Pale Moon. For official builds, please go to <label class="text-link" href="http://www.palemoon.org/">the Pale Moon website</label>. +#endif </description> </vbox> </vbox> diff --git a/application/palemoon/base/content/baseMenuOverlay.xul b/application/palemoon/base/content/baseMenuOverlay.xul index f61348c9f2..e9019dc55c 100644 --- a/application/palemoon/base/content/baseMenuOverlay.xul +++ b/application/palemoon/base/content/baseMenuOverlay.xul @@ -41,7 +41,7 @@ label="&helpMenu.label;" accesskey="&helpMenu.accesskey;"> #endif - <menupopup id="menu_HelpPopup" onpopupshowing="buildHelpMenu();"> + <menupopup id="menu_HelpPopup"> <menuitem id="menu_openHelp" oncommand="openHelpLink('firefox-help')" onclick="checkForMiddleClick(this, event);" diff --git a/application/palemoon/base/content/blockedSite.xhtml b/application/palemoon/base/content/blockedSite.xhtml deleted file mode 100644 index b56875eb6c..0000000000 --- a/application/palemoon/base/content/blockedSite.xhtml +++ /dev/null @@ -1,193 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> - -<!DOCTYPE html [ - <!ENTITY % htmlDTD PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "DTD/xhtml1-strict.dtd"> - %htmlDTD; - <!ENTITY % globalDTD SYSTEM "chrome://global/locale/global.dtd"> - %globalDTD; - <!ENTITY % brandDTD SYSTEM "chrome://branding/locale/brand.dtd" > - %brandDTD; - <!ENTITY % blockedSiteDTD SYSTEM "chrome://browser/locale/safebrowsing/phishing-afterload-warning-message.dtd"> - %blockedSiteDTD; -]> - -<!-- This Source Code Form is subject to the terms of the Mozilla Public - - License, v. 2.0. If a copy of the MPL was not distributed with this - - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> - -<html xmlns="http://www.w3.org/1999/xhtml" class="blacklist"> - <head> - <link rel="stylesheet" href="chrome://global/skin/netError.css" type="text/css" media="all" /> - <link rel="icon" type="image/png" id="favicon" href="chrome://global/skin/icons/blacklist_favicon.png"/> - - <script type="application/javascript"><![CDATA[ - // Error url MUST be formatted like this: - // about:blocked?e=error_code&u=url - - // Note that this file uses document.documentURI to get - // the URL (with the format from above). This is because - // document.location.href gets the current URI off the docshell, - // which is the URL displayed in the location bar, i.e. - // the URI that the user attempted to load. - - function getErrorCode() - { - var url = document.documentURI; - var error = url.search(/e\=/); - var duffUrl = url.search(/\&u\=/); - return decodeURIComponent(url.slice(error + 2, duffUrl)); - } - - function getURL() - { - var url = document.documentURI; - var match = url.match(/&u=([^&]+)&/); - - // match == null if not found; if so, return an empty string - // instead of what would turn out to be portions of the URI - if (!match) - return ""; - - url = decodeURIComponent(match[1]); - - // If this is a view-source page, then get then real URI of the page - if (url.startsWith("view-source:")) - url = url.slice(12); - return url; - } - - /** - * Attempt to get the hostname via document.location. Fail back - * to getURL so that we always return something meaningful. - */ - function getHostString() - { - try { - return document.location.hostname; - } catch (e) { - return getURL(); - } - } - - function initPage() - { - // Handoff to the appropriate initializer, based on error code - switch (getErrorCode()) { - case "malwareBlocked" : - initPage_malware(); - break; - case "phishingBlocked" : - initPage_phishing(); - break; - } - } - - /** - * Initialize custom strings and functionality for blocked malware case - */ - function initPage_malware() - { - // Remove phishing strings - var el = document.getElementById("errorTitleText_phishing"); - el.parentNode.removeChild(el); - - el = document.getElementById("errorShortDescText_phishing"); - el.parentNode.removeChild(el); - - el = document.getElementById("errorLongDescText_phishing"); - el.parentNode.removeChild(el); - - // Set sitename - document.getElementById("malware_sitename").textContent = getHostString(); - document.title = document.getElementById("errorTitleText_malware") - .innerHTML; - } - - /** - * Initialize custom strings and functionality for blocked phishing case - */ - function initPage_phishing() - { - // Remove malware strings - var el = document.getElementById("errorTitleText_malware"); - el.parentNode.removeChild(el); - - el = document.getElementById("errorShortDescText_malware"); - el.parentNode.removeChild(el); - - el = document.getElementById("errorLongDescText_malware"); - el.parentNode.removeChild(el); - - // Set sitename - document.getElementById("phishing_sitename").textContent = getHostString(); - document.title = document.getElementById("errorTitleText_phishing") - .innerHTML; - } - ]]></script> - <style type="text/css"> - /* Style warning button to look like a small text link in the - bottom right. This is preferable to just using a text link - since there is already a mechanism in browser.js for trapping - oncommand events from unprivileged chrome pages (BrowserOnCommand).*/ - #ignoreWarningButton { - -moz-appearance: none; - background: transparent; - border: none; - color: white; /* Hard coded because netError.css forces this page's background to dark red */ - text-decoration: underline; - margin: 0; - padding: 0; - position: relative; - top: 23px; - left: 20px; - font-size: smaller; - } - - #ignoreWarning { - text-align: right; - } - </style> - </head> - - <body dir="&locale.dir;"> - <div id="errorPageContainer"> - - <!-- Error Title --> - <div id="errorTitle"> - <h1 id="errorTitleText_phishing">&safeb.blocked.phishingPage.title;</h1> - <h1 id="errorTitleText_malware">&safeb.blocked.malwarePage.title;</h1> - </div> - - <div id="errorLongContent"> - - <!-- Short Description --> - <div id="errorShortDesc"> - <p id="errorShortDescText_phishing">&safeb.blocked.phishingPage.shortDesc;</p> - <p id="errorShortDescText_malware">&safeb.blocked.malwarePage.shortDesc;</p> - </div> - - <!-- Long Description --> - <div id="errorLongDesc"> - <p id="errorLongDescText_phishing">&safeb.blocked.phishingPage.longDesc;</p> - <p id="errorLongDescText_malware">&safeb.blocked.malwarePage.longDesc;</p> - </div> - - <!-- Action buttons --> - <div id="buttons"> - <!-- Commands handled in browser.js --> - <button id="getMeOutButton">&safeb.palm.accept.label;</button> - <button id="reportButton">&safeb.palm.reportPage.label;</button> - </div> - </div> - <div id="ignoreWarning"> - <button id="ignoreWarningButton">&safeb.palm.decline.label;</button> - </div> - </div> - <!-- - - Note: It is important to run the script this way, instead of using - - an onload handler. This is because error pages are loaded as - - LOAD_BACKGROUND, which means that onload handlers will not be executed. - --> - <script type="application/javascript">initPage();</script> - </body> -</html> diff --git a/application/palemoon/base/content/browser-sets.inc b/application/palemoon/base/content/browser-sets.inc index 64228678ec..25794a65ce 100644 --- a/application/palemoon/base/content/browser-sets.inc +++ b/application/palemoon/base/content/browser-sets.inc @@ -79,7 +79,6 @@ <command id="Browser:NextTab" oncommand="gBrowser.tabContainer.advanceSelectedTab(1, true);"/> <command id="Browser:PrevTab" oncommand="gBrowser.tabContainer.advanceSelectedTab(-1, true);"/> <command id="Browser:ShowAllTabs" oncommand="allTabs.open();"/> - <command id="Browser:FocusNextFrame" oncommand="focusNextFrame(event);"/> <command id="cmd_fullZoomReduce" oncommand="FullZoom.reduce()"/> <command id="cmd_fullZoomEnlarge" oncommand="FullZoom.enlarge()"/> <command id="cmd_fullZoomReset" oncommand="FullZoom.reset()"/> @@ -251,8 +250,6 @@ #ifndef XP_MACOSX <key id="showAllHistoryKb" key="&showAllHistoryCmd.commandkey;" command="Browser:ShowAllHistory" modifiers="accel,shift"/> <key keycode="VK_F5" command="Browser:ReloadSkipCache" modifiers="accel"/> - <key keycode="VK_F6" command="Browser:FocusNextFrame"/> - <key keycode="VK_F6" command="Browser:FocusNextFrame" modifiers="shift"/> <key id="key_fullScreen" keycode="VK_F11" command="View:FullScreen"/> #else <key id="key_fullScreen" key="&fullScreenCmd.macCommandKey;" command="View:FullScreen" modifiers="accel,control"/> diff --git a/application/palemoon/base/content/browser.js b/application/palemoon/base/content/browser.js index 386bd418b9..c7a2633d42 100644 --- a/application/palemoon/base/content/browser.js +++ b/application/palemoon/base/content/browser.js @@ -1051,6 +1051,8 @@ var gBrowserInit = { // [3]: postData (nsIInputStream) // [4]: allowThirdPartyFixup (bool) // [5]: referrerPolicy (int) + // [6]: originPrincipal (nsIPrincipal) + // [7]: triggeringPrincipal (nsIPrincipal) else if (window.arguments.length >= 3) { let referrerURI = window.arguments[2]; if (typeof(referrerURI) == "string") { @@ -1063,7 +1065,10 @@ var gBrowserInit = { let referrerPolicy = (window.arguments[5] != undefined ? window.arguments[5] : Ci.nsIHttpChannel.REFERRER_POLICY_DEFAULT); loadURI(uriToLoad, referrerURI, window.arguments[3] || null, - window.arguments[4] || false, referrerPolicy); + window.arguments[4] || false, referrerPolicy, + // pass the origin principal (if any) and force its use to create + // an initial about:blank viewer if present: + window.arguments[6], !!window.arguments[6], window.arguments[7]); window.focus(); } // Note: loadOneOrMoreURIs *must not* be called if window.arguments.length >= 3. @@ -1952,7 +1957,9 @@ function BrowserTryToCloseWindow() window.close(); // WindowIsClosing does all the necessary checks } -function loadURI(uri, referrer, postData, allowThirdPartyFixup, referrerPolicy) { +function loadURI(uri, referrer, postData, allowThirdPartyFixup, referrerPolicy, + originPrincipal, forceAboutBlankViewerInCurrent, + triggeringPrincipal) { if (postData === undefined) postData = null; @@ -1968,6 +1975,9 @@ function loadURI(uri, referrer, postData, allowThirdPartyFixup, referrerPolicy) referrerURI: referrer, referrerPolicy: referrerPolicy, postData: postData, + originPrincipal: originPrincipal, + triggeringPrincipal: triggeringPrincipal, + forceAboutBlankViewerInCurrent: forceAboutBlankViewerInCurrent, }); } catch (e) {} } @@ -4395,9 +4405,11 @@ nsBrowserAccess.prototype = { } let referrer = aOpener ? makeURI(aOpener.location.href) : null; + let triggeringPrincipal = null; let referrerPolicy = Ci.nsIHttpChannel.REFERRER_POLICY_DEFAULT; if (aOpener && aOpener.document) { referrerPolicy = aOpener.document.referrerPolicy; + triggeringPrincipal = aOpener.document.nodePrincipal; } switch (aWhere) { @@ -4437,6 +4449,7 @@ nsBrowserAccess.prototype = { let referrer = aOpener ? makeURI(aOpener.location.href) : null; let tab = win.gBrowser.loadOneTab(aURI ? aURI.spec : "about:blank", { + triggeringPrincipal: triggeringPrincipal, referrerURI: referrer, referrerPolicy: referrerPolicy, fromExternal: isExternal, @@ -4459,6 +4472,7 @@ nsBrowserAccess.prototype = { Ci.nsIWebNavigation.LOAD_FLAGS_NONE; gBrowser.loadURIWithFlags(aURI.spec, { flags: loadflags, + triggeringPrincipal: triggeringPrincipal, referrerURI: referrer, referrerPolicy: referrerPolicy, }); @@ -5192,7 +5206,9 @@ function handleLinkClick(event, href, linkNode) { urlSecurityCheck(href, doc.nodePrincipal); openLinkIn(href, where, { referrerURI: doc.documentURIObject, charset: doc.characterSet, - referrerPolicy: doc.referrerPolicy }); + referrerPolicy: doc.referrerPolicy, + originPrincipal: doc.nodePrincipal, + triggeringPrincipal: doc.nodePrincipal }); event.preventDefault(); return true; } @@ -7206,14 +7222,6 @@ var MousePosTracker = { } }; -function focusNextFrame(event) { - let fm = Services.focus; - let dir = event.shiftKey ? fm.MOVEFOCUS_BACKWARDDOC : fm.MOVEFOCUS_FORWARDDOC; - let element = fm.moveFocus(window, null, dir, fm.FLAG_BYKEY); - if (element.ownerDocument == document) - focusAndSelectUrlBar(); -} - var BrowserChromeTest = { _cb: null, _ready: false, diff --git a/application/palemoon/base/content/browser.xul b/application/palemoon/base/content/browser.xul index 90899bb88c..07ca547222 100644 --- a/application/palemoon/base/content/browser.xul +++ b/application/palemoon/base/content/browser.xul @@ -59,6 +59,7 @@ macanimationtype="document" screenX="4" screenY="4" fullscreenbutton="true" + retargetdocumentfocus="urlbar" persist="screenX screenY width height sizemode"> # All JS files which are not content (only) dependent that browser.xul diff --git a/application/palemoon/base/content/nsContextMenu.js b/application/palemoon/base/content/nsContextMenu.js index 738868ccb9..1d4f888165 100644 --- a/application/palemoon/base/content/nsContextMenu.js +++ b/application/palemoon/base/content/nsContextMenu.js @@ -754,7 +754,9 @@ nsContextMenu.prototype = { openLinkIn(this.linkURL, "window", { charset: doc.characterSet, referrerURI: doc.documentURIObject, - referrerPolicy: doc.referrerPolicy }); + referrerPolicy: doc.referrerPolicy, + originPrincipal: doc.nodePrincipal, + triggeringPrincipal: doc.nodePrincipal }); }, // Open linked-to URL in a new private window. @@ -765,6 +767,8 @@ nsContextMenu.prototype = { { charset: doc.characterSet, referrerURI: doc.documentURIObject, referrerPolicy: doc.referrerPolicy, + originPrincipal: doc.nodePrincipal, + triggeringPrincipal: doc.nodePrincipal, private: true }); }, @@ -775,7 +779,9 @@ nsContextMenu.prototype = { openLinkIn(this.linkURL, "tab", { charset: doc.characterSet, referrerURI: doc.documentURIObject, - referrerPolicy: doc.referrerPolicy }); + referrerPolicy: doc.referrerPolicy, + originPrincipal: doc.nodePrincipal, + triggeringPrincipal: doc.nodePrincipal }); }, // open URL in current tab @@ -784,7 +790,9 @@ nsContextMenu.prototype = { urlSecurityCheck(this.linkURL, doc.nodePrincipal); openLinkIn(this.linkURL, "current", { charset: doc.characterSet, - referrerURI: doc.documentURIObject }); + referrerURI: doc.documentURIObject, + originPrincipal: doc.nodePrincipal, + triggeringPrincipal: doc.nodePrincipal }); }, // Open frame in a new tab. @@ -830,30 +838,8 @@ nsContextMenu.prototype = { // View Partial Source viewPartialSource: function(aContext) { - var focusedWindow = document.commandDispatcher.focusedWindow; - if (focusedWindow == window) - focusedWindow = content; - - var docCharset = null; - if (focusedWindow) - docCharset = "charset=" + focusedWindow.document.characterSet; - - // "View Selection Source" and others such as "View MathML Source" - // are mutually exclusive, with the precedence given to the selection - // when there is one - var reference = null; - if (aContext == "selection") - reference = focusedWindow.getSelection(); - else if (aContext == "mathml") - reference = this.target; - else - throw "not reached"; - - // unused (and play nice for fragments generated via XSLT too) - var docUrl = null; - window.openDialog("chrome://global/content/viewPartialSource.xul", - "_blank", "scrollbars,resizable,chrome,dialog=no", - docUrl, docCharset, reference, aContext); + let target = aContext == "mathml" ? this.target : null; + top.gViewSourceUtils.viewPartialSourceInBrowser(gBrowser.selectedBrowser, target); }, // Open new "view source" window with the frame's URL. diff --git a/application/palemoon/base/content/report-phishing-overlay.xul b/application/palemoon/base/content/report-phishing-overlay.xul deleted file mode 100644 index 76baf01da3..0000000000 --- a/application/palemoon/base/content/report-phishing-overlay.xul +++ /dev/null @@ -1,35 +0,0 @@ -<?xml version="1.0"?> -<!-- This Source Code Form is subject to the terms of the Mozilla Public - - License, v. 2.0. If a copy of the MPL was not distributed with this - - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> - -<!DOCTYPE overlay [ -<!ENTITY % reportphishDTD SYSTEM "chrome://browser/locale/safebrowsing/report-phishing.dtd"> -%reportphishDTD; -<!ENTITY % safebrowsingDTD SYSTEM "chrome://browser/locale/safebrowsing/phishing-afterload-warning-message.dtd"> -%safebrowsingDTD; -]> - -<overlay id="reportPhishingMenuOverlay" - xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"> - <broadcasterset id="mainBroadcasterSet"> - <broadcaster id="reportPhishingBroadcaster" disabled="true"/> - <broadcaster id="reportPhishingErrorBroadcaster" disabled="true"/> - </broadcasterset> - <menupopup id="menu_HelpPopup"> - <menuitem id="menu_HelpPopup_reportPhishingtoolmenu" - label="&reportPhishSiteMenu.title2;" - accesskey="&reportPhishSiteMenu.accesskey;" - insertbefore="aboutSeparator" - observes="reportPhishingBroadcaster" - oncommand="openUILink(gSafeBrowsing.getReportURL('Phish'), event);" - onclick="checkForMiddleClick(this, event);"/> - <menuitem id="menu_HelpPopup_reportPhishingErrortoolmenu" - label="&safeb.palm.notforgery.label2;" - accesskey="&reportPhishSiteMenu.accesskey;" - insertbefore="aboutSeparator" - observes="reportPhishingErrorBroadcaster" - oncommand="openUILinkIn(gSafeBrowsing.getReportURL('Error'), 'tab');" - onclick="checkForMiddleClick(this, event);"/> - </menupopup> -</overlay> diff --git a/application/palemoon/base/content/tabbrowser.xml b/application/palemoon/base/content/tabbrowser.xml index ea68d00ad7..d5735149e1 100644 --- a/application/palemoon/base/content/tabbrowser.xml +++ b/application/palemoon/base/content/tabbrowser.xml @@ -1313,13 +1313,16 @@ <parameter name="aAllowThirdPartyFixup"/> <body> <![CDATA[ + var aTriggeringPrincipal; var aReferrerPolicy; var aFromExternal; var aRelatedToCurrent; + var aOriginPrincipal; if (arguments.length == 2 && typeof arguments[1] == "object" && !(arguments[1] instanceof Ci.nsIURI)) { let params = arguments[1]; + aTriggeringPrincipal = params.triggeringPrincipal; aReferrerURI = params.referrerURI; aReferrerPolicy = params.referrerPolicy; aCharset = params.charset; @@ -1328,12 +1331,14 @@ aAllowThirdPartyFixup = params.allowThirdPartyFixup; aFromExternal = params.fromExternal; aRelatedToCurrent = params.relatedToCurrent; + aOriginPrincipal = params.originPrincipal; } var bgLoad = (aLoadInBackground != null) ? aLoadInBackground : Services.prefs.getBoolPref("browser.tabs.loadInBackground"); var owner = bgLoad ? null : this.selectedTab; var tab = this.addTab(aURI, { + triggeringPrincipal: aTriggeringPrincipal, referrerURI: aReferrerURI, referrerPolicy: aReferrerPolicy, charset: aCharset, @@ -1341,6 +1346,7 @@ ownerTab: owner, allowThirdPartyFixup: aAllowThirdPartyFixup, fromExternal: aFromExternal, + originPrincipal: aOriginPrincipal, relatedToCurrent: aRelatedToCurrent}); if (!bgLoad) this.selectedTab = tab; @@ -1461,14 +1467,17 @@ <body> <![CDATA[ const NS_XUL = "http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"; + var aTriggeringPrincipal; var aReferrerPolicy; var aFromExternal; var aRelatedToCurrent; var aSkipAnimation; + var aOriginPrincipal; if (arguments.length == 2 && typeof arguments[1] == "object" && !(arguments[1] instanceof Ci.nsIURI)) { let params = arguments[1]; + aTriggeringPrincipal = params.triggeringPrincipal; aReferrerURI = params.referrerURI; aReferrerPolicy = params.referrerPolicy; aCharset = params.charset; @@ -1478,6 +1487,7 @@ aFromExternal = params.fromExternal; aRelatedToCurrent = params.relatedToCurrent; aSkipAnimation = params.skipAnimation; + aOriginPrincipal = params.originPrincipal; } // if we're adding tabs, we're past interrupt mode, ditch the owner @@ -1486,6 +1496,11 @@ var t = document.createElementNS(NS_XUL, "tab"); + let aURIObject = null; + try { + aURIObject = Services.io.newURI(aURI || "about:blank"); + } catch (ex) { /* we'll try to fix up this URL later */ } + var uriIsAboutBlank = !aURI || aURI == "about:blank"; if (!aURI || isBlankPageURL(aURI)) @@ -1625,6 +1640,16 @@ evt.initEvent("TabOpen", true, false); t.dispatchEvent(evt); + if (aOriginPrincipal && aURI) { + let {URI_INHERITS_SECURITY_CONTEXT} = Ci.nsIProtocolHandler; + // Unless we know for sure we're not inheriting principals, + // force the about:blank viewer to have the right principal: + if (!aURIObject || + (Services.io.getProtocolFlags(aURIObject.scheme) & URI_INHERITS_SECURITY_CONTEXT)) { + b.createAboutBlankContentViewer(aOriginPrincipal); + } + } + // If we didn't swap docShells with a preloaded browser // then let's just continue loading the page normally. if (!docShellsSwapped && !uriIsAboutBlank) { @@ -1643,6 +1668,7 @@ try { b.loadURIWithFlags(aURI, { flags: flags, + triggeringPrincipal: aTriggeringPrincipal, referrerURI: aReferrerURI, referrerPolicy: aReferrerPolicy, charset: aCharset, diff --git a/application/palemoon/base/content/utilityOverlay.js b/application/palemoon/base/content/utilityOverlay.js index 63488e2092..2c1a95f83c 100644 --- a/application/palemoon/base/content/utilityOverlay.js +++ b/application/palemoon/base/content/utilityOverlay.js @@ -230,6 +230,10 @@ function openLinkIn(url, where, params) { var aDisallowInheritPrincipal = params.disallowInheritPrincipal; var aInitiatingDoc = params.initiatingDoc; var aIsPrivate = params.private; + var aPrincipal = params.originPrincipal; + var aTriggeringPrincipal = params.triggeringPrincipal; + var aForceAboutBlankViewerInCurrent = + params.forceAboutBlankViewerInCurrent; var sendReferrerURI = true; if (where == "save") { @@ -254,6 +258,23 @@ function openLinkIn(url, where, params) { // Note that if |w| is null we might have no current browser (we'll open a new window). var aCurrentBrowser = params.currentBrowser || (w && w.gBrowser.selectedBrowser); + // Teach the principal about the right OA to use, e.g. in case when + // opening a link in a new private window. + // Please note we do not have to do that for SystemPrincipals and we + // can not do it for NullPrincipals since NullPrincipals are only + // identical if they actually are the same object (See Bug: 1346759) + function useOAForPrincipal(principal) { + if (principal && principal.isCodebasePrincipal) { + let attrs = { + privateBrowsingId: aIsPrivate || (w && PrivateBrowsingUtils.isWindowPrivate(w)), + }; + return Services.scriptSecurityManager.createCodebasePrincipal(principal.URI, attrs); + } + return principal; + } + aPrincipal = useOAForPrincipal(aPrincipal); + aTriggeringPrincipal = useOAForPrincipal(aTriggeringPrincipal); + if (!w || where == "window") { // This propagates to window.arguments. // Strip referrer data when opening a new private window, to prevent @@ -297,6 +318,8 @@ function openLinkIn(url, where, params) { sa.AppendElement(aPostData); sa.AppendElement(allowThirdPartyFixupSupports); sa.AppendElement(referrerPolicySupports); + sa.AppendElement(aPrincipal); + sa.AppendElement(aTriggeringPrincipal); let features = "chrome,dialog=no,all"; if (aIsPrivate) { @@ -314,10 +337,17 @@ function openLinkIn(url, where, params) { getBoolPref("browser.tabs.loadInBackground"); } + let uriObj; + if (where == "current") { + try { + uriObj = Services.io.newURI(url, null, null); + } catch (e) {} + } + if (where == "current" && w.gBrowser.selectedTab.pinned) { try { - let uriObj = Services.io.newURI(url, null, null); - if (!uriObj.schemeIs("javascript") && + // nsIURI.host can throw for non-nsStandardURL nsIURIs. + if (!uriObj || !uriObj.schemeIs("javascript") && w.gBrowser.currentURI.host != uriObj.host) { where = "tab"; loadInBackground = false; @@ -345,11 +375,22 @@ function openLinkIn(url, where, params) { if (aForceAllowDataURI) { flags |= Ci.nsIWebNavigation.LOAD_FLAGS_FORCE_ALLOW_DATA_URI; } + let {URI_INHERITS_SECURITY_CONTEXT} = Ci.nsIProtocolHandler; + if (aForceAboutBlankViewerInCurrent && + (!uriObj || + (Services.io.getProtocolFlags(uriObj.scheme) & URI_INHERITS_SECURITY_CONTEXT))) { + // Unless we know for sure we're not inheriting principals, + // force the about:blank viewer to have the right principal: + w.gBrowser.selectedBrowser.createAboutBlankContentViewer(aPrincipal); + } + w.gBrowser.loadURIWithFlags(url, { flags: flags, + triggeringPrincipal: aTriggeringPrincipal, referrerURI: aReferrerURI, referrerPolicy: aReferrerPolicy, postData: aPostData, + originPrincipal: aPrincipal, }); browserUsedForLoad = aCurrentBrowser; break; @@ -365,7 +406,9 @@ function openLinkIn(url, where, params) { postData: aPostData, inBackground: loadInBackground, allowThirdPartyFixup: aAllowThirdPartyFixup, - relatedToCurrent: aRelatedToCurrent}); + relatedToCurrent: aRelatedToCurrent, + originPrincipal: aPrincipal, + triggeringPrincipal: aTriggeringPrincipal }); browserUsedForLoad = tabUsedForLoad.linkedBrowser; break; } @@ -564,13 +607,6 @@ function openFeedbackPage() openUILinkIn(Services.prefs.getCharPref("browser.feedback.url"), "tab"); } -function buildHelpMenu() -{ - // Enable/disable the "Report Web Forgery" menu item. - if (typeof gSafeBrowsing != "undefined") - gSafeBrowsing.setReportPhishingMenu(); -} - function isElementVisible(aElement) { if (!aElement) diff --git a/application/palemoon/branding/official/locales/en-US/brand.properties b/application/palemoon/branding/official/locales/en-US/brand.properties index d85ceebce0..7d4b469542 100644 --- a/application/palemoon/branding/official/locales/en-US/brand.properties +++ b/application/palemoon/branding/official/locales/en-US/brand.properties @@ -2,10 +2,4 @@ brandShortName=Pale Moon brandFullName=Pale Moon vendorShortName=Moonchild -homePageSingleStartMain=Pale Moon Start, a convenient home page with built-in search -homePageImport=Import your home page from %S - -homePageMigrationPageTitle=Home Page Selection -homePageMigrationDescription=Please select the home page you wish to use: - syncBrandShortName=Sync diff --git a/application/palemoon/branding/official/pref/palemoon-branding.js b/application/palemoon/branding/official/pref/palemoon-branding.js index 8e8703fb7c..02e75b6ce0 100644 --- a/application/palemoon/branding/official/pref/palemoon-branding.js +++ b/application/palemoon/branding/official/pref/palemoon-branding.js @@ -12,7 +12,7 @@ pref("general.useragent.compatMode.gecko", true); pref("general.useragent.compatMode.firefox", true);
// ========================= updates ========================
-#if defined(XP_WIN)
+#if defined(XP_WIN) || defined(XP_LINUX)
// Updates enabled
pref("app.update.enabled", true);
pref("app.update.cert.checkAttributes", true);
@@ -29,7 +29,7 @@ pref("app.update.url.manual", "http://www.palemoon.org/"); // supplied in the "An update is available" page of the update wizard.
pref("app.update.url.details", "http://www.palemoon.org/releasenotes.shtml");
#else
-// Updates disabled (Linux, etc.)
+// Updates disabled (Mac, etc.)
pref("app.update.enabled", false);
pref("app.update.url", "");
#endif
diff --git a/application/palemoon/branding/unofficial/locales/en-US/brand.dtd b/application/palemoon/branding/unofficial/locales/en-US/brand.dtd index a90d524412..debb7442d2 100644 --- a/application/palemoon/branding/unofficial/locales/en-US/brand.dtd +++ b/application/palemoon/branding/unofficial/locales/en-US/brand.dtd @@ -4,5 +4,5 @@ <!ENTITY brandShortName "New Moon"> <!ENTITY brandFullName "New Moon"> -<!ENTITY vendorShortName "Moonchild"> +<!ENTITY vendorShortName "a community developer"> <!ENTITY trademarkInfo.part1 " "> diff --git a/application/palemoon/branding/unofficial/newmoon.desktop b/application/palemoon/branding/unofficial/newmoon.desktop new file mode 100644 index 0000000000..6dcf324771 --- /dev/null +++ b/application/palemoon/branding/unofficial/newmoon.desktop @@ -0,0 +1,352 @@ +[Desktop Entry] +Name=New Moon +GenericName=Web Browser +GenericName[ar]=متصÙØ ÙˆÙŠØ¨ +GenericName[ast]=Restolador Web +GenericName[bn]=ওয়েব বà§à¦°à¦¾à¦‰à¦œà¦¾à¦° +GenericName[ca]=Navegador web +GenericName[cs]=Webový prohlÞeÄ +GenericName[da]=Webbrowser +GenericName[el]=ΠεÏιηγητής διαδικτÏου +GenericName[es]=Navegador web +GenericName[et]=Veebibrauser +GenericName[fa]=مرورگر اینترنتی +GenericName[fi]=WWW-selain +GenericName[fr]=Navigateur Web +GenericName[gl]=Navegador Web +GenericName[he]=דפדפן ××™× ×˜×¨× ×˜ +GenericName[hr]=Web preglednik +GenericName[hu]=WebböngészÅ‘ +GenericName[it]=Browser web +GenericName[ja]=ウェブ・ブラウザ +GenericName[ko]=웹 브ë¼ìš°ì € +GenericName[ku]=Geroka torê +GenericName[lt]=Interneto narÅ¡yklÄ— +GenericName[nb]=Nettleser +GenericName[nl]=Webbrowser +GenericName[nn]=Nettlesar +GenericName[no]=Nettleser +GenericName[pl]=PrzeglÄ…darka WWW +GenericName[pt]=Navegador Web +GenericName[pt_BR]=Navegador Web +GenericName[ro]=Navigator Internet +GenericName[ru]=Веб-браузер +GenericName[sk]=Internetový prehliadaÄ +GenericName[sl]=Spletni brskalnik +GenericName[sv]=Webbläsare +GenericName[tr]=Web Tarayıcı +GenericName[ug]=توركۆرگۈ +GenericName[uk]=Веб-браузер +GenericName[vi]=Trình duyệt Web +GenericName[zh_CN]=网络æµè§ˆå™¨ +GenericName[zh_TW]=網路ç€è¦½å™¨ +Comment=Browse the World Wide Web +Comment[ar]=تصÙØ Ø§Ù„Ø´Ø¨ÙƒØ© العنكبوتية العالمية +Comment[ast]=Restola pela Rede +Comment[bn]=ইনà§à¦Ÿà¦¾à¦°à¦¨à§‡à¦Ÿ বà§à¦°à¦¾à¦‰à¦œ করà§à¦¨ +Comment[ca]=Navegueu per la web +Comment[cs]=ProhlÞenà stránek World Wide Webu +Comment[da]=Surf pÃ¥ internettet +Comment[de]=Im Internet surfen +Comment[el]=ΜποÏείτε να πεÏιηγηθείτε στο διαδίκτυο (Web) +Comment[es]=Navegue por la web +Comment[et]=Lehitse veebi +Comment[fa]=صÙØات شبکه جهانی اینترنت را مرور نمایید +Comment[fi]=Selaa Internetin WWW-sivuja +Comment[fr]=Naviguer sur le Web +Comment[gl]=Navegar pola rede +Comment[he]=גלישה ברחבי ×”××™× ×˜×¨× ×˜ +Comment[hr]=Pretražite web +Comment[hu]=A világháló böngészése +Comment[it]=Esplora il web +Comment[ja]=ウェブを閲覧ã—ã¾ã™ +Comment[ko]=ì›¹ì„ ëŒì•„ 다닙니다 +Comment[ku]=Li torê bigere +Comment[lt]=NarÅ¡ykite internete +Comment[nb]=Surf pÃ¥ nettet +Comment[nl]=Verken het internet +Comment[nn]=Surf pÃ¥ nettet +Comment[no]=Surf pÃ¥ nettet +Comment[pl]=PrzeglÄ…danie stron WWW +Comment[pt]=Navegue na Internet +Comment[pt_BR]=Navegue na Internet +Comment[ro]=NavigaÈ›i pe Internet +Comment[ru]=ДоÑтуп в Интернет +Comment[sk]=Prehliadanie internetu +Comment[sl]=Brskajte po spletu +Comment[sv]=Surfa pÃ¥ webben +Comment[tr]=Ä°nternet'te Gezinin +Comment[ug]=دۇنيادىكى توربەتلەرنى كۆرگىلى بولىدۇ +Comment[uk]=ПереглÑд Ñторінок Інтернету +Comment[vi]=Äể duyệt các trang web +Comment[zh_CN]=æµè§ˆäº’è”网 +Comment[zh_TW]=ç€è¦½ç¶²éš›ç¶²è·¯ +Exec=palemoon %u +Terminal=false +Type=Application +Icon=palemoon +Categories=Network;WebBrowser; +MimeType=text/html;text/xml;application/xhtml+xml;application/vnd.mozilla.xul+xml;text/mml;x-scheme-handler/http;x-scheme-handler/https;x-scheme-handler/ftp; +StartupNotify=true +Actions=NewTab;NewWindow;NewPrivateWindow; + +[Desktop Action NewTab] +Name=Open new tab +Name[ach]=Yab dirica matidi manyen +Name[af]=Open nuwe oortjie +Name[an]=Ubrir una pestanya nueva +Name[ar]=اÙØªØ Ù„Ø³Ø§Ù†Ù‹Ø§ جديدًا +Name[as]=নতà§à¦¨ টেব খোলক +Name[ast]=Abrir llingüeta nueva +Name[az]=Yeni vÉ™rÉ™q aç +Name[be]=Ðдкрыць новую ÑžÑтаўку +Name[bg]=ОтварÑне на нов подпрозорец +Name[bn_BD]=নতà§à¦¨ টà§à¦¯à¦¾à¦¬ খà§à¦²à§à¦¨ +Name[bn_IN]=নতà§à¦¨ টà§à¦¯à¦¾à¦¬ খà§à¦²à§à¦¨ +Name[br]=Digeriñ un ivinell nevez +Name[bs]=Otvori novi tab +Name[ca]=Obre una pestanya nova +Name[cs]=OtevÅ™Ãt nový panel +Name[cy]=Agor tab newydd +Name[da]=Ã…bn nyt faneblad +Name[de]=Neuen Tab öffnen +Name[dsb]=Nowy rejtark wócyniÅ› +Name[el]=Άνοιγμα νÎας καÏÏ„Îλας +Name[eo]=Malfermi novan langeton +Name[es_AR]=Abrir nueva pestaña +Name[es_CL]=Abrir nueva pestaña +Name[es_ES]=Abrir pestaña nueva +Name[es_MX]=Abrir una pestaña nueva +Name[et]=Ava uus kaart +Name[eu]=Ireki fitxa berria +Name[ff]=Uddit tabbere hesere +Name[fi]=Avaa uusi välilehti +Name[fr]=Ouvrir un nouvel onglet +Name[fy_NL]=Iepenje nij ljepblêd +Name[ga_IE]=Oscail i gcluaisÃn nua +Name[gd]=Fosgail taba ùr +Name[gl]=Abrir unha nova lapela +Name[gu_IN]=નવી ટૅબને ખોલો +Name[he]=פתיחת ×œ×©×•× ×™×ª חדשה +Name[hi_IN]=नया टैब खोलें +Name[hr]=Otvori novu karticu +Name[hsb]=Nowy rajtark woÄinić +Name[hu]=Új lap megnyitása +Name[hy_AM]=Ô²Õ¡ÖÕ¥Õ¬ Õ¶Õ¸Ö€ Õ¶Õ¥Ö€Õ¤Õ«Ö€ +Name[id]=Buka tab baru +Name[is]=Opna nýjan flipa +Name[it]=Apri nuova scheda +Name[ja]=æ–°ã—ã„タブ +Name[kk]=Жаңа бетті ашу +Name[kn]=ಹೊಸ ಹಾಳೆಯನà³à²¨à³ ತೆರೆ +Name[ko]=새 íƒ ì—´ê¸° +Name[lij]=Àrvi nêuvo féuggio +Name[lt]=Atverti naujÄ… kortelÄ™ +Name[mai]=नव टैब खोलू +Name[mk]=Отвори ново јазиче +Name[ml]=à´ªàµà´¤à´¿à´¯ à´±àµà´±à´¾à´¬àµ à´¤àµà´±à´•àµà´•àµà´• +Name[mr]=नवीन टॅब उघडा +Name[ms]=Buka tab baru +Name[nb_NO]=Ã…pne ny fane +Name[nl]=Nieuw tabblad openen +Name[nn_NO]=Opna ny fane +Name[or]=ନà‚ତନ ଟààŸà¬¾à¬¬ ଖà‹à¬²à¬¨àତà +Name[pa_IN]=ਨਵੀਂ ਟੈਬ ਖੋਲà©à¨¹à©‹ +Name[pl]=Otwórz nowÄ… kartÄ™ +Name[pt_BR]=Nova aba +Name[pt_PT]=Abrir novo separador +Name[rm]=Avrir in nov tab +Name[ro]=Deschide o filă nouă +Name[ru]=Открыть новую вкладку +Name[si]=නව ටà·à¶¶à¶º විවෘචකරන්න +Name[sk]=OtvoriÅ¥ novú kartu +Name[sl]=Odpri nov zavihek +Name[son]=Nor loku taaga feeri +Name[sq]=Hap skedë të re +Name[sr]=Отвори нови језичак +Name[sv_SE]=Öppna ny flik +Name[ta]=பà¯à®¤à®¿à®¯ கீறà¯à®±à¯ˆà®¤à¯ திற +Name[te]=కొతà±à°¤ టాబౠతెరà±à°µà±à°®à± +Name[th]=เปิดà¹à¸—็บใหม่ +Name[tr]=Yeni sekme aç +Name[uk]=Відкрити нову вкладку +Name[uz]=Yangi ichki oyna ochish +Name[vi]=Mở thẻ má»›i +Name[xh]=Vula ithebhu entsha +Name[zh_CN]=æ‰“å¼€æ–°æ ‡ç¾é¡µ +Name[zh_TW]=開啟新分é +Exec=palemoon -new-tab + +[Desktop Action NewWindow] +Name=Open new window +Name[ach]=Yab dirica manyen +Name[af]=Open nuwe venster +Name[an]=Ubrir una nueva finestra +Name[ar]=اÙØªØ Ù†Ø§Ùذة جديدة +Name[as]=নতà§à¦¨ উইনà§à¦¡à§‹ খোলক +Name[ast]=Abrir ventana nueva +Name[az]=Yeni pÉ™ncÉ™rÉ™ aç +Name[be]=Ðдкрыць новае акно +Name[bg]=ОтварÑне на нов прозорец +Name[bn_BD]=নতà§à¦¨ উইনà§à¦¡à§‹ খà§à¦²à§à¦¨ +Name[bn_IN]=নতà§à¦¨ উইনà§à¦¡à§‹ খà§à¦²à§à¦¨ +Name[br]=Digeriñ ur prenestr nevez +Name[bs]=Otvori novi prozor +Name[ca]=Obre una finestra nova +Name[cs]=OtevÅ™Ãt nové okno +Name[cy]=Agor ffenestr newydd +Name[da]=Ã…bn nyt vindue +Name[de]=Neues Fenster öffnen +Name[dsb]=Nowe wokno wócyniÅ› +Name[el]=Άνοιγμα νÎου παÏαθÏÏου +Name[eo]=Malfermi novan fenestron +Name[es_AR]=Abrir nueva ventana +Name[es_CL]=Abrir nueva ventana +Name[es_ES]=Abrir nueva ventana +Name[es_MX]=Abrir nueva ventana +Name[et]=Ava uus aken +Name[eu]=Ireki leiho berria +Name[ff]=Uddit henorde hesere +Name[fi]=Avaa uusi ikkuna +Name[fr]=Ouvrir une nouvelle fenêtre +Name[fy_NL]=Iepenje nij finster +Name[ga_IE]=Oscail fuinneog nua +Name[gd]=Fosgail uinneag ùr +Name[gl]=Abrir unha nova xanela +Name[gu_IN]=નવી વિનà«àª¡à«‹àª¨à«‡ ખોલો +Name[he]=פתח חלון חדש +Name[hi_IN]=नई विंडो खोलें +Name[hr]=Otvori novi prozor +Name[hsb]=Nowe wokno woÄinić +Name[hu]=Új ablak megnyitása +Name[hy_AM]=Ô²Õ¡ÖÕ¥Õ¬ Õ¶Õ¸Ö€ ÕºÕ¡Õ¿Õ¸Ö‚Õ°Õ¡Õ¶ +Name[id]=Buka jendela baru +Name[is]=Opna nýjan glugga +Name[it]=Apri nuova finestra +Name[ja]=æ–°ã—ã„ウィンドウ +Name[kk]=Жаңа терезені ашу +Name[kn]=ಹೊಸ ವಿಂಡೊವನà³à²¨à³ ತೆರೆ +Name[ko]=새 ì°½ 열기 +Name[lij]=Àrvi nêuvo barcón +Name[lt]=Atverti naujÄ… langÄ… +Name[mai]=नई विंडो खोलू +Name[mk]=Отвори нов прозорец +Name[ml]=à´ªàµà´¤à´¿à´¯ ജാലകം à´¤àµà´±à´•àµà´•àµà´• +Name[mr]=नवीन पटल उघडा +Name[ms]=Buka tetingkap baru +Name[nb_NO]=Ã…pne nytt vindu +Name[nl]=Een nieuw venster openen +Name[nn_NO]=Opna nytt vindauge +Name[or]=ନà‚ତନ à±à¬¿à¬£àà¬¡à‹ à¬–à‹à¬²à¬¨àତà +Name[pa_IN]=ਨਵੀਂ ਵਿੰਡੋ ਖੋਲà©à¨¹à©‹ +Name[pl]=Otwórz nowe okno +Name[pt_BR]=Nova janela +Name[pt_PT]=Abrir nova janela +Name[rm]=Avrir ina nova fanestra +Name[ro]=Deschide o nouă fereastră +Name[ru]=Открыть новое окно +Name[si]=නව කවුළුවක් විවෘචකරන්න +Name[sk]=OtvoriÅ¥ nové okno +Name[sl]=Odpri novo okno +Name[son]=Zanfun taaga feeri +Name[sq]=Hap dritare të re +Name[sr]=Отвори нови прозор +Name[sv_SE]=Öppna nytt fönster +Name[ta]=பà¯à®¤à®¿à®¯ சாளரதà¯à®¤à¯ˆ திற +Name[te]=కొతà±à°¤ విండో తెరà±à°µà±à°®à± +Name[th]=เปิดหน้าต่างใหม่ +Name[tr]=Yeni pencere aç +Name[uk]=Відкрити нове вікно +Name[uz]=Yangi oyna ochish +Name[vi]=Mở cá»a sổ má»›i +Name[xh]=Vula iwindow entsha +Name[zh_CN]=æ‰“å¼€æ–°çª—å£ +Name[zh_TW]=開啟新視窗 +Exec=palemoon -new-window + +[Desktop Action NewPrivateWindow] +Name=New private window +Name[ach]=Dirica manyen me mung +Name[af]=Nuwe privaatvenster +Name[an]=Nueva finestra de navegación privada +Name[ar]=ناÙذة خاصة جديدة +Name[as]=নতà§à¦¨ বà§à¦¯à¦•à§à¦¤à¦¿à¦—ত উইনà§à¦¡à§‹ +Name[ast]=Ventana privada nueva +Name[az]=Yeni mÉ™xfi pÉ™ncÉ™rÉ™ +Name[be]=Ðовае акно адаÑÐ°Ð±Ð»ÐµÐ½Ð½Ñ +Name[bg]=Ðов прозорец за поверително Ñърфиране +Name[bn_BD]=নতà§à¦¨ বà§à¦¯à¦•à§à¦¤à¦¿à¦—ত উইনà§à¦¡à§‹ +Name[bn_IN]=নতà§à¦¨ বà§à¦¯à¦¾à¦•à§à¦¤à¦¿à¦—ত উইনà§à¦¡à§‹ +Name[br]=Prenestr merdeiñ prevez nevez +Name[bs]=Novi privatni prozor +Name[ca]=Finestra privada nova +Name[cs]=Nové anonymnà okno +Name[cy]=Ffenestr breifat newydd +Name[da]=Nyt privat vindue +Name[de]=Neues privates Fenster öffnen +Name[dsb]=Nowe priwatne wokno +Name[el]=ÎÎο παÏάθυÏο ιδιωτικής πεÏιήγησης +Name[eo]=Nova privata fenestro +Name[es_AR]=Nueva ventana privada +Name[es_CL]=Nueva ventana privada +Name[es_ES]=Nueva ventana privada +Name[es_MX]=Nueva ventana privada +Name[et]=Uus privaatne aken +Name[eu]=Leiho pribatu berria +Name[ff]=Henorde suturo hesere +Name[fi]=Uusi yksityinen ikkuna +Name[fr]=Nouvelle fenêtre de navigation privée +Name[fy_NL]=Nij priveefinster +Name[ga_IE]=Fuinneog nua phrÃobháideach +Name[gd]=Uinneag phrìobhaideach ùr +Name[gl]=Nova xanela privada +Name[gu_IN]=નવી ખાનગી વિનà«àª¡à«‹ +Name[he]=חלון פרטי חדש +Name[hi_IN]=नया निजी विंडो +Name[hr]=Novi privatni prozor +Name[hsb]=Nowe priwatne wokno +Name[hu]=Új privát ablak +Name[hy_AM]=Ô³Õ¡Õ²Õ¿Õ¶Õ« Õ¤Õ«Õ¿Õ¡Ö€Õ¯Õ¸Ö‚Õ´ +Name[id]=Jendela mode pribadi baru +Name[is]=Nýr einkagluggi +Name[it]=Nuova finestra anonima +Name[ja]=æ–°ã—ã„プライベートウィンドウ +Name[kk]=Жаңа жекелік терезе +Name[kn]=ಹೊಸ ಖಾಸಗಿ ಕಿಟಕಿ +Name[ko]=새 사ìƒí™œ 보호 ì°½ +Name[lij]=Nêuvo barcón privòu +Name[lt]=Atverti privaÄiojo narÅ¡ymo langÄ… +Name[mai]=नव निज विंडो +Name[mk]=Ðов прозорец за приватно Ñурфање +Name[ml]=à´ªàµà´¤à´¿à´¯ à´¸àµà´µà´•à´¾à´°àµà´¯ ജാലകം +Name[mr]=नवीन वैयकà¥à¤¤à¤¿à¤• पटल +Name[ms]=Tetingkap peribadi baharu +Name[nb_NO]=Nytt privat vindu +Name[nl]=Nieuw privévenster +Name[nn_NO]=Nytt privat vindauge +Name[or]=ନà‚ତନ ବààŸà¬•àତିଗତ à±à¬¿à¬£àà¬¡à‹ +Name[pa_IN]=ਨਵੀਂ ਪà©à¨°à¨¾à¨ˆà¨µà©‡à¨Ÿ ਵਿੰਡੋ +Name[pl]=Nowe okno w trybie prywatnym +Name[pt_BR]=Nova janela privativa +Name[pt_PT]=Nova janela privada +Name[rm]=Nova fanestra privata +Name[ro]=Fereastră fără urme nouă +Name[ru]=Ðовое приватное окно +Name[si]=නව පුද්ගලික කවුළුව +Name[sk]=Nové okno v režime Súkromné prehliadanie +Name[sl]=Novo zasebno okno +Name[son]=Sutura zanfun taaga +Name[sq]=Dritare e re private +Name[sr]=Ðови приватни прозор +Name[sv_SE]=Nytt privat fönster +Name[ta]=பà¯à®¤à®¿à®¯ தனிபà¯à®ªà®Ÿà¯à®Ÿ சாளரம௠+Name[te]=కొతà±à°¤ ఆంతరంగిక విండో +Name[th]=หน้าต่างท่à¸à¸‡à¹€à¸§à¹‡à¸šà¹à¸šà¸šà¸ªà¹ˆà¸§à¸™à¸•à¸±à¸§à¹ƒà¸«à¸¡à¹ˆ +Name[tr]=Yeni gizli pencere +Name[uk]=Ðове приватне вікно +Name[uz]=Yangi shaxsiy oyna +Name[vi]=Cá»a sổ riêng tÆ° má»›i +Name[xh]=Ifestile yangasese entsha +Name[zh_CN]=新建éšç§æµè§ˆçª—å£ +Name[zh_TW]=新增隱ç§è¦–窗 +Exec=palemoon -private-window diff --git a/application/palemoon/branding/unstable/locales/en-US/brand.properties b/application/palemoon/branding/unstable/locales/en-US/brand.properties index d85ceebce0..7d4b469542 100644 --- a/application/palemoon/branding/unstable/locales/en-US/brand.properties +++ b/application/palemoon/branding/unstable/locales/en-US/brand.properties @@ -2,10 +2,4 @@ brandShortName=Pale Moon brandFullName=Pale Moon vendorShortName=Moonchild -homePageSingleStartMain=Pale Moon Start, a convenient home page with built-in search -homePageImport=Import your home page from %S - -homePageMigrationPageTitle=Home Page Selection -homePageMigrationDescription=Please select the home page you wish to use: - syncBrandShortName=Sync diff --git a/application/palemoon/components/downloads/content/downloadsOverlay.xul b/application/palemoon/components/downloads/content/downloadsOverlay.xul index 2a4fe90995..ca35ee3cf1 100644 --- a/application/palemoon/components/downloads/content/downloadsOverlay.xul +++ b/application/palemoon/components/downloads/content/downloadsOverlay.xul @@ -35,7 +35,7 @@ oncommand="goDoCommand('downloadsCmd_clearList')"/> </commandset> - <popupset> + <popupset id="mainPopupSet"> <!-- The panel has level="top" to ensure that it is never hidden by the taskbar on Windows. See bug 672365. For accessibility to screen readers, we use a label on the panel instead of the anchor because the diff --git a/application/palemoon/components/permissions/aboutPermissions.xul b/application/palemoon/components/permissions/aboutPermissions.xul index afd98247b1..dfee14756c 100644 --- a/application/palemoon/components/permissions/aboutPermissions.xul +++ b/application/palemoon/components/permissions/aboutPermissions.xul @@ -29,7 +29,7 @@ <key key="&focusSearch.key;" modifiers="accel" oncommand="AboutPermissions.focusFilterBox();"/> </keyset> - <hbox flex="1" id="permissions-header"> + <hbox id="permissions-header"> <label id="permissions-pagetitle">&permissionsManager.title;</label> </hbox> <hbox flex="1" id="permissions-content" class="main-content"> diff --git a/application/palemoon/components/places/content/controller.js b/application/palemoon/components/places/content/controller.js index e2ae2afb04..7f27e83478 100644 --- a/application/palemoon/components/places/content/controller.js +++ b/application/palemoon/components/places/content/controller.js @@ -300,9 +300,6 @@ PlacesController.prototype = { * are non-removable. We don't need to worry about recursion here since it * is a policy decision that a removable item not be placed inside a non- * removable item. - * @param aIsMoveCommand - * True if the command for which this method is called only moves the - * selected items to another container, false otherwise. * @returns true if all nodes in the selection can be removed, * false otherwise. */ @@ -462,8 +459,6 @@ PlacesController.prototype = { uri = NetUtil.newURI(node.uri); if (PlacesUtils.nodeIsBookmark(node)) { nodeData["bookmark"] = true; - PlacesUtils.nodeIsTagQuery(node.parent) - var parentNode = node.parent; if (parentNode) { if (PlacesUtils.nodeIsTagQuery(parentNode)) diff --git a/application/palemoon/components/preferences/applications.js b/application/palemoon/components/preferences/applications.js index 5768de7089..d06f9f9fbd 100644 --- a/application/palemoon/components/preferences/applications.js +++ b/application/palemoon/components/preferences/applications.js @@ -8,15 +8,10 @@ //****************************************************************************// // Constants & Enumeration Values -/* -#ifndef XP_MACOSX -*/ var Cc = Components.classes; var Ci = Components.interfaces; var Cr = Components.results; -/* -#endif -*/ + Components.utils.import('resource://gre/modules/Services.jsm'); const TYPE_MAYBE_FEED = "application/vnd.mozilla.maybe.feed"; @@ -158,7 +153,7 @@ function isFeedType(t) { * * We create an instance of this wrapper for each entry we might display * in the prefpane, and we compose the instances from various sources, - * including navigator.plugins and the handler service. + * including plugins and the handler service. * * We don't implement all the original nsIHandlerInfo functionality, * just the stuff that the prefpane needs. @@ -272,7 +267,7 @@ HandlerInfoWrapper.prototype = { // What to do with content of this type. get preferredAction() { // If we have an enabled plugin, then the action is to use that plugin. - if (this.plugin && !this.isDisabledPluginType) + if (this.pluginName && !this.isDisabledPluginType) return kActionUsePlugin; // If the action is to use a helper app, but we don't have a preferred @@ -293,6 +288,14 @@ HandlerInfoWrapper.prototype = { }, set preferredAction(aNewValue) { + // If the action is to use the plugin, + // we must set the preferred action to "save to disk". + // But only if it's not currently the preferred action. + if ((aNewValue == kActionUsePlugin) && + (this.preferredAction != Ci.nsIHandlerInfo.saveToDisk)) { + aNewValue = Ci.nsIHandlerInfo.saveToDisk; + } + // We don't modify the preferred action if the new action is to use a plugin // because handler info objects don't understand our custom "use plugin" // value. Also, leaving it untouched means that we can automatically revert @@ -308,7 +311,7 @@ HandlerInfoWrapper.prototype = { // of any user configuration, and the default in that case is to always ask, // even though we never ask for content handled by a plugin, so special case // plugin-handled types by returning false here. - if (this.plugin && this.handledOnlyByPlugin) + if (this.pluginName && this.handledOnlyByPlugin) return false; // If this is a protocol type and the preferred action is "save to disk", @@ -1064,24 +1067,22 @@ var gApplicationsPane = { * check the pref ourselves to find out if it's enabled. */ _loadPluginHandlers: function() { - for (let i = 0; i < navigator.plugins.length; ++i) { - let plugin = navigator.plugins[i]; - for (let j = 0; j < plugin.length; ++j) { - let type = plugin[j].type; - - let handlerInfoWrapper; - if (type in this._handledTypes) - handlerInfoWrapper = this._handledTypes[type]; - else { - let wrappedHandlerInfo = - this._mimeSvc.getFromTypeAndExtension(type, null); - handlerInfoWrapper = new HandlerInfoWrapper(type, wrappedHandlerInfo); - handlerInfoWrapper.handledOnlyByPlugin = true; - this._handledTypes[type] = handlerInfoWrapper; - } + "use strict"; - handlerInfoWrapper.plugin = plugin; + let mimeTypes = navigator.mimeTypes; + + for (let mimeType of mimeTypes) { + let handlerInfoWrapper; + if (mimeType.type in this._handledTypes) { + handlerInfoWrapper = this._handledTypes[mimeType.type]; + } else { + let wrappedHandlerInfo = + this._mimeSvc.getFromTypeAndExtension(mimeType.type, null); + handlerInfoWrapper = new HandlerInfoWrapper(mimeType.type, wrappedHandlerInfo); + handlerInfoWrapper.handledOnlyByPlugin = true; + this._handledTypes[mimeType.type] = handlerInfoWrapper; } + handlerInfoWrapper.pluginName = mimeType.enabledPlugin.name; } }, @@ -1274,7 +1275,7 @@ var gApplicationsPane = { case kActionUsePlugin: return this._prefsBundle.getFormattedString("usePluginIn", - [aHandlerInfo.plugin.name, + [aHandlerInfo.pluginName, this._brandShortName]); } }, @@ -1368,7 +1369,7 @@ var gApplicationsPane = { { var askMenuItem = document.createElement("menuitem"); - askMenuItem.setAttribute("alwaysAsk", "true"); + askMenuItem.setAttribute("action", Ci.nsIHandlerInfo.alwaysAsk); let label; if (isFeedType(handlerInfo.type)) label = this._prefsBundle.getFormattedString("previewInApp", @@ -1456,11 +1457,11 @@ var gApplicationsPane = { } // Create a menu item for the plugin. - if (handlerInfo.plugin) { + if (handlerInfo.pluginName) { var pluginMenuItem = document.createElement("menuitem"); pluginMenuItem.setAttribute("action", kActionUsePlugin); let label = this._prefsBundle.getFormattedString("usePluginIn", - [handlerInfo.plugin.name, + [handlerInfo.pluginName, this._brandShortName]); pluginMenuItem.setAttribute("label", label); pluginMenuItem.setAttribute("tooltiptext", label); @@ -1614,33 +1615,31 @@ var gApplicationsPane = { var typeItem = this._list.selectedItem; var handlerInfo = this._handledTypes[typeItem.type]; - if (aActionItem.hasAttribute("alwaysAsk")) { + let action = parseInt(aActionItem.getAttribute("action")); + + // Set the plugin state if we're enabling or disabling a plugin. + if (action == kActionUsePlugin) + handlerInfo.enablePluginType(); + else if (handlerInfo.pluginName && !handlerInfo.isDisabledPluginType) + handlerInfo.disablePluginType(); + + // Set the preferred application handler. + // We leave the existing preferred app in the list when we set + // the preferred action to something other than useHelperApp so that + // legacy datastores that don't have the preferred app in the list + // of possible apps still include the preferred app in the list of apps + // the user can choose to handle the type. + if (action == Ci.nsIHandlerInfo.useHelperApp) + handlerInfo.preferredApplicationHandler = aActionItem.handlerApp; + + // Set the "always ask" flag. + if (action == Ci.nsIHandlerInfo.alwaysAsk) handlerInfo.alwaysAskBeforeHandling = true; - } - else if (aActionItem.hasAttribute("action")) { - let action = parseInt(aActionItem.getAttribute("action")); - - // Set the plugin state if we're enabling or disabling a plugin. - if (action == kActionUsePlugin) - handlerInfo.enablePluginType(); - else if (handlerInfo.plugin && !handlerInfo.isDisabledPluginType) - handlerInfo.disablePluginType(); - - // Set the preferred application handler. - // We leave the existing preferred app in the list when we set - // the preferred action to something other than useHelperApp so that - // legacy datastores that don't have the preferred app in the list - // of possible apps still include the preferred app in the list of apps - // the user can choose to handle the type. - if (action == Ci.nsIHandlerInfo.useHelperApp) - handlerInfo.preferredApplicationHandler = aActionItem.handlerApp; - - // Set the "always ask" flag. + else handlerInfo.alwaysAskBeforeHandling = false; - // Set the preferred action. - handlerInfo.preferredAction = action; - } + // Set the preferred action. + handlerInfo.preferredAction = action; handlerInfo.store(); diff --git a/application/palemoon/config/version.txt b/application/palemoon/config/version.txt index abc7f476b2..466c71dc8c 100644 --- a/application/palemoon/config/version.txt +++ b/application/palemoon/config/version.txt @@ -1 +1 @@ -28.0.0b3
\ No newline at end of file +28.1.0a1
\ No newline at end of file diff --git a/application/palemoon/locales/en-US/chrome/browser/browser.properties b/application/palemoon/locales/en-US/chrome/browser/browser.properties index 5dce994fe7..9969bd753b 100644 --- a/application/palemoon/locales/en-US/chrome/browser/browser.properties +++ b/application/palemoon/locales/en-US/chrome/browser/browser.properties @@ -323,19 +323,6 @@ pointerLock.neverAllow.accesskey=N pointerLock.title2=Would you like to allow the pointer to be hidden on %S? pointerLock.autoLock.title2=%S will hide the pointer. -# Phishing/Malware Notification Bar. -# LOCALIZATION NOTE (notAForgery, notAnAttack) -# The two button strings will never be shown at the same time, so -# it's okay for them to have the same access key -safebrowsing.getMeOutOfHereButton.label=Get me out of here! -safebrowsing.getMeOutOfHereButton.accessKey=G -safebrowsing.reportedWebForgery=Reported Web Forgery! -safebrowsing.notAForgeryButton.label=This isn't a web forgery… -safebrowsing.notAForgeryButton.accessKey=F -safebrowsing.reportedAttackSite=Reported Attack Site! -safebrowsing.notAnAttackButton.label=This isn't an attack site… -safebrowsing.notAnAttackButton.accessKey=A - # Ctrl-Tab # LOCALIZATION NOTE (ctrlTab.showAll.label): #1 represents the number # of tabs in the current browser window. It will always be 2 at least. diff --git a/application/palemoon/locales/en-US/chrome/browser/downloads/downloads.properties b/application/palemoon/locales/en-US/chrome/browser/downloads/downloads.properties index 761abf61af..2a5b77633d 100644 --- a/application/palemoon/locales/en-US/chrome/browser/downloads/downloads.properties +++ b/application/palemoon/locales/en-US/chrome/browser/downloads/downloads.properties @@ -67,10 +67,6 @@ shortTimeLeftDays=%1$Sd statusSeparator=%1$S \u2014 %2$S statusSeparatorBeforeNumber=%1$S \u2014 %2$S -fileExecutableSecurityWarning="%S" is an executable file. Executable files may contain viruses or other malicious code that could harm your computer. Use caution when opening this file. Are you sure you want to launch "%S"? -fileExecutableSecurityWarningTitle=Open Executable File? -fileExecutableSecurityWarningDontAsk=Don't ask me this again - # LOCALIZATION NOTE (otherDownloads2): # This is displayed in an item at the bottom of the Downloads Panel when # there are more downloads than can fit in the list in the panel. Use a diff --git a/application/palemoon/locales/en-US/chrome/browser/preferences/preferences.properties b/application/palemoon/locales/en-US/chrome/browser/preferences/preferences.properties index 3eebbcbecc..b262eebf5f 100644 --- a/application/palemoon/locales/en-US/chrome/browser/preferences/preferences.properties +++ b/application/palemoon/locales/en-US/chrome/browser/preferences/preferences.properties @@ -2,13 +2,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -#### Security - -# LOCALIZATION NOTE: phishBefore uses %S to represent the name of the provider -# whose privacy policy must be accepted (for enabling -# check-every-page-as-I-load-it phishing protection). -phishBeforeText=Selecting this option will send the address of web pages you are viewing to %S. To continue, please review and accept the following terms of service. - #### Fonts labelDefaultFont=Default (%S) diff --git a/application/palemoon/locales/en-US/chrome/overrides/appstrings.properties b/application/palemoon/locales/en-US/chrome/overrides/appstrings.properties index 1bf5447485..28ce0220e0 100644 --- a/application/palemoon/locales/en-US/chrome/overrides/appstrings.properties +++ b/application/palemoon/locales/en-US/chrome/overrides/appstrings.properties @@ -29,8 +29,6 @@ externalProtocolPrompt=An external application must be launched to handle %1$S: externalProtocolUnknown=<Unknown> externalProtocolChkMsg=Remember my choice for all links of this type. externalProtocolLaunchBtn=Launch application -malwareBlocked=The site at %S has been reported as an attack site and has been blocked based on your security preferences. -phishingBlocked=The website at %S has been reported as a web forgery designed to trick users into sharing personal or financial information. cspBlocked=This page has a content security policy that prevents it from being embedded in this way. xssBlockMode=This page contains an XSS attack that has been blocked for your security. corruptedContentError=The page you are trying to view cannot be shown because an error in the data transmission was detected. diff --git a/application/palemoon/locales/en-US/chrome/overrides/netError.dtd b/application/palemoon/locales/en-US/chrome/overrides/netError.dtd index 04bfe99251..9e5cbc7e29 100644 --- a/application/palemoon/locales/en-US/chrome/overrides/netError.dtd +++ b/application/palemoon/locales/en-US/chrome/overrides/netError.dtd @@ -178,18 +178,6 @@ was trying to connect. --> </ul> "> -<!ENTITY malwareBlocked.title "Suspected Attack Site!"> -<!ENTITY malwareBlocked.longDesc " -<p>Attack sites try to install programs that steal private information, use your computer to attack others, or damage your system.</p> -<p>Website owners who believe their site has been reported as an attack site in error may <a href='https://www.stopbadware.org/request-review' >request a review</a>.</p> -"> - -<!ENTITY phishingBlocked.title "Suspected Web Forgery!"> -<!ENTITY phishingBlocked.longDesc " -<p>Entering any personal information on this page may result in identity theft or other fraud.</p> -<p>These types of web forgeries are used in scams known as phishing attacks, in which fraudulent web pages and emails are used to imitate sources you may trust.</p> -"> - <!ENTITY cspBlocked.title "Blocked by Content Security Policy"> <!ENTITY cspBlocked.longDesc "<p>&brandShortName; prevented this page from loading in this way because the page has a content security policy that disallows it.</p>"> diff --git a/application/palemoon/locales/en-US/installer/custom.properties b/application/palemoon/locales/en-US/installer/custom.properties index ef29b1e7e6..8f95a194b4 100644 --- a/application/palemoon/locales/en-US/installer/custom.properties +++ b/application/palemoon/locales/en-US/installer/custom.properties @@ -46,7 +46,9 @@ WARN_MANUALLY_CLOSE_APP_UNINSTALL=$BrandShortName must be closed to proceed with WARN_MANUALLY_CLOSE_APP_LAUNCH=$BrandShortName is already running.\n\nPlease close $BrandShortName prior to launching the version you have just installed. WARN_WRITE_ACCESS=You don't have access to write to the installation directory.\n\nClick OK to select a different directory. WARN_DISK_SPACE=You don't have sufficient disk space to install to this location.\n\nClick OK to select a different location. -WARN_MIN_SUPPORTED_OS_MSG=Sorry, $BrandShortName can't be installed. This version of $BrandShortName requires ${MinSupportedVer} or newer. +WARN_MIN_SUPPORTED_OSVER_MSG=Sorry, $BrandShortName can't be installed. This version of $BrandShortName requires ${MinSupportedVer} or newer. +WARN_MIN_SUPPORTED_CPU_MSG=Sorry, $BrandShortName can't be installed. This version of $BrandShortName requires a processor with ${MinSupportedCPU} support. +WARN_MIN_SUPPORTED_OSVER_CPU_MSG=Sorry, $BrandShortName can't be installed. This version of $BrandShortName requires ${MinSupportedVer} or newer and a processor with ${MinSupportedCPU} support. WARN_RESTART_REQUIRED_UNINSTALL=Your computer must be restarted to complete a previous uninstall of $BrandShortName. Do you want to reboot now? WARN_RESTART_REQUIRED_UPGRADE=Your computer must be restarted to complete a previous upgrade of $BrandShortName. Do you want to reboot now? ERROR_CREATE_DIRECTORY_PREFIX=Error creating directory: diff --git a/application/palemoon/locales/en-US/installer/nsisstrings.properties b/application/palemoon/locales/en-US/installer/nsisstrings.properties index 0144c2a98f..fc2898860d 100644 --- a/application/palemoon/locales/en-US/installer/nsisstrings.properties +++ b/application/palemoon/locales/en-US/installer/nsisstrings.properties @@ -25,7 +25,9 @@ INSTALL_BLURB1=You're about to enjoy the very latest in speed, flexibility and s INSTALL_BLURB2=That's because $BrandShortName is made by a non-profit to make browsing and the Web better for you. INSTALL_BLURB3=You're also joining a global community of users, contributors and developers working to make the best browser in the world. -WARN_MIN_SUPPORTED_OS_MSG=Sorry, $BrandShortName can't be installed. This version of $BrandShortName requires ${MinSupportedVer} or newer. +WARN_MIN_SUPPORTED_OSVER_MSG=Sorry, $BrandShortName can't be installed. This version of $BrandShortName requires ${MinSupportedVer} or newer. +WARN_MIN_SUPPORTED_CPU_MSG=Sorry, $BrandShortName can't be installed. This version of $BrandShortName requires a processor with ${MinSupportedCPU} support. +WARN_MIN_SUPPORTED_OSVER_CPU_MSG=Sorry, $BrandShortName can't be installed. This version of $BrandShortName requires ${MinSupportedVer} or newer and a processor with ${MinSupportedCPU} support. WARN_WRITE_ACCESS=You don't have access to write to the installation directory.\n\nClick OK to select a different directory. WARN_DISK_SPACE=You don't have sufficient disk space to install to this location.\n\nClick OK to select a different location. WARN_ROOT_INSTALL=Unable to install to the root of your disk.\n\nClick OK to select a different location. @@ -46,15 +48,16 @@ ADD_CheckboxShortcutInStartMenu=In my &Start Menu Programs Folder ADD_CheckboxShortcutOnDesktop=On my &Desktop SPACE_REQUIRED=Space Required: SPACE_AVAILABLE=Space Available: -ONE_MOMENT=One moment, $BrandShortName will launch as soon as the install is complete… +ONE_MOMENT_INSTALL=One moment, $BrandShortName will launch as soon as the install is complete… +ONE_MOMENT_UPGRADE=One moment, $BrandShortName will launch as soon as the upgrade is complete… +INSTALL_MAINT_SERVICE=&Install the $BrandShortName background update service SEND_PING=S&end information about this installation to Mozilla BROWSE_BUTTON=B&rowse… DEST_FOLDER=Destination Folder -DOWNLOADING_IN_PROGRESS=Downloading… -DOWNLOADING_DONE=Downloaded -INSTALLING_TO_BE_DONE=Installing -INSTALLING_IN_PROGRESS=Installing… +DOWNLOADING_LABEL=Downloading $BrandShortName… +INSTALLING_LABEL=Installing $BrandShortName… +UPGRADING_LABEL=Upgrading $BrandShortName… SELECT_FOLDER_TEXT=Select the folder to install $BrandShortName in. diff --git a/application/palemoon/locales/en-US/pdfviewer/chrome.properties b/application/palemoon/locales/en-US/pdfviewer/chrome.properties deleted file mode 100644 index 0b469195c2..0000000000 --- a/application/palemoon/locales/en-US/pdfviewer/chrome.properties +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright 2012 Mozilla Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Chrome notification bar messages and buttons -unsupported_feature=This PDF document might not be displayed correctly. -open_with_different_viewer=Open With Different Viewer -open_with_different_viewer.accessKey=o diff --git a/application/palemoon/locales/en-US/pdfviewer/viewer.properties b/application/palemoon/locales/en-US/pdfviewer/viewer.properties deleted file mode 100644 index ffc025362b..0000000000 --- a/application/palemoon/locales/en-US/pdfviewer/viewer.properties +++ /dev/null @@ -1,124 +0,0 @@ -# Copyright 2012 Mozilla Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Main toolbar buttons (tooltips and alt text for images) -previous.title=Previous Page -previous_label=Previous -next.title=Next Page -next_label=Next - -# LOCALIZATION NOTE (page_label, page_of): -# These strings are concatenated to form the "Page: X of Y" string. -# Do not translate "{{pageCount}}", it will be substituted with a number -# representing the total number of pages. -page_label=Page: -page_of=of {{pageCount}} - -zoom_out.title=Zoom Out -zoom_out_label=Zoom Out -zoom_in.title=Zoom In -zoom_in_label=Zoom In -zoom.title=Zoom -print.title=Print -print_label=Print -presentation_mode.title=Switch to Presentation Mode -presentation_mode_label=Presentation Mode -open_file.title=Open File -open_file_label=Open -download.title=Download -download_label=Download -bookmark.title=Current view (copy or open in new window) -bookmark_label=Current View - -# Tooltips and alt text for side panel toolbar buttons -# (the _label strings are alt text for the buttons, the .title strings are -# tooltips) -toggle_sidebar.title=Toggle Sidebar -toggle_sidebar_label=Toggle Sidebar -outline.title=Show Document Outline -outline_label=Document Outline -thumbs.title=Show Thumbnails -thumbs_label=Thumbnails -findbar.title=Find in Document -findbar_label=Find - -# Thumbnails panel item (tooltip and alt text for images) -# LOCALIZATION NOTE (thumb_page_title): "{{page}}" will be replaced by the page -# number. -thumb_page_title=Page {{page}} -# LOCALIZATION NOTE (thumb_page_canvas): "{{page}}" will be replaced by the page -# number. -thumb_page_canvas=Thumbnail of Page {{page}} - -# Context menu -first_page.label=Go to First Page -last_page.label=Go to Last Page -page_rotate_cw.label=Rotate Clockwise -page_rotate_ccw.label=Rotate Counterclockwise - -# Find panel button title and messages -find_label=Find: -find_previous.title=Find the previous occurrence of the phrase -find_previous_label=Previous -find_next.title=Find the next occurrence of the phrase -find_next_label=Next -find_highlight=Highlight all -find_match_case_label=Match case -find_reached_top=Reached top of document, continued from bottom -find_reached_bottom=Reached end of document, continued from top -find_not_found=Phrase not found - -# Error panel labels -error_more_info=More Information -error_less_info=Less Information -error_close=Close -# LOCALIZATION NOTE (error_version_info): "{{version}}" and "{{build}}" will be -# replaced by the PDF.JS version and build ID. -error_version_info=PDF.js v{{version}} (build: {{build}}) -# LOCALIZATION NOTE (error_message): "{{message}}" will be replaced by an -# english string describing the error. -error_message=Message: {{message}} -# LOCALIZATION NOTE (error_stack): "{{stack}}" will be replaced with a stack -# trace. -error_stack=Stack: {{stack}} -# LOCALIZATION NOTE (error_file): "{{file}}" will be replaced with a filename -error_file=File: {{file}} -# LOCALIZATION NOTE (error_line): "{{line}}" will be replaced with a line number -error_line=Line: {{line}} -rendering_error=An error occurred while rendering the page. - -# Predefined zoom values -page_scale_width=Page Width -page_scale_fit=Page Fit -page_scale_auto=Automatic Zoom -page_scale_actual=Actual Size - -# Loading indicator messages -loading_error_indicator=Error -loading_error=An error occurred while loading the PDF. -invalid_file_error=Invalid or corrupted PDF file. -missing_file_error=Missing PDF file. - -# LOCALIZATION NOTE (text_annotation_type.alt): This is used as a tooltip. -# "{{type}}" will be replaced with an annotation type from a list defined in -# the PDF spec (32000-1:2008 Table 169 – Annotation types). -# Some common types are e.g.: "Check", "Text", "Comment", "Note" -text_annotation_type.alt=[{{type}} Annotation] -request_password=PDF is protected by a password: -invalid_password=Invalid Password. - -printing_not_supported=Warning: Printing is not fully supported by this browser. -printing_not_ready=Warning: The PDF is not fully loaded for printing. -web_fonts_disabled=Web fonts are disabled: unable to use embedded PDF fonts. -document_colors_disabled=PDF documents are not allowed to use their own colors: \'Allow pages to choose their own colors\' is deactivated in the browser. diff --git a/application/palemoon/locales/jar.mn b/application/palemoon/locales/jar.mn index 8d88e16fd3..e3477c320d 100644 --- a/application/palemoon/locales/jar.mn +++ b/application/palemoon/locales/jar.mn @@ -96,6 +96,3 @@ % override chrome://global/locale/netError.dtd chrome://browser/locale/netError.dtd % override chrome://global/locale/appstrings.properties chrome://browser/locale/appstrings.properties % override chrome://mozapps/locale/downloads/settingsChange.dtd chrome://browser/locale/downloads/settingsChange.dtd -% locale pdf.js @AB_CD@ %locale/pdfviewer/ - locale/pdfviewer/viewer.properties (%pdfviewer/viewer.properties) - locale/pdfviewer/chrome.properties (%pdfviewer/chrome.properties) diff --git a/application/palemoon/modules/WindowsPreviewPerTab.jsm b/application/palemoon/modules/WindowsPreviewPerTab.jsm index c1ed05c39e..243a00aaea 100644 --- a/application/palemoon/modules/WindowsPreviewPerTab.jsm +++ b/application/palemoon/modules/WindowsPreviewPerTab.jsm @@ -3,12 +3,10 @@ * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ /* - * This module implements the front end behavior for AeroPeek. Starting in - * Windows Vista, the taskbar began showing live thumbnail previews of windows - * when the user hovered over the window icon in the taskbar. Starting with - * Windows 7, the taskbar allows an application to expose its tabbed interface - * in the taskbar by showing thumbnail previews rather than the default window - * preview. Additionally, when a user hovers over a thumbnail (tab or window), + * This module implements the front end behavior for AeroPeek. The taskbar + * allows an application to expose its tabbed interface by showing thumbnail + * previews rather than the default window preview. + * Additionally, when a user hovers over a thumbnail (tab or window), * they are shown a live preview of the window (or tab + its containing window). * * In Windows 7, a title, icon, close button and optional toolbar are shown for @@ -31,7 +29,7 @@ * Screen real estate is limited so when there are too many thumbnails to fit * on the screen, the taskbar stops displaying thumbnails and instead displays * just the title, icon and close button in a similar fashion to previous - * versions of the taskbar. If there are still too many previews to fit on the + * versions of the taskbar. If there are still too many previews to fit on the * screen, the taskbar resorts to a scroll up and scroll down button pair to let * the user scroll through the list of tabs. Since this is undoubtedly * inconvenient for users with many tabs, the AeroPeek objects turns off all of @@ -47,9 +45,11 @@ const Cc = Components.classes; const Ci = Components.interfaces; const Cu = Components.utils; -Cu.import("resource://gre/modules/XPCOMUtils.jsm"); Cu.import("resource://gre/modules/NetUtil.jsm"); +Cu.import("resource://gre/modules/PlacesUtils.jsm"); Cu.import("resource://gre/modules/PrivateBrowsingUtils.jsm"); +Cu.import("resource://gre/modules/Services.jsm"); +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); // Pref to enable/disable preview-per-tab const TOGGLE_PREF_NAME = "browser.taskbar.previews.enable"; @@ -60,17 +60,15 @@ const CACHE_EXPIRATION_TIME_PREF_NAME = "browser.taskbar.previews.cachetime"; const WINTASKBAR_CONTRACTID = "@mozilla.org/windows-taskbar;1"; -//////////////////////////////////////////////////////////////////////////////// -//// Various utility properties +// Various utility properties XPCOMUtils.defineLazyServiceGetter(this, "imgTools", "@mozilla.org/image/tools;1", "imgITools"); -XPCOMUtils.defineLazyServiceGetter(this, "faviconSvc", - "@mozilla.org/browser/favicon-service;1", - "nsIFaviconService"); +XPCOMUtils.defineLazyModuleGetter(this, "PageThumbs", + "resource://gre/modules/PageThumbs.jsm"); // nsIURI -> imgIContainer -function _imageFromURI(doc, uri, privateMode, callback) { +function _imageFromURI(uri, privateMode, callback) { let channel = NetUtil.newChannel({ uri: uri, loadUsingSystemPrincipal: true, @@ -93,19 +91,20 @@ function _imageFromURI(doc, uri, privateMode, callback) { } catch (e) { // We failed, so use the default favicon (only if this wasn't the default // favicon). - let defaultURI = faviconSvc.defaultFavicon; + let defaultURI = PlacesUtils.favicons.defaultFavicon; if (!defaultURI.equals(uri)) - _imageFromURI(doc, defaultURI, privateMode, callback); + _imageFromURI(defaultURI, privateMode, callback); } }); } // string? -> imgIContainer -function getFaviconAsImage(doc, iconurl, privateMode, callback) { - if (iconurl) - _imageFromURI(doc, NetUtil.newURI(iconurl), privateMode, callback); - else - _imageFromURI(doc, faviconSvc.defaultFavicon, privateMode, callback); +function getFaviconAsImage(iconurl, privateMode, callback) { + if (iconurl) { + _imageFromURI(NetUtil.newURI(iconurl), privateMode, callback); + } else { + _imageFromURI(PlacesUtils.favicons.defaultFavicon, privateMode, callback); + } } // Snaps the given rectangle to be pixel-aligned at the given scale @@ -121,16 +120,17 @@ function snapRectAtScale(r, scale) { r.height = height / scale; } -//////////////////////////////////////////////////////////////////////////////// -//// PreviewController +// PreviewController /* - * This class manages the behavior of the preview. - * - * To give greater performance when drawing, the dirty areas of the content - * window are tracked and drawn on demand into a canvas of the same size. - * This provides a great increase in responsiveness when drawing a preview - * for unchanged (or even only slightly changed) tabs. + * This class manages the behavior of thumbnails and previews. It has the following + * responsibilities: + * 1) Responding to requests from Windows taskbar for a thumbnail or window + * preview. + * 2) Listening for DOM events that result in a thumbnail or window preview needing + * to be refreshed, and communicating this to the taskbar. + * 3) Handling queryies and returning new thumbnail or window preview images to the + * taskbar through PageThumbs. * * @param win * The TabWindow (see below) that owns the preview that this controls @@ -143,206 +143,182 @@ function PreviewController(win, tab) { this.linkedBrowser = tab.linkedBrowser; this.preview = this.win.createTabPreview(this); - this.linkedBrowser.addEventListener("MozAfterPaint", this, false); this.tab.addEventListener("TabAttrModified", this, false); XPCOMUtils.defineLazyGetter(this, "canvasPreview", function () { - let canvas = this.win.win.document.createElementNS("http://www.w3.org/1999/xhtml", "canvas"); + let canvas = PageThumbs.createCanvas(); canvas.mozOpaque = true; return canvas; }); - - XPCOMUtils.defineLazyGetter(this, "dirtyRegion", - function () { - let dirtyRegion = Cc["@mozilla.org/gfx/region;1"] - .createInstance(Ci.nsIScriptableRegion); - dirtyRegion.init(); - return dirtyRegion; - }); - - XPCOMUtils.defineLazyGetter(this, "winutils", - function () { - let win = tab.linkedBrowser.contentWindow; - return win.QueryInterface(Ci.nsIInterfaceRequestor) - .getInterface(Ci.nsIDOMWindowUtils); - }); } PreviewController.prototype = { QueryInterface: XPCOMUtils.generateQI([Ci.nsITaskbarPreviewController, Ci.nsIDOMEventListener]), + destroy: function () { this.tab.removeEventListener("TabAttrModified", this, false); - this.linkedBrowser.removeEventListener("MozAfterPaint", this, false); // Break cycles, otherwise we end up leaking the window with everything // attached to it. delete this.win; delete this.preview; - delete this.dirtyRegion; }, + get wrappedJSObject() { return this; }, - get dirtyRects() { - let rectstream = this.dirtyRegion.getRects(); - if (!rectstream) - return []; - let rects = []; - for (let i = 0; i < rectstream.length; i+= 4) { - let r = {x: rectstream[i], - y: rectstream[i+1], - width: rectstream[i+2], - height: rectstream[i+3]}; - rects.push(r); - } - return rects; - }, - // Resizes the canvasPreview to 0x0, essentially freeing its memory. - // updateCanvasPreview() will detect the size mismatch as a resize event - // the next time it is called. resetCanvasPreview: function () { this.canvasPreview.width = 0; this.canvasPreview.height = 0; }, + /** + * Set the canvas dimensions. + */ + resizeCanvasPreview: function (aRequestedWidth, aRequestedHeight) { + this.canvasPreview.width = aRequestedWidth; + this.canvasPreview.height = aRequestedHeight; + }, + + get zoom() { // Note that winutils.fullZoom accounts for "quantization" of the zoom factor - // from nsIMarkupDocumentViewer due to conversion through appUnits. + // from nsIContentViewer due to conversion through appUnits. // We do -not- want screenPixelsPerCSSPixel here, because that would -also- // incorporate any scaling that is applied due to hi-dpi resolution options. - return this.winutils.fullZoom; - }, - - // Updates the controller's canvas with the parts of the <browser> that need - // to be redrawn. - updateCanvasPreview: function () { - let win = this.linkedBrowser.contentWindow; - let bx = this.linkedBrowser.boxObject; - // Check for resize - if (bx.width != this.canvasPreview.width || - bx.height != this.canvasPreview.height) { - // Invalidate the entire area and repaint - this.onTabPaint({left:0, top:0, right:win.innerWidth, bottom:win.innerHeight}); - this.canvasPreview.width = bx.width; - this.canvasPreview.height = bx.height; - } + return this.tab.linkedBrowser.fullZoom; + }, - // Draw dirty regions - let ctx = this.canvasPreview.getContext("2d"); - let scale = this.zoom; - - let flags = this.canvasPreviewFlags; - // The dirty region may include parts that are offscreen so we clip to the - // canvas area. - this.dirtyRegion.intersectRect(0, 0, win.innerWidth, win.innerHeight); - this.dirtyRects.forEach(function (r) { - // We need to snap the rectangle to be pixel aligned in the destination - // coordinate space. Otherwise natively themed widgets might not draw. - snapRectAtScale(r, scale); - let x = r.x; - let y = r.y; - let width = r.width; - let height = r.height; + get screenPixelsPerCSSPixel() { + let chromeWin = this.tab.ownerGlobal; + let windowUtils = chromeWin.getInterface(Ci.nsIDOMWindowUtils); + return windowUtils.screenPixelsPerCSSPixel; + }, - ctx.save(); - ctx.scale(scale, scale); - ctx.translate(x, y); - ctx.drawWindow(win, x, y, width, height, "white", flags); - ctx.restore(); - }); - this.dirtyRegion.setToRect(0,0,0,0); + get browserDims() { + return this.tab.linkedBrowser.getBoundingClientRect(); + }, + + cacheBrowserDims: function () { + let dims = this.browserDims; + this._cachedWidth = dims.width; + this._cachedHeight = dims.height; + }, + testCacheBrowserDims: function () { + let dims = this.browserDims; + return this._cachedWidth == dims.width && + this._cachedHeight == dims.height; + }, + + /** + * Capture a new thumbnail image for this preview. Called by the controller + * in response to a request for a new thumbnail image. + */ + updateCanvasPreview: function (aFullScale, aCallback) { + // Update our cached browser dims so that delayed resize + // events don't trigger another invalidation if this tab becomes active. + this.cacheBrowserDims(); + PageThumbs.captureToCanvas(this.linkedBrowser, this.canvasPreview, + aCallback, { fullScale: aFullScale }); // If we're updating the canvas, then we're in the middle of a peek so // don't discard the cache of previews. AeroPeek.resetCacheTimer(); }, - onTabPaint: function (rect) { - let x = Math.floor(rect.left), - y = Math.floor(rect.top), - width = Math.ceil(rect.right) - x, - height = Math.ceil(rect.bottom) - y; - this.dirtyRegion.unionRect(x, y, width, height); - }, - updateTitleAndTooltip: function () { let title = this.win.tabbrowser.getWindowTitleForBrowser(this.linkedBrowser); this.preview.title = title; this.preview.tooltip = title; }, - ////////////////////////////////////////////////////////////////////////////// - //// nsITaskbarPreviewController + // nsITaskbarPreviewController + // window width and height, not browser get width() { return this.win.width; }, + // window width and height, not browser get height() { return this.win.height; }, get thumbnailAspectRatio() { - let boxObject = this.tab.linkedBrowser.boxObject; + let browserDims = this.browserDims; // Avoid returning 0 - let tabWidth = boxObject.width || 1; + let tabWidth = browserDims.width || 1; // Avoid divide by 0 - let tabHeight = boxObject.height || 1; + let tabHeight = browserDims.height || 1; return tabWidth / tabHeight; }, - drawPreview: function (ctx) { - let self = this; - this.win.tabbrowser.previewTab(this.tab, function () self.previewTabCallback(ctx)); - - // We must avoid having the frame drawn around the window. See bug 520807 - return false; - }, - - previewTabCallback: function (ctx) { - // This will extract the resolution-scale component of the scaling we need, - // which should be applied to both chrome and content; - // the page zoom component is applied (to content only) within updateCanvasPreview. - let scale = this.winutils.screenPixelsPerCSSPixel / this.winutils.fullZoom; - ctx.save(); - ctx.scale(scale, scale); - let width = this.win.width; - let height = this.win.height; - // Draw our toplevel window - ctx.drawWindow(this.win.win, 0, 0, width, height, "transparent"); - - // XXX (jfkthame): Pending tabs don't seem to draw with the proper scaling - // unless we use this block of code; but doing this for "normal" (loaded) tabs - // results in blurry rendering on hidpi systems, so we avoid it if possible. - // I don't understand why pending and loaded tabs behave differently here... - // (see bug 857061). - if (this.tab.hasAttribute("pending")) { - // Compositor, where art thou? - // Draw the tab content on top of the toplevel window - this.updateCanvasPreview(); - - let boxObject = this.linkedBrowser.boxObject; - ctx.translate(boxObject.x, boxObject.y); - ctx.drawImage(this.canvasPreview, 0, 0); - } + /** + * Responds to taskbar requests for window previews. Returns the results asynchronously + * through updateCanvasPreview. + * + * @param aTaskbarCallback nsITaskbarPreviewCallback results callback + */ + requestPreview: function (aTaskbarCallback) { + // Grab a high res content preview + this.resetCanvasPreview(); + this.updateCanvasPreview(true, (aPreviewCanvas) => { + let winWidth = this.win.width; + let winHeight = this.win.height; - ctx.restore(); - }, + let composite = PageThumbs.createCanvas(); + + // Use transparency, Aero glass is drawn black without it. + composite.mozOpaque = false; - drawThumbnail: function (ctx, width, height) { - this.updateCanvasPreview(); + let ctx = composite.getContext('2d'); + let scale = this.screenPixelsPerCSSPixel / this.zoom; - let scale = width/this.linkedBrowser.boxObject.width; - ctx.scale(scale, scale); - ctx.drawImage(this.canvasPreview, 0, 0); + composite.width = winWidth * scale; + composite.height = winHeight * scale; - // Don't draw a frame around the thumbnail - return false; + ctx.save(); + ctx.scale(scale, scale); + + // Draw chrome. Note we currently do not get scrollbars for remote frames + // in the image above. + ctx.drawWindow(this.win.win, 0, 0, winWidth, winHeight, "rgba(0,0,0,0)"); + + // Draw the content are into the composite canvas at the right location. + ctx.drawImage(aPreviewCanvas, this.browserDims.x, this.browserDims.y, + aPreviewCanvas.width, aPreviewCanvas.height); + ctx.restore(); + + // Deliver the resulting composite canvas to Windows + this.win.tabbrowser.previewTab(this.tab, function () { + aTaskbarCallback.done(composite, false); + }); + }); + }, + + /** + * Responds to taskbar requests for tab thumbnails. Returns the results asynchronously + * through updateCanvasPreview. + * + * Note Windows requests a specific width and height here, if the resulting thumbnail + * does not match these dimensions thumbnail display will fail. + * + * @param aTaskbarCallback nsITaskbarPreviewCallback results callback + * @param aRequestedWidth width of the requested thumbnail + * @param aRequestedHeight height of the requested thumbnail + */ + requestThumbnail: function (aTaskbarCallback, aRequestedWidth, aRequestedHeight) { + this.resizeCanvasPreview(aRequestedWidth, aRequestedHeight); + this.updateCanvasPreview(false, (aThumbnailCanvas) => { + aTaskbarCallback.done(aThumbnailCanvas, false); + }); }, + // Event handling + onClose: function () { this.win.tabbrowser.removeTab(this.tab); }, @@ -355,22 +331,9 @@ PreviewController.prototype = { return true; }, - //// nsIDOMEventListener + // nsIDOMEventListener handleEvent: function (evt) { switch (evt.type) { - case "MozAfterPaint": - if (evt.originalTarget === this.linkedBrowser.contentWindow) { - let clientRects = evt.clientRects; - let length = clientRects.length; - for (let i = 0; i < length; i++) { - let r = clientRects.item(i); - this.onTabPaint(r); - } - } - let preview = this.preview; - if (preview.visible) - preview.invalidate(); - break; case "TabAttrModified": this.updateTitleAndTooltip(); break; @@ -386,14 +349,13 @@ XPCOMUtils.defineLazyGetter(PreviewController.prototype, "canvasPreviewFlags", | canvasInterface.DRAWWINDOW_DO_NOT_FLUSH; }); -//////////////////////////////////////////////////////////////////////////////// -//// TabWindow +// TabWindow /* * This class monitors a browser window for changes to its tabs * * @param win - * The nsIDOMWindow browser window + * The nsIDOMWindow browser window */ function TabWindow(win) { this.win = win; @@ -403,6 +365,10 @@ function TabWindow(win) { for (let i = 0; i < this.tabEvents.length; i++) this.tabbrowser.tabContainer.addEventListener(this.tabEvents[i], this, false); + + for (let i = 0; i < this.winEvents.length; i++) + this.win.addEventListener(this.winEvents[i], this, false); + this.tabbrowser.addTabsProgressListener(this); AeroPeek.windows.push(this); @@ -416,7 +382,10 @@ function TabWindow(win) { TabWindow.prototype = { _enabled: false, + _cachedWidth: 0, + _cachedHeight: 0, tabEvents: ["TabOpen", "TabClose", "TabSelect", "TabMove"], + winEvents: ["resize"], destroy: function () { this._destroying = true; @@ -424,6 +393,10 @@ TabWindow.prototype = { let tabs = this.tabbrowser.tabs; this.tabbrowser.removeTabsProgressListener(this); + + for (let i = 0; i < this.winEvents.length; i++) + this.win.removeEventListener(this.winEvents[i], this, false); + for (let i = 0; i < this.tabEvents.length; i++) this.tabbrowser.tabContainer.removeEventListener(this.tabEvents[i], this, false); @@ -442,6 +415,15 @@ TabWindow.prototype = { return this.win.innerHeight; }, + cacheDims: function () { + this._cachedWidth = this.width; + this._cachedHeight = this.height; + }, + + testCacheDims: function () { + return this._cachedWidth == this.width && this._cachedHeight == this.height; + }, + // Invoked when the given tab is added to this window newTab: function (tab) { let controller = new PreviewController(this, tab); @@ -461,18 +443,8 @@ TabWindow.prototype = { let preview = AeroPeek.taskbar.createTaskbarTabPreview(docShell, controller); preview.visible = AeroPeek.enabled; preview.active = this.tabbrowser.selectedTab == controller.tab; - // Grab the default favicon - getFaviconAsImage( - controller.linkedBrowser.contentWindow.document, - null, - PrivateBrowsingUtils.isWindowPrivate(this.win), - function (img) { - // It is possible that we've already gotten the real favicon, so make sure - // we have not set one before setting this default one. - if (!preview.icon) - preview.icon = img; - }); - + this.onLinkIconAvailable(controller.tab.linkedBrowser, + controller.tab.getAttribute("image")); return preview; }, @@ -484,8 +456,6 @@ TabWindow.prototype = { preview.move(null); preview.controller.wrappedJSObject.destroy(); - // We don't want to splice from the array if the tabs aren't being removed - // from the tab bar as well (as is the case when the window closes). this.previews.delete(tab); AeroPeek.removePreview(preview); }, @@ -499,7 +469,7 @@ TabWindow.prototype = { // Because making a tab visible requires that the tab it is next to be // visible, it is far simpler to unset the 'next' tab and recreate them all // at once. - for (let [tab, preview] of this.previews) { + for (let [, preview] of this.previews) { preview.move(null); preview.visible = enable; } @@ -514,27 +484,25 @@ TabWindow.prototype = { let previews = this.previews; let tabs = this.tabbrowser.tabs; - // Previews are internally stored using a map, so we need to iterate over - // the tabbrowser's array of tabs to retrieve previews in the same order. - // Tycho: let inorder = [previews.get(t) for (t of tabs) if (previews.has(t))]; + // Previews are internally stored using a map, so we need to iterate the + // tabbrowser's array of tabs to retrieve previews in the same order. let inorder = []; - for (let t of tabs) { if (previews.has(t)) { inorder.push(previews.get(t)); } } - // Since the internal taskbar array has not yet been updated, we must force - // the sorting order of our local array on it. To do so, we must walk - // the local array backwards, because otherwise we would send move requests - // in the wrong order. See bug 522610 for details. + // Since the internal taskbar array has not yet been updated we must force + // on it the sorting order of our local array. To do so we must walk + // the local array backwards, otherwise we would send move requests in the + // wrong order. See bug 522610 for details. for (let i = inorder.length - 1; i >= 0; i--) { inorder[i].move(inorder[i + 1] || null); } }, - //// nsIDOMEventListener + // nsIDOMEventListener handleEvent: function (evt) { let tab = evt.originalTarget; switch (evt.type) { @@ -552,28 +520,117 @@ TabWindow.prototype = { case "TabMove": this.updateTabOrdering(); break; + case "resize": + if (!AeroPeek._prefenabled) + return; + this.onResize(); + break; + } + }, + + // Set or reset a timer that will invalidate visible thumbnails soon. + setInvalidationTimer: function () { + if (!this.invalidateTimer) { + this.invalidateTimer = Cc["@mozilla.org/timer;1"].createInstance(Ci.nsITimer); + } + this.invalidateTimer.cancel(); + + // delay 1 second before invalidating + this.invalidateTimer.initWithCallback(() => { + // invalidate every preview. note the internal implementation of + // invalidate ignores thumbnails that aren't visible. + this.previews.forEach(function (aPreview) { + let controller = aPreview.controller.wrappedJSObject; + if (!controller.testCacheBrowserDims()) { + controller.cacheBrowserDims(); + aPreview.invalidate(); + } + }); + }, 1000, Ci.nsITimer.TYPE_ONE_SHOT); + }, + + onResize: function () { + // Specific to a window. + + // Call invalidate on each tab thumbnail so that Windows will request an + // updated image. However don't do this repeatedly across multiple resize + // events triggered during window border drags. + + if (this.testCacheDims()) { + return; + } + + // update the window dims on our TabWindow object. + this.cacheDims(); + + // invalidate soon + this.setInvalidationTimer(); + }, + + invalidateTabPreview: function(aBrowser) { + for (let [tab, preview] of this.previews) { + if (aBrowser == tab.linkedBrowser) { + preview.invalidate(); + break; + } + } + }, + + // Browser progress listener + + onLocationChange: function (aBrowser) { + // I'm not sure we need this, onStateChange does a really good job + // of picking up page changes. + // this.invalidateTabPreview(aBrowser); + }, + + onStateChange: function (aBrowser, aWebProgress, aRequest, aStateFlags, aStatus) { + if (aStateFlags & Ci.nsIWebProgressListener.STATE_STOP && + aStateFlags & Ci.nsIWebProgressListener.STATE_IS_NETWORK) { + this.invalidateTabPreview(aBrowser); } }, - //// Browser progress listener + directRequestProtocols: new Set([ + "file", "chrome", "resource", "about" + ]), onLinkIconAvailable: function (aBrowser, aIconURL) { - let self = this; + let requestURL = null; + if (aIconURL) { + let shouldRequestFaviconURL = true; + try { + let urlObject = NetUtil.newURI(aIconURL); + shouldRequestFaviconURL = + !this.directRequestProtocols.has(urlObject.scheme); + } catch (ex) {} + + requestURL = shouldRequestFaviconURL ? + "moz-anno:favicon:" + aIconURL : + aIconURL; + } + let isDefaultFavicon = !requestURL; getFaviconAsImage( - aBrowser.contentWindow.document, - aIconURL,PrivateBrowsingUtils.isWindowPrivate(this.win), - function (img) { - let index = self.tabbrowser.browsers.indexOf(aBrowser); - // Only add it if we've found the index. The tab could have closed! + requestURL, + PrivateBrowsingUtils.isWindowPrivate(this.win), + img => { + let index = this.tabbrowser.browsers.indexOf(aBrowser); + // Only add it if we've found the index and the URI is still the same. + // The tab could have closed, and there's no guarantee the icons + // will have finished fetching 'in order'. if (index != -1) { - let tab = self.tabbrowser.tabs[index]; - self.previews.get(tab).icon = img; + let tab = this.tabbrowser.tabs[index]; + let preview = this.previews.get(tab); + if (tab.getAttribute("image") == aIconURL || + (!preview.icon && isDefaultFavicon)) { + preview.icon = img; + } } - }); + } + ); } } -//////////////////////////////////////////////////////////////////////////////// -//// AeroPeek +// AeroPeek /* * This object acts as global storage and external interface for this feature. @@ -582,10 +639,12 @@ TabWindow.prototype = { this.AeroPeek = { available: false, // Does the pref say we're enabled? - _prefenabled: true, + __prefenabled: false, _enabled: true, + initialized: false, + // nsITaskbarTabPreview array previews: [], @@ -609,24 +668,14 @@ this.AeroPeek = { if (!this.available) return; - this.prefs.addObserver(TOGGLE_PREF_NAME, this, false); - this.prefs.addObserver(DISABLE_THRESHOLD_PREF_NAME, this, false); - this.prefs.addObserver(CACHE_EXPIRATION_TIME_PREF_NAME, this, false); - - this.cacheLifespan = this.prefs.getIntPref(CACHE_EXPIRATION_TIME_PREF_NAME); - - this.maxpreviews = this.prefs.getIntPref(DISABLE_THRESHOLD_PREF_NAME); - + this.prefs.addObserver(TOGGLE_PREF_NAME, this, true); this.enabled = this._prefenabled = this.prefs.getBoolPref(TOGGLE_PREF_NAME); + this.initialized = true; }, destroy: function destroy() { this._enabled = false; - this.prefs.removeObserver(TOGGLE_PREF_NAME, this); - this.prefs.removeObserver(DISABLE_THRESHOLD_PREF_NAME, this); - this.prefs.removeObserver(CACHE_EXPIRATION_TIME_PREF_NAME, this); - if (this.cacheTimer) this.cacheTimer.cancel(); }, @@ -646,6 +695,61 @@ this.AeroPeek = { }); }, + get _prefenabled() { + return this.__prefenabled; + }, + + set _prefenabled(enable) { + if (enable == this.__prefenabled) { + return; + } + this.__prefenabled = enable; + + if (enable) { + this.enable(); + } else { + this.disable(); + } + }, + + _observersAdded: false, + + enable() { + if (!this._observersAdded) { + this.prefs.addObserver(DISABLE_THRESHOLD_PREF_NAME, this, true); + this.prefs.addObserver(CACHE_EXPIRATION_TIME_PREF_NAME, this, true); + PlacesUtils.history.addObserver(this, true); + this._observersAdded = true; + } + + this.cacheLifespan = this.prefs.getIntPref(CACHE_EXPIRATION_TIME_PREF_NAME); + + this.maxpreviews = this.prefs.getIntPref(DISABLE_THRESHOLD_PREF_NAME); + + // If the user toggled us on/off while the browser was already up + // (rather than this code running on startup because the pref was + // already set to true), we must initialize previews for open windows: + if (this.initialized) { + let browserWindows = Services.wm.getEnumerator("navigator:browser"); + while (browserWindows.hasMoreElements()) { + let win = browserWindows.getNext(); + if (!win.closed) { + this.onOpenWindow(win); + } + } + } + }, + + disable() { + while (this.windows.length) { + // We can't call onCloseWindow here because it'll bail if we're not + // enabled. + let tabWinObject = this.windows[0]; + tabWinObject.destroy(); // This will remove us from the array. + delete tabWinObject.win.gTaskbarTabGroup; // Tidy up the window. + } + }, + addPreview: function (preview) { this.previews.push(preview); this.checkPreviewCount(); @@ -658,15 +762,15 @@ this.AeroPeek = { }, checkPreviewCount: function () { - if (this.previews.length > this.maxpreviews) - this.enabled = false; - else - this.enabled = this._prefenabled; + if (!this._prefenabled) { + return; + } + this.enabled = this.previews.length <= this.maxpreviews; }, onOpenWindow: function (win) { // This occurs when the taskbar service is not available (xp, vista) - if (!this.available) + if (!this.available || !this._prefenabled) return; win.gTaskbarTabGroup = new TabWindow(win); @@ -674,7 +778,7 @@ this.AeroPeek = { onCloseWindow: function (win) { // This occurs when the taskbar service is not available (xp, vista) - if (!this.available) + if (!this.available || !this._prefenabled) return; win.gTaskbarTabGroup.destroy(); @@ -689,16 +793,20 @@ this.AeroPeek = { this.cacheTimer.init(this, 1000*this.cacheLifespan, Ci.nsITimer.TYPE_ONE_SHOT); }, - //// nsIObserver + // nsIObserver observe: function (aSubject, aTopic, aData) { + if (aTopic == "nsPref:changed" && aData == TOGGLE_PREF_NAME) { + this._prefenabled = this.prefs.getBoolPref(TOGGLE_PREF_NAME); + } + if (!this._prefenabled) { + return; + } switch (aTopic) { case "nsPref:changed": if (aData == CACHE_EXPIRATION_TIME_PREF_NAME) break; - if (aData == TOGGLE_PREF_NAME) - this._prefenabled = this.prefs.getBoolPref(TOGGLE_PREF_NAME); - else if (aData == DISABLE_THRESHOLD_PREF_NAME) + if (aData == DISABLE_THRESHOLD_PREF_NAME) this.maxpreviews = this.prefs.getIntPref(DISABLE_THRESHOLD_PREF_NAME); // Might need to enable/disable ourselves this.checkPreviewCount(); @@ -710,10 +818,38 @@ this.AeroPeek = { }); break; } - } + }, + + /* nsINavHistoryObserver implementation */ + onBeginUpdateBatch() {}, + onEndUpdateBatch() {}, + onVisit() {}, + onTitleChanged() {}, + onFrecencyChanged() {}, + onManyFrecenciesChanged() {}, + onDeleteURI() {}, + onClearHistory() {}, + onDeleteVisits() {}, + onPageChanged(uri, changedConst, newValue) { + if (this.enabled && changedConst == Ci.nsINavHistoryObserver.ATTRIBUTE_FAVICON) { + for (let win of this.windows) { + for (let [tab, ] of win.previews) { + if (tab.getAttribute("image") == newValue) { + win.onLinkIconAvailable(tab.linkedBrowser, newValue); + } + } + } + } + }, + + QueryInterface: XPCOMUtils.generateQI([ + Ci.nsISupportsWeakReference, + Ci.nsINavHistoryObserver, + Ci.nsIObserver + ]), }; -XPCOMUtils.defineLazyGetter(AeroPeek, "cacheTimer", function () +XPCOMUtils.defineLazyGetter(AeroPeek, "cacheTimer", () => Cc["@mozilla.org/timer;1"].createInstance(Ci.nsITimer) ); diff --git a/application/palemoon/themes/linux/permissions/aboutPermissions.css b/application/palemoon/themes/linux/permissions/aboutPermissions.css index f4fd3d0baa..386e167e68 100644 --- a/application/palemoon/themes/linux/permissions/aboutPermissions.css +++ b/application/palemoon/themes/linux/permissions/aboutPermissions.css @@ -12,6 +12,11 @@ padding-bottom: 0.5em; } +/* content box */ +#permissions-content { + height: 100%; +} + /* sites box */ #sites-box { diff --git a/application/palemoon/themes/osx/browser.css b/application/palemoon/themes/osx/browser.css index 400ace3f8f..97073b1611 100644 --- a/application/palemoon/themes/osx/browser.css +++ b/application/palemoon/themes/osx/browser.css @@ -817,14 +817,6 @@ toolbar[brighttext] #bookmarks-menu-button.bookmark-item { } %endif -/* ::::: fullscreen window controls ::::: */ - -#minimize-button, -#close-button, -#fullscreen-button ~ #window-controls > #restore-button { - display: none; -} - /* ::::: Location Bar ::::: */ #urlbar, @@ -1348,6 +1340,257 @@ richlistitem[type~="action"][actiontype="switchtab"][selected="true"] > .ac-url- min-width: 27em; } +/* BOOKMARKING PANEL */ +#editBookmarkPanelStarIcon { + list-style-image: url("chrome://browser/skin/places/starred48.png"); + width: 48px; + height: 48px; +} + +#editBookmarkPanelStarIcon[unstarred] { + list-style-image: url("chrome://browser/skin/places/unstarred48.png"); +} + +#editBookmarkPanelTitle { + font-size: 130%; + font-weight: bold; +} + +#editBMPanel_rows > row { + margin-bottom: 8px; +} + +#editBMPanel_rows > row:last-of-type { + margin-bottom: 0; +} + +/**** Input elements ****/ + +#editBMPanel_rows > row > textbox, +#editBMPanel_rows > row > hbox > textbox { + -moz-appearance: none; + background: linear-gradient(#fafafa, #fff); + background-clip: padding-box; + border-radius: 3px; + border: 1px solid rgba(0,0,0,.3) !important; + box-shadow: inset 0 1px 1px 1px rgba(0,0,0,.05), + 0 1px rgba(255,255,255,.3); + margin: 0; + padding: 3px 6px; +} + +#editBMPanel_rows > row > textbox[focused="true"], +#editBMPanel_rows > row > hbox > textbox[focused="true"] { + border-color: -moz-mac-focusring !important; + box-shadow: @focusRingShadow@; +} + +/**** HUD style buttons ****/ + +.editBookmarkPanelHeaderButton, +.editBookmarkPanelBottomButton { + @hudButton@ + margin: 0; + min-width: 82px; + min-height: 22px; +} + +.editBookmarkPanelHeaderButton:hover:active, +.editBookmarkPanelBottomButton:hover:active { + @hudButtonPressed@ +} + +.editBookmarkPanelHeaderButton:-moz-focusring, +.editBookmarkPanelBottomButton:-moz-focusring { + @hudButtonFocused@ +} + +.editBookmarkPanelBottomButton[default="true"] { + background-color: #666; +} + +#editBookmarkPanelHeader { + margin-bottom: 6px; +} + +.editBookmarkPanelBottomButton:last-child { + -moz-margin-start: 8px; +} + +/* The following elements come from editBookmarkOverlay.xul. Styling that's + specific to the editBookmarkPanel should be in browser.css. Styling that + should be shared by all editBookmarkOverlay.xul consumers should be in + editBookmarkOverlay.css. */ + +#editBMPanel_newFolderBox { + background: linear-gradient(#fff, #f2f2f2); + background-origin: padding-box; + background-clip: padding-box; + border-radius: 0 0 3px 3px; + border: 1px solid #a5a5a5; + box-shadow: inset 0 1px rgba(255,255,255,.8), + inset 0 0 1px rgba(255,255, 255,.25), + 0 1px rgba(255,255,255,.3); + margin: 0; + padding: 0; + height: 20px; +} + +#editBMPanel_newFolderButton { + -moz-appearance: none; + border: 0 solid #a5a5a5; + -moz-border-end-width: 1px; + padding: 0 9px; + margin: 0; + min-width: 21px; + min-height: 20px; + height: 20px; + color: #fff; + list-style-image: url("chrome://browser/skin/panel-plus-sign.png"); + position: relative; +} + +#editBMPanel_newFolderButton:hover:active { + background: linear-gradient(rgba(40,40,40,.9), rgba(70,70,70,.9)); + box-shadow: inset 0 0 3px rgba(0,0,0,.2), inset 0 1px 7px rgba(0,0,0,.4); +} + +#editBMPanel_newFolderButton:-moz-focusring { + @hudButtonFocused@ +} + +#editBMPanel_newFolderButton .button-text { + display: none; +} + +#editBMPanel_folderMenuList { + @hudButton@ + background-clip: padding-box; + margin: 0; + min-height: 22px; + padding-top: 2px; + padding-bottom: 1px; + -moz-padding-start: 8px; + -moz-padding-end: 4px; +} + +#editBMPanel_folderMenuList:-moz-focusring { + @hudButtonFocused@ +} + +#editBMPanel_folderMenuList[open="true"], +#editBMPanel_folderMenuList:hover:active { + @hudButtonPressed@ +} + +#editBMPanel_folderMenuList > .menulist-dropmarker { + -moz-appearance: none; + display: -moz-box; + background-color: transparent; + border: 0; + margin: 0; + padding: 0; + -moz-padding-end: 4px; + width: 7px; +} + +#editBMPanel_folderMenuList > .menulist-dropmarker > .dropmarker-icon { + list-style-image: url("chrome://global/skin/icons/panel-dropmarker.png"); +} + +/**** folder tree and tag selector ****/ + +#editBMPanel_folderTree, +#editBMPanel_tagsSelector { + -moz-appearance: none; + background: linear-gradient(#fafafa, #fff); + background-clip: padding-box; + border-radius: 3px; + border: 1px solid rgba(0,0,0,.3); + box-shadow: inset 0 1px 1px 1px rgba(0,0,0,.05), + 0 1px rgba(255,255,255,.3); + margin: 0; +} + +#editBMPanel_folderTree:-moz-focusring, +#editBMPanel_tagsSelector:-moz-focusring { + border-color: -moz-mac-focusring; + box-shadow: @focusRingShadow@; +} + +#editBMPanel_folderTree { + border-bottom: none; + border-bottom-left-radius: 0; + border-bottom-right-radius: 0; + /* Implements editBookmarkPanel resizing on folderTree un-collapse. */ + margin: 0 !important; + min-width: 27em; + position: relative; +} + +/**** expanders ****/ + +#editBookmarkPanel .expander-up, +#editBookmarkPanel .expander-down { + @hudButton@ + margin: 0; + -moz-margin-start: 4px; + min-width: 27px; + min-height: 22px; +} + +#editBookmarkPanel .expander-up:-moz-focusring, +#editBookmarkPanel .expander-down:-moz-focusring { + @hudButtonFocused@ +} + +#editBookmarkPanel .expander-up:hover:active, +#editBookmarkPanel .expander-down:hover:active { + @hudButtonPressed@ +} + +#editBookmarkPanel .expander-up { + list-style-image: url("chrome://browser/skin/panel-expander-open.png"); +} + +#editBookmarkPanel .expander-down { + list-style-image: url("chrome://browser/skin/panel-expander-closed.png"); +} + +#editBookmarkPanel .expander-up > .button-box > .button-icon, +#editBookmarkPanel .expander-down > .button-box > .button-icon { + margin: 1px 0 0; +} + +#editBookmarkPanel .expander-up > .button-box > .button-text, +#editBookmarkPanel .expander-down > .button-box > .button-text { + display: none; +} + +@media (min-resolution: 2dppx) { + #editBookmarkPanel .expander-up { + list-style-image: url("chrome://browser/skin/panel-expander-open@2x.png"); + } + + #editBookmarkPanel .expander-down { + list-style-image: url("chrome://browser/skin/panel-expander-closed@2x.png"); + } + + #editBookmarkPanel .expander-up > .button-box > .button-icon, + #editBookmarkPanel .expander-down > .button-box > .button-icon { + width: 9px; + } +} + +#editBMPanel_tagsField > .autocomplete-textbox-container > .textbox-input-box > html|*.textbox-input::-moz-placeholder { + opacity: 1.0; + color: #bbb; +} + +.editBMPanel_rowLabel { + text-align: end; +} + /* ::::: content area ::::: */ #sidebar { diff --git a/application/palemoon/themes/osx/jar.mn b/application/palemoon/themes/osx/jar.mn index 8f1ed03415..a665639894 100644 --- a/application/palemoon/themes/osx/jar.mn +++ b/application/palemoon/themes/osx/jar.mn @@ -41,6 +41,11 @@ browser.jar: skin/classic/browser/mixed-content-blocked-64.png skin/classic/browser/monitor.png skin/classic/browser/monitor_16-10.png + skin/classic/browser/panel-expander-closed.png + skin/classic/browser/panel-expander-closed@2x.png + skin/classic/browser/panel-expander-open.png + skin/classic/browser/panel-expander-open@2x.png + skin/classic/browser/panel-plus-sign.png skin/classic/browser/pageInfo.css skin/classic/browser/pageInfo.png skin/classic/browser/page-livemarks.png @@ -116,6 +121,8 @@ browser.jar: skin/classic/browser/places/libraryToolbar.png (places/libraryToolbar.png) skin/classic/browser/places/starred48.png (places/starred48.png) skin/classic/browser/places/unstarred48.png (places/unstarred48.png) + skin/classic/browser/places/unfiledBookmarks.png (places/unfiledBookmarks.png) + skin/classic/browser/places/unfiledBookmarks@2x.png (places/unfiledBookmarks@2x.png) skin/classic/browser/places/tag.png (places/tag.png) skin/classic/browser/places/tag@2x.png (places/tag@2x.png) skin/classic/browser/places/history.png (places/history.png) @@ -123,6 +130,8 @@ browser.jar: skin/classic/browser/places/allBookmarks.png (places/allBookmarks.png) skin/classic/browser/places/unsortedBookmarks.png (places/unsortedBookmarks.png) skin/classic/browser/places/downloads.png (places/downloads.png) + skin/classic/browser/places/expander-closed-active.png (places/expander-closed-active.png) + skin/classic/browser/places/expander-open-active.png (places/expander-open-active.png) skin/classic/browser/places/livemark-item.png (places/livemark-item.png) skin/classic/browser/places/expander-closed.png (places/expander-closed.png) skin/classic/browser/places/expander-open.png (places/expander-open.png) diff --git a/application/palemoon/themes/osx/panel-expander-closed.png b/application/palemoon/themes/osx/panel-expander-closed.png Binary files differnew file mode 100644 index 0000000000..f0e97b22e1 --- /dev/null +++ b/application/palemoon/themes/osx/panel-expander-closed.png diff --git a/application/palemoon/themes/osx/panel-expander-closed@2x.png b/application/palemoon/themes/osx/panel-expander-closed@2x.png Binary files differnew file mode 100644 index 0000000000..0e7ded50f4 --- /dev/null +++ b/application/palemoon/themes/osx/panel-expander-closed@2x.png diff --git a/application/palemoon/themes/osx/panel-expander-open.png b/application/palemoon/themes/osx/panel-expander-open.png Binary files differnew file mode 100644 index 0000000000..e3febf4ffb --- /dev/null +++ b/application/palemoon/themes/osx/panel-expander-open.png diff --git a/application/palemoon/themes/osx/panel-expander-open@2x.png b/application/palemoon/themes/osx/panel-expander-open@2x.png Binary files differnew file mode 100644 index 0000000000..391337030c --- /dev/null +++ b/application/palemoon/themes/osx/panel-expander-open@2x.png diff --git a/application/palemoon/themes/osx/panel-plus-sign.png b/application/palemoon/themes/osx/panel-plus-sign.png Binary files differnew file mode 100644 index 0000000000..375601e680 --- /dev/null +++ b/application/palemoon/themes/osx/panel-plus-sign.png diff --git a/application/palemoon/themes/osx/permissions/aboutPermissions.css b/application/palemoon/themes/osx/permissions/aboutPermissions.css index 406bb92046..f9a4a88af2 100644 --- a/application/palemoon/themes/osx/permissions/aboutPermissions.css +++ b/application/palemoon/themes/osx/permissions/aboutPermissions.css @@ -12,6 +12,11 @@ padding-bottom: 0.5em; } +/* content box */ +#permissions-content { + height: 100%; +} + /* sites box */ #sites-box { diff --git a/application/palemoon/themes/osx/places/editBookmarkOverlay.css b/application/palemoon/themes/osx/places/editBookmarkOverlay.css index 3becb5069c..cc749c1152 100644 --- a/application/palemoon/themes/osx/places/editBookmarkOverlay.css +++ b/application/palemoon/themes/osx/places/editBookmarkOverlay.css @@ -2,8 +2,12 @@ * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +@namespace url("http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"); +@namespace html url("http://www.w3.org/1999/xhtml"); + /**** folder menulist ****/ -.folder-icon > .menulist-label-box > .menulist-icon { +.folder-icon > .menulist-label-box > .menulist-icon, +.folder-icon > .menu-iconic-left > .menu-iconic-icon { width: 16px; height: 16px; } @@ -16,27 +20,41 @@ list-style-image: url("chrome://global/skin/tree/folder.png") !important; } +@media (min-resolution: 2dppx) { + .folder-icon { + list-style-image: url("chrome://global/skin/tree/folder@2x.png") !important; + } +} + +.menulist-icon { + margin: 0 !important; +} /**** expanders ****/ .expander-up, .expander-down { - min-width: 0; + -moz-appearance: none; margin: 0; - -moz-margin-end: 4px; -} - -.expander-up > .button-box, -.expander-down > .button-box { + margin-left: 8px; padding: 0; + min-width: 0; } .expander-up { - list-style-image: url("chrome://global/skin/icons/collapse.png"); + list-style-image: url("chrome://browser/skin/places/expander-open.png"); } .expander-down { - list-style-image: url("chrome://global/skin/icons/expand.png"); + list-style-image: url("chrome://browser/skin/places/expander-closed.png"); +} + +.expander-down:hover:active { + list-style-image: url("chrome://browser/skin/places/expander-closed-active.png"); +} + +.expander-up:hover:active { + list-style-image: url("chrome://browser/skin/places/expander-open-active.png"); } #editBookmarkPanelContent { @@ -44,8 +62,7 @@ } #editBMPanel_folderTree { - margin-top: 2px; - margin-bottom: 2px; + margin: 6px 4px 0 4px; } /* Hide the value column of the tag autocomplete popup @@ -58,22 +75,31 @@ } -/* ::::: bookmark panel dropdown icons ::::: */ +/* ----- BOOKMARK PANEL DROPDOWN MENU ITEMS ----- */ #editBMPanel_folderMenuList[selectedIndex="0"], #editBMPanel_toolbarFolderItem { - list-style-image: url("chrome://browser/skin/places/bookmarksToolbar.png") !important; - -moz-image-region: auto !important; + list-style-image: url("chrome://browser/skin/places/bookmarksToolbar.png") !important; } #editBMPanel_folderMenuList[selectedIndex="1"], #editBMPanel_bmRootItem { - list-style-image: url("chrome://browser/skin/places/bookmarksMenu.png") !important; - -moz-image-region: auto !important; + list-style-image: url("chrome://browser/skin/places/bookmarksMenu.png") !important; } #editBMPanel_folderMenuList[selectedIndex="2"], #editBMPanel_unfiledRootItem { - list-style-image: url("chrome://browser/skin/places/unsortedBookmarks.png") !important; - -moz-image-region: auto !important; + list-style-image: url("chrome://browser/skin/places/unfiledBookmarks.png") !important; +} + +@media (min-resolution: 2dppx) { + #editBMPanel_folderMenuList[selectedIndex="0"], + #editBMPanel_toolbarFolderItem { + list-style-image: url("chrome://browser/skin/places/bookmarksToolbar@2x.png") !important; + } + + #editBMPanel_folderMenuList[selectedIndex="2"], + #editBMPanel_unfiledRootItem { + list-style-image: url("chrome://browser/skin/places/unfiledBookmarks@2x.png") !important; + } } diff --git a/application/palemoon/themes/osx/places/expander-closed-active.png b/application/palemoon/themes/osx/places/expander-closed-active.png Binary files differnew file mode 100644 index 0000000000..7ef5f04f9e --- /dev/null +++ b/application/palemoon/themes/osx/places/expander-closed-active.png diff --git a/application/palemoon/themes/osx/places/expander-open-active.png b/application/palemoon/themes/osx/places/expander-open-active.png Binary files differnew file mode 100644 index 0000000000..673ead568d --- /dev/null +++ b/application/palemoon/themes/osx/places/expander-open-active.png diff --git a/application/palemoon/themes/osx/places/unfiledBookmarks.png b/application/palemoon/themes/osx/places/unfiledBookmarks.png Binary files differnew file mode 100644 index 0000000000..69495dac0f --- /dev/null +++ b/application/palemoon/themes/osx/places/unfiledBookmarks.png diff --git a/application/palemoon/themes/osx/places/unfiledBookmarks@2x.png b/application/palemoon/themes/osx/places/unfiledBookmarks@2x.png Binary files differnew file mode 100644 index 0000000000..44efd6aba3 --- /dev/null +++ b/application/palemoon/themes/osx/places/unfiledBookmarks@2x.png diff --git a/application/palemoon/themes/windows/permissions/aboutPermissions.css b/application/palemoon/themes/windows/permissions/aboutPermissions.css index fb28ef02a3..60ee816733 100644 --- a/application/palemoon/themes/windows/permissions/aboutPermissions.css +++ b/application/palemoon/themes/windows/permissions/aboutPermissions.css @@ -12,6 +12,11 @@ padding-bottom: 0.5em; } +/* content box */ +#permissions-content { + height: 100%; +} + /* sites box */ #sites-box { diff --git a/build/moz.configure/warnings.configure b/build/moz.configure/warnings.configure index 273a41bd91..94ad3fa79b 100644 --- a/build/moz.configure/warnings.configure +++ b/build/moz.configure/warnings.configure @@ -101,6 +101,9 @@ check_and_add_gcc_warning('-Wno-error=coverage-mismatch', when='MOZ_PGO') # false positives during PGO check_and_add_gcc_warning('-Wno-error=free-nonheap-object', when='MOZ_PGO') +# Would be a pain to fix all occurrences, for very little gain +check_and_add_gcc_warning('-Wno-error=multistatement-macros') + # We use mix of both POSIX and Win32 printf format across the tree, so format # warnings are useless on mingw. check_and_add_gcc_warning('-Wno-format', diff --git a/caps/nsScriptSecurityManager.cpp b/caps/nsScriptSecurityManager.cpp index 0277f771d7..129a4d0da9 100644 --- a/caps/nsScriptSecurityManager.cpp +++ b/caps/nsScriptSecurityManager.cpp @@ -68,9 +68,6 @@ #include "nsILoadInfo.h" #include "nsXPCOMStrings.h" -// This should be probably defined on some other place... but I couldn't find it -#define WEBAPPS_PERM_NAME "webapps-manage" - using namespace mozilla; using namespace mozilla::dom; diff --git a/config/external/nss/nss.symbols b/config/external/nss/nss.symbols index ba5492c37a..3239d3119c 100644 --- a/config/external/nss/nss.symbols +++ b/config/external/nss/nss.symbols @@ -271,7 +271,6 @@ NSS_IsInitialized NSS_OptionSet NSS_NoDB_Init NSS_SecureMemcmp -NSS_SecureMemcmpZero NSS_SetAlgorithmPolicy NSS_SetDomesticPolicy NSS_Shutdown @@ -490,7 +489,6 @@ PORT_UCS2_ASCIIConversion_Util PORT_UCS2_UTF8Conversion PORT_UCS2_UTF8Conversion_Util PORT_ZAlloc -PORT_ZAllocAlignedOffset_Util PORT_ZAlloc_Util PORT_ZFree_Util SEC_AnyTemplate_Util @DATA@ @@ -725,9 +723,17 @@ VFY_VerifyDataWithAlgorithmID VFY_VerifyDigestDirect _SGN_VerifyPKCS1DigestInfo __PK11_SetCertificateNickname -# These symbols are not used by Firefox itself, but are used by Java's security -# libraries, which in turn are used by Java applets/plugins/etc. Provide them -# to make Java code happy. +# These symbols are not used by applications but are possibly used across +# NSS library boundaries. +NSS_SecureMemcmpZero +PORT_ZAllocAlignedOffset_Util +CERT_FindCertByNicknameOrEmailAddrCX +SECKEY_GetPrivateKeyType +SEC_DerSignDataWithAlgorithmID +SEC_CreateSignatureAlgorithmParameters +# These symbols are not used by applicatons themselves, but are used by +# Java's security libraries, which in turn are used by Java +# applets/plugins/etc. Provide them to make Java code happy. NSS_VersionCheck NSS_Initialize #ifdef NSS_EXTRA_SYMBOLS_FILE diff --git a/devtools/shared/heapsnapshot/HeapSnapshot.cpp b/devtools/shared/heapsnapshot/HeapSnapshot.cpp index 17f43f34e7..ef0bde948b 100644 --- a/devtools/shared/heapsnapshot/HeapSnapshot.cpp +++ b/devtools/shared/heapsnapshot/HeapSnapshot.cpp @@ -28,7 +28,6 @@ #include "mozilla/dom/ContentChild.h" #include "mozilla/dom/HeapSnapshotBinding.h" #include "mozilla/RangedPtr.h" -#include "mozilla/Telemetry.h" #include "mozilla/Unused.h" #include "jsapi.h" @@ -1610,13 +1609,6 @@ ThreadSafeChromeUtils::SaveHeapSnapshot(GlobalObject& global, return; } } - - Telemetry::AccumulateTimeDelta(Telemetry::DEVTOOLS_SAVE_HEAP_SNAPSHOT_MS, - start); - Telemetry::Accumulate(Telemetry::DEVTOOLS_HEAP_SNAPSHOT_NODE_COUNT, - nodeCount); - Telemetry::Accumulate(Telemetry::DEVTOOLS_HEAP_SNAPSHOT_EDGE_COUNT, - edgeCount); } /* static */ already_AddRefed<HeapSnapshot> @@ -1641,10 +1633,6 @@ ThreadSafeChromeUtils::ReadHeapSnapshot(GlobalObject& global, global.Context(), global, reinterpret_cast<const uint8_t*>(mm.address()), mm.size(), rv); - if (!rv.Failed()) - Telemetry::AccumulateTimeDelta(Telemetry::DEVTOOLS_READ_HEAP_SNAPSHOT_MS, - start); - return snapshot.forget(); } diff --git a/devtools/shared/security/socket.js b/devtools/shared/security/socket.js index 068a8ea81f..9c6f5750a4 100644 --- a/devtools/shared/security/socket.js +++ b/devtools/shared/security/socket.js @@ -480,7 +480,6 @@ SocketListener.prototype = { _setAdditionalSocketOptions: Task.async(function* () { if (this.encryption) { this._socket.serverCert = yield cert.local.getOrCreate(); - this._socket.setSessionCache(false); this._socket.setSessionTickets(false); let requestCert = Ci.nsITLSServerSocket.REQUEST_NEVER; this._socket.setRequestClientCertificate(requestCert); diff --git a/docs/CODE_OF_CONDUCT.md b/docs/CODE_OF_CONDUCT.md new file mode 100644 index 0000000000..bcd8b8f77b --- /dev/null +++ b/docs/CODE_OF_CONDUCT.md @@ -0,0 +1,48 @@ +# Contributor Code of Conduct + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, physical attributes, disability, ethnicity, level of experience, nationality, personal appearance, race, religion, or sexual orientation. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment include: + +* Using welcoming and inclusive language +* Being courteous (use "please" when you ask something of someone) +* Being respectful of differing viewpoints and experiences +* Gracefully accepting constructive criticism, even if you disagree with such criticism. +* Similarly, accepting that someone may not act on criticism given. +* Focusing on what is best for the community and its projects +* Showing understanding and a reasonable level of empathy towards other community members + +Examples of unacceptable behavior by participants include: + +* Unwelcome sexual attention or advances +* Trolling, insulting/derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or electronic address, without explicit permission +* Other conduct which could reasonably be considered inappropriate in a professional setting + +## Our Responsibilities + +Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior. + +Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct or community's or projects' best interests, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful. + +## Scope + +This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, acting on behalf of the project on IRC or other chat networks, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project owner at moonchild@palemoon.org. The project owner will review and investigate all complaints, and will respond in a way that they deem appropriate for the circumstances. The project team is generally obligated to maintain confidentiality with regard to the reporter of an incident, although in exceptional cases where intervention of authorities is required, the reporter may be individually identified to aid in the investigation or resolution of a conflict situation. Further details of specific enforcement policies may be posted separately. + +Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], version [1.4][version]. + +[homepage]: http://contributor-covenant.org +[version]: http://contributor-covenant.org/version/1/4/ diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 8eca474950..ae307431d9 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -1972,71 +1972,7 @@ nsDocShell::GetCharset(nsACString& aCharset) NS_IMETHODIMP nsDocShell::GatherCharsetMenuTelemetry() { - nsCOMPtr<nsIContentViewer> viewer; - GetContentViewer(getter_AddRefs(viewer)); - if (!viewer) { - return NS_OK; - } - - nsIDocument* doc = viewer->GetDocument(); - if (!doc || doc->WillIgnoreCharsetOverride()) { - return NS_OK; - } - - Telemetry::Accumulate(Telemetry::CHARSET_OVERRIDE_USED, true); - - bool isFileURL = false; - nsIURI* url = doc->GetOriginalURI(); - if (url) { - url->SchemeIs("file", &isFileURL); - } - - int32_t charsetSource = doc->GetDocumentCharacterSetSource(); - switch (charsetSource) { - case kCharsetFromTopLevelDomain: - // Unlabeled doc on a domain that we map to a fallback encoding - Telemetry::Accumulate(Telemetry::CHARSET_OVERRIDE_SITUATION, 7); - break; - case kCharsetFromFallback: - case kCharsetFromDocTypeDefault: - case kCharsetFromCache: - case kCharsetFromParentFrame: - case kCharsetFromHintPrevDoc: - // Changing charset on an unlabeled doc. - if (isFileURL) { - Telemetry::Accumulate(Telemetry::CHARSET_OVERRIDE_SITUATION, 0); - } else { - Telemetry::Accumulate(Telemetry::CHARSET_OVERRIDE_SITUATION, 1); - } - break; - case kCharsetFromAutoDetection: - // Changing charset on unlabeled doc where chardet fired - if (isFileURL) { - Telemetry::Accumulate(Telemetry::CHARSET_OVERRIDE_SITUATION, 2); - } else { - Telemetry::Accumulate(Telemetry::CHARSET_OVERRIDE_SITUATION, 3); - } - break; - case kCharsetFromMetaPrescan: - case kCharsetFromMetaTag: - case kCharsetFromChannel: - // Changing charset on a doc that had a charset label. - Telemetry::Accumulate(Telemetry::CHARSET_OVERRIDE_SITUATION, 4); - break; - case kCharsetFromParentForced: - case kCharsetFromUserForced: - // Changing charset on a document that already had an override. - Telemetry::Accumulate(Telemetry::CHARSET_OVERRIDE_SITUATION, 5); - break; - case kCharsetFromIrreversibleAutoDetection: - case kCharsetFromOtherComponent: - case kCharsetFromByteOrderMark: - case kCharsetUninitialized: - default: - // Bug. This isn't supposed to happen. - Telemetry::Accumulate(Telemetry::CHARSET_OVERRIDE_SITUATION, 6); - break; - } + /* STUB */ return NS_OK; } @@ -5062,10 +4998,6 @@ nsDocShell::DisplayLoadError(nsresult aError, nsIURI* aURI, errorPage.Assign(alternateErrorPage); } - if (!IsFrame() && errorPage.EqualsIgnoreCase("certerror")) { - Telemetry::Accumulate(mozilla::Telemetry::SECURITY_UI, bucketId); - } - } else { error.AssignLiteral("nssFailure2"); } @@ -5105,10 +5037,6 @@ nsDocShell::DisplayLoadError(nsresult aError, nsIURI* aURI, : nsISecurityUITelemetry::WARNING_UNWANTED_PAGE_TOP; } - if (sendTelemetry && errorPage.EqualsIgnoreCase("blocked")) { - Telemetry::Accumulate(Telemetry::SECURITY_UI, bucketId); - } - cssClass.AssignLiteral("blacklist"); } else if (NS_ERROR_CONTENT_CRASHED == aError) { errorPage.AssignLiteral("tabcrashed"); @@ -7622,8 +7550,6 @@ nsDocShell::EndPageLoad(nsIWebProgress* aProgress, TimeStamp channelCreationTime; rv = timingChannel->GetChannelCreation(&channelCreationTime); if (NS_SUCCEEDED(rv) && !channelCreationTime.IsNull()) { - Telemetry::AccumulateTimeDelta(Telemetry::TOTAL_CONTENT_PAGE_LOAD_TIME, - channelCreationTime); nsCOMPtr<nsPILoadGroupInternal> internalLoadGroup = do_QueryInterface(mLoadGroup); if (internalLoadGroup) { @@ -12281,7 +12207,9 @@ nsDocShell::ShouldAddToSessionHistory(nsIURI* aURI) return false; } - if (buf.EqualsLiteral("blank") || buf.EqualsLiteral("newtab")) { + if (buf.EqualsLiteral("blank") || buf.EqualsLiteral("logopage") || + (buf.EqualsLiteral("newtab") && + !Preferences::GetBool("browser.newtabpage.add_to_session_history", false))) { return false; } } diff --git a/dom/base/Navigator.cpp b/dom/base/Navigator.cpp index ed96ee23b9..1bc4f82f49 100644 --- a/dom/base/Navigator.cpp +++ b/dom/base/Navigator.cpp @@ -684,8 +684,6 @@ Navigator::GetDoNotTrack(nsAString &aResult) bool Navigator::JavaEnabled(ErrorResult& aRv) { - Telemetry::AutoTimer<Telemetry::CHECK_JAVA_ENABLED> telemetryTimer; - // Return true if we have a handler for the java mime nsAdoptingString javaMIME = Preferences::GetString("plugin.java.mime"); NS_ENSURE_TRUE(!javaMIME.IsEmpty(), false); diff --git a/dom/base/nsDOMClassInfo.cpp b/dom/base/nsDOMClassInfo.cpp index d125e5ad1c..1cfde6e1bb 100644 --- a/dom/base/nsDOMClassInfo.cpp +++ b/dom/base/nsDOMClassInfo.cpp @@ -49,7 +49,6 @@ #include "nsContentUtils.h" #include "nsIDOMGlobalPropertyInitializer.h" #include "mozilla/Attributes.h" -#include "mozilla/Telemetry.h" // Window scriptable helper includes #include "nsScriptNameSpaceManager.h" @@ -1903,9 +1902,6 @@ LookupComponentsShim(JSContext *cx, JS::Handle<JSObject*> global, nsPIDOMWindowInner *win, JS::MutableHandle<JS::PropertyDescriptor> desc) { - // Keep track of how often this happens. - Telemetry::Accumulate(Telemetry::COMPONENTS_SHIM_ACCESSED_BY_CONTENT, true); - // Warn once. nsCOMPtr<nsIDocument> doc = win->GetExtantDoc(); if (doc) { diff --git a/dom/base/nsDOMNavigationTiming.cpp b/dom/base/nsDOMNavigationTiming.cpp index 32ce8a8cb0..9c732f2d8c 100644 --- a/dom/base/nsDOMNavigationTiming.cpp +++ b/dom/base/nsDOMNavigationTiming.cpp @@ -15,7 +15,6 @@ #include "nsPrintfCString.h" #include "mozilla/dom/PerformanceNavigation.h" #include "mozilla/TimeStamp.h" -#include "mozilla/Telemetry.h" using namespace mozilla; @@ -203,12 +202,6 @@ nsDOMNavigationTiming::NotifyNonBlankPaintForRootContentDocument() mDocShellHasBeenActiveSinceNavigationStart ? "foreground tab" : "this tab was inactive some of the time between navigation start and first non-blank paint"); PROFILER_MARKER(marker.get()); } - - if (mDocShellHasBeenActiveSinceNavigationStart) { - Telemetry::AccumulateTimeDelta(Telemetry::TIME_TO_NON_BLANK_PAINT_MS, - mNavigationStart, - mNonBlankPaint); - } } void diff --git a/dom/base/nsDeprecatedOperationList.h b/dom/base/nsDeprecatedOperationList.h index 8fb381d9de..ea4b052890 100644 --- a/dom/base/nsDeprecatedOperationList.h +++ b/dom/base/nsDeprecatedOperationList.h @@ -44,7 +44,6 @@ DEPRECATED_OPERATION(PannerNodeDoppler) DEPRECATED_OPERATION(NavigatorGetUserMedia) DEPRECATED_OPERATION(WebrtcDeprecatedPrefix) DEPRECATED_OPERATION(RTCPeerConnectionGetStreams) -DEPRECATED_OPERATION(AppCache) DEPRECATED_OPERATION(PrefixedImageSmoothingEnabled) DEPRECATED_OPERATION(PrefixedFullscreenAPI) DEPRECATED_OPERATION(LenientSetter) diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp index 8acfd901a9..ac9601caf1 100644 --- a/dom/base/nsDocument.cpp +++ b/dom/base/nsDocument.cpp @@ -25,7 +25,6 @@ #include "plstr.h" #include "mozilla/Sprintf.h" -#include "mozilla/Telemetry.h" #include "nsIInterfaceRequestor.h" #include "nsIInterfaceRequestorUtils.h" #include "nsILoadContext.h" @@ -12370,101 +12369,7 @@ MightBeAboutOrChromeScheme(nsIURI* aURI) void nsDocument::ReportUseCounters() { - static const bool sDebugUseCounters = false; - if (mReportedUseCounters) { - return; - } - - mReportedUseCounters = true; - - if (Telemetry::HistogramUseCounterCount > 0 && - (IsContentDocument() || IsResourceDoc())) { - nsCOMPtr<nsIURI> uri; - NodePrincipal()->GetURI(getter_AddRefs(uri)); - if (!uri || MightBeAboutOrChromeScheme(uri)) { - return; - } - - if (sDebugUseCounters) { - nsCString spec = uri->GetSpecOrDefault(); - - // URIs can be rather long for data documents, so truncate them to - // some reasonable length. - spec.Truncate(std::min(128U, spec.Length())); - printf("-- Use counters for %s --\n", spec.get()); - } - - // We keep separate counts for individual documents and top-level - // pages to more accurately track how many web pages might break if - // certain features were removed. Consider the case of a single - // HTML document with several SVG images and/or iframes with - // sub-documents of their own. If we maintained a single set of use - // counters and all the sub-documents use a particular feature, then - // telemetry would indicate that we would be breaking N documents if - // that feature were removed. Whereas with a document/top-level - // page split, we can see that N documents would be affected, but - // only a single web page would be affected. - - // The difference between the values of these two histograms and the - // related use counters below tell us how many pages did *not* use - // the feature in question. For instance, if we see that a given - // session has destroyed 30 content documents, but a particular use - // counter shows only a count of 5, we can infer that the use - // counter was *not* used in 25 of those 30 documents. - // - // We do things this way, rather than accumulating a boolean flag - // for each use counter, to avoid sending histograms for features - // that don't get widely used. Doing things in this fashion means - // smaller telemetry payloads and faster processing on the server - // side. - Telemetry::Accumulate(Telemetry::CONTENT_DOCUMENTS_DESTROYED, 1); - if (IsTopLevelContentDocument()) { - Telemetry::Accumulate(Telemetry::TOP_LEVEL_CONTENT_DOCUMENTS_DESTROYED, 1); - } - - for (int32_t c = 0; - c < eUseCounter_Count; ++c) { - UseCounter uc = static_cast<UseCounter>(c); - - Telemetry::ID id = - static_cast<Telemetry::ID>(Telemetry::HistogramFirstUseCounter + uc * 2); - bool value = GetUseCounter(uc); - - if (value) { - if (sDebugUseCounters) { - const char* name = Telemetry::GetHistogramName(id); - if (name) { - printf(" %s", name); - } else { - printf(" #%d", id); - } - printf(": %d\n", value); - } - - Telemetry::Accumulate(id, 1); - } - - if (IsTopLevelContentDocument()) { - id = static_cast<Telemetry::ID>(Telemetry::HistogramFirstUseCounter + - uc * 2 + 1); - value = GetUseCounter(uc) || GetChildDocumentUseCounter(uc); - - if (value) { - if (sDebugUseCounters) { - const char* name = Telemetry::GetHistogramName(id); - if (name) { - printf(" %s", name); - } else { - printf(" #%d", id); - } - printf(": %d\n", value); - } - - Telemetry::Accumulate(id, 1); - } - } - } - } +/* STUB */ } void diff --git a/dom/base/nsFrameMessageManager.cpp b/dom/base/nsFrameMessageManager.cpp index 6fffd376b2..f173678b74 100644 --- a/dom/base/nsFrameMessageManager.cpp +++ b/dom/base/nsFrameMessageManager.cpp @@ -32,7 +32,6 @@ #include "mozilla/CycleCollectedJSContext.h" #include "mozilla/IntentionalCrash.h" #include "mozilla/Preferences.h" -#include "mozilla/Telemetry.h" #include "mozilla/dom/File.h" #include "mozilla/dom/MessagePort.h" #include "mozilla/dom/nsIContentParent.h" @@ -716,9 +715,6 @@ AllowMessage(size_t aDataLength, const nsAString& aMessageName) NS_ConvertUTF16toUTF8 messageName(aMessageName); messageName.StripChars("0123456789"); - Telemetry::Accumulate(Telemetry::MESSAGE_MANAGER_MESSAGE_SIZE2, messageName, - aDataLength); - // A message includes more than structured clone data, so subtract // 20KB to make it more likely that a message within this bound won't // result in an overly large IPC message. @@ -727,9 +723,6 @@ AllowMessage(size_t aDataLength, const nsAString& aMessageName) return true; } - Telemetry::Accumulate(Telemetry::REJECTED_MESSAGE_MANAGER_MESSAGE, - messageName); - return false; } @@ -2248,7 +2241,6 @@ nsSameProcessAsyncMessageBase::Init(const nsAString& aMessage, nsIPrincipal* aPrincipal) { if (!mData.Copy(aData)) { - Telemetry::Accumulate(Telemetry::IPC_SAME_PROCESS_MESSAGE_COPY_OOM_KB, aData.DataLength()); return NS_ERROR_OUT_OF_MEMORY; } diff --git a/dom/base/nsGlobalWindow.cpp b/dom/base/nsGlobalWindow.cpp index 884ad69ca5..88cebe42b5 100644 --- a/dom/base/nsGlobalWindow.cpp +++ b/dom/base/nsGlobalWindow.cpp @@ -211,7 +211,6 @@ #include "mozilla/AddonPathService.h" #include "mozilla/BasePrincipal.h" #include "mozilla/Services.h" -#include "mozilla/Telemetry.h" #include "mozilla/dom/Location.h" #include "nsHTMLDocument.h" #include "nsWrapperCacheInlines.h" @@ -1759,9 +1758,6 @@ nsGlobalWindow::~nsGlobalWindow() DropOuterWindowDocs(); } else { - Telemetry::Accumulate(Telemetry::INNERWINDOWS_WITH_MUTATION_LISTENERS, - mMutationBits ? 1 : 0); - if (mListenerManager) { mListenerManager->Disconnect(); mListenerManager = nullptr; @@ -2695,7 +2691,6 @@ TreatAsRemoteXUL(nsIPrincipal* aPrincipal) static bool EnablePrivilege(JSContext* cx, unsigned argc, JS::Value* vp) { - Telemetry::Accumulate(Telemetry::ENABLE_PRIVILEGE_EVER_CALLED, true); return xpc::EnableUniversalXPConnect(cx); } @@ -3389,9 +3384,6 @@ nsGlobalWindow::InnerSetNewDocument(JSContext* aCx, nsIDocument* aDocument) mLastOpenedURI = aDocument->GetDocumentURI(); #endif - Telemetry::Accumulate(Telemetry::INNERWINDOWS_WITH_MUTATION_LISTENERS, - mMutationBits ? 1 : 0); - // Clear our mutation bitfield. mMutationBits = 0; } @@ -6848,8 +6840,6 @@ FullscreenTransitionTask::Run() Preferences::GetUint("full-screen-api.transition.timeout", 1000); mTimer->Init(observer, timeout, nsITimer::TYPE_ONE_SHOT); } else if (stage == eAfterToggle) { - Telemetry::AccumulateTimeDelta(Telemetry::FULLSCREEN_TRANSITION_BLACK_MS, - mFullscreenChangeStartTime); mWidget->PerformFullscreenTransition(nsIWidget::eAfterFullscreenToggle, mDuration.mFadeOut, mTransitionData, this); @@ -11577,11 +11567,6 @@ nsGlobalWindow::ShowSlowScriptDialog() unsigned lineno; bool hasFrame = JS::DescribeScriptedCaller(cx, &filename, &lineno); - // Record the slow script event if we haven't done so already for this inner window - // (which represents a particular page to the user). - if (!mHasHadSlowScript) { - Telemetry::Accumulate(Telemetry::SLOW_SCRIPT_PAGE_COUNT, 1); - } mHasHadSlowScript = true; if (XRE_IsContentProcess() && @@ -11613,10 +11598,6 @@ nsGlobalWindow::ShowSlowScriptDialog() return ContinueSlowScriptAndKeepNotifying; } - // Reached only on non-e10s - once per slow script dialog. - // On e10s - we probe once at ProcessHangsMonitor.jsm - Telemetry::Accumulate(Telemetry::SLOW_SCRIPT_NOTICE_COUNT, 1); - // Get the nsIPrompt interface from the docshell nsCOMPtr<nsIDocShell> ds = GetDocShell(); NS_ENSURE_TRUE(ds, KillSlowScript); diff --git a/dom/base/nsJSEnvironment.cpp b/dom/base/nsJSEnvironment.cpp index 3be1a6d2f4..4a984d294d 100644 --- a/dom/base/nsJSEnvironment.cpp +++ b/dom/base/nsJSEnvironment.cpp @@ -70,7 +70,6 @@ #include "prthread.h" #include "mozilla/Preferences.h" -#include "mozilla/Telemetry.h" #include "mozilla/dom/BindingUtils.h" #include "mozilla/Attributes.h" #include "mozilla/dom/asmjscache/AsmJSCache.h" @@ -1477,22 +1476,8 @@ nsJSContext::EndCycleCollectionCallback(CycleCollectorResults &aResults) NS_GC_DELAY - std::min(ccNowDuration, kMaxICCDuration)); } - // Log information about the CC via telemetry, JSON and the console. - Telemetry::Accumulate(Telemetry::CYCLE_COLLECTOR_FINISH_IGC, gCCStats.mAnyLockedOut); - Telemetry::Accumulate(Telemetry::CYCLE_COLLECTOR_SYNC_SKIPPABLE, gCCStats.mRanSyncForgetSkippable); - Telemetry::Accumulate(Telemetry::CYCLE_COLLECTOR_FULL, ccNowDuration); - Telemetry::Accumulate(Telemetry::CYCLE_COLLECTOR_MAX_PAUSE, gCCStats.mMaxSliceTime); - - if (!sLastCCEndTime.IsNull()) { - // TimeBetween returns milliseconds, but we want to report seconds. - uint32_t timeBetween = TimeBetween(sLastCCEndTime, gCCStats.mBeginTime) / 1000; - Telemetry::Accumulate(Telemetry::CYCLE_COLLECTOR_TIME_BETWEEN, timeBetween); - } sLastCCEndTime = endCCTimeStamp; - Telemetry::Accumulate(Telemetry::FORGET_SKIPPABLE_MAX, - sMaxForgetSkippableTime / PR_USEC_PER_MSEC); - PRTime delta = GetCollectionTimeDelta(); uint32_t cleanups = sForgetSkippableBeforeCC ? sForgetSkippableBeforeCC : 1; diff --git a/dom/base/nsNodeInfoManager.cpp b/dom/base/nsNodeInfoManager.cpp index 66c8c84cfd..80f0aa786b 100644 --- a/dom/base/nsNodeInfoManager.cpp +++ b/dom/base/nsNodeInfoManager.cpp @@ -392,9 +392,6 @@ nsNodeInfoManager::SetDocumentPrincipal(nsIPrincipal *aPrincipal) NS_ASSERTION(aPrincipal, "Must have principal by this point!"); MOZ_DIAGNOSTIC_ASSERT(!nsContentUtils::IsExpandedPrincipal(aPrincipal), "Documents shouldn't have an expanded principal"); - if (nsContentUtils::IsExpandedPrincipal(aPrincipal)) { - Telemetry::Accumulate(Telemetry::DOCUMENT_WITH_EXPANDED_PRINCIPAL, 1); - } mPrincipal = aPrincipal; } diff --git a/dom/base/nsObjectLoadingContent.cpp b/dom/base/nsObjectLoadingContent.cpp index 9e9dacf014..709c7aa56c 100644 --- a/dom/base/nsObjectLoadingContent.cpp +++ b/dom/base/nsObjectLoadingContent.cpp @@ -85,7 +85,6 @@ #include "mozilla/AsyncEventDispatcher.h" #include "mozilla/EventDispatcher.h" #include "mozilla/EventStates.h" -#include "mozilla/Telemetry.h" #include "mozilla/dom/HTMLObjectElementBinding.h" #include "mozilla/dom/HTMLSharedObjectElement.h" #include "nsChannelClassifier.h" @@ -1149,7 +1148,6 @@ nsObjectLoadingContent::OnStartRequest(nsIRequest *aRequest, NS_LITERAL_STRING(" since it was found on an internal Firefox blocklist."); console->LogStringMessage(message.get()); } - Telemetry::Accumulate(Telemetry::PLUGIN_BLOCKED_FOR_STABILITY, 1); mContentBlockingEnabled = true; return NS_ERROR_FAILURE; } else if (status == NS_ERROR_TRACKING_URI) { @@ -1565,7 +1563,6 @@ nsObjectLoadingContent::MaybeRewriteYoutubeEmbed(nsIURI* aURI, nsIURI* aBaseURI, } if (uri.Find("enablejsapi=1", true, 0, -1) != kNotFound) { - Telemetry::Accumulate(Telemetry::YOUTUBE_NONREWRITABLE_EMBED_SEEN, 1); return; } @@ -1585,10 +1582,6 @@ nsObjectLoadingContent::MaybeRewriteYoutubeEmbed(nsIURI* aURI, nsIURI* aBaseURI, } } - // If we've made it this far, we've got a rewritable embed. Log it in - // telemetry. - Telemetry::Accumulate(Telemetry::YOUTUBE_REWRITABLE_EMBED_SEEN, 1); - // If we're pref'd off, return after telemetry has been logged. if (!Preferences::GetBool(kPrefYoutubeRewrite)) { return; @@ -3800,8 +3793,6 @@ nsObjectLoadingContent::LegacyCall(JSContext* aCx, aRv.Throw(NS_ERROR_FAILURE); return; } - - Telemetry::Accumulate(Telemetry::PLUGIN_CALLED_DIRECTLY, true); } void diff --git a/dom/bindings/BindingUtils.cpp b/dom/bindings/BindingUtils.cpp index 7056658a78..323feca52c 100644 --- a/dom/bindings/BindingUtils.cpp +++ b/dom/bindings/BindingUtils.cpp @@ -119,7 +119,7 @@ ThrowInvalidThis(JSContext* aCx, const JS::CallArgs& aArgs, MSG_METHOD_THIS_DOES_NOT_IMPLEMENT_INTERFACE; MOZ_RELEASE_ASSERT(GetErrorArgCount(errorNumber) <= 2); JS_ReportErrorNumberUC(aCx, GetErrorMessage, nullptr, - static_cast<const unsigned>(errorNumber), + static_cast<unsigned>(errorNumber), funcNameStr.get(), ifaceName.get()); return false; } @@ -226,7 +226,7 @@ TErrorResult<CleanupPolicy>::SetPendingExceptionWithMessage(JSContext* aCx) args[argCount] = nullptr; JS_ReportErrorNumberUCArray(aCx, dom::GetErrorMessage, nullptr, - static_cast<const unsigned>(message->mErrorNumber), + static_cast<unsigned>(message->mErrorNumber), argCount > 0 ? args : nullptr); ClearMessage(); diff --git a/dom/bindings/BindingUtils.h b/dom/bindings/BindingUtils.h index 3e58390c9f..24b47a545d 100644 --- a/dom/bindings/BindingUtils.h +++ b/dom/bindings/BindingUtils.h @@ -515,7 +515,7 @@ class ProtoAndIfaceCache { public: PageTableCache() { - memset(&mPages, 0, sizeof(mPages)); + memset(mPages.begin(), 0, sizeof(mPages)); } ~PageTableCache() { diff --git a/dom/bindings/Bindings.conf b/dom/bindings/Bindings.conf index aa7f26ad61..6f9733c5fb 100644 --- a/dom/bindings/Bindings.conf +++ b/dom/bindings/Bindings.conf @@ -1222,6 +1222,11 @@ DOMInterfaces = { 'headerFile': 'WebGLExtensions.h' }, +'MOZ_debug_get': { + 'nativeType': 'mozilla::WebGLExtensionDebugGet', + 'headerFile': 'WebGLExtensions.h' +}, + 'WebGLFramebuffer': { 'nativeType': 'mozilla::WebGLFramebuffer', 'headerFile': 'WebGLFramebuffer.h' diff --git a/dom/bindings/ErrorResult.h b/dom/bindings/ErrorResult.h index 7c3fc9e2f9..da7ec30e71 100644 --- a/dom/bindings/ErrorResult.h +++ b/dom/bindings/ErrorResult.h @@ -75,7 +75,7 @@ template<typename... Ts> inline bool ThrowErrorMessage(JSContext* aCx, const ErrNum aErrorNumber, Ts&&... aArgs) { - binding_detail::ThrowErrorMessage(aCx, static_cast<const unsigned>(aErrorNumber), + binding_detail::ThrowErrorMessage(aCx, static_cast<unsigned>(aErrorNumber), mozilla::Forward<Ts>(aArgs)...); return false; } diff --git a/dom/bindings/test/test_dom_xrays.html b/dom/bindings/test/test_dom_xrays.html index 0700db2f8b..15d7013ade 100644 --- a/dom/bindings/test/test_dom_xrays.html +++ b/dom/bindings/test/test_dom_xrays.html @@ -172,7 +172,7 @@ function test() // Check that DataTransfer's .types has the hack to alias contains() // to includes(). - var dataTransfer = new win.DataTransfer("foo", true); + var dataTransfer = new win.DataTransfer(); is(dataTransfer.types.contains, dataTransfer.types.includes, "Should have contains() set up as an alias to includes()"); // Waive Xrays on the dataTransfer itself, since the .types we get is diff --git a/dom/canvas/CanvasRenderingContextHelper.cpp b/dom/canvas/CanvasRenderingContextHelper.cpp index 3000e59bdf..61317fb515 100644 --- a/dom/canvas/CanvasRenderingContextHelper.cpp +++ b/dom/canvas/CanvasRenderingContextHelper.cpp @@ -7,7 +7,6 @@ #include "ImageBitmapRenderingContext.h" #include "ImageEncoder.h" #include "mozilla/dom/CanvasRenderingContext2D.h" -#include "mozilla/Telemetry.h" #include "mozilla/UniquePtr.h" #include "nsContentUtils.h" #include "nsDOMJSUtils.h" @@ -138,13 +137,10 @@ CanvasRenderingContextHelper::CreateContextHelper(CanvasContextType aContextType break; case CanvasContextType::Canvas2D: - Telemetry::Accumulate(Telemetry::CANVAS_2D_USED, 1); ret = new CanvasRenderingContext2D(aCompositorBackend); break; case CanvasContextType::WebGL1: - Telemetry::Accumulate(Telemetry::CANVAS_WEBGL_USED, 1); - ret = WebGL1Context::Create(); if (!ret) return nullptr; @@ -152,8 +148,6 @@ CanvasRenderingContextHelper::CreateContextHelper(CanvasContextType aContextType break; case CanvasContextType::WebGL2: - Telemetry::Accumulate(Telemetry::CANVAS_WEBGL_USED, 1); - ret = WebGL2Context::Create(); if (!ret) return nullptr; @@ -205,16 +199,8 @@ CanvasRenderingContextHelper::GetContext(JSContext* aCx, // See bug 645792 and bug 1215072. // We want to throw only if dictionary initialization fails, // so only in case aRv has been set to some error value. - if (contextType == CanvasContextType::WebGL1) - Telemetry::Accumulate(Telemetry::CANVAS_WEBGL_SUCCESS, 0); - else if (contextType == CanvasContextType::WebGL2) - Telemetry::Accumulate(Telemetry::CANVAS_WEBGL2_SUCCESS, 0); return nullptr; } - if (contextType == CanvasContextType::WebGL1) - Telemetry::Accumulate(Telemetry::CANVAS_WEBGL_SUCCESS, 1); - else if (contextType == CanvasContextType::WebGL2) - Telemetry::Accumulate(Telemetry::CANVAS_WEBGL2_SUCCESS, 1); } else { // We already have a context of some type. if (contextType != mCurrentContextType) diff --git a/dom/canvas/WebGL1Context.cpp b/dom/canvas/WebGL1Context.cpp index c1818a3f95..e82cafbe5c 100644 --- a/dom/canvas/WebGL1Context.cpp +++ b/dom/canvas/WebGL1Context.cpp @@ -6,7 +6,6 @@ #include "WebGL1Context.h" #include "mozilla/dom/WebGLRenderingContextBinding.h" -#include "mozilla/Telemetry.h" #include "WebGLFormats.h" namespace mozilla { @@ -43,8 +42,6 @@ WebGL1Context::WrapObject(JSContext* cx, JS::Handle<JSObject*> givenProto) nsresult NS_NewCanvasRenderingContextWebGL(nsIDOMWebGLRenderingContext** out_result) { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::CANVAS_WEBGL_USED, 1); - nsIDOMWebGLRenderingContext* ctx = mozilla::WebGL1Context::Create(); NS_ADDREF(*out_result = ctx); diff --git a/dom/canvas/WebGLContext.cpp b/dom/canvas/WebGLContext.cpp index 32eed63541..14bc7e3e3d 100644 --- a/dom/canvas/WebGLContext.cpp +++ b/dom/canvas/WebGLContext.cpp @@ -825,10 +825,6 @@ NS_IMETHODIMP WebGLContext::SetDimensions(int32_t signedWidth, int32_t signedHeight) { if (signedWidth < 0 || signedHeight < 0) { - if (!gl) { - Telemetry::Accumulate(Telemetry::CANVAS_WEBGL_FAILURE_ID, - NS_LITERAL_CSTRING("FEATURE_FAILURE_WEBGL_SIZE")); - } GenerateWarning("Canvas size is too large (seems like a negative value wrapped)"); return NS_ERROR_OUT_OF_MEMORY; } @@ -884,12 +880,6 @@ WebGLContext::SetDimensions(int32_t signedWidth, int32_t signedHeight) return NS_OK; } - nsCString failureId = NS_LITERAL_CSTRING("FEATURE_FAILURE_WEBGL_UNKOWN"); - auto autoTelemetry = mozilla::MakeScopeExit([&] { - Telemetry::Accumulate(Telemetry::CANVAS_WEBGL_FAILURE_ID, - failureId); - }); - // End of early return cases. // At this point we know that we're not just resizing an existing context, // we are initializing a new context. @@ -911,7 +901,6 @@ WebGLContext::SetDimensions(int32_t signedWidth, int32_t signedHeight) // resource handles created from older context generations. if (!(mGeneration + 1).isValid()) { // exit without changing the value of mGeneration - failureId = NS_LITERAL_CSTRING("FEATURE_FAILURE_WEBGL_TOO_MANY"); const nsLiteralCString text("Too many WebGL contexts created this run."); ThrowEvent_WebGLContextCreationError(text); return NS_ERROR_FAILURE; @@ -928,11 +917,6 @@ WebGLContext::SetDimensions(int32_t signedWidth, int32_t signedHeight) disabled |= gfxPlatform::InSafeMode(); if (disabled) { - if (gfxPlatform::InSafeMode()) { - failureId = NS_LITERAL_CSTRING("FEATURE_FAILURE_WEBGL_SAFEMODE"); - } else { - failureId = NS_LITERAL_CSTRING("FEATURE_FAILURE_WEBGL_DISABLED"); - } const nsLiteralCString text("WebGL is currently disabled."); ThrowEvent_WebGLContextCreationError(text); return NS_ERROR_FAILURE; @@ -945,7 +929,6 @@ WebGLContext::SetDimensions(int32_t signedWidth, int32_t signedHeight) if (mOptions.failIfMajorPerformanceCaveat) { nsCOMPtr<nsIGfxInfo> gfxInfo = services::GetGfxInfo(); if (!HasAcceleratedLayers(gfxInfo)) { - failureId = NS_LITERAL_CSTRING("FEATURE_FAILURE_WEBGL_PERF_CAVEAT"); const nsLiteralCString text("failIfMajorPerformanceCaveat: Compositor is not" " hardware-accelerated."); ThrowEvent_WebGLContextCreationError(text); @@ -961,12 +944,9 @@ WebGLContext::SetDimensions(int32_t signedWidth, int32_t signedHeight) if (!CreateAndInitGL(forceEnabled, &failReasons)) { nsCString text("WebGL creation failed: "); for (const auto& cur : failReasons) { - Telemetry::Accumulate(Telemetry::CANVAS_WEBGL_FAILURE_ID, cur.key); - text.AppendASCII("\n* "); text.Append(cur.info); } - failureId = NS_LITERAL_CSTRING("FEATURE_FAILURE_REASON"); ThrowEvent_WebGLContextCreationError(text); return NS_ERROR_FAILURE; } @@ -978,7 +958,6 @@ WebGLContext::SetDimensions(int32_t signedWidth, int32_t signedHeight) DestroyResourcesAndContext(); MOZ_ASSERT(!gl); - failureId = NS_LITERAL_CSTRING("FEATURE_FAILURE_WEBGL_PERF_WARP"); const nsLiteralCString text("failIfMajorPerformanceCaveat: Driver is not" " hardware-accelerated."); ThrowEvent_WebGLContextCreationError(text); @@ -992,7 +971,6 @@ WebGLContext::SetDimensions(int32_t signedWidth, int32_t signedHeight) DestroyResourcesAndContext(); MOZ_ASSERT(!gl); - failureId = NS_LITERAL_CSTRING("FEATURE_FAILURE_WEBGL_DXGL_INTEROP2"); const nsLiteralCString text("Caveat: WGL without DXGLInterop2."); ThrowEvent_WebGLContextCreationError(text); return NS_ERROR_FAILURE; @@ -1001,7 +979,6 @@ WebGLContext::SetDimensions(int32_t signedWidth, int32_t signedHeight) } if (!ResizeBackbuffer(width, height)) { - failureId = NS_LITERAL_CSTRING("FEATURE_FAILURE_WEBGL_BACKBUFFER"); const nsLiteralCString text("Initializing WebGL backbuffer failed."); ThrowEvent_WebGLContextCreationError(text); return NS_ERROR_FAILURE; @@ -1085,7 +1062,6 @@ WebGLContext::SetDimensions(int32_t signedWidth, int32_t signedHeight) ////// - failureId = NS_LITERAL_CSTRING("SUCCESS"); return NS_OK; } diff --git a/dom/canvas/WebGLContextExtensions.cpp b/dom/canvas/WebGLContextExtensions.cpp index 4a5a232749..7f338b4e97 100644 --- a/dom/canvas/WebGLContextExtensions.cpp +++ b/dom/canvas/WebGLContextExtensions.cpp @@ -40,6 +40,7 @@ WebGLContext::GetExtensionString(WebGLExtensionID ext) WEBGL_EXTENSION_IDENTIFIER(EXT_sRGB) WEBGL_EXTENSION_IDENTIFIER(EXT_texture_filter_anisotropic) WEBGL_EXTENSION_IDENTIFIER(EXT_disjoint_timer_query) + WEBGL_EXTENSION_IDENTIFIER(MOZ_debug_get) WEBGL_EXTENSION_IDENTIFIER(OES_element_index_uint) WEBGL_EXTENSION_IDENTIFIER(OES_standard_derivatives) WEBGL_EXTENSION_IDENTIFIER(OES_texture_float) @@ -91,6 +92,8 @@ bool WebGLContext::IsExtensionSupported(dom::CallerType callerType, switch (ext) { case WebGLExtensionID::EXT_disjoint_timer_query: return WebGLExtensionDisjointTimerQuery::IsSupported(this); + case WebGLExtensionID::MOZ_debug_get: + return true; case WebGLExtensionID::WEBGL_debug_renderer_info: return true; case WebGLExtensionID::WEBGL_debug_shaders: @@ -372,6 +375,11 @@ WebGLContext::EnableExtension(WebGLExtensionID ext) obj = new WebGLExtensionTextureFilterAnisotropic(this); break; + // MOZ_ + case WebGLExtensionID::MOZ_debug_get: + obj = new WebGLExtensionDebugGet(this); + break; + // OES_ case WebGLExtensionID::OES_element_index_uint: obj = new WebGLExtensionElementIndexUint(this); diff --git a/dom/canvas/WebGLContextState.cpp b/dom/canvas/WebGLContextState.cpp index e0234f5c61..c2f4c1a757 100644 --- a/dom/canvas/WebGLContextState.cpp +++ b/dom/canvas/WebGLContextState.cpp @@ -61,18 +61,6 @@ WebGLContext::Enable(GLenum cap) gl->fEnable(cap); } -static JS::Value -StringValue(JSContext* cx, const nsAString& str, ErrorResult& rv) -{ - JSString* jsStr = JS_NewUCStringCopyN(cx, str.BeginReading(), str.Length()); - if (!jsStr) { - rv.Throw(NS_ERROR_OUT_OF_MEMORY); - return JS::NullValue(); - } - - return JS::StringValue(jsStr); -} - bool WebGLContext::GetStencilBits(GLint* const out_stencilBits) { diff --git a/dom/canvas/WebGLContextUtils.cpp b/dom/canvas/WebGLContextUtils.cpp index 9c0d349397..3fd32eb301 100644 --- a/dom/canvas/WebGLContextUtils.cpp +++ b/dom/canvas/WebGLContextUtils.cpp @@ -874,4 +874,16 @@ InfoFrom(WebGLTexImageFunc func, WebGLTexDimensions dims) } } +JS::Value +StringValue(JSContext* cx, const nsAString& str, ErrorResult& er) +{ + JSString* jsStr = JS_NewUCStringCopyN(cx, str.BeginReading(), str.Length()); + if (!jsStr) { + er.Throw(NS_ERROR_OUT_OF_MEMORY); + return JS::NullValue(); + } + + return JS::StringValue(jsStr); +} + } // namespace mozilla diff --git a/dom/canvas/WebGLContextUtils.h b/dom/canvas/WebGLContextUtils.h index 5401fc878f..1d06659b1e 100644 --- a/dom/canvas/WebGLContextUtils.h +++ b/dom/canvas/WebGLContextUtils.h @@ -94,6 +94,8 @@ WebGLContext::WebGLObjectAsJSObject(JSContext* cx, */ const char* InfoFrom(WebGLTexImageFunc func, WebGLTexDimensions dims); +JS::Value StringValue(JSContext* cx, const nsAString& str, ErrorResult& er); + } // namespace mozilla #endif // WEBGL_CONTEXT_UTILS_H_ diff --git a/dom/canvas/WebGLExtensionDebugGet.cpp b/dom/canvas/WebGLExtensionDebugGet.cpp new file mode 100644 index 0000000000..39bb3c57a2 --- /dev/null +++ b/dom/canvas/WebGLExtensionDebugGet.cpp @@ -0,0 +1,79 @@ +/* -*- Mode: C++; tab-width: 20; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "WebGLExtensions.h" + +#include "mozilla/dom/WebGLRenderingContextBinding.h" +#include "WebGLContext.h" +#include "WebGLContextUtils.h" + +namespace mozilla { + +WebGLExtensionDebugGet::WebGLExtensionDebugGet(WebGLContext* webgl) + : WebGLExtensionBase(webgl) +{ +} + +WebGLExtensionDebugGet::~WebGLExtensionDebugGet() +{ +} + +void +WebGLExtensionDebugGet::GetParameter(JSContext* cx, GLenum pname, + JS::MutableHandle<JS::Value> retval, + ErrorResult& er) const +{ + const auto& gl = mContext->gl; + gl->MakeCurrent(); + + switch (pname) { + case LOCAL_GL_EXTENSIONS: + { + nsString ret; + if (!gl->IsCoreProfile()) { + const auto rawExts = (const char*)gl->fGetString(LOCAL_GL_EXTENSIONS); + ret = NS_ConvertUTF8toUTF16(rawExts); + } else { + const auto& numExts = gl->GetIntAs<GLuint>(LOCAL_GL_NUM_EXTENSIONS); + for (GLuint i = 0; i < numExts; i++) { + const auto rawExt = (const char*)gl->fGetStringi(LOCAL_GL_EXTENSIONS, + i); + if (i > 0) { + ret.AppendLiteral(" "); + } + ret.Append(NS_ConvertUTF8toUTF16(rawExt)); + } + } + retval.set(StringValue(cx, ret, er)); + return; + } + + case LOCAL_GL_RENDERER: + case LOCAL_GL_VENDOR: + case LOCAL_GL_VERSION: + { + const auto raw = (const char*)gl->fGetString(pname); + retval.set(StringValue(cx, NS_ConvertUTF8toUTF16(raw), er)); + return; + } + + case 0x10000: // "WSI_INFO" + { + nsCString info; + gl->GetWSIInfo(&info); + retval.set(StringValue(cx, NS_ConvertUTF8toUTF16(info), er)); + return; + } + + default: + mContext->ErrorInvalidEnumArg("MOZ_debug_get.getParameter", "pname", pname); + retval.set(JS::NullValue()); + return; + } +} + +IMPL_WEBGL_EXTENSION_GOOP(WebGLExtensionDebugGet, MOZ_debug_get) + +} // namespace mozilla diff --git a/dom/canvas/WebGLExtensions.h b/dom/canvas/WebGLExtensions.h index 741f6997f8..7b6b6b54b6 100644 --- a/dom/canvas/WebGLExtensions.h +++ b/dom/canvas/WebGLExtensions.h @@ -12,6 +12,7 @@ #include "WebGLTypes.h" namespace mozilla { +class ErrorResult; namespace dom { template<typename T> @@ -385,6 +386,19 @@ public: DECL_WEBGL_EXTENSION_GOOP }; +class WebGLExtensionDebugGet final + : public WebGLExtensionBase +{ +public: + explicit WebGLExtensionDebugGet(WebGLContext* webgl); + virtual ~WebGLExtensionDebugGet(); + + void GetParameter(JSContext* cx, GLenum pname, + JS::MutableHandle<JS::Value> retval, ErrorResult& er) const; + + DECL_WEBGL_EXTENSION_GOOP +}; + } // namespace mozilla #endif // WEBGL_EXTENSIONS_H_ diff --git a/dom/canvas/WebGLTypes.h b/dom/canvas/WebGLTypes.h index 42b8701f36..2f4a4368ac 100644 --- a/dom/canvas/WebGLTypes.h +++ b/dom/canvas/WebGLTypes.h @@ -149,6 +149,7 @@ enum class WebGLExtensionID : uint8_t { EXT_shader_texture_lod, EXT_texture_filter_anisotropic, EXT_disjoint_timer_query, + MOZ_debug_get, OES_element_index_uint, OES_standard_derivatives, OES_texture_float, diff --git a/dom/canvas/moz.build b/dom/canvas/moz.build index f7555b33db..6d5e2756ff 100644 --- a/dom/canvas/moz.build +++ b/dom/canvas/moz.build @@ -105,6 +105,7 @@ UNIFIED_SOURCES += [ 'WebGLExtensionCompressedTextureETC1.cpp', 'WebGLExtensionCompressedTexturePVRTC.cpp', 'WebGLExtensionCompressedTextureS3TC.cpp', + 'WebGLExtensionDebugGet.cpp', 'WebGLExtensionDebugRendererInfo.cpp', 'WebGLExtensionDebugShaders.cpp', 'WebGLExtensionDepthTexture.cpp', diff --git a/dom/crypto/WebCryptoTask.cpp b/dom/crypto/WebCryptoTask.cpp index f5fc7b5bc9..c4cc7080da 100644 --- a/dom/crypto/WebCryptoTask.cpp +++ b/dom/crypto/WebCryptoTask.cpp @@ -452,7 +452,6 @@ void WebCryptoTask::FailWithError(nsresult aRv) { MOZ_ASSERT(IsOnOriginalThread()); - Telemetry::Accumulate(Telemetry::WEBCRYPTO_RESOLVED, false); // Blindly convert nsresult to DOMException // Individual tasks must ensure they pass the right values @@ -491,7 +490,6 @@ WebCryptoTask::CallCallback(nsresult rv) } Resolve(); - Telemetry::Accumulate(Telemetry::WEBCRYPTO_RESOLVED, true); // Manually release mResultPromise while we're on the main thread mResultPromise = nullptr; @@ -650,7 +648,6 @@ public: mEarlyRv = NS_ERROR_DOM_NOT_SUPPORTED_ERR; return; } - Telemetry::Accumulate(Telemetry::WEBCRYPTO_ALG, telemetryAlg); } private: @@ -794,7 +791,6 @@ public: return; } - Telemetry::Accumulate(Telemetry::WEBCRYPTO_ALG, TA_AES_KW); } private: @@ -908,8 +904,6 @@ public: void Init(JSContext* aCx, const ObjectOrString& aAlgorithm, CryptoKey& aKey, bool aEncrypt) { - Telemetry::Accumulate(Telemetry::WEBCRYPTO_ALG, TA_RSA_OAEP); - CHECK_KEY_ALGORITHM(aKey.Algorithm(), WEBCRYPTO_ALG_RSA_OAEP); if (mEncrypt) { @@ -1049,7 +1043,6 @@ public: case CKM_SHA512_HMAC: telemetryAlg = TA_HMAC_SHA_512; break; default: telemetryAlg = TA_UNKNOWN; } - Telemetry::Accumulate(Telemetry::WEBCRYPTO_ALG, telemetryAlg); } private: @@ -1158,12 +1151,10 @@ public: if (algName.EqualsLiteral(WEBCRYPTO_ALG_RSASSA_PKCS1)) { mAlgorithm = Algorithm::RSA_PKCS1; - Telemetry::Accumulate(Telemetry::WEBCRYPTO_ALG, TA_RSASSA_PKCS1); CHECK_KEY_ALGORITHM(aKey.Algorithm(), WEBCRYPTO_ALG_RSASSA_PKCS1); hashAlgName = aKey.Algorithm().mRsa.mHash.mName; } else if (algName.EqualsLiteral(WEBCRYPTO_ALG_RSA_PSS)) { mAlgorithm = Algorithm::RSA_PSS; - Telemetry::Accumulate(Telemetry::WEBCRYPTO_ALG, TA_RSA_PSS); CHECK_KEY_ALGORITHM(aKey.Algorithm(), WEBCRYPTO_ALG_RSA_PSS); KeyAlgorithm& hashAlg = aKey.Algorithm().mRsa.mHash; @@ -1188,7 +1179,6 @@ public: mSaltLength = params.mSaltLength; } else if (algName.EqualsLiteral(WEBCRYPTO_ALG_ECDSA)) { mAlgorithm = Algorithm::ECDSA; - Telemetry::Accumulate(Telemetry::WEBCRYPTO_ALG, TA_ECDSA); CHECK_KEY_ALGORITHM(aKey.Algorithm(), WEBCRYPTO_ALG_ECDSA); // For ECDSA, the hash name comes from the algorithm parameter @@ -1356,7 +1346,6 @@ public: mEarlyRv = NS_ERROR_DOM_SYNTAX_ERR; return; } - Telemetry::Accumulate(Telemetry::WEBCRYPTO_ALG, telemetryAlg); mOidTag = MapHashAlgorithmNameToOID(algName); } @@ -2656,7 +2645,6 @@ public: void Init(JSContext* aCx, const ObjectOrString& aAlgorithm, CryptoKey& aKey, uint32_t aLength) { - Telemetry::Accumulate(Telemetry::WEBCRYPTO_ALG, TA_HKDF); CHECK_KEY_ALGORITHM(aKey.Algorithm(), WEBCRYPTO_ALG_HKDF); // Check that we have a key. @@ -2806,7 +2794,6 @@ public: void Init(JSContext* aCx, const ObjectOrString& aAlgorithm, CryptoKey& aKey, uint32_t aLength) { - Telemetry::Accumulate(Telemetry::WEBCRYPTO_ALG, TA_PBKDF2); CHECK_KEY_ALGORITHM(aKey.Algorithm(), WEBCRYPTO_ALG_PBKDF2); // Check that we got a symmetric key @@ -2981,7 +2968,6 @@ public: void Init(JSContext* aCx, const ObjectOrString& aAlgorithm, CryptoKey& aKey) { - Telemetry::Accumulate(Telemetry::WEBCRYPTO_ALG, TA_ECDH); CHECK_KEY_ALGORITHM(aKey.Algorithm(), WEBCRYPTO_ALG_ECDH); // Check that we have a private key. @@ -3277,10 +3263,6 @@ WebCryptoTask::CreateEncryptDecryptTask(JSContext* aCx, const CryptoOperationData& aData, bool aEncrypt) { - TelemetryMethod method = (aEncrypt)? TM_ENCRYPT : TM_DECRYPT; - Telemetry::Accumulate(Telemetry::WEBCRYPTO_METHOD, method); - Telemetry::Accumulate(Telemetry::WEBCRYPTO_EXTRACTABLE_ENC, aKey.Extractable()); - // Ensure key is usable for this operation if ((aEncrypt && !aKey.HasUsage(CryptoKey::ENCRYPT)) || (!aEncrypt && !aKey.HasUsage(CryptoKey::DECRYPT))) { @@ -3312,10 +3294,6 @@ WebCryptoTask::CreateSignVerifyTask(JSContext* aCx, const CryptoOperationData& aData, bool aSign) { - TelemetryMethod method = (aSign)? TM_SIGN : TM_VERIFY; - Telemetry::Accumulate(Telemetry::WEBCRYPTO_METHOD, method); - Telemetry::Accumulate(Telemetry::WEBCRYPTO_EXTRACTABLE_SIG, aKey.Extractable()); - // Ensure key is usable for this operation if ((aSign && !aKey.HasUsage(CryptoKey::SIGN)) || (!aSign && !aKey.HasUsage(CryptoKey::VERIFY))) { @@ -3345,8 +3323,6 @@ WebCryptoTask::CreateDigestTask(JSContext* aCx, const ObjectOrString& aAlgorithm, const CryptoOperationData& aData) { - Telemetry::Accumulate(Telemetry::WEBCRYPTO_METHOD, TM_DIGEST); - nsString algName; nsresult rv = GetAlgorithmName(aCx, aAlgorithm, algName); if (NS_FAILED(rv)) { @@ -3372,9 +3348,6 @@ WebCryptoTask::CreateImportKeyTask(nsIGlobalObject* aGlobal, bool aExtractable, const Sequence<nsString>& aKeyUsages) { - Telemetry::Accumulate(Telemetry::WEBCRYPTO_METHOD, TM_IMPORTKEY); - Telemetry::Accumulate(Telemetry::WEBCRYPTO_EXTRACTABLE_IMPORT, aExtractable); - // Verify that the format is recognized if (!aFormat.EqualsLiteral(WEBCRYPTO_KEY_FORMAT_RAW) && !aFormat.EqualsLiteral(WEBCRYPTO_KEY_FORMAT_SPKI) && @@ -3426,8 +3399,6 @@ WebCryptoTask* WebCryptoTask::CreateExportKeyTask(const nsAString& aFormat, CryptoKey& aKey) { - Telemetry::Accumulate(Telemetry::WEBCRYPTO_METHOD, TM_EXPORTKEY); - // Verify that the format is recognized if (!aFormat.EqualsLiteral(WEBCRYPTO_KEY_FORMAT_RAW) && !aFormat.EqualsLiteral(WEBCRYPTO_KEY_FORMAT_SPKI) && @@ -3470,9 +3441,6 @@ WebCryptoTask::CreateGenerateKeyTask(nsIGlobalObject* aGlobal, bool aExtractable, const Sequence<nsString>& aKeyUsages) { - Telemetry::Accumulate(Telemetry::WEBCRYPTO_METHOD, TM_GENERATEKEY); - Telemetry::Accumulate(Telemetry::WEBCRYPTO_EXTRACTABLE_GENERATE, aExtractable); - // Verify that aKeyUsages does not contain an unrecognized value // SPEC-BUG: Spec says that this should be InvalidAccessError, but that // is inconsistent with other analogous points in the spec @@ -3515,8 +3483,6 @@ WebCryptoTask::CreateDeriveKeyTask(nsIGlobalObject* aGlobal, bool aExtractable, const Sequence<nsString>& aKeyUsages) { - Telemetry::Accumulate(Telemetry::WEBCRYPTO_METHOD, TM_DERIVEKEY); - // Ensure baseKey is usable for this operation if (!aBaseKey.HasUsage(CryptoKey::DERIVEKEY)) { return new FailureTask(NS_ERROR_DOM_INVALID_ACCESS_ERR); @@ -3560,8 +3526,6 @@ WebCryptoTask::CreateDeriveBitsTask(JSContext* aCx, CryptoKey& aKey, uint32_t aLength) { - Telemetry::Accumulate(Telemetry::WEBCRYPTO_METHOD, TM_DERIVEBITS); - // Ensure baseKey is usable for this operation if (!aKey.HasUsage(CryptoKey::DERIVEBITS)) { return new FailureTask(NS_ERROR_DOM_INVALID_ACCESS_ERR); @@ -3599,8 +3563,6 @@ WebCryptoTask::CreateWrapKeyTask(JSContext* aCx, CryptoKey& aWrappingKey, const ObjectOrString& aWrapAlgorithm) { - Telemetry::Accumulate(Telemetry::WEBCRYPTO_METHOD, TM_WRAPKEY); - // Verify that the format is recognized if (!aFormat.EqualsLiteral(WEBCRYPTO_KEY_FORMAT_RAW) && !aFormat.EqualsLiteral(WEBCRYPTO_KEY_FORMAT_SPKI) && @@ -3652,8 +3614,6 @@ WebCryptoTask::CreateUnwrapKeyTask(nsIGlobalObject* aGlobal, bool aExtractable, const Sequence<nsString>& aKeyUsages) { - Telemetry::Accumulate(Telemetry::WEBCRYPTO_METHOD, TM_UNWRAPKEY); - // Ensure key is usable for this operation if (!aUnwrappingKey.HasUsage(CryptoKey::UNWRAPKEY)) { return new FailureTask(NS_ERROR_DOM_INVALID_ACCESS_ERR); diff --git a/dom/events/DataTransfer.cpp b/dom/events/DataTransfer.cpp index 2c6ecdd56a..45c72e6629 100644 --- a/dom/events/DataTransfer.cpp +++ b/dom/events/DataTransfer.cpp @@ -161,22 +161,11 @@ DataTransfer::~DataTransfer() // static already_AddRefed<DataTransfer> -DataTransfer::Constructor(const GlobalObject& aGlobal, - const nsAString& aEventType, bool aIsExternal, - ErrorResult& aRv) +DataTransfer::Constructor(const GlobalObject& aGlobal, ErrorResult& aRv) { - nsAutoCString onEventType("on"); - AppendUTF16toUTF8(aEventType, onEventType); - nsCOMPtr<nsIAtom> eventTypeAtom = NS_Atomize(onEventType); - if (!eventTypeAtom) { - aRv.Throw(NS_ERROR_OUT_OF_MEMORY); - return nullptr; - } - - EventMessage eventMessage = nsContentUtils::GetEventMessage(eventTypeAtom); RefPtr<DataTransfer> transfer = new DataTransfer(aGlobal.GetAsSupports(), - eventMessage, aIsExternal, - -1); + eCopy, /* is external */ false, /* clipboard type */ -1); + transfer->mEffectAllowed = nsIDragService::DRAGDROP_ACTION_NONE; return transfer.forget(); } diff --git a/dom/events/DataTransfer.h b/dom/events/DataTransfer.h index 7c6b0b8c1e..344593ed0a 100644 --- a/dom/events/DataTransfer.h +++ b/dom/events/DataTransfer.h @@ -115,8 +115,7 @@ public: } static already_AddRefed<DataTransfer> - Constructor(const GlobalObject& aGlobal, const nsAString& aEventType, - bool aIsExternal, ErrorResult& aRv); + Constructor(const GlobalObject& aGlobal, ErrorResult& aRv); void GetDropEffect(nsString& aDropEffect) { diff --git a/dom/events/EventDispatcher.cpp b/dom/events/EventDispatcher.cpp index 65f01844b9..1d4dfd7d9f 100644 --- a/dom/events/EventDispatcher.cpp +++ b/dom/events/EventDispatcher.cpp @@ -858,63 +858,46 @@ EventDispatcher::CreateEvent(EventTarget* aOwner, // And if we didn't get an event, check the type argument. -#define LOG_EVENT_CREATION(name) mozilla::Telemetry::Accumulate( \ - mozilla::Telemetry::CREATE_EVENT_##name, true); - if (aEventType.LowerCaseEqualsLiteral("mouseevent")) { - LOG_EVENT_CREATION(MOUSEEVENT); return NS_NewDOMMouseEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("mouseevents")) { - LOG_EVENT_CREATION(MOUSEEVENTS); return NS_NewDOMMouseEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("popupevents")) { - LOG_EVENT_CREATION(POPUPEVENTS); return NS_NewDOMMouseEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("mousescrollevents")) { - LOG_EVENT_CREATION(MOUSESCROLLEVENTS); return NS_NewDOMMouseScrollEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("dragevent")) { - LOG_EVENT_CREATION(DRAGEVENT); return NS_NewDOMDragEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("dragevents")) { - LOG_EVENT_CREATION(DRAGEVENTS); return NS_NewDOMDragEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("keyboardevent")) { - LOG_EVENT_CREATION(KEYBOARDEVENT); return NS_NewDOMKeyboardEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("keyevents")) { - LOG_EVENT_CREATION(KEYEVENTS); return NS_NewDOMKeyboardEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("compositionevent")) { - LOG_EVENT_CREATION(COMPOSITIONEVENT); return NS_NewDOMCompositionEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("textevent")) { - LOG_EVENT_CREATION(TEXTEVENT); return NS_NewDOMCompositionEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("textevents")) { - LOG_EVENT_CREATION(TEXTEVENTS); return NS_NewDOMCompositionEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("mutationevent")) { - LOG_EVENT_CREATION(MUTATIONEVENT); return NS_NewDOMMutationEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("mutationevents")) { - LOG_EVENT_CREATION(MUTATIONEVENTS); return NS_NewDOMMutationEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("deviceorientationevent")) { - LOG_EVENT_CREATION(DEVICEORIENTATIONEVENT); DeviceOrientationEventInit init; RefPtr<Event> event = DeviceOrientationEvent::Constructor(aOwner, EmptyString(), init); @@ -922,97 +905,74 @@ EventDispatcher::CreateEvent(EventTarget* aOwner, return event.forget(); } if (aEventType.LowerCaseEqualsLiteral("devicemotionevent")) { - LOG_EVENT_CREATION(DEVICEMOTIONEVENT); return NS_NewDOMDeviceMotionEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("uievent")) { - LOG_EVENT_CREATION(UIEVENT); return NS_NewDOMUIEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("uievents")) { - LOG_EVENT_CREATION(UIEVENTS); return NS_NewDOMUIEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("event")) { - LOG_EVENT_CREATION(EVENT); return NS_NewDOMEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("events")) { - LOG_EVENT_CREATION(EVENTS); return NS_NewDOMEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("htmlevents")) { - LOG_EVENT_CREATION(HTMLEVENTS); return NS_NewDOMEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("svgevent")) { - LOG_EVENT_CREATION(SVGEVENT); return NS_NewDOMEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("svgevents")) { - LOG_EVENT_CREATION(SVGEVENTS); return NS_NewDOMEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("svgzoomevent")) { - LOG_EVENT_CREATION(SVGZOOMEVENT); return NS_NewDOMSVGZoomEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("svgzoomevents")) { - LOG_EVENT_CREATION(SVGZOOMEVENTS); return NS_NewDOMSVGZoomEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("timeevent")) { - LOG_EVENT_CREATION(TIMEEVENT); return NS_NewDOMTimeEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("timeevents")) { - LOG_EVENT_CREATION(TIMEEVENTS); return NS_NewDOMTimeEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("xulcommandevent")) { - LOG_EVENT_CREATION(XULCOMMANDEVENT); return NS_NewDOMXULCommandEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("xulcommandevents")) { - LOG_EVENT_CREATION(XULCOMMANDEVENTS); return NS_NewDOMXULCommandEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("commandevent")) { - LOG_EVENT_CREATION(COMMANDEVENT); return NS_NewDOMCommandEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("commandevents")) { - LOG_EVENT_CREATION(COMMANDEVENTS); return NS_NewDOMCommandEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("datacontainerevent")) { - LOG_EVENT_CREATION(DATACONTAINEREVENT); return NS_NewDOMDataContainerEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("datacontainerevents")) { - LOG_EVENT_CREATION(DATACONTAINEREVENTS); return NS_NewDOMDataContainerEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("messageevent")) { - LOG_EVENT_CREATION(MESSAGEEVENT); RefPtr<Event> event = new MessageEvent(aOwner, aPresContext, nullptr); return event.forget(); } if (aEventType.LowerCaseEqualsLiteral("notifypaintevent")) { - LOG_EVENT_CREATION(NOTIFYPAINTEVENT); return NS_NewDOMNotifyPaintEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("simplegestureevent")) { - LOG_EVENT_CREATION(SIMPLEGESTUREEVENT); return NS_NewDOMSimpleGestureEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("beforeunloadevent")) { - LOG_EVENT_CREATION(BEFOREUNLOADEVENT); return NS_NewDOMBeforeUnloadEvent(aOwner, aPresContext, nullptr); } // XXXkhuey this is broken if (aEventType.LowerCaseEqualsLiteral("pagetransition")) { - LOG_EVENT_CREATION(PAGETRANSITION); PageTransitionEventInit init; RefPtr<Event> event = PageTransitionEvent::Constructor(aOwner, EmptyString(), init); @@ -1020,14 +980,12 @@ EventDispatcher::CreateEvent(EventTarget* aOwner, return event.forget(); } if (aEventType.LowerCaseEqualsLiteral("scrollareaevent")) { - LOG_EVENT_CREATION(SCROLLAREAEVENT); return NS_NewDOMScrollAreaEvent(aOwner, aPresContext, nullptr); } // XXXkhuey Chrome supports popstateevent here, even though it provides no // initPopStateEvent method. This is nuts ... but copying it is unlikely to // break the web. if (aEventType.LowerCaseEqualsLiteral("popstateevent")) { - LOG_EVENT_CREATION(POPSTATEEVENT); AutoJSContext cx; RootedDictionary<PopStateEventInit> init(cx); RefPtr<Event> event = @@ -1037,11 +995,9 @@ EventDispatcher::CreateEvent(EventTarget* aOwner, } if (aEventType.LowerCaseEqualsLiteral("touchevent") && TouchEvent::PrefEnabled(nsContentUtils::GetDocShellForEventTarget(aOwner))) { - LOG_EVENT_CREATION(TOUCHEVENT); return NS_NewDOMTouchEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("hashchangeevent")) { - LOG_EVENT_CREATION(HASHCHANGEEVENT); HashChangeEventInit init; RefPtr<Event> event = HashChangeEvent::Constructor(aOwner, EmptyString(), init); @@ -1049,11 +1005,9 @@ EventDispatcher::CreateEvent(EventTarget* aOwner, return event.forget(); } if (aEventType.LowerCaseEqualsLiteral("customevent")) { - LOG_EVENT_CREATION(CUSTOMEVENT); return NS_NewDOMCustomEvent(aOwner, aPresContext, nullptr); } if (aEventType.LowerCaseEqualsLiteral("storageevent")) { - LOG_EVENT_CREATION(STORAGEEVENT); return NS_NewDOMStorageEvent(aOwner); } if (aEventType.LowerCaseEqualsLiteral("focusevent")) { @@ -1062,8 +1016,6 @@ EventDispatcher::CreateEvent(EventTarget* aOwner, return event.forget(); } -#undef LOG_EVENT_CREATION - // NEW EVENT TYPES SHOULD NOT BE ADDED HERE; THEY SHOULD USE ONLY EVENT // CONSTRUCTORS diff --git a/dom/events/EventStateManager.cpp b/dom/events/EventStateManager.cpp index 7bbfe21b79..e16d68c81a 100644 --- a/dom/events/EventStateManager.cpp +++ b/dom/events/EventStateManager.cpp @@ -3240,6 +3240,12 @@ EventStateManager::PostHandleEvent(nsPresContext* aPresContext, action = WheelPrefs::GetInstance()->ComputeActionFor(wheelEvent); } switch (action) { + case WheelPrefs::ACTION_HSCROLL: { + // Swap axes and fall through + double deltaX = wheelEvent->mDeltaX; + wheelEvent->mDeltaX = wheelEvent->mDeltaY; + wheelEvent->mDeltaY = deltaX; + } case WheelPrefs::ACTION_SCROLL: { // For scrolling of default action, we should honor the mouse wheel // transaction. diff --git a/dom/events/EventStateManager.h b/dom/events/EventStateManager.h index d0461e7fae..95ce9a907f 100644 --- a/dom/events/EventStateManager.h +++ b/dom/events/EventStateManager.h @@ -513,7 +513,8 @@ protected: ACTION_SCROLL, ACTION_HISTORY, ACTION_ZOOM, - ACTION_LAST = ACTION_ZOOM, + ACTION_HSCROLL, + ACTION_LAST = ACTION_HSCROLL, // Following actions are used only by internal processing. So, cannot // specified by prefs. ACTION_SEND_TO_PLUGIN diff --git a/dom/fetch/Fetch.cpp b/dom/fetch/Fetch.cpp index 5c05f36024..e2c1394263 100644 --- a/dom/fetch/Fetch.cpp +++ b/dom/fetch/Fetch.cpp @@ -38,7 +38,6 @@ #include "mozilla/dom/ScriptSettings.h" #include "mozilla/dom/URLSearchParams.h" #include "mozilla/dom/workers/ServiceWorkerManager.h" -#include "mozilla/Telemetry.h" #include "InternalRequest.h" #include "InternalResponse.h" @@ -237,8 +236,6 @@ FetchRequest(nsIGlobalObject* aGlobal, const RequestOrUSVString& aInput, } } - Telemetry::Accumulate(Telemetry::FETCH_IS_MAINTHREAD, 1); - RefPtr<MainThreadFetchResolver> resolver = new MainThreadFetchResolver(p); RefPtr<FetchDriver> fetch = new FetchDriver(r, principal, loadGroup); fetch->SetDocument(doc); @@ -251,8 +248,6 @@ FetchRequest(nsIGlobalObject* aGlobal, const RequestOrUSVString& aInput, WorkerPrivate* worker = GetCurrentThreadWorkerPrivate(); MOZ_ASSERT(worker); - Telemetry::Accumulate(Telemetry::FETCH_IS_MAINTHREAD, 0); - if (worker->IsServiceWorker()) { r->SetSkipServiceWorker(); } diff --git a/dom/fetch/FetchDriver.cpp b/dom/fetch/FetchDriver.cpp index aac79b8290..1791399b7f 100644 --- a/dom/fetch/FetchDriver.cpp +++ b/dom/fetch/FetchDriver.cpp @@ -77,9 +77,6 @@ FetchDriver::Fetch(FetchDriverObserver* aObserver) mObserver = aObserver; - Telemetry::Accumulate(Telemetry::SERVICE_WORKER_REQUEST_PASSTHROUGH, - mRequest->WasCreatedByFetchEvent()); - // FIXME(nsm): Deal with HSTS. MOZ_RELEASE_ASSERT(!mRequest->IsSynchronous(), diff --git a/dom/geolocation/nsGeolocation.cpp b/dom/geolocation/nsGeolocation.cpp index 2d84a3e11e..201d4d89a0 100644 --- a/dom/geolocation/nsGeolocation.cpp +++ b/dom/geolocation/nsGeolocation.cpp @@ -382,13 +382,6 @@ nsGeolocationRequest::GetElement(nsIDOMElement * *aRequestingElement) NS_IMETHODIMP nsGeolocationRequest::Cancel() { - if (mRequester) { - // Record the number of denied requests for regular web content. - // This method is only called when the user explicitly denies the request, - // and is not called when the page is simply unloaded, or similar. - Telemetry::Accumulate(Telemetry::GEOLOCATION_REQUEST_GRANTED, mProtocolType); - } - if (mLocator->ClearPendingRequest(this)) { return NS_OK; } @@ -403,9 +396,6 @@ nsGeolocationRequest::Allow(JS::HandleValue aChoices) MOZ_ASSERT(aChoices.isUndefined()); if (mRequester) { - // Record the number of granted requests for regular web content. - Telemetry::Accumulate(Telemetry::GEOLOCATION_REQUEST_GRANTED, mProtocolType + 10); - // Record whether a location callback is fulfilled while the owner window // is not visible. bool isVisible = false; @@ -415,12 +405,6 @@ nsGeolocationRequest::Allow(JS::HandleValue aChoices) nsCOMPtr<nsIDocument> doc = window->GetDoc(); isVisible = doc && !doc->Hidden(); } - - if (IsWatch()) { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::GEOLOCATION_WATCHPOSITION_VISIBLE, isVisible); - } else { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::GEOLOCATION_GETCURRENTPOSITION_VISIBLE, isVisible); - } } if (mLocator->ClearPendingRequest(this)) { @@ -1110,7 +1094,6 @@ Geolocation::Update(nsIDOMGeoPosition *aSomewhere) if (coords) { double accuracy = -1; coords->GetAccuracy(&accuracy); - mozilla::Telemetry::Accumulate(mozilla::Telemetry::GEOLOCATION_ACCURACY_EXPONENTIAL, accuracy); } } @@ -1135,8 +1118,6 @@ Geolocation::NotifyError(uint16_t aErrorCode) return NS_OK; } - mozilla::Telemetry::Accumulate(mozilla::Telemetry::GEOLOCATION_ERROR, true); - for (uint32_t i = mPendingCallbacks.Length(); i > 0; i--) { mPendingCallbacks[i-1]->NotifyErrorAndShutdown(aErrorCode); //NotifyErrorAndShutdown() removes the request from the array @@ -1214,10 +1195,6 @@ Geolocation::GetCurrentPosition(GeoPositionCallback callback, // After this we hand over ownership of options to our nsGeolocationRequest. - // Count the number of requests per protocol/scheme. - Telemetry::Accumulate(Telemetry::GEOLOCATION_GETCURRENTPOSITION_SECURE_ORIGIN, - static_cast<uint8_t>(mProtocolType)); - RefPtr<nsGeolocationRequest> request = new nsGeolocationRequest(this, Move(callback), Move(errorCallback), Move(options), static_cast<uint8_t>(mProtocolType), @@ -1292,10 +1269,6 @@ Geolocation::WatchPosition(GeoPositionCallback aCallback, return NS_ERROR_NOT_AVAILABLE; } - // Count the number of requests per protocol/scheme. - Telemetry::Accumulate(Telemetry::GEOLOCATION_WATCHPOSITION_SECURE_ORIGIN, - static_cast<uint8_t>(mProtocolType)); - // The watch ID: *aRv = mLastWatchId++; diff --git a/dom/html/HTMLFormElement.cpp b/dom/html/HTMLFormElement.cpp index 5164391f8d..0393ed3e00 100644 --- a/dom/html/HTMLFormElement.cpp +++ b/dom/html/HTMLFormElement.cpp @@ -38,7 +38,6 @@ // form submission #include "HTMLFormSubmissionConstants.h" #include "mozilla/dom/FormData.h" -#include "mozilla/Telemetry.h" #include "nsIFormSubmitObserver.h" #include "nsIObserverService.h" #include "nsICategoryManager.h" @@ -957,13 +956,6 @@ HTMLFormElement::DoSecureToInsecureSubmitCheck(nsIURI* aActionURL, *aCancelSubmit = (buttonPressed == 1); uint32_t telemetryBucket = nsISecurityUITelemetry::WARNING_CONFIRM_POST_TO_INSECURE_FROM_SECURE; - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SECURITY_UI, - telemetryBucket); - if (!*aCancelSubmit) { - // The user opted to continue, so note that in the next telemetry bucket. - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SECURITY_UI, - telemetryBucket + 1); - } return NS_OK; } diff --git a/dom/html/HTMLInputElement.cpp b/dom/html/HTMLInputElement.cpp index e9086933b7..0b879bb9b4 100644 --- a/dom/html/HTMLInputElement.cpp +++ b/dom/html/HTMLInputElement.cpp @@ -24,7 +24,6 @@ #include "nsIPhonetic.h" #include "HTMLFormSubmissionConstants.h" -#include "mozilla/Telemetry.h" #include "nsIControllers.h" #include "nsIStringBundle.h" #include "nsFocusManager.h" @@ -1275,10 +1274,6 @@ HTMLInputElement::BeforeSetAttr(int32_t aNameSpaceID, nsIAtom* aName, container->RadioRequiredWillChange(name, !!aValue); } } - - if (aName == nsGkAtoms::webkitdirectory) { - Telemetry::Accumulate(Telemetry::WEBKIT_DIRECTORY_USED, true); - } } return nsGenericHTMLFormElementWithState::BeforeSetAttr(aNameSpaceID, aName, @@ -4989,10 +4984,6 @@ HTMLInputElement::BindToTree(nsIDocument* aDocument, nsIContent* aParent, true); dispatcher->PostDOMEvent(); } - -#ifdef EARLY_BETA_OR_EARLIER - Telemetry::Accumulate(Telemetry::PWMGR_PASSWORD_INPUT_IN_FORM, !!mForm); -#endif } return rv; @@ -8863,7 +8854,6 @@ HTMLInputElement::UpdateEntries(const nsTArray<OwningFileOrDirectory>& aFilesOrD void HTMLInputElement::GetWebkitEntries(nsTArray<RefPtr<FileSystemEntry>>& aSequence) { - Telemetry::Accumulate(Telemetry::BLINK_FILESYSTEM_USED, true); aSequence.AppendElements(mEntries); } diff --git a/dom/html/HTMLMediaElement.cpp b/dom/html/HTMLMediaElement.cpp index 3954e62088..6171e17663 100644 --- a/dom/html/HTMLMediaElement.cpp +++ b/dom/html/HTMLMediaElement.cpp @@ -92,7 +92,6 @@ #include "mozilla/dom/VideoTrackList.h" #include "mozilla/dom/TextTrack.h" #include "nsIContentPolicy.h" -#include "mozilla/Telemetry.h" #include "DecoderDoctorDiagnostics.h" #include "DecoderTraits.h" #include "MediaContentType.h" @@ -1902,7 +1901,6 @@ void HTMLMediaElement::FastSeek(double aTime, ErrorResult& aRv) { LOG(LogLevel::Debug, ("Reporting telemetry VIDEO_FASTSEEK_USED")); - Telemetry::Accumulate(Telemetry::VIDEO_FASTSEEK_USED, 1); RefPtr<Promise> tobeDropped = Seek(aTime, SeekTarget::PrevSyncPoint, aRv); } @@ -3693,7 +3691,6 @@ HTMLMediaElement::ReportEMETelemetry() // Report telemetry for EME videos when a page is unloaded. NS_ASSERTION(NS_IsMainThread(), "Should be on main thread."); if (mIsEncrypted && Preferences::GetBool("media.eme.enabled")) { - Telemetry::Accumulate(Telemetry::VIDEO_EME_PLAY_SUCCESS, mLoadedDataFired); LOG(LogLevel::Debug, ("%p VIDEO_EME_PLAY_SUCCESS = %s", this, mLoadedDataFired ? "true" : "false")); } @@ -3745,7 +3742,6 @@ HTMLMediaElement::ReportTelemetry() } } - Telemetry::Accumulate(Telemetry::VIDEO_UNLOAD_STATE, state); LOG(LogLevel::Debug, ("%p VIDEO_UNLOAD_STATE = %d", this, state)); FrameStatisticsData data; @@ -3761,8 +3757,6 @@ HTMLMediaElement::ReportTelemetry() uint32_t percentage = 100 * data.mDroppedFrames / data.mParsedFrames; LOG(LogLevel::Debug, ("Reporting telemetry DROPPED_FRAMES_IN_VIDEO_PLAYBACK")); - Telemetry::Accumulate(Telemetry::VIDEO_DROPPED_FRAMES_PROPORTION, - percentage); } } } @@ -3774,10 +3768,8 @@ HTMLMediaElement::ReportTelemetry() double hiddenPlayTime = mHiddenPlayTime.Total(); double videoDecodeSuspendTime = mVideoDecodeSuspendTime.Total(); - Telemetry::Accumulate(Telemetry::VIDEO_PLAY_TIME_MS, SECONDS_TO_MS(playTime)); LOG(LogLevel::Debug, ("%p VIDEO_PLAY_TIME_MS = %f", this, playTime)); - Telemetry::Accumulate(Telemetry::VIDEO_HIDDEN_PLAY_TIME_MS, SECONDS_TO_MS(hiddenPlayTime)); LOG(LogLevel::Debug, ("%p VIDEO_HIDDEN_PLAY_TIME_MS = %f", this, hiddenPlayTime)); if (playTime > 0.0) { @@ -3804,24 +3796,11 @@ HTMLMediaElement::ReportTelemetry() key.AppendASCII(resolution); uint32_t hiddenPercentage = uint32_t(hiddenPlayTime / playTime * 100.0 + 0.5); - Telemetry::Accumulate(Telemetry::VIDEO_HIDDEN_PLAY_TIME_PERCENTAGE, - key, - hiddenPercentage); - // Also accumulate all percentages in an "All" key. - Telemetry::Accumulate(Telemetry::VIDEO_HIDDEN_PLAY_TIME_PERCENTAGE, - NS_LITERAL_CSTRING("All"), - hiddenPercentage); LOG(LogLevel::Debug, ("%p VIDEO_HIDDEN_PLAY_TIME_PERCENTAGE = %u, keys: '%s' and 'All'", this, hiddenPercentage, key.get())); uint32_t videoDecodeSuspendPercentage = uint32_t(videoDecodeSuspendTime / playTime * 100.0 + 0.5); - Telemetry::Accumulate(Telemetry::VIDEO_INFERRED_DECODE_SUSPEND_PERCENTAGE, - key, - videoDecodeSuspendPercentage); - Telemetry::Accumulate(Telemetry::VIDEO_INFERRED_DECODE_SUSPEND_PERCENTAGE, - NS_LITERAL_CSTRING("All"), - videoDecodeSuspendPercentage); LOG(LogLevel::Debug, ("%p VIDEO_INFERRED_DECODE_SUSPEND_PERCENTAGE = %u, keys: '%s' and 'All'", this, videoDecodeSuspendPercentage, key.get())); @@ -3832,24 +3811,12 @@ HTMLMediaElement::ReportTelemetry() / 1000.0 + 0.5, UINT32_MAX)); - Telemetry::Accumulate(Telemetry::VIDEO_INTER_KEYFRAME_AVERAGE_MS, - key, - average_ms); - Telemetry::Accumulate(Telemetry::VIDEO_INTER_KEYFRAME_AVERAGE_MS, - NS_LITERAL_CSTRING("All"), - average_ms); LOG(LogLevel::Debug, ("%p VIDEO_INTER_KEYFRAME_AVERAGE_MS = %u, keys: '%s' and 'All'", this, average_ms, key.get())); uint32_t max_ms = uint32_t(std::min<uint64_t>((data.mInterKeyFrameMax_us + 500) / 1000, UINT32_MAX)); - Telemetry::Accumulate(Telemetry::VIDEO_INTER_KEYFRAME_MAX_MS, - key, - max_ms); - Telemetry::Accumulate(Telemetry::VIDEO_INTER_KEYFRAME_MAX_MS, - NS_LITERAL_CSTRING("All"), - max_ms); LOG(LogLevel::Debug, ("%p VIDEO_INTER_KEYFRAME_MAX_MS = %u, keys: '%s' and 'All'", this, max_ms, key.get())); } else { @@ -3858,12 +3825,6 @@ HTMLMediaElement::ReportTelemetry() // decode-suspend delay (showing recovery would be difficult). uint32_t suspendDelay_ms = MediaPrefs::MDSMSuspendBackgroundVideoDelay(); if (uint32_t(playTime * 1000.0) > suspendDelay_ms) { - Telemetry::Accumulate(Telemetry::VIDEO_INTER_KEYFRAME_MAX_MS, - key, - 0); - Telemetry::Accumulate(Telemetry::VIDEO_INTER_KEYFRAME_MAX_MS, - NS_LITERAL_CSTRING("All"), - 0); LOG(LogLevel::Debug, ("%p VIDEO_INTER_KEYFRAME_MAX_MS = 0 (only 1 keyframe), keys: '%s' and 'All'", this, key.get())); } @@ -6860,97 +6821,6 @@ HTMLMediaElement::MarkAsContentSource(CallerAPI aAPI) { const bool isVisible = mVisibilityState != Visibility::APPROXIMATELY_NONVISIBLE; - if (isVisible) { - // 0 = ALL_VISIBLE - Telemetry::Accumulate(Telemetry::VIDEO_AS_CONTENT_SOURCE, 0); - } else { - // 1 = ALL_INVISIBLE - Telemetry::Accumulate(Telemetry::VIDEO_AS_CONTENT_SOURCE, 1); - - if (IsInUncomposedDoc()) { - // 0 = ALL_IN_TREE - Telemetry::Accumulate(Telemetry::VIDEO_AS_CONTENT_SOURCE_IN_TREE_OR_NOT, 0); - } else { - // 1 = ALL_NOT_IN_TREE - Telemetry::Accumulate(Telemetry::VIDEO_AS_CONTENT_SOURCE_IN_TREE_OR_NOT, 1); - } - } - - switch (aAPI) { - case CallerAPI::DRAW_IMAGE: { - if (isVisible) { - // 2 = drawImage_VISIBLE - Telemetry::Accumulate(Telemetry::VIDEO_AS_CONTENT_SOURCE, 2); - } else { - // 3 = drawImage_INVISIBLE - Telemetry::Accumulate(Telemetry::VIDEO_AS_CONTENT_SOURCE, 3); - - if (IsInUncomposedDoc()) { - // 2 = drawImage_IN_TREE - Telemetry::Accumulate(Telemetry::VIDEO_AS_CONTENT_SOURCE_IN_TREE_OR_NOT, 2); - } else { - // 3 = drawImage_NOT_IN_TREE - Telemetry::Accumulate(Telemetry::VIDEO_AS_CONTENT_SOURCE_IN_TREE_OR_NOT, 3); - } - } - break; - } - case CallerAPI::CREATE_PATTERN: { - if (isVisible) { - // 4 = createPattern_VISIBLE - Telemetry::Accumulate(Telemetry::VIDEO_AS_CONTENT_SOURCE, 4); - } else { - // 5 = createPattern_INVISIBLE - Telemetry::Accumulate(Telemetry::VIDEO_AS_CONTENT_SOURCE, 5); - - if (IsInUncomposedDoc()) { - // 4 = createPattern_IN_TREE - Telemetry::Accumulate(Telemetry::VIDEO_AS_CONTENT_SOURCE_IN_TREE_OR_NOT, 4); - } else { - // 5 = createPattern_NOT_IN_TREE - Telemetry::Accumulate(Telemetry::VIDEO_AS_CONTENT_SOURCE_IN_TREE_OR_NOT, 5); - } - } - break; - } - case CallerAPI::CREATE_IMAGEBITMAP: { - if (isVisible) { - // 6 = createImageBitmap_VISIBLE - Telemetry::Accumulate(Telemetry::VIDEO_AS_CONTENT_SOURCE, 6); - } else { - // 7 = createImageBitmap_INVISIBLE - Telemetry::Accumulate(Telemetry::VIDEO_AS_CONTENT_SOURCE, 7); - - if (IsInUncomposedDoc()) { - // 6 = createImageBitmap_IN_TREE - Telemetry::Accumulate(Telemetry::VIDEO_AS_CONTENT_SOURCE_IN_TREE_OR_NOT, 6); - } else { - // 7 = createImageBitmap_NOT_IN_TREE - Telemetry::Accumulate(Telemetry::VIDEO_AS_CONTENT_SOURCE_IN_TREE_OR_NOT, 7); - } - } - break; - } - case CallerAPI::CAPTURE_STREAM: { - if (isVisible) { - // 8 = captureStream_VISIBLE - Telemetry::Accumulate(Telemetry::VIDEO_AS_CONTENT_SOURCE, 8); - } else { - // 9 = captureStream_INVISIBLE - Telemetry::Accumulate(Telemetry::VIDEO_AS_CONTENT_SOURCE, 9); - - if (IsInUncomposedDoc()) { - // 8 = captureStream_IN_TREE - Telemetry::Accumulate(Telemetry::VIDEO_AS_CONTENT_SOURCE_IN_TREE_OR_NOT, 8); - } else { - // 9 = captureStream_NOT_IN_TREE - Telemetry::Accumulate(Telemetry::VIDEO_AS_CONTENT_SOURCE_IN_TREE_OR_NOT, 9); - } - } - break; - } - } - LOG(LogLevel::Debug, ("%p Log VIDEO_AS_CONTENT_SOURCE: visibility = %u, API: '%d' and 'All'", this, isVisible, aAPI)); diff --git a/dom/html/ImageDocument.cpp b/dom/html/ImageDocument.cpp index 200bb5d46d..f83a804bef 100644 --- a/dom/html/ImageDocument.cpp +++ b/dom/html/ImageDocument.cpp @@ -40,12 +40,14 @@ #include "nsThreadUtils.h" #include "nsIScrollableFrame.h" #include "nsContentUtils.h" +#include "nsCSSParser.h" // for CSS colors on the background #include "mozilla/dom/Element.h" #include "mozilla/Preferences.h" #include <algorithm> #define AUTOMATIC_IMAGE_RESIZING_PREF "browser.enable_automatic_image_resizing" #define CLICK_IMAGE_RESIZING_PREF "browser.enable_click_image_resizing" +#define STANDALONE_IMAGE_BACKGROUND_COLOR_PREF "browser.display.standalone_images.background_color" //XXX A hack needed for Firefox's site specific zoom. #define SITE_SPECIFIC_ZOOM "browser.zoom.siteSpecific" @@ -170,6 +172,8 @@ ImageDocument::Init() mClickResizingEnabled = Preferences::GetBool(CLICK_IMAGE_RESIZING_PREF); mShouldResize = mResizeImageByDefault; mFirstResize = true; + + mBackgroundColor = Preferences::GetString(STANDALONE_IMAGE_BACKGROUND_COLOR_PREF); return NS_OK; } @@ -682,9 +686,22 @@ ImageDocument::CreateSyntheticDocument() mImageContent->SetAttr(kNameSpaceID_None, nsGkAtoms::src, srcString, false); mImageContent->SetAttr(kNameSpaceID_None, nsGkAtoms::alt, srcString, false); + // Implement mechanism for custom background color from pref. + if (!mBackgroundColor.IsEmpty()) { + nsCSSValue color; + nsCSSParser parser; + if (parser.ParseColorString(mBackgroundColor, nullptr, 0, color)) { + nsAutoString styleAttr(NS_LITERAL_STRING("background-color: ")); + styleAttr.Append(mBackgroundColor); + body->SetAttr(kNameSpaceID_None, nsGkAtoms::style, styleAttr, false); + } + } + body->AppendChildTo(mImageContent, false); imageLoader->SetLoadingEnabled(true); + UpdateTitleAndCharset(); + return NS_OK; } diff --git a/dom/html/ImageDocument.h b/dom/html/ImageDocument.h index fdf2a00a85..9453173140 100644 --- a/dom/html/ImageDocument.h +++ b/dom/html/ImageDocument.h @@ -112,6 +112,9 @@ protected: float mVisibleHeight; int32_t mImageWidth; int32_t mImageHeight; + + // Holds the custom background color for stand-alone images + nsAutoString mBackgroundColor; bool mResizeImageByDefault; bool mClickResizingEnabled; diff --git a/dom/html/TextTrackManager.cpp b/dom/html/TextTrackManager.cpp index 8110dab293..4266575f70 100644 --- a/dom/html/TextTrackManager.cpp +++ b/dom/html/TextTrackManager.cpp @@ -12,7 +12,6 @@ #include "mozilla/dom/TextTrackCue.h" #include "mozilla/dom/Event.h" #include "mozilla/ClearOnShutdown.h" -#include "mozilla/Telemetry.h" #include "nsComponentManagerUtils.h" #include "nsVariant.h" #include "nsVideoFrame.h" @@ -824,24 +823,13 @@ TextTrackManager::NotifyReset() void TextTrackManager::ReportTelemetryForTrack(TextTrack* aTextTrack) const { - MOZ_ASSERT(NS_IsMainThread()); - MOZ_ASSERT(aTextTrack); - MOZ_ASSERT(mTextTracks->Length() > 0); - - TextTrackKind kind = aTextTrack->Kind(); - Telemetry::Accumulate(Telemetry::WEBVTT_TRACK_KINDS, uint32_t(kind)); +/* STUB */ } void TextTrackManager::ReportTelemetryForCue() { - MOZ_ASSERT(NS_IsMainThread()); - MOZ_ASSERT(!mNewCues->IsEmpty() || !mLastActiveCues->IsEmpty()); - - if (!mCueTelemetryReported) { - Telemetry::Accumulate(Telemetry::WEBVTT_USED_VTT_CUES, 1); - mCueTelemetryReported = true; - } +/* STUB */ } } // namespace dom diff --git a/dom/html/nsHTMLDocument.cpp b/dom/html/nsHTMLDocument.cpp index 69e7102423..d64c277271 100644 --- a/dom/html/nsHTMLDocument.cpp +++ b/dom/html/nsHTMLDocument.cpp @@ -886,7 +886,7 @@ nsHTMLDocument::GetDomain(nsAString& aDomain) nsCOMPtr<nsIURI> uri = GetDomainURI(); if (!uri) { - SetDOMStringToNull(aDomain); + aDomain.Truncate(); return NS_OK; } @@ -896,8 +896,8 @@ nsHTMLDocument::GetDomain(nsAString& aDomain) CopyUTF8toUTF16(hostName, aDomain); } else { // If we can't get the host from the URI (e.g. about:, javascript:, - // etc), just return an null string. - SetDOMStringToNull(aDomain); + // etc), just return an empty string. + aDomain.Truncate(); } return NS_OK; } diff --git a/dom/html/nsTextEditorState.cpp b/dom/html/nsTextEditorState.cpp index 187afb66df..0b4cb19206 100644 --- a/dom/html/nsTextEditorState.cpp +++ b/dom/html/nsTextEditorState.cpp @@ -47,7 +47,6 @@ #include "mozilla/dom/HTMLInputElement.h" #include "nsNumberControlFrame.h" #include "nsFrameSelection.h" -#include "mozilla/Telemetry.h" #include "mozilla/layers/ScrollInputMethods.h" using namespace mozilla; @@ -585,9 +584,6 @@ nsTextInputSelectionImpl::CompleteScroll(bool aForward) if (!mScrollFrame) return NS_ERROR_NOT_INITIALIZED; - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SCROLL_INPUT_METHODS, - (uint32_t) ScrollInputMethod::MainThreadCompleteScroll); - mScrollFrame->ScrollBy(nsIntPoint(0, aForward ? 1 : -1), nsIScrollableFrame::WHOLE, nsIScrollableFrame::INSTANT); @@ -640,9 +636,6 @@ nsTextInputSelectionImpl::ScrollPage(bool aForward) if (!mScrollFrame) return NS_ERROR_NOT_INITIALIZED; - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SCROLL_INPUT_METHODS, - (uint32_t) ScrollInputMethod::MainThreadScrollPage); - mScrollFrame->ScrollBy(nsIntPoint(0, aForward ? 1 : -1), nsIScrollableFrame::PAGES, nsIScrollableFrame::SMOOTH); @@ -655,9 +648,6 @@ nsTextInputSelectionImpl::ScrollLine(bool aForward) if (!mScrollFrame) return NS_ERROR_NOT_INITIALIZED; - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SCROLL_INPUT_METHODS, - (uint32_t) ScrollInputMethod::MainThreadScrollLine); - mScrollFrame->ScrollBy(nsIntPoint(0, aForward ? 1 : -1), nsIScrollableFrame::LINES, nsIScrollableFrame::SMOOTH); @@ -670,9 +660,6 @@ nsTextInputSelectionImpl::ScrollCharacter(bool aRight) if (!mScrollFrame) return NS_ERROR_NOT_INITIALIZED; - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SCROLL_INPUT_METHODS, - (uint32_t) ScrollInputMethod::MainThreadScrollCharacter); - mScrollFrame->ScrollBy(nsIntPoint(aRight ? 1 : -1, 0), nsIScrollableFrame::LINES, nsIScrollableFrame::SMOOTH); diff --git a/dom/ipc/ContentParent.cpp b/dom/ipc/ContentParent.cpp index 0a07147bf0..5c6aadb77e 100644 --- a/dom/ipc/ContentParent.cpp +++ b/dom/ipc/ContentParent.cpp @@ -1718,9 +1718,6 @@ ContentParent::ActorDestroy(ActorDestroyReason why) props->SetPropertyAsUint64(NS_LITERAL_STRING("childID"), mChildID); if (AbnormalShutdown == why) { - Telemetry::Accumulate(Telemetry::SUBPROCESS_ABNORMAL_ABORT, - NS_LITERAL_CSTRING("content"), 1); - props->SetPropertyAsBool(NS_LITERAL_STRING("abnormal"), true); } nsAutoString cpId; @@ -4778,7 +4775,7 @@ bool ContentParent::RecvAccumulateChildHistogram( InfallibleTArray<Accumulation>&& aAccumulations) { - Telemetry::AccumulateChild(GeckoProcessType_Content, aAccumulations); + /* STUB */ return true; } @@ -4786,6 +4783,6 @@ bool ContentParent::RecvAccumulateChildKeyedHistogram( InfallibleTArray<KeyedAccumulation>&& aAccumulations) { - Telemetry::AccumulateChildKeyed(GeckoProcessType_Content, aAccumulations); + /* STUB */ return true; } diff --git a/dom/ipc/TabChild.cpp b/dom/ipc/TabChild.cpp index 705799c549..244fa99699 100644 --- a/dom/ipc/TabChild.cpp +++ b/dom/ipc/TabChild.cpp @@ -2395,7 +2395,6 @@ TabChild::RecvSetDocShellIsActive(const bool& aIsActive, root->SchedulePaint(); } - Telemetry::AutoTimer<Telemetry::TABCHILD_PAINT_TIME> timer; // If we need to repaint, let's do that right away. No sense waiting until // we get back to the event loop again. We suppress the display port so that // we only paint what's visible. This ensures that the tab we're switching diff --git a/dom/locales/en-US/chrome/dom/dom.properties b/dom/locales/en-US/chrome/dom/dom.properties index ec0356c046..0472979d7b 100644 --- a/dom/locales/en-US/chrome/dom/dom.properties +++ b/dom/locales/en-US/chrome/dom/dom.properties @@ -195,8 +195,6 @@ IgnoringWillChangeOverBudgetWarning=Will-change memory consumption is too high. HittingMaxWorkersPerDomain2=A Worker could not be started immediately because other documents in the same origin are already using the maximum number of workers. The Worker is now queued and will be started after some of the other workers have completed. # LOCALIZATION NOTE: Do not translate "setVelocity", "PannerNode", "AudioListener", "speedOfSound" and "dopplerFactor" PannerNodeDopplerWarning=Use of setVelocity on the PannerNode and AudioListener, and speedOfSound and dopplerFactor on the AudioListener are deprecated and those members will be removed. For more help https://developer.mozilla.org/en-US/docs/Web/API/AudioListener#Deprecated_features -# LOCALIZATION NOTE: Do not translate "Application Cache API", "AppCache" and "ServiceWorker". -AppCacheWarning=The Application Cache API (AppCache) is deprecated and will be removed at a future date. Please consider using ServiceWorker for offline support. # LOCALIZATION NOTE: Do not translate "Worker". EmptyWorkerSourceWarning=Attempting to create a Worker from an empty source. This is probably unintentional. WebrtcDeprecatedPrefixWarning=WebRTC interfaces with the “moz†prefix (mozRTCPeerConnection, mozRTCSessionDescription, mozRTCIceCandidate) have been deprecated. diff --git a/dom/locales/en-US/chrome/security/security.properties b/dom/locales/en-US/chrome/security/security.properties index c0b80996cc..8efdb0a6d2 100644 --- a/dom/locales/en-US/chrome/security/security.properties +++ b/dom/locales/en-US/chrome/security/security.properties @@ -8,6 +8,7 @@ BlockMixedActiveContent = Blocked loading mixed active content “%1$S†CORSDisabled=Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at %1$S. (Reason: CORS disabled). CORSRequestNotHttp=Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at %1$S. (Reason: CORS request not http). CORSMissingAllowOrigin=Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at %1$S. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). +CORSMultipleAllowOriginNotAllowed=Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at %1$S. (Reason: Multiple CORS headers ‘Access-Control-Allow-Origin’ not allowed). CORSAllowOriginNotMatchingOrigin=Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at %1$S. (Reason: CORS header ‘Access-Control-Allow-Origin’ does not match ‘%2$S’). CORSNotSupportingCredentials=Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at ‘%1$S’. (Reason: Credential is not supported if the CORS header ‘Access-Control-Allow-Origin’ is ‘*’). CORSMethodNotFound=Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at %1$S. (Reason: Did not find method in CORS header ‘Access-Control-Allow-Methods’). diff --git a/dom/media/AudioStream.cpp b/dom/media/AudioStream.cpp index 54cf7b9653..896dee4073 100644 --- a/dom/media/AudioStream.cpp +++ b/dom/media/AudioStream.cpp @@ -14,7 +14,6 @@ #include "mozilla/Mutex.h" #include "mozilla/Sprintf.h" #include <algorithm> -#include "mozilla/Telemetry.h" #include "CubebUtils.h" #include "nsPrintfCString.h" #include "gfxPrefs.h" @@ -378,8 +377,6 @@ AudioStream::OpenCubeb(cubeb* aContext, cubeb_stream_params& aParams, TimeDuration timeDelta = TimeStamp::Now() - aStartTime; LOG("creation time %sfirst: %u ms", aIsFirst ? "" : "not ", (uint32_t) timeDelta.ToMilliseconds()); - Telemetry::Accumulate(aIsFirst ? Telemetry::AUDIOSTREAM_FIRST_OPEN_MS : - Telemetry::AUDIOSTREAM_LATER_OPEN_MS, timeDelta.ToMilliseconds()); return NS_OK; } diff --git a/dom/media/Benchmark.cpp b/dom/media/Benchmark.cpp index fdbedeca5e..7394f8036b 100644 --- a/dom/media/Benchmark.cpp +++ b/dom/media/Benchmark.cpp @@ -11,7 +11,6 @@ #include "PDMFactory.h" #include "WebMDemuxer.h" #include "mozilla/Preferences.h" -#include "mozilla/Telemetry.h" #include "mozilla/dom/ContentChild.h" #ifndef MOZ_WIDGET_ANDROID @@ -68,7 +67,6 @@ VP9Benchmark::IsVP9DecodeFast() Preferences::SetUint(sBenchmarkFpsPref, aDecodeFps); Preferences::SetUint(sBenchmarkFpsVersionCheck, sBenchmarkVersionID); } - Telemetry::Accumulate(Telemetry::ID::VIDEO_VP9_BENCHMARK_FPS, aDecodeFps); }, []() { }); } diff --git a/dom/media/CubebUtils.cpp b/dom/media/CubebUtils.cpp index fe94264eed..93792e63bb 100644 --- a/dom/media/CubebUtils.cpp +++ b/dom/media/CubebUtils.cpp @@ -248,14 +248,9 @@ void ReportCubebBackendUsed() bool foundBackend = false; for (uint32_t i = 0; i < ArrayLength(AUDIOSTREAM_BACKEND_ID_STR); i++) { if (!strcmp(cubeb_get_backend_id(sCubebContext), AUDIOSTREAM_BACKEND_ID_STR[i])) { - Telemetry::Accumulate(Telemetry::AUDIOSTREAM_BACKEND_USED, i); foundBackend = true; } } - if (!foundBackend) { - Telemetry::Accumulate(Telemetry::AUDIOSTREAM_BACKEND_USED, - CUBEB_BACKEND_UNKNOWN); - } } void ReportCubebStreamInitFailure(bool aIsFirst) @@ -267,9 +262,6 @@ void ReportCubebStreamInitFailure(bool aIsFirst) // failures to open multiple streams in a process over time. return; } - Telemetry::Accumulate(Telemetry::AUDIOSTREAM_BACKEND_USED, - aIsFirst ? CUBEB_BACKEND_INIT_FAILURE_FIRST - : CUBEB_BACKEND_INIT_FAILURE_OTHER); } uint32_t GetCubebPlaybackLatencyInMilliseconds() diff --git a/dom/media/DecoderTraits.cpp b/dom/media/DecoderTraits.cpp index ddd35fe0dd..56ebd9ce9d 100644 --- a/dom/media/DecoderTraits.cpp +++ b/dom/media/DecoderTraits.cpp @@ -288,7 +288,7 @@ CanHandleMediaType(const MediaContentType& aType, MOZ_ASSERT(NS_IsMainThread()); if (IsHttpLiveStreamingType(aType.GetMIMEType())) { - Telemetry::Accumulate(Telemetry::MEDIA_HLS_CANPLAY_REQUESTED, true); + /* Telemetry STUB */ } if (aType.HaveCodecs()) { @@ -433,11 +433,6 @@ InstantiateDecoder(const nsACString& aType, } #endif - if (IsHttpLiveStreamingType(aType)) { - // We don't have an HLS decoder. - Telemetry::Accumulate(Telemetry::MEDIA_HLS_DECODER_SUCCESS, false); - } - return nullptr; } diff --git a/dom/media/MediaDecoder.cpp b/dom/media/MediaDecoder.cpp index 9334d1bcb9..d027818dea 100644 --- a/dom/media/MediaDecoder.cpp +++ b/dom/media/MediaDecoder.cpp @@ -877,7 +877,6 @@ MediaDecoder::EnsureTelemetryReported() } for (const nsCString& codec : codecs) { DECODER_LOG("Telemetry MEDIA_CODEC_USED= '%s'", codec.get()); - Telemetry::Accumulate(Telemetry::ID::MEDIA_CODEC_USED, codec); } mTelemetryReported = true; diff --git a/dom/media/MediaDecoderStateMachine.cpp b/dom/media/MediaDecoderStateMachine.cpp index c586139ad9..5bc1d95ef4 100644 --- a/dom/media/MediaDecoderStateMachine.cpp +++ b/dom/media/MediaDecoderStateMachine.cpp @@ -1178,40 +1178,7 @@ ReportRecoveryTelemetry(const TimeStamp& aRecoveryStart, const MediaInfo& aMediaInfo, bool aIsHardwareAccelerated) { - MOZ_ASSERT(NS_IsMainThread()); - if (!aMediaInfo.HasVideo()) { - return; - } - - // Keyed by audio+video or video alone, hardware acceleration, - // and by a resolution range. - nsCString key(aMediaInfo.HasAudio() ? "AV" : "V"); - key.AppendASCII(aIsHardwareAccelerated ? "(hw)," : ","); - static const struct { int32_t mH; const char* mRes; } sResolutions[] = { - { 240, "0-240" }, - { 480, "241-480" }, - { 720, "481-720" }, - { 1080, "721-1080" }, - { 2160, "1081-2160" } - }; - const char* resolution = "2161+"; - int32_t height = aMediaInfo.mVideo.mImage.height; - for (const auto& res : sResolutions) { - if (height <= res.mH) { - resolution = res.mRes; - break; - } - } - key.AppendASCII(resolution); - - TimeDuration duration = TimeStamp::Now() - aRecoveryStart; - double duration_ms = duration.ToMilliseconds(); - Telemetry::Accumulate(Telemetry::VIDEO_SUSPEND_RECOVERY_TIME_MS, - key, - uint32_t(duration_ms + 0.5)); - Telemetry::Accumulate(Telemetry::VIDEO_SUSPEND_RECOVERY_TIME_MS, - NS_LITERAL_CSTRING("All"), - uint32_t(duration_ms + 0.5)); +/* STUB */ } void diff --git a/dom/media/MediaManager.cpp b/dom/media/MediaManager.cpp index ba6b4cd475..baaf454162 100644 --- a/dom/media/MediaManager.cpp +++ b/dom/media/MediaManager.cpp @@ -32,7 +32,6 @@ #include "nsAppDirectoryServiceDefs.h" #include "nsIInputStream.h" #include "nsILineInputStream.h" -#include "mozilla/Telemetry.h" #include "mozilla/Types.h" #include "mozilla/PeerIdentity.h" #include "mozilla/dom/ContentChild.h" @@ -2058,28 +2057,6 @@ MediaManager::GetUserMedia(nsPIDOMWindowInner* aWindow, host.LowerCaseEqualsLiteral("127.0.0.1") || host.LowerCaseEqualsLiteral("::1")); - // Record telemetry about whether the source of the call was secure, i.e., - // privileged or HTTPS. We may handle other cases -if (privileged) { - Telemetry::Accumulate(Telemetry::WEBRTC_GET_USER_MEDIA_SECURE_ORIGIN, - (uint32_t) GetUserMediaSecurityState::Privileged); - } else if (isHTTPS) { - Telemetry::Accumulate(Telemetry::WEBRTC_GET_USER_MEDIA_SECURE_ORIGIN, - (uint32_t) GetUserMediaSecurityState::HTTPS); - } else if (isFile) { - Telemetry::Accumulate(Telemetry::WEBRTC_GET_USER_MEDIA_SECURE_ORIGIN, - (uint32_t) GetUserMediaSecurityState::File); - } else if (isApp) { - Telemetry::Accumulate(Telemetry::WEBRTC_GET_USER_MEDIA_SECURE_ORIGIN, - (uint32_t) GetUserMediaSecurityState::App); - } else if (isLocalhost) { - Telemetry::Accumulate(Telemetry::WEBRTC_GET_USER_MEDIA_SECURE_ORIGIN, - (uint32_t) GetUserMediaSecurityState::Localhost); - } else { - Telemetry::Accumulate(Telemetry::WEBRTC_GET_USER_MEDIA_SECURE_ORIGIN, - (uint32_t) GetUserMediaSecurityState::Other); - } - nsCString origin; rv = nsPrincipal::GetOriginForURI(docURI, origin); if (NS_WARN_IF(NS_FAILED(rv))) { @@ -2098,8 +2075,6 @@ if (privileged) { videoType = StringToEnum(dom::MediaSourceEnumValues::strings, vc.mMediaSource, MediaSourceEnum::Other); - Telemetry::Accumulate(Telemetry::WEBRTC_GET_USER_MEDIA_TYPE, - (uint32_t) videoType); switch (videoType) { case MediaSourceEnum::Camera: break; @@ -2182,8 +2157,6 @@ if (privileged) { ac.mMediaSource.AssignASCII(EnumToASCII(dom::MediaSourceEnumValues::strings, audioType)); } - Telemetry::Accumulate(Telemetry::WEBRTC_GET_USER_MEDIA_TYPE, - (uint32_t) audioType); switch (audioType) { case MediaSourceEnum::Microphone: diff --git a/dom/media/VideoUtils.cpp b/dom/media/VideoUtils.cpp index 5c00e54bcc..b1a202c030 100644 --- a/dom/media/VideoUtils.cpp +++ b/dom/media/VideoUtils.cpp @@ -6,7 +6,6 @@ #include "mozilla/Base64.h" #include "mozilla/TaskQueue.h" -#include "mozilla/Telemetry.h" #include "mozilla/Function.h" #include "MediaContentType.h" @@ -248,24 +247,6 @@ ExtractH264CodecDetails(const nsAString& aCodec, aLevel *= 10; } - // Capture the constraint_set flag value for the purpose of Telemetry. - // We don't NS_ENSURE_SUCCESS here because ExtractH264CodecDetails doesn't - // care about this, but we make sure constraints is above 4 (constraint_set5_flag) - // otherwise collect 0 for unknown. - uint8_t constraints = PromiseFlatString(Substring(aCodec, 7, 2)).ToInteger(&rv, 16); - Telemetry::Accumulate(Telemetry::VIDEO_CANPLAYTYPE_H264_CONSTRAINT_SET_FLAG, - constraints >= 4 ? constraints : 0); - - // 244 is the highest meaningful profile value (High 4:4:4 Intra Profile) - // that can be represented as single hex byte, otherwise collect 0 for unknown. - Telemetry::Accumulate(Telemetry::VIDEO_CANPLAYTYPE_H264_PROFILE, - aProfile <= 244 ? aProfile : 0); - - // Make sure aLevel represents a value between levels 1 and 5.2, - // otherwise collect 0 for unknown. - Telemetry::Accumulate(Telemetry::VIDEO_CANPLAYTYPE_H264_LEVEL, - (aLevel >= 10 && aLevel <= 52) ? aLevel : 0); - return true; } diff --git a/dom/media/eme/DetailedPromise.cpp b/dom/media/eme/DetailedPromise.cpp index 5893bea2ee..d443e33369 100644 --- a/dom/media/eme/DetailedPromise.cpp +++ b/dom/media/eme/DetailedPromise.cpp @@ -96,9 +96,6 @@ DetailedPromise::MaybeReportTelemetry(Status aStatus) uint32_t latency = (TimeStamp::Now() - mStartTime).ToMilliseconds(); EME_LOG("%s %s latency %ums reported via telemetry", mName.get(), ((aStatus == Succeeded) ? "succcess" : "failure"), latency); - Telemetry::ID tid = (aStatus == Succeeded) ? mSuccessLatencyProbe.Value() - : mFailureLatencyProbe.Value(); - Telemetry::Accumulate(tid, latency); } } // namespace dom diff --git a/dom/media/eme/MediaKeySession.cpp b/dom/media/eme/MediaKeySession.cpp index d5eff3f773..9c002b5baa 100644 --- a/dom/media/eme/MediaKeySession.cpp +++ b/dom/media/eme/MediaKeySession.cpp @@ -315,9 +315,6 @@ MediaKeySession::GenerateRequest(const nsAString& aInitDataType, // Note: Remaining steps of generateRequest method continue in CDM. - Telemetry::Accumulate(Telemetry::VIDEO_CDM_GENERATE_REQUEST_CALLED, - ToCDMTypeTelemetryEnum(mKeySystem)); - // Convert initData to base64 for easier logging. // Note: CreateSession() Move()s the data out of the array, so we have // to copy it here. diff --git a/dom/media/eme/MediaKeys.cpp b/dom/media/eme/MediaKeys.cpp index eedd675e4f..fea548698b 100644 --- a/dom/media/eme/MediaKeys.cpp +++ b/dom/media/eme/MediaKeys.cpp @@ -13,7 +13,6 @@ #include "mozilla/dom/MediaKeySession.h" #include "mozilla/dom/DOMException.h" #include "mozilla/dom/UnionTypes.h" -#include "mozilla/Telemetry.h" #include "GMPCDMProxy.h" #ifdef MOZ_WIDGET_ANDROID #include "mozilla/MediaDrmCDMProxy.h" @@ -457,7 +456,6 @@ MediaKeys::OnCDMCreated(PromiseId aId, const nsACString& aNodeId, const uint32_t mKeySystem, MediaKeySystemStatus::Cdm_created); - Telemetry::Accumulate(Telemetry::VIDEO_CDM_CREATED, ToCDMTypeTelemetryEnum(mKeySystem)); } static bool diff --git a/dom/media/fmp4/MP4Demuxer.cpp b/dom/media/fmp4/MP4Demuxer.cpp index 70b1766990..5a637b0035 100644 --- a/dom/media/fmp4/MP4Demuxer.cpp +++ b/dom/media/fmp4/MP4Demuxer.cpp @@ -81,35 +81,11 @@ private: bool AccumulateSPSTelemetry(const MediaByteBuffer* aExtradata) { + // XXX: Do we still need this without telemetry? mp4_demuxer::SPSData spsdata; if (mp4_demuxer::H264::DecodeSPSFromExtraData(aExtradata, spsdata)) { - uint8_t constraints = (spsdata.constraint_set0_flag ? (1 << 0) : 0) | - (spsdata.constraint_set1_flag ? (1 << 1) : 0) | - (spsdata.constraint_set2_flag ? (1 << 2) : 0) | - (spsdata.constraint_set3_flag ? (1 << 3) : 0) | - (spsdata.constraint_set4_flag ? (1 << 4) : 0) | - (spsdata.constraint_set5_flag ? (1 << 5) : 0); - Telemetry::Accumulate(Telemetry::VIDEO_DECODED_H264_SPS_CONSTRAINT_SET_FLAG, - constraints); - - // Collect profile_idc values up to 244, otherwise 0 for unknown. - Telemetry::Accumulate(Telemetry::VIDEO_DECODED_H264_SPS_PROFILE, - spsdata.profile_idc <= 244 ? spsdata.profile_idc : 0); - - // Make sure level_idc represents a value between levels 1 and 5.2, - // otherwise collect 0 for unknown level. - Telemetry::Accumulate(Telemetry::VIDEO_DECODED_H264_SPS_LEVEL, - (spsdata.level_idc >= 10 && spsdata.level_idc <= 52) ? - spsdata.level_idc : 0); - - // max_num_ref_frames should be between 0 and 16, anything larger will - // be treated as invalid. - Telemetry::Accumulate(Telemetry::VIDEO_H264_SPS_MAX_NUM_REF_FRAMES, - std::min(spsdata.max_num_ref_frames, 17u)); - return false; } - return true; } @@ -349,8 +325,13 @@ MP4TrackDemuxer::GetNextSample() if (sample->mCrypto.mValid) { nsAutoPtr<MediaRawDataWriter> writer(sample->CreateWriter()); writer->mCrypto.mMode = mInfo->mCrypto.mMode; - writer->mCrypto.mIVSize = mInfo->mCrypto.mIVSize; - writer->mCrypto.mKeyId.AppendElements(mInfo->mCrypto.mKeyId); + + // Only use the default key parsed from the moov if we haven't already got + // one from the sample group description. + if (writer->mCrypto.mKeyId.Length() == 0) { + writer->mCrypto.mIVSize = mInfo->mCrypto.mIVSize; + writer->mCrypto.mKeyId.AppendElements(mInfo->mCrypto.mKeyId); + } } return sample.forget(); } diff --git a/dom/media/ogg/OggDemuxer.cpp b/dom/media/ogg/OggDemuxer.cpp index 591a5248fc..0cc4846878 100644 --- a/dom/media/ogg/OggDemuxer.cpp +++ b/dom/media/ogg/OggDemuxer.cpp @@ -12,7 +12,6 @@ #include "mozilla/Atomics.h" #include "mozilla/PodOperations.h" #include "mozilla/SharedThreadPool.h" -#include "mozilla/Telemetry.h" #include "mozilla/TimeStamp.h" #include "MediaDataDemuxer.h" #include "nsAutoRef.h" @@ -164,7 +163,6 @@ OggDemuxer::~OggDemuxer() MOZ_LOG(gMediaDemuxerLog, mozilla::LogLevel::Debug, ("OggDemuxer(%p)::%s: Reporting telemetry MEDIA_OGG_LOADED_IS_CHAINED=%d", ptr, __func__, isChained)); - Telemetry::Accumulate(Telemetry::ID::MEDIA_OGG_LOADED_IS_CHAINED, isChained); }); AbstractThread::MainThread()->Dispatch(task.forget()); } diff --git a/dom/media/platforms/wmf/DXVA2Manager.cpp b/dom/media/platforms/wmf/DXVA2Manager.cpp index 0c1734c54d..1226ea6216 100644 --- a/dom/media/platforms/wmf/DXVA2Manager.cpp +++ b/dom/media/platforms/wmf/DXVA2Manager.cpp @@ -14,7 +14,6 @@ #include "mozilla/layers/D3D11ShareHandleImage.h" #include "mozilla/layers/ImageBridgeChild.h" #include "mozilla/layers/TextureForwarder.h" -#include "mozilla/Telemetry.h" #include "MediaTelemetryConstants.h" #include "mfapi.h" #include "gfxPrefs.h" @@ -442,9 +441,6 @@ D3D9DXVA2Manager::Init(layers::KnowsCompositor* aKnowsCompositor, } mTextureClientAllocator->SetMaxPoolSize(5); - Telemetry::Accumulate(Telemetry::MEDIA_DECODER_BACKEND_USED, - uint32_t(media::MediaDecoderBackend::WMFDXVA2D3D9)); - return S_OK; } @@ -775,9 +771,6 @@ D3D11DXVA2Manager::Init(layers::KnowsCompositor* aKnowsCompositor, } mTextureClientAllocator->SetMaxPoolSize(5); - Telemetry::Accumulate(Telemetry::MEDIA_DECODER_BACKEND_USED, - uint32_t(media::MediaDecoderBackend::WMFDXVA2D3D11)); - return S_OK; } diff --git a/dom/media/platforms/wmf/WMFAudioMFTManager.cpp b/dom/media/platforms/wmf/WMFAudioMFTManager.cpp index 69b62da517..3dacdf0aad 100644 --- a/dom/media/platforms/wmf/WMFAudioMFTManager.cpp +++ b/dom/media/platforms/wmf/WMFAudioMFTManager.cpp @@ -252,7 +252,6 @@ WMFAudioMFTManager::Output(int64_t aStreamOffset, LOG("Audio MFTDecoder returned success but null output."); nsCOMPtr<nsIRunnable> task = NS_NewRunnableFunction([]() -> void { LOG("Reporting telemetry AUDIO_MFT_OUTPUT_NULL_SAMPLES"); - Telemetry::Accumulate(Telemetry::ID::AUDIO_MFT_OUTPUT_NULL_SAMPLES, 1); }); AbstractThread::MainThread()->Dispatch(task.forget()); return E_FAIL; diff --git a/dom/media/platforms/wmf/WMFMediaDataDecoder.cpp b/dom/media/platforms/wmf/WMFMediaDataDecoder.cpp index d2c13eac75..15e2e10978 100644 --- a/dom/media/platforms/wmf/WMFMediaDataDecoder.cpp +++ b/dom/media/platforms/wmf/WMFMediaDataDecoder.cpp @@ -8,7 +8,6 @@ #include "VideoUtils.h" #include "WMFUtils.h" #include "nsTArray.h" -#include "mozilla/Telemetry.h" #include "mozilla/Logging.h" #include "mozilla/SyncRunnable.h" @@ -67,7 +66,7 @@ SendTelemetry(unsigned long hr) nsCOMPtr<nsIRunnable> runnable = NS_NewRunnableFunction( [sample] { - Telemetry::Accumulate(Telemetry::MEDIA_WMF_DECODE_ERROR, sample); + /* Telemetry STUB */ }); NS_DispatchToMainThread(runnable); } diff --git a/dom/media/platforms/wmf/WMFVideoMFTManager.cpp b/dom/media/platforms/wmf/WMFVideoMFTManager.cpp index 291bc5b74f..8a51f817ab 100644 --- a/dom/media/platforms/wmf/WMFVideoMFTManager.cpp +++ b/dom/media/platforms/wmf/WMFVideoMFTManager.cpp @@ -128,7 +128,6 @@ WMFVideoMFTManager::~WMFVideoMFTManager() nsCOMPtr<nsIRunnable> task = NS_NewRunnableFunction([=]() -> void { LOG(nsPrintfCString("Reporting telemetry VIDEO_MFT_OUTPUT_NULL_SAMPLES=%d", telemetry).get()); - Telemetry::Accumulate(Telemetry::ID::VIDEO_MFT_OUTPUT_NULL_SAMPLES, telemetry); }); AbstractThread::MainThread()->Dispatch(task.forget()); } @@ -511,8 +510,6 @@ WMFVideoMFTManager::InitInternal(bool aForceD3D9) if (mStreamType == VP9 || mStreamType == VP8) { return false; } - Telemetry::Accumulate(Telemetry::MEDIA_DECODER_BACKEND_USED, - uint32_t(media::MediaDecoderBackend::WMFSoftware)); } mDecoder = decoder; diff --git a/dom/media/systemservices/LoadManager.cpp b/dom/media/systemservices/LoadManager.cpp index f0f4f83a7a..34b8fc7e01 100644 --- a/dom/media/systemservices/LoadManager.cpp +++ b/dom/media/systemservices/LoadManager.cpp @@ -15,7 +15,6 @@ #include "nsThreadUtils.h" #include "nsReadableUtils.h" #include "nsIObserverService.h" -#include "mozilla/Telemetry.h" #include "mozilla/ArrayUtils.h" // MOZ_LOG=LoadManager:5 @@ -192,23 +191,6 @@ LoadManagerSingleton::RemoveObserver(webrtc::CPULoadStateObserver * aObserver) for (size_t i = 0; i < MOZ_ARRAY_LENGTH(mTimeInState); i++) { total += mTimeInState[i]; } - // Don't include short calls; we don't have reasonable load data, and - // such short calls rarely reach a stable state. Keep relatively - // short calls separate from longer ones - bool log = total > 5*PR_MSEC_PER_SEC; - bool small = log && total < 30*PR_MSEC_PER_SEC; - if (log) { - // Note: We don't care about rounding here; thus total may be < 100 - Telemetry::Accumulate(small ? Telemetry::WEBRTC_LOAD_STATE_RELAXED_SHORT : - Telemetry::WEBRTC_LOAD_STATE_RELAXED, - (uint32_t) (mTimeInState[webrtc::CPULoadState::kLoadRelaxed]/total * 100)); - Telemetry::Accumulate(small ? Telemetry::WEBRTC_LOAD_STATE_NORMAL_SHORT : - Telemetry::WEBRTC_LOAD_STATE_NORMAL, - (uint32_t) (mTimeInState[webrtc::CPULoadState::kLoadNormal]/total * 100)); - Telemetry::Accumulate(small ? Telemetry::WEBRTC_LOAD_STATE_STRESSED_SHORT : - Telemetry::WEBRTC_LOAD_STATE_STRESSED, - (uint32_t) (mTimeInState[webrtc::CPULoadState::kLoadStressed]/total * 100)); - } for (auto &in_state : mTimeInState) { in_state = 0; } diff --git a/dom/media/webaudio/MediaBufferDecoder.cpp b/dom/media/webaudio/MediaBufferDecoder.cpp index e9f1d5a47c..2ee11eacd4 100644 --- a/dom/media/webaudio/MediaBufferDecoder.cpp +++ b/dom/media/webaudio/MediaBufferDecoder.cpp @@ -23,7 +23,6 @@ #include "VideoUtils.h" #include "WebAudioUtils.h" #include "mozilla/dom/Promise.h" -#include "mozilla/Telemetry.h" #include "nsPrintfCString.h" #include "GMPService.h" @@ -302,7 +301,6 @@ MediaDecodeTask::OnMetadataRead(MetadataHolder* aMetadata) MOZ_LOG(gMediaDecoderLog, LogLevel::Debug, ("Telemetry (WebAudio) MEDIA_CODEC_USED= '%s'", codec.get())); - Telemetry::Accumulate(Telemetry::ID::MEDIA_CODEC_USED, codec); }); AbstractThread::MainThread()->Dispatch(task.forget()); diff --git a/dom/notification/Notification.cpp b/dom/notification/Notification.cpp index 1dd5724e45..71c4916b92 100644 --- a/dom/notification/Notification.cpp +++ b/dom/notification/Notification.cpp @@ -642,8 +642,6 @@ NotificationPermissionRequest::ResolvePromise() mCallback->Call(mPermission, error); rv = error.StealNSResult(); } - Telemetry::Accumulate( - Telemetry::WEB_NOTIFICATION_REQUEST_PERMISSION_CALLBACK, !!mCallback); mPromise->MaybeResolve(mPermission); return rv; } @@ -750,11 +748,6 @@ NotificationTelemetryService::RecordPermissions() if (!GetNotificationPermission(supportsPermission, &capability)) { continue; } - if (capability == nsIPermissionManager::DENY_ACTION) { - Telemetry::Accumulate(Telemetry::WEB_NOTIFICATION_PERMISSIONS, 0); - } else if (capability == nsIPermissionManager::ALLOW_ACTION) { - Telemetry::Accumulate(Telemetry::WEB_NOTIFICATION_PERMISSIONS, 1); - } } } @@ -800,9 +793,6 @@ NotificationTelemetryService::RecordDNDSupported() if (NS_FAILED(rv)) { return; } - - Telemetry::Accumulate( - Telemetry::ALERTS_SERVICE_DND_SUPPORTED_FLAG, true); } nsresult @@ -819,7 +809,6 @@ NotificationTelemetryService::RecordSender(nsIPrincipal* aPrincipal) } if (!mOrigins.Contains(origin)) { mOrigins.PutEntry(origin); - Telemetry::Accumulate(Telemetry::WEB_NOTIFICATION_SENDERS, 1); } return NS_OK; } @@ -829,21 +818,7 @@ NotificationTelemetryService::Observe(nsISupports* aSubject, const char* aTopic, const char16_t* aData) { - uint32_t capability; - if (strcmp("perm-changed", aTopic) || - !NS_strcmp(u"cleared", aData) || - !GetNotificationPermission(aSubject, &capability)) { - return NS_OK; - } - if (!NS_strcmp(u"deleted", aData)) { - if (capability == nsIPermissionManager::DENY_ACTION) { - Telemetry::Accumulate( - Telemetry::WEB_NOTIFICATION_PERMISSION_REMOVED, 0); - } else if (capability == nsIPermissionManager::ALLOW_ACTION) { - Telemetry::Accumulate( - Telemetry::WEB_NOTIFICATION_PERMISSION_REMOVED, 1); - } - } + /* STUB */ return NS_OK; } @@ -1407,7 +1382,6 @@ NotificationObserver::Observe(nsISupports* aSubject, const char* aTopic, AssertIsOnMainThread(); if (!strcmp("alertdisablecallback", aTopic)) { - Telemetry::Accumulate(Telemetry::WEB_NOTIFICATION_MENU, 1); if (XRE_IsParentProcess()) { return Notification::RemovePermission(mPrincipal); } @@ -1417,10 +1391,7 @@ NotificationObserver::Observe(nsISupports* aSubject, const char* aTopic, ContentChild::GetSingleton()->SendDisableNotifications( IPC::Principal(mPrincipal)); return NS_OK; - } else if (!strcmp("alertclickcallback", aTopic)) { - Telemetry::Accumulate(Telemetry::WEB_NOTIFICATION_CLICKED, 1); } else if (!strcmp("alertsettingscallback", aTopic)) { - Telemetry::Accumulate(Telemetry::WEB_NOTIFICATION_MENU, 2); if (XRE_IsParentProcess()) { return Notification::OpenSettings(mPrincipal); } @@ -1433,21 +1404,7 @@ NotificationObserver::Observe(nsISupports* aSubject, const char* aTopic, !strcmp("alertfinished", aTopic)) { RefPtr<NotificationTelemetryService> telemetry = NotificationTelemetryService::GetInstance(); - if (telemetry) { - // Record whether "do not disturb" is supported after the first - // notification, to account for falling back to XUL alerts. - telemetry->RecordDNDSupported(); - if (!mInPrivateBrowsing) { - // Ignore senders in private windows. - Unused << NS_WARN_IF(NS_FAILED(telemetry->RecordSender(mPrincipal))); - } - } Unused << NS_WARN_IF(NS_FAILED(AdjustPushQuota(aTopic))); - - if (!strcmp("alertshow", aTopic)) { - // Record notifications actually shown (e.g. don't count if DND is on). - Telemetry::Accumulate(Telemetry::WEB_NOTIFICATION_SHOWN, 1); - } } return mObserver->Observe(aSubject, aTopic, aData); diff --git a/dom/plugins/base/nsPluginHost.cpp b/dom/plugins/base/nsPluginHost.cpp index 916bdea0fb..c3de136d02 100644 --- a/dom/plugins/base/nsPluginHost.cpp +++ b/dom/plugins/base/nsPluginHost.cpp @@ -2148,11 +2148,7 @@ nsresult nsPluginHost::ScanPluginsDirectory(nsIFile *pluginsDir, nsPluginInfo info; memset(&info, 0, sizeof(info)); nsresult res; - // Opening a block for the telemetry AutoTimer - { - Telemetry::AutoTimer<Telemetry::PLUGIN_LOAD_METADATA> telemetry; - res = pluginFile.GetPluginInfo(info, &library); - } + res = pluginFile.GetPluginInfo(info, &library); // if we don't have mime type don't proceed, this is not a plugin if (NS_FAILED(res) || !info.fMimeTypeArray) { RefPtr<nsInvalidPluginTag> invalidTag = new nsInvalidPluginTag(filePath.get(), @@ -2410,8 +2406,6 @@ nsPluginHost::FindPluginsInContent(bool aCreatePluginList, bool* aPluginsChanged // This is needed in ReloadPlugins to prevent possible recursive reloads nsresult nsPluginHost::FindPlugins(bool aCreatePluginList, bool * aPluginsChanged) { - Telemetry::AutoTimer<Telemetry::FIND_PLUGINS> telemetry; - NS_ENSURE_ARG_POINTER(aPluginsChanged); *aPluginsChanged = false; @@ -3412,7 +3406,6 @@ nsPluginHost::StopPluginInstance(nsNPAPIPluginInstance* aInstance) return NS_OK; } - Telemetry::AutoTimer<Telemetry::PLUGIN_SHUTDOWN_MS> timer; aInstance->Stop(); // if the instance does not want to be 'cached' just remove it diff --git a/dom/plugins/ipc/PluginAsyncSurrogate.cpp b/dom/plugins/ipc/PluginAsyncSurrogate.cpp index da07116ccd..3fe4c71680 100644 --- a/dom/plugins/ipc/PluginAsyncSurrogate.cpp +++ b/dom/plugins/ipc/PluginAsyncSurrogate.cpp @@ -504,8 +504,6 @@ PluginAsyncSurrogate::WaitForInit() if (mAcceptCalls) { return true; } - Telemetry::AutoTimer<Telemetry::BLOCKED_ON_PLUGINASYNCSURROGATE_WAITFORINIT_MS> - timer(mParent->GetHistogramKey()); bool result = false; MOZ_ASSERT(mParent); if (mParent->IsChrome()) { diff --git a/dom/plugins/ipc/PluginHangUIParent.cpp b/dom/plugins/ipc/PluginHangUIParent.cpp index 5114f2e9a3..908182a22f 100644 --- a/dom/plugins/ipc/PluginHangUIParent.cpp +++ b/dom/plugins/ipc/PluginHangUIParent.cpp @@ -8,7 +8,6 @@ #include "PluginHangUIParent.h" -#include "mozilla/Telemetry.h" #include "mozilla/ipc/ProtocolUtils.h" #include "mozilla/plugins/PluginModuleParent.h" @@ -48,14 +47,6 @@ public: NS_IMETHOD Run() override { - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::PLUGIN_HANG_UI_USER_RESPONSE, mResponseCode); - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::PLUGIN_HANG_UI_DONT_ASK, mDontAskCode); - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::PLUGIN_HANG_UI_RESPONSE_TIME, mResponseTimeMs); - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::PLUGIN_HANG_TIME, mTimeoutMs + mResponseTimeMs); return NS_OK; } diff --git a/dom/plugins/ipc/PluginInstanceParent.cpp b/dom/plugins/ipc/PluginInstanceParent.cpp index 02f0641f70..bdd15ca99c 100644 --- a/dom/plugins/ipc/PluginInstanceParent.cpp +++ b/dom/plugins/ipc/PluginInstanceParent.cpp @@ -9,7 +9,6 @@ #include "mozilla/BasicEvents.h" #include "mozilla/Preferences.h" -#include "mozilla/Telemetry.h" #include "PluginInstanceParent.h" #include "BrowserStreamParent.h" #include "PluginAsyncSurrogate.h" @@ -206,12 +205,8 @@ NPError PluginInstanceParent::Destroy() { NPError retval; - { // Scope for timer - Telemetry::AutoTimer<Telemetry::BLOCKED_ON_PLUGIN_INSTANCE_DESTROY_MS> - timer(Module()->GetHistogramKey()); - if (!CallNPP_Destroy(&retval)) { - retval = NPERR_GENERIC_ERROR; - } + if (!CallNPP_Destroy(&retval)) { + retval = NPERR_GENERIC_ERROR; } #if defined(OS_WIN) @@ -1786,9 +1781,6 @@ PluginInstanceParent::NPP_NewStream(NPMIMEType type, NPStream* stream, return NPERR_GENERIC_ERROR; } - Telemetry::AutoTimer<Telemetry::BLOCKED_ON_PLUGIN_STREAM_INIT_MS> - timer(Module()->GetHistogramKey()); - NPError err = NPERR_NO_ERROR; if (mParent->IsStartingAsync()) { MOZ_ASSERT(mSurrogate); @@ -2504,6 +2496,5 @@ PluginInstanceParent::RecordDrawingModel() } MOZ_ASSERT(mode >= 0); - Telemetry::Accumulate(Telemetry::PLUGIN_DRAWING_MODEL, mode); mLastRecordedDrawingModel = mode; } diff --git a/dom/plugins/ipc/PluginModuleParent.cpp b/dom/plugins/ipc/PluginModuleParent.cpp index 2489baf166..300c4f621b 100755 --- a/dom/plugins/ipc/PluginModuleParent.cpp +++ b/dom/plugins/ipc/PluginModuleParent.cpp @@ -20,7 +20,6 @@ #include "mozilla/Preferences.h" #include "mozilla/ProcessHangMonitor.h" #include "mozilla/Services.h" -#include "mozilla/Telemetry.h" #include "mozilla/Unused.h" #include "nsAutoPtr.h" #include "nsCRT.h" @@ -1172,11 +1171,6 @@ PluginModuleParent::GetRunID(uint32_t* aRunID) void PluginModuleChromeParent::ActorDestroy(ActorDestroyReason why) { - if (why == AbnormalShutdown) { - Telemetry::Accumulate(Telemetry::SUBPROCESS_ABNORMAL_ABORT, - NS_LITERAL_CSTRING("plugin"), 1); - } - // We can't broadcast settings changes anymore. UnregisterSettingsCallbacks(); @@ -2203,12 +2197,8 @@ public: void PluginModuleParent::AccumulateModuleInitBlockedTime() { - if (mPluginName.IsEmpty()) { - GetPluginDetails(); - } - Telemetry::Accumulate(Telemetry::BLOCKED_ON_PLUGIN_MODULE_INIT_MS, - GetHistogramKey(), - static_cast<uint32_t>(mTimeBlocked.ToMilliseconds())); + // XXX: mTimeBlocked can probably go if not used for anything besides + // telemetry. mTimeBlocked = TimeDuration(); } @@ -2294,27 +2284,23 @@ PluginModuleParent::NPP_NewInternal(NPMIMEType pluginType, NPP instance, return NS_ERROR_FAILURE; } - { // Scope for timer - Telemetry::AutoTimer<Telemetry::BLOCKED_ON_PLUGIN_INSTANCE_INIT_MS> - timer(GetHistogramKey()); - if (mIsStartingAsync) { - MOZ_ASSERT(surrogate); - surrogate->AsyncCallDeparting(); - if (!SendAsyncNPP_New(parentInstance)) { + if (mIsStartingAsync) { + MOZ_ASSERT(surrogate); + surrogate->AsyncCallDeparting(); + if (!SendAsyncNPP_New(parentInstance)) { + *error = NPERR_GENERIC_ERROR; + return NS_ERROR_FAILURE; + } + *error = NPERR_NO_ERROR; + } else { + if (!CallSyncNPP_New(parentInstance, error)) { + // if IPC is down, we'll get an immediate "failed" return, but + // without *error being set. So make sure that the error + // condition is signaled to nsNPAPIPluginInstance + if (NPERR_NO_ERROR == *error) { *error = NPERR_GENERIC_ERROR; - return NS_ERROR_FAILURE; - } - *error = NPERR_NO_ERROR; - } else { - if (!CallSyncNPP_New(parentInstance, error)) { - // if IPC is down, we'll get an immediate "failed" return, but - // without *error being set. So make sure that the error - // condition is signaled to nsNPAPIPluginInstance - if (NPERR_NO_ERROR == *error) { - *error = NPERR_GENERIC_ERROR; - } - return NS_ERROR_FAILURE; } + return NS_ERROR_FAILURE; } } diff --git a/dom/presentation/provider/PresentationControlService.js b/dom/presentation/provider/PresentationControlService.js index fe61d26d65..e9f92247f4 100644 --- a/dom/presentation/provider/PresentationControlService.js +++ b/dom/presentation/provider/PresentationControlService.js @@ -100,7 +100,6 @@ PresentationControlService.prototype = { if (aCert) { this._serverSocket.serverCert = aCert; - this._serverSocket.setSessionCache(false); this._serverSocket.setSessionTickets(false); let requestCert = Ci.nsITLSServerSocket.REQUEST_NEVER; this._serverSocket.setRequestClientCertificate(requestCert); diff --git a/dom/security/nsMixedContentBlocker.cpp b/dom/security/nsMixedContentBlocker.cpp index c03628da0b..5f41f414d0 100644 --- a/dom/security/nsMixedContentBlocker.cpp +++ b/dom/security/nsMixedContentBlocker.cpp @@ -983,44 +983,5 @@ enum MixedContentHSTSState { void nsMixedContentBlocker::AccumulateMixedContentHSTS(nsIURI* aURI, bool aActive) { - // This method must only be called in the parent, because - // nsSiteSecurityService is only available in the parent - if (!XRE_IsParentProcess()) { - MOZ_ASSERT(false); - return; - } - - bool hsts; - nsresult rv; - nsCOMPtr<nsISiteSecurityService> sss = do_GetService(NS_SSSERVICE_CONTRACTID, &rv); - if (NS_FAILED(rv)) { - return; - } - rv = sss->IsSecureURI(nsISiteSecurityService::HEADER_HSTS, aURI, 0, nullptr, &hsts); - if (NS_FAILED(rv)) { - return; - } - - // states: would upgrade, hsts info cached - // active, passive - // - if (!aActive) { - if (!hsts) { - Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS, - MCB_HSTS_PASSIVE_NO_HSTS); - } - else { - Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS, - MCB_HSTS_PASSIVE_WITH_HSTS); - } - } else { - if (!hsts) { - Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS, - MCB_HSTS_ACTIVE_NO_HSTS); - } - else { - Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS, - MCB_HSTS_ACTIVE_WITH_HSTS); - } - } +/* STUB */ }
\ No newline at end of file diff --git a/dom/storage/DOMStorageCache.cpp b/dom/storage/DOMStorageCache.cpp index 811f79fd36..a6aa17424e 100644 --- a/dom/storage/DOMStorageCache.cpp +++ b/dom/storage/DOMStorageCache.cpp @@ -309,7 +309,7 @@ public: explicit TelemetryAutoTimer(Telemetry::ID aId) : id(aId), start(TimeStamp::Now()) {} ~TelemetryAutoTimer() - { Telemetry::AccumulateDelta_impl<Telemetry::Millisecond>::compute(id, start); } + { /* STUB */ } private: Telemetry::ID id; const TimeStamp start; @@ -329,9 +329,6 @@ DOMStorageCache::WaitForPreload(Telemetry::ID aTelemetryID) // Telemetry of rates of pending preloads if (!mPreloadTelemetryRecorded) { mPreloadTelemetryRecorded = true; - Telemetry::Accumulate( - Telemetry::LOCALDOMSTORAGE_PRELOAD_PENDING_ON_FIRST_ACCESS, - !loaded); } if (loaded) { diff --git a/dom/storage/DOMStorageDBThread.cpp b/dom/storage/DOMStorageDBThread.cpp index 183be5c5c8..f86dbad9c7 100644 --- a/dom/storage/DOMStorageDBThread.cpp +++ b/dom/storage/DOMStorageDBThread.cpp @@ -163,8 +163,6 @@ DOMStorageDBThread::Shutdown() return NS_ERROR_NOT_INITIALIZED; } - Telemetry::AutoTimer<Telemetry::LOCALDOMSTORAGE_SHUTDOWN_DATABASE_MS> timer; - { MonitorAutoLock monitor(mThreadObserver->GetMonitor()); diff --git a/dom/system/mac/CoreLocationLocationProvider.mm b/dom/system/mac/CoreLocationLocationProvider.mm index b39582a9ed..7a3feba97b 100644 --- a/dom/system/mac/CoreLocationLocationProvider.mm +++ b/dom/system/mac/CoreLocationLocationProvider.mm @@ -13,7 +13,6 @@ #include "CoreLocationLocationProvider.h" #include "nsCocoaFeatures.h" #include "prtime.h" -#include "mozilla/Telemetry.h" #include "MLSFallback.h" #include <CoreLocation/CLError.h> @@ -103,7 +102,6 @@ static const CLLocationAccuracy kDEFAULT_ACCURACY = kCLLocationAccuracyNearestTe PR_Now() / PR_USEC_PER_MSEC); mProvider->Update(geoPosition); - Telemetry::Accumulate(Telemetry::GEOLOCATION_OSX_SOURCE_IS_MLS, false); } @end @@ -127,7 +125,6 @@ CoreLocationLocationProvider::MLSUpdate::Update(nsIDOMGeoPosition *position) return NS_ERROR_FAILURE; } mParentLocationProvider.Update(position); - Telemetry::Accumulate(Telemetry::GEOLOCATION_OSX_SOURCE_IS_MLS, true); return NS_OK; } NS_IMETHODIMP diff --git a/dom/system/windows/WindowsLocationProvider.cpp b/dom/system/windows/WindowsLocationProvider.cpp index fa7f8d8be1..9da7bcc304 100644 --- a/dom/system/windows/WindowsLocationProvider.cpp +++ b/dom/system/windows/WindowsLocationProvider.cpp @@ -10,7 +10,6 @@ #include "nsComponentManagerUtils.h" #include "prtime.h" #include "MLSFallback.h" -#include "mozilla/Telemetry.h" namespace mozilla { namespace dom { @@ -34,7 +33,6 @@ WindowsLocationProvider::MLSUpdate::Update(nsIDOMGeoPosition *aPosition) if (!coords) { return NS_ERROR_FAILURE; } - Telemetry::Accumulate(Telemetry::GEOLOCATION_WIN8_SOURCE_IS_MLS, true); return mCallback->Update(aPosition); } NS_IMETHODIMP @@ -176,8 +174,6 @@ LocationEvent::OnLocationChanged(REFIID aReportType, PR_Now() / PR_USEC_PER_MSEC); mCallback->Update(position); - Telemetry::Accumulate(Telemetry::GEOLOCATION_WIN8_SOURCE_IS_MLS, false); - return S_OK; } diff --git a/dom/webidl/DataTransfer.webidl b/dom/webidl/DataTransfer.webidl index 206d808049..dd44e1ddce 100644 --- a/dom/webidl/DataTransfer.webidl +++ b/dom/webidl/DataTransfer.webidl @@ -7,7 +7,7 @@ * http://www.whatwg.org/specs/web-apps/current-work/#the-datatransfer-interface */ -[ChromeConstructor(DOMString eventType, boolean isExternal)] +[Constructor] interface DataTransfer { attribute DOMString dropEffect; attribute DOMString effectAllowed; diff --git a/dom/webidl/HTMLDocument.webidl b/dom/webidl/HTMLDocument.webidl index 42f6d98f79..ffb61ccdd9 100644 --- a/dom/webidl/HTMLDocument.webidl +++ b/dom/webidl/HTMLDocument.webidl @@ -7,7 +7,7 @@ [OverrideBuiltins] interface HTMLDocument : Document { [SetterThrows] - attribute DOMString? domain; + attribute DOMString domain; [Throws] attribute DOMString cookie; // DOM tree accessors diff --git a/dom/webidl/WebGLRenderingContext.webidl b/dom/webidl/WebGLRenderingContext.webidl index dd0e6ff690..323d234219 100644 --- a/dom/webidl/WebGLRenderingContext.webidl +++ b/dom/webidl/WebGLRenderingContext.webidl @@ -1046,3 +1046,12 @@ interface EXT_disjoint_timer_query { any getQueryEXT(GLenum target, GLenum pname); any getQueryObjectEXT(WebGLQuery query, GLenum pname); }; + +[NoInterfaceObject] +interface MOZ_debug_get { + const GLenum EXTENSIONS = 0x1F03; + const GLenum WSI_INFO = 0x10000; + + [Throws] + any getParameter(GLenum pname); +}; diff --git a/dom/workers/RuntimeService.cpp b/dom/workers/RuntimeService.cpp index e1910536f2..1f49e16dd3 100644 --- a/dom/workers/RuntimeService.cpp +++ b/dom/workers/RuntimeService.cpp @@ -30,7 +30,6 @@ #include "mozilla/AsyncEventDispatcher.h" #include "mozilla/Atomics.h" #include "mozilla/CycleCollectedJSContext.h" -#include "mozilla/Telemetry.h" #include "mozilla/TimeStamp.h" #include "mozilla/dom/asmjscache/AsmJSCache.h" #include "mozilla/dom/AtomList.h" @@ -1534,7 +1533,6 @@ RuntimeService::RegisterWorker(WorkerPrivate* aWorkerPrivate) const bool isDedicatedWorker = aWorkerPrivate->IsDedicatedWorker(); if (isServiceWorker) { AssertIsOnMainThread(); - Telemetry::Accumulate(Telemetry::SERVICE_WORKER_SPAWN_ATTEMPTS, 1); } nsCString sharedWorkerScriptSpec; @@ -1586,14 +1584,6 @@ RuntimeService::RegisterWorker(WorkerPrivate* aWorkerPrivate) // Worker spawn gets queued due to hitting max workers per domain // limit so let's log a warning. WorkerPrivate::ReportErrorToConsole("HittingMaxWorkersPerDomain2"); - - if (isServiceWorker) { - Telemetry::Accumulate(Telemetry::SERVICE_WORKER_SPAWN_GETS_QUEUED, 1); - } else if (isSharedWorker) { - Telemetry::Accumulate(Telemetry::SHARED_WORKER_SPAWN_GETS_QUEUED, 1); - } else if (isDedicatedWorker) { - Telemetry::Accumulate(Telemetry::DEDICATED_WORKER_SPAWN_GETS_QUEUED, 1); - } } else if (parent) { domainInfo->mChildWorkerCount++; @@ -1669,7 +1659,6 @@ RuntimeService::RegisterWorker(WorkerPrivate* aWorkerPrivate) if (isServiceWorker) { AssertIsOnMainThread(); - Telemetry::Accumulate(Telemetry::SERVICE_WORKER_WAS_SPAWNED, 1); } return true; } @@ -1766,8 +1755,6 @@ RuntimeService::UnregisterWorker(WorkerPrivate* aWorkerPrivate) if (aWorkerPrivate->IsServiceWorker()) { AssertIsOnMainThread(); - Telemetry::AccumulateTimeDelta(Telemetry::SERVICE_WORKER_LIFE_TIME, - aWorkerPrivate->CreationTimeStamp()); } if (aWorkerPrivate->IsSharedWorker() || diff --git a/dom/workers/ServiceWorkerManager.cpp b/dom/workers/ServiceWorkerManager.cpp index a66df07314..a8f191f2e6 100644 --- a/dom/workers/ServiceWorkerManager.cpp +++ b/dom/workers/ServiceWorkerManager.cpp @@ -33,7 +33,6 @@ #include "mozilla/ClearOnShutdown.h" #include "mozilla/ErrorNames.h" #include "mozilla/LoadContext.h" -#include "mozilla/Telemetry.h" #include "mozilla/dom/BindingUtils.h" #include "mozilla/dom/ContentParent.h" #include "mozilla/dom/DOMError.h" @@ -676,7 +675,6 @@ ServiceWorkerManager::Register(mozIDOMWindow* aWindow, queue->ScheduleJob(job); AssertIsOnMainThread(); - Telemetry::Accumulate(Telemetry::SERVICE_WORKER_REGISTRATIONS, 1); promise.forget(aPromise); return NS_OK; @@ -2180,7 +2178,6 @@ ServiceWorkerManager::StartControllingADocument(ServiceWorkerRegistrationInfo* a if (!aDocumentId.IsEmpty()) { aDoc->SetId(aDocumentId); } - Telemetry::Accumulate(Telemetry::SERVICE_WORKER_CONTROLLED_DOCUMENTS, 1); } void diff --git a/dom/workers/ServiceWorkerRegistrar.cpp b/dom/workers/ServiceWorkerRegistrar.cpp index a4757ea548..7df129c2be 100644 --- a/dom/workers/ServiceWorkerRegistrar.cpp +++ b/dom/workers/ServiceWorkerRegistrar.cpp @@ -135,9 +135,6 @@ ServiceWorkerRegistrar::GetRegistrations( if (firstTime) { firstTime = false; - Telemetry::AccumulateTimeDelta( - Telemetry::SERVICE_WORKER_REGISTRATION_LOADING, - startTime); } } diff --git a/dom/workers/ServiceWorkerUpdateJob.cpp b/dom/workers/ServiceWorkerUpdateJob.cpp index 614fe4de5a..69877dfe4c 100644 --- a/dom/workers/ServiceWorkerUpdateJob.cpp +++ b/dom/workers/ServiceWorkerUpdateJob.cpp @@ -408,8 +408,6 @@ ServiceWorkerUpdateJob::ComparisonResult(nsresult aStatus, return; } - Telemetry::Accumulate(Telemetry::SERVICE_WORKER_UPDATED, 1); - // Begin step 7 of the Update algorithm to evaluate the new script. RefPtr<ServiceWorkerInfo> sw = diff --git a/dom/workers/SharedWorker.cpp b/dom/workers/SharedWorker.cpp index b0eed2def4..99bb503397 100644 --- a/dom/workers/SharedWorker.cpp +++ b/dom/workers/SharedWorker.cpp @@ -12,7 +12,6 @@ #include "mozilla/Preferences.h" #include "mozilla/dom/MessagePort.h" #include "mozilla/dom/SharedWorkerBinding.h" -#include "mozilla/Telemetry.h" #include "nsContentUtils.h" #include "nsIClassInfoImpl.h" #include "nsIDOMEvent.h" @@ -73,8 +72,6 @@ SharedWorker::Constructor(const GlobalObject& aGlobal, JSContext* aCx, return nullptr; } - Telemetry::Accumulate(Telemetry::SHARED_WORKER_COUNT, 1); - return sharedWorker.forget(); } diff --git a/dom/workers/WorkerRunnable.cpp b/dom/workers/WorkerRunnable.cpp index 6bbe40f66a..9e6d4cfb8f 100644 --- a/dom/workers/WorkerRunnable.cpp +++ b/dom/workers/WorkerRunnable.cpp @@ -15,7 +15,6 @@ #include "mozilla/DebugOnly.h" #include "mozilla/ErrorResult.h" #include "mozilla/dom/ScriptSettings.h" -#include "mozilla/Telemetry.h" #include "js/RootingAPI.h" #include "js/Value.h" @@ -572,8 +571,6 @@ WorkerMainThreadRunnable::Dispatch(Status aFailStatus, ErrorResult& aRv) { mWorkerPrivate->AssertIsOnWorkerThread(); - TimeStamp startTime = TimeStamp::NowLoRes(); - AutoSyncLoopHolder syncLoop(mWorkerPrivate, aFailStatus); mSyncLoopTarget = syncLoop.GetEventTarget(); @@ -590,11 +587,6 @@ WorkerMainThreadRunnable::Dispatch(Status aFailStatus, ErrorResult& aRv) if (!syncLoop.Run()) { aRv.ThrowUncatchableException(); } - - Telemetry::Accumulate(Telemetry::SYNC_WORKER_OPERATION, mTelemetryKey, - static_cast<uint32_t>((TimeStamp::NowLoRes() - startTime) - .ToMilliseconds())); - Unused << startTime; // Shut the compiler up. } NS_IMETHODIMP diff --git a/dom/xhr/XMLHttpRequestMainThread.cpp b/dom/xhr/XMLHttpRequestMainThread.cpp index 4fd34a9933..613008ad53 100644 --- a/dom/xhr/XMLHttpRequestMainThread.cpp +++ b/dom/xhr/XMLHttpRequestMainThread.cpp @@ -757,15 +757,6 @@ XMLHttpRequestMainThread::SetResponseType(XMLHttpRequestResponseType aResponseTy return; } - // We want to get rid of this moz-only types. Bug 1335365. - if (aResponseType == XMLHttpRequestResponseType::Moz_blob) { - Telemetry::Accumulate(Telemetry::MOZ_BLOB_IN_XHR, 1); - } else if (aResponseType == XMLHttpRequestResponseType::Moz_chunked_text) { - Telemetry::Accumulate(Telemetry::MOZ_CHUNKED_TEXT_IN_XHR, 1); - } else if (aResponseType == XMLHttpRequestResponseType::Moz_chunked_arraybuffer) { - Telemetry::Accumulate(Telemetry::MOZ_CHUNKED_ARRAYBUFFER_IN_XHR, 1); - } - // Set the responseType attribute's value to the given value. mResponseType = aResponseType; } @@ -1521,8 +1512,6 @@ XMLHttpRequestMainThread::Open(const nsACString& aMethod, GetOwner()->GetExtantDoc()->WarnOnceAbout(nsIDocument::eSyncXMLHttpRequest); } - Telemetry::Accumulate(Telemetry::XMLHTTPREQUEST_ASYNC_OR_SYNC, aAsync ? 0 : 1); - // Step 1 nsCOMPtr<nsIDocument> responsibleDocument = GetDocumentIfCurrent(); if (!responsibleDocument) { diff --git a/dom/xhr/XMLHttpRequestWorker.cpp b/dom/xhr/XMLHttpRequestWorker.cpp index c9e892f26a..2af61bd7dd 100644 --- a/dom/xhr/XMLHttpRequestWorker.cpp +++ b/dom/xhr/XMLHttpRequestWorker.cpp @@ -1588,8 +1588,6 @@ XMLHttpRequestWorker::Construct(const GlobalObject& aGlobal, WorkerPrivate* workerPrivate = GetWorkerPrivateFromContext(cx); MOZ_ASSERT(workerPrivate); - Telemetry::Accumulate(Telemetry::XHR_IN_WORKER, 1); - RefPtr<XMLHttpRequestWorker> xhr = new XMLHttpRequestWorker(workerPrivate); if (workerPrivate->XHRParamsAllowed()) { diff --git a/dom/xul/nsXULPrototypeCache.cpp b/dom/xul/nsXULPrototypeCache.cpp index 84a201d594..2c34548608 100644 --- a/dom/xul/nsXULPrototypeCache.cpp +++ b/dom/xul/nsXULPrototypeCache.cpp @@ -45,12 +45,6 @@ UpdategDisableXULCache() // Get the value of "nglayout.debug.disable_xul_cache" preference gDisableXULCache = Preferences::GetBool(kDisableXULCachePref, gDisableXULCache); - - // Sets the flag if the XUL cache is disabled - if (gDisableXULCache) { - Telemetry::Accumulate(Telemetry::XUL_CACHE_DISABLED, true); - } - } static void diff --git a/embedding/components/find/nsFind.cpp b/embedding/components/find/nsFind.cpp index cbc42298bb..5fc1f9db68 100644 --- a/embedding/components/find/nsFind.cpp +++ b/embedding/components/find/nsFind.cpp @@ -33,7 +33,7 @@ using namespace mozilla; // Yikes! Casting a char to unichar can fill with ones! -#define CHAR_TO_UNICHAR(c) ((char16_t)(const unsigned char)c) +#define CHAR_TO_UNICHAR(c) ((char16_t)(unsigned char)c) static NS_DEFINE_CID(kCContentIteratorCID, NS_CONTENTITERATOR_CID); static NS_DEFINE_CID(kCPreContentIteratorCID, NS_PRECONTENTITERATOR_CID); diff --git a/extensions/auth/nsAuthGSSAPI.cpp b/extensions/auth/nsAuthGSSAPI.cpp index f63b30eff6..0e273a3005 100644 --- a/extensions/auth/nsAuthGSSAPI.cpp +++ b/extensions/auth/nsAuthGSSAPI.cpp @@ -22,7 +22,6 @@ #include "nsIPrefBranch.h" #include "nsIServiceManager.h" #include "nsNativeCharsetUtils.h" -#include "mozilla/Telemetry.h" #include "nsAuthGSSAPI.h" @@ -377,16 +376,6 @@ nsAuthGSSAPI::Init(const char *serviceName, mServiceName = serviceName; mServiceFlags = serviceFlags; - static bool sTelemetrySent = false; - if (!sTelemetrySent) { - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::NTLM_MODULE_USED_2, - serviceFlags & nsIAuthModule::REQ_PROXY_AUTH - ? NTLM_MODULE_KERBEROS_PROXY - : NTLM_MODULE_KERBEROS_DIRECT); - sTelemetrySent = true; - } - return NS_OK; } diff --git a/extensions/auth/nsAuthSSPI.cpp b/extensions/auth/nsAuthSSPI.cpp index eb577d3bf3..677a4773af 100644 --- a/extensions/auth/nsAuthSSPI.cpp +++ b/extensions/auth/nsAuthSSPI.cpp @@ -20,7 +20,6 @@ #include "nsNetCID.h" #include "nsCOMPtr.h" #include "nsICryptoHash.h" -#include "mozilla/Telemetry.h" #include <windows.h> @@ -275,16 +274,6 @@ nsAuthSSPI::Init(const char *serviceName, if (rc != SEC_E_OK) return NS_ERROR_UNEXPECTED; - static bool sTelemetrySent = false; - if (!sTelemetrySent) { - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::NTLM_MODULE_USED_2, - serviceFlags & nsIAuthModule::REQ_PROXY_AUTH - ? NTLM_MODULE_WIN_API_PROXY - : NTLM_MODULE_WIN_API_DIRECT); - sTelemetrySent = true; - } - LOG(("AcquireCredentialsHandle() succeeded.\n")); return NS_OK; } diff --git a/extensions/auth/nsAuthSambaNTLM.cpp b/extensions/auth/nsAuthSambaNTLM.cpp index 69777dcca2..6b9204c349 100644 --- a/extensions/auth/nsAuthSambaNTLM.cpp +++ b/extensions/auth/nsAuthSambaNTLM.cpp @@ -9,7 +9,6 @@ #include "prenv.h" #include "plbase64.h" #include "prerror.h" -#include "mozilla/Telemetry.h" #include <stdlib.h> @@ -212,17 +211,6 @@ nsAuthSambaNTLM::Init(const char *serviceName, const char16_t *password) { NS_ASSERTION(!username && !domain && !password, "unexpected credentials"); - - static bool sTelemetrySent = false; - if (!sTelemetrySent) { - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::NTLM_MODULE_USED_2, - serviceFlags & nsIAuthModule::REQ_PROXY_AUTH - ? NTLM_MODULE_SAMBA_AUTH_PROXY - : NTLM_MODULE_SAMBA_AUTH_DIRECT); - sTelemetrySent = true; - } - return NS_OK; } diff --git a/extensions/cookie/nsPermissionManager.cpp b/extensions/cookie/nsPermissionManager.cpp index c448308121..1f3c257ddf 100644 --- a/extensions/cookie/nsPermissionManager.cpp +++ b/extensions/cookie/nsPermissionManager.cpp @@ -866,9 +866,6 @@ nsPermissionManager::InitDB(bool aRemoveFile) if (rv == NS_ERROR_FILE_CORRUPTED) { LogToConsole(NS_LITERAL_STRING("permissions.sqlite is corrupted! Try again!")); - // Add telemetry probe - mozilla::Telemetry::Accumulate(mozilla::Telemetry::PERMISSIONS_SQL_CORRUPTED, 1); - // delete corrupted permissions.sqlite and try again rv = permissionsFile->Remove(false); NS_ENSURE_SUCCESS(rv, rv); @@ -891,9 +888,6 @@ nsPermissionManager::InitDB(bool aRemoveFile) NS_ENSURE_SUCCESS(rv, rv); LogToConsole(NS_LITERAL_STRING("Defective permissions.sqlite has been removed.")); - // Add telemetry probe - mozilla::Telemetry::Accumulate(mozilla::Telemetry::DEFECTIVE_PERMISSIONS_SQL_REMOVED, 1); - rv = OpenDatabase(permissionsFile); NS_ENSURE_SUCCESS(rv, rv); LogToConsole(NS_LITERAL_STRING("OpenDatabase to permissions.sqlite is successful!")); @@ -1185,25 +1179,7 @@ nsPermissionManager::InitDB(bool aRemoveFile) if (NS_SUCCEEDED(rv) && NS_SUCCEEDED(countStmt->ExecuteStep(&hasResult)) && hasResult) { - int32_t permsCount = countStmt->AsInt32(0); - - // The id variable contains the number of rows inserted into the - // moz_hosts_new table (as one ID was used per entry) - uint32_t telemetryValue; - if (permsCount > id) { - telemetryValue = 3; // NEW > OLD - } else if (permsCount == id) { - telemetryValue = 2; // NEW == OLD - } else if (permsCount == 0) { - telemetryValue = 0; // NEW = 0 - } else { - telemetryValue = 1; // NEW < OLD - } - - // Report the telemetry value to telemetry - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::PERMISSIONS_REMIGRATION_COMPARISON, - telemetryValue); + // Telemetry STUB (count rows and report) } else { NS_WARNING("Could not count the rows in moz_perms"); } @@ -1221,9 +1197,6 @@ nsPermissionManager::InitDB(bool aRemoveFile) rv = mDBConn->CommitTransaction(); NS_ENSURE_SUCCESS(rv, rv); - - mozilla::Telemetry::Accumulate(mozilla::Telemetry::PERMISSIONS_MIGRATION_7_ERROR, - NS_WARN_IF(migrationError)); } else { // We don't have a moz_hosts table, so we create one for downgrading purposes. // This table is empty. diff --git a/gfx/angle/src/libANGLE/Program.cpp b/gfx/angle/src/libANGLE/Program.cpp index 7f4226da17..49a0f9a335 100755 --- a/gfx/angle/src/libANGLE/Program.cpp +++ b/gfx/angle/src/libANGLE/Program.cpp @@ -679,6 +679,12 @@ Error Program::link(const ContextState &data) gatherInterfaceBlockInfo(); + // Because we do lazy init in assignUniformBlockRegisters, + // we must initialize them when linking shaders, + // otherwise, we will have no shaders for getting uniform blocks + // information from shaders when doing draw calls. + mProgram->assignUniformBlockRegisters(); + mLinked = true; return NoError(); } diff --git a/gfx/angle/src/libANGLE/renderer/ProgramImpl.h b/gfx/angle/src/libANGLE/renderer/ProgramImpl.h index 45ff0a05a1..e62623a8da 100755 --- a/gfx/angle/src/libANGLE/renderer/ProgramImpl.h +++ b/gfx/angle/src/libANGLE/renderer/ProgramImpl.h @@ -86,6 +86,10 @@ class ProgramImpl : angle::NonCopyable GLint components, const GLfloat *coeffs) = 0; + virtual void assignUniformBlockRegisters() + { + } + protected: const gl::ProgramState &mState; }; diff --git a/gfx/angle/src/libANGLE/renderer/d3d/ProgramD3D.h b/gfx/angle/src/libANGLE/renderer/d3d/ProgramD3D.h index 88fe4020db..01f3973c56 100755 --- a/gfx/angle/src/libANGLE/renderer/d3d/ProgramD3D.h +++ b/gfx/angle/src/libANGLE/renderer/d3d/ProgramD3D.h @@ -231,6 +231,7 @@ class ProgramD3D : public ProgramImpl const GLfloat *value); void setUniformBlockBinding(GLuint uniformBlockIndex, GLuint uniformBlockBinding) override; + void assignUniformBlockRegisters() override; const UniformStorageD3D &getVertexUniformStorage() const { return *mVertexUniformStorage; } const UniformStorageD3D &getFragmentUniformStorage() const { return *mFragmentUniformStorage; } @@ -350,7 +351,6 @@ class ProgramD3D : public ProgramImpl void initAttribLocationsToD3DSemantic(); void reset(); - void assignUniformBlockRegisters(); void initUniformBlockInfo(); size_t getUniformBlockInfo(const sh::InterfaceBlock &interfaceBlock); diff --git a/gfx/gl/GLContext.h b/gfx/gl/GLContext.h index f205630705..c82efcedaf 100644 --- a/gfx/gl/GLContext.h +++ b/gfx/gl/GLContext.h @@ -221,6 +221,8 @@ public: return false; } + virtual void GetWSIInfo(nsCString* const out) const = 0; + /** * Return true if we are running on a OpenGL core profile context */ diff --git a/gfx/gl/GLContextCGL.h b/gfx/gl/GLContextCGL.h index 12da90aeed..1a29f3d155 100644 --- a/gfx/gl/GLContextCGL.h +++ b/gfx/gl/GLContextCGL.h @@ -58,6 +58,8 @@ public: virtual bool SupportsRobustness() const override { return false; } virtual bool SwapBuffers() override; + + virtual void GetWSIInfo(nsCString* const out) const override; }; } // namespace gl diff --git a/gfx/gl/GLContextEAGL.h b/gfx/gl/GLContextEAGL.h index 86e9a5b98b..df25d0f1e5 100644 --- a/gfx/gl/GLContextEAGL.h +++ b/gfx/gl/GLContextEAGL.h @@ -55,6 +55,8 @@ public: virtual bool SwapBuffers() override; + virtual void GetWSIInfo(nsCString* const out) const override; + virtual GLuint GetDefaultFramebuffer() override { return mBackbufferFB; } diff --git a/gfx/gl/GLContextEGL.h b/gfx/gl/GLContextEGL.h index 9755ecfe79..64b9b13fbe 100644 --- a/gfx/gl/GLContextEGL.h +++ b/gfx/gl/GLContextEGL.h @@ -89,6 +89,8 @@ public: virtual bool SwapBuffers() override; + virtual void GetWSIInfo(nsCString* const out) const override; + // hold a reference to the given surface // for the lifetime of this context. void HoldSurface(gfxASurface* aSurf); diff --git a/gfx/gl/GLContextGLX.h b/gfx/gl/GLContextGLX.h index ca476baec0..1f2cee08da 100644 --- a/gfx/gl/GLContextGLX.h +++ b/gfx/gl/GLContextGLX.h @@ -59,6 +59,8 @@ public: virtual bool SwapBuffers() override; + virtual void GetWSIInfo(nsCString* const out) const override; + // Overrides the current GLXDrawable backing the context and makes the // context current. bool OverrideDrawable(GLXDrawable drawable); diff --git a/gfx/gl/GLContextProviderCGL.mm b/gfx/gl/GLContextProviderCGL.mm index 0b8add435a..ceab3046cb 100644 --- a/gfx/gl/GLContextProviderCGL.mm +++ b/gfx/gl/GLContextProviderCGL.mm @@ -166,6 +166,11 @@ GLContextCGL::SwapBuffers() return true; } +void +GLContextCGL::GetWSIInfo(nsCString* const out) const +{ + out->AppendLiteral("CGL"); +} already_AddRefed<GLContext> GLContextProviderCGL::CreateWrappingExisting(void*, void*) diff --git a/gfx/gl/GLContextProviderEAGL.mm b/gfx/gl/GLContextProviderEAGL.mm index 784a3e29e0..507616e2fa 100644 --- a/gfx/gl/GLContextProviderEAGL.mm +++ b/gfx/gl/GLContextProviderEAGL.mm @@ -155,6 +155,11 @@ GLContextEAGL::SwapBuffers() return true; } +void +GLContextEAGL::GetWSIInfo(nsCString* const out) const +{ + out->AppendLiteral("EAGL"); +} already_AddRefed<GLContext> GLContextProviderEAGL::CreateWrappingExisting(void*, void*) diff --git a/gfx/gl/GLContextProviderEGL.cpp b/gfx/gl/GLContextProviderEGL.cpp index 098662200d..7979f3bf0b 100644 --- a/gfx/gl/GLContextProviderEGL.cpp +++ b/gfx/gl/GLContextProviderEGL.cpp @@ -418,6 +418,24 @@ GLContextEGL::SwapBuffers() } } +void +GLContextEGL::GetWSIInfo(nsCString* const out) const +{ + out->AppendLiteral("EGL_VENDOR: "); + out->Append((const char*)sEGLLibrary.fQueryString(EGL_DISPLAY(), LOCAL_EGL_VENDOR)); + + out->AppendLiteral("\nEGL_VERSION: "); + out->Append((const char*)sEGLLibrary.fQueryString(EGL_DISPLAY(), LOCAL_EGL_VERSION)); + + out->AppendLiteral("\nEGL_EXTENSIONS: "); + out->Append((const char*)sEGLLibrary.fQueryString(EGL_DISPLAY(), LOCAL_EGL_EXTENSIONS)); + +#ifndef ANDROID // This query will crash some old android. + out->AppendLiteral("\nEGL_EXTENSIONS(nullptr): "); + out->Append((const char*)sEGLLibrary.fQueryString(nullptr, LOCAL_EGL_EXTENSIONS)); +#endif +} + // hold a reference to the given surface // for the lifetime of this context. void diff --git a/gfx/gl/GLContextProviderGLX.cpp b/gfx/gl/GLContextProviderGLX.cpp index d804f95aff..539520a8ce 100644 --- a/gfx/gl/GLContextProviderGLX.cpp +++ b/gfx/gl/GLContextProviderGLX.cpp @@ -80,7 +80,6 @@ GLXLibrary::EnsureInitialized() if (!mOGLLibrary) { const char* libGLfilename = nullptr; - bool forceFeatureReport = false; // see e.g. bug 608526: it is intrinsically interesting to know whether we have dynamically linked to libGL.so.1 // because at least the NVIDIA implementation requires an executable stack, which causes mprotect calls, @@ -994,6 +993,27 @@ GLContextGLX::SwapBuffers() return true; } +void +GLContextGLX::GetWSIInfo(nsCString* const out) const +{ + Display* display = DefaultXDisplay(); + int screen = DefaultScreen(display); + + int majorVersion, minorVersion; + sGLXLibrary.xQueryVersion(display, &majorVersion, &minorVersion); + + out->Append(nsPrintfCString("GLX %u.%u", majorVersion, minorVersion)); + + out->AppendLiteral("\nGLX_VENDOR(client): "); + out->Append(sGLXLibrary.xGetClientString(display, LOCAL_GLX_VENDOR)); + + out->AppendLiteral("\nGLX_VENDOR(server): "); + out->Append(sGLXLibrary.xQueryServerString(display, screen, LOCAL_GLX_VENDOR)); + + out->AppendLiteral("\nExtensions: "); + out->Append(sGLXLibrary.xQueryExtensionsString(display, screen)); +} + bool GLContextGLX::OverrideDrawable(GLXDrawable drawable) { diff --git a/gfx/gl/GLContextProviderWGL.cpp b/gfx/gl/GLContextProviderWGL.cpp index c9c3f0a54d..35957259de 100644 --- a/gfx/gl/GLContextProviderWGL.cpp +++ b/gfx/gl/GLContextProviderWGL.cpp @@ -373,6 +373,13 @@ GLContextWGL::SwapBuffers() { return ::SwapBuffers(mDC); } +void +GLContextWGL::GetWSIInfo(nsCString* const out) const +{ + out->AppendLiteral("wglGetExtensionsString: "); + out->Append(sWGLLib.fGetExtensionsString(mDC)); +} + bool GLContextWGL::SetupLookupFunction() { diff --git a/gfx/gl/GLContextWGL.h b/gfx/gl/GLContextWGL.h index 9d270bf52d..839b10aa78 100644 --- a/gfx/gl/GLContextWGL.h +++ b/gfx/gl/GLContextWGL.h @@ -57,6 +57,8 @@ public: virtual bool SwapBuffers() override; + virtual void GetWSIInfo(nsCString* const out) const override; + virtual bool SetupLookupFunction() override; HGLRC Context() { return mContext; } diff --git a/gfx/gl/GLLibraryEGL.cpp b/gfx/gl/GLLibraryEGL.cpp index 3d8da30854..75f40f13f0 100644 --- a/gfx/gl/GLLibraryEGL.cpp +++ b/gfx/gl/GLLibraryEGL.cpp @@ -9,7 +9,6 @@ #include "gfxUtils.h" #include "mozilla/Preferences.h" #include "mozilla/Assertions.h" -#include "mozilla/Telemetry.h" #include "mozilla/Tokenizer.h" #include "mozilla/ScopeExit.h" #include "mozilla/Unused.h" @@ -472,20 +471,6 @@ GLLibraryEGL::EnsureInitialized(bool forceAccel, nsACString* const out_failureId chosenDisplay = GetAndInitDisplayForAccelANGLE(*this, out_failureId); } - // Report the acceleration status to telemetry - if (!chosenDisplay) { - if (accelAngleFailureId.IsEmpty()) { - Telemetry::Accumulate(Telemetry::CANVAS_WEBGL_ACCL_FAILURE_ID, - NS_LITERAL_CSTRING("FEATURE_FAILURE_ACCL_ANGLE_UNKNOWN")); - } else { - Telemetry::Accumulate(Telemetry::CANVAS_WEBGL_ACCL_FAILURE_ID, - accelAngleFailureId); - } - } else { - Telemetry::Accumulate(Telemetry::CANVAS_WEBGL_ACCL_FAILURE_ID, - NS_LITERAL_CSTRING("SUCCESS")); - } - // Fallback to a WARP display if ANGLE fails, or if WARP is forced if (!chosenDisplay && shouldTryWARP) { chosenDisplay = GetAndInitWARPDisplay(*this, EGL_DEFAULT_DISPLAY); diff --git a/gfx/gl/GLTextureImage.cpp b/gfx/gl/GLTextureImage.cpp index 65678432da..c91d558af4 100644 --- a/gfx/gl/GLTextureImage.cpp +++ b/gfx/gl/GLTextureImage.cpp @@ -149,9 +149,6 @@ BasicTextureImage::DirectUpdate(gfx::DataSourceSurface* aSurf, const nsIntRegion &uploadSize, needInit, aFrom); - if (mTextureFormat == SurfaceFormat::UNKNOWN) { - return false; - } if (uploadSize > 0) { UpdateUploadSize(uploadSize); diff --git a/gfx/gl/GLUploadHelpers.cpp b/gfx/gl/GLUploadHelpers.cpp index ca1c890a48..75165eedf7 100644 --- a/gfx/gl/GLUploadHelpers.cpp +++ b/gfx/gl/GLUploadHelpers.cpp @@ -27,23 +27,6 @@ DataOffset(const IntPoint& aPoint, int32_t aStride, SurfaceFormat aFormat) return data; } -static bool -CheckUploadBounds(const IntSize& aDst, const IntSize& aSrc, const IntPoint& aOffset) -{ - if (aOffset.x < 0 || aOffset.y < 0 || - aOffset.x >= aSrc.width || - aOffset.y >= aSrc.height) { - MOZ_ASSERT_UNREACHABLE("Offset outside source bounds"); - return false; - } - if (aDst.width > (aSrc.width - aOffset.x) || - aDst.height > (aSrc.height - aOffset.y)) { - MOZ_ASSERT_UNREACHABLE("Source has insufficient data"); - return false; - } - return true; -} - static GLint GetAddressAlignment(ptrdiff_t aAddress) { if (!(aAddress & 0x7)) { @@ -392,7 +375,6 @@ TexImage2DHelper(GLContext* gl, SurfaceFormat UploadImageDataToTexture(GLContext* gl, unsigned char* aData, - const gfx::IntSize& aDataSize, int32_t aStride, SurfaceFormat aFormat, const nsIntRegion& aDstRegion, @@ -516,10 +498,6 @@ UploadImageDataToTexture(GLContext* gl, // Upload each rect in the region to the texture for (auto iter = aDstRegion.RectIter(); !iter.Done(); iter.Next()) { const IntRect& rect = iter.Get(); - if (!CheckUploadBounds(rect.Size(), aDataSize, rect.TopLeft())) { - return SurfaceFormat::UNKNOWN; - } - const unsigned char* rectData = aData + DataOffset(rect.TopLeft(), aStride, aFormat); @@ -556,17 +534,10 @@ UploadSurfaceToTexture(GLContext* gl, int32_t stride = aSurface->Stride(); SurfaceFormat format = aSurface->GetFormat(); - gfx::IntSize size = aSurface->GetSize(); - if (!CheckUploadBounds(aSize, size, aSrcPoint)) { - return SurfaceFormat::UNKNOWN; - } - unsigned char* data = aSurface->GetData() + DataOffset(aSrcPoint, stride, format); - size.width -= aSrcPoint.x; - size.height -= aSrcPoint.y; - return UploadImageDataToTexture(gl, data, size, stride, format, + return UploadImageDataToTexture(gl, data, stride, format, aDstRegion, aTexture, aSize, aOutUploadSize, aNeedInit, aTextureUnit, aTextureTarget); diff --git a/gfx/gl/GLUploadHelpers.h b/gfx/gl/GLUploadHelpers.h index f732d2b383..866d44adbe 100644 --- a/gfx/gl/GLUploadHelpers.h +++ b/gfx/gl/GLUploadHelpers.h @@ -28,7 +28,6 @@ class GLContext; * \param gl The GL Context to use. * \param aData Start of image data of surface to upload. * Corresponds to the first pixel of the texture. - * \param aDataSize The image data's size. * \param aStride The image data's stride. * \param aFormat The image data's format. * \param aDstRegion Region of the texture to upload. @@ -47,7 +46,6 @@ class GLContext; gfx::SurfaceFormat UploadImageDataToTexture(GLContext* gl, unsigned char* aData, - const gfx::IntSize& aDataSize, int32_t aStride, gfx::SurfaceFormat aFormat, const nsIntRegion& aDstRegion, diff --git a/gfx/gl/TextureImageEGL.cpp b/gfx/gl/TextureImageEGL.cpp index 3bb2987d1d..87a547c269 100644 --- a/gfx/gl/TextureImageEGL.cpp +++ b/gfx/gl/TextureImageEGL.cpp @@ -119,10 +119,6 @@ TextureImageEGL::DirectUpdate(gfx::DataSourceSurface* aSurf, const nsIntRegion& &uploadSize, needInit, aFrom); - if (mTextureFormat == SurfaceFormat::UNKNOWN) { - return false; - } - if (uploadSize > 0) { UpdateUploadSize(uploadSize); } diff --git a/gfx/ipc/GPUChild.cpp b/gfx/ipc/GPUChild.cpp index a075716e32..bfe2d56f72 100644 --- a/gfx/ipc/GPUChild.cpp +++ b/gfx/ipc/GPUChild.cpp @@ -8,7 +8,6 @@ #include "gfxPrefs.h" #include "GPUProcessHost.h" #include "GPUProcessManager.h" -#include "mozilla/Telemetry.h" #include "mozilla/dom/CheckerboardReportService.h" #include "mozilla/gfx/gfxVars.h" #if defined(XP_WIN) @@ -80,7 +79,6 @@ GPUChild::EnsureGPUReady() SendGetDeviceStatus(&data); gfxPlatform::GetPlatform()->ImportGPUDeviceData(data); - Telemetry::AccumulateTimeDelta(Telemetry::GPU_PROCESS_LAUNCH_TIME_MS, mHost->GetLaunchTime()); mGPUReady = true; } @@ -93,7 +91,6 @@ GPUChild::RecvInitComplete(const GPUDeviceData& aData) } gfxPlatform::GetPlatform()->ImportGPUDeviceData(aData); - Telemetry::AccumulateTimeDelta(Telemetry::GPU_PROCESS_LAUNCH_TIME_MS, mHost->GetLaunchTime()); mGPUReady = true; return true; } @@ -131,14 +128,14 @@ GPUChild::RecvNotifyUiObservers(const nsCString& aTopic) bool GPUChild::RecvAccumulateChildHistogram(InfallibleTArray<Accumulation>&& aAccumulations) { - Telemetry::AccumulateChild(GeckoProcessType_GPU, aAccumulations); + /* Telemetry STUB */ return true; } bool GPUChild::RecvAccumulateChildKeyedHistogram(InfallibleTArray<KeyedAccumulation>&& aAccumulations) { - Telemetry::AccumulateChildKeyed(GeckoProcessType_GPU, aAccumulations); + /* Telemetry STUB */ return true; } @@ -152,11 +149,6 @@ GPUChild::RecvNotifyDeviceReset() void GPUChild::ActorDestroy(ActorDestroyReason aWhy) { - if (aWhy == AbnormalShutdown) { - Telemetry::Accumulate(Telemetry::SUBPROCESS_ABNORMAL_ABORT, - nsDependentCString(XRE_ChildProcessTypeToString(GeckoProcessType_GPU), 1)); - } - gfxVars::RemoveReceiver(this); mHost->OnChannelClosed(); } diff --git a/gfx/layers/Layers.cpp b/gfx/layers/Layers.cpp index ff5ab9b50a..482d809a1f 100644 --- a/gfx/layers/Layers.cpp +++ b/gfx/layers/Layers.cpp @@ -22,7 +22,6 @@ #include "gfxUtils.h" // for gfxUtils, etc #include "gfx2DGlue.h" #include "mozilla/DebugOnly.h" // for DebugOnly -#include "mozilla/Telemetry.h" // for Accumulate #include "mozilla/ToString.h" #include "mozilla/dom/Animation.h" // for ComputedTimingFunction #include "mozilla/gfx/2D.h" // for DrawTarget @@ -1621,8 +1620,6 @@ void LayerManager::PostPresent() { if (!mTabSwitchStart.IsNull()) { - Telemetry::Accumulate(Telemetry::FX_TAB_SWITCH_TOTAL_MS, - uint32_t((TimeStamp::Now() - mTabSwitchStart).ToMilliseconds())); mTabSwitchStart = TimeStamp(); } } diff --git a/gfx/layers/apz/src/AsyncPanZoomController.cpp b/gfx/layers/apz/src/AsyncPanZoomController.cpp index 102f282f37..e7574eeb7c 100644 --- a/gfx/layers/apz/src/AsyncPanZoomController.cpp +++ b/gfx/layers/apz/src/AsyncPanZoomController.cpp @@ -904,9 +904,6 @@ nsEventStatus AsyncPanZoomController::HandleDragEvent(const MouseInput& aEvent, return nsEventStatus_eConsumeNoDefault; } - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SCROLL_INPUT_METHODS, - (uint32_t) ScrollInputMethod::ApzScrollbarDrag); - ReentrantMonitorAutoEnter lock(mMonitor); CSSPoint scrollFramePoint = aEvent.mLocalOrigin / GetFrameMetrics().GetZoom(); // The scrollbar can be transformed with the frame but the pres shell @@ -1731,10 +1728,6 @@ nsEventStatus AsyncPanZoomController::OnScrollWheel(const ScrollWheelInput& aEve return nsEventStatus_eIgnore; } - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SCROLL_INPUT_METHODS, - (uint32_t) ScrollInputMethodForWheelDeltaType(aEvent.mDeltaType)); - - switch (aEvent.mScrollMode) { case ScrollWheelInput::SCROLLMODE_INSTANT: { @@ -1934,9 +1927,6 @@ nsEventStatus AsyncPanZoomController::OnPan(const PanGestureInput& aEvent, bool HandlePanningUpdate(physicalPanDisplacement); - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SCROLL_INPUT_METHODS, - (uint32_t) ScrollInputMethod::ApzPanGesture); - ScreenPoint panDistance(fabs(physicalPanDisplacement.x), fabs(physicalPanDisplacement.y)); MOZ_ASSERT(GetCurrentPanGestureBlock()); OverscrollHandoffState handoffState( @@ -2600,8 +2590,6 @@ void AsyncPanZoomController::TrackTouch(const MultiTouchInput& aEvent) { UpdateWithTouchAtDevicePoint(aEvent); if (prevTouchPoint != touchPoint) { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SCROLL_INPUT_METHODS, - (uint32_t) ScrollInputMethod::ApzTouch); MOZ_ASSERT(GetCurrentTouchBlock()); OverscrollHandoffState handoffState( *GetCurrentTouchBlock()->GetOverscrollHandoffChain(), @@ -3260,14 +3248,7 @@ AsyncPanZoomController::UpdateCheckerboardEvent(const MutexAutoLock& aProofOfLoc uint32_t aMagnitude) { if (mCheckerboardEvent && mCheckerboardEvent->RecordFrameInfo(aMagnitude)) { - // This checkerboard event is done. Report some metrics to telemetry. - mozilla::Telemetry::Accumulate(mozilla::Telemetry::CHECKERBOARD_SEVERITY, - mCheckerboardEvent->GetSeverity()); - mozilla::Telemetry::Accumulate(mozilla::Telemetry::CHECKERBOARD_PEAK, - mCheckerboardEvent->GetPeak()); - mozilla::Telemetry::Accumulate(mozilla::Telemetry::CHECKERBOARD_DURATION, - (uint32_t)mCheckerboardEvent->GetDuration().ToMilliseconds()); - + // This checkerboard event is done. mPotentialCheckerboardTracker.CheckerboardDone(); if (gfxPrefs::APZRecordCheckerboarding()) { diff --git a/gfx/layers/apz/src/InputBlockState.cpp b/gfx/layers/apz/src/InputBlockState.cpp index f1310c031d..85b4e13ffe 100644 --- a/gfx/layers/apz/src/InputBlockState.cpp +++ b/gfx/layers/apz/src/InputBlockState.cpp @@ -10,7 +10,6 @@ #include "gfxPrefs.h" // for gfxPrefs #include "mozilla/MouseEvents.h" #include "mozilla/SizePrintfMacros.h" // for PRIuSIZE -#include "mozilla/Telemetry.h" // for Telemetry #include "mozilla/layers/APZCTreeManager.h" // for AllowedTouchBehavior #include "OverscrollHandoffState.h" #include "QueuedInput.h" @@ -246,8 +245,6 @@ CancelableBlockState::RecordContentResponseTime() // Not done yet, we'll get called again return; } - mozilla::Telemetry::Accumulate(mozilla::Telemetry::CONTENT_RESPONSE_DURATION, - (uint32_t)(TimeStamp::Now() - mContentResponseTimer).ToMilliseconds()); mContentResponseTimer = TimeStamp(); } diff --git a/gfx/layers/apz/src/PotentialCheckerboardDurationTracker.cpp b/gfx/layers/apz/src/PotentialCheckerboardDurationTracker.cpp index c83b9f45c2..e469421adf 100644 --- a/gfx/layers/apz/src/PotentialCheckerboardDurationTracker.cpp +++ b/gfx/layers/apz/src/PotentialCheckerboardDurationTracker.cpp @@ -33,9 +33,7 @@ PotentialCheckerboardDurationTracker::CheckerboardDone() MOZ_ASSERT(Tracking()); mInCheckerboard = false; if (!Tracking()) { - mozilla::Telemetry::AccumulateTimeDelta( - mozilla::Telemetry::CHECKERBOARD_POTENTIAL_DURATION, - mCurrentPeriodStart); + /* Telemetry STUB */ } } @@ -63,9 +61,7 @@ PotentialCheckerboardDurationTracker::InTransform(bool aInTransform) // would have taken the other !Tracking branch above. If it's false now, // it means we just stopped tracking, so we are ending a potential // checkerboard period. - mozilla::Telemetry::AccumulateTimeDelta( - mozilla::Telemetry::CHECKERBOARD_POTENTIAL_DURATION, - mCurrentPeriodStart); + /* Telemetry STUB */ } } diff --git a/gfx/layers/composite/TextureHost.cpp b/gfx/layers/composite/TextureHost.cpp index e4a2ffd869..b342f1d184 100644 --- a/gfx/layers/composite/TextureHost.cpp +++ b/gfx/layers/composite/TextureHost.cpp @@ -890,7 +890,8 @@ BufferTextureHost::Upload(nsIntRegion *aRegion) mFirstSource = mCompositor->CreateDataTextureSource(mFlags|TextureFlags::RGB_FROM_YCBCR); mFirstSource->SetOwner(this); } - return mFirstSource->Update(surf, aRegion); + mFirstSource->Update(surf, aRegion); + return true; } RefPtr<DataTextureSource> srcY; diff --git a/gfx/layers/ipc/CompositorBridgeParent.cpp b/gfx/layers/ipc/CompositorBridgeParent.cpp index bf510cd465..e31c6ceb65 100644 --- a/gfx/layers/ipc/CompositorBridgeParent.cpp +++ b/gfx/layers/ipc/CompositorBridgeParent.cpp @@ -484,8 +484,6 @@ CompositorVsyncScheduler::Composite(TimeStamp aVsyncTimestamp) mVsyncNotificationsSkipped = 0; TimeDuration compositeFrameTotal = TimeStamp::Now() - aVsyncTimestamp; - mozilla::Telemetry::Accumulate(mozilla::Telemetry::COMPOSITE_FRAME_ROUNDTRIP_TIME, - compositeFrameTotal.ToMilliseconds()); } else if (mVsyncNotificationsSkipped++ > gfxPrefs::CompositorUnobserveCount()) { UnobserveVsync(); } @@ -1305,7 +1303,6 @@ CompositorBridgeParent::CompositeToTarget(DrawTarget* aTarget, const gfx::IntRec } mCompositor->SetCompositionTime(TimeStamp()); - mozilla::Telemetry::AccumulateTimeDelta(mozilla::Telemetry::COMPOSITE_TIME, start); profiler_tracing("Paint", "Composite", TRACING_INTERVAL_END); } @@ -1660,19 +1657,6 @@ CompositorBridgeParent::NewCompositor(const nsTArray<LayersBackend>& aBackendHin failureReason = "SUCCESS"; } - // should only report success here - if (aBackendHints[i] == LayersBackend::LAYERS_OPENGL){ - Telemetry::Accumulate(Telemetry::OPENGL_COMPOSITING_FAILURE_ID, failureReason); - } -#ifdef XP_WIN - else if (aBackendHints[i] == LayersBackend::LAYERS_D3D9){ - Telemetry::Accumulate(Telemetry::D3D9_COMPOSITING_FAILURE_ID, failureReason); - } - else if (aBackendHints[i] == LayersBackend::LAYERS_D3D11){ - Telemetry::Accumulate(Telemetry::D3D11_COMPOSITING_FAILURE_ID, failureReason); - } -#endif - compositor->SetCompositorID(mCompositorID); return compositor; } @@ -1681,18 +1665,15 @@ CompositorBridgeParent::NewCompositor(const nsTArray<LayersBackend>& aBackendHin if (aBackendHints[i] == LayersBackend::LAYERS_OPENGL){ gfxCriticalNote << "[OPENGL] Failed to init compositor with reason: " << failureReason.get(); - Telemetry::Accumulate(Telemetry::OPENGL_COMPOSITING_FAILURE_ID, failureReason); } #ifdef XP_WIN else if (aBackendHints[i] == LayersBackend::LAYERS_D3D9){ gfxCriticalNote << "[D3D9] Failed to init compositor with reason: " << failureReason.get(); - Telemetry::Accumulate(Telemetry::D3D9_COMPOSITING_FAILURE_ID, failureReason); } else if (aBackendHints[i] == LayersBackend::LAYERS_D3D11){ gfxCriticalNote << "[D3D11] Failed to init compositor with reason: " << failureReason.get(); - Telemetry::Accumulate(Telemetry::D3D11_COMPOSITING_FAILURE_ID, failureReason); } #endif } diff --git a/gfx/layers/opengl/TextureHostOGL.cpp b/gfx/layers/opengl/TextureHostOGL.cpp index ec6ba91312..02c398b51f 100644 --- a/gfx/layers/opengl/TextureHostOGL.cpp +++ b/gfx/layers/opengl/TextureHostOGL.cpp @@ -161,7 +161,9 @@ TextureImageTextureSourceOGL::Update(gfx::DataSourceSurface* aSurface, } } - return mTexImage->UpdateFromDataSource(aSurface, aDestRegion, aSrcOffset); + mTexImage->UpdateFromDataSource(aSurface, aDestRegion, aSrcOffset); + + return true; } void diff --git a/gfx/src/DriverCrashGuard.cpp b/gfx/src/DriverCrashGuard.cpp index 4754c26adf..fd616575bd 100644 --- a/gfx/src/DriverCrashGuard.cpp +++ b/gfx/src/DriverCrashGuard.cpp @@ -11,7 +11,6 @@ #include "nsString.h"
#include "nsXULAppAPI.h"
#include "mozilla/Preferences.h"
-#include "mozilla/Telemetry.h"
#include "mozilla/Services.h"
#include "mozilla/gfx/Logging.h"
#include "mozilla/dom/ContentChild.h"
@@ -469,20 +468,7 @@ D3D11LayersCrashGuard::LogFeatureDisabled() void
D3D11LayersCrashGuard::RecordTelemetry(TelemetryState aState)
{
- // D3D11LayersCrashGuard is a no-op in the child process.
- if (!XRE_IsParentProcess()) {
- return;
- }
-
- // Since we instantiate this class more than once, make sure we only record
- // the first state (since that is really all we care about).
- static bool sTelemetryStateRecorded = false;
- if (sTelemetryStateRecorded) {
- return;
- }
-
- Telemetry::Accumulate(Telemetry::GRAPHICS_DRIVER_STARTUP_TEST, int32_t(aState));
- sTelemetryStateRecorded = true;
+ /* STUB */
}
D3D9VideoCrashGuard::D3D9VideoCrashGuard(dom::ContentParent* aContentParent)
diff --git a/gfx/thebes/DeviceManagerDx.cpp b/gfx/thebes/DeviceManagerDx.cpp index 2f2693c76f..e1cfc5763f 100644 --- a/gfx/thebes/DeviceManagerDx.cpp +++ b/gfx/thebes/DeviceManagerDx.cpp @@ -10,7 +10,6 @@ #include "gfxPrefs.h" #include "gfxWindowsPlatform.h" #include "mozilla/D3DMessageUtils.h" -#include "mozilla/Telemetry.h" #include "mozilla/WindowsVersion.h" #include "mozilla/gfx/GraphicsMessages.h" #include "mozilla/gfx/Logging.h" @@ -589,10 +588,6 @@ DeviceManagerDx::MaybeResetAndReacquireDevices() return false; } - if (resetReason != DeviceResetReason::FORCED_RESET) { - Telemetry::Accumulate(Telemetry::DEVICE_RESET_REASON, uint32_t(resetReason)); - } - bool createCompositorDevice = !!mCompositorDevice; bool createContentDevice = !!mContentDevice; @@ -724,7 +719,6 @@ DeviceManagerDx::GetAnyDeviceRemovedReason(DeviceResetReason* aOutReason) void DeviceManagerDx::ForceDeviceReset(ForcedDeviceResetReason aReason) { - Telemetry::Accumulate(Telemetry::FORCED_DEVICE_RESET_REASON, uint32_t(aReason)); { MutexAutoLock lock(mDeviceLock); mDeviceResetReason = Some(DeviceResetReason::FORCED_RESET); diff --git a/gfx/thebes/gfxDWriteFontList.cpp b/gfx/thebes/gfxDWriteFontList.cpp index d159fddb1e..5cc1fbb92b 100644 --- a/gfx/thebes/gfxDWriteFontList.cpp +++ b/gfx/thebes/gfxDWriteFontList.cpp @@ -14,7 +14,6 @@ #include "nsCharSeparatedTokenizer.h" #include "mozilla/Preferences.h" #include "mozilla/Sprintf.h" -#include "mozilla/Telemetry.h" #include "nsDirectoryServiceUtils.h" #include "nsDirectoryServiceDefs.h" #include "nsAppDirectoryServiceDefs.h" @@ -864,8 +863,6 @@ gfxDWriteFontList::InitFontListForPlatform() hr = gfxWindowsPlatform::GetPlatform()->GetDWriteFactory()-> GetGdiInterop(getter_AddRefs(mGDIInterop)); if (FAILED(hr)) { - Telemetry::Accumulate(Telemetry::DWRITEFONT_INIT_PROBLEM, - uint32_t(errGDIInterop)); return NS_ERROR_FAILURE; } @@ -878,8 +875,6 @@ gfxDWriteFontList::InitFontListForPlatform() NS_ASSERTION(SUCCEEDED(hr), "GetSystemFontCollection failed!"); if (FAILED(hr)) { - Telemetry::Accumulate(Telemetry::DWRITEFONT_INIT_PROBLEM, - uint32_t(errSystemFontCollection)); return NS_ERROR_FAILURE; } @@ -891,8 +886,6 @@ gfxDWriteFontList::InitFontListForPlatform() NS_ASSERTION(mFontFamilies.Count() != 0, "no fonts found in the system fontlist -- holy crap batman!"); if (mFontFamilies.Count() == 0) { - Telemetry::Accumulate(Telemetry::DWRITEFONT_INIT_PROBLEM, - uint32_t(errNoFonts)); return NS_ERROR_FAILURE; } @@ -1001,9 +994,6 @@ gfxDWriteFontList::InitFontListForPlatform() } elapsedTime = (t5.QuadPart - t1.QuadPart) * 1000.0 / frequency.QuadPart; - Telemetry::Accumulate(Telemetry::DWRITEFONT_DELAYEDINITFONTLIST_TOTAL, elapsedTime); - Telemetry::Accumulate(Telemetry::DWRITEFONT_DELAYEDINITFONTLIST_COUNT, - mSystemFonts->GetFontFamilyCount()); LOG_FONTINIT(( "(fontinit) Total time in InitFontList: %9.3f ms (families: %d, %s)\n", elapsedTime, mSystemFonts->GetFontFamilyCount(), @@ -1013,7 +1003,6 @@ gfxDWriteFontList::InitFontListForPlatform() LOG_FONTINIT(("(fontinit) --- base/interop obj initialization init: %9.3f ms\n", elapsedTime)); elapsedTime = (t3.QuadPart - t2.QuadPart) * 1000.0 / frequency.QuadPart; - Telemetry::Accumulate(Telemetry::DWRITEFONT_DELAYEDINITFONTLIST_COLLECT, elapsedTime); LOG_FONTINIT(("(fontinit) --- GetSystemFontCollection: %9.3f ms\n", elapsedTime)); elapsedTime = (t4.QuadPart - t3.QuadPart) * 1000.0 / frequency.QuadPart; @@ -1455,7 +1444,6 @@ gfxDWriteFontList::PlatformGlobalFontFallback(const uint32_t aCh, *aMatchedFamily = family; return fontEntry; } - Telemetry::Accumulate(Telemetry::BAD_FALLBACK_FONT, true); } return nullptr; diff --git a/gfx/thebes/gfxFont.cpp b/gfx/thebes/gfxFont.cpp index d0b747fff1..8ccd721f84 100644 --- a/gfx/thebes/gfxFont.cpp +++ b/gfx/thebes/gfxFont.cpp @@ -229,7 +229,6 @@ gfxFontCache::Lookup(const gfxFontEntry* aFontEntry, Key key(aFontEntry, aStyle, aUnicodeRangeMap); HashEntry *entry = mFonts.GetEntry(key); - Telemetry::Accumulate(Telemetry::FONT_CACHE_HIT, entry != nullptr); if (!entry) return nullptr; @@ -2578,9 +2577,6 @@ gfxFont::GetShapedWord(DrawTarget *aDrawTarget, if (sw) { sw->ResetAge(); - Telemetry::Accumulate((isContent ? Telemetry::WORD_CACHE_HITS_CONTENT : - Telemetry::WORD_CACHE_HITS_CHROME), - aLength); #ifndef RELEASE_OR_BETA if (aTextPerf) { aTextPerf->current.wordCacheHit++; @@ -2589,9 +2585,6 @@ gfxFont::GetShapedWord(DrawTarget *aDrawTarget, return sw; } - Telemetry::Accumulate((isContent ? Telemetry::WORD_CACHE_MISSES_CONTENT : - Telemetry::WORD_CACHE_MISSES_CHROME), - aLength); #ifndef RELEASE_OR_BETA if (aTextPerf) { aTextPerf->current.wordCacheMiss++; diff --git a/gfx/thebes/gfxGDIFontList.cpp b/gfx/thebes/gfxGDIFontList.cpp index cc047ef38c..f65334fe64 100644 --- a/gfx/thebes/gfxGDIFontList.cpp +++ b/gfx/thebes/gfxGDIFontList.cpp @@ -637,8 +637,6 @@ gfxGDIFontList::GetFontSubstitutes() nsresult gfxGDIFontList::InitFontListForPlatform() { - Telemetry::AutoTimer<Telemetry::GDI_INITFONTLIST_TOTAL> timer; - mFontSubstitutes.Clear(); mNonExistingFonts.Clear(); diff --git a/gfx/thebes/gfxGradientCache.cpp b/gfx/thebes/gfxGradientCache.cpp index fa25bd78c8..bfa82685c3 100644 --- a/gfx/thebes/gfxGradientCache.cpp +++ b/gfx/thebes/gfxGradientCache.cpp @@ -8,7 +8,6 @@ #include "PLDHashTable.h" #include "nsExpirationTracker.h" #include "nsClassHashtable.h" -#include "mozilla/Telemetry.h" #include "gfxGradientCache.h" #include <time.h> @@ -127,7 +126,6 @@ class GradientCache final : public nsExpirationTracker<GradientCacheData,4> { srand(time(nullptr)); mTimerPeriod = rand() % MAX_GENERATION_MS + 1; - Telemetry::Accumulate(Telemetry::GRADIENT_RETENTION_TIME, mTimerPeriod); } virtual void NotifyExpired(GradientCacheData* aObject) diff --git a/gfx/thebes/gfxMacPlatformFontList.mm b/gfx/thebes/gfxMacPlatformFontList.mm index bf958a90bb..4536ab527b 100644 --- a/gfx/thebes/gfxMacPlatformFontList.mm +++ b/gfx/thebes/gfxMacPlatformFontList.mm @@ -65,7 +65,6 @@ #include "mozilla/MemoryReporting.h" #include "mozilla/Preferences.h" #include "mozilla/Sprintf.h" -#include "mozilla/Telemetry.h" #include "mozilla/gfx/2D.h" #include <unistd.h> @@ -738,8 +737,6 @@ gfxMacPlatformFontList::InitFontListForPlatform() { nsAutoreleasePool localPool; - Telemetry::AutoTimer<Telemetry::MAC_INITFONTLIST_TOTAL> timer; - // reset system font list mSystemFontFamilies.Clear(); @@ -1043,10 +1040,6 @@ gfxMacPlatformFontList::PlatformGlobalFontFallback(const uint32_t aCh, } } - if (cantUseFallbackFont) { - Telemetry::Accumulate(Telemetry::BAD_FALLBACK_FONT, cantUseFallbackFont); - } - ::CFRelease(str); return fontEntry; diff --git a/gfx/thebes/gfxPlatform.cpp b/gfx/thebes/gfxPlatform.cpp index 171d1bec91..d5af16a196 100644 --- a/gfx/thebes/gfxPlatform.cpp +++ b/gfx/thebes/gfxPlatform.cpp @@ -361,7 +361,6 @@ class CrashTelemetryEvent : public Runnable NS_IMETHOD Run() override { MOZ_ASSERT(NS_IsMainThread()); - Telemetry::Accumulate(Telemetry::GFX_CRASH, mReason); return NS_OK; } @@ -374,29 +373,7 @@ NS_IMPL_ISUPPORTS_INHERITED0(CrashTelemetryEvent, Runnable); void CrashStatsLogForwarder::CrashAction(LogReason aReason) { -#ifndef RELEASE_OR_BETA - // Non-release builds crash by default, but will use telemetry - // if this environment variable is present. - static bool useTelemetry = gfxEnv::GfxDevCrashTelemetry(); -#else - // Release builds use telemetry by default, but will crash instead - // if this environment variable is present. - static bool useTelemetry = !gfxEnv::GfxDevCrashMozCrash(); -#endif - - if (useTelemetry) { - // The callers need to assure that aReason is in the range - // that the telemetry call below supports. - if (NS_IsMainThread()) { - Telemetry::Accumulate(Telemetry::GFX_CRASH, (uint32_t)aReason); - } else { - nsCOMPtr<nsIRunnable> r1 = new CrashTelemetryEvent((uint32_t)aReason); - NS_DispatchToMainThread(r1); - } - } else { - // ignoring aReason, we can get the information we need from the stack - MOZ_CRASH("GFX_CRASH"); - } + MOZ_CRASH("GFX_CRASH"); } NS_IMPL_ISUPPORTS(SRGBOverrideObserver, nsIObserver, nsISupportsWeakReference) diff --git a/gfx/thebes/gfxPlatformFontList.cpp b/gfx/thebes/gfxPlatformFontList.cpp index e12f4e1975..59df406663 100644 --- a/gfx/thebes/gfxPlatformFontList.cpp +++ b/gfx/thebes/gfxPlatformFontList.cpp @@ -322,8 +322,6 @@ gfxPlatformFontList::InitOtherFamilyNames() mOtherFamilyNamesInitialized = true; } TimeStamp end = TimeStamp::Now(); - Telemetry::AccumulateTimeDelta(Telemetry::FONTLIST_INITOTHERFAMILYNAMES, - start, end); if (LOG_FONTINIT_ENABLED()) { TimeDuration elapsed = end - start; @@ -370,8 +368,6 @@ gfxPlatformFontList::SearchFamiliesForFaceName(const nsAString& aFaceName) lookup = FindFaceName(aFaceName); TimeStamp end = TimeStamp::Now(); - Telemetry::AccumulateTimeDelta(Telemetry::FONTLIST_INITFACENAMELISTS, - start, end); if (LOG_FONTINIT_ENABLED()) { TimeDuration elapsed = end - start; LOG_FONTINIT(("(fontinit) SearchFamiliesForFaceName took %8.2f ms %s %s", @@ -587,16 +583,8 @@ gfxPlatformFontList::SystemFindFontForChar(uint32_t aCh, uint32_t aNextCh, static bool first = true; int32_t intElapsed = int32_t(first ? elapsed.ToMilliseconds() : elapsed.ToMicroseconds()); - Telemetry::Accumulate((first ? Telemetry::SYSTEM_FONT_FALLBACK_FIRST : - Telemetry::SYSTEM_FONT_FALLBACK), - intElapsed); first = false; - // track the script for which fallback occurred (incremented one make it - // 1-based) - Telemetry::Accumulate(Telemetry::SYSTEM_FONT_FALLBACK_SCRIPT, - int(aRunScript) + 1); - return fontEntry; } diff --git a/gfx/thebes/gfxUserFontSet.cpp b/gfx/thebes/gfxUserFontSet.cpp index 23c26d9fed..72c54d9b5d 100644 --- a/gfx/thebes/gfxUserFontSet.cpp +++ b/gfx/thebes/gfxUserFontSet.cpp @@ -453,8 +453,6 @@ gfxUserFontEntry::LoadNextSrc() gfxUserFontData::kUnknownCompression); mPlatformFontEntry = fe; SetLoadState(STATUS_LOADED); - Telemetry::Accumulate(Telemetry::WEBFONT_SRCTYPE, - currSrc.mSourceType + 1); return; } else { LOG(("userfonts (%p) [src %d] failed local: (%s) for (%s)\n", @@ -517,8 +515,6 @@ gfxUserFontEntry::LoadNextSrc() if (NS_SUCCEEDED(rv) && LoadPlatformFont(buffer, bufferLength)) { SetLoadState(STATUS_LOADED); - Telemetry::Accumulate(Telemetry::WEBFONT_SRCTYPE, - currSrc.mSourceType + 1); return; } else { mFontSet->LogMessage(this, @@ -572,8 +568,6 @@ gfxUserFontEntry::LoadNextSrc() // LoadPlatformFont takes ownership of the buffer, so no need // to free it here. SetLoadState(STATUS_LOADED); - Telemetry::Accumulate(Telemetry::WEBFONT_SRCTYPE, - currSrc.mSourceType + 1); return; } else { mFontSet->LogMessage(this, @@ -617,7 +611,6 @@ gfxUserFontEntry::LoadPlatformFont(const uint8_t* aFontData, uint32_t& aLength) gfxUserFontType fontType = gfxFontUtils::DetermineFontDataType(aFontData, aLength); - Telemetry::Accumulate(Telemetry::WEBFONT_FONTTYPE, uint32_t(fontType)); // Unwrap/decompress/sanitize or otherwise munge the downloaded data // to make a usable sfnt structure. @@ -650,13 +643,6 @@ gfxUserFontEntry::LoadPlatformFont(const uint8_t* aFontData, uint32_t& aLength) if (saneData) { if (saneLen) { fontCompressionRatio = uint32_t(100.0 * aLength / saneLen + 0.5); - if (fontType == GFX_USERFONT_WOFF || - fontType == GFX_USERFONT_WOFF2) { - Telemetry::Accumulate(fontType == GFX_USERFONT_WOFF ? - Telemetry::WEBFONT_COMPRESSION_WOFF : - Telemetry::WEBFONT_COMPRESSION_WOFF2, - fontCompressionRatio); - } } // The sanitizer ensures that we have a valid sfnt and a usable diff --git a/gfx/thebes/gfxWindowsPlatform.cpp b/gfx/thebes/gfxWindowsPlatform.cpp index a988859eb9..b1ede7ad27 100755 --- a/gfx/thebes/gfxWindowsPlatform.cpp +++ b/gfx/thebes/gfxWindowsPlatform.cpp @@ -430,10 +430,6 @@ gfxWindowsPlatform::HandleDeviceReset() return false; } - if (resetReason != DeviceResetReason::FORCED_RESET) { - Telemetry::Accumulate(Telemetry::DEVICE_RESET_REASON, uint32_t(resetReason)); - } - // Remove devices and adapters. DeviceManagerDx::Get()->ResetDevices(); @@ -1442,15 +1438,7 @@ gfxWindowsPlatform::InitializeD3D11Config() /* static */ void gfxWindowsPlatform::RecordContentDeviceFailure(TelemetryDeviceCode aDevice) { - // If the parent process fails to acquire a device, we record this - // normally as part of the environment. The exceptional case we're - // looking for here is when the parent process successfully acquires - // a device, but the content process fails to acquire the same device. - // This would not normally be displayed in about:support. - if (!XRE_IsContentProcess()) { - return; - } - Telemetry::Accumulate(Telemetry::GFX_CONTENT_FAILED_TO_ACQUIRE_DEVICE, uint32_t(aDevice)); + /* STUB */ } void diff --git a/image/RasterImage.cpp b/image/RasterImage.cpp index aad705473d..b67ec3bef4 100644 --- a/image/RasterImage.cpp +++ b/image/RasterImage.cpp @@ -39,8 +39,8 @@ #include "mozilla/MemoryReporting.h" #include "mozilla/Services.h" #include <stdint.h> -#include "mozilla/Telemetry.h" #include "mozilla/TimeStamp.h" +#include "mozilla/Telemetry.h" #include "mozilla/Tuple.h" #include "mozilla/ClearOnShutdown.h" #include "mozilla/gfx/Scale.h" @@ -104,9 +104,6 @@ RasterImage::~RasterImage() // Release all frames from the surface cache. SurfaceCache::RemoveImage(ImageKey(this)); - - // Record Telemetry. - Telemetry::Accumulate(Telemetry::IMAGE_DECODE_COUNT, mDecodeCount); } nsresult @@ -1365,19 +1362,9 @@ RasterImage::Draw(gfxContext* aContext, return DrawResult::NOT_READY; } - bool shouldRecordTelemetry = !mDrawStartTime.IsNull() && - surface->IsFinished(); - auto result = DrawInternal(Move(surface), aContext, aSize, aRegion, aSamplingFilter, flags); - if (shouldRecordTelemetry) { - TimeDuration drawLatency = TimeStamp::Now() - mDrawStartTime; - Telemetry::Accumulate(Telemetry::IMAGE_DECODE_ON_DRAW_LATENCY, - int32_t(drawLatency.ToMicroseconds())); - mDrawStartTime = TimeStamp(); - } - return result; } @@ -1614,22 +1601,6 @@ RasterImage::NotifyDecodeComplete(const DecoderFinalStatus& aStatus, mAnimationState->SetDoneDecoding(true); } - // Do some telemetry if this isn't a metadata decode. - if (!aStatus.mWasMetadataDecode) { - if (aTelemetry.mChunkCount) { - Telemetry::Accumulate(Telemetry::IMAGE_DECODE_CHUNKS, aTelemetry.mChunkCount); - } - - if (aStatus.mFinished) { - Telemetry::Accumulate(Telemetry::IMAGE_DECODE_TIME, - int32_t(aTelemetry.mDecodeTime.ToMicroseconds())); - - if (aTelemetry.mSpeedHistogram) { - Telemetry::Accumulate(*aTelemetry.mSpeedHistogram, aTelemetry.Speed()); - } - } - } - // Only act on errors if we have no usable frames from the decoder. if (aStatus.mHadError && (!mAnimationState || mAnimationState->KnownFrameCount() == 0)) { diff --git a/image/imgFrame.cpp b/image/imgFrame.cpp index 9c5bf9b998..5da2ccec5d 100644 --- a/image/imgFrame.cpp +++ b/image/imgFrame.cpp @@ -22,7 +22,6 @@ #include "mozilla/gfx/Tools.h" #include "mozilla/Likely.h" #include "mozilla/MemoryReporting.h" -#include "mozilla/Telemetry.h" #include "nsMargin.h" #include "nsThreadUtils.h" @@ -620,8 +619,6 @@ imgFrame::Finish(Opacity aFrameOpacity /* = Opacity::SOME_TRANSPARENCY */, if (aFrameOpacity == Opacity::FULLY_OPAQUE) { mHasNoAlpha = true; - Telemetry::Accumulate(Telemetry::IMAGE_DECODE_OPAQUE_BGRA, - mFormat == SurfaceFormat::B8G8R8A8); } mDisposalMethod = aDisposalMethod; diff --git a/intl/strres/nsStringBundle.cpp b/intl/strres/nsStringBundle.cpp index ab840a469a..717e368e2c 100644 --- a/intl/strres/nsStringBundle.cpp +++ b/intl/strres/nsStringBundle.cpp @@ -25,6 +25,7 @@ #include "nsIErrorService.h" #include "nsICategoryManager.h" #include "nsContentUtils.h" +#include "mozilla/Preferences.h" // for async loading #ifdef ASYNC_LOADING @@ -32,6 +33,9 @@ #include "nsIStringStream.h" #endif +#define STR_HELPER(x) #x +#define STR(x) STR_HELPER(x) + using namespace mozilla; static NS_DEFINE_CID(kErrorServiceCID, NS_ERRORSERVICE_CID); @@ -529,6 +533,8 @@ nsStringBundleService::Init() os->AddObserver(this, "profile-do-change", true); os->AddObserver(this, "chrome-flush-caches", true); os->AddObserver(this, "xpcom-category-entry-added", true); + os->AddObserver(this, "selected-locale-has-changed", true); + os->AddObserver(this, "final-ui-startup", true); } // instantiate the override service, if there is any. @@ -550,6 +556,19 @@ nsStringBundleService::Observe(nsISupports* aSubject, { flushBundleCache(); } + else if (strcmp("selected-locale-has-changed", aTopic) == 0) + { + flushBundleCache(); + notifyBundlesFlushed(); + } + else if (strcmp("final-ui-startup", aTopic) == 0) + { + nsAdoptingCString ualocale = Preferences::GetCString("general.useragent.locale"); + if (!ualocale.EqualsLiteral(STR(MOZ_UI_LOCALE))) { + flushBundleCache(); + notifyBundlesFlushed(); + } + } else if (strcmp("xpcom-category-entry-added", aTopic) == 0 && NS_LITERAL_STRING("xpcom-autoregistration").Equals(aSomeData)) { @@ -560,6 +579,14 @@ nsStringBundleService::Observe(nsISupports* aSubject, } void +nsStringBundleService::notifyBundlesFlushed() +{ + nsCOMPtr<nsIObserverService> obsSvc = mozilla::services::GetObserverService(); + NS_ASSERTION(obsSvc, "Couldn't get observer service."); + obsSvc->NotifyObservers(nullptr, "string-bundles-have-flushed", nullptr); +} + +void nsStringBundleService::flushBundleCache() { // release all bundles in the cache diff --git a/intl/strres/nsStringBundleService.h b/intl/strres/nsStringBundleService.h index a192cdff8c..e65c61f128 100644 --- a/intl/strres/nsStringBundleService.h +++ b/intl/strres/nsStringBundleService.h @@ -43,6 +43,8 @@ private: void flushBundleCache(); + void notifyBundlesFlushed(); + bundleCacheEntry_t *insertIntoCache(already_AddRefed<nsIStringBundle> aBundle, nsCString &aHashKey); diff --git a/intl/uconv/ucvja/nsJapaneseToUnicode.h b/intl/uconv/ucvja/nsJapaneseToUnicode.h index 8e3f207eb2..e2ea45fb68 100644 --- a/intl/uconv/ucvja/nsJapaneseToUnicode.h +++ b/intl/uconv/ucvja/nsJapaneseToUnicode.h @@ -83,8 +83,6 @@ public: mGB2312Decoder = nullptr; mEUCKRDecoder = nullptr; mISO88597Decoder = nullptr; - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::DECODER_INSTANTIATED_ISO2022JP, true); } virtual ~nsISO2022JPToUnicodeV2() { diff --git a/intl/uconv/ucvlatin/nsCP866ToUnicode.cpp b/intl/uconv/ucvlatin/nsCP866ToUnicode.cpp index 4d4b899480..08db5f65a6 100644 --- a/intl/uconv/ucvlatin/nsCP866ToUnicode.cpp +++ b/intl/uconv/ucvlatin/nsCP866ToUnicode.cpp @@ -20,7 +20,6 @@ nsCP866ToUnicodeConstructor(nsISupports *aOuter, REFNSIID aIID, #include "cp866.ut" }; - Telemetry::Accumulate(Telemetry::DECODER_INSTANTIATED_IBM866, true); return CreateOneByteDecoder((uMappingTable*) &g_utMappingTable, aOuter, aIID, aResult); } diff --git a/intl/uconv/ucvlatin/nsISO88595ToUnicode.cpp b/intl/uconv/ucvlatin/nsISO88595ToUnicode.cpp index 23395aa4e5..dae79881d4 100644 --- a/intl/uconv/ucvlatin/nsISO88595ToUnicode.cpp +++ b/intl/uconv/ucvlatin/nsISO88595ToUnicode.cpp @@ -20,7 +20,6 @@ nsISO88595ToUnicodeConstructor(nsISupports *aOuter, REFNSIID aIID, #include "8859-5.ut" }; - Telemetry::Accumulate(Telemetry::DECODER_INSTANTIATED_ISO_8859_5, true); return CreateOneByteDecoder((uMappingTable*) &g_utMappingTable, aOuter, aIID, aResult); } diff --git a/intl/uconv/ucvlatin/nsKOI8RToUnicode.cpp b/intl/uconv/ucvlatin/nsKOI8RToUnicode.cpp index 35f77ba410..25a760a66d 100644 --- a/intl/uconv/ucvlatin/nsKOI8RToUnicode.cpp +++ b/intl/uconv/ucvlatin/nsKOI8RToUnicode.cpp @@ -5,7 +5,6 @@ #include "nsUCConstructors.h" #include "nsKOI8RToUnicode.h" -#include "mozilla/Telemetry.h" using namespace mozilla; @@ -20,7 +19,6 @@ nsKOI8RToUnicodeConstructor(nsISupports *aOuter, REFNSIID aIID, #include "koi8r.ut" }; - Telemetry::Accumulate(Telemetry::DECODER_INSTANTIATED_KOI8R, true); return CreateOneByteDecoder((uMappingTable*) &g_utMappingTable, aOuter, aIID, aResult); } diff --git a/intl/uconv/ucvlatin/nsKOI8UToUnicode.cpp b/intl/uconv/ucvlatin/nsKOI8UToUnicode.cpp index c5d588ad6a..2dbb863777 100644 --- a/intl/uconv/ucvlatin/nsKOI8UToUnicode.cpp +++ b/intl/uconv/ucvlatin/nsKOI8UToUnicode.cpp @@ -20,7 +20,6 @@ nsKOI8UToUnicodeConstructor(nsISupports *aOuter, REFNSIID aIID, #include "koi8u.ut" }; - Telemetry::Accumulate(Telemetry::DECODER_INSTANTIATED_KOI8U, true); return CreateOneByteDecoder((uMappingTable*) &g_utMappingTable, aOuter, aIID, aResult); } diff --git a/intl/uconv/ucvlatin/nsMacArabicToUnicode.cpp b/intl/uconv/ucvlatin/nsMacArabicToUnicode.cpp index 1a9950df72..7ff51f868c 100644 --- a/intl/uconv/ucvlatin/nsMacArabicToUnicode.cpp +++ b/intl/uconv/ucvlatin/nsMacArabicToUnicode.cpp @@ -5,7 +5,6 @@ #include "nsUCConstructors.h" #include "nsMacArabicToUnicode.h" -#include "mozilla/Telemetry.h" using namespace mozilla; @@ -20,7 +19,6 @@ nsMacArabicToUnicodeConstructor(nsISupports *aOuter, REFNSIID aIID, #include "macarabic.ut" }; - Telemetry::Accumulate(Telemetry::DECODER_INSTANTIATED_MACARABIC, true); return CreateOneByteDecoder((uMappingTable*) &g_utMappingTable, aOuter, aIID, aResult); } diff --git a/intl/uconv/ucvlatin/nsMacCEToUnicode.cpp b/intl/uconv/ucvlatin/nsMacCEToUnicode.cpp index 458d0f53ce..4dd3eb159a 100644 --- a/intl/uconv/ucvlatin/nsMacCEToUnicode.cpp +++ b/intl/uconv/ucvlatin/nsMacCEToUnicode.cpp @@ -20,7 +20,6 @@ nsMacCEToUnicodeConstructor(nsISupports *aOuter, REFNSIID aIID, #include "macce.ut" }; - Telemetry::Accumulate(Telemetry::DECODER_INSTANTIATED_MACCE, true); return CreateOneByteDecoder((uMappingTable*) &g_MacCEMappingTable, aOuter, aIID, aResult); } diff --git a/intl/uconv/ucvlatin/nsMacCroatianToUnicode.cpp b/intl/uconv/ucvlatin/nsMacCroatianToUnicode.cpp index 9799ac9ad5..a0549ee269 100644 --- a/intl/uconv/ucvlatin/nsMacCroatianToUnicode.cpp +++ b/intl/uconv/ucvlatin/nsMacCroatianToUnicode.cpp @@ -5,7 +5,6 @@ #include "nsUCConstructors.h" #include "nsMacCroatianToUnicode.h" -#include "mozilla/Telemetry.h" using namespace mozilla; @@ -20,7 +19,6 @@ nsMacCroatianToUnicodeConstructor(nsISupports *aOuter, REFNSIID aIID, #include "maccroat.ut" }; - Telemetry::Accumulate(Telemetry::DECODER_INSTANTIATED_MACCROATIAN, true); return CreateOneByteDecoder((uMappingTable*) &g_utMappingTable, aOuter, aIID, aResult); } diff --git a/intl/uconv/ucvlatin/nsMacCyrillicToUnicode.cpp b/intl/uconv/ucvlatin/nsMacCyrillicToUnicode.cpp index edbf604fd5..0475c2a135 100644 --- a/intl/uconv/ucvlatin/nsMacCyrillicToUnicode.cpp +++ b/intl/uconv/ucvlatin/nsMacCyrillicToUnicode.cpp @@ -5,7 +5,6 @@ #include "nsUCConstructors.h" #include "nsMacCyrillicToUnicode.h" -#include "mozilla/Telemetry.h" using namespace mozilla; @@ -20,7 +19,6 @@ nsMacCyrillicToUnicodeConstructor(nsISupports *aOuter, REFNSIID aIID, #include "maccyril.ut" }; - Telemetry::Accumulate(Telemetry::DECODER_INSTANTIATED_MACCYRILLIC, true); return CreateOneByteDecoder((uMappingTable*) &g_utMappingTable, aOuter, aIID, aResult); } diff --git a/intl/uconv/ucvlatin/nsMacDevanagariToUnicode.cpp b/intl/uconv/ucvlatin/nsMacDevanagariToUnicode.cpp index 3c1cae7338..630553d9c1 100644 --- a/intl/uconv/ucvlatin/nsMacDevanagariToUnicode.cpp +++ b/intl/uconv/ucvlatin/nsMacDevanagariToUnicode.cpp @@ -5,7 +5,6 @@ #include "nsUCConstructors.h" #include "nsMacDevanagariToUnicode.h" -#include "mozilla/Telemetry.h" using namespace mozilla; @@ -20,7 +19,6 @@ nsMacDevanagariToUnicodeConstructor(nsISupports *aOuter, REFNSIID aIID, #include "macdevanaga.ut" }; - Telemetry::Accumulate(Telemetry::DECODER_INSTANTIATED_MACDEVANAGARI, true); return CreateOneByteDecoder((uMappingTable*) &g_utMappingTable, aOuter, aIID, aResult); } diff --git a/intl/uconv/ucvlatin/nsMacFarsiToUnicode.cpp b/intl/uconv/ucvlatin/nsMacFarsiToUnicode.cpp index 1e7e291bad..5870533ff5 100644 --- a/intl/uconv/ucvlatin/nsMacFarsiToUnicode.cpp +++ b/intl/uconv/ucvlatin/nsMacFarsiToUnicode.cpp @@ -5,7 +5,6 @@ #include "nsUCConstructors.h" #include "nsMacFarsiToUnicode.h" -#include "mozilla/Telemetry.h" using namespace mozilla; @@ -20,7 +19,6 @@ nsMacFarsiToUnicodeConstructor(nsISupports *aOuter, REFNSIID aIID, #include "macfarsi.ut" }; - Telemetry::Accumulate(Telemetry::DECODER_INSTANTIATED_MACFARSI, true); return CreateOneByteDecoder((uMappingTable*) &g_utMappingTable, aOuter, aIID, aResult); } diff --git a/intl/uconv/ucvlatin/nsMacGreekToUnicode.cpp b/intl/uconv/ucvlatin/nsMacGreekToUnicode.cpp index 3f90811d37..64d489147a 100644 --- a/intl/uconv/ucvlatin/nsMacGreekToUnicode.cpp +++ b/intl/uconv/ucvlatin/nsMacGreekToUnicode.cpp @@ -5,7 +5,6 @@ #include "nsUCConstructors.h" #include "nsMacGreekToUnicode.h" -#include "mozilla/Telemetry.h" using namespace mozilla; @@ -20,7 +19,6 @@ nsMacGreekToUnicodeConstructor(nsISupports *aOuter, REFNSIID aIID, #include "macgreek.ut" }; - Telemetry::Accumulate(Telemetry::DECODER_INSTANTIATED_MACGREEK, true); return CreateOneByteDecoder((uMappingTable*) &g_MacGreekMappingTable, aOuter, aIID, aResult); } diff --git a/intl/uconv/ucvlatin/nsMacGujaratiToUnicode.cpp b/intl/uconv/ucvlatin/nsMacGujaratiToUnicode.cpp index 21b3020f55..0d01e33e4d 100644 --- a/intl/uconv/ucvlatin/nsMacGujaratiToUnicode.cpp +++ b/intl/uconv/ucvlatin/nsMacGujaratiToUnicode.cpp @@ -17,7 +17,6 @@ nsMacGujaratiToUnicodeConstructor(nsISupports *aOuter, REFNSIID aIID, #include "macgujarati.ut" }; - Telemetry::Accumulate(Telemetry::DECODER_INSTANTIATED_MACGUJARATI, true); return CreateOneByteDecoder((uMappingTable*) &g_utMappingTable, aOuter, aIID, aResult); } diff --git a/intl/uconv/ucvlatin/nsMacGurmukhiToUnicode.cpp b/intl/uconv/ucvlatin/nsMacGurmukhiToUnicode.cpp index d6b3a88d66..e0a59c2053 100644 --- a/intl/uconv/ucvlatin/nsMacGurmukhiToUnicode.cpp +++ b/intl/uconv/ucvlatin/nsMacGurmukhiToUnicode.cpp @@ -5,7 +5,6 @@ #include "nsUCConstructors.h" #include "nsMacGurmukhiToUnicode.h" -#include "mozilla/Telemetry.h" using namespace mozilla; @@ -20,7 +19,6 @@ nsMacGurmukhiToUnicodeConstructor(nsISupports *aOuter, REFNSIID aIID, #include "macgurmukhi.ut" }; - Telemetry::Accumulate(Telemetry::DECODER_INSTANTIATED_MACGURMUKHI, true); return CreateOneByteDecoder((uMappingTable*) &g_utMappingTable, aOuter, aIID, aResult); } diff --git a/intl/uconv/ucvlatin/nsMacHebrewToUnicode.cpp b/intl/uconv/ucvlatin/nsMacHebrewToUnicode.cpp index f19d82c090..d7b1f2139a 100644 --- a/intl/uconv/ucvlatin/nsMacHebrewToUnicode.cpp +++ b/intl/uconv/ucvlatin/nsMacHebrewToUnicode.cpp @@ -5,7 +5,6 @@ #include "nsUCConstructors.h" #include "nsMacHebrewToUnicode.h" -#include "mozilla/Telemetry.h" using namespace mozilla; @@ -20,7 +19,6 @@ nsMacHebrewToUnicodeConstructor(nsISupports *aOuter, REFNSIID aIID, #include "machebrew.ut" }; - Telemetry::Accumulate(Telemetry::DECODER_INSTANTIATED_MACHEBREW, true); return CreateOneByteDecoder((uMappingTable*) &g_utMappingTable, aOuter, aIID, aResult); } diff --git a/intl/uconv/ucvlatin/nsMacIcelandicToUnicode.cpp b/intl/uconv/ucvlatin/nsMacIcelandicToUnicode.cpp index 00cff75091..2b2a3b4d00 100644 --- a/intl/uconv/ucvlatin/nsMacIcelandicToUnicode.cpp +++ b/intl/uconv/ucvlatin/nsMacIcelandicToUnicode.cpp @@ -5,7 +5,6 @@ #include "nsUCConstructors.h" #include "nsMacIcelandicToUnicode.h" -#include "mozilla/Telemetry.h" using namespace mozilla; @@ -20,7 +19,6 @@ nsMacIcelandicToUnicodeConstructor(nsISupports *aOuter, REFNSIID aIID, #include "macicela.ut" }; - Telemetry::Accumulate(Telemetry::DECODER_INSTANTIATED_MACICELANDIC, true); return CreateOneByteDecoder((uMappingTable*) &g_utMappingTable, aOuter, aIID, aResult); } diff --git a/intl/uconv/ucvlatin/nsMacRomanianToUnicode.cpp b/intl/uconv/ucvlatin/nsMacRomanianToUnicode.cpp index 96c24dea39..955610e165 100644 --- a/intl/uconv/ucvlatin/nsMacRomanianToUnicode.cpp +++ b/intl/uconv/ucvlatin/nsMacRomanianToUnicode.cpp @@ -5,7 +5,6 @@ #include "nsUCConstructors.h" #include "nsMacRomanianToUnicode.h" -#include "mozilla/Telemetry.h" using namespace mozilla; @@ -20,7 +19,6 @@ nsMacRomanianToUnicodeConstructor(nsISupports *aOuter, REFNSIID aIID, #include "macro.ut" }; - Telemetry::Accumulate(Telemetry::DECODER_INSTANTIATED_MACROMANIAN, true); return CreateOneByteDecoder((uMappingTable*) &g_utMappingTable, aOuter, aIID, aResult); } diff --git a/intl/uconv/ucvlatin/nsMacTurkishToUnicode.cpp b/intl/uconv/ucvlatin/nsMacTurkishToUnicode.cpp index 86d2d1ae71..c30cf94d40 100644 --- a/intl/uconv/ucvlatin/nsMacTurkishToUnicode.cpp +++ b/intl/uconv/ucvlatin/nsMacTurkishToUnicode.cpp @@ -5,7 +5,6 @@ #include "nsUCConstructors.h" #include "nsMacTurkishToUnicode.h" -#include "mozilla/Telemetry.h" using namespace mozilla; @@ -20,7 +19,6 @@ nsMacTurkishToUnicodeConstructor(nsISupports *aOuter, REFNSIID aIID, #include "macturki.ut" }; - Telemetry::Accumulate(Telemetry::DECODER_INSTANTIATED_MACTURKISH, true); return CreateOneByteDecoder((uMappingTable*) &g_MacTurkishMappingTable, aOuter, aIID, aResult); } diff --git a/ipc/chromium/src/base/process_util_win.cc b/ipc/chromium/src/base/process_util_win.cc index f22f7216fa..fa9b86ace9 100644 --- a/ipc/chromium/src/base/process_util_win.cc +++ b/ipc/chromium/src/base/process_util_win.cc @@ -298,6 +298,33 @@ bool LaunchApp(const std::wstring& cmdline, LPPROC_THREAD_ATTRIBUTE_LIST lpAttributeList = NULL; + // setup our handle array first - if we end up with no handles that can + // be inherited we can avoid trying to do the ThreadAttributeList dance... + HANDLE handlesToInherit[2]; + int handleCount = 0; + HANDLE stdOut = ::GetStdHandle(STD_OUTPUT_HANDLE); + HANDLE stdErr = ::GetStdHandle(STD_ERROR_HANDLE); + + if (IsInheritableHandle(stdOut)) + handlesToInherit[handleCount++] = stdOut; + if (stdErr != stdOut && IsInheritableHandle(stdErr)) + handlesToInherit[handleCount++] = stdErr; + + if (handleCount) { + lpAttributeList = CreateThreadAttributeList(handlesToInherit, handleCount); + if (lpAttributeList) { + // it's safe to inherit handles, so arrange for that... + startup_info.cb = sizeof(startup_info_ex); + startup_info.dwFlags |= STARTF_USESTDHANDLES; + startup_info.hStdOutput = stdOut; + startup_info.hStdError = stdErr; + startup_info.hStdInput = INVALID_HANDLE_VALUE; + startup_info_ex.lpAttributeList = lpAttributeList; + dwCreationFlags |= EXTENDED_STARTUPINFO_PRESENT; + bInheritHandles = TRUE; + } + } + PROCESS_INFORMATION process_info; BOOL createdOK = CreateProcess(NULL, const_cast<wchar_t*>(cmdline.c_str()), NULL, NULL, diff --git a/ipc/glue/GeckoChildProcessHost.cpp b/ipc/glue/GeckoChildProcessHost.cpp index e58408e0c6..8147e87dc2 100644 --- a/ipc/glue/GeckoChildProcessHost.cpp +++ b/ipc/glue/GeckoChildProcessHost.cpp @@ -32,7 +32,6 @@ #include "mozilla/ClearOnShutdown.h" #include "mozilla/ipc/BrowserProcessSubThread.h" #include "mozilla/Omnijar.h" -#include "mozilla/Telemetry.h" #include "ProtocolUtils.h" #include <sys/stat.h> @@ -534,8 +533,6 @@ GeckoChildProcessHost::RunPerformAsyncLaunch(std::vector<std::string> aExtraOpts lock.Notify(); CHROMIUM_LOG(ERROR) << "Failed to launch " << XRE_ChildProcessTypeToString(mProcessType) << " subprocess"; - Telemetry::Accumulate(Telemetry::SUBPROCESS_LAUNCH_FAILURE, - nsDependentCString(XRE_ChildProcessTypeToString(mProcessType))); } return ok; } diff --git a/ipc/glue/MessageChannel.cpp b/ipc/glue/MessageChannel.cpp index 7861f3e2d3..a988fae53c 100644 --- a/ipc/glue/MessageChannel.cpp +++ b/ipc/glue/MessageChannel.cpp @@ -760,11 +760,6 @@ MessageChannel::Echo(Message* aMsg) bool MessageChannel::Send(Message* aMsg) { - if (aMsg->size() >= kMinTelemetryMessageSize) { - Telemetry::Accumulate(Telemetry::IPC_MESSAGE_SIZE, - nsDependentCString(aMsg->name()), aMsg->size()); - } - MOZ_RELEASE_ASSERT(!aMsg->is_sync()); MOZ_RELEASE_ASSERT(aMsg->nested_level() != IPC::Message::NESTED_INSIDE_SYNC); @@ -1059,11 +1054,6 @@ MessageChannel::ProcessPendingRequests(AutoEnterTransaction& aTransaction) bool MessageChannel::Send(Message* aMsg, Message* aReply) { - if (aMsg->size() >= kMinTelemetryMessageSize) { - Telemetry::Accumulate(Telemetry::IPC_MESSAGE_SIZE, - nsDependentCString(aMsg->name()), aMsg->size()); - } - nsAutoPtr<Message> msg(aMsg); // Sanity checks. @@ -1249,10 +1239,6 @@ MessageChannel::Send(Message* aMsg, Message* aReply) MOZ_RELEASE_ASSERT(reply->is_sync()); *aReply = Move(*reply); - if (aReply->size() >= kMinTelemetryMessageSize) { - Telemetry::Accumulate(Telemetry::IPC_REPLY_SIZE, - nsDependentCString(msgName), aReply->size()); - } return true; } @@ -2546,7 +2532,6 @@ void CancelCPOWs() { if (gParentProcessBlocker) { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::IPC_TRANSACTION_CANCEL, true); gParentProcessBlocker->CancelCurrentTransaction(); } } diff --git a/js/ipc/JavaScriptParent.cpp b/js/ipc/JavaScriptParent.cpp index ca0a0bd214..6cf9e05911 100644 --- a/js/ipc/JavaScriptParent.cpp +++ b/js/ipc/JavaScriptParent.cpp @@ -15,7 +15,6 @@ #include "js/HeapAPI.h" #include "xpcprivate.h" #include "mozilla/Casting.h" -#include "mozilla/Telemetry.h" #include "mozilla/Unused.h" #include "nsAutoPtr.h" @@ -110,7 +109,6 @@ JavaScriptParent::allowMessage(JSContext* cx) if (!xpc::CompartmentPrivate::Get(jsGlobal)->allowCPOWs) { if (!addonId && ForbidUnsafeBrowserCPOWs() && !isSafe) { - Telemetry::Accumulate(Telemetry::BROWSER_SHIM_USAGE_BLOCKED, 1); JS_ReportErrorASCII(cx, "unsafe CPOW usage forbidden"); return false; } @@ -120,7 +118,6 @@ JavaScriptParent::allowMessage(JSContext* cx) nsString addonIdString; AssignJSFlatString(addonIdString, flat); NS_ConvertUTF16toUTF8 addonIdCString(addonIdString); - Telemetry::Accumulate(Telemetry::ADDON_FORBIDDEN_CPOW_USAGE, addonIdCString); if (ForbidCPOWsInCompatibleAddon(addonIdCString)) { JS_ReportErrorASCII(cx, "CPOW usage forbidden in this add-on"); diff --git a/js/public/HashTable.h b/js/public/HashTable.h index 5d4c0665d7..8a2493b559 100644 --- a/js/public/HashTable.h +++ b/js/public/HashTable.h @@ -12,6 +12,7 @@ #include "mozilla/Attributes.h" #include "mozilla/Casting.h" #include "mozilla/HashFunctions.h" +#include "mozilla/MemoryChecking.h" #include "mozilla/MemoryReporting.h" #include "mozilla/Move.h" #include "mozilla/Opaque.h" @@ -805,17 +806,22 @@ class HashTableEntry void operator=(const HashTableEntry&) = delete; ~HashTableEntry() = delete; + void destroyStoredT() { + mem.addr()->~T(); + MOZ_MAKE_MEM_UNDEFINED(mem.addr(), sizeof(*mem.addr())); + } + public: // NB: HashTableEntry is treated as a POD: no constructor or destructor calls. void destroyIfLive() { if (isLive()) - mem.addr()->~T(); + destroyStoredT(); } void destroy() { MOZ_ASSERT(isLive()); - mem.addr()->~T(); + destroyStoredT(); } void swap(HashTableEntry* other) { @@ -835,10 +841,28 @@ class HashTableEntry NonConstT& getMutable() { MOZ_ASSERT(isLive()); return *mem.addr(); } bool isFree() const { return keyHash == sFreeKey; } - void clearLive() { MOZ_ASSERT(isLive()); keyHash = sFreeKey; mem.addr()->~T(); } - void clear() { if (isLive()) mem.addr()->~T(); keyHash = sFreeKey; } + void clearLive() { + MOZ_ASSERT(isLive()); + keyHash = sFreeKey; + destroyStoredT(); + } + + void clear() { + if (isLive()) + destroyStoredT(); + + MOZ_MAKE_MEM_UNDEFINED(this, sizeof(*this)); + keyHash = sFreeKey; + } + bool isRemoved() const { return keyHash == sRemovedKey; } - void removeLive() { MOZ_ASSERT(isLive()); keyHash = sRemovedKey; mem.addr()->~T(); } + + void removeLive() { + MOZ_ASSERT(isLive()); + keyHash = sRemovedKey; + destroyStoredT(); + } + bool isLive() const { return isLiveHash(keyHash); } void setCollision() { MOZ_ASSERT(isLive()); keyHash |= sCollisionBit; } void unsetCollision() { keyHash &= ~sCollisionBit; } @@ -1654,14 +1678,10 @@ class HashTable : private AllocPolicy public: void clear() { - if (mozilla::IsPod<Entry>::value) { - memset(table, 0, sizeof(*table) * capacity()); - } else { - uint32_t tableCapacity = capacity(); - Entry* end = table + tableCapacity; - for (Entry* e = table; e < end; ++e) - e->clear(); - } + Entry* end = table + capacity(); + for (Entry* e = table; e < end; ++e) + e->clear(); + removedCount = 0; entryCount = 0; #ifdef JS_DEBUG diff --git a/js/public/MemoryMetrics.h b/js/public/MemoryMetrics.h index 9b5caa24b7..b0b26631c6 100644 --- a/js/public/MemoryMetrics.h +++ b/js/public/MemoryMetrics.h @@ -37,7 +37,13 @@ struct TabSizes Other }; - TabSizes() { mozilla::PodZero(this); } + TabSizes() + : objects(0) + , strings(0) + , private_(0) + , other(0) + { + } void add(Kind kind, size_t n) { switch (kind) { @@ -68,7 +74,15 @@ struct ServoSizes Ignore }; - ServoSizes() { mozilla::PodZero(this); } + ServoSizes() + : gcHeapUsed(0) + , gcHeapUnused(0) + , gcHeapAdmin(0) + , gcHeapDecommitted(0) + , mallocHeap(0) + , nonHeap(0) + { + } void add(Kind kind, size_t n) { switch (kind) { diff --git a/js/src/builtin/AtomicsObject.cpp b/js/src/builtin/AtomicsObject.cpp index 08777fd512..2551f3b7d2 100644 --- a/js/src/builtin/AtomicsObject.cpp +++ b/js/src/builtin/AtomicsObject.cpp @@ -789,7 +789,7 @@ js::atomics_wait(JSContext* cx, unsigned argc, Value* vp) // and it provides the necessary memory fence. AutoLockFutexAPI lock; - SharedMem<int32_t*>(addr) = view->viewDataShared().cast<int32_t*>() + offset; + SharedMem<int32_t*> addr = view->viewDataShared().cast<int32_t*>() + offset; if (jit::AtomicOperations::loadSafeWhenRacy(addr) != value) { r.setString(cx->names().futexNotEqual); return true; diff --git a/js/src/gc/Barrier.h b/js/src/gc/Barrier.h index effc9233ea..dce3b2a203 100644 --- a/js/src/gc/Barrier.h +++ b/js/src/gc/Barrier.h @@ -667,29 +667,15 @@ class HeapSlot : public WriteBarrieredBase<Value> Element = 1 }; - explicit HeapSlot() = delete; - - explicit HeapSlot(NativeObject* obj, Kind kind, uint32_t slot, const Value& v) - : WriteBarrieredBase<Value>(v) - { - post(obj, kind, slot, v); - } - - explicit HeapSlot(NativeObject* obj, Kind kind, uint32_t slot, const HeapSlot& s) - : WriteBarrieredBase<Value>(s.value) - { - post(obj, kind, slot, s); - } - - ~HeapSlot() { - pre(); - } - void init(NativeObject* owner, Kind kind, uint32_t slot, const Value& v) { value = v; post(owner, kind, slot, v); } + void destroy() { + pre(); + } + #ifdef DEBUG bool preconditionForSet(NativeObject* owner, Kind kind, uint32_t slot) const; bool preconditionForWriteBarrierPost(NativeObject* obj, Kind kind, uint32_t slot, @@ -703,11 +689,6 @@ class HeapSlot : public WriteBarrieredBase<Value> post(owner, kind, slot, v); } - /* For users who need to manually barrier the raw types. */ - static void writeBarrierPost(NativeObject* owner, Kind kind, uint32_t slot, const Value& target) { - reinterpret_cast<HeapSlot*>(const_cast<Value*>(&target))->post(owner, kind, slot, target); - } - private: void post(NativeObject* owner, Kind kind, uint32_t slot, const Value& target) { MOZ_ASSERT(preconditionForWriteBarrierPost(owner, kind, slot, target)); diff --git a/js/src/jit/MacroAssembler.cpp b/js/src/jit/MacroAssembler.cpp index 9dbbe76242..f633b9b7b9 100644 --- a/js/src/jit/MacroAssembler.cpp +++ b/js/src/jit/MacroAssembler.cpp @@ -2214,12 +2214,6 @@ MacroAssembler::finish() } MacroAssemblerSpecific::finish(); - - MOZ_RELEASE_ASSERT(size() <= MaxCodeBytesPerProcess, - "AssemblerBuffer should ensure we don't exceed MaxCodeBytesPerProcess"); - - if (bytesNeeded() > MaxCodeBytesPerProcess) - setOOM(); } void diff --git a/js/src/jit/ProcessExecutableMemory.cpp b/js/src/jit/ProcessExecutableMemory.cpp index 301541541e..71c2ab0dce 100644 --- a/js/src/jit/ProcessExecutableMemory.cpp +++ b/js/src/jit/ProcessExecutableMemory.cpp @@ -385,6 +385,14 @@ class PageBitSet #endif }; +// Limit on the number of bytes of executable memory to prevent JIT spraying +// attacks. +#if JS_BITS_PER_WORD == 32 +static const size_t MaxCodeBytesPerProcess = 128 * 1024 * 1024; +#else +static const size_t MaxCodeBytesPerProcess = 1 * 1024 * 1024 * 1024; +#endif + // Per-process executable memory allocator. It reserves a block of memory of // MaxCodeBytesPerProcess bytes, then allocates/deallocates pages from that. // diff --git a/js/src/jit/ProcessExecutableMemory.h b/js/src/jit/ProcessExecutableMemory.h index a0e2fab985..078ce7cb75 100644 --- a/js/src/jit/ProcessExecutableMemory.h +++ b/js/src/jit/ProcessExecutableMemory.h @@ -17,14 +17,6 @@ namespace jit { // alignment though. static const size_t ExecutableCodePageSize = 64 * 1024; -// Limit on the number of bytes of executable memory to prevent JIT spraying -// attacks. -#if JS_BITS_PER_WORD == 32 -static const size_t MaxCodeBytesPerProcess = 128 * 1024 * 1024; -#else -static const size_t MaxCodeBytesPerProcess = 1 * 1024 * 1024 * 1024; -#endif - enum class ProtectionSetting { Protected, // Not readable, writable, or executable. Writable, diff --git a/js/src/jit/shared/IonAssemblerBuffer.h b/js/src/jit/shared/IonAssemblerBuffer.h index 3a65526968..cc20e26d21 100644 --- a/js/src/jit/shared/IonAssemblerBuffer.h +++ b/js/src/jit/shared/IonAssemblerBuffer.h @@ -181,10 +181,6 @@ class AssemblerBuffer protected: virtual Slice* newSlice(LifoAlloc& a) { - if (size() > MaxCodeBytesPerProcess - sizeof(Slice)) { - fail_oom(); - return nullptr; - } Slice* tmp = static_cast<Slice*>(a.alloc(sizeof(Slice))); if (!tmp) { fail_oom(); diff --git a/js/src/jit/x86-shared/AssemblerBuffer-x86-shared.h b/js/src/jit/x86-shared/AssemblerBuffer-x86-shared.h index fe678fc7db..8343579c81 100644 --- a/js/src/jit/x86-shared/AssemblerBuffer-x86-shared.h +++ b/js/src/jit/x86-shared/AssemblerBuffer-x86-shared.h @@ -68,33 +68,6 @@ namespace js { namespace jit { - // AllocPolicy for AssemblerBuffer. OOMs when trying to allocate more than - // MaxCodeBytesPerProcess bytes. Use private inheritance to make sure we - // explicitly have to expose SystemAllocPolicy methods. - class AssemblerBufferAllocPolicy : private SystemAllocPolicy - { - public: - using SystemAllocPolicy::checkSimulatedOOM; - using SystemAllocPolicy::reportAllocOverflow; - using SystemAllocPolicy::free_; - - template <typename T> T* pod_realloc(T* p, size_t oldSize, size_t newSize) { - static_assert(sizeof(T) == 1, - "AssemblerBufferAllocPolicy should only be used with byte vectors"); - MOZ_ASSERT(oldSize <= MaxCodeBytesPerProcess); - if (MOZ_UNLIKELY(newSize > MaxCodeBytesPerProcess)) - return nullptr; - return SystemAllocPolicy::pod_realloc<T>(p, oldSize, newSize); - } - template <typename T> T* pod_malloc(size_t numElems) { - static_assert(sizeof(T) == 1, - "AssemblerBufferAllocPolicy should only be used with byte vectors"); - if (MOZ_UNLIKELY(numElems > MaxCodeBytesPerProcess)) - return nullptr; - return SystemAllocPolicy::pod_malloc<T>(numElems); - } - }; - class AssemblerBuffer { template<size_t size, typename T> @@ -120,10 +93,8 @@ namespace jit { void ensureSpace(size_t space) { - // This should only be called with small |space| values to ensure - // we don't overflow below. - MOZ_ASSERT(space <= 16); - if (MOZ_UNLIKELY(!m_buffer.reserve(m_buffer.length() + space))) + if (MOZ_UNLIKELY(m_buffer.length() > (SIZE_MAX - space) || + !m_buffer.reserve(m_buffer.length() + space))) oomDetected(); } @@ -198,7 +169,7 @@ namespace jit { m_buffer.clear(); } - PageProtectingVector<unsigned char, 256, AssemblerBufferAllocPolicy> m_buffer; + PageProtectingVector<unsigned char, 256, SystemAllocPolicy> m_buffer; bool m_oom; }; diff --git a/js/src/vm/NativeObject.h b/js/src/vm/NativeObject.h index d2c06eabc1..4dbc167ab6 100644 --- a/js/src/vm/NativeObject.h +++ b/js/src/vm/NativeObject.h @@ -876,7 +876,7 @@ class NativeObject : public ShapedObject MOZ_ASSERT(end <= getDenseInitializedLength()); MOZ_ASSERT(!denseElementsAreCopyOnWrite()); for (size_t i = start; i < end; i++) - elements_[i].HeapSlot::~HeapSlot(); + elements_[i].destroy(); } /* @@ -885,7 +885,7 @@ class NativeObject : public ShapedObject */ void prepareSlotRangeForOverwrite(size_t start, size_t end) { for (size_t i = start; i < end; i++) - getSlotAddressUnchecked(i)->HeapSlot::~HeapSlot(); + getSlotAddressUnchecked(i)->destroy(); } public: @@ -1085,7 +1085,8 @@ class NativeObject : public ShapedObject for (uint32_t i = 0; i < count; ++i) elements_[dstStart + i].set(this, HeapSlot::Element, dstStart + i, src[i]); } else { - memcpy(&elements_[dstStart], src, count * sizeof(HeapSlot)); + memcpy(reinterpret_cast<Value*>(&elements_[dstStart]), src, + count * sizeof(Value)); elementsRangeWriteBarrierPost(dstStart, count); } } @@ -1094,7 +1095,7 @@ class NativeObject : public ShapedObject MOZ_ASSERT(dstStart + count <= getDenseCapacity()); MOZ_ASSERT(!denseElementsAreCopyOnWrite()); MOZ_ASSERT(!denseElementsAreFrozen()); - memcpy(&elements_[dstStart], src, count * sizeof(HeapSlot)); + memcpy(reinterpret_cast<Value*>(&elements_[dstStart]), src, count * sizeof(Value)); elementsRangeWriteBarrierPost(dstStart, count); } @@ -1142,7 +1143,7 @@ class NativeObject : public ShapedObject MOZ_ASSERT(!denseElementsAreCopyOnWrite()); MOZ_ASSERT(!denseElementsAreFrozen()); - memmove(elements_ + dstStart, elements_ + srcStart, count * sizeof(Value)); + memmove(elements_ + dstStart, elements_ + srcStart, count * sizeof(HeapSlot)); elementsRangeWriteBarrierPost(dstStart, count); } diff --git a/js/xpconnect/src/XPCJSContext.cpp b/js/xpconnect/src/XPCJSContext.cpp index f352607d4c..82af645209 100644 --- a/js/xpconnect/src/XPCJSContext.cpp +++ b/js/xpconnect/src/XPCJSContext.cpp @@ -28,7 +28,6 @@ #include "nsPIDOMWindow.h" #include "nsPrintfCString.h" #include "mozilla/Preferences.h" -#include "mozilla/Telemetry.h" #include "mozilla/Services.h" #include "mozilla/dom/ScriptSettings.h" @@ -135,8 +134,6 @@ public: { TimeStamp start = TimeStamp::Now(); bool hadSnowWhiteObjects = nsCycleCollector_doDeferredDeletion(); - Telemetry::Accumulate(Telemetry::CYCLE_COLLECTOR_ASYNC_SNOW_WHITE_FREEING, - uint32_t((TimeStamp::Now() - start).ToMilliseconds())); if (hadSnowWhiteObjects && !mContinuation) { mContinuation = true; if (NS_FAILED(NS_DispatchToCurrentThread(this))) { @@ -1317,7 +1314,6 @@ XPCJSContext::InterruptCallback(JSContext* cx) // Accumulate slow script invokation delay. if (!chrome && !self->mTimeoutAccumulated) { uint32_t delay = uint32_t(self->mSlowScriptActualWait.ToMilliseconds() - (limit * 1000.0)); - Telemetry::Accumulate(Telemetry::SLOW_SCRIPT_NOTIFY_DELAY, delay); self->mTimeoutAccumulated = true; } @@ -2955,100 +2951,7 @@ JSSizeOfTab(JSObject* objArg, size_t* jsObjectsSize, size_t* jsStringsSize, static void AccumulateTelemetryCallback(int id, uint32_t sample, const char* key) { - switch (id) { - case JS_TELEMETRY_GC_REASON: - Telemetry::Accumulate(Telemetry::GC_REASON_2, sample); - break; - case JS_TELEMETRY_GC_IS_ZONE_GC: - Telemetry::Accumulate(Telemetry::GC_IS_COMPARTMENTAL, sample); - break; - case JS_TELEMETRY_GC_MS: - Telemetry::Accumulate(Telemetry::GC_MS, sample); - break; - case JS_TELEMETRY_GC_BUDGET_MS: - Telemetry::Accumulate(Telemetry::GC_BUDGET_MS, sample); - break; - case JS_TELEMETRY_GC_ANIMATION_MS: - Telemetry::Accumulate(Telemetry::GC_ANIMATION_MS, sample); - break; - case JS_TELEMETRY_GC_MAX_PAUSE_MS: - Telemetry::Accumulate(Telemetry::GC_MAX_PAUSE_MS, sample); - break; - case JS_TELEMETRY_GC_MARK_MS: - Telemetry::Accumulate(Telemetry::GC_MARK_MS, sample); - break; - case JS_TELEMETRY_GC_SWEEP_MS: - Telemetry::Accumulate(Telemetry::GC_SWEEP_MS, sample); - break; - case JS_TELEMETRY_GC_COMPACT_MS: - Telemetry::Accumulate(Telemetry::GC_COMPACT_MS, sample); - break; - case JS_TELEMETRY_GC_MARK_ROOTS_MS: - Telemetry::Accumulate(Telemetry::GC_MARK_ROOTS_MS, sample); - break; - case JS_TELEMETRY_GC_MARK_GRAY_MS: - Telemetry::Accumulate(Telemetry::GC_MARK_GRAY_MS, sample); - break; - case JS_TELEMETRY_GC_SLICE_MS: - Telemetry::Accumulate(Telemetry::GC_SLICE_MS, sample); - break; - case JS_TELEMETRY_GC_SLOW_PHASE: - Telemetry::Accumulate(Telemetry::GC_SLOW_PHASE, sample); - break; - case JS_TELEMETRY_GC_MMU_50: - Telemetry::Accumulate(Telemetry::GC_MMU_50, sample); - break; - case JS_TELEMETRY_GC_RESET: - Telemetry::Accumulate(Telemetry::GC_RESET, sample); - break; - case JS_TELEMETRY_GC_RESET_REASON: - Telemetry::Accumulate(Telemetry::GC_RESET_REASON, sample); - break; - case JS_TELEMETRY_GC_INCREMENTAL_DISABLED: - Telemetry::Accumulate(Telemetry::GC_INCREMENTAL_DISABLED, sample); - break; - case JS_TELEMETRY_GC_NON_INCREMENTAL: - Telemetry::Accumulate(Telemetry::GC_NON_INCREMENTAL, sample); - break; - case JS_TELEMETRY_GC_NON_INCREMENTAL_REASON: - Telemetry::Accumulate(Telemetry::GC_NON_INCREMENTAL_REASON, sample); - break; - case JS_TELEMETRY_GC_SCC_SWEEP_TOTAL_MS: - Telemetry::Accumulate(Telemetry::GC_SCC_SWEEP_TOTAL_MS, sample); - break; - case JS_TELEMETRY_GC_SCC_SWEEP_MAX_PAUSE_MS: - Telemetry::Accumulate(Telemetry::GC_SCC_SWEEP_MAX_PAUSE_MS, sample); - break; - case JS_TELEMETRY_GC_MINOR_REASON: - Telemetry::Accumulate(Telemetry::GC_MINOR_REASON, sample); - break; - case JS_TELEMETRY_GC_MINOR_REASON_LONG: - Telemetry::Accumulate(Telemetry::GC_MINOR_REASON_LONG, sample); - break; - case JS_TELEMETRY_GC_MINOR_US: - Telemetry::Accumulate(Telemetry::GC_MINOR_US, sample); - break; - case JS_TELEMETRY_GC_NURSERY_BYTES: - Telemetry::Accumulate(Telemetry::GC_NURSERY_BYTES, sample); - break; - case JS_TELEMETRY_GC_PRETENURE_COUNT: - Telemetry::Accumulate(Telemetry::GC_PRETENURE_COUNT, sample); - break; - case JS_TELEMETRY_DEPRECATED_LANGUAGE_EXTENSIONS_IN_CONTENT: - Telemetry::Accumulate(Telemetry::JS_DEPRECATED_LANGUAGE_EXTENSIONS_IN_CONTENT, sample); - break; - case JS_TELEMETRY_DEPRECATED_LANGUAGE_EXTENSIONS_IN_ADDONS: - Telemetry::Accumulate(Telemetry::JS_DEPRECATED_LANGUAGE_EXTENSIONS_IN_ADDONS, sample); - break; - case JS_TELEMETRY_ADDON_EXCEPTIONS: - Telemetry::Accumulate(Telemetry::JS_TELEMETRY_ADDON_EXCEPTIONS, nsDependentCString(key), sample); - break; - case JS_TELEMETRY_AOT_USAGE: - Telemetry::Accumulate(Telemetry::JS_AOT_USAGE, sample); - break; - default: - MOZ_ASSERT_UNREACHABLE("Unexpected JS_TELEMETRY id"); - } +/* STUB */ } static void diff --git a/layout/base/nsArenaMemoryStats.h b/layout/base/nsArenaMemoryStats.h index ba09baaa42..2a872cfe83 100644 --- a/layout/base/nsArenaMemoryStats.h +++ b/layout/base/nsArenaMemoryStats.h @@ -18,7 +18,12 @@ public: Other // Everything else. }; - nsTabSizes() { mozilla::PodZero(this); } + nsTabSizes() + : mDom(0) + , mStyle(0) + , mOther(0) + { + } void add(Kind kind, size_t n) { diff --git a/layout/base/nsCSSRendering.cpp b/layout/base/nsCSSRendering.cpp index 054632ad79..71ebfad224 100644 --- a/layout/base/nsCSSRendering.cpp +++ b/layout/base/nsCSSRendering.cpp @@ -2516,7 +2516,6 @@ nsCSSRendering::PaintGradient(nsPresContext* aPresContext, PROFILER_LABEL("nsCSSRendering", "PaintGradient", js::ProfileEntry::Category::GRAPHICS); - Telemetry::AutoTimer<Telemetry::GRADIENT_DURATION, Telemetry::Microsecond> gradientTimer; if (aDest.IsEmpty() || aFillArea.IsEmpty()) { return; } diff --git a/layout/base/nsDisplayList.cpp b/layout/base/nsDisplayList.cpp index cb55bb2da0..2bf20144a1 100644 --- a/layout/base/nsDisplayList.cpp +++ b/layout/base/nsDisplayList.cpp @@ -7491,9 +7491,6 @@ PaintTelemetry::AutoRecordPaint::~AutoRecordPaint() double totalMs = (TimeStamp::Now() - mStart).ToMilliseconds(); - // Record the total time. - Telemetry::Accumulate(Telemetry::CONTENT_PAINT_TIME, static_cast<uint32_t>(totalMs)); - // If the total time was >= 16ms, then it's likely we missed a frame due to // painting. In this case we'll gather some detailed metrics below. if (totalMs <= 16.0) { @@ -7504,9 +7501,6 @@ PaintTelemetry::AutoRecordPaint::~AutoRecordPaint() MOZ_ASSERT(aDurationMs <= totalMs); uint32_t amount = static_cast<int32_t>((aDurationMs / totalMs) * 100.0); - - nsDependentCString key(aKey); - Telemetry::Accumulate(Telemetry::CONTENT_LARGE_PAINT_PHASE_WEIGHT, key, amount); }; double dlMs = sMetrics[Metric::DisplayList]; diff --git a/layout/base/nsDocumentViewer.cpp b/layout/base/nsDocumentViewer.cpp index 7b87349282..5478c61b00 100644 --- a/layout/base/nsDocumentViewer.cpp +++ b/layout/base/nsDocumentViewer.cpp @@ -1206,11 +1206,8 @@ nsDocumentViewer::PermitUnloadInternal(bool *aShouldPrompt, nsIDocument::PageUnloadingEventTimeStamp timestamp(mDocument); mInPermitUnload = true; - { - Telemetry::AutoTimer<Telemetry::HANDLE_BEFOREUNLOAD_MS> telemetryTimer; - EventDispatcher::DispatchDOMEvent(window, nullptr, event, mPresContext, + EventDispatcher::DispatchDOMEvent(window, nullptr, event, mPresContext, nullptr); - } mInPermitUnload = false; } @@ -1275,7 +1272,6 @@ nsDocumentViewer::PermitUnloadInternal(bool *aShouldPrompt, nsAutoSyncOperation sync(mDocument); mInPermitUnloadPrompt = true; - mozilla::Telemetry::Accumulate(mozilla::Telemetry::ONBEFOREUNLOAD_PROMPT_COUNT, 1); rv = prompt->ConfirmEx(title, message, buttonFlags, leaveLabel, stayLabel, nullptr, nullptr, &dummy, &buttonPressed); @@ -1290,15 +1286,12 @@ nsDocumentViewer::PermitUnloadInternal(bool *aShouldPrompt, // XXX: Are there other cases where prompts can abort? Is it ok to // prevent unloading the page in those cases? if (NS_FAILED(rv)) { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::ONBEFOREUNLOAD_PROMPT_ACTION, 2); *aPermitUnload = false; return NS_OK; } // Button 0 == leave, button 1 == stay *aPermitUnload = (buttonPressed == 0); - mozilla::Telemetry::Accumulate(mozilla::Telemetry::ONBEFOREUNLOAD_PROMPT_ACTION, - (*aPermitUnload ? 1 : 0)); // If the user decided to go ahead, make sure not to prompt the user again // by toggling the internal prompting bool to false: if (*aPermitUnload) { @@ -1393,10 +1386,7 @@ nsDocumentViewer::PageHide(bool aIsUnload) nsIDocument::PageUnloadingEventTimeStamp timestamp(mDocument); - { - Telemetry::AutoTimer<Telemetry::HANDLE_UNLOAD_MS> telemetryTimer; - EventDispatcher::Dispatch(window, mPresContext, &event, nullptr, &status); - } + EventDispatcher::Dispatch(window, mPresContext, &event, nullptr, &status); } #ifdef MOZ_XUL diff --git a/layout/base/nsLayoutUtils.cpp b/layout/base/nsLayoutUtils.cpp index 062fbfe158..d0f790a0be 100644 --- a/layout/base/nsLayoutUtils.cpp +++ b/layout/base/nsLayoutUtils.cpp @@ -3569,8 +3569,6 @@ nsLayoutUtils::PaintFrame(nsRenderingContext* aRenderingContext, nsIFrame* aFram } builder.LeavePresShell(aFrame, &list); - Telemetry::AccumulateTimeDelta(Telemetry::PAINT_BUILD_DISPLAYLIST_TIME, - startBuildDisplayList); bool profilerNeedsDisplayList = profiler_feature_active("displaylistdump"); bool consoleNeedsDisplayList = gfxUtils::DumpDisplayList() || gfxEnv::DumpPaint(); @@ -3651,8 +3649,6 @@ nsLayoutUtils::PaintFrame(nsRenderingContext* aRenderingContext, nsIFrame* aFram TimeStamp paintStart = TimeStamp::Now(); RefPtr<LayerManager> layerManager = list.PaintRoot(&builder, aRenderingContext, flags); - Telemetry::AccumulateTimeDelta(Telemetry::PAINT_RASTERIZE_TIME, - paintStart); if (gfxPrefs::GfxLoggingPaintedPixelCountEnabled()) { TimeStamp now = TimeStamp::Now(); diff --git a/layout/base/nsPresShell.cpp b/layout/base/nsPresShell.cpp index 3e5320c220..88539dc4a5 100644 --- a/layout/base/nsPresShell.cpp +++ b/layout/base/nsPresShell.cpp @@ -1114,17 +1114,6 @@ PresShell::Destroy() if (mPresContext) { const bool mayFlushUserFontSet = false; gfxUserFontSet* fs = mPresContext->GetUserFontSet(mayFlushUserFontSet); - if (fs) { - uint32_t fontCount; - uint64_t fontSize; - fs->GetLoadStatistics(fontCount, fontSize); - Telemetry::Accumulate(Telemetry::WEBFONT_PER_PAGE, fontCount); - Telemetry::Accumulate(Telemetry::WEBFONT_SIZE_PER_PAGE, - uint32_t(fontSize/1024)); - } else { - Telemetry::Accumulate(Telemetry::WEBFONT_PER_PAGE, 0); - Telemetry::Accumulate(Telemetry::WEBFONT_SIZE_PER_PAGE, 0); - } } #ifdef MOZ_REFLOW_PERF @@ -2276,8 +2265,6 @@ PresShell::ScrollPage(bool aForward) nsIScrollableFrame* scrollFrame = GetFrameToScrollAsScrollable(nsIPresShell::eVertical); if (scrollFrame) { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SCROLL_INPUT_METHODS, - (uint32_t) ScrollInputMethod::MainThreadScrollPage); scrollFrame->ScrollBy(nsIntPoint(0, aForward ? 1 : -1), nsIScrollableFrame::PAGES, nsIScrollableFrame::SMOOTH, @@ -2294,9 +2281,6 @@ PresShell::ScrollLine(bool aForward) nsIScrollableFrame* scrollFrame = GetFrameToScrollAsScrollable(nsIPresShell::eVertical); if (scrollFrame) { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SCROLL_INPUT_METHODS, - (uint32_t) ScrollInputMethod::MainThreadScrollLine); - int32_t lineCount = Preferences::GetInt("toolkit.scrollbox.verticalScrollDistance", NS_DEFAULT_VERTICAL_SCROLL_DISTANCE); scrollFrame->ScrollBy(nsIntPoint(0, aForward ? lineCount : -lineCount), @@ -2315,8 +2299,6 @@ PresShell::ScrollCharacter(bool aRight) nsIScrollableFrame* scrollFrame = GetFrameToScrollAsScrollable(nsIPresShell::eHorizontal); if (scrollFrame) { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SCROLL_INPUT_METHODS, - (uint32_t) ScrollInputMethod::MainThreadScrollCharacter); int32_t h = Preferences::GetInt("toolkit.scrollbox.horizontalScrollDistance", NS_DEFAULT_HORIZONTAL_SCROLL_DISTANCE); scrollFrame->ScrollBy(nsIntPoint(aRight ? h : -h, 0), @@ -2335,8 +2317,6 @@ PresShell::CompleteScroll(bool aForward) nsIScrollableFrame* scrollFrame = GetFrameToScrollAsScrollable(nsIPresShell::eVertical); if (scrollFrame) { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SCROLL_INPUT_METHODS, - (uint32_t) ScrollInputMethod::MainThreadCompleteScroll); scrollFrame->ScrollBy(nsIntPoint(0, aForward ? 1 : -1), nsIScrollableFrame::WHOLE, nsIScrollableFrame::SMOOTH, @@ -8231,16 +8211,6 @@ PresShell::HandleEventInternal(WidgetEvent* aEvent, } } - if (Telemetry::CanRecordBase() && - !aEvent->mTimeStamp.IsNull() && - aEvent->AsInputEvent()) { - double millis = (TimeStamp::Now() - aEvent->mTimeStamp).ToMilliseconds(); - Telemetry::Accumulate(Telemetry::INPUT_EVENT_RESPONSE_MS, millis); - if (mDocument && mDocument->GetReadyStateEnum() != nsIDocument::READYSTATE_COMPLETE) { - Telemetry::Accumulate(Telemetry::LOAD_INPUT_EVENT_RESPONSE_MS, millis); - } - } - return rv; } @@ -9522,16 +9492,6 @@ PresShell::ProcessReflowCommands(bool aInterruptible) UnsuppressAndInvalidate(); } - if (mDocument->GetRootElement()) { - TimeDuration elapsed = TimeStamp::Now() - timerStart; - int32_t intElapsed = int32_t(elapsed.ToMilliseconds()); - - if (intElapsed > NS_LONG_REFLOW_TIME_MS) { - Telemetry::Accumulate(Telemetry::LONG_REFLOW_INTERRUPTIBLE, - aInterruptible ? 1 : 0); - } - } - return !interrupted; } diff --git a/layout/base/nsRefreshDriver.cpp b/layout/base/nsRefreshDriver.cpp index 6676bea977..bc1a27852b 100644 --- a/layout/base/nsRefreshDriver.cpp +++ b/layout/base/nsRefreshDriver.cpp @@ -526,10 +526,6 @@ private: if (XRE_IsParentProcess()) { TimeDuration vsyncLatency = TimeStamp::Now() - aVsyncTimestamp; uint32_t sample = (uint32_t)vsyncLatency.ToMilliseconds(); - Telemetry::Accumulate(Telemetry::FX_REFRESH_DRIVER_CHROME_FRAME_DELAY_MS, - sample); - Telemetry::Accumulate(Telemetry::FX_REFRESH_DRIVER_SYNC_SCROLL_FRAME_DELAY_MS, - sample); RecordJank(sample); } else if (mVsyncRate != TimeDuration::Forever()) { TimeDuration contentDelay = (TimeStamp::Now() - mLastChildTick) - mVsyncRate; @@ -539,10 +535,6 @@ private: contentDelay = TimeDuration::FromMilliseconds(0); } uint32_t sample = (uint32_t)contentDelay.ToMilliseconds(); - Telemetry::Accumulate(Telemetry::FX_REFRESH_DRIVER_CONTENT_FRAME_DELAY_MS, - sample); - Telemetry::Accumulate(Telemetry::FX_REFRESH_DRIVER_SYNC_SCROLL_FRAME_DELAY_MS, - sample); RecordJank(sample); } else { // Request the vsync rate from the parent process. Might be a few vsyncs @@ -2027,10 +2019,6 @@ nsRefreshDriver::Tick(int64_t aNowEpoch, TimeStamp aNowTime) notifyGC = true; } -#ifndef ANDROID /* bug 1142079 */ - mozilla::Telemetry::AccumulateTimeDelta(mozilla::Telemetry::REFRESH_DRIVER_TICK, mTickStart); -#endif - nsTObserverArray<nsAPostRefreshObserver*>::ForwardIterator iter(mPostRefreshObservers); while (iter.HasMore()) { nsAPostRefreshObserver* observer = iter.GetNext(); diff --git a/layout/forms/nsNumberControlFrame.cpp b/layout/forms/nsNumberControlFrame.cpp index 74dec2bea8..9724109cb1 100644 --- a/layout/forms/nsNumberControlFrame.cpp +++ b/layout/forms/nsNumberControlFrame.cpp @@ -430,6 +430,8 @@ nsNumberControlFrame::CreateAnonymousContent(nsTArray<ContentInfo>& aElements) nsContentUtils::AddScriptRunner(focusJob); } + SyncDisabledState(); + if (StyleDisplay()->mAppearance == NS_THEME_TEXTFIELD) { // The author has elected to hide the spinner by setting this // -moz-appearance. We will reframe if it changes. @@ -461,8 +463,6 @@ nsNumberControlFrame::CreateAnonymousContent(nsTArray<ContentInfo>& aElements) CSSPseudoElementType::mozNumberSpinDown, spinBoxCI.mStyleContext); - SyncDisabledState(); - return rv; } diff --git a/layout/generic/ReflowInput.cpp b/layout/generic/ReflowInput.cpp index a8756cea2d..bbff77ad47 100644 --- a/layout/generic/ReflowInput.cpp +++ b/layout/generic/ReflowInput.cpp @@ -154,11 +154,6 @@ FontSizeInflationListMarginAdjustment(const nsIFrame* aFrame) return 0; } -// NOTE: If we ever want to use SizeComputationInput for a flex item or a -// grid item, we need to make it take the containing-block block-size as -// well as the inline-size, since flex items and grid items resolve -// block-direction percent margins and padding against the -// containing-block block-size, rather than its inline-size. SizeComputationInput::SizeComputationInput(nsIFrame *aFrame, nsRenderingContext *aRenderingContext, WritingMode aContainingBlockWritingMode, @@ -167,16 +162,9 @@ SizeComputationInput::SizeComputationInput(nsIFrame *aFrame, , mRenderingContext(aRenderingContext) , mWritingMode(aFrame->GetWritingMode()) { - MOZ_ASSERT(!aFrame->IsFlexOrGridItem(), - "We're about to resolve percent margin & padding " - "values against CB inline size, which is incorrect for " - "flex/grid items. " - "Additionally for grid items, this path doesn't handle baseline " - "padding contribution - see SizeComputationInput::InitOffsets"); - LogicalSize cbSize(aContainingBlockWritingMode, aContainingBlockISize, - aContainingBlockISize); ReflowInputFlags flags; - InitOffsets(aContainingBlockWritingMode, cbSize, mFrame->GetType(), flags); + InitOffsets(aContainingBlockWritingMode, aContainingBlockISize, + mFrame->GetType(), flags); } // Initialize a reflow state for a child frame's reflow. Some state @@ -2132,27 +2120,6 @@ IsSideCaption(nsIFrame* aFrame, const nsStyleDisplay* aStyleDisplay, captionSide == NS_STYLE_CAPTION_SIDE_RIGHT; } -// Flex/grid items resolve block-axis percentage margin & padding against the -// containing block block-size (also for abs/fixed-pos child frames). -// For everything else: the CSS21 spec requires that margin and padding -// percentage values are calculated with respect to the inline-size of the -// containing block, even for margin & padding in the block axis. -static LogicalSize -OffsetPercentBasis(const nsIFrame* aFrame, - WritingMode aWM, - const LogicalSize& aContainingBlockSize) -{ - LogicalSize offsetPercentBasis = aContainingBlockSize; - if (MOZ_LIKELY(!aFrame->GetParent() || - !aFrame->GetParent()->IsFlexOrGridContainer())) { - offsetPercentBasis.BSize(aWM) = offsetPercentBasis.ISize(aWM); - } else if (offsetPercentBasis.BSize(aWM) == NS_AUTOHEIGHT) { - offsetPercentBasis.BSize(aWM) = 0; - } - - return offsetPercentBasis; -} - // XXX refactor this code to have methods for each set of properties // we are computing: width,height,line-height; margin; offsets @@ -2173,7 +2140,7 @@ ReflowInput::InitConstraints(nsPresContext* aPresContext, // height equal to the available space if (nullptr == mParentReflowInput || mFlags.mDummyParentReflowInput) { // XXXldb This doesn't mean what it used to! - InitOffsets(wm, OffsetPercentBasis(mFrame, wm, aContainingBlockSize), + InitOffsets(wm, aContainingBlockSize.ISize(wm), aFrameType, mFlags, aBorder, aPadding); // Override mComputedMargin since reflow roots start from the // frame's boundary, which is inside the margin. @@ -2230,8 +2197,7 @@ ReflowInput::InitConstraints(nsPresContext* aPresContext, // For calculating positioning offsets, margins, borders and // padding, we use the writing mode of the containing block WritingMode cbwm = cbrs->GetWritingMode(); - InitOffsets(cbwm, OffsetPercentBasis(mFrame, cbwm, - cbSize.ConvertTo(cbwm, wm)), + InitOffsets(cbwm, cbSize.ConvertTo(cbwm, wm).ISize(cbwm), aFrameType, mFlags, aBorder, aPadding); // For calculating the size of this box, we use its own writing mode @@ -2505,7 +2471,7 @@ UpdateProp(FrameProperties& aProps, void SizeComputationInput::InitOffsets(WritingMode aWM, - const LogicalSize& aPercentBasis, + nscoord aPercentBasis, nsIAtom* aFrameType, ReflowInputFlags aFlags, const nsMargin* aBorder, @@ -2876,7 +2842,7 @@ ReflowInput::CalcLineHeight(nsIContent* aContent, bool SizeComputationInput::ComputeMargin(WritingMode aWM, - const LogicalSize& aPercentBasis) + nscoord aPercentBasis) { // SVG text frames have no margin. if (mFrame->IsSVGText()) { @@ -2893,17 +2859,17 @@ SizeComputationInput::ComputeMargin(WritingMode aWM, // (http://dev.w3.org/csswg/css-writing-modes-3/#orthogonal-flows) LogicalMargin m(aWM); m.IStart(aWM) = nsLayoutUtils:: - ComputeCBDependentValue(aPercentBasis.ISize(aWM), + ComputeCBDependentValue(aPercentBasis, styleMargin->mMargin.GetIStart(aWM)); m.IEnd(aWM) = nsLayoutUtils:: - ComputeCBDependentValue(aPercentBasis.ISize(aWM), + ComputeCBDependentValue(aPercentBasis, styleMargin->mMargin.GetIEnd(aWM)); m.BStart(aWM) = nsLayoutUtils:: - ComputeCBDependentValue(aPercentBasis.BSize(aWM), + ComputeCBDependentValue(aPercentBasis, styleMargin->mMargin.GetBStart(aWM)); m.BEnd(aWM) = nsLayoutUtils:: - ComputeCBDependentValue(aPercentBasis.BSize(aWM), + ComputeCBDependentValue(aPercentBasis, styleMargin->mMargin.GetBEnd(aWM)); SetComputedLogicalMargin(aWM, m); @@ -2924,7 +2890,7 @@ SizeComputationInput::ComputeMargin(WritingMode aWM, bool SizeComputationInput::ComputePadding(WritingMode aWM, - const LogicalSize& aPercentBasis, + nscoord aPercentBasis, nsIAtom* aFrameType) { // If style can provide us the padding directly, then use it. @@ -2945,17 +2911,17 @@ SizeComputationInput::ComputePadding(WritingMode aWM, // clamp negative calc() results to 0 LogicalMargin p(aWM); p.IStart(aWM) = std::max(0, nsLayoutUtils:: - ComputeCBDependentValue(aPercentBasis.ISize(aWM), + ComputeCBDependentValue(aPercentBasis, stylePadding->mPadding.GetIStart(aWM))); p.IEnd(aWM) = std::max(0, nsLayoutUtils:: - ComputeCBDependentValue(aPercentBasis.ISize(aWM), + ComputeCBDependentValue(aPercentBasis, stylePadding->mPadding.GetIEnd(aWM))); p.BStart(aWM) = std::max(0, nsLayoutUtils:: - ComputeCBDependentValue(aPercentBasis.BSize(aWM), + ComputeCBDependentValue(aPercentBasis, stylePadding->mPadding.GetBStart(aWM))); p.BEnd(aWM) = std::max(0, nsLayoutUtils:: - ComputeCBDependentValue(aPercentBasis.BSize(aWM), + ComputeCBDependentValue(aPercentBasis, stylePadding->mPadding.GetBEnd(aWM))); SetComputedLogicalPadding(aWM, p); diff --git a/layout/generic/ReflowInput.h b/layout/generic/ReflowInput.h index 09c980b728..1d2df6af68 100644 --- a/layout/generic/ReflowInput.h +++ b/layout/generic/ReflowInput.h @@ -245,7 +245,7 @@ public: static void* DisplayInitOffsetsEnter( nsIFrame* aFrame, SizeComputationInput* aState, - const mozilla::LogicalSize& aPercentBasis, + nscoord aPercentBasis, const nsMargin* aBorder, const nsMargin* aPadding); static void DisplayInitOffsetsExit(nsIFrame* aFrame, @@ -260,19 +260,12 @@ private: * * @param aWM Writing mode of the containing block * @param aPercentBasis - * Logical size in the writing mode of the containing block to use - * for resolving percentage margin values in the inline and block - * axes. - * The inline size is usually the containing block inline-size - * (width if writing mode is horizontal, and height if vertical). - * The block size is usually the containing block inline-size, per - * CSS21 sec 8.3 (read in conjunction with CSS Writing Modes sec - * 7.2), but may be the containing block block-size, e.g. in CSS3 - * Flexbox and Grid. + * Inline size of the containing block (in its own writing mode), to use + * for resolving percentage margin values in the inline and block axes. * @return true if the margin is dependent on the containing block size. */ bool ComputeMargin(mozilla::WritingMode aWM, - const mozilla::LogicalSize& aPercentBasis); + nscoord aPercentBasis); /** * Computes padding values from the specified padding style information, and @@ -280,25 +273,18 @@ private: * * @param aWM Writing mode of the containing block * @param aPercentBasis - * Logical size in the writing mode of the containing block to use - * for resolving percentage padding values in the inline and block - * axes. - * The inline size is usually the containing block inline-size - * (width if writing mode is horizontal, and height if vertical). - * The block size is usually the containing block inline-size, per - * CSS21 sec 8.3 (read in conjunction with CSS Writing Modes sec - * 7.2), but may be the containing block block-size, e.g. in CSS3 - * Flexbox and Grid. + * Inline size of the containing block (in its own writing mode), to use + * for resolving percentage padding values in the inline and block axes. * @return true if the padding is dependent on the containing block size. */ bool ComputePadding(mozilla::WritingMode aWM, - const mozilla::LogicalSize& aPercentBasis, + nscoord aPercentBasis, nsIAtom* aFrameType); protected: void InitOffsets(mozilla::WritingMode aWM, - const mozilla::LogicalSize& aPercentBasis, + nscoord aPercentBasis, nsIAtom* aFrameType, ReflowInputFlags aFlags, const nsMargin* aBorder = nullptr, diff --git a/layout/generic/nsFrame.cpp b/layout/generic/nsFrame.cpp index 418fa16b7a..fa5b24d402 100644 --- a/layout/generic/nsFrame.cpp +++ b/layout/generic/nsFrame.cpp @@ -10289,8 +10289,8 @@ DR_init_constraints_cookie::~DR_init_constraints_cookie() DR_init_offsets_cookie::DR_init_offsets_cookie( nsIFrame* aFrame, - SizeComputationInput* aState, - const LogicalSize& aPercentBasis, + SizeComputationInput* aState, + nscoord aPercentBasis, const nsMargin* aMargin, const nsMargin* aPadding) : mFrame(aFrame) @@ -11243,7 +11243,7 @@ ReflowInput::DisplayInitConstraintsExit(nsIFrame* aFrame, /* static */ void* SizeComputationInput::DisplayInitOffsetsEnter(nsIFrame* aFrame, SizeComputationInput* aState, - const LogicalSize& aPercentBasis, + nscoord aPercentBasis, const nsMargin* aBorder, const nsMargin* aPadding) { @@ -11258,12 +11258,10 @@ SizeComputationInput::DisplayInitOffsetsEnter(nsIFrame* aFrame, if (treeNode && treeNode->mDisplay) { DR_state->DisplayFrameTypeInfo(aFrame, treeNode->mIndent); - char horizPctBasisStr[16]; - char vertPctBasisStr[16]; + char pctBasisStr[16]; WritingMode wm = aState->GetWritingMode(); - DR_state->PrettyUC(aPercentBasis.ISize(wm), horizPctBasisStr, 16); - DR_state->PrettyUC(aPercentBasis.BSize(wm), vertPctBasisStr, 16); - printf("InitOffsets pct_basis=%s,%s", horizPctBasisStr, vertPctBasisStr); + DR_state->PrettyUC(aPercentBasis, pctBasisStr, 16); + printf("InitOffsets pct_basis=%s", pctBasisStr); DR_state->PrintMargin("b", aBorder); DR_state->PrintMargin("p", aPadding); diff --git a/layout/generic/nsFrame.h b/layout/generic/nsFrame.h index f996f57d71..af1c95ef29 100644 --- a/layout/generic/nsFrame.h +++ b/layout/generic/nsFrame.h @@ -845,7 +845,7 @@ public: struct DR_init_offsets_cookie { DR_init_offsets_cookie(nsIFrame* aFrame, mozilla::SizeComputationInput* aState, - const mozilla::LogicalSize& aPercentBasis, + nscoord aPercentBasis, const nsMargin* aBorder, const nsMargin* aPadding); ~DR_init_offsets_cookie(); diff --git a/layout/generic/nsSelection.cpp b/layout/generic/nsSelection.cpp index a2227c39c3..ec0fba3087 100644 --- a/layout/generic/nsSelection.cpp +++ b/layout/generic/nsSelection.cpp @@ -2201,8 +2201,6 @@ nsFrameSelection::CommonPageMove(bool aForward, return; // scroll one page - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SCROLL_INPUT_METHODS, - (uint32_t) ScrollInputMethod::MainThreadScrollPage); aScrollableFrame->ScrollBy(nsIntPoint(0, aForward ? 1 : -1), nsIScrollableFrame::PAGES, nsIScrollableFrame::SMOOTH); @@ -6202,11 +6200,6 @@ Selection::ScrollIntoView(SelectionRegion aRegion, flags |= nsIPresShell::SCROLL_OVERFLOW_HIDDEN; } - if (aFlags & Selection::SCROLL_FOR_CARET_MOVE) { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SCROLL_INPUT_METHODS, - (uint32_t) ScrollInputMethod::MainThreadScrollCaretIntoView); - } - presShell->ScrollFrameRectIntoView(frame, rect, aVertical, aHorizontal, flags); return NS_OK; diff --git a/layout/reftests/css-grid/grid-auto-min-sizing-definite-001-ref.html b/layout/reftests/css-grid/grid-auto-min-sizing-definite-001-ref.html index a0d9180a22..8858b4ea8f 100644 --- a/layout/reftests/css-grid/grid-auto-min-sizing-definite-001-ref.html +++ b/layout/reftests/css-grid/grid-auto-min-sizing-definite-001-ref.html @@ -62,40 +62,31 @@ b40 { z-index: 1; position:relative; } -w { - position:absolute; - background: lime; - border-width: 1px 0 0 3px; - border-style: solid; - height:48px; - width:75px; -} -.v > w { - border-width: 3px 0 0 1px; - left:-1px; top:-3px; - height:53px; - width:61px; -} -.h.r { margin-left:19px; padding: 1px 15px 37px 30px; } -.v .h > w { - height:48px; - width:45px; -} -.v.r > w { - height:53px; - width:61px; +.h.r { + height: 42px; + width: 42px; + /* This margin-left is 20% of 98px-wide grid area */ + margin-left: 19.6px; + /* This padding-bottom is 10% of 98px wide grid area */ + /* This padding-left is 30% of 98px wide grid area */ + padding: 1px 3px 9.8px 29.4px; } -.v .v > w { - height:41px; - width:45px; +.v.r { + height: 42px; + width: 42px; + /* This margin-left is 20% of 54px-wide grid area */ + margin-left: 10.8px; + /* This padding-bottom is 10% of 54px wide grid area */ + /* This padding-left is 30% of 54px wide grid area */ + padding: 1px 3px 5.4px 16.2px; } .r { position:relative; } .t6 { width:46px; } -.t8 { width:118px; } +.t8 { width:118px; height: 102.5px; } -xx { +xx { display: block; background: lime; padding:32px 32px 16px 32px; @@ -114,7 +105,7 @@ xx { <div class="grid"><span class="v"><x></x></span></div> <div class="grid t6"><span class="v bb"><x></x></span></div> <div class="grid"><span class="v"><x></x></span><span class="v"><x></x></span></div> -<div class="grid t8"><span class="v r"><w></w><b40></b40></span></div> +<div class="grid t8"><span class="v r"><b40></b40></span></div> <div class="grid"><xx class="v"></xx></div> <div class="grid v"><xx class="h"></xx></div> diff --git a/layout/reftests/css-grid/grid-item-sizing-percent-001-ref.html b/layout/reftests/css-grid/grid-item-sizing-percent-001-ref.html index 3a7f2d6bb0..4996f8b9c1 100644 --- a/layout/reftests/css-grid/grid-item-sizing-percent-001-ref.html +++ b/layout/reftests/css-grid/grid-item-sizing-percent-001-ref.html @@ -30,8 +30,8 @@ body,html { color:black; background:white; font-size:16px; padding:0; margin:0; } .p { padding:2px 3px; } .m { margin:2px 3px; } -.c1.p,.c2.p { padding:5px 9px; } -.c1.m,.c2.m { margin:5px 9px; } +.c1.p,.c2.p { padding:6px 9px; } +.c1.m,.c2.m { margin:6px 9px; } .b { border:solid black; } #t1 { width:50px; height: 20px; } diff --git a/layout/reftests/css-grid/grid-item-sizing-percent-001.html b/layout/reftests/css-grid/grid-item-sizing-percent-001.html index cc5948968c..960247592f 100644 --- a/layout/reftests/css-grid/grid-item-sizing-percent-001.html +++ b/layout/reftests/css-grid/grid-item-sizing-percent-001.html @@ -48,8 +48,8 @@ body,html { color:black; background:white; font-size:16px; padding:0; margin:0; box-sizing: border-box; } -.p { padding:10% 6%; } -.m { margin:10% 6%; } +.p { padding:4% 6%; } +.m { margin:4% 6%; } .b { border:solid black; } </style> diff --git a/layout/reftests/css-grid/grid-item-sizing-px-001.html b/layout/reftests/css-grid/grid-item-sizing-px-001.html index a004365fc2..7e58d831d3 100644 --- a/layout/reftests/css-grid/grid-item-sizing-px-001.html +++ b/layout/reftests/css-grid/grid-item-sizing-px-001.html @@ -46,8 +46,8 @@ body,html { color:black; background:white; font-size:16px; padding:0; margin:0; .p { padding:2px 3px; } .m { margin:2px 3px; } -.c1.p,.c2.p { padding:5px 9px; } -.c1.m,.c2.m { margin:5px 9px; } +.c1.p,.c2.p { padding:6px 9px; } +.c1.m,.c2.m { margin:6px 9px; } .b { border:solid black; } </style> diff --git a/layout/reftests/css-grid/reftest.list b/layout/reftests/css-grid/reftest.list index 093e2faee2..c2ee57c1a1 100644 --- a/layout/reftests/css-grid/reftest.list +++ b/layout/reftests/css-grid/reftest.list @@ -45,7 +45,7 @@ skip-if(Android) fuzzy-if(winWidget,1,32) == grid-placement-auto-implicit-001.ht == vrl-grid-placement-auto-row-sparse-001.html vrl-grid-placement-auto-row-sparse-001-ref.html == grid-relpos-items-001.html grid-relpos-items-001-ref.html == grid-item-sizing-percent-001.html grid-item-sizing-percent-001-ref.html -== grid-item-sizing-percent-002.html grid-item-sizing-percent-002-ref.html +fails == grid-item-sizing-percent-002.html grid-item-sizing-percent-002-ref.html # bug 1434397 == grid-item-sizing-percent-003.html grid-item-sizing-percent-003-ref.html == grid-item-sizing-percent-004.html grid-item-sizing-percent-004-ref.html == grid-item-sizing-px-001.html grid-item-sizing-percent-001-ref.html diff --git a/layout/reftests/w3c-css/submitted/flexbox/flexbox-mbp-horiz-004-ref.xhtml b/layout/reftests/w3c-css/submitted/flexbox/flexbox-mbp-horiz-004-ref.xhtml index 00db4823e3..beefa0abfe 100644 --- a/layout/reftests/w3c-css/submitted/flexbox/flexbox-mbp-horiz-004-ref.xhtml +++ b/layout/reftests/w3c-css/submitted/flexbox/flexbox-mbp-horiz-004-ref.xhtml @@ -4,8 +4,7 @@ http://creativecommons.org/publicdomain/zero/1.0/ --> <!-- Reference case - identical to the testcase, but with with the flex items' - vertical margin and padding values set to 0 by default, and then set to - specific pixel values for the items that have a 50px percent-basis. + margin and padding values set to explicit pixel values. --> <html xmlns="http://www.w3.org/1999/xhtml"> <head> @@ -21,27 +20,10 @@ } div.height50 { height: 50px; } - .marginA { margin: 0 8% 0 4%; } - .marginB { margin: 0 10% 0 14%; } - .paddingA { padding: 0 6% 0 2%; } - .paddingB { padding: 0 8% 0 12%; } - - div.height50 > .marginA { - margin-top: 5px; - margin-bottom: 3px; - } - div.height50 > .marginB { - margin-top: 4px; - margin-bottom: 6px; - } - div.height50 > .paddingA { - padding-top: 4px; - padding-bottom: 2px; - } - div.height50 > .paddingB { - padding-top: 3px; - padding-bottom: 5px; - } + .marginA { margin: 20px 16px 12px 8px; } + .marginB { margin: 16px 20px 24px 28px; } + .paddingA { padding: 16px 12px 8px 4px; } + .paddingB { padding: 12px 16px 20px 24px; } div.child1 { flex: none; diff --git a/layout/reftests/w3c-css/submitted/flexbox/flexbox-mbp-horiz-004.xhtml b/layout/reftests/w3c-css/submitted/flexbox/flexbox-mbp-horiz-004.xhtml index 545e54f71d..b513253fd1 100644 --- a/layout/reftests/w3c-css/submitted/flexbox/flexbox-mbp-horiz-004.xhtml +++ b/layout/reftests/w3c-css/submitted/flexbox/flexbox-mbp-horiz-004.xhtml @@ -3,19 +3,17 @@ Any copyright is dedicated to the Public Domain. http://creativecommons.org/publicdomain/zero/1.0/ --> -<!-- Testcase with percent-valued padding and/or margin on flex items. The spec - says that percentage values on padding/margin-top and -bottom should be - resolved against the flex container's height (not its width, as would - be the case in a block). +<!-- Testcase with percent-valued padding and/or margin on flex items. + The spec allows these to be resolved against the flex container's + inline size (regardless of which axis the percent padding/margin is in). --> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>CSS Test: Testing percent-valued padding and margin on flex items</title> <link rel="author" title="Daniel Holbert" href="mailto:dholbert@mozilla.com"/> - <link rel="help" href="http://www.w3.org/TR/css-flexbox-1/#layout-algorithm"/> + <link rel="help" href="https://www.w3.org/TR/css-flexbox-1/#item-margins"/> <link rel="match" href="flexbox-mbp-horiz-004-ref.xhtml"/> <style> - div { border: 0; } div.flexbox { width: 200px; display: flex; @@ -52,8 +50,9 @@ </style> </head> <body> - <!-- Flex container is auto-height - vertical margin and padding should - resolve to 0, since they don't have anything to resolve % against. --> + <!-- Flex container is auto-height - this shouldn't impact percent + margin/padding resolution, since they resolve against container's + inline-size, i.e. its width in this case. --> <div class="flexbox" ><div class="child1 paddingA"><div class="filler"/></div ><div class="child2 paddingB"><div class="filler"/></div @@ -61,8 +60,9 @@ ><div class="child2 marginB"></div ></div> - <!-- Flex container has height: 50px - vertical margin and padding should - resolve % values against that. --> + <!-- Flex container has height: 50px - again, this shouldn't impact percent + margin/padding resolution, since they resolve against container's + inline-size, i.e. its width in this case. --> <div class="flexbox height50" ><div class="child1 paddingA"><div class="filler"/></div ><div class="child2 paddingB"><div class="filler"/></div diff --git a/layout/style/FontFaceSet.cpp b/layout/style/FontFaceSet.cpp index 550a7d71a3..1645adfefe 100644 --- a/layout/style/FontFaceSet.cpp +++ b/layout/style/FontFaceSet.cpp @@ -1762,18 +1762,10 @@ FontFaceSet::UserFontSet::RecordFontLoadDone(uint32_t aFontSize, { mDownloadCount++; mDownloadSize += aFontSize; - Telemetry::Accumulate(Telemetry::WEBFONT_SIZE, aFontSize / 1024); if (!mFontFaceSet) { return; } - - TimeStamp navStart = mFontFaceSet->GetNavigationStartTimeStamp(); - TimeStamp zero; - if (navStart != zero) { - Telemetry::AccumulateTimeDelta(Telemetry::WEBFONT_DOWNLOAD_TIME_AFTER_START, - navStart, aDoneTime); - } } /* virtual */ nsresult diff --git a/layout/style/nsFontFaceLoader.cpp b/layout/style/nsFontFaceLoader.cpp index f5a0a9f347..3082bbf873 100644 --- a/layout/style/nsFontFaceLoader.cpp +++ b/layout/style/nsFontFaceLoader.cpp @@ -205,7 +205,6 @@ nsFontFaceLoader::OnStreamComplete(nsIStreamLoader* aLoader, TimeStamp doneTime = TimeStamp::Now(); TimeDuration downloadTime = doneTime - mStartTime; uint32_t downloadTimeMS = uint32_t(downloadTime.ToMilliseconds()); - Telemetry::Accumulate(Telemetry::WEBFONT_DOWNLOAD_TIME, downloadTimeMS); if (GetFontDisplay() == NS_FONT_DISPLAY_FALLBACK) { uint32_t loadTimeout = GetFallbackDelay(); diff --git a/layout/xul/nsScrollbarButtonFrame.cpp b/layout/xul/nsScrollbarButtonFrame.cpp index 206d9717f6..ff757a65fd 100644 --- a/layout/xul/nsScrollbarButtonFrame.cpp +++ b/layout/xul/nsScrollbarButtonFrame.cpp @@ -171,9 +171,6 @@ nsScrollbarButtonFrame::HandleButtonPress(nsPresContext* aPresContext, return false; } - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SCROLL_INPUT_METHODS, - (uint32_t) ScrollInputMethod::MainThreadScrollbarButtonClick); - if (!m) { sb->MoveToNewPosition(); if (!weakFrame.IsAlive()) { diff --git a/layout/xul/nsSliderFrame.cpp b/layout/xul/nsSliderFrame.cpp index 8e083f20ca..3c1f9ef912 100644 --- a/layout/xul/nsSliderFrame.cpp +++ b/layout/xul/nsSliderFrame.cpp @@ -529,9 +529,6 @@ nsSliderFrame::HandleEvent(nsPresContext* aPresContext, return NS_OK; } - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SCROLL_INPUT_METHODS, - (uint32_t) ScrollInputMethod::MainThreadScrollbarDrag); - // take our current position and subtract the start location pos -= mDragStart; bool isMouseOutsideThumb = false; @@ -598,9 +595,6 @@ nsSliderFrame::HandleEvent(nsPresContext* aPresContext, nsSize thumbSize = thumbFrame->GetSize(); nscoord thumbLength = isHorizontal ? thumbSize.width : thumbSize.height; - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SCROLL_INPUT_METHODS, - (uint32_t) ScrollInputMethod::MainThreadScrollbarTrackClick); - // set it nsWeakFrame weakFrame(this); // should aMaySnap be true here? diff --git a/media/ffvpx/README_MCP b/media/ffvpx/README_MCP index 4555e08da6..5ed4d8d943 100644 --- a/media/ffvpx/README_MCP +++ b/media/ffvpx/README_MCP @@ -7,10 +7,6 @@ Currently, we only use the vp8 and vp9 portion of the library, and only on x86 based platforms. If this changes, configuration files will most likely need to be updated. -AVX2 must be disabled on Linux 32 bits due to the use of yasm 1.1 on the build bots. -Once yasm is upgraded to 1.2 or later, AVX2 code could be re-enabled. -Add --disable-avx2 to configure on those platforms. - configuration files were generated as follow using the configure script: ./configure --disable-everything --disable-protocols --disable-demuxers --disable-muxers --disable-filters --disable-programs --disable-doc --disable-parsers --enable-parser=vp8 --enable-parser=vp9 --enable-decoder=vp8 --enable-decoder=vp9 --disable-static --enable-shared --disable-debug --disable-sdl2 --disable-libxcb --disable-securetransport --disable-iconv --disable-swresample --disable-swscale --disable-avdevice --disable-avfilter --disable-avformat --disable-d3d11va --disable-dxva2 --disable-vaapi --disable-vda --disable-vdpau --disable-videotoolbox --enable-decoder=flac --enable-asm --enable-x86asm @@ -18,13 +14,12 @@ config*: replace: /HAVE_(MALLOC_H|ARC4RANDOM|LOCALTIME_R|MEMALIGN|POSIX_MEMALIGN)/d config_darwin32.h: -add to configure command: --disable-asm --disable-yasm --cc='clang -m32' +add to configure command: --disable-asm --disable-x86asm --cc='clang -m32' config_unix32.h: add to configure command: --disable-asm --disable-x86asm --cc='clang -m32' replace: s/HAVE_SYSCTL 1/HAVE_SYSCTL 0/ and s/HAVE_MEMALIGN 1/HAVE_MEMALIGN 0/ and s/HAVE_POSIX_MEMALIGN 1/HAVE_POSIX_MEMALIGN 0/ - config_unix32.h/config_unix64.h/config_unix64.asm: replace: s/HAVE_SYSCTL 1/HAVE_SYSCTL 0 diff --git a/media/libstagefright/binding/Index.cpp b/media/libstagefright/binding/Index.cpp index 9d6ab5028b..eb039b5d61 100644 --- a/media/libstagefright/binding/Index.cpp +++ b/media/libstagefright/binding/Index.cpp @@ -143,6 +143,11 @@ already_AddRefed<MediaRawData> SampleIterator::GetNext() writer->mCrypto.mValid = true; writer->mCrypto.mIVSize = ivSize; + CencSampleEncryptionInfoEntry* sampleInfo = GetSampleEncryptionEntry(); + if (sampleInfo) { + writer->mCrypto.mKeyId.AppendElements(sampleInfo->mKeyId); + } + if (!reader.ReadArray(writer->mCrypto.mIV, ivSize)) { return nullptr; } @@ -170,6 +175,65 @@ already_AddRefed<MediaRawData> SampleIterator::GetNext() return sample.forget(); } +CencSampleEncryptionInfoEntry* SampleIterator::GetSampleEncryptionEntry() +{ + nsTArray<Moof>& moofs = mIndex->mMoofParser->Moofs(); + Moof* currentMoof = &moofs[mCurrentMoof]; + SampleToGroupEntry* sampleToGroupEntry = nullptr; + + // Default to using the sample to group entries for the fragment, otherwise + // fall back to the sample to group entries for the track. + nsTArray<SampleToGroupEntry>* sampleToGroupEntries = + currentMoof->mFragmentSampleToGroupEntries.Length() != 0 + ? ¤tMoof->mFragmentSampleToGroupEntries + : &mIndex->mMoofParser->mTrackSampleToGroupEntries; + + uint32_t seen = 0; + + for (SampleToGroupEntry& entry : *sampleToGroupEntries) { + if (seen + entry.mSampleCount > mCurrentSample) { + sampleToGroupEntry = &entry; + break; + } + seen += entry.mSampleCount; + } + + // ISO-14496-12 Section 8.9.2.3 and 8.9.4 : group description index + // (1) ranges from 1 to the number of sample group entries in the track + // level SampleGroupDescription Box, or (2) takes the value 0 to + // indicate that this sample is a member of no group, in this case, the + // sample is associated with the default values specified in + // TrackEncryption Box, or (3) starts at 0x10001, i.e. the index value + // 1, with the value 1 in the top 16 bits, to reference fragment-local + // SampleGroupDescription Box. + + // According to the spec, ISO-14496-12, the sum of the sample counts in this + // box should be equal to the total number of samples, and, if less, the + // reader should behave as if an extra SampleToGroupEntry existed, with + // groupDescriptionIndex 0. + + if (!sampleToGroupEntry || sampleToGroupEntry->mGroupDescriptionIndex == 0) { + return nullptr; + } + + nsTArray<CencSampleEncryptionInfoEntry>* entries = + &mIndex->mMoofParser->mTrackSampleEncryptionInfoEntries; + + uint32_t groupIndex = sampleToGroupEntry->mGroupDescriptionIndex; + + // If the first bit is set to a one, then we should use the sample group + // descriptions from the fragment. + if (groupIndex > SampleToGroupEntry::kFragmentGroupDescriptionIndexBase) { + groupIndex -= SampleToGroupEntry::kFragmentGroupDescriptionIndexBase; + entries = ¤tMoof->mFragmentSampleEncryptionInfoEntries; + } + + // The group_index is one based. + return groupIndex > entries->Length() + ? nullptr + : &entries->ElementAt(groupIndex - 1); +} + Sample* SampleIterator::Get() { if (!mIndex->mMoofParser) { diff --git a/media/libstagefright/binding/MoofParser.cpp b/media/libstagefright/binding/MoofParser.cpp index ced054282d..771be34281 100644 --- a/media/libstagefright/binding/MoofParser.cpp +++ b/media/libstagefright/binding/MoofParser.cpp @@ -27,6 +27,8 @@ namespace mp4_demuxer using namespace stagefright; using namespace mozilla; +const uint32_t kKeyIdSize = 16; + bool MoofParser::RebuildFragmentedIndex(const MediaByteRangeSet& aByteRanges) { @@ -330,6 +332,18 @@ MoofParser::ParseStbl(Box& aBox) for (Box box = aBox.FirstChild(); box.IsAvailable(); box = box.Next()) { if (box.IsType("stsd")) { ParseStsd(box); + } else if (box.IsType("sgpd")) { + Sgpd sgpd(box); + if (sgpd.IsValid() && sgpd.mGroupingType == "seig") { + mTrackSampleEncryptionInfoEntries.Clear(); + mTrackSampleEncryptionInfoEntries.AppendElements(sgpd.mEntries); + } + } else if (box.IsType("sbgp")) { + Sbgp sbgp(box); + if (sbgp.IsValid() && sbgp.mGroupingType == "seig") { + mTrackSampleToGroupEntries.Clear(); + mTrackSampleToGroupEntries.AppendElements(sbgp.mEntries); + } } } } @@ -495,12 +509,25 @@ Moof::ParseTraf(Box& aBox, Trex& aTrex, Mvhd& aMvhd, Mdhd& aMdhd, Edts& aEdts, S MOZ_ASSERT(aDecodeTime); Tfhd tfhd(aTrex); Tfdt tfdt; + for (Box box = aBox.FirstChild(); box.IsAvailable(); box = box.Next()) { if (box.IsType("tfhd")) { tfhd = Tfhd(box, aTrex); } else if (!aTrex.mTrackId || tfhd.mTrackId == aTrex.mTrackId) { if (box.IsType("tfdt")) { tfdt = Tfdt(box); + } else if (box.IsType("sgpd")) { + Sgpd sgpd(box); + if (sgpd.IsValid() && sgpd.mGroupingType == "seig") { + mFragmentSampleEncryptionInfoEntries.Clear(); + mFragmentSampleEncryptionInfoEntries.AppendElements(sgpd.mEntries); + } + } else if (box.IsType("sbgp")) { + Sbgp sbgp(box); + if (sbgp.IsValid() && sbgp.mGroupingType == "seig") { + mFragmentSampleToGroupEntries.Clear(); + mFragmentSampleToGroupEntries.AppendElements(sbgp.mEntries); + } } else if (box.IsType("saiz")) { mSaizs.AppendElement(Saiz(box, aSinf.mDefaultEncryptionType)); } else if (box.IsType("saio")) { @@ -550,14 +577,20 @@ Moof::ParseTrun(Box& aBox, Tfhd& aTfhd, Mvhd& aMvhd, Mdhd& aMdhd, Edts& aEdts, u LOG(Moof, "Incomplete Box (missing flags)"); return false; } - uint32_t flags = reader->ReadU32(); + uint32_t flags; + if (!reader->ReadU32(flags)) { + return false; + } uint8_t version = flags >> 24; if (!reader->CanReadType<uint32_t>()) { LOG(Moof, "Incomplete Box (missing sampleCount)"); return false; } - uint32_t sampleCount = reader->ReadU32(); + uint32_t sampleCount; + if (!reader->ReadU32(sampleCount)) { + return false; + } if (sampleCount == 0) { return true; } @@ -577,9 +610,21 @@ Moof::ParseTrun(Box& aBox, Tfhd& aTfhd, Mvhd& aMvhd, Mdhd& aMdhd, Edts& aEdts, u return false; } - uint64_t offset = aTfhd.mBaseDataOffset + (flags & 1 ? reader->ReadU32() : 0); - uint32_t firstSampleFlags = - flags & 4 ? reader->ReadU32() : aTfhd.mDefaultSampleFlags; + uint64_t offset = aTfhd.mBaseDataOffset; + if (flags & 1) { + uint32_t baseOffset; + if (!reader->ReadU32(baseOffset)) { + return false; + } + offset += baseOffset; + } + uint32_t firstSampleFlags = aTfhd.mDefaultSampleFlags; + if (flags & 4) { + if (!reader->ReadU32(firstSampleFlags)) { + return false; + } + } + uint64_t decodeTime = *aDecodeTime; nsTArray<Interval<Microseconds>> timeRanges; @@ -589,16 +634,29 @@ Moof::ParseTrun(Box& aBox, Tfhd& aTfhd, Mvhd& aMvhd, Mdhd& aMdhd, Edts& aEdts, u } for (size_t i = 0; i < sampleCount; i++) { - uint32_t sampleDuration = - flags & 0x100 ? reader->ReadU32() : aTfhd.mDefaultSampleDuration; - uint32_t sampleSize = - flags & 0x200 ? reader->ReadU32() : aTfhd.mDefaultSampleSize; - uint32_t sampleFlags = - flags & 0x400 ? reader->ReadU32() - : i ? aTfhd.mDefaultSampleFlags : firstSampleFlags; + uint32_t sampleDuration = aTfhd.mDefaultSampleDuration; + if (flags & 0x100) { + if (!reader->ReadU32(sampleDuration)) { + return false; + } + } + uint32_t sampleSize = aTfhd.mDefaultSampleSize; + if (flags & 0x200) { + if (!reader->ReadU32(sampleSize)) { + return false; + } + } + uint32_t sampleFlags = i ? aTfhd.mDefaultSampleFlags : firstSampleFlags; + if (flags & 0x400) { + if (!reader->ReadU32(sampleFlags)) { + return false; + } + } int32_t ctsOffset = 0; if (flags & 0x800) { - ctsOffset = reader->Read32(); + if (!reader->Read32(ctsOffset)) { + return false; + } } Sample sample; @@ -635,7 +693,10 @@ Tkhd::Tkhd(Box& aBox) LOG(Tkhd, "Incomplete Box (missing flags)"); return; } - uint32_t flags = reader->ReadU32(); + uint32_t flags; + if (!reader->ReadU32(flags)) { + return; + } uint8_t version = flags >> 24; size_t need = 3*(version ? sizeof(int64_t) : sizeof(int32_t)) + 2*sizeof(int32_t); @@ -645,19 +706,30 @@ Tkhd::Tkhd(Box& aBox) return; } if (version == 0) { - mCreationTime = reader->ReadU32(); - mModificationTime = reader->ReadU32(); - mTrackId = reader->ReadU32(); - uint32_t reserved = reader->ReadU32(); + uint32_t createTime, modificationTime, trackId, reserved, duration; + if (!reader->ReadU32(createTime) || + !reader->ReadU32(modificationTime) || + !reader->ReadU32(trackId) || + !reader->ReadU32(reserved) || + !reader->ReadU32(duration)) { + return; + } NS_ASSERTION(!reserved, "reserved should be 0"); - mDuration = reader->ReadU32(); + mCreationTime = createTime; + mModificationTime = modificationTime; + mTrackId = trackId; + mDuration = duration; } else if (version == 1) { - mCreationTime = reader->ReadU64(); - mModificationTime = reader->ReadU64(); - mTrackId = reader->ReadU32(); - uint32_t reserved = reader->ReadU32(); + uint32_t trackId, reserved; + if (!reader->ReadU64(mCreationTime) || + !reader->ReadU64(mModificationTime) || + !reader->ReadU32(trackId) || + !reader->ReadU32(reserved) || + !reader->ReadU64(mDuration)) { + return; + } NS_ASSERTION(!reserved, "reserved should be 0"); - mDuration = reader->ReadU64(); + mTrackId = trackId; } // We don't care about whatever else may be in the box. mValid = true; @@ -670,10 +742,13 @@ Mvhd::Mvhd(Box& aBox) LOG(Mdhd, "Incomplete Box (missing flags)"); return; } - uint32_t flags = reader->ReadU32(); + uint32_t flags; + if (!reader->ReadU32(flags)) { + return; + } uint8_t version = flags >> 24; size_t need = - 3*(version ? sizeof(int64_t) : sizeof(int32_t)) + sizeof(uint32_t); + 3 * (version ? sizeof(int64_t) : sizeof(int32_t)) + sizeof(uint32_t); if (reader->Remaining() < need) { LOG(Mvhd, "Incomplete Box (have:%lld need:%lld)", (uint64_t)reader->Remaining(), (uint64_t)need); @@ -681,15 +756,23 @@ Mvhd::Mvhd(Box& aBox) } if (version == 0) { - mCreationTime = reader->ReadU32(); - mModificationTime = reader->ReadU32(); - mTimescale = reader->ReadU32(); - mDuration = reader->ReadU32(); + uint32_t createTime, modificationTime, duration; + if (!reader->ReadU32(createTime) || + !reader->ReadU32(modificationTime) || + !reader->ReadU32(mTimescale) || + !reader->ReadU32(duration)) { + return; + } + mCreationTime = createTime; + mModificationTime = modificationTime; + mDuration = duration; } else if (version == 1) { - mCreationTime = reader->ReadU64(); - mModificationTime = reader->ReadU64(); - mTimescale = reader->ReadU32(); - mDuration = reader->ReadU64(); + if (!reader->ReadU64(mCreationTime) || + !reader->ReadU64(mModificationTime) || + !reader->ReadU32(mTimescale) || + !reader->ReadU64(mDuration)) { + return; + } } else { return; } @@ -707,18 +790,19 @@ Mdhd::Mdhd(Box& aBox) Trex::Trex(Box& aBox) { BoxReader reader(aBox); - if (reader->Remaining() < 6*sizeof(uint32_t)) { + if (reader->Remaining() < 6 * sizeof(uint32_t)) { LOG(Trex, "Incomplete Box (have:%lld need:%lld)", (uint64_t)reader->Remaining(), (uint64_t)6*sizeof(uint32_t)); return; } - mFlags = reader->ReadU32(); - mTrackId = reader->ReadU32(); - mDefaultSampleDescriptionIndex = reader->ReadU32(); - mDefaultSampleDuration = reader->ReadU32(); - mDefaultSampleSize = reader->ReadU32(); - mDefaultSampleFlags = reader->ReadU32(); - mValid = true; + if (!reader->ReadU32(mFlags) || + !reader->ReadU32(mTrackId) || + !reader->ReadU32(mDefaultSampleDescriptionIndex) || + !reader->ReadU32(mDefaultSampleDuration) || + !reader->ReadU32(mDefaultSampleSize) || + !reader->ReadU32(mDefaultSampleFlags)) { + return; + } } Tfhd::Tfhd(Box& aBox, Trex& aTrex) @@ -733,7 +817,9 @@ Tfhd::Tfhd(Box& aBox, Trex& aTrex) LOG(Tfhd, "Incomplete Box (missing flags)"); return; } - mFlags = reader->ReadU32(); + if (!reader->ReadU32(mFlags)) { + return; + } size_t need = sizeof(uint32_t) /* trackid */; uint8_t flag[] = { 1, 2, 8, 0x10, 0x20, 0 }; uint8_t flagSize[] = { sizeof(uint64_t), sizeof(uint32_t), sizeof(uint32_t), sizeof(uint32_t), sizeof(uint32_t) }; @@ -747,20 +833,34 @@ Tfhd::Tfhd(Box& aBox, Trex& aTrex) (uint64_t)reader->Remaining(), (uint64_t)need); return; } - mTrackId = reader->ReadU32(); - mBaseDataOffset = - mFlags & 1 ? reader->ReadU64() : aBox.Parent()->Parent()->Offset(); + if (!reader->ReadU32(mTrackId)) { + return; + } + mBaseDataOffset = aBox.Parent()->Parent()->Offset(); + if (mFlags & 1) { + if (!reader->ReadU64(mBaseDataOffset)) { + return; + } + } if (mFlags & 2) { - mDefaultSampleDescriptionIndex = reader->ReadU32(); + if (!reader->ReadU32(mDefaultSampleDescriptionIndex)) { + return; + } } if (mFlags & 8) { - mDefaultSampleDuration = reader->ReadU32(); + if (!reader->ReadU32(mDefaultSampleDuration)) { + return; + } } if (mFlags & 0x10) { - mDefaultSampleSize = reader->ReadU32(); + if (!reader->ReadU32(mDefaultSampleSize)) { + return; + } } if (mFlags & 0x20) { - mDefaultSampleFlags = reader->ReadU32(); + if (!reader->ReadU32(mDefaultSampleFlags)) { + return; + } } mValid = true; } @@ -772,7 +872,10 @@ Tfdt::Tfdt(Box& aBox) LOG(Tfdt, "Incomplete Box (missing flags)"); return; } - uint32_t flags = reader->ReadU32(); + uint32_t flags; + if (!reader->ReadU32(flags)) { + return; + } uint8_t version = flags >> 24; size_t need = version ? sizeof(uint64_t) : sizeof(uint32_t) ; if (reader->Remaining() < need) { @@ -781,9 +884,15 @@ Tfdt::Tfdt(Box& aBox) return; } if (version == 0) { - mBaseMediaDecodeTime = reader->ReadU32(); + uint32_t baseDecodeTime; + if (!reader->ReadU32(baseDecodeTime)) { + return; + } + mBaseMediaDecodeTime = baseDecodeTime; } else if (version == 1) { - mBaseMediaDecodeTime = reader->ReadU64(); + if (!reader->ReadU64(mBaseMediaDecodeTime)) { + return; + } } mValid = true; } @@ -802,7 +911,10 @@ Edts::Edts(Box& aBox) LOG(Edts, "Incomplete Box (missing flags)"); return; } - uint32_t flags = reader->ReadU32(); + uint32_t flags; + if (!reader->ReadU32(flags)) { + return; + } uint8_t version = flags >> 24; size_t need = sizeof(uint32_t) + 2*(version ? sizeof(int64_t) : sizeof(uint32_t)); @@ -812,16 +924,27 @@ Edts::Edts(Box& aBox) return; } bool emptyEntry = false; - uint32_t entryCount = reader->ReadU32(); + uint32_t entryCount; + if (!reader->ReadU32(entryCount)) { + return; + } for (uint32_t i = 0; i < entryCount; i++) { uint64_t segment_duration; int64_t media_time; if (version == 1) { - segment_duration = reader->ReadU64(); - media_time = reader->Read64(); + if (!reader->ReadU64(segment_duration) || + !reader->Read64(media_time)) { + return; + } } else { - segment_duration = reader->ReadU32(); - media_time = reader->Read32(); + uint32_t duration; + int32_t time; + if (!reader->ReadU32(duration) || + !reader->Read32(time)) { + return; + } + segment_duration = duration; + media_time = time; } if (media_time == -1 && i) { LOG(Edts, "Multiple empty edit, not handled"); @@ -834,8 +957,12 @@ Edts::Edts(Box& aBox) } else { mMediaStart = media_time; } - reader->ReadU32(); // media_rate_integer and media_rate_fraction + // media_rate_integer and media_rate_fraction + if (!reader->Skip(4)) { + return; + } } + mValid = true; } Saiz::Saiz(Box& aBox, AtomType aDefaultType) @@ -847,7 +974,10 @@ Saiz::Saiz(Box& aBox, AtomType aDefaultType) LOG(Saiz, "Incomplete Box (missing flags)"); return; } - uint32_t flags = reader->ReadU32(); + uint32_t flags; + if (!reader->ReadU32(flags)) { + return; + } uint8_t version = flags >> 24; size_t need = ((flags & 1) ? 2*sizeof(uint32_t) : 0) + sizeof(uint8_t) + sizeof(uint32_t); @@ -857,11 +987,19 @@ Saiz::Saiz(Box& aBox, AtomType aDefaultType) return; } if (flags & 1) { - mAuxInfoType = reader->ReadU32(); - mAuxInfoTypeParameter = reader->ReadU32(); + uint32_t auxType; + if (!reader->ReadU32(auxType) || + !reader->ReadU32(mAuxInfoTypeParameter)) { + return; + } + mAuxInfoType = auxType; + } + uint8_t defaultSampleInfoSize; + uint32_t count; + if (!reader->ReadU8(defaultSampleInfoSize) || + !reader->ReadU32(count)) { + return; } - uint8_t defaultSampleInfoSize = reader->ReadU8(); - uint32_t count = reader->ReadU32(); if (defaultSampleInfoSize) { if (!mSampleInfoSize.SetLength(count, fallible)) { LOG(Saiz, "OOM"); @@ -886,19 +1024,29 @@ Saio::Saio(Box& aBox, AtomType aDefaultType) LOG(Saio, "Incomplete Box (missing flags)"); return; } - uint32_t flags = reader->ReadU32(); + uint32_t flags; + if (!reader->ReadU32(flags)) { + return; + } uint8_t version = flags >> 24; - size_t need = ((flags & 1) ? (2*sizeof(uint32_t)) : 0) + sizeof(uint32_t); + size_t need = ((flags & 1) ? (2 * sizeof(uint32_t)) : 0) + sizeof(uint32_t); if (reader->Remaining() < need) { LOG(Saio, "Incomplete Box (have:%lld need:%lld)", (uint64_t)reader->Remaining(), (uint64_t)need); return; } if (flags & 1) { - mAuxInfoType = reader->ReadU32(); - mAuxInfoTypeParameter = reader->ReadU32(); + uint32_t auxType; + if (!reader->ReadU32(auxType) || + !reader->ReadU32(mAuxInfoTypeParameter)) { + return; + } + mAuxInfoType = auxType; + } + uint32_t count; + if (!reader->ReadU32(count)) { + return; } - size_t count = reader->ReadU32(); need = (version ? sizeof(uint64_t) : sizeof(uint32_t)) * count; if (reader->Remaining() < need) { LOG(Saio, "Incomplete Box (have:%lld need:%lld)", @@ -910,16 +1058,203 @@ Saio::Saio(Box& aBox, AtomType aDefaultType) return; } if (version == 0) { + uint32_t offset; for (size_t i = 0; i < count; i++) { - MOZ_ALWAYS_TRUE(mOffsets.AppendElement(reader->ReadU32(), fallible)); + if (!reader->ReadU32(offset)) { + return; + } + MOZ_ALWAYS_TRUE(mOffsets.AppendElement(offset, fallible)); } } else { + uint64_t offset; for (size_t i = 0; i < count; i++) { - MOZ_ALWAYS_TRUE(mOffsets.AppendElement(reader->ReadU64(), fallible)); + if (!reader->ReadU64(offset)) { + return; + } + MOZ_ALWAYS_TRUE(mOffsets.AppendElement(offset, fallible)); + } + } + mValid = true; +} + +Sbgp::Sbgp(Box& aBox) +{ + BoxReader reader(aBox); + + if (!reader->CanReadType<uint32_t>()) { + LOG(Sbgp, "Incomplete Box (missing flags)"); + return; + } + + uint32_t flags; + if (!reader->ReadU32(flags)) { + return; + } + const uint8_t version = flags >> 24; + flags = flags & 0xffffff; + + // Make sure we have enough bytes to read as far as the count. + uint32_t need = (version == 1 ? sizeof(uint32_t) : 0) + sizeof(uint32_t) * 2; + if (reader->Remaining() < need) { + LOG(Sbgp, "Incomplete Box (have:%lld, need:%lld)", + (uint64_t)reader->Remaining(), (uint64_t)need); + return; + } + + uint32_t groupType; + if (!reader->ReadU32(groupType)) { + return; + } + mGroupingType = groupType; + + if (version == 1) { + if (reader->ReadU32(mGroupingTypeParam)) { + false; + } + } + + uint32_t count; + if (!reader->ReadU32(count)) { + return; + } + + // Make sure we can read all the entries. + need = sizeof(uint32_t) * 2 * count; + if (reader->Remaining() < need) { + LOG(Sbgp, "Incomplete Box (have:%lld, need:%lld). Failed to read entries", + (uint64_t)reader->Remaining(), (uint64_t)need); + return; + } + + for (uint32_t i = 0; i < count; i++) { + uint32_t sampleCount; + uint32_t groupDescriptionIndex; + if (!reader->ReadU32(sampleCount) || + !reader->ReadU32(groupDescriptionIndex)) { + return; } + + SampleToGroupEntry entry(sampleCount, groupDescriptionIndex); + mEntries.AppendElement(entry); } + mValid = true; } +Sgpd::Sgpd(Box& aBox) +{ + BoxReader reader(aBox); + + if (!reader->CanReadType<uint32_t>()) { + LOG(Sgpd, "Incomplete Box (missing flags)"); + return; + } + + uint32_t flags; + if (!reader->ReadU32(flags)) { + return; + } + const uint8_t version = flags >> 24; + flags = flags & 0xffffff; + + uint32_t need = ((flags & 1) ? sizeof(uint32_t) : 0) + sizeof(uint32_t) * 2; + if (reader->Remaining() < need) { + LOG(Sgpd, "Incomplete Box (have:%lld need:%lld)", + (uint64_t)reader->Remaining(), (uint64_t)need); + return; + } + + uint32_t groupType; + if (!reader->ReadU32(groupType)) { + return; + } + mGroupingType = groupType; + + const uint32_t entrySize = sizeof(uint32_t) + kKeyIdSize; + uint32_t defaultLength = 0; + + if (version == 1) { + if (!reader->ReadU32(defaultLength)) { + return; + } + if (defaultLength < entrySize && defaultLength != 0) { + return; + } + } + + uint32_t count; + if (!reader->ReadU32(count)) { + return; + } + + // Make sure we have sufficient remaining bytes to read the entries. + need = + count * (sizeof(uint32_t) * (version == 1 && defaultLength == 0 ? 2 : 1) + + kKeyIdSize * sizeof(uint8_t)); + if (reader->Remaining() < need) { + LOG(Sgpd, "Incomplete Box (have:%lld need:%lld). Failed to read entries", + (uint64_t)reader->Remaining(), (uint64_t)need); + return; + } + for (uint32_t i = 0; i < count; ++i) { + if (version == 1 && defaultLength == 0) { + uint32_t descriptionLength; + if (!reader->ReadU32(descriptionLength)) { + return; + } + if (descriptionLength < entrySize) { + return; + } + } + + CencSampleEncryptionInfoEntry entry; + bool valid = entry.Init(reader); + if (!valid) { + return; + } + mEntries.AppendElement(entry); + } + + mValid = true; +} + +bool CencSampleEncryptionInfoEntry::Init(BoxReader& aReader) +{ + // Skip a reserved byte. + uint8_t skip; + if (!aReader->ReadU8(skip)) { + return false; + } + + uint8_t possiblePatternInfo; + uint8_t flag; + if (!aReader->ReadU8(possiblePatternInfo) || + !aReader->ReadU8(flag) || + !aReader->ReadU8(mIVSize)) { + return false; + } + + // Read the key id. + uint8_t key; + for (uint32_t i = 0; i < kKeyIdSize; ++i) { + if (!aReader->ReadU8(key)) { + return false; + } + mKeyId.AppendElement(key); + } + + mIsEncrypted = flag != 0; + + if (mIsEncrypted) { + if (mIVSize != 8 && mIVSize != 16) { + return false; + } + } else if (mIVSize != 0) { + return false; + } + + return true; +} + #undef LOG } diff --git a/media/libstagefright/binding/SinfParser.cpp b/media/libstagefright/binding/SinfParser.cpp index 5cf3aa5536..5f3a2889e9 100644 --- a/media/libstagefright/binding/SinfParser.cpp +++ b/media/libstagefright/binding/SinfParser.cpp @@ -39,8 +39,13 @@ SinfParser::ParseSchm(Box& aBox) return; } - mozilla::Unused << reader->ReadU32(); // flags -- ignore - mSinf.mDefaultEncryptionType = reader->ReadU32(); + uint32_t type; + if (!reader->Skip(4) || + !reader->ReadU32(type)) { + NS_WARNING("Failed to parse schm data"); + return; + } + mSinf.mDefaultEncryptionType = type; } void @@ -62,11 +67,16 @@ SinfParser::ParseTenc(Box& aBox) return; } - mozilla::Unused << reader->ReadU32(); // flags -- ignore - - uint32_t isEncrypted = reader->ReadU24(); - mSinf.mDefaultIVSize = reader->ReadU8(); - memcpy(mSinf.mDefaultKeyID, reader->Read(16), 16); + uint32_t isEncrypted; + const uint8_t* key; + if (!reader->Skip(4) || // flags -- ignore + !reader->ReadU24(isEncrypted) || + !reader->ReadU8(mSinf.mDefaultIVSize) || + !reader->Read(16, &key)) { + NS_WARNING("Failed to parse tenc data"); + return; + } + memcpy(mSinf.mDefaultKeyID, key, 16); } } diff --git a/media/libstagefright/binding/include/mp4_demuxer/Box.h b/media/libstagefright/binding/include/mp4_demuxer/Box.h index f53404a1d4..6612f6b49e 100644 --- a/media/libstagefright/binding/include/mp4_demuxer/Box.h +++ b/media/libstagefright/binding/include/mp4_demuxer/Box.h @@ -12,7 +12,7 @@ #include "MediaResource.h" #include "mozilla/EndianUtils.h" #include "mp4_demuxer/AtomType.h" -#include "mp4_demuxer/ByteReader.h" +#include "mp4_demuxer/BufferReader.h" using namespace mozilla; @@ -73,11 +73,11 @@ public: , mReader(mBuffer.Elements(), mBuffer.Length()) { } - ByteReader* operator->() { return &mReader; } + BufferReader* operator->() { return &mReader; } private: nsTArray<uint8_t> mBuffer; - ByteReader mReader; + BufferReader mReader; }; } diff --git a/media/libstagefright/binding/include/mp4_demuxer/BufferReader.h b/media/libstagefright/binding/include/mp4_demuxer/BufferReader.h new file mode 100644 index 0000000000..160c97fa0d --- /dev/null +++ b/media/libstagefright/binding/include/mp4_demuxer/BufferReader.h @@ -0,0 +1,225 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef BUFFER_READER_H_ +#define BUFFER_READER_H_ + +#include "mozilla/EndianUtils.h" +#include "mozilla/Vector.h" +#include "nsTArray.h" +#include "MediaData.h" + +namespace mp4_demuxer { + +class MOZ_RAII BufferReader +{ +public: + BufferReader() : mPtr(nullptr), mRemaining(0) {} + explicit BufferReader(const mozilla::Vector<uint8_t>& aData) + : mPtr(aData.begin()), mRemaining(aData.length()), mLength(aData.length()) + { + } + BufferReader(const uint8_t* aData, size_t aSize) + : mPtr(aData), mRemaining(aSize), mLength(aSize) + { + } + template<size_t S> + explicit BufferReader(const AutoTArray<uint8_t, S>& aData) + : mPtr(aData.Elements()), mRemaining(aData.Length()), mLength(aData.Length()) + { + } + explicit BufferReader(const nsTArray<uint8_t>& aData) + : mPtr(aData.Elements()), mRemaining(aData.Length()), mLength(aData.Length()) + { + } + explicit BufferReader(const mozilla::MediaByteBuffer* aData) + : mPtr(aData->Elements()), mRemaining(aData->Length()), mLength(aData->Length()) + { + } + + void SetData(const nsTArray<uint8_t>& aData) + { + MOZ_ASSERT(!mPtr && !mRemaining); + mPtr = aData.Elements(); + mRemaining = aData.Length(); + mLength = mRemaining; + } + + ~BufferReader() + { + } + + size_t Offset() const + { + return mLength - mRemaining; + } + + size_t Remaining() const { return mRemaining; } + + bool CanRead8() const { return mRemaining >= 1; } + + bool ReadU8(uint8_t& aU8) + { + const uint8_t* ptr; + if (!Read(1, &ptr)) { + NS_WARNING("Failed to read data"); + return false; + } + aU8 = *ptr; + return true; + } + + bool CanRead16() { return mRemaining >= 2; } + + bool ReadU16(uint16_t& u16) + { + const uint8_t* ptr; + if (!Read(2, &ptr)) { + NS_WARNING("Failed to read data"); + return false; + } + u16 = mozilla::BigEndian::readUint16(ptr); + return true; + } + + bool CanRead32() { return mRemaining >= 4; } + + bool ReadU32(uint32_t& u32) + { + const uint8_t* ptr; + if (!Read(4, &ptr)) { + NS_WARNING("Failed to read data"); + return false; + } + u32 = mozilla::BigEndian::readUint32(ptr); + return true; + } + + bool Read32(int32_t& i32) + { + const uint8_t* ptr; + if (!Read(4, &ptr)) { + NS_WARNING("Failed to read data"); + return 0; + } + i32 = mozilla::BigEndian::readInt32(ptr); + return true; + } + + bool ReadU64(uint64_t& u64) + { + const uint8_t* ptr; + if (!Read(8, &ptr)) { + NS_WARNING("Failed to read data"); + return false; + } + u64 = mozilla::BigEndian::readUint64(ptr); + return true; + } + + bool Read64(int64_t& i64) + { + const uint8_t* ptr; + if (!Read(8, &ptr)) { + NS_WARNING("Failed to read data"); + return false; + } + i64 = mozilla::BigEndian::readInt64(ptr); + return true; + } + + bool ReadU24(uint32_t& u32) + { + const uint8_t* ptr; + if (!Read(3, &ptr)) { + NS_WARNING("Failed to read data"); + return false; + } + u32 = ptr[0] << 16 | ptr[1] << 8 | ptr[2]; + return true; + } + + bool Skip(size_t aCount) + { + const uint8_t* ptr; + if (!Read(aCount, &ptr)) { + NS_WARNING("Failed to skip data"); + return false; + } + return true; + } + + bool Read(size_t aCount, const uint8_t** aPtr) + { + if (aCount > mRemaining) { + mRemaining = 0; + return false; + } + mRemaining -= aCount; + + *aPtr = mPtr; + mPtr += aCount; + + return true; + } + + uint32_t Align() const + { + return 4 - ((intptr_t)mPtr & 3); + } + + template <typename T> bool CanReadType() const { return mRemaining >= sizeof(T); } + + template <typename T> T ReadType() + { + const uint8_t* ptr; + if (!Read(sizeof(T), &ptr)) { + NS_WARNING("ReadType failed"); + return 0; + } + return *reinterpret_cast<const T*>(ptr); + } + + template <typename T> + MOZ_MUST_USE bool ReadArray(nsTArray<T>& aDest, size_t aLength) + { + const uint8_t* ptr; + if (!Read(aLength * sizeof(T), &ptr)) { + NS_WARNING("ReadArray failed"); + return false; + } + + aDest.Clear(); + aDest.AppendElements(reinterpret_cast<const T*>(ptr), aLength); + return true; + } + + template <typename T> + MOZ_MUST_USE bool ReadArray(FallibleTArray<T>& aDest, size_t aLength) + { + const uint8_t* ptr; + if (!Read(aLength * sizeof(T), &ptr)) { + NS_WARNING("ReadArray failed"); + return false; + } + + aDest.Clear(); + if (!aDest.SetCapacity(aLength, mozilla::fallible)) { + return false; + } + MOZ_ALWAYS_TRUE(aDest.AppendElements(reinterpret_cast<const T*>(ptr), + aLength, + mozilla::fallible)); + return true; + } + +private: + const uint8_t* mPtr; + size_t mRemaining; + size_t mLength; +}; + +} // namespace mp4_demuxer + +#endif diff --git a/media/libstagefright/binding/include/mp4_demuxer/ByteReader.h b/media/libstagefright/binding/include/mp4_demuxer/ByteReader.h index 9c7df04bd0..f316daa417 100644 --- a/media/libstagefright/binding/include/mp4_demuxer/ByteReader.h +++ b/media/libstagefright/binding/include/mp4_demuxer/ByteReader.h @@ -63,7 +63,7 @@ public: { auto ptr = Read(1); if (!ptr) { - MOZ_ASSERT(false); + NS_WARNING("Failed to read data"); return 0; } return *ptr; @@ -75,7 +75,7 @@ public: { auto ptr = Read(2); if (!ptr) { - MOZ_ASSERT(false); + NS_WARNING("Failed to read data"); return 0; } return mozilla::BigEndian::readUint16(ptr); @@ -85,7 +85,7 @@ public: { auto ptr = Read(2); if (!ptr) { - MOZ_ASSERT(false); + NS_WARNING("Failed to read data"); return 0; } return mozilla::LittleEndian::readInt16(ptr); @@ -95,7 +95,7 @@ public: { auto ptr = Read(3); if (!ptr) { - MOZ_ASSERT(false); + NS_WARNING("Failed to read data"); return 0; } return ptr[0] << 16 | ptr[1] << 8 | ptr[2]; @@ -110,7 +110,7 @@ public: { auto ptr = Read(3); if (!ptr) { - MOZ_ASSERT(false); + NS_WARNING("Failed to read data"); return 0; } int32_t result = int32_t(ptr[2] << 16 | ptr[1] << 8 | ptr[0]); @@ -126,7 +126,7 @@ public: { auto ptr = Read(4); if (!ptr) { - MOZ_ASSERT(false); + NS_WARNING("Failed to read data"); return 0; } return mozilla::BigEndian::readUint32(ptr); @@ -136,7 +136,7 @@ public: { auto ptr = Read(4); if (!ptr) { - MOZ_ASSERT(false); + NS_WARNING("Failed to read data"); return 0; } return mozilla::BigEndian::readInt32(ptr); @@ -146,7 +146,7 @@ public: { auto ptr = Read(8); if (!ptr) { - MOZ_ASSERT(false); + NS_WARNING("Failed to read data"); return 0; } return mozilla::BigEndian::readUint64(ptr); @@ -156,7 +156,7 @@ public: { auto ptr = Read(8); if (!ptr) { - MOZ_ASSERT(false); + NS_WARNING("Failed to read data"); return 0; } return mozilla::BigEndian::readInt64(ptr); @@ -192,7 +192,7 @@ public: { auto ptr = Peek(1); if (!ptr) { - MOZ_ASSERT(false); + NS_WARNING("Failed to peek data"); return 0; } return *ptr; @@ -202,7 +202,7 @@ public: { auto ptr = Peek(2); if (!ptr) { - MOZ_ASSERT(false); + NS_WARNING("Failed to peek data"); return 0; } return mozilla::BigEndian::readUint16(ptr); @@ -212,7 +212,7 @@ public: { auto ptr = Peek(3); if (!ptr) { - MOZ_ASSERT(false); + NS_WARNING("Failed to peek data"); return 0; } return ptr[0] << 16 | ptr[1] << 8 | ptr[2]; @@ -227,7 +227,7 @@ public: { auto ptr = Peek(4); if (!ptr) { - MOZ_ASSERT(false); + NS_WARNING("Failed to peek data"); return 0; } return mozilla::BigEndian::readUint32(ptr); @@ -237,7 +237,7 @@ public: { auto ptr = Peek(4); if (!ptr) { - MOZ_ASSERT(false); + NS_WARNING("Failed to peek data"); return 0; } return mozilla::BigEndian::readInt32(ptr); @@ -247,7 +247,7 @@ public: { auto ptr = Peek(8); if (!ptr) { - MOZ_ASSERT(false); + NS_WARNING("Failed to peek data"); return 0; } return mozilla::BigEndian::readUint64(ptr); @@ -257,7 +257,7 @@ public: { auto ptr = Peek(8); if (!ptr) { - MOZ_ASSERT(false); + NS_WARNING("Failed to peek data"); return 0; } return mozilla::BigEndian::readInt64(ptr); @@ -274,7 +274,7 @@ public: const uint8_t* Seek(size_t aOffset) { if (aOffset >= mLength) { - MOZ_ASSERT(false); + NS_WARNING("Seek failed"); return nullptr; } @@ -301,7 +301,7 @@ public: { auto ptr = Read(sizeof(T)); if (!ptr) { - MOZ_ASSERT(false); + NS_WARNING("ReadType failed"); return 0; } return *reinterpret_cast<const T*>(ptr); @@ -312,6 +312,7 @@ public: { auto ptr = Read(aLength * sizeof(T)); if (!ptr) { + NS_WARNING("ReadArray failed"); return false; } @@ -325,6 +326,7 @@ public: { auto ptr = Read(aLength * sizeof(T)); if (!ptr) { + NS_WARNING("ReadArray failed"); return false; } diff --git a/media/libstagefright/binding/include/mp4_demuxer/Index.h b/media/libstagefright/binding/include/mp4_demuxer/Index.h index d566c9459c..ca254f73da 100644 --- a/media/libstagefright/binding/include/mp4_demuxer/Index.h +++ b/media/libstagefright/binding/include/mp4_demuxer/Index.h @@ -32,6 +32,9 @@ public: Microseconds GetNextKeyframeTime(); private: Sample* Get(); + + CencSampleEncryptionInfoEntry* GetSampleEncryptionEntry(); + void Next(); RefPtr<Index> mIndex; friend class Index; diff --git a/media/libstagefright/binding/include/mp4_demuxer/MoofParser.h b/media/libstagefright/binding/include/mp4_demuxer/MoofParser.h index 814f806fc2..bb895555c8 100644 --- a/media/libstagefright/binding/include/mp4_demuxer/MoofParser.h +++ b/media/libstagefright/binding/include/mp4_demuxer/MoofParser.h @@ -17,6 +17,7 @@ typedef int64_t Microseconds; class Box; class BoxContext; +class BoxReader; class Moof; class Mvhd : public Atom @@ -160,6 +161,53 @@ public: FallibleTArray<uint64_t> mOffsets; }; +struct SampleToGroupEntry +{ +public: + static const uint32_t kTrackGroupDescriptionIndexBase = 0; + static const uint32_t kFragmentGroupDescriptionIndexBase = 0x10000; + + SampleToGroupEntry(uint32_t aSampleCount, uint32_t aGroupDescriptionIndex) + : mSampleCount(aSampleCount) + , mGroupDescriptionIndex(aGroupDescriptionIndex) + { + } + + uint32_t mSampleCount; + uint32_t mGroupDescriptionIndex; +}; + +class Sbgp final : public Atom // SampleToGroup box. +{ +public: + explicit Sbgp(Box& aBox); + + AtomType mGroupingType; + uint32_t mGroupingTypeParam; + nsTArray<SampleToGroupEntry> mEntries; +}; + +struct CencSampleEncryptionInfoEntry final +{ +public: + CencSampleEncryptionInfoEntry() { } + + bool Init(BoxReader& aReader); + + bool mIsEncrypted = false; + uint8_t mIVSize = 0; + nsTArray<uint8_t> mKeyId; +}; + +class Sgpd final : public Atom // SampleGroupDescription box. +{ +public: + explicit Sgpd(Box& aBox); + + AtomType mGroupingType; + nsTArray<CencSampleEncryptionInfoEntry> mEntries; +}; + class AuxInfo { public: AuxInfo(int64_t aMoofOffset, Saiz& aSaiz, Saio& aSaio); @@ -182,6 +230,9 @@ public: Interval<Microseconds> mTimeRange; FallibleTArray<Sample> mIndex; + nsTArray<CencSampleEncryptionInfoEntry> mFragmentSampleEncryptionInfoEntries; + nsTArray<SampleToGroupEntry> mFragmentSampleToGroupEntries; + nsTArray<Saiz> mSaizs; nsTArray<Saio> mSaios; @@ -246,6 +297,10 @@ public: Tfdt mTfdt; Edts mEdts; Sinf mSinf; + + nsTArray<CencSampleEncryptionInfoEntry> mTrackSampleEncryptionInfoEntries; + nsTArray<SampleToGroupEntry> mTrackSampleToGroupEntries; + nsTArray<Moof>& Moofs() { return mMoofs; } private: void ScanForMetadata(mozilla::MediaByteRange& aFtyp, diff --git a/media/libstagefright/frameworks/av/media/libstagefright/MPEG4Extractor.cpp b/media/libstagefright/frameworks/av/media/libstagefright/MPEG4Extractor.cpp index e881e0262c..5667f04d87 100644 --- a/media/libstagefright/frameworks/av/media/libstagefright/MPEG4Extractor.cpp +++ b/media/libstagefright/frameworks/av/media/libstagefright/MPEG4Extractor.cpp @@ -753,7 +753,6 @@ status_t MPEG4Extractor::parseChunk(off64_t *offset, int depth) { case FOURCC('m', 'o', 'o', 'f'): case FOURCC('t', 'r', 'a', 'f'): case FOURCC('m', 'f', 'r', 'a'): - case FOURCC('u', 'd', 't', 'a'): case FOURCC('i', 'l', 's', 't'): case FOURCC('s', 'i', 'n', 'f'): case FOURCC('s', 'c', 'h', 'i'): diff --git a/media/libstagefright/moz.build b/media/libstagefright/moz.build index c6072d840f..5a8c9521a6 100644 --- a/media/libstagefright/moz.build +++ b/media/libstagefright/moz.build @@ -53,6 +53,7 @@ EXPORTS.mp4_demuxer += [ 'binding/include/mp4_demuxer/Atom.h', 'binding/include/mp4_demuxer/AtomType.h', 'binding/include/mp4_demuxer/BitReader.h', + 'binding/include/mp4_demuxer/BufferReader.h', 'binding/include/mp4_demuxer/BufferStream.h', 'binding/include/mp4_demuxer/ByteReader.h', 'binding/include/mp4_demuxer/ByteWriter.h', diff --git a/media/webrtc/signaling/src/media-conduit/AudioConduit.cpp b/media/webrtc/signaling/src/media-conduit/AudioConduit.cpp index 2c57431e78..e36b8b6cf4 100755 --- a/media/webrtc/signaling/src/media-conduit/AudioConduit.cpp +++ b/media/webrtc/signaling/src/media-conduit/AudioConduit.cpp @@ -706,15 +706,6 @@ WebrtcAudioConduit::GetAudioFrame(int16_t speechData[], if (GetAVStats(&jitter_buffer_delay_ms, &playout_buffer_delay_ms, &avsync_offset_ms)) { -#if !defined(MOZILLA_EXTERNAL_LINKAGE) - if (avsync_offset_ms < 0) { - Telemetry::Accumulate(Telemetry::WEBRTC_AVSYNC_WHEN_VIDEO_LAGS_AUDIO_MS, - -avsync_offset_ms); - } else { - Telemetry::Accumulate(Telemetry::WEBRTC_AVSYNC_WHEN_AUDIO_LAGS_VIDEO_MS, - avsync_offset_ms); - } -#endif CSFLogError(logTag, "A/V sync: sync delta: %dms, audio jitter delay %dms, playout delay %dms", avsync_offset_ms, jitter_buffer_delay_ms, playout_buffer_delay_ms); diff --git a/media/webrtc/signaling/src/media-conduit/CodecStatistics.cpp b/media/webrtc/signaling/src/media-conduit/CodecStatistics.cpp index eb03c0bf80..da40a59eac 100644 --- a/media/webrtc/signaling/src/media-conduit/CodecStatistics.cpp +++ b/media/webrtc/signaling/src/media-conduit/CodecStatistics.cpp @@ -124,8 +124,6 @@ void VideoCodecStatistics::ReceiveStateChange(const int aChannel, TimeDuration timeDelta = TimeStamp::Now() - mReceiveFailureTime; CSFLogError(logTag, "Video error duration: %u ms", static_cast<uint32_t>(timeDelta.ToMilliseconds())); - Telemetry::Accumulate(Telemetry::WEBRTC_VIDEO_ERROR_RECOVERY_MS, - static_cast<uint32_t>(timeDelta.ToMilliseconds())); mRecoveredLosses++; // to calculate losses per minute mTotalLossTime += timeDelta; // To calculate % time in recovery @@ -147,16 +145,10 @@ void VideoCodecStatistics::EndOfCallStats() if (callDelta.ToSeconds() != 0) { uint32_t recovered_per_min = mRecoveredBeforeLoss/(callDelta.ToSeconds()/60); CSFLogError(logTag, "Video recovery before error per min %u", recovered_per_min); - Telemetry::Accumulate(Telemetry::WEBRTC_VIDEO_RECOVERY_BEFORE_ERROR_PER_MIN, - recovered_per_min); uint32_t err_per_min = mRecoveredLosses/(callDelta.ToSeconds()/60); CSFLogError(logTag, "Video recovery after error per min %u", err_per_min); - Telemetry::Accumulate(Telemetry::WEBRTC_VIDEO_RECOVERY_AFTER_ERROR_PER_MIN, - err_per_min); float percent = (mTotalLossTime.ToSeconds()*100)/callDelta.ToSeconds(); CSFLogError(logTag, "Video error time percentage %f%%", percent); - Telemetry::Accumulate(Telemetry::WEBRTC_VIDEO_DECODE_ERROR_TIME_PERMILLE, - static_cast<uint32_t>(percent*10)); } } #endif diff --git a/media/webrtc/signaling/src/peerconnection/PeerConnectionImpl.cpp b/media/webrtc/signaling/src/peerconnection/PeerConnectionImpl.cpp index 33422ed7a6..43d10ca86b 100644 --- a/media/webrtc/signaling/src/peerconnection/PeerConnectionImpl.cpp +++ b/media/webrtc/signaling/src/peerconnection/PeerConnectionImpl.cpp @@ -2245,22 +2245,6 @@ PeerConnectionImpl::AddIceCandidate(const char* aCandidate, const char* aMid, un CSFLogDebug(logTag, "AddIceCandidate: %s", aCandidate); -#if !defined(MOZILLA_EXTERNAL_LINKAGE) - // When remote candidates are added before our ICE ctx is up and running - // (the transition to New is async through STS, so this is not impossible), - // we won't record them as trickle candidates. Is this what we want? - if(!mIceStartTime.IsNull()) { - TimeDuration timeDelta = TimeStamp::Now() - mIceStartTime; - if (mIceConnectionState == PCImplIceConnectionState::Failed) { - Telemetry::Accumulate(Telemetry::WEBRTC_ICE_LATE_TRICKLE_ARRIVAL_TIME, - timeDelta.ToMilliseconds()); - } else { - Telemetry::Accumulate(Telemetry::WEBRTC_ICE_ON_TIME_TRICKLE_ARRIVAL_TIME, - timeDelta.ToMilliseconds()); - } - } -#endif - nsresult res = mJsepSession->AddRemoteIceCandidate(aCandidate, aMid, aLevel); if (NS_SUCCEEDED(res)) { @@ -3011,49 +2995,7 @@ PeerConnectionImpl::PluginCrash(uint32_t aPluginID, void PeerConnectionImpl::RecordEndOfCallTelemetry() const { - if (!mJsepSession) { - return; - } - -#if !defined(MOZILLA_EXTERNAL_LINKAGE) - // Bitmask used for WEBRTC/LOOP_CALL_TYPE telemetry reporting - static const uint32_t kAudioTypeMask = 1; - static const uint32_t kVideoTypeMask = 2; - static const uint32_t kDataChannelTypeMask = 4; - - // Report end-of-call Telemetry - if (mJsepSession->GetNegotiations() > 0) { - Telemetry::Accumulate(Telemetry::WEBRTC_RENEGOTIATIONS, - mJsepSession->GetNegotiations()-1); - } - Telemetry::Accumulate(Telemetry::WEBRTC_MAX_VIDEO_SEND_TRACK, - mMaxSending[SdpMediaSection::MediaType::kVideo]); - Telemetry::Accumulate(Telemetry::WEBRTC_MAX_VIDEO_RECEIVE_TRACK, - mMaxReceiving[SdpMediaSection::MediaType::kVideo]); - Telemetry::Accumulate(Telemetry::WEBRTC_MAX_AUDIO_SEND_TRACK, - mMaxSending[SdpMediaSection::MediaType::kAudio]); - Telemetry::Accumulate(Telemetry::WEBRTC_MAX_AUDIO_RECEIVE_TRACK, - mMaxReceiving[SdpMediaSection::MediaType::kAudio]); - // DataChannels appear in both Sending and Receiving - Telemetry::Accumulate(Telemetry::WEBRTC_DATACHANNEL_NEGOTIATED, - mMaxSending[SdpMediaSection::MediaType::kApplication]); - // Enumerated/bitmask: 1 = Audio, 2 = Video, 4 = DataChannel - // A/V = 3, A/V/D = 7, etc - uint32_t type = 0; - if (mMaxSending[SdpMediaSection::MediaType::kAudio] || - mMaxReceiving[SdpMediaSection::MediaType::kAudio]) { - type = kAudioTypeMask; - } - if (mMaxSending[SdpMediaSection::MediaType::kVideo] || - mMaxReceiving[SdpMediaSection::MediaType::kVideo]) { - type |= kVideoTypeMask; - } - if (mMaxSending[SdpMediaSection::MediaType::kApplication]) { - type |= kDataChannelTypeMask; - } - Telemetry::Accumulate(Telemetry::WEBRTC_CALL_TYPE, - type); -#endif + /* STUB */ } nsresult @@ -3109,13 +3051,6 @@ PeerConnectionImpl::ShutdownMedia() pair.second->RemovePrincipalChangeObserver(this); } } - - // End of call to be recorded in Telemetry - if (!mStartTime.IsNull()){ - TimeDuration timeDelta = TimeStamp::Now() - mStartTime; - Telemetry::Accumulate(Telemetry::WEBRTC_CALL_DURATION, - timeDelta.ToSeconds()); - } #endif // Forget the reference so that we can transfer it to @@ -3423,33 +3358,6 @@ void PeerConnectionImpl::IceConnectionStateChange( return; } -#if !defined(MOZILLA_EXTERNAL_LINKAGE) - if (!isDone(mIceConnectionState) && isDone(domState)) { - // mIceStartTime can be null if going directly from New to Closed, in which - // case we don't count it as a success or a failure. - if (!mIceStartTime.IsNull()){ - TimeDuration timeDelta = TimeStamp::Now() - mIceStartTime; - if (isSucceeded(domState)) { - Telemetry::Accumulate(Telemetry::WEBRTC_ICE_SUCCESS_TIME, - timeDelta.ToMilliseconds()); - } else if (isFailed(domState)) { - Telemetry::Accumulate(Telemetry::WEBRTC_ICE_FAILURE_TIME, - timeDelta.ToMilliseconds()); - } - } - - if (isSucceeded(domState)) { - Telemetry::Accumulate( - Telemetry::WEBRTC_ICE_ADD_CANDIDATE_ERRORS_GIVEN_SUCCESS, - mAddCandidateErrorCount); - } else if (isFailed(domState)) { - Telemetry::Accumulate( - Telemetry::WEBRTC_ICE_ADD_CANDIDATE_ERRORS_GIVEN_FAILURE, - mAddCandidateErrorCount); - } - } -#endif - mIceConnectionState = domState; if (mIceConnectionState == PCImplIceConnectionState::Connected || @@ -3467,10 +3375,6 @@ void PeerConnectionImpl::IceConnectionStateChange( STAMP_TIMECARD(mTimeCard, "Ice state: new"); break; case PCImplIceConnectionState::Checking: -#if !defined(MOZILLA_EXTERNAL_LINKAGE) - // For telemetry - mIceStartTime = TimeStamp::Now(); -#endif STAMP_TIMECARD(mTimeCard, "Ice state: checking"); break; case PCImplIceConnectionState::Connected: @@ -4067,16 +3971,7 @@ PeerConnectionImpl::IceStreamReady(NrIceMediaStream *aStream) //Telemetry for when calls start void PeerConnectionImpl::startCallTelem() { - if (!mStartTime.IsNull()) { - return; - } - - // Start time for calls - mStartTime = TimeStamp::Now(); - - // Increment session call counter - // If we want to track Loop calls independently here, we need two histograms. - Telemetry::Accumulate(Telemetry::WEBRTC_CALL_COUNT_2, 1); + /* STUB */ } #endif diff --git a/media/webrtc/signaling/src/peerconnection/WebrtcGlobalInformation.cpp b/media/webrtc/signaling/src/peerconnection/WebrtcGlobalInformation.cpp index 96bdd5b70f..f283d61110 100644 --- a/media/webrtc/signaling/src/peerconnection/WebrtcGlobalInformation.cpp +++ b/media/webrtc/signaling/src/peerconnection/WebrtcGlobalInformation.cpp @@ -1194,18 +1194,8 @@ static void GetStatsForLongTermStorage_s( rate_limit_bit_pattern |= 2; } - if (query->failed) { - Telemetry::Accumulate( - Telemetry::WEBRTC_STUN_RATE_LIMIT_EXCEEDED_BY_TYPE_GIVEN_FAILURE, - rate_limit_bit_pattern); - } else { - Telemetry::Accumulate( - Telemetry::WEBRTC_STUN_RATE_LIMIT_EXCEEDED_BY_TYPE_GIVEN_SUCCESS, - rate_limit_bit_pattern); - } - - // Even if Telemetry::Accumulate is threadsafe, we still need to send the - // query back to main, since that is where it must be destroyed. + // We still need to send the query back to main, since that is where + // it must be destroyed. NS_DispatchToMainThread( WrapRunnableNM( &StoreLongTermICEStatisticsImpl_m, @@ -1216,8 +1206,6 @@ static void GetStatsForLongTermStorage_s( void WebrtcGlobalInformation::StoreLongTermICEStatistics( PeerConnectionImpl& aPc) { - Telemetry::Accumulate(Telemetry::WEBRTC_ICE_FINAL_CONNECTION_STATE, - static_cast<uint32_t>(aPc.IceConnectionState())); if (aPc.IceConnectionState() == PCImplIceConnectionState::New) { // ICE has not started; we won't have any remote candidates, so recording diff --git a/mfbt/EnumSet.h b/mfbt/EnumSet.h index 5282ab30c3..b18b5a7696 100644 --- a/mfbt/EnumSet.h +++ b/mfbt/EnumSet.h @@ -335,7 +335,7 @@ private: uint32_t mBitField; #ifdef DEBUG - uint64_t mVersion; + uint64_t mVersion = 0; #endif }; diff --git a/mfbt/tests/TestTypeTraits.cpp b/mfbt/tests/TestTypeTraits.cpp index f0a5651429..eb412bc54c 100644 --- a/mfbt/tests/TestTypeTraits.cpp +++ b/mfbt/tests/TestTypeTraits.cpp @@ -70,8 +70,8 @@ static_assert(!IsPointer<IsPointerTest>::value, "IsPointerTest not a pointer"); static_assert(IsPointer<IsPointerTest*>::value, "IsPointerTest* is a pointer"); -static_assert(!IsPointer<bool(IsPointerTest::*)>::value, - "bool(IsPointerTest::*) not a pointer"); +static_assert(!IsPointer<bool(IsPointerTest::*)()>::value, + "bool(IsPointerTest::*)() not a pointer"); static_assert(!IsPointer<void(IsPointerTest::*)(void)>::value, "void(IsPointerTest::*)(void) not a pointer"); diff --git a/mobile/android/.eslintrc b/mobile/android/.eslintrc index ce106c2d11..db673a6b7d 100644 --- a/mobile/android/.eslintrc +++ b/mobile/android/.eslintrc @@ -24,7 +24,6 @@ globals: strings: false Strings: false Task: false - TelemetryStopwatch: false UITelemetry: false UserAgentOverrides: 0 XPCOMUtils: false diff --git a/mobile/android/chrome/content/aboutLogins.js b/mobile/android/chrome/content/aboutLogins.js index 99e2af841a..b3d0038759 100644 --- a/mobile/android/chrome/content/aboutLogins.js +++ b/mobile/android/chrome/content/aboutLogins.js @@ -8,7 +8,6 @@ Cu.import("resource://services-common/utils.js"); /*global: CommonUtils */ Cu.import("resource://gre/modules/Messaging.jsm"); Cu.import("resource://gre/modules/Services.jsm"); Cu.import("resource://gre/modules/XPCOMUtils.jsm"); -Cu.import("resource://gre/modules/TelemetryStopwatch.jsm"); XPCOMUtils.defineLazyGetter(window, "gChromeWin", () => window.QueryInterface(Ci.nsIInterfaceRequestor) diff --git a/mobile/android/components/SessionStore.js b/mobile/android/components/SessionStore.js index 18ac6bf940..a23c52fe33 100644 --- a/mobile/android/components/SessionStore.js +++ b/mobile/android/components/SessionStore.js @@ -16,7 +16,6 @@ XPCOMUtils.defineLazyModuleGetter(this, "Messaging", "resource://gre/modules/Mes XPCOMUtils.defineLazyModuleGetter(this, "PrivateBrowsingUtils", "resource://gre/modules/PrivateBrowsingUtils.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "FormData", "resource://gre/modules/FormData.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "ScrollPosition", "resource://gre/modules/ScrollPosition.jsm"); -XPCOMUtils.defineLazyModuleGetter(this, "TelemetryStopwatch", "resource://gre/modules/TelemetryStopwatch.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "Log", "resource://gre/modules/AndroidLog.jsm", "AndroidLog"); XPCOMUtils.defineLazyModuleGetter(this, "SharedPreferences", "resource://gre/modules/SharedPreferences.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "Utils", "resource://gre/modules/sessionstore/Utils.jsm"); @@ -1053,9 +1052,7 @@ SessionStore.prototype = { * @param aAsync boolelan used to determine the method of saving the state */ _writeFile: function ss_writeFile(aFile, aFileTemp, aData, aAsync) { - TelemetryStopwatch.start("FX_SESSION_RESTORE_SERIALIZE_DATA_MS"); let state = JSON.stringify(aData); - TelemetryStopwatch.finish("FX_SESSION_RESTORE_SERIALIZE_DATA_MS"); // Convert data string to a utf-8 encoded array buffer let buffer = new TextEncoder().encode(state); diff --git a/modules/libjar/nsJARChannel.cpp b/modules/libjar/nsJARChannel.cpp index 4b6b78c6d2..ee60602dae 100644 --- a/modules/libjar/nsJARChannel.cpp +++ b/modules/libjar/nsJARChannel.cpp @@ -22,7 +22,6 @@ #include "nsIFileURL.h" #include "mozilla/Preferences.h" -#include "mozilla/Telemetry.h" #include "nsITabChild.h" #include "private/pprio.h" #include "nsInputStreamPump.h" @@ -791,12 +790,6 @@ nsJARChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *ctx) return NS_ERROR_UNSAFE_CONTENT_TYPE; } - static bool reportedRemoteJAR = false; - if (!reportedRemoteJAR) { - reportedRemoteJAR = true; - Telemetry::Accumulate(Telemetry::REMOTE_JAR_PROTOCOL_USED, 1); - } - // kick off an async download of the base URI... nsCOMPtr<nsIStreamListener> downloader = new MemoryDownloader(this); uint32_t loadFlags = diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js index 7172a8a90a..1eee30210d 100644 --- a/modules/libpref/init/all.js +++ b/modules/libpref/init/all.js @@ -247,6 +247,10 @@ pref("dom.compartment_per_addon", true); // of content viewers to cache based on the amount of available memory. pref("browser.sessionhistory.max_total_viewers", -1); +// Whether to store 'about:newtab' in the session history, disabled by default. +// See https://github.com/MoonchildProductions/UXP/issues/719 +pref("browser.newtabpage.add_to_session_history", false); + pref("ui.use_native_colors", true); pref("ui.click_hold_context_menus", false); // Duration of timeout of incremental search in menus (ms). 0 means infinite. @@ -273,6 +277,9 @@ pref("browser.display.show_image_placeholders", true); pref("browser.display.show_loading_image_placeholder", false); // min font device pixel size at which to turn on high quality pref("browser.display.auto_quality_min_font_size", 20); +// Background color for standalone images; leave empty to use default +// all CSS colors available: named colors, rgb(..), #rrggbb, ... +pref("browser.display.standalone_images.background_color", ""); pref("browser.anchor_color", "#0000EE"); pref("browser.active_color", "#EE0000"); pref("browser.visited_color", "#551A8B"); @@ -919,16 +926,16 @@ pref("toolkit.scrollbox.clickToScroll.scrollDelay", 150); // Telemetry settings. // Server to submit telemetry pings to. -pref("toolkit.telemetry.server", "https://incoming.telemetry.mozilla.org"); +pref("toolkit.telemetry.server", ""); // Telemetry server owner. Please change if you set toolkit.telemetry.server to a different server -pref("toolkit.telemetry.server_owner", "Mozilla"); +pref("toolkit.telemetry.server_owner", ""); // Information page about telemetry (temporary ; will be about:telemetry in the end) -pref("toolkit.telemetry.infoURL", "https://www.mozilla.org/legal/privacy/firefox.html#telemetry"); +pref("toolkit.telemetry.infoURL", ""); // Determines whether full SQL strings are returned when they might contain sensitive info // i.e. dynamically constructed SQL strings or SQL executed by addons against addon DBs pref("toolkit.telemetry.debugSlowSql", false); // Whether to use the unified telemetry behavior, requires a restart. -pref("toolkit.telemetry.unified", true); +pref("toolkit.telemetry.unified", false); // Identity module pref("toolkit.identity.enabled", false); @@ -1435,11 +1442,7 @@ pref("network.http.response.timeout", 300); // Limit the absolute number of http connections. // Note: the socket transport service will clamp the number below this if the OS // cannot allocate that many FDs -#ifdef ANDROID pref("network.http.max-connections", 256); -#else -pref("network.http.max-connections", 900); -#endif // If NOT connecting via a proxy, then // a new connection will only be attempted if the number of active persistent @@ -1487,13 +1490,13 @@ pref("network.http.redirection-limit", 20); pref("network.http.accept-encoding", "gzip, deflate"); pref("network.http.accept-encoding.secure", "gzip, deflate, br"); -pref("network.http.pipelining" , false); +pref("network.http.pipelining" , true); pref("network.http.pipelining.ssl" , false); // disable pipelining over SSL pref("network.http.pipelining.abtest", false); pref("network.http.proxy.pipelining", false); // Max number of requests in the pipeline -pref("network.http.pipelining.maxrequests" , 32); +pref("network.http.pipelining.maxrequests" , 16); // An optimistic request is one pipelined when policy might allow a new // connection instead @@ -2206,6 +2209,10 @@ pref("ui.key.contentAccess", 5); pref("ui.key.menuAccessKeyFocuses", false); // overridden below pref("ui.key.saveLink.shift", true); // true = shift, false = meta +// When true, overrides OS convention to lock content scrolling +// if a contextual menu is open. +pref("ui.menu.allow_content_scroll", false); + // Disable page loading activity cursor by default. pref("ui.use_activity_cursor", false); @@ -2837,12 +2844,7 @@ pref("dom.ipc.plugins.unloadTimeoutSecs", 30); // Asynchronous plugin initialization is on hold. pref("dom.ipc.plugins.asyncInit.enabled", false); -#ifdef RELEASE_OR_BETA -pref("dom.ipc.plugins.asyncdrawing.enabled", false); -#else -// Allow the AsyncDrawing mode to be used for plugins in dev channels. pref("dom.ipc.plugins.asyncdrawing.enabled", true); -#endif pref("dom.ipc.processCount", 1); @@ -4601,8 +4603,8 @@ pref("gfx.direct2d.force-enabled", false); pref("layers.prefer-opengl", false); pref("layers.prefer-d3d9", false); -// Disable for now due to bug 1304360 -pref("layers.allow-d3d9-fallback", false); +// Enable fallback if d3d11 can't be used. See bug #1262187 +pref("layers.allow-d3d9-fallback", true); #endif // Copy-on-write canvas @@ -4723,7 +4725,8 @@ pref("dom.vibrator.max_vibrate_ms", 10000); pref("dom.vibrator.max_vibrate_list_len", 128); // Battery API -pref("dom.battery.enabled", true); +// Disabled by default to reduce private data exposure. +pref("dom.battery.enabled", false); // Push diff --git a/modules/zlib/src/ChangeLog b/modules/zlib/src/ChangeLog index f22aabaef5..b27cc4f0e7 100644 --- a/modules/zlib/src/ChangeLog +++ b/modules/zlib/src/ChangeLog @@ -1,10 +1,53 @@ ChangeLog file for zlib +Changes in 1.2.11 (15 Jan 2017) +- Fix deflate stored bug when pulling last block from window +- Permit immediate deflateParams changes before any deflate input + +Changes in 1.2.10 (2 Jan 2017) +- Avoid warnings on snprintf() return value +- Fix bug in deflate_stored() for zero-length input +- Fix bug in gzwrite.c that produced corrupt gzip files +- Remove files to be installed before copying them in Makefile.in +- Add warnings when compiling with assembler code + +Changes in 1.2.9 (31 Dec 2016) +- Fix contrib/minizip to permit unzipping with desktop API [Zouzou] +- Improve contrib/blast to return unused bytes +- Assure that gzoffset() is correct when appending +- Improve compress() and uncompress() to support large lengths +- Fix bug in test/example.c where error code not saved +- Remedy Coverity warning [Randers-Pehrson] +- Improve speed of gzprintf() in transparent mode +- Fix inflateInit2() bug when windowBits is 16 or 32 +- Change DEBUG macro to ZLIB_DEBUG +- Avoid uninitialized access by gzclose_w() +- Allow building zlib outside of the source directory +- Fix bug that accepted invalid zlib header when windowBits is zero +- Fix gzseek() problem on MinGW due to buggy _lseeki64 there +- Loop on write() calls in gzwrite.c in case of non-blocking I/O +- Add --warn (-w) option to ./configure for more compiler warnings +- Reject a window size of 256 bytes if not using the zlib wrapper +- Fix bug when level 0 used with Z_HUFFMAN or Z_RLE +- Add --debug (-d) option to ./configure to define ZLIB_DEBUG +- Fix bugs in creating a very large gzip header +- Add uncompress2() function, which returns the input size used +- Assure that deflateParams() will not switch functions mid-block +- Dramatically speed up deflation for level 0 (storing) +- Add gzfread(), duplicating the interface of fread() +- Add gzfwrite(), duplicating the interface of fwrite() +- Add deflateGetDictionary() function +- Use snprintf() for later versions of Microsoft C +- Fix *Init macros to use z_ prefix when requested +- Replace as400 with os400 for OS/400 support [Monnerat] +- Add crc32_z() and adler32_z() functions with size_t lengths +- Update Visual Studio project files [AraHaan] + Changes in 1.2.8 (28 Apr 2013) - Update contrib/minizip/iowin32.c for Windows RT [Vollant] - Do not force Z_CONST for C++ -- Clean up contrib/vstudio [Ro§] +- Clean up contrib/vstudio [Ro§] - Correct spelling error in zlib.h - Fix mixed line endings in contrib/vstudio @@ -34,7 +77,7 @@ Changes in 1.2.7.1 (24 Mar 2013) - Clean up the usage of z_const and respect const usage within zlib - Clean up examples/gzlog.[ch] comparisons of different types - Avoid shift equal to bits in type (caused endless loop) -- Fix unintialized value bug in gzputc() introduced by const patches +- Fix uninitialized value bug in gzputc() introduced by const patches - Fix memory allocation error in examples/zran.c [Nor] - Fix bug where gzopen(), gzclose() would write an empty file - Fix bug in gzclose() when gzwrite() runs out of memory @@ -194,7 +237,7 @@ Changes in 1.2.5.2 (17 Dec 2011) - Add a transparent write mode to gzopen() when 'T' is in the mode - Update python link in zlib man page - Get inffixed.h and MAKEFIXED result to match -- Add a ./config --solo option to make zlib subset with no libary use +- Add a ./config --solo option to make zlib subset with no library use - Add undocumented inflateResetKeep() function for CAB file decoding - Add --cover option to ./configure for gcc coverage testing - Add #define ZLIB_CONST option to use const in the z_stream interface @@ -564,7 +607,7 @@ Changes in 1.2.3.1 (16 August 2006) - Update make_vms.com [Zinser] - Use -fPIC for shared build in configure [Teredesai, Nicholson] - Use only major version number for libz.so on IRIX and OSF1 [Reinholdtsen] -- Use fdopen() (not _fdopen()) for Interix in zutil.h [BŠck] +- Use fdopen() (not _fdopen()) for Interix in zutil.h [BŠck] - Add some FAQ entries about the contrib directory - Update the MVS question in the FAQ - Avoid extraneous reads after EOF in gzio.c [Brown] @@ -1178,7 +1221,7 @@ Changes in 1.0.6 (19 Jan 1998) 386 asm code replacing longest_match(). contrib/iostream/ by Kevin Ruland <kevin@rodin.wustl.edu> A C++ I/O streams interface to the zlib gz* functions - contrib/iostream2/ by Tyge Løvset <Tyge.Lovset@cmr.no> + contrib/iostream2/ by Tyge Løvset <Tyge.Lovset@cmr.no> Another C++ I/O streams interface contrib/untgz/ by "Pedro A. Aranda Guti\irrez" <paag@tid.es> A very simple tar.gz file extractor using zlib @@ -1267,7 +1310,7 @@ Changes in 1.0.1 (20 May 96) [1.0 skipped to avoid confusion] - fix array overlay in deflate.c which sometimes caused bad compressed data - fix inflate bug with empty stored block - fix MSDOS medium model which was broken in 0.99 -- fix deflateParams() which could generated bad compressed data. +- fix deflateParams() which could generate bad compressed data. - Bytef is define'd instead of typedef'ed (work around Borland bug) - added an INDEX file - new makefiles for DJGPP (Makefile.dj2), 32-bit Borland (Makefile.b32), diff --git a/modules/zlib/src/ChangeLog.moz b/modules/zlib/src/ChangeLog.moz index 12755d05a2..98cd9f9c79 100644 --- a/modules/zlib/src/ChangeLog.moz +++ b/modules/zlib/src/ChangeLog.moz @@ -63,3 +63,7 @@ Mozilla.org changes: (keeping '#include "mozzconf.h"' in zconf.h) See bug #866964 +- 16 January 2017 + Sync'ed with 1.2.11 release + (keeping '#include "mozzconf.h"' in zconf.h) + See bug #1328099 diff --git a/modules/zlib/src/README b/modules/zlib/src/README index 5ca9d127ed..51106de475 100644 --- a/modules/zlib/src/README +++ b/modules/zlib/src/README @@ -1,6 +1,6 @@ ZLIB DATA COMPRESSION LIBRARY -zlib 1.2.8 is a general purpose data compression library. All the code is +zlib 1.2.11 is a general purpose data compression library. All the code is thread safe. The data format used by the zlib library is described by RFCs (Request for Comments) 1950 to 1952 in the files http://tools.ietf.org/html/rfc1950 (zlib format), rfc1951 (deflate format) and @@ -31,7 +31,7 @@ Mark Nelson <markn@ieee.org> wrote an article about zlib for the Jan. 1997 issue of Dr. Dobb's Journal; a copy of the article is available at http://marknelson.us/1997/01/01/zlib-engine/ . -The changes made in version 1.2.8 are documented in the file ChangeLog. +The changes made in version 1.2.11 are documented in the file ChangeLog. Unsupported third party contributions are provided in directory contrib/ . @@ -84,7 +84,7 @@ Acknowledgments: Copyright notice: - (C) 1995-2013 Jean-loup Gailly and Mark Adler + (C) 1995-2017 Jean-loup Gailly and Mark Adler This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages diff --git a/modules/zlib/src/adler32.c b/modules/zlib/src/adler32.c index a868f073d8..d0be4380a3 100644 --- a/modules/zlib/src/adler32.c +++ b/modules/zlib/src/adler32.c @@ -1,5 +1,5 @@ /* adler32.c -- compute the Adler-32 checksum of a data stream - * Copyright (C) 1995-2011 Mark Adler + * Copyright (C) 1995-2011, 2016 Mark Adler * For conditions of distribution and use, see copyright notice in zlib.h */ @@ -7,11 +7,9 @@ #include "zutil.h" -#define local static - local uLong adler32_combine_ OF((uLong adler1, uLong adler2, z_off64_t len2)); -#define BASE 65521 /* largest prime smaller than 65536 */ +#define BASE 65521U /* largest prime smaller than 65536 */ #define NMAX 5552 /* NMAX is the largest n such that 255n(n+1)/2 + (n+1)(BASE-1) <= 2^32-1 */ @@ -62,10 +60,10 @@ local uLong adler32_combine_ OF((uLong adler1, uLong adler2, z_off64_t len2)); #endif /* ========================================================================= */ -uLong ZEXPORT adler32(adler, buf, len) +uLong ZEXPORT adler32_z(adler, buf, len) uLong adler; const Bytef *buf; - uInt len; + z_size_t len; { unsigned long sum2; unsigned n; @@ -133,6 +131,15 @@ uLong ZEXPORT adler32(adler, buf, len) } /* ========================================================================= */ +uLong ZEXPORT adler32(adler, buf, len) + uLong adler; + const Bytef *buf; + uInt len; +{ + return adler32_z(adler, buf, len); +} + +/* ========================================================================= */ local uLong adler32_combine_(adler1, adler2, len2) uLong adler1; uLong adler2; @@ -156,7 +163,7 @@ local uLong adler32_combine_(adler1, adler2, len2) sum2 += ((adler1 >> 16) & 0xffff) + ((adler2 >> 16) & 0xffff) + BASE - rem; if (sum1 >= BASE) sum1 -= BASE; if (sum1 >= BASE) sum1 -= BASE; - if (sum2 >= (BASE << 1)) sum2 -= (BASE << 1); + if (sum2 >= ((unsigned long)BASE << 1)) sum2 -= ((unsigned long)BASE << 1); if (sum2 >= BASE) sum2 -= BASE; return sum1 | (sum2 << 16); } diff --git a/modules/zlib/src/compress.c b/modules/zlib/src/compress.c index 6e9762676a..e2db404abf 100644 --- a/modules/zlib/src/compress.c +++ b/modules/zlib/src/compress.c @@ -1,5 +1,5 @@ /* compress.c -- compress a memory buffer - * Copyright (C) 1995-2005 Jean-loup Gailly. + * Copyright (C) 1995-2005, 2014, 2016 Jean-loup Gailly, Mark Adler * For conditions of distribution and use, see copyright notice in zlib.h */ @@ -28,16 +28,11 @@ int ZEXPORT compress2 (dest, destLen, source, sourceLen, level) { z_stream stream; int err; + const uInt max = (uInt)-1; + uLong left; - stream.next_in = (z_const Bytef *)source; - stream.avail_in = (uInt)sourceLen; -#ifdef MAXSEG_64K - /* Check for source > 64K on 16-bit machine: */ - if ((uLong)stream.avail_in != sourceLen) return Z_BUF_ERROR; -#endif - stream.next_out = dest; - stream.avail_out = (uInt)*destLen; - if ((uLong)stream.avail_out != *destLen) return Z_BUF_ERROR; + left = *destLen; + *destLen = 0; stream.zalloc = (alloc_func)0; stream.zfree = (free_func)0; @@ -46,15 +41,26 @@ int ZEXPORT compress2 (dest, destLen, source, sourceLen, level) err = deflateInit(&stream, level); if (err != Z_OK) return err; - err = deflate(&stream, Z_FINISH); - if (err != Z_STREAM_END) { - deflateEnd(&stream); - return err == Z_OK ? Z_BUF_ERROR : err; - } - *destLen = stream.total_out; + stream.next_out = dest; + stream.avail_out = 0; + stream.next_in = (z_const Bytef *)source; + stream.avail_in = 0; + + do { + if (stream.avail_out == 0) { + stream.avail_out = left > (uLong)max ? max : (uInt)left; + left -= stream.avail_out; + } + if (stream.avail_in == 0) { + stream.avail_in = sourceLen > (uLong)max ? max : (uInt)sourceLen; + sourceLen -= stream.avail_in; + } + err = deflate(&stream, sourceLen ? Z_NO_FLUSH : Z_FINISH); + } while (err == Z_OK); - err = deflateEnd(&stream); - return err; + *destLen = stream.total_out; + deflateEnd(&stream); + return err == Z_STREAM_END ? Z_OK : err; } /* =========================================================================== diff --git a/modules/zlib/src/crc32.c b/modules/zlib/src/crc32.c index 979a7190a3..9580440c0e 100644 --- a/modules/zlib/src/crc32.c +++ b/modules/zlib/src/crc32.c @@ -1,5 +1,5 @@ /* crc32.c -- compute the CRC-32 of a data stream - * Copyright (C) 1995-2006, 2010, 2011, 2012 Mark Adler + * Copyright (C) 1995-2006, 2010, 2011, 2012, 2016 Mark Adler * For conditions of distribution and use, see copyright notice in zlib.h * * Thanks to Rodney Brown <rbrown64@csc.com.au> for his contribution of faster @@ -30,17 +30,15 @@ #include "zutil.h" /* for STDC and FAR definitions */ -#define local static - /* Definitions for doing the crc four data bytes at a time. */ #if !defined(NOBYFOUR) && defined(Z_U4) # define BYFOUR #endif #ifdef BYFOUR local unsigned long crc32_little OF((unsigned long, - const unsigned char FAR *, unsigned)); + const unsigned char FAR *, z_size_t)); local unsigned long crc32_big OF((unsigned long, - const unsigned char FAR *, unsigned)); + const unsigned char FAR *, z_size_t)); # define TBLS 8 #else # define TBLS 1 @@ -201,10 +199,10 @@ const z_crc_t FAR * ZEXPORT get_crc_table() #define DO8 DO1; DO1; DO1; DO1; DO1; DO1; DO1; DO1 /* ========================================================================= */ -unsigned long ZEXPORT crc32(crc, buf, len) +unsigned long ZEXPORT crc32_z(crc, buf, len) unsigned long crc; const unsigned char FAR *buf; - uInt len; + z_size_t len; { if (buf == Z_NULL) return 0UL; @@ -235,8 +233,29 @@ unsigned long ZEXPORT crc32(crc, buf, len) return crc ^ 0xffffffffUL; } +/* ========================================================================= */ +unsigned long ZEXPORT crc32(crc, buf, len) + unsigned long crc; + const unsigned char FAR *buf; + uInt len; +{ + return crc32_z(crc, buf, len); +} + #ifdef BYFOUR +/* + This BYFOUR code accesses the passed unsigned char * buffer with a 32-bit + integer pointer type. This violates the strict aliasing rule, where a + compiler can assume, for optimization purposes, that two pointers to + fundamentally different types won't ever point to the same memory. This can + manifest as a problem only if one of the pointers is written to. This code + only reads from those pointers. So long as this code remains isolated in + this compilation unit, there won't be a problem. For this reason, this code + should not be copied and pasted into a compilation unit in which other code + writes to the buffer that is passed to these routines. + */ + /* ========================================================================= */ #define DOLIT4 c ^= *buf4++; \ c = crc_table[3][c & 0xff] ^ crc_table[2][(c >> 8) & 0xff] ^ \ @@ -247,7 +266,7 @@ unsigned long ZEXPORT crc32(crc, buf, len) local unsigned long crc32_little(crc, buf, len) unsigned long crc; const unsigned char FAR *buf; - unsigned len; + z_size_t len; { register z_crc_t c; register const z_crc_t FAR *buf4; @@ -278,7 +297,7 @@ local unsigned long crc32_little(crc, buf, len) } /* ========================================================================= */ -#define DOBIG4 c ^= *++buf4; \ +#define DOBIG4 c ^= *buf4++; \ c = crc_table[4][c & 0xff] ^ crc_table[5][(c >> 8) & 0xff] ^ \ crc_table[6][(c >> 16) & 0xff] ^ crc_table[7][c >> 24] #define DOBIG32 DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4 @@ -287,7 +306,7 @@ local unsigned long crc32_little(crc, buf, len) local unsigned long crc32_big(crc, buf, len) unsigned long crc; const unsigned char FAR *buf; - unsigned len; + z_size_t len; { register z_crc_t c; register const z_crc_t FAR *buf4; @@ -300,7 +319,6 @@ local unsigned long crc32_big(crc, buf, len) } buf4 = (const z_crc_t FAR *)(const void FAR *)buf; - buf4--; while (len >= 32) { DOBIG32; len -= 32; @@ -309,7 +327,6 @@ local unsigned long crc32_big(crc, buf, len) DOBIG4; len -= 4; } - buf4++; buf = (const unsigned char FAR *)buf4; if (len) do { diff --git a/modules/zlib/src/deflate.c b/modules/zlib/src/deflate.c index 696957705b..1ec761448d 100644 --- a/modules/zlib/src/deflate.c +++ b/modules/zlib/src/deflate.c @@ -1,5 +1,5 @@ /* deflate.c -- compress data using the deflation algorithm - * Copyright (C) 1995-2013 Jean-loup Gailly and Mark Adler + * Copyright (C) 1995-2017 Jean-loup Gailly and Mark Adler * For conditions of distribution and use, see copyright notice in zlib.h */ @@ -52,7 +52,7 @@ #include "deflate.h" const char deflate_copyright[] = - " deflate 1.2.8 Copyright 1995-2013 Jean-loup Gailly and Mark Adler "; + " deflate 1.2.11 Copyright 1995-2017 Jean-loup Gailly and Mark Adler "; /* If you use the zlib library in a product, an acknowledgment is welcome in the documentation of your product. If for some reason you cannot @@ -73,6 +73,8 @@ typedef enum { typedef block_state (*compress_func) OF((deflate_state *s, int flush)); /* Compression function. Returns the block state after the call. */ +local int deflateStateCheck OF((z_streamp strm)); +local void slide_hash OF((deflate_state *s)); local void fill_window OF((deflate_state *s)); local block_state deflate_stored OF((deflate_state *s, int flush)); local block_state deflate_fast OF((deflate_state *s, int flush)); @@ -84,15 +86,16 @@ local block_state deflate_huff OF((deflate_state *s, int flush)); local void lm_init OF((deflate_state *s)); local void putShortMSB OF((deflate_state *s, uInt b)); local void flush_pending OF((z_streamp strm)); -local int read_buf OF((z_streamp strm, Bytef *buf, unsigned size)); +local unsigned read_buf OF((z_streamp strm, Bytef *buf, unsigned size)); #ifdef ASMV +# pragma message("Assembler code may have bugs -- use at your own risk") void match_init OF((void)); /* asm code initialization */ uInt longest_match OF((deflate_state *s, IPos cur_match)); #else local uInt longest_match OF((deflate_state *s, IPos cur_match)); #endif -#ifdef DEBUG +#ifdef ZLIB_DEBUG local void check_match OF((deflate_state *s, IPos start, IPos match, int length)); #endif @@ -148,21 +151,14 @@ local const config configuration_table[10] = { * meaning. */ -#define EQUAL 0 -/* result of memcmp for equal strings */ - -#ifndef NO_DUMMY_DECL -struct static_tree_desc_s {int dummy;}; /* for buggy compilers */ -#endif - /* rank Z_BLOCK between Z_NO_FLUSH and Z_PARTIAL_FLUSH */ -#define RANK(f) (((f) << 1) - ((f) > 4 ? 9 : 0)) +#define RANK(f) (((f) * 2) - ((f) > 4 ? 9 : 0)) /* =========================================================================== * Update a hash value with the given input byte - * IN assertion: all calls to to UPDATE_HASH are made with consecutive - * input characters, so that a running hash key can be computed from the - * previous key instead of complete recalculation each time. + * IN assertion: all calls to UPDATE_HASH are made with consecutive input + * characters, so that a running hash key can be computed from the previous + * key instead of complete recalculation each time. */ #define UPDATE_HASH(s,h,c) (h = (((h)<<s->hash_shift) ^ (c)) & s->hash_mask) @@ -173,9 +169,9 @@ struct static_tree_desc_s {int dummy;}; /* for buggy compilers */ * the previous length of the hash chain. * If this file is compiled with -DFASTEST, the compression level is forced * to 1, and no hash chains are maintained. - * IN assertion: all calls to to INSERT_STRING are made with consecutive - * input characters and the first MIN_MATCH bytes of str are valid - * (except for the last MIN_MATCH-1 bytes of the input file). + * IN assertion: all calls to INSERT_STRING are made with consecutive input + * characters and the first MIN_MATCH bytes of str are valid (except for + * the last MIN_MATCH-1 bytes of the input file). */ #ifdef FASTEST #define INSERT_STRING(s, str, match_head) \ @@ -197,6 +193,37 @@ struct static_tree_desc_s {int dummy;}; /* for buggy compilers */ s->head[s->hash_size-1] = NIL; \ zmemzero((Bytef *)s->head, (unsigned)(s->hash_size-1)*sizeof(*s->head)); +/* =========================================================================== + * Slide the hash table when sliding the window down (could be avoided with 32 + * bit values at the expense of memory usage). We slide even when level == 0 to + * keep the hash table consistent if we switch back to level > 0 later. + */ +local void slide_hash(s) + deflate_state *s; +{ + unsigned n, m; + Posf *p; + uInt wsize = s->w_size; + + n = s->hash_size; + p = &s->head[n]; + do { + m = *--p; + *p = (Pos)(m >= wsize ? m - wsize : NIL); + } while (--n); + n = wsize; +#ifndef FASTEST + p = &s->prev[n]; + do { + m = *--p; + *p = (Pos)(m >= wsize ? m - wsize : NIL); + /* If n is not on any hash chain, prev[n] is garbage but + * its value will never be used. + */ + } while (--n); +#endif +} + /* ========================================================================= */ int ZEXPORT deflateInit_(strm, level, version, stream_size) z_streamp strm; @@ -270,7 +297,7 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy, #endif if (memLevel < 1 || memLevel > MAX_MEM_LEVEL || method != Z_DEFLATED || windowBits < 8 || windowBits > 15 || level < 0 || level > 9 || - strategy < 0 || strategy > Z_FIXED) { + strategy < 0 || strategy > Z_FIXED || (windowBits == 8 && wrap != 1)) { return Z_STREAM_ERROR; } if (windowBits == 8) windowBits = 9; /* until 256-byte window bug fixed */ @@ -278,14 +305,15 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy, if (s == Z_NULL) return Z_MEM_ERROR; strm->state = (struct internal_state FAR *)s; s->strm = strm; + s->status = INIT_STATE; /* to pass state test in deflateReset() */ s->wrap = wrap; s->gzhead = Z_NULL; - s->w_bits = windowBits; + s->w_bits = (uInt)windowBits; s->w_size = 1 << s->w_bits; s->w_mask = s->w_size - 1; - s->hash_bits = memLevel + 7; + s->hash_bits = (uInt)memLevel + 7; s->hash_size = 1 << s->hash_bits; s->hash_mask = s->hash_size - 1; s->hash_shift = ((s->hash_bits+MIN_MATCH-1)/MIN_MATCH); @@ -319,6 +347,31 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy, return deflateReset(strm); } +/* ========================================================================= + * Check for a valid deflate stream state. Return 0 if ok, 1 if not. + */ +local int deflateStateCheck (strm) + z_streamp strm; +{ + deflate_state *s; + if (strm == Z_NULL || + strm->zalloc == (alloc_func)0 || strm->zfree == (free_func)0) + return 1; + s = strm->state; + if (s == Z_NULL || s->strm != strm || (s->status != INIT_STATE && +#ifdef GZIP + s->status != GZIP_STATE && +#endif + s->status != EXTRA_STATE && + s->status != NAME_STATE && + s->status != COMMENT_STATE && + s->status != HCRC_STATE && + s->status != BUSY_STATE && + s->status != FINISH_STATE)) + return 1; + return 0; +} + /* ========================================================================= */ int ZEXPORT deflateSetDictionary (strm, dictionary, dictLength) z_streamp strm; @@ -331,7 +384,7 @@ int ZEXPORT deflateSetDictionary (strm, dictionary, dictLength) unsigned avail; z_const unsigned char *next; - if (strm == Z_NULL || strm->state == Z_NULL || dictionary == Z_NULL) + if (deflateStateCheck(strm) || dictionary == Z_NULL) return Z_STREAM_ERROR; s = strm->state; wrap = s->wrap; @@ -389,13 +442,34 @@ int ZEXPORT deflateSetDictionary (strm, dictionary, dictLength) } /* ========================================================================= */ +int ZEXPORT deflateGetDictionary (strm, dictionary, dictLength) + z_streamp strm; + Bytef *dictionary; + uInt *dictLength; +{ + deflate_state *s; + uInt len; + + if (deflateStateCheck(strm)) + return Z_STREAM_ERROR; + s = strm->state; + len = s->strstart + s->lookahead; + if (len > s->w_size) + len = s->w_size; + if (dictionary != Z_NULL && len) + zmemcpy(dictionary, s->window + s->strstart + s->lookahead - len, len); + if (dictLength != Z_NULL) + *dictLength = len; + return Z_OK; +} + +/* ========================================================================= */ int ZEXPORT deflateResetKeep (strm) z_streamp strm; { deflate_state *s; - if (strm == Z_NULL || strm->state == Z_NULL || - strm->zalloc == (alloc_func)0 || strm->zfree == (free_func)0) { + if (deflateStateCheck(strm)) { return Z_STREAM_ERROR; } @@ -410,7 +484,11 @@ int ZEXPORT deflateResetKeep (strm) if (s->wrap < 0) { s->wrap = -s->wrap; /* was made negative by deflate(..., Z_FINISH); */ } - s->status = s->wrap ? INIT_STATE : BUSY_STATE; + s->status = +#ifdef GZIP + s->wrap == 2 ? GZIP_STATE : +#endif + s->wrap ? INIT_STATE : BUSY_STATE; strm->adler = #ifdef GZIP s->wrap == 2 ? crc32(0L, Z_NULL, 0) : @@ -440,8 +518,8 @@ int ZEXPORT deflateSetHeader (strm, head) z_streamp strm; gz_headerp head; { - if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR; - if (strm->state->wrap != 2) return Z_STREAM_ERROR; + if (deflateStateCheck(strm) || strm->state->wrap != 2) + return Z_STREAM_ERROR; strm->state->gzhead = head; return Z_OK; } @@ -452,7 +530,7 @@ int ZEXPORT deflatePending (strm, pending, bits) int *bits; z_streamp strm; { - if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR; + if (deflateStateCheck(strm)) return Z_STREAM_ERROR; if (pending != Z_NULL) *pending = strm->state->pending; if (bits != Z_NULL) @@ -469,7 +547,7 @@ int ZEXPORT deflatePrime (strm, bits, value) deflate_state *s; int put; - if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR; + if (deflateStateCheck(strm)) return Z_STREAM_ERROR; s = strm->state; if ((Bytef *)(s->d_buf) < s->pending_out + ((Buf_size + 7) >> 3)) return Z_BUF_ERROR; @@ -494,9 +572,8 @@ int ZEXPORT deflateParams(strm, level, strategy) { deflate_state *s; compress_func func; - int err = Z_OK; - if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR; + if (deflateStateCheck(strm)) return Z_STREAM_ERROR; s = strm->state; #ifdef FASTEST @@ -510,13 +587,22 @@ int ZEXPORT deflateParams(strm, level, strategy) func = configuration_table[s->level].func; if ((strategy != s->strategy || func != configuration_table[level].func) && - strm->total_in != 0) { + s->high_water) { /* Flush the last buffer: */ - err = deflate(strm, Z_BLOCK); - if (err == Z_BUF_ERROR && s->pending == 0) - err = Z_OK; + int err = deflate(strm, Z_BLOCK); + if (err == Z_STREAM_ERROR) + return err; + if (strm->avail_out == 0) + return Z_BUF_ERROR; } if (s->level != level) { + if (s->level == 0 && s->matches != 0) { + if (s->matches == 1) + slide_hash(s); + else + CLEAR_HASH(s); + s->matches = 0; + } s->level = level; s->max_lazy_match = configuration_table[level].max_lazy; s->good_match = configuration_table[level].good_length; @@ -524,7 +610,7 @@ int ZEXPORT deflateParams(strm, level, strategy) s->max_chain_length = configuration_table[level].max_chain; } s->strategy = strategy; - return err; + return Z_OK; } /* ========================================================================= */ @@ -537,12 +623,12 @@ int ZEXPORT deflateTune(strm, good_length, max_lazy, nice_length, max_chain) { deflate_state *s; - if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR; + if (deflateStateCheck(strm)) return Z_STREAM_ERROR; s = strm->state; - s->good_match = good_length; - s->max_lazy_match = max_lazy; + s->good_match = (uInt)good_length; + s->max_lazy_match = (uInt)max_lazy; s->nice_match = nice_length; - s->max_chain_length = max_chain; + s->max_chain_length = (uInt)max_chain; return Z_OK; } @@ -569,14 +655,13 @@ uLong ZEXPORT deflateBound(strm, sourceLen) { deflate_state *s; uLong complen, wraplen; - Bytef *str; /* conservative upper bound for compressed data */ complen = sourceLen + ((sourceLen + 7) >> 3) + ((sourceLen + 63) >> 6) + 5; /* if can't get parameters, return conservative bound plus zlib wrapper */ - if (strm == Z_NULL || strm->state == Z_NULL) + if (deflateStateCheck(strm)) return complen + 6; /* compute wrapper length */ @@ -588,9 +673,11 @@ uLong ZEXPORT deflateBound(strm, sourceLen) case 1: /* zlib wrapper */ wraplen = 6 + (s->strstart ? 4 : 0); break; +#ifdef GZIP case 2: /* gzip wrapper */ wraplen = 18; if (s->gzhead != Z_NULL) { /* user-supplied gzip header */ + Bytef *str; if (s->gzhead->extra != Z_NULL) wraplen += 2 + s->gzhead->extra_len; str = s->gzhead->name; @@ -607,6 +694,7 @@ uLong ZEXPORT deflateBound(strm, sourceLen) wraplen += 2; } break; +#endif default: /* for compiler happiness */ wraplen = 6; } @@ -634,10 +722,10 @@ local void putShortMSB (s, b) } /* ========================================================================= - * Flush as much pending output as possible. All deflate() output goes - * through this function so some applications may wish to modify it - * to avoid allocating a large strm->next_out buffer and copying into it. - * (See also read_buf()). + * Flush as much pending output as possible. All deflate() output, except for + * some deflate_stored() output, goes through this function so some + * applications may wish to modify it to avoid allocating a large + * strm->next_out buffer and copying into it. (See also read_buf()). */ local void flush_pending(strm) z_streamp strm; @@ -654,13 +742,23 @@ local void flush_pending(strm) strm->next_out += len; s->pending_out += len; strm->total_out += len; - strm->avail_out -= len; - s->pending -= len; + strm->avail_out -= len; + s->pending -= len; if (s->pending == 0) { s->pending_out = s->pending_buf; } } +/* =========================================================================== + * Update the header CRC with the bytes s->pending_buf[beg..s->pending - 1]. + */ +#define HCRC_UPDATE(beg) \ + do { \ + if (s->gzhead->hcrc && s->pending > (beg)) \ + strm->adler = crc32(strm->adler, s->pending_buf + (beg), \ + s->pending - (beg)); \ + } while (0) + /* ========================================================================= */ int ZEXPORT deflate (strm, flush) z_streamp strm; @@ -669,230 +767,229 @@ int ZEXPORT deflate (strm, flush) int old_flush; /* value of flush param for previous deflate call */ deflate_state *s; - if (strm == Z_NULL || strm->state == Z_NULL || - flush > Z_BLOCK || flush < 0) { + if (deflateStateCheck(strm) || flush > Z_BLOCK || flush < 0) { return Z_STREAM_ERROR; } s = strm->state; if (strm->next_out == Z_NULL || - (strm->next_in == Z_NULL && strm->avail_in != 0) || + (strm->avail_in != 0 && strm->next_in == Z_NULL) || (s->status == FINISH_STATE && flush != Z_FINISH)) { ERR_RETURN(strm, Z_STREAM_ERROR); } if (strm->avail_out == 0) ERR_RETURN(strm, Z_BUF_ERROR); - s->strm = strm; /* just in case */ old_flush = s->last_flush; s->last_flush = flush; + /* Flush as much pending output as possible */ + if (s->pending != 0) { + flush_pending(strm); + if (strm->avail_out == 0) { + /* Since avail_out is 0, deflate will be called again with + * more output space, but possibly with both pending and + * avail_in equal to zero. There won't be anything to do, + * but this is not an error situation so make sure we + * return OK instead of BUF_ERROR at next call of deflate: + */ + s->last_flush = -1; + return Z_OK; + } + + /* Make sure there is something to do and avoid duplicate consecutive + * flushes. For repeated and useless calls with Z_FINISH, we keep + * returning Z_STREAM_END instead of Z_BUF_ERROR. + */ + } else if (strm->avail_in == 0 && RANK(flush) <= RANK(old_flush) && + flush != Z_FINISH) { + ERR_RETURN(strm, Z_BUF_ERROR); + } + + /* User must not provide more input after the first FINISH: */ + if (s->status == FINISH_STATE && strm->avail_in != 0) { + ERR_RETURN(strm, Z_BUF_ERROR); + } + /* Write the header */ if (s->status == INIT_STATE) { -#ifdef GZIP - if (s->wrap == 2) { - strm->adler = crc32(0L, Z_NULL, 0); - put_byte(s, 31); - put_byte(s, 139); - put_byte(s, 8); - if (s->gzhead == Z_NULL) { - put_byte(s, 0); - put_byte(s, 0); - put_byte(s, 0); - put_byte(s, 0); - put_byte(s, 0); - put_byte(s, s->level == 9 ? 2 : - (s->strategy >= Z_HUFFMAN_ONLY || s->level < 2 ? - 4 : 0)); - put_byte(s, OS_CODE); - s->status = BUSY_STATE; - } - else { - put_byte(s, (s->gzhead->text ? 1 : 0) + - (s->gzhead->hcrc ? 2 : 0) + - (s->gzhead->extra == Z_NULL ? 0 : 4) + - (s->gzhead->name == Z_NULL ? 0 : 8) + - (s->gzhead->comment == Z_NULL ? 0 : 16) - ); - put_byte(s, (Byte)(s->gzhead->time & 0xff)); - put_byte(s, (Byte)((s->gzhead->time >> 8) & 0xff)); - put_byte(s, (Byte)((s->gzhead->time >> 16) & 0xff)); - put_byte(s, (Byte)((s->gzhead->time >> 24) & 0xff)); - put_byte(s, s->level == 9 ? 2 : - (s->strategy >= Z_HUFFMAN_ONLY || s->level < 2 ? - 4 : 0)); - put_byte(s, s->gzhead->os & 0xff); - if (s->gzhead->extra != Z_NULL) { - put_byte(s, s->gzhead->extra_len & 0xff); - put_byte(s, (s->gzhead->extra_len >> 8) & 0xff); - } - if (s->gzhead->hcrc) - strm->adler = crc32(strm->adler, s->pending_buf, - s->pending); - s->gzindex = 0; - s->status = EXTRA_STATE; - } - } + /* zlib header */ + uInt header = (Z_DEFLATED + ((s->w_bits-8)<<4)) << 8; + uInt level_flags; + + if (s->strategy >= Z_HUFFMAN_ONLY || s->level < 2) + level_flags = 0; + else if (s->level < 6) + level_flags = 1; + else if (s->level == 6) + level_flags = 2; else -#endif - { - uInt header = (Z_DEFLATED + ((s->w_bits-8)<<4)) << 8; - uInt level_flags; - - if (s->strategy >= Z_HUFFMAN_ONLY || s->level < 2) - level_flags = 0; - else if (s->level < 6) - level_flags = 1; - else if (s->level == 6) - level_flags = 2; - else - level_flags = 3; - header |= (level_flags << 6); - if (s->strstart != 0) header |= PRESET_DICT; - header += 31 - (header % 31); + level_flags = 3; + header |= (level_flags << 6); + if (s->strstart != 0) header |= PRESET_DICT; + header += 31 - (header % 31); + + putShortMSB(s, header); + /* Save the adler32 of the preset dictionary: */ + if (s->strstart != 0) { + putShortMSB(s, (uInt)(strm->adler >> 16)); + putShortMSB(s, (uInt)(strm->adler & 0xffff)); + } + strm->adler = adler32(0L, Z_NULL, 0); + s->status = BUSY_STATE; + + /* Compression must start with an empty pending buffer */ + flush_pending(strm); + if (s->pending != 0) { + s->last_flush = -1; + return Z_OK; + } + } +#ifdef GZIP + if (s->status == GZIP_STATE) { + /* gzip header */ + strm->adler = crc32(0L, Z_NULL, 0); + put_byte(s, 31); + put_byte(s, 139); + put_byte(s, 8); + if (s->gzhead == Z_NULL) { + put_byte(s, 0); + put_byte(s, 0); + put_byte(s, 0); + put_byte(s, 0); + put_byte(s, 0); + put_byte(s, s->level == 9 ? 2 : + (s->strategy >= Z_HUFFMAN_ONLY || s->level < 2 ? + 4 : 0)); + put_byte(s, OS_CODE); s->status = BUSY_STATE; - putShortMSB(s, header); - /* Save the adler32 of the preset dictionary: */ - if (s->strstart != 0) { - putShortMSB(s, (uInt)(strm->adler >> 16)); - putShortMSB(s, (uInt)(strm->adler & 0xffff)); + /* Compression must start with an empty pending buffer */ + flush_pending(strm); + if (s->pending != 0) { + s->last_flush = -1; + return Z_OK; + } + } + else { + put_byte(s, (s->gzhead->text ? 1 : 0) + + (s->gzhead->hcrc ? 2 : 0) + + (s->gzhead->extra == Z_NULL ? 0 : 4) + + (s->gzhead->name == Z_NULL ? 0 : 8) + + (s->gzhead->comment == Z_NULL ? 0 : 16) + ); + put_byte(s, (Byte)(s->gzhead->time & 0xff)); + put_byte(s, (Byte)((s->gzhead->time >> 8) & 0xff)); + put_byte(s, (Byte)((s->gzhead->time >> 16) & 0xff)); + put_byte(s, (Byte)((s->gzhead->time >> 24) & 0xff)); + put_byte(s, s->level == 9 ? 2 : + (s->strategy >= Z_HUFFMAN_ONLY || s->level < 2 ? + 4 : 0)); + put_byte(s, s->gzhead->os & 0xff); + if (s->gzhead->extra != Z_NULL) { + put_byte(s, s->gzhead->extra_len & 0xff); + put_byte(s, (s->gzhead->extra_len >> 8) & 0xff); } - strm->adler = adler32(0L, Z_NULL, 0); + if (s->gzhead->hcrc) + strm->adler = crc32(strm->adler, s->pending_buf, + s->pending); + s->gzindex = 0; + s->status = EXTRA_STATE; } } -#ifdef GZIP if (s->status == EXTRA_STATE) { if (s->gzhead->extra != Z_NULL) { - uInt beg = s->pending; /* start of bytes to update crc */ - - while (s->gzindex < (s->gzhead->extra_len & 0xffff)) { - if (s->pending == s->pending_buf_size) { - if (s->gzhead->hcrc && s->pending > beg) - strm->adler = crc32(strm->adler, s->pending_buf + beg, - s->pending - beg); - flush_pending(strm); - beg = s->pending; - if (s->pending == s->pending_buf_size) - break; + ulg beg = s->pending; /* start of bytes to update crc */ + uInt left = (s->gzhead->extra_len & 0xffff) - s->gzindex; + while (s->pending + left > s->pending_buf_size) { + uInt copy = s->pending_buf_size - s->pending; + zmemcpy(s->pending_buf + s->pending, + s->gzhead->extra + s->gzindex, copy); + s->pending = s->pending_buf_size; + HCRC_UPDATE(beg); + s->gzindex += copy; + flush_pending(strm); + if (s->pending != 0) { + s->last_flush = -1; + return Z_OK; } - put_byte(s, s->gzhead->extra[s->gzindex]); - s->gzindex++; - } - if (s->gzhead->hcrc && s->pending > beg) - strm->adler = crc32(strm->adler, s->pending_buf + beg, - s->pending - beg); - if (s->gzindex == s->gzhead->extra_len) { - s->gzindex = 0; - s->status = NAME_STATE; + beg = 0; + left -= copy; } + zmemcpy(s->pending_buf + s->pending, + s->gzhead->extra + s->gzindex, left); + s->pending += left; + HCRC_UPDATE(beg); + s->gzindex = 0; } - else - s->status = NAME_STATE; + s->status = NAME_STATE; } if (s->status == NAME_STATE) { if (s->gzhead->name != Z_NULL) { - uInt beg = s->pending; /* start of bytes to update crc */ + ulg beg = s->pending; /* start of bytes to update crc */ int val; - do { if (s->pending == s->pending_buf_size) { - if (s->gzhead->hcrc && s->pending > beg) - strm->adler = crc32(strm->adler, s->pending_buf + beg, - s->pending - beg); + HCRC_UPDATE(beg); flush_pending(strm); - beg = s->pending; - if (s->pending == s->pending_buf_size) { - val = 1; - break; + if (s->pending != 0) { + s->last_flush = -1; + return Z_OK; } + beg = 0; } val = s->gzhead->name[s->gzindex++]; put_byte(s, val); } while (val != 0); - if (s->gzhead->hcrc && s->pending > beg) - strm->adler = crc32(strm->adler, s->pending_buf + beg, - s->pending - beg); - if (val == 0) { - s->gzindex = 0; - s->status = COMMENT_STATE; - } + HCRC_UPDATE(beg); + s->gzindex = 0; } - else - s->status = COMMENT_STATE; + s->status = COMMENT_STATE; } if (s->status == COMMENT_STATE) { if (s->gzhead->comment != Z_NULL) { - uInt beg = s->pending; /* start of bytes to update crc */ + ulg beg = s->pending; /* start of bytes to update crc */ int val; - do { if (s->pending == s->pending_buf_size) { - if (s->gzhead->hcrc && s->pending > beg) - strm->adler = crc32(strm->adler, s->pending_buf + beg, - s->pending - beg); + HCRC_UPDATE(beg); flush_pending(strm); - beg = s->pending; - if (s->pending == s->pending_buf_size) { - val = 1; - break; + if (s->pending != 0) { + s->last_flush = -1; + return Z_OK; } + beg = 0; } val = s->gzhead->comment[s->gzindex++]; put_byte(s, val); } while (val != 0); - if (s->gzhead->hcrc && s->pending > beg) - strm->adler = crc32(strm->adler, s->pending_buf + beg, - s->pending - beg); - if (val == 0) - s->status = HCRC_STATE; + HCRC_UPDATE(beg); } - else - s->status = HCRC_STATE; + s->status = HCRC_STATE; } if (s->status == HCRC_STATE) { if (s->gzhead->hcrc) { - if (s->pending + 2 > s->pending_buf_size) + if (s->pending + 2 > s->pending_buf_size) { flush_pending(strm); - if (s->pending + 2 <= s->pending_buf_size) { - put_byte(s, (Byte)(strm->adler & 0xff)); - put_byte(s, (Byte)((strm->adler >> 8) & 0xff)); - strm->adler = crc32(0L, Z_NULL, 0); - s->status = BUSY_STATE; + if (s->pending != 0) { + s->last_flush = -1; + return Z_OK; + } } + put_byte(s, (Byte)(strm->adler & 0xff)); + put_byte(s, (Byte)((strm->adler >> 8) & 0xff)); + strm->adler = crc32(0L, Z_NULL, 0); } - else - s->status = BUSY_STATE; - } -#endif + s->status = BUSY_STATE; - /* Flush as much pending output as possible */ - if (s->pending != 0) { + /* Compression must start with an empty pending buffer */ flush_pending(strm); - if (strm->avail_out == 0) { - /* Since avail_out is 0, deflate will be called again with - * more output space, but possibly with both pending and - * avail_in equal to zero. There won't be anything to do, - * but this is not an error situation so make sure we - * return OK instead of BUF_ERROR at next call of deflate: - */ + if (s->pending != 0) { s->last_flush = -1; return Z_OK; } - - /* Make sure there is something to do and avoid duplicate consecutive - * flushes. For repeated and useless calls with Z_FINISH, we keep - * returning Z_STREAM_END instead of Z_BUF_ERROR. - */ - } else if (strm->avail_in == 0 && RANK(flush) <= RANK(old_flush) && - flush != Z_FINISH) { - ERR_RETURN(strm, Z_BUF_ERROR); - } - - /* User must not provide more input after the first FINISH: */ - if (s->status == FINISH_STATE && strm->avail_in != 0) { - ERR_RETURN(strm, Z_BUF_ERROR); } +#endif /* Start a new block or continue the current one. */ @@ -900,9 +997,10 @@ int ZEXPORT deflate (strm, flush) (flush != Z_NO_FLUSH && s->status != FINISH_STATE)) { block_state bstate; - bstate = s->strategy == Z_HUFFMAN_ONLY ? deflate_huff(s, flush) : - (s->strategy == Z_RLE ? deflate_rle(s, flush) : - (*(configuration_table[s->level].func))(s, flush)); + bstate = s->level == 0 ? deflate_stored(s, flush) : + s->strategy == Z_HUFFMAN_ONLY ? deflate_huff(s, flush) : + s->strategy == Z_RLE ? deflate_rle(s, flush) : + (*(configuration_table[s->level].func))(s, flush); if (bstate == finish_started || bstate == finish_done) { s->status = FINISH_STATE; @@ -944,7 +1042,6 @@ int ZEXPORT deflate (strm, flush) } } } - Assert(strm->avail_out > 0, "bug2"); if (flush != Z_FINISH) return Z_OK; if (s->wrap <= 0) return Z_STREAM_END; @@ -981,18 +1078,9 @@ int ZEXPORT deflateEnd (strm) { int status; - if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR; + if (deflateStateCheck(strm)) return Z_STREAM_ERROR; status = strm->state->status; - if (status != INIT_STATE && - status != EXTRA_STATE && - status != NAME_STATE && - status != COMMENT_STATE && - status != HCRC_STATE && - status != BUSY_STATE && - status != FINISH_STATE) { - return Z_STREAM_ERROR; - } /* Deallocate in reverse order of allocations: */ TRY_FREE(strm, strm->state->pending_buf); @@ -1023,7 +1111,7 @@ int ZEXPORT deflateCopy (dest, source) ushf *overlay; - if (source == Z_NULL || dest == Z_NULL || source->state == Z_NULL) { + if (deflateStateCheck(source) || dest == Z_NULL) { return Z_STREAM_ERROR; } @@ -1073,7 +1161,7 @@ int ZEXPORT deflateCopy (dest, source) * allocating a large strm->next_in buffer and copying from it. * (See also flush_pending()). */ -local int read_buf(strm, buf, size) +local unsigned read_buf(strm, buf, size) z_streamp strm; Bytef *buf; unsigned size; @@ -1097,7 +1185,7 @@ local int read_buf(strm, buf, size) strm->next_in += len; strm->total_in += len; - return (int)len; + return len; } /* =========================================================================== @@ -1151,9 +1239,9 @@ local uInt longest_match(s, cur_match) { unsigned chain_length = s->max_chain_length;/* max hash chain length */ register Bytef *scan = s->window + s->strstart; /* current string */ - register Bytef *match; /* matched string */ + register Bytef *match; /* matched string */ register int len; /* length of current match */ - int best_len = s->prev_length; /* best match length so far */ + int best_len = (int)s->prev_length; /* best match length so far */ int nice_match = s->nice_match; /* stop if match long enough */ IPos limit = s->strstart > (IPos)MAX_DIST(s) ? s->strstart - (IPos)MAX_DIST(s) : NIL; @@ -1188,7 +1276,7 @@ local uInt longest_match(s, cur_match) /* Do not look for matches beyond the end of the input. This is necessary * to make deflate deterministic. */ - if ((uInt)nice_match > s->lookahead) nice_match = s->lookahead; + if ((uInt)nice_match > s->lookahead) nice_match = (int)s->lookahead; Assert((ulg)s->strstart <= s->window_size-MIN_LOOKAHEAD, "need lookahead"); @@ -1349,7 +1437,11 @@ local uInt longest_match(s, cur_match) #endif /* FASTEST */ -#ifdef DEBUG +#ifdef ZLIB_DEBUG + +#define EQUAL 0 +/* result of memcmp for equal strings */ + /* =========================================================================== * Check that the match at match_start is indeed a match. */ @@ -1375,7 +1467,7 @@ local void check_match(s, start, match, length) } #else # define check_match(s, start, match, length) -#endif /* DEBUG */ +#endif /* ZLIB_DEBUG */ /* =========================================================================== * Fill the window when the lookahead becomes insufficient. @@ -1390,8 +1482,7 @@ local void check_match(s, start, match, length) local void fill_window(s) deflate_state *s; { - register unsigned n, m; - register Posf *p; + unsigned n; unsigned more; /* Amount of free space at the end of the window. */ uInt wsize = s->w_size; @@ -1418,35 +1509,11 @@ local void fill_window(s) */ if (s->strstart >= wsize+MAX_DIST(s)) { - zmemcpy(s->window, s->window+wsize, (unsigned)wsize); + zmemcpy(s->window, s->window+wsize, (unsigned)wsize - more); s->match_start -= wsize; s->strstart -= wsize; /* we now have strstart >= MAX_DIST */ s->block_start -= (long) wsize; - - /* Slide the hash table (could be avoided with 32 bit values - at the expense of memory usage). We slide even when level == 0 - to keep the hash table consistent if we switch back to level > 0 - later. (Using level 0 permanently is not an optimal usage of - zlib, so we don't care about this pathological case.) - */ - n = s->hash_size; - p = &s->head[n]; - do { - m = *--p; - *p = (Pos)(m >= wsize ? m-wsize : NIL); - } while (--n); - - n = wsize; -#ifndef FASTEST - p = &s->prev[n]; - do { - m = *--p; - *p = (Pos)(m >= wsize ? m-wsize : NIL); - /* If n is not on any hash chain, prev[n] is garbage but - * its value will never be used. - */ - } while (--n); -#endif + slide_hash(s); more += wsize; } if (s->strm->avail_in == 0) break; @@ -1552,70 +1619,199 @@ local void fill_window(s) if (s->strm->avail_out == 0) return (last) ? finish_started : need_more; \ } +/* Maximum stored block length in deflate format (not including header). */ +#define MAX_STORED 65535 + +/* Minimum of a and b. */ +#define MIN(a, b) ((a) > (b) ? (b) : (a)) + /* =========================================================================== * Copy without compression as much as possible from the input stream, return * the current block state. - * This function does not insert new strings in the dictionary since - * uncompressible data is probably not useful. This function is used - * only for the level=0 compression option. - * NOTE: this function should be optimized to avoid extra copying from - * window to pending_buf. + * + * In case deflateParams() is used to later switch to a non-zero compression + * level, s->matches (otherwise unused when storing) keeps track of the number + * of hash table slides to perform. If s->matches is 1, then one hash table + * slide will be done when switching. If s->matches is 2, the maximum value + * allowed here, then the hash table will be cleared, since two or more slides + * is the same as a clear. + * + * deflate_stored() is written to minimize the number of times an input byte is + * copied. It is most efficient with large input and output buffers, which + * maximizes the opportunites to have a single copy from next_in to next_out. */ local block_state deflate_stored(s, flush) deflate_state *s; int flush; { - /* Stored blocks are limited to 0xffff bytes, pending_buf is limited - * to pending_buf_size, and each stored block has a 5 byte header: + /* Smallest worthy block size when not flushing or finishing. By default + * this is 32K. This can be as small as 507 bytes for memLevel == 1. For + * large input and output buffers, the stored block size will be larger. */ - ulg max_block_size = 0xffff; - ulg max_start; - - if (max_block_size > s->pending_buf_size - 5) { - max_block_size = s->pending_buf_size - 5; - } + unsigned min_block = MIN(s->pending_buf_size - 5, s->w_size); - /* Copy as much as possible from input to output: */ - for (;;) { - /* Fill the window as much as possible: */ - if (s->lookahead <= 1) { - - Assert(s->strstart < s->w_size+MAX_DIST(s) || - s->block_start >= (long)s->w_size, "slide too late"); + /* Copy as many min_block or larger stored blocks directly to next_out as + * possible. If flushing, copy the remaining available input to next_out as + * stored blocks, if there is enough space. + */ + unsigned len, left, have, last = 0; + unsigned used = s->strm->avail_in; + do { + /* Set len to the maximum size block that we can copy directly with the + * available input data and output space. Set left to how much of that + * would be copied from what's left in the window. + */ + len = MAX_STORED; /* maximum deflate stored block length */ + have = (s->bi_valid + 42) >> 3; /* number of header bytes */ + if (s->strm->avail_out < have) /* need room for header */ + break; + /* maximum stored block length that will fit in avail_out: */ + have = s->strm->avail_out - have; + left = s->strstart - s->block_start; /* bytes left in window */ + if (len > (ulg)left + s->strm->avail_in) + len = left + s->strm->avail_in; /* limit len to the input */ + if (len > have) + len = have; /* limit len to the output */ + + /* If the stored block would be less than min_block in length, or if + * unable to copy all of the available input when flushing, then try + * copying to the window and the pending buffer instead. Also don't + * write an empty block when flushing -- deflate() does that. + */ + if (len < min_block && ((len == 0 && flush != Z_FINISH) || + flush == Z_NO_FLUSH || + len != left + s->strm->avail_in)) + break; - fill_window(s); - if (s->lookahead == 0 && flush == Z_NO_FLUSH) return need_more; + /* Make a dummy stored block in pending to get the header bytes, + * including any pending bits. This also updates the debugging counts. + */ + last = flush == Z_FINISH && len == left + s->strm->avail_in ? 1 : 0; + _tr_stored_block(s, (char *)0, 0L, last); + + /* Replace the lengths in the dummy stored block with len. */ + s->pending_buf[s->pending - 4] = len; + s->pending_buf[s->pending - 3] = len >> 8; + s->pending_buf[s->pending - 2] = ~len; + s->pending_buf[s->pending - 1] = ~len >> 8; + + /* Write the stored block header bytes. */ + flush_pending(s->strm); + +#ifdef ZLIB_DEBUG + /* Update debugging counts for the data about to be copied. */ + s->compressed_len += len << 3; + s->bits_sent += len << 3; +#endif - if (s->lookahead == 0) break; /* flush the current block */ + /* Copy uncompressed bytes from the window to next_out. */ + if (left) { + if (left > len) + left = len; + zmemcpy(s->strm->next_out, s->window + s->block_start, left); + s->strm->next_out += left; + s->strm->avail_out -= left; + s->strm->total_out += left; + s->block_start += left; + len -= left; } - Assert(s->block_start >= 0L, "block gone"); - - s->strstart += s->lookahead; - s->lookahead = 0; - - /* Emit a stored block if pending_buf will be full: */ - max_start = s->block_start + max_block_size; - if (s->strstart == 0 || (ulg)s->strstart >= max_start) { - /* strstart == 0 is possible when wraparound on 16-bit machine */ - s->lookahead = (uInt)(s->strstart - max_start); - s->strstart = (uInt)max_start; - FLUSH_BLOCK(s, 0); + + /* Copy uncompressed bytes directly from next_in to next_out, updating + * the check value. + */ + if (len) { + read_buf(s->strm, s->strm->next_out, len); + s->strm->next_out += len; + s->strm->avail_out -= len; + s->strm->total_out += len; } - /* Flush if we may have to slide, otherwise block_start may become - * negative and the data will be gone: + } while (last == 0); + + /* Update the sliding window with the last s->w_size bytes of the copied + * data, or append all of the copied data to the existing window if less + * than s->w_size bytes were copied. Also update the number of bytes to + * insert in the hash tables, in the event that deflateParams() switches to + * a non-zero compression level. + */ + used -= s->strm->avail_in; /* number of input bytes directly copied */ + if (used) { + /* If any input was used, then no unused input remains in the window, + * therefore s->block_start == s->strstart. */ - if (s->strstart - (uInt)s->block_start >= MAX_DIST(s)) { - FLUSH_BLOCK(s, 0); + if (used >= s->w_size) { /* supplant the previous history */ + s->matches = 2; /* clear hash */ + zmemcpy(s->window, s->strm->next_in - s->w_size, s->w_size); + s->strstart = s->w_size; } + else { + if (s->window_size - s->strstart <= used) { + /* Slide the window down. */ + s->strstart -= s->w_size; + zmemcpy(s->window, s->window + s->w_size, s->strstart); + if (s->matches < 2) + s->matches++; /* add a pending slide_hash() */ + } + zmemcpy(s->window + s->strstart, s->strm->next_in - used, used); + s->strstart += used; + } + s->block_start = s->strstart; + s->insert += MIN(used, s->w_size - s->insert); } - s->insert = 0; - if (flush == Z_FINISH) { - FLUSH_BLOCK(s, 1); + if (s->high_water < s->strstart) + s->high_water = s->strstart; + + /* If the last block was written to next_out, then done. */ + if (last) return finish_done; + + /* If flushing and all input has been consumed, then done. */ + if (flush != Z_NO_FLUSH && flush != Z_FINISH && + s->strm->avail_in == 0 && (long)s->strstart == s->block_start) + return block_done; + + /* Fill the window with any remaining input. */ + have = s->window_size - s->strstart - 1; + if (s->strm->avail_in > have && s->block_start >= (long)s->w_size) { + /* Slide the window down. */ + s->block_start -= s->w_size; + s->strstart -= s->w_size; + zmemcpy(s->window, s->window + s->w_size, s->strstart); + if (s->matches < 2) + s->matches++; /* add a pending slide_hash() */ + have += s->w_size; /* more space now */ } - if ((long)s->strstart > s->block_start) - FLUSH_BLOCK(s, 0); - return block_done; + if (have > s->strm->avail_in) + have = s->strm->avail_in; + if (have) { + read_buf(s->strm, s->window + s->strstart, have); + s->strstart += have; + } + if (s->high_water < s->strstart) + s->high_water = s->strstart; + + /* There was not enough avail_out to write a complete worthy or flushed + * stored block to next_out. Write a stored block to pending instead, if we + * have enough input for a worthy block, or if flushing and there is enough + * room for the remaining input as a stored block in the pending buffer. + */ + have = (s->bi_valid + 42) >> 3; /* number of header bytes */ + /* maximum stored block length that will fit in pending: */ + have = MIN(s->pending_buf_size - have, MAX_STORED); + min_block = MIN(have, s->w_size); + left = s->strstart - s->block_start; + if (left >= min_block || + ((left || flush == Z_FINISH) && flush != Z_NO_FLUSH && + s->strm->avail_in == 0 && left <= have)) { + len = MIN(left, have); + last = flush == Z_FINISH && s->strm->avail_in == 0 && + len == left ? 1 : 0; + _tr_stored_block(s, (charf *)s->window + s->block_start, len, last); + s->block_start += len; + flush_pending(s->strm); + } + + /* We've done all we can with the available input and output. */ + return last ? finish_started : need_more; } /* =========================================================================== @@ -1892,7 +2088,7 @@ local block_state deflate_rle(s, flush) prev == *++scan && prev == *++scan && prev == *++scan && prev == *++scan && scan < strend); - s->match_length = MAX_MATCH - (int)(strend - scan); + s->match_length = MAX_MATCH - (uInt)(strend - scan); if (s->match_length > s->lookahead) s->match_length = s->lookahead; } diff --git a/modules/zlib/src/deflate.h b/modules/zlib/src/deflate.h index ce0299edd1..23ecdd312b 100644 --- a/modules/zlib/src/deflate.h +++ b/modules/zlib/src/deflate.h @@ -1,5 +1,5 @@ /* deflate.h -- internal compression state - * Copyright (C) 1995-2012 Jean-loup Gailly + * Copyright (C) 1995-2016 Jean-loup Gailly * For conditions of distribution and use, see copyright notice in zlib.h */ @@ -51,13 +51,16 @@ #define Buf_size 16 /* size of bit buffer in bi_buf */ -#define INIT_STATE 42 -#define EXTRA_STATE 69 -#define NAME_STATE 73 -#define COMMENT_STATE 91 -#define HCRC_STATE 103 -#define BUSY_STATE 113 -#define FINISH_STATE 666 +#define INIT_STATE 42 /* zlib header -> BUSY_STATE */ +#ifdef GZIP +# define GZIP_STATE 57 /* gzip header -> BUSY_STATE | EXTRA_STATE */ +#endif +#define EXTRA_STATE 69 /* gzip extra block -> NAME_STATE */ +#define NAME_STATE 73 /* gzip file name -> COMMENT_STATE */ +#define COMMENT_STATE 91 /* gzip comment -> HCRC_STATE */ +#define HCRC_STATE 103 /* gzip header CRC -> BUSY_STATE */ +#define BUSY_STATE 113 /* deflate -> FINISH_STATE */ +#define FINISH_STATE 666 /* stream complete */ /* Stream status */ @@ -83,7 +86,7 @@ typedef struct static_tree_desc_s static_tree_desc; typedef struct tree_desc_s { ct_data *dyn_tree; /* the dynamic tree */ int max_code; /* largest code with non zero frequency */ - static_tree_desc *stat_desc; /* the corresponding static tree */ + const static_tree_desc *stat_desc; /* the corresponding static tree */ } FAR tree_desc; typedef ush Pos; @@ -100,10 +103,10 @@ typedef struct internal_state { Bytef *pending_buf; /* output still pending */ ulg pending_buf_size; /* size of pending_buf */ Bytef *pending_out; /* next pending byte to output to the stream */ - uInt pending; /* nb of bytes in the pending buffer */ + ulg pending; /* nb of bytes in the pending buffer */ int wrap; /* bit 0 true for zlib, bit 1 true for gzip */ gz_headerp gzhead; /* gzip header information to write */ - uInt gzindex; /* where in extra, name, or comment */ + ulg gzindex; /* where in extra, name, or comment */ Byte method; /* can only be DEFLATED */ int last_flush; /* value of flush param for previous deflate call */ @@ -249,7 +252,7 @@ typedef struct internal_state { uInt matches; /* number of string matches in current block */ uInt insert; /* bytes at end of window left to insert */ -#ifdef DEBUG +#ifdef ZLIB_DEBUG ulg compressed_len; /* total bit length of compressed file mod 2^32 */ ulg bits_sent; /* bit length of compressed data sent mod 2^32 */ #endif @@ -275,7 +278,7 @@ typedef struct internal_state { /* Output a byte on the stream. * IN assertion: there is enough room in pending_buf. */ -#define put_byte(s, c) {s->pending_buf[s->pending++] = (c);} +#define put_byte(s, c) {s->pending_buf[s->pending++] = (Bytef)(c);} #define MIN_LOOKAHEAD (MAX_MATCH+MIN_MATCH+1) @@ -309,7 +312,7 @@ void ZLIB_INTERNAL _tr_stored_block OF((deflate_state *s, charf *buf, * used. */ -#ifndef DEBUG +#ifndef ZLIB_DEBUG /* Inline versions of _tr_tally for speed: */ #if defined(GEN_TREES_H) || !defined(STDC) @@ -328,8 +331,8 @@ void ZLIB_INTERNAL _tr_stored_block OF((deflate_state *s, charf *buf, flush = (s->last_lit == s->lit_bufsize-1); \ } # define _tr_tally_dist(s, distance, length, flush) \ - { uch len = (length); \ - ush dist = (distance); \ + { uch len = (uch)(length); \ + ush dist = (ush)(distance); \ s->d_buf[s->last_lit] = dist; \ s->l_buf[s->last_lit++] = len; \ dist--; \ diff --git a/modules/zlib/src/gzguts.h b/modules/zlib/src/gzguts.h index d87659d031..990a4d2514 100644 --- a/modules/zlib/src/gzguts.h +++ b/modules/zlib/src/gzguts.h @@ -1,5 +1,5 @@ /* gzguts.h -- zlib internal header definitions for gz* operations - * Copyright (C) 2004, 2005, 2010, 2011, 2012, 2013 Mark Adler + * Copyright (C) 2004, 2005, 2010, 2011, 2012, 2013, 2016 Mark Adler * For conditions of distribution and use, see copyright notice in zlib.h */ @@ -25,6 +25,10 @@ # include <stdlib.h> # include <limits.h> #endif + +#ifndef _POSIX_SOURCE +# define _POSIX_SOURCE +#endif #include <fcntl.h> #ifdef _WIN32 @@ -35,6 +39,10 @@ # include <io.h> #endif +#if defined(_WIN32) || defined(__CYGWIN__) +# define WIDECHAR +#endif + #ifdef WINAPI_FAMILY # define open _open # define read _read @@ -95,18 +103,19 @@ # endif #endif -/* unlike snprintf (which is required in C99, yet still not supported by - Microsoft more than a decade later!), _snprintf does not guarantee null - termination of the result -- however this is only used in gzlib.c where +/* unlike snprintf (which is required in C99), _snprintf does not guarantee + null termination of the result -- however this is only used in gzlib.c where the result is assured to fit in the space provided */ -#ifdef _MSC_VER +#if defined(_MSC_VER) && _MSC_VER < 1900 # define snprintf _snprintf #endif #ifndef local # define local static #endif -/* compile with -Dlocal if your debugger can't find static symbols */ +/* since "static" is used to mean two completely different things in C, we + define "local" for the non-static meaning of "static", for readability + (compile with -Dlocal if your debugger can't find static symbols) */ /* gz* functions always use library allocation functions */ #ifndef STDC @@ -170,7 +179,7 @@ typedef struct { char *path; /* path or fd for error messages */ unsigned size; /* buffer size, zero if not allocated yet */ unsigned want; /* requested buffer size, default is GZBUFSIZE */ - unsigned char *in; /* input buffer */ + unsigned char *in; /* input buffer (double-sized when writing) */ unsigned char *out; /* output buffer (double-sized when reading) */ int direct; /* 0 if processing gzip, 1 if transparent */ /* just for reading */ diff --git a/modules/zlib/src/gzlib.c b/modules/zlib/src/gzlib.c index fae202ef89..4105e6aff9 100644 --- a/modules/zlib/src/gzlib.c +++ b/modules/zlib/src/gzlib.c @@ -1,11 +1,11 @@ /* gzlib.c -- zlib functions common to reading and writing gzip files - * Copyright (C) 2004, 2010, 2011, 2012, 2013 Mark Adler + * Copyright (C) 2004-2017 Mark Adler * For conditions of distribution and use, see copyright notice in zlib.h */ #include "gzguts.h" -#if defined(_WIN32) && !defined(__BORLANDC__) +#if defined(_WIN32) && !defined(__BORLANDC__) && !defined(__MINGW32__) # define LSEEK _lseeki64 #else #if defined(_LARGEFILE64_SOURCE) && _LFS64_LARGEFILE-0 @@ -94,7 +94,7 @@ local gzFile gz_open(path, fd, mode) const char *mode; { gz_statep state; - size_t len; + z_size_t len; int oflag; #ifdef O_CLOEXEC int cloexec = 0; @@ -188,10 +188,10 @@ local gzFile gz_open(path, fd, mode) } /* save the path name for error messages */ -#ifdef _WIN32 +#ifdef WIDECHAR if (fd == -2) { len = wcstombs(NULL, path, 0); - if (len == (size_t)-1) + if (len == (z_size_t)-1) len = 0; } else @@ -202,7 +202,7 @@ local gzFile gz_open(path, fd, mode) free(state); return NULL; } -#ifdef _WIN32 +#ifdef WIDECHAR if (fd == -2) if (len) wcstombs(state->path, path, len + 1); @@ -211,7 +211,7 @@ local gzFile gz_open(path, fd, mode) else #endif #if !defined(NO_snprintf) && !defined(NO_vsnprintf) - snprintf(state->path, len + 1, "%s", (const char *)path); + (void)snprintf(state->path, len + 1, "%s", (const char *)path); #else strcpy(state->path, path); #endif @@ -239,7 +239,7 @@ local gzFile gz_open(path, fd, mode) /* open the file with the appropriate flags (or just use fd) */ state->fd = fd > -1 ? fd : ( -#ifdef _WIN32 +#ifdef WIDECHAR fd == -2 ? _wopen(path, oflag, 0666) : #endif open((const char *)path, oflag, 0666)); @@ -248,8 +248,10 @@ local gzFile gz_open(path, fd, mode) free(state); return NULL; } - if (state->mode == GZ_APPEND) + if (state->mode == GZ_APPEND) { + LSEEK(state->fd, 0, SEEK_END); /* so gzoffset() is correct */ state->mode = GZ_WRITE; /* simplify later checks */ + } /* save the current position for rewinding (only if reading) */ if (state->mode == GZ_READ) { @@ -291,7 +293,7 @@ gzFile ZEXPORT gzdopen(fd, mode) if (fd == -1 || (path = (char *)malloc(7 + 3 * sizeof(int))) == NULL) return NULL; #if !defined(NO_snprintf) && !defined(NO_vsnprintf) - snprintf(path, 7 + 3 * sizeof(int), "<fd:%d>", fd); /* for debugging */ + (void)snprintf(path, 7 + 3 * sizeof(int), "<fd:%d>", fd); #else sprintf(path, "<fd:%d>", fd); /* for debugging */ #endif @@ -301,7 +303,7 @@ gzFile ZEXPORT gzdopen(fd, mode) } /* -- see zlib.h -- */ -#ifdef _WIN32 +#ifdef WIDECHAR gzFile ZEXPORT gzopen_w(path, mode) const wchar_t *path; const char *mode; @@ -329,6 +331,8 @@ int ZEXPORT gzbuffer(file, size) return -1; /* check and set requested size */ + if ((size << 1) < size) + return -1; /* need to be able to double it */ if (size < 2) size = 2; /* need two bytes to check magic header */ state->want = size; @@ -604,14 +608,13 @@ void ZLIB_INTERNAL gz_error(state, err, msg) return; } #if !defined(NO_snprintf) && !defined(NO_vsnprintf) - snprintf(state->msg, strlen(state->path) + strlen(msg) + 3, - "%s%s%s", state->path, ": ", msg); + (void)snprintf(state->msg, strlen(state->path) + strlen(msg) + 3, + "%s%s%s", state->path, ": ", msg); #else strcpy(state->msg, state->path); strcat(state->msg, ": "); strcat(state->msg, msg); #endif - return; } #ifndef INT_MAX diff --git a/modules/zlib/src/gzread.c b/modules/zlib/src/gzread.c index bf4538eb27..956b91ea7d 100644 --- a/modules/zlib/src/gzread.c +++ b/modules/zlib/src/gzread.c @@ -1,5 +1,5 @@ /* gzread.c -- zlib functions for reading gzip files - * Copyright (C) 2004, 2005, 2010, 2011, 2012, 2013 Mark Adler + * Copyright (C) 2004, 2005, 2010, 2011, 2012, 2013, 2016 Mark Adler * For conditions of distribution and use, see copyright notice in zlib.h */ @@ -12,6 +12,7 @@ local int gz_look OF((gz_statep)); local int gz_decomp OF((gz_statep)); local int gz_fetch OF((gz_statep)); local int gz_skip OF((gz_statep, z_off64_t)); +local z_size_t gz_read OF((gz_statep, voidp, z_size_t)); /* Use read() to load a buffer -- return -1 on error, otherwise 0. Read from state->fd, and update state->eof, state->err, and state->msg as appropriate. @@ -24,13 +25,17 @@ local int gz_load(state, buf, len, have) unsigned *have; { int ret; + unsigned get, max = ((unsigned)-1 >> 2) + 1; *have = 0; do { - ret = read(state->fd, buf + *have, len - *have); + get = len - *have; + if (get > max) + get = max; + ret = read(state->fd, buf + *have, get); if (ret <= 0) break; - *have += ret; + *have += (unsigned)ret; } while (*have < len); if (ret < 0) { gz_error(state, Z_ERRNO, zstrerror()); @@ -94,10 +99,8 @@ local int gz_look(state) state->in = (unsigned char *)malloc(state->want); state->out = (unsigned char *)malloc(state->want << 1); if (state->in == NULL || state->out == NULL) { - if (state->out != NULL) - free(state->out); - if (state->in != NULL) - free(state->in); + free(state->out); + free(state->in); gz_error(state, Z_MEM_ERROR, "out of memory"); return -1; } @@ -284,33 +287,17 @@ local int gz_skip(state, len) return 0; } -/* -- see zlib.h -- */ -int ZEXPORT gzread(file, buf, len) - gzFile file; +/* Read len bytes into buf from file, or less than len up to the end of the + input. Return the number of bytes read. If zero is returned, either the + end of file was reached, or there was an error. state->err must be + consulted in that case to determine which. */ +local z_size_t gz_read(state, buf, len) + gz_statep state; voidp buf; - unsigned len; + z_size_t len; { - unsigned got, n; - gz_statep state; - z_streamp strm; - - /* get internal structure */ - if (file == NULL) - return -1; - state = (gz_statep)file; - strm = &(state->strm); - - /* check that we're reading and that there's no (serious) error */ - if (state->mode != GZ_READ || - (state->err != Z_OK && state->err != Z_BUF_ERROR)) - return -1; - - /* since an int is returned, make sure len fits in one, otherwise return - with an error (this avoids the flaw in the interface) */ - if ((int)len < 0) { - gz_error(state, Z_DATA_ERROR, "requested length does not fit in int"); - return -1; - } + z_size_t got; + unsigned n; /* if len is zero, avoid unnecessary operations */ if (len == 0) @@ -320,32 +307,38 @@ int ZEXPORT gzread(file, buf, len) if (state->seek) { state->seek = 0; if (gz_skip(state, state->skip) == -1) - return -1; + return 0; } /* get len bytes to buf, or less than len if at the end */ got = 0; do { + /* set n to the maximum amount of len that fits in an unsigned int */ + n = -1; + if (n > len) + n = len; + /* first just try copying data from the output buffer */ if (state->x.have) { - n = state->x.have > len ? len : state->x.have; + if (state->x.have < n) + n = state->x.have; memcpy(buf, state->x.next, n); state->x.next += n; state->x.have -= n; } /* output buffer empty -- return if we're at the end of the input */ - else if (state->eof && strm->avail_in == 0) { + else if (state->eof && state->strm.avail_in == 0) { state->past = 1; /* tried to read past end */ break; } /* need output data -- for small len or new stream load up our output buffer */ - else if (state->how == LOOK || len < (state->size << 1)) { + else if (state->how == LOOK || n < (state->size << 1)) { /* get more output, looking for header if required */ if (gz_fetch(state) == -1) - return -1; + return 0; continue; /* no progress yet -- go back to copy above */ /* the copy above assures that we will leave with space in the output buffer, allowing at least one gzungetc() to succeed */ @@ -353,16 +346,16 @@ int ZEXPORT gzread(file, buf, len) /* large len -- read directly into user buffer */ else if (state->how == COPY) { /* read directly */ - if (gz_load(state, (unsigned char *)buf, len, &n) == -1) - return -1; + if (gz_load(state, (unsigned char *)buf, n, &n) == -1) + return 0; } /* large len -- decompress directly into user buffer */ else { /* state->how == GZIP */ - strm->avail_out = len; - strm->next_out = (unsigned char *)buf; + state->strm.avail_out = n; + state->strm.next_out = (unsigned char *)buf; if (gz_decomp(state) == -1) - return -1; + return 0; n = state->x.have; state->x.have = 0; } @@ -374,8 +367,75 @@ int ZEXPORT gzread(file, buf, len) state->x.pos += n; } while (len); - /* return number of bytes read into user buffer (will fit in int) */ - return (int)got; + /* return number of bytes read into user buffer */ + return got; +} + +/* -- see zlib.h -- */ +int ZEXPORT gzread(file, buf, len) + gzFile file; + voidp buf; + unsigned len; +{ + gz_statep state; + + /* get internal structure */ + if (file == NULL) + return -1; + state = (gz_statep)file; + + /* check that we're reading and that there's no (serious) error */ + if (state->mode != GZ_READ || + (state->err != Z_OK && state->err != Z_BUF_ERROR)) + return -1; + + /* since an int is returned, make sure len fits in one, otherwise return + with an error (this avoids a flaw in the interface) */ + if ((int)len < 0) { + gz_error(state, Z_STREAM_ERROR, "request does not fit in an int"); + return -1; + } + + /* read len or fewer bytes to buf */ + len = gz_read(state, buf, len); + + /* check for an error */ + if (len == 0 && state->err != Z_OK && state->err != Z_BUF_ERROR) + return -1; + + /* return the number of bytes read (this is assured to fit in an int) */ + return (int)len; +} + +/* -- see zlib.h -- */ +z_size_t ZEXPORT gzfread(buf, size, nitems, file) + voidp buf; + z_size_t size; + z_size_t nitems; + gzFile file; +{ + z_size_t len; + gz_statep state; + + /* get internal structure */ + if (file == NULL) + return 0; + state = (gz_statep)file; + + /* check that we're reading and that there's no (serious) error */ + if (state->mode != GZ_READ || + (state->err != Z_OK && state->err != Z_BUF_ERROR)) + return 0; + + /* compute bytes to read -- error on overflow */ + len = nitems * size; + if (size && len / size != nitems) { + gz_error(state, Z_STREAM_ERROR, "request does not fit in a size_t"); + return 0; + } + + /* read len or fewer bytes to buf, return the number of full items read */ + return len ? gz_read(state, buf, len) / size : 0; } /* -- see zlib.h -- */ @@ -408,8 +468,8 @@ int ZEXPORT gzgetc(file) return *(state->x.next)++; } - /* nothing there -- try gzread() */ - ret = gzread(file, buf, 1); + /* nothing there -- try gz_read() */ + ret = gz_read(state, buf, 1); return ret < 1 ? -1 : buf[0]; } @@ -451,7 +511,7 @@ int ZEXPORT gzungetc(c, file) if (state->x.have == 0) { state->x.have = 1; state->x.next = state->out + (state->size << 1) - 1; - state->x.next[0] = c; + state->x.next[0] = (unsigned char)c; state->x.pos--; state->past = 0; return c; @@ -473,7 +533,7 @@ int ZEXPORT gzungetc(c, file) } state->x.have++; state->x.next--; - state->x.next[0] = c; + state->x.next[0] = (unsigned char)c; state->x.pos--; state->past = 0; return c; diff --git a/modules/zlib/src/gzwrite.c b/modules/zlib/src/gzwrite.c index aa767fbf63..c7b5651d70 100644 --- a/modules/zlib/src/gzwrite.c +++ b/modules/zlib/src/gzwrite.c @@ -1,5 +1,5 @@ /* gzwrite.c -- zlib functions for writing gzip files - * Copyright (C) 2004, 2005, 2010, 2011, 2012, 2013 Mark Adler + * Copyright (C) 2004-2017 Mark Adler * For conditions of distribution and use, see copyright notice in zlib.h */ @@ -9,17 +9,19 @@ local int gz_init OF((gz_statep)); local int gz_comp OF((gz_statep, int)); local int gz_zero OF((gz_statep, z_off64_t)); +local z_size_t gz_write OF((gz_statep, voidpc, z_size_t)); /* Initialize state for writing a gzip file. Mark initialization by setting - state->size to non-zero. Return -1 on failure or 0 on success. */ + state->size to non-zero. Return -1 on a memory allocation failure, or 0 on + success. */ local int gz_init(state) gz_statep state; { int ret; z_streamp strm = &(state->strm); - /* allocate input buffer */ - state->in = (unsigned char *)malloc(state->want); + /* allocate input buffer (double size for gzprintf) */ + state->in = (unsigned char *)malloc(state->want << 1); if (state->in == NULL) { gz_error(state, Z_MEM_ERROR, "out of memory"); return -1; @@ -47,6 +49,7 @@ local int gz_init(state) gz_error(state, Z_MEM_ERROR, "out of memory"); return -1; } + strm->next_in = NULL; } /* mark state as initialized */ @@ -62,17 +65,17 @@ local int gz_init(state) } /* Compress whatever is at avail_in and next_in and write to the output file. - Return -1 if there is an error writing to the output file, otherwise 0. - flush is assumed to be a valid deflate() flush value. If flush is Z_FINISH, - then the deflate() state is reset to start a new gzip stream. If gz->direct - is true, then simply write to the output file without compressing, and - ignore flush. */ + Return -1 if there is an error writing to the output file or if gz_init() + fails to allocate memory, otherwise 0. flush is assumed to be a valid + deflate() flush value. If flush is Z_FINISH, then the deflate() state is + reset to start a new gzip stream. If gz->direct is true, then simply write + to the output file without compressing, and ignore flush. */ local int gz_comp(state, flush) gz_statep state; int flush; { - int ret, got; - unsigned have; + int ret, writ; + unsigned have, put, max = ((unsigned)-1 >> 2) + 1; z_streamp strm = &(state->strm); /* allocate memory if this is the first time through */ @@ -81,12 +84,16 @@ local int gz_comp(state, flush) /* write directly if requested */ if (state->direct) { - got = write(state->fd, strm->next_in, strm->avail_in); - if (got < 0 || (unsigned)got != strm->avail_in) { - gz_error(state, Z_ERRNO, zstrerror()); - return -1; + while (strm->avail_in) { + put = strm->avail_in > max ? max : strm->avail_in; + writ = write(state->fd, strm->next_in, put); + if (writ < 0) { + gz_error(state, Z_ERRNO, zstrerror()); + return -1; + } + strm->avail_in -= (unsigned)writ; + strm->next_in += writ; } - strm->avail_in = 0; return 0; } @@ -97,17 +104,21 @@ local int gz_comp(state, flush) doing Z_FINISH then don't write until we get to Z_STREAM_END */ if (strm->avail_out == 0 || (flush != Z_NO_FLUSH && (flush != Z_FINISH || ret == Z_STREAM_END))) { - have = (unsigned)(strm->next_out - state->x.next); - if (have && ((got = write(state->fd, state->x.next, have)) < 0 || - (unsigned)got != have)) { - gz_error(state, Z_ERRNO, zstrerror()); - return -1; + while (strm->next_out > state->x.next) { + put = strm->next_out - state->x.next > (int)max ? max : + (unsigned)(strm->next_out - state->x.next); + writ = write(state->fd, state->x.next, put); + if (writ < 0) { + gz_error(state, Z_ERRNO, zstrerror()); + return -1; + } + state->x.next += writ; } if (strm->avail_out == 0) { strm->avail_out = state->size; strm->next_out = state->out; + state->x.next = state->out; } - state->x.next = strm->next_out; } /* compress */ @@ -129,7 +140,8 @@ local int gz_comp(state, flush) return 0; } -/* Compress len zeros to output. Return -1 on error, 0 on success. */ +/* Compress len zeros to output. Return -1 on a write error or memory + allocation failure by gz_comp(), or 0 on success. */ local int gz_zero(state, len) gz_statep state; z_off64_t len; @@ -161,32 +173,14 @@ local int gz_zero(state, len) return 0; } -/* -- see zlib.h -- */ -int ZEXPORT gzwrite(file, buf, len) - gzFile file; +/* Write len bytes from buf to file. Return the number of bytes written. If + the returned value is less than len, then there was an error. */ +local z_size_t gz_write(state, buf, len) + gz_statep state; voidpc buf; - unsigned len; + z_size_t len; { - unsigned put = len; - gz_statep state; - z_streamp strm; - - /* get internal structure */ - if (file == NULL) - return 0; - state = (gz_statep)file; - strm = &(state->strm); - - /* check that we're writing and that there's no error */ - if (state->mode != GZ_WRITE || state->err != Z_OK) - return 0; - - /* since an int is returned, make sure len fits in one, otherwise return - with an error (this avoids the flaw in the interface) */ - if ((int)len < 0) { - gz_error(state, Z_DATA_ERROR, "requested length does not fit in int"); - return 0; - } + z_size_t put = len; /* if len is zero, avoid unnecessary operations */ if (len == 0) @@ -209,14 +203,15 @@ int ZEXPORT gzwrite(file, buf, len) do { unsigned have, copy; - if (strm->avail_in == 0) - strm->next_in = state->in; - have = (unsigned)((strm->next_in + strm->avail_in) - state->in); + if (state->strm.avail_in == 0) + state->strm.next_in = state->in; + have = (unsigned)((state->strm.next_in + state->strm.avail_in) - + state->in); copy = state->size - have; if (copy > len) copy = len; memcpy(state->in + have, buf, copy); - strm->avail_in += copy; + state->strm.avail_in += copy; state->x.pos += copy; buf = (const char *)buf + copy; len -= copy; @@ -226,19 +221,83 @@ int ZEXPORT gzwrite(file, buf, len) } else { /* consume whatever's left in the input buffer */ - if (strm->avail_in && gz_comp(state, Z_NO_FLUSH) == -1) + if (state->strm.avail_in && gz_comp(state, Z_NO_FLUSH) == -1) return 0; /* directly compress user buffer to file */ - strm->avail_in = len; - strm->next_in = (z_const Bytef *)buf; - state->x.pos += len; - if (gz_comp(state, Z_NO_FLUSH) == -1) - return 0; + state->strm.next_in = (z_const Bytef *)buf; + do { + unsigned n = (unsigned)-1; + if (n > len) + n = len; + state->strm.avail_in = n; + state->x.pos += n; + if (gz_comp(state, Z_NO_FLUSH) == -1) + return 0; + len -= n; + } while (len); + } + + /* input was all buffered or compressed */ + return put; +} + +/* -- see zlib.h -- */ +int ZEXPORT gzwrite(file, buf, len) + gzFile file; + voidpc buf; + unsigned len; +{ + gz_statep state; + + /* get internal structure */ + if (file == NULL) + return 0; + state = (gz_statep)file; + + /* check that we're writing and that there's no error */ + if (state->mode != GZ_WRITE || state->err != Z_OK) + return 0; + + /* since an int is returned, make sure len fits in one, otherwise return + with an error (this avoids a flaw in the interface) */ + if ((int)len < 0) { + gz_error(state, Z_DATA_ERROR, "requested length does not fit in int"); + return 0; + } + + /* write len bytes from buf (the return value will fit in an int) */ + return (int)gz_write(state, buf, len); +} + +/* -- see zlib.h -- */ +z_size_t ZEXPORT gzfwrite(buf, size, nitems, file) + voidpc buf; + z_size_t size; + z_size_t nitems; + gzFile file; +{ + z_size_t len; + gz_statep state; + + /* get internal structure */ + if (file == NULL) + return 0; + state = (gz_statep)file; + + /* check that we're writing and that there's no error */ + if (state->mode != GZ_WRITE || state->err != Z_OK) + return 0; + + /* compute bytes to read -- error on overflow */ + len = nitems * size; + if (size && len / size != nitems) { + gz_error(state, Z_STREAM_ERROR, "request does not fit in a size_t"); + return 0; } - /* input was all buffered or compressed (put will fit in int) */ - return (int)put; + /* write len bytes to buf, return the number of full items written */ + return len ? gz_write(state, buf, len) / size : 0; } /* -- see zlib.h -- */ @@ -275,7 +334,7 @@ int ZEXPORT gzputc(file, c) strm->next_in = state->in; have = (unsigned)((strm->next_in + strm->avail_in) - state->in); if (have < state->size) { - state->in[have] = c; + state->in[have] = (unsigned char)c; strm->avail_in++; state->x.pos++; return c & 0xff; @@ -283,8 +342,8 @@ int ZEXPORT gzputc(file, c) } /* no room in buffer or not initialized, use gz_write() */ - buf[0] = c; - if (gzwrite(file, buf, 1) != 1) + buf[0] = (unsigned char)c; + if (gz_write(state, buf, 1) != 1) return -1; return c & 0xff; } @@ -295,11 +354,21 @@ int ZEXPORT gzputs(file, str) const char *str; { int ret; - unsigned len; + z_size_t len; + gz_statep state; + + /* get internal structure */ + if (file == NULL) + return -1; + state = (gz_statep)file; + + /* check that we're writing and that there's no error */ + if (state->mode != GZ_WRITE || state->err != Z_OK) + return -1; /* write string */ - len = (unsigned)strlen(str); - ret = gzwrite(file, str, len); + len = strlen(str); + ret = gz_write(state, str, len); return ret == 0 && len != 0 ? -1 : ret; } @@ -309,63 +378,73 @@ int ZEXPORT gzputs(file, str) /* -- see zlib.h -- */ int ZEXPORTVA gzvprintf(gzFile file, const char *format, va_list va) { - int size, len; + int len; + unsigned left; + char *next; gz_statep state; z_streamp strm; /* get internal structure */ if (file == NULL) - return -1; + return Z_STREAM_ERROR; state = (gz_statep)file; strm = &(state->strm); /* check that we're writing and that there's no error */ if (state->mode != GZ_WRITE || state->err != Z_OK) - return 0; + return Z_STREAM_ERROR; /* make sure we have some buffer space */ if (state->size == 0 && gz_init(state) == -1) - return 0; + return state->err; /* check for seek request */ if (state->seek) { state->seek = 0; if (gz_zero(state, state->skip) == -1) - return 0; + return state->err; } - /* consume whatever's left in the input buffer */ - if (strm->avail_in && gz_comp(state, Z_NO_FLUSH) == -1) - return 0; - - /* do the printf() into the input buffer, put length in len */ - size = (int)(state->size); - state->in[size - 1] = 0; + /* do the printf() into the input buffer, put length in len -- the input + buffer is double-sized just for this function, so there is guaranteed to + be state->size bytes available after the current contents */ + if (strm->avail_in == 0) + strm->next_in = state->in; + next = (char *)(state->in + (strm->next_in - state->in) + strm->avail_in); + next[state->size - 1] = 0; #ifdef NO_vsnprintf # ifdef HAS_vsprintf_void - (void)vsprintf((char *)(state->in), format, va); - for (len = 0; len < size; len++) - if (state->in[len] == 0) break; + (void)vsprintf(next, format, va); + for (len = 0; len < state->size; len++) + if (next[len] == 0) break; # else - len = vsprintf((char *)(state->in), format, va); + len = vsprintf(next, format, va); # endif #else # ifdef HAS_vsnprintf_void - (void)vsnprintf((char *)(state->in), size, format, va); - len = strlen((char *)(state->in)); + (void)vsnprintf(next, state->size, format, va); + len = strlen(next); # else - len = vsnprintf((char *)(state->in), size, format, va); + len = vsnprintf(next, state->size, format, va); # endif #endif /* check that printf() results fit in buffer */ - if (len <= 0 || len >= (int)size || state->in[size - 1] != 0) + if (len == 0 || (unsigned)len >= state->size || next[state->size - 1] != 0) return 0; - /* update buffer and position, defer compression until needed */ - strm->avail_in = (unsigned)len; - strm->next_in = state->in; + /* update buffer and position, compress first half if past that */ + strm->avail_in += (unsigned)len; state->x.pos += len; + if (strm->avail_in >= state->size) { + left = strm->avail_in - state->size; + strm->avail_in = state->size; + if (gz_comp(state, Z_NO_FLUSH) == -1) + return state->err; + memcpy(state->in, state->in + state->size, left); + strm->next_in = state->in; + strm->avail_in = left; + } return len; } @@ -390,73 +469,82 @@ int ZEXPORTVA gzprintf (file, format, a1, a2, a3, a4, a5, a6, a7, a8, a9, a10, int a1, a2, a3, a4, a5, a6, a7, a8, a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20; { - int size, len; + unsigned len, left; + char *next; gz_statep state; z_streamp strm; /* get internal structure */ if (file == NULL) - return -1; + return Z_STREAM_ERROR; state = (gz_statep)file; strm = &(state->strm); /* check that can really pass pointer in ints */ if (sizeof(int) != sizeof(void *)) - return 0; + return Z_STREAM_ERROR; /* check that we're writing and that there's no error */ if (state->mode != GZ_WRITE || state->err != Z_OK) - return 0; + return Z_STREAM_ERROR; /* make sure we have some buffer space */ if (state->size == 0 && gz_init(state) == -1) - return 0; + return state->error; /* check for seek request */ if (state->seek) { state->seek = 0; if (gz_zero(state, state->skip) == -1) - return 0; + return state->error; } - /* consume whatever's left in the input buffer */ - if (strm->avail_in && gz_comp(state, Z_NO_FLUSH) == -1) - return 0; - - /* do the printf() into the input buffer, put length in len */ - size = (int)(state->size); - state->in[size - 1] = 0; + /* do the printf() into the input buffer, put length in len -- the input + buffer is double-sized just for this function, so there is guaranteed to + be state->size bytes available after the current contents */ + if (strm->avail_in == 0) + strm->next_in = state->in; + next = (char *)(strm->next_in + strm->avail_in); + next[state->size - 1] = 0; #ifdef NO_snprintf # ifdef HAS_sprintf_void - sprintf((char *)(state->in), format, a1, a2, a3, a4, a5, a6, a7, a8, - a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20); + sprintf(next, format, a1, a2, a3, a4, a5, a6, a7, a8, a9, a10, a11, a12, + a13, a14, a15, a16, a17, a18, a19, a20); for (len = 0; len < size; len++) - if (state->in[len] == 0) break; + if (next[len] == 0) + break; # else - len = sprintf((char *)(state->in), format, a1, a2, a3, a4, a5, a6, a7, a8, - a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20); + len = sprintf(next, format, a1, a2, a3, a4, a5, a6, a7, a8, a9, a10, a11, + a12, a13, a14, a15, a16, a17, a18, a19, a20); # endif #else # ifdef HAS_snprintf_void - snprintf((char *)(state->in), size, format, a1, a2, a3, a4, a5, a6, a7, a8, - a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20); - len = strlen((char *)(state->in)); + snprintf(next, state->size, format, a1, a2, a3, a4, a5, a6, a7, a8, a9, + a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20); + len = strlen(next); # else - len = snprintf((char *)(state->in), size, format, a1, a2, a3, a4, a5, a6, - a7, a8, a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, - a19, a20); + len = snprintf(next, state->size, format, a1, a2, a3, a4, a5, a6, a7, a8, + a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20); # endif #endif /* check that printf() results fit in buffer */ - if (len <= 0 || len >= (int)size || state->in[size - 1] != 0) + if (len == 0 || len >= state->size || next[state->size - 1] != 0) return 0; - /* update buffer and position, defer compression until needed */ - strm->avail_in = (unsigned)len; - strm->next_in = state->in; + /* update buffer and position, compress first half if past that */ + strm->avail_in += len; state->x.pos += len; - return len; + if (strm->avail_in >= state->size) { + left = strm->avail_in - state->size; + strm->avail_in = state->size; + if (gz_comp(state, Z_NO_FLUSH) == -1) + return state->err; + memcpy(state->in, state->in + state->size, left); + strm->next_in = state->in; + strm->avail_in = left; + } + return (int)len; } #endif @@ -470,7 +558,7 @@ int ZEXPORT gzflush(file, flush) /* get internal structure */ if (file == NULL) - return -1; + return Z_STREAM_ERROR; state = (gz_statep)file; /* check that we're writing and that there's no error */ @@ -485,11 +573,11 @@ int ZEXPORT gzflush(file, flush) if (state->seek) { state->seek = 0; if (gz_zero(state, state->skip) == -1) - return -1; + return state->err; } /* compress remaining data with requested flush */ - gz_comp(state, flush); + (void)gz_comp(state, flush); return state->err; } @@ -520,13 +608,13 @@ int ZEXPORT gzsetparams(file, level, strategy) if (state->seek) { state->seek = 0; if (gz_zero(state, state->skip) == -1) - return -1; + return state->err; } /* change compression parameters for subsequent input */ if (state->size) { /* flush previous input with previous parameters before changing */ - if (strm->avail_in && gz_comp(state, Z_PARTIAL_FLUSH) == -1) + if (strm->avail_in && gz_comp(state, Z_BLOCK) == -1) return state->err; deflateParams(strm, level, strategy); } diff --git a/modules/zlib/src/infback.c b/modules/zlib/src/infback.c index f3833c2e43..59679ecbfc 100644 --- a/modules/zlib/src/infback.c +++ b/modules/zlib/src/infback.c @@ -1,5 +1,5 @@ /* infback.c -- inflate using a call-back interface - * Copyright (C) 1995-2011 Mark Adler + * Copyright (C) 1995-2016 Mark Adler * For conditions of distribution and use, see copyright notice in zlib.h */ @@ -61,7 +61,7 @@ int stream_size; Tracev((stderr, "inflate: allocated\n")); strm->state = (struct internal_state FAR *)state; state->dmax = 32768U; - state->wbits = windowBits; + state->wbits = (uInt)windowBits; state->wsize = 1U << windowBits; state->window = window; state->wnext = 0; diff --git a/modules/zlib/src/inffast.c b/modules/zlib/src/inffast.c index bda59ceb6a..0dbd1dbc09 100644 --- a/modules/zlib/src/inffast.c +++ b/modules/zlib/src/inffast.c @@ -1,5 +1,5 @@ /* inffast.c -- fast decoding - * Copyright (C) 1995-2008, 2010, 2013 Mark Adler + * Copyright (C) 1995-2017 Mark Adler * For conditions of distribution and use, see copyright notice in zlib.h */ @@ -8,26 +8,9 @@ #include "inflate.h" #include "inffast.h" -#ifndef ASMINF - -/* Allow machine dependent optimization for post-increment or pre-increment. - Based on testing to date, - Pre-increment preferred for: - - PowerPC G3 (Adler) - - MIPS R5000 (Randers-Pehrson) - Post-increment preferred for: - - none - No measurable difference: - - Pentium III (Anderson) - - M68060 (Nikl) - */ -#ifdef POSTINC -# define OFF 0 -# define PUP(a) *(a)++ +#ifdef ASMINF +# pragma message("Assembler code may have bugs -- use at your own risk") #else -# define OFF 1 -# define PUP(a) *++(a) -#endif /* Decode literal, length, and distance codes and write out the resulting @@ -96,9 +79,9 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ /* copy state to local variables */ state = (struct inflate_state FAR *)strm->state; - in = strm->next_in - OFF; + in = strm->next_in; last = in + (strm->avail_in - 5); - out = strm->next_out - OFF; + out = strm->next_out; beg = out - (start - strm->avail_out); end = out + (strm->avail_out - 257); #ifdef INFLATE_STRICT @@ -119,9 +102,9 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ input data or output space */ do { if (bits < 15) { - hold += (unsigned long)(PUP(in)) << bits; + hold += (unsigned long)(*in++) << bits; bits += 8; - hold += (unsigned long)(PUP(in)) << bits; + hold += (unsigned long)(*in++) << bits; bits += 8; } here = lcode[hold & lmask]; @@ -134,14 +117,14 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ Tracevv((stderr, here.val >= 0x20 && here.val < 0x7f ? "inflate: literal '%c'\n" : "inflate: literal 0x%02x\n", here.val)); - PUP(out) = (unsigned char)(here.val); + *out++ = (unsigned char)(here.val); } else if (op & 16) { /* length base */ len = (unsigned)(here.val); op &= 15; /* number of extra bits */ if (op) { if (bits < op) { - hold += (unsigned long)(PUP(in)) << bits; + hold += (unsigned long)(*in++) << bits; bits += 8; } len += (unsigned)hold & ((1U << op) - 1); @@ -150,9 +133,9 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ } Tracevv((stderr, "inflate: length %u\n", len)); if (bits < 15) { - hold += (unsigned long)(PUP(in)) << bits; + hold += (unsigned long)(*in++) << bits; bits += 8; - hold += (unsigned long)(PUP(in)) << bits; + hold += (unsigned long)(*in++) << bits; bits += 8; } here = dcode[hold & dmask]; @@ -165,10 +148,10 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ dist = (unsigned)(here.val); op &= 15; /* number of extra bits */ if (bits < op) { - hold += (unsigned long)(PUP(in)) << bits; + hold += (unsigned long)(*in++) << bits; bits += 8; if (bits < op) { - hold += (unsigned long)(PUP(in)) << bits; + hold += (unsigned long)(*in++) << bits; bits += 8; } } @@ -196,30 +179,30 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ #ifdef INFLATE_ALLOW_INVALID_DISTANCE_TOOFAR_ARRR if (len <= op - whave) { do { - PUP(out) = 0; + *out++ = 0; } while (--len); continue; } len -= op - whave; do { - PUP(out) = 0; + *out++ = 0; } while (--op > whave); if (op == 0) { from = out - dist; do { - PUP(out) = PUP(from); + *out++ = *from++; } while (--len); continue; } #endif } - from = window - OFF; + from = window; if (wnext == 0) { /* very common case */ from += wsize - op; if (op < len) { /* some from window */ len -= op; do { - PUP(out) = PUP(from); + *out++ = *from++; } while (--op); from = out - dist; /* rest from output */ } @@ -230,14 +213,14 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ if (op < len) { /* some from end of window */ len -= op; do { - PUP(out) = PUP(from); + *out++ = *from++; } while (--op); - from = window - OFF; + from = window; if (wnext < len) { /* some from start of window */ op = wnext; len -= op; do { - PUP(out) = PUP(from); + *out++ = *from++; } while (--op); from = out - dist; /* rest from output */ } @@ -248,35 +231,35 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ if (op < len) { /* some from window */ len -= op; do { - PUP(out) = PUP(from); + *out++ = *from++; } while (--op); from = out - dist; /* rest from output */ } } while (len > 2) { - PUP(out) = PUP(from); - PUP(out) = PUP(from); - PUP(out) = PUP(from); + *out++ = *from++; + *out++ = *from++; + *out++ = *from++; len -= 3; } if (len) { - PUP(out) = PUP(from); + *out++ = *from++; if (len > 1) - PUP(out) = PUP(from); + *out++ = *from++; } } else { from = out - dist; /* copy direct from output */ do { /* minimum length is three */ - PUP(out) = PUP(from); - PUP(out) = PUP(from); - PUP(out) = PUP(from); + *out++ = *from++; + *out++ = *from++; + *out++ = *from++; len -= 3; } while (len > 2); if (len) { - PUP(out) = PUP(from); + *out++ = *from++; if (len > 1) - PUP(out) = PUP(from); + *out++ = *from++; } } } @@ -313,8 +296,8 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ hold &= (1U << bits) - 1; /* update state and return */ - strm->next_in = in + OFF; - strm->next_out = out + OFF; + strm->next_in = in; + strm->next_out = out; strm->avail_in = (unsigned)(in < last ? 5 + (last - in) : 5 - (in - last)); strm->avail_out = (unsigned)(out < end ? 257 + (end - out) : 257 - (out - end)); diff --git a/modules/zlib/src/inflate.c b/modules/zlib/src/inflate.c index 4fd3f3c180..ac333e8c2e 100644 --- a/modules/zlib/src/inflate.c +++ b/modules/zlib/src/inflate.c @@ -1,5 +1,5 @@ /* inflate.c -- zlib decompression - * Copyright (C) 1995-2012 Mark Adler + * Copyright (C) 1995-2016 Mark Adler * For conditions of distribution and use, see copyright notice in zlib.h */ @@ -92,6 +92,7 @@ #endif /* function prototypes */ +local int inflateStateCheck OF((z_streamp strm)); local void fixedtables OF((struct inflate_state FAR *state)); local int updatewindow OF((z_streamp strm, const unsigned char FAR *end, unsigned copy)); @@ -101,12 +102,26 @@ local int updatewindow OF((z_streamp strm, const unsigned char FAR *end, local unsigned syncsearch OF((unsigned FAR *have, const unsigned char FAR *buf, unsigned len)); +local int inflateStateCheck(strm) +z_streamp strm; +{ + struct inflate_state FAR *state; + if (strm == Z_NULL || + strm->zalloc == (alloc_func)0 || strm->zfree == (free_func)0) + return 1; + state = (struct inflate_state FAR *)strm->state; + if (state == Z_NULL || state->strm != strm || + state->mode < HEAD || state->mode > SYNC) + return 1; + return 0; +} + int ZEXPORT inflateResetKeep(strm) z_streamp strm; { struct inflate_state FAR *state; - if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR; + if (inflateStateCheck(strm)) return Z_STREAM_ERROR; state = (struct inflate_state FAR *)strm->state; strm->total_in = strm->total_out = state->total = 0; strm->msg = Z_NULL; @@ -131,7 +146,7 @@ z_streamp strm; { struct inflate_state FAR *state; - if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR; + if (inflateStateCheck(strm)) return Z_STREAM_ERROR; state = (struct inflate_state FAR *)strm->state; state->wsize = 0; state->whave = 0; @@ -147,7 +162,7 @@ int windowBits; struct inflate_state FAR *state; /* get the state */ - if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR; + if (inflateStateCheck(strm)) return Z_STREAM_ERROR; state = (struct inflate_state FAR *)strm->state; /* extract wrap request from windowBits parameter */ @@ -156,7 +171,7 @@ int windowBits; windowBits = -windowBits; } else { - wrap = (windowBits >> 4) + 1; + wrap = (windowBits >> 4) + 5; #ifdef GUNZIP if (windowBits < 48) windowBits &= 15; @@ -210,7 +225,9 @@ int stream_size; if (state == Z_NULL) return Z_MEM_ERROR; Tracev((stderr, "inflate: allocated\n")); strm->state = (struct internal_state FAR *)state; + state->strm = strm; state->window = Z_NULL; + state->mode = HEAD; /* to pass state test in inflateReset2() */ ret = inflateReset2(strm, windowBits); if (ret != Z_OK) { ZFREE(strm, state); @@ -234,17 +251,17 @@ int value; { struct inflate_state FAR *state; - if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR; + if (inflateStateCheck(strm)) return Z_STREAM_ERROR; state = (struct inflate_state FAR *)strm->state; if (bits < 0) { state->hold = 0; state->bits = 0; return Z_OK; } - if (bits > 16 || state->bits + bits > 32) return Z_STREAM_ERROR; + if (bits > 16 || state->bits + (uInt)bits > 32) return Z_STREAM_ERROR; value &= (1L << bits) - 1; - state->hold += value << state->bits; - state->bits += bits; + state->hold += (unsigned)value << state->bits; + state->bits += (uInt)bits; return Z_OK; } @@ -625,7 +642,7 @@ int flush; static const unsigned short order[19] = /* permutation of code lengths */ {16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15}; - if (strm == Z_NULL || strm->state == Z_NULL || strm->next_out == Z_NULL || + if (inflateStateCheck(strm) || strm->next_out == Z_NULL || (strm->next_in == Z_NULL && strm->avail_in != 0)) return Z_STREAM_ERROR; @@ -645,6 +662,8 @@ int flush; NEEDBITS(16); #ifdef GUNZIP if ((state->wrap & 2) && hold == 0x8b1f) { /* gzip header */ + if (state->wbits == 0) + state->wbits = 15; state->check = crc32(0L, Z_NULL, 0); CRC2(state->check, hold); INITBITS(); @@ -672,7 +691,7 @@ int flush; len = BITS(4) + 8; if (state->wbits == 0) state->wbits = len; - else if (len > state->wbits) { + if (len > 15 || len > state->wbits) { strm->msg = (char *)"invalid window size"; state->mode = BAD; break; @@ -699,14 +718,16 @@ int flush; } if (state->head != Z_NULL) state->head->text = (int)((hold >> 8) & 1); - if (state->flags & 0x0200) CRC2(state->check, hold); + if ((state->flags & 0x0200) && (state->wrap & 4)) + CRC2(state->check, hold); INITBITS(); state->mode = TIME; case TIME: NEEDBITS(32); if (state->head != Z_NULL) state->head->time = hold; - if (state->flags & 0x0200) CRC4(state->check, hold); + if ((state->flags & 0x0200) && (state->wrap & 4)) + CRC4(state->check, hold); INITBITS(); state->mode = OS; case OS: @@ -715,7 +736,8 @@ int flush; state->head->xflags = (int)(hold & 0xff); state->head->os = (int)(hold >> 8); } - if (state->flags & 0x0200) CRC2(state->check, hold); + if ((state->flags & 0x0200) && (state->wrap & 4)) + CRC2(state->check, hold); INITBITS(); state->mode = EXLEN; case EXLEN: @@ -724,7 +746,8 @@ int flush; state->length = (unsigned)(hold); if (state->head != Z_NULL) state->head->extra_len = (unsigned)hold; - if (state->flags & 0x0200) CRC2(state->check, hold); + if ((state->flags & 0x0200) && (state->wrap & 4)) + CRC2(state->check, hold); INITBITS(); } else if (state->head != Z_NULL) @@ -742,7 +765,7 @@ int flush; len + copy > state->head->extra_max ? state->head->extra_max - len : copy); } - if (state->flags & 0x0200) + if ((state->flags & 0x0200) && (state->wrap & 4)) state->check = crc32(state->check, next, copy); have -= copy; next += copy; @@ -761,9 +784,9 @@ int flush; if (state->head != Z_NULL && state->head->name != Z_NULL && state->length < state->head->name_max) - state->head->name[state->length++] = len; + state->head->name[state->length++] = (Bytef)len; } while (len && copy < have); - if (state->flags & 0x0200) + if ((state->flags & 0x0200) && (state->wrap & 4)) state->check = crc32(state->check, next, copy); have -= copy; next += copy; @@ -782,9 +805,9 @@ int flush; if (state->head != Z_NULL && state->head->comment != Z_NULL && state->length < state->head->comm_max) - state->head->comment[state->length++] = len; + state->head->comment[state->length++] = (Bytef)len; } while (len && copy < have); - if (state->flags & 0x0200) + if ((state->flags & 0x0200) && (state->wrap & 4)) state->check = crc32(state->check, next, copy); have -= copy; next += copy; @@ -796,7 +819,7 @@ int flush; case HCRC: if (state->flags & 0x0200) { NEEDBITS(16); - if (hold != (state->check & 0xffff)) { + if ((state->wrap & 4) && hold != (state->check & 0xffff)) { strm->msg = (char *)"header crc mismatch"; state->mode = BAD; break; @@ -1177,11 +1200,11 @@ int flush; out -= left; strm->total_out += out; state->total += out; - if (out) + if ((state->wrap & 4) && out) strm->adler = state->check = UPDATE(state->check, put - out, out); out = left; - if (( + if ((state->wrap & 4) && ( #ifdef GUNZIP state->flags ? hold : #endif @@ -1240,10 +1263,10 @@ int flush; strm->total_in += in; strm->total_out += out; state->total += out; - if (state->wrap && out) + if ((state->wrap & 4) && out) strm->adler = state->check = UPDATE(state->check, strm->next_out - out, out); - strm->data_type = state->bits + (state->last ? 64 : 0) + + strm->data_type = (int)state->bits + (state->last ? 64 : 0) + (state->mode == TYPE ? 128 : 0) + (state->mode == LEN_ || state->mode == COPY_ ? 256 : 0); if (((in == 0 && out == 0) || flush == Z_FINISH) && ret == Z_OK) @@ -1255,7 +1278,7 @@ int ZEXPORT inflateEnd(strm) z_streamp strm; { struct inflate_state FAR *state; - if (strm == Z_NULL || strm->state == Z_NULL || strm->zfree == (free_func)0) + if (inflateStateCheck(strm)) return Z_STREAM_ERROR; state = (struct inflate_state FAR *)strm->state; if (state->window != Z_NULL) ZFREE(strm, state->window); @@ -1273,7 +1296,7 @@ uInt *dictLength; struct inflate_state FAR *state; /* check state */ - if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR; + if (inflateStateCheck(strm)) return Z_STREAM_ERROR; state = (struct inflate_state FAR *)strm->state; /* copy dictionary */ @@ -1298,7 +1321,7 @@ uInt dictLength; int ret; /* check state */ - if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR; + if (inflateStateCheck(strm)) return Z_STREAM_ERROR; state = (struct inflate_state FAR *)strm->state; if (state->wrap != 0 && state->mode != DICT) return Z_STREAM_ERROR; @@ -1330,7 +1353,7 @@ gz_headerp head; struct inflate_state FAR *state; /* check state */ - if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR; + if (inflateStateCheck(strm)) return Z_STREAM_ERROR; state = (struct inflate_state FAR *)strm->state; if ((state->wrap & 2) == 0) return Z_STREAM_ERROR; @@ -1383,7 +1406,7 @@ z_streamp strm; struct inflate_state FAR *state; /* check parameters */ - if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR; + if (inflateStateCheck(strm)) return Z_STREAM_ERROR; state = (struct inflate_state FAR *)strm->state; if (strm->avail_in == 0 && state->bits < 8) return Z_BUF_ERROR; @@ -1430,7 +1453,7 @@ z_streamp strm; { struct inflate_state FAR *state; - if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR; + if (inflateStateCheck(strm)) return Z_STREAM_ERROR; state = (struct inflate_state FAR *)strm->state; return state->mode == STORED && state->bits == 0; } @@ -1445,8 +1468,7 @@ z_streamp source; unsigned wsize; /* check input */ - if (dest == Z_NULL || source == Z_NULL || source->state == Z_NULL || - source->zalloc == (alloc_func)0 || source->zfree == (free_func)0) + if (inflateStateCheck(source) || dest == Z_NULL) return Z_STREAM_ERROR; state = (struct inflate_state FAR *)source->state; @@ -1467,6 +1489,7 @@ z_streamp source; /* copy state */ zmemcpy((voidpf)dest, (voidpf)source, sizeof(z_stream)); zmemcpy((voidpf)copy, (voidpf)state, sizeof(struct inflate_state)); + copy->strm = dest; if (state->lencode >= state->codes && state->lencode <= state->codes + ENOUGH - 1) { copy->lencode = copy->codes + (state->lencode - state->codes); @@ -1488,26 +1511,51 @@ int subvert; { struct inflate_state FAR *state; - if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR; + if (inflateStateCheck(strm)) return Z_STREAM_ERROR; state = (struct inflate_state FAR *)strm->state; - state->sane = !subvert; #ifdef INFLATE_ALLOW_INVALID_DISTANCE_TOOFAR_ARRR + state->sane = !subvert; return Z_OK; #else + (void)subvert; state->sane = 1; return Z_DATA_ERROR; #endif } +int ZEXPORT inflateValidate(strm, check) +z_streamp strm; +int check; +{ + struct inflate_state FAR *state; + + if (inflateStateCheck(strm)) return Z_STREAM_ERROR; + state = (struct inflate_state FAR *)strm->state; + if (check) + state->wrap |= 4; + else + state->wrap &= ~4; + return Z_OK; +} + long ZEXPORT inflateMark(strm) z_streamp strm; { struct inflate_state FAR *state; - if (strm == Z_NULL || strm->state == Z_NULL) - return (long)(((unsigned long)0 - 1) << 16); + if (inflateStateCheck(strm)) + return -(1L << 16); state = (struct inflate_state FAR *)strm->state; return (long)(((unsigned long)((long)state->back)) << 16) + (state->mode == COPY ? state->length : (state->mode == MATCH ? state->was - state->length : 0)); } + +unsigned long ZEXPORT inflateCodesUsed(strm) +z_streamp strm; +{ + struct inflate_state FAR *state; + if (inflateStateCheck(strm)) return (unsigned long)-1; + state = (struct inflate_state FAR *)strm->state; + return (unsigned long)(state->next - state->codes); +} diff --git a/modules/zlib/src/inflate.h b/modules/zlib/src/inflate.h index 95f4986d40..a46cce6b6d 100644 --- a/modules/zlib/src/inflate.h +++ b/modules/zlib/src/inflate.h @@ -1,5 +1,5 @@ /* inflate.h -- internal inflate state definition - * Copyright (C) 1995-2009 Mark Adler + * Copyright (C) 1995-2016 Mark Adler * For conditions of distribution and use, see copyright notice in zlib.h */ @@ -18,7 +18,7 @@ /* Possible inflate modes between inflate() calls */ typedef enum { - HEAD, /* i: waiting for magic header */ + HEAD = 16180, /* i: waiting for magic header */ FLAGS, /* i: waiting for method and flags (gzip) */ TIME, /* i: waiting for modification time (gzip) */ OS, /* i: waiting for extra flags and operating system (gzip) */ @@ -77,11 +77,14 @@ typedef enum { CHECK -> LENGTH -> DONE */ -/* state maintained between inflate() calls. Approximately 10K bytes. */ +/* State maintained between inflate() calls -- approximately 7K bytes, not + including the allocated sliding window, which is up to 32K bytes. */ struct inflate_state { + z_streamp strm; /* pointer back to this zlib stream */ inflate_mode mode; /* current inflate mode */ int last; /* true if processing last block */ - int wrap; /* bit 0 true for zlib, bit 1 true for gzip */ + int wrap; /* bit 0 true for zlib, bit 1 true for gzip, + bit 2 true to validate check value */ int havedict; /* true if dictionary provided */ int flags; /* gzip header method and flags (0 if zlib) */ unsigned dmax; /* zlib header max distance (INFLATE_STRICT) */ diff --git a/modules/zlib/src/inftrees.c b/modules/zlib/src/inftrees.c index 44d89cf24e..2ea08fc13e 100644 --- a/modules/zlib/src/inftrees.c +++ b/modules/zlib/src/inftrees.c @@ -1,5 +1,5 @@ /* inftrees.c -- generate Huffman trees for efficient decoding - * Copyright (C) 1995-2013 Mark Adler + * Copyright (C) 1995-2017 Mark Adler * For conditions of distribution and use, see copyright notice in zlib.h */ @@ -9,7 +9,7 @@ #define MAXBITS 15 const char inflate_copyright[] = - " inflate 1.2.8 Copyright 1995-2013 Mark Adler "; + " inflate 1.2.11 Copyright 1995-2017 Mark Adler "; /* If you use the zlib library in a product, an acknowledgment is welcome in the documentation of your product. If for some reason you cannot @@ -54,7 +54,7 @@ unsigned short FAR *work; code FAR *next; /* next available space in table */ const unsigned short FAR *base; /* base value table to use */ const unsigned short FAR *extra; /* extra bits table to use */ - int end; /* use base and extra for symbol > end */ + unsigned match; /* use base and extra for symbol >= match */ unsigned short count[MAXBITS+1]; /* number of codes of each length */ unsigned short offs[MAXBITS+1]; /* offsets in table for each length */ static const unsigned short lbase[31] = { /* Length codes 257..285 base */ @@ -62,7 +62,7 @@ unsigned short FAR *work; 35, 43, 51, 59, 67, 83, 99, 115, 131, 163, 195, 227, 258, 0, 0}; static const unsigned short lext[31] = { /* Length codes 257..285 extra */ 16, 16, 16, 16, 16, 16, 16, 16, 17, 17, 17, 17, 18, 18, 18, 18, - 19, 19, 19, 19, 20, 20, 20, 20, 21, 21, 21, 21, 16, 72, 78}; + 19, 19, 19, 19, 20, 20, 20, 20, 21, 21, 21, 21, 16, 77, 202}; static const unsigned short dbase[32] = { /* Distance codes 0..29 base */ 1, 2, 3, 4, 5, 7, 9, 13, 17, 25, 33, 49, 65, 97, 129, 193, 257, 385, 513, 769, 1025, 1537, 2049, 3073, 4097, 6145, @@ -181,19 +181,17 @@ unsigned short FAR *work; switch (type) { case CODES: base = extra = work; /* dummy value--not used */ - end = 19; + match = 20; break; case LENS: base = lbase; - base -= 257; extra = lext; - extra -= 257; - end = 256; + match = 257; break; - default: /* DISTS */ + default: /* DISTS */ base = dbase; extra = dext; - end = -1; + match = 0; } /* initialize state for loop */ @@ -216,13 +214,13 @@ unsigned short FAR *work; for (;;) { /* create table entry */ here.bits = (unsigned char)(len - drop); - if ((int)(work[sym]) < end) { + if (work[sym] + 1U < match) { here.op = (unsigned char)0; here.val = work[sym]; } - else if ((int)(work[sym]) > end) { - here.op = (unsigned char)(extra[work[sym]]); - here.val = base[work[sym]]; + else if (work[sym] >= match) { + here.op = (unsigned char)(extra[work[sym] - match]); + here.val = base[work[sym] - match]; } else { here.op = (unsigned char)(32 + 64); /* end of block */ diff --git a/modules/zlib/src/mozzconf.h b/modules/zlib/src/mozzconf.h index f1da5ae28f..9521297eab 100644 --- a/modules/zlib/src/mozzconf.h +++ b/modules/zlib/src/mozzconf.h @@ -44,7 +44,6 @@ #define gzputs MOZ_Z_gzputs #define gzgets MOZ_Z_gzgets #define gzputc MOZ_Z_gzputc -#define gzgetc MOZ_Z_gzgetc #define gzungetc MOZ_Z_gzungetc #define gzflush MOZ_Z_gzflush #define gzseek MOZ_Z_gzseek @@ -126,4 +125,45 @@ #define gzvprintf MOZ_Z_gzvprintf #define inflateGetDictionary MOZ_Z_inflateGetDictionary +/* New as of zlib-1.2.11 */ +#define adler32_combine_ MOZ_Z_adler32_combine_ +#define crc32_combine_ MOZ_Z_crc32_combine_ +#define deflate_fast MOZ_Z_deflate_fast +#define deflate_slow MOZ_Z_deflate_slow +#define deflateStateCheck MOZ_Z_deflateStateCheck +#define deflate_stored MOZ_Z_deflate_stored +#define fill_window MOZ_Z_fill_window +#define flush_pending MOZ_Z_flush_pending +#define longest_match MOZ_Z_longest_match +#define read_buf MOZ_Z_read_buf +#define slide_hash MOZ_Z_slide_hash +#define gz_open MOZ_Z_gz_open +#define gz_reset MOZ_Z_gz_reset +#define gz_avail MOZ_Z_gz_avail +#define gz_fetch MOZ_Z_gz_fetch +#define gz_decomp MOZ_Z_gz_decomp +#define gz_write MOZ_Z_gz_write +#define gz_comp MOZ_Z_gz_comp +#define gz_init MOZ_Z_gz_init +#define gz_write MOZ_Z_gz_write +#define gz_zero MOZ_Z_gz_zero +#define gz_load MOZ_Z_gz_load +#define gz_look MOZ_Z_gz_look +#define gz_read MOZ_Z_gz_read +#define gz_skip MOZ_Z_gz_skip +#define syncsearch MOZ_Z_syncsearch +#define updatewindow MOZ_Z_updatewindow +#define inflateStateCheck MOZ_Z_inflateStateCheck +#define bi_flush MOZ_Z_bi_flush +#define bi_windup MOZ_Z_bi_windup +#define bl_order MOZ_Z_bl_order +#define build_tree MOZ_Z_build_tree +#define compress_block MOZ_Z_compress_block +#define init_block MOZ_Z_init_block +#define pqdownheap MOZ_Z_pqdownheap +#define scan_tree MOZ_Z_scan_tree +#define send_tree MOZ_Z_send_tree +#define slide_hash MOZ_Z_slide_hash +#define uncompress2 MOZ_Z_uncompress2 + #endif diff --git a/modules/zlib/src/trees.c b/modules/zlib/src/trees.c index 1fd7759ef0..50cf4b4571 100644 --- a/modules/zlib/src/trees.c +++ b/modules/zlib/src/trees.c @@ -1,5 +1,5 @@ /* trees.c -- output deflated data using Huffman coding - * Copyright (C) 1995-2012 Jean-loup Gailly + * Copyright (C) 1995-2017 Jean-loup Gailly * detect_data_type() function provided freely by Cosmin Truta, 2006 * For conditions of distribution and use, see copyright notice in zlib.h */ @@ -36,7 +36,7 @@ #include "deflate.h" -#ifdef DEBUG +#ifdef ZLIB_DEBUG # include <ctype.h> #endif @@ -122,13 +122,13 @@ struct static_tree_desc_s { int max_length; /* max bit length for the codes */ }; -local static_tree_desc static_l_desc = +local const static_tree_desc static_l_desc = {static_ltree, extra_lbits, LITERALS+1, L_CODES, MAX_BITS}; -local static_tree_desc static_d_desc = +local const static_tree_desc static_d_desc = {static_dtree, extra_dbits, 0, D_CODES, MAX_BITS}; -local static_tree_desc static_bl_desc = +local const static_tree_desc static_bl_desc = {(const ct_data *)0, extra_blbits, 0, BL_CODES, MAX_BL_BITS}; /* =========================================================================== @@ -152,18 +152,16 @@ local int detect_data_type OF((deflate_state *s)); local unsigned bi_reverse OF((unsigned value, int length)); local void bi_windup OF((deflate_state *s)); local void bi_flush OF((deflate_state *s)); -local void copy_block OF((deflate_state *s, charf *buf, unsigned len, - int header)); #ifdef GEN_TREES_H local void gen_trees_header OF((void)); #endif -#ifndef DEBUG +#ifndef ZLIB_DEBUG # define send_code(s, c, tree) send_bits(s, tree[c].Code, tree[c].Len) /* Send a code of the given tree. c and tree must not have side effects */ -#else /* DEBUG */ +#else /* !ZLIB_DEBUG */ # define send_code(s, c, tree) \ { if (z_verbose>2) fprintf(stderr,"\ncd %3d ",(c)); \ send_bits(s, tree[c].Code, tree[c].Len); } @@ -182,7 +180,7 @@ local void gen_trees_header OF((void)); * Send a value on a given number of bits. * IN assertion: length <= 16 and value fits in length bits. */ -#ifdef DEBUG +#ifdef ZLIB_DEBUG local void send_bits OF((deflate_state *s, int value, int length)); local void send_bits(s, value, length) @@ -208,12 +206,12 @@ local void send_bits(s, value, length) s->bi_valid += length; } } -#else /* !DEBUG */ +#else /* !ZLIB_DEBUG */ #define send_bits(s, value, length) \ { int len = length;\ if (s->bi_valid > (int)Buf_size - len) {\ - int val = value;\ + int val = (int)value;\ s->bi_buf |= (ush)val << s->bi_valid;\ put_short(s, s->bi_buf);\ s->bi_buf = (ush)val >> (Buf_size - s->bi_valid);\ @@ -223,7 +221,7 @@ local void send_bits(s, value, length) s->bi_valid += len;\ }\ } -#endif /* DEBUG */ +#endif /* ZLIB_DEBUG */ /* the arguments must not have side effects */ @@ -317,7 +315,7 @@ local void tr_static_init() * Genererate the file trees.h describing the static trees. */ #ifdef GEN_TREES_H -# ifndef DEBUG +# ifndef ZLIB_DEBUG # include <stdio.h> # endif @@ -394,7 +392,7 @@ void ZLIB_INTERNAL _tr_init(s) s->bi_buf = 0; s->bi_valid = 0; -#ifdef DEBUG +#ifdef ZLIB_DEBUG s->compressed_len = 0L; s->bits_sent = 0L; #endif @@ -522,12 +520,12 @@ local void gen_bitlen(s, desc) xbits = 0; if (n >= base) xbits = extra[n-base]; f = tree[n].Freq; - s->opt_len += (ulg)f * (bits + xbits); - if (stree) s->static_len += (ulg)f * (stree[n].Len + xbits); + s->opt_len += (ulg)f * (unsigned)(bits + xbits); + if (stree) s->static_len += (ulg)f * (unsigned)(stree[n].Len + xbits); } if (overflow == 0) return; - Trace((stderr,"\nbit length overflow\n")); + Tracev((stderr,"\nbit length overflow\n")); /* This happens for example on obj2 and pic of the Calgary corpus */ /* Find the first bit length which could increase: */ @@ -554,9 +552,8 @@ local void gen_bitlen(s, desc) m = s->heap[--h]; if (m > max_code) continue; if ((unsigned) tree[m].Len != (unsigned) bits) { - Trace((stderr,"code %d bits %d->%d\n", m, tree[m].Len, bits)); - s->opt_len += ((long)bits - (long)tree[m].Len) - *(long)tree[m].Freq; + Tracev((stderr,"code %d bits %d->%d\n", m, tree[m].Len, bits)); + s->opt_len += ((ulg)bits - tree[m].Len) * tree[m].Freq; tree[m].Len = (ush)bits; } n--; @@ -578,7 +575,7 @@ local void gen_codes (tree, max_code, bl_count) ushf *bl_count; /* number of codes at each bit length */ { ush next_code[MAX_BITS+1]; /* next code value for each bit length */ - ush code = 0; /* running code value */ + unsigned code = 0; /* running code value */ int bits; /* bit index */ int n; /* code index */ @@ -586,7 +583,8 @@ local void gen_codes (tree, max_code, bl_count) * without bit reversal. */ for (bits = 1; bits <= MAX_BITS; bits++) { - next_code[bits] = code = (code + bl_count[bits-1]) << 1; + code = (code + bl_count[bits-1]) << 1; + next_code[bits] = (ush)code; } /* Check that the bit counts in bl_count are consistent. The last code * must be all ones. @@ -599,7 +597,7 @@ local void gen_codes (tree, max_code, bl_count) int len = tree[n].Len; if (len == 0) continue; /* Now reverse the bits */ - tree[n].Code = bi_reverse(next_code[len]++, len); + tree[n].Code = (ush)bi_reverse(next_code[len]++, len); Tracecv(tree != static_ltree, (stderr,"\nn %3d %c l %2d c %4x (%x) ", n, (isgraph(n) ? n : ' '), len, tree[n].Code, next_code[len]-1)); @@ -821,7 +819,7 @@ local int build_bl_tree(s) if (s->bl_tree[bl_order[max_blindex]].Len != 0) break; } /* Update opt_len to include the bit length tree and counts */ - s->opt_len += 3*(max_blindex+1) + 5+5+4; + s->opt_len += 3*((ulg)max_blindex+1) + 5+5+4; Tracev((stderr, "\ndyn trees: dyn %ld, stat %ld", s->opt_len, s->static_len)); @@ -869,11 +867,17 @@ void ZLIB_INTERNAL _tr_stored_block(s, buf, stored_len, last) int last; /* one if this is the last block for a file */ { send_bits(s, (STORED_BLOCK<<1)+last, 3); /* send block type */ -#ifdef DEBUG + bi_windup(s); /* align on byte boundary */ + put_short(s, (ush)stored_len); + put_short(s, (ush)~stored_len); + zmemcpy(s->pending_buf + s->pending, (Bytef *)buf, stored_len); + s->pending += stored_len; +#ifdef ZLIB_DEBUG s->compressed_len = (s->compressed_len + 3 + 7) & (ulg)~7L; s->compressed_len += (stored_len + 4) << 3; + s->bits_sent += 2*16; + s->bits_sent += stored_len<<3; #endif - copy_block(s, buf, (unsigned)stored_len, 1); /* with header */ } /* =========================================================================== @@ -894,7 +898,7 @@ void ZLIB_INTERNAL _tr_align(s) { send_bits(s, STATIC_TREES<<1, 3); send_code(s, END_BLOCK, static_ltree); -#ifdef DEBUG +#ifdef ZLIB_DEBUG s->compressed_len += 10L; /* 3 for block type, 7 for EOB */ #endif bi_flush(s); @@ -902,7 +906,7 @@ void ZLIB_INTERNAL _tr_align(s) /* =========================================================================== * Determine the best encoding for the current block: dynamic trees, static - * trees or store, and output the encoded block to the zip file. + * trees or store, and write out the encoded block. */ void ZLIB_INTERNAL _tr_flush_block(s, buf, stored_len, last) deflate_state *s; @@ -974,7 +978,7 @@ void ZLIB_INTERNAL _tr_flush_block(s, buf, stored_len, last) send_bits(s, (STATIC_TREES<<1)+last, 3); compress_block(s, (const ct_data *)static_ltree, (const ct_data *)static_dtree); -#ifdef DEBUG +#ifdef ZLIB_DEBUG s->compressed_len += 3 + s->static_len; #endif } else { @@ -983,7 +987,7 @@ void ZLIB_INTERNAL _tr_flush_block(s, buf, stored_len, last) max_blindex+1); compress_block(s, (const ct_data *)s->dyn_ltree, (const ct_data *)s->dyn_dtree); -#ifdef DEBUG +#ifdef ZLIB_DEBUG s->compressed_len += 3 + s->opt_len; #endif } @@ -995,7 +999,7 @@ void ZLIB_INTERNAL _tr_flush_block(s, buf, stored_len, last) if (last) { bi_windup(s); -#ifdef DEBUG +#ifdef ZLIB_DEBUG s->compressed_len += 7; /* align on byte boundary */ #endif } @@ -1090,7 +1094,7 @@ local void compress_block(s, ltree, dtree) send_code(s, code, dtree); /* send the distance code */ extra = extra_dbits[code]; if (extra != 0) { - dist -= base_dist[code]; + dist -= (unsigned)base_dist[code]; send_bits(s, dist, extra); /* send the extra distance bits */ } } /* literal or match pair ? */ @@ -1193,34 +1197,7 @@ local void bi_windup(s) } s->bi_buf = 0; s->bi_valid = 0; -#ifdef DEBUG +#ifdef ZLIB_DEBUG s->bits_sent = (s->bits_sent+7) & ~7; #endif } - -/* =========================================================================== - * Copy a stored block, storing first the length and its - * one's complement if requested. - */ -local void copy_block(s, buf, len, header) - deflate_state *s; - charf *buf; /* the input data */ - unsigned len; /* its length */ - int header; /* true if block header must be written */ -{ - bi_windup(s); /* align on byte boundary */ - - if (header) { - put_short(s, (ush)len); - put_short(s, (ush)~len); -#ifdef DEBUG - s->bits_sent += 2*16; -#endif - } -#ifdef DEBUG - s->bits_sent += (ulg)len<<3; -#endif - while (len--) { - put_byte(s, *buf++); - } -} diff --git a/modules/zlib/src/uncompr.c b/modules/zlib/src/uncompr.c index 242e9493df..f03a1a865e 100644 --- a/modules/zlib/src/uncompr.c +++ b/modules/zlib/src/uncompr.c @@ -1,5 +1,5 @@ /* uncompr.c -- decompress a memory buffer - * Copyright (C) 1995-2003, 2010 Jean-loup Gailly. + * Copyright (C) 1995-2003, 2010, 2014, 2016 Jean-loup Gailly, Mark Adler * For conditions of distribution and use, see copyright notice in zlib.h */ @@ -9,51 +9,85 @@ #include "zlib.h" /* =========================================================================== - Decompresses the source buffer into the destination buffer. sourceLen is - the byte length of the source buffer. Upon entry, destLen is the total - size of the destination buffer, which must be large enough to hold the - entire uncompressed data. (The size of the uncompressed data must have - been saved previously by the compressor and transmitted to the decompressor - by some mechanism outside the scope of this compression library.) - Upon exit, destLen is the actual size of the compressed buffer. - - uncompress returns Z_OK if success, Z_MEM_ERROR if there was not - enough memory, Z_BUF_ERROR if there was not enough room in the output - buffer, or Z_DATA_ERROR if the input data was corrupted. + Decompresses the source buffer into the destination buffer. *sourceLen is + the byte length of the source buffer. Upon entry, *destLen is the total size + of the destination buffer, which must be large enough to hold the entire + uncompressed data. (The size of the uncompressed data must have been saved + previously by the compressor and transmitted to the decompressor by some + mechanism outside the scope of this compression library.) Upon exit, + *destLen is the size of the decompressed data and *sourceLen is the number + of source bytes consumed. Upon return, source + *sourceLen points to the + first unused input byte. + + uncompress returns Z_OK if success, Z_MEM_ERROR if there was not enough + memory, Z_BUF_ERROR if there was not enough room in the output buffer, or + Z_DATA_ERROR if the input data was corrupted, including if the input data is + an incomplete zlib stream. */ -int ZEXPORT uncompress (dest, destLen, source, sourceLen) +int ZEXPORT uncompress2 (dest, destLen, source, sourceLen) Bytef *dest; uLongf *destLen; const Bytef *source; - uLong sourceLen; + uLong *sourceLen; { z_stream stream; int err; + const uInt max = (uInt)-1; + uLong len, left; + Byte buf[1]; /* for detection of incomplete stream when *destLen == 0 */ - stream.next_in = (z_const Bytef *)source; - stream.avail_in = (uInt)sourceLen; - /* Check for source > 64K on 16-bit machine: */ - if ((uLong)stream.avail_in != sourceLen) return Z_BUF_ERROR; - - stream.next_out = dest; - stream.avail_out = (uInt)*destLen; - if ((uLong)stream.avail_out != *destLen) return Z_BUF_ERROR; + len = *sourceLen; + if (*destLen) { + left = *destLen; + *destLen = 0; + } + else { + left = 1; + dest = buf; + } + stream.next_in = (z_const Bytef *)source; + stream.avail_in = 0; stream.zalloc = (alloc_func)0; stream.zfree = (free_func)0; + stream.opaque = (voidpf)0; err = inflateInit(&stream); if (err != Z_OK) return err; - err = inflate(&stream, Z_FINISH); - if (err != Z_STREAM_END) { - inflateEnd(&stream); - if (err == Z_NEED_DICT || (err == Z_BUF_ERROR && stream.avail_in == 0)) - return Z_DATA_ERROR; - return err; - } - *destLen = stream.total_out; + stream.next_out = dest; + stream.avail_out = 0; - err = inflateEnd(&stream); - return err; + do { + if (stream.avail_out == 0) { + stream.avail_out = left > (uLong)max ? max : (uInt)left; + left -= stream.avail_out; + } + if (stream.avail_in == 0) { + stream.avail_in = len > (uLong)max ? max : (uInt)len; + len -= stream.avail_in; + } + err = inflate(&stream, Z_NO_FLUSH); + } while (err == Z_OK); + + *sourceLen -= len + stream.avail_in; + if (dest != buf) + *destLen = stream.total_out; + else if (stream.total_out && err == Z_BUF_ERROR) + left = 1; + + inflateEnd(&stream); + return err == Z_STREAM_END ? Z_OK : + err == Z_NEED_DICT ? Z_DATA_ERROR : + err == Z_BUF_ERROR && left + stream.avail_out ? Z_DATA_ERROR : + err; +} + +int ZEXPORT uncompress (dest, destLen, source, sourceLen) + Bytef *dest; + uLongf *destLen; + const Bytef *source; + uLong sourceLen; +{ + return uncompress2(dest, destLen, source, &sourceLen); } diff --git a/modules/zlib/src/zconf.h b/modules/zlib/src/zconf.h index fa0950b9de..8e2c0a3e41 100644 --- a/modules/zlib/src/zconf.h +++ b/modules/zlib/src/zconf.h @@ -1,5 +1,5 @@ /* zconf.h -- configuration of the zlib compression library - * Copyright (C) 1995-2013 Jean-loup Gailly. + * Copyright (C) 1995-2016 Jean-loup Gailly, Mark Adler * For conditions of distribution and use, see copyright notice in zlib.h */ @@ -20,7 +20,7 @@ #ifdef Z_PREFIX /* may be set to #if 1 by ./configure */ # define Z_PREFIX_SET -/* all linked symbols */ +/* all linked symbols and init macros */ # define _dist_code z__dist_code # define _length_code z__length_code # define _tr_align z__tr_align @@ -32,6 +32,7 @@ # define adler32 z_adler32 # define adler32_combine z_adler32_combine # define adler32_combine64 z_adler32_combine64 +# define adler32_z z_adler32_z # ifndef Z_SOLO # define compress z_compress # define compress2 z_compress2 @@ -40,10 +41,14 @@ # define crc32 z_crc32 # define crc32_combine z_crc32_combine # define crc32_combine64 z_crc32_combine64 +# define crc32_z z_crc32_z # define deflate z_deflate # define deflateBound z_deflateBound # define deflateCopy z_deflateCopy # define deflateEnd z_deflateEnd +# define deflateGetDictionary z_deflateGetDictionary +# define deflateInit z_deflateInit +# define deflateInit2 z_deflateInit2 # define deflateInit2_ z_deflateInit2_ # define deflateInit_ z_deflateInit_ # define deflateParams z_deflateParams @@ -70,6 +75,8 @@ # define gzeof z_gzeof # define gzerror z_gzerror # define gzflush z_gzflush +# define gzfread z_gzfread +# define gzfwrite z_gzfwrite # define gzgetc z_gzgetc # define gzgetc_ z_gzgetc_ # define gzgets z_gzgets @@ -81,7 +88,6 @@ # define gzopen_w z_gzopen_w # endif # define gzprintf z_gzprintf -# define gzvprintf z_gzvprintf # define gzputc z_gzputc # define gzputs z_gzputs # define gzread z_gzread @@ -92,32 +98,39 @@ # define gztell z_gztell # define gztell64 z_gztell64 # define gzungetc z_gzungetc +# define gzvprintf z_gzvprintf # define gzwrite z_gzwrite # endif # define inflate z_inflate # define inflateBack z_inflateBack # define inflateBackEnd z_inflateBackEnd +# define inflateBackInit z_inflateBackInit # define inflateBackInit_ z_inflateBackInit_ +# define inflateCodesUsed z_inflateCodesUsed # define inflateCopy z_inflateCopy # define inflateEnd z_inflateEnd +# define inflateGetDictionary z_inflateGetDictionary # define inflateGetHeader z_inflateGetHeader +# define inflateInit z_inflateInit +# define inflateInit2 z_inflateInit2 # define inflateInit2_ z_inflateInit2_ # define inflateInit_ z_inflateInit_ # define inflateMark z_inflateMark # define inflatePrime z_inflatePrime # define inflateReset z_inflateReset # define inflateReset2 z_inflateReset2 +# define inflateResetKeep z_inflateResetKeep # define inflateSetDictionary z_inflateSetDictionary -# define inflateGetDictionary z_inflateGetDictionary # define inflateSync z_inflateSync # define inflateSyncPoint z_inflateSyncPoint # define inflateUndermine z_inflateUndermine -# define inflateResetKeep z_inflateResetKeep +# define inflateValidate z_inflateValidate # define inflate_copyright z_inflate_copyright # define inflate_fast z_inflate_fast # define inflate_table z_inflate_table # ifndef Z_SOLO # define uncompress z_uncompress +# define uncompress2 z_uncompress2 # endif # define zError z_zError # ifndef Z_SOLO @@ -227,9 +240,19 @@ # define z_const #endif -/* Some Mac compilers merge all .h files incorrectly: */ -#if defined(__MWERKS__)||defined(applec)||defined(THINK_C)||defined(__SC__) -# define NO_DUMMY_DECL +#ifdef Z_SOLO + typedef unsigned long z_size_t; +#else +# define z_longlong long long +# if defined(NO_SIZE_T) + typedef unsigned NO_SIZE_T z_size_t; +# elif defined(STDC) +# include <stddef.h> + typedef size_t z_size_t; +# else + typedef unsigned long z_size_t; +# endif +# undef z_longlong #endif /* Maximum value for memLevel in deflateInit2 */ @@ -259,7 +282,7 @@ Of course this will generally degrade compression (there's no free lunch). The memory requirements for inflate are (in bytes) 1 << windowBits - that is, 32K for windowBits=15 (default value) plus a few kilobytes + that is, 32K for windowBits=15 (default value) plus about 7 kilobytes for small objects. */ @@ -341,7 +364,7 @@ # endif #endif -#if defined (__BEOS__) || (defined(__OS2__) && defined(__declspec)) +#if defined (__BEOS__) # ifdef ZLIB_DLL # ifdef ZLIB_INTERNAL # define ZEXPORT __declspec(dllexport) diff --git a/modules/zlib/src/zlib.h b/modules/zlib/src/zlib.h index b6ce7f1b09..f09cdaf1e0 100644 --- a/modules/zlib/src/zlib.h +++ b/modules/zlib/src/zlib.h @@ -1,7 +1,7 @@ /* zlib.h -- interface of the 'zlib' general purpose compression library - version 1.2.8, April 28th, 2013 + version 1.2.11, January 15th, 2017 - Copyright (C) 1995-2013 Jean-loup Gailly and Mark Adler + Copyright (C) 1995-2017 Jean-loup Gailly and Mark Adler This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages @@ -37,11 +37,11 @@ extern "C" { #endif -#define ZLIB_VERSION "1.2.8" -#define ZLIB_VERNUM 0x1280 +#define ZLIB_VERSION "1.2.11" +#define ZLIB_VERNUM 0x12b0 #define ZLIB_VER_MAJOR 1 #define ZLIB_VER_MINOR 2 -#define ZLIB_VER_REVISION 8 +#define ZLIB_VER_REVISION 11 #define ZLIB_VER_SUBREVISION 0 /* @@ -65,7 +65,8 @@ extern "C" { with "gz". The gzip format is different from the zlib format. gzip is a gzip wrapper, documented in RFC 1952, wrapped around a deflate stream. - This library can optionally read and write gzip streams in memory as well. + This library can optionally read and write gzip and raw deflate streams in + memory as well. The zlib format was designed to be compact and fast for use in memory and on communications channels. The gzip format was designed for single- @@ -74,7 +75,7 @@ extern "C" { The library does not install any signal handler. The decoder checks the consistency of the compressed data, so the library should never crash - even in case of corrupted input. + even in the case of corrupted input. */ typedef voidpf (*alloc_func) OF((voidpf opaque, uInt items, uInt size)); @@ -87,7 +88,7 @@ typedef struct z_stream_s { uInt avail_in; /* number of bytes available at next_in */ uLong total_in; /* total number of input bytes read so far */ - Bytef *next_out; /* next output byte should be put there */ + Bytef *next_out; /* next output byte will go here */ uInt avail_out; /* remaining free space at next_out */ uLong total_out; /* total number of bytes output so far */ @@ -98,8 +99,9 @@ typedef struct z_stream_s { free_func zfree; /* used to free the internal state */ voidpf opaque; /* private data object passed to zalloc and zfree */ - int data_type; /* best guess about the data type: binary or text */ - uLong adler; /* adler32 value of the uncompressed data */ + int data_type; /* best guess about the data type: binary or text + for deflate, or the decoding state for inflate */ + uLong adler; /* Adler-32 or CRC-32 value of the uncompressed data */ uLong reserved; /* reserved for future use */ } z_stream; @@ -142,7 +144,9 @@ typedef gz_header FAR *gz_headerp; zalloc must return Z_NULL if there is not enough memory for the object. If zlib is used in a multi-threaded application, zalloc and zfree must be - thread safe. + thread safe. In that case, zlib is thread-safe. When zalloc and zfree are + Z_NULL on entry to the initialization function, they are set to internal + routines that use the standard library functions malloc() and free(). On 16-bit systems, the functions zalloc and zfree must be able to allocate exactly 65536 bytes, but will not be required to allocate more than this if @@ -155,7 +159,7 @@ typedef gz_header FAR *gz_headerp; The fields total_in and total_out can be used for statistics or progress reports. After compression, total_in holds the total size of the - uncompressed data and may be saved for use in the decompressor (particularly + uncompressed data and may be saved for use by the decompressor (particularly if the decompressor wants to decompress everything in a single step). */ @@ -200,7 +204,7 @@ typedef gz_header FAR *gz_headerp; #define Z_TEXT 1 #define Z_ASCII Z_TEXT /* for compatibility with 1.2.2 and earlier */ #define Z_UNKNOWN 2 -/* Possible values of the data_type field (though see inflate()) */ +/* Possible values of the data_type field for deflate() */ #define Z_DEFLATED 8 /* The deflate compression method (the only one supported in this version) */ @@ -258,11 +262,11 @@ ZEXTERN int ZEXPORT deflate OF((z_streamp strm, int flush)); enough room in the output buffer), next_in and avail_in are updated and processing will resume at this point for the next call of deflate(). - - Provide more output starting at next_out and update next_out and avail_out + - Generate more output starting at next_out and update next_out and avail_out accordingly. This action is forced if the parameter flush is non zero. Forcing flush frequently degrades the compression ratio, so this parameter - should be set only when necessary (in interactive applications). Some - output may be provided even if flush is not set. + should be set only when necessary. Some output may be provided even if + flush is zero. Before the call of deflate(), the application should ensure that at least one of the actions is possible, by providing more input and/or consuming more @@ -271,7 +275,9 @@ ZEXTERN int ZEXPORT deflate OF((z_streamp strm, int flush)); output when it wants, for example when the output buffer is full (avail_out == 0), or after each call of deflate(). If deflate returns Z_OK and with zero avail_out, it must be called again after making room in the output - buffer because there might be more output pending. + buffer because there might be more output pending. See deflatePending(), + which can be used if desired to determine whether or not there is more ouput + in that case. Normally the parameter flush is set to Z_NO_FLUSH, which allows deflate to decide how much data to accumulate before producing output, in order to @@ -292,8 +298,8 @@ ZEXTERN int ZEXPORT deflate OF((z_streamp strm, int flush)); input data so far will be available to the decompressor, as for Z_SYNC_FLUSH. This completes the current deflate block and follows it with an empty fixed codes block that is 10 bits long. This assures that enough bytes are output - in order for the decompressor to finish the block before the empty fixed code - block. + in order for the decompressor to finish the block before the empty fixed + codes block. If flush is set to Z_BLOCK, a deflate block is completed and emitted, as for Z_SYNC_FLUSH, but the output is not aligned on a byte boundary, and up to @@ -319,34 +325,38 @@ ZEXTERN int ZEXPORT deflate OF((z_streamp strm, int flush)); If the parameter flush is set to Z_FINISH, pending input is processed, pending output is flushed and deflate returns with Z_STREAM_END if there was - enough output space; if deflate returns with Z_OK, this function must be - called again with Z_FINISH and more output space (updated avail_out) but no - more input data, until it returns with Z_STREAM_END or an error. After - deflate has returned Z_STREAM_END, the only possible operations on the stream - are deflateReset or deflateEnd. - - Z_FINISH can be used immediately after deflateInit if all the compression - is to be done in a single step. In this case, avail_out must be at least the - value returned by deflateBound (see below). Then deflate is guaranteed to - return Z_STREAM_END. If not enough output space is provided, deflate will - not return Z_STREAM_END, and it must be called again as described above. - - deflate() sets strm->adler to the adler32 checksum of all input read - so far (that is, total_in bytes). + enough output space. If deflate returns with Z_OK or Z_BUF_ERROR, this + function must be called again with Z_FINISH and more output space (updated + avail_out) but no more input data, until it returns with Z_STREAM_END or an + error. After deflate has returned Z_STREAM_END, the only possible operations + on the stream are deflateReset or deflateEnd. + + Z_FINISH can be used in the first deflate call after deflateInit if all the + compression is to be done in a single step. In order to complete in one + call, avail_out must be at least the value returned by deflateBound (see + below). Then deflate is guaranteed to return Z_STREAM_END. If not enough + output space is provided, deflate will not return Z_STREAM_END, and it must + be called again as described above. + + deflate() sets strm->adler to the Adler-32 checksum of all input read + so far (that is, total_in bytes). If a gzip stream is being generated, then + strm->adler will be the CRC-32 checksum of the input read so far. (See + deflateInit2 below.) deflate() may update strm->data_type if it can make a good guess about - the input data type (Z_BINARY or Z_TEXT). In doubt, the data is considered - binary. This field is only for information purposes and does not affect the - compression algorithm in any manner. + the input data type (Z_BINARY or Z_TEXT). If in doubt, the data is + considered binary. This field is only for information purposes and does not + affect the compression algorithm in any manner. deflate() returns Z_OK if some progress has been made (more input processed or more output produced), Z_STREAM_END if all input has been consumed and all output has been produced (only when flush is set to Z_FINISH), Z_STREAM_ERROR if the stream state was inconsistent (for example - if next_in or next_out was Z_NULL), Z_BUF_ERROR if no progress is possible - (for example avail_in or avail_out was zero). Note that Z_BUF_ERROR is not - fatal, and deflate() can be called again with more input and more output - space to continue compressing. + if next_in or next_out was Z_NULL or the state was inadvertently written over + by the application), or Z_BUF_ERROR if no progress is possible (for example + avail_in or avail_out was zero). Note that Z_BUF_ERROR is not fatal, and + deflate() can be called again with more input and more output space to + continue compressing. */ @@ -369,23 +379,21 @@ ZEXTERN int ZEXPORT inflateInit OF((z_streamp strm)); Initializes the internal stream state for decompression. The fields next_in, avail_in, zalloc, zfree and opaque must be initialized before by - the caller. If next_in is not Z_NULL and avail_in is large enough (the - exact value depends on the compression method), inflateInit determines the - compression method from the zlib header and allocates all data structures - accordingly; otherwise the allocation will be deferred to the first call of - inflate. If zalloc and zfree are set to Z_NULL, inflateInit updates them to - use default allocation functions. + the caller. In the current version of inflate, the provided input is not + read or consumed. The allocation of a sliding window will be deferred to + the first call of inflate (if the decompression does not complete on the + first call). If zalloc and zfree are set to Z_NULL, inflateInit updates + them to use default allocation functions. inflateInit returns Z_OK if success, Z_MEM_ERROR if there was not enough memory, Z_VERSION_ERROR if the zlib library version is incompatible with the version assumed by the caller, or Z_STREAM_ERROR if the parameters are invalid, such as a null pointer to the structure. msg is set to null if - there is no error message. inflateInit does not perform any decompression - apart from possibly reading the zlib header if present: actual decompression - will be done by inflate(). (So next_in and avail_in may be modified, but - next_out and avail_out are unused and unchanged.) The current implementation - of inflateInit() does not process any header information -- that is deferred - until inflate() is called. + there is no error message. inflateInit does not perform any decompression. + Actual decompression will be done by inflate(). So next_in, and avail_in, + next_out, and avail_out are unused and unchanged. The current + implementation of inflateInit() does not process any header information -- + that is deferred until inflate() is called. */ @@ -401,17 +409,20 @@ ZEXTERN int ZEXPORT inflate OF((z_streamp strm, int flush)); - Decompress more input starting at next_in and update next_in and avail_in accordingly. If not all input can be processed (because there is not - enough room in the output buffer), next_in is updated and processing will - resume at this point for the next call of inflate(). + enough room in the output buffer), then next_in and avail_in are updated + accordingly, and processing will resume at this point for the next call of + inflate(). - - Provide more output starting at next_out and update next_out and avail_out + - Generate more output starting at next_out and update next_out and avail_out accordingly. inflate() provides as much output as possible, until there is no more input data or no more space in the output buffer (see below about the flush parameter). Before the call of inflate(), the application should ensure that at least one of the actions is possible, by providing more input and/or consuming more - output, and updating the next_* and avail_* values accordingly. The + output, and updating the next_* and avail_* values accordingly. If the + caller of inflate() does not provide both available input and available + output space, it is possible that there will be no progress made. The application can consume the uncompressed output when it wants, for example when the output buffer is full (avail_out == 0), or after each call of inflate(). If inflate returns Z_OK and with zero avail_out, it must be @@ -428,7 +439,7 @@ ZEXTERN int ZEXPORT inflate OF((z_streamp strm, int flush)); gets to the end of that block, or when it runs out of data. The Z_BLOCK option assists in appending to or combining deflate streams. - Also to assist in this, on return inflate() will set strm->data_type to the + To assist in this, on return inflate() always sets strm->data_type to the number of unused bits in the last byte taken from strm->next_in, plus 64 if inflate() is currently decoding the last block in the deflate stream, plus 128 if inflate() returned immediately after decoding an end-of-block code or @@ -454,7 +465,7 @@ ZEXTERN int ZEXPORT inflate OF((z_streamp strm, int flush)); this case all pending input is processed and all pending output is flushed; avail_out must be large enough to hold all of the uncompressed data for the operation to complete. (The size of the uncompressed data may have been - saved by the compressor for this purpose.) The use of Z_FINISH is not + saved by the compressor for this purpose.) The use of Z_FINISH is not required to perform an inflation in one step. However it may be used to inform inflate that a faster approach can be used for the single inflate() call. Z_FINISH also informs inflate to not maintain a sliding window if the @@ -476,32 +487,33 @@ ZEXTERN int ZEXPORT inflate OF((z_streamp strm, int flush)); chosen by the compressor and returns Z_NEED_DICT; otherwise it sets strm->adler to the Adler-32 checksum of all output produced so far (that is, total_out bytes) and returns Z_OK, Z_STREAM_END or an error code as described - below. At the end of the stream, inflate() checks that its computed adler32 + below. At the end of the stream, inflate() checks that its computed Adler-32 checksum is equal to that saved by the compressor and returns Z_STREAM_END only if the checksum is correct. inflate() can decompress and check either zlib-wrapped or gzip-wrapped deflate data. The header type is detected automatically, if requested when initializing with inflateInit2(). Any information contained in the gzip - header is not retained, so applications that need that information should - instead use raw inflate, see inflateInit2() below, or inflateBack() and - perform their own processing of the gzip header and trailer. When processing + header is not retained unless inflateGetHeader() is used. When processing gzip-wrapped deflate data, strm->adler32 is set to the CRC-32 of the output - producted so far. The CRC-32 is checked against the gzip trailer. + produced so far. The CRC-32 is checked against the gzip trailer, as is the + uncompressed length, modulo 2^32. inflate() returns Z_OK if some progress has been made (more input processed or more output produced), Z_STREAM_END if the end of the compressed data has been reached and all uncompressed output has been produced, Z_NEED_DICT if a preset dictionary is needed at this point, Z_DATA_ERROR if the input data was corrupted (input stream not conforming to the zlib format or incorrect check - value), Z_STREAM_ERROR if the stream structure was inconsistent (for example - next_in or next_out was Z_NULL), Z_MEM_ERROR if there was not enough memory, - Z_BUF_ERROR if no progress is possible or if there was not enough room in the - output buffer when Z_FINISH is used. Note that Z_BUF_ERROR is not fatal, and + value, in which case strm->msg points to a string with a more specific + error), Z_STREAM_ERROR if the stream structure was inconsistent (for example + next_in or next_out was Z_NULL, or the state was inadvertently written over + by the application), Z_MEM_ERROR if there was not enough memory, Z_BUF_ERROR + if no progress was possible or if there was not enough room in the output + buffer when Z_FINISH is used. Note that Z_BUF_ERROR is not fatal, and inflate() can be called again with more input and more output space to continue decompressing. If Z_DATA_ERROR is returned, the application may then call inflateSync() to look for a good compression block if a partial - recovery of the data is desired. + recovery of the data is to be attempted. */ @@ -511,9 +523,8 @@ ZEXTERN int ZEXPORT inflateEnd OF((z_streamp strm)); This function discards any unprocessed input and does not flush any pending output. - inflateEnd returns Z_OK if success, Z_STREAM_ERROR if the stream state - was inconsistent. In the error case, msg may be set but then points to a - static string (which must not be deallocated). + inflateEnd returns Z_OK if success, or Z_STREAM_ERROR if the stream state + was inconsistent. */ @@ -544,16 +555,29 @@ ZEXTERN int ZEXPORT deflateInit2 OF((z_streamp strm, compression at the expense of memory usage. The default value is 15 if deflateInit is used instead. + For the current implementation of deflate(), a windowBits value of 8 (a + window size of 256 bytes) is not supported. As a result, a request for 8 + will result in 9 (a 512-byte window). In that case, providing 8 to + inflateInit2() will result in an error when the zlib header with 9 is + checked against the initialization of inflate(). The remedy is to not use 8 + with deflateInit2() with this initialization, or at least in that case use 9 + with inflateInit2(). + windowBits can also be -8..-15 for raw deflate. In this case, -windowBits determines the window size. deflate() will then generate raw deflate data - with no zlib header or trailer, and will not compute an adler32 check value. + with no zlib header or trailer, and will not compute a check value. windowBits can also be greater than 15 for optional gzip encoding. Add 16 to windowBits to write a simple gzip header and trailer around the compressed data instead of a zlib wrapper. The gzip header will have no file name, no extra data, no comment, no modification time (set to zero), no - header crc, and the operating system will be set to 255 (unknown). If a - gzip stream is being written, strm->adler is a crc32 instead of an adler32. + header crc, and the operating system will be set to the appropriate value, + if the operating system was determined at compile time. If a gzip stream is + being written, strm->adler is a CRC-32 instead of an Adler-32. + + For raw deflate or gzip encoding, a request for a 256-byte window is + rejected as invalid, since only the zlib header provides a means of + transmitting the window size to the decompressor. The memLevel parameter specifies how much memory should be allocated for the internal compression state. memLevel=1 uses minimum memory but is @@ -614,12 +638,12 @@ ZEXTERN int ZEXPORT deflateSetDictionary OF((z_streamp strm, addition, the current implementation of deflate will use at most the window size minus 262 bytes of the provided dictionary. - Upon return of this function, strm->adler is set to the adler32 value + Upon return of this function, strm->adler is set to the Adler-32 value of the dictionary; the decompressor may later use this value to determine - which dictionary has been used by the compressor. (The adler32 value + which dictionary has been used by the compressor. (The Adler-32 value applies to the whole dictionary even if only a subset of the dictionary is actually used by the compressor.) If a raw deflate was requested, then the - adler32 value is not computed and strm->adler is not set. + Adler-32 value is not computed and strm->adler is not set. deflateSetDictionary returns Z_OK if success, or Z_STREAM_ERROR if a parameter is invalid (e.g. dictionary being Z_NULL) or the stream state is @@ -628,6 +652,28 @@ ZEXTERN int ZEXPORT deflateSetDictionary OF((z_streamp strm, not perform any compression: this will be done by deflate(). */ +ZEXTERN int ZEXPORT deflateGetDictionary OF((z_streamp strm, + Bytef *dictionary, + uInt *dictLength)); +/* + Returns the sliding dictionary being maintained by deflate. dictLength is + set to the number of bytes in the dictionary, and that many bytes are copied + to dictionary. dictionary must have enough space, where 32768 bytes is + always enough. If deflateGetDictionary() is called with dictionary equal to + Z_NULL, then only the dictionary length is returned, and nothing is copied. + Similary, if dictLength is Z_NULL, then it is not set. + + deflateGetDictionary() may return a length less than the window size, even + when more than the window size in input has been provided. It may return up + to 258 bytes less in that case, due to how zlib's implementation of deflate + manages the sliding window and lookahead for matches, where matches can be + up to 258 bytes long. If the application needs the last window-size bytes of + input, then that would need to be saved by the application outside of zlib. + + deflateGetDictionary returns Z_OK on success, or Z_STREAM_ERROR if the + stream state is inconsistent. +*/ + ZEXTERN int ZEXPORT deflateCopy OF((z_streamp dest, z_streamp source)); /* @@ -648,10 +694,10 @@ ZEXTERN int ZEXPORT deflateCopy OF((z_streamp dest, ZEXTERN int ZEXPORT deflateReset OF((z_streamp strm)); /* - This function is equivalent to deflateEnd followed by deflateInit, - but does not free and reallocate all the internal compression state. The - stream will keep the same compression level and any other attributes that - may have been set by deflateInit2. + This function is equivalent to deflateEnd followed by deflateInit, but + does not free and reallocate the internal compression state. The stream + will leave the compression level and any other attributes that may have been + set unchanged. deflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source stream state was inconsistent (such as zalloc or state being Z_NULL). @@ -662,20 +708,36 @@ ZEXTERN int ZEXPORT deflateParams OF((z_streamp strm, int strategy)); /* Dynamically update the compression level and compression strategy. The - interpretation of level and strategy is as in deflateInit2. This can be + interpretation of level and strategy is as in deflateInit2(). This can be used to switch between compression and straight copy of the input data, or to switch to a different kind of input data requiring a different strategy. - If the compression level is changed, the input available so far is - compressed with the old level (and may be flushed); the new level will take - effect only at the next call of deflate(). - - Before the call of deflateParams, the stream state must be set as for - a call of deflate(), since the currently available input may have to be - compressed and flushed. In particular, strm->avail_out must be non-zero. - - deflateParams returns Z_OK if success, Z_STREAM_ERROR if the source - stream state was inconsistent or if a parameter was invalid, Z_BUF_ERROR if - strm->avail_out was zero. + If the compression approach (which is a function of the level) or the + strategy is changed, and if any input has been consumed in a previous + deflate() call, then the input available so far is compressed with the old + level and strategy using deflate(strm, Z_BLOCK). There are three approaches + for the compression levels 0, 1..3, and 4..9 respectively. The new level + and strategy will take effect at the next call of deflate(). + + If a deflate(strm, Z_BLOCK) is performed by deflateParams(), and it does + not have enough output space to complete, then the parameter change will not + take effect. In this case, deflateParams() can be called again with the + same parameters and more output space to try again. + + In order to assure a change in the parameters on the first try, the + deflate stream should be flushed using deflate() with Z_BLOCK or other flush + request until strm.avail_out is not zero, before calling deflateParams(). + Then no more input data should be provided before the deflateParams() call. + If this is done, the old level and strategy will be applied to the data + compressed before deflateParams(), and the new level and strategy will be + applied to the the data compressed after deflateParams(). + + deflateParams returns Z_OK on success, Z_STREAM_ERROR if the source stream + state was inconsistent or if a parameter was invalid, or Z_BUF_ERROR if + there was not enough output space to complete the compression of the + available input data before a change in the strategy or approach. Note that + in the case of a Z_BUF_ERROR, the parameters are not changed. A return + value of Z_BUF_ERROR is not fatal, in which case deflateParams() can be + retried with more output space. */ ZEXTERN int ZEXPORT deflateTune OF((z_streamp strm, @@ -793,7 +855,7 @@ ZEXTERN int ZEXPORT inflateInit2 OF((z_streamp strm, is for use with other formats that use the deflate compressed data format such as zip. Those formats provide their own check values. If a custom format is developed using the raw deflate format for compressed data, it is - recommended that a check value such as an adler32 or a crc32 be applied to + recommended that a check value such as an Adler-32 or a CRC-32 be applied to the uncompressed data as is done in the zlib, gzip, and zip formats. For most applications, the zlib format should be used as is. Note that comments above on the use in deflateInit2() applies to the magnitude of windowBits. @@ -802,7 +864,10 @@ ZEXTERN int ZEXPORT inflateInit2 OF((z_streamp strm, 32 to windowBits to enable zlib and gzip decoding with automatic header detection, or add 16 to decode only the gzip format (the zlib format will return a Z_DATA_ERROR). If a gzip stream is being decoded, strm->adler is a - crc32 instead of an adler32. + CRC-32 instead of an Adler-32. Unlike the gunzip utility and gzread() (see + below), inflate() will not automatically decode concatenated gzip streams. + inflate() will return Z_STREAM_END at the end of the gzip stream. The state + would need to be reset to continue decoding a subsequent gzip stream. inflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was not enough memory, Z_VERSION_ERROR if the zlib library version is incompatible with the @@ -823,7 +888,7 @@ ZEXTERN int ZEXPORT inflateSetDictionary OF((z_streamp strm, Initializes the decompression dictionary from the given uncompressed byte sequence. This function must be called immediately after a call of inflate, if that call returned Z_NEED_DICT. The dictionary chosen by the compressor - can be determined from the adler32 value returned by that call of inflate. + can be determined from the Adler-32 value returned by that call of inflate. The compressor and decompressor must use exactly the same dictionary (see deflateSetDictionary). For raw inflate, this function can be called at any time to set the dictionary. If the provided dictionary is smaller than the @@ -834,7 +899,7 @@ ZEXTERN int ZEXPORT inflateSetDictionary OF((z_streamp strm, inflateSetDictionary returns Z_OK if success, Z_STREAM_ERROR if a parameter is invalid (e.g. dictionary being Z_NULL) or the stream state is inconsistent, Z_DATA_ERROR if the given dictionary doesn't match the - expected one (incorrect adler32 value). inflateSetDictionary does not + expected one (incorrect Adler-32 value). inflateSetDictionary does not perform any decompression: this will be done by subsequent calls of inflate(). */ @@ -892,7 +957,7 @@ ZEXTERN int ZEXPORT inflateCopy OF((z_streamp dest, ZEXTERN int ZEXPORT inflateReset OF((z_streamp strm)); /* This function is equivalent to inflateEnd followed by inflateInit, - but does not free and reallocate all the internal decompression state. The + but does not free and reallocate the internal decompression state. The stream will keep attributes that may have been set by inflateInit2. inflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source @@ -904,7 +969,9 @@ ZEXTERN int ZEXPORT inflateReset2 OF((z_streamp strm, /* This function is the same as inflateReset, but it also permits changing the wrap and window size requests. The windowBits parameter is interpreted - the same as it is for inflateInit2. + the same as it is for inflateInit2. If the window size is changed, then the + memory allocated for the window is freed, and the window will be reallocated + by inflate() if needed. inflateReset2 returns Z_OK if success, or Z_STREAM_ERROR if the source stream state was inconsistent (such as zalloc or state being Z_NULL), or if @@ -956,7 +1023,7 @@ ZEXTERN long ZEXPORT inflateMark OF((z_streamp strm)); location in the input stream can be determined from avail_in and data_type as noted in the description for the Z_BLOCK flush parameter for inflate. - inflateMark returns the value noted above or -1 << 16 if the provided + inflateMark returns the value noted above, or -65536 if the provided source stream state was inconsistent. */ @@ -1048,9 +1115,9 @@ ZEXTERN int ZEXPORT inflateBack OF((z_streamp strm, This routine would normally be used in a utility that reads zip or gzip files and writes out uncompressed files. The utility would decode the header and process the trailer on its own, hence this routine expects only - the raw deflate stream to decompress. This is different from the normal - behavior of inflate(), which expects either a zlib or gzip header and - trailer around the deflate stream. + the raw deflate stream to decompress. This is different from the default + behavior of inflate(), which expects a zlib header and trailer around the + deflate stream. inflateBack() uses two subroutines supplied by the caller that are then called by inflateBack() for input and output. inflateBack() calls those @@ -1059,12 +1126,12 @@ ZEXTERN int ZEXPORT inflateBack OF((z_streamp strm, parameters and return types are defined above in the in_func and out_func typedefs. inflateBack() will call in(in_desc, &buf) which should return the number of bytes of provided input, and a pointer to that input in buf. If - there is no input available, in() must return zero--buf is ignored in that - case--and inflateBack() will return a buffer error. inflateBack() will call - out(out_desc, buf, len) to write the uncompressed data buf[0..len-1]. out() - should return zero on success, or non-zero on failure. If out() returns - non-zero, inflateBack() will return with an error. Neither in() nor out() - are permitted to change the contents of the window provided to + there is no input available, in() must return zero -- buf is ignored in that + case -- and inflateBack() will return a buffer error. inflateBack() will + call out(out_desc, buf, len) to write the uncompressed data buf[0..len-1]. + out() should return zero on success, or non-zero on failure. If out() + returns non-zero, inflateBack() will return with an error. Neither in() nor + out() are permitted to change the contents of the window provided to inflateBackInit(), which is also the buffer that out() uses to write from. The length written by out() will be at most the window size. Any non-zero amount of input may be provided by in(). @@ -1092,7 +1159,7 @@ ZEXTERN int ZEXPORT inflateBack OF((z_streamp strm, using strm->next_in which will be Z_NULL only if in() returned an error. If strm->next_in is not Z_NULL, then the Z_BUF_ERROR was due to out() returning non-zero. (in() will always be called before out(), so strm->next_in is - assured to be defined if out() returns non-zero.) Note that inflateBack() + assured to be defined if out() returns non-zero.) Note that inflateBack() cannot return Z_OK. */ @@ -1114,7 +1181,7 @@ ZEXTERN uLong ZEXPORT zlibCompileFlags OF((void)); 7.6: size of z_off_t Compiler, assembler, and debug options: - 8: DEBUG + 8: ZLIB_DEBUG 9: ASMV or ASMINF -- use ASM code 10: ZLIB_WINAPI -- exported functions use the WINAPI calling convention 11: 0 (reserved) @@ -1164,7 +1231,8 @@ ZEXTERN int ZEXPORT compress OF((Bytef *dest, uLongf *destLen, the byte length of the source buffer. Upon entry, destLen is the total size of the destination buffer, which must be at least the value returned by compressBound(sourceLen). Upon exit, destLen is the actual size of the - compressed buffer. + compressed data. compress() is equivalent to compress2() with a level + parameter of Z_DEFAULT_COMPRESSION. compress returns Z_OK if success, Z_MEM_ERROR if there was not enough memory, Z_BUF_ERROR if there was not enough room in the output @@ -1180,7 +1248,7 @@ ZEXTERN int ZEXPORT compress2 OF((Bytef *dest, uLongf *destLen, length of the source buffer. Upon entry, destLen is the total size of the destination buffer, which must be at least the value returned by compressBound(sourceLen). Upon exit, destLen is the actual size of the - compressed buffer. + compressed data. compress2 returns Z_OK if success, Z_MEM_ERROR if there was not enough memory, Z_BUF_ERROR if there was not enough room in the output buffer, @@ -1203,7 +1271,7 @@ ZEXTERN int ZEXPORT uncompress OF((Bytef *dest, uLongf *destLen, uncompressed data. (The size of the uncompressed data must have been saved previously by the compressor and transmitted to the decompressor by some mechanism outside the scope of this compression library.) Upon exit, destLen - is the actual size of the uncompressed buffer. + is the actual size of the uncompressed data. uncompress returns Z_OK if success, Z_MEM_ERROR if there was not enough memory, Z_BUF_ERROR if there was not enough room in the output @@ -1212,6 +1280,14 @@ ZEXTERN int ZEXPORT uncompress OF((Bytef *dest, uLongf *destLen, buffer with the uncompressed data up to that point. */ +ZEXTERN int ZEXPORT uncompress2 OF((Bytef *dest, uLongf *destLen, + const Bytef *source, uLong *sourceLen)); +/* + Same as uncompress, except that sourceLen is a pointer, where the + length of the source is *sourceLen. On return, *sourceLen is the number of + source bytes consumed. +*/ + /* gzip file access functions */ /* @@ -1290,10 +1366,9 @@ ZEXTERN int ZEXPORT gzbuffer OF((gzFile file, unsigned size)); default buffer size is 8192 bytes. This function must be called after gzopen() or gzdopen(), and before any other calls that read or write the file. The buffer memory allocation is always deferred to the first read or - write. Two buffers are allocated, either both of the specified size when - writing, or one of the specified size and the other twice that size when - reading. A larger buffer size of, for example, 64K or 128K bytes will - noticeably increase the speed of decompression (reading). + write. Three times that size in buffer space is allocated. A larger buffer + size of, for example, 64K or 128K bytes will noticeably increase the speed + of decompression (reading). The new buffer size also affects the maximum length for gzprintf(). @@ -1304,10 +1379,12 @@ ZEXTERN int ZEXPORT gzbuffer OF((gzFile file, unsigned size)); ZEXTERN int ZEXPORT gzsetparams OF((gzFile file, int level, int strategy)); /* Dynamically update the compression level or strategy. See the description - of deflateInit2 for the meaning of these parameters. + of deflateInit2 for the meaning of these parameters. Previously provided + data is flushed before the parameter change. - gzsetparams returns Z_OK if success, or Z_STREAM_ERROR if the file was not - opened for writing. + gzsetparams returns Z_OK if success, Z_STREAM_ERROR if the file was not + opened for writing, Z_ERRNO if there is an error writing the flushed data, + or Z_MEM_ERROR if there is a memory allocation error. */ ZEXTERN int ZEXPORT gzread OF((gzFile file, voidp buf, unsigned len)); @@ -1335,7 +1412,35 @@ ZEXTERN int ZEXPORT gzread OF((gzFile file, voidp buf, unsigned len)); case. gzread returns the number of uncompressed bytes actually read, less than - len for end of file, or -1 for error. + len for end of file, or -1 for error. If len is too large to fit in an int, + then nothing is read, -1 is returned, and the error state is set to + Z_STREAM_ERROR. +*/ + +ZEXTERN z_size_t ZEXPORT gzfread OF((voidp buf, z_size_t size, z_size_t nitems, + gzFile file)); +/* + Read up to nitems items of size size from file to buf, otherwise operating + as gzread() does. This duplicates the interface of stdio's fread(), with + size_t request and return types. If the library defines size_t, then + z_size_t is identical to size_t. If not, then z_size_t is an unsigned + integer type that can contain a pointer. + + gzfread() returns the number of full items read of size size, or zero if + the end of the file was reached and a full item could not be read, or if + there was an error. gzerror() must be consulted if zero is returned in + order to determine if there was an error. If the multiplication of size and + nitems overflows, i.e. the product does not fit in a z_size_t, then nothing + is read, zero is returned, and the error state is set to Z_STREAM_ERROR. + + In the event that the end of file is reached and only a partial item is + available at the end, i.e. the remaining uncompressed data length is not a + multiple of size, then the final partial item is nevetheless read into buf + and the end-of-file flag is set. The length of the partial item read is not + provided, but could be inferred from the result of gztell(). This behavior + is the same as the behavior of fread() implementations in common libraries, + but it prevents the direct use of gzfread() to read a concurrently written + file, reseting and retrying on end-of-file, when size is not 1. */ ZEXTERN int ZEXPORT gzwrite OF((gzFile file, @@ -1346,19 +1451,33 @@ ZEXTERN int ZEXPORT gzwrite OF((gzFile file, error. */ +ZEXTERN z_size_t ZEXPORT gzfwrite OF((voidpc buf, z_size_t size, + z_size_t nitems, gzFile file)); +/* + gzfwrite() writes nitems items of size size from buf to file, duplicating + the interface of stdio's fwrite(), with size_t request and return types. If + the library defines size_t, then z_size_t is identical to size_t. If not, + then z_size_t is an unsigned integer type that can contain a pointer. + + gzfwrite() returns the number of full items written of size size, or zero + if there was an error. If the multiplication of size and nitems overflows, + i.e. the product does not fit in a z_size_t, then nothing is written, zero + is returned, and the error state is set to Z_STREAM_ERROR. +*/ + ZEXTERN int ZEXPORTVA gzprintf Z_ARG((gzFile file, const char *format, ...)); /* Converts, formats, and writes the arguments to the compressed file under control of the format string, as in fprintf. gzprintf returns the number of - uncompressed bytes actually written, or 0 in case of error. The number of - uncompressed bytes written is limited to 8191, or one less than the buffer - size given to gzbuffer(). The caller should assure that this limit is not - exceeded. If it is exceeded, then gzprintf() will return an error (0) with - nothing written. In this case, there may also be a buffer overflow with - unpredictable consequences, which is possible only if zlib was compiled with - the insecure functions sprintf() or vsprintf() because the secure snprintf() - or vsnprintf() functions were not available. This can be determined using - zlibCompileFlags(). + uncompressed bytes actually written, or a negative zlib error code in case + of error. The number of uncompressed bytes written is limited to 8191, or + one less than the buffer size given to gzbuffer(). The caller should assure + that this limit is not exceeded. If it is exceeded, then gzprintf() will + return an error (0) with nothing written. In this case, there may also be a + buffer overflow with unpredictable consequences, which is possible only if + zlib was compiled with the insecure functions sprintf() or vsprintf() + because the secure snprintf() or vsnprintf() functions were not available. + This can be determined using zlibCompileFlags(). */ ZEXTERN int ZEXPORT gzputs OF((gzFile file, const char *s)); @@ -1418,7 +1537,7 @@ ZEXTERN int ZEXPORT gzflush OF((gzFile file, int flush)); If the flush parameter is Z_FINISH, the remaining data is written and the gzip stream is completed in the output. If gzwrite() is called again, a new gzip stream will be started in the output. gzread() is able to read such - concatented gzip streams. + concatenated gzip streams. gzflush should be called only when strictly necessary because it will degrade compression if called too often. @@ -1572,7 +1691,7 @@ ZEXTERN uLong ZEXPORT adler32 OF((uLong adler, const Bytef *buf, uInt len)); return the updated checksum. If buf is Z_NULL, this function returns the required initial value for the checksum. - An Adler-32 checksum is almost as reliable as a CRC32 but can be computed + An Adler-32 checksum is almost as reliable as a CRC-32 but can be computed much faster. Usage example: @@ -1585,6 +1704,12 @@ ZEXTERN uLong ZEXPORT adler32 OF((uLong adler, const Bytef *buf, uInt len)); if (adler != original_adler) error(); */ +ZEXTERN uLong ZEXPORT adler32_z OF((uLong adler, const Bytef *buf, + z_size_t len)); +/* + Same as adler32(), but with a size_t length. +*/ + /* ZEXTERN uLong ZEXPORT adler32_combine OF((uLong adler1, uLong adler2, z_off_t len2)); @@ -1614,6 +1739,12 @@ ZEXTERN uLong ZEXPORT crc32 OF((uLong crc, const Bytef *buf, uInt len)); if (crc != original_crc) error(); */ +ZEXTERN uLong ZEXPORT crc32_z OF((uLong adler, const Bytef *buf, + z_size_t len)); +/* + Same as crc32(), but with a size_t length. +*/ + /* ZEXTERN uLong ZEXPORT crc32_combine OF((uLong crc1, uLong crc2, z_off_t len2)); @@ -1644,19 +1775,35 @@ ZEXTERN int ZEXPORT inflateBackInit_ OF((z_streamp strm, int windowBits, unsigned char FAR *window, const char *version, int stream_size)); -#define deflateInit(strm, level) \ - deflateInit_((strm), (level), ZLIB_VERSION, (int)sizeof(z_stream)) -#define inflateInit(strm) \ - inflateInit_((strm), ZLIB_VERSION, (int)sizeof(z_stream)) -#define deflateInit2(strm, level, method, windowBits, memLevel, strategy) \ - deflateInit2_((strm),(level),(method),(windowBits),(memLevel),\ - (strategy), ZLIB_VERSION, (int)sizeof(z_stream)) -#define inflateInit2(strm, windowBits) \ - inflateInit2_((strm), (windowBits), ZLIB_VERSION, \ - (int)sizeof(z_stream)) -#define inflateBackInit(strm, windowBits, window) \ - inflateBackInit_((strm), (windowBits), (window), \ - ZLIB_VERSION, (int)sizeof(z_stream)) +#ifdef Z_PREFIX_SET +# define z_deflateInit(strm, level) \ + deflateInit_((strm), (level), ZLIB_VERSION, (int)sizeof(z_stream)) +# define z_inflateInit(strm) \ + inflateInit_((strm), ZLIB_VERSION, (int)sizeof(z_stream)) +# define z_deflateInit2(strm, level, method, windowBits, memLevel, strategy) \ + deflateInit2_((strm),(level),(method),(windowBits),(memLevel),\ + (strategy), ZLIB_VERSION, (int)sizeof(z_stream)) +# define z_inflateInit2(strm, windowBits) \ + inflateInit2_((strm), (windowBits), ZLIB_VERSION, \ + (int)sizeof(z_stream)) +# define z_inflateBackInit(strm, windowBits, window) \ + inflateBackInit_((strm), (windowBits), (window), \ + ZLIB_VERSION, (int)sizeof(z_stream)) +#else +# define deflateInit(strm, level) \ + deflateInit_((strm), (level), ZLIB_VERSION, (int)sizeof(z_stream)) +# define inflateInit(strm) \ + inflateInit_((strm), ZLIB_VERSION, (int)sizeof(z_stream)) +# define deflateInit2(strm, level, method, windowBits, memLevel, strategy) \ + deflateInit2_((strm),(level),(method),(windowBits),(memLevel),\ + (strategy), ZLIB_VERSION, (int)sizeof(z_stream)) +# define inflateInit2(strm, windowBits) \ + inflateInit2_((strm), (windowBits), ZLIB_VERSION, \ + (int)sizeof(z_stream)) +# define inflateBackInit(strm, windowBits, window) \ + inflateBackInit_((strm), (windowBits), (window), \ + ZLIB_VERSION, (int)sizeof(z_stream)) +#endif #ifndef Z_SOLO @@ -1676,11 +1823,10 @@ ZEXTERN int ZEXPORT gzgetc_ OF((gzFile file)); /* backward compatibility */ #ifdef Z_PREFIX_SET # undef z_gzgetc # define z_gzgetc(g) \ - ((g)->have ? ((g)->have--, (g)->pos++, *((g)->next)++) : gzgetc(g)) + ((g)->have ? ((g)->have--, (g)->pos++, *((g)->next)++) : (gzgetc)(g)) #else -# undef gzgetc # define gzgetc(g) \ - ((g)->have ? ((g)->have--, (g)->pos++, *((g)->next)++) : gzgetc(g)) + ((g)->have ? ((g)->have--, (g)->pos++, *((g)->next)++) : (gzgetc)(g)) #endif /* provide 64-bit offset functions if _LARGEFILE64_SOURCE defined, and/or @@ -1738,19 +1884,16 @@ ZEXTERN int ZEXPORT gzgetc_ OF((gzFile file)); /* backward compatibility */ #endif /* !Z_SOLO */ -/* hack for buggy compilers */ -#if !defined(ZUTIL_H) && !defined(NO_DUMMY_DECL) - struct internal_state {int dummy;}; -#endif - /* undocumented functions */ ZEXTERN const char * ZEXPORT zError OF((int)); ZEXTERN int ZEXPORT inflateSyncPoint OF((z_streamp)); ZEXTERN const z_crc_t FAR * ZEXPORT get_crc_table OF((void)); ZEXTERN int ZEXPORT inflateUndermine OF((z_streamp, int)); +ZEXTERN int ZEXPORT inflateValidate OF((z_streamp, int)); +ZEXTERN unsigned long ZEXPORT inflateCodesUsed OF ((z_streamp)); ZEXTERN int ZEXPORT inflateResetKeep OF((z_streamp)); ZEXTERN int ZEXPORT deflateResetKeep OF((z_streamp)); -#if defined(_WIN32) && !defined(Z_SOLO) +#if (defined(_WIN32) || defined(__CYGWIN__)) && !defined(Z_SOLO) ZEXTERN gzFile ZEXPORT gzopen_w OF((const wchar_t *path, const char *mode)); #endif diff --git a/modules/zlib/src/zutil.c b/modules/zlib/src/zutil.c index 23d2ebef00..a76c6b0c7e 100644 --- a/modules/zlib/src/zutil.c +++ b/modules/zlib/src/zutil.c @@ -1,5 +1,5 @@ /* zutil.c -- target dependent utility functions for the compression library - * Copyright (C) 1995-2005, 2010, 2011, 2012 Jean-loup Gailly. + * Copyright (C) 1995-2017 Jean-loup Gailly * For conditions of distribution and use, see copyright notice in zlib.h */ @@ -10,21 +10,18 @@ # include "gzguts.h" #endif -#ifndef NO_DUMMY_DECL -struct internal_state {int dummy;}; /* for buggy compilers */ -#endif - z_const char * const z_errmsg[10] = { -"need dictionary", /* Z_NEED_DICT 2 */ -"stream end", /* Z_STREAM_END 1 */ -"", /* Z_OK 0 */ -"file error", /* Z_ERRNO (-1) */ -"stream error", /* Z_STREAM_ERROR (-2) */ -"data error", /* Z_DATA_ERROR (-3) */ -"insufficient memory", /* Z_MEM_ERROR (-4) */ -"buffer error", /* Z_BUF_ERROR (-5) */ -"incompatible version",/* Z_VERSION_ERROR (-6) */ -""}; + (z_const char *)"need dictionary", /* Z_NEED_DICT 2 */ + (z_const char *)"stream end", /* Z_STREAM_END 1 */ + (z_const char *)"", /* Z_OK 0 */ + (z_const char *)"file error", /* Z_ERRNO (-1) */ + (z_const char *)"stream error", /* Z_STREAM_ERROR (-2) */ + (z_const char *)"data error", /* Z_DATA_ERROR (-3) */ + (z_const char *)"insufficient memory", /* Z_MEM_ERROR (-4) */ + (z_const char *)"buffer error", /* Z_BUF_ERROR (-5) */ + (z_const char *)"incompatible version",/* Z_VERSION_ERROR (-6) */ + (z_const char *)"" +}; const char * ZEXPORT zlibVersion() @@ -61,7 +58,7 @@ uLong ZEXPORT zlibCompileFlags() case 8: flags += 2 << 6; break; default: flags += 3 << 6; } -#ifdef DEBUG +#ifdef ZLIB_DEBUG flags += 1 << 8; #endif #if defined(ASMV) || defined(ASMINF) @@ -115,8 +112,8 @@ uLong ZEXPORT zlibCompileFlags() return flags; } -#ifdef DEBUG - +#ifdef ZLIB_DEBUG +#include <stdlib.h> # ifndef verbose # define verbose 0 # endif @@ -219,9 +216,11 @@ local ptr_table table[MAX_PTR]; voidpf ZLIB_INTERNAL zcalloc (voidpf opaque, unsigned items, unsigned size) { - voidpf buf = opaque; /* just to make some compilers happy */ + voidpf buf; ulg bsize = (ulg)items*size; + (void)opaque; + /* If we allocate less than 65520 bytes, we assume that farmalloc * will return a usable pointer which doesn't have to be normalized. */ @@ -244,6 +243,9 @@ voidpf ZLIB_INTERNAL zcalloc (voidpf opaque, unsigned items, unsigned size) void ZLIB_INTERNAL zcfree (voidpf opaque, voidpf ptr) { int n; + + (void)opaque; + if (*(ush*)&ptr != 0) { /* object < 64K */ farfree(ptr); return; @@ -259,7 +261,6 @@ void ZLIB_INTERNAL zcfree (voidpf opaque, voidpf ptr) next_ptr--; return; } - ptr = opaque; /* just to make some compilers happy */ Assert(0, "zcfree: ptr not found"); } @@ -278,13 +279,13 @@ void ZLIB_INTERNAL zcfree (voidpf opaque, voidpf ptr) voidpf ZLIB_INTERNAL zcalloc (voidpf opaque, uInt items, uInt size) { - if (opaque) opaque = 0; /* to make compiler happy */ + (void)opaque; return _halloc((long)items, size); } void ZLIB_INTERNAL zcfree (voidpf opaque, voidpf ptr) { - if (opaque) opaque = 0; /* to make compiler happy */ + (void)opaque; _hfree(ptr); } @@ -306,7 +307,7 @@ voidpf ZLIB_INTERNAL zcalloc (opaque, items, size) unsigned items; unsigned size; { - if (opaque) items += size - size; /* make compiler happy */ + (void)opaque; return sizeof(uInt) > 2 ? (voidpf)malloc(items * size) : (voidpf)calloc(items, size); } @@ -315,8 +316,8 @@ void ZLIB_INTERNAL zcfree (opaque, ptr) voidpf opaque; voidpf ptr; { + (void)opaque; free(ptr); - if (opaque) return; /* make compiler happy */ } #endif /* MY_ZCALLOC */ diff --git a/modules/zlib/src/zutil.h b/modules/zlib/src/zutil.h index 18fbef2aa4..b079ea6a80 100644 --- a/modules/zlib/src/zutil.h +++ b/modules/zlib/src/zutil.h @@ -1,5 +1,5 @@ /* zutil.h -- internal interface and configuration of the compression library - * Copyright (C) 1995-2013 Jean-loup Gailly. + * Copyright (C) 1995-2016 Jean-loup Gailly, Mark Adler * For conditions of distribution and use, see copyright notice in zlib.h */ @@ -36,7 +36,9 @@ #ifndef local # define local static #endif -/* compile with -Dlocal if your debugger can't find static symbols */ +/* since "static" is used to mean two completely different things in C, we + define "local" for the non-static meaning of "static", for readability + (compile with -Dlocal if your debugger can't find static symbols) */ typedef unsigned char uch; typedef uch FAR uchf; @@ -98,28 +100,38 @@ extern z_const char * const z_errmsg[10]; /* indexed by 2-zlib_error */ #endif #ifdef AMIGA -# define OS_CODE 0x01 +# define OS_CODE 1 #endif #if defined(VAXC) || defined(VMS) -# define OS_CODE 0x02 +# define OS_CODE 2 # define F_OPEN(name, mode) \ fopen((name), (mode), "mbc=60", "ctx=stm", "rfm=fix", "mrs=512") #endif +#ifdef __370__ +# if __TARGET_LIB__ < 0x20000000 +# define OS_CODE 4 +# elif __TARGET_LIB__ < 0x40000000 +# define OS_CODE 11 +# else +# define OS_CODE 8 +# endif +#endif + #if defined(ATARI) || defined(atarist) -# define OS_CODE 0x05 +# define OS_CODE 5 #endif #ifdef OS2 -# define OS_CODE 0x06 +# define OS_CODE 6 # if defined(M_I86) && !defined(Z_SOLO) # include <malloc.h> # endif #endif #if defined(MACOS) || defined(TARGET_OS_MAC) -# define OS_CODE 0x07 +# define OS_CODE 7 # ifndef Z_SOLO # if defined(__MWERKS__) && __dest_os != __be_os && __dest_os != __win32_os # include <unix.h> /* for fdopen */ @@ -131,18 +143,24 @@ extern z_const char * const z_errmsg[10]; /* indexed by 2-zlib_error */ # endif #endif -#ifdef TOPS20 -# define OS_CODE 0x0a +#ifdef __acorn +# define OS_CODE 13 #endif -#ifdef WIN32 -# ifndef __CYGWIN__ /* Cygwin is Unix, not Win32 */ -# define OS_CODE 0x0b -# endif +#if defined(WIN32) && !defined(__CYGWIN__) +# define OS_CODE 10 #endif -#ifdef __50SERIES /* Prime/PRIMOS */ -# define OS_CODE 0x0f +#ifdef _BEOS_ +# define OS_CODE 16 +#endif + +#ifdef __TOS_OS400__ +# define OS_CODE 18 +#endif + +#ifdef __APPLE__ +# define OS_CODE 19 #endif #if defined(_BEOS_) || defined(RISCOS) @@ -177,7 +195,7 @@ extern z_const char * const z_errmsg[10]; /* indexed by 2-zlib_error */ /* common defaults */ #ifndef OS_CODE -# define OS_CODE 0x03 /* assume Unix */ +# define OS_CODE 3 /* assume Unix */ #endif #ifndef F_OPEN @@ -215,13 +233,8 @@ extern z_const char * const z_errmsg[10]; /* indexed by 2-zlib_error */ void ZLIB_INTERNAL zmemzero OF((Bytef* dest, uInt len)); #endif -/* Ignore the Mozilla build env's DEBUG unless ZLIB_DEBUG is also set. */ -#ifndef ZLIB_DEBUG -#undef DEBUG -#endif - /* Diagnostic functions */ -#ifdef DEBUG +#ifdef ZLIB_DEBUG # include <stdio.h> extern int ZLIB_INTERNAL z_verbose; extern void ZLIB_INTERNAL z_error OF((char *m)); diff --git a/netwerk/base/BackgroundFileSaver.cpp b/netwerk/base/BackgroundFileSaver.cpp index e4bc058262..cfe94e35ba 100644 --- a/netwerk/base/BackgroundFileSaver.cpp +++ b/netwerk/base/BackgroundFileSaver.cpp @@ -798,8 +798,6 @@ BackgroundFileSaver::NotifySaveComplete() // during the session in a telemetry histogram, and we reset the maximum // thread counter for the next download session if (sThreadCount == 0) { - Telemetry::Accumulate(Telemetry::BACKGROUNDFILESAVER_THREAD_COUNT, - sTelemetryMaxThreadCount); sTelemetryMaxThreadCount = 0; } diff --git a/netwerk/base/Predictor.cpp b/netwerk/base/Predictor.cpp index e97b11d162..12e4eb4155 100644 --- a/netwerk/base/Predictor.cpp +++ b/netwerk/base/Predictor.cpp @@ -294,26 +294,9 @@ Predictor::Action::OnCacheEntryAvailable(nsICacheEntry *entry, bool isNew, "Aborting.", this, result)); return NS_OK; } - Telemetry::AccumulateTimeDelta(Telemetry::PREDICTOR_WAIT_TIME, - mStartTime); - if (mPredict) { - bool predicted = mPredictor->PredictInternal(mPredictReason, entry, isNew, - mFullUri, mTargetURI, - mVerifier, mStackCount); - Telemetry::AccumulateTimeDelta( - Telemetry::PREDICTOR_PREDICT_WORK_TIME, mStartTime); - if (predicted) { - Telemetry::AccumulateTimeDelta( - Telemetry::PREDICTOR_PREDICT_TIME_TO_ACTION, mStartTime); - } else { - Telemetry::AccumulateTimeDelta( - Telemetry::PREDICTOR_PREDICT_TIME_TO_INACTION, mStartTime); - } - } else { + if (!mPredict) { mPredictor->LearnInternal(mLearnReason, entry, isNew, mFullUri, mTargetURI, mSourceURI); - Telemetry::AccumulateTimeDelta( - Telemetry::PREDICTOR_LEARN_WORK_TIME, mStartTime); } return NS_OK; @@ -1073,8 +1056,6 @@ Predictor::CalculateGlobalDegradation(uint32_t lastLoad) globalDegradation = mPageDegradationMax; } - Telemetry::Accumulate(Telemetry::PREDICTOR_GLOBAL_DEGRADATION, - globalDegradation); return globalDegradation; } @@ -1139,10 +1120,6 @@ Predictor::CalculateConfidence(uint32_t hitCount, uint32_t hitsPossible, confidence = std::max(confidence, 0); confidence = std::min(confidence, maxConfidence); - Telemetry::Accumulate(Telemetry::PREDICTOR_BASE_CONFIDENCE, baseConfidence); - Telemetry::Accumulate(Telemetry::PREDICTOR_SUBRESOURCE_DEGRADATION, - confidenceDegradation); - Telemetry::Accumulate(Telemetry::PREDICTOR_CONFIDENCE, confidence); return confidence; } @@ -2335,7 +2312,6 @@ Predictor::PrefetchListener::OnStopRequest(nsIRequest *aRequest, if (NS_FAILED(aStatusCode)) { return aStatusCode; } - Telemetry::AccumulateTimeDelta(Telemetry::PREDICTOR_PREFETCH_TIME, mStartTime); nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aRequest); if (!httpChannel) { diff --git a/netwerk/base/TLSServerSocket.cpp b/netwerk/base/TLSServerSocket.cpp index 257a7f5da5..97c7f54231 100644 --- a/netwerk/base/TLSServerSocket.cpp +++ b/netwerk/base/TLSServerSocket.cpp @@ -52,12 +52,12 @@ TLSServerSocket::SetSocketDefaults() SSL_OptionSet(mFD, SSL_SECURITY, true); SSL_OptionSet(mFD, SSL_HANDSHAKE_AS_CLIENT, false); SSL_OptionSet(mFD, SSL_HANDSHAKE_AS_SERVER, true); - + SSL_OptionSet(mFD, SSL_NO_CACHE, true); + // We don't currently notify the server API consumer of renegotiation events // (to revalidate peer certs, etc.), so disable it for now. SSL_OptionSet(mFD, SSL_ENABLE_RENEGOTIATION, SSL_RENEGOTIATE_NEVER); - SetSessionCache(true); SetSessionTickets(true); SetRequestClientCertificate(REQUEST_NEVER); @@ -172,18 +172,6 @@ TLSServerSocket::SetServerCert(nsIX509Cert* aCert) } NS_IMETHODIMP -TLSServerSocket::SetSessionCache(bool aEnabled) -{ - // If AsyncListen was already called (and set mListener), it's too late to set - // this. - if (NS_WARN_IF(mListener)) { - return NS_ERROR_IN_PROGRESS; - } - SSL_OptionSet(mFD, SSL_NO_CACHE, !aEnabled); - return NS_OK; -} - -NS_IMETHODIMP TLSServerSocket::SetSessionTickets(bool aEnabled) { // If AsyncListen was already called (and set mListener), it's too late to set diff --git a/netwerk/base/nsITLSServerSocket.idl b/netwerk/base/nsITLSServerSocket.idl index 57485357f5..dce54ffe74 100644 --- a/netwerk/base/nsITLSServerSocket.idl +++ b/netwerk/base/nsITLSServerSocket.idl @@ -20,15 +20,6 @@ interface nsITLSServerSocket : nsIServerSocket attribute nsIX509Cert serverCert; /** - * setSessionCache - * - * Whether the server should use a session cache. Defaults to true. This - * should be set before calling |asyncListen| if you wish to change the - * default. - */ - void setSessionCache(in boolean aSessionCache); - - /** * setSessionTickets * * Whether the server should support session tickets. Defaults to true. This diff --git a/netwerk/base/nsLoadGroup.cpp b/netwerk/base/nsLoadGroup.cpp index 51d5a9ca7e..9981bd6989 100644 --- a/netwerk/base/nsLoadGroup.cpp +++ b/netwerk/base/nsLoadGroup.cpp @@ -14,7 +14,6 @@ #include "mozilla/Logging.h" #include "nsString.h" #include "nsTArray.h" -#include "mozilla/Telemetry.h" #include "nsITimedChannel.h" #include "nsIInterfaceRequestor.h" #include "nsIRequestObserver.h" @@ -574,40 +573,6 @@ nsLoadGroup::RemoveRequest(nsIRequest *request, nsISupports* ctxt, mRequests.RemoveEntry(entry); - // Collect telemetry stats only when default request is a timed channel. - // Don't include failed requests in the timing statistics. - if (mDefaultLoadIsTimed && NS_SUCCEEDED(aStatus)) { - nsCOMPtr<nsITimedChannel> timedChannel = do_QueryInterface(request); - if (timedChannel) { - // Figure out if this request was served from the cache - ++mTimedRequests; - TimeStamp timeStamp; - rv = timedChannel->GetCacheReadStart(&timeStamp); - if (NS_SUCCEEDED(rv) && !timeStamp.IsNull()) { - ++mCachedRequests; - } - else { - mTimedNonCachedRequestsUntilOnEndPageLoad++; - } - - rv = timedChannel->GetAsyncOpen(&timeStamp); - if (NS_SUCCEEDED(rv) && !timeStamp.IsNull()) { - Telemetry::AccumulateTimeDelta( - Telemetry::HTTP_SUBITEM_OPEN_LATENCY_TIME, - mDefaultRequestCreationTime, timeStamp); - } - - rv = timedChannel->GetResponseStart(&timeStamp); - if (NS_SUCCEEDED(rv) && !timeStamp.IsNull()) { - Telemetry::AccumulateTimeDelta( - Telemetry::HTTP_SUBITEM_FIRST_BYTE_LATENCY_TIME, - mDefaultRequestCreationTime, timeStamp); - } - - TelemetryReportChannel(timedChannel, false); - } - } - if (mRequests.EntryCount() == 0) { TelemetryReport(); } @@ -815,19 +780,7 @@ nsLoadGroup::SetDefaultLoadFlags(uint32_t aFlags) void nsLoadGroup::TelemetryReport() { - if (mDefaultLoadIsTimed) { - Telemetry::Accumulate(Telemetry::HTTP_REQUEST_PER_PAGE, mTimedRequests); - if (mTimedRequests) { - Telemetry::Accumulate(Telemetry::HTTP_REQUEST_PER_PAGE_FROM_CACHE, - mCachedRequests * 100 / mTimedRequests); - } - - nsCOMPtr<nsITimedChannel> timedChannel = - do_QueryInterface(mDefaultLoadRequest); - if (timedChannel) - TelemetryReportChannel(timedChannel, true); - } - + /* STUB */ mTimedRequests = 0; mCachedRequests = 0; mDefaultLoadIsTimed = false; @@ -898,116 +851,6 @@ nsLoadGroup::TelemetryReportChannel(nsITimedChannel *aTimedChannel, rv = aTimedChannel->GetResponseEnd(&responseEnd); if (NS_FAILED(rv)) return; - -#define HTTP_REQUEST_HISTOGRAMS(prefix) \ - if (!domainLookupStart.IsNull()) { \ - Telemetry::AccumulateTimeDelta( \ - Telemetry::HTTP_##prefix##_DNS_ISSUE_TIME, \ - asyncOpen, domainLookupStart); \ - } \ - \ - if (!domainLookupStart.IsNull() && !domainLookupEnd.IsNull()) { \ - Telemetry::AccumulateTimeDelta( \ - Telemetry::HTTP_##prefix##_DNS_LOOKUP_TIME, \ - domainLookupStart, domainLookupEnd); \ - } \ - \ - if (!secureConnectionStart.IsNull() && !connectEnd.IsNull()) { \ - Telemetry::AccumulateTimeDelta( \ - Telemetry::HTTP_##prefix##_TLS_HANDSHAKE, \ - secureConnectionStart, connectEnd); \ - } \ - \ - if (!connectStart.IsNull() && !connectEnd.IsNull()) { \ - Telemetry::AccumulateTimeDelta( \ - Telemetry::HTTP_##prefix##_TCP_CONNECTION_2, \ - connectStart, connectEnd); \ - } \ - \ - \ - if (!requestStart.IsNull() && !responseEnd.IsNull()) { \ - Telemetry::AccumulateTimeDelta( \ - Telemetry::HTTP_##prefix##_OPEN_TO_FIRST_SENT, \ - asyncOpen, requestStart); \ - \ - Telemetry::AccumulateTimeDelta( \ - Telemetry::HTTP_##prefix##_FIRST_SENT_TO_LAST_RECEIVED, \ - requestStart, responseEnd); \ - \ - if (cacheReadStart.IsNull() && !responseStart.IsNull()) { \ - Telemetry::AccumulateTimeDelta( \ - Telemetry::HTTP_##prefix##_OPEN_TO_FIRST_RECEIVED, \ - asyncOpen, responseStart); \ - } \ - } \ - \ - if (!cacheReadStart.IsNull() && !cacheReadEnd.IsNull()) { \ - if (!CacheObserver::UseNewCache()) { \ - Telemetry::AccumulateTimeDelta( \ - Telemetry::HTTP_##prefix##_OPEN_TO_FIRST_FROM_CACHE, \ - asyncOpen, cacheReadStart); \ - } else { \ - Telemetry::AccumulateTimeDelta( \ - Telemetry::HTTP_##prefix##_OPEN_TO_FIRST_FROM_CACHE_V2, \ - asyncOpen, cacheReadStart); \ - } \ - \ - if (!CacheObserver::UseNewCache()) { \ - Telemetry::AccumulateTimeDelta( \ - Telemetry::HTTP_##prefix##_CACHE_READ_TIME, \ - cacheReadStart, cacheReadEnd); \ - } else { \ - Telemetry::AccumulateTimeDelta( \ - Telemetry::HTTP_##prefix##_CACHE_READ_TIME_V2, \ - cacheReadStart, cacheReadEnd); \ - } \ - \ - if (!requestStart.IsNull() && !responseEnd.IsNull()) { \ - Telemetry::AccumulateTimeDelta( \ - Telemetry::HTTP_##prefix##_REVALIDATION, \ - requestStart, responseEnd); \ - } \ - } \ - \ - if (!cacheReadEnd.IsNull()) { \ - Telemetry::AccumulateTimeDelta( \ - Telemetry::HTTP_##prefix##_COMPLETE_LOAD, \ - asyncOpen, cacheReadEnd); \ - \ - if (!CacheObserver::UseNewCache()) { \ - Telemetry::AccumulateTimeDelta( \ - Telemetry::HTTP_##prefix##_COMPLETE_LOAD_CACHED, \ - asyncOpen, cacheReadEnd); \ - } else { \ - Telemetry::AccumulateTimeDelta( \ - Telemetry::HTTP_##prefix##_COMPLETE_LOAD_CACHED_V2, \ - asyncOpen, cacheReadEnd); \ - } \ - } \ - else if (!responseEnd.IsNull()) { \ - if (!CacheObserver::UseNewCache()) { \ - Telemetry::AccumulateTimeDelta( \ - Telemetry::HTTP_##prefix##_COMPLETE_LOAD, \ - asyncOpen, responseEnd); \ - Telemetry::AccumulateTimeDelta( \ - Telemetry::HTTP_##prefix##_COMPLETE_LOAD_NET, \ - asyncOpen, responseEnd); \ - } else { \ - Telemetry::AccumulateTimeDelta( \ - Telemetry::HTTP_##prefix##_COMPLETE_LOAD_V2, \ - asyncOpen, responseEnd); \ - Telemetry::AccumulateTimeDelta( \ - Telemetry::HTTP_##prefix##_COMPLETE_LOAD_NET_V2, \ - asyncOpen, responseEnd); \ - } \ - } - - if (aDefaultRequest) { - HTTP_REQUEST_HISTOGRAMS(PAGE) - } else { - HTTP_REQUEST_HISTOGRAMS(SUB) - } -#undef HTTP_REQUEST_HISTOGRAMS } nsresult nsLoadGroup::MergeLoadFlags(nsIRequest *aRequest, diff --git a/netwerk/base/nsNetUtil.cpp b/netwerk/base/nsNetUtil.cpp index d60c909c52..653a9003ee 100644 --- a/netwerk/base/nsNetUtil.cpp +++ b/netwerk/base/nsNetUtil.cpp @@ -2262,7 +2262,6 @@ NS_ShouldSecureUpgrade(nsIURI* aURI, nsIScriptError::warningFlag, "CSP", innerWindowId); - Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 4); aShouldUpgrade = true; return NS_OK; } @@ -2285,17 +2284,10 @@ NS_ShouldSecureUpgrade(nsIURI* aURI, if (isStsHost) { LOG(("nsHttpChannel::Connect() STS permissions found\n")); if (aAllowSTS) { - Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 3); aShouldUpgrade = true; return NS_OK; - } else { - Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 2); } - } else { - Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 1); } - } else { - Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 0); } aShouldUpgrade = false; return NS_OK; diff --git a/netwerk/base/nsSocketTransport2.cpp b/netwerk/base/nsSocketTransport2.cpp index 184757d33c..f9b55ead4d 100644 --- a/netwerk/base/nsSocketTransport2.cpp +++ b/netwerk/base/nsSocketTransport2.cpp @@ -1596,17 +1596,6 @@ nsSocketTransport::RecoverFromError() bool tryAgain = false; - if ((mState == STATE_CONNECTING) && mDNSRecord && - mSocketTransportService->IsTelemetryEnabledAndNotSleepPhase()) { - if (mNetAddr.raw.family == AF_INET) { - Telemetry::Accumulate(Telemetry::IPV4_AND_IPV6_ADDRESS_CONNECTIVITY, - UNSUCCESSFUL_CONNECTING_TO_IPV4_ADDRESS); - } else if (mNetAddr.raw.family == AF_INET6) { - Telemetry::Accumulate(Telemetry::IPV4_AND_IPV6_ADDRESS_CONNECTIVITY, - UNSUCCESSFUL_CONNECTING_TO_IPV6_ADDRESS); - } - } - if (mConnectionFlags & (DISABLE_IPV6 | DISABLE_IPV4) && mCondition == NS_ERROR_UNKNOWN_HOST && mState == STATE_RESOLVING && @@ -1996,18 +1985,6 @@ nsSocketTransport::OnSocketReady(PRFileDesc *fd, int16_t outFlags) // we are connected! // OnSocketConnected(); - - if (mSocketTransportService->IsTelemetryEnabledAndNotSleepPhase()) { - if (mNetAddr.raw.family == AF_INET) { - Telemetry::Accumulate( - Telemetry::IPV4_AND_IPV6_ADDRESS_CONNECTIVITY, - SUCCESSFUL_CONNECTING_TO_IPV4_ADDRESS); - } else if (mNetAddr.raw.family == AF_INET6) { - Telemetry::Accumulate( - Telemetry::IPV4_AND_IPV6_ADDRESS_CONNECTIVITY, - SUCCESSFUL_CONNECTING_TO_IPV6_ADDRESS); - } - } } else { PRErrorCode code = PR_GetError(); @@ -3201,28 +3178,7 @@ nsSocketTransport::SendPRBlockingTelemetry(PRIntervalTime aStart, Telemetry::ID aIDLinkChange, Telemetry::ID aIDOffline) { - PRIntervalTime now = PR_IntervalNow(); - if (gIOService->IsNetTearingDown()) { - Telemetry::Accumulate(aIDShutdown, - PR_IntervalToMilliseconds(now - aStart)); - - } else if (PR_IntervalToSeconds(now - gIOService->LastConnectivityChange()) - < 60) { - Telemetry::Accumulate(aIDConnectivityChange, - PR_IntervalToMilliseconds(now - aStart)); - } else if (PR_IntervalToSeconds(now - gIOService->LastNetworkLinkChange()) - < 60) { - Telemetry::Accumulate(aIDLinkChange, - PR_IntervalToMilliseconds(now - aStart)); - - } else if (PR_IntervalToSeconds(now - gIOService->LastOfflineStateChange()) - < 60) { - Telemetry::Accumulate(aIDOffline, - PR_IntervalToMilliseconds(now - aStart)); - } else { - Telemetry::Accumulate(aIDNormal, - PR_IntervalToMilliseconds(now - aStart)); - } + /* STUB */ } } // namespace net diff --git a/netwerk/base/nsSocketTransportService2.cpp b/netwerk/base/nsSocketTransportService2.cpp index 068bf0eca9..72afdc9e19 100644 --- a/netwerk/base/nsSocketTransportService2.cpp +++ b/netwerk/base/nsSocketTransportService2.cpp @@ -219,7 +219,6 @@ nsSocketTransportService::CanAttachSocket() if (mTelemetryEnabledPref && (((total >= 900) || !rv) && !reported900FDLimit)) { reported900FDLimit = true; - Telemetry::Accumulate(Telemetry::NETWORK_SESSION_AT_900FD, true); } return rv; @@ -898,16 +897,6 @@ nsSocketTransportService::Run() DoPollIteration(&singlePollDuration); - if (mTelemetryEnabledPref && !pollCycleStart.IsNull()) { - Telemetry::Accumulate(Telemetry::STS_POLL_BLOCK_TIME, - singlePollDuration.ToMilliseconds()); - Telemetry::AccumulateTimeDelta( - Telemetry::STS_POLL_CYCLE, - pollCycleStart + singlePollDuration, - TimeStamp::NowLoRes()); - pollDuration += singlePollDuration; - } - mRawThread->HasPendingEvents(&pendingEvents); if (pendingEvents) { if (!mServingPendingQueue) { @@ -940,22 +929,6 @@ nsSocketTransportService::Run() ((TimeStamp::NowLoRes() - eventQueueStart).ToMilliseconds() < mMaxTimePerPollIter)); - - if (mTelemetryEnabledPref && !mServingPendingQueue && - !startOfIteration.IsNull()) { - Telemetry::AccumulateTimeDelta( - Telemetry::STS_POLL_AND_EVENTS_CYCLE, - startOfIteration + pollDuration, - TimeStamp::NowLoRes()); - - Telemetry::Accumulate( - Telemetry::STS_NUMBER_OF_PENDING_EVENTS, - numberOfPendingEvents); - - numberOfPendingEventsLastCycle += numberOfPendingEvents; - numberOfPendingEvents = 0; - pollDuration = 0; - } } } while (pendingEvents); @@ -964,16 +937,6 @@ nsSocketTransportService::Run() { MutexAutoLock lock(mLock); if (mShuttingDown) { - if (mTelemetryEnabledPref && - !startOfCycleForLastCycleCalc.IsNull()) { - Telemetry::Accumulate( - Telemetry::STS_NUMBER_OF_PENDING_EVENTS_IN_THE_LAST_CYCLE, - numberOfPendingEventsLastCycle); - Telemetry::AccumulateTimeDelta( - Telemetry::STS_POLL_AND_EVENT_THE_LAST_CYCLE, - startOfCycleForLastCycleCalc, - TimeStamp::NowLoRes()); - } break; } if (mGoingOffline) { @@ -1142,11 +1105,6 @@ nsSocketTransportService::DoPollIteration(TimeDuration *pollDuration) } } } - if (mTelemetryEnabledPref) { - Telemetry::Accumulate( - Telemetry::STS_NUMBER_OF_ONSOCKETREADY_CALLS, - numberOfOnSocketReadyCalls); - } // // check for "dead" sockets and remove them (need to do this in @@ -1465,7 +1423,6 @@ nsSocketTransportService::ProbeMaxCount() if (pfd[index].fd) PR_Close(pfd[index].fd); - Telemetry::Accumulate(Telemetry::NETWORK_PROBE_MAXCOUNT, gMaxCount); SOCKET_LOG(("Socket Limit Test max was confirmed at %d\n", gMaxCount)); } #endif // windows diff --git a/netwerk/base/nsUDPSocket.cpp b/netwerk/base/nsUDPSocket.cpp index 5973a205d4..24f3954cb5 100644 --- a/netwerk/base/nsUDPSocket.cpp +++ b/netwerk/base/nsUDPSocket.cpp @@ -777,33 +777,6 @@ nsUDPSocket::CloseSocket() } PR_Close(mFD); - - if (gSocketTransportService->IsTelemetryEnabledAndNotSleepPhase()) { - PRIntervalTime now = PR_IntervalNow(); - if (gIOService->IsNetTearingDown()) { - Telemetry::Accumulate(Telemetry::PRCLOSE_UDP_BLOCKING_TIME_SHUTDOWN, - PR_IntervalToMilliseconds(now - closeStarted)); - - } else if (PR_IntervalToSeconds(now - gIOService->LastConnectivityChange()) - < 60) { - Telemetry::Accumulate(Telemetry::PRCLOSE_UDP_BLOCKING_TIME_CONNECTIVITY_CHANGE, - PR_IntervalToMilliseconds(now - closeStarted)); - - } else if (PR_IntervalToSeconds(now - gIOService->LastNetworkLinkChange()) - < 60) { - Telemetry::Accumulate(Telemetry::PRCLOSE_UDP_BLOCKING_TIME_LINK_CHANGE, - PR_IntervalToMilliseconds(now - closeStarted)); - - } else if (PR_IntervalToSeconds(now - gIOService->LastOfflineStateChange()) - < 60) { - Telemetry::Accumulate(Telemetry::PRCLOSE_UDP_BLOCKING_TIME_OFFLINE, - PR_IntervalToMilliseconds(now - closeStarted)); - - } else { - Telemetry::Accumulate(Telemetry::PRCLOSE_UDP_BLOCKING_TIME_NORMAL, - PR_IntervalToMilliseconds(now - closeStarted)); - } - } } mFD = nullptr; } diff --git a/netwerk/base/security-prefs.js b/netwerk/base/security-prefs.js index cfbbf4a457..7d63267a65 100644 --- a/netwerk/base/security-prefs.js +++ b/netwerk/base/security-prefs.js @@ -42,6 +42,8 @@ pref("security.ssl3.dhe_rsa_aes_128_sha", false); pref("security.ssl3.rsa_aes_128_gcm_sha256", false); pref("security.ssl3.rsa_aes_128_sha256", false); pref("security.ssl3.rsa_des_ede3_sha", false); +pref("security.ssl3.rsa_rc4_128_sha", false); +pref("security.ssl3.rsa_rc4_128_md5", false); pref("security.content.signature.root_hash", "97:E8:BA:9C:F1:2F:B3:DE:53:CC:42:A4:E6:57:7E:D6:4D:F4:93:C2:47:B4:14:FE:A0:36:81:8D:38:23:56:0E"); diff --git a/netwerk/cache/nsCacheService.cpp b/netwerk/cache/nsCacheService.cpp index bab67e1040..97b1a71c80 100644 --- a/netwerk/cache/nsCacheService.cpp +++ b/netwerk/cache/nsCacheService.cpp @@ -1184,7 +1184,6 @@ nsCacheService::Shutdown() } nsCOMPtr<nsIThread> cacheIOThread; - Telemetry::AutoTimer<Telemetry::NETWORK_DISK_CACHE_SHUTDOWN> totalTimer; bool shouldSanitize = false; nsCOMPtr<nsIFile> parentDir; @@ -1261,10 +1260,8 @@ nsCacheService::Shutdown() if (NS_SUCCEEDED(parentDir->Exists(&exists)) && exists) nsDeleteDir::DeleteDir(parentDir, false); } - Telemetry::AutoTimer<Telemetry::NETWORK_DISK_CACHE_SHUTDOWN_CLEAR_PRIVATE> timer; nsDeleteDir::Shutdown(shouldSanitize); } else { - Telemetry::AutoTimer<Telemetry::NETWORK_DISK_CACHE_DELETEDIR_SHUTDOWN> timer; nsDeleteDir::Shutdown(shouldSanitize); } } @@ -2175,7 +2172,6 @@ nsCacheService::ActivateEntry(nsCacheRequest * request, nsCacheEntry * nsCacheService::SearchCacheDevices(nsCString * key, nsCacheStoragePolicy policy, bool *collision) { - Telemetry::AutoTimer<Telemetry::CACHE_DEVICE_SEARCH_2> timer; nsCacheEntry * entry = nullptr; CACHE_LOG_DEBUG(("mMemoryDevice: 0x%p\n", mMemoryDevice)); @@ -2655,18 +2651,7 @@ nsCacheService::Lock(mozilla::Telemetry::ID mainThreadLockerID) generalID = mozilla::Telemetry::CACHE_SERVICE_LOCK_WAIT_2; } - TimeStamp start(TimeStamp::Now()); - nsCacheService::Lock(); - - TimeStamp stop(TimeStamp::Now()); - - // Telemetry isn't thread safe on its own, but this is OK because we're - // protecting it with the cache lock. - if (lockerID != mozilla::Telemetry::HistogramCount) { - mozilla::Telemetry::AccumulateTimeDelta(lockerID, start, stop); - } - mozilla::Telemetry::AccumulateTimeDelta(generalID, start, stop); } void diff --git a/netwerk/cache/nsDeleteDir.cpp b/netwerk/cache/nsDeleteDir.cpp index 1f3f3934e9..8c4edf8126 100644 --- a/netwerk/cache/nsDeleteDir.cpp +++ b/netwerk/cache/nsDeleteDir.cpp @@ -155,7 +155,6 @@ nsDeleteDir::DestroyThread() void nsDeleteDir::TimerCallback(nsITimer *aTimer, void *arg) { - Telemetry::AutoTimer<Telemetry::NETWORK_DISK_CACHE_DELETEDIR> timer; { MutexAutoLock lock(gInstance->mLock); @@ -193,8 +192,6 @@ nsDeleteDir::TimerCallback(nsITimer *aTimer, void *arg) nsresult nsDeleteDir::DeleteDir(nsIFile *dirIn, bool moveToTrash, uint32_t delay) { - Telemetry::AutoTimer<Telemetry::NETWORK_DISK_CACHE_TRASHRENAME> timer; - if (!gInstance) return NS_ERROR_NOT_INITIALIZED; diff --git a/netwerk/cache/nsDiskCacheDevice.cpp b/netwerk/cache/nsDiskCacheDevice.cpp index ac91534ff6..09089bfb62 100644 --- a/netwerk/cache/nsDiskCacheDevice.cpp +++ b/netwerk/cache/nsDiskCacheDevice.cpp @@ -457,7 +457,6 @@ nsDiskCacheDevice::GetDeviceID() nsCacheEntry * nsDiskCacheDevice::FindEntry(nsCString * key, bool *collision) { - Telemetry::AutoTimer<Telemetry::CACHE_DISK_SEARCH_2> timer; if (!Initialized()) return nullptr; // NS_ERROR_NOT_INITIALIZED if (mClearingDiskCache) return nullptr; nsDiskCacheRecord record; @@ -955,7 +954,6 @@ nsDiskCacheDevice::EvictEntries(const char * clientID) nsresult nsDiskCacheDevice::OpenDiskCache() { - Telemetry::AutoTimer<Telemetry::NETWORK_DISK_CACHE_OPEN> timer; // if we don't have a cache directory, create one and open it bool exists; nsresult rv = mCacheDirectory->Exists(&exists); diff --git a/netwerk/cache/nsDiskCacheDeviceSQL.cpp b/netwerk/cache/nsDiskCacheDeviceSQL.cpp index 56ece58870..f4b1d72c98 100644 --- a/netwerk/cache/nsDiskCacheDeviceSQL.cpp +++ b/netwerk/cache/nsDiskCacheDeviceSQL.cpp @@ -1523,7 +1523,6 @@ nsOfflineCacheDevice::FindEntry(nsCString *fullKey, bool *collision) { NS_ENSURE_TRUE(Initialized(), nullptr); - mozilla::Telemetry::AutoTimer<mozilla::Telemetry::CACHE_OFFLINE_SEARCH_2> timer; LOG(("nsOfflineCacheDevice::FindEntry [key=%s]\n", fullKey->get())); // SELECT * FROM moz_cache WHERE key = ? diff --git a/netwerk/cache/nsDiskCacheEntry.h b/netwerk/cache/nsDiskCacheEntry.h index 3bec330536..506886cb7c 100644 --- a/netwerk/cache/nsDiskCacheEntry.h +++ b/netwerk/cache/nsDiskCacheEntry.h @@ -32,7 +32,7 @@ struct nsDiskCacheEntry { mKeySize + mMetaDataSize; } - char* Key() { return reinterpret_cast<char*const>(this) + + char* Key() { return reinterpret_cast<char*>(this) + sizeof(nsDiskCacheEntry); } diff --git a/netwerk/cache/nsDiskCacheMap.cpp b/netwerk/cache/nsDiskCacheMap.cpp index d7ce13a35a..d3ec1e714b 100644 --- a/netwerk/cache/nsDiskCacheMap.cpp +++ b/netwerk/cache/nsDiskCacheMap.cpp @@ -19,7 +19,6 @@ #include "mozilla/MemoryReporting.h" #include "mozilla/Sprintf.h" -#include "mozilla/Telemetry.h" #include <algorithm> using namespace mozilla; @@ -181,9 +180,6 @@ nsDiskCacheMap::Open(nsIFile * cacheDirectory, goto error_exit; } - Telemetry::Accumulate(Telemetry::HTTP_DISK_CACHE_OVERHEAD, - (uint32_t)SizeOfExcludingThis(moz_malloc_size_of)); - *corruptInfo = nsDiskCache::kNotCorrupt; return NS_OK; diff --git a/netwerk/cache/nsMemoryCacheDevice.cpp b/netwerk/cache/nsMemoryCacheDevice.cpp index 042e860224..eb69e8ea87 100644 --- a/netwerk/cache/nsMemoryCacheDevice.cpp +++ b/netwerk/cache/nsMemoryCacheDevice.cpp @@ -113,7 +113,6 @@ nsMemoryCacheDevice::GetDeviceID() nsCacheEntry * nsMemoryCacheDevice::FindEntry(nsCString * key, bool *collision) { - mozilla::Telemetry::AutoTimer<mozilla::Telemetry::CACHE_MEMORY_SEARCH_2> timer; nsCacheEntry * entry = mMemCacheEntries.GetEntry(key); if (!entry) return nullptr; diff --git a/netwerk/cache2/CacheFile.cpp b/netwerk/cache2/CacheFile.cpp index fa0a893823..ce771c754c 100644 --- a/netwerk/cache2/CacheFile.cpp +++ b/netwerk/cache2/CacheFile.cpp @@ -14,7 +14,6 @@ #include <algorithm> #include "nsComponentManagerUtils.h" #include "nsProxyRelease.h" -#include "mozilla/Telemetry.h" // When CACHE_CHUNKS is defined we always cache unused chunks in mCacheChunks. // When it is not defined, we always release the chunks ASAP, i.e. we cache @@ -1914,9 +1913,6 @@ CacheFile::RemoveInput(CacheFileInputStream *aInput, nsresult aStatus) // chunks that won't be used anymore. CleanUpCachedChunks(); - Telemetry::Accumulate(Telemetry::NETWORK_CACHE_V2_INPUT_STREAM_STATUS, - StatusToTelemetryEnum(aStatus)); - return NS_OK; } @@ -1952,9 +1948,6 @@ CacheFile::RemoveOutput(CacheFileOutputStream *aOutput, nsresult aStatus) // Notify close listener as the last action aOutput->NotifyCloseListener(); - Telemetry::Accumulate(Telemetry::NETWORK_CACHE_V2_OUTPUT_STREAM_STATUS, - StatusToTelemetryEnum(aStatus)); - return NS_OK; } diff --git a/netwerk/cache2/CacheFileIOManager.cpp b/netwerk/cache2/CacheFileIOManager.cpp index 1d0d576355..f6b499e47e 100644 --- a/netwerk/cache2/CacheFileIOManager.cpp +++ b/netwerk/cache2/CacheFileIOManager.cpp @@ -21,7 +21,6 @@ #include "nsIObserverService.h" #include "nsICacheStorageVisitor.h" #include "nsISizeOf.h" -#include "mozilla/Telemetry.h" #include "mozilla/DebugOnly.h" #include "mozilla/Services.h" #include "nsDirectoryServiceUtils.h" @@ -1173,8 +1172,6 @@ CacheFileIOManager::Shutdown() return NS_ERROR_NOT_INITIALIZED; } - Telemetry::AutoTimer<Telemetry::NETWORK_DISK_CACHE_SHUTDOWN_V2> shutdownTimer; - CacheIndex::PreShutdown(); ShutdownMetadataWriteScheduling(); @@ -1192,7 +1189,6 @@ CacheFileIOManager::Shutdown() CacheIndex::Shutdown(); if (CacheObserver::ClearCacheOnShutdown()) { - Telemetry::AutoTimer<Telemetry::NETWORK_DISK_CACHE2_SHUTDOWN_CLEAR_PRIVATE> totalTimer; gInstance->SyncRemoveAllCacheFiles(); } @@ -3861,7 +3857,6 @@ CacheFileIOManager::CreateCacheTree() } #endif - Telemetry::Accumulate(Telemetry::NETWORK_CACHE_FS_TYPE, fsType); CacheObserver::SetCacheFSReported(); } @@ -3917,8 +3912,6 @@ CacheFileIOManager::OpenNSPRHandle(CacheFileHandle *aHandle, bool aCreate) uint32_t cacheUsage; if (NS_SUCCEEDED(CacheIndex::GetCacheSize(&cacheUsage))) { cacheUsage >>= 10; - Telemetry::Accumulate(Telemetry::NETWORK_CACHE_SIZE_FULL_FAT, - cacheUsage); sSizeReported = true; } } diff --git a/netwerk/cache2/CacheFileMetadata.cpp b/netwerk/cache2/CacheFileMetadata.cpp index 3814b4c878..86fc089aaf 100644 --- a/netwerk/cache2/CacheFileMetadata.cpp +++ b/netwerk/cache2/CacheFileMetadata.cpp @@ -14,7 +14,6 @@ #include "nsICacheEntry.h" // for nsICacheEntryMetaDataVisitor #include "../cache/nsCacheUtils.h" #include "nsIFile.h" -#include "mozilla/Telemetry.h" #include "mozilla/DebugOnly.h" #include "prnetdb.h" @@ -687,16 +686,6 @@ CacheFileMetadata::OnDataRead(CacheFileHandle *aHandle, char *aBuf, return NS_OK; } - if (mFirstRead) { - Telemetry::AccumulateTimeDelta( - Telemetry::NETWORK_CACHE_METADATA_FIRST_READ_TIME_MS, mReadStart); - Telemetry::Accumulate( - Telemetry::NETWORK_CACHE_METADATA_FIRST_READ_SIZE, mBufSize); - } else { - Telemetry::AccumulateTimeDelta( - Telemetry::NETWORK_CACHE_METADATA_SECOND_READ_TIME_MS, mReadStart); - } - // check whether we have read all necessary data uint32_t realOffset = NetworkEndian::readUint32(mBuf + mBufSize - sizeof(uint32_t)); @@ -776,9 +765,6 @@ CacheFileMetadata::OnDataRead(CacheFileHandle *aHandle, char *aBuf, return NS_OK; } - Telemetry::Accumulate(Telemetry::NETWORK_CACHE_METADATA_SIZE, - size - realOffset); - // We have all data according to offset information at the end of the entry. // Try to parse it. rv = ParseMetadata(realOffset, realOffset - usedOffset, true); diff --git a/netwerk/cache2/CacheFileUtils.cpp b/netwerk/cache2/CacheFileUtils.cpp index d43e958bff..fe1a53b3d4 100644 --- a/netwerk/cache2/CacheFileUtils.cpp +++ b/netwerk/cache2/CacheFileUtils.cpp @@ -7,7 +7,6 @@ #include "CacheFileUtils.h" #include "LoadContextInfo.h" #include "mozilla/Tokenizer.h" -#include "mozilla/Telemetry.h" #include "nsCOMPtr.h" #include "nsAutoPtr.h" #include "nsString.h" @@ -474,19 +473,6 @@ DetailedCacheHitTelemetry::AddRecord(ERecType aType, TimeStamp aLoadStart) StaticMutexAutoLock lock(sLock); - if (aType == MISS) { - mozilla::Telemetry::AccumulateTimeDelta( - mozilla::Telemetry::NETWORK_CACHE_V2_MISS_TIME_MS, - aLoadStart); - } else { - mozilla::Telemetry::AccumulateTimeDelta( - mozilla::Telemetry::NETWORK_CACHE_V2_HIT_TIME_MS, - aLoadStart); - } - - Telemetry::Accumulate(Telemetry::NETWORK_CACHE_HIT_MISS_STAT_PER_CACHE_SIZE, - hitMissValue); - sHRStats[rangeIdx].AddRecord(aType); ++sRecordCnt; @@ -505,8 +491,6 @@ DetailedCacheHitTelemetry::AddRecord(ERecType aType, TimeStamp aLoadStart) uint32_t bucketOffset = sHRStats[i].GetHitRateBucket(kHitRateBuckets) * kNumOfRanges; - Telemetry::Accumulate(Telemetry::NETWORK_CACHE_HIT_RATE_PER_CACHE_SIZE, - bucketOffset + i); sHRStats[i].Reset(); } } diff --git a/netwerk/cache2/CacheFileUtils.h b/netwerk/cache2/CacheFileUtils.h index 3371c3eb56..13acfd71dc 100644 --- a/netwerk/cache2/CacheFileUtils.h +++ b/netwerk/cache2/CacheFileUtils.h @@ -138,7 +138,7 @@ private: // 10-%15%, ... static const uint32_t kHitRateBuckets = 20; - // Protects sRecordCnt, sHitStats and Telemetry::Accumulated() calls. + // Protects sRecordCnt and sHitStats calls. static StaticMutex sLock; // Counter of samples that is compared against kTotalSamplesReportLimit. diff --git a/netwerk/cache2/CacheIOThread.cpp b/netwerk/cache2/CacheIOThread.cpp index b96f03216c..d51f61b0f5 100644 --- a/netwerk/cache2/CacheIOThread.cpp +++ b/netwerk/cache2/CacheIOThread.cpp @@ -62,8 +62,6 @@ void CacheIOTelemetry::Report(uint32_t aLevel, CacheIOTelemetry::size_type aLeng // 10 is number of buckets we have in each probe aLength = std::min<size_type>(aLength, 10); - - Telemetry::Accumulate(telemetryID[aLevel], aLength - 1); // counted from 0 } } // anon diff --git a/netwerk/cache2/CacheIndex.cpp b/netwerk/cache2/CacheIndex.cpp index 4525bbe6d6..1009aeaf8a 100644 --- a/netwerk/cache2/CacheIndex.cpp +++ b/netwerk/cache2/CacheIndex.cpp @@ -3757,7 +3757,6 @@ ReportHashSizeMatch(const SHA1Sum::Hash *aHash1, const SHA1Sum::Hash *aHash2) bitsDiff++; uint8_t hashSizeMatch = debruijn32[bitsDiff*0x076be629>>27] + (i<<5); - Telemetry::Accumulate(Telemetry::NETWORK_CACHE_HASH_STATS, hashSizeMatch); return; } diff --git a/netwerk/cache2/CacheStorageService.cpp b/netwerk/cache2/CacheStorageService.cpp index 67ef4c5267..85f364e4e4 100644 --- a/netwerk/cache2/CacheStorageService.cpp +++ b/netwerk/cache2/CacheStorageService.cpp @@ -2084,8 +2084,6 @@ CacheStorageService::TelemetryRecordEntryCreation(CacheEntry const* entry) mPurgeTimeStamps.Remove(key); - Telemetry::AccumulateTimeDelta(Telemetry::HTTP_CACHE_ENTRY_RELOAD_TIME, - timeStamp, TimeStamp::NowLoRes()); } void @@ -2112,9 +2110,6 @@ CacheStorageService::TelemetryRecordEntryRemoval(CacheEntry const* entry) TelemetryPrune(now); mPurgeTimeStamps.Put(key, now); - Telemetry::Accumulate(Telemetry::HTTP_CACHE_ENTRY_REUSE_COUNT, entry->UseCount()); - Telemetry::AccumulateTimeDelta(Telemetry::HTTP_CACHE_ENTRY_ALIVE_TIME, - entry->LoadStart(), TimeStamp::NowLoRes()); } // nsIMemoryReporter diff --git a/netwerk/cache2/OldWrappers.cpp b/netwerk/cache2/OldWrappers.cpp index 81df88df0e..76a4fa6c19 100644 --- a/netwerk/cache2/OldWrappers.cpp +++ b/netwerk/cache2/OldWrappers.cpp @@ -21,7 +21,6 @@ #include "nsNetCID.h" #include "nsNetUtil.h" #include "nsProxyRelease.h" -#include "mozilla/Telemetry.h" static NS_DEFINE_CID(kStreamTransportServiceCID, NS_STREAMTRANSPORTSERVICE_CID); @@ -793,24 +792,6 @@ _OldCacheLoad::Run() return NS_OK; } - if (NS_SUCCEEDED(mStatus)) { - if (mFlags & nsICacheStorage::OPEN_TRUNCATE) { - mozilla::Telemetry::AccumulateTimeDelta( - mozilla::Telemetry::NETWORK_CACHE_V1_TRUNCATE_TIME_MS, - mLoadStart); - } - else if (mNew) { - mozilla::Telemetry::AccumulateTimeDelta( - mozilla::Telemetry::NETWORK_CACHE_V1_MISS_TIME_MS, - mLoadStart); - } - else { - mozilla::Telemetry::AccumulateTimeDelta( - mozilla::Telemetry::NETWORK_CACHE_V1_HIT_TIME_MS, - mLoadStart); - } - } - if (!(mFlags & CHECK_MULTITHREADED)) Check(); diff --git a/netwerk/cookie/nsCookieService.cpp b/netwerk/cookie/nsCookieService.cpp index 1c4e5e7409..ea54dbd611 100644 --- a/netwerk/cookie/nsCookieService.cpp +++ b/netwerk/cookie/nsCookieService.cpp @@ -954,19 +954,14 @@ nsCookieService::TryInitDB(bool aRecreateDB) NS_ENSURE_SUCCESS(rv, RESULT_FAILURE); } - // This block provides scope for the Telemetry AutoTimer - { - Telemetry::AutoTimer<Telemetry::MOZ_SQLITE_COOKIES_OPEN_READAHEAD_MS> - telemetry; - ReadAheadFile(mDefaultDBState->cookieFile); - - // open a connection to the cookie database, and only cache our connection - // and statements upon success. The connection is opened unshared to eliminate - // cache contention between the main and background threads. - rv = mStorageService->OpenUnsharedDatabase(mDefaultDBState->cookieFile, - getter_AddRefs(mDefaultDBState->dbConn)); - NS_ENSURE_SUCCESS(rv, RESULT_RETRY); - } + ReadAheadFile(mDefaultDBState->cookieFile); + + // open a connection to the cookie database, and only cache our connection + // and statements upon success. The connection is opened unshared to eliminate + // cache contention between the main and background threads. + rv = mStorageService->OpenUnsharedDatabase(mDefaultDBState->cookieFile, + getter_AddRefs(mDefaultDBState->dbConn)); + NS_ENSURE_SUCCESS(rv, RESULT_RETRY); // Set up our listeners. mDefaultDBState->insertListener = new InsertCookieDBListener(mDefaultDBState); @@ -3325,11 +3320,6 @@ nsCookieService::SetCookieInternal(nsIURI *aHostURI, // 3 = secure and "https:" bool isHTTPS; nsresult rv = aHostURI->SchemeIs("https", &isHTTPS); - if (NS_SUCCEEDED(rv)) { - Telemetry::Accumulate(Telemetry::COOKIE_SCHEME_SECURITY, - ((cookieAttributes.isSecure)? 0x02 : 0x00) | - ((isHTTPS)? 0x01 : 0x00)); - } int64_t currentTimeInUsec = PR_Now(); @@ -3480,8 +3470,6 @@ nsCookieService::AddInternal(const nsCookieKey &aKey, if (mLeaveSecureAlone && aCookie->IsSecure() && !isSecure) { COOKIE_LOGFAILURE(SET_COOKIE, aHostURI, aCookieHeader, "non-https cookie can't set secure flag"); - Telemetry::Accumulate(Telemetry::COOKIE_LEAVE_SECURE_ALONE, - BLOCKED_SECURE_SET_FROM_HTTP); return; } nsListIter exactIter; @@ -3502,14 +3490,7 @@ nsCookieService::AddInternal(const nsCookieKey &aKey, if (!isSecure) { COOKIE_LOGFAILURE(SET_COOKIE, aHostURI, aCookieHeader, "cookie can't save because older cookie is secure cookie but newer cookie is non-secure cookie"); - Telemetry::Accumulate(Telemetry::COOKIE_LEAVE_SECURE_ALONE, - BLOCKED_DOWNGRADE_SECURE); return; - } else { - // A secure site is allowed to downgrade a secure cookie - // but we want to measure anyway - Telemetry::Accumulate(Telemetry::COOKIE_LEAVE_SECURE_ALONE, - DOWNGRADE_SECURE_FROM_SECURE); } } } @@ -3609,8 +3590,6 @@ nsCookieService::AddInternal(const nsCookieKey &aKey, // It's valid to evict a secure cookie for another secure cookie. oldestCookieTime = FindStaleCookie(entry, currentTime, aHostURI, Some(true), iter); } else { - Telemetry::Accumulate(Telemetry::COOKIE_LEAVE_SECURE_ALONE, - EVICTING_SECURE_BLOCKED); COOKIE_LOGEVICTED(aCookie, "Too many cookies for this domain and the new cookie is not a secure cookie"); return; @@ -4651,19 +4630,7 @@ void nsCookieService::TelemetryForEvictingStaleCookie(nsCookie *aEvicted, int64_t oldestCookieTime) { - // We need to record the evicting cookie to telemetry. - if (!aEvicted->IsSecure()) { - if (aEvicted->LastAccessed() > oldestCookieTime) { - Telemetry::Accumulate(Telemetry::COOKIE_LEAVE_SECURE_ALONE, - EVICTED_NEWER_INSECURE); - } else { - Telemetry::Accumulate(Telemetry::COOKIE_LEAVE_SECURE_ALONE, - EVICTED_OLDEST_COOKIE); - } - } else { - Telemetry::Accumulate(Telemetry::COOKIE_LEAVE_SECURE_ALONE, - EVICTED_PREFERRED_COOKIE); - } + /* STUB */ } // count the number of cookies stored by a particular host. this is provided by the diff --git a/netwerk/dns/nsHostResolver.cpp b/netwerk/dns/nsHostResolver.cpp index f2e26cadd4..c4883ab299 100644 --- a/netwerk/dns/nsHostResolver.cpp +++ b/netwerk/dns/nsHostResolver.cpp @@ -225,7 +225,6 @@ nsHostRecord::CopyExpirationTimesAndFlagsFrom(const nsHostRecord *aFromHostRecor nsHostRecord::~nsHostRecord() { - Telemetry::Accumulate(Telemetry::DNS_BLACKLIST_COUNT, mBlacklistedCount); delete addr_info; delete addr; } @@ -775,7 +774,6 @@ nsHostResolver::ResolveHost(const char *host, LOG_HOST(host, netInterface))); // put reference to host record on stack... result = he->rec; - Telemetry::Accumulate(Telemetry::DNS_LOOKUP_METHOD2, METHOD_HIT); // For entries that are in the grace period // or all cached negative entries, use the cache but start a new @@ -785,8 +783,6 @@ nsHostResolver::ResolveHost(const char *host, if (he->rec->negative) { LOG((" Negative cache entry for host [%s%s%s].\n", LOG_HOST(host, netInterface))); - Telemetry::Accumulate(Telemetry::DNS_LOOKUP_METHOD2, - METHOD_NEGATIVE_HIT); status = NS_ERROR_UNKNOWN_HOST; } } @@ -794,8 +790,6 @@ nsHostResolver::ResolveHost(const char *host, // go ahead and use it. else if (he->rec->addr) { LOG((" Using cached address for IP Literal [%s].\n", host)); - Telemetry::Accumulate(Telemetry::DNS_LOOKUP_METHOD2, - METHOD_LITERAL); result = he->rec; } // try parsing the host name as an IP address literal to short @@ -808,8 +802,6 @@ nsHostResolver::ResolveHost(const char *host, he->rec->addr = new NetAddr(); PRNetAddrToNetAddr(&tempAddr, he->rec->addr); // put reference to host record on stack... - Telemetry::Accumulate(Telemetry::DNS_LOOKUP_METHOD2, - METHOD_LITERAL); result = he->rec; } else if (mPendingCount >= MAX_NON_PRIORITY_REQUESTS && @@ -819,8 +811,6 @@ nsHostResolver::ResolveHost(const char *host, "host [%s%s%s].\n", IsMediumPriority(flags) ? "medium" : "low", LOG_HOST(host, netInterface))); - Telemetry::Accumulate(Telemetry::DNS_LOOKUP_METHOD2, - METHOD_OVERFLOW); // This is a lower priority request and we are swamped, so refuse it. rv = NS_ERROR_DNS_LOOKUP_QUEUE_FULL; } @@ -885,8 +875,6 @@ nsHostResolver::ResolveHost(const char *host, if (he->rec->negative) { status = NS_ERROR_UNKNOWN_HOST; } - Telemetry::Accumulate(Telemetry::DNS_LOOKUP_METHOD2, - METHOD_HIT); ConditionallyRefreshRecord(he->rec, host); } // For AF_INET6, a new lookup means another AF_UNSPEC @@ -900,8 +888,6 @@ nsHostResolver::ResolveHost(const char *host, result = he->rec; he->rec->negative = true; status = NS_ERROR_UNKNOWN_HOST; - Telemetry::Accumulate(Telemetry::DNS_LOOKUP_METHOD2, - METHOD_NEGATIVE_HIT); } } } @@ -915,8 +901,6 @@ nsHostResolver::ResolveHost(const char *host, PR_APPEND_LINK(callback, &he->rec->callbacks); he->rec->flags = flags; rv = IssueLookup(he->rec); - Telemetry::Accumulate(Telemetry::DNS_LOOKUP_METHOD2, - METHOD_NETWORK_FIRST); if (NS_FAILED(rv)) { PR_REMOVE_AND_INIT_LINK(callback); } @@ -933,8 +917,6 @@ nsHostResolver::ResolveHost(const char *host, PR_APPEND_LINK(callback, &he->rec->callbacks); if (he->rec->onQueue) { - Telemetry::Accumulate(Telemetry::DNS_LOOKUP_METHOD2, - METHOD_NETWORK_SHARED); // Consider the case where we are on a pending queue of // lower priority than the request is being made at. @@ -1085,13 +1067,6 @@ nsHostResolver::ConditionallyRefreshRecord(nsHostRecord *rec, const char *host) LOG((" Using %s cache entry for host [%s] but starting async renewal.", rec->negative ? "negative" :"positive", host)); IssueLookup(rec); - - if (!rec->negative) { - // negative entries are constantly being refreshed, only - // track positive grace period induced renewals - Telemetry::Accumulate(Telemetry::DNS_LOOKUP_METHOD2, - METHOD_RENEWAL); - } } return NS_OK; } @@ -1326,13 +1301,6 @@ nsHostResolver::OnLookupComplete(nsHostRecord* rec, nsresult status, AddrInfo* n PR_REMOVE_AND_INIT_LINK(head); mDB.Remove((nsHostKey *) head); - if (!head->negative) { - // record the age of the entry upon eviction. - TimeDuration age = TimeStamp::NowLoRes() - head->mValidStart; - Telemetry::Accumulate(Telemetry::DNS_CLEANUP_AGE, - static_cast<uint32_t>(age.ToSeconds() / 60)); - } - // release reference to rec owned by mEvictionQ NS_RELEASE(head); } @@ -1467,32 +1435,6 @@ nsHostResolver::ThreadFunc(void *arg) } #endif - { // obtain lock to check shutdown and manage inter-module telemetry - MutexAutoLock lock(resolver->mLock); - - if (!resolver->mShutdown) { - TimeDuration elapsed = TimeStamp::Now() - startTime; - uint32_t millis = static_cast<uint32_t>(elapsed.ToMilliseconds()); - - if (NS_SUCCEEDED(status)) { - Telemetry::ID histogramID; - if (!rec->addr_info_gencnt) { - // Time for initial lookup. - histogramID = Telemetry::DNS_LOOKUP_TIME; - } else if (!getTtl) { - // Time for renewal; categorized by expiration strategy. - histogramID = Telemetry::DNS_RENEWAL_TIME; - } else { - // Time to get TTL; categorized by expiration strategy. - histogramID = Telemetry::DNS_RENEWAL_TIME_FOR_TTL; - } - Telemetry::Accumulate(histogramID, millis); - } else { - Telemetry::Accumulate(Telemetry::DNS_FAILED_LOOKUP_TIME, millis); - } - } - } - // OnLookupComplete may release "rec", long before we lose it. LOG(("DNS lookup thread - lookup completed for host [%s%s%s]: %s.\n", LOG_HOST(rec->host, rec->netInterface), diff --git a/netwerk/protocol/http/ASpdySession.cpp b/netwerk/protocol/http/ASpdySession.cpp index f22c326d1a..d5d98804d0 100644 --- a/netwerk/protocol/http/ASpdySession.cpp +++ b/netwerk/protocol/http/ASpdySession.cpp @@ -45,8 +45,6 @@ ASpdySession::NewSpdySession(uint32_t version, // from a list provided in the SERVER HELLO filtered by our acceptable // versions, so there is no risk of the server ignoring our prefs. - Telemetry::Accumulate(Telemetry::SPDY_VERSION2, version); - return new Http2Session(aTransport, version, attemptingEarlyData); } diff --git a/netwerk/protocol/http/Http2Compression.cpp b/netwerk/protocol/http/Http2Compression.cpp index 1b4603e1af..64fd05a170 100644 --- a/netwerk/protocol/http/Http2Compression.cpp +++ b/netwerk/protocol/http/Http2Compression.cpp @@ -292,12 +292,6 @@ Http2BaseCompressor::Http2BaseCompressor() Http2BaseCompressor::~Http2BaseCompressor() { - if (mPeakSize) { - Telemetry::Accumulate(mPeakSizeID, mPeakSize); - } - if (mPeakCount) { - Telemetry::Accumulate(mPeakCountID, mPeakCount); - } UnregisterStrongMemoryReporter(mDynamicReporter); mDynamicReporter->mCompressor = nullptr; mDynamicReporter = nullptr; @@ -336,16 +330,6 @@ Http2BaseCompressor::MakeRoom(uint32_t amount, const char *direction) bytesEvicted += mHeaderTable[index]->Size(); mHeaderTable.RemoveElement(); } - - if (!strcmp(direction, "decompressor")) { - Telemetry::Accumulate(Telemetry::HPACK_ELEMENTS_EVICTED_DECOMPRESSOR, countEvicted); - Telemetry::Accumulate(Telemetry::HPACK_BYTES_EVICTED_DECOMPRESSOR, bytesEvicted); - Telemetry::Accumulate(Telemetry::HPACK_BYTES_EVICTED_RATIO_DECOMPRESSOR, (uint32_t)((100.0 * (double)bytesEvicted) / (double)amount)); - } else { - Telemetry::Accumulate(Telemetry::HPACK_ELEMENTS_EVICTED_COMPRESSOR, countEvicted); - Telemetry::Accumulate(Telemetry::HPACK_BYTES_EVICTED_COMPRESSOR, bytesEvicted); - Telemetry::Accumulate(Telemetry::HPACK_BYTES_EVICTED_RATIO_COMPRESSOR, (uint32_t)((100.0 * (double)bytesEvicted) / (double)amount)); - } } void diff --git a/netwerk/protocol/http/Http2Session.cpp b/netwerk/protocol/http/Http2Session.cpp index 4f350af83b..4a178f0910 100644 --- a/netwerk/protocol/http/Http2Session.cpp +++ b/netwerk/protocol/http/Http2Session.cpp @@ -168,13 +168,6 @@ Http2Session::~Http2Session() this, mDownstreamState)); Shutdown(); - - Telemetry::Accumulate(Telemetry::SPDY_PARALLEL_STREAMS, mConcurrentHighWater); - Telemetry::Accumulate(Telemetry::SPDY_REQUEST_PER_CONN, (mNextStreamID - 1) / 2); - Telemetry::Accumulate(Telemetry::SPDY_SERVER_INITIATED_STREAMS, - mServerPushedResources); - Telemetry::Accumulate(Telemetry::SPDY_GOAWAY_LOCAL, mClientGoAwayReason); - Telemetry::Accumulate(Telemetry::SPDY_GOAWAY_PEER, mPeerGoAwayReason); } void @@ -1508,13 +1501,11 @@ Http2Session::RecvSettings(Http2Session *self) case SETTINGS_TYPE_MAX_CONCURRENT: self->mMaxConcurrent = value; - Telemetry::Accumulate(Telemetry::SPDY_SETTINGS_MAX_STREAMS, value); self->ProcessPending(); break; case SETTINGS_TYPE_INITIAL_WINDOW: { - Telemetry::Accumulate(Telemetry::SPDY_SETTINGS_IW, value >> 10); int32_t delta = value - self->mServerInitialStreamWindow; self->mServerInitialStreamWindow = value; @@ -2494,8 +2485,6 @@ Http2Session::ReadyToProcessDataFrame(enum internalStateType newState) newState == DISCARDING_DATA_FRAME_PADDING); ChangeDownstreamState(newState); - Telemetry::Accumulate(Telemetry::SPDY_CHUNK_RECVD, - mInputFrameDataSize >> 10); mLastDataReadEpoch = mLastReadEpoch; if (!mInputFrameID) { diff --git a/netwerk/protocol/http/Http2Stream.cpp b/netwerk/protocol/http/Http2Stream.cpp index 7a8f968550..3471985dd4 100644 --- a/netwerk/protocol/http/Http2Stream.cpp +++ b/netwerk/protocol/http/Http2Stream.cpp @@ -21,7 +21,6 @@ #include "Http2Push.h" #include "TunnelUtils.h" -#include "mozilla/Telemetry.h" #include "nsAlgorithm.h" #include "nsHttp.h" #include "nsHttpHandler.h" @@ -658,8 +657,6 @@ Http2Stream::GenerateOpen() outputOffset += frameLen; } - Telemetry::Accumulate(Telemetry::SPDY_SYN_SIZE, compressedData.Length()); - // The size of the input headers is approximate uint32_t ratio = compressedData.Length() * 100 / @@ -667,7 +664,6 @@ Http2Stream::GenerateOpen() mFlatHttpRequestHeaders.Length()); mFlatHttpRequestHeaders.Truncate(); - Telemetry::Accumulate(Telemetry::SPDY_SYN_RATIO, ratio); return NS_OK; } @@ -1025,13 +1021,6 @@ Http2Stream::ConvertResponseHeaders(Http2Decompressor *decompressor, return NS_ERROR_ILLEGAL_VALUE; } - if (aHeadersIn.Length() && aHeadersOut.Length()) { - Telemetry::Accumulate(Telemetry::SPDY_SYN_REPLY_SIZE, aHeadersIn.Length()); - uint32_t ratio = - aHeadersIn.Length() * 100 / aHeadersOut.Length(); - Telemetry::Accumulate(Telemetry::SPDY_SYN_REPLY_RATIO, ratio); - } - // The decoding went ok. Now we can customize and clean up. aHeadersIn.Truncate(); diff --git a/netwerk/protocol/http/HttpBaseChannel.cpp b/netwerk/protocol/http/HttpBaseChannel.cpp index d161f9a432..c4e764d26d 100644 --- a/netwerk/protocol/http/HttpBaseChannel.cpp +++ b/netwerk/protocol/http/HttpBaseChannel.cpp @@ -49,7 +49,6 @@ #include "LoadInfo.h" #include "nsNullPrincipal.h" #include "nsISSLSocketControl.h" -#include "mozilla/Telemetry.h" #include "nsIURL.h" #include "nsIConsoleService.h" #include "mozilla/BinarySearch.h" @@ -1006,7 +1005,6 @@ HttpBaseChannel::DoApplyContentConversions(nsIStreamListener* aNextListener, } else if (from.Equals("br")) { mode = 3; } - Telemetry::Accumulate(Telemetry::HTTP_CONTENT_ENCODING, mode); } nextListener = converter; } diff --git a/netwerk/protocol/http/nsCORSListenerProxy.cpp b/netwerk/protocol/http/nsCORSListenerProxy.cpp index c2a6243305..b9355c82bf 100644 --- a/netwerk/protocol/http/nsCORSListenerProxy.cpp +++ b/netwerk/protocol/http/nsCORSListenerProxy.cpp @@ -577,7 +577,7 @@ nsCORSListenerProxy::CheckRequestApproved(nsIRequest* aRequest) // check for duplicate headers rv = http->VisitOriginalResponseHeaders(visitor); if (NS_FAILED(rv)) { - LogBlockedRequest(aRequest, "CORSAllowOriginNotMatchingOrigin", nullptr); + LogBlockedRequest(aRequest, "CORSMultipleAllowOriginNotAllowed", nullptr); return rv; } diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp index ac855b478f..bb0b3ca774 100644 --- a/netwerk/protocol/http/nsHttpChannel.cpp +++ b/netwerk/protocol/http/nsHttpChannel.cpp @@ -133,18 +133,7 @@ enum CacheDisposition { void AccumulateCacheHitTelemetry(CacheDisposition hitOrMiss) { - if (!CacheObserver::UseNewCache()) { - Telemetry::Accumulate(Telemetry::HTTP_CACHE_DISPOSITION_2, hitOrMiss); - } - else { - Telemetry::Accumulate(Telemetry::HTTP_CACHE_DISPOSITION_2_V2, hitOrMiss); - - int32_t experiment = CacheObserver::HalfLifeExperiment(); - if (experiment > 0 && hitOrMiss == kCacheMissed) { - Telemetry::Accumulate(Telemetry::HTTP_CACHE_MISS_HALFLIFE_EXPERIMENT_2, - experiment - 1); - } - } + /* STUB */ } // Computes and returns a SHA1 hash of the input buffer. The input buffer @@ -1141,26 +1130,21 @@ EnsureMIMEOfScript(nsIURI* aURI, nsHttpResponseHead* aResponseHead, nsILoadInfo* if (nsContentUtils::IsJavascriptMIMEType(typeString)) { // script load has type script - Telemetry::Accumulate(Telemetry::SCRIPT_BLOCK_INCORRECT_MIME, 1); return NS_OK; } bool block = false; if (StringBeginsWith(contentType, NS_LITERAL_CSTRING("image/"))) { // script load has type image - Telemetry::Accumulate(Telemetry::SCRIPT_BLOCK_INCORRECT_MIME, 2); block = true; } else if (StringBeginsWith(contentType, NS_LITERAL_CSTRING("audio/"))) { // script load has type audio - Telemetry::Accumulate(Telemetry::SCRIPT_BLOCK_INCORRECT_MIME, 3); block = true; } else if (StringBeginsWith(contentType, NS_LITERAL_CSTRING("video/"))) { // script load has type video - Telemetry::Accumulate(Telemetry::SCRIPT_BLOCK_INCORRECT_MIME, 4); block = true; } else if (StringBeginsWith(contentType, NS_LITERAL_CSTRING("text/csv"))) { // script load has type text/csv - Telemetry::Accumulate(Telemetry::SCRIPT_BLOCK_INCORRECT_MIME, 6); block = true; } @@ -1186,42 +1170,35 @@ EnsureMIMEOfScript(nsIURI* aURI, nsHttpResponseHead* aResponseHead, nsILoadInfo* if (StringBeginsWith(contentType, NS_LITERAL_CSTRING("text/plain"))) { // script load has type text/plain - Telemetry::Accumulate(Telemetry::SCRIPT_BLOCK_INCORRECT_MIME, 5); return NS_OK; } if (StringBeginsWith(contentType, NS_LITERAL_CSTRING("text/xml"))) { // script load has type text/xml - Telemetry::Accumulate(Telemetry::SCRIPT_BLOCK_INCORRECT_MIME, 7); return NS_OK; } if (StringBeginsWith(contentType, NS_LITERAL_CSTRING("application/octet-stream"))) { // script load has type application/octet-stream - Telemetry::Accumulate(Telemetry::SCRIPT_BLOCK_INCORRECT_MIME, 8); return NS_OK; } if (StringBeginsWith(contentType, NS_LITERAL_CSTRING("application/xml"))) { // script load has type application/xml - Telemetry::Accumulate(Telemetry::SCRIPT_BLOCK_INCORRECT_MIME, 9); return NS_OK; } if (StringBeginsWith(contentType, NS_LITERAL_CSTRING("text/html"))) { // script load has type text/html - Telemetry::Accumulate(Telemetry::SCRIPT_BLOCK_INCORRECT_MIME, 10); return NS_OK; } if (contentType.IsEmpty()) { // script load has no type - Telemetry::Accumulate(Telemetry::SCRIPT_BLOCK_INCORRECT_MIME, 11); return NS_OK; } // script load has unknown type - Telemetry::Accumulate(Telemetry::SCRIPT_BLOCK_INCORRECT_MIME, 0); return NS_OK; } @@ -1867,65 +1844,6 @@ nsHttpChannel::ProcessResponse() LOG(("nsHttpChannel::ProcessResponse [this=%p httpStatus=%u]\n", this, httpStatus)); - // do some telemetry - if (gHttpHandler->IsTelemetryEnabled()) { - // Gather data on whether the transaction and page (if this is - // the initial page load) is being loaded with SSL. - Telemetry::Accumulate(Telemetry::HTTP_TRANSACTION_IS_SSL, - mConnectionInfo->EndToEndSSL()); - if (mLoadFlags & LOAD_INITIAL_DOCUMENT_URI) { - Telemetry::Accumulate(Telemetry::HTTP_PAGELOAD_IS_SSL, - mConnectionInfo->EndToEndSSL()); - } - - // how often do we see something like Alternate-Protocol: "443:quic,p=1" - nsAutoCString alt_protocol; - mResponseHead->GetHeader(nsHttp::Alternate_Protocol, alt_protocol); - bool saw_quic = (!alt_protocol.IsEmpty() && - PL_strstr(alt_protocol.get(), "quic")) ? 1 : 0; - Telemetry::Accumulate(Telemetry::HTTP_SAW_QUIC_ALT_PROTOCOL, saw_quic); - - // Gather data on how many URLS get redirected - switch (httpStatus) { - case 200: - Telemetry::Accumulate(Telemetry::HTTP_RESPONSE_STATUS_CODE, 0); - break; - case 301: - Telemetry::Accumulate(Telemetry::HTTP_RESPONSE_STATUS_CODE, 1); - break; - case 302: - Telemetry::Accumulate(Telemetry::HTTP_RESPONSE_STATUS_CODE, 2); - break; - case 304: - Telemetry::Accumulate(Telemetry::HTTP_RESPONSE_STATUS_CODE, 3); - break; - case 307: - Telemetry::Accumulate(Telemetry::HTTP_RESPONSE_STATUS_CODE, 4); - break; - case 308: - Telemetry::Accumulate(Telemetry::HTTP_RESPONSE_STATUS_CODE, 5); - break; - case 400: - Telemetry::Accumulate(Telemetry::HTTP_RESPONSE_STATUS_CODE, 6); - break; - case 401: - Telemetry::Accumulate(Telemetry::HTTP_RESPONSE_STATUS_CODE, 7); - break; - case 403: - Telemetry::Accumulate(Telemetry::HTTP_RESPONSE_STATUS_CODE, 8); - break; - case 404: - Telemetry::Accumulate(Telemetry::HTTP_RESPONSE_STATUS_CODE, 9); - break; - case 500: - Telemetry::Accumulate(Telemetry::HTTP_RESPONSE_STATUS_CODE, 10); - break; - default: - Telemetry::Accumulate(Telemetry::HTTP_RESPONSE_STATUS_CODE, 11); - break; - } - } - // Let the predictor know whether this was a cacheable response or not so // that it knows whether or not to possibly prefetch this resource in the // future. @@ -2204,9 +2122,6 @@ nsHttpChannel::ContinueProcessResponse2(nsresult rv) } AccumulateCacheHitTelemetry(cacheDisposition); - Telemetry::Accumulate(Telemetry::HTTP_RESPONSE_VERSION, - mResponseHead->Version()); - if (mResponseHead->Version() == NS_HTTP_VERSION_0_9) { // DefaultPortTopLevel = 0, DefaultPortSubResource = 1, // NonDefaultPortTopLevel = 2, NonDefaultPortSubResource = 3 @@ -2217,7 +2132,6 @@ nsHttpChannel::ContinueProcessResponse2(nsresult rv) if (mConnectionInfo->OriginPort() != mConnectionInfo->DefaultPort()) { v09Info += 2; } - Telemetry::Accumulate(Telemetry::HTTP_09_INFO, v09Info); } } return rv; @@ -3212,7 +3126,6 @@ nsHttpChannel::ProcessNotModified() PipelineFeedbackInfo(mConnectionInfo, nsHttpConnectionMgr::RedCorruptedContent, nullptr, 0); - Telemetry::Accumulate(Telemetry::CACHE_LM_INCONSISTENT, true); } // merge any new headers with the cached response headers @@ -3372,10 +3285,6 @@ nsHttpChannel::ContinueProcessFallback(nsresult rv) } NS_ENSURE_SUCCESS(rv, rv); - if (mLoadFlags & LOAD_INITIAL_DOCUMENT_URI) { - MaybeWarnAboutAppCache(); - } - // close down this channel Cancel(NS_BINDING_REDIRECTED); @@ -4226,11 +4135,6 @@ nsHttpChannel::OnNormalCacheEntryAvailable(nsICacheEntry *aEntry, if (NS_SUCCEEDED(aEntryStatus)) { mCacheEntry = aEntry; mCacheEntryIsWriteOnly = aNew; - - if (mLoadFlags & LOAD_INITIAL_DOCUMENT_URI) { - Telemetry::Accumulate(Telemetry::HTTP_OFFLINE_CACHE_DOCUMENT_LOAD, - false); - } } return NS_OK; @@ -4261,10 +4165,6 @@ nsHttpChannel::OnOfflineCacheEntryAvailable(nsICacheEntry *aEntry, mCacheEntry = aEntry; mCacheEntryIsWriteOnly = false; - if (mLoadFlags & LOAD_INITIAL_DOCUMENT_URI && !mApplicationCacheForWrite) { - MaybeWarnAboutAppCache(); - } - return NS_OK; } @@ -5905,17 +5805,13 @@ nsHttpChannel::BeginConnect() LOG(("nsHttpChannel %p Using connection info from altsvc mapping", this)); mapping->GetConnectionInfo(getter_AddRefs(mConnectionInfo), proxyInfo, originAttributes); - Telemetry::Accumulate(Telemetry::HTTP_TRANSACTION_USE_ALTSVC, true); - Telemetry::Accumulate(Telemetry::HTTP_TRANSACTION_USE_ALTSVC_OE, !isHttps); } else if (mConnectionInfo) { LOG(("nsHttpChannel %p Using channel supplied connection info", this)); - Telemetry::Accumulate(Telemetry::HTTP_TRANSACTION_USE_ALTSVC, false); } else { LOG(("nsHttpChannel %p Using default connection info", this)); mConnectionInfo = new nsHttpConnectionInfo(host, port, EmptyCString(), mUsername, proxyInfo, originAttributes, isHttps); - Telemetry::Accumulate(Telemetry::HTTP_TRANSACTION_USE_ALTSVC, false); } // Set network interface id only when it's not empty to avoid @@ -6837,7 +6733,6 @@ nsHttpChannel::OnStopRequest(nsIRequest *request, nsISupports *ctxt, nsresult st chanDisposition = static_cast<ChannelDisposition>(chanDisposition + kHttpsCanceled); } LOG((" nsHttpChannel::OnStopRequest ChannelDisposition %d\n", chanDisposition)); - Telemetry::Accumulate(Telemetry::HTTP_CHANNEL_DISPOSITION, chanDisposition); // if needed, check cache entry has all data we expect if (mCacheEntry && mCachePump && @@ -8187,21 +8082,6 @@ nsHttpChannel::ResumeInternal() } void -nsHttpChannel::MaybeWarnAboutAppCache() -{ - // First, accumulate a telemetry ping about appcache usage. - Telemetry::Accumulate(Telemetry::HTTP_OFFLINE_CACHE_DOCUMENT_LOAD, - true); - - // Then, issue a deprecation warning. - nsCOMPtr<nsIDeprecationWarner> warner; - GetCallback(warner); - if (warner) { - warner->IssueWarning(nsIDocument::eAppCache, false); - } -} - -void nsHttpChannel::SetDoNotTrack() { /** @@ -8223,129 +8103,7 @@ nsHttpChannel::SetDoNotTrack() void nsHttpChannel::ReportNetVSCacheTelemetry() { - nsresult rv; - if (!mCacheEntry) { - return; - } - - // We only report telemetry if the entry is persistent (on disk) - bool persistent; - rv = mCacheEntry->GetPersistent(&persistent); - if (NS_FAILED(rv) || !persistent) { - return; - } - - nsXPIDLCString tmpStr; - rv = mCacheEntry->GetMetaDataElement("net-response-time-onstart", - getter_Copies(tmpStr)); - if (NS_FAILED(rv)) { - return; - } - uint64_t onStartNetTime = tmpStr.ToInteger64(&rv); - if (NS_FAILED(rv)) { - return; - } - - tmpStr.Truncate(); - rv = mCacheEntry->GetMetaDataElement("net-response-time-onstop", - getter_Copies(tmpStr)); - if (NS_FAILED(rv)) { - return; - } - uint64_t onStopNetTime = tmpStr.ToInteger64(&rv); - if (NS_FAILED(rv)) { - return; - } - - uint64_t onStartCacheTime = (mOnStartRequestTimestamp - mAsyncOpenTime).ToMilliseconds(); - int64_t onStartDiff = onStartNetTime - onStartCacheTime; - onStartDiff += 500; // We offset the difference by 500 ms to report positive values in telemetry - - uint64_t onStopCacheTime = (mCacheReadEnd - mAsyncOpenTime).ToMilliseconds(); - int64_t onStopDiff = onStopNetTime - onStopCacheTime; - onStopDiff += 500; // We offset the difference by 500 ms - - if (mDidReval) { - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTART_REVALIDATED, onStartDiff); - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTOP_REVALIDATED, onStopDiff); - } else { - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTART_NOTREVALIDATED, onStartDiff); - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTOP_NOTREVALIDATED, onStopDiff); - } - - if (mDidReval) { - // We don't report revalidated probes as the data would be skewed. - return; - } - - uint32_t diskStorageSizeK = 0; - rv = mCacheEntry->GetDiskStorageSizeInKB(&diskStorageSizeK); - if (NS_FAILED(rv)) { - return; - } - - nsAutoCString contentType; - if (mResponseHead && mResponseHead->HasContentType()) { - mResponseHead->ContentType(contentType); - } - bool isImage = StringBeginsWith(contentType, NS_LITERAL_CSTRING("image/")); - if (isImage) { - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTART_ISIMG, onStartDiff); - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTOP_ISIMG, onStopDiff); - } else { - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTART_NOTIMG, onStartDiff); - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTOP_NOTIMG, onStopDiff); - } - - if (mCacheOpenWithPriority) { - if (mCacheQueueSizeWhenOpen < 5) { - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTART_QSMALL_HIGHPRI, onStartDiff); - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTOP_QSMALL_HIGHPRI, onStopDiff); - } else if (mCacheQueueSizeWhenOpen < 10) { - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTART_QMED_HIGHPRI, onStartDiff); - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTOP_QMED_HIGHPRI, onStopDiff); - } else { - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTART_QBIG_HIGHPRI, onStartDiff); - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTOP_QBIG_HIGHPRI, onStopDiff); - } - } else { // The limits are higher for normal priority cache queues - if (mCacheQueueSizeWhenOpen < 10) { - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTART_QSMALL_NORMALPRI, onStartDiff); - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTOP_QSMALL_NORMALPRI, onStopDiff); - } else if (mCacheQueueSizeWhenOpen < 50) { - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTART_QMED_NORMALPRI, onStartDiff); - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTOP_QMED_NORMALPRI, onStopDiff); - } else { - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTART_QBIG_NORMALPRI, onStartDiff); - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTOP_QBIG_NORMALPRI, onStopDiff); - } - } - - if (diskStorageSizeK < 32) { - if (mCacheOpenWithPriority) { - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTART_SMALL_HIGHPRI, onStartDiff); - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTOP_SMALL_HIGHPRI, onStopDiff); - } else { - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTART_SMALL_NORMALPRI, onStartDiff); - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTOP_SMALL_NORMALPRI, onStopDiff); - } - } else if (diskStorageSizeK < 256) { - if (mCacheOpenWithPriority) { - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTART_MED_HIGHPRI, onStartDiff); - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTOP_MED_HIGHPRI, onStopDiff); - } else { - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTART_MED_NORMALPRI, onStartDiff); - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTOP_MED_NORMALPRI, onStopDiff); - } - } else { - if (mCacheOpenWithPriority) { - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTART_LARGE_HIGHPRI, onStartDiff); - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTOP_LARGE_HIGHPRI, onStopDiff); - } else { - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTART_LARGE_NORMALPRI, onStartDiff); - Telemetry::Accumulate(Telemetry::HTTP_NET_VS_CACHE_ONSTOP_LARGE_NORMALPRI, onStopDiff); - } - } + /* STUB */ } } // namespace net diff --git a/netwerk/protocol/http/nsHttpChannel.h b/netwerk/protocol/http/nsHttpChannel.h index 3a322e8e2b..2e24d6e81c 100644 --- a/netwerk/protocol/http/nsHttpChannel.h +++ b/netwerk/protocol/http/nsHttpChannel.h @@ -452,8 +452,6 @@ private: void SetPushedStream(Http2PushedStream *stream); - void MaybeWarnAboutAppCache(); - void SetDoNotTrack(); private: diff --git a/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp b/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp index d04f47ddc8..0e7eb55c3b 100644 --- a/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp +++ b/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp @@ -867,24 +867,6 @@ nsHttpChannelAuthProvider::GetCredentialsForChallenge(const char *challenge, else if (authFlags & nsIHttpAuthenticator::IDENTITY_ENCRYPTED) level = nsIAuthPrompt2::LEVEL_PW_ENCRYPTED; - // Collect statistics on how frequently the various types of HTTP - // authentication are used over SSL and non-SSL connections. - if (gHttpHandler->IsTelemetryEnabled()) { - if (NS_LITERAL_CSTRING("basic").LowerCaseEqualsASCII(authType)) { - Telemetry::Accumulate(Telemetry::HTTP_AUTH_TYPE_STATS, - UsingSSL() ? HTTP_AUTH_BASIC_SECURE : HTTP_AUTH_BASIC_INSECURE); - } else if (NS_LITERAL_CSTRING("digest").LowerCaseEqualsASCII(authType)) { - Telemetry::Accumulate(Telemetry::HTTP_AUTH_TYPE_STATS, - UsingSSL() ? HTTP_AUTH_DIGEST_SECURE : HTTP_AUTH_DIGEST_INSECURE); - } else if (NS_LITERAL_CSTRING("ntlm").LowerCaseEqualsASCII(authType)) { - Telemetry::Accumulate(Telemetry::HTTP_AUTH_TYPE_STATS, - UsingSSL() ? HTTP_AUTH_NTLM_SECURE : HTTP_AUTH_NTLM_INSECURE); - } else if (NS_LITERAL_CSTRING("negotiate").LowerCaseEqualsASCII(authType)) { - Telemetry::Accumulate(Telemetry::HTTP_AUTH_TYPE_STATS, - UsingSSL() ? HTTP_AUTH_NEGOTIATE_SECURE : HTTP_AUTH_NEGOTIATE_INSECURE); - } - } - // Depending on the pref setting, the authentication dialog may be // blocked for all sub-resources, blocked for cross-origin // sub-resources, or always allowed for sub-resources. @@ -991,22 +973,6 @@ nsHttpChannelAuthProvider::BlockPrompt() } } - if (gHttpHandler->IsTelemetryEnabled()) { - if (topDoc) { - Telemetry::Accumulate(Telemetry::HTTP_AUTH_DIALOG_STATS, - HTTP_AUTH_DIALOG_TOP_LEVEL_DOC); - } else if (xhr) { - Telemetry::Accumulate(Telemetry::HTTP_AUTH_DIALOG_STATS, - HTTP_AUTH_DIALOG_XHR); - } else if (!mCrossOrigin) { - Telemetry::Accumulate(Telemetry::HTTP_AUTH_DIALOG_STATS, - HTTP_AUTH_DIALOG_SAME_ORIGIN_SUBRESOURCE); - } else { - Telemetry::Accumulate(Telemetry::HTTP_AUTH_DIALOG_STATS, - HTTP_AUTH_DIALOG_CROSS_ORIGIN_SUBRESOURCE); - } - } - switch (sAuthAllowPref) { case SUBRESOURCE_AUTH_DIALOG_DISALLOW_ALL: // Do not open the http-authentication credentials dialog for diff --git a/netwerk/protocol/http/nsHttpConnection.cpp b/netwerk/protocol/http/nsHttpConnection.cpp index c4564cd8bc..8ccba76e2c 100644 --- a/netwerk/protocol/http/nsHttpConnection.cpp +++ b/netwerk/protocol/http/nsHttpConnection.cpp @@ -19,7 +19,6 @@ #include "ASpdySession.h" #include "mozilla/ChaosMode.h" -#include "mozilla/Telemetry.h" #include "nsHttpConnection.h" #include "nsHttpHandler.h" #include "nsHttpPipeline.h" @@ -105,18 +104,12 @@ nsHttpConnection::~nsHttpConnection() if (!mEverUsedSpdy) { LOG(("nsHttpConnection %p performed %d HTTP/1.x transactions\n", this, mHttp1xTransactionCount)); - Telemetry::Accumulate(Telemetry::HTTP_REQUEST_PER_CONN, - mHttp1xTransactionCount); } if (mTotalBytesRead) { uint32_t totalKBRead = static_cast<uint32_t>(mTotalBytesRead >> 10); LOG(("nsHttpConnection %p read %dkb on connection spdy=%d\n", this, totalKBRead, mEverUsedSpdy)); - Telemetry::Accumulate(mEverUsedSpdy ? - Telemetry::SPDY_KBREAD_PER_CONN : - Telemetry::HTTP_KBREAD_PER_CONN, - totalKBRead); } if (mForceSendTimer) { mForceSendTimer->Cancel(); @@ -482,21 +475,6 @@ nsHttpConnection::EnsureNPNComplete(nsresult &aOut0RTTWriteHandshakeValue, int16_t tlsVersion; ssl->GetSSLVersionUsed(&tlsVersion); - // Send the 0RTT telemetry only for tls1.3 - if (tlsVersion > nsISSLSocketControl::TLS_VERSION_1_2) { - Telemetry::Accumulate(Telemetry::TLS_EARLY_DATA_NEGOTIATED, - (!mEarlyDataNegotiated) ? TLS_EARLY_DATA_NOT_AVAILABLE - : ((mWaitingFor0RTTResponse) ? TLS_EARLY_DATA_AVAILABLE_AND_USED - : TLS_EARLY_DATA_AVAILABLE_BUT_NOT_USED)); - if (mWaitingFor0RTTResponse) { - Telemetry::Accumulate(Telemetry::TLS_EARLY_DATA_ACCEPTED, - earlyDataAccepted); - } - if (earlyDataAccepted) { - Telemetry::Accumulate(Telemetry::TLS_EARLY_DATA_BYTES_WRITTEN, - mContentBytesWritten0RTT); - } - } mWaitingFor0RTTResponse = false; if (!earlyDataAccepted) { @@ -518,8 +496,6 @@ nsHttpConnection::EnsureNPNComplete(nsresult &aOut0RTTWriteHandshakeValue, StartSpdy(mSpdySession->SpdyVersion()); } } - - Telemetry::Accumulate(Telemetry::SPDY_NPN_CONNECT, UsingSpdy()); } npnComplete: diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.cpp b/netwerk/protocol/http/nsHttpConnectionMgr.cpp index 9271b49af4..731cdff394 100644 --- a/netwerk/protocol/http/nsHttpConnectionMgr.cpp +++ b/netwerk/protocol/http/nsHttpConnectionMgr.cpp @@ -23,7 +23,6 @@ #include "mozilla/net/DNS.h" #include "nsISocketTransport.h" #include "nsISSLSocketControl.h" -#include "mozilla/Telemetry.h" #include "mozilla/net/DashboardTypes.h" #include "NullHttpTransaction.h" #include "nsIDNSRecord.h" @@ -847,7 +846,6 @@ nsHttpConnectionMgr::GetSpdyPreferredEnt(nsConnectionEntry *aOriginalEntry) "with %s connections. rv=%x isJoined=%d", preferred->mConnInfo->Origin(), aOriginalEntry->mConnInfo->Origin(), rv, isJoined)); - Telemetry::Accumulate(Telemetry::SPDY_NPN_JOIN, false); return nullptr; } @@ -857,7 +855,6 @@ nsHttpConnectionMgr::GetSpdyPreferredEnt(nsConnectionEntry *aOriginalEntry) "so %s will be coalesced with %s", preferred->mConnInfo->Origin(), aOriginalEntry->mConnInfo->Origin(), aOriginalEntry->mConnInfo->Origin(), preferred->mConnInfo->Origin())); - Telemetry::Accumulate(Telemetry::SPDY_NPN_JOIN, true); return preferred; } @@ -1835,16 +1832,7 @@ nsHttpConnectionMgr::BuildPipeline(nsConnectionEntry *ent, void nsHttpConnectionMgr::ReportProxyTelemetry(nsConnectionEntry *ent) { - enum { PROXY_NONE = 1, PROXY_HTTP = 2, PROXY_SOCKS = 3, PROXY_HTTPS = 4 }; - - if (!ent->mConnInfo->UsingProxy()) - Telemetry::Accumulate(Telemetry::HTTP_PROXY_TYPE, PROXY_NONE); - else if (ent->mConnInfo->UsingHttpsProxy()) - Telemetry::Accumulate(Telemetry::HTTP_PROXY_TYPE, PROXY_HTTPS); - else if (ent->mConnInfo->UsingHttpProxy()) - Telemetry::Accumulate(Telemetry::HTTP_PROXY_TYPE, PROXY_HTTP); - else - Telemetry::Accumulate(Telemetry::HTTP_PROXY_TYPE, PROXY_SOCKS); + /* STUB */ } nsresult @@ -3107,8 +3095,6 @@ nsHalfOpenSocket::SetupStreams(nsISocketTransport **transport, rv = socketTransport->SetSecurityCallbacks(this); NS_ENSURE_SUCCESS(rv, rv); - Telemetry::Accumulate(Telemetry::HTTP_CONNECTION_ENTRY_CACHE_HIT_1, - mEnt->mUsedForConnection); mEnt->mUsedForConnection = true; nsCOMPtr<nsIOutputStream> sout; diff --git a/netwerk/protocol/http/nsHttpHandler.cpp b/netwerk/protocol/http/nsHttpHandler.cpp index f9bcc391db..6d58a7004e 100644 --- a/netwerk/protocol/http/nsHttpHandler.cpp +++ b/netwerk/protocol/http/nsHttpHandler.cpp @@ -58,7 +58,6 @@ #include "mozilla/net/NeckoChild.h" #include "mozilla/net/NeckoParent.h" #include "mozilla/ipc/URIUtils.h" -#include "mozilla/Telemetry.h" #include "mozilla/Unused.h" #include "mozilla/BasePrincipal.h" @@ -203,6 +202,7 @@ nsHttpHandler::nsHttpHandler() , mCompatFirefoxEnabled(false) , mCompatFirefoxVersion("52.9") , mUserAgentIsDirty(true) + , mAcceptLanguagesIsDirty(true) , mPromptTempRedirect(true) , mEnablePersistentHttpsCaching(false) , mDoNotTrackEnabled(false) @@ -419,6 +419,7 @@ nsHttpHandler::Init() obsService->AddObserver(this, "browser:purge-session-history", true); obsService->AddObserver(this, NS_NETWORK_LINK_TOPIC, true); obsService->AddObserver(this, "application-background", true); + obsService->AddObserver(this, "string-bundles-have-flushed", true); } MakeNewRequestTokenBucket(); @@ -489,8 +490,13 @@ nsHttpHandler::AddStandardRequestHeaders(nsHttpRequestHead *request, bool isSecu // Add the "Accept-Language" header. This header is also exposed to the // service worker. + if (mAcceptLanguagesIsDirty) { + rv = SetAcceptLanguages(); + MOZ_ASSERT(NS_SUCCEEDED(rv)); + } + + // Add the "Accept-Language" header if (!mAcceptLanguages.IsEmpty()) { - // Add the "Accept-Language" header rv = request->SetHeader(nsHttp::Accept_Language, mAcceptLanguages, false, nsHttpHeaderArray::eVarietyRequestOverride); @@ -1511,16 +1517,10 @@ nsHttpHandler::PrefsChanged(nsIPrefBranch *prefs, const char *pref) // if (PREF_CHANGED(INTL_ACCEPT_LANGUAGES)) { - nsCOMPtr<nsIPrefLocalizedString> pls; - prefs->GetComplexValue(INTL_ACCEPT_LANGUAGES, - NS_GET_IID(nsIPrefLocalizedString), - getter_AddRefs(pls)); - if (pls) { - nsXPIDLString uval; - pls->ToString(getter_Copies(uval)); - if (uval) - SetAcceptLanguages(NS_ConvertUTF16toUTF8(uval).get()); - } + // We don't want to set the new accept languages here since + // this pref is a complex type and it may be racy with flushing + // string resources. + mAcceptLanguagesIsDirty = true; } // @@ -1897,12 +1897,18 @@ PrepareAcceptLanguages(const char *i_AcceptLanguages, nsACString &o_AcceptLangua } nsresult -nsHttpHandler::SetAcceptLanguages(const char *aAcceptLanguages) +nsHttpHandler::SetAcceptLanguages() { + mAcceptLanguagesIsDirty = false; + + const nsAdoptingCString& acceptLanguages = + Preferences::GetLocalizedCString(INTL_ACCEPT_LANGUAGES); + nsAutoCString buf; - nsresult rv = PrepareAcceptLanguages(aAcceptLanguages, buf); - if (NS_SUCCEEDED(rv)) + nsresult rv = PrepareAcceptLanguages(acceptLanguages.get(), buf); + if (NS_SUCCEEDED(rv)) { mAcceptLanguages.Assign(buf); + } return rv; } @@ -2175,11 +2181,6 @@ nsHttpHandler::Observe(nsISupports *subject, // depend on this value. mSessionStartTime = NowInSeconds(); - if (!mDoNotTrackEnabled) { - Telemetry::Accumulate(Telemetry::DNT_USAGE, 2); - } else { - Telemetry::Accumulate(Telemetry::DNT_USAGE, 1); - } } else if (!strcmp(topic, "profile-change-net-restore")) { // initialize connection manager InitConnectionMgr(); @@ -2233,6 +2234,8 @@ nsHttpHandler::Observe(nsISupports *subject, if (mConnMgr) { mConnMgr->DoShiftReloadConnectionCleanup(nullptr); } + } else if (!strcmp(topic, "string-bundles-have-flushed")) { + mAcceptLanguagesIsDirty = true; } return NS_OK; diff --git a/netwerk/protocol/http/nsHttpHandler.h b/netwerk/protocol/http/nsHttpHandler.h index 0904af8939..848dd25b1e 100644 --- a/netwerk/protocol/http/nsHttpHandler.h +++ b/netwerk/protocol/http/nsHttpHandler.h @@ -384,7 +384,7 @@ private: void PrefsChanged(nsIPrefBranch *prefs, const char *pref); nsresult SetAccept(const char *); - nsresult SetAcceptLanguages(const char *); + nsresult SetAcceptLanguages(); nsresult SetAcceptEncodings(const char *, bool mIsSecure); nsresult InitConnectionMgr(); @@ -491,6 +491,7 @@ private: nsCString mUserAgent; nsXPIDLCString mUserAgentOverride; bool mUserAgentIsDirty; // true if mUserAgent should be rebuilt + bool mAcceptLanguagesIsDirty; bool mPromptTempRedirect; diff --git a/netwerk/protocol/websocket/WebSocketChannel.cpp b/netwerk/protocol/websocket/WebSocketChannel.cpp index c6dc8d3280..1bcdbcacca 100644 --- a/netwerk/protocol/websocket/WebSocketChannel.cpp +++ b/netwerk/protocol/websocket/WebSocketChannel.cpp @@ -55,7 +55,6 @@ #include "nsNetUtil.h" #include "nsINode.h" #include "mozilla/StaticMutex.h" -#include "mozilla/Telemetry.h" #include "mozilla/TimeStamp.h" #include "nsSocketTransportService2.h" @@ -2989,7 +2988,6 @@ WebSocketChannel::ReportConnectionTelemetry() (didProxy ? (1 << 0) : 0); LOG(("WebSocketChannel::ReportConnectionTelemetry() %p %d", this, value)); - Telemetry::Accumulate(Telemetry::WEBSOCKETS_HANDSHAKE_TYPE, value); } // nsIDNSListener diff --git a/netwerk/system/linux/nsNotifyAddrListener_Linux.cpp b/netwerk/system/linux/nsNotifyAddrListener_Linux.cpp index 4fc36928ac..b9f912d1d4 100644 --- a/netwerk/system/linux/nsNotifyAddrListener_Linux.cpp +++ b/netwerk/system/linux/nsNotifyAddrListener_Linux.cpp @@ -24,7 +24,6 @@ #include "mozilla/Services.h" #include "mozilla/SHA1.h" #include "mozilla/Sprintf.h" -#include "mozilla/Telemetry.h" /* a shorter name that better explains what it does */ #define EINTR_RETRY(x) MOZ_TEMP_FAILURE_RETRY(x) @@ -176,12 +175,10 @@ void nsNotifyAddrListener::calculateNetworkId(void) LOG(("networkid: id %s\n", output.get())); if (mNetworkId != output) { // new id - Telemetry::Accumulate(Telemetry::NETWORK_ID, 1); mNetworkId = output; } else { // same id - Telemetry::Accumulate(Telemetry::NETWORK_ID, 2); } found = true; break; @@ -195,7 +192,6 @@ void nsNotifyAddrListener::calculateNetworkId(void) } /* if (froute) */ if (!found) { // no id - Telemetry::Accumulate(Telemetry::NETWORK_ID, 0); } } diff --git a/netwerk/system/mac/nsNetworkLinkService.mm b/netwerk/system/mac/nsNetworkLinkService.mm index ac6a015fbe..5b2d7575ac 100644 --- a/netwerk/system/mac/nsNetworkLinkService.mm +++ b/netwerk/system/mac/nsNetworkLinkService.mm @@ -24,7 +24,6 @@ #include "mozilla/Preferences.h" #include "mozilla/SHA1.h" #include "mozilla/Base64.h" -#include "mozilla/Telemetry.h" #include "nsNetworkLinkService.h" #import <Cocoa/Cocoa.h> @@ -274,19 +273,16 @@ void nsNetworkLinkService::calculateNetworkId(void) LOG(("networkid: id %s\n", output.get())); if (mNetworkId != output) { // new id - Telemetry::Accumulate(Telemetry::NETWORK_ID, 1); mNetworkId = output; } else { // same id - Telemetry::Accumulate(Telemetry::NETWORK_ID, 2); } found = true; } } if (!found) { // no id - Telemetry::Accumulate(Telemetry::NETWORK_ID, 0); } } diff --git a/netwerk/system/win32/nsNotifyAddrListener.cpp b/netwerk/system/win32/nsNotifyAddrListener.cpp index 5d1ec3a61f..58f4345ef8 100644 --- a/netwerk/system/win32/nsNotifyAddrListener.cpp +++ b/netwerk/system/win32/nsNotifyAddrListener.cpp @@ -35,7 +35,6 @@ #include "mozilla/Preferences.h" #include "mozilla/SHA1.h" #include "mozilla/Base64.h" -#include "mozilla/Telemetry.h" #include <iptypes.h> #include <iphlpapi.h> @@ -218,12 +217,10 @@ bool nsNotifyAddrListener::findMac(char *gateway) LOG(("networkid: id %s\n", output.get())); if (mNetworkId != output) { // new id - Telemetry::Accumulate(Telemetry::NETWORK_ID, 1); mNetworkId = output; } else { // same id - Telemetry::Accumulate(Telemetry::NETWORK_ID, 2); } found = true; break; @@ -290,7 +287,6 @@ void nsNotifyAddrListener::calculateNetworkId(void) } if (!found) { // no id - Telemetry::Accumulate(Telemetry::NETWORK_ID, 0); } } diff --git a/netwerk/test/unit/test_be_conservative.js b/netwerk/test/unit/test_be_conservative.js index 2c6ac46ad5..36b6d3b90f 100644 --- a/netwerk/test/unit/test_be_conservative.js +++ b/netwerk/test/unit/test_be_conservative.js @@ -140,7 +140,6 @@ function startServer(cert, minServerVersion, maxServerVersion) { tlsServer.init(-1, true, -1); tlsServer.serverCert = cert; tlsServer.setVersionRange(minServerVersion, maxServerVersion); - tlsServer.setSessionCache(false); tlsServer.setSessionTickets(false); tlsServer.asyncListen(new ServerSocketListener()); return tlsServer; diff --git a/netwerk/test/unit/test_tls_server.js b/netwerk/test/unit/test_tls_server.js index d805359c7b..12154a27fe 100644 --- a/netwerk/test/unit/test_tls_server.js +++ b/netwerk/test/unit/test_tls_server.js @@ -90,7 +90,6 @@ function startServer(cert, expectingPeerCert, clientCertificateConfig, onStopListening: function() {} }; - tlsServer.setSessionCache(false); tlsServer.setSessionTickets(false); tlsServer.setRequestClientCertificate(clientCertificateConfig); diff --git a/netwerk/test/unit/test_tls_server_multiple_clients.js b/netwerk/test/unit/test_tls_server_multiple_clients.js index b63c0189bd..74b814e9cf 100644 --- a/netwerk/test/unit/test_tls_server_multiple_clients.js +++ b/netwerk/test/unit/test_tls_server_multiple_clients.js @@ -67,7 +67,6 @@ function startServer(cert) { onStopListening: function() {} }; - tlsServer.setSessionCache(true); tlsServer.setSessionTickets(false); tlsServer.asyncListen(listener); diff --git a/old-configure.in b/old-configure.in index a95b307f21..96bb934e12 100644 --- a/old-configure.in +++ b/old-configure.in @@ -2044,7 +2044,7 @@ MOZ_ARG_WITH_BOOL(system-nss, _USE_SYSTEM_NSS=1 ) if test -n "$_USE_SYSTEM_NSS"; then - AM_PATH_NSS(3.36.4, [MOZ_SYSTEM_NSS=1], [AC_MSG_ERROR([you don't have NSS installed or your version is too old])]) + AM_PATH_NSS(3.38, [MOZ_SYSTEM_NSS=1], [AC_MSG_ERROR([you don't have NSS installed or your version is too old])]) fi if test -z "$MOZ_SYSTEM_NSS"; then @@ -3542,11 +3542,15 @@ dnl = FFmpeg's ffvpx configuration dnl ======================================================== MOZ_FFVPX= -case "$CPU_ARCH" in - x86) + +dnl Build ffvpx on 32-bit Windows and all supported 64-bit platforms. +dnl 32-bit *nix has performance issues due to not supporting assembly decoder. + +case "$OS_ARCH:$CPU_ARCH" in + WINNT:x86) MOZ_FFVPX=1 ;; - x86_64) + *:x86_64) MOZ_FFVPX=1 ;; esac @@ -4568,10 +4572,10 @@ AC_SUBST(MOZ_DEVTOOLS_SERVER) dnl ======================================================== dnl = Disable Mozilla Developer Tools (client) dnl ======================================================== -MOZ_ARG_DISABLE_BOOL(devtools, -[ --disable-devtools Disable Mozilla Developer Tools (client)], - MOZ_DEVTOOLS=, - MOZ_DEVTOOLS=1) +MOZ_ARG_ENABLE_BOOL(devtools, +[ --enable-devtools Enable Mozilla Developer Tools (client)], + MOZ_DEVTOOLS=1, + MOZ_DEVTOOLS=) if test -n "$MOZ_DEVTOOLS"; then if test ! -n "$MOZ_DEVTOOLS_SERVER"; then diff --git a/parser/html/nsHtml5AtomTable.cpp b/parser/html/nsHtml5AtomTable.cpp index d523f58b01..ae35791f3f 100644 --- a/parser/html/nsHtml5AtomTable.cpp +++ b/parser/html/nsHtml5AtomTable.cpp @@ -24,6 +24,7 @@ nsHtml5AtomEntry::~nsHtml5AtomEntry() } nsHtml5AtomTable::nsHtml5AtomTable() + : mRecentlyUsedParserAtoms{} { #ifdef DEBUG NS_GetMainThread(getter_AddRefs(mPermittedLookupThread)); @@ -44,13 +45,23 @@ nsHtml5AtomTable::GetAtom(const nsAString& aKey) NS_ASSERTION(mPermittedLookupThread == currentThread, "Wrong thread!"); } #endif + + uint32_t index = mozilla::HashString(aKey) % RECENTLY_USED_PARSER_ATOMS_SIZE; + nsIAtom* cachedAtom = mRecentlyUsedParserAtoms[index]; + if (cachedAtom && cachedAtom->Equals(aKey)) { + return cachedAtom; + } + nsIAtom* atom = NS_GetStaticAtom(aKey); if (atom) { + mRecentlyUsedParserAtoms[index] = atom; return atom; } nsHtml5AtomEntry* entry = mTable.PutEntry(aKey); if (!entry) { return nullptr; } + + mRecentlyUsedParserAtoms[index] = entry->GetAtom(); return entry->GetAtom(); } diff --git a/parser/html/nsHtml5AtomTable.h b/parser/html/nsHtml5AtomTable.h index 43f9b5f2f2..b0dc2f678e 100644 --- a/parser/html/nsHtml5AtomTable.h +++ b/parser/html/nsHtml5AtomTable.h @@ -11,6 +11,8 @@ #include "nsIAtom.h" #include "nsIThread.h" +#define RECENTLY_USED_PARSER_ATOMS_SIZE 31 + class nsHtml5Atom; class nsHtml5AtomEntry : public nsStringHashKey @@ -87,6 +89,9 @@ class nsHtml5AtomTable */ void Clear() { + for (uint32_t i = 0; i < RECENTLY_USED_PARSER_ATOMS_SIZE; ++i) { + mRecentlyUsedParserAtoms[i] = nullptr; + } mTable.Clear(); } @@ -99,6 +104,7 @@ class nsHtml5AtomTable private: nsTHashtable<nsHtml5AtomEntry> mTable; + nsIAtom* mRecentlyUsedParserAtoms[RECENTLY_USED_PARSER_ATOMS_SIZE]; #ifdef DEBUG nsCOMPtr<nsIThread> mPermittedLookupThread; #endif diff --git a/python/mozbuild/mozbuild/action/dump_env.py b/python/mozbuild/mozbuild/action/dump_env.py index a6fa19f3a3..83e420d682 100644 --- a/python/mozbuild/mozbuild/action/dump_env.py +++ b/python/mozbuild/mozbuild/action/dump_env.py @@ -6,5 +6,11 @@ # native paths printed on Windows so that these paths can be incorporated # into Python configure's environment. import os +import sys + +sys.path.append(os.path.join(os.path.dirname(__file__), '..')) + +from shellutil import quote + for key, value in os.environ.items(): - print('%s=%s' % (key, value)) + print('%s=%s' % (key, quote(value))) diff --git a/security/certverifier/ExtendedValidation.cpp b/security/certverifier/ExtendedValidation.cpp index 8ac5828de8..37c028c540 100644 --- a/security/certverifier/ExtendedValidation.cpp +++ b/security/certverifier/ExtendedValidation.cpp @@ -1285,15 +1285,7 @@ LoadExtendedValidationInfo() UniqueCERTCertificate cert(CERT_FindCertByIssuerAndSN(nullptr, &ias)); - // If an entry is missing in the NSS root database, it may be because the - // root database is out of sync with what we expect (e.g. a different - // version of system NSS is installed). - if (!cert) { - // The entries for the debug EV roots are at indices 0 through - // NUM_TEST_EV_ROOTS - 1. Since they're not built-in, they probably - // haven't been loaded yet. - MOZ_ASSERT(iEV < NUM_TEST_EV_ROOTS, "Could not find built-in EV root"); - } else { + if (cert) { unsigned char certFingerprint[SHA256_LENGTH]; srv = PK11_HashBuf(SEC_OID_SHA256, certFingerprint, cert->derCert.data, AssertedCast<int32_t>(cert->derCert.len)); diff --git a/security/manager/locales/en-US/chrome/pipnss/pipnss.properties b/security/manager/locales/en-US/chrome/pipnss/pipnss.properties index 9c732ce9de..23d7a323ca 100755 --- a/security/manager/locales/en-US/chrome/pipnss/pipnss.properties +++ b/security/manager/locales/en-US/chrome/pipnss/pipnss.properties @@ -279,8 +279,7 @@ certErrorExpiredNow=The certificate expired on %1$S. The current time is %2$S. # LOCALIZATION NOTE (certErrorNotYetValidNow): Do not translate %1$S (date+time certificate will become valid) or %2$S (current date+time) certErrorNotYetValidNow=The certificate will not be valid until %1$S. The current time is %2$S. -# LOCALIZATION NOTE (certErrorCodePrefix2): Do not translate <a id="errorCode" title="%1$S">%1$S</a> -certErrorCodePrefix2=Error code: <a id="errorCode" title="%1$S">%1$S</a> +certErrorCodePrefix=(Error code: %S) P12DefaultNickname=Imported Certificate CertUnknown=Unknown diff --git a/security/manager/ssl/DataStorage.cpp b/security/manager/ssl/DataStorage.cpp index 2d9dbf5c43..c765fed00a 100644 --- a/security/manager/ssl/DataStorage.cpp +++ b/security/manager/ssl/DataStorage.cpp @@ -276,9 +276,6 @@ DataStorage::Reader::Run() } } } while (true); - - Telemetry::Accumulate(Telemetry::DATA_STORAGE_ENTRIES, - mDataStorage->mPersistentDataTable.Count()); } return NS_OK; diff --git a/security/manager/ssl/SSLServerCertVerification.cpp b/security/manager/ssl/SSLServerCertVerification.cpp index 4ef79f54a5..757534955d 100644 --- a/security/manager/ssl/SSLServerCertVerification.cpp +++ b/security/manager/ssl/SSLServerCertVerification.cpp @@ -567,15 +567,12 @@ CertErrorRunnable::CheckCertOverrides() // want a ballpark answer, we don't care. if (mErrorCodeTrust != 0) { uint32_t probeValue = MapOverridableErrorToProbeValue(mErrorCodeTrust); - Telemetry::Accumulate(Telemetry::SSL_CERT_ERROR_OVERRIDES, probeValue); } if (mErrorCodeMismatch != 0) { uint32_t probeValue = MapOverridableErrorToProbeValue(mErrorCodeMismatch); - Telemetry::Accumulate(Telemetry::SSL_CERT_ERROR_OVERRIDES, probeValue); } if (mErrorCodeTime != 0) { uint32_t probeValue = MapOverridableErrorToProbeValue(mErrorCodeTime); - Telemetry::Accumulate(Telemetry::SSL_CERT_ERROR_OVERRIDES, probeValue); } // all errors are covered by override rules, so let's accept the cert @@ -660,7 +657,6 @@ CreateCertErrorRunnable(CertVerifier& certVerifier, MOZ_ASSERT(cert); uint32_t probeValue = MapCertErrorToProbeValue(defaultErrorCodeToReport); - Telemetry::Accumulate(Telemetry::SSL_CERT_VERIFICATION_ERRORS, probeValue); uint32_t collected_errors = 0; PRErrorCode errorCodeTrust = 0; @@ -869,19 +865,11 @@ void AccumulateSubjectCommonNameTelemetry(const char* commonName, bool commonNameInSubjectAltNames) { - if (!commonName) { - // 1 means no common name present - Telemetry::Accumulate(Telemetry::BR_9_2_2_SUBJECT_COMMON_NAME, 1); - } else if (!commonNameInSubjectAltNames) { + if (!commonNameInSubjectAltNames) { MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("BR telemetry: common name '%s' not in subject alt. names " "(or the subject alt. names extension is not present)\n", commonName)); - // 2 means the common name is not present in subject alt names - Telemetry::Accumulate(Telemetry::BR_9_2_2_SUBJECT_COMMON_NAME, 2); - } else { - // 0 means the common name is present in subject alt names - Telemetry::Accumulate(Telemetry::BR_9_2_2_SUBJECT_COMMON_NAME, 0); } } @@ -947,8 +935,6 @@ GatherBaselineRequirementsTelemetry(const UniqueCERTCertList& certList) MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("BR telemetry: no subject alt names extension for '%s'\n", commonName.get())); - // 1 means there is no subject alt names extension - Telemetry::Accumulate(Telemetry::BR_9_2_1_SUBJECT_ALT_NAMES, 1); AccumulateSubjectCommonNameTelemetry(commonName.get(), false); return; } @@ -960,8 +946,6 @@ GatherBaselineRequirementsTelemetry(const UniqueCERTCertList& certList) MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("BR telemetry: could not decode subject alt names for '%s'\n", commonName.get())); - // 2 means the subject alt names extension could not be decoded - Telemetry::Accumulate(Telemetry::BR_9_2_1_SUBJECT_ALT_NAMES, 2); AccumulateSubjectCommonNameTelemetry(commonName.get(), false); return; } @@ -1044,24 +1028,6 @@ GatherBaselineRequirementsTelemetry(const UniqueCERTCertList& certList) currentName = CERT_GetNextGeneralName(currentName); } while (currentName && currentName != subjectAltNames); - if (nonDNSNameOrIPAddressPresent) { - // 3 means there's an entry that isn't an ip address or dns name - Telemetry::Accumulate(Telemetry::BR_9_2_1_SUBJECT_ALT_NAMES, 3); - } - if (malformedDNSNameOrIPAddressPresent) { - // 4 means there's a malformed ip address or dns name entry - Telemetry::Accumulate(Telemetry::BR_9_2_1_SUBJECT_ALT_NAMES, 4); - } - if (nonFQDNPresent) { - // 5 means there's a DNS name entry with a non-fully-qualified domain name - Telemetry::Accumulate(Telemetry::BR_9_2_1_SUBJECT_ALT_NAMES, 5); - } - if (!nonDNSNameOrIPAddressPresent && !malformedDNSNameOrIPAddressPresent && - !nonFQDNPresent) { - // 0 means the extension is acceptable - Telemetry::Accumulate(Telemetry::BR_9_2_1_SUBJECT_ALT_NAMES, 0); - } - AccumulateSubjectCommonNameTelemetry(commonName.get(), commonNameInSubjectAltNames); } @@ -1111,7 +1077,6 @@ GatherEKUTelemetry(const UniqueCERTCertList& certList) } if (!foundEKU) { - Telemetry::Accumulate(Telemetry::SSL_SERVER_AUTH_EKU, 0); return; } @@ -1133,18 +1098,6 @@ GatherEKUTelemetry(const UniqueCERTCertList& certList) foundOther = true; } } - - // Cases 3 is included only for completeness. It should never - // appear in these statistics, because CheckExtendedKeyUsage() - // should require the EKU extension, if present, to contain the - // value id_kp_serverAuth. - if (foundServerAuth && !foundOther) { - Telemetry::Accumulate(Telemetry::SSL_SERVER_AUTH_EKU, 1); - } else if (foundServerAuth && foundOther) { - Telemetry::Accumulate(Telemetry::SSL_SERVER_AUTH_EKU, 2); - } else if (!foundServerAuth) { - Telemetry::Accumulate(Telemetry::SSL_SERVER_AUTH_EKU, 3); - } } // Gathers telemetry on which CA is the root of a given cert chain. @@ -1210,9 +1163,6 @@ GatherEndEntityTelemetry(const UniqueCERTCertList& certList) if (durationInWeeks > (2 * ONE_YEAR_IN_WEEKS)) { durationInWeeks = (2 * ONE_YEAR_IN_WEEKS) + 1; } - - Telemetry::Accumulate(Telemetry::SSL_OBSERVED_END_ENTITY_CERTIFICATE_LIFETIME, - durationInWeeks); } // There are various things that we want to measure about certificate @@ -1229,75 +1179,14 @@ GatherSuccessfulValidationTelemetry(const UniqueCERTCertList& certList) void GatherTelemetryForSingleSCT(const ct::SignedCertificateTimestamp& sct) { - // See SSL_SCTS_ORIGIN in Histograms.json. - uint32_t origin = 0; - switch (sct.origin) { - case ct::SignedCertificateTimestamp::Origin::Embedded: - origin = 1; - break; - case ct::SignedCertificateTimestamp::Origin::TLSExtension: - origin = 2; - break; - case ct::SignedCertificateTimestamp::Origin::OCSPResponse: - origin = 3; - break; - default: - MOZ_ASSERT_UNREACHABLE("Unexpected SCT::Origin type"); - } - Telemetry::Accumulate(Telemetry::SSL_SCTS_ORIGIN, origin); - - // See SSL_SCTS_VERIFICATION_STATUS in Histograms.json. - uint32_t verificationStatus = 0; - switch (sct.verificationStatus) { - case ct::SignedCertificateTimestamp::VerificationStatus::OK: - verificationStatus = 1; - break; - case ct::SignedCertificateTimestamp::VerificationStatus::UnknownLog: - verificationStatus = 2; - break; - case ct::SignedCertificateTimestamp::VerificationStatus::InvalidSignature: - verificationStatus = 3; - break; - case ct::SignedCertificateTimestamp::VerificationStatus::InvalidTimestamp: - verificationStatus = 4; - break; - default: - MOZ_ASSERT_UNREACHABLE("Unexpected SCT::VerificationStatus type"); - } - Telemetry::Accumulate(Telemetry::SSL_SCTS_VERIFICATION_STATUS, - verificationStatus); +/* STUB */ } void GatherCertificateTransparencyTelemetry(const UniqueCERTCertList& certList, const CertificateTransparencyInfo& info) { - if (!info.enabled) { - // No telemetry is gathered when CT is disabled. - return; - } - - if (!info.processedSCTs) { - // We didn't receive any SCT data for this connection. - Telemetry::Accumulate(Telemetry::SSL_SCTS_PER_CONNECTION, 0); - return; - } - - for (const ct::SignedCertificateTimestamp& sct : info.verifyResult.scts) { - GatherTelemetryForSingleSCT(sct); - } - - // Decoding errors are reported to the 0th bucket - // of the SSL_SCTS_VERIFICATION_STATUS enumerated probe. - for (size_t i = 0; i < info.verifyResult.decodingErrors; ++i) { - Telemetry::Accumulate(Telemetry::SSL_SCTS_VERIFICATION_STATUS, 0); - } - - // Handle the histogram of SCTs counts. - uint32_t sctsCount = static_cast<uint32_t>(info.verifyResult.scts.length()); - // Note that sctsCount can be 0 in case we've received SCT binary data, - // but it failed to parse (e.g. due to unsupported CT protocol version). - Telemetry::Accumulate(Telemetry::SSL_SCTS_PER_CONNECTION, sctsCount); +/* STUB */ } // Note: Takes ownership of |peerCertChain| if SECSuccess is not returned. @@ -1350,29 +1239,6 @@ AuthCertificate(CertVerifier& certVerifier, uint32_t evStatus = (rv != Success) ? 0 // 0 = Failure : (evOidPolicy == SEC_OID_UNKNOWN) ? 1 // 1 = DV : 2; // 2 = EV - Telemetry::Accumulate(Telemetry::CERT_EV_STATUS, evStatus); - - if (ocspStaplingStatus != CertVerifier::OCSP_STAPLING_NEVER_CHECKED) { - Telemetry::Accumulate(Telemetry::SSL_OCSP_STAPLING, ocspStaplingStatus); - } - if (keySizeStatus != KeySizeStatus::NeverChecked) { - Telemetry::Accumulate(Telemetry::CERT_CHAIN_KEY_SIZE_STATUS, - static_cast<uint32_t>(keySizeStatus)); - } - if (sha1ModeResult != SHA1ModeResult::NeverChecked) { - Telemetry::Accumulate(Telemetry::CERT_CHAIN_SHA1_POLICY_STATUS, - static_cast<uint32_t>(sha1ModeResult)); - } - - if (pinningTelemetryInfo.accumulateForRoot) { - Telemetry::Accumulate(Telemetry::CERT_PINNING_FAILURES_BY_CA, - pinningTelemetryInfo.rootBucket); - } - - if (pinningTelemetryInfo.accumulateResult) { - Telemetry::Accumulate(pinningTelemetryInfo.certPinningResultHistogram, - pinningTelemetryInfo.certPinningResultBucket); - } if (rv == Success) { // Certificate verification succeeded. Delete any potential record of @@ -1517,7 +1383,6 @@ SSLServerCertVerificationJob::Run() new SSLServerCertVerificationResult(mInfoObject, 0, successTelemetry, interval)); restart->Dispatch(); - Telemetry::Accumulate(Telemetry::SSL_CERT_ERROR_OVERRIDES, 1); return NS_OK; } @@ -1527,7 +1392,6 @@ SSLServerCertVerificationJob::Run() { TimeStamp now = TimeStamp::Now(); MutexAutoLock telemetryMutex(*gSSLVerificationTelemetryMutex); - Telemetry::AccumulateTimeDelta(failureTelemetry, mJobStartTime, now); } if (error != 0) { RefPtr<CertErrorRunnable> runnable( @@ -1694,7 +1558,6 @@ AuthCertificateHook(void* arg, PRFileDesc* fd, PRBool checkSig, PRBool isServer) MOZ_ASSERT(peerCertChain || rv != SECSuccess, "AuthCertificate() should take ownership of chain on failure"); if (rv == SECSuccess) { - Telemetry::Accumulate(Telemetry::SSL_CERT_ERROR_OVERRIDES, 1); return SECSuccess; } @@ -1782,10 +1645,6 @@ SSLServerCertVerificationResult::Dispatch() NS_IMETHODIMP SSLServerCertVerificationResult::Run() { - // TODO: Assert that we're on the socket transport thread - if (mTelemetryID != Telemetry::HistogramCount) { - Telemetry::Accumulate(mTelemetryID, mTelemetryValue); - } // XXX: This cast will be removed by the next patch ((nsNSSSocketInfo*) mInfoObject.get()) ->SetCertVerificationResult(mErrorCode, mErrorMessageType); diff --git a/security/manager/ssl/TransportSecurityInfo.cpp b/security/manager/ssl/TransportSecurityInfo.cpp index fe39f40171..0e2238ad02 100644 --- a/security/manager/ssl/TransportSecurityInfo.cpp +++ b/security/manager/ssl/TransportSecurityInfo.cpp @@ -854,7 +854,7 @@ AppendErrorTextCode(PRErrorCode errorCodeToReport, nsString formattedString; nsresult rv; - rv = component->PIPBundleFormatStringFromName("certErrorCodePrefix2", + rv = component->PIPBundleFormatStringFromName("certErrorCodePrefix", params, 1, formattedString); if (NS_SUCCEEDED(rv)) { diff --git a/security/manager/ssl/nsKeygenHandler.cpp b/security/manager/ssl/nsKeygenHandler.cpp index c4529f8775..9196e200c0 100644 --- a/security/manager/ssl/nsKeygenHandler.cpp +++ b/security/manager/ssl/nsKeygenHandler.cpp @@ -399,48 +399,7 @@ loser: void GatherKeygenTelemetry(uint32_t keyGenMechanism, int keysize, char* curve) { - if (keyGenMechanism == CKM_RSA_PKCS_KEY_PAIR_GEN) { - if (keysize > 8196 || keysize < 0) { - return; - } - - nsCString telemetryValue("rsa"); - telemetryValue.AppendPrintf("%d", keysize); - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, telemetryValue); - } else if (keyGenMechanism == CKM_EC_KEY_PAIR_GEN) { - nsCString secp384r1 = NS_LITERAL_CSTRING("secp384r1"); - nsCString secp256r1 = NS_LITERAL_CSTRING("secp256r1"); - - mozilla::UniqueSECItem decoded = DecodeECParams(curve); - if (!decoded) { - switch (keysize) { - case 2048: - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, secp384r1); - break; - case 1024: - case 512: - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, secp256r1); - break; - } - } else { - if (secp384r1.EqualsIgnoreCase(curve, secp384r1.Length())) { - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, secp384r1); - } else if (secp256r1.EqualsIgnoreCase(curve, secp256r1.Length())) { - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, secp256r1); - } else { - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, NS_LITERAL_CSTRING("other_ec")); - } - } - } else { - MOZ_CRASH("Unknown keygen algorithm"); - return; - } +/* STUB */ } nsresult diff --git a/security/manager/ssl/nsNSSCallbacks.cpp b/security/manager/ssl/nsNSSCallbacks.cpp index 9411012651..6bac59f519 100644 --- a/security/manager/ssl/nsNSSCallbacks.cpp +++ b/security/manager/ssl/nsNSSCallbacks.cpp @@ -490,31 +490,6 @@ nsNSSHttpRequestSession::internal_send_receive_attempt(bool &retryable_error, } } - if (!event->mStartTime.IsNull()) { - if (request_canceled) { - Telemetry::Accumulate(Telemetry::CERT_VALIDATION_HTTP_REQUEST_RESULT, 0); - Telemetry::AccumulateTimeDelta( - Telemetry::CERT_VALIDATION_HTTP_REQUEST_CANCELED_TIME, - event->mStartTime, TimeStamp::Now()); - } - else if (NS_SUCCEEDED(mListener->mResultCode) && - mListener->mHttpResponseCode == 200) { - Telemetry::Accumulate(Telemetry::CERT_VALIDATION_HTTP_REQUEST_RESULT, 1); - Telemetry::AccumulateTimeDelta( - Telemetry::CERT_VALIDATION_HTTP_REQUEST_SUCCEEDED_TIME, - event->mStartTime, TimeStamp::Now()); - } - else { - Telemetry::Accumulate(Telemetry::CERT_VALIDATION_HTTP_REQUEST_RESULT, 2); - Telemetry::AccumulateTimeDelta( - Telemetry::CERT_VALIDATION_HTTP_REQUEST_FAILED_TIME, - event->mStartTime, TimeStamp::Now()); - } - } - else { - Telemetry::Accumulate(Telemetry::CERT_VALIDATION_HTTP_REQUEST_RESULT, 3); - } - if (request_canceled) { return Result::ERROR_OCSP_SERVER_ERROR; } @@ -996,7 +971,6 @@ PreliminaryHandshakeDone(PRFileDesc* fd) } else { infoObject->SetNegotiatedNPN(nullptr, 0); } - mozilla::Telemetry::Accumulate(Telemetry::SSL_NPN_TYPE, state); } else { infoObject->SetNegotiatedNPN(nullptr, 0); } @@ -1091,9 +1065,6 @@ CanFalseStartCallback(PRFileDesc* fd, void* client_data, PRBool *canFalseStart) } } - Telemetry::Accumulate(Telemetry::SSL_REASONS_FOR_NOT_FALSE_STARTING, - reasonsForNotFalseStarting); - if (reasonsForNotFalseStarting == 0) { *canFalseStart = PR_TRUE; infoObject->SetFalseStarted(); @@ -1118,7 +1089,6 @@ AccumulateNonECCKeySize(Telemetry::ID probe, uint32_t bits) : bits < 8192 ? 17 : bits == 8192 ? 18 : bits < 16384 ? 19 : bits == 16384 ? 20 : 0; - Telemetry::Accumulate(probe, value); } // XXX: This attempts to map a bit count to an ECC named curve identifier. In @@ -1134,7 +1104,6 @@ AccumulateECCCurve(Telemetry::ID probe, uint32_t bits) : bits == 384 ? 24 // P-384 : bits == 521 ? 25 // P-521 : 0; // Unknown - Telemetry::Accumulate(probe, value); } static void @@ -1197,7 +1166,6 @@ AccumulateCipherSuite(Telemetry::ID probe, const SSLChannelInfo& channelInfo) break; } MOZ_ASSERT(value != 0); - Telemetry::Accumulate(probe, value); } // In the case of session resumption, the AuthCertificate hook has been bypassed @@ -1318,7 +1286,6 @@ void HandshakeCallback(PRFileDesc* fd, void* client_data) { // 1=tls1, 2=tls1.1, 3=tls1.2 unsigned int versionEnum = channelInfo.protocolVersion & 0xFF; MOZ_ASSERT(versionEnum > 0); - Telemetry::Accumulate(Telemetry::SSL_HANDSHAKE_VERSION, versionEnum); AccumulateCipherSuite( infoObject->IsFullHandshake() ? Telemetry::SSL_CIPHER_SUITE_FULL : Telemetry::SSL_CIPHER_SUITE_RESUMED, @@ -1331,13 +1298,6 @@ void HandshakeCallback(PRFileDesc* fd, void* client_data) { if (rv == SECSuccess) { usesFallbackCipher = channelInfo.keaType == ssl_kea_dh; - // keyExchange null=0, rsa=1, dh=2, fortezza=3, ecdh=4 - Telemetry::Accumulate( - infoObject->IsFullHandshake() - ? Telemetry::SSL_KEY_EXCHANGE_ALGORITHM_FULL - : Telemetry::SSL_KEY_EXCHANGE_ALGORITHM_RESUMED, - channelInfo.keaType); - MOZ_ASSERT(infoObject->GetKEAUsed() == channelInfo.keaType); if (infoObject->IsFullHandshake()) { @@ -1359,9 +1319,6 @@ void HandshakeCallback(PRFileDesc* fd, void* client_data) { break; } - Telemetry::Accumulate(Telemetry::SSL_AUTH_ALGORITHM_FULL, - channelInfo.authType); - // RSA key exchange doesn't use a signature for auth. if (channelInfo.keaType != ssl_kea_rsa) { switch (channelInfo.authType) { @@ -1380,12 +1337,6 @@ void HandshakeCallback(PRFileDesc* fd, void* client_data) { } } } - - Telemetry::Accumulate( - infoObject->IsFullHandshake() - ? Telemetry::SSL_SYMMETRIC_CIPHER_FULL - : Telemetry::SSL_SYMMETRIC_CIPHER_RESUMED, - cipherInfo.symCipher); } } diff --git a/security/manager/ssl/nsNSSComponent.cpp b/security/manager/ssl/nsNSSComponent.cpp index 025f4bda24..4fc8c142ef 100644 --- a/security/manager/ssl/nsNSSComponent.cpp +++ b/security/manager/ssl/nsNSSComponent.cpp @@ -805,29 +805,22 @@ nsNSSComponent::MaybeEnableFamilySafetyCompatibility() if (familySafetyMode > 2) { familySafetyMode = 0; } - Telemetry::Accumulate(Telemetry::FAMILY_SAFETY, familySafetyMode); if (familySafetyMode == 0) { return; } bool familySafetyEnabled; nsresult rv = AccountHasFamilySafetyEnabled(familySafetyEnabled); if (NS_FAILED(rv)) { - Telemetry::Accumulate(Telemetry::FAMILY_SAFETY, 3); return; } if (!familySafetyEnabled) { - Telemetry::Accumulate(Telemetry::FAMILY_SAFETY, 4); return; } - Telemetry::Accumulate(Telemetry::FAMILY_SAFETY, 5); if (familySafetyMode == 2) { rv = LoadFamilySafetyRoot(); if (NS_FAILED(rv)) { - Telemetry::Accumulate(Telemetry::FAMILY_SAFETY, 6); MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("failed to load Family Safety root")); - } else { - Telemetry::Accumulate(Telemetry::FAMILY_SAFETY, 7); } } #endif // XP_WIN @@ -1376,12 +1369,18 @@ static const CipherPref sCipherPrefs[] = { TLS_RSA_WITH_AES_256_CBC_SHA, true }, // Expensive/deprecated/weak +// Deprecated { "security.ssl3.rsa_aes_128_gcm_sha256", TLS_RSA_WITH_AES_128_GCM_SHA256, false }, // Deprecated { "security.ssl3.rsa_aes_128_sha256", TLS_RSA_WITH_AES_128_CBC_SHA256, false }, // Deprecated +// Weak/vulnerable { "security.ssl3.rsa_des_ede3_sha", - TLS_RSA_WITH_3DES_EDE_CBC_SHA, false }, // Weak (3DES) + TLS_RSA_WITH_3DES_EDE_CBC_SHA, false, true }, // Weak (3DES) + { "security.ssl3.rsa_rc4_128_sha", + TLS_RSA_WITH_RC4_128_SHA, false, true }, // RC4 + { "security.ssl3.rsa_rc4_128_md5", + TLS_RSA_WITH_RC4_128_MD5, false, true }, // RC4, HMAC-MD5 // All the rest are disabled @@ -1391,8 +1390,8 @@ static const CipherPref sCipherPrefs[] = { // Bit flags indicating what weak ciphers are enabled. // The bit index will correspond to the index in sCipherPrefs. // Wrtten by the main thread, read from any threads. -static Atomic<uint32_t> sEnabledWeakCiphers; -static_assert(MOZ_ARRAY_LENGTH(sCipherPrefs) - 1 <= sizeof(uint32_t) * CHAR_BIT, +static uint64_t sEnabledWeakCiphers; +static_assert(MOZ_ARRAY_LENGTH(sCipherPrefs) - 1 <= sizeof(uint64_t) * CHAR_BIT, "too many cipher suites"); /*static*/ bool @@ -1404,10 +1403,10 @@ nsNSSComponent::AreAnyWeakCiphersEnabled() /*static*/ void nsNSSComponent::UseWeakCiphersOnSocket(PRFileDesc* fd) { - const uint32_t enabledWeakCiphers = sEnabledWeakCiphers; + const uint64_t enabledWeakCiphers = sEnabledWeakCiphers; const CipherPref* const cp = sCipherPrefs; for (size_t i = 0; cp[i].pref; ++i) { - if (enabledWeakCiphers & ((uint32_t)1 << i)) { + if (enabledWeakCiphers & ((uint64_t)1 << i)) { SSL_CipherPrefSet(fd, cp[i].id, true); } } @@ -1534,11 +1533,11 @@ CipherSuiteChangeObserver::Observe(nsISupports* aSubject, // are enabled in prefs. They are only used on specific // sockets as a part of a fallback mechanism. // Only the main thread will change sEnabledWeakCiphers. - uint32_t enabledWeakCiphers = sEnabledWeakCiphers; + uint64_t enabledWeakCiphers = sEnabledWeakCiphers; if (cipherEnabled) { - enabledWeakCiphers |= ((uint32_t)1 << i); + enabledWeakCiphers |= ((uint64_t)1 << i); } else { - enabledWeakCiphers &= ~((uint32_t)1 << i); + enabledWeakCiphers &= ~((uint64_t)1 << i); } sEnabledWeakCiphers = enabledWeakCiphers; } else { @@ -1574,13 +1573,6 @@ void nsNSSComponent::setValidationOptions(bool isInitialSetting, bool ocspRequired = ocspEnabled && Preferences::GetBool("security.OCSP.require", false); - // We measure the setting of the pref at startup only to minimize noise by - // addons that may muck with the settings, though it probably doesn't matter. - if (isInitialSetting) { - Telemetry::Accumulate(Telemetry::CERT_OCSP_ENABLED, ocspEnabled); - Telemetry::Accumulate(Telemetry::CERT_OCSP_REQUIRED, ocspRequired); - } - bool ocspStaplingEnabled = Preferences::GetBool("security.ssl.enable_ocsp_stapling", true); PublicSSLState()->SetOCSPStaplingEnabled(ocspStaplingEnabled); @@ -1932,20 +1924,6 @@ nsNSSComponent::InitializeNSS() return NS_ERROR_FAILURE; } - // TLSServerSocket may be run with the session cache enabled. It is necessary - // to call this once before that can happen. This specifies a maximum of 1000 - // cache entries (the default number of cache entries is 10000, which seems a - // little excessive as there probably won't be that many clients connecting to - // any TLSServerSockets the browser runs.) - // Note that this must occur before any calls to SSL_ClearSessionCache - // (otherwise memory will leak). - if (SSL_ConfigServerSessionIDCache(1000, 0, 0, nullptr) != SECSuccess) { -#ifdef ANDROID - MOZ_RELEASE_ASSERT(false); -#endif - return NS_ERROR_FAILURE; - } - // ensure the CertBlocklist is initialised nsCOMPtr<nsICertBlocklist> certList = do_GetService(NS_CERTBLOCKLIST_CONTRACTID); #ifdef ANDROID @@ -1986,9 +1964,6 @@ nsNSSComponent::InitializeNSS() return NS_ERROR_FAILURE; } - if (PK11_IsFIPS()) { - Telemetry::Accumulate(Telemetry::FIPS_ENABLED, true); - } MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("NSS Initialization done\n")); return NS_OK; } @@ -2476,7 +2451,7 @@ InitializeCipherSuite() } // Now only set SSL/TLS ciphers we knew about at compile time - uint32_t enabledWeakCiphers = 0; + uint64_t enabledWeakCiphers = 0; const CipherPref* const cp = sCipherPrefs; for (size_t i = 0; cp[i].pref; ++i) { bool cipherEnabled = Preferences::GetBool(cp[i].pref, @@ -2485,7 +2460,7 @@ InitializeCipherSuite() // Weak ciphers are not used by default. See the comment // in CipherSuiteChangeObserver::Observe for details. if (cipherEnabled) { - enabledWeakCiphers |= ((uint32_t)1 << i); + enabledWeakCiphers |= ((uint64_t)1 << i); } } else { SSL_CipherPrefSetDefault(cp[i].id, cipherEnabled); diff --git a/security/manager/ssl/nsNSSErrors.cpp b/security/manager/ssl/nsNSSErrors.cpp index fc8bd3e318..1613eb4e7a 100644 --- a/security/manager/ssl/nsNSSErrors.cpp +++ b/security/manager/ssl/nsNSSErrors.cpp @@ -84,7 +84,7 @@ nsNSSErrors::getErrorMessageFromCode(PRErrorCode err, params[0] = idU.get(); nsString formattedString; - rv = component->PIPBundleFormatStringFromName("certErrorCodePrefix2", + rv = component->PIPBundleFormatStringFromName("certErrorCodePrefix", params, 1, formattedString); if (NS_SUCCEEDED(rv)) { diff --git a/security/manager/ssl/nsNSSIOLayer.cpp b/security/manager/ssl/nsNSSIOLayer.cpp index 2d49540fbd..93fca396b1 100644 --- a/security/manager/ssl/nsNSSIOLayer.cpp +++ b/security/manager/ssl/nsNSSIOLayer.cpp @@ -237,9 +237,6 @@ nsNSSSocketInfo::NoteTimeUntilReady() mNotedTimeUntilReady = true; - // This will include TCP and proxy tunnel wait time - Telemetry::AccumulateTimeDelta(Telemetry::SSL_TIME_UNTIL_READY, - mSocketCreationTimestamp, TimeStamp::Now()); MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("[%p] nsNSSSocketInfo::NoteTimeUntilReady\n", mFd)); } @@ -259,16 +256,6 @@ nsNSSSocketInfo::SetHandshakeCompleted() : mFalseStarted ? FalseStarted : mFalseStartCallbackCalled ? ChoseNotToFalseStart : NotAllowedToFalseStart; - - // This will include TCP and proxy tunnel wait time - Telemetry::AccumulateTimeDelta(Telemetry::SSL_TIME_UNTIL_HANDSHAKE_FINISHED, - mSocketCreationTimestamp, TimeStamp::Now()); - - // If the handshake is completed for the first time from just 1 callback - // that means that TLS session resumption must have been used. - Telemetry::Accumulate(Telemetry::SSL_RESUMED_SESSION, - handshakeType == Resumption); - Telemetry::Accumulate(Telemetry::SSL_HANDSHAKE_TYPE, handshakeType); } @@ -623,11 +610,6 @@ nsNSSSocketInfo::SetCertVerificationResult(PRErrorCode errorCode, SetCanceled(errorCode, errorMessageType); } - if (mPlaintextBytesRead && !errorCode) { - Telemetry::Accumulate(Telemetry::SSL_BYTES_BEFORE_CERT_CALLBACK, - AssertedCast<uint32_t>(mPlaintextBytesRead)); - } - mCertVerificationState = after_cert_verification; } @@ -1121,8 +1103,6 @@ retryDueToTLSIntolerance(PRErrorCode err, nsNSSSocketInfo* socketInfo) PRErrorCode originalReason = helpers.getIntoleranceReason(socketInfo->GetHostName(), socketInfo->GetPort()); - Telemetry::Accumulate(Telemetry::SSL_VERSION_FALLBACK_INAPPROPRIATE, - tlsIntoleranceTelemetryBucket(originalReason)); helpers.forgetIntolerance(socketInfo->GetHostName(), socketInfo->GetPort()); @@ -1144,11 +1124,8 @@ retryDueToTLSIntolerance(PRErrorCode err, nsNSSSocketInfo* socketInfo) helpers.mUnrestrictedRC4Fallback) { if (helpers.rememberStrongCiphersFailed(socketInfo->GetHostName(), socketInfo->GetPort(), err)) { - Telemetry::Accumulate(Telemetry::SSL_WEAK_CIPHERS_FALLBACK, - tlsIntoleranceTelemetryBucket(err)); return true; } - Telemetry::Accumulate(Telemetry::SSL_WEAK_CIPHERS_FALLBACK, 0); } } @@ -1191,18 +1168,12 @@ retryDueToTLSIntolerance(PRErrorCode err, nsNSSSocketInfo* socketInfo) return false; } - // The difference between _PRE and _POST represents how often we avoided - // TLS intolerance fallback due to remembered tolerance. - Telemetry::Accumulate(pre, reason); - if (!helpers.rememberIntolerantAtVersion(socketInfo->GetHostName(), socketInfo->GetPort(), range.min, range.max, err)) { return false; } - Telemetry::Accumulate(post, reason); - return true; } @@ -1242,8 +1213,6 @@ reportHandshakeResult(int32_t bytesTransferred, bool wasReading, PRErrorCode err } else { bucket = 671; } - - Telemetry::Accumulate(Telemetry::SSL_HANDSHAKE_RESULT, bucket); } int32_t diff --git a/security/manager/ssl/nsNTLMAuthModule.cpp b/security/manager/ssl/nsNTLMAuthModule.cpp index a0564118a3..46a4a21a03 100644 --- a/security/manager/ssl/nsNTLMAuthModule.cpp +++ b/security/manager/ssl/nsNTLMAuthModule.cpp @@ -1009,11 +1009,6 @@ nsNTLMAuthModule::Init(const char *serviceName, static bool sTelemetrySent = false; if (!sTelemetrySent) { - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::NTLM_MODULE_USED_2, - serviceFlags & nsIAuthModule::REQ_PROXY_AUTH - ? NTLM_MODULE_GENERIC_PROXY - : NTLM_MODULE_GENERIC_DIRECT); sTelemetrySent = true; } diff --git a/security/manager/ssl/nsPKCS11Slot.cpp b/security/manager/ssl/nsPKCS11Slot.cpp index 780a7c4b28..015f869011 100644 --- a/security/manager/ssl/nsPKCS11Slot.cpp +++ b/security/manager/ssl/nsPKCS11Slot.cpp @@ -541,10 +541,6 @@ nsPKCS11ModuleDB::ToggleFIPSMode() return NS_ERROR_FAILURE; } - if (PK11_IsFIPS()) { - Telemetry::Accumulate(Telemetry::FIPS_ENABLED, true); - } - return NS_OK; } diff --git a/security/manager/ssl/nsSTSPreloadList.errors b/security/manager/ssl/nsSTSPreloadList.errors index 4cfa9bd846..243fdce2cf 100644 --- a/security/manager/ssl/nsSTSPreloadList.errors +++ b/security/manager/ssl/nsSTSPreloadList.errors @@ -1,19 +1,22 @@ 0-1.party: could not connect to host +0.me.uk: did not receive HSTS header 00001.am: max-age too low: 129600 00002.am: max-age too low: 129600 0005.com: could not connect to host 0005aa.com: could not connect to host +0005pay.com: did not receive HSTS header 00220022.net: could not connect to host 007-preisvergleich.de: could not connect to host 007kf.com: could not connect to host 007sascha.de: did not receive HSTS header +00880088.net: could not connect to host 00wbf.com: could not connect to host 01100010011001010111001101110100.com: could not connect to host 016298.com: did not receive HSTS header 020wifi.nl: could not connect to host +0222.mg: did not receive HSTS header 0222aa.com: did not receive HSTS header 023838.com: did not receive HSTS header -02607.com: could not connect to host 029inno.com: could not connect to host 02dl.net: could not connect to host 03-09-2016.wedding: could not connect to host @@ -26,7 +29,6 @@ 066928.com: could not connect to host 066938.com: could not connect to host 070709.net: could not connect to host -09115.com: could not connect to host 0c.eu: did not receive HSTS header 0cdn.ga: could not connect to host 0day.su: could not connect to host @@ -41,11 +43,12 @@ 0w0.vc: could not connect to host 0x0a.net: could not connect to host 0x1337.eu: could not connect to host -0x44.net: did not receive HSTS header +0x44.net: could not connect to host 0x4b0c131e.pub: could not connect to host 0x52.org: could not connect to host 0x539.be: did not receive HSTS header 0x539.pw: did not receive HSTS header +0x5f3759df.cf: could not connect to host 0x65.net: did not receive HSTS header 0x90.fi: could not connect to host 0x90.in: could not connect to host @@ -54,8 +57,11 @@ 0xb612.org: could not connect to host 0xcafec0.de: did not receive HSTS header 1.0.0.1: max-age too low: 0 +10000v.ru: could not connect to host 1000hats.com: did not receive HSTS header +1000serien.com: could not connect to host 1001.best: could not connect to host +1001firms.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] 100onrainkajino.com: could not connect to host 1017scribes.com: could not connect to host 1018hosting.nl: did not receive HSTS header @@ -64,38 +70,47 @@ 10gbit.ovh: could not connect to host 10tacle.io: could not connect to host 10x.ooo: could not connect to host +1116pay.com: did not receive HSTS header 11recruitment.com.au: did not receive HSTS header 12.net: did not receive HSTS header 120dayweightloss.com: could not connect to host 123110.com: could not connect to host +123comparer.fr: did not receive HSTS header +123djdrop.com: did not receive HSTS header 123movies.fyi: did not receive HSTS header 123share.org: did not receive HSTS header +123termpapers.com: could not connect to host 123test.de: did not receive HSTS header 123test.es: did not receive HSTS header 123test.fr: did not receive HSTS header 126ium.moe: could not connect to host 127011-networks.ch: could not connect to host +1288fc.com: could not connect to host 12vpn.org: could not connect to host 12vpnchina.com: could not connect to host 1359826938.rsc.cdn77.org: did not receive HSTS header 135vv.com: could not connect to host 13826145000.com: could not connect to host -1396.cc: did not receive HSTS header +1396.cc: could not connect to host +1396.net: did not receive HSTS header +15-10.com: did not receive HSTS header 1536.cf: could not connect to host +160887.com: did not receive HSTS header 16164f.com: could not connect to host 163pwd.com: could not connect to host 168bet9.com: could not connect to host +168esb.com: could not connect to host 16deza.com: did not receive HSTS header 16packets.com: could not connect to host 173vpn.cn: did not receive HSTS header 173vpns.com: could not connect to host 173vpnv.com: could not connect to host 174.net.nz: did not receive HSTS header -174343.com: did not receive HSTS header +174343.com: could not connect to host 188522.com: did not receive HSTS header +18888msc.com: could not connect to host 1888zr.com: could not connect to host 188betwarriors.co.uk: could not connect to host -188da.com: could not connect to host 188trafalgar.ca: did not receive HSTS header 1912x.com: could not connect to host 1921958389.rsc.cdn77.org: could not connect to host @@ -107,6 +122,7 @@ 1day1ac.red: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] 1er-secours.ch: could not connect to host 1gsoft.com: could not connect to host +1item.co.il: did not receive HSTS header 1k8b.com: could not connect to host 1nian.vip: could not connect to host 1pw.ca: did not receive HSTS header @@ -114,7 +130,9 @@ 1s.tn: could not connect to host 1st4abounce.co.uk: did not receive HSTS header 1stcapital.com.sg: did not receive HSTS header +1ststop.co.uk: did not receive HSTS header 1three1.net: did not receive HSTS header +1upinternet.com: could not connect to host 1xcess.com: did not receive HSTS header 1years.cc: did not receive HSTS header 2-cpu.de: could not connect to host @@ -127,27 +145,29 @@ 21lg.co: could not connect to host 21stnc.com: could not connect to host 2333.press: could not connect to host -233boy.com: could not connect to host +233ss.net: did not receive HSTS header +247a.co.uk: could not connect to host 247quickbooks.com: did not receive HSTS header 2488.ch: did not receive HSTS header 249cq.com: could not connect to host 24hourpaint.com: could not connect to host -24hrs.shopping: did not receive HSTS header +24hrs.shopping: could not connect to host 24kbet.com: could not connect to host 24pcr.com: could not connect to host 24sihu.com: could not connect to host 256k.me: could not connect to host 25daysof.io: could not connect to host +260887.com: did not receive HSTS header 2859cc.com: could not connect to host 29227.com: could not connect to host 2acbi-asso.fr: did not receive HSTS header -2au.ru: could not connect to host 2b3b.com: could not connect to host 2bitout.com: could not connect to host 2bizi.ru: could not connect to host 2brokegirls.org: could not connect to host 2carpros.com: did not receive HSTS header 2fl.me: did not receive HSTS header +2gen.com: could not connect to host 2intermediate.co.uk: did not receive HSTS header 2or3.tk: could not connect to host 2smart4food.com: could not connect to host @@ -160,11 +180,13 @@ 3133780x.com: did not receive HSTS header 314166.com: could not connect to host 314chan.org: could not connect to host +31tv.ru: did not receive HSTS header 32ph.com: could not connect to host 330.net: could not connect to host 338da.com: could not connect to host -33drugstore.com: did not receive HSTS header -341.mg: did not receive HSTS header +33drugstore.com: could not connect to host +341.mg: could not connect to host +34oztonic.eu: did not receive HSTS header 3555500.com: could not connect to host 3555aa.com: could not connect to host 35792.de: could not connect to host @@ -175,9 +197,9 @@ 368mibn.com: could not connect to host 3778xl.com: did not receive HSTS header 3839.ca: could not connect to host -388da.com: could not connect to host +38888msc.com: could not connect to host +38blog.com: could not connect to host 38sihu.com: could not connect to host -3aandl.com: did not receive HSTS header 3candy.com: could not connect to host 3chit.cf: could not connect to host 3click-loan.com: could not connect to host @@ -187,12 +209,11 @@ 3dm.audio: could not connect to host 3dproteinimaging.com: did not receive HSTS header 3fl.com: did not receive HSTS header -3hl0.net: could not connect to host -3lot.ru: could not connect to host 3mbo.de: did not receive HSTS header 3sreporting.com: did not receive HSTS header 3vlnaeet.cz: could not connect to host 3wecommerce.com.br: could not connect to host +3xx.link: could not connect to host 4036aa.com: did not receive HSTS header 4036bb.com: did not receive HSTS header 4036cc.com: did not receive HSTS header @@ -202,23 +223,37 @@ 404404.info: could not connect to host 404forest.com: did not receive HSTS header 41844.de: could not connect to host -41studio.com: could not connect to host 420dongstorm.com: could not connect to host +4237.com: max-age too low: 86400 +42entrepreneurs.fr: did not receive HSTS header 42ms.org: could not connect to host 42t.ru: could not connect to host 439191.com: did not receive HSTS header +440887.com: did not receive HSTS header 440hz-radio.de: did not receive HSTS header 440hz.radio: did not receive HSTS header +442887.com: did not receive HSTS header +443887.com: did not receive HSTS header +444887.com: did not receive HSTS header 4455software.com: could not connect to host +445887.com: did not receive HSTS header 44957.com: could not connect to host +44sec.com: could not connect to host +4500.co.il: did not receive HSTS header 4679.space: did not receive HSTS header +4706666.com: did not receive HSTS header +4716666.com: did not receive HSTS header +4726666.com: did not receive HSTS header +4756666.com: did not receive HSTS header +4786666.com: did not receive HSTS header +478933.com: did not receive HSTS header 47tech.com: could not connect to host -4azino777.ru: could not connect to host +4997777.com: could not connect to host +4azino777.ru: did not receive HSTS header 4baby.com.br: could not connect to host 4bike.eu: did not receive HSTS header 4cclothing.com: could not connect to host 4d2.xyz: could not connect to host -4flex.info: could not connect to host 4hvac.com: did not receive HSTS header 4loc.us: could not connect to host 4miners.net: could not connect to host @@ -236,48 +271,62 @@ 517vpn.cn: could not connect to host 518maicai.com: could not connect to host 51aifuli.com: could not connect to host +52b9.com: could not connect to host +52b9.net: could not connect to host 52kb.net: could not connect to host 52kb1.com: could not connect to host 52neptune.com: could not connect to host 540.co: did not receive HSTS header +5432.cc: did not receive HSTS header 54bf.com: could not connect to host 555fl.com: max-age too low: 129600 555xl.com: could not connect to host 56877.com: could not connect to host 56ct.com: could not connect to host 57aromas.com: did not receive HSTS header +57he.com: did not receive HSTS header +5chat.it: could not connect to host 5piecesofadvice.com: could not connect to host 605508.cc: could not connect to host 605508.com: could not connect to host 60ych.net: did not receive HSTS header 6120.eu: did not receive HSTS header -62755.com: could not connect to host +62755.com: did not receive HSTS header 64616e.xyz: could not connect to host -660011.com: max-age too low: 0 +64bitgaming.de: could not connect to host +660011.com: could not connect to host +6677.us: did not receive HSTS header +668da.com: did not receive HSTS header 68277.me: could not connect to host +688da.com: could not connect to host 692b8c32.de: could not connect to host 69mentor.com: could not connect to host 69square.com: could not connect to host +6z3.net: could not connect to host +7045h.com: could not connect to host 7183.org: could not connect to host -721av.com: max-age too low: 2592000 +721av.com: could not connect to host 724go.com: could not connect to host 7261696e626f77.net: could not connect to host 72ty.com: could not connect to host 72ty.net: could not connect to host 73223.com: did not receive HSTS header -776573.net: could not connect to host +73info.com: did not receive HSTS header +771122.tv: did not receive HSTS header +776573.net: did not receive HSTS header 7777av.co: could not connect to host 77890k.com: could not connect to host -77book.cn: did not receive HSTS header -7bwin.com: max-age too low: 3600 +77book.cn: could not connect to host +789zr.com: max-age too low: 86400 7f-wgg.cf: could not connect to host 7links.com.br: did not receive HSTS header +7nw.eu: could not connect to host 7thheavenrestaurant.com: could not connect to host 8.net.co: could not connect to host 8003pay.com: could not connect to host 808.lv: did not receive HSTS header 808phone.net: could not connect to host -81818app.com: did not receive HSTS header +81818app.com: could not connect to host 81uc.com: could not connect to host 826468.com: could not connect to host 826498.com: could not connect to host @@ -286,8 +335,11 @@ 8522.am: could not connect to host 8522cn.com: did not receive HSTS header 8560.be: could not connect to host +8722.com: did not receive HSTS header 87577.com: could not connect to host 88.to: could not connect to host +887.ag: did not receive HSTS header +8884553.com: could not connect to host 8887999.com: could not connect to host 8888av.co: could not connect to host 888azino.com: did not receive HSTS header @@ -295,37 +347,50 @@ 88d.com: could not connect to host 88laohu.cc: could not connect to host 88laohu.com: could not connect to host +8989k3.com: could not connect to host 89955.com: could not connect to host 899699.com: did not receive HSTS header 89he.com: could not connect to host -8azino777.ru: could not connect to host +8azino777.ru: did not receive HSTS header 8ballbombom.uk: could not connect to host -8dabet.com: could not connect to host +8da2018.com: could not connect to host 8mpay.com: did not receive HSTS header -8svn.com: could not connect to host 8t88.biz: could not connect to host 90smthng.com: could not connect to host 91-freedom.com: could not connect to host +910kj.com: did not receive HSTS header 9118b.com: could not connect to host 911911.pw: could not connect to host 915ers.com: did not receive HSTS header +918gd.com: could not connect to host +918yy.com: did not receive HSTS header +919945.com: did not receive HSTS header 91dh.cc: could not connect to host 91lt.info: could not connect to host 922.be: could not connect to host 92bmh.com: did not receive HSTS header +9454.com: max-age too low: 86400 94cs.cn: did not receive HSTS header 95778.com: could not connect to host 960news.ca: could not connect to host +9617818.com: could not connect to host +9617818.net: could not connect to host 9651678.ru: could not connect to host +9822.com: did not receive HSTS header +987987.com: did not receive HSTS header 99511.fi: did not receive HSTS header -9998722.com: could not connect to host 99buffets.com: could not connect to host +9iwan.net: did not receive HSTS header 9jadirect.com: could not connect to host 9point6.com: could not connect to host -a-intel.com: did not receive HSTS header +9ss6.com: could not connect to host +9vies.ca: could not connect to host +9y.at: did not receive HSTS header +a-intel.com: could not connect to host a-ix.net: could not connect to host a-plus.space: could not connect to host a-rickroll-n.pw: could not connect to host +a-shafaat.ir: did not receive HSTS header a-theme.com: could not connect to host a1-autopartsglasgow.com: could not connect to host a1798.com: could not connect to host @@ -333,7 +398,6 @@ a200k.xyz: did not receive HSTS header a2c-co.net: could not connect to host a2it.gr: did not receive HSTS header a3workshop.swiss: could not connect to host -a8q.org: could not connect to host a9c.co: could not connect to host aa7733.com: could not connect to host aaeblog.com: did not receive HSTS header @@ -342,18 +406,21 @@ aaeblog.org: did not receive HSTS header aaoo.net: could not connect to host aapp.space: could not connect to host aariefhaafiz.com: could not connect to host -aarkue.eu: did not receive HSTS header aaron-gustafson.com: did not receive HSTS header +aaronhorler.com.au: could not connect to host aaronmcguire.me: did not receive HSTS header aarvinproperties.com: could not connect to host -aati.info: could not connect to host +abandonedmines.gov: could not connect to host abareplace.com: did not receive HSTS header abasky.net: could not connect to host +abcdef.be: could not connect to host abcdentalcare.com: did not receive HSTS header abcdobebe.com: did not receive HSTS header abchelp.net: did not receive HSTS header +abdullah.pw: could not connect to host abearofsoap.com: could not connect to host abecodes.net: could not connect to host +abeontech.com: could not connect to host abi-fvs.de: could not connect to host abigailstark.com: could not connect to host abilitylist.org: did not receive HSTS header @@ -371,6 +438,7 @@ aboutmyip.info: did not receive HSTS header aboutmyproperty.ca: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] aboutyou-deals.de: could not connect to host absinthium.ch: could not connect to host +absolutewaterproofingsolutions.com: did not receive HSTS header abstractbarista.com: could not connect to host abstractbarista.net: could not connect to host abt.de: did not receive HSTS header @@ -387,6 +455,7 @@ acadianapatios.com: did not receive HSTS header acai51.net: could not connect to host acaonegocios.com.br: could not connect to host acbc.ie: max-age too low: 0 +accbay.com: could not connect to host accelerate.network: could not connect to host accelerole.com: did not receive HSTS header accelight.co.jp: did not receive HSTS header @@ -394,11 +463,11 @@ accelight.jp: did not receive HSTS header access-sofia.org: did not receive HSTS header accolade.com.br: could not connect to host accoun.technology: could not connect to host -accountradar.com: max-age too low: 86400 accounts-p.com: could not connect to host accountsuspended.club: could not connect to host accwing.com: could not connect to host aceadvisory.biz: did not receive HSTS header +acelpb.com: could not connect to host acg.mn: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] acg.sb: could not connect to host acgaudio.com: could not connect to host @@ -424,7 +493,9 @@ actiontowingroundrock.com: could not connect to host activateplay.com: did not receive HSTS header active-escape.com: did not receive HSTS header activeweb.top: could not connect to host +activistasconstructivos.org: did not receive HSTS header activiti.alfresco.com: did not receive HSTS header +actu-film.com: max-age too low: 0 actu-medias.com: could not connect to host actualite-videos.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] acuve.jp: could not connect to host @@ -435,6 +506,7 @@ adambryant.ca: could not connect to host adamcoffee.net: could not connect to host adamdixon.co.uk: could not connect to host adamricheimer.com: could not connect to host +adamsfoundationrepair.com: did not receive HSTS header adamwk.com: did not receive HSTS header adastra.re: could not connect to host adblock.ovh: could not connect to host @@ -445,28 +517,32 @@ addvocate.com: could not connect to host adec-emsa.ae: could not connect to host adelaides.com: did not receive HSTS header adelevie.com: could not connect to host -adeline.mobi: could not connect to host adelinlydia-coach.com: did not receive HSTS header adequatetechnology.com: could not connect to host aderal.io: could not connect to host adesa-asesoria.com: did not receive HSTS header adfa-1.com: could not connect to host -adhigamindia.com: did not receive HSTS header +adhigamindia.com: could not connect to host adhosting.nl: did not receive HSTS header adhs-chaoten.net: did not receive HSTS header adigitali.biz: did not receive HSTS header adindexr.com: could not connect to host +adint.net: could not connect to host adlerweb.info: did not receive HSTS header admin-forms.co.uk: did not receive HSTS header +admin-numerique.com: did not receive HSTS header admin.google.com: did not receive HSTS header (error ignored - included regardless) admins.tech: could not connect to host +adminwerk.com: did not receive HSTS header adminwerk.net: did not receive HSTS header +admirable.one: did not receive HSTS header admiral.dp.ua: did not receive HSTS header admitcard.co.in: could not connect to host admsel.ec: could not connect to host adoal.net: did not receive HSTS header adoge.me: could not connect to host adonairelogios.com.br: could not connect to host +adoniscabaret.co.uk: could not connect to host adopteunsiteflash.com: could not connect to host adprospb.com: did not receive HSTS header adquisitio.de: could not connect to host @@ -475,6 +551,7 @@ adrenaline-gaming.ru: could not connect to host adrianajewelry.my: could not connect to host adriancohea.ninja: did not receive HSTS header adrianseo.ro: did not receive HSTS header +adrinet.tk: could not connect to host adrl.ca: could not connect to host adsfund.org: could not connect to host aduedu.de: did not receive HSTS header @@ -487,6 +564,7 @@ advanced-online.eu: could not connect to host advancedplasticsurgerycenter.com: did not receive HSTS header advancedseotool.it: did not receive HSTS header advancedstudio.ro: could not connect to host +advancedwriters.com: could not connect to host advantagemechanicalinc.com: did not receive HSTS header adventistdeploy.org: could not connect to host adventures.is: did not receive HSTS header @@ -495,7 +573,6 @@ advertisemant.com: could not connect to host adviespuntklokkenluiders.nl: could not connect to host adzie.xyz: could not connect to host adzuna.co.uk: did not receive HSTS header -aelurus.com: could not connect to host aemoria.com: could not connect to host aeon.wiki: could not connect to host aerialmediapro.net: could not connect to host @@ -510,20 +587,25 @@ aevpn.org: could not connect to host aeyoun.com: did not receive HSTS header af-fotografie.net: did not receive HSTS header afdkompakt.de: max-age too low: 86400 +afeefzarapackages.com: did not receive HSTS header affily.io: could not connect to host +affinity.vc: did not receive HSTS header affordablebouncycastle.co.uk: did not receive HSTS header +affordablepapers.com: could not connect to host aficotroceni.ro: did not receive HSTS header afiru.net: could not connect to host +aflamtorrent.com: could not connect to host afmchandler.com: did not receive HSTS header afp548.tk: could not connect to host after.im: did not receive HSTS header afterstack.net: could not connect to host -afvallendoeje.nu: could not connect to host +afvallendoeje.nu: did not receive HSTS header afyou.co.kr: could not connect to host agalaxyfarfaraway.co.uk: could not connect to host agatheetraphael.fr: could not connect to host agbremen.de: could not connect to host agdalieso.com.ba: could not connect to host +ageg.ca: could not connect to host agelesscitizen.com: could not connect to host agelesscitizens.com: could not connect to host agenbettingasia.com: did not receive HSTS header @@ -531,7 +613,9 @@ agenciagriff.com: did not receive HSTS header agencymanager.be: could not connect to host agentseeker.ca: could not connect to host agevio.com: could not connect to host +agileecommerce.com.br: could not connect to host agingstop.net: could not connect to host +agonswim.com: did not receive HSTS header agoravm.tk: could not connect to host agowa.eu: did not receive HSTS header agowa338.de: did not receive HSTS header @@ -541,13 +625,12 @@ agrias.com.br: did not receive HSTS header agrikulturchic.com: could not connect to host agrimap.com: did not receive HSTS header agro-id.gov.ua: did not receive HSTS header +agro.rip: did not receive HSTS header agroglass.com.br: did not receive HSTS header -agroline.by: could not connect to host agtv.com.br: did not receive HSTS header ahabingo.com: did not receive HSTS header ahelos.tk: could not connect to host ahlz.sk: could not connect to host -ahmedcharles.com: could not connect to host aholic.co: did not receive HSTS header ahoynetwork.com: could not connect to host ahri.ovh: could not connect to host @@ -555,36 +638,39 @@ ahsin.online: could not connect to host ahwah.net: could not connect to host ahwatukeefoothillsmontessori.com: did not receive HSTS header ai1989.com: could not connect to host +aibaoyou.com: could not connect to host aibsoftware.mx: could not connect to host -aicial.co.uk: could not connect to host aicial.com: did not receive HSTS header aicial.com.au: could not connect to host aid-web.ch: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] aidanwoods.com: did not receive HSTS header -aide-admin.com: could not connect to host +aide-admin.com: did not receive HSTS header aidikofflaw.com: did not receive HSTS header aiesecarad.ro: could not connect to host aifreeze.ru: could not connect to host aify.eu: could not connect to host aignermunich.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] aignermunich.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -aignermunich.jp: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] aikenorganics.com: could not connect to host aim-consultants.com: could not connect to host +aimerworld.com: did not receive HSTS header aimrom.org: could not connect to host ainrb.com: could not connect to host -aintevenmad.ch: could not connect to host aioboot.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] aip-marine.com: could not connect to host aiphyron.com: could not connect to host aiponne.com: could not connect to host airconsalberton.co.za: did not receive HSTS header +airconsboksburg.co.za: did not receive HSTS header +airconsfourways.co.za: did not receive HSTS header +airconsmidrand.co.za: did not receive HSTS header airedaleterrier.com.br: could not connect to host airfax.io: could not connect to host airlea.com: could not connect to host airlinecheckins.com: did not receive HSTS header airmazinginflatables.com: could not connect to host airproto.com: did not receive HSTS header +airsick.guide: did not receive HSTS header airtimefranchise.com: did not receive HSTS header aishnair.com: could not connect to host aisle3.space: could not connect to host @@ -604,16 +690,21 @@ akgundemirbas.com: could not connect to host akhilindurti.com: could not connect to host akhras.at: did not receive HSTS header akiba-server.info: could not connect to host +akihiro.xyz: could not connect to host akita-stream.com: could not connect to host akkadia.cc: could not connect to host +akoch.net: could not connect to host akombakom.net: could not connect to host akoww.de: could not connect to host -akselimedia.fi: did not receive HSTS header +akronet.cz: did not receive HSTS header +akropol.cz: did not receive HSTS header +akselimedia.fi: could not connect to host akstudentsfirst.org: could not connect to host -aktivist.in: did not receive HSTS header +aktan.com.br: could not connect to host +aktivist.in: could not connect to host +akul.co.in: could not connect to host al-f.net: could not connect to host al-shami.net: could not connect to host -alamgir.works: could not connect to host alanhuang.name: did not receive HSTS header alanlee.net: could not connect to host alanrickmanflipstable.com: did not receive HSTS header @@ -626,31 +717,36 @@ alauda-home.de: could not connect to host alaundeil.xyz: could not connect to host albanien.guide: could not connect to host alberguecimballa.es: could not connect to host -albertbogdanowicz.pl: did not receive HSTS header albertify.xyz: could not connect to host +albertonplumber24-7.co.za: did not receive HSTS header albertopimienta.com: did not receive HSTS header alcantarafleuriste.com: did not receive HSTS header alcatraz.online: could not connect to host alcazaar.com: could not connect to host alchemia.co.il: did not receive HSTS header alcorao.org: could not connect to host +aldes.co.za: did not receive HSTS header aleax.me: could not connect to host alecvannoten.be: did not receive HSTS header -aleksejjocic.tk: could not connect to host alenan.org: could not connect to host aleph.land: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] alertaenlinea.gov: did not receive HSTS header alessandro.pw: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +alessandroz.ddns.net: could not connect to host alessandroz.pro: could not connect to host alethearose.com: did not receive HSTS header alexandernorth.ch: could not connect to host alexandre.sh: did not receive HSTS header -alexbaker.org: did not receive HSTS header alexdodge.ca: did not receive HSTS header alexei.su: could not connect to host alexfisherhealth.com.au: did not receive HSTS header alexhaydock.co.uk: did not receive HSTS header +alexischaussy.xyz: could not connect to host +alexismeza.com: could not connect to host +alexismeza.com.mx: could not connect to host alexismeza.dk: could not connect to host +alexismeza.es: could not connect to host +alexismeza.nl: could not connect to host alexkidd.de: did not receive HSTS header alexmak.net: did not receive HSTS header alexmol.tk: could not connect to host @@ -662,9 +758,11 @@ alfirous.com: could not connect to host alfredxing.com: did not receive HSTS header algarmatic-automatismos.pt: could not connect to host algebraaec.com: did not receive HSTS header -alghaib.com: did not receive HSTS header -alghanimcatering.com: did not receive HSTS header +alghaib.com: could not connect to host alibababee.com: did not receive HSTS header +alicialab.org: could not connect to host +alien.bz: did not receive HSTS header +alikulov.me: did not receive HSTS header alilialili.ga: could not connect to host alinemaciel.adm.br: could not connect to host alistairpialek.com: max-age too low: 86400 @@ -674,9 +772,11 @@ aljammaz.holdings: did not receive HSTS header aljmz.com: did not receive HSTS header alkami.com: max-age too low: 0 alkamitech.com: max-age too low: 0 +alkel.info: could not connect to host all-subtitles.com: could not connect to host all.tf: could not connect to host all4os.com: did not receive HSTS header +allaboutbelgaum.com: did not receive HSTS header allangirvan.net: could not connect to host alldaymonitoring.com: could not connect to host alldm.ru: could not connect to host @@ -690,8 +790,10 @@ alliance-compacts.com: did not receive HSTS header allinnote.com: could not connect to host allinonecyprus.com: did not receive HSTS header allkindzabeats.com: did not receive HSTS header +allladyboys.com: could not connect to host allmbw.com: could not connect to host allmystery.de: did not receive HSTS header +allo-symo.fr: did not receive HSTS header allods-zone.ru: did not receive HSTS header alloffice.com.ua: did not receive HSTS header alloinformatique.net: could not connect to host @@ -699,7 +801,9 @@ alloutatl.com: could not connect to host allpropertyservices.com: did not receive HSTS header allprorisk.com: did not receive HSTS header allrealty.co.za: could not connect to host +allroundpvp.net: did not receive HSTS header allscammers.exposed: could not connect to host +allseasons-cleaning.co.uk: could not connect to host allsortscastles.co.uk: could not connect to host allstarswithus.com: could not connect to host allstorebrasil.com.br: could not connect to host @@ -707,7 +811,7 @@ alltheducks.com: max-age too low: 43200 allthingsfpl.com: could not connect to host allvips.ru: could not connect to host almagalla.com: could not connect to host -almatinki.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +almatinki.com: could not connect to host aloalabs.com: did not receive HSTS header alocato.com: could not connect to host alparque.com: did not receive HSTS header @@ -717,6 +821,7 @@ alphabuild.io: could not connect to host alphagamers.net: did not receive HSTS header alphahunks.com: could not connect to host alphalabs.xyz: could not connect to host +alqassam.net: did not receive HSTS header als-hardware.co.za: did not receive HSTS header alspolska.pl: max-age too low: 2592000 alt-tab-design.com: did not receive HSTS header @@ -724,25 +829,32 @@ alt33c3.org: could not connect to host altahrim.net: could not connect to host altaide.com: did not receive HSTS header altailife.ru: did not receive HSTS header -altamarea.se: could not connect to host +altamarea.se: did not receive HSTS header +altbinaries.com: could not connect to host alteqnia.com: could not connect to host altercpa.ru: did not receive HSTS header +altered.network: could not connect to host altfire.ca: could not connect to host altiacaselight.com: could not connect to host altitudemoversdenver.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -altmv.com: max-age too low: 7776000 +altoneum.com: could not connect to host altporn.xyz: could not connect to host aluminium-scaffolding.co.uk: could not connect to host alunjam.es: did not receive HSTS header alunonaescola.com.br: could not connect to host -aluoblog.top: did not receive HSTS header +aluoblog.pw: could not connect to host +aluoblog.top: could not connect to host alusta.co: could not connect to host am8888.top: could not connect to host -amaderelectronics.com: could not connect to host +amaderelectronics.com: max-age too low: 2592000 +amadilo.de: did not receive HSTS header +amadoraslindas.com: could not connect to host amaforums.org: did not receive HSTS header amagical.net: did not receive HSTS header amandaonishi.com: could not connect to host amaranthus.com.ph: could not connect to host +amartinz.at: could not connect to host +amateri.com: could not connect to host amatzen.dk: did not receive HSTS header amavis.org: did not receive HSTS header amazing-gaming.fr: could not connect to host @@ -763,17 +875,24 @@ americansforcommunitydevelopment.org: did not receive HSTS header americansportsinstitute.org: did not receive HSTS header americanworkwear.nl: did not receive HSTS header amethystcards.co.uk: could not connect to host +ameza.co.uk: could not connect to host +ameza.com.mx: could not connect to host +ameza.io: could not connect to host +ameza.me: could not connect to host +ameza.net: could not connect to host amicsdelbus.com: did not receive HSTS header amigogeek.net: could not connect to host amihub.com: could not connect to host amilum.org: could not connect to host amilx.com: could not connect to host amilx.org: could not connect to host -amimoto-ami.com: max-age too low: 3153600 +amimoto-ami.com: did not receive HSTS header +amin.ga: did not receive HSTS header +amin.one: could not connect to host amishsecurity.com: could not connect to host amitse.com: did not receive HSTS header amitube.com: did not receive HSTS header -amleeds.co.uk: did not receive HSTS header +amleeds.co.uk: could not connect to host amlvfs.net: could not connect to host ammoulianiapartments.com: did not receive HSTS header amo-entreprise-et-commerce.fr: could not connect to host @@ -789,15 +908,18 @@ amunoz.org: could not connect to host amv-crm.ru: could not connect to host anabol.nl: could not connect to host anacruz.es: did not receive HSTS header +anadoluefessk.org: did not receive HSTS header anadoluefessporkulubu.org: could not connect to host anagra.ms: could not connect to host -anaisypirueta.es: did not receive HSTS header anakros.me: could not connect to host +analangelsteen.com: could not connect to host analpantyhose.org: could not connect to host +analteengirls.net: could not connect to host analytic-s.ml: could not connect to host analytics-shop.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] analyticsinmotion.net: could not connect to host analyzemyfriends.com: could not connect to host +anastasiafond.com: did not receive HSTS header ancarda.net: could not connect to host anchorgrounds.com: did not receive HSTS header anchorinmarinainc.com: did not receive HSTS header @@ -807,21 +929,20 @@ ancientkarma.com: could not connect to host andbraiz.com: did not receive HSTS header andere-gedanken.net: max-age too low: 10 anderslind.dk: could not connect to host -andre-ballensiefen.de: could not connect to host andreagobetti.com: did not receive HSTS header andreas-kluge.eu: could not connect to host andreasanti.net: did not receive HSTS header +andreasbasurto.com: could not connect to host andreasbreitenlohner.de: max-age too low: 600000 andreasfritz-fotografie.de: could not connect to host andreaskluge.eu: could not connect to host andreastoneman.com: could not connect to host andrei-coman.com: could not connect to host -andrei-nakov.org: did not receive HSTS header andreigec.net: did not receive HSTS header andrerose.ca: did not receive HSTS header andrew.fi: did not receive HSTS header -andrew.london: did not receive HSTS header andrewbroekman.com: did not receive HSTS header +andrewdavidwong.com: did not receive HSTS header andrewdaws.co: could not connect to host andrewdaws.info: could not connect to host andrewdaws.me: could not connect to host @@ -829,10 +950,9 @@ andrewdaws.tv: could not connect to host andrewmichaud.beer: could not connect to host andrewrdaws.com: could not connect to host andrewregan.me: could not connect to host -andrewtebert.com: could not connect to host +andrewtebert.com: did not receive HSTS header andrewthelott.net: could not connect to host andrewvoce.com: did not receive HSTS header -andrewx.net: could not connect to host andrewyg.net: could not connect to host andreypopp.com: could not connect to host android: could not connect to host @@ -853,21 +973,24 @@ anfenglish.com: did not receive HSTS header anfsanchezo.co: could not connect to host anfsanchezo.me: could not connect to host angelic47.com: could not connect to host +angelicare.co.uk: did not receive HSTS header angeloroberto.ch: did not receive HSTS header angeloventuri.com: did not receive HSTS header angervillelorcher.fr: did not receive HSTS header anghami.com: did not receive HSTS header anglictinatabor.cz: could not connect to host +angrut.com: did not receive HSTS header angry-monk.com: could not connect to host angrydragonproductions.com: could not connect to host angrylab.com: did not receive HSTS header angryroute.com: could not connect to host -animal-nature-human.com: could not connect to host animalnet.de: max-age too low: 7776000 animalstropic.com: could not connect to host +anime1.top: could not connect to host anime1video.tk: could not connect to host animeday.ml: could not connect to host animesfusion.com.br: could not connect to host +animorphsfanforum.com: did not receive HSTS header animurecs.com: could not connect to host aniplus.cf: could not connect to host aniplus.gq: could not connect to host @@ -876,42 +999,47 @@ anisekai.com: max-age too low: 2592000 anita-mukorom.hu: did not receive HSTS header anitklib.ml: could not connect to host anitube-nocookie.ch: could not connect to host -anivar.net: could not connect to host +anivar.net: did not receive HSTS header ankakaak.com: could not connect to host ankaraprofesyonelnakliyat.com: did not receive HSTS header ankaraprofesyonelnakliyat.com.tr: did not receive HSTS header ankitha.in: max-age too low: 0 annabellaw.com: did not receive HSTS header annahmeschluss.de: did not receive HSTS header -annarbor.group: could not connect to host +annarbor.group: did not receive HSTS header annetaan.fi: could not connect to host annevankesteren.com: could not connect to host annevankesteren.org: could not connect to host annsbouncycastles.com: could not connect to host anomaly.ws: did not receive HSTS header anonboards.com: could not connect to host +anoneko.com: could not connect to host +anonrea.ch: could not connect to host +anonym-surfen.de: could not connect to host anonymo.co.uk: could not connect to host anonymo.uk: could not connect to host anonymousstatecollegelulzsec.com: could not connect to host anothermilan.net: could not connect to host -anoxinon.de: max-age too low: 2628000 ansdell.info: could not connect to host anseo.ninja: could not connect to host ansermfg.com: max-age too low: 0 ansgar.tk: could not connect to host -anshuman-chatterjee.com: could not connect to host +anshuman-chatterjee.com: did not receive HSTS header anshumanbiswas.com: could not connect to host -ansibeast.net: could not connect to host answers-online.ru: could not connect to host ant.land: could not connect to host +antecim.fr: could not connect to host antenasmundosat.com.br: did not receive HSTS header anthenor.co.uk: could not connect to host +anthony-rouanet.com: could not connect to host anthonyavon.com: could not connect to host anthonyloop.com: did not receive HSTS header anthro.id: did not receive HSTS header +antifraud.net.ru: could not connect to host antimatiere.space: could not connect to host antimine.kr: could not connect to host antipa.ch: could not connect to host +antirayapmalang.com: did not receive HSTS header antoine-roux.fr: did not receive HSTS header antoinebetas.be: max-age too low: 0 antoined.fr: did not receive HSTS header @@ -933,21 +1061,25 @@ aojao.cn: could not connect to host aojf.fr: could not connect to host aolabs.nz: did not receive HSTS header aomberg.com: did not receive HSTS header +aomonk.com: did not receive HSTS header aooobo.com: could not connect to host aov.io: could not connect to host aovcentrum.nl: did not receive HSTS header aozora.moe: could not connect to host -apac-tech.com: did not receive HSTS header apachelounge.com: did not receive HSTS header apadrinaunolivo.org: did not receive HSTS header apaginastore.com.br: could not connect to host apeasternpower.com: could not connect to host +aperim.com: max-age too low: 43200 aperture-laboratories.science: did not receive HSTS header api.mega.co.nz: could not connect to host apibot.de: could not connect to host apience.com: did not receive HSTS header +apis.blue: could not connect to host apis.google.com: did not receive HSTS header (error ignored - included regardless) apis.world: could not connect to host +apivia.fr: did not receive HSTS header +apkdv.com: could not connect to host apkoyunlar.club: could not connect to host apkriver.com: did not receive HSTS header apl2bits.net: did not receive HSTS header @@ -955,7 +1087,6 @@ apm.com.tw: did not receive HSTS header apmg-certified.com: did not receive HSTS header apmg-cyber.com: did not receive HSTS header apnakliyat.com: did not receive HSTS header -apogeephoto.com: did not receive HSTS header apolloyl.com: could not connect to host aponkral.site: could not connect to host aponkralsunucu.com: could not connect to host @@ -970,14 +1101,18 @@ appdrinks.com: could not connect to host appeldorn.me: did not receive HSTS header appengine.google.com: did not receive HSTS header (error ignored - included regardless) appimlab.it: could not connect to host -apple-watch-zubehoer.de: did not receive HSTS header +apple-watch-zubehoer.de: could not connect to host apple.ax: could not connect to host applejacks-bouncy-castles.co.uk: could not connect to host applez.xyz: could not connect to host +appliancerepairlosangeles.com: did not receive HSTS header applic8.com: did not receive HSTS header +apply55gx.com: could not connect to host appointed.at: did not receive HSTS header appraisal-comps.com: could not connect to host appreciationkards.com: did not receive HSTS header +apprenticeship.gov: did not receive HSTS header +apprenticeships.gov: did not receive HSTS header approlys.fr: did not receive HSTS header apps-for-fishing.com: could not connect to host apps4all.sytes.net: could not connect to host @@ -985,19 +1120,20 @@ appsbystudio.co.uk: did not receive HSTS header appsdash.io: could not connect to host apptoutou.com: could not connect to host appuro.com: did not receive HSTS header +appxcrypto.com: did not receive HSTS header aprpullmanportermuseum.org: did not receive HSTS header aptitude9.com: could not connect to host -aqilacademy.com.au: could not connect to host aqqrate.com: could not connect to host -aquariumaccessories.shop: did not receive HSTS header +aquariumaccessories.shop: could not connect to host +aquaundine.net: could not connect to host aquilaguild.com: could not connect to host aquilalab.com: could not connect to host -aquireceitas.com: could not connect to host +aquireceitas.com: did not receive HSTS header ar.al: did not receive HSTS header arabdigitalexpression.org: did not receive HSTS header +arabsexi.info: could not connect to host aradulconteaza.ro: could not connect to host aran.me.uk: could not connect to host -arawaza.info: could not connect to host arboineuropa.nl: did not receive HSTS header arbu.eu: max-age too low: 2419200 arcadiaeng.com: did not receive HSTS header @@ -1011,9 +1147,6 @@ ardao.me: could not connect to host ardorlabs.se: could not connect to host area3.org: could not connect to host areallyneatwebsite.com: could not connect to host -arenlor.com: could not connect to host -arenlor.info: could not connect to host -arenns.com: could not connect to host arent.kz: could not connect to host arenzanaphotography.com: could not connect to host arewedubstepyet.com: did not receive HSTS header @@ -1021,7 +1154,6 @@ areyouever.me: could not connect to host argama-nature.com: did not receive HSTS header argennon.xyz: could not connect to host argh.io: could not connect to host -argovpay.com: did not receive HSTS header arguggi.co.uk: could not connect to host ariacreations.net: did not receive HSTS header arifburhan.online: could not connect to host @@ -1033,6 +1165,8 @@ arka.gq: did not receive HSTS header arknodejs.com: could not connect to host arlen.io: could not connect to host arlen.se: could not connect to host +arlingtonwine.net: could not connect to host +arm-host.com: did not receive HSTS header armazemdaminiatura.com.br: could not connect to host armenians.online: could not connect to host armingrodon.de: did not receive HSTS header @@ -1042,7 +1176,7 @@ armored.ninja: did not receive HSTS header armory.consulting: could not connect to host armory.supplies: could not connect to host armsday.com: could not connect to host -armyofbane.com: did not receive HSTS header +armyofbane.com: could not connect to host armytricka.cz: did not receive HSTS header arne-petersen.net: did not receive HSTS header arnesolutions.com: could not connect to host @@ -1052,7 +1186,6 @@ aroundme.org: did not receive HSTS header arpa.ph: did not receive HSTS header arpr.co: did not receive HSTS header arrayify.com: could not connect to host -arresttracker.com: could not connect to host arrivedconsulting.com: could not connect to host arrow-cloud.nl: could not connect to host arrowfunction.com: could not connect to host @@ -1072,6 +1205,7 @@ arthan.me: could not connect to host articaexports.com: could not connect to host artifex21.com: did not receive HSTS header artifex21.fr: did not receive HSTS header +artificial.army: could not connect to host artiming.com: could not connect to host artisanhd.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] artisavotins.com: could not connect to host @@ -1079,10 +1213,11 @@ artisense.de: could not connect to host artisphere.ch: did not receive HSTS header artisticedgegranite.net: could not connect to host artistnetwork.nl: did not receive HSTS header +artnims.com: could not connect to host arto.bg: did not receive HSTS header artofeyes.nl: could not connect to host artsinthevalley.net.au: did not receive HSTS header -arturkohut.com: could not connect to host +artstopinc.com: did not receive HSTS header artyland.ru: could not connect to host arvamus.eu: could not connect to host arzaroth.com: did not receive HSTS header @@ -1093,9 +1228,7 @@ asahikoji.net: could not connect to host asana.studio: did not receive HSTS header asasuou.pw: could not connect to host asc16.com: could not connect to host -ascamso.com: could not connect to host aschaefer.net: could not connect to host -ascii.moe: could not connect to host asciitable.tips: could not connect to host asdpress.cn: could not connect to host asepms.com: max-age too low: 7776000 @@ -1104,16 +1237,16 @@ ashleakunowski.com: could not connect to host ashleyadum.com: could not connect to host ashleyfoley.photography: could not connect to host ashleymedway.com: could not connect to host -ashutoshmishra.org: did not receive HSTS header +asian-archi.com.tw: did not receive HSTS header asianbet77.co: did not receive HSTS header -asianbet77.net: could not connect to host +asianbet77.net: did not receive HSTS header +asiesvenezuela.com: did not receive HSTS header asisee.co.il: could not connect to host -ask.fedoraproject.org: did not receive HSTS header -ask.stg.fedoraproject.org: could not connect to host +ask.pe: could not connect to host askfit.cz: did not receive HSTS header askmagicconch.com: could not connect to host -asm-x.com: did not receive HSTS header -asmm.cc: did not receive HSTS header +asm-x.com: could not connect to host +asmik-armenie.com: did not receive HSTS header asmui.ga: could not connect to host asmui.ml: could not connect to host asoftwareco.com: did not receive HSTS header @@ -1126,11 +1259,11 @@ assadrivesloirecher.com: could not connect to host assdecoeur.org: could not connect to host assekuranzjobs.de: could not connect to host asset-alive.com: did not receive HSTS header -asset-alive.net: did not receive HSTS header +asset-alive.net: could not connect to host assetsupervision.com: could not connect to host assindia.nl: could not connect to host assurancesmons.be: did not receive HSTS header -astaninki.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +astaninki.com: could not connect to host asthon.cn: could not connect to host astraalivankila.net: could not connect to host astral.gq: did not receive HSTS header @@ -1139,13 +1272,14 @@ astrea-voetbal-groningen.nl: could not connect to host astrolpost.com: could not connect to host astromelody.com: did not receive HSTS header astronomie-fulda.de: did not receive HSTS header -astural.org: did not receive HSTS header +astrosnail.pt.eu.org: could not connect to host astutr.co: could not connect to host asuhe.cc: could not connect to host asuhe.win: did not receive HSTS header asuhe.xyz: could not connect to host async.be: could not connect to host at1.co: could not connect to host +atacadodesandalias.com.br: could not connect to host atacadooptico.com.br: could not connect to host atavio.at: could not connect to host atavio.ch: could not connect to host @@ -1156,15 +1290,15 @@ atelier-rk.com: did not receive HSTS header atelier-viennois-cannes.fr: did not receive HSTS header ateliernihongo.ch: did not receive HSTS header ateliersantgervasi.com: did not receive HSTS header -atencionbimbo.com: max-age too low: 86400 athaliasoft.com: could not connect to host athenelive.com: could not connect to host -athensbusinessresources.us: did not receive HSTS header +athensbusinessresources.us: could not connect to host athi.pl: did not receive HSTS header athul.xyz: could not connect to host atkdesign.pt: did not receive HSTS header atlas-5.site: could not connect to host atlas-staging.ml: could not connect to host +atlas.co: did not receive HSTS header atlassian.net: did not receive HSTS header atlayo.com: did not receive HSTS header atlex.nl: did not receive HSTS header @@ -1173,8 +1307,8 @@ atomic.menu: could not connect to host atomik.pro: did not receive HSTS header atop.io: could not connect to host atracaosexshop.com.br: could not connect to host +atrevillot.com: could not connect to host attic118.com: could not connect to host -attilagyorffy.com: could not connect to host attimidesigns.com: did not receive HSTS header attogproductions.com: did not receive HSTS header au-pair24.de: did not receive HSTS header @@ -1185,6 +1319,8 @@ audiense.com: did not receive HSTS header audiovisualdevices.com.au: did not receive HSTS header audividi.shop: did not receive HSTS header aufmerksamkeitsstudie.com: could not connect to host +aufprise.de: did not receive HSTS header +augaware.org: could not connect to host augenblicke-blog.de: could not connect to host augias.org: could not connect to host augix.net: could not connect to host @@ -1201,10 +1337,9 @@ auroratownshipfd.org: could not connect to host aurugs.com: did not receive HSTS header ausec.ch: could not connect to host auskunftsbegehren.at: did not receive HSTS header -auslandsjahr-usa.de: did not receive HSTS header +auslandsjahr-usa.de: could not connect to host ausnah.me: could not connect to host -ausschreibungen-suedtirol.it: did not receive HSTS header -aussiecable.org: did not receive HSTS header +aussiecable.org: could not connect to host aussiehq.com.au: did not receive HSTS header aussiewebmarketing.com.au: did not receive HSTS header austinmobilemechanics.net: did not receive HSTS header @@ -1212,6 +1347,7 @@ austinstore.com.br: could not connect to host austinsutphin.com: could not connect to host australiancattle.dog: could not connect to host australianfreebets.com.au: did not receive HSTS header +australianimmigrationadvisors.com.au: could not connect to host auth.mail.ru: did not receive HSTS header authenitech.com: did not receive HSTS header authentication.io: could not connect to host @@ -1219,6 +1355,7 @@ authint.com: could not connect to host authland.com: could not connect to host author24.ru: did not receive HSTS header authoritynutrition.com: did not receive HSTS header +authorsguild.in: did not receive HSTS header authsrv.nl.eu.org: could not connect to host auto-serwis.zgorzelec.pl: could not connect to host auto3d.cn: could not connect to host @@ -1228,32 +1365,30 @@ autobedrijfschalkoort.nl: did not receive HSTS header autocarparts.ro: could not connect to host autodeploy.it: could not connect to host autoecolebudget.ch: did not receive HSTS header -autoecoledumontblanc.com: did not receive HSTS header +autoecoledumontblanc.com: could not connect to host autoeet.cz: did not receive HSTS header autojuhos.sk: could not connect to host automobiles5.com: could not connect to host autos-retro-plaisir.com: did not receive HSTS header -autosearch.me: could not connect to host +autosearch.me: did not receive HSTS header autosiero.nl: did not receive HSTS header autostock.me: could not connect to host autostop-occasions.be: could not connect to host autotsum.com: could not connect to host autoxy.it: did not receive HSTS header -autozane.com: could not connect to host autumnwindsagility.com: could not connect to host auverbox.ovh: could not connect to host -auvernet.org: could not connect to host auvious.com: did not receive HSTS header auxetek.se: could not connect to host auxiliumincrementum.co.uk: could not connect to host av.de: did not receive HSTS header +av01.tv: could not connect to host av163.cc: could not connect to host avadatravel.com: did not receive HSTS header -avalon-island.ru: could not connect to host avantmfg.com: did not receive HSTS header avaq.fr: did not receive HSTS header avastantivirus.ro: did not receive HSTS header -avdelivers.com: could not connect to host +avdelivers.com: did not receive HSTS header avdh.top: could not connect to host avec-ou-sans-ordonnance.fr: could not connect to host aveling-adventure.co.uk: did not receive HSTS header @@ -1262,7 +1397,10 @@ avi9526.pp.ua: could not connect to host aviacao.pt: did not receive HSTS header avidcruiser.com: did not receive HSTS header aviodeals.com: could not connect to host +avitres.com: could not connect to host +avmemo.com: could not connect to host avmo.pw: could not connect to host +avmoo.com: could not connect to host avonlearningcampus.com: could not connect to host avso.pw: could not connect to host avspot.net: could not connect to host @@ -1270,12 +1408,14 @@ avus-automobile.com: did not receive HSTS header avxo.pw: could not connect to host awan.tech: could not connect to host awanderlustadventure.com: did not receive HSTS header +awccanadianpharmacy.com: could not connect to host awei.pub: could not connect to host awf0.xyz: could not connect to host awg-mode.de: did not receive HSTS header aww.moe: did not receive HSTS header awxg.eu.org: could not connect to host awxg.org: could not connect to host +axa-middleeast.com: could not connect to host axado.com.br: could not connect to host axel-fischer.net: could not connect to host axel-fischer.science: could not connect to host @@ -1286,42 +1426,53 @@ axfr.it: did not receive HSTS header axg.io: did not receive HSTS header axialsports.com: did not receive HSTS header axiumacademy.com: did not receive HSTS header +axolotlfarm.org: could not connect to host axolsoft.com: max-age too low: 10540800 +axtudo.com: did not receive HSTS header +axtux.tk: could not connect to host axxial.tk: could not connect to host ayahuascaadvisor.com: could not connect to host ayatk.com: did not receive HSTS header -aymerick.fr: did not receive HSTS header +aymericlagier.com: could not connect to host ayor.jp: could not connect to host ayor.tech: could not connect to host ayuru.info: could not connect to host -az-moga.bg: could not connect to host az-vinyl-boden.de: could not connect to host -azabani.com: did not receive HSTS header azamra.com: did not receive HSTS header +azia.info: could not connect to host azino777.ru: could not connect to host azirevpn.com: did not receive HSTS header azlo.com: did not receive HSTS header azprep.us: could not connect to host -b-boom.nl: could not connect to host +azun.pl: did not receive HSTS header +azuxul.fr: could not connect to host b-entropy.com: could not connect to host b-pi.duckdns.org: could not connect to host b-rickroll-e.pw: could not connect to host -b-space.de: did not receive HSTS header +b-space.de: could not connect to host b1236.com: could not connect to host +b2and.com: could not connect to host b2b-nestle.com.br: could not connect to host b2bpromoteit.com: did not receive HSTS header b3orion.com: could not connect to host +b61688.com: could not connect to host b8a.me: could not connect to host b9520.com: could not connect to host b9568.com: could not connect to host b96899.com: could not connect to host +b9886.com: could not connect to host b98886.com: could not connect to host b9930.com: could not connect to host +b99520.com: could not connect to host b9970.com: could not connect to host b9980.com: could not connect to host +b99881.com: could not connect to host +b99882.com: could not connect to host +b99883.com: could not connect to host +b99885.com: could not connect to host b9winner.com: could not connect to host babelfisch.eu: could not connect to host -babursahvizeofisi.com: did not receive HSTS header +babursahvizeofisi.com: could not connect to host baby-click.de: could not connect to host babybee.ie: could not connect to host babybic.hu: could not connect to host @@ -1330,7 +1481,7 @@ babyhouse.xyz: could not connect to host babyliss-pro.com: could not connect to host babyliss-pro.net: did not receive HSTS header babysaying.me: could not connect to host -babystep.tv: could not connect to host +babystep.tv: did not receive HSTS header bacchanallia.com: could not connect to host bacimg.com: did not receive HSTS header back-bone.nl: did not receive HSTS header @@ -1338,7 +1489,9 @@ backenmachtgluecklich.de: max-age too low: 2592000 backgroundchecks.online: did not receive HSTS header backgroundz.net: could not connect to host backintomotionphysiotherapy.com: did not receive HSTS header +backlogapp.io: could not connect to host backscattering.de: did not receive HSTS header +backupsinop.com.br: did not receive HSTS header backyardbbqbash.com: did not receive HSTS header baconate.com: did not receive HSTS header bad.show: could not connect to host @@ -1346,6 +1499,7 @@ badai.at: could not connect to host badbee.cc: could not connect to host badcronjob.com: could not connect to host badenhard.eu: could not connect to host +badgirlsbible.com: could not connect to host badkamergigant.com: could not connect to host badlink.org: could not connect to host baff.lu: could not connect to host @@ -1366,13 +1520,15 @@ balatoni-nyar.hu: did not receive HSTS header balcan-underground.net: could not connect to host baldwinkoo.com: could not connect to host baleares.party: could not connect to host -balidesignshop.com.br: could not connect to host +balenciaspa.com: did not receive HSTS header balihai.com: did not receive HSTS header +balilingo.ooo: did not receive HSTS header +ballbusting-cbt.com: could not connect to host balloonphp.com: could not connect to host -ballparkbuns.com: max-age too low: 86400 balnearionaturaspa.com: did not receive HSTS header balonmano.co: could not connect to host bals.org: did not receive HSTS header +balticer.de: did not receive HSTS header bambambaby.com.br: could not connect to host bamtoki.com: could not connect to host bamtoki.se: could not connect to host @@ -1383,28 +1539,37 @@ banbanchs.com: could not connect to host banchethai.com: could not connect to host bandally.net: could not connect to host bandar303.cc: did not receive HSTS header +bandar303.id: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +bandar303.win: did not receive HSTS header bandarifamily.com: could not connect to host -bandb.xyz: could not connect to host -bandrcrafts.com: did not receive HSTS header +bandb.xyz: did not receive HSTS header +bandrcrafts.com: could not connect to host banduhn.com: did not receive HSTS header +bangdream.ga: could not connect to host bangzafran.com: did not receive HSTS header bank: could not connect to host bankcircle.co.in: could not connect to host +bankersonline.com: did not receive HSTS header +bankitt.network: could not connect to host bankmilhas.com.br: did not receive HSTS header bankofrealty.review: could not connect to host banksaround.com: did not receive HSTS header bannisbierblog.de: could not connect to host banqingdiao.com: could not connect to host banri.me: could not connect to host +banxehoi.com: did not receive HSTS header baosuckhoedoisong.net: could not connect to host +baptistboard.com: did not receive HSTS header baptiste-destombes.fr: did not receive HSTS header baraxolka.ru: could not connect to host -barbershop-harmony.org: could not connect to host -barcel.com.mx: max-age too low: 86400 +barcouniforms.com: did not receive HSTS header +bardiel.de: max-age too low: 0 bardiharborow.com: did not receive HSTS header barely.sexy: could not connect to host bargainmovingcompany.com: could not connect to host bariller.fr: did not receive HSTS header +barisi.me: could not connect to host +barnrats.com: could not connect to host baropkamp.be: did not receive HSTS header barprive.com: could not connect to host barqo.co: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] @@ -1415,20 +1580,25 @@ barrut.me: did not receive HSTS header barshout.co.uk: could not connect to host barss.io: could not connect to host bartbania.com: did not receive HSTS header +bartelldrugs.com: did not receive HSTS header barunisystems.com: could not connect to host +bascht.com: did not receive HSTS header basculasconfiables.com: could not connect to host bashc.at: could not connect to host bashcode.ninja: could not connect to host basicsolutionsus.com: could not connect to host basilisk.io: could not connect to host +basilm.co: could not connect to host baskettemple.com: did not receive HSTS header basnieuwenhuizen.nl: did not receive HSTS header bassh.net: did not receive HSTS header batfoundry.com: could not connect to host +batten.eu.org: could not connect to host baud.ninja: could not connect to host baudairenergyservices.com: could not connect to host baum.ga: did not receive HSTS header baumstark.ca: could not connect to host +bayerstefan.eu: could not connect to host bayinstruments.com: could not connect to host bayrisch-fuer-anfaenger.de: did not receive HSTS header baysse.eu: did not receive HSTS header @@ -1437,10 +1607,10 @@ bazisszoftver.hu: could not connect to host bb-shiokaze.jp: did not receive HSTS header bbb1991.me: could not connect to host bbdos.ru: could not connect to host +bbj.io: did not receive HSTS header bbkanews.com: did not receive HSTS header bblovess.cn: could not connect to host bbrinck.eu: could not connect to host -bbuio.com: max-age too low: 86400 bbw-wrestling.com: could not connect to host bbwdom.xyz: could not connect to host bbwf.de: did not receive HSTS header @@ -1454,16 +1624,19 @@ bccx.com: could not connect to host bcheng.cf: did not receive HSTS header bckp.de: could not connect to host bcm.com.au: did not receive HSTS header -bcnet.hk: did not receive HSTS header +bcnet.hk: could not connect to host +bcodeur.com: did not receive HSTS header bcradio.org: could not connect to host bcsytv.com: could not connect to host bcweightlifting.ca: could not connect to host +bdata.cl: did not receive HSTS header bddemir.com: could not connect to host bde-epitech.fr: could not connect to host bdenzer.com: did not receive HSTS header bdenzer.xyz: could not connect to host bdsmxxxpics.com: could not connect to host be-real.life: did not receive HSTS header +be9966.com: could not connect to host beach-inspector.com: did not receive HSTS header beachi.es: could not connect to host beaglewatch.com: could not connect to host @@ -1471,22 +1644,26 @@ beagreenbean.co.uk: could not connect to host beamitapp.com: could not connect to host beanbot.party: could not connect to host beanworks.ca: did not receive HSTS header -bearden.io: did not receive HSTS header +bearden.io: could not connect to host beardydave.com: did not receive HSTS header beasel.biz: could not connect to host beastlog.tk: could not connect to host beastowner.com: did not receive HSTS header +beautyconcept.co: did not receive HSTS header beavers.io: could not connect to host bebeefy.uk: could not connect to host bebesurdoue.com: could not connect to host beccajoshwedding.com: could not connect to host -becklove.cn: did not receive HSTS header +becklove.cn: could not connect to host becubed.co: could not connect to host bedabox.com: did not receive HSTS header bedeta.de: could not connect to host +bedouille.com: could not connect to host bedreid.dk: did not receive HSTS header bedrijvenadministratie.nl: could not connect to host +beelen.fr: could not connect to host beerboutique.com.br: could not connect to host +beermedlar.com: could not connect to host beersandco.ch: could not connect to host beetgroup.id: could not connect to host beetleroadstories.com: could not connect to host @@ -1512,10 +1689,15 @@ bemcorp.de: did not receive HSTS header bemvindoaolar.com.br: did not receive HSTS header bemyvictim.com: max-age too low: 2678400 bendechrai.com: did not receive HSTS header +benedikt-tuchen.de: did not receive HSTS header benediktdichgans.de: did not receive HSTS header beneffy.com: did not receive HSTS header benevisim.com: could not connect to host +benevita.life: could not connect to host +benevita.live: could not connect to host +benevita.organic: could not connect to host benfairclough.com: could not connect to host +benhchuyenkhoa.net: could not connect to host benjakesjohnson.com: could not connect to host benjamin-horvath.com: could not connect to host benjamin-suess.de: could not connect to host @@ -1529,21 +1711,21 @@ benzkosmetik.de: did not receive HSTS header benzou-space.com: could not connect to host beourvictim.com: max-age too low: 2678400 bep.gov: did not receive HSTS header -bep362.vn: did not receive HSTS header +bep362.vn: could not connect to host beraru.tk: could not connect to host +beraten-entwickeln-steuern.de: could not connect to host berdu.id: did not receive HSTS header berduri.com: could not connect to host berger.work: could not connect to host +bergfex.at: did not receive HSTS header bergland-seefeld.at: did not receive HSTS header +bergstoneware.com: could not connect to host berhampore-gateway.tk: could not connect to host berlatih.com: did not receive HSTS header -berliancom.com: did not receive HSTS header berlin-kohlefrei.de: could not connect to host berlinleaks.com: could not connect to host bermytraq.bm: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] bernexskiclub.ch: did not receive HSTS header -berr.yt: could not connect to host -berry.cat: could not connect to host berrymark.be: did not receive HSTS header berseb.se: could not connect to host berthelier.me: could not connect to host @@ -1556,7 +1738,7 @@ besixdouze.world: could not connect to host beslider.com: could not connect to host besnik.de: could not connect to host besola.de: could not connect to host -best-wedding-quotes.com: did not receive HSTS header +best-wedding-quotes.com: could not connect to host bestattorney.com: did not receive HSTS header bestbeards.ca: could not connect to host bestbestbitcoin.com: could not connect to host @@ -1570,11 +1752,13 @@ bestof1001.de: could not connect to host bestorangeseo.com: could not connect to host bestpaintings.nl: did not receive HSTS header bestschools.top: did not receive HSTS header +bestwarezone.com: could not connect to host +bet990.com: could not connect to host betaclean.fr: did not receive HSTS header betafive.net: could not connect to host betakah.net: could not connect to host betamint.org: did not receive HSTS header -betcafearena.ro: could not connect to host +betcafearena.ro: did not receive HSTS header betformular.com: could not connect to host bethditto.com: did not receive HSTS header betkoo.com: could not connect to host @@ -1583,20 +1767,22 @@ betonmoney.com: could not connect to host betplanning.it: did not receive HSTS header bets.de: did not receive HSTS header bets.gg: did not receive HSTS header +betshoot.com: could not connect to host betsonlinefree.com.au: could not connect to host betterlifemakers.com: max-age too low: 200 -bettertest.it: could not connect to host bettween.com: did not receive HSTS header betz.ro: could not connect to host beulahtabernacle.com: could not connect to host bevapehappy.com: did not receive HSTS header bewerbungsfibel.de: did not receive HSTS header +bewertet.de: could not connect to host bexit-hosting.nl: could not connect to host bexit-security.eu: could not connect to host bexit-security.nl: could not connect to host bey.io: could not connect to host beylikduzum.com: did not receive HSTS header beyond-edge.com: could not connect to host +beyond-rational.com: did not receive HSTS header beyuna.co.uk: did not receive HSTS header beyuna.eu: did not receive HSTS header beyuna.nl: did not receive HSTS header @@ -1613,6 +1799,8 @@ bffm.biz: could not connect to host bfrailwayclub.cf: could not connect to host bgcparkstad.nl: did not receive HSTS header bgdaddy.com: did not receive HSTS header +bgenlisted.com: could not connect to host +bgfashion.net: could not connect to host bgneuesheim.de: did not receive HSTS header bhatia.at: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] bianinapiccanovias.com: could not connect to host @@ -1620,9 +1808,12 @@ biaoqingfuhao.net: did not receive HSTS header biaoqingfuhao.org: did not receive HSTS header biapinheiro.com.br: max-age too low: 5184000 biblerhymes.com: did not receive HSTS header +bibliafeminina.com.br: could not connect to host +bichines.es: did not receive HSTS header bichonfrise.com.br: could not connect to host bichonmaltes.com.br: could not connect to host bidon.ca: did not receive HSTS header +bidorbuy.co.ke: did not receive HSTS header bieberium.de: could not connect to host biego.cn: did not receive HSTS header bielsa.me: did not receive HSTS header @@ -1630,17 +1821,18 @@ bienenblog.cc: could not connect to host bier.jp: did not receive HSTS header bierbringer.at: could not connect to host bierochs.org: could not connect to host -biftin.net: could not connect to host big-black.de: did not receive HSTS header bigbbqbrush.bid: could not connect to host bigbounceentertainment.co.uk: could not connect to host bigbrownpromotions.com.au: did not receive HSTS header bigcorporateevents.com: could not connect to host bigerbio.com: could not connect to host +bigfunbouncycastles.com: could not connect to host biglagoonrentals.com: did not receive HSTS header biglou.com: max-age too low: 3153600 bigshinylock.minazo.net: could not connect to host biguixhe.net: could not connect to host +bijoux.com.br: could not connect to host bijouxdegriffe.com.br: could not connect to host bijugeral.com.br: could not connect to host bikelifetvkidsquads.co.uk: could not connect to host @@ -1652,19 +1844,17 @@ biletua.de: could not connect to host biletyplus.com: could not connect to host biletyplus.ru: did not receive HSTS header bill-nye-the.science: did not receive HSTS header +billaud.eu.org: could not connect to host billdestler.com: did not receive HSTS header billigssl.dk: did not receive HSTS header -billin.net: did not receive HSTS header billkiss.com: could not connect to host billninja.com: did not receive HSTS header billrobinson.io: could not connect to host billrusling.com: could not connect to host -bimbo.com: max-age too low: 86400 -bimbo.com.ar: max-age too low: 86400 -bimbobakeriesusa.com: max-age too low: 86400 binam.center: could not connect to host +binarization.net: could not connect to host +binarization.org: did not receive HSTS header binaryabstraction.com: could not connect to host -binaryevolved.com: did not receive HSTS header binaryfigments.com: max-age too low: 86400 binderapp.net: could not connect to host bingcheung.com: could not connect to host @@ -1672,17 +1862,22 @@ bingcheung.org: could not connect to host bingo-wear.com: could not connect to host bingo9.net: could not connect to host bingofriends.com: could not connect to host +bingostars.com: did not receive HSTS header binimo.com: could not connect to host +binsp.net: could not connect to host biocrafting.net: could not connect to host bioespuna.eu: did not receive HSTS header biofam.ru: did not receive HSTS header -bioknowme.com: did not receive HSTS header biologis.ch: could not connect to host +biomax-mep.com.br: did not receive HSTS header bionicspirit.com: did not receive HSTS header biophysik-ssl.de: did not receive HSTS header +biopreferred.gov: could not connect to host biou.me: could not connect to host biovalue.eu: could not connect to host bip.gov.sa: could not connect to host +birdandbranchnyc.com: max-age too low: 43200 +birkengarten.ch: could not connect to host birkman.com: did not receive HSTS header bischoff-mathey.family: could not connect to host biscuits-rec.com: could not connect to host @@ -1690,7 +1885,7 @@ biscuits-shop.com: could not connect to host bismarck.moe: did not receive HSTS header bisterfeldt.com: did not receive HSTS header biswas.me: could not connect to host -bit.biz.tr: could not connect to host +bitace.com: did not receive HSTS header bitbit.org: did not receive HSTS header bitbr.net: did not receive HSTS header bitcantor.com: did not receive HSTS header @@ -1698,12 +1893,15 @@ bitchan.it: could not connect to host bitcoin-casino-no-deposit-bonus.com: max-age too low: 0 bitcoin-class.com: could not connect to host bitcoin-daijin.com: could not connect to host +bitcoin.com: did not receive HSTS header bitcoinec.info: could not connect to host +bitcoinfo.jp: did not receive HSTS header bitcoinhk.org: did not receive HSTS header bitcoinjpn.com: could not connect to host -bitcoinprivacy.net: did not receive HSTS header -bitcoinworld.me: did not receive HSTS header +bitcoinprivacy.net: could not connect to host +bitcoinworld.me: could not connect to host bitconcepts.co.uk: could not connect to host +bitedge.com: did not receive HSTS header bitenose.net: could not connect to host bitenose.org: could not connect to host biteoftech.com: did not receive HSTS header @@ -1713,29 +1911,33 @@ bitfarm-archiv.com: did not receive HSTS header bitfarm-archiv.de: did not receive HSTS header bitheus.com: could not connect to host bithosting.io: did not receive HSTS header -bitk.co: could not connect to host -bitk.co.uk: could not connect to host -bitk.eu: could not connect to host bitmain.com.ua: could not connect to host bitmaincare.com.ua: could not connect to host bitmaincare.ru: could not connect to host +bitmainwarranty.com.ua: could not connect to host +bitmainwarranty.ru: could not connect to host +bitmex.com: did not receive HSTS header bitmexin.com: could not connect to host -bitmoe.com: did not receive HSTS header +bitmon.net: did not receive HSTS header bitnet.io: did not receive HSTS header bitplay.space: could not connect to host bitpod.de: could not connect to host +bitpoll.de: could not connect to host +bitpoll.org: could not connect to host bitrage.de: could not connect to host bitraum.io: could not connect to host +bitroll.com: could not connect to host bitsafe.systems: did not receive HSTS header bitsensor.io: did not receive HSTS header -bitskins.co: did not receive HSTS header bitstep.ca: could not connect to host bittervault.xyz: could not connect to host +bituptick.com: did not receive HSTS header +bitvegas.com: did not receive HSTS header bitvigor.com: could not connect to host bitwrought.net: could not connect to host bityes.org: could not connect to host bivsi.com: could not connect to host -bizcms.com: did not receive HSTS header +bizcms.com: could not connect to host bizon.sk: did not receive HSTS header bizpare.com: did not receive HSTS header bizzartech.com: did not receive HSTS header @@ -1746,26 +1948,27 @@ bkb-skandal.ch: could not connect to host black-armada.com: could not connect to host black-armada.com.pl: could not connect to host black-armada.pl: could not connect to host +black-gay-porn.biz: could not connect to host black-octopus.ru: could not connect to host -black-pool.net: did not receive HSTS header blackberrycentral.com: could not connect to host blackburn.link: could not connect to host blackdiam.net: did not receive HSTS header +blackilli.de: could not connect to host +blackkeg.ca: could not connect to host blacklane.com: did not receive HSTS header blacklightparty.be: could not connect to host blackly.uk: max-age too low: 0 -blackmagic.sk: did not receive HSTS header +blackmagic.sk: could not connect to host blackmirror.com.au: did not receive HSTS header -blackmonday.gr: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +blacknova.io: could not connect to host blackpayment.ru: did not receive HSTS header blackphantom.de: could not connect to host blackscreen.me: could not connect to host blackunicorn.wtf: could not connect to host bladesmith.io: did not receive HSTS header blakerandall.xyz: could not connect to host -blameomar.com: could not connect to host blantik.net: could not connect to host -blarg.co: could not connect to host +blarg.co: did not receive HSTS header blauwwit.be: did not receive HSTS header blazeit.io: could not connect to host bleep.zone: could not connect to host @@ -1773,12 +1976,12 @@ blendlecdn.com: could not connect to host blenheimchalcot.com: did not receive HSTS header blessnet.jp: did not receive HSTS header blha303.com.au: could not connect to host -bliesekow.net: could not connect to host blindaryproduction.tk: could not connect to host blindsexdate.nl: did not receive HSTS header blinkenlight.co.uk: could not connect to host blinkenlight.com.au: could not connect to host blmiller.com: did not receive HSTS header +blockchainced.com: could not connect to host blocksatz-medien.de: could not connect to host blockshopauto.com: could not connect to host blog-ritaline.com: could not connect to host @@ -1787,11 +1990,10 @@ blog.cyveillance.com: did not receive HSTS header blog.gparent.org: could not connect to host blog.torproject.org: max-age too low: 1000 blogabout.ru: could not connect to host -blogarts.net: did not receive HSTS header blogdieconomia.it: did not receive HSTS header blogdimoda.com: did not receive HSTS header blogdimotori.it: did not receive HSTS header -bloglife-bb.com: did not receive HSTS header +bloglife-bb.com: could not connect to host bloglikepro.com: could not connect to host blognone.com: did not receive HSTS header blognr.com: could not connect to host @@ -1805,18 +2007,21 @@ blowjs.com: could not connect to host bls-fiduciaire.be: did not receive HSTS header bltc.co: could not connect to host blubbablasen.de: could not connect to host +blubberladen.de: did not receive HSTS header blucas.org: did not receive HSTS header blue17.co.uk: did not receive HSTS header bluebill.net: did not receive HSTS header bluecon.eu: did not receive HSTS header +bluefinger.nl: did not receive HSTS header blueglobalmedia.com: could not connect to host bluehawk.cloud: did not receive HSTS header blueliv.com: did not receive HSTS header -bluemosh.com: could not connect to host -blueoakart.com: could not connect to host +bluemoonroleplaying.com: could not connect to host bluepoint.foundation: could not connect to host bluepoint.institute: could not connect to host +blueridgesecuritycameras.com: did not receive HSTS header bluescloud.xyz: could not connect to host +bluesecure.com.br: did not receive HSTS header bluetenmeer.com: did not receive HSTS header bluezonehealth.co.uk: did not receive HSTS header bluketing.com: did not receive HSTS header @@ -1834,14 +2039,17 @@ bm-immo.ch: could not connect to host bm-trading.nl: did not receive HSTS header bmet.de: did not receive HSTS header bmoattachments.org: did not receive HSTS header +bn4t.me: could not connect to host bngsecure.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] bnhlibrary.com: did not receive HSTS header board-buy.ru: could not connect to host bobaobei.net: could not connect to host bobaobei.org: could not connect to host +bobep.ru: could not connect to host bobiji.com: did not receive HSTS header +boboates.com: did not receive HSTS header bodo-wolff.de: could not connect to host -bodrumfarm.com: did not receive HSTS header +bodrumfarm.com: could not connect to host bodyblog.nl: did not receive HSTS header bodybuilding-legends.com: could not connect to host bodybuilding.events: could not connect to host @@ -1855,7 +2063,9 @@ bohyn.cz: could not connect to host boiadeirodeberna.com: could not connect to host boilesen.com: did not receive HSTS header bokeyy.com: could not connect to host +bokutake.com: could not connect to host bolainfoasia.com: did not receive HSTS header +bolivarfm.com.ve: did not receive HSTS header boltdata.io: could not connect to host boltn.uk: did not receive HSTS header bolwerk.com.br: did not receive HSTS header @@ -1863,8 +2073,9 @@ bomberus.de: could not connect to host bombsquad.studio: could not connect to host bonamihome.ro: could not connect to host bonapp.restaurant: could not connect to host +bondagefetishstore.com: could not connect to host bondtofte.dk: did not receive HSTS header -boneko.de: could not connect to host +boneko.de: did not receive HSTS header bonigo.de: did not receive HSTS header bonitabrazilian.co.nz: did not receive HSTS header bonnin.fr: did not receive HSTS header @@ -1880,29 +2091,33 @@ bookingentertainment.com: did not receive HSTS header bookmakersfreebets.com.au: could not connect to host bookofraonlinecasinos.com: could not connect to host bookreport.ga: could not connect to host +bookwitty.social: could not connect to host boomerang.com: did not receive HSTS header boomsaki.com: did not receive HSTS header boomsakis.com: did not receive HSTS header boosterlearnpro.com: did not receive HSTS header -boostgame.win: could not connect to host boote.wien: did not receive HSTS header booter.es: could not connect to host booth.in.th: could not connect to host bootikexpress.fr: did not receive HSTS header boozinyan.com: could not connect to host bopera.co.uk: could not connect to host +borchers-media.de: could not connect to host +borchers.ninja: did not receive HSTS header borderlinegroup.com: could not connect to host boringsecurity.net: could not connect to host -boris.one: did not receive HSTS header +boris.one: could not connect to host borisavstankovic.rs: could not connect to host borisbesemer.com: could not connect to host born-to-learn.com: did not receive HSTS header borrelioz.com: did not receive HSTS header borscheid-wenig.com: did not receive HSTS header boschee.net: could not connect to host +botmanager.pl: could not connect to host botox.bz: did not receive HSTS header boueki.jp: did not receive HSTS header boueki.org: did not receive HSTS header +bouk.co: could not connect to host bounce-r-us.co.uk: did not receive HSTS header bounceboxspc.com: did not receive HSTS header bouncecoffee.com: did not receive HSTS header @@ -1925,12 +2140,13 @@ boxlitepackaging.com: did not receive HSTS header boxview.com: could not connect to host boyan.in: could not connect to host boyfriendhusband.men: did not receive HSTS header -bozemancarpetcleaningservices.com: could not connect to host +boypoint.de: could not connect to host +bozemancarpetcleaningservices.com: did not receive HSTS header bp-wahl.at: did not receive HSTS header bpadvisors.eu: could not connect to host bqcp.net: could not connect to host bqtoolbox.com: could not connect to host -bracoitaliano.com.br: did not receive HSTS header +braemer-it-consulting.de: could not connect to host bragasoft.com.br: did not receive HSTS header bragaweb.com.br: could not connect to host brainbuxa.com: did not receive HSTS header @@ -1947,7 +2163,6 @@ brainvation.de: did not receive HSTS header brakstad.org: could not connect to host bran.cc: could not connect to host bran.soy: could not connect to host -branchtrack.com: did not receive HSTS header branchzero.com: did not receive HSTS header brand-foo.com: did not receive HSTS header brand-foo.jp: did not receive HSTS header @@ -1960,12 +2175,10 @@ brandred.net: could not connect to host brandspray.com: could not connect to host brasilien.guide: could not connect to host brasilmorar.com: did not receive HSTS header -bratteng.xyz: did not receive HSTS header bravz.de: could not connect to host brb.city: did not receive HSTS header breatheav.com: did not receive HSTS header breatheproduction.com: did not receive HSTS header -breest.net: could not connect to host breeswish.org: did not receive HSTS header brenden.net.au: could not connect to host bress.cloud: could not connect to host @@ -1976,7 +2189,6 @@ brianpcurran.com: did not receive HSTS header brickoo.com: could not connect to host brickwerks.io: could not connect to host brickyardbuffalo.com: did not receive HSTS header -brideandgroomdirect.ie: could not connect to host bridgeout.com: could not connect to host bridholm.se: could not connect to host brightfuturemadebyme.com: could not connect to host @@ -1986,30 +2198,35 @@ brightstarkids.net: did not receive HSTS header brightstarkids.sg: did not receive HSTS header brilliantbuilders.co.uk: did not receive HSTS header brimspark.com: could not connect to host +brinkhu.is: could not connect to host brinkmann.one: could not connect to host +brinquedoseducativos.art.br: did not receive HSTS header brio-ukraine.store: could not connect to host +britishmeat.com: could not connect to host britzer-toner.de: did not receive HSTS header brivadois.ovh: did not receive HSTS header brix.ninja: did not receive HSTS header brks.xyz: could not connect to host brmascots.com: could not connect to host -brmsalescommunity.com: could not connect to host broerweb.nl: could not connect to host broken-oak.com: could not connect to host brookechase.com: did not receive HSTS header brookframework.org: could not connect to host +brossman.it: could not connect to host brownlawoffice.us: did not receive HSTS header browserid.org: could not connect to host brplusdigital.com: could not connect to host brrd.io: could not connect to host brrr.fr: could not connect to host -brunix.net: did not receive HSTS header +brunix.net: could not connect to host brunoonline.co.uk: could not connect to host +brunoramos.com: could not connect to host +brunoramos.org: could not connect to host bryancastillo.site: could not connect to host bryanshearer.accountant: did not receive HSTS header bryn.xyz: could not connect to host brynnan.nl: could not connect to host -brztec.com: did not receive HSTS header +brztec.com: could not connect to host bsagan.fr: did not receive HSTS header bsalyzer.com: could not connect to host bsc01.dyndns.org: could not connect to host @@ -2021,7 +2238,7 @@ bsohoekvanholland.nl: could not connect to host bsuess.de: could not connect to host btc-e.com: did not receive HSTS header btcdlc.com: could not connect to host -btcgo.nl: could not connect to host +btcgo.nl: did not receive HSTS header btcp.space: could not connect to host btcpot.ltd: did not receive HSTS header btku.org: could not connect to host @@ -2034,7 +2251,7 @@ buchheld.at: could not connect to host buchverlag-scholz.de: did not receive HSTS header bucket.tk: could not connect to host buckmulligans.com: did not receive HSTS header -buddhistische-weisheiten.org: did not receive HSTS header +buddhistische-weisheiten.org: could not connect to host budgetenergievriendenvoordeel.nl: could not connect to host budgetthostels.nl: did not receive HSTS header budskap.eu: did not receive HSTS header @@ -2042,6 +2259,7 @@ buenosairesestetica.com.ar: could not connect to host buenotour.ru: did not receive HSTS header buettgens.net: max-age too low: 2592000 buffalodrinkinggame.beer: did not receive HSTS header +bugtrack.co.uk: did not receive HSTS header bugtrack.io: could not connect to host bugwie.com: did not receive HSTS header buhler.pro: did not receive HSTS header @@ -2063,6 +2281,7 @@ buldogueingles.com.br: could not connect to host bulgarien.guide: could not connect to host bulkbuy.tech: could not connect to host bullbits.com: max-age too low: 0 +bulldoghire.co.uk: did not receive HSTS header bulletbabu.com: could not connect to host bulletpoint.cz: could not connect to host bullterrier.me: could not connect to host @@ -2072,9 +2291,9 @@ bumshow.ru: did not receive HSTS header bunadarbankinn.is: could not connect to host bunaken.asia: could not connect to host bunbomenu.de: could not connect to host +bundaberg.com: did not receive HSTS header bunsenlabs.org: max-age too low: 2592000 -buonventosbt.eu: could not connect to host -bupu.ml: did not receive HSTS header +buonventosbt.eu: did not receive HSTS header burckardtnet.de: did not receive HSTS header bureaubolster.nl: did not receive HSTS header bureaugravity.com: did not receive HSTS header @@ -2082,6 +2301,7 @@ burian-server.cz: could not connect to host burlesquemakeup.com: did not receive HSTS header burningcrash.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] burpsuite.site: could not connect to host +burroughsid.com: could not connect to host burrow.ovh: could not connect to host burrowingsec.com: could not connect to host burtrum.top: could not connect to host @@ -2098,21 +2318,24 @@ businessloanconnection.org: did not receive HSTS header businessmodeler.se: could not connect to host bustabit.com: could not connect to host bustimes.org.uk: did not receive HSTS header -busybee360.com: did not receive HSTS header +busybee360.com: could not connect to host butchersworkshop.com: did not receive HSTS header butian518.com: did not receive HSTS header butt.repair: could not connect to host buttercoin.com: could not connect to host butterfieldstraining.com: could not connect to host buturyu.org: did not receive HSTS header -buvinghausen.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +buvinghausen.com: max-age too low: 86400 buybaby.eu: could not connect to host +buybike.shop: could not connect to host buydesired.com: did not receive HSTS header +buyessay.org: could not connect to host +buyessays.net: could not connect to host buyfox.de: did not receive HSTS header buyharpoon.com: could not connect to host -buyhealth.shop: could not connect to host buyingsellingflorida.com: could not connect to host buynowdepot.com: did not receive HSTS header +buyplussize.shop: could not connect to host buyshoe.org: could not connect to host buywood.shop: could not connect to host buzzconcert.com: did not receive HSTS header @@ -2127,16 +2350,11 @@ bxdev.me: could not connect to host by1896.com: could not connect to host by1898.com: could not connect to host by1899.com: could not connect to host -by2230.com: max-age too low: 3600 -by2238.com: max-age too low: 3600 -by2239.com: max-age too low: 3600 -by2251.com: max-age too low: 3600 -by2253.com: max-age too low: 3600 -by2254.com: max-age too low: 3600 by4cqb.cn: could not connect to host by77.com: could not connect to host by777.com: did not receive HSTS header byji.com: could not connect to host +byken.cn: did not receive HSTS header bynet.cz: could not connect to host bypass.kr: could not connect to host bypassed.bid: could not connect to host @@ -2158,9 +2376,12 @@ bypassed.today: could not connect to host bypassed.works: could not connect to host bypassed.world: could not connect to host bypro.xyz: could not connect to host +byronwade.com: could not connect to host byte.chat: did not receive HSTS header byte.wtf: did not receive HSTS header bytelog.org: could not connect to host +bytema.re: could not connect to host +bytepen.com: could not connect to host bytesatwork.eu: could not connect to host byteshift.ca: could not connect to host bytesofcode.de: could not connect to host @@ -2179,40 +2400,46 @@ c3b.info: could not connect to host c3bbs.com: could not connect to host c3ie.com: did not receive HSTS header c4.hk: could not connect to host -cabaladada.org: could not connect to host cabsites.com: could not connect to host cabusar.fr: could not connect to host +cachethq.io: did not receive HSTS header caconnect.org: could not connect to host cadao.me: did not receive HSTS header cadburymovies.in.net: could not connect to host cadenadg.gr: did not receive HSTS header caerostris.com: could not connect to host caesreon.com: could not connect to host -cafe-murr.de: could not connect to host +cafe-murr.de: did not receive HSTS header cafe-scientifique.org.ec: could not connect to host cafechesscourt.com: could not connect to host +cafefresco.pe: did not receive HSTS header caferagazzi.de: did not receive HSTS header cafesg.net: could not connect to host +caibi.io: could not connect to host caim.cz: did not receive HSTS header caipai.fm: could not connect to host cairnterrier.com.br: could not connect to host -cais.de: could not connect to host +cais.de: did not receive HSTS header cajapopcorn.com: did not receive HSTS header +cake-time.co.uk: could not connect to host cake.care: could not connect to host cal.goip.de: could not connect to host calcularpagerank.com.br: could not connect to host calculatoaresecondhand.xyz: could not connect to host +calebmorris.com: did not receive HSTS header calgaryconstructionjobs.com: did not receive HSTS header callabs.net: could not connect to host +callanbryant.co.uk: did not receive HSTS header calleveryday.com: could not connect to host callision.com: did not receive HSTS header callmereda.com: did not receive HSTS header callsigns.ca: could not connect to host calltrackingreports.com: could not connect to host +calomel.org: max-age too low: 2764800 calories.org: could not connect to host caltonnutrition.com: did not receive HSTS header calvin.me: did not receive HSTS header -calvinallen.net: could not connect to host +calypso-tour.net: could not connect to host calypsogames.net: could not connect to host calyxinstitute.org: could not connect to host camashop.de: did not receive HSTS header @@ -2223,7 +2450,6 @@ camda.online: could not connect to host camisadotorcedor.com.br: could not connect to host camjackson.net: did not receive HSTS header cammarkets.com: could not connect to host -camolist.com: could not connect to host campaignelves.com: did not receive HSTS header campbellsoftware.co.uk: could not connect to host campfire.co.il: did not receive HSTS header @@ -2231,9 +2457,8 @@ campfourpaws.com: did not receive HSTS header campingcarlovers.com: could not connect to host campingdreams.com: did not receive HSTS header campus-cybersecurity.team: did not receive HSTS header -campusportalng.com: did not receive HSTS header camsanalytics.com: could not connect to host -canadabread.com: max-age too low: 86400 +camshowhub.com: could not connect to host canadiangamblingchoice.com: did not receive HSTS header canarianlegalalliance.com: did not receive HSTS header cancelmyprofile.com: could not connect to host @@ -2243,27 +2468,28 @@ candratech.com: could not connect to host candygirl.shop: could not connect to host candykidsentertainment.co.uk: did not receive HSTS header canifis.net: did not receive HSTS header -canterbury.ws: did not receive HSTS header +canterbury.ws: could not connect to host canyonshoa.com: did not receive HSTS header caodecristachines.com.br: could not connect to host caoyu.info: did not receive HSTS header +capacitacionyautoempleo.com: did not receive HSTS header capecycles.co.za: did not receive HSTS header capeyorkfire.com.au: did not receive HSTS header -capitalonecardservice.com: did not receive HSTS header -caps.is: could not connect to host +capitalonecardservice.com: could not connect to host +captainark.net: could not connect to host captchatheprize.com: could not connect to host captianseb.de: could not connect to host captivatedbytabrett.com: could not connect to host captivationscience.com: could not connect to host captivationtheory.com: could not connect to host +capturethepen.co.uk: could not connect to host car-navi.ph: did not receive HSTS header -car-rental24.com: could not connect to host +car-rental24.com: did not receive HSTS header car-shop.top: did not receive HSTS header carano-service.de: did not receive HSTS header caraudio69.cz: could not connect to host -carboneselectricosnettosl.info: did not receive HSTS header card-cashing.com: max-age too low: 0 -card-toka.jp: did not receive HSTS header +card-toka.jp: could not connect to host cardloan-manual.net: could not connect to host cardoni.net: did not receive HSTS header cardstream.com: did not receive HSTS header @@ -2271,26 +2497,28 @@ cardurl.com: did not receive HSTS header careeraid.in: could not connect to host careerstuds.com: could not connect to host careplasticsurgery.com: did not receive HSTS header -carey.bio: could not connect to host +carey.bio: did not receive HSTS header carif-idf.net: did not receive HSTS header carif-idf.org: did not receive HSTS header carlgo11.com: did not receive HSTS header carlo.mx: did not receive HSTS header carlolly.co.uk: could not connect to host carlosalves.info: could not connect to host -carloshmm.com: could not connect to host carloshmm.stream: could not connect to host carlovanwyk.com: could not connect to host carlsbouncycastlesandhottubs.co.uk: did not receive HSTS header carlscatering.com: did not receive HSTS header -carpliyz.com: could not connect to host +caroli.biz: could not connect to host +carpliyz.com: did not receive HSTS header carrando.de: could not connect to host carredejardin.com: could not connect to host carroarmato0.be: did not receive HSTS header carsforbackpackers.com: could not connect to host +carsten.pw: could not connect to host carstenfeuls.de: did not receive HSTS header carterorland.com: could not connect to host cartesunicef.be: did not receive HSTS header +carun.us: did not receive HSTS header carwashvapeur.be: could not connect to host casajardininsecticidas.com: did not receive HSTS header casamorelli.com.br: did not receive HSTS header @@ -2303,11 +2531,11 @@ cashfortulsahouses.com: could not connect to host cashless.fr: did not receive HSTS header cashmyphone.ch: could not connect to host cashsector.ga: could not connect to host -casinolegal.pt: did not receive HSTS header +casinolistings.com: could not connect to host +casinoluck.com: could not connect to host casinoreal.com: could not connect to host casinostest.com: could not connect to host casioshop.eu: did not receive HSTS header -casjay.cloud: did not receive HSTS header casjay.us: could not connect to host casjaygames.com: could not connect to host casovi.cf: could not connect to host @@ -2316,28 +2544,26 @@ castagnonavocats.com: did not receive HSTS header cata.ga: could not connect to host catalin.pw: did not receive HSTS header catarsisvr.com: could not connect to host -catchers.cc: did not receive HSTS header catcontent.cloud: could not connect to host +catdecor.ru: could not connect to host caterkids.com: did not receive HSTS header -catfooddispensersreviews.com: did not receive HSTS header +catgirl.me: could not connect to host catgirl.pics: could not connect to host catharisme.org: could not connect to host catherinesarasin.com: did not receive HSTS header -catinmay.com: could not connect to host +catinmay.com: did not receive HSTS header catnapstudios.com: could not connect to host catnmeow.com: could not connect to host catsmagic.pp.ua: could not connect to host -caughtredhanded.co.nz: could not connect to host causae-fincas.es: did not receive HSTS header causae.es: did not receive HSTS header -cav.ac: could not connect to host cavaleria.ro: did not receive HSTS header cavalierkingcharlesspaniel.com.br: could not connect to host caveclan.org: did not receive HSTS header cavedevs.de: could not connect to host cavedroid.xyz: could not connect to host cavern.tv: did not receive HSTS header -cayafashion.de: did not receive HSTS header +cayafashion.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] cayounglab.co.jp: did not receive HSTS header cbamo.org: did not receive HSTS header cbengineeringinc.com: max-age too low: 86400 @@ -2349,9 +2575,9 @@ ccl-sti.ch: could not connect to host ccretreatandfarm.com: did not receive HSTS header cctech.ph: could not connect to host cctld.com: could not connect to host +ccv.eu: did not receive HSTS header cd0.us: could not connect to host cdcpartners.gov: could not connect to host -cdeck.net: could not connect to host cdkeyworld.de: did not receive HSTS header cdmhp.org.nz: could not connect to host cdmon.tech: could not connect to host @@ -2364,21 +2590,23 @@ cdt.org: did not receive HSTS header ce-agentur.de: did not receive HSTS header cecilwalker.com.au: did not receive HSTS header cee.io: could not connect to host -cefak.org.br: could not connect to host +cefak.org.br: did not receive HSTS header cegfw.com: could not connect to host ceilingpac.org: could not connect to host +cekaja.com: did not receive HSTS header celebphotos.blog: could not connect to host -celebrityhealthcritic.com: did not receive HSTS header celec.gob.ec: could not connect to host celeirorural.com.br: did not receive HSTS header celigo.com: did not receive HSTS header celina-reads.de: could not connect to host +cellartracker.com: could not connect to host cellsites.nz: could not connect to host cencalvia.org: could not connect to host centennialrewards.com: did not receive HSTS header centerforpolicy.org: could not connect to host +centerpereezd.ru: could not connect to host centos.pub: could not connect to host -central4.me: did not receive HSTS header +central4.me: could not connect to host centralcountiesservices.org: did not receive HSTS header centralfor.me: did not receive HSTS header centrallead.net: could not connect to host @@ -2390,6 +2618,7 @@ centrolavoro.org: did not receive HSTS header centsforchange.net: could not connect to host ceoimon.com: did not receive HSTS header cercevelet.com: did not receive HSTS header +ceres1.space: did not receive HSTS header ceresia.ch: could not connect to host ceritamalam.net: could not connect to host cerize.love: could not connect to host @@ -2402,15 +2631,18 @@ certifix.eu: did not receive HSTS header certly.io: could not connect to host certmgr.org: could not connect to host ceruleanmainbeach.com.au: did not receive HSTS header +cervejista.com: could not connect to host cesal.net: could not connect to host cesidianroot.eu: could not connect to host cevrimici.com: could not connect to host +ceyizlikelisleri.com: could not connect to host +cf11.de: did not receive HSTS header cfcnexus.org: could not connect to host cfcproperties.com: did not receive HSTS header -cfda.gov: could not connect to host cfetengineering.com: could not connect to host cfneia.org: could not connect to host cfoitplaybook.com: could not connect to host +cfsh.tk: could not connect to host cganx.org: could not connect to host cgerstner.eu: did not receive HSTS header cgsshelper.tk: could not connect to host @@ -2419,6 +2651,7 @@ chadklass.com: could not connect to host chahub.com: could not connect to host chainmonitor.com: could not connect to host challengeskins.com: could not connect to host +chameleon-ents.co.uk: could not connect to host chameth.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] chamilo.org: did not receive HSTS header champ.dog: did not receive HSTS header @@ -2436,15 +2669,16 @@ chaos.fail: could not connect to host chaospott.de: did not receive HSTS header chaoswebs.net: did not receive HSTS header chaouby.com: could not connect to host +charakato.com: could not connect to host charge.co: could not connect to host chargejuice.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] charityclear.com: could not connect to host charitystreet.co.uk: could not connect to host -charlenevondell.com: could not connect to host charlestonsecuritysystems.net: did not receive HSTS header charliemcneive.com: could not connect to host charlimarie.com: did not receive HSTS header charlipopkids.com.au: could not connect to host +charmyadesara.com: could not connect to host charnleyhouse.co.uk: did not receive HSTS header charonsecurity.com: could not connect to host charp.eu: could not connect to host @@ -2456,24 +2690,27 @@ chasse-et-plaisir.com: did not receive HSTS header chat-porc.eu: did not receive HSTS header chatbot.me: did not receive HSTS header chatbots.email: could not connect to host +chateau-belvoir.com: did not receive HSTS header chateauconstellation.ch: did not receive HSTS header chateaudevaugrigneuse.com: did not receive HSTS header chatint.com: did not receive HSTS header chatnbook.com: could not connect to host chatup.cf: could not connect to host +chatxp.com: could not connect to host chaulootz.com: did not receive HSTS header +chaverde.org: could not connect to host chcemvediet.sk: max-age too low: 1555200 cheah.xyz: could not connect to host cheapdns.org: could not connect to host -cheapwritingservice.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +cheapssl.com.tr: could not connect to host +cheapwritingservice.com: could not connect to host cheazey.net: did not receive HSTS header chebedara.com: could not connect to host chebwebb.com: could not connect to host checkhost.org: could not connect to host -checkmatewebsolutions.com: did not receive HSTS header +checkmatewebsolutions.com: max-age too low: 0 checkout.google.com: could not connect to host (error ignored - included regardless) -checkrente.nl: did not receive HSTS header -checkyourmeds.com: did not receive HSTS header +checkyourmeds.com: could not connect to host cheekylittlerascals.co.uk: did not receive HSTS header cheerflow.com: could not connect to host cheesetart.my: could not connect to host @@ -2494,14 +2731,16 @@ cherrydropscandycarts.co.uk: did not receive HSTS header cherylsoleway.com: did not receive HSTS header chessreporter.nl: did not receive HSTS header chesterbrass.uk: did not receive HSTS header -chestnut.cf: could not connect to host chiamata-aiuto.ch: could not connect to host chib.chat: could not connect to host chicorycom.net: could not connect to host chihiro.xyz: could not connect to host chijiokeindustries.co.uk: could not connect to host +chikatomo-ryugaku.com: did not receive HSTS header +chikory.com: could not connect to host childcaresolutionscny.org: did not receive HSTS header childrendeservebetter.org: did not receive HSTS header +chilli943.info: could not connect to host chimparoo.ca: did not receive HSTS header china-dhl.org: could not connect to host china-line.org: could not connect to host @@ -2510,14 +2749,18 @@ chiphell.com: did not receive HSTS header chirgui.eu: could not connect to host chloca.jp: did not receive HSTS header chloe.re: did not receive HSTS header +chloeallison.co.uk: could not connect to host +chloehorler.com: could not connect to host chlouis.net: could not connect to host chm.vn: did not receive HSTS header chocolat-suisse.ch: could not connect to host chodobien.com: could not connect to host +chodocu.com: did not receive HSTS header +choe.fi: could not connect to host choiralberta.ca: did not receive HSTS header chontalpa.pw: could not connect to host chopperforums.com: could not connect to host -chordso.com: could not connect to host +chordso.com: did not receive HSTS header chorkley.me: could not connect to host choruscrowd.com: could not connect to host chotu.net: could not connect to host @@ -2525,13 +2768,11 @@ chris-web.info: could not connect to host chrisandsarahinasia.com: could not connect to host chrisbrakebill.com: did not receive HSTS header chrisbrown.id.au: could not connect to host -chriscowley.me.uk: did not receive HSTS header chrisebert.net: could not connect to host chrisfaber.com: could not connect to host chrisfinazzo.com: did not receive HSTS header chriskirchner.de: did not receive HSTS header chriskyrouac.com: could not connect to host -chrisnicholas.io: did not receive HSTS header chrisopperwall.com: did not receive HSTS header chrisself.xyz: could not connect to host christiaandruif.nl: could not connect to host @@ -2539,7 +2780,8 @@ christianbro.gq: could not connect to host christianhoffmann.info: could not connect to host christianhospitaltank.org: did not receive HSTS header christiansayswords.com: could not connect to host -christina-quast.de: could not connect to host +christianscholz.eu: could not connect to host +christina-quast.de: did not receive HSTS header christophebarbezat.ch: could not connect to host christophercolumbusfoundation.gov: could not connect to host christophersole.com: could not connect to host @@ -2555,25 +2797,33 @@ chrome.google.com: did not receive HSTS header (error ignored - included regardl chronogram.me: did not receive HSTS header chronoproject.com: did not receive HSTS header chrst.ph: could not connect to host -chs.us: max-age too low: 0 +chs.us: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] chsh.moe: could not connect to host chua.cf: could not connect to host +chua.family: could not connect to host chuckame.fr: did not receive HSTS header chulado.com: did not receive HSTS header chundelac.com: could not connect to host churchux.co: did not receive HSTS header +churchwebcanada.ca: did not receive HSTS header +churchwebsupport.com: did not receive HSTS header churrasqueirafacil.com.br: could not connect to host ci-labo.com.tw: max-age too low: 7889238 cianmawhinney.xyz: could not connect to host +cidadedopoker.com.br: did not receive HSTS header +ciderclub.com: could not connect to host cidr.ml: could not connect to host +cielly.com: could not connect to host cienbeaute-lidl.fr: could not connect to host cigarblogs.net: could not connect to host +cigarterminal.com: could not connect to host cigi.site: could not connect to host ciicutini.ro: did not receive HSTS header cim2b.de: could not connect to host cimalando.eu: could not connect to host cinartelorgu.com: did not receive HSTS header cinefilia.tk: could not connect to host +cinema5.ru: did not receive HSTS header cinemaclub.co: could not connect to host cinerama.com.br: did not receive HSTS header cintdirect.com: could not connect to host @@ -2582,33 +2832,34 @@ cipher.co.th: did not receive HSTS header cipher.land: could not connect to host cipherli.st: did not receive HSTS header ciplanutrition.com: could not connect to host +cipriano.nl: did not receive HSTS header cira.email: could not connect to host circ-logic.com: did not receive HSTS header circlebox.rocks: could not connect to host -cirrohost.com: did not receive HSTS header +cirrohost.com: could not connect to host ciscohomeanalytics.com: could not connect to host ciscommerce.net: could not connect to host citiagent.cz: could not connect to host citra-emu.org: did not receive HSTS header +citroner.blog: could not connect to host citybusexpress.com: did not receive HSTS header cityoflaurel.org: did not receive HSTS header citywalkr.com: could not connect to host ciuciucadou.ro: could not connect to host cium.ru: could not connect to host -ciurcasdan.eu: did not receive HSTS header +civicunicorn.com: could not connect to host +civicunicorn.us: could not connect to host cjcaron.org: could not connect to host -cjdpenterprises.com: could not connect to host -cjdpenterprises.com.au: could not connect to host cjessett.com: max-age too low: 0 cjtkfan.club: could not connect to host ckcameron.net: could not connect to host ckp.io: could not connect to host claimit.ml: could not connect to host clan-ww.com: did not receive HSTS header -clapping-rhymes.com: did not receive HSTS header +clapping-rhymes.com: could not connect to host clara-baumert.de: could not connect to host claralabs.com: did not receive HSTS header -claretandbanter.uk: did not receive HSTS header +claretandbanter.uk: could not connect to host clarity-c2ced.appspot.com: did not receive HSTS header claritysrv.com: did not receive HSTS header clarksgaragedoorrepair.com: did not receive HSTS header @@ -2630,7 +2881,7 @@ cleanstar.org: could not connect to host clear.ml: could not connect to host clearc.tk: could not connect to host clearchatsandbox.com: could not connect to host -clearsky.me: did not receive HSTS header +clearsky.me: could not connect to host clearviewwealthprojector.com.au: could not connect to host clemovementlaw.com: could not connect to host clerkendweller.uk: could not connect to host @@ -2644,6 +2895,7 @@ clickandgo.com: did not receive HSTS header clickandshoot.nl: could not connect to host clickclickphish.com: did not receive HSTS header clickgram.biz: could not connect to host +clickomobile.com: did not receive HSTS header clicks.co.za: max-age too low: 1800 clicktenisdemesa.com.br: did not receive HSTS header clicn.bio: could not connect to host @@ -2657,7 +2909,9 @@ clintonbloodworth.com: could not connect to host clintonbloodworth.io: could not connect to host clintwilson.technology: max-age too low: 2592000 clipped4u.com: could not connect to host +clod-hacking.com: could not connect to host cloghercastles.co.uk: did not receive HSTS header +clorik.com: could not connect to host closient.com: did not receive HSTS header closingholding.com: could not connect to host cloud-crowd.com.au: did not receive HSTS header @@ -2665,18 +2919,23 @@ cloud-project.com: could not connect to host cloud.wtf: could not connect to host cloud2go.de: did not receive HSTS header cloudapi.vc: could not connect to host -cloudbased.info: could not connect to host +cloudbased.info: did not receive HSTS header cloudbasedsite.com: did not receive HSTS header cloudberlin.goip.de: could not connect to host cloudbleed.info: could not connect to host +cloudbolin.es: could not connect to host cloudcert.org: did not receive HSTS header cloudcy.net: could not connect to host clouddesktop.co.nz: could not connect to host cloudfren.com: did not receive HSTS header cloudimag.es: could not connect to host +cloudimprovedtest.com: could not connect to host cloudlink.club: could not connect to host +cloudmigrator365.com: did not receive HSTS header cloudns.com.au: could not connect to host cloudopt.net: did not receive HSTS header +cloudpagesforwork.com: did not receive HSTS header +cloudpebble.net: did not receive HSTS header clouds.webcam: could not connect to host cloudspotterapp.com: did not receive HSTS header cloudstoragemaus.com: could not connect to host @@ -2693,22 +2952,25 @@ clownish.co.il: could not connect to host clsimplex.com: did not receive HSTS header clubcall.com: did not receive HSTS header clubdeslecteurs.net: could not connect to host +clubmate.rocks: could not connect to host clubmix.co.kr: could not connect to host +cluefulca.com: could not connect to host +cluefulca.net: could not connect to host +cluefulca.org: could not connect to host cluj.apartments: could not connect to host -cluster.biz.tr: could not connect to host cluster.id: could not connect to host clvrwebdesign.com: did not receive HSTS header clvs7.com: did not receive HSTS header clycat.ru: could not connect to host clywedogmaths.co.uk: could not connect to host -cmangos.net: could not connect to host +cmangos.net: did not receive HSTS header cmc-versand.de: did not receive HSTS header cmcc.network: could not connect to host cmci.dk: did not receive HSTS header cmdtelecom.net.br: did not receive HSTS header cmitao.com: could not connect to host cmpr.es: could not connect to host -cmrss.com: did not receive HSTS header +cmrss.com: could not connect to host cms-weble.jp: did not receive HSTS header cmsbattle.com: could not connect to host cmscafe.ru: did not receive HSTS header @@ -2719,16 +2981,19 @@ cnaprograms.online: could not connect to host cncfraises.fr: did not receive HSTS header cncn.us: did not receive HSTS header cnetw.xyz: could not connect to host -cnitdog.com: did not receive HSTS header +cnitdog.com: could not connect to host cnlic.com: could not connect to host cnrd.me: did not receive HSTS header cnsyear.com: did not receive HSTS header cnwage.com: could not connect to host cnwarn.com: could not connect to host -co-driversphoto.se: could not connect to host +co-driversphoto.se: did not receive HSTS header co-yutaka.com: could not connect to host -coach-sportif.paris: did not receive HSTS header +coach-sportif.paris: could not connect to host coachingconsultancy.com: did not receive HSTS header +coathangerstrangla.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +coathangerstrangler.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +coatl-industries.com: could not connect to host cobaltlp.com: could not connect to host cobrax.net: could not connect to host coccinellaskitchen.com: could not connect to host @@ -2740,6 +3005,7 @@ cockerspanielamericano.com.br: could not connect to host cockerspanielingles.com.br: could not connect to host cocktailfuture.fr: could not connect to host coco-cool.fr: could not connect to host +cocodemy.com: did not receive HSTS header cocolovesdaddy.com: could not connect to host codabix.com: did not receive HSTS header codabix.de: could not connect to host @@ -2753,12 +3019,11 @@ codeco.pw: could not connect to host codecontrollers.de: could not connect to host codedelarouteenligne.fr: did not receive HSTS header codeforce.io: could not connect to host -codeforhakodate.org: did not receive HSTS header -codejunkie.de: did not receive HSTS header +codeforhakodate.org: could not connect to host codelayer.ca: could not connect to host codelitmus.com: did not receive HSTS header codeloop.pw: could not connect to host -codelove.de: could not connect to host +codelove.de: did not receive HSTS header codemonkeyrawks.net: did not receive HSTS header codemperium.com: could not connect to host codenlife.xyz: could not connect to host @@ -2767,6 +3032,7 @@ codeplay.org: could not connect to host codepoet.de: did not receive HSTS header codeproxy.ddns.net: could not connect to host codepx.com: did not receive HSTS header +coderhangout.com: could not connect to host codewiththepros.org: could not connect to host codewiz.xyz: could not connect to host codigosddd.com.br: did not receive HSTS header @@ -2775,12 +3041,11 @@ coffeedino.com: did not receive HSTS header coffeeetc.co.uk: could not connect to host coffeestrategies.com: max-age too low: 5184000 cogniflex.com: did not receive HSTS header -cogsquad.house: could not connect to host cogumelosmagicos.org: could not connect to host cohesive.io: did not receive HSTS header +coimmvest.com: could not connect to host coin-exchange.cz: could not connect to host coindam.com: could not connect to host -coins2001.ru: could not connect to host colarelli.ch: could not connect to host coldlostsick.net: could not connect to host coldwatericecream.com: did not receive HSTS header @@ -2788,7 +3053,7 @@ colearnr.com: could not connect to host collablynk.com: could not connect to host collabra.email: did not receive HSTS header collard.tk: could not connect to host -collectiblebeans.com: could not connect to host +collbox.co: did not receive HSTS header collectosaurus.com: did not receive HSTS header colleencornez.com: could not connect to host collegepulse.org: could not connect to host @@ -2802,14 +3067,19 @@ colmexpro.com: did not receive HSTS header colognegaming.net: could not connect to host coloradocomputernetworking.net: could not connect to host colorcentertoner.com.br: did not receive HSTS header +coloringnotebook.com: could not connect to host colorlib.com: did not receive HSTS header +colorlifesupport.com: max-age too low: 0 colorunhas.com.br: did not receive HSTS header coltonrb.com: could not connect to host com.cc: could not connect to host combatshield.cz: did not receive HSTS header +comchezmeme.com: could not connect to host +comdotgame.com: could not connect to host comefollowme2016.com: did not receive HSTS header comeoncolleen.com: did not receive HSTS header comercialtrading.eu: could not connect to host +cometrueunlimited.com: could not connect to host comfortdom.ua: did not receive HSTS header comfortticket.de: did not receive HSTS header comfy.cafe: could not connect to host @@ -2821,20 +3091,20 @@ comicspines.com: could not connect to host comiq.io: could not connect to host comitesaustria.at: could not connect to host comiteshopping.com: could not connect to host -commania.co.kr: could not connect to host commencepayments.com: did not receive HSTS header -commerciallocker.com: did not receive HSTS header +commerciallocker.com: could not connect to host commercialplanet.eu: could not connect to host commune-preuilly.fr: did not receive HSTS header community-cupboard.org: did not receive HSTS header -communityflow.info: could not connect to host comocurarlagastritis24.online: did not receive HSTS header comocurarlashemorroides.org: could not connect to host comocurarlashemorroidesya.com: did not receive HSTS header +comoimportar.net: did not receive HSTS header +comosecarabarriga.net: did not receive HSTS header +comoseduzir.net: did not receive HSTS header comotalk.com: could not connect to host compalytics.com: could not connect to host comparamejor.com: did not receive HSTS header -compareandrecycle.co.uk: did not receive HSTS header comparejewelleryprices.co.uk: could not connect to host comparetravelinsurance.com.au: did not receive HSTS header compassionate-biology.com: could not connect to host @@ -2847,8 +3117,10 @@ compliance-systeme.de: could not connect to host complt.xyz: could not connect to host complymd.com: did not receive HSTS header compredietlight.com.br: did not receive HSTS header -comprefitasadere.com.br: did not receive HSTS header +comprefitasadere.com.br: could not connect to host comprehensiveihc.com: could not connect to host +compromised.com: could not connect to host +compsmag.com: did not receive HSTS header comptrollerofthecurrency.gov: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] compucorner.com.mx: could not connect to host computeremergency.com.au: did not receive HSTS header @@ -2861,22 +3133,20 @@ concerts-metal.ch: did not receive HSTS header conclave.global: could not connect to host concord-group.co.jp: did not receive HSTS header concretehermit.com: did not receive HSTS header -conectalmeria.com: could not connect to host +conectalmeria.com: did not receive HSTS header confirm365.com: could not connect to host conformal.com: could not connect to host -confucio.cl: could not connect to host congz.me: could not connect to host +conkret.ch: could not connect to host conkret.co.uk: could not connect to host conkret.eu: could not connect to host conkret.in: did not receive HSTS header -connaitre-les-astres.com: could not connect to host -connect-me.com: did not receive HSTS header +connaitre-les-astres.com: did not receive HSTS header connect.ua: could not connect to host connected-verhuurservice.nl: did not receive HSTS header connectfss.com: could not connect to host connectingconcepts.com: did not receive HSTS header conrad.am: could not connect to host -conrail.blue: could not connect to host consciousandglamorous.com: could not connect to host consciousbrand.org.au: could not connect to host consciousbranding.org.au: could not connect to host @@ -2884,8 +3154,8 @@ consciousbrands.net.au: could not connect to host consejosdehogar.com: did not receive HSTS header console.python.org: did not receive HSTS header console.support: did not receive HSTS header +construct-trust.com: could not connect to host constructive.men: could not connect to host -consultation.biz.tr: could not connect to host consultcelerity.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] consultingroupitaly.com: did not receive HSTS header consultorcr.net: did not receive HSTS header @@ -2900,7 +3170,6 @@ continuation.io: could not connect to host continuumgaming.com: could not connect to host contraout.com: could not connect to host controlcenter.gigahost.dk: did not receive HSTS header -controleer-maar-een-ander.nl: did not receive HSTS header convergemagazine.com: did not receive HSTS header convertimg.com: could not connect to host convoitises.com: did not receive HSTS header @@ -2914,8 +3183,9 @@ cooljs.me: could not connect to host coolkidsbouncycastles.co.uk: did not receive HSTS header coolvox.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] coonelnel.net: did not receive HSTS header -cooxa.com: did not receive HSTS header +cooxa.com: could not connect to host copshop.com.br: could not connect to host +coptic-treasures.com: max-age too low: 2592000 copycaught.com: could not connect to host cor-ser.es: could not connect to host coralproject.net: did not receive HSTS header @@ -2929,10 +3199,11 @@ coreapm.com: could not connect to host corecdn.org: could not connect to host coreinfrastructure.org: did not receive HSTS header corenetworking.de: could not connect to host +coresos.com: could not connect to host corex.io: could not connect to host corgicloud.com: could not connect to host corinnanese.de: could not connect to host -coriver.me: could not connect to host +coriver.me: did not receive HSTS header corkyoga.site: could not connect to host cormactagging.ie: could not connect to host cormilu.com.br: did not receive HSTS header @@ -2950,7 +3221,7 @@ corruption-mc.net: could not connect to host corruption-rsps.net: could not connect to host corruption-server.net: could not connect to host corzntin.fr: could not connect to host -cosmeticosnet.com.br: could not connect to host +cosmeticosnet.com.br: did not receive HSTS header cosmiatria.pe: could not connect to host cosmoluziluminacion.com: did not receive HSTS header cosmoss-departure.com: did not receive HSTS header @@ -2969,6 +3240,7 @@ course.pp.ua: did not receive HSTS header course.rs: could not connect to host coursella.com: did not receive HSTS header courses.nl: could not connect to host +courseworkbank.info: could not connect to host cove.sh: could not connect to host covenantbank.net: could not connect to host coverdat.com: could not connect to host @@ -2979,10 +3251,10 @@ cozy.io: did not receive HSTS header cozycloud.cc: did not receive HSTS header cpaneltips.com: could not connect to host cpbanq.com: could not connect to host -cpu.biz.tr: could not connect to host cpuvinf.eu.org: could not connect to host +cqchome.com: did not receive HSTS header cracking.org: did not receive HSTS header -crackingking.com: did not receive HSTS header +crackingking.com: could not connect to host crackpfer.de: could not connect to host crackslut.eu: could not connect to host craftbeerbarn.co.uk: could not connect to host @@ -2991,12 +3263,12 @@ craftination.net: could not connect to host craftmain.eu: could not connect to host craftmine.cz: could not connect to host craftngo.hu: could not connect to host +craftwmcp.xyz: could not connect to host craftydev.design: could not connect to host -craigsimpson.scot: did not receive HSTS header cranems.com.ua: could not connect to host cranesafe.com: max-age too low: 7889238 cranioschule.com: did not receive HSTS header -crashsec.com: could not connect to host +crashsec.com: did not receive HSTS header crate.io: did not receive HSTS header cravelyrics.com: could not connect to host crazifyngers.com: could not connect to host @@ -3004,27 +3276,31 @@ crazy-crawler.de: did not receive HSTS header crazycen.com: did not receive HSTS header crazycraftland.de: did not receive HSTS header crazycraftland.net: did not receive HSTS header +crazyfamily11.de: did not receive HSTS header crazyhotseeds.com: did not receive HSTS header crazyker.com: did not receive HSTS header crbug.com: did not receive HSTS header (error ignored - included regardless) creaescola.com: did not receive HSTS header -crealogix-online.com: could not connect to host creamybuild.com: could not connect to host +create-ls.jp: could not connect to host create-test-publish.co.uk: could not connect to host +creative-coder.de: did not receive HSTS header creativeapple.ltd: did not receive HSTS header creativeartifice.com: did not receive HSTS header creativecommonscatpictures.com: could not connect to host -creativeink.de: could not connect to host creativephysics.ml: could not connect to host creativeplayuk.com: did not receive HSTS header creato.top: could not connect to host +crecips.com: could not connect to host crecket.me: could not connect to host credia.jp: did not receive HSTS header creditclear.com.au: did not receive HSTS header -creditreporttips.net: could not connect to host +creditreporttips.net: did not receive HSTS header crendontech.com: did not receive HSTS header +creorin.com: did not receive HSTS header crestoncottage.com: could not connect to host crewplanner.eu: did not receive HSTS header +crge.eu: max-age too low: 0 crimewatch.net.za: could not connect to host crisissurvivalspecialists.com: could not connect to host cristianhares.com: could not connect to host @@ -3035,7 +3311,7 @@ crmdemo.website: did not receive HSTS header crockett.io: did not receive HSTS header croco.vision: did not receive HSTS header croeder.net: could not connect to host -cronix.cc: could not connect to host +croisieres.discount: did not receive HSTS header croods-mt2.fr: did not receive HSTS header croome.no-ip.org: could not connect to host crop-alert.com: could not connect to host @@ -3050,23 +3326,28 @@ crownbouncycastlehire.co.uk: did not receive HSTS header crownruler.com: did not receive HSTS header crox.co: could not connect to host crrev.com: did not receive HSTS header (error ignored - included regardless) +crt.cloud: could not connect to host crtvmgmt.com: could not connect to host crudysql.com: could not connect to host crufad.org: did not receive HSTS header -cruikshank.com.au: could not connect to host +cruikshank.com.au: did not receive HSTS header crushroom.com: max-age too low: 43200 cruzeiropedia.org: did not receive HSTS header cruzr.xyz: could not connect to host crypalert.com: could not connect to host crypt.guru: did not receive HSTS header cryptify.eu: could not connect to host +cryptobells.com: did not receive HSTS header cryptobin.org: could not connect to host cryptocaseproject.com: could not connect to host cryptodash.net: could not connect to host +cryptoegg.ca: could not connect to host +cryptofrog.co: could not connect to host +cryptoisnotacrime.org: could not connect to host cryptojar.io: could not connect to host +cryptojourney.com: did not receive HSTS header cryptolab.pro: could not connect to host cryptolab.tk: could not connect to host -cryptolosophy.io: could not connect to host cryptoparty.dk: could not connect to host cryptopartyatx.org: could not connect to host cryptopartynewcastle.org: could not connect to host @@ -3082,34 +3363,38 @@ csawctf.poly.edu: could not connect to host cscau.com: did not receive HSTS header csehnyelv.hu: could not connect to host cselzer.com: did not receive HSTS header -cser.me: did not receive HSTS header +cser.me: could not connect to host +csfcloud.com: did not receive HSTS header csfs.org.uk: could not connect to host csgf.ru: did not receive HSTS header csgo.help: could not connect to host csgo77.com: could not connect to host -csgodicegame.com: did not receive HSTS header +csgodicegame.com: could not connect to host csgoelemental.com: could not connect to host +csgogamers.com: could not connect to host +csgohandouts.com: did not receive HSTS header csgokings.eu: could not connect to host csgoshifter.com: could not connect to host csilies.de: could not connect to host csinfo.us: could not connect to host -csinterstargeneve.ch: could not connect to host csohack.tk: could not connect to host -cspbuilder.info: could not connect to host -cspeti.hu: could not connect to host +cspbuilder.info: did not receive HSTS header cssps.org: could not connect to host cssu.in: did not receive HSTS header csvape.com: did not receive HSTS header +cswarzone.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] ct-status.org: could not connect to host ct-watches.dk: did not receive HSTS header ctrl.blog: did not receive HSTS header +ctyi.me: did not receive HSTS header cuanhua3s.com: did not receive HSTS header cubecart.net: could not connect to host +cubecraftstore.com: could not connect to host +cubecraftstore.net: could not connect to host cubela.tech: could not connect to host cubeserver.eu: could not connect to host cubewano.com: could not connect to host cubix.host: did not receive HSTS header -cublick.com: did not receive HSTS header cucc.date: could not connect to host cuecamania.com.br: could not connect to host cujanovic.com: did not receive HSTS header @@ -3118,19 +3403,20 @@ culinae.nl: could not connect to host culture-school.top: did not receive HSTS header cumparama.com: did not receive HSTS header cumshots-video.ru: could not connect to host -cuni-cuni-club.com: could not connect to host +cunha.be: could not connect to host +cuni-cuni-club.com: did not receive HSTS header cuni-rec.com: could not connect to host -cuntflaps.me: could not connect to host cuongquach.com: did not receive HSTS header cuongthach.com: did not receive HSTS header cuonic.com: could not connect to host cupcake.io: did not receive HSTS header cupcake.is: did not receive HSTS header +cupofarchitects.net: could not connect to host curacao-license.com: could not connect to host curarnosensalud.com: could not connect to host -curatedgeek.com: did not receive HSTS header curiouscat.me: max-age too low: 2592000 curlyroots.com: did not receive HSTS header +current.com: did not receive HSTS header curroapp.com: could not connect to host cursosdnc.cl: did not receive HSTS header curveweb.co.uk: did not receive HSTS header @@ -3139,17 +3425,21 @@ custe.rs: could not connect to host customadesign.com: did not receive HSTS header customd.com: did not receive HSTS header customfilmworks.com: could not connect to host +customizeyourshower.com: could not connect to host +custompapers.com: could not connect to host +customromlist.com: could not connect to host +customwritings.com: could not connect to host cutelariafiveladeouro.com.br: did not receive HSTS header cutorrent.com: could not connect to host cuvva.insure: did not receive HSTS header cvjm-memmingen.de: did not receive HSTS header -cvsoftub.com: could not connect to host +cvsoftub.com: did not receive HSTS header cvtparking.co.uk: did not receive HSTS header cw-bw.de: could not connect to host cwage.com: could not connect to host -cwarren.is: could not connect to host cwbw.network: could not connect to host cwilson.ga: could not connect to host +cwningen.cymru: could not connect to host cy.technology: did not receive HSTS header cyanogenmod.xxx: could not connect to host cybbh.space: could not connect to host @@ -3162,53 +3452,54 @@ cyberdos.de: did not receive HSTS header cyberlab.kiev.ua: did not receive HSTS header cyberlab.team: did not receive HSTS header cyberpeace.nl: could not connect to host -cyberpioneer.net: could not connect to host cyberprey.com: did not receive HSTS header cyberpunk.ca: could not connect to host -cybersafesolutions.com: did not receive HSTS header cyberscan.io: did not receive HSTS header +cyberserver.org: could not connect to host cybershambles.com: could not connect to host cyberspace.today: could not connect to host -cyberxpert.nl: could not connect to host +cybit.io: did not receive HSTS header cyclehackluxembourgcity.lu: could not connect to host cyclingjunkies.com: could not connect to host cydia-search.io: could not connect to host cyelint.com: could not connect to host +cygu.ch: did not receive HSTS header cymtech.net: could not connect to host cynoshair.com: could not connect to host cyoda.com: did not receive HSTS header -cypherpunk.com: could not connect to host +cype.dedyn.io: could not connect to host cypherpunk.ws: could not connect to host cyphertite.com: could not connect to host +cypressinheritancesaga.com: could not connect to host cytadel.fr: did not receive HSTS header +cytegic-update-packages.com: could not connect to host czaw.org: did not receive HSTS header czirnich.org: did not receive HSTS header czlx.co: could not connect to host d-academia.com: did not receive HSTS header +d-macindustries.com: did not receive HSTS header d-rickroll-e.pw: could not connect to host d00r.de: did not receive HSTS header d0xq.net: could not connect to host d1ves.io: did not receive HSTS header d3x.pw: could not connect to host -d4rkdeagle.tk: could not connect to host +d4wson.com: could not connect to host d8studio.net: could not connect to host da8.cc: could not connect to host dabblegoat.com: could not connect to host dabbot.org: did not receive HSTS header dad256.tk: could not connect to host dadtheimpaler.com: could not connect to host -daemon.xin: did not receive HSTS header dah5.com: did not receive HSTS header dahl-pind.dk: did not receive HSTS header dai-rin.co.jp: could not connect to host -dailybunda.com: could not connect to host +dailybunda.com: did not receive HSTS header dailystormerpodcasts.com: could not connect to host dailytopix.com: could not connect to host daimadi.com: could not connect to host daisuki.pw: could not connect to host -daiwai.de: could not connect to host daiyuu.jp: could not connect to host -dakerealestate.com: could not connect to host +dakerealestate.com: did not receive HSTS header dakl-shop.de: did not receive HSTS header dakotasilencer.com: did not receive HSTS header dakrib.net: could not connect to host @@ -3221,9 +3512,12 @@ damedrogy.cz: could not connect to host damianuv-blog.cz: did not receive HSTS header damjanovic.work: could not connect to host danbarrett.com.au: could not connect to host +dancebuzz.co.uk: did not receive HSTS header dancerdates.net: did not receive HSTS header +dandenongroadapartments.com.au: did not receive HSTS header dandymrsb.com: could not connect to host dane-bre.net: max-age too low: 172800 +dango.in: could not connect to host daniel-mosquera.com: could not connect to host daniel-seifert.com: max-age too low: 600000 daniel-stahl.net: could not connect to host @@ -3233,6 +3527,7 @@ danieldk.eu: did not receive HSTS header danielgraziano.ca: could not connect to host danieliancu.com: could not connect to host danielkratz.com: max-age too low: 172800 +danielsteiner.net: could not connect to host danielverlaan.nl: could not connect to host danielworthy.com: did not receive HSTS header danielzuzevich.com: could not connect to host @@ -3242,6 +3537,7 @@ dankeblog.com: could not connect to host danmark.guide: did not receive HSTS header dannycrichton.com: did not receive HSTS header danrl.de: could not connect to host +dansa.com.co: did not receive HSTS header danskringsporta.be: did not receive HSTS header danwillenberg.com: did not receive HSTS header daolerp.xyz: could not connect to host @@ -3249,10 +3545,10 @@ dargasia.is: could not connect to host dario.im: did not receive HSTS header dariosirangelo.me: did not receive HSTS header dark-x.cf: could not connect to host -darkanzali.pl: max-age too low: 0 +darkanzali.pl: could not connect to host darkdestiny.ch: could not connect to host darkfriday.ddns.net: could not connect to host -darkhole.cn: did not receive HSTS header +darkhole.cn: could not connect to host darkishgreen.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] darkkeepers.dk: max-age too low: 172800 darknebula.space: could not connect to host @@ -3263,7 +3559,6 @@ darkstance.org: could not connect to host darktree.in: could not connect to host darlastudio66.com: did not receive HSTS header darlo.co.uk: could not connect to host -daropia.org: could not connect to host darrenellis.xyz: could not connect to host darrenm.net: could not connect to host das-tyrol.at: did not receive HSTS header @@ -3278,24 +3573,29 @@ data.haus: could not connect to host data.qld.gov.au: did not receive HSTS header datacave.is: could not connect to host datacubed.com: did not receive HSTS header +datafd.com: could not connect to host +datafd.net: could not connect to host datahoarder.download: could not connect to host -datahoarder.xyz: could not connect to host +datahoarderschool.club: did not receive HSTS header dataisme.com: did not receive HSTS header datajapan.co.jp: did not receive HSTS header datamatic.ru: could not connect to host dataretention.solutions: could not connect to host +datasharesystem.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] datasnitch.co.uk: could not connect to host datatekniikka.com: could not connect to host datedeposit.com: could not connect to host datengrab.ws: could not connect to host +datenlast.de: could not connect to host datenreiter.cf: could not connect to host datenreiter.gq: could not connect to host datenreiter.ml: could not connect to host datenreiter.tk: could not connect to host -datenschutzhelden.org: did not receive HSTS header +datenschutzhelden.org: could not connect to host datine.com.br: could not connect to host datorb.com: could not connect to host datortipsen.se: did not receive HSTS header +datsound.ru: could not connect to host datsumou-q.com: did not receive HSTS header daverandom.com: could not connect to host davidandkailey.com: could not connect to host @@ -3304,32 +3604,36 @@ davidglidden.eu: did not receive HSTS header davidgrudl.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] davidhunter.scot: did not receive HSTS header davidletellier.com: did not receive HSTS header +davidlillo.com: could not connect to host davidnoren.com: did not receive HSTS header davidreinhardt.de: could not connect to host davidscherzer.at: could not connect to host davros.eu: could not connect to host davros.ru: could not connect to host +daw.nz: could not connect to host dawnofeden.org: did not receive HSTS header dawnson.is: could not connect to host +dawnsonb.com: could not connect to host day.vip: did not receive HSTS header daylightcompany.com: did not receive HSTS header days.one: could not connect to host daytonaseaside.com: did not receive HSTS header db.gy: could not connect to host +dbjc.duckdns.org: did not receive HSTS header dblx.io: could not connect to host dbox.ga: could not connect to host dbpmedia.se: did not receive HSTS header -dbx.ovh: could not connect to host +dbx.ovh: did not receive HSTS header dbyz.co.uk: max-age too low: 43200 dcaracing.nl: could not connect to host -dcc.moe: did not receive HSTS header +dcc.moe: could not connect to host dccode.gov: could not connect to host dccoffeeproducts.com: did not receive HSTS header dccraft.net: could not connect to host -dclaisse.fr: could not connect to host dctxf.com: did not receive HSTS header dcuofriends.net: could not connect to host dcw.io: did not receive HSTS header +dd.art.pl: could not connect to host ddatsh.com: did not receive HSTS header dden.website: could not connect to host dden.xyz: could not connect to host @@ -3339,20 +3643,23 @@ ddocu.me: did not receive HSTS header ddos-mitigation.co.uk: could not connect to host ddos-mitigation.info: could not connect to host de-servers.de: could not connect to host +de-spil.be: could not connect to host deadmann.com: could not connect to host -deadsoul.net: max-age too low: 0 +deadsoul.net: could not connect to host +deanjerkovich.com: could not connect to host debank.tv: did not receive HSTS header debatch.se: could not connect to host debian-vhost.de: could not connect to host debiton.dk: could not connect to host debitoutil.com: did not receive HSTS header +debitpaie.com: did not receive HSTS header deborahmarinelli.eu: could not connect to host debtkit.co.uk: did not receive HSTS header debtprotectionreporting.com: did not receive HSTS header decafu.co: could not connect to host decentralizedweb.net: did not receive HSTS header decesus.com: could not connect to host -decibelios.li: could not connect to host +decibelios.li: max-age too low: 0 decloverly.com: did not receive HSTS header deco.me: could not connect to host decoboutique.com: did not receive HSTS header @@ -3367,10 +3674,10 @@ decoyrouting.com: could not connect to host dedeo.tk: did not receive HSTS header dedicatutiempo.es: could not connect to host dedietrich-asia.com: could not connect to host +deep.club: could not connect to host deepcovelabs.net: could not connect to host deepcreampie.com: could not connect to host deepearth.uk: could not connect to host -deephill.com: could not connect to host deeprecce.com: could not connect to host deeprecce.link: could not connect to host deeprecce.tech: could not connect to host @@ -3380,6 +3687,7 @@ deepvalley.tech: could not connect to host deepvision.com.ua: did not receive HSTS header deetz.nl: did not receive HSTS header deetzen.de: did not receive HSTS header +def-pos.ru: could not connect to host defi-metier.com: did not receive HSTS header defi-metier.fr: did not receive HSTS header defi-metier.org: could not connect to host @@ -3391,7 +3699,7 @@ defimetier.fr: could not connect to host defimetier.org: did not receive HSTS header defimetiers.com: did not receive HSTS header defimetiers.fr: did not receive HSTS header -degroetenvanrosaline.nl: did not receive HSTS header +degroetenvanrosaline.nl: could not connect to host deight.co: could not connect to host deight.in: could not connect to host dekasan.ru: could not connect to host @@ -3401,10 +3709,10 @@ deliberatedigital.com: [Exception... "Component returned failure code: 0x8000400 deliver.moe: did not receive HSTS header deliverance.co.uk: could not connect to host deloittequant.com: could not connect to host -deltaconcepts.de: did not receive HSTS header +deltaconcepts.de: could not connect to host delvj.org: could not connect to host -demandware.com: could not connect to host -demarche-expresse.com: could not connect to host +demandware.com: did not receive HSTS header +demarche-expresse.com: did not receive HSTS header demdis.org: could not connect to host demilitarized.ninja: could not connect to host demo-server.us: could not connect to host @@ -3413,8 +3721,6 @@ democracy.io: did not receive HSTS header democraticdifference.com: did not receive HSTS header demomanca.com: did not receive HSTS header demotops.com: could not connect to host -dempsters.ca: max-age too low: 86400 -dengchangdong.com: could not connect to host denh.am: did not receive HSTS header denisjean.fr: could not connect to host dennispotter.eu: did not receive HSTS header @@ -3431,12 +3737,14 @@ depedtayo.ph: could not connect to host depijl-mz.nl: did not receive HSTS header depixion.agency: could not connect to host depo.space: could not connect to host +deprobe.pro: could not connect to host +depth-co.jp: could not connect to host dequehablamos.es: could not connect to host derbyshiredotnet.co.uk: did not receive HSTS header derchris.me: could not connect to host derekseaman.com: did not receive HSTS header derekseaman.studio: did not receive HSTS header -derevtsov.com: did not receive HSTS header +derevtsov.com: could not connect to host derivativeshub.pro: could not connect to host derive.cc: could not connect to host dermacarecomplex.com: could not connect to host @@ -3463,31 +3771,38 @@ detecte-fuite.ch: could not connect to host detecte.ch: could not connect to host detectefuite.ch: could not connect to host detector.exposed: could not connect to host -detest.org: could not connect to host +detest.org: did not receive HSTS header dethikiemtra.com: did not receive HSTS header +detroitrocs.org: did not receive HSTS header detteflies.com: max-age too low: 7889238 detutorial.com: max-age too low: 36000 +deuchnord.fr: could not connect to host deusu.de: could not connect to host deusu.org: could not connect to host +deux.solutions: could not connect to host +deuxsol.co: could not connect to host +deuxsol.com: could not connect to host +deuxsolutions.com: could not connect to host deuxvia.com: could not connect to host dev: could not connect to host dev-aegon.azurewebsites.net: did not receive HSTS header dev-bluep.pantheonsite.io: did not receive HSTS header dev-talk.eu: did not receive HSTS header -dev-talk.net: could not connect to host +dev-talk.net: did not receive HSTS header devafterdark.com: could not connect to host devdesco.com: could not connect to host +devdom.io: max-age too low: 172800 develop.fitness: could not connect to host +developermail.io: did not receive HSTS header developersclub.website: could not connect to host developyourelement.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] devh.de: could not connect to host deviltraxxx.de: could not connect to host devin-balimuhac.de: did not receive HSTS header devincrow.me: could not connect to host -devinpacker.com: did not receive HSTS header +devinpacker.com: could not connect to host devisonline.ch: could not connect to host devistravaux.org: did not receive HSTS header -devkit.cc: could not connect to host devlux.ch: did not receive HSTS header devmsg.com: did not receive HSTS header devnsec.com: could not connect to host @@ -3495,15 +3810,16 @@ devnull.team: could not connect to host devopps.me: did not receive HSTS header devops.moe: could not connect to host devopsconnected.com: could not connect to host -devpsy.info: could not connect to host devtestfan1.gov: could not connect to host devtub.com: could not connect to host devuan.org: did not receive HSTS header dewebwerf.nl: did not receive HSTS header dewin.io: could not connect to host dfixit.com: could not connect to host +dfl.mn: could not connect to host dfrance.com.br: did not receive HSTS header dfviana.com.br: max-age too low: 2592000 +dgby.org: did not receive HSTS header dggwp.de: did not receive HSTS header dharamkot.com: could not connect to host dharma.ai: did not receive HSTS header @@ -3515,10 +3831,10 @@ dhub.xyz: could not connect to host dhxxls.com: could not connect to host diablotine.rocks: could not connect to host diabolic.chat: could not connect to host -diagnocentro.cl: could not connect to host diagnosia.com: did not receive HSTS header diagonale-deco.fr: did not receive HSTS header -diamondcare.com.br: could not connect to host +dialoegue.com: did not receive HSTS header +diamondcare.com.br: did not receive HSTS header diamondpkg.org: could not connect to host diamondt.us: did not receive HSTS header dianlujitao.com: did not receive HSTS header @@ -3534,13 +3850,14 @@ dicio.com.br: did not receive HSTS header dicionariofinanceiro.com: did not receive HSTS header dicionariopopular.com: did not receive HSTS header dick.red: could not connect to host -didierlaumen.be: could not connect to host -die-besten-weisheiten.de: did not receive HSTS header +dickpics.ru: could not connect to host +didierlaumen.be: did not receive HSTS header +die-besten-weisheiten.de: could not connect to host die-gruenen-teufel.de: could not connect to host dieb.photo: could not connect to host -diegobarrosmaia.com.br: could not connect to host diejanssens.net: did not receive HSTS header diemogebhardt.com: could not connect to host +dierencompleet.nl: did not receive HSTS header dierenkruiden.nl: did not receive HSTS header dieser.me: could not connect to host dietagespresse.com: did not receive HSTS header @@ -3551,12 +3868,15 @@ diggable.co: max-age too low: 2592000 digihyp.ch: could not connect to host digikol.net: could not connect to host diginota.com: did not receive HSTS header +digioccumss.ddns.net: could not connect to host digired.xyz: could not connect to host +digital1world.com: did not receive HSTS header digitalbank.kz: could not connect to host digitalcloud.ovh: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] digitalcraftmarketing.co.uk: did not receive HSTS header digitaldaddy.net: did not receive HSTS header digitalero.rip: did not receive HSTS header +digitalewelten.de: could not connect to host digitalexhale.com: did not receive HSTS header digitalhurricane.io: did not receive HSTS header digitalimpostor.co.uk: could not connect to host @@ -3572,7 +3892,7 @@ digiworks.se: did not receive HSTS header diguass.us: could not connect to host dijks.com: could not connect to host dikshant.net: could not connect to host -diletec.com.br: did not receive HSTS header +diletec.com.br: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] dillynbarber.com: did not receive HSTS header dim.lighting: could not connect to host dimes.com.tr: did not receive HSTS header @@ -3580,10 +3900,11 @@ dimitrisotiropoulosbooks.com: max-age too low: 7889238 din-tools.com: did not receive HSTS header dinamoelektrik.com: could not connect to host dingcc.com: could not connect to host -dingcc.me: could not connect to host -dingcc.org: did not receive HSTS header +dingcc.org: could not connect to host dingcc.xyz: could not connect to host +dingelbob-schuhcreme.gq: could not connect to host dingss.com: could not connect to host +dinheirolucrar.com: did not receive HSTS header dinkum.online: could not connect to host dinotv.at: could not connect to host dintillat.fr: could not connect to host @@ -3592,6 +3913,7 @@ dionysus.se: could not connect to host dipconsultants.com: could not connect to host direct2uk.com: could not connect to host directhskincream.com: could not connect to host +directinsure.in: did not receive HSTS header directorinegocis.cat: could not connect to host directtwo.solutions: could not connect to host directtwosolutions.org: could not connect to host @@ -3599,9 +3921,10 @@ directwatertanks.co.uk: did not receive HSTS header direnv.net: did not receive HSTS header direwolfsoftware.ca: could not connect to host dirk-weise.de: could not connect to host +dirkwolf.de: could not connect to host dirtycat.ru: could not connect to host disadattamentolavorativo.it: could not connect to host -disclosure.io: could not connect to host +disclosure.io: did not receive HSTS header disco-crazy-world.de: could not connect to host discord-chan.net: could not connect to host discountmania.eu: did not receive HSTS header @@ -3612,13 +3935,13 @@ discoverrsv.com: did not receive HSTS header discoverwellness.center: did not receive HSTS header discovery.lookout.com: did not receive HSTS header discoveryballoon.org: could not connect to host -discoveryottawa.ca: did not receive HSTS header disking.co.uk: did not receive HSTS header dislocated.de: did not receive HSTS header +dismail.de: did not receive HSTS header disorderboutique.com: did not receive HSTS header -displayideas.gr: max-age too low: 0 disruptivelabs.net: could not connect to host disruptivelabs.org: could not connect to host +dissieux.com: did not receive HSTS header dissimulo.me: could not connect to host distinctivephotography.com.au: could not connect to host distinguishedwindows.co.uk: did not receive HSTS header @@ -3630,35 +3953,34 @@ dittvertshus.no: could not connect to host diva-ey.com: could not connect to host divegearexpress.com.cn: did not receive HSTS header diversity-spielzeug.de: did not receive HSTS header -divingwithnic.com: could not connect to host divvi.co.nz: did not receive HSTS header -divvymonkey.com: did not receive HSTS header divvyradio.com: did not receive HSTS header diwei.vip: did not receive HSTS header dixiediner.com: did not receive HSTS header dixmag.com: could not connect to host -diz.in.ua: could not connect to host +diz.in.ua: did not receive HSTS header dizihocasi.com: could not connect to host dizorg.net: could not connect to host dj4et.de: could not connect to host -djieno.com: could not connect to host djul.net: could not connect to host djxmmx.net: did not receive HSTS header -djz4music.com: did not receive HSTS header dkniss.de: could not connect to host dko-steiermark.ml: did not receive HSTS header dl.google.com: did not receive HSTS header (error ignored - included regardless) -dlbouncers.co.uk: did not receive HSTS header +dlbouncers.co.uk: could not connect to host dlc.viasinc.com: could not connect to host dlemper.de: did not receive HSTS header +dlouwrink.nl: could not connect to host dlyl888.com: could not connect to host dmarketer.com: did not receive HSTS header dmcglobaltravel.com.mx: did not receive HSTS header dmcibulldog.com: did not receive HSTS header dmdre.com: did not receive HSTS header dmenergy.ru: did not receive HSTS header +dmfd.net: could not connect to host dmix.ca: could not connect to host dmlogic.com: could not connect to host +dmmkenya.co.ke: could not connect to host dmtry.me: did not receive HSTS header dmwall.cn: could not connect to host dmz.ninja: could not connect to host @@ -3666,19 +3988,21 @@ dnmaze.com: could not connect to host dns.google.com: did not receive HSTS header (error ignored - included regardless) dnsbird.net: could not connect to host dnsbird.org: could not connect to host -dnscrypt.org: could not connect to host +dnscrypt.nl: could not connect to host +dnscrypt.org: max-age too low: 0 dnsknowledge.com: did not receive HSTS header dnsql.io: could not connect to host do-do.tk: could not connect to host doak.io: did not receive HSTS header dobet.in: could not connect to host -doc-justice.com: could not connect to host +dobsnet.net: could not connect to host +doc-justice.com: did not receive HSTS header docid.io: could not connect to host +dockerturkiye.com: could not connect to host docket.news: could not connect to host -doclot.io: did not receive HSTS header +doclot.io: could not connect to host docplexus.in: did not receive HSTS header docset.io: could not connect to host -doctorsonmaps.com: could not connect to host docufiel.com: could not connect to host doculus.io: did not receive HSTS header documentations-sociales.com: could not connect to host @@ -3691,6 +4015,7 @@ dogespeed.ga: could not connect to host doggieholic.net: could not connect to host dognlife.com: could not connect to host dogoodbehappyllc.com: did not receive HSTS header +dogprograms.net: could not connect to host dohosting.ru: could not connect to host dojifish.space: could not connect to host dojin.nagoya: could not connect to host @@ -3702,8 +4027,9 @@ dollarstore24.com: could not connect to host dollywiki.co.uk: could not connect to host dolphin-cloud.com: could not connect to host dolphin-hosting.com: could not connect to host -dolphincorp.co.uk: did not receive HSTS header +dolphincorp.co.uk: could not connect to host dolphinswithlasers.com: could not connect to host +dolt.xyz: did not receive HSTS header domaine-aigoual-cevennes.com: did not receive HSTS header domainelaremejeanne.com: did not receive HSTS header domaris.de: did not receive HSTS header @@ -3713,17 +4039,18 @@ domenicocatelli.com: did not receive HSTS header domfee.com: could not connect to host dominikanskarepubliken.guide: could not connect to host dominioanimal.com: could not connect to host -dominique-mueller.de: did not receive HSTS header +dominique-mueller.de: could not connect to host don.yokohama: could not connect to host donateway.com: did not receive HSTS header dong8.top: could not connect to host donhoward.org: did not receive HSTS header donmez.uk: could not connect to host donmez.ws: could not connect to host +donnoval.ru: could not connect to host donotcall.gov: did not receive HSTS header donotspampls.me: could not connect to host donotspellitgav.in: did not receive HSTS header -donsbach-edv.de: did not receive HSTS header +donpaginasweb.com: did not receive HSTS header donthedragonwilson.com: could not connect to host dontpayfull.com: did not receive HSTS header donttrustrobots.nl: could not connect to host @@ -3735,22 +4062,20 @@ dooku.cz: could not connect to host doomleika.com: did not receive HSTS header doooonoooob.com: could not connect to host dopost.it: could not connect to host -dorfbaeck.at: did not receive HSTS header -doridian.com: could not connect to host -doridian.de: could not connect to host -doridian.org: could not connect to host doriginal.es: did not receive HSTS header dorkfarm.com: did not receive HSTS header dormebebe.com.br: could not connect to host dosipe.com: could not connect to host doska.kz: could not connect to host dostavkakurierom.ru: could not connect to host -dot42.no: could not connect to host +dotacni-parazit.cz: could not connect to host dotadata.me: could not connect to host +dotb.dn.ua: did not receive HSTS header dotbrick.co.th: did not receive HSTS header dotkod.com: could not connect to host dotnetsandbox.ca: could not connect to host dotspaperie.com: could not connect to host +doubleaste.com: did not receive HSTS header doublethink.online: could not connect to host doubleyummy.uk: did not receive HSTS header dougferris.id.au: could not connect to host @@ -3766,14 +4091,15 @@ download.jitsi.org: did not receive HSTS header downsouthweddings.com.au: did not receive HSTS header doyoulyft.com: could not connect to host dpangerl.de: did not receive HSTS header -dpg.no: could not connect to host dps.srl: did not receive HSTS header dpsart.it: did not receive HSTS header +dr-knirr.de: could not connect to host dr2dr.ca: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -drabim.org: did not receive HSTS header +drabbin.com: could not connect to host draghive.club: did not receive HSTS header draghive.net: could not connect to host draghive.photos: did not receive HSTS header +dragoncityhack.tips: could not connect to host dragonisles.net: could not connect to host dragons-of-highlands.cz: did not receive HSTS header dragonsmoke.cloud: could not connect to host @@ -3789,7 +4115,7 @@ drastosasports.com.br: could not connect to host drawvesly.ovh: did not receive HSTS header drdevil.ru: could not connect to host dreadbyte.com: could not connect to host -dreadd.org: did not receive HSTS header +dreadd.org: could not connect to host dreamaholic.club: could not connect to host dreamcatcherblog.de: could not connect to host dreaming.solutions: could not connect to host @@ -3797,7 +4123,7 @@ dreamlighteyeserum.com: could not connect to host dreamof.net: could not connect to host dreamsforabetterworld.com.au: did not receive HSTS header dredgepress.com: did not receive HSTS header -dreischneidiger.de: did not receive HSTS header +dreischneidiger.de: could not connect to host dreizwosechs.de: could not connect to host drewgle.net: could not connect to host drhopeson.com: could not connect to host @@ -3831,7 +4157,7 @@ droomhuis-in-zeeland-kopen.nl: could not connect to host droomhuis-in-zuid-holland-kopen.nl: could not connect to host droomhuisindestadverkopen.nl: could not connect to host droomhuisophetplattelandverkopen.nl: could not connect to host -dropcam.com: did not receive HSTS header +dropcam.com: could not connect to host drostschocolates.com: did not receive HSTS header drpure.pw: did not receive HSTS header drtroyhendrickson.com: could not connect to host @@ -3839,7 +4165,6 @@ drtti.io: could not connect to host drturner.com.au: did not receive HSTS header drugagodba.si: did not receive HSTS header drumbandesperanto.nl: could not connect to host -drummondframing.com: could not connect to host drupal123.com: could not connect to host druznek.rocks: could not connect to host druznek.xyz: could not connect to host @@ -3849,8 +4174,11 @@ drybasementkansas.com: did not receive HSTS header drycreekapiary.com: could not connect to host ds-christiansen.de: could not connect to host dshiv.io: could not connect to host +dsouzamusic.com: could not connect to host +dsuinnovation.com: could not connect to host +dsyunmall.com: could not connect to host +dtp-mstdn.jp: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] dtub.co: could not connect to host -dtx.sk: could not connect to host duan.li: could not connect to host dubik.su: did not receive HSTS header duckyubuntu.tk: could not connect to host @@ -3858,8 +4186,8 @@ ducohosting.com: did not receive HSTS header dudesunderwear.com.br: could not connect to host duelsow.eu: could not connect to host duelysthub.com: could not connect to host -duerls.de: did not receive HSTS header -duesee.org: could not connect to host +duerls.de: could not connect to host +dugnet.tech: could not connect to host dujsq.com: could not connect to host dujsq.top: could not connect to host dukec.me: did not receive HSTS header @@ -3867,42 +4195,47 @@ dukefox.com: could not connect to host duks.com.br: did not receive HSTS header dullsir.com: did not receive HSTS header dunashoes.com: could not connect to host -dune.io: could not connect to host +dundalkdonnie.com: could not connect to host +dune.io: did not receive HSTS header dunea.nl: did not receive HSTS header dung-massage.fr: did not receive HSTS header -dungi.org: did not receive HSTS header +dunklau.fr: could not connect to host duo.money: could not connect to host duole30.com: could not connect to host -duoluodeyu.com: could not connect to host duongpho.com: did not receive HSTS header durangoenergyllc.com: could not connect to host dushu.cat: could not connect to host duskopy.top: could not connect to host +dutchessuganda.com: did not receive HSTS header dutchrank.com: did not receive HSTS header dutyfreeonboard.com: did not receive HSTS header duuu.ch: could not connect to host duyao.de: max-age too low: 86400 -dv189.com: did not receive HSTS header dvotx.org: did not receive HSTS header dwellstudio.com: did not receive HSTS header dwhd.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] dwnld.me: could not connect to host dycem-ns.com: did not receive HSTS header +dycoa.com: did not receive HSTS header dycontrol.de: could not connect to host dylanscott.com.au: did not receive HSTS header dynamic-innovations.net: could not connect to host dynamic-networks.be: could not connect to host +dynamictostatic.com: could not connect to host dynamize.solutions: did not receive HSTS header +dyncdn.me: could not connect to host dynts.pro: could not connect to host +dyz.pw: did not receive HSTS header dziekonski.com: could not connect to host dzimejl.sk: did not receive HSTS header dzlibs.io: could not connect to host +dzsibi.com: could not connect to host dzytdl.com: did not receive HSTS header e-aut.net: could not connect to host -e-baraxolka.ru: could not connect to host e-deca2.org: did not receive HSTS header e-isfa.eu: did not receive HSTS header e-mak.eu: could not connect to host +e-migration.ch: could not connect to host e-newshub.com: could not connect to host e-pokupki.eu: did not receive HSTS header e-rickroll-r.pw: could not connect to host @@ -3917,6 +4250,7 @@ e3amn2l.com: could not connect to host e3kids.com: did not receive HSTS header e3q.de: could not connect to host e505.net: did not receive HSTS header +e51888.com: could not connect to host eagle-aluminum.com: did not receive HSTS header eagle-yard.de: could not connect to host eagleridgecampground.com: could not connect to host @@ -3927,6 +4261,7 @@ earlybirdsnacks.com: could not connect to host earth-people.org: could not connect to host earthrise16.com: could not connect to host easew.com: could not connect to host +eastcoastinflatables.co.uk: did not receive HSTS header easthokkaido-5airport.jp: did not receive HSTS header eastmidlandsstargazers.org.uk: did not receive HSTS header eastmontgroup.com: did not receive HSTS header @@ -3934,9 +4269,10 @@ easy-factures.fr: could not connect to host easychiller.org: could not connect to host easykonto.de: could not connect to host easyplane.it: did not receive HSTS header -easysimplecrm.com: did not receive HSTS header -eat-mine.ml: max-age too low: 0 +easyreal.ru: could not connect to host +easysimplecrm.com: could not connect to host eat-the-world.ch: could not connect to host +eat4happiness.com: did not receive HSTS header eatfitoutlet.com.br: could not connect to host eatlowcarb.de: did not receive HSTS header eattherich.us: did not receive HSTS header @@ -3960,9 +4296,11 @@ eccux.com: could not connect to host ecfs.link: could not connect to host ecg.fr: could not connect to host echipstore.com: did not receive HSTS header -echomanchester.net: did not receive HSTS header +echo.cc: could not connect to host +echomanchester.net: could not connect to host echoteen.com: did not receive HSTS header eckro.com: did not receive HSTS header +ecodedi.com: did not receive HSTS header ecole-en-danger.fr: could not connect to host ecole-iaf.fr: could not connect to host ecole-maternelle-saint-joseph.be: could not connect to host @@ -3972,13 +4310,13 @@ ecomlane.com: could not connect to host ecomparemo.com: did not receive HSTS header econativa.pt: could not connect to host economy.st: did not receive HSTS header +economycarrentalscyprus.com: could not connect to host ecorus.eu: did not receive HSTS header +ecosoftconsult.com: could not connect to host ecotruck-pooling.com: did not receive HSTS header -ecpannualmeeting.com: could not connect to host ecrimex.net: did not receive HSTS header ectora.com: could not connect to host ed-matters.org: did not receive HSTS header -edanni.io: could not connect to host edati.lv: could not connect to host edcphenix.tk: could not connect to host eddmixpanel.com: could not connect to host @@ -3989,30 +4327,33 @@ eden-noel.at: could not connect to host edenaya.com: could not connect to host edenmal.net: did not receive HSTS header edenvaleplumber24-7.co.za: did not receive HSTS header +edenvalerubbleremovals.co.za: did not receive HSTS header edgecustomersportal.com: could not connect to host edgereinvent.com: did not receive HSTS header +edh.email: did not receive HSTS header edhrealtor.com: did not receive HSTS header edilservizi.it: did not receive HSTS header edilservizivco.it: did not receive HSTS header -ediscomp.sk: did not receive HSTS header +edisonchee.com: could not connect to host edissecurity.sk: did not receive HSTS header edition-pommern.com: did not receive HSTS header editoraacademiacrista.com.br: could not connect to host edix.ru: could not connect to host edk.com.tr: did not receive HSTS header -edpubs.gov: could not connect to host edsh.de: did not receive HSTS header +eduardnikolenko.com: could not connect to host +eduardnikolenko.ru: could not connect to host educaid.be: did not receive HSTS header educatio.tech: could not connect to host educatoys.com.br: could not connect to host educatweb.de: did not receive HSTS header educnum.fr: did not receive HSTS header educourse.ga: could not connect to host -eductf.org: could not connect to host eduif.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] eduvance.in: did not receive HSTS header +edvgarbe.de: could not connect to host ee-terminals.com: could not connect to host -eeb98.com: did not receive HSTS header +eeb98.com: could not connect to host eeetrust.org: could not connect to host eenekorea.com: could not connect to host eengezinswoning-in-alphen-aan-den-rijn-kopen.nl: could not connect to host @@ -4028,12 +4369,16 @@ eengezinswoning-in-zuidplas-kopen.nl: could not connect to host eengezinswoning-in-zwartewaterland-kopen.nl: could not connect to host eengezinswoningverkopen.nl: could not connect to host eenhoorn.ga: could not connect to host +eeqj.com: did not receive HSTS header eesistumine2017.ee: could not connect to host eez.ee: could not connect to host effectiveosgi.com: could not connect to host +effectivepapers.com: could not connect to host efficienthealth.com: did not receive HSTS header effortlesshr.com: did not receive HSTS header +efinity.io: did not receive HSTS header eftcorp.biz: max-age too low: 0 +egfl.org.uk: did not receive HSTS header egge.com: max-age too low: 0 egit.co: could not connect to host ego-world.org: did not receive HSTS header @@ -4047,12 +4392,17 @@ ehuber.info: could not connect to host eicfood.com: could not connect to host eidolonhost.com: did not receive HSTS header eifelindex.de: did not receive HSTS header +eiga-movie.com: max-age too low: 0 eigenbubi.de: could not connect to host +eightyfour.ca: could not connect to host eigo.work: could not connect to host -eimanavicius.lt: did not receive HSTS header +eimanavicius.lt: could not connect to host einfachmaldiefressehalten.de: could not connect to host einhorn.space: could not connect to host +einmonolog.de: could not connect to host einsatzstiefel.info: could not connect to host +einsit.com: could not connect to host +einsitapis.com: could not connect to host ejgconsultancy.co.uk: did not receive HSTS header ejusu.com: did not receive HSTS header ekbanden.nl: could not connect to host @@ -4067,13 +4417,15 @@ elanguest.ro: could not connect to host elanguest.ru: could not connect to host elaxy-online.de: could not connect to host elblein.de: did not receive HSTS header +elderoost.com: could not connect to host elearningpilot.com: did not receive HSTS header -electicofficial.com: could not connect to host +electicofficial.com: did not receive HSTS header electricalcontrolpanels.co.uk: could not connect to host electricant.com: did not receive HSTS header electricant.nl: did not receive HSTS header electriccitysf.com: could not connect to host -electrician-umhlanga.co.za: could not connect to host +electricfencealberton.co.za: did not receive HSTS header +electrician-umhlanga.co.za: did not receive HSTS header electricianforum.co.uk: did not receive HSTS header electricianumhlangarocks.co.za: did not receive HSTS header electricoperaduo.com: did not receive HSTS header @@ -4082,7 +4434,7 @@ eled.io: could not connect to host elektronring.com: could not connect to host element-43.com: did not receive HSTS header elementalict.com: did not receive HSTS header -elementalrobotics.com: did not receive HSTS header +elementalrobotics.com: could not connect to host elemenx.com: did not receive HSTS header elemprendedor.com.ve: could not connect to host elena-baykova.ru: did not receive HSTS header @@ -4094,29 +4446,30 @@ eleonorengland.com: did not receive HSTS header eletesstilus.hu: could not connect to host elevateandprosper.com: could not connect to host elgacien.de: could not connect to host -elglobo.com.mx: max-age too low: 86400 elguillatun.cl: did not receive HSTS header elhall.pro: did not receive HSTS header elhall.ru: did not receive HSTS header +elia.cloud: could not connect to host elias-nicolas.com: could not connect to host eliasojala.me: did not receive HSTS header elimdengelen.com: did not receive HSTS header eliott.be: could not connect to host -elistor6100.xyz: did not receive HSTS header elite-box.com: did not receive HSTS header elite-box.org: did not receive HSTS header +elite-porno.ru: could not connect to host elitecovering.fr: did not receive HSTS header elitefishtank.com: could not connect to host -elitesensual.com.br: did not receive HSTS header -ellegaard.dk: could not connect to host +elitesensual.com.br: could not connect to host ellen-skye.de: max-age too low: 604800 elliotgluck.com: did not receive HSTS header +elliquiy.com: could not connect to host elmar-kraamzorg.nl: did not receive HSTS header elna-service.com.ua: did not receive HSTS header elnutricionista.es: could not connect to host elohna.ch: did not receive HSTS header elonbase.com: could not connect to host elpay.kz: did not receive HSTS header +elpo.net: could not connect to host elpo.xyz: could not connect to host elsamakhin.com: could not connect to host elsemanario.com: did not receive HSTS header @@ -4124,16 +4477,21 @@ elsensohn.ch: did not receive HSTS header elsitar.com: could not connect to host elsword.moe: could not connect to host eltransportquevolem.org: could not connect to host +eltrox.me: could not connect to host +elyisus.info: could not connect to host elytronsecurity.com: could not connect to host email.lookout.com: could not connect to host email2rss.net: could not connect to host emanatepixels.com: could not connect to host emanga.su: did not receive HSTS header -emavok.eu: did not receive HSTS header +emanuelduss.ch: did not receive HSTS header +emavok.eu: could not connect to host embellir-aroma.com: could not connect to host embellir-kyujin.com: could not connect to host embracethedarkness.co.uk: could not connect to host embroidered-stuff.com: could not connect to host +embudospro.net: did not receive HSTS header +emedworld.com: did not receive HSTS header emeldi-commerce.com: max-age too low: 0 emergencymedicinefoundations.com: did not receive HSTS header emergentvisiontec.com: did not receive HSTS header @@ -4146,6 +4504,7 @@ eminovic.me: could not connect to host emjainteractive.com: did not receive HSTS header emjimadhu.com: could not connect to host emmable.com: could not connect to host +emmaliddell.com: did not receive HSTS header emmanuelle-et-julien.ch: could not connect to host emmdy.com: did not receive HSTS header emmehair.com: could not connect to host @@ -4162,11 +4521,14 @@ employeestore.org: did not receive HSTS header emporiovinareal.com.br: could not connect to host empty-r.com: could not connect to host emptypath.com: did not receive HSTS header +emyself.info: could not connect to host en4u.org: could not connect to host enaia.fr: did not receive HSTS header +encadrer-mon-enfant.com: did not receive HSTS header encode.space: could not connect to host encode.uk.com: did not receive HSTS header encoder.pw: could not connect to host +encoderx.uk: could not connect to host encontrebarato.com.br: did not receive HSTS header encrypted.google.com: did not receive HSTS header (error ignored - included regardless) encryptedaudience.com: could not connect to host @@ -4184,24 +4546,31 @@ endohaus.us: could not connect to host endspamwith.us: could not connect to host enecoshop.nl: did not receive HSTS header enefan.jp: could not connect to host +energethik-tulln.at: did not receive HSTS header +enersaveapp.org: could not connect to host +enersec.co.uk: could not connect to host +enfoqueseguro.com: did not receive HSTS header enginsight.com: did not receive HSTS header +enginx.cn: could not connect to host englerts.de: did not receive HSTS header +englishclub.com: did not receive HSTS header englishdirectory.de: could not connect to host englishyamal.ru: did not receive HSTS header enigmacpt.com: did not receive HSTS header enigmail.net: did not receive HSTS header -enixgaming.com: could not connect to host enjen.net: did not receive HSTS header enjoymayfield.com: max-age too low: 0 -enlighten10x.ga: max-age too low: 0 +enjoystudio.ro: did not receive HSTS header +enlatte.com: did not receive HSTS header +enlightened.si: could not connect to host enoou.com: could not connect to host -enpalmademallorca.info: did not receive HSTS header +enpalmademallorca.info: could not connect to host ensemble-vos-idees.fr: could not connect to host entaurus.com: could not connect to host enteente.club: could not connect to host +enteente.com: could not connect to host enteente.space: could not connect to host enteente.xyz: could not connect to host -entercenter.ru: could not connect to host enterdev.co: did not receive HSTS header enterprisecarclub.co.uk: did not receive HSTS header enterprivacy.com: did not receive HSTS header @@ -4211,22 +4580,46 @@ entrepreneur.or.id: could not connect to host enum.eu.org: could not connect to host enumify.com: could not connect to host envelope.co.nz: could not connect to host +enviam.de: did not receive HSTS header enviapresentes.com.br: could not connect to host enviatufoto.com: max-age too low: 604800 +environment.ai: could not connect to host +envoyworld.com: did not receive HSTS header envygeeks.com: could not connect to host eol34.com: could not connect to host eoldb.org: could not connect to host eolme.ml: could not connect to host epanurse.com: could not connect to host epaygateway.net: could not connect to host -epdeveloperchallenge.com: did not receive HSTS header +ephe.be: could not connect to host ephry.com: could not connect to host epicmc.games: could not connect to host epitesz.co: did not receive HSTS header +epos-distributor.co.uk: could not connect to host +eposbirmingham.co.uk: could not connect to host +eposbrighton.co.uk: could not connect to host +eposbristol.co.uk: could not connect to host +eposcardiff.co.uk: could not connect to host eposcloud.net: could not connect to host +eposkent.co.uk: could not connect to host +eposleeds.co.uk: could not connect to host +eposleicester.co.uk: could not connect to host +eposliverpool.co.uk: could not connect to host +eposlondon.co.uk: could not connect to host +eposmidlands.co.uk: could not connect to host +eposnewport.co.uk: could not connect to host +eposnottingham.co.uk: could not connect to host +eposreading.co.uk: could not connect to host +eposreview.co.uk: could not connect to host +epossheffield.co.uk: could not connect to host +epossurrey.co.uk: could not connect to host +epossussex.co.uk: could not connect to host +eposswansea.co.uk: could not connect to host +epossystems.co.uk: could not connect to host +eposwales.co.uk: could not connect to host +eposyork.co.uk: could not connect to host epoxate.com: could not connect to host eprofitacademy.com: did not receive HSTS header -epsilon.dk: could not connect to host eq8.net.au: could not connect to host eqib.nl: did not receive HSTS header eqim.me: could not connect to host @@ -4250,55 +4643,71 @@ ericloud.tk: could not connect to host ericorporation.com: did not receive HSTS header ericyl.com: did not receive HSTS header eriel.com.br: could not connect to host -eriser.fr: did not receive HSTS header +erikwagner.de: did not receive HSTS header +erinlin.com: did not receive HSTS header +eriser.fr: could not connect to host ernaehrungsberatung-rapperswil.ch: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] ernaehrungsberatung-zurich.ch: could not connect to host ernesto.at: could not connect to host eroimatome.com: could not connect to host eromixx.com: could not connect to host +eroskines.com: did not receive HSTS header erotalia.es: could not connect to host erotic4me.ch: did not receive HSTS header -eroticforce.com: could not connect to host erotische-aanbiedingen.nl: could not connect to host +erotpo.cz: could not connect to host errolz.com: did not receive HSTS header errors.zenpayroll.com: could not connect to host erspro.net: could not connect to host eru.me: did not receive HSTS header erwinvanlonden.net: did not receive HSTS header +es8888.net: could not connect to host es888999.com: could not connect to host -esaborit.ddns.net: could not connect to host esafar.cz: did not receive HSTS header esb111.com: could not connect to host esb111.net: could not connect to host esb112.com: could not connect to host esb112.net: could not connect to host +esb1668.com: could not connect to host esb16888.com: could not connect to host +esb17888.com: could not connect to host esb222.net: could not connect to host esb555.com: could not connect to host +esb556.com: could not connect to host esb666.com: could not connect to host esb666.net: could not connect to host esb66666.com: could not connect to host esb688.com: could not connect to host esb68888.com: could not connect to host +esb777.cc: could not connect to host +esb777.com: could not connect to host +esb777.net: could not connect to host esb777.us: could not connect to host esb9588.info: did not receive HSTS header esb999.biz: could not connect to host +esb999.com: could not connect to host +esb999.info: could not connect to host esb999.us: could not connect to host +esba11.cc: could not connect to host +esba11.net: could not connect to host esba11.us: could not connect to host esball.in: could not connect to host +esball888.com: could not connect to host +esball888.net: could not connect to host esbuilders.co.nz: did not receive HSTS header -escael.org: did not receive HSTS header escalate.eu: could not connect to host escapees.com: did not receive HSTS header escolaengenharia.com.br: did not receive HSTS header escort-fashion.com: could not connect to host escortdisplay.com: could not connect to host -escortshotsexy.com: max-age too low: 2592000 +escortshotsexy.com: could not connect to host escotour.com: did not receive HSTS header escueladewordpress.com: did not receive HSTS header esec.rs: did not receive HSTS header eseth.de: did not receive HSTS header esh.ink: could not connect to host +eshepperd.com: did not receive HSTS header +eshtapay.com: could not connect to host esko.bar: could not connect to host esln.org: did not receive HSTS header esn-ypci.com: did not receive HSTS header @@ -4311,9 +4720,14 @@ espacemontmorency.com: did not receive HSTS header especificosba.com.mx: could not connect to host espo.com.ua: did not receive HSTS header espra.com: could not connect to host -espressivo.com.br: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +espressivo.com.br: did not receive HSTS header +esprit-cloture.fr: did not receive HSTS header esquonic.com: could not connect to host esrs.gov: could not connect to host +essayforum.com: could not connect to host +essaylib.com: could not connect to host +essayscam.org: could not connect to host +essayshark.com: could not connect to host essenceofvitalitydetox.com: could not connect to host essential12.com: could not connect to host essentialoilsimports.com: could not connect to host @@ -4323,11 +4737,13 @@ esseriumani.com: could not connect to host essexghosthunters.co.uk: did not receive HSTS header essplusmed.org: could not connect to host estaciona.guru: could not connect to host +estaleiro.org: could not connect to host estebanborges.com: did not receive HSTS header estespr.com: did not receive HSTS header estilosapeca.com: could not connect to host estland.guide: could not connect to host -estoic.net: could not connect to host +estoqueinformatica.com.br: could not connect to host +estudioamazonico.com: could not connect to host et-buchholz.de: could not connect to host et180.com: could not connect to host etangs-magazine.com: could not connect to host @@ -4348,20 +4764,20 @@ ethicall.org.uk: did not receive HSTS header ethil-faer.fr: could not connect to host ethiobaba.com: could not connect to host etidni.help: did not receive HSTS header -etincelle.ml: could not connect to host etk2000.com: did not receive HSTS header etmirror.top: could not connect to host etmirror.xyz: could not connect to host etoto.pl: did not receive HSTS header etproxy.tech: could not connect to host ets2mp.de: did not receive HSTS header +etskinner.com: did not receive HSTS header +etskinner.net: could not connect to host etsysecure.com: could not connect to host -ettebiz.com: did not receive HSTS header +ettebiz.com: max-age too low: 0 etula.ga: could not connect to host etula.me: could not connect to host etys.no: did not receive HSTS header euanbaines.com: did not receive HSTS header -eucl3d.com: could not connect to host euclideanpostulates.xyz: could not connect to host eucollegetours.com: could not connect to host euexia.fr: could not connect to host @@ -4373,35 +4789,38 @@ eung.ga: could not connect to host eupbor.com: could not connect to host euph.eu: could not connect to host eupho.me: could not connect to host -eupresidency2018.com: did not receive HSTS header +eupresidency2018.com: could not connect to host euren.se: could not connect to host eurocamping.se: could not connect to host euroescortguide.com: could not connect to host -europeancupinline.eu: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] euroshop24.net: could not connect to host +euroskano.nl: did not receive HSTS header eurospecautowerks.com: did not receive HSTS header eurostrategy.vn.ua: could not connect to host -eurotime.ua: could not connect to host evanhandgraaf.nl: did not receive HSTS header evankurniawan.com: did not receive HSTS header +evapp.org: could not connect to host evasion-energie.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] evasioncreole.com: could not connect to host evdenevenakliyatankara.pw: could not connect to host evecalm.com: did not receive HSTS header evedanjailbreak.com: could not connect to host -evegalaxy.net: did not receive HSTS header +evegalaxy.net: could not connect to host +evenstar-gaming.com: could not connect to host event64.ru: did not receive HSTS header eventmake.es: could not connect to host +eventplace.me: did not receive HSTS header events12.com: did not receive HSTS header -eventsafrica.net: did not receive HSTS header +eventsafrica.net: could not connect to host everyarti.st: could not connect to host everybooks.com: could not connect to host +everyday.eu.org: could not connect to host everydaytherich.com: max-age too low: 7776000 -everygayporn.com: could not connect to host +everydaywot.com: could not connect to host everygayporn.xyz: could not connect to host everylab.org: could not connect to host everymove.org: could not connect to host -everything.place: did not receive HSTS header +everything.place: could not connect to host everytruckjob.com: did not receive HSTS header eveseat.net: could not connect to host eveshaiwu.com: could not connect to host @@ -4419,37 +4838,40 @@ evowl.com: could not connect to host ewallet-optimizer.com: did not receive HSTS header ewex.org: could not connect to host eworksmedia.com: could not connect to host +exampleessays.com: could not connect to host excelgum.ca: did not receive HSTS header exceptionalbits.com: did not receive HSTS header -exceptionalservers.com: did not receive HSTS header exceptionalservices.us: could not connect to host exchangecoordinator.com: could not connect to host -execution.biz.tr: could not connect to host exembit.com: did not receive HSTS header exfiles.cz: did not receive HSTS header +exgaywatch.com: could not connect to host exgravitus.com: could not connect to host exno.co: could not connect to host exo.do: could not connect to host +exoticads.com: could not connect to host exousiakaidunamis.xyz: could not connect to host expanddigital.media: did not receive HSTS header expatads.com: could not connect to host +expatriate.pl: did not receive HSTS header +expecting.com.br: could not connect to host experticon.com: did not receive HSTS header -expertmile.com: could not connect to host +expertmile.com: did not receive HSTS header explodie.org: could not connect to host explodingcamera.com: did not receive HSTS header exploit-db.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] exploit.cz: did not receive HSTS header -expo-designers.com: did not receive HSTS header -expo-larionov.org: did not receive HSTS header +expo-designers.com: could not connect to host +expokohler.com: could not connect to host expoort.com.br: could not connect to host expoundite.net: could not connect to host expowerhps.com: did not receive HSTS header +expressemotion.net: could not connect to host expressfinance.co.za: did not receive HSTS header -extensibility.biz.tr: could not connect to host exteriorservices.io: could not connect to host extramoney.cash: did not receive HSTS header extrathemeshowcase.net: could not connect to host -extratorrent.cool: did not receive HSTS header +extratorrent.cool: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] extratorrent.fyi: could not connect to host extratorrent.red: could not connect to host extratorrent.world: could not connect to host @@ -4458,15 +4880,18 @@ extratorrents.tech: could not connect to host extreemhost.nl: did not receive HSTS header extremenetworking.net: could not connect to host exy.pw: could not connect to host +eyasc.nl: did not receive HSTS header eyedarts.com: did not receive HSTS header eyeglassuniverse.com: did not receive HSTS header eyenote.gov: did not receive HSTS header eyes-of-universe.eu: did not receive HSTS header eyesoccer-didikh.rhcloud.com: could not connect to host +eyps.net: did not receive HSTS header eytosh.net: could not connect to host ez.fi: could not connect to host ezimoeko.net: could not connect to host ezmod.org: could not connect to host +eznfe.com: could not connect to host ezorgportaal.nl: could not connect to host ezrefurb.co.uk: did not receive HSTS header eztv.ch: did not receive HSTS header @@ -4476,11 +4901,13 @@ f00.ca: did not receive HSTS header f1bigpicture.com: could not connect to host f2f.cash: could not connect to host f42.net: could not connect to host +f5movies.top: could not connect to host f8842.com: could not connect to host f9digital.com: did not receive HSTS header faber.io: could not connect to host faberusa.com: did not receive HSTS header fabhub.io: could not connect to host +fabian-fingerle.de: could not connect to host fabian-kluge.de: could not connect to host fabianfischer.de: did not receive HSTS header fabianmunoz.com: did not receive HSTS header @@ -4489,6 +4916,7 @@ fabled.com: did not receive HSTS header fabriko.fr: did not receive HSTS header fabulouslyyouthfulskin.com: could not connect to host fabulouslyyouthfulskineyeserum.com: could not connect to host +facebattle.com: could not connect to host facebook.ax: could not connect to host facebooktsukaikata.net: did not receive HSTS header facesnf.com: could not connect to host @@ -4506,27 +4934,25 @@ fafatiger.com: could not connect to host fag.wtf: could not connect to host fahmed.de: did not receive HSTS header faidanoi.it: did not receive HSTS header -fail4free.de: did not receive HSTS header failproof.be: max-age too low: 604800 faircom.co.za: did not receive HSTS header fairkey.dk: did not receive HSTS header fairlyoddtreasures.com: did not receive HSTS header faisalshuvo.com: did not receive HSTS header -faithindemocracy.eu: did not receive HSTS header faizan.net: did not receive HSTS header faizan.xyz: did not receive HSTS header -fakeletters.org: did not receive HSTS header +fakeletters.org: could not connect to host faktura.pl: did not receive HSTS header falcibiosystems.org: did not receive HSTS header falconwiz.com: did not receive HSTS header -falkhusemann.de: could not connect to host falkp.no: did not receive HSTS header falkus.net: could not connect to host +falldennismarketing.com: max-age too low: 2592000 fallenangeldrinks.eu: could not connect to host fallenangelspirits.uk: could not connect to host fallingapart.de: could not connect to host faluninfo.ba: did not receive HSTS header -fam-weyer.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +fam-weyer.de: could not connect to host fame-agency.net: could not connect to host famep.gov: could not connect to host famer.me: could not connect to host @@ -4537,26 +4963,31 @@ familie-zimmermann.at: could not connect to host famio.cn: did not receive HSTS header fan.gov: could not connect to host fanflow.com: did not receive HSTS header +fansmade.art: could not connect to host fant.dk: did not receive HSTS header fantasticgardenersmelbourne.com.au: did not receive HSTS header fantasticpestcontrolmelbourne.com.au: did not receive HSTS header fantasyfootballpundit.com: did not receive HSTS header fanyl.cn: could not connect to host faq.lookout.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +faradome.ws: could not connect to host faraonplay5.com: could not connect to host faraonplay7.com: could not connect to host faraonplay8.com: could not connect to host faraslot8.net: could not connect to host farces.com: could not connect to host faretravel.co.uk: could not connect to host +farhood.org: could not connect to host farkas.bz: did not receive HSTS header farm24.co.uk: could not connect to host farmacia.pt: did not receive HSTS header farmaciaformula.com.br: could not connect to host farmaciamedicom.com.br: could not connect to host -fascia.fit: max-age too low: 2592000 fashion.net: did not receive HSTS header fashioncare.cz: did not receive HSTS header +fashiondays.bg: max-age too low: 0 +fashiondays.hu: max-age too low: 0 +fashiondays.ro: max-age too low: 0 fashionholic.my: did not receive HSTS header fashionoutfits24.com: did not receive HSTS header fasset.jp: could not connect to host @@ -4578,32 +5009,39 @@ fatzebra.com.au: max-age too low: 0 favorit.club: did not receive HSTS header fawkex.me: could not connect to host faxreader.net: could not connect to host +fayntic.com: did not receive HSTS header fayolle.info: did not receive HSTS header -fbook.top: did not receive HSTS header +fbi.pw: did not receive HSTS header +fbook.top: could not connect to host fbox.li: could not connect to host fcapartsdb.com: could not connect to host +fcp.cn: could not connect to host fdj.im: could not connect to host +fdos.me: could not connect to host fdt.name: did not receive HSTS header feard.space: could not connect to host -fed51.com: did not receive HSTS header +fed51.com: could not connect to host fedbizopps.gov: could not connect to host fedemo.top: did not receive HSTS header federalregister.gov: did not receive HSTS header -federalreserveconsumerhelp.gov: could not connect to host fedn.it: could not connect to host fedo.moe: could not connect to host -fedpartnership.gov: could not connect to host feedstringer.com: could not connect to host feedthebot.com: did not receive HSTS header +fefelovalex.ru: could not connect to host fefore.com: did not receive HSTS header fegans.org.uk: did not receive HSTS header feirlane.org: could not connect to host +feisbed.com: could not connect to host +feist.io: could not connect to host feitobrasilcosmeticos.com.br: did not receive HSTS header -felett.es: could not connect to host felger-times.fr: could not connect to host feliwyn.fr: did not receive HSTS header +felixhefner.de: did not receive HSTS header +felixqu.com: did not receive HSTS header felixrr.pro: could not connect to host femaledom.xyz: could not connect to host +femdombbw.com: could not connect to host feminists.co: could not connect to host fengyadi.com: could not connect to host fenixhost.com.br: could not connect to host @@ -4625,10 +5063,13 @@ festival.house: did not receive HSTS header festrip.com: could not connect to host fetch.co.uk: did not receive HSTS header fetclips.se: could not connect to host +fetlife.com: could not connect to host fettbrot.tk: did not receive HSTS header feudaltactics.com: could not connect to host feuerwehr-dachaufsetzer.de: could not connect to host fexmen.com: could not connect to host +ff-bg.xyz: could not connect to host +ffb.gov: could not connect to host ffh.me: could not connect to host ffl123.com: did not receive HSTS header fgequipamentos.com.br: did not receive HSTS header @@ -4650,26 +5091,31 @@ fiftyshadesofluca.ml: could not connect to host fig.co: did not receive HSTS header fig.ms: could not connect to host fightr.co: could not connect to host +figura.cz: did not receive HSTS header figura.im: did not receive HSTS header figuurzagers.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] fiksel.info: could not connect to host fikt.space: could not connect to host -file-cloud.eu: could not connect to host +filebox.moe: could not connect to host filebox.space: did not receive HSTS header filedir.com: did not receive HSTS header fileio.io: could not connect to host fileon.com: could not connect to host filesense.com: could not connect to host +filewall.de: could not connect to host filey.co.uk: did not receive HSTS header filhomes.ph: could not connect to host fillitupchallenge.eu: did not receive HSTS header fillmysuitca.se: did not receive HSTS header +film.photography: did not receive HSTS header +film.photos: did not receive HSTS header +filmatiporno.xxx: could not connect to host filme-online.eu.com: did not receive HSTS header filmesubtitrate2017.online: could not connect to host filo.xyz: did not receive HSTS header filoitoupediou.gr: did not receive HSTS header finalgear.com: could not connect to host -finalvpn.com: could not connect to host +finalvpn.com: did not receive HSTS header financier.io: did not receive HSTS header financieringsportaal.nl: did not receive HSTS header finanzkontor.net: could not connect to host @@ -4680,35 +5126,38 @@ findthere.net: could not connect to host findtutorsnearme.com: did not receive HSTS header findyour.diet: could not connect to host finer04.pw: did not receive HSTS header +finewineonline.com: could not connect to host fingent.com: did not receive HSTS header fingerscrossed.style: could not connect to host finiteheap.com: did not receive HSTS header finn.io: did not receive HSTS header -finpt.com: did not receive HSTS header finstererlebnis.de: could not connect to host finsterlebnis.de: did not receive HSTS header fiodental.com.br: did not receive HSTS header -fiork.com: could not connect to host +fiork.com: did not receive HSTS header fire-wolf.com: could not connect to host fireandelectrical.co.uk: did not receive HSTS header firebaseio-demo.com: could not connect to host firebaseio.com: could not connect to host (error ignored - included regardless) -firebird.io: could not connect to host +firebird.io: did not receive HSTS header firefall.rocks: could not connect to host firehost.com: could not connect to host fireinthedeep.com: could not connect to host firemail.io: could not connect to host firenza.org: did not receive HSTS header fireorbit.de: did not receive HSTS header +firepeak.ru: could not connect to host fireworkcoaching.com: did not receive HSTS header firexarxa.de: could not connect to host -firmenverzeichnis.nu: could not connect to host +firmenverzeichnis.nu: did not receive HSTS header first-time-offender.com: could not connect to host firstchoicepool.com: did not receive HSTS header firstdogonthemoon.com.au: did not receive HSTS header firstforex.co.uk: did not receive HSTS header firstlook.org: did not receive HSTS header +fischers.it: could not connect to host fiscoeconti.it: did not receive HSTS header +fishfinders.info: did not receive HSTS header fiskestang.com: did not receive HSTS header fit4medien.de: did not receive HSTS header fitbylo.com: could not connect to host @@ -4718,6 +5167,7 @@ fitnesswerk.de: could not connect to host fitqbe.com: did not receive HSTS header fitshop.com.br: could not connect to host fitsw.com: did not receive HSTS header +fiuxy.org: could not connect to host five.vn: did not receive HSTS header fivestarsitters.com: did not receive HSTS header fivestepfunnels.com: could not connect to host @@ -4734,8 +5184,7 @@ fixmyglitch.com: could not connect to host fixtectools.co.za: could not connect to host fixthetimeline.com: could not connect to host fixthetimeline.org: could not connect to host -fixvoltage.ru: did not receive HSTS header -fjruiz.es: did not receive HSTS header +fjruiz.es: could not connect to host fkcovering.be: could not connect to host fl0000.com: max-age too low: 129600 fl010.com: max-age too low: 129600 @@ -4747,7 +5196,7 @@ fl0666.com: did not receive HSTS header fl0777.com: did not receive HSTS header fl0888.com: did not receive HSTS header fl0999.com: did not receive HSTS header -flagfic.com: did not receive HSTS header +flagfic.com: could not connect to host flags.ninja: could not connect to host flair.co: max-age too low: 7889238 flairbros.at: could not connect to host @@ -4756,6 +5205,7 @@ flam.io: could not connect to host flamewall.net: could not connect to host flamingcow.tv: could not connect to host flamingkeys.com.au: could not connect to host +flangaapis.com: did not receive HSTS header flareon.net: could not connect to host flaretechnologies.io: could not connect to host flashbaggie.com: could not connect to host @@ -4764,18 +5214,20 @@ flawcheck.com: could not connect to host flc111.com: did not receive HSTS header flc999.com: max-age too low: 129600 flemingtonaudiparts.com: could not connect to host +fleurette.me: could not connect to host fleursdesoleil.fr: did not receive HSTS header flexdrukker.nl: could not connect to host flexinvesting.fi: could not connect to host fliexer.com: could not connect to host flightschoolusa.com: did not receive HSTS header +fling.dating: could not connect to host flipagram.com: did not receive HSTS header -flipbell.com: did not receive HSTS header +flipbell.com: could not connect to host flipkey.com: did not receive HSTS header -flirchi.com: could not connect to host +flirchi.com: did not receive HSTS header flixtor.net: could not connect to host +flkrpxl.com: could not connect to host floless.co.uk: did not receive HSTS header -flomeyer.de: could not connect to host floorball-haunwoehr.de: did not receive HSTS header flopy.club: could not connect to host florafiora.com.br: did not receive HSTS header @@ -4787,6 +5239,7 @@ floridaescapes.co.uk: did not receive HSTS header florinapp.com: could not connect to host florispoort.nl: did not receive HSTS header floro.me: did not receive HSTS header +flosserver.de: could not connect to host floth.at: could not connect to host flouartistique.ch: could not connect to host flow.pe: could not connect to host @@ -4800,8 +5253,9 @@ flugstadplasticsurgery.com: did not receive HSTS header fluidojobs.com: could not connect to host fluitbeurt.nl: could not connect to host flukethoughts.com: did not receive HSTS header -flurrybridge.com: did not receive HSTS header +flurrybridge.com: could not connect to host flushstudios.com: did not receive HSTS header +fluxi.fi: could not connect to host flyaces.com: could not connect to host flybunnyfly.dk: did not receive HSTS header flygpost.com: did not receive HSTS header @@ -4809,12 +5263,12 @@ flyingdoggy.net: could not connect to host flyp.me: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] flyspace.ga: did not receive HSTS header flyss.net: could not connect to host -flyssh.net: could not connect to host fm83.nl: could not connect to host fm992.com: could not connect to host fmovies.life: could not connect to host +fnfpt.co.uk: could not connect to host fniephaus.com: did not receive HSTS header -fnncat.com: did not receive HSTS header +fnncat.com: could not connect to host fnvsecurity.com: could not connect to host fobc-usa.org: did not receive HSTS header focalforest.com: could not connect to host @@ -4824,19 +5278,21 @@ fohome.ca: could not connect to host fokan.ch: did not receive HSTS header foliekonsulenten.dk: did not receive HSTS header folioapp.io: did not receive HSTS header +fondanastasia.ru: did not receive HSTS header fondy.ru: did not receive HSTS header foneo.com: could not connect to host fonetiq.io: could not connect to host -fonseguin.ca: did not receive HSTS header fontawesome.com: did not receive HSTS header foo: could not connect to host food4health.guide: could not connect to host +foodacademy.capetown: could not connect to host foodbuddy.ch: could not connect to host foodiebox.no: did not receive HSTS header foodies.my: did not receive HSTS header foodievenues.com: could not connect to host foodplantengineering.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] foodsafetyworkinggroup.gov: could not connect to host +foodserve.in: did not receive HSTS header footballmapped.com: could not connect to host footlegende.fr: did not receive HSTS header forafifty.co.za: could not connect to host @@ -4845,33 +5301,32 @@ forbid.life: could not connect to host forbiddenhistory.info: could not connect to host forbook.net: did not receive HSTS header forcamp.ga: could not connect to host -force-des-maths.com: could not connect to host +force-des-maths.com: did not receive HSTS header fordbydesign.com: could not connect to host fordshop.by: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] foreignexchangeresource.com: did not receive HSTS header forestfinance.fr: did not receive HSTS header foreveralone.io: could not connect to host foreveryoung.pt: did not receive HSTS header -forewordreviews.com: did not receive HSTS header forex-dan.com: did not receive HSTS header +forexsignals7.com: could not connect to host forgix.com: could not connect to host forlagetmarx.dk: did not receive HSTS header -formadmin.com: could not connect to host -formaliteo.com: could not connect to host +formadmin.com: did not receive HSTS header +formaliteo.com: did not receive HSTS header formazioneopen.it: could not connect to host formersessalaries.com: did not receive HSTS header formula.cf: could not connect to host forplanetsake.com: could not connect to host forplayers.pl: could not connect to host -forschbach-janssen.de: could not connect to host forsyththeatre.com: could not connect to host fortricks.in: did not receive HSTS header fortuna-loessnitz.de: could not connect to host fortuna-s.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] fortworth.ch: did not receive HSTS header -forty-two.nl: did not receive HSTS header forty2.eu: did not receive HSTS header forum.linode.com: did not receive HSTS header +forumjuridico.org: did not receive HSTS header forus.be: could not connect to host foryoucosmeticos.com.br: could not connect to host fossewayflowers.co.uk: could not connect to host @@ -4883,29 +5338,35 @@ fotoallerlei.com: did not receive HSTS header fotocerita.net: could not connect to host fotogiraffe.ru: did not receive HSTS header fotografosexpertos.com: did not receive HSTS header +fotonjan.com: could not connect to host fotopasja.info: could not connect to host +fotostravestisbr.com: could not connect to host fourchin.net: could not connect to host fourwheelpartloanssimple.com: did not receive HSTS header -foxdev.io: could not connect to host +foxdev.io: did not receive HSTS header foxelbox.com: did not receive HSTS header -foxes.no: could not connect to host foxley-farm.co.uk: did not receive HSTS header foxley-seeds.co.uk: did not receive HSTS header foxleyseeds.co.uk: could not connect to host foxmay.co.uk: could not connect to host foxtrot.pw: could not connect to host foxyslut.com: could not connect to host +foyale.io: could not connect to host +fpki.sh: could not connect to host +fptravelling.com: could not connect to host fr0zenbits.io: could not connect to host fr33d0m.link: could not connect to host fragilesolar.cf: could not connect to host fragnic.com: did not receive HSTS header fralef.me: did not receive HSTS header +francesca-and-lucas.com: did not receive HSTS header francevpn.xyz: could not connect to host francois-vidit.com: did not receive HSTS header frangor.info: did not receive HSTS header -frank.fyi: could not connect to host +frankedier.com: did not receive HSTS header +frankl.in: did not receive HSTS header franklinhua.com: could not connect to host -frankwei.xyz: could not connect to host +franksiler.com: could not connect to host franta.biz: did not receive HSTS header franta.email: did not receive HSTS header franzt.de: could not connect to host @@ -4923,7 +5384,6 @@ freakyawesome.ca: could not connect to host freakyawesome.club: could not connect to host freakyawesome.co: could not connect to host freakyawesome.co.uk: could not connect to host -freakyawesome.com: could not connect to host freakyawesome.company: could not connect to host freakyawesome.email: could not connect to host freakyawesome.events: could not connect to host @@ -4982,18 +5442,22 @@ freakyawesometeam.com: could not connect to host freakyawesometheme.com: could not connect to host freakyawesomethemes.com: could not connect to host freakyawesomewp.com: could not connect to host -freddieonfire.tk: could not connect to host freddythechick.uk: did not receive HSTS header fredliang.cn: could not connect to host +fredtec.ru: could not connect to host free8.xyz: could not connect to host freeasinlliure.org: did not receive HSTS header -freeassangenow.org: could not connect to host freeben666.fr: could not connect to host +freeblog.me: could not connect to host freebookmakerbets.com.au: did not receive HSTS header freebus.org: could not connect to host +freecam2cam.site: could not connect to host +freecookies.nl: did not receive HSTS header freedomrealtyoftexas.com: did not receive HSTS header freedomvote.nl: could not connect to host +freeexampapers.com: could not connect to host freeflow.tv: could not connect to host +freehao123.cn: could not connect to host freejidi.com: could not connect to host freekdevries.nl: did not receive HSTS header freelanced.co.za: could not connect to host @@ -5006,9 +5470,10 @@ freesoftwaredriver.com: could not connect to host freesounding.com: did not receive HSTS header freesounding.ru: did not receive HSTS header freesourcestl.org: did not receive HSTS header +freesquare.net: did not receive HSTS header freethought.org.au: could not connect to host freeutopia.org: did not receive HSTS header -freezion.com: could not connect to host +frenzel.dk: could not connect to host freqlabs.com: did not receive HSTS header freshfind.xyz: could not connect to host freshlymind.com: did not receive HSTS header @@ -5021,36 +5486,44 @@ fridolinka.cz: did not receive HSTS header friedhelm-wolf.de: could not connect to host friendica.ch: could not connect to host friendlyfiregameshow.com: could not connect to host +frieslandrail.nl: did not receive HSTS header frimons.com: max-age too low: 7889238 fringeintravel.com: did not receive HSTS header frodriguez.xyz: could not connect to host +froehlich.it: did not receive HSTS header froggstack.de: could not connect to host frolov.net: could not connect to host +from-the-net.com: could not connect to host fromix.de: could not connect to host fromlemaytoz.com: could not connect to host front-end.dog: could not connect to host frontisme.nl: did not receive HSTS header frontline.cloud: did not receive HSTS header frontline6.com: did not receive HSTS header +frontlinemessenger.com: did not receive HSTS header frontmin.com: did not receive HSTS header frost-ci.xyz: could not connect to host -frostbytes.net: did not receive HSTS header +frostbytes.net: could not connect to host +frosthall.com: max-age too low: 2592000 frosty-gaming.xyz: could not connect to host frp-roleplay.de: could not connect to host +frprn.com: could not connect to host +frprn.xxx: could not connect to host frsis2017.com: could not connect to host fruitusers.com: could not connect to host frumious.fyi: could not connect to host frusky.net: could not connect to host fs-gamenet.de: could not connect to host -fsapubs.gov: could not connect to host fsf.moe: did not receive HSTS header fsfi.is: could not connect to host fsinf.at: did not receive HSTS header +fsk.fo: did not receive HSTS header fspphoto.com: could not connect to host fsradio.eu: did not receive HSTS header fsrs.gov: could not connect to host fstatic.io: could not connect to host fstfy.de: could not connect to host +fsvoboda.cz: could not connect to host ftc.gov: did not receive HSTS header ftctele.com: could not connect to host fteproxy.org: did not receive HSTS header @@ -5065,13 +5538,16 @@ fudanshi.org: could not connect to host fuelministry.com: did not receive HSTS header fugle.de: could not connect to host fuitedeau.ch: could not connect to host +fujianshipbuilding.com: could not connect to host fukuko.biz: could not connect to host fukuko.xyz: could not connect to host fukuoka-cityliner.jp: did not receive HSTS header fukushima-web.com: did not receive HSTS header fuli.am: max-age too low: 129600 fulilingyu.info: could not connect to host -fuliydys.com: did not receive HSTS header +fuliydys.com: could not connect to host +fullpackage.co.uk: did not receive HSTS header +fulltxt.ml: could not connect to host fullytrained.co.uk: could not connect to host fumiware.com: could not connect to host fun9.cc: could not connect to host @@ -5079,17 +5555,19 @@ fun99.cc: could not connect to host funarena.com.ua: did not receive HSTS header fundacionfranciscofiasco.org: could not connect to host fundacionhijosdelsol.org: could not connect to host +fundayltd.com: could not connect to host funderburg.me: did not receive HSTS header fungame.eu: did not receive HSTS header +funi4u.com: could not connect to host funideas.org: could not connect to host funkes-ferien.de: did not receive HSTS header -funkner.ru: could not connect to host funkyweddingideas.com.au: could not connect to host funny-joke-pictures.com: did not receive HSTS header funnyang.com: could not connect to host funrun.com: did not receive HSTS header funtastic-event-hire.co.uk: did not receive HSTS header funtastic.ie: could not connect to host +funtimebourne.co.uk: could not connect to host fuorifuocogenova.it: did not receive HSTS header furi.ga: could not connect to host furiffic.com: did not receive HSTS header @@ -5100,9 +5578,12 @@ furtivelook.com: did not receive HSTS header fusa-miyamoto.jp: could not connect to host fusedrops.com: did not receive HSTS header fusionmate.com: could not connect to host +fuskator.com: could not connect to host +fussell.io: could not connect to host futbol11.com: did not receive HSTS header futbolvivo.tv: did not receive HSTS header futos.de: could not connect to host +futurefire.de: could not connect to host futuresonline.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] futurestarsusa.org: did not receive HSTS header futuretechnologi.es: could not connect to host @@ -5111,15 +5592,15 @@ futuristarchitecture.com: did not receive HSTS header fuvpn.com: could not connect to host fuxwerk.de: could not connect to host fuzoku-sodan.com: could not connect to host +fuzoku.jp: could not connect to host fwei.tk: did not receive HSTS header fws.gov: did not receive HSTS header +fwww7.com: did not receive HSTS header fxgame.online: could not connect to host fxpig-ib.com: could not connect to host fxwebstudio.com.au: max-age too low: 0 -fyfywka.com: max-age too low: 86400 fyodorpi.com: did not receive HSTS header fyol.pw: could not connect to host -fyol.xyz: did not receive HSTS header fysiohaenraets.nl: did not receive HSTS header fzn.io: did not receive HSTS header fzslm.me: did not receive HSTS header @@ -5146,7 +5627,10 @@ gaelleetarnaud.com: did not receive HSTS header gafachi.com: could not connect to host gaichanh.com: did not receive HSTS header gainesvillegoneaustin.org: did not receive HSTS header +gaiserik.com: did not receive HSTS header gaite.me: did not receive HSTS header +gajas18.com: could not connect to host +gakkainavi-epsilon.jp: could not connect to host gakkainavi4.com: could not connect to host galardi.org: could not connect to host galena.io: could not connect to host @@ -5155,19 +5639,18 @@ galeriadobimba.com.br: could not connect to host galgoafegao.com.br: could not connect to host galgoingles.com.br: could not connect to host gali.review: did not receive HSTS header -gallerify.eu: did not receive HSTS header +galileomtz.com: did not receive HSTS header gallery44.org: did not receive HSTS header -galletasgabi.com.mx: max-age too low: 86400 galoisvpn.xyz: could not connect to host gam3rs.de: could not connect to host gambitcloud.net: could not connect to host +game-files.net: did not receive HSTS header game-gentle.com: could not connect to host game.yt: could not connect to host gamebits.net: did not receive HSTS header gamecave.de: could not connect to host gamecdn.com: could not connect to host gamechasm.com: could not connect to host -gameclue.jp: did not receive HSTS header gamefund.me: could not connect to host gamehacks.me: could not connect to host gameink.net: did not receive HSTS header @@ -5180,11 +5663,11 @@ gamepader.com: could not connect to host gameparade.de: could not connect to host gameparagon.info: could not connect to host gamepiece.com: did not receive HSTS header -gamereader.de: could not connect to host gamerpoets.com: did not receive HSTS header gamers-life.fr: could not connect to host gamerslair.org: did not receive HSTS header gamerz-point.de: could not connect to host +gamerz-stream.com: did not receive HSTS header gamesdepartment.co.uk: could not connect to host gameserver-sponsor.de: did not receive HSTS header gamesurferapp.com: could not connect to host @@ -5192,14 +5675,17 @@ gameswitchers.uk: could not connect to host gametium.com: could not connect to host gametium.es: could not connect to host gamhealth.net: could not connect to host -gamingmedia.eu: did not receive HSTS header +gamingmedia.eu: could not connect to host gamingreinvented.com: did not receive HSTS header gamoice.com: did not receive HSTS header gampenhof.de: could not connect to host gangnam-club.com: could not connect to host gangnam-karaoke.com: could not connect to host ganhonet.com.br: did not receive HSTS header +ganzgraph.de: did not receive HSTS header +gaon.network: could not connect to host gaphag.ddns.net: could not connect to host +garage-abri-chalet.fr: did not receive HSTS header garage-door.pro: could not connect to host garageon.net: did not receive HSTS header garciamartin.me: could not connect to host @@ -5207,7 +5693,6 @@ garcinia--cambogia.com: could not connect to host garciniacambogiareviewed.co: did not receive HSTS header garden.trade: could not connect to host gardencarezone.com: did not receive HSTS header -garethkirk.com: did not receive HSTS header garfieldairlines.net: did not receive HSTS header garten-bau.ch: did not receive HSTS header garten-diy.de: could not connect to host @@ -5215,42 +5700,49 @@ gasbarkenora.com: could not connect to host gasnews.net: could not connect to host gasser-daniel.ch: did not receive HSTS header gastauftritt.net: did not receive HSTS header +gastritisolucion.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] gatapro.net: could not connect to host +gatemotorsumhlanga.co.za: could not connect to host gatemoves.com: could not connect to host gateworld.fr: did not receive HSTS header +gatilagata.com.br: could not connect to host gatomix.net: could not connect to host gatorsa.es: could not connect to host gaussorgues.me: could not connect to host gautham.pro: could not connect to host gavick.com: did not receive HSTS header +gay-sissies.com: could not connect to host gaycc.cc: could not connect to host gaygeeks.de: could not connect to host +gaysfisting.com: could not connect to host +gaytorrent.ru: could not connect to host +gayxsite.com: could not connect to host gazflynn.com: did not receive HSTS header -gc-mc.de: did not receive HSTS header +gbit.xyz: could not connect to host gc.net: could not connect to host gchoic.com: max-age too low: 7889238 gchp.ie: did not receive HSTS header gdegem.org: did not receive HSTS header gdevpenze.ru: could not connect to host -gdhzcgs.com: could not connect to host gdprhallofshame.com: could not connect to host +gdutnic.com: could not connect to host gdz-otvety.com: could not connect to host gdz.tv: could not connect to host gear-acquisition-syndrome.community: could not connect to host +geaskb.nl: could not connect to host geblitzt.de: did not receive HSTS header gedankenbude.info: could not connect to host -gee.is: could not connect to host geekbaba.com: could not connect to host geekcast.co.uk: did not receive HSTS header +geekchimp.com: could not connect to host geekdt.com: could not connect to host geekmind.org: max-age too low: 172800 -geeks.berlin: did not receive HSTS header +geeks.berlin: could not connect to host geeks.lgbt: could not connect to host -geeks.one: did not receive HSTS header +geekseries.fr: did not receive HSTS header geektimes.com: did not receive HSTS header +geeky.software: could not connect to host geemo.top: could not connect to host -geertdegraaf.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -gehaowu.com: did not receive HSTS header gehrke.nrw: could not connect to host geigr.de: could not connect to host geiser.io: did not receive HSTS header @@ -5262,16 +5754,18 @@ gemuplay.com: could not connect to host genemesservwparts.com: could not connect to host generalpants.com.au: did not receive HSTS header generationnext.pl: could not connect to host -genesischangelog.com: did not receive HSTS header +genesischangelog.com: could not connect to host geneve.guide: could not connect to host genia-life.de: could not connect to host +genie-seiner-generation.de: could not connect to host genneve.com: did not receive HSTS header genoog.com: could not connect to host genossen.ru: could not connect to host genshiken.org: could not connect to host +gentooblog.de: could not connect to host genuu.com: could not connect to host genuxation.com: could not connect to host -genxbeats.com: could not connect to host +genxbeats.com: did not receive HSTS header genyaa.com: could not connect to host genyhitch.com: did not receive HSTS header geoffanderinmyers.com: did not receive HSTS header @@ -5288,10 +5782,12 @@ gereon.ch: could not connect to host geri.be: could not connect to host germanticz.de: could not connect to host gers-authentique.com: could not connect to host +gerum.dynv6.net: did not receive HSTS header geschenkly.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] geschmackspiloten.de: did not receive HSTS header gesiwista.net: did not receive HSTS header gesunde-smoothies.de: did not receive HSTS header +gesundes-im-napf.de: did not receive HSTS header get-asterisk.ru: could not connect to host get-cctv.com: could not connect to host get-it-live.de: could not connect to host @@ -5335,6 +5831,7 @@ getremembrall.com: could not connect to host getronics.care: could not connect to host getsello.com: could not connect to host getserum.xyz: could not connect to host +getsetupfile.com: did not receive HSTS header getshifter.io: did not receive HSTS header getspeaker.com: did not receive HSTS header getspire.com: could not connect to host @@ -5343,35 +5840,39 @@ getwashdaddy.com: could not connect to host getyourphix.tk: could not connect to host gevaulug.fr: could not connect to host gfbouncycastles.co.uk: did not receive HSTS header +gfe.li: did not receive HSTS header gfhgiro.nl: did not receive HSTS header gfm.tech: could not connect to host gfoss.gr: could not connect to host -gfw.moe: did not receive HSTS header +gfournier.ca: could not connect to host +gfw.moe: could not connect to host gfwsb.ml: could not connect to host gglks.com: could not connect to host +ggobbo.com: could not connect to host ggrks-asano.com: could not connect to host ggss.cf: could not connect to host ggss.ml: could not connect to host gh16.com.ar: could not connect to host -ghaglund.se: could not connect to host ghcif.de: could not connect to host gheorghe-sarcov.ga: could not connect to host gheorghesarcov.ga: could not connect to host gheorghesarcov.tk: could not connect to host ghi.gov: could not connect to host ghibli.studio: did not receive HSTS header -ghid-pitesti.ro: did not receive HSTS header ghkim.net: could not connect to host +ghuntley.com: max-age too low: 0 giakki.eu: could not connect to host gianlucapartengo.photography: did not receive HSTS header giant-powerfit.co.uk: did not receive HSTS header gibraltar-firma.com: did not receive HSTS header gidea.nu: could not connect to host -giegler.software: did not receive HSTS header giftgofers.com: max-age too low: 2592000 +giftservices.nl: did not receive HSTS header gifzilla.net: could not connect to host -gigacloud.org: did not receive HSTS header +gigacloud.org: could not connect to host +gigawattz.com: could not connect to host gigiscloud.servebeer.com: could not connect to host +gigolodavid.be: could not connect to host gilcloud.com: could not connect to host gilgaz.com: did not receive HSTS header gillet-cros.fr: could not connect to host @@ -5379,6 +5880,7 @@ gilly.berlin: did not receive HSTS header gilroywestwood.org: did not receive HSTS header gincher.net: did not receive HSTS header gingali.de: did not receive HSTS header +ginie.de: did not receive HSTS header ginijony.com: did not receive HSTS header ginkel.com: did not receive HSTS header gintenreiter-photography.com: did not receive HSTS header @@ -5394,7 +5896,9 @@ gisac.org: did not receive HSTS header gistfy.com: could not connect to host git-stuff.tk: could not connect to host git.co: could not connect to host -github.party: did not receive HSTS header +gitar.io: could not connect to host +github.party: could not connect to host +gittr.ch: did not receive HSTS header givemyanswer.com: could not connect to host giverang.biz: could not connect to host giverang.com: could not connect to host @@ -5404,13 +5908,13 @@ gixtools.uk: could not connect to host gizzo.sk: could not connect to host glabiatoren-kst.de: could not connect to host gladystudio.com: did not receive HSTS header +glahcks.com: could not connect to host glass.google.com: did not receive HSTS header (error ignored - included regardless) glasslikes.com: did not receive HSTS header glbg.eu: did not receive HSTS header gle: could not connect to host glenavy.tk: could not connect to host glentakahashi.com: could not connect to host -glicerina.online: could not connect to host glittersjabloon.nl: did not receive HSTS header glitzmirror.com: could not connect to host glnpo.gov: could not connect to host @@ -5429,41 +5933,40 @@ globalsites.nl: did not receive HSTS header globaltennis.ca: could not connect to host globalvisions-events.ch: could not connect to host globalvisions-events.com: could not connect to host -globuli-info.de: did not receive HSTS header +globuli-info.de: could not connect to host gloomyspark.com: could not connect to host -glossopnorthendafc.co.uk: could not connect to host glotter.com: did not receive HSTS header gloucesterphotographer.com: did not receive HSTS header glubbforum.de: did not receive HSTS header glutenfreiheit.at: did not receive HSTS header glws.org: did not receive HSTS header glyph.ws: could not connect to host -gm-assicurazioni.it: did not receive HSTS header +gm-assicurazioni.it: could not connect to host gmail.com: did not receive HSTS header (error ignored - included regardless) gmanukyan.com: could not connect to host gmat.ovh: could not connect to host gmoes.at: could not connect to host -gn00.com: could not connect to host +gmw-hannover.de: could not connect to host gnaptracker.tk: could not connect to host gnom.me: could not connect to host gnosticjade.net: did not receive HSTS header go.ax: did not receive HSTS header go2sh.de: did not receive HSTS header -go4it.solutions: did not receive HSTS header +go4it.solutions: could not connect to host goabonga.com: could not connect to host goalsetup.com: did not receive HSTS header goaltree.ch: did not receive HSTS header -goapunks.net: could not connect to host +goapunks.net: did not receive HSTS header goarmy.eu: could not connect to host goat.chat: did not receive HSTS header goat.xyz: could not connect to host goben.ch: could not connect to host goblins.net: did not receive HSTS header goblinsatwork.com: could not connect to host +gocardless.com: did not receive HSTS header godrealms.com: could not connect to host goedeke.ml: could not connect to host goerner.me: did not receive HSTS header -goerres2014.de: could not connect to host goge.site: could not connect to host gogenenglish.com: could not connect to host gogetssl.com: did not receive HSTS header @@ -5472,16 +5975,18 @@ gogold-g.com: could not connect to host goguel.org: could not connect to host goiaspropaganda.com.br: could not connect to host gold24.in: could not connect to host +goldclubcasino.com: could not connect to host goldendata.io: could not connect to host goldfelt.com: could not connect to host goldminer.ga: could not connect to host goldpros.com: did not receive HSTS header +goldsky.com.au: did not receive HSTS header goldwater.gov: could not connect to host goldwaterfoundation.gov: could not connect to host goldwaterscholarship.gov: could not connect to host golearn.gov: could not connect to host +golfburn.com: could not connect to host golocal-media.de: could not connect to host -gomiblog.com: did not receive HSTS header gong8.win: could not connect to host gonzalosanchez.mx: did not receive HSTS header goodeats.nyc: did not receive HSTS header @@ -5490,6 +5995,7 @@ goodmengroup.de: did not receive HSTS header goods-memo.net: did not receive HSTS header goodsex4all.com.br: could not connect to host goodtech.com.br: could not connect to host +goodvibesblog.com: could not connect to host goodwin43.ru: could not connect to host goodyearsotn.co.uk: could not connect to host google: could not connect to host (error ignored - included regardless) @@ -5501,17 +6007,17 @@ gootax.pro: did not receive HSTS header goozz.nl: did not receive HSTS header gopay.cz: did not receive HSTS header gopokego.cz: could not connect to host +gorakukai.jp: max-age too low: 0 goranrango.ch: could not connect to host -gorf.chat: could not connect to host -gorf.club: could not connect to host +gordonobrecht.com: did not receive HSTS header gorgiaxx.com: could not connect to host gorilla-gym.site: could not connect to host gorillow.com: could not connect to host gorognyelv.hu: could not connect to host gosharewood.com: did not receive HSTS header goshop.cz: did not receive HSTS header -gospelofmark.ch: could not connect to host -gostream.asia: did not receive HSTS header +goshow.tv: could not connect to host +gostream.asia: could not connect to host gotgenes.com: could not connect to host goto.google.com: did not receive HSTS header (error ignored - included regardless) gotobrno.cz: did not receive HSTS header @@ -5520,37 +6026,41 @@ gotspot.com: could not connect to host gottfridsberg.org: could not connect to host gottfriedfeyen.com: did not receive HSTS header goubi.me: did not receive HSTS header +goujianwen.com: did not receive HSTS header +goukon.ru: could not connect to host gourmettia.com: did not receive HSTS header -gouthro-goteborg.se: could not connect to host +gouthro-goteborg.se: did not receive HSTS header gouv.ovh: did not receive HSTS header gov.ax: could not connect to host goverage.org: could not connect to host govillemo.ca: did not receive HSTS header gozadentro.com: could not connect to host gozel.com.tr: did not receive HSTS header +gpalabs.com: could not connect to host gparent.org: did not receive HSTS header gpga.cf: could not connect to host -gpio.gq: could not connect to host +gplintegratedit.com: could not connect to host gpo.gov: did not receive HSTS header gpstuner.com: did not receive HSTS header graavaapi.elasticbeanstalk.com: could not connect to host -gracebaking.com: max-age too low: 86400 +grabi.ga: could not connect to host gracechurchpc.net: could not connect to host -graceful-project.eu: could not connect to host +graceful-project.eu: did not receive HSTS header gracesofgrief.com: could not connect to host grachtenpandverkopen.nl: could not connect to host grademymac.com: did not receive HSTS header grademypc.com: did not receive HSTS header +gradenotify.com: could not connect to host grads360.org: could not connect to host gradsm-ci.net: could not connect to host grafitec.ru: did not receive HSTS header graftworld.pw: could not connect to host -grana.com: did not receive HSTS header grandchamproofing.com: did not receive HSTS header grande.coffee: could not connect to host grandlinecsk.ru: did not receive HSTS header grandmascookieblog.com: did not receive HSTS header -graniteind.com: did not receive HSTS header +grandmasfridge.org: did not receive HSTS header +grandwailea.com: did not receive HSTS header grantedby.me: max-age too low: 0 granth.io: could not connect to host graph.no: did not receive HSTS header @@ -5560,13 +6070,13 @@ gratis-app.com: did not receive HSTS header gratisonlinesex.com: could not connect to host gravitation.pro: did not receive HSTS header gravito.nl: did not receive HSTS header -gravity-dev.de: could not connect to host gravity-net.de: could not connect to host graycell.net: could not connect to host grazetech.com: did not receive HSTS header grcnode.co.uk: could not connect to host great.nagoya: could not connect to host -greatfire.kr: did not receive HSTS header +greatergoodoffers.com: did not receive HSTS header +greatfire.kr: could not connect to host greatideahub.com: did not receive HSTS header greatnet.de: did not receive HSTS header greatsong.net: did not receive HSTS header @@ -5575,18 +6085,20 @@ green-light.ga: could not connect to host green-light.gq: could not connect to host green-light.ml: could not connect to host greencardtalent.com: could not connect to host +greenenergysolution.uk: did not receive HSTS header greenesting.ch: could not connect to host greenesting.com: could not connect to host greengov.gov: could not connect to host greenhillantiques.co.uk: did not receive HSTS header greenitpark.net: could not connect to host -greenpeace.berlin: could not connect to host greensolid.biz: could not connect to host greenvines.com.tw: did not receive HSTS header greenvpn.ltd: could not connect to host greenvpn.pro: did not receive HSTS header greggsfoundation.org.uk: could not connect to host gregmartyn.com: could not connect to host +gregmilton.com: could not connect to host +gregmilton.org: could not connect to host gregorytlee.me: could not connect to host grekland.guide: could not connect to host gremots.com: could not connect to host @@ -5598,7 +6110,6 @@ greuel.online: could not connect to host greve.xyz: could not connect to host grevesgarten.de: could not connect to host greyline.se: could not connect to host -greysky.me: max-age too low: 300 grian-bam.at: did not receive HSTS header gribani.com: could not connect to host grid2osm.org: could not connect to host @@ -5617,15 +6128,18 @@ groentefruitzeep.nl: could not connect to host groetzner.net: did not receive HSTS header groseb.net: did not receive HSTS header grossberger-ge.org: could not connect to host +grossell.ru: could not connect to host grossmann.gr: could not connect to host grossmisconduct.news: could not connect to host groupe-cassous.com: did not receive HSTS header +grouphomes.com.au: did not receive HSTS header groups.google.com: did not receive HSTS header (error ignored - included regardless) grow-shop.ee: could not connect to host grow-shop.lt: could not connect to host grow-shop.lv: could not connect to host growingmetrics.com: could not connect to host grozip.com: did not receive HSTS header +grozter.se: did not receive HSTS header gruenderwoche-dresden.de: did not receive HSTS header grunex.com: did not receive HSTS header grupopgn.com.br: could not connect to host @@ -5637,6 +6151,7 @@ gs-net.at: could not connect to host gsm-map.com: could not connect to host gsmkungen.com: could not connect to host gsnort.com: did not receive HSTS header +gsoc.se: could not connect to host gtamodshop.org: could not connect to host gtanda.tk: could not connect to host gtech.work: did not receive HSTS header @@ -5645,6 +6160,8 @@ gtraxapp.com: could not connect to host gts-schulsoftware.de: did not receive HSTS header guarajubaimoveis.com.br: did not receive HSTS header guava.studio: did not receive HSTS header +gudangpangan.id: could not connect to host +gudrun.ml: could not connect to host guelphhydropool.com: could not connect to host guendra.dedyn.io: could not connect to host guentherhouse.com: did not receive HSTS header @@ -5654,9 +6171,9 @@ gugaltika-ipb.org: could not connect to host guge.gq: could not connect to host gugga.dk: could not connect to host guguke.net: did not receive HSTS header +guhei.net: could not connect to host guidechecking.com: could not connect to host -guideline.gov: could not connect to host -guidelines.gov: could not connect to host +guides-et-admin.com: did not receive HSTS header guilde-vindicta.fr: could not connect to host guildgearscore.cf: could not connect to host guillaume-leduc.fr: did not receive HSTS header @@ -5680,6 +6197,7 @@ guntbert.net: could not connect to host guoqiang.info: did not receive HSTS header gurochan.ch: could not connect to host gurom.lv: could not connect to host +gurubetng.com: did not receive HSTS header gurusupe.com: could not connect to host gus.moe: could not connect to host guso.gq: could not connect to host @@ -5687,10 +6205,13 @@ guso.ml: could not connect to host guso.site: could not connect to host guso.tech: could not connect to host gussi.is: did not receive HSTS header -guthabenkarten-billiger.de: did not receive HSTS header +guthabenkarten-billiger.de: could not connect to host guts.me: did not receive HSTS header guts.moe: did not receive HSTS header +guyot-tech.com: did not receive HSTS header gvchannel.xyz: could not connect to host +gvi.be: did not receive HSTS header +gvm.io: could not connect to host gvpt.sk: did not receive HSTS header gvt2.com: could not connect to host (error ignored - included regardless) gvt3.com: could not connect to host (error ignored - included regardless) @@ -5715,21 +6236,20 @@ h2check.org: did not receive HSTS header h3x.jp: could not connect to host haarkliniek.com: did not receive HSTS header habbixed.tk: could not connect to host -habbo.life: could not connect to host +habbo.life: did not receive HSTS header habbotalk.nl: could not connect to host habeo.si: could not connect to host hablemosdetecnologia.com.ve: could not connect to host hac30.com: could not connect to host -hack.cz: could not connect to host +hack.club: could not connect to host hack.li: could not connect to host hackbubble.me: could not connect to host +hacker.club: could not connect to host hacker.deals: could not connect to host hacker8.cn: could not connect to host -hackercat.ninja: did not receive HSTS header -hackerchai.com: could not connect to host +hackercat.ninja: max-age too low: 2592000 hackerforever.com: could not connect to host hackerone-ext-adroll.com: could not connect to host -hackerpoints.com: could not connect to host hackerspace-ntnu.no: did not receive HSTS header hackest.org: did not receive HSTS header hackingsafe.com: could not connect to host @@ -5737,7 +6257,7 @@ hackit.im: could not connect to host hackmeplz.com: could not connect to host hackroyale.xyz: could not connect to host hacksnack.io: could not connect to host -hackworx.com: could not connect to host +hackyourfaceoff.com: could not connect to host hadaf.pro: could not connect to host hadzic.co: could not connect to host haeckdesign.com: did not receive HSTS header @@ -5746,7 +6266,9 @@ haehnlein.at: could not connect to host haemmerle.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] haf.gr: could not connect to host hafoda.com: did not receive HSTS header +haggeluring.su: could not connect to host hahayidu.org: could not connect to host +hail2u.net: did not receive HSTS header hainoni.com: did not receive HSTS header hairlossstop.net: did not receive HSTS header haitschi.com: could not connect to host @@ -5754,7 +6276,6 @@ haitschi.de: did not receive HSTS header haitschi.net: could not connect to host haitschi.org: could not connect to host hajnzic.at: could not connect to host -hakase.pw: could not connect to host haktec.de: did not receive HSTS header haku.moe: could not connect to host hakugin.me: could not connect to host @@ -5763,12 +6284,12 @@ hakurei.moe: could not connect to host halcyonsbastion.com: could not connect to host half-logic.eu.org: could not connect to host halfwaythere.eu: could not connect to host -hallettxn.com: could not connect to host halo.red: could not connect to host halta.info: could not connect to host halyul.cc: did not receive HSTS header halyul.com: did not receive HSTS header haman.nl: could not connect to host +hamish.ca: did not receive HSTS header hamking.tk: could not connect to host hammamsayad.com: could not connect to host hamon.cc: did not receive HSTS header @@ -5777,8 +6298,10 @@ hancatemc.com: did not receive HSTS header hancc.net: could not connect to host handenafvanhetmedischdossier.nl: could not connect to host handicapindeles.nl: did not receive HSTS header -handinhandfoundation.org.uk: could not connect to host +handinhandfoundation.org.uk: did not receive HSTS header handiworker.com: could not connect to host +handmadegobelin.com: did not receive HSTS header +handmadeshoes.pe: did not receive HSTS header handmadetutorials.ro: could not connect to host handsandall.com: did not receive HSTS header hanfu.la: could not connect to host @@ -5798,6 +6321,7 @@ haobo5555.com: could not connect to host haobo6666.com: could not connect to host haobo7777.com: could not connect to host haomwei.com: could not connect to host +haoqi.men: could not connect to host haoyugao.com: could not connect to host happist.com: did not receive HSTS header happix.nl: did not receive HSTS header @@ -5807,16 +6331,19 @@ happyheartsabode.com: did not receive HSTS header happytiger.eu: could not connect to host hapsfordmill.co.uk: could not connect to host hapvm.com: could not connect to host -haqaza.com.br: could not connect to host +haqaza.com.br: did not receive HSTS header harambe.site: could not connect to host harbourweb.net: did not receive HSTS header -hardergayporn.com: could not connect to host +hardeman.nu: could not connect to host hardline.xyz: could not connect to host +hardtime.ru: could not connect to host hardyboyplant.com: did not receive HSTS header haribosupermix.com: could not connect to host hariome.com: did not receive HSTS header +haritsa.co.id: did not receive HSTS header harlentimberproducts.co.uk: did not receive HSTS header harmonycosmetic.com: max-age too low: 300 +harrisonsdirect.co.uk: did not receive HSTS header harristony.com: could not connect to host harryharrison.co: did not receive HSTS header harrypottereditor.com: could not connect to host @@ -5829,6 +6356,7 @@ harz.cloud: could not connect to host has.vision: could not connect to host hasabig.wang: could not connect to host hasalittle.wang: could not connect to host +haschrebellen.de: could not connect to host hash-list.com: could not connect to host hashiconf.com: did not receive HSTS header hashidays.com: did not receive HSTS header @@ -5842,6 +6370,8 @@ hatoko.net: could not connect to host haufschild.de: could not connect to host haurumcraft.net: could not connect to host hausarzt-stader-str.de: did not receive HSTS header +hausarztpraxis-linn.de: could not connect to host +hauswarteam.com: could not connect to host hav.com: could not connect to host haveeruexaminer.com: could not connect to host haven-staging.cloud: could not connect to host @@ -5850,7 +6380,7 @@ havenmoon.com: could not connect to host havenswift-hosting.co.uk: did not receive HSTS header hawk-la.com: could not connect to host hawthornharpist.com: could not connect to host -haxoff.com: could not connect to host +haxoff.com: did not receive HSTS header haxon.me: could not connect to host haxx.hu: did not receive HSTS header haydenhill.us: could not connect to host @@ -5876,6 +6406,7 @@ hbvip07.com: could not connect to host hbvip08.com: could not connect to host hcfhomelottery.ca: did not receive HSTS header hcie.pl: did not receive HSTS header +hcoe.fi: did not receive HSTS header hcr.io: did not receive HSTS header hcs-company.com: did not receive HSTS header hcs-company.nl: did not receive HSTS header @@ -5887,31 +6418,38 @@ hdritalyphotos.com: did not receive HSTS header hdserver.info: did not receive HSTS header hdsmigrationtool.com: could not connect to host hduin.xyz: could not connect to host +hdwallpapers.net: could not connect to host hdy.nz: could not connect to host head-shop.lt: could not connect to host head-shop.lv: could not connect to host headmates.xyz: could not connect to host +healthcare6.com: did not receive HSTS header healthjoy.com: did not receive HSTS header healthyandnaturalliving.com: could not connect to host healthycod.in: could not connect to host healtious.com: could not connect to host hearingshofar.com: could not connect to host -heart.ge: could not connect to host +heart.ge: did not receive HSTS header heartlandrentals.com: did not receive HSTS header +hearty.cf: did not receive HSTS header hearty.ink: could not connect to host hearty.space: could not connect to host hearty.tech: could not connect to host hearty.tw: did not receive HSTS header +heartyapp.com: could not connect to host heartyme.net: could not connect to host heathmanners.com: could not connect to host heavenlyseals.com: could not connect to host heavenlysmokenc.com: could not connect to host heavystresser.com: could not connect to host hebaus.com: could not connect to host +hectorj.net: could not connect to host +hedgeschool.ie: could not connect to host +hedweb.com: could not connect to host heidilein.info: did not receive HSTS header heimnetze.org: could not connect to host -heinemeier.dk: could not connect to host heisenberg.co: could not connect to host +hejahanif.se: could not connect to host hejsupport.se: could not connect to host hekeki.com: could not connect to host hele.cz: did not receive HSTS header @@ -5923,7 +6461,7 @@ hellenicaward.com: did not receive HSTS header hello-nestor.com: did not receive HSTS header helloanselm.com: did not receive HSTS header hellofilters.com: could not connect to host -hellomouse.cf: did not receive HSTS header +hellomouse.cf: could not connect to host hellomouse.tk: could not connect to host hellotandem.com: could not connect to host hellothought.net: could not connect to host @@ -5931,7 +6469,11 @@ helloworldhost.com: did not receive HSTS header hellscanyonraft.com: did not receive HSTS header helpadmin.net: could not connect to host helpantiaging.com: could not connect to host +helpdebit.com: did not receive HSTS header helpekwendenihospital.com: could not connect to host +helpfacile.com: did not receive HSTS header +helpfixe.com: did not receive HSTS header +helpflux.com: did not receive HSTS header helpfute.com: did not receive HSTS header helpgerer.com: did not receive HSTS header helpium.de: could not connect to host @@ -5944,42 +6486,50 @@ hemlockhillscabinrentals.com: did not receive HSTS header hencagon.com: could not connect to host hendersonrealestatepros.com: did not receive HSTS header hendric.us: did not receive HSTS header +henhenlu.com: could not connect to host +henkbrink.com: could not connect to host henningkerstan.org: did not receive HSTS header henriknoerr.com: could not connect to host -hentai.design: could not connect to host +hentai.design: did not receive HSTS header hentaimaster.net: could not connect to host +hentaiz.net: could not connect to host hepteract.us: could not connect to host heptner24.de: could not connect to host her25.com: did not receive HSTS header herbertmouwen.nl: could not connect to host here.ml: could not connect to host here4funpartysolutions.ie: did not receive HSTS header -herecsrymy.cz: could not connect to host -heribe-maruo.com: could not connect to host -heritagedentistry.ca: could not connect to host +heribe-maruo.com: did not receive HSTS header +heritagedentistry.ca: did not receive HSTS header hermes-servizi.it: could not connect to host heroin.org.uk: could not connect to host -herpaderp.net: could not connect to host +herpaderp.net: did not receive HSTS header herramientasbazarot.com: did not receive HSTS header herrenfahrt.com: did not receive HSTS header +hesa.com: max-age too low: 0 hetmeisjeachterpauw.nl: could not connect to host hetmer.com: did not receive HSTS header hetmer.net: did not receive HSTS header heutger.net: did not receive HSTS header hex2013.com: did not receive HSTS header hexacon.io: could not connect to host -hexadecimal.tech: did not receive HSTS header +hexadecimal.tech: could not connect to host hexe.net: did not receive HSTS header hexhu.com: could not connect to host +hexo.io: did not receive HSTS header hexobind.com: could not connect to host heyguevara.com: did not receive HSTS header heywoodtown.co.uk: did not receive HSTS header hfbg.nl: did not receive HSTS header hfcbank.com.gh: could not connect to host hfi.me: did not receive HSTS header +hflsdev.org: could not connect to host hfu.io: could not connect to host +hg525.com: max-age too low: 86400 hg71839.com: could not connect to host hg881.com: could not connect to host +hgfa.fi: could not connect to host +hh-wolke.dedyn.io: did not receive HSTS header hi808.net: did not receive HSTS header hialatv.com: could not connect to host hibilog.com: could not connect to host @@ -5998,6 +6548,7 @@ highlandparkcog.org: did not receive HSTS header highseer.com: did not receive HSTS header highsurf-miyazaki.com: could not connect to host hightechgadgets.net: could not connect to host +hightimes.com: could not connect to host hightower.eu: could not connect to host highvelocitydesign.com: could not connect to host higp.de: did not receive HSTS header @@ -6007,7 +6558,6 @@ hijoan.com: could not connect to host hik-cloud.com: did not receive HSTS header hikagestudios.com: did not receive HSTS header hikariempire.com: could not connect to host -hikarukujo.com: could not connect to host hikinggearlab.com: did not receive HSTS header hilaolu.com: could not connect to host hilinemerchandising.com: did not receive HSTS header @@ -6021,42 +6571,43 @@ hingle.me: could not connect to host hinkel-sohn.de: did not receive HSTS header hinrich.de: did not receive HSTS header hintergedanken.com: could not connect to host -hintermeier-rae.at: could not connect to host +hintermeier-rae.at: did not receive HSTS header hipercultura.com: did not receive HSTS header hiphop.ren: could not connect to host hiphopconvention.nl: could not connect to host hipnos.net: did not receive HSTS header hipnoseinstitute.org: did not receive HSTS header -hiqhub.co.uk: could not connect to host hiraku.me: did not receive HSTS header +hireprofs.com: could not connect to host hiresuccessstaffing.com: did not receive HSTS header +hirevets.gov: did not receive HSTS header hirokilog.com: could not connect to host hisingenrunt.se: did not receive HSTS header histoire-theatre.com: did not receive HSTS header history.pe: could not connect to host hitchunion.org: could not connect to host hitoy.org: did not receive HSTS header -hitrek.ml: could not connect to host hittipps.com: could not connect to host hjes.com.ve: could not connect to host +hjf-immobilien.de: did not receive HSTS header +hjkhs.cn: did not receive HSTS header hknet.at: did not receive HSTS header hlacosedora.com: max-age too low: 7889238 -hloe0xff.ru: could not connect to host hlpublicidad.com: could not connect to host hlyue.com: did not receive HSTS header hm1ch.com: could not connect to host hm1ch.ovh: could not connect to host -hm773.net: did not receive HSTS header hmksq.ae: max-age too low: 7776000 hmm.nyc: could not connect to host hoast.xyz: could not connect to host hobaugh.social: could not connect to host hobby-gamerz-community.de: did not receive HSTS header -hochhaus.us: could not connect to host +hocassian.cn: did not receive HSTS header hochzeitshelferlein.de: did not receive HSTS header hodamakade.com: could not connect to host hodne.io: could not connect to host hoekwoningverkopen.nl: could not connect to host +hoelty.network: could not connect to host hoerbuecher-und-hoerspiele.de: could not connect to host hoeveiligismijn.nl: did not receive HSTS header hoffens.se: could not connect to host @@ -6065,37 +6616,39 @@ hogar123.es: could not connect to host hoiku-map.tokyo: could not connect to host hoiku-navi.com: did not receive HSTS header hoikuen-now.top: did not receive HSTS header +hokepon.com: did not receive HSTS header hokioisecurity.com: did not receive HSTS header holgerlehner.com: could not connect to host holidayincotswolds.co.uk: could not connect to host holifestival-freyung.de: could not connect to host holisticdrbright.com: max-age too low: 300 hollandguns.com: did not receive HSTS header +hollerau.de: could not connect to host holowaty.me: could not connect to host +holy-hi.com: did not receive HSTS header holymoly.lu: could not connect to host -holytransaction.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] homa.website: could not connect to host homads.com: did not receive HSTS header home-cloud.online: could not connect to host home-coaching.be: did not receive HSTS header home-craft.de: could not connect to host -home-v.ind.in: could not connect to host +home-work-jobs.com: did not receive HSTS header homeandyarddetailing.com: could not connect to host homeclouding.de: could not connect to host +homecoming.city: could not connect to host homedna.com: did not receive HSTS header homeexx.com: did not receive HSTS header -homefacialpro.com: did not receive HSTS header homegreenmark.com: did not receive HSTS header homeownersassociationmanagementla.com: did not receive HSTS header homeremodelingcontractorsca.com: did not receive HSTS header -homesandal.com: could not connect to host +homesandal.com: did not receive HSTS header homeseller.co.uk: could not connect to host homesfordinner.ca: could not connect to host homeyantra.com: did not receive HSTS header homezhi.com.tw: could not connect to host homoglyph.net: could not connect to host +honeybeard.co.uk: did not receive HSTS header honeytracks.com: could not connect to host -hong.io: could not connect to host hongyd.online: could not connect to host hongzhaxiaofendui.com: could not connect to host hongzu.cc: could not connect to host @@ -6109,11 +6662,13 @@ hoodoo.tech: could not connect to host hookandloom.com: did not receive HSTS header hookbin.com: could not connect to host hoopsacademyusa.com: could not connect to host +hooray.beer: could not connect to host hoovism.com: did not receive HSTS header -hoowhen.cn: could not connect to host +hopesb.org: did not receive HSTS header hopewellproperties.co.uk: did not receive HSTS header hopglass.eu: could not connect to host hopglass.net: could not connect to host +hopzone.net: could not connect to host horace.li: did not receive HSTS header horisonttimedia.fi: did not receive HSTS header horizonmoto.fr: did not receive HSTS header @@ -6142,13 +6697,14 @@ hotartup.com: could not connect to host hotchillibox.co.za: could not connect to host hotchoc.io: could not connect to host hotel-huberhof.at: did not receive HSTS header -hotel-rosner.at: did not receive HSTS header hotel-tongruben.de: max-age too low: 0 hotelaustria-wien.at: did not receive HSTS header hotelmadhuwanvihar.com: could not connect to host hotelvictoriaoax-mailing.com: did not receive HSTS header hotelvillahermosa-mailing.com: did not receive HSTS header hotelvue.nl: could not connect to host +hotjuice.com: could not connect to host +hotornot.com: could not connect to host hotpoint-training.com: did not receive HSTS header hottestwebcamgirls.org: could not connect to host houkago-step.com: did not receive HSTS header @@ -6163,18 +6719,22 @@ howtocuremysciatica.com: could not connect to host howtofreelance.com: did not receive HSTS header hozinga.de: could not connect to host hpctecnologias.com: did not receive HSTS header +hpeditor.tk: could not connect to host hpepub.asia: did not receive HSTS header +hpepub.com: did not receive HSTS header hpepub.org: could not connect to host hppub.info: could not connect to host hppub.org: could not connect to host hppub.site: could not connect to host hqhost.net: did not receive HSTS header +hqq.tv: could not connect to host +hquest.pro.br: could not connect to host +hqy.moe: did not receive HSTS header hr-intranet.com: could not connect to host hr-tech.store: could not connect to host hr98.tk: could not connect to host hrackydomino.cz: did not receive HSTS header hrfhomelottery.com: did not receive HSTS header -hrk.io: could not connect to host hrtech.store: could not connect to host hrtraining.com.au: did not receive HSTS header hschen.top: could not connect to host @@ -6192,24 +6752,24 @@ http418.xyz: could not connect to host httphacker.com: could not connect to host https-rulesets.org: could not connect to host https.ps: could not connect to host +https.ren: could not connect to host httpstatuscode418.xyz: could not connect to host httptest.net: could not connect to host +huang-haitao.com: could not connect to host huang.nu: could not connect to host huangguancq.com: could not connect to host huangh.com: could not connect to host -huangzenghao.cn: could not connect to host huangzenghao.com: could not connect to host huarongdao.com: did not receive HSTS header hubert.systems: did not receive HSTS header -hubertmoszka.pl: could not connect to host +hubertmoszka.pl: max-age too low: 0 hudhaifahgoga.co.za: could not connect to host hudingyuan.cn: could not connect to host hugocollignon.fr: could not connect to host -hugofs.com: did not receive HSTS header huiser.nl: could not connect to host hukaloh.com: could not connect to host hukkatavara.com: could not connect to host -humanexperiments.com: did not receive HSTS header +humanexperiments.com: could not connect to host humankode.com: did not receive HSTS header humblefinances.com: could not connect to host humeurs.net: could not connect to host @@ -6218,12 +6778,15 @@ hump.dk: could not connect to host humpi.at: could not connect to host humpteedumptee.in: did not receive HSTS header hunger.im: could not connect to host +hunqz.com: could not connect to host huntshomeinspections.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] huodongweb.com: could not connect to host huongquynh.com: could not connect to host hup.blue: did not receive HSTS header huskybutt.dog: could not connect to host huskyduvercors.com: did not receive HSTS header +hustle.com: did not receive HSTS header +hustle.life: did not receive HSTS header huwjones.me: could not connect to host huzu.com: did not receive HSTS header huzurmetal.net: could not connect to host @@ -6231,12 +6794,14 @@ hwcine.com: did not receive HSTS header hwpkasse.de: max-age too low: 2592000 hyakumachi.com: did not receive HSTS header hyatt.com: did not receive HSTS header +hybridiyhdistys.fi: could not connect to host +hybridklubben.fi: could not connect to host hybula.nl: could not connect to host hydai.co: could not connect to host hydra.ws: could not connect to host hydra.zone: could not connect to host +hydrabit.nl: did not receive HSTS header hydrante.ch: could not connect to host -hydrocloud.net: could not connect to host hydrodipcenter.nl: did not receive HSTS header hydronium.cf: could not connect to host hydronium.ga: could not connect to host @@ -6244,11 +6809,15 @@ hydronium.me: could not connect to host hydronium.ml: could not connect to host hydronium.tk: could not connect to host hydronyx.me: could not connect to host +hydrosight.com: did not receive HSTS header +hyeok.org: did not receive HSTS header hymerscollege.co.uk: max-age too low: 43200 hypa.net.au: did not receive HSTS header hyper-matrix.org: could not connect to host hyper69.com: could not connect to host hyperactive.am: could not connect to host +hyperporn.net: could not connect to host +hyperreal.info: could not connect to host hypnoresults.com.au: did not receive HSTS header hypnos.hu: did not receive HSTS header hypotheques24.ch: could not connect to host @@ -6257,12 +6826,12 @@ hyvive.com: could not connect to host hzh.pub: did not receive HSTS header hztgzz.com: could not connect to host i--b.com: did not receive HSTS header -i-aloks.ru: could not connect to host i-jp.net: could not connect to host -i-partners.sk: did not receive HSTS header +i-partners.sk: could not connect to host i-rickroll-n.pw: could not connect to host i-stats.net: could not connect to host i10z.com: could not connect to host +i28s.com: did not receive HSTS header i496.eu: could not connect to host i4m1k0su.com: could not connect to host i95.me: could not connect to host @@ -6270,10 +6839,11 @@ i9multiequipamentos.com.br: did not receive HSTS header iacono.com.br: did not receive HSTS header iadttaveras.com: could not connect to host iain.tech: did not receive HSTS header +iamle.com: max-age too low: 0 iamokay.nl: did not receive HSTS header iamreubin.co.uk: did not receive HSTS header iamsoareyou.se: could not connect to host -iamveto.com: could not connect to host +iamveto.com: did not receive HSTS header iapws.com: did not receive HSTS header iban.is: could not connect to host ibarf.nl: did not receive HSTS header @@ -6283,17 +6853,16 @@ ibestreview.com: did not receive HSTS header ibizatopcharter.com: did not receive HSTS header ibna.online: could not connect to host ibnuwebhost.com: could not connect to host -ibox.ovh: could not connect to host +ibox.ovh: did not receive HSTS header ibps.blog: did not receive HSTS header +ibpsrecruitment.co.in: could not connect to host ibron.co: could not connect to host ibsafrica.co.za: could not connect to host ibsglobal.co.za: could not connect to host -ibwin.com: max-age too low: 3600 icabanken.se: did not receive HSTS header icaforsakring.se: did not receive HSTS header icasnetwork.com: did not receive HSTS header -iccpublisher.com: could not connect to host -ice.xyz: could not connect to host +ice.xyz: did not receive HSTS header ice.yt: could not connect to host icebat.dyndns.org: could not connect to host icebound.cc: did not receive HSTS header @@ -6312,6 +6881,8 @@ icity.ly: did not receive HSTS header icloud.net: could not connect to host icnsoft.ga: did not receive HSTS header icntorrent.download: could not connect to host +ico500.com: did not receive HSTS header +icondoom.nl: did not receive HSTS header icpc.pp.ua: could not connect to host icpc2016.in.th: could not connect to host icreative.nl: did not receive HSTS header @@ -6320,8 +6891,7 @@ icusignature.com: could not connect to host icys2017.com: did not receive HSTS header id-co.in: could not connect to host id-conf.com: did not receive HSTS header -id.fedoraproject.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -idblab.tk: did not receive HSTS header +idblab.tk: could not connect to host idcrane.com: could not connect to host iddconnect.com: could not connect to host iddconnect.org: could not connect to host @@ -6329,7 +6899,7 @@ ideadozz.hu: could not connect to host ideal-envelopes.co.uk: did not receive HSTS header idealmoto.com: did not receive HSTS header idealmykonos.com: did not receive HSTS header -idealvenir.com: could not connect to host +idealvenir.com: did not receive HSTS header ideapaisajistas.es: did not receive HSTS header ideaplus.me: could not connect to host ideasenfoto.com: max-age too low: 604800 @@ -6341,16 +6911,19 @@ identity-hash.online: could not connect to host identitylabs.uk: could not connect to host identitysandbox.gov: could not connect to host idgsupply.com: did not receive HSTS header +idid.tk: could not connect to host idinby.dk: did not receive HSTS header idiopolis.org: could not connect to host +idiotentruppe.de: could not connect to host idisplay.es: could not connect to host idlekernel.com: could not connect to host idol-bikes.ru: could not connect to host -idontexist.me: could not connect to host +idontexist.me: did not receive HSTS header idsafe.co.za: could not connect to host idsoccer.com: did not receive HSTS header -idtheft.gov: could not connect to host +iec.pe: could not connect to host iemb.cf: could not connect to host +iemb.tk: could not connect to host ierna.com: did not receive HSTS header ies.id.lv: could not connect to host ievgenialehner.com: did not receive HSTS header @@ -6360,21 +6933,22 @@ ifad.org: did not receive HSTS header ifan.ch: could not connect to host ifastuniversity.com: did not receive HSTS header ifcfg.me: could not connect to host +ifconfig.co: did not receive HSTS header ifleurs.com: could not connect to host -ifreetion.cn: did not receive HSTS header ifx.ee: could not connect to host ifxnet.com: could not connect to host ifxor.com: could not connect to host iga-semi.jp: could not connect to host igamingforums.com: could not connect to host -igd.chat: could not connect to host +igd.chat: did not receive HSTS header igforums.com: could not connect to host igi.codes: did not receive HSTS header igiftcards.nl: did not receive HSTS header +ignace72.eu: could not connect to host ignatisd.gr: did not receive HSTS header ignatovich.by: could not connect to host +igshpa.org: max-age too low: 0 igule.net: could not connect to host -ihoey.com: could not connect to host ihongzu.com: could not connect to host ihotel.io: did not receive HSTS header ihrlotto.de: could not connect to host @@ -6384,12 +6958,11 @@ ihsbsd.tk: could not connect to host ihzys.com: could not connect to host iide.co: did not receive HSTS header iideaz.org: could not connect to host -iilin.com: could not connect to host -iiong.com: did not receive HSTS header iispeed.com: did not receive HSTS header ijn-dd.nl: could not connect to host ijoda.com: could not connect to host ik-life.com: did not receive HSTS header +ike.io: did not receive HSTS header ikenmeyer.com: could not connect to host ikenmeyer.eu: could not connect to host ikocik.sk: could not connect to host @@ -6401,17 +6974,19 @@ ilbuongiorno.it: did not receive HSTS header ildomani.it: did not receive HSTS header ileat.com: could not connect to host ilgi.work: could not connect to host -ilhansubasi.com: did not receive HSTS header -ilii.me: did not receive HSTS header +ilii.me: could not connect to host ilikerainbows.co: could not connect to host ilikerainbows.co.uk: could not connect to host ilikfreshweedstores.com: did not receive HSTS header ilmconpm.de: could not connect to host iloilofit.org: did not receive HSTS header ilona.graphics: did not receive HSTS header +iltec-prom.ru: could not connect to host iluvscotland.co.uk: did not receive HSTS header im-design.com.ua: did not receive HSTS header image.tf: could not connect to host +imagecurl.com: could not connect to host +imagecurl.org: could not connect to host imaginarymakings.me: could not connect to host imakepoems.net: could not connect to host imanhearts.com: did not receive HSTS header @@ -6426,11 +7001,10 @@ imfromthefuture.com: did not receive HSTS header img.ovh: could not connect to host imgencrypt.com: could not connect to host imgul.net: could not connect to host -imgup.co: did not receive HSTS header +imguoguo.com: could not connect to host imim.pw: could not connect to host imjiangtao.com: did not receive HSTS header imlinan.cn: could not connect to host -imlinan.com: could not connect to host imlinan.info: could not connect to host imlinan.net: could not connect to host immanuel60.hu: did not receive HSTS header @@ -6441,7 +7015,7 @@ immortals-co.com: did not receive HSTS header immoverkauf24.at: did not receive HSTS header immoverkauf24.de: did not receive HSTS header immunicity.cc: could not connect to host -immunicity.date: did not receive HSTS header +immunicity.date: could not connect to host immunicity.eu: did not receive HSTS header immunicity.host: could not connect to host immunicity.info: could not connect to host @@ -6449,33 +7023,36 @@ immunicity.online: could not connect to host immunicity.press: could not connect to host immunicity.rocks: could not connect to host immunicity.st: did not receive HSTS header -immunicity.today: max-age too low: 0 +immunicity.today: could not connect to host immunicity.top: could not connect to host immunicity.win: could not connect to host immunicity.works: could not connect to host immunicity.world: could not connect to host imoe.ac.cn: did not receive HSTS header imolug.org: did not receive HSTS header +imoner.com: could not connect to host imoner.ga: could not connect to host imoni-blog.net: could not connect to host imoto.me: could not connect to host imperdintechnologies.com: could not connect to host imperialonlinestore.com: did not receive HSTS header imperialwebsolutions.com: did not receive HSTS header -implicitdenial.com: could not connect to host +implicitdenial.com: did not receive HSTS header +imprenta-es.com: did not receive HSTS header improvingwp.com: could not connect to host impulse-clan.de: could not connect to host imrejonk.nl: could not connect to host imu.li: did not receive HSTS header imusic.dk: did not receive HSTS header imy.life: could not connect to host +imyrs.cn: could not connect to host inandeyes.com: did not receive HSTS header inb4.us: could not connect to host inbox.li: did not receive HSTS header inboxen.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] incendiary-arts.com: could not connect to host inceptionradionetwork.com: could not connect to host -inche-ali.com: did not receive HSTS header +inche-ali.com: could not connect to host inchomatic.com: did not receive HSTS header increasetestosteronelevels.org: could not connect to host inderagamono.net: could not connect to host @@ -6485,17 +7062,18 @@ indieethos.com: did not receive HSTS header indiemods.com: could not connect to host indien.guide: could not connect to host indilens.com: did not receive HSTS header +indiroyunu.com: did not receive HSTS header indoorskiassen.nl: did not receive HSTS header +indostar303.com: did not receive HSTS header indredouglas.me: could not connect to host industreiler.com: could not connect to host industreiler.com.br: could not connect to host +industriasrenova.com: could not connect to host industrybazar.com: max-age too low: 2592000 ineed.com.mt: could not connect to host -inetpub.cn: could not connect to host inexlog.fr: could not connect to host inexpensivecomputers.net: could not connect to host -infcof.com: could not connect to host -inference.biz.tr: could not connect to host +infcof.com: did not receive HSTS header infilock.com: could not connect to host infinether.net: could not connect to host infinitiofmarinparts.com: could not connect to host @@ -6506,12 +7084,14 @@ infinitusgaming.eu: could not connect to host infinity-freedom.com: could not connect to host infinity-freedom.de: could not connect to host infinity-lifestyle.de: could not connect to host +infinitybas.com: could not connect to host +infinityepos.co.uk: could not connect to host inflate-a-bubbles.co.uk: did not receive HSTS header inflation.ml: could not connect to host -influo.com: did not receive HSTS header influxus.com: could not connect to host info-bay.com: could not connect to host info-sys.tk: could not connect to host +infoamin.com: could not connect to host infoduv.fr: did not receive HSTS header infopagina.es: did not receive HSTS header inforichjapan.com: did not receive HSTS header @@ -6524,13 +7104,15 @@ infosoph.org: could not connect to host infotics.es: did not receive HSTS header infovae-idf.com: did not receive HSTS header infoworm.org: could not connect to host -infranium.info: did not receive HSTS header +infranium.info: could not connect to host infranix.eu: max-age too low: 7360000 +infrarank.com: could not connect to host infruction.com: could not connect to host infura.co.th: could not connect to host ingalabs.hu: could not connect to host +ingalls.run: could not connect to host ingesol.fr: did not receive HSTS header -ingresscode.cn: could not connect to host +ingresscode.cn: did not receive HSTS header inhelix.com: could not connect to host inhive.group: did not receive HSTS header iniiter.com: could not connect to host @@ -6544,6 +7126,7 @@ injust.gq: could not connect to host injust.me: could not connect to host injust.ml: could not connect to host injust.tk: could not connect to host +inkbunny.net: could not connect to host inked-guy.de: could not connect to host inkedguy.de: could not connect to host inkstory.gr: did not receive HSTS header @@ -6551,13 +7134,16 @@ inksupply.com: did not receive HSTS header inku.ovh: did not receive HSTS header inkvisual.tk: could not connect to host inleaked.com: could not connect to host +innerform.com: could not connect to host innit.be: could not connect to host innophate-security.nl: could not connect to host innovamag.ca: did not receive HSTS header innovativebuildingsolutions.co.za: could not connect to host innovativeideaz.org: could not connect to host -inobun.jp: could not connect to host +innoventure.de: did not receive HSTS header +innovum.cz: did not receive HSTS header inondation.ch: could not connect to host +inorder.website: could not connect to host inox.io: did not receive HSTS header inoxio.com: did not receive HSTS header inoxio.de: did not receive HSTS header @@ -6568,6 +7154,7 @@ insane.zone: could not connect to host inschrijfformulier.com: could not connect to host inscript.pl: did not receive HSTS header insideofgaming.de: could not connect to host +insidethefirewall.tk: could not connect to host insite-feedback.com: could not connect to host insouciant.org: could not connect to host inspirationconcepts.nl: did not receive HSTS header @@ -6576,12 +7163,17 @@ inspiroinc.com: could not connect to host inst.mobi: did not receive HSTS header instacart.com: did not receive HSTS header instant-hack.com: did not receive HSTS header +instant-hack.io: could not connect to host instantdev.io: could not connect to host +instantsubs.de: did not receive HSTS header +instaquiz.ru: could not connect to host instasex.ch: could not connect to host +institutmaupertuis.hopto.org: could not connect to host institutoflordelavida.com: could not connect to host institutulcultural.ro: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] instruktor.io: could not connect to host insurance: could not connect to host +insurethebox.tk: could not connect to host int-ext-design.fr: could not connect to host integrationinc.com: did not receive HSTS header integrityingovernmentidaho.com: could not connect to host @@ -6592,33 +7184,36 @@ intelbet.ro: did not receive HSTS header intelldynamics.com: could not connect to host intelliance.eu: could not connect to host interboursegeneva.ch: did not receive HSTS header -interference.io: could not connect to host +interference.io: did not receive HSTS header +interfug.de: did not receive HSTS header intergenx.co.uk: could not connect to host intergenx.com: could not connect to host intergenx.org: could not connect to host intergenx.org.uk: could not connect to host interhosts.co.za: could not connect to host interim-cto.de: could not connect to host +interiorcheapo.com: could not connect to host interiorprofesional.com.ar: max-age too low: 604800 interleucina.org: did not receive HSTS header interlocal.co.uk: could not connect to host interlun.com: could not connect to host intermezzo-emmerich.de: did not receive HSTS header intermezzo-emmerich.nl: did not receive HSTS header +internacao.com: did not receive HSTS header internaldh.com: could not connect to host -internet-aukcion.info: could not connect to host +internaut.co.za: did not receive HSTS header internet-pornografie.de: did not receive HSTS header internetbugbounty.org: did not receive HSTS header internetcasinos.de: could not connect to host internetcensus.org: could not connect to host internetdentalalliance.com: did not receive HSTS header internetradiocharts.de: did not receive HSTS header -internetstaff.com: could not connect to host internshipandwork.com: did not receive HSTS header internshipandwork.ru: did not receive HSTS header interociter-enterprises.com: could not connect to host intersectraven.net: did not receive HSTS header interspot.nl: could not connect to host +interstellarhyperdrive.com: did not receive HSTS header interviewpipeline.co.uk: could not connect to host intervisteperstrada.com: could not connect to host intexplore.org: could not connect to host @@ -6626,12 +7221,9 @@ intim-uslugi-kazan.net: could not connect to host intimateperrierjouet.com: could not connect to host intimici.com.br: could not connect to host intimtoy.com.ua: could not connect to host -intocities.de: did not receive HSTS header intranetsec.fr: could not connect to host introvertedtravel.space: max-age too low: 0 -intrp.net: did not receive HSTS header -intune.life: could not connect to host -intxt.net: could not connect to host +intrp.net: could not connect to host invenio.software: could not connect to host inverselink.com: could not connect to host investcountry.com: could not connect to host @@ -6641,6 +7233,7 @@ investnext.com: max-age too low: 43200 invictusmc.uk: could not connect to host invinsec.cloud: did not receive HSTS header invinsec.com: max-age too low: 86400 +invis.net: could not connect to host invite24.pro: could not connect to host invuelto.com: did not receive HSTS header iodice.org: did not receive HSTS header @@ -6649,12 +7242,11 @@ ioiart.eu: could not connect to host iolife.dk: could not connect to host ionas-law.ro: did not receive HSTS header ionc.ca: could not connect to host -ionote.me: could not connect to host iop.intuit.com: max-age too low: 86400 iora.fr: could not connect to host iosmods.com: did not receive HSTS header -iossifovlab.com: could not connect to host iostips.ru: could not connect to host +iotfen.com: could not connect to host iotsms.io: could not connect to host ip-life.net: did not receive HSTS header ip.or.at: could not connect to host @@ -6663,6 +7255,7 @@ ipbill.org.uk: could not connect to host ipcfg.me: could not connect to host ipfp.pl: did not receive HSTS header iphonechina.net: could not connect to host +iplantom.com: could not connect to host iplife.cn: could not connect to host iplog.info: could not connect to host ipmimagazine.com: did not receive HSTS header @@ -6670,6 +7263,7 @@ ipmotion.ca: could not connect to host ipnetworking.net: could not connect to host ipo-times.com: did not receive HSTS header ipop.gr: did not receive HSTS header +iposm.net: could not connect to host iprice.co.id: did not receive HSTS header iprice.hk: did not receive HSTS header iprice.my: did not receive HSTS header @@ -6677,6 +7271,7 @@ iprice.ph: did not receive HSTS header iprice.sg: did not receive HSTS header iprice.vn: did not receive HSTS header ipricethailand.com: did not receive HSTS header +iprody.com: could not connect to host ipsilon-project.org: did not receive HSTS header iptel.ro: could not connect to host ipuservicedesign.com: could not connect to host @@ -6690,20 +7285,19 @@ ir-saitama.com: could not connect to host iran-poll.org: could not connect to host iranianlawschool.com: could not connect to host iraqidinar.org: did not receive HSTS header -irazimina.ru: did not receive HSTS header +irazimina.ru: could not connect to host irccloud.com: did not receive HSTS header -ircmett.de: could not connect to host -ireef.tv: could not connect to host irelandesign.com: could not connect to host irinkeby.nu: could not connect to host -irische-segenswuensche.info: did not receive HSTS header +irische-segenswuensche.info: could not connect to host irisdina.de: could not connect to host irishmusic.nu: could not connect to host irland.guide: could not connect to host irmag.ru: did not receive HSTS header irmtrudjurke.de: did not receive HSTS header irodorinet.com: max-age too low: 0 -iron-guard.net: could not connect to host +iron-guard.net: did not receive HSTS header +ironhide.de: did not receive HSTS header irstaxforumsonline.com: did not receive HSTS header irugs.ch: did not receive HSTS header irugs.co.uk: did not receive HSTS header @@ -6720,13 +7314,13 @@ isaackabel.tk: could not connect to host ischool.co.jp: did not receive HSTS header isdf.me: could not connect to host isdown.cz: could not connect to host -isef-eg.com: could not connect to host +isef-eg.com: did not receive HSTS header iserv.fr: did not receive HSTS header iseulde.com: did not receive HSTS header -isfriday.com: could not connect to host ishadowsocks.ltd: could not connect to host ishillaryclintoninprisonyet.com: could not connect to host ishome.org: could not connect to host +isidom.fr: did not receive HSTS header isipulsa.web.id: did not receive HSTS header isisfighters.info: could not connect to host isitamor.pm: could not connect to host @@ -6735,36 +7329,39 @@ iskai.net: did not receive HSTS header islandinthenet.com: did not receive HSTS header islandoilsupply.com: max-age too low: 300 islandpumpandtank.com: did not receive HSTS header -islandzero.net: could not connect to host +islandzero.net: did not receive HSTS header +islief.com: could not connect to host isntall.us: did not receive HSTS header isocom.eu: could not connect to host isoface33.fr: did not receive HSTS header isogen5.com: could not connect to host -isognattori.com: could not connect to host isogram.nl: did not receive HSTS header isoroc-nidzica.pl: could not connect to host ispringcloud.ru: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] issala.org: did not receive HSTS header isscouncil.com: could not connect to host isslshop.com: could not connect to host -issue.watch: could not connect to host -istanbul.systems: did not receive HSTS header +istanbul.systems: could not connect to host istanbultravelguide.info: could not connect to host istaspirtslietas.lv: did not receive HSTS header -istgame.com: could not connect to host +istgame.com: did not receive HSTS header +istheapplestoredown.com: did not receive HSTS header isthefieldcontrolsystemdown.com: could not connect to host istherrienstillcoach.com: could not connect to host it-cave.com: could not connect to host it-go.net: did not receive HSTS header +it-kron.de: did not receive HSTS header it-labor.info: did not receive HSTS header it-schwerin.de: could not connect to host itad.top: could not connect to host itchimes.com: did not receive HSTS header +itchy.nl: could not connect to host itechgeek.com: max-age too low: 0 items.lv: did not receive HSTS header itemton.com: could not connect to host itfaq.nl: did not receive HSTS header itfensi.net: max-age too low: 6307200 +itforcc.com: did not receive HSTS header itinsight.hu: did not receive HSTS header itisjustnot.cricket: could not connect to host itmanie.cz: could not connect to host @@ -6772,6 +7369,7 @@ itos.asia: did not receive HSTS header itos.pl: did not receive HSTS header itpol.dk: did not receive HSTS header itpro-mg.de: could not connect to host +itproject.guru: did not receive HSTS header itriskltd.com: did not receive HSTS header its-schindler.de: could not connect to host its-v.de: could not connect to host @@ -6779,11 +7377,12 @@ itsadog.co.uk: did not receive HSTS header itsagadget.com: did not receive HSTS header itsamurai.ru: max-age too low: 2592000 itsatrap.nl: could not connect to host +itsblue.de: could not connect to host itsecurityassurance.pw: could not connect to host itsg-faq.de: could not connect to host +itshka.rv.ua: max-age too low: 604800 itshost.ru: could not connect to host itsmejohn.org: could not connect to host -itspawned.com: max-age too low: 200 itsupport-luzern.ch: could not connect to host itu2015.de: could not connect to host ius.io: did not receive HSTS header @@ -6796,7 +7395,6 @@ ivi.es: max-age too low: 0 ivk.website: could not connect to host ivklombard.ru: did not receive HSTS header ivyshop.com.br: could not connect to host -ivystech.com: could not connect to host iwannarefill.com: could not connect to host iwex.swiss: could not connect to host iwilcox.me.uk: could not connect to host @@ -6817,32 +7415,36 @@ j-lsolutions.com: could not connect to host j-rickroll-a.pw: could not connect to host j0ng.xyz: could not connect to host j15t98j.co.uk: did not receive HSTS header -ja-publications.agency: did not receive HSTS header ja-publications.com: did not receive HSTS header jaan.su: could not connect to host -jaaxypro.com: did not receive HSTS header -jabbas.eu: could not connect to host +jaaxypro.com: could not connect to host jackalworks.com: could not connect to host jackdoan.com: did not receive HSTS header jackfahnestock.com: could not connect to host jackops.com: could not connect to host jackyyf.com: could not connect to host -jacobparry.ca: could not connect to host +jacobparry.ca: max-age too low: 0 jacobsenarquitetura.com: max-age too low: 5184000 +jadopado.com: could not connect to host jaepinformatica.com: did not receive HSTS header jagido.de: did not receive HSTS header jahliveradio.com: could not connect to host jaimechanaga.com: could not connect to host jaion.ml: could not connect to host +jak-na-les.cz: could not connect to host +jakenbake.com: could not connect to host jakewalker.xyz: could not connect to host jakincode.army: could not connect to host jaksel.id: could not connect to host jaksi.io: did not receive HSTS header +jakubtopic.cz: could not connect to host jamanji.com.ng: could not connect to host +jamaware.org: did not receive HSTS header james-parker.com: did not receive HSTS header james.je: could not connect to host jamesandanneke.com: did not receive HSTS header jamesandpame.la: could not connect to host +jamesbradach.com: did not receive HSTS header jamesburton.london: could not connect to host jamesbywater.co.uk: could not connect to host jamesbywater.com: could not connect to host @@ -6850,7 +7452,7 @@ jamesbywater.me: could not connect to host jamesbywater.me.uk: could not connect to host jamesbywater.uk: could not connect to host jamesconroyfinn.com: did not receive HSTS header -jamescostian.com: did not receive HSTS header +jamescostian.com: max-age too low: 0 jamesdoell.com: could not connect to host jamesdoylephoto.com: did not receive HSTS header jamesevans.is: could not connect to host @@ -6858,15 +7460,16 @@ jamesf.xyz: could not connect to host jamesforman.co.nz: did not receive HSTS header jameshale.me: did not receive HSTS header jamesheald.com: could not connect to host +jamesl.ml: could not connect to host jamesmaurer.com: did not receive HSTS header +jamesrains.com: could not connect to host jameswarp.com: could not connect to host -jami.am: did not receive HSTS header +jami.am: max-age too low: 0 jamourtney.com: could not connect to host jamyeprice.com: did not receive HSTS header jan-cermak.cz: did not receive HSTS header jan-daniels.de: did not receive HSTS header jan27.org: did not receive HSTS header -janada.cz: could not connect to host janario.me: could not connect to host jangho.me: could not connect to host jangocloud.tk: could not connect to host @@ -6878,6 +7481,8 @@ janmg.com: could not connect to host janosh.com: did not receive HSTS header janssen.fm: could not connect to host janus-engineering.de: did not receive HSTS header +janvari.com: could not connect to host +janvaribalint.com: could not connect to host janverlaan.nl: did not receive HSTS header jap-nope.de: did not receive HSTS header japan4you.org: could not connect to host @@ -6885,22 +7490,24 @@ japanbaths.com: could not connect to host japaneseemoticons.org: did not receive HSTS header japanesenames.biz: did not receive HSTS header japangids.nl: could not connect to host +japanphilosophy.com: did not receive HSTS header +japansm.com: could not connect to host japanwide.net: could not connect to host japaripark.com: could not connect to host japlex.com: could not connect to host jaqen.ch: could not connect to host jardins-utopie.net: could not connect to host jaredbates.net: did not receive HSTS header -jarivisual.com: did not receive HSTS header jarnail.ca: could not connect to host -jaroslavc.eu: did not receive HSTS header jaroslavtrsek.cz: did not receive HSTS header +jarrodcastaing.com: did not receive HSTS header +jarrodcastaing.com.au: did not receive HSTS header jarsater.com: could not connect to host jartza.org: could not connect to host jasmineconseil.com: did not receive HSTS header jasoncosper.com: did not receive HSTS header jasonradin.com: did not receive HSTS header -jasonrobinson.me: max-age too low: 60 +jasonrobinson.me: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] jasonroe.me: did not receive HSTS header jasonwindholz.com: could not connect to host jastoria.pl: did not receive HSTS header @@ -6911,12 +7518,14 @@ javachip.win: could not connect to host javan.ga: could not connect to host javascriptlab.fr: could not connect to host javelinsms.com: could not connect to host +javfree.me: could not connect to host javiermixdjs.com: did not receive HSTS header javilacat.info: could not connect to host jawn.ca: could not connect to host jawnelodzkie.org.pl: could not connect to host jaxageto.de: did not receive HSTS header jayblock.com: did not receive HSTS header +jayf.de: could not connect to host jayharris.ca: could not connect to host jaylen.com.ar: did not receive HSTS header jayna.design: did not receive HSTS header @@ -6931,6 +7540,7 @@ jbfp.dk: could not connect to host jbj.co.uk: did not receive HSTS header jbn.mx: could not connect to host jbrowndesign.me: did not receive HSTS header +jcaicedo.tk: could not connect to host jccars-occasions.be: could not connect to host jcch.de: could not connect to host jccrew.org: could not connect to host @@ -6939,9 +7549,8 @@ jcolideles.com: could not connect to host jcom-communication-system.biz: could not connect to host jcor.me: could not connect to host jcoscia.com: could not connect to host -jcraft.us: did not receive HSTS header +jcraft.us: could not connect to host jctf.io: could not connect to host -jcyz.cf: could not connect to host jdav-leipzig.de: could not connect to host jdcdirectsales.com.ph: could not connect to host jdfk.net: could not connect to host @@ -6953,7 +7562,6 @@ jebengotai.com: did not receive HSTS header jecho.cn: could not connect to host jeff.is: did not receive HSTS header jeff393.com: could not connect to host -jeffanderson.me: could not connect to host jeffersonregan.org: could not connect to host jeffhuxley.com: could not connect to host jeffreymagee.com: did not receive HSTS header @@ -6964,10 +7572,12 @@ jellow.nl: did not receive HSTS header jemoticons.com: did not receive HSTS header jenjoit.de: could not connect to host jennifercherniack.com: did not receive HSTS header +jennybeaned.com: did not receive HSTS header jens-prangenberg.de: did not receive HSTS header jens.hk: could not connect to host jensenbanden.no: could not connect to host jenssen.org: did not receive HSTS header +jeremyc.ca: could not connect to host jeremye77.com: did not receive HSTS header jeremymade.com: did not receive HSTS header jeremywagner.me: did not receive HSTS header @@ -6975,6 +7585,7 @@ jermann.biz: did not receive HSTS header jeroldirvin.com: did not receive HSTS header jerrypau.ca: could not connect to host jesorsenville.com: did not receive HSTS header +jessevictors.com: could not connect to host jessicah.org: could not connect to host jesuisformidable.nl: could not connect to host jesuslucas.com: did not receive HSTS header @@ -6983,7 +7594,7 @@ jetlagphotography.com: could not connect to host jeton.com: did not receive HSTS header jetsetcharge.com: could not connect to host jetsetpay.com: could not connect to host -jettravel.com.mt: did not receive HSTS header +jettravel.com.mt: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] jettshome.org: could not connect to host jetzt-elektromobil.de: could not connect to host jevisite.ca: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] @@ -6999,10 +7610,10 @@ jhburton.uk: could not connect to host jhcommunitysports.co.uk: could not connect to host jhejderup.me: could not connect to host jhermsmeier.de: could not connect to host +jhollandtranslations.com: could not connect to host jia1hao.com: could not connect to host jiaidu.com: could not connect to host jiangzequn.com: could not connect to host -jiangzm.com: did not receive HSTS header jianjiantv.com: could not connect to host jiaqiang.vip: could not connect to host jichi.me: could not connect to host @@ -7015,17 +7626,16 @@ jimas.eu: did not receive HSTS header jimenacocina.com: did not receive HSTS header jimgao.tk: did not receive HSTS header jimmehcai.com: could not connect to host -jinancy.fr: could not connect to host jingyuesi.com: could not connect to host +jinliming.ml: could not connect to host jinmaguoji.com: could not connect to host -jinshavip.com: could not connect to host +jinshavip.com: did not receive HSTS header jiosongs.com: did not receive HSTS header jira.com: did not receive HSTS header jirav.io: could not connect to host -jiripudil.cz: could not connect to host jisaku-homepage.com: did not receive HSTS header +jitlab.org: could not connect to host jitsi.org: did not receive HSTS header -jixun.moe: did not receive HSTS header jiyue.com: did not receive HSTS header jiyuu-ni.com: could not connect to host jiyuu-ni.net: could not connect to host @@ -7035,28 +7645,29 @@ jkb.pics: could not connect to host jkbuster.com: could not connect to host jkng.eu: could not connect to host jko.works: could not connect to host -jkyuan.tk: did not receive HSTS header jlhmedia.com: did not receive HSTS header jm06.com: did not receive HSTS header jm22.com: could not connect to host jmb.lc: could not connect to host jmdekker.it: could not connect to host -jmvbmx.ch: did not receive HSTS header +jmvbmx.ch: could not connect to host jn1.me: did not receive HSTS header +jncde.de: could not connect to host +jncie.de: could not connect to host +jncip.de: could not connect to host joacimeldre.com: did not receive HSTS header joakimalgroy.com: could not connect to host joaquimgoliveira.pt: could not connect to host -job-offer.de: could not connect to host -job.biz.tr: could not connect to host jobers.ch: did not receive HSTS header jobers.pt: did not receive HSTS header jobflyapp.com: could not connect to host jobmedic.com: could not connect to host jobshq.com: did not receive HSTS header +jobss.co.uk: could not connect to host jobtestprep.de: max-age too low: 0 jobtestprep.dk: max-age too low: 0 jobtestprep.fr: max-age too low: 0 -jobtestprep.it: could not connect to host +jobtestprep.it: did not receive HSTS header jobtestprep.nl: max-age too low: 0 jobtestprep.se: max-age too low: 0 jodel.ninja: could not connect to host @@ -7070,7 +7681,7 @@ joetyson.io: could not connect to host johannaojanen.com: could not connect to host johannes-bugenhagen.de: did not receive HSTS header johannes-sprink.de: could not connect to host -johannesen.tv: could not connect to host +johansf.tech: could not connect to host johnbrownphotography.ch: did not receive HSTS header johncardell.com: did not receive HSTS header johners.me: could not connect to host @@ -7078,7 +7689,7 @@ johngaltgroup.com: did not receive HSTS header johnhgaunt.com: did not receive HSTS header johnrom.com: could not connect to host johnsanchez.io: could not connect to host -johnsonho.net: did not receive HSTS header +johnsiu.com: could not connect to host johntomasowa.com: could not connect to host johnverkerk.com: could not connect to host jointoweb.com: could not connect to host @@ -7098,7 +7709,9 @@ jonsno.ws: could not connect to host joostbovee.nl: did not receive HSTS header jooto.com: did not receive HSTS header jopl.org: did not receive HSTS header +jordankirby.co.uk: could not connect to host jordanp.engineer: could not connect to host +jordanscorporatelaw.com: could not connect to host jordanstrustcompany.cn: could not connect to host jordanstrustcompany.ru: could not connect to host jordikroon.nl: could not connect to host @@ -7108,6 +7721,7 @@ jornadasciberdefensa2016.es: could not connect to host jorovik.com: did not receive HSTS header jorrit.info: max-age too low: 0 josahrens.me: could not connect to host +josc.com.au: could not connect to host joseaveleira.es: did not receive HSTS header josecage.com: could not connect to host josefottosson.se: max-age too low: 2592000 @@ -7119,6 +7733,7 @@ joto.de: did not receive HSTS header jotpics.com: could not connect to host jottit.com: could not connect to host journalof.tech: could not connect to host +joworld.net: could not connect to host joyceclerkx.com: could not connect to host joyjohnston.ca: did not receive HSTS header joyqi.com: did not receive HSTS header @@ -7126,7 +7741,7 @@ jpaglier.com: could not connect to host jpbike.cz: did not receive HSTS header jpcrochetapparel.com: could not connect to host jpeaches.xyz: could not connect to host -jpod.cc: could not connect to host +jpgangbang.com: could not connect to host jproxx.com: did not receive HSTS header jptun.com: could not connect to host jrgold.me: could not connect to host @@ -7138,6 +7753,7 @@ jsbentertainment.nl: could not connect to host jsbevents.nl: could not connect to host jsblights.nl: could not connect to host jsc7776.com: did not receive HSTS header +jschoi.org: did not receive HSTS header jsg-technologies.de: did not receive HSTS header jsjyhzy.cc: could not connect to host json-viewer.com: did not receive HSTS header @@ -7147,11 +7763,14 @@ ju1ro.de: did not receive HSTS header jualautoclave.com: did not receive HSTS header jualssh.com: could not connect to host juandesouza.com: did not receive HSTS header +juanhub.com: did not receive HSTS header juchheim-methode.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +judge2020.com: did not receive HSTS header juiced.gs: did not receive HSTS header juka.pp.ua: could not connect to host juku-info.top: did not receive HSTS header julegoerke.de: did not receive HSTS header +julenlanda.com: could not connect to host juliamweber.de: could not connect to host julian-kipka.de: did not receive HSTS header julian-witusch.de: could not connect to host @@ -7171,52 +7790,52 @@ junaos.com: did not receive HSTS header junaos.xyz: did not receive HSTS header jundimax.com.br: could not connect to host junge-selbsthilfe.info: could not connect to host +jungleculture.co.za: could not connect to host junglegoat.xyz: did not receive HSTS header juniwalk.cz: could not connect to host junjung.me: could not connect to host junqtion.com: could not connect to host -jupp0r.de: did not receive HSTS header -juridiqueo.com: could not connect to host -juristas.com.br: did not receive HSTS header -juristeo.com: could not connect to host +jupp0r.de: could not connect to host +juridiqueo.com: did not receive HSTS header +juristeo.com: did not receive HSTS header jurke.com: did not receive HSTS header jurko.cz: could not connect to host just-pools.co.za: could not connect to host just2trade.com: did not receive HSTS header -justanothercompany.name: could not connect to host justiceforfathers.com: did not receive HSTS header -justiceo.org: could not connect to host -justin-tech.com: could not connect to host +justiceo.org: did not receive HSTS header justinlemay.com: could not connect to host justinrudio.com: did not receive HSTS header justlikethat.hosting: did not receive HSTS header justmy.website: did not receive HSTS header justnaw.co.uk: could not connect to host justonce.net: could not connect to host +justsome.info: did not receive HSTS header justudin.com: did not receive HSTS header justwood.cz: did not receive HSTS header justzz.xyz: could not connect to host jutella.de: did not receive HSTS header juul.xyz: could not connect to host +juventusclublugano.ch: could not connect to host juventusmania1897.com: could not connect to host juwairen.cn: could not connect to host jvn.com: did not receive HSTS header jvoice.net: could not connect to host jwilsson.me: could not connect to host jwolt-lx.com: could not connect to host +jxir.de: could not connect to host jxm.in: could not connect to host -jysperm.me: did not receive HSTS header +jysperm.me: could not connect to host jznet.org: could not connect to host k-dev.de: could not connect to host k-rickroll-g.pw: could not connect to host -k-wallet.com: did not receive HSTS header +k-wallet.com: could not connect to host k1cp.com: could not connect to host k38.cc: max-age too low: 3600 ka-clan.com: could not connect to host kaanduman.com: could not connect to host -kaasbesteld.nl: did not receive HSTS header kaasbijwijn.nl: did not receive HSTS header -kabinapp.com: could not connect to host +kabinapp.com: did not receive HSTS header kabuabc.com: could not connect to host kackscharf.de: could not connect to host kadioglumakina.com.tr: did not receive HSTS header @@ -7226,6 +7845,7 @@ kahopoon.net: could not connect to host kai.cool: did not receive HSTS header kaika-facilitymanagement.de: could not connect to host kaika-hms.de: did not receive HSTS header +kainetsoft.com: could not connect to host kainz.bayern: could not connect to host kainz.be: could not connect to host kaisers.de: did not receive HSTS header @@ -7239,7 +7859,6 @@ kaleidoskop-freiburg.de: did not receive HSTS header kalender.goip.de: could not connect to host kalilinux.tech: could not connect to host kaloix.de: could not connect to host -kamagra-comprare.it: max-age too low: 600 kamalame.co: could not connect to host kambodja.guide: could not connect to host kamcvicit.sk: could not connect to host @@ -7258,10 +7877,12 @@ kanganer.com: could not connect to host kangzaber.com: could not connect to host kaniklani.co.za: did not receive HSTS header kanmitao.com: could not connect to host +kanotijd.nl: could not connect to host kanr.in: could not connect to host kanscooking.org: could not connect to host kantorad.io: could not connect to host -kanuvu.de: could not connect to host +kantv1.com: could not connect to host +kanuvu.de: did not receive HSTS header kanzlei-wirtschaftsrecht.berlin: max-age too low: 600000 kaohub.com: could not connect to host kaomojis.net: did not receive HSTS header @@ -7272,7 +7893,6 @@ kappit.dk: could not connect to host kapucini.si: max-age too low: 0 kaputt.com: could not connect to host kapverde.guide: could not connect to host -karaface.com: could not connect to host karamna.com: could not connect to host karaoketonight.com: could not connect to host karatekit.co.uk: did not receive HSTS header @@ -7280,14 +7900,17 @@ karatorian.org: did not receive HSTS header karjala-ski.ru: could not connect to host karloskontana.tk: could not connect to host karlproctor.co.uk: could not connect to host +karlstabo.se: max-age too low: 86400 karmaflux.com: did not receive HSTS header +karmic.com: max-age too low: 0 +karpanhellas.com: could not connect to host +kars.ooo: could not connect to host karting34.com: did not receive HSTS header karuneshjohri.com: could not connect to host kashdash.ca: could not connect to host kashis.com.au: max-age too low: 0 -kat.al: could not connect to host +kat.al: max-age too low: 0 katalogakci.cz: did not receive HSTS header -kateduggan.net: could not connect to host kati0.com: could not connect to host katiaetdavid.fr: could not connect to host katja-nikolic-design.de: could not connect to host @@ -7300,11 +7923,13 @@ katproxy.top: could not connect to host katrinjanke.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] kattenfun.be: did not receive HSTS header kattenfun.nl: did not receive HSTS header +katthewaffle.fr: could not connect to host katzen.me: could not connect to host kaufkraftkiel.de: could not connect to host kauperwood.ovh: could not connect to host kauplusprofesional.com: did not receive HSTS header kausch.at: could not connect to host +kausta.me: could not connect to host kavinvin.me: could not connect to host kawaiii.link: did not receive HSTS header kawaiiku.com: could not connect to host @@ -7312,10 +7937,11 @@ kawaiiku.de: could not connect to host kaydan.io: could not connect to host kayipmurekkep.com: could not connect to host kayon.cf: could not connect to host -kayscs.com: could not connect to host kazanasolutions.de: could not connect to host kazenojiyu.fr: did not receive HSTS header +kbfl.org: could not connect to host kcluster.io: could not connect to host +kcore.org: max-age too low: 0 kd-plus.pp.ua: could not connect to host kdata.it: did not receive HSTS header kdbx.online: could not connect to host @@ -7334,22 +7960,24 @@ keepmanager.org: could not connect to host keeprubyweird.com: did not receive HSTS header kefaloniatoday.com: did not receive HSTS header keihin-chaplin.jp: did not receive HSTS header +kein-fidget-spinner-werden.de: could not connect to host kejibot.com: could not connect to host kekehouse.net: could not connect to host kellyandantony.com: could not connect to host kelm.me: could not connect to host +kelp.agency: did not receive HSTS header ken-electric.com.br: could not connect to host kenc.dk: max-age too low: 2592000 kenchristensen.dk: max-age too low: 2592000 kenderbeton-magyarorszag.hu: did not receive HSTS header kenderbetonmagyarorszag.hu: did not receive HSTS header kenderhaz-magyarorszag.hu: did not receive HSTS header +kenderhazmagyarorszag.hu: did not receive HSTS header kenkoelectric.com: did not receive HSTS header kenman.dk: max-age too low: 2592000 kennynet.co.uk: could not connect to host kensparkesphotography.com: did not receive HSTS header kentacademiestrust.org.uk: did not receive HSTS header -kenyons.info: could not connect to host kepler-seminar.de: did not receive HSTS header kerangalam.com: did not receive HSTS header kerksanders.nl: could not connect to host @@ -7358,26 +7986,30 @@ kermadec.com: did not receive HSTS header kermadec.net: could not connect to host kernelmode.io: did not receive HSTS header kernl.us: did not receive HSTS header +kerus.net: could not connect to host keshausconsulting.com: could not connect to host keskeces.com: did not receive HSTS header kesteren.com: could not connect to host -kevinbowers.me: could not connect to host kevindekoninck.com: could not connect to host -kevinpirnie.com: did not receive HSTS header +kevinfoley.cc: could not connect to host +kevinfoley.org: could not connect to host +kevinmoreland.com: could not connect to host +kevinmorssink.nl: could not connect to host kevinroebert.de: did not receive HSTS header kevlar.pw: did not receive HSTS header +kewego.co.uk: could not connect to host keymaster.lookout.com: did not receive HSTS header keys.jp: could not connect to host keyserver.sexy: could not connect to host kfbrussels.be: could not connect to host kg-rating.com: could not connect to host kgb.us: could not connect to host -kgregorczyk.pl: could not connect to host kgxtech.com: max-age too low: 2592000 khaganat.net: did not receive HSTS header +khaledgarbaya.net: did not receive HSTS header khosla.uk: could not connect to host ki-on.net: did not receive HSTS header -kiaka.co: did not receive HSTS header +kiaka.co: could not connect to host kialo.com: did not receive HSTS header kickass-proxies.org: could not connect to host kickass.al: could not connect to host @@ -7391,17 +8023,16 @@ kiel-media.de: did not receive HSTS header kielderweather.org.uk: did not receive HSTS header kienlen.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] kieranweightman.me: could not connect to host +kiesuwcursus.nl: did not receive HSTS header kievradio.com: could not connect to host kikuzuki.org: could not connect to host kiladera.be: did not receive HSTS header kill-paff.com: did not receive HSTS header -kilobyte22.de: did not receive HSTS header kimana.pe: could not connect to host kimberg.co.uk: did not receive HSTS header kimberlybeautysoapcompany.com: did not receive HSTS header kimpost.org: could not connect to host kimscrazeecastles.co.uk: did not receive HSTS header -kin.life: could not connect to host kina.guide: could not connect to host kinderbuecher-kostenlos.de: did not receive HSTS header kinderjugendfreizeitverein.de: could not connect to host @@ -7421,7 +8052,6 @@ kinmunity.com: could not connect to host kinnon.enterprises: could not connect to host kinow.com: did not receive HSTS header kinsmenhomelottery.com: did not receive HSTS header -kintawifi.com: could not connect to host kintoandar.com: max-age too low: 0 kintrip.com: did not receive HSTS header kintzingerfilm.de: did not receive HSTS header @@ -7429,15 +8059,17 @@ kionetworks.com: did not receive HSTS header kipin.fr: did not receive HSTS header kipira.com: could not connect to host kiraboshi.xyz: could not connect to host +kirainmoe.com: did not receive HSTS header kirara.eu: could not connect to host kirill.ws: could not connect to host kirkforsenate.com: could not connect to host kirkpatrickdavis.com: could not connect to host -kirslis.com: could not connect to host +kirrie.pe.kr: did not receive HSTS header kisa.io: could not connect to host kisalt.im: could not connect to host kiss-register.org: could not connect to host kissart.net: could not connect to host +kisskiss.ch: could not connect to host kisstyle.ru: did not receive HSTS header kisun.co.jp: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] kita.id: did not receive HSTS header @@ -7455,21 +8087,21 @@ kitsta.com: could not connect to host kiwiirc.com: max-age too low: 5256000 kiyo.space: could not connect to host kizil.net: could not connect to host -kj1396.net: could not connect to host +kj1396.net: did not receive HSTS header kjaermaxi.me: did not receive HSTS header -kjellvn.net: could not connect to host kjg-bachrain.de: could not connect to host kjoglum.me: could not connect to host -kkull.tv: did not receive HSTS header -kkzxak47.com: could not connect to host +kkull.tv: could not connect to host +klantenadvies.nl: did not receive HSTS header klas.or.id: did not receive HSTS header klatschreime.de: did not receive HSTS header klausimas.lt: did not receive HSTS header klauwd.com: could not connect to host klaxn.org: could not connect to host +klean-ritekc.com: did not receive HSTS header kleberstoff.xyz: could not connect to host kleertjesvoordelig.nl: could not connect to host -kleidertauschpartys.de: did not receive HSTS header +kleidertauschpartys.de: could not connect to host kleinerarchitekturfuehrer.de: could not connect to host kleinholding.com: could not connect to host klempnershop.eu: did not receive HSTS header @@ -7478,15 +8110,15 @@ kletterkater.com: did not receive HSTS header klicktojob.de: could not connect to host klingeletest.de: could not connect to host klingsundet.no: did not receive HSTS header -kloentrup.de: did not receive HSTS header +kliqsd.com: could not connect to host +kloentrup.de: max-age too low: 604800 klunkergarten.org: could not connect to host -klva.cz: could not connect to host -kmdev.me: could not connect to host knapen.io: max-age too low: 604800 knccloud.com: could not connect to host +knetterbak.nl: did not receive HSTS header kngk-azs.ru: could not connect to host knigadel.com: did not receive HSTS header -knightsblog.de: could not connect to host +knightsbridgegroup.org: could not connect to host knightsweep.com: could not connect to host knnet.ch: could not connect to host knowdebt.org: did not receive HSTS header @@ -7494,12 +8126,12 @@ knowledgesnap.com: could not connect to host knowledgesnapsites.com: could not connect to host knownsec.cf: could not connect to host kobieta.guru: could not connect to host +kobolya.hu: did not receive HSTS header koddsson.com: did not receive HSTS header kodexplorer.ml: could not connect to host kodiaklabs.org: could not connect to host kodokushi.fr: could not connect to host koen.io: max-age too low: 86400 -koenleemans.nl: did not receive HSTS header koenrouwhorst.nl: did not receive HSTS header koenvdheuvel.me: could not connect to host koerperimpuls.ch: did not receive HSTS header @@ -7507,10 +8139,10 @@ koez-mangal.ch: could not connect to host koezmangal.ch: could not connect to host koik.io: could not connect to host koirala.net: could not connect to host -kojipkgs.fedoraproject.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] kokenmetaanbiedingen.nl: could not connect to host kola-entertainments.de: did not receive HSTS header kolaykaydet.com: could not connect to host +kolbeck.tk: could not connect to host kollawat.me: could not connect to host kolozsvaricsuhe.hu: did not receive HSTS header komikito.com: could not connect to host @@ -7534,6 +8166,7 @@ korni22.org: could not connect to host korsanparti.org: could not connect to host kostuumstore.nl: could not connect to host kostya.net: did not receive HSTS header +kotomei.moe: could not connect to host kotonehoko.net: could not connect to host kotorimusic.ga: could not connect to host kotovstyle.ru: could not connect to host @@ -7541,6 +8174,7 @@ kottur.is: could not connect to host koukni.cz: did not receive HSTS header kourpe.online: could not connect to host kousaku.jp: could not connect to host +kouten-jp.com: could not connect to host kozmik.co: could not connect to host kpdyer.com: did not receive HSTS header kpebetka.net: did not receive HSTS header @@ -7564,7 +8198,7 @@ krestanskydarek.cz: [Exception... "Component returned failure code: 0x80004005 ( kreza.de: could not connect to host kriegskindernothilfe.de: could not connect to host kriegt.es: did not receive HSTS header -krist.club: could not connect to host +krist.club: did not receive HSTS header kristjanrang.eu: did not receive HSTS header kristofferkoch.com: could not connect to host krizek.cc: did not receive HSTS header @@ -7575,10 +8209,9 @@ kroodle.nl: did not receive HSTS header krouzkyliduska.cz: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] kruegerrand-wert.de: did not receive HSTS header krunut.com: did not receive HSTS header -kryha.io: could not connect to host +kryha.io: did not receive HSTS header krypteia.org: could not connect to host kryptomech.com: could not connect to host -ksero.center: could not connect to host ksfh-mail.de: could not connect to host ksham.net: could not connect to host ksk-agentur.de: did not receive HSTS header @@ -7588,8 +8221,11 @@ kswriter.com: could not connect to host kteen.info: could not connect to host ktube.yt: could not connect to host ku.io: did not receive HSTS header +kub.hr: could not connect to host kuba.guide: could not connect to host +kubiwa.net: could not connect to host kubusadvocaten.nl: could not connect to host +kuchenfeelisa.de: did not receive HSTS header kuchenschock.de: did not receive HSTS header kucheryavenkovn.ru: could not connect to host kucom.it: did not receive HSTS header @@ -7598,6 +8234,7 @@ kuehnel.org: max-age too low: 604800 kueulangtahunanak.net: could not connect to host kuko-crews.org: could not connect to host kultmobil.se: did not receive HSTS header +kum.com: could not connect to host kummerlaender.eu: did not receive HSTS header kundenerreichen.com: did not receive HSTS header kundenerreichen.de: did not receive HSTS header @@ -7616,13 +8253,15 @@ kurzonline.com.br: could not connect to host kuwago.io: could not connect to host kvt.berlin: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] kweddingplanning.com: could not connect to host +kwidz.fr: did not receive HSTS header kwikmed.eu: could not connect to host kwipi.com: did not receive HSTS header -kwok.tv: did not receive HSTS header +kwok.tv: could not connect to host kwondratsch.com: could not connect to host kxind.cn: did not receive HSTS header kyanite.co: could not connect to host kyberna.xyz: could not connect to host +kydara.com: did not receive HSTS header kykoonn.net: did not receive HSTS header kylapps.com: could not connect to host kyle.place: could not connect to host @@ -7631,7 +8270,7 @@ kylerwood.com: could not connect to host kylling.io: could not connect to host kymo.org: did not receive HSTS header kyochon.fr: could not connect to host -kyoto-mic.com: could not connect to host +kyonagashima.com: did not receive HSTS header kyouko.nl: could not connect to host kyujin-office.net: could not connect to host kzjnet.com: could not connect to host @@ -7645,7 +8284,7 @@ la-serendipite.fr: did not receive HSTS header labaia.info: could not connect to host labella-umbrella.com: did not receive HSTS header labelleza.com.br: could not connect to host -labfox.de: could not connect to host +labfox.de: did not receive HSTS header labiblioafronebrulepas.com: could not connect to host labina.com.tr: did not receive HSTS header laboiteanem.fr: could not connect to host @@ -7657,17 +8296,17 @@ laboutiquemarocaineduconvoyeur.ma: could not connect to host labrador-retrievers.com.au: did not receive HSTS header labrasaq8.com: did not receive HSTS header labs.directory: could not connect to host -labs.moscow: did not receive HSTS header +labs.moscow: could not connect to host lacarpesaintaubinoise.fr: did not receive HSTS header lacasa.fr: could not connect to host lacasseroy.com: could not connect to host lacaverne.nl: could not connect to host lacentral.com: did not receive HSTS header lacledeslan.ninja: could not connect to host -lacocinadelila.com: did not receive HSTS header lacuevadechauvet.com: did not receive HSTS header +ladadate.com: could not connect to host ladylikeit.com: could not connect to host -ladylucks.co.uk: did not receive HSTS header +ladylucks.co.uk: could not connect to host laemen.com: did not receive HSTS header laemen.nl: could not connect to host laf.in.net: could not connect to host @@ -7682,20 +8321,22 @@ lainchan.org: did not receive HSTS header laisashop.com.br: could not connect to host lajijonencadebarbera.com: could not connect to host lakefrontlittleelm.com: did not receive HSTS header -lakehavasuhouserentals.com: did not receive HSTS header +lakehavasuhouserentals.com: could not connect to host +lakewoodcomputerservices.com: could not connect to host lakhesis.net: could not connect to host lalajj.com: could not connect to host laltroweb.it: did not receive HSTS header lamaland.ru: did not receive HSTS header lambda-complex.org: could not connect to host lambdafive.co.uk: could not connect to host +lamclam.site: could not connect to host lamomebijou.paris: did not receive HSTS header lampl.info: could not connect to host -lamtv.com.mx: did not receive HSTS header -lan.biz.tr: could not connect to host +lamtv.com.mx: could not connect to host +lan2k.org: max-age too low: 86400 lanauzedesigns.com: did not receive HSTS header lanboll.com: could not connect to host -lanbyte.se: could not connect to host +lanbyte.se: did not receive HSTS header lancehoteis.com: did not receive HSTS header lancehoteis.com.br: did not receive HSTS header land-links.org: did not receive HSTS header @@ -7703,9 +8344,7 @@ landbetweenthelakes.us: did not receive HSTS header landell.ml: could not connect to host landgoedverkopen.nl: could not connect to host landhuisverkopen.nl: could not connect to host -landinfo.no: max-age too low: 300 landscape.canonical.com: max-age too low: 2592000 -landscapelightingthousandoaks.com: could not connect to host landscapingmedic.com: did not receive HSTS header langenbach.rocks: could not connect to host langendorf-ernaehrung-training.de: could not connect to host @@ -7714,7 +8353,7 @@ langhun.me: could not connect to host laniakean.com: did not receive HSTS header lanonfire.com: could not connect to host lansinoh.co.uk: did not receive HSTS header -lanzainc.xyz: did not receive HSTS header +lanzainc.xyz: could not connect to host laobox.fr: could not connect to host laohei.org: could not connect to host laospage.com: did not receive HSTS header @@ -7722,12 +8361,15 @@ laplaceduvillage.net: could not connect to host laquack.com: could not connect to host lared.ovh: did not receive HSTS header laredsemanario.com: could not connect to host +larsgujord.no: did not receive HSTS header +larsmerke.de: did not receive HSTS header lasepiataca.com: did not receive HSTS header lasercloud.ml: could not connect to host lashstuff.com: did not receive HSTS header lasnaves.com: did not receive HSTS header -lasst-uns-beten.de: did not receive HSTS header +lasst-uns-beten.de: could not connect to host latable-bowling-vire.fr: did not receive HSTS header +latabledebry.be: could not connect to host latamarissiere.eu: could not connect to host lateliercantaldeco.fr: could not connect to host latelierdekathy.com: could not connect to host @@ -7736,8 +8378,10 @@ latg.com: max-age too low: 300 lathamlabs.com: could not connect to host lathamlabs.net: could not connect to host lathamlabs.org: could not connect to host +lathen-wahn.de: did not receive HSTS header latinred.com: could not connect to host latitude42technology.com: did not receive HSTS header +latour-managedcare.ch: could not connect to host latus.xyz: could not connect to host laufcampus.com: did not receive HSTS header laufseminare-laufreisen.com: did not receive HSTS header @@ -7755,7 +8399,7 @@ lawly.org: could not connect to host laxatus.com: could not connect to host laxiongames.es: did not receive HSTS header layer8.tk: could not connect to host -laymans911.info: could not connect to host +lazapateriahandmade.pe: did not receive HSTS header lazerus.net: could not connect to host lazulu.com: could not connect to host lazytux.de: did not receive HSTS header @@ -7764,13 +8408,12 @@ lbrlh.tk: could not connect to host lbrli.tk: could not connect to host lbrls.tk: could not connect to host lbrt.xyz: could not connect to host -lcbizsolutions.com: did not receive HSTS header -lcgaj.com: could not connect to host lclarkpdx.com: could not connect to host lcti.biz: could not connect to host ldarby.me.uk: could not connect to host leadbook.ru: max-age too low: 604800 leadership9.com: could not connect to host +leadgenie.me: could not connect to host leakedminecraft.net: could not connect to host leakreporter.net: could not connect to host leaks.directory: could not connect to host @@ -7789,6 +8432,8 @@ led-tl-wereld.nl: did not receive HSTS header leddruckalarm.de: did not receive HSTS header ledgerscope.net: could not connect to host ledhouse.sk: did not receive HSTS header +ledlampor365.se: could not connect to host +ledshop.mx: did not receive HSTS header leebiblestudycentre.net: could not connect to host leebiblestudycentre.org: could not connect to host leefindlow.com: could not connect to host @@ -7807,15 +8452,18 @@ legendary.camera: did not receive HSTS header legitaxi.com: did not receive HSTS header legymnase.eu: did not receive HSTS header lehtinen.xyz: could not connect to host -leifdreizler.com: could not connect to host leighneithardt.com: could not connect to host +leilautourdumon.de: did not receive HSTS header leinir.dk: did not receive HSTS header leitner.com.au: did not receive HSTS header +lelehei.com: could not connect to host lellyboi.ml: could not connect to host lelongbank.com: did not receive HSTS header lelubre.info: did not receive HSTS header lemon.co: could not connect to host lemonrockbiketours.com: did not receive HSTS header +lemonthy.ca: could not connect to host +lemonthy.com: could not connect to host lemp.io: did not receive HSTS header lenders.direct: could not connect to host lengyelnyelvoktatas.hu: could not connect to host @@ -7823,7 +8471,7 @@ lengyelul.hu: could not connect to host lenkunz.me: could not connect to host lenn1.de: did not receive HSTS header lennarth.com: could not connect to host -lennartheinrich.de: could not connect to host +lennartheinrich.de: did not receive HSTS header lennier.info: could not connect to host lennyfaces.net: did not receive HSTS header lenovogaming.com: could not connect to host @@ -7832,6 +8480,7 @@ lenzw.de: did not receive HSTS header leob.in: could not connect to host leon-jaekel.com: could not connect to host leonardcamacho.me: could not connect to host +leonhooijer.nl: could not connect to host leonmahler.consulting: did not receive HSTS header leopold.email: could not connect to host leopoldina.net: did not receive HSTS header @@ -7839,11 +8488,13 @@ leopotamgroup.com: could not connect to host leovanna.co.uk: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] lepiquillo.fr: did not receive HSTS header lepont.pl: could not connect to host -lerasenglish.com: could not connect to host +lerasenglish.com: max-age too low: 0 lerlivros.online: could not connect to host -lerner.moscow: did not receive HSTS header +lerner.moscow: could not connect to host les-corsaires.net: could not connect to host les-voitures-electriques.com: max-age too low: 2592000 +lesbiansslaves.com: could not connect to host +lesbofight.com: could not connect to host lescomptoirsdepierrot.com: could not connect to host lesdouceursdeliyana.com: could not connect to host lesecuadors.com: did not receive HSTS header @@ -7853,7 +8504,10 @@ lesliekearney.com: did not receive HSTS header lesperlesdunet.fr: could not connect to host lesquatredauphins.fr: did not receive HSTS header lesquerda.cat: did not receive HSTS header +lessing.consulting: did not receive HSTS header +letempsdunefleur.be: could not connect to host leter.io: did not receive HSTS header +lethbridgecoffee.com: did not receive HSTS header letitfly.me: could not connect to host letraba.com: could not connect to host letras.mus.br: did not receive HSTS header @@ -7880,13 +8534,14 @@ lezdomsm.com: could not connect to host lfaz.org: could not connect to host lfullerdesign.com: could not connect to host lg21.co: could not connect to host +lgbtqventures.com: could not connect to host lgiswa.com.au: did not receive HSTS header lgrs.com.au: did not receive HSTS header lgsg.us: could not connect to host lgts.se: could not connect to host -lhalbert.xyz: could not connect to host lhasaapso.com.br: could not connect to host -lheinrich.com: did not receive HSTS header +lheinrich.com: could not connect to host +lheinrich.de: did not receive HSTS header lheinrich.org: could not connect to host lhsj28.com: could not connect to host lhsj68.com: could not connect to host @@ -7895,6 +8550,8 @@ liaillustr.at: did not receive HSTS header liam-is-a-nig.ga: could not connect to host liam-w.com: could not connect to host liamjack.fr: could not connect to host +liangbp.com: could not connect to host +lianwen.kim: could not connect to host lianye.in: could not connect to host lianyexiuchang.in: could not connect to host liaoshuma.com: could not connect to host @@ -7904,7 +8561,7 @@ libanco.com: could not connect to host libdeer.so: could not connect to host libertas-tech.com: could not connect to host libertins.date: did not receive HSTS header -libertyrp.org: did not receive HSTS header +libertyrp.org: could not connect to host libfte.org: did not receive HSTS header librairie-asie.com: did not receive HSTS header library.linode.com: did not receive HSTS header @@ -7912,25 +8569,28 @@ librechan.net: could not connect to host libricks.fr: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] librisulibri.it: did not receive HSTS header licence-registry.com: could not connect to host +liceo.cn: did not receive HSTS header liceserv.com: could not connect to host lichess4545.com: did not receive HSTS header lichess4545.tv: did not receive HSTS header +lickmypussy.us: could not connect to host lidl-selection.at: did not receive HSTS header liduan.com: could not connect to host -liduan.net: could not connect to host liebach.me: did not receive HSTS header liebestarot.at: did not receive HSTS header lied8.eu: could not connect to host -liehuojun.com: could not connect to host +liehuojun.com: did not receive HSTS header liemen.net: did not receive HSTS header lietaer.eu: did not receive HSTS header life-time.nl: did not receive HSTS header -lifecoachproviders.com: did not receive HSTS header +lifecoach.tw: did not receive HSTS header +lifecoachproviders.com: could not connect to host lifeguard.aecom.com: did not receive HSTS header lifeinitsownway.com: could not connect to host -lifeinsurances.pro: could not connect to host -lifeinsurances24.com: could not connect to host +lifeinsurances.pro: did not receive HSTS header +lifeinsurances24.com: did not receive HSTS header lifemarque.co.uk: did not receive HSTS header +lifenexto.com: could not connect to host lifeng.us: did not receive HSTS header lifeskillsdirect.com: did not receive HSTS header lifestyler.me: could not connect to host @@ -7942,7 +8602,6 @@ lightning-ashe.com: did not receive HSTS header lightnovelsekai.com: could not connect to host lightpaste.com: could not connect to host lighttherapydevice.com: did not receive HSTS header -lighttp.com: could not connect to host lightworx.io: did not receive HSTS header lignemalin.com: could not connect to host lignemax.com: did not receive HSTS header @@ -7951,26 +8610,29 @@ like.lgbt: could not connect to host likenosis.com: could not connect to host lila.pink: did not receive HSTS header lilapmedia.com: could not connect to host +liliang13.com: could not connect to host lilismartinis.com: could not connect to host -lillpopp.eu: did not receive HSTS header +lillpopp.eu: max-age too low: 10 lilpwny.com: could not connect to host lilycms.com: could not connect to host lilygreen.co.za: did not receive HSTS header limalama.eu: max-age too low: 1 limeyeti.com: could not connect to host -limiteddata.co.uk: did not receive HSTS header +limiteddata.co.uk: could not connect to host +limitget.com: could not connect to host limodo-shop.de: did not receive HSTS header limpens.net: did not receive HSTS header limpido.it: could not connect to host +lincsbouncycastlehire.co.uk: did not receive HSTS header lindberg.io: did not receive HSTS header -lindholmen.club: could not connect to host lineauniformes.com.br: could not connect to host linext.cn: could not connect to host lingerie.net.br: did not receive HSTS header lingerielovers.com.br: did not receive HSTS header -lingerieonline.com.br: did not receive HSTS header +lingerieonline.com.br: could not connect to host lingolia.com: did not receive HSTS header lingros-test.tk: could not connect to host +lingting.vip: could not connect to host linguaquote.com: did not receive HSTS header linguatrip.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] linhaoyi.com: could not connect to host @@ -7984,6 +8646,7 @@ linley.de: could not connect to host linmi.cc: did not receive HSTS header linno.me: could not connect to host linorman1997.me: could not connect to host +linostassi.net: could not connect to host linpx.com: could not connect to host linux-admin-california.com: could not connect to host linux-mint.cz: could not connect to host @@ -7997,9 +8660,10 @@ linuxgeek.ro: could not connect to host linuxmint.cz: could not connect to host linuxmonitoring.net: could not connect to host linvx.org: did not receive HSTS header -lipo.lol: could not connect to host +linxmind.eu: could not connect to host liquid.solutions: did not receive HSTS header liquidcomm.net: could not connect to host +liquimoly.market: did not receive HSTS header liquorsanthe.in: could not connect to host lisaco.de: could not connect to host lisbongold.com: did not receive HSTS header @@ -8011,29 +8675,34 @@ listage.ovh: did not receive HSTS header lists.mayfirst.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] litcc.com: could not connect to host litcomphonors.com: could not connect to host +literarymachin.es: could not connect to host litespeed.io: could not connect to host litevault.net: did not receive HSTS header little.pw: could not connect to host littledisney.ro: did not receive HSTS header littlefreelibrary.org: did not receive HSTS header littlelife.co.uk: did not receive HSTS header -littleqiu.net: could not connect to host +littleservice.cn: could not connect to host liud.im: could not connect to host liujunyang.com: did not receive HSTS header liukang.tech: could not connect to host -liul.in: could not connect to host liushuyu.tk: could not connect to host liv3ly.com: did not receive HSTS header livechatlady.info: did not receive HSTS header livedemo.io: could not connect to host livej.am: could not connect to host +livejasmin.dk: could not connect to host liverewrite.com: could not connect to host +livesearch-fukuoka.com: did not receive HSTS header +livi.co: could not connect to host liviababynet.com.br: could not connect to host livinghealthywithchocolate.com: did not receive HSTS header livrariahugodesaovitor.com.br: could not connect to host lixiang.one: could not connect to host +lixiaojiang.ga: could not connect to host lixingcong.com: could not connect to host liyang.pro: did not receive HSTS header +lizzythepooch.com: did not receive HSTS header lkiserver.com: could not connect to host llamasweet.tech: could not connect to host lll.st: could not connect to host @@ -8044,6 +8713,7 @@ ln.io: could not connect to host lnbeauty.ru: max-age too low: 0 lnoldan.com: could not connect to host loacg.com: did not receive HSTS header +loadingdeck.com: did not receive HSTS header loadso.me: could not connect to host loafbox.com: could not connect to host loanmatch.sg: could not connect to host @@ -8055,8 +8725,10 @@ lobosdomain.no-ip.info: could not connect to host lobste.rs: did not receive HSTS header locais.org: could not connect to host localchum.com: could not connect to host +localdata.us: did not receive HSTS header localdrive.me: could not connect to host localnetwork.nz: could not connect to host +location-fichier-email.com: could not connect to host locationvoitureautriche.com: could not connect to host locationvoiturefinlande.com: could not connect to host locationvoitureirlande.com: could not connect to host @@ -8069,7 +8741,7 @@ locker3.com: could not connect to host locksmithrandburg24-7.co.za: could not connect to host locksport.org.nz: could not connect to host locktheirphone.com: could not connect to host -lockyourcomputer.pw: did not receive HSTS header +lockyourcomputer.pw: could not connect to host locomotive.ca: did not receive HSTS header locomotive.net.br: could not connect to host locvis.ru: did not receive HSTS header @@ -8080,7 +8752,6 @@ loftboard.eu: could not connect to host log2n.uk: could not connect to host logario.com.br: could not connect to host logcat.info: could not connect to host -logfile.at: did not receive HSTS header logfile.ch: did not receive HSTS header logic8.ml: could not connect to host logicaladvertising.com: could not connect to host @@ -8098,30 +8769,32 @@ lognot.net: could not connect to host logymedia.com: could not connect to host loisircreatif.net: did not receive HSTS header lojadocristaozinho.com.br: did not receive HSTS header +lojadoprazer.com.br: could not connect to host +lojahunamarcenaria.com.br: could not connect to host lojashowdecozinha.com.br: could not connect to host lojasviavento.com.br: could not connect to host lojavalcapelli.com.br: could not connect to host -lolhax.org: could not connect to host loli.bz: did not receive HSTS header loli.vip: could not connect to host lolicon.info: could not connect to host lolicore.ch: could not connect to host lolidunno.com: could not connect to host +lolis.stream: could not connect to host lollaconcept.com.br: could not connect to host lonbali.com: did not receive HSTS header londoncalling.co: did not receive HSTS header londonlanguageexchange.com: could not connect to host +londonseedcentre.co.uk: could not connect to host lonerwolf.com: did not receive HSTS header longboarding-ulm.de: could not connect to host look-at-my.site: could not connect to host lookout.com: did not receive HSTS header looktothestars.org: did not receive HSTS header lookupclose.com: did not receive HSTS header -lookyman.net: could not connect to host looneymooney.com: could not connect to host loongsg.xyz: could not connect to host -loopstart.org: could not connect to host loperetti.ch: could not connect to host +loposchokk.com: could not connect to host loqyu.co: could not connect to host lordgun.com: could not connect to host lordjevington.co.uk: did not receive HSTS header @@ -8132,9 +8805,9 @@ lostarq.com: could not connect to host lostg.com: did not receive HSTS header lostinsecurity.com: could not connect to host lostinweb.eu: could not connect to host +loteks.de: did not receive HSTS header lothai.re: did not receive HSTS header lothuytinhsi.com: could not connect to host -lotl.ru: could not connect to host lotos-ag.ch: did not receive HSTS header lotsencafe.de: did not receive HSTS header lottosonline.com: did not receive HSTS header @@ -8156,6 +8829,7 @@ lovelycorral.com: did not receive HSTS header lovelyfriends.org: did not receive HSTS header lovemen.cc: did not receive HSTS header lovemysafetynet.com: did not receive HSTS header +loveread-ec.appspot.com: did not receive HSTS header loveto.at: could not connect to host lovingpenguin.com: did not receive HSTS header lowhangingfruitgrabber.com: could not connect to host @@ -8164,10 +8838,12 @@ lowtherpavilion.co.uk: did not receive HSTS header loxis.be: did not receive HSTS header loyaleco.it: could not connect to host loyaltech.ch: could not connect to host +lpacademy.com.br: could not connect to host lpak.nl: could not connect to host lpgram.ga: could not connect to host -lpm-uk.com: could not connect to host +lpm-uk.com: did not receive HSTS header lrhsclubs.com: could not connect to host +lrhstsa.com: could not connect to host ls-a.org: did not receive HSTS header ls-reallife.de: did not receive HSTS header ls-rp.es: did not receive HSTS header @@ -8176,52 +8852,54 @@ lsp-sports.de: did not receive HSTS header lstma.com: could not connect to host lsvih.com: did not receive HSTS header lswim.com: did not receive HSTS header -lsys.ac: could not connect to host lszj.com: could not connect to host ltba.org: could not connect to host ltbytes.com: could not connect to host ltechnologygroup.com: did not receive HSTS header ltransferts.com: could not connect to host ltu.social: could not connect to host +luan.ma: did not receive HSTS header lubot.net: could not connect to host lucas-garte.com: did not receive HSTS header +lucasantarella.com: could not connect to host +lucascantor.com: did not receive HSTS header lucascodes.com: could not connect to host lucasgaland.com: could not connect to host +lucassoler.com.ar: could not connect to host lucaterzini.com: could not connect to host luchscheider.de: could not connect to host lucidlogs.com: could not connect to host +luckydog.pw: could not connect to host +luckystarfishing.com: did not receive HSTS header luclu7.pw: could not connect to host -lucysan.net: could not connect to host ludwig.click: did not receive HSTS header -ludwigpro.net: could not connect to host lufthansaexperts.com: max-age too low: 2592000 luis-checa.com: could not connect to host -luisgf.es: could not connect to host luisv.me: could not connect to host luk.photo: could not connect to host lukasunger.cz: could not connect to host lukasunger.net: could not connect to host lukaszdolan.com: did not receive HSTS header -lukasztkacz.com: did not receive HSTS header +lukasztkacz.com: could not connect to host +lukem.eu: could not connect to host lukeng.me: could not connect to host lukonet.com: did not receive HSTS header luludapomerania.com: could not connect to host luma.family: could not connect to host luma.pink: could not connect to host lumd.me: could not connect to host -lumer.tech: could not connect to host lumi.do: did not receive HSTS header luminancy.com: could not connect to host -lunapatch.com: did not receive HSTS header +lunapatch.com: max-age too low: 7889238 lunarift.com: could not connect to host lunarrift.net: could not connect to host -lunchbunch.me: could not connect to host +lunarsoft.net: did not receive HSTS header luneta.nearbuysystems.com: could not connect to host lunight.ml: could not connect to host luno.io: could not connect to host luody.info: could not connect to host luoe.ml: could not connect to host -luolikong.vip: could not connect to host +luolikong.vip: did not receive HSTS header luom.net: could not connect to host luoxiao.im: could not connect to host luoxingyu.ml: could not connect to host @@ -8230,14 +8908,11 @@ lusis.fr: did not receive HSTS header lusis.net: could not connect to host lustrumxi.nl: could not connect to host luther.fi: could not connect to host -luxcraft.eng.br: could not connect to host luxe-it.co.uk: could not connect to host luxinmo.com: did not receive HSTS header -luxonetwork.com: did not receive HSTS header -luxus-russen.de: did not receive HSTS header +luxonetwork.com: could not connect to host +luxus-russen.de: could not connect to host luzeshomologadas.com.br: could not connect to host -lv5.top: could not connect to host -lwl.moe: could not connect to host lycly.top: could not connect to host lydia-und-simon.de: could not connect to host lydiagorstein.com: could not connect to host @@ -8247,15 +8922,15 @@ lyonl.com: did not receive HSTS header lyscnd.com: could not connect to host lysergion.com: could not connect to host lyuba.fr: could not connect to host -lyukaacom.ru: could not connect to host +lz.sb: could not connect to host lzahq.tech: did not receive HSTS header -lzh.one: could not connect to host lzkill.com: did not receive HSTS header lzqii.cn: could not connect to host lzzr.me: did not receive HSTS header m-ali.xyz: did not receive HSTS header m-generator.com: could not connect to host m-rickroll-v.pw: could not connect to host +m-warrior.tk: could not connect to host m.gparent.org: could not connect to host m.nu: did not receive HSTS header m0wef.uk: could not connect to host @@ -8268,9 +8943,10 @@ ma-musique.fr: could not connect to host maarten.nyc: could not connect to host maartenprovo.be: did not receive HSTS header maartenterpstra.xyz: could not connect to host +mabulledu.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] mac-torrents.me: did not receive HSTS header -mac.biz.tr: could not connect to host -macandtonic.com: could not connect to host +mac-world.pl: did not receive HSTS header +macandtonic.com: did not receive HSTS header macbolo.com: could not connect to host macchaberrycream.com: could not connect to host macchedil.com: did not receive HSTS header @@ -8278,14 +8954,18 @@ macdj.tk: could not connect to host macedopesca.com.br: did not receive HSTS header macgeneral.de: did not receive HSTS header mach1club.com: did not receive HSTS header +machinelearningjavascript.com: could not connect to host mack.space: could not connect to host -macleodnc.com: could not connect to host +macleodnc.com: did not receive HSTS header macsandcheesedreams.com: could not connect to host +macstore.pe: did not receive HSTS header macustar.eu: did not receive HSTS header +madandpissedoff.com: could not connect to host madcatdesign.de: did not receive HSTS header maddin.ga: could not connect to host madebyfalcon.co.uk: did not receive HSTS header madebymagnitude.com: did not receive HSTS header +madeglobal.com: could not connect to host madeinorder.com: did not receive HSTS header madeintucson.org: could not connect to host mademoiselle-emma.be: could not connect to host @@ -8293,6 +8973,8 @@ mademoiselle-emma.fr: could not connect to host maderwin.com: did not receive HSTS header madesoftware.com.br: could not connect to host madnetwork.org: could not connect to host +madokami.net: could not connect to host +madpeople.net: max-age too low: 2592000 madrants.net: could not connect to host madweb.design: did not receive HSTS header mafamane.com: could not connect to host @@ -8302,14 +8984,14 @@ magebankin.com: did not receive HSTS header magenx.com: did not receive HSTS header magia360.com: did not receive HSTS header magicball.co: could not connect to host +magieblanche.fr: did not receive HSTS header magnacumlaude.co: could not connect to host magneticanvil.com: did not receive HSTS header magyarokegyhelyen.hu: did not receive HSTS header mahamed91.pw: could not connect to host mahansexcavating.com: did not receive HSTS header mahfouzadedimeji.com: did not receive HSTS header -mahraartisan.com: max-age too low: 7889238 -maidofhonorcleaning.net: max-age too low: 200 +mahraartisan.com: could not connect to host maik-mahlow.de: could not connect to host mail-settings.google.com: did not receive HSTS header (error ignored - included regardless) mail.google.com: did not receive HSTS header (error ignored - included regardless) @@ -8326,17 +9008,19 @@ main-unit.com: could not connect to host maintainerheaven.ch: could not connect to host maisalto.ind.br: could not connect to host maitriser-son-stress.com: could not connect to host +majkl.xyz: could not connect to host +majkl578.cz: could not connect to host majncloud.tk: could not connect to host make-pizza.info: could not connect to host makedonien.guide: could not connect to host makeit-so.de: could not connect to host makeitdynamic.com: could not connect to host +makemejob.com: could not connect to host makemyvape.co.uk: max-age too low: 7889238 makerstuff.net: did not receive HSTS header makeshiftco.de: did not receive HSTS header makeuplove.nl: could not connect to host -makeyourank.com: max-age too low: 200 -makino.games: could not connect to host +makeyourlaws.org: could not connect to host malamutedoalasca.com.br: could not connect to host maldiverna.guide: could not connect to host maleexcel.com: did not receive HSTS header @@ -8345,16 +9029,19 @@ malerversand.de: did not receive HSTS header malesbdsm.com: could not connect to host malfait.nl: could not connect to host malgraph.net: could not connect to host -malibubeachrecoverycenter.com: did not receive HSTS header +malibubeachrecoverycenter.com: could not connect to host maljaars-media.nl: could not connect to host +malkaso.com.ua: could not connect to host +mallner.me: could not connect to host malmstroms-co.se: could not connect to host malone.link: could not connect to host maltes.website: could not connect to host malvy.kiev.ua: could not connect to host -malwaretips.com: did not receive HSTS header malwre.io: could not connect to host +maly.io: did not receive HSTS header malya.fr: could not connect to host mamacobaby.com: could not connect to host +mamadoma.com.ua: could not connect to host mamaison.io: could not connect to host mamastore.eu: could not connect to host mamaxi.org: did not receive HSTS header @@ -8363,25 +9050,27 @@ mammothmail.net: could not connect to host mammothmail.org: could not connect to host mammut.space: could not connect to host mamochka.org.ua: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +mamout.xyz: could not connect to host +manaboutahor.se: could not connect to host manage.zenpayroll.com: did not receive HSTS header manage4all.com: could not connect to host manageall.de: could not connect to host managed-varnish.de: did not receive HSTS header manageforall.com: could not connect to host manageforall.de: could not connect to host +management-ethics.com: did not receive HSTS header managemynetsuite.com: did not receive HSTS header -manalu.cz: did not receive HSTS header +manalu.cz: could not connect to host manantial.mx: could not connect to host manav-it.de: could not connect to host mandala-ausmalbilder.de: did not receive HSTS header mandm.servebeer.com: could not connect to host mandpress.com: did not receive HSTS header -mangazuki.co: did not receive HSTS header +mangazuki.co: could not connect to host maniadeprazer.com.br: could not connect to host manifestbin.com: did not receive HSTS header manipulatedtme.com: could not connect to host manitasicily.com: did not receive HSTS header -manneguiden.no: did not receive HSTS header mannford.com: could not connect to host manningbrothers.com: did not receive HSTS header manns-solutions.com: did not receive HSTS header @@ -8394,9 +9083,10 @@ manshop24.com: could not connect to host mansion-note.com: did not receive HSTS header manududu.com.br: could not connect to host manuelrueger.de: could not connect to host +manufacturing.gov: could not connect to host +manutrol.com.br: did not receive HSTS header maomaofuli.vip: could not connect to host maosi.xin: could not connect to host -mapasmundi.com.br: could not connect to host maple5.com: did not receive HSTS header maplenorth.co: did not receive HSTS header mapresidentielle.fr: did not receive HSTS header @@ -8406,10 +9096,11 @@ marcberman.co: could not connect to host marcbuehlmann.com: did not receive HSTS header marcelmarnitz.com: could not connect to host marcelparra.com: could not connect to host -marcelsiegert.com: could not connect to host +marcelwiedemeier.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] marchagen.nl: did not receive HSTS header marche-nordic-jorat.ch: could not connect to host marchhappy.tech: did not receive HSTS header +marco-kretz.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] marco01809.net: could not connect to host marcoececilia.it: did not receive HSTS header marcofinke.de: could not connect to host @@ -8419,9 +9110,12 @@ marcosteixeira.tk: could not connect to host marcschlagenhauf.de: could not connect to host marcus-scheffler.com: did not receive HSTS header marcush.de: could not connect to host +marcusserver.synology.me: did not receive HSTS header mardelcupon.com: could not connect to host mare92.cz: could not connect to host +mareklecian.cz: did not receive HSTS header margaretrosefashions.co.uk: could not connect to host +mariacristinadoces.com.br: did not receive HSTS header mariannematthew.com: could not connect to host marianwehlus.de: did not receive HSTS header marie-curie.fr: could not connect to host @@ -8429,18 +9123,18 @@ marie-elisabeth.dk: did not receive HSTS header marie-en-provence.com: did not receive HSTS header marie.club: could not connect to host marienschule-sundern.de: did not receive HSTS header -marinela.com.mx: max-age too low: 86400 -marinelausa.com: max-age too low: 86400 +marin-dom.ru: could not connect to host mariusschulte.de: did not receive HSTS header mark-a-hydrant.com: did not receive HSTS header mark-armstrong-gaming.com: could not connect to host markayapilandirma.com: could not connect to host markcp.me: could not connect to host market.android.com: did not receive HSTS header (error ignored - included regardless) -marketgot.com: could not connect to host +marketgot.com: did not receive HSTS header marketing-advertising.eu: could not connect to host marketingdesignu.cz: could not connect to host marketingromania.ro: did not receive HSTS header +marklauman.ca: could not connect to host markllego.com: could not connect to host marko-fenster24.de: did not receive HSTS header markorszulak.com: did not receive HSTS header @@ -8450,13 +9144,18 @@ markrobin.de: did not receive HSTS header marksill.com: could not connect to host marktboten.de: did not receive HSTS header markusabraham.com: did not receive HSTS header +markusueberallassetmanagement.de: could not connect to host +markusueberallconsulting.de: could not connect to host markusweimar.de: did not receive HSTS header marlen.cz: did not receive HSTS header marleyresort.com: did not receive HSTS header +marqperso.ch: could not connect to host +marquepersonnelle.ch: could not connect to host marriottvetcareers.com: could not connect to host marshut.net: could not connect to host martialc.be: could not connect to host martiert.com: could not connect to host +martijnvanderzande.nl: did not receive HSTS header martijnvhoof.nl: could not connect to host martin-arend.de: did not receive HSTS header martin-mattel.com: could not connect to host @@ -8465,22 +9164,22 @@ martinestyle.com: could not connect to host martineve.com: did not receive HSTS header martinkup.cz: did not receive HSTS header martinp.no: could not connect to host -martinreed.net: did not receive HSTS header martinrogalla.com: did not receive HSTS header martins.im: could not connect to host -martynhare.co.uk: could not connect to host -martynhare.uk: could not connect to host marumagic.com: did not receive HSTS header -marvinkeller.de: did not receive HSTS header +marvinkeller.de: could not connect to host marxist.party: could not connect to host marykshoup.com: could not connect to host masa-yoga.com: did not receive HSTS header masa.li: could not connect to host +masaze-hanka.cz: could not connect to host +mashandco.it: could not connect to host mashek.net: could not connect to host mashnew.com: could not connect to host masjidtawheed.net: did not receive HSTS header maskinkultur.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] maskt.pw: could not connect to host +massagelimaperu.com: did not receive HSTS header massivum.de: did not receive HSTS header massot.eu: did not receive HSTS header mastd.fr: could not connect to host @@ -8489,6 +9188,7 @@ masteragenasia.com: did not receive HSTS header masterapi.ninja: did not receive HSTS header masterhaus.bg: did not receive HSTS header masteringtheterminal.com: did not receive HSTS header +mastersthesiswriting.com: could not connect to host mastichor.info: could not connect to host mastimtibetano.com: could not connect to host masto.io: could not connect to host @@ -8501,12 +9201,13 @@ mastodon.expert: could not connect to host mastodon.fun: could not connect to host mastodon.my: could not connect to host mastodon.org.uk: did not receive HSTS header -mastodon.pl: could not connect to host +mastodon.pl: did not receive HSTS header +mastodon.top: did not receive HSTS header mastodones.club: could not connect to host masty.nl: could not connect to host masumreza.tk: could not connect to host mat99.dk: could not connect to host -matarrosabierzo.com: did not receive HSTS header +matarrosabierzo.com: could not connect to host matatall.com: did not receive HSTS header maternalsafety.org: did not receive HSTS header mateusmeyer.com.br: could not connect to host @@ -8533,11 +9234,10 @@ matthewprenger.com: could not connect to host matthewtester.com: did not receive HSTS header matthiassteen.be: could not connect to host matthiasweiler.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -mattisam.com: could not connect to host +mattisam.com: did not receive HSTS header mattressinsider.com: max-age too low: 3153600 -mattwb65.com: did not receive HSTS header +mattwb65.com: could not connect to host matty.digital: did not receive HSTS header -matway.net: could not connect to host matze.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] maultrom.ml: could not connect to host maupiknik.com: did not receive HSTS header @@ -8546,18 +9246,20 @@ maurus-automation.de: did not receive HSTS header mausi.co: did not receive HSTS header mavisang.cf: could not connect to host mawe.red: could not connect to host +maxhoechtl.at: could not connect to host maxhorvath.com: could not connect to host maxibanki.ovh: could not connect to host +maxicore.co.za: could not connect to host maxima.at: did not receive HSTS header maximelouet.me: did not receive HSTS header maximov.space: did not receive HSTS header maxkeller.io: did not receive HSTS header maxmachine.ind.br: could not connect to host -maxr1998.de: could not connect to host maxserver.com: did not receive HSTS header maya.mg: could not connect to host maybeul.com: could not connect to host maynardnetworks.com: could not connect to host +mayoristassexshop.com: did not receive HSTS header mazurlabs.tk: could not connect to host mazyun.com: did not receive HSTS header mazz-tech.com: could not connect to host @@ -8578,6 +9280,7 @@ mcdanieldevelopmentservices.com: could not connect to host mcdonalds.ru: did not receive HSTS header mcga.media: could not connect to host mcgavocknissanwichitaparts.com: could not connect to host +mchan.us: did not receive HSTS header mchopkins.net: could not connect to host mcideas.tk: could not connect to host mcjackk77.com: could not connect to host @@ -8588,19 +9291,22 @@ mclist.it: could not connect to host mcmillansedationdentistry.com: did not receive HSTS header mcnoobs.pro: could not connect to host mcooperlaw.com: did not receive HSTS header +mcpart.land: could not connect to host +mcqyy.com: could not connect to host mcsa-usa.org: could not connect to host -mcsniper.co: could not connect to host mcsnovatamabayan.com: could not connect to host +mctherealm.net: could not connect to host mcuexchange.com: did not receive HSTS header mcuong.tk: could not connect to host md-student.com: did not receive HSTS header mdfnet.se: did not receive HSTS header -mdkr.nl: did not receive HSTS header mdscomp.net: did not receive HSTS header mdwftw.com: could not connect to host -me-dc.com: could not connect to host +me-dc.com: did not receive HSTS header meadowfenfarm.com: could not connect to host +meadowviewfarms.org: could not connect to host mealz.com: did not receive HSTS header +meanevo.com: could not connect to host measuretwice.com: did not receive HSTS header meat-education.com: could not connect to host meathealth.com: could not connect to host @@ -8610,6 +9316,7 @@ mecenat-cassous.com: did not receive HSTS header mechok.ru: could not connect to host medallia.io: could not connect to host media-access.online: did not receive HSTS header +media-courses.com: could not connect to host mediacru.sh: could not connect to host mediadandy.com: could not connect to host mediafinancelab.org: could not connect to host @@ -8623,9 +9330,10 @@ medirich.co: could not connect to host meditek-dv.ru: could not connect to host mediter-simplement.com: did not receive HSTS header mediterenopmaandag.nl: did not receive HSTS header +mediumraw.org: did not receive HSTS header mediweed.tk: could not connect to host medm-test.com: could not connect to host -medmarkt24.com: did not receive HSTS header +medpot.net: did not receive HSTS header medstreaming.com: did not receive HSTS header medy-me.com: could not connect to host medzinenews.com: did not receive HSTS header @@ -8633,12 +9341,11 @@ meedoenzaanstad.nl: did not receive HSTS header meetfinch.com: could not connect to host meetmibaby.co.uk: could not connect to host meetscompany.jp: did not receive HSTS header -mega-aukcion.ru: could not connect to host megadrol.com: could not connect to host megakiste.de: could not connect to host megam.host: could not connect to host megashur.se: did not receive HSTS header -megauction.tk: could not connect to host +megasystem.cl: did not receive HSTS header meghudson.com: could not connect to host mego.cloud: could not connect to host meifrench.com: could not connect to host @@ -8650,7 +9357,7 @@ meisterritter.de: did not receive HSTS header meizufans.eu: could not connect to host melakaltenegger.at: did not receive HSTS header melangebrasil.com: could not connect to host -melaniebilodeau.com: could not connect to host +melaniebilodeau.com: did not receive HSTS header melcher.it: did not receive HSTS header melenchatsmelenchiens.fr: could not connect to host melf.nl: could not connect to host @@ -8670,6 +9377,7 @@ memdoc.org: could not connect to host memeblast.ninja: could not connect to host memepasmal.org: could not connect to host memetrash.co.uk: could not connect to host +memo-linux.com: could not connect to host memory-plus-180.com: could not connect to host memorygame.io: did not receive HSTS header memorytrace.space: could not connect to host @@ -8681,7 +9389,10 @@ mensmaximus.de: did not receive HSTS header mentax.net: did not receive HSTS header menthix.net: could not connect to host menudrivetest.com: could not connect to host +menuel.me: could not connect to host +menuiserie-berard.com: did not receive HSTS header menzaijia.com: could not connect to host +meo.de: could not connect to host meow.cloud: could not connect to host meozcraft.com: could not connect to host mercamaris.es: did not receive HSTS header @@ -8690,7 +9401,7 @@ merccorp.de: max-age too low: 0 mercedes-benz-usedcars.be: could not connect to host mercury-studio.com: did not receive HSTS header mereckas.com: could not connect to host -meredithkm.info: could not connect to host +meredithkm.info: did not receive HSTS header mergozzo.com: did not receive HSTS header merimatka.fi: could not connect to host meritz.rocks: could not connect to host @@ -8717,6 +9428,7 @@ metricaid.com: did not receive HSTS header metrix-money-ptc.com: could not connect to host metrix.design: could not connect to host metzgerei-birkenhof.de: could not connect to host +meu-smartphone.com: did not receive HSTS header meucosmetico.com.br: could not connect to host meuemail.pro: could not connect to host meupedido.online: could not connect to host @@ -8733,6 +9445,7 @@ mfiles.pl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_ mfrsgb45.org: did not receive HSTS header mft.global: could not connect to host mfxer.com: could not connect to host +mgcraft.net: could not connect to host mgdigital.fr: did not receive HSTS header mgiay.com: did not receive HSTS header mgoessel.de: did not receive HSTS header @@ -8745,16 +9458,16 @@ mht-travel.com: could not connect to host mhx.pw: could not connect to host mia.ac: could not connect to host mia.to: could not connect to host +miamicityballet.org: did not receive HSTS header mianfei-vpn.com: could not connect to host -micado-software.com: could not connect to host michael-schilling.de: did not receive HSTS header -michaelasawyer.com: could not connect to host michaelcullen.name: could not connect to host michaeldemuth.com: could not connect to host -michaelfitzpatrickruth.com: could not connect to host +michaelfitzpatrickruth.com: did not receive HSTS header michaelklos.nl: could not connect to host michaelmorpurgo.com: did not receive HSTS header michaeln.net: did not receive HSTS header +michaels-homepage-service.de: could not connect to host michaelscrivo.com: did not receive HSTS header michaelsulzer.com: did not receive HSTS header michaelsulzer.eu: did not receive HSTS header @@ -8773,13 +9486,14 @@ micro-dv.ru: could not connect to host micro-rain-systems.com: could not connect to host microblading.pe: could not connect to host microdesic.com: could not connect to host -micromata.de: did not receive HSTS header -microme.ga: did not receive HSTS header +microme.ga: could not connect to host micropple.net: could not connect to host microtalk.org: could not connect to host +midgawash.com: could not connect to host midirs.org: did not receive HSTS header midonet.org: did not receive HSTS header midriversmotorsllc.com: did not receive HSTS header +midterm.us: could not connect to host midwestwomenworkers.org: could not connect to host miegl.cz: could not connect to host miemie.jp: could not connect to host @@ -8793,7 +9507,9 @@ migrantskillsregister.org.uk: could not connect to host migrator.co: could not connect to host miguksaram.com: could not connect to host mijn-email.org: could not connect to host +mijndiad.nl: did not receive HSTS header mijnkredietpaspoort.nl: could not connect to host +mijntransacties.nl: could not connect to host mika.cat: could not connect to host mikadesign.se: did not receive HSTS header mikaela.info: did not receive HSTS header @@ -8801,18 +9517,17 @@ mikaelemilsson.net: did not receive HSTS header mikeburns.com: could not connect to host mikedugan.org: did not receive HSTS header mikeg.de: did not receive HSTS header -mikek.work: could not connect to host +mikek.work: did not receive HSTS header mikeology.org: could not connect to host mikepair.net: could not connect to host mikes.tk: could not connect to host -mikewillia.ms: could not connect to host +mikeybailey.org: could not connect to host mikeybot.com: could not connect to host -mikhirev.ru: could not connect to host mikii.club: could not connect to host mikk.cz: could not connect to host mikro-inwestycje.co.uk: did not receive HSTS header miku.be: could not connect to host -miku.hatsune.my: could not connect to host +miku.hatsune.my: did not receive HSTS header mikusinec.com: could not connect to host milahendri.com: did not receive HSTS header milang.xyz: could not connect to host @@ -8822,18 +9537,16 @@ milesgeek.com: did not receive HSTS header military-portal.cz: did not receive HSTS header militarycarlot.com: did not receive HSTS header militaryconsumer.gov: did not receive HSTS header -milktea.info: could not connect to host -millenniumweb.com: max-age too low: 86400 +millibitcoin.jp: could not connect to host millionairessecrets.com: could not connect to host millstep.de: did not receive HSTS header milonga.tips: could not connect to host mimbeim.com: did not receive HSTS header -mimobile.website: could not connect to host mimoderoupa.pt: could not connect to host min.kiwi: could not connect to host minantavla.se: could not connect to host mind.sh: did not receive HSTS header -mindbodycontinuum.com: did not receive HSTS header +mindcell.no: could not connect to host mindcraft.ga: could not connect to host mine.world: could not connect to host minecraft-forum.cf: could not connect to host @@ -8852,7 +9565,7 @@ minecraftvoter.com: could not connect to host minecrell.net: max-age too low: 172800 mineover.es: could not connect to host minetude.com: could not connect to host -mingming.info: did not receive HSTS header +mingkyaa.com: could not connect to host mingo.nl: max-age too low: 2592000 mingy.ddns.net: could not connect to host mingyueli.com: could not connect to host @@ -8870,12 +9583,14 @@ minnesotadata.com: could not connect to host minor.news: could not connect to host minora.io: could not connect to host minoris.se: did not receive HSTS header +mintea-noua.ro: could not connect to host mipiaci.co.nz: did not receive HSTS header mipiaci.com.au: did not receive HSTS header miragrow.com: could not connect to host mireillewendling.com.br: could not connect to host mirgleich.dnshome.de: could not connect to host mirindadomo.ru: did not receive HSTS header +mirodasilva.be: could not connect to host mironized.com: did not receive HSTS header mirrorsedgearchive.ga: could not connect to host mirrorx.com: did not receive HSTS header @@ -8883,15 +9598,17 @@ miruc.co: did not receive HSTS header mirucon.com: did not receive HSTS header misconfigured.io: could not connect to host miscreant.me: could not connect to host -misericordiasegrate.org: could not connect to host +misericordiasegrate.org: did not receive HSTS header misgluteosperfectos.com: did not receive HSTS header misiondelosangeles-mailing.com: did not receive HSTS header misiru.jp: could not connect to host +misrv.com: did not receive HSTS header missrain.tw: could not connect to host missycosmeticos.com.br: could not connect to host mist.ink: could not connect to host mister.hosting: did not receive HSTS header misterl.net: did not receive HSTS header +misuzu.moe: could not connect to host mitarbeiter-pc.de: did not receive HSTS header mitchellrenouf.ca: could not connect to host mitior.net: could not connect to host @@ -8913,15 +9630,20 @@ mkakh.xyz: could not connect to host mkasu.org: could not connect to host mkfs.be: could not connect to host mkfs.fr: could not connect to host +mkg-palais-hanau.de: did not receive HSTS header +mkg-wiebelskirchen.de: could not connect to host mkp-deutschland.de: did not receive HSTS header mkplay.io: could not connect to host -mktemp.org: could not connect to host mkw.st: could not connect to host +mlcambiental.com.br: did not receive HSTS header mlcdn.co: could not connect to host mlpchan.net: could not connect to host mlpepilepsy.org: could not connect to host mlpvc-rr.ml: did not receive HSTS header mlrslateroofing.com.au: did not receive HSTS header +mlsrv.de: could not connect to host +mmaps.ddns.net: could not connect to host +mmcc.pe: did not receive HSTS header mmgazhomeloans.com: did not receive HSTS header mmilog.hu: could not connect to host mmmm.com: could not connect to host @@ -8933,20 +9655,21 @@ mnetworkingsolutions.co.uk: could not connect to host mnmt.no: did not receive HSTS header mnwt.nl: could not connect to host moar.so: did not receive HSTS header +moas.design: could not connect to host moas.photos: did not receive HSTS header mobaircon.com: did not receive HSTS header -mobifinans.ru: could not connect to host mobile-gesundheit.org: could not connect to host mobile.eti.br: could not connect to host mobilebay.top: could not connect to host mobilecoach.com: did not receive HSTS header mobilekey.co: could not connect to host -mobilemalin.com: could not connect to host +mobilemalin.com: did not receive HSTS header mobileritelushi.com: could not connect to host mobilethreat.net: could not connect to host mobilethreatnetwork.net: could not connect to host mobilpass.no: could not connect to host -mobimalin.com: could not connect to host +mobimalin.com: did not receive HSTS header +mobisium.com: did not receive HSTS header mobiwalk.com: could not connect to host mobix5.com: did not receive HSTS header mobmp4.co: could not connect to host @@ -8958,15 +9681,19 @@ mockmyapp.com: could not connect to host mocloud.eu: could not connect to host mocloud.win: could not connect to host mocsuite.club: could not connect to host +modalrakyat.com: could not connect to host +modalrakyat.id: did not receive HSTS header modaperuimport.com: could not connect to host modded-minecraft-server-list.com: could not connect to host moddedark.com: could not connect to host mode-marine.com: could not connect to host +modecaso.com: could not connect to host model9.io: did not receive HSTS header modelsclub.org.ua: could not connect to host modemagazines.co.uk: could not connect to host moderatortv.de: did not receive HSTS header modernibytovytextil.cz: could not connect to host +moderntld.net: could not connect to host mododo.de: could not connect to host modx.by: max-age too low: 31536 modx.io: could not connect to host @@ -8978,6 +9705,7 @@ moebel-nagel.de: did not receive HSTS header moebel-vergleichen.com: did not receive HSTS header moefi.xyz: could not connect to host moegirl.org: did not receive HSTS header +moehrke.cc: could not connect to host moellers.it: could not connect to host moeloli.pw: did not receive HSTS header moelord.org: could not connect to host @@ -8992,14 +9720,17 @@ mojapraca.sk: did not receive HSTS header mojefilmy.xyz: could not connect to host mojizuri.jp: max-age too low: 86400 mokadev.com: did not receive HSTS header +molokai.org: could not connect to host mols.me: did not receive HSTS header -momfulfilled.com: did not receive HSTS header +momento.co.id: did not receive HSTS header +momfulfilled.com: could not connect to host mommel.com: could not connect to host mommelonline.de: could not connect to host momoka.moe: could not connect to host mon-a-lisa.com: did not receive HSTS header -mon-mobile.com: could not connect to host +mon-mobile.com: did not receive HSTS header mona.lu: could not connect to host +monalisa.wtf: could not connect to host monarca.systems: could not connect to host monasterialis.eu: could not connect to host monautoneuve.fr: did not receive HSTS header @@ -9016,21 +9747,27 @@ monika-sokol.de: did not receive HSTS header monitaure.io: could not connect to host monitman.solutions: could not connect to host monitori.ng: could not connect to host +monkieteel.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] monochrometoys.com: could not connect to host +monodukuri.cafe: did not receive HSTS header +monodzukuri.cafe: did not receive HSTS header +monokoo.com: could not connect to host monoseis-monotica.gr: max-age too low: 300 monotsuku.com: could not connect to host +monozukuri.cafe: did not receive HSTS header montanacures.org: could not connect to host montanana.com: did not receive HSTS header monteurzimmerfrei.de: could not connect to host montonicms.com: could not connect to host -moo.pet: did not receive HSTS header +moo.pet: could not connect to host moobo.xyz: did not receive HSTS header moodifiers.com: could not connect to host moon.lc: could not connect to host -moonagic.io: did not receive HSTS header moonchart.co.uk: did not receive HSTS header moonless.net: could not connect to host moonloupe.com: could not connect to host +moonrhythm.info: did not receive HSTS header +moonrhythm.io: did not receive HSTS header moonysbouncycastles.co.uk: could not connect to host moosemanstudios.com: could not connect to host moov.is: could not connect to host @@ -9049,7 +9786,6 @@ morethanadream.lv: could not connect to host morfitronik.pl: could not connect to host morganestes.com: max-age too low: 0 morganino.eu: could not connect to host -morhys.com: could not connect to host morningcalculation.com: could not connect to host morninglory.com: did not receive HSTS header mornings.com: did not receive HSTS header @@ -9057,7 +9793,7 @@ morotech.com.br: could not connect to host morpheusx.at: could not connect to host morpheusxaut.net: could not connect to host morpork.xyz: could not connect to host -morz.org: could not connect to host +morz.org: max-age too low: 0 mosaique-lachenaie.fr: could not connect to host moskva.guide: did not receive HSTS header moso.io: did not receive HSTS header @@ -9071,21 +9807,26 @@ motocyklovedily.cz: did not receive HSTS header motomorgen.com: could not connect to host motorbiketourhanoi.com: could not connect to host motorcheck.ie: did not receive HSTS header +motornomaslo.bg: did not receive HSTS header motoroilinfo.com: did not receive HSTS header motorsportdiesel.com: did not receive HSTS header +motovio.de: did not receive HSTS header motransportinfo.com: did not receive HSTS header mottvd.com: could not connect to host +moube.fr: could not connect to host moudicat.com: max-age too low: 6307200 moula.com.au: did not receive HSTS header moumaobuchiyu.com: could not connect to host -mountainadventureseminars.com: could not connect to host +mountain-rock.ru: could not connect to host +mountainadventureseminars.com: did not receive HSTS header mountainmusicpromotions.com: did not receive HSTS header movabletype.net: max-age too low: 3600 -move.mil: did not receive HSTS header movepin.com: could not connect to host movie4k.fyi: could not connect to host movie4k.life: could not connect to host -moviedollars.com: did not receive HSTS header +movie4kto.site: could not connect to host +moviedollars.com: could not connect to host +movienang.com: max-age too low: 0 moviesabout.net: could not connect to host moviespur.info: did not receive HSTS header moving-pixtures.de: could not connect to host @@ -9096,17 +9837,21 @@ moy-gorod.od.ua: did not receive HSTS header moyu.host: did not receive HSTS header mozart-game.cz: could not connect to host mozartgame.cz: could not connect to host +mozgb.ru: could not connect to host mozillians.org: did not receive HSTS header mozoa.net: could not connect to host mozzilla.cz: could not connect to host mp3donusturucu.com: did not receive HSTS header mp3donusturucu.net: did not receive HSTS header +mp3gratuiti.com: could not connect to host mp3juices.is: could not connect to host mpi-sa.fr: did not receive HSTS header -mpkossen.com: did not receive HSTS header +mpkossen.com: could not connect to host +mpn.poker: did not receive HSTS header mpserver12.org: could not connect to host mr-coffee.net: could not connect to host mr-hosting.com: could not connect to host +mr-nachhilfe.de: did not receive HSTS header mrafrohead.com: could not connect to host mrawe.com: could not connect to host mrburtbox.com: could not connect to host @@ -9117,24 +9862,24 @@ mrettich.org: did not receive HSTS header mrhc.ru: could not connect to host mrhee.com: did not receive HSTS header mrizzio.com: could not connect to host -mrketolocksmith.com: could not connect to host +mrksk.com: could not connect to host mrleonardo.com: did not receive HSTS header mrliu.me: could not connect to host mrnh.tk: could not connect to host -mrning.com: could not connect to host mrnonz.com: max-age too low: 0 mrparker.pw: did not receive HSTS header mrpopat.in: did not receive HSTS header -mrs-shop.com: did not receive HSTS header -mrsbairds.com: max-age too low: 86400 +mrpropop.com: max-age too low: 0 +mrs-shop.com: could not connect to host +mrtunnel.club: did not receive HSTS header mruganiepodspacja.pl: could not connect to host msc-seereisen.net: could not connect to host msgallery.tk: could not connect to host +msp66.de: could not connect to host mstd.tokyo: did not receive HSTS header mstdn-tech.jp: could not connect to host -mstdn.io: did not receive HSTS header -mstdn.nl: did not receive HSTS header -mstiles92.com: max-age too low: 0 +mstdn.nl: could not connect to host +mstiles92.com: did not receive HSTS header msz-fotografie.de: could not connect to host mszaki.com: did not receive HSTS header mt.me.uk: could not connect to host @@ -9148,18 +9893,25 @@ mtg-esport.de: did not receive HSTS header mtg-tutor.de: could not connect to host mtirc.co: could not connect to host mtn.cc: could not connect to host -mtrip.com: did not receive HSTS header +mtrock.ru: could not connect to host +mu3on.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +muahahahaha.co.uk: could not connect to host +muchohentai.com: could not connect to host +muffet.pw: could not connect to host muga.space: could not connect to host muj-svet.cz: could not connect to host mujadin.se: did not receive HSTS header mulenvo.com: did not receive HSTS header +mulheres18.com: could not connect to host mullen.net.au: did not receive HSTS header multiterm.org: did not receive HSTS header multivpn.cn.com: could not connect to host multivpn.com.de: could not connect to host multivpn.com.ua: could not connect to host multivpn.fr: could not connect to host +multiworldsoftware.com: did not receive HSTS header mumei.space: did not receive HSTS header +mundoadulto.com.br: did not receive HSTS header mundoalpha.com.br: did not receive HSTS header mundodapoesia.com: did not receive HSTS header munecoscabezones.com: did not receive HSTS header @@ -9180,6 +9932,7 @@ murraycolin.org: could not connect to host murrayrun.com: did not receive HSTS header mursu.directory: could not connect to host murz.tv: could not connect to host +muscleangels.com: could not connect to host museminder2.com: did not receive HSTS header museumstreak.com: did not receive HSTS header musewearflipflops.com: could not connect to host @@ -9189,18 +9942,16 @@ musi.cx: could not connect to host musikkfondene.no: did not receive HSTS header musikzug-bookholzberg.de: did not receive HSTS header muslimbanter.co.za: could not connect to host -musmann.io: did not receive HSTS header mustika.cf: did not receive HSTS header mutamatic.com: could not connect to host mutuelle-obligatoire-pme.fr: did not receive HSTS header -muusika.fun: could not connect to host muzgra.in: did not receive HSTS header +muzi.cz: could not connect to host muzykaprzeszladoplay.pl: could not connect to host mvanmarketing.nl: did not receive HSTS header mvnet.com.br: did not receive HSTS header mvsecurity.nl: could not connect to host mwalz.com: could not connect to host -mx.org.ua: could not connect to host mxawei.cn: could not connect to host mxlife.org: could not connect to host my-demo.co: could not connect to host @@ -9214,6 +9965,8 @@ myairshop.gr: could not connect to host myandroid.tools: could not connect to host myandroidtools.cc: could not connect to host myandroidtools.pro: could not connect to host +myappliancerepairhouston.com: did not receive HSTS header +myartsway.com: did not receive HSTS header mybudget.xyz: could not connect to host mybuilderinlondon.co.uk: did not receive HSTS header mybusiness.cm: did not receive HSTS header @@ -9223,7 +9976,7 @@ myclientsplus.com: did not receive HSTS header mycollab.net: could not connect to host mycontrolmonitor.com: could not connect to host mycoted.com: did not receive HSTS header -myday.eu.com: could not connect to host +myday.eu.com: did not receive HSTS header mydeos.com: could not connect to host mydigipass.com: did not receive HSTS header mydmdi.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] @@ -9243,23 +9996,25 @@ mygov.scot: did not receive HSTS header mygpsite.com: did not receive HSTS header mygreatjob.eu: could not connect to host myhair.asia: did not receive HSTS header -myicare.org: could not connect to host +myhostname.net: did not receive HSTS header +myicare.org: did not receive HSTS header myiocc.org: did not receive HSTS header myip.tech: max-age too low: 2592000 mykolab.com: did not receive HSTS header mykreuzfahrt.de: could not connect to host -mylene-chandelier.me: could not connect to host +mylene-chandelier.me: did not receive HSTS header mylighthost.com: did not receive HSTS header mylocalsearch.co.uk: did not receive HSTS header -mymixtapez.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -mymp3singer.co: did not receive HSTS header +mylotto.co.nz: could not connect to host +mymp3singer.co: could not connect to host mymp3singer.net: could not connect to host -mymp3singer.site: did not receive HSTS header +mymp3singer.site: could not connect to host mymsr.de: did not receive HSTS header myndcommunication.com: could not connect to host mynetblog.com: did not receive HSTS header +mynetworkingbuddy.com: could not connect to host mynewleaf.co: did not receive HSTS header -mynewselfbariatrics.com: could not connect to host +mynewselfbariatrics.com: did not receive HSTS header myni.io: could not connect to host mynigma.org: did not receive HSTS header myon.info: did not receive HSTS header @@ -9278,7 +10033,6 @@ myptsite.com: could not connect to host myqdu.cn: could not connect to host myqdu.com: could not connect to host myrig.io: could not connect to host -myrig.net: could not connect to host myrsa.in: did not receive HSTS header myruststats.com: could not connect to host mysa.is: could not connect to host @@ -9286,28 +10040,28 @@ mysecretrewards.com: could not connect to host myspa.asia: did not receive HSTS header mystery-science-theater-3000.de: did not receive HSTS header mysteryblog.de: did not receive HSTS header +mystown.org: could not connect to host mystudy.me: could not connect to host mytc.fr: could not connect to host mythlogic.com: did not receive HSTS header mythslegendscollection.com: did not receive HSTS header -mytraiteurs.com: could not connect to host mytravelblog.de: could not connect to host myweb360.de: did not receive HSTS header -myxbox.gr: did not receive HSTS header +myxbox.gr: max-age too low: 0 myzone.com: did not receive HSTS header -mziulu.me: could not connect to host mzlog.win: could not connect to host mzorn.photography: could not connect to host -mzzj.de: could not connect to host +n-kanazawa.jp: max-age too low: 0 n-rickroll-e.pw: could not connect to host n-x.info: did not receive HSTS header n0099.cf: did not receive HSTS header n0rm.ru: could not connect to host n0s.de: did not receive HSTS header -n2servers.com: could not connect to host +n2host.eu: could not connect to host n2x.in: could not connect to host +n3twork.net: could not connect to host n4l.pw: could not connect to host -n64chan.me: did not receive HSTS header +n64chan.me: could not connect to host n8ch.net: could not connect to host na.hn: did not receive HSTS header naano.org: could not connect to host @@ -9317,21 +10071,25 @@ nabytko.cz: could not connect to host nacktetatsachen.at: did not receive HSTS header nadaquenosepas.com: could not connect to host nadia.pt: could not connect to host +nadyaolcer.fr: could not connect to host nagaragem.com.br: did not receive HSTS header +nagelfam.com: could not connect to host nagios.by: did not receive HSTS header nagoya-kyuyo.com: could not connect to host naiaspa.fr: did not receive HSTS header naiharngym.com: did not receive HSTS header -nais.me: could not connect to host +nailedithomebuilders.com: could not connect to host +nais.me: did not receive HSTS header najedlo.sk: could not connect to host +nakada4610.com: could not connect to host nakamastreamingcommunity.com: could not connect to host -nakanishi-paint.com: could not connect to host nakhonidc.com: could not connect to host -nakitbonus2.com: did not receive HSTS header +nakitbonus2.com: could not connect to host nakliyatsirketi.biz: could not connect to host +nako.no: did not receive HSTS header nakuro.de: could not connect to host nalao-company.com: did not receive HSTS header -nalifornia.com: did not receive HSTS header +nalifornia.com: could not connect to host nalinux.cz: did not receive HSTS header nallon.com.br: could not connect to host nalukfitness.com.br: could not connect to host @@ -9341,15 +10099,18 @@ named.ga: could not connect to host nameme.xyz: could not connect to host nametaken-cloud.duckdns.org: could not connect to host namethatbone.com: could not connect to host +namethatporn.com: could not connect to host namikawatetsuji.jp: could not connect to host namorico.me: could not connect to host nan.ci: did not receive HSTS header nan.zone: could not connect to host +nanami.moe: could not connect to host nanderson.me: could not connect to host nanfangstone.com: could not connect to host nani.io: did not receive HSTS header naniki.co.uk: could not connect to host nanogeneinc.com: could not connect to host +nanogi.ga: could not connect to host nanokamo.com: did not receive HSTS header nanosingularity.com: could not connect to host nanrenba.net: could not connect to host @@ -9363,15 +10124,14 @@ narko.space: could not connect to host narodniki.com: did not receive HSTS header narviz.com: did not receive HSTS header nasarawanewsonline.com: could not connect to host -nasmocopati.com: could not connect to host +nasmocopati.com: did not receive HSTS header nasralmabrooka.com: did not receive HSTS header nastysclaw.com: could not connect to host natalia-fadeeva.ru: could not connect to host -natalia.io: could not connect to host +natalia.io: did not receive HSTS header natalieandjoshua.com: could not connect to host natalt.org: did not receive HSTS header natalydanilova.com: max-age too low: 300 -natanaelys.com: could not connect to host nataniel-perissier.fr: could not connect to host nate.sh: could not connect to host natenom.com: max-age too low: 7200 @@ -9380,7 +10140,6 @@ natenom.name: max-age too low: 7200 nathankonopinski.com: could not connect to host nathanmfarrugia.com: did not receive HSTS header nationalmall.gov: could not connect to host -nationwiderealtyinvestors.com: could not connect to host nationwidevehiclecontracts.co.uk: did not receive HSTS header natur-udvar.hu: could not connect to host natural-progesterone.net: could not connect to host @@ -9393,7 +10152,8 @@ nauck.org: did not receive HSTS header naudles.me: could not connect to host nav.jobs: could not connect to host naval.tf: could not connect to host -naviaddress.io: could not connect to host +navdeep.ca: could not connect to host +naviaddress.io: did not receive HSTS header naviteq.eu: could not connect to host navjobs.com: could not connect to host nawroth.info: could not connect to host @@ -9403,7 +10163,9 @@ nba2kqq.com: could not connect to host nbb.io: could not connect to host nbg-ha.de: could not connect to host nbis.gov: could not connect to host +nbl.org.tw: could not connect to host nbrown.us: could not connect to host +nbtparse.org: could not connect to host nc2c.com: could not connect to host nc99.co: could not connect to host ncc60205.info: could not connect to host @@ -9414,13 +10176,14 @@ ncpw.gov: did not receive HSTS header ncrmnt.org: did not receive HSTS header nct.org.uk: did not receive HSTS header nctx.co.uk: did not receive HSTS header +ndmath.club: could not connect to host ndtblog.com: could not connect to host ndtmarket.place: could not connect to host ne1home.dyndns.org: did not receive HSTS header neap.io: could not connect to host near.st: did not receive HSTS header nearbiwa.com: did not receive HSTS header -nearon.nl: did not receive HSTS header +nearon.nl: could not connect to host neavision.de: did not receive HSTS header nebulousenhanced.com: could not connect to host necesitodinero.org: could not connect to host @@ -9439,24 +10202,29 @@ neilgreen.net: did not receive HSTS header nejnamc.org: did not receive HSTS header neko-life.com: did not receive HSTS header neko.li: could not connect to host +neko.ml: could not connect to host nekoku.io: could not connect to host nekox.ml: could not connect to host nellen.it: did not receive HSTS header +nemanja.top: did not receive HSTS header nemno.de: could not connect to host nemovement.org: could not connect to host neoani.me: did not receive HSTS header neocyd.com: could not connect to host neofelhz.space: could not connect to host +neojames.me: could not connect to host neonisi.com: could not connect to host neonnuke.tech: did not receive HSTS header neosolution.ca: did not receive HSTS header +neotist.com: did not receive HSTS header nercp.org.uk: did not receive HSTS header nerd42.de: could not connect to host +nerdbox.cc: did not receive HSTS header nerdjokes.de: could not connect to host nerfroute.com: could not connect to host neris.io: could not connect to host neriumhcp.com: did not receive HSTS header -nerpa-club.ru: did not receive HSTS header +nerpa-club.ru: could not connect to host nesantuoka.lt: could not connect to host nestone.ru: could not connect to host net-navi.cc: did not receive HSTS header @@ -9474,18 +10242,16 @@ netfs.pl: did not receive HSTS header netherwind.eu: did not receive HSTS header netlilo.com: could not connect to host netloanusa.com: could not connect to host -netlocal.ru: could not connect to host netmagik.com: did not receive HSTS header netprofile.com.au: did not receive HSTS header netresourcedesign.com: could not connect to host +netronome.com: did not receive HSTS header netsafeid.biz: did not receive HSTS header netscaler.expert: could not connect to host netsight.org: could not connect to host netsparkercloud.com: did not receive HSTS header netsystems.pro: could not connect to host -nettacompany.com.tr: did not receive HSTS header nettefoundation.com: could not connect to host -networx-online.de: could not connect to host netzbit.de: could not connect to host netzpolitik.org: max-age too low: 2592000 netztest.at: did not receive HSTS header @@ -9497,14 +10263,17 @@ neuralgic.net: could not connect to host neuro-plus-100.com: could not connect to host neuronfactor.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] neutralvehicle.com: did not receive HSTS header +neva.li: could not connect to host nevadafiber.net: could not connect to host never-afk.de: did not receive HSTS header neveta.com: could not connect to host new: could not connect to host newantiagingcreams.com: could not connect to host +newbieboss.com: did not receive HSTS header newbownerton.xyz: could not connect to host newchance.store: could not connect to host newcityinfo.info: could not connect to host +newdeveloper.download: could not connect to host newedivideo.it: could not connect to host newfacialbeautycream.com: could not connect to host newgenerationplus.org: could not connect to host @@ -9513,14 +10282,15 @@ newline.online: did not receive HSTS header newlooknow.com: did not receive HSTS header newmelalife.com: did not receive HSTS header newparadigmventures.net: did not receive HSTS header +newpoke.net: did not receive HSTS header newportpropertygroup.com: could not connect to host news4c.com: did not receive HSTS header newsquantified.com: max-age too low: 0 newstarnootropics.com: could not connect to host -newsyslog.org: could not connect to host newtnote.com: could not connect to host newtonhaus.com: could not connect to host newtonwarp.com: could not connect to host +nexgeneration-solutions.com: could not connect to host nexlab.org: did not receive HSTS header next-taxi.ru: could not connect to host next176.sk: did not receive HSTS header @@ -9528,23 +10298,21 @@ next47.com: did not receive HSTS header nextcloud.li: could not connect to host nextcloud.nerdpol.ovh: could not connect to host nextcloud.org: could not connect to host -nextgen.sk: could not connect to host -nextgenthemes.com: did not receive HSTS header nexth.de: could not connect to host nexth.net: did not receive HSTS header nexth.us: could not connect to host -nexthop.co.jp: did not receive HSTS header +nexthop.co.jp: could not connect to host nexthop.co.th: did not receive HSTS header nextpages.de: could not connect to host nextproject.us: could not connect to host nextshutter.com: did not receive HSTS header -nexus-vienna.at: could not connect to host nexusbyte.de: could not connect to host nexuscorporation.in: could not connect to host +nfhome.be: did not receive HSTS header +nfls.io: did not receive HSTS header nfo.so: could not connect to host ng-firewall.com: did not receive HSTS header ng-security.com: could not connect to host -ngc.gov: could not connect to host ngiemboon.net: could not connect to host ngine.ch: did not receive HSTS header nginxnudes.com: could not connect to host @@ -9553,11 +10321,13 @@ nglr.org: could not connect to host ngocuong.net: could not connect to host ngt-service.ru: could not connect to host ngtoys.com.br: did not receive HSTS header +nhliberty.org: did not receive HSTS header nhsuites.com: did not receive HSTS header nhus.de: max-age too low: 172800 niallator.com: could not connect to host nibiisclaim.com: could not connect to host nicestresser.fr: could not connect to host +nicholasperkins.io: could not connect to host nicky.io: did not receive HSTS header nico.one: could not connect to host nicoborghuis.nl: could not connect to host @@ -9574,19 +10344,22 @@ nien.chat: could not connect to host nien.com.tw: could not connect to host nienfun.com: could not connect to host nieuwsoverijssel.nl: did not receive HSTS header +niffler.software: could not connect to host nifpnet.nl: could not connect to host nifume.com: could not connect to host +niggo.eu: could not connect to host nightsnack.cf: could not connect to host niho.jp: did not receive HSTS header nikcub.com: could not connect to host nikksno.io: could not connect to host +niklas.host: could not connect to host niklaslindblad.se: did not receive HSTS header nikobradshaw.com: could not connect to host nikolaichik.photo: did not receive HSTS header nikolasbradshaw.com: could not connect to host -nikonnps.co.uk: did not receive HSTS header nilianwo.com: could not connect to host niloxy.com: did not receive HSTS header +nimidam.com: could not connect to host ninchisho-online.com: did not receive HSTS header ninebytes.xyz: could not connect to host ning.so: did not receive HSTS header @@ -9594,30 +10367,38 @@ ninhs.org: could not connect to host ninjan.co: did not receive HSTS header ninjaspiders.com: could not connect to host ninofink.com: could not connect to host -ninreiei.jp: could not connect to host niouininon.eu: could not connect to host nippler.org: could not connect to host nippombashi.net: did not receive HSTS header +nippon.fr: could not connect to host nipponcareers.com: did not receive HSTS header nirada.info: could not connect to host +nirjharstudio.com: could not connect to host nirna.io: did not receive HSTS header +nirvanashop.com: could not connect to host nishaswonderland.be: did not receive HSTS header nishaswonderland.nl: did not receive HSTS header nishikino-maki.com: could not connect to host nishisbma.com: could not connect to host +nitaonline.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +niva.synology.me: did not receive HSTS header niveldron.com: could not connect to host nixien.fr: could not connect to host nixmag.net: could not connect to host -nkadvertising.online: could not connect to host +nixne.st: could not connect to host +nkadvertising.online: did not receive HSTS header nkautoservice.nl: did not receive HSTS header nkb.in.th: could not connect to host +nkp-media.de: could not connect to host nlegall.fr: did not receive HSTS header nll.fi: could not connect to host nmadda.com: did not receive HSTS header nmctest.net: could not connect to host +nmgb.ga: could not connect to host +nmgb.ml: could not connect to host nmsnj.com: did not receive HSTS header nmueller.at: could not connect to host -nnote.net: did not receive HSTS header +nnote.net: could not connect to host nnya.cat: could not connect to host no17sifangjie.cc: could not connect to host nocallaghan.com: could not connect to host @@ -9639,6 +10420,7 @@ noesberts-weidmoos.de: did not receive HSTS header noexpect.org: could not connect to host noima.com: did not receive HSTS header noisebridge.social: could not connect to host +nojok.es: could not connect to host nolag.host: could not connect to host nolatepayments.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] nolberg.net: did not receive HSTS header @@ -9648,6 +10430,7 @@ nolte.work: could not connect to host nomorebytes.de: could not connect to host nonemu.ninja: could not connect to host noodlesandwich.com: did not receive HSTS header +noodleyum.com: did not receive HSTS header nootropicsource.com: did not receive HSTS header nope.website: could not connect to host nopex.no: could not connect to host @@ -9660,19 +10443,23 @@ nordic-survival.de: did not receive HSTS header nordiccasinocommunity.com: did not receive HSTS header nordlicht.photography: did not receive HSTS header norge.guide: could not connect to host +normalady.com: could not connect to host normanschwaneberg.de: did not receive HSTS header north.supply: could not connect to host northcutt.com: did not receive HSTS header -northernpage.com: could not connect to host +northernmuscle.ca: could not connect to host northpennvwparts.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] northwoodsfish.com: could not connect to host nosbenevolesontdutalent.com: could not connect to host nosecretshop.com: could not connect to host nossasenhoradaconceicao.com.br: did not receive HSTS header nostraspace.com: could not connect to host +nosx.tk: could not connect to host not-a.link: could not connect to host +nota-web.com: could not connect to host notablog.xyz: did not receive HSTS header notadd.io: could not connect to host +notadd.store: could not connect to host notarankastojkovic.me: could not connect to host notarobot.fr: did not receive HSTS header notboring.co.uk: could not connect to host @@ -9684,9 +10471,11 @@ notevencode.com: could not connect to host nothing.net.nz: max-age too low: 7776000 nothing.org.uk: could not connect to host noticia.do: did not receive HSTS header -notjustbitchy.com: did not receive HSTS header +notificami.com: could not connect to host +notjustbitchy.com: could not connect to host notonprem.com: could not connect to host nottheonion.net: did not receive HSTS header +nottori.com: could not connect to host notypiesni.sk: did not receive HSTS header nou.si: did not receive HSTS header nouma.fr: did not receive HSTS header @@ -9704,47 +10493,47 @@ novelabs.de: could not connect to host novelabs.eu: could not connect to host novelshouse.com: could not connect to host novfishing.ru: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -novinhabucetuda.com: did not receive HSTS header +novinhabucetuda.com: could not connect to host novinivo.com: did not receive HSTS header novtest.ru: did not receive HSTS header noworrywp.com: could not connect to host nowprotein.com: did not receive HSTS header -noxi.ga: could not connect to host nozoe.jp: could not connect to host npm.li: did not receive HSTS header +npmg.org: max-age too low: 0 npol.de: could not connect to host -npool.org: did not receive HSTS header +npool.org: could not connect to host nq7.pl: could not connect to host +nrc-gateway.gov: could not connect to host nrechn.de: could not connect to host nrizzio.me: could not connect to host nrnjn.xyz: did not receive HSTS header nrvnastudios.com: could not connect to host +nsa.ovh: could not connect to host nsbfalconacademy.org: could not connect to host nsdev.cn: could not connect to host nsellier.fr: did not receive HSTS header nshost.ro: did not receive HSTS header nsmail.cn: could not connect to host nspeaks.com: did not receive HSTS header -nstremsdoerfer.ovh: did not receive HSTS header nstyleintl.ca: did not receive HSTS header nsure.us: could not connect to host nsweb.solutions: could not connect to host ntbs.pro: could not connect to host ntia.gov: could not connect to host ntse.xyz: could not connect to host -nu-pogodi.net: could not connect to host nu3.at: did not receive HSTS header nu3.ch: did not receive HSTS header nu3.co.uk: could not connect to host -nu3.com: did not receive HSTS header nu3.de: did not receive HSTS header -nu3.dk: did not receive HSTS header -nu3.fi: did not receive HSTS header nu3.fr: did not receive HSTS header -nu3.no: did not receive HSTS header -nu3.se: did not receive HSTS header nube.ninja: did not receive HSTS header +nubeslayer.com: could not connect to host +nuclear-crimes.com: could not connect to host +nuclearcrimes.com: did not receive HSTS header +nuclearcrimes1.com: did not receive HSTS header nudel.ninja: could not connect to host +nudestpics.com: could not connect to host nufla.de: could not connect to host nugetdependencies.com: did not receive HSTS header nuiguru.me: could not connect to host @@ -9765,9 +10554,11 @@ nupef.org.br: did not receive HSTS header nurserybook.co: did not receive HSTS header nurture.be: did not receive HSTS header nusatrip-api.com: did not receive HSTS header +nusku.biz: did not receive HSTS header nutricuerpo.com: did not receive HSTS header nutrieduca.com: could not connect to host nutrienti.eu: did not receive HSTS header +nutrifyyourself.com: could not connect to host nutritionculture.com: could not connect to host nutsandboltsmedia.com: did not receive HSTS header nuttyveg.com: did not receive HSTS header @@ -9775,21 +10566,22 @@ nuwaterglobal.com: did not receive HSTS header nvlop.xyz: did not receive HSTS header nwa.xyz: could not connect to host nweb.co.nz: could not connect to host -nwerc.party: could not connect to host -nwk1.com: did not receive HSTS header -nwork.media: could not connect to host +nwork.media: did not receive HSTS header nxt.sh: did not receive HSTS header +nyadora.com: could not connect to host nyanpasu.tv: could not connect to host nyatane.com: could not connect to host nyazeeland.guide: could not connect to host nycroth.com: could not connect to host -nydnxs.com: could not connect to host nyesider.org: could not connect to host +nylonfeetporn.com: could not connect to host nyored.com: did not receive HSTS header nyphox.net: could not connect to host nysepho.pw: could not connect to host nysifclaimcentral.com: did not receive HSTS header nystart.no: did not receive HSTS header +nystudio107.com: did not receive HSTS header +nyuusannkinn.com: did not receive HSTS header nz.search.yahoo.com: max-age too low: 172800 nzbs.io: could not connect to host nzmk.cz: could not connect to host @@ -9800,14 +10592,13 @@ oaksbloom.com: could not connect to host oasis-conference.org.nz: could not connect to host oasis.mobi: could not connect to host oasisim.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -oatmealdome.me: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] obdolbacca.ru: could not connect to host oben.pl: did not receive HSTS header oberam.de: could not connect to host oberhof.co: could not connect to host oberhofjuice.com: could not connect to host oberoi.de: max-age too low: 600000 -objectif-leger.com: could not connect to host +objectif-leger.com: did not receive HSTS header oblikdom.pro: did not receive HSTS header oblikdom.ru: did not receive HSTS header oblondata.io: did not receive HSTS header @@ -9816,6 +10607,7 @@ obscuredfiles.com: could not connect to host observatory.se: could not connect to host obsydian.org: could not connect to host oc-minecraft.com: could not connect to host +ocad.com.au: did not receive HSTS header ocapic.com: could not connect to host occ.gov: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] occasion-impro.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] @@ -9828,7 +10620,7 @@ octo.im: could not connect to host octocat.ninja: could not connect to host octod.tk: could not connect to host octofox.de: did not receive HSTS header -octopus-agents.com: could not connect to host +octothorpe.ninja: could not connect to host oddmouse.com: could not connect to host odin.xxx: could not connect to host odinkapital.no: did not receive HSTS header @@ -9839,11 +10631,11 @@ odysseyconservationtrust.com: did not receive HSTS header oe8.bet: could not connect to host ofcourselanguages.com: could not connect to host ofcss.com: did not receive HSTS header -ofda.gov: max-age too low: 604800 ofer.site: did not receive HSTS header off-the-clock.us: could not connect to host offenedialoge.de: max-age too low: 2592000 offersgame.com: could not connect to host +offerstone.cl: did not receive HSTS header offgames.pro: could not connect to host office-ruru.com: could not connect to host officeclub.com.mx: did not receive HSTS header @@ -9858,19 +10650,23 @@ oganek.ie: could not connect to host oganime.com: did not receive HSTS header oggw.us: could not connect to host ogkw.de: could not connect to host +oglen.ca: could not connect to host ogogoshop.com: could not connect to host ogrodywstudniach.pl: did not receive HSTS header ohayosoro.me: could not connect to host ohm2013.org: did not receive HSTS header -ohma.ga: could not connect to host +ohma.ga: did not receive HSTS header ohnemusik.com: could not connect to host ohohrazi.com: did not receive HSTS header +ohreally.de: could not connect to host ohsocool.org: did not receive HSTS header oiepoie.nl: could not connect to host oinky.ddns.net: could not connect to host oishioffice.com: did not receive HSTS header ojbk.eu: could not connect to host +ojeremy.com: could not connect to host ojls.co: could not connect to host +ojp.gov: could not connect to host okad-center.de: could not connect to host okad.de: could not connect to host okad.eu: could not connect to host @@ -9884,9 +10680,10 @@ okok.rent: could not connect to host okutama.in.th: could not connect to host olafnorge.de: did not receive HSTS header olcso-vps-szerver.hu: could not connect to host -oldandyounglesbians.us: did not receive HSTS header +oldandyounglesbians.us: could not connect to host oldschool-criminal.com: did not receive HSTS header oldtimer-trifft-flugplatz.de: did not receive HSTS header +olgui.net: could not connect to host oliverdunk.com: did not receive HSTS header ollehbizev.co.kr: could not connect to host olswangtrainees.com: could not connect to host @@ -9895,10 +10692,12 @@ omacostudio.com: could not connect to host omarh.net: could not connect to host omgaanmetidealen.com: could not connect to host ominto.com: did not receive HSTS header +omise.co: did not receive HSTS header ommahpost.com: did not receive HSTS header omnigon.network: could not connect to host omnilab.tech: could not connect to host omniti.com: max-age too low: 1 +omorashi.org: could not connect to host omquote.gq: could not connect to host omskit.ru: did not receive HSTS header omyogarishikesh.com: did not receive HSTS header @@ -9911,10 +10710,10 @@ onecycling.world: could not connect to host onefour.co: could not connect to host onehourloan.com: could not connect to host onehourloan.sg: did not receive HSTS header -oneidentity.me: could not connect to host oneiros.cc: could not connect to host -onelawsuit.com: did not receive HSTS header +onelawsuit.com: could not connect to host oneminutefilm.tv: did not receive HSTS header +onemusou.com: could not connect to host onepathnetwork.com: max-age too low: 7776000 onepluscamps.com: did not receive HSTS header onepopstore.com: could not connect to host @@ -9925,21 +10724,24 @@ onetly.com: could not connect to host onetwentyseven001.com: did not receive HSTS header onewebdev.info: could not connect to host oneworldbank.com: did not receive HSTS header -onewpst.com: did not receive HSTS header +onewpst.com: could not connect to host onguardonline.gov: did not receive HSTS header oniichan.us: did not receive HSTS header +onionbot.ga: could not connect to host onioncloud.org: could not connect to host onionsburg.com: could not connect to host online-casino.eu: did not receive HSTS header online-scene.com: did not receive HSTS header online-wetten.de: did not receive HSTS header onlinebiller.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -onlinebillingform.com: did not receive HSTS header +onlinebillingform.com: could not connect to host +onlinecasinobluebook.com: could not connect to host onlinecompliance.org: did not receive HSTS header onlinedemo.hu: could not connect to host onlinedeposit.us: could not connect to host onlinekasino.de: did not receive HSTS header onlinepollsph.com: could not connect to host +onlineporno.tv: could not connect to host onlineschadestaat.nl: did not receive HSTS header onlinespielothek.com: did not receive HSTS header onlinewetten.de: could not connect to host @@ -9947,8 +10749,10 @@ only-roses.co.uk: did not receive HSTS header only-roses.com: max-age too low: 2592000 onlyshopstation.com: did not receive HSTS header onlyzero.net: could not connect to host -onmuvo.com: did not receive HSTS header +onmuvo.com: could not connect to host onmyoji.biz: could not connect to host +onnee.ch: could not connect to host +ono.es: did not receive HSTS header ononpay.com: did not receive HSTS header onovlena.dn.ua: could not connect to host onpatient.com: did not receive HSTS header @@ -9974,7 +10778,7 @@ ooooush.co.uk: could not connect to host oopsmycase.com: could not connect to host oopsorup.com: could not connect to host oost.io: could not connect to host -opatut.de: could not connect to host +opatut.de: did not receive HSTS header opcaobolsas.com.br: could not connect to host open-future.be: did not receive HSTS header open-mx.de: could not connect to host @@ -9997,33 +10801,39 @@ opensourcehouse.net: could not connect to host openspace.xxx: did not receive HSTS header opensrd.com: could not connect to host openssf.org: did not receive HSTS header -opentexon.com: could not connect to host +opentexon.com: did not receive HSTS header openxmpp.com: could not connect to host +operad.fr: could not connect to host opiates.net: did not receive HSTS header opic.gov: could not connect to host opim.ca: did not receive HSTS header opinion8td.com: did not receive HSTS header opinionicentrifuga.it: could not connect to host opinionipannolini.it: could not connect to host +opioids.com: could not connect to host +oppag.com.br: did not receive HSTS header opperwall.net: could not connect to host opportunitycorps.org: max-age too low: 43200 -oprbox.com: could not connect to host +opposer.me: could not connect to host opsafewinter.net: could not connect to host opsbears.com: did not receive HSTS header -opstacks.com: did not receive HSTS header +opstacks.com: could not connect to host optenhoefel.de: could not connect to host optimal-e.com: did not receive HSTS header optimista.soy: could not connect to host +optimize-jpg.com: could not connect to host optometriepunt.nl: did not receive HSTS header optumrxhealthstore.com: could not connect to host opunch.org: did not receive HSTS header oracaodocredo.com.br: could not connect to host orangekey.tk: could not connect to host +orangetravel.eu: could not connect to host oranic.com: did not receive HSTS header orbiosales.com: could not connect to host orbitcom.de: did not receive HSTS header orbitdefence.co.uk: could not connect to host orbograph-hrcm.com: could not connect to host +orcahq.com: did not receive HSTS header order.one: could not connect to host ordereat.fr: could not connect to host orderlounge.de: did not receive HSTS header @@ -10031,31 +10841,33 @@ oref-idf.com: did not receive HSTS header oref-idf.net: did not receive HSTS header oref-idf.org: did not receive HSTS header oregonmu.org: did not receive HSTS header -oreka.online: could not connect to host orelavtomaster.ru: did not receive HSTS header orfeo-engineering.ch: could not connect to host organic-superfood.net: could not connect to host +organicae.com: did not receive HSTS header +organisationsberatung-jacobi.de: did not receive HSTS header +orhideous.name: did not receive HSTS header oricejoc.com: could not connect to host originalmockups.com: did not receive HSTS header -originalsport.com.br: did not receive HSTS header -originpc.com: could not connect to host +originalsport.com.br: could not connect to host orioncustompcs.com: could not connect to host orionfcu.com: did not receive HSTS header -orionfinancialservices.com: did not receive HSTS header orionrebellion.com: did not receive HSTS header orleika.ml: could not connect to host oroweatorganic.com: could not connect to host orthodoxy.lt: did not receive HSTS header -orum.in: could not connect to host +orui.com.br: could not connect to host osaiyuwu.com: could not connect to host -oscarmashauri.com: could not connect to host +osaka-fukushi.jp: max-age too low: 0 +osaka-jusan.jp: max-age too low: 0 +oscarmashauri.com: did not receive HSTS header oscillation-services.fr: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -oscloud.com: could not connect to host oscloud.com.ua: could not connect to host oscreen.me: could not connect to host oscreen.org: could not connect to host oscsdp.cz: could not connect to host -osdls.gov: could not connect to host +osdls.gov: did not receive HSTS header +osereso.tn: could not connect to host osha-kimi.com: did not receive HSTS header oshanko.de: could not connect to host oshinagaki.jp: could not connect to host @@ -10075,33 +10887,35 @@ othermedia.cc: [Exception... "Component returned failure code: 0x80004005 (NS_ER otherstuff.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] otichi.com: did not receive HSTS header otinane.eu: could not connect to host +otmns.net: could not connect to host otokonna.com: could not connect to host otrsdemo.hu: did not receive HSTS header ottospora.nl: could not connect to host ourbank.com: max-age too low: 2592000 ourchoice2016.com: could not connect to host -outdooradventures.pro: did not receive HSTS header -outdoorproducts.com: did not receive HSTS header +ourls.win: could not connect to host +outdooradventures.pro: could not connect to host +outdoorproducts.com: max-age too low: 7889238 outreachbuddy.com: could not connect to host outsider.im: could not connect to host outurnate.com: could not connect to host ouvirmusica.com.br: did not receive HSTS header ovenapp.io: did not receive HSTS header over25tips.com: did not receive HSTS header -overclockers.ge: could not connect to host override.io: could not connect to host overrustle.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] oversight.io: could not connect to host -overstockpromote.com: did not receive HSTS header ovuscloud.de: could not connect to host ovwane.com: could not connect to host owennelson.me: max-age too low: 2592000 owensmith.website: could not connect to host owlscrap.ru: could not connect to host owncloud.help: could not connect to host -owngeek.com: did not receive HSTS header +owngeek.com: could not connect to host ownmovies.fr: could not connect to host ownspec.com: could not connect to host +owothisdiz.pw: could not connect to host +oxanababy.com: could not connect to host oxro.co: did not receive HSTS header oxro.io: did not receive HSTS header oxygenabsorbers.com: did not receive HSTS header @@ -10124,25 +10938,25 @@ paavolastudio.com: did not receive HSTS header pablocamino.tk: could not connect to host pablofain.com: did not receive HSTS header pablorey-art.com: did not receive HSTS header +pachaiyappas.org: did not receive HSTS header packair.com: did not receive HSTS header packetapp.ru: could not connect to host packetcrash.net: could not connect to host packlane.com: did not receive HSTS header -packshot-creator.com: did not receive HSTS header pacnetwork.io: could not connect to host pacoda.de: could not connect to host pactf-flag-4boxdpa21ogonzkcrs9p.com: could not connect to host pactocore.org: could not connect to host +padeoe.com: did not receive HSTS header pader-deko.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] paestbin.com: could not connect to host page: could not connect to host -pagefulloflies.io: could not connect to host pagerate.io: could not connect to host pages-tocaven.com: could not connect to host pagetoimage.com: could not connect to host paginapolitica.ro: could not connect to host -pahlawanpulsa.com: did not receive HSTS header -pahnid.com: did not receive HSTS header +pagure.org: could not connect to host +pahnid.com: could not connect to host paigeglass.com: did not receive HSTS header paino.cloud: could not connect to host painosso.org: could not connect to host @@ -10150,21 +10964,25 @@ paintingat.com: could not connect to host paio2-rec.com: could not connect to host paio2.com: did not receive HSTS header paisaone.com: could not connect to host +paizinhovirgula.com: did not receive HSTS header pajonzeck.de: could not connect to host paket.io: could not connect to host -paket.ml: could not connect to host +paket.ml: did not receive HSTS header +paketkreditsuzuki.com: could not connect to host paku.me: could not connect to host palariviera.com: could not connect to host palationtrade.com: could not connect to host +palawan.jp: could not connect to host palazzotalamo.it: did not receive HSTS header +paleolowcarb.de: did not receive HSTS header paleosquawk.com: could not connect to host -pallet.io: could not connect to host +pallet.io: did not receive HSTS header palmer.im: could not connect to host pammbook.com: did not receive HSTS header pamplona.tv: could not connect to host pan.tips: could not connect to host panaceallc.net: could not connect to host -panama-gbs.com: could not connect to host +panama-gbs.com: did not receive HSTS header panamaequity.com: did not receive HSTS header panamateakforestry.com: did not receive HSTS header panascais.io: could not connect to host @@ -10176,28 +10994,31 @@ panni.me: could not connect to host panoranordic.net: could not connect to host panos.io: did not receive HSTS header pansu.space: could not connect to host -pants-off.xyz: could not connect to host pantsu.cat: did not receive HSTS header +paolo565.org: did not receive HSTS header papalytics.com: could not connect to host papatest24.de: could not connect to host papeda.net: could not connect to host papelariadante.com.br: could not connect to host papercard.co.uk: did not receive HSTS header papercrunch.io: could not connect to host +paperhaven.com.au: max-age too low: 7889238 +papermasters.com: could not connect to host +papersmart.net: could not connect to host papierniak.net: could not connect to host papygeek.com: could not connect to host -parabhairavayoga.com: max-age too low: 0 +parabhairavayoga.com: did not receive HSTS header paradiesgirls.ch: could not connect to host paradise-engineers.com: could not connect to host paragon.edu: did not receive HSTS header parakranov.ru: did not receive HSTS header paranormalweirdo.com: could not connect to host +parav.xyz: did not receive HSTS header pardnoy.com: could not connect to host parent5446.us: could not connect to host parentmail.co.uk: did not receive HSTS header -parfum-baza.ru: did not receive HSTS header +parfum-baza.ru: could not connect to host paris-cyber.fr: did not receive HSTS header -parisbloom.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] parisdimanche.com: did not receive HSTS header parishome.jp: could not connect to host parisvox.info: did not receive HSTS header @@ -10213,25 +11034,27 @@ parpaing-paillette.net: could not connect to host particonpsplus.it: could not connect to host partiono.com: did not receive HSTS header partirkyoto.jp: did not receive HSTS header -partnercardservices.com: did not receive HSTS header +partnercardservices.com: could not connect to host partnerwerk.de: did not receive HSTS header partyhaus.ovh: could not connect to host partyhireformby.co.uk: did not receive HSTS header +partyschnaps.com: could not connect to host partyspecialists.com: did not receive HSTS header partyvan.eu: could not connect to host partyvan.it: could not connect to host partyvan.moe: could not connect to host partyvan.nl: could not connect to host partyvan.se: could not connect to host -parvaneh.fr: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] pascalchristen.ch: did not receive HSTS header +pasportaservo.org: did not receive HSTS header passpilot.co.uk: did not receive HSTS header passumpsicbank.com: did not receive HSTS header passwd.io: did not receive HSTS header -password.codes: did not receive HSTS header +password.codes: could not connect to host passwordbox.com: did not receive HSTS header passwordrevelator.net: did not receive HSTS header passwordscon.com: could not connect to host +pasta-factory.co.il: could not connect to host pastaf.com: could not connect to host pastdream.xyz: could not connect to host paste.linode.com: could not connect to host @@ -10241,9 +11064,8 @@ paster.li: did not receive HSTS header pasteros.io: could not connect to host pastie.se: could not connect to host pastorcanadense.com.br: could not connect to host -patadanabouca.pw: could not connect to host pataua.kiwi: did not receive HSTS header -patbatesremodeling.com: could not connect to host +patentfamily.de: could not connect to host paternitydnatest.com: could not connect to host patfs.com: did not receive HSTS header pathwaytofaith.com: could not connect to host @@ -10252,25 +11074,30 @@ patriaco.net: did not receive HSTS header patrick.dark.name: could not connect to host patrickbusch.net: could not connect to host patrickneuro.de: could not connect to host +patrickquinn.ca: did not receive HSTS header patt.us: did not receive HSTS header patterson.mp: could not connect to host paul-kerebel.pro: could not connect to host +paul-schmidt.de: max-age too low: 0 paulbunyanmls.com: did not receive HSTS header paulchen.at: did not receive HSTS header -paulerhof.com: did not receive HSTS header paulproell.at: did not receive HSTS header paulrudge.codes: could not connect to host paulshir.com: could not connect to host paulshir.is: could not connect to host +paultibbetts.uk: could not connect to host paulyang.cn: did not receive HSTS header paveljanda.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] pavelkahouseforcisco.com: did not receive HSTS header +pavelstriz.cz: could not connect to host +pawsru.org: could not connect to host paxdei.com.br: could not connect to host paxwinkel.nl: could not connect to host pay.gigahost.dk: did not receive HSTS header pay.ubuntu.com: could not connect to host payclixpayments.com: did not receive HSTS header payfreez.com: could not connect to host +paykings.com: did not receive HSTS header payload.tech: could not connect to host payments-reference.org: could not connect to host payments.google.com: did not receive HSTS header (error ignored - included regardless) @@ -10279,17 +11106,14 @@ paypod.org: could not connect to host payroll.ch: could not connect to host paytwopay.com: could not connect to host pb-design.ch: could not connect to host -pb.ax: did not receive HSTS header pbapp.net: did not receive HSTS header pbbr.com: did not receive HSTS header pbcknd.ml: could not connect to host pbcomp.com.au: did not receive HSTS header pbprint.ru: did not receive HSTS header -pbqs.site: could not connect to host pbscreens.com: could not connect to host pbytes.com: could not connect to host pc-nf.de: did not receive HSTS header -pc-servis-brno.com: did not receive HSTS header pc-tweak.de: did not receive HSTS header pcat.io: could not connect to host pcfun.net: did not receive HSTS header @@ -10299,25 +11123,27 @@ pcvirusclear.com: could not connect to host pdamsidoarjo.co.id: could not connect to host pdevio.com: could not connect to host pdf.yt: could not connect to host +pdomo.me: did not receive HSTS header pe-bank.co.jp: max-age too low: 604800 pe-kyousai.jp: did not receive HSTS header peaceandwool.com: did not receive HSTS header peakapp.nl: could not connect to host pebblesdemo.com: could not connect to host pecot.fr: did not receive HSTS header -peddy.dyndns.org: could not connect to host -pedrosaurus.com: did not receive HSTS header peekops.com: could not connect to host peerherrmann.de: could not connect to host peerless.ae: could not connect to host +peinard.net: did not receive HSTS header peirong.me: could not connect to host peissen.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] pekkapikkarainen.fi: did not receive HSTS header pekkarik.ru: could not connect to host peliculasaudiolatinoonline.com: could not connect to host +peliseries24.com: could not connect to host pemagrid.org: could not connect to host pemberton.at: did not receive HSTS header penablog.com: did not receive HSTS header +penfold.fr: could not connect to host pengisatelier.net: could not connect to host pengui.uk: could not connect to host penguinclientsystem.com: did not receive HSTS header @@ -10325,7 +11151,7 @@ pengumuman.id: did not receive HSTS header pennyapp.io: did not receive HSTS header pennylane.me.uk: did not receive HSTS header pensanisso.com: did not receive HSTS header -penser-electronique.com: could not connect to host +penser-electronique.com: did not receive HSTS header pension-waldesruh.de: did not receive HSTS header pensiunealido.ro: could not connect to host pentagram.me: max-age too low: 2592000 @@ -10341,18 +11167,20 @@ perdel.cn: could not connect to host pereuda.com: could not connect to host perfect-radiant-wrinkles.com: could not connect to host perfectionis.me: could not connect to host -perfectionunite.com: did not receive HSTS header +perfectionunite.com: could not connect to host perfectseourl.com: did not receive HSTS header +performaride.com.au: did not receive HSTS header performaterm.ro: could not connect to host performous.org: did not receive HSTS header perfumista.vn: did not receive HSTS header +periodismoactual.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] periscopeliveweb.com: could not connect to host perlwork.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] pernatie.ru: could not connect to host peromsik.com: did not receive HSTS header perplex.nl: did not receive HSTS header perrone.co: could not connect to host -perroud.pro: could not connect to host +perroud.pro: did not receive HSTS header persjrp.ca: could not connect to host persoform.ch: could not connect to host personalcommunicationsecurity.com: could not connect to host @@ -10364,13 +11192,14 @@ persson.im: could not connect to host perthdevicelab.com: did not receive HSTS header pestalozzishop.com.br: could not connect to host pesto.video: could not connect to host -pesyun.cn: did not receive HSTS header pet-life.top: did not receive HSTS header pet-nsk.ru: could not connect to host +petangen.se: could not connect to host petbooking.it: did not receive HSTS header petchart.net: could not connect to host -peterboers.info: could not connect to host +peterfolta.net: could not connect to host peterkshultz.com: did not receive HSTS header +petermazur.com: did not receive HSTS header peternagy.ie: did not receive HSTS header petersmark.com: did not receive HSTS header pethelpers.org: did not receive HSTS header @@ -10378,16 +11207,19 @@ pethub.com: did not receive HSTS header petit.site: could not connect to host petlife.od.ua: could not connect to host petplum.com: could not connect to host +petrachuk.ru: could not connect to host +petravdbos.nl: could not connect to host petrkrapek.cz: did not receive HSTS header petrolplus.ru: max-age too low: 7776000 petrovsky.pro: could not connect to host petsittersservices.com: could not connect to host -pettsy.com: could not connect to host +pettsy.com: did not receive HSTS header peuf.shop: could not connect to host peuterspeelzaalhoekvanholland.nl: could not connect to host pewboards.com: could not connect to host pexieapp.com: did not receive HSTS header peykezamin.ir: did not receive HSTS header +peyote.org: could not connect to host peytonfarrar.com: could not connect to host pferdeeinstreu-kaufen.com: did not receive HSTS header pfgshop.com.br: could not connect to host @@ -10395,12 +11227,10 @@ pflegedienst-gratia.de: max-age too low: 300 pfolta.net: could not connect to host pgcpbc.com: could not connect to host pgmsource.com: could not connect to host -pgnetwork.net: could not connect to host pgpm.io: could not connect to host pgregg.com: did not receive HSTS header pgtb.be: could not connect to host phalconist.com: could not connect to host -pharmaboard.org: could not connect to host pharmgkb.org: could not connect to host phcmembers.com: did not receive HSTS header phcnetworks.net: did not receive HSTS header @@ -10416,17 +11246,18 @@ philadelphiadancefoundation.org: could not connect to host philipmordue.co.uk: could not connect to host philippa.cool: could not connect to host phillippi.me: could not connect to host +phillipsuk.com: max-age too low: 0 phillmoore.com: did not receive HSTS header phillprice.com: did not receive HSTS header philonas.net: did not receive HSTS header philpropertygroup.com: could not connect to host +phippsreporting.com: did not receive HSTS header phoebe.co.nz: did not receive HSTS header phoenicis.com.ua: did not receive HSTS header phoenix.dj: did not receive HSTS header -phoenixlogan.com: could not connect to host phonenumberinfo.co.uk: could not connect to host phongmay24h.com: could not connect to host -phood.be: did not receive HSTS header +phood.be: could not connect to host photoblogverona.com: could not connect to host photoboothpartyhire.co.uk: did not receive HSTS header photographyforchange.com: could not connect to host @@ -10439,7 +11270,6 @@ phperformances.fr: did not receive HSTS header phpfashion.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] phrasing.me: could not connect to host phuong.faith: could not connect to host -physicaltherapist.com: did not receive HSTS header pi-eng.fr: did not receive HSTS header pianetaottica.eu: could not connect to host pianetaottica.info: could not connect to host @@ -10447,6 +11277,7 @@ pianetaottica.net: could not connect to host pianetaottica.org: could not connect to host pias-button.net: did not receive HSTS header piasto.com.cy: could not connect to host +piatanoua.md: could not connect to host picallo.es: could not connect to host picardiascr.com: could not connect to host pickr.co: could not connect to host @@ -10457,10 +11288,12 @@ picscare.co.uk: did not receive HSTS header picshare.nz: could not connect to host pidatacenters.com: did not receive HSTS header pidomex.com: did not receive HSTS header +piedfeed.com: did not receive HSTS header piekacz.co.uk: could not connect to host pierrejeansuau.fr: could not connect to host pieterjangeeroms.me: could not connect to host piggott.me.uk: did not receive HSTS header +piils.fr: did not receive HSTS header pikmy.com: could not connect to host pilgermaske.org: did not receive HSTS header piligrimname.com: could not connect to host @@ -10471,10 +11304,13 @@ pims.global: did not receive HSTS header pimspage.nl: could not connect to host pin.net.au: did not receive HSTS header pinebaylibrary.org: could not connect to host +pinesandneedles.com: max-age too low: 7889238 pinkfis.ch: did not receive HSTS header pinkhq.com: did not receive HSTS header pinkinked.com: could not connect to host -pinoyonlinetv.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +pinkyf.com: did not receive HSTS header +pinoylinux.org: did not receive HSTS header +pintoselectrician.co.za: did not receive HSTS header pioche.ovh: did not receive HSTS header pipenny.net: could not connect to host pippen.io: could not connect to host @@ -10488,7 +11324,7 @@ piratedot.com: could not connect to host piratelist.online: could not connect to host piratenlogin.de: could not connect to host piratepay.io: could not connect to host -piratepay.ir: could not connect to host +piratepay.ir: did not receive HSTS header pirateproxy.pe: could not connect to host pirateproxy.sx: did not receive HSTS header pirateproxy.vip: could not connect to host @@ -10501,15 +11337,14 @@ pisidia.de: could not connect to host pitchup.com: did not receive HSTS header pitonarms.com: could not connect to host pitsstop.nu: could not connect to host -pittaya.com: could not connect to host +pittaya.com: did not receive HSTS header pittonpreschool.com: did not receive HSTS header -piwko.co: could not connect to host pix-geeks.com: max-age too low: 2592000 pixdigital.net: did not receive HSTS header pixeame.com: did not receive HSTS header pixel.google.com: did not receive HSTS header (error ignored - included regardless) pixelcode.com.au: could not connect to host -pixelcubed.com: could not connect to host +pixelesque.uk: could not connect to host pixelgliders.de: could not connect to host pixelhero.co.uk: did not receive HSTS header pixi.chat: could not connect to host @@ -10518,9 +11353,11 @@ pixlfox.com: could not connect to host pizzadoc.ch: could not connect to host pj83.duckdns.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] pj881988.com: could not connect to host -pjbet.mg: did not receive HSTS header +pjbet.mg: could not connect to host +pjsec.tk: could not connect to host pkautodesign.com: did not receive HSTS header pkschat.com: could not connect to host +pksps.com: could not connect to host plaasprodukte.com: could not connect to host placefade.com: could not connect to host placehold.co: did not receive HSTS header @@ -10529,13 +11366,12 @@ plaettliaktion.ch: did not receive HSTS header plagiarismcheck.org: max-age too low: 604800 plakbak.nl: could not connect to host planbox.info: could not connect to host -planespotterblog.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] planete-secu.com: could not connect to host +planetromeo.com: could not connect to host planktonholland.com: did not receive HSTS header planpharmacy.com: could not connect to host plant.ml: could not connect to host -plantastique.com: did not receive HSTS header -plantroon.com: could not connect to host +plantroon.com: did not receive HSTS header plass.hamburg: could not connect to host plasvilledescartaveis.com.br: could not connect to host platform.lookout.com: could not connect to host @@ -10548,10 +11384,12 @@ playflick.com: did not receive HSTS header playmaker.io: did not receive HSTS header playmaza.live: did not receive HSTS header playmfe.com: could not connect to host -playnation.io: could not connect to host +playsoundevents.be: could not connect to host playsource.co: could not connect to host playwhyyza.com: could not connect to host +playyou.be: could not connect to host please-deny.me: did not receive HSTS header +pleaseuseansnisupportedbrowser.ml: could not connect to host pleasure-science.com: could not connect to host pleasure.forsale: could not connect to host plen.io: could not connect to host @@ -10570,12 +11408,12 @@ ploup.net: could not connect to host pluff.nl: did not receive HSTS header plugboard.xyz: could not connect to host pluggedhead.com: did not receive HSTS header +plumbingman.com.au: did not receive HSTS header plus-digital.net: did not receive HSTS header plus-u.com.au: did not receive HSTS header plus.sandbox.google.com: did not receive HSTS header (error ignored - included regardless) plus1s.tk: could not connect to host plussizereviews.com: could not connect to host -plustech.id: did not receive HSTS header plut.org: did not receive HSTS header plymouthsoftplay.co.uk: could not connect to host pm13-media.cz: could not connect to host @@ -10590,13 +11428,14 @@ pnukee.com: did not receive HSTS header po.gl: could not connect to host pocakdrops.com: did not receive HSTS header pocket-lint.com: did not receive HSTS header -pocketinsure.com: could not connect to host +pocketfullofapps.com: did not receive HSTS header pocketmemories.net: could not connect to host pocketsix.com: could not connect to host pocloud.homelinux.net: could not connect to host pocobelli.ch: did not receive HSTS header podcast.style: could not connect to host podiumsdiskussion.org: did not receive HSTS header +pogoswine.com: could not connect to host pogs.us: could not connect to host poiema.com.sg: did not receive HSTS header poinsot.beer: could not connect to host @@ -10610,6 +11449,7 @@ pol-expo.ru: could not connect to host pol.in.th: could not connect to host polandb2b.directory: could not connect to host polarityschule.com: did not receive HSTS header +pole.net.nz: did not receive HSTS header poleartschool.com: could not connect to host polen.guide: could not connect to host policeiwitness.sg: could not connect to host @@ -10621,28 +11461,29 @@ politically-incorrect.xyz: could not connect to host politiewervingshop.nl: did not receive HSTS header politologos.org: could not connect to host pollpodium.nl: could not connect to host -polly.spdns.org: could not connect to host polsport.live: did not receive HSTS header polycoise.com: could not connect to host polycrypt.us: could not connect to host polymorph.rs: could not connect to host polypho.nyc: could not connect to host polysage.org: could not connect to host +polytechecosystem.vc: could not connect to host pomfe.co: could not connect to host pompefunebrilariviera.it: could not connect to host pompompoes.com: did not receive HSTS header pondof.fish: could not connect to host -poneytelecom.org: did not receive HSTS header +poneytelecom.org: could not connect to host ponteencima.com: could not connect to host ponteus.com: could not connect to host pontodogame.com.br: could not connect to host pontokay.com.br: could not connect to host pontualcomp.com: could not connect to host -pony.today: did not receive HSTS header +pony.today: could not connect to host ponythread.com: did not receive HSTS header poolinstallers.co.za: could not connect to host poolsandstuff.com: did not receive HSTS header poon.tech: could not connect to host +popcultureshack.com: could not connect to host popi.se: did not receive HSTS header popkins.cf: could not connect to host popkins.ga: could not connect to host @@ -10651,30 +11492,40 @@ popkins.ml: could not connect to host popkins.tk: could not connect to host popupsoftplay.com: could not connect to host poris.web.id: could not connect to host +porn77.info: could not connect to host +pornbay.org: could not connect to host pornblog.org: could not connect to host +porncandi.com: could not connect to host +porno-gif.ru: could not connect to host +pornohub.su: could not connect to host +pornolab-net.appspot.com: could not connect to host +pornoserver.eu: could not connect to host pornstars.me: did not receive HSTS header porschen.fr: could not connect to host port.social: could not connect to host -portailevangelique.ca: did not receive HSTS header +portale-randkowe.pl: did not receive HSTS header +portalhubnuti.cz: did not receive HSTS header portalisapres.cl: could not connect to host portalm.tk: could not connect to host portalmundo.xyz: could not connect to host portalplatform.net: could not connect to host -portaluniversalista.org: could not connect to host +portaluniversalista.org: did not receive HSTS header portefeuillesignalen.nl: did not receive HSTS header -portofrotterdam.com: could not connect to host +posbank.co.uk: could not connect to host poshpak.com: max-age too low: 86400 -positivenames.net: could not connect to host +positivesobrietyinstitute.com: did not receive HSTS header post4me.at: could not connect to host postback.io: did not receive HSTS header postcardpayment.com: could not connect to host postcodegarant.nl: could not connect to host +postcodewise.co.uk: could not connect to host posters.win: could not connect to host postscheduler.org: could not connect to host posylka.de: did not receive HSTS header potatoheads.net: could not connect to host potbar.com: could not connect to host potbox.com: could not connect to host +potenzmittelblog.info: could not connect to host potlytics.com: could not connect to host potomania.cz: could not connect to host potpourrifestival.de: did not receive HSTS header @@ -10695,7 +11546,6 @@ powerb.ch: did not receive HSTS header powerentertainment.tv: could not connect to host poweroff.win: could not connect to host powerplannerapp.com: could not connect to host -powersergthisisthewebsitefuckyouscott.com: did not receive HSTS header powersergunited.com: could not connect to host powersergunited.org: could not connect to host powershellmagic.com: could not connect to host @@ -10706,7 +11556,7 @@ pozniak.at: did not receive HSTS header pozyczka-bez-zaswiadczen.pl: did not receive HSTS header pozytywnyplan.pl: could not connect to host pozzo-balbi.com: did not receive HSTS header -ppoozl.com: could not connect to host +ppembed.com: did not receive HSTS header pppo.gov: could not connect to host ppr-truby.ru: could not connect to host ppuu.org: did not receive HSTS header @@ -10719,7 +11569,7 @@ praxis-research.info: did not receive HSTS header precedecaritas.com.br: could not connect to host precisionaeroimaging.com: did not receive HSTS header prediksisydney.com: could not connect to host -preexport.com: could not connect to host +preexport.com: did not receive HSTS header preezzie.com: could not connect to host prefis.com: did not receive HSTS header prefontaine.name: could not connect to host @@ -10729,19 +11579,22 @@ preisser.it: did not receive HSTS header preissler.co.uk: could not connect to host prekladysanca.cz: could not connect to host prelist.org: did not receive HSTS header +premaritalsex.info: could not connect to host premioambiente.it: did not receive HSTS header premiumzweirad.de: max-age too low: 7776000 +prepaidgirl.com: could not connect to host prepandgo-euro.com: could not connect to host -preposted.com: did not receive HSTS header -preppertactics.com: did not receive HSTS header +preposted.com: could not connect to host +preppertactics.com: could not connect to host preprodfan.gov: could not connect to host +prescriptionrex.com: did not receive HSTS header presidentials2016.com: could not connect to host press-anime-nenkan.com: did not receive HSTS header press-presse.ca: did not receive HSTS header pressenews.net: did not receive HSTS header pressfreedomfoundation.org: did not receive HSTS header prestigeeventshire.co.uk: could not connect to host -prestonapp.com: did not receive HSTS header +prestonapp.com: could not connect to host prettygrouse.com: did not receive HSTS header prettyphotoart.de: did not receive HSTS header prettytunesapp.com: could not connect to host @@ -10749,13 +11602,15 @@ pretzlaff.info: did not receive HSTS header preworkout.me: could not connect to host prgslab.net: could not connect to host priceholic.com: could not connect to host +priceremoval.net: could not connect to host +pridetechdesign.com: did not receive HSTS header pridoc.se: did not receive HSTS header prifo.se: could not connect to host prijsvergelijken.ml: could not connect to host prilock.com: did not receive HSTS header primecaplending.com: could not connect to host +primordialsnooze.com: could not connect to host primotiles.co.uk: did not receive HSTS header -primotilesandbathrooms.co.uk: did not receive HSTS header prinbanat.ngo: did not receive HSTS header princeofwhales.com: did not receive HSTS header princessbackpack.de: could not connect to host @@ -10765,15 +11620,16 @@ printerest.io: could not connect to host printersonline.be: did not receive HSTS header printery.be: could not connect to host printfn.com: did not receive HSTS header +printler.com: did not receive HSTS header priolkar.com: could not connect to host prism-communication.com: could not connect to host -prismacloud.xyz: did not receive HSTS header pristineevents.co.uk: did not receive HSTS header pritchett.xyz: could not connect to host privacylabs.io: did not receive HSTS header privacymanatee.com: could not connect to host privacynow.eu: did not receive HSTS header privacyrup.net: could not connect to host +privategiant.com: could not connect to host privatstunden.express: could not connect to host privcloud.org: could not connect to host privilegevisa.fr: could not connect to host @@ -10795,16 +11651,19 @@ profloorstl.com: did not receive HSTS header profpay.com: could not connect to host profundr.com: could not connect to host profusion.io: could not connect to host -progblog.net: could not connect to host +progblog.net: max-age too low: 0 progolfjourney.com: could not connect to host program-and.work: could not connect to host +programmaticmagic.com: could not connect to host programmingstudent.com: could not connect to host progress-technologies.com: could not connect to host progressivecfo.co.nz: could not connect to host prohostonline.fi: could not connect to host proitconsulting.com.au: could not connect to host proj.org.cn: could not connect to host +project-rune.tech: could not connect to host project-sparks.eu: did not receive HSTS header +project-splash.com: could not connect to host project-stats.com: could not connect to host projectascension.io: could not connect to host projectasterk.com: could not connect to host @@ -10817,9 +11676,9 @@ projectvault.ovh: did not receive HSTS header projectx.top: did not receive HSTS header projekt-umbriel.de: could not connect to host projektik.cz: did not receive HSTS header +projektzentrisch.de: could not connect to host projetoresecia.com: could not connect to host prokop.ovh: could not connect to host -prolan.pw: did not receive HSTS header promarketer.net: did not receive HSTS header promecon-gmbh.de: did not receive HSTS header promedicalapplications.com: did not receive HSTS header @@ -10839,17 +11698,20 @@ proslimdiets.com: could not connect to host prosocialmachines.com: could not connect to host prosoft.sk: did not receive HSTS header prosperident.com: did not receive HSTS header +prostoporno.net: could not connect to host proteapower.co.za: could not connect to host protecciondelconsumidor.gov: did not receive HSTS header +protech.ge: did not receive HSTS header proteinnuts.cz: could not connect to host proteinnuts.sk: could not connect to host protonmail.ch: did not receive HSTS header protoyou.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -provisionaldriving.com: could not connect to host -provitacare.com: could not connect to host +provisionaldriving.com: did not receive HSTS header +provisionircd.tk: could not connect to host +provitacare.com: did not receive HSTS header proweser.de: did not receive HSTS header prowhisky.de: did not receive HSTS header -proxbox.net: could not connect to host +proxbox.net: did not receive HSTS header proxi.cf: could not connect to host proximato.com: could not connect to host proxybay.al: could not connect to host @@ -10871,7 +11733,7 @@ prxio.site: could not connect to host ps-qa.com: could not connect to host ps-x.ru: could not connect to host pscleaningsolutions.co.uk: could not connect to host -pshostpk.com: did not receive HSTS header +pseudo.coffee: could not connect to host psicologia.co.ve: could not connect to host psicologoforensebarcelona.com: did not receive HSTS header psicosalud.online: could not connect to host @@ -10880,23 +11742,22 @@ psncardplus.com: could not connect to host psncardplus.dk: could not connect to host psncardplus.nl: could not connect to host psncardplus.se: could not connect to host -pstrozniak.com: could not connect to host pstudio.me: max-age too low: 0 psw.academy: could not connect to host psw.consulting: could not connect to host psychiatrie-betreuung.ch: did not receive HSTS header psychoco.net: could not connect to host -psychologie-hofner.at: could not connect to host psynapse.net.au: could not connect to host ptn.moscow: could not connect to host ptonet.com: could not connect to host -ptrbrs.nl: could not connect to host ptrujillo.com: did not receive HSTS header +pub-online.ro: could not connect to host pubkey.is: could not connect to host publications.qld.gov.au: did not receive HSTS header publicidadnovagrass.com.mx: could not connect to host publicspeakingcamps.com: could not connect to host publimepa.it: could not connect to host +publishingshack.com: did not receive HSTS header puchunguis.com: did not receive HSTS header puentes.info: did not receive HSTS header puetter.eu: could not connect to host @@ -10917,6 +11778,7 @@ punkdns.top: could not connect to host puppydns.com: did not receive HSTS header purahealthyliving.com: could not connect to host purbd.com: did not receive HSTS header +pureholisticliving.me: could not connect to host purewebmasters.com: could not connect to host purplehippie.in: did not receive HSTS header purplez.pw: did not receive HSTS header @@ -10952,17 +11814,18 @@ q-rickroll-u.pw: could not connect to host q2.si: did not receive HSTS header q8mp3.me: did not receive HSTS header qadmium.tk: could not connect to host -qaz.cloud: did not receive HSTS header +qamrulhaque.com: could not connect to host qazcloud.com: could not connect to host qbik.de: did not receive HSTS header qbin.io: did not receive HSTS header qbnt.ca: could not connect to host qccqld.org.au: could not connect to host qe2homelottery.com: did not receive HSTS header +qensio.com: did not receive HSTS header qforum.org: could not connect to host qi0.de: did not receive HSTS header qiannews.net: could not connect to host -qikan.net: could not connect to host +qifu.org.cn: could not connect to host qimiao.io: did not receive HSTS header qingxuan.info: could not connect to host qinxi1992.com: could not connect to host @@ -10970,9 +11833,7 @@ qionglu.pw: could not connect to host qipp.com: did not receive HSTS header qirinus.com: did not receive HSTS header qixxit.de: did not receive HSTS header -qkmortgage.com: could not connect to host qldconservation.org: could not connect to host -qledtech.com: did not receive HSTS header qnatek.org: could not connect to host qonqa.de: did not receive HSTS header qoohoot.com: did not receive HSTS header @@ -10981,25 +11842,28 @@ qoqo.us: did not receive HSTS header qorm.co.uk: could not connect to host qqj.net: could not connect to host qqq.gg: could not connect to host +qqvips.com: could not connect to host +qqvrsmart.cn: could not connect to host qrara.net: did not receive HSTS header qredo.com: did not receive HSTS header qrforex.com: did not receive HSTS header qrlending.com: could not connect to host qrlfinancial.com: could not connect to host qswoo.org: did not receive HSTS header +qto.com: could not connect to host qto.org: could not connect to host quail.solutions: could not connect to host quakerlens.com: did not receive HSTS header quality1.com.br: did not receive HSTS header qualityology.com: did not receive HSTS header quanglepro.com: could not connect to host -quangngaimedia.com: did not receive HSTS header -quanjinlong.cn: could not connect to host +quangngaimedia.com: could not connect to host +quanjinlong.cn: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] quantacloud.ch: could not connect to host quantenteranik.eu: could not connect to host quantor.dk: did not receive HSTS header quantum-cloud.xyz: could not connect to host -quantum-ethics.com: did not receive HSTS header +quantum-ethics.com: could not connect to host quantum-lviv.pp.ua: could not connect to host quantumcore.cn: could not connect to host quantumcourse.org: did not receive HSTS header @@ -11011,6 +11875,7 @@ quelmandataire.fr: did not receive HSTS header queroreceitasoberana.com.br: did not receive HSTS header queryplayground.com: could not connect to host questions-admin.com: did not receive HSTS header +questionyu.com: did not receive HSTS header questsandrewards.com: could not connect to host quic.fr: did not receive HSTS header quickandroid.tools: could not connect to host @@ -11024,38 +11889,38 @@ quizmemes.org: could not connect to host quotehex.com: could not connect to host quotemaster.co.za: could not connect to host quranserver.net: could not connect to host +qwallet.ca: did not receive HSTS header +qwaser.fr: could not connect to host qwilink.me: did not receive HSTS header -qybot.cc: did not receive HSTS header +qybot.cc: could not connect to host r-ay.club: did not receive HSTS header -r-ay.cn: could not connect to host r-core.org: could not connect to host r-core.ru: could not connect to host r-cut.fr: could not connect to host r-rickroll-u.pw: could not connect to host +r0t.co: could not connect to host r10n.com: did not receive HSTS header r15.me: did not receive HSTS header r18.moe: did not receive HSTS header -r3bl.me: did not receive HSTS header -ra-schaal.de: did not receive HSTS header raajheshkannaa.com: could not connect to host rabbitvcactus.eu: did not receive HSTS header rabota-x.ru: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] racasdecachorro.org: could not connect to host rackblue.com: could not connect to host racktear.com: did not receive HSTS header -rad-route.de: did not receive HSTS header +rad-route.de: could not connect to host raddavarden.nu: could not connect to host radicaleducation.net: could not connect to host radioheteroglossia.com: did not receive HSTS header -radiosendungen.com: did not receive HSTS header +radiorsvp.com: did not receive HSTS header rafaelcz.de: could not connect to host ragingserenity.com: did not receive HSTS header ragnaroktop.com.br: could not connect to host rahadiana.com: could not connect to host rahamasin.eu: could not connect to host +rai-co.net: did not receive HSTS header raiblockscommunity.net: could not connect to host raidstone.com: could not connect to host -raidstone.net: could not connect to host raidstone.rocks: could not connect to host railgun.com.cn: could not connect to host rainbin.com: could not connect to host @@ -11065,7 +11930,9 @@ raisecorp.com: could not connect to host raitza.de: could not connect to host rajkapoordas.com: could not connect to host ramarka.de: could not connect to host -ramitmittal.com: could not connect to host +ramatola.uk: could not connect to host +ramblingrf.tech: could not connect to host +ramezanloo.com: did not receive HSTS header ramon-c.nl: could not connect to host ramonj.nl: could not connect to host randomcage.com: did not receive HSTS header @@ -11075,22 +11942,20 @@ randomwinpicker.de: could not connect to host randy.pw: could not connect to host ranegroup.hosting: could not connect to host rankthespot.com: could not connect to host -ranktopay.com: did not receive HSTS header rannseier.org: did not receive HSTS header ranos.org: could not connect to host rany.duckdns.org: could not connect to host rany.io: could not connect to host rany.pw: could not connect to host -rapidemobile.com: could not connect to host +rapidemobile.com: did not receive HSTS header rapidflow.io: could not connect to host rapido.nu: could not connect to host rapidresearch.me: could not connect to host rapidthunder.io: could not connect to host -rasing.me: did not receive HSTS header +rasing.me: could not connect to host raspass.me: did not receive HSTS header raspberry.us: could not connect to host raspberryultradrops.com: did not receive HSTS header -raspii.tech: could not connect to host rastreador.com.es: did not receive HSTS header ratajczak.fr: could not connect to host rate-esport.de: could not connect to host @@ -11107,13 +11972,14 @@ raven.lipetsk.ru: could not connect to host ravengergaming.ga: could not connect to host ravengergaming.net: could not connect to host ravenx.me: could not connect to host -ravkr.duckdns.org: max-age too low: 360000 +ravkr.duckdns.org: could not connect to host ravse.dk: could not connect to host raw-diets.com: did not receive HSTS header rawet.se: could not connect to host rawoil.com: could not connect to host rawr.sexy: could not connect to host rawstorieslondon.com: could not connect to host +rayanitco.com: did not receive HSTS header raycarruthersphotography.co.uk: could not connect to host raydan.space: could not connect to host raydobe.me: could not connect to host @@ -11127,8 +11993,8 @@ rbqcloud.com: could not connect to host rbti.me: could not connect to host rbxcatalog.com: could not connect to host rc4.io: could not connect to host +rc7.ch: could not connect to host rcafox.com: could not connect to host -rcmlinx.com: could not connect to host rcoliveira.com: could not connect to host rcpcbd.com: could not connect to host rcvd.io: did not receive HSTS header @@ -11137,7 +12003,7 @@ rdfz.tech: could not connect to host rdh.asia: did not receive HSTS header rdns.im: did not receive HSTS header rdyrda.fr: could not connect to host -re-customer.net: did not receive HSTS header +re-customer.net: could not connect to host re-wilding.com: could not connect to host reachr.com: could not connect to host reactdatepicker.com: did not receive HSTS header @@ -11147,6 +12013,7 @@ readism.io: could not connect to host readityourself.net: did not receive HSTS header readmeeatmedrinkme.com: did not receive HSTS header readr.pw: could not connect to host +readtldr.com: could not connect to host readydok.com: did not receive HSTS header reagir43.fr: did not receive HSTS header reaiaer.com: could not connect to host @@ -11154,13 +12021,15 @@ reakyaweso.me: could not connect to host real-bits.com: could not connect to host real-compare.com: did not receive HSTS header realcli.com: could not connect to host +realfamilyincest.com: could not connect to host realhost.name: could not connect to host really.io: could not connect to host reallyreally.io: did not receive HSTS header realmic.net: could not connect to host realmofespionage.com: could not connect to host realnewhomes.com: could not connect to host -realwoo.com: could not connect to host +realraghavgupta.com: could not connect to host +realwoo.com: did not receive HSTS header reapdrive.net: did not receive HSTS header reaper.rip: could not connect to host reardenporn.com: could not connect to host @@ -11168,10 +12037,11 @@ rebekaesgabor.online: could not connect to host rebootmc.com: could not connect to host receitas-de-bolos.pt: did not receive HSTS header receitasdebacalhau.pt: could not connect to host -recetasdecocinaideal.com: did not receive HSTS header recetasfacilesdehacer.com: did not receive HSTS header rechat.com: did not receive HSTS header rechenwerk.net: could not connect to host +recht-freundlich.de: did not receive HSTS header +rechtenliteratuurleiden.nl: could not connect to host recompiled.org: max-age too low: 7776000 recruitsecuritytraining.co.uk: could not connect to host recruitsecuritytraining.com: could not connect to host @@ -11184,7 +12054,8 @@ reddiseals.com: [Exception... "Component returned failure code: 0x80004005 (NS_E reddit.com: did not receive HSTS header rede.ca: did not receive HSTS header redeemingbeautyminerals.com: max-age too low: 0 -redhorsemountainranch.com: could not connect to host +redgatesoftware.co.uk: could not connect to host +redhorsemountainranch.com: did not receive HSTS header redicabo.de: could not connect to host redirectman.com: could not connect to host redizoo.com: did not receive HSTS header @@ -11193,9 +12064,10 @@ redmbk.com: did not receive HSTS header redneck-gaming.de: did not receive HSTS header redner.cc: did not receive HSTS header rednertv.de: did not receive HSTS header -rednoseday.com: did not receive HSTS header +rednoseday.com: could not connect to host redoakmedia.net: did not receive HSTS header redperegrine.com: did not receive HSTS header +redporno.cz: could not connect to host redports.org: could not connect to host redra.ws: did not receive HSTS header redstarsurf.com: did not receive HSTS header @@ -11208,8 +12080,11 @@ reeson.org: could not connect to host ref1oct.nl: could not connect to host refactor.zone: did not receive HSTS header referenten.org: did not receive HSTS header +refficience.com: could not connect to host refitplanner.com: did not receive HSTS header reflecton.io: could not connect to host +reforesttheplanet.com: could not connect to host +reformatreality.com: could not connect to host refreshingserum.com: could not connect to host reg.ru: did not receive HSTS header regaloaks.com: did not receive HSTS header @@ -11221,6 +12096,7 @@ reggae-cdmx.com: could not connect to host reginagroffy.com: could not connect to host regio-salland.nl: could not connect to host regionale.org: did not receive HSTS header +register.gov.uk: did not receive HSTS header registertovoteflorida.gov: did not receive HSTS header regoul.com: did not receive HSTS header regsec.com: could not connect to host @@ -11231,32 +12107,29 @@ reidascuecas.com.br: could not connect to host reignsphere.net: could not connect to host reikiqueen.uk: could not connect to host reinaertvandecruys.me: could not connect to host +reineberthe.ch: could not connect to host reismil.ch: could not connect to host reisyukaku.org: did not receive HSTS header reithguard-it.de: did not receive HSTS header rejo.in: could not connect to host rejuvemedspa.com: did not receive HSTS header -rekyou.com: could not connect to host relatic.net: could not connect to host relayawards.com: could not connect to host reldoc.com.mx: did not receive HSTS header reliable-mail.de: could not connect to host +religiousforums.com: did not receive HSTS header relisten.nl: did not receive HSTS header relsak.cz: could not connect to host rem.pe: did not receive HSTS header rema.site: did not receive HSTS header -remaimodern.org: did not receive HSTS header remain.london: could not connect to host -remedica.fr: did not receive HSTS header -remedioskaseros.com: did not receive HSTS header +remedica.fr: could not connect to host remedium.de: could not connect to host remedyrehab.com: did not receive HSTS header rememberthis.co.za: could not connect to host -remitatm.com: could not connect to host remodela.com.ve: could not connect to host remodelwithlegacy.com: did not receive HSTS header remonttitekniikka.fi: could not connect to host -remoteham.com: could not connect to host remotestance.com: did not receive HSTS header rencaijia.com: did not receive HSTS header rencontres-erotiques.com: did not receive HSTS header @@ -11264,15 +12137,17 @@ rengarenkblog.com: could not connect to host renideo.fr: could not connect to host renkhosting.com: could not connect to host renlong.org: did not receive HSTS header +rennfire.org: could not connect to host renrenss.com: could not connect to host -rentacarcluj.xyz: did not receive HSTS header +rentacarcluj.xyz: could not connect to host rentbrowser.com: could not connect to host rentbrowsertrain.me: could not connect to host rentcarassist.com: could not connect to host renteater.com: could not connect to host rentex.com: did not receive HSTS header renxinge.cn: did not receive HSTS header -repex.co.il: did not receive HSTS header +reparo.pe: did not receive HSTS header +repex.co.il: could not connect to host replaceits.me: could not connect to host replacemychina.com: could not connect to host repo.ml: did not receive HSTS header @@ -11288,15 +12163,17 @@ reporturi.io: did not receive HSTS header reporturl.com: did not receive HSTS header reporturl.io: did not receive HSTS header reposaarenkuva.fi: could not connect to host -reprolife.co.uk: could not connect to host -reputationweaver.com: could not connect to host +reprolife.co.uk: did not receive HSTS header +reptilauksjonen.no: did not receive HSTS header +repustate.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] reqognize.com: could not connect to host +request-trent.com: did not receive HSTS header res-rheingau.de: did not receive HSTS header res42.com: could not connect to host -resc.la: could not connect to host research.md: could not connect to host reseponline.info: did not receive HSTS header reserve-online.net: did not receive HSTS header +reservoirtp.fr: did not receive HSTS header residentsinsurance.co.uk: did not receive HSTS header resl20.servehttp.com: could not connect to host resoundpro.ca: could not connect to host @@ -11314,11 +12191,12 @@ restoreresearchstudy.com: did not receive HSTS header resultsdate.news: could not connect to host retcor.net: could not connect to host reth.ch: could not connect to host -retronet.nl: did not receive HSTS header +retogroup.com: could not connect to host +retrojar.top: could not connect to host retropage.co: did not receive HSTS header retrowave.eu: could not connect to host rets.org.br: did not receive HSTS header -retube.ga: could not connect to host +retube.ga: did not receive HSTS header returnofwar.com: could not connect to host revapost.ch: could not connect to host revealdata.com: did not receive HSTS header @@ -11329,14 +12207,15 @@ review.info: did not receive HSTS header reviewbestseller.com: did not receive HSTS header reviewjust.com: did not receive HSTS header revistapequenosolhares.com.br: could not connect to host -revlect.com: did not receive HSTS header revolutionhive.com: could not connect to host revtut.net: could not connect to host rewopit.net: could not connect to host rex.st: could not connect to host +rexhockingkelpies.com.au: did not receive HSTS header reykjavik.guide: could not connect to host rezun.cloud: did not receive HSTS header rf.tn: could not connect to host +rgservers.com: did not receive HSTS header rhapsodhy.hu: could not connect to host rhdigital.pro: could not connect to host rhering.de: could not connect to host @@ -11351,26 +12230,27 @@ richardb.me: could not connect to host richeza.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] richiemail.net: could not connect to host richmondsunlight.com: did not receive HSTS header -richsiciliano.com: could not connect to host +richmtdriver.com: could not connect to host +richsiciliano.com: did not receive HSTS header richterphilipp.com: could not connect to host rickmartensen.nl: did not receive HSTS header +ricknox.com: did not receive HSTS header rid-wan.com: could not connect to host +riddims.co: did not receive HSTS header rideaudiscount.com: did not receive HSTS header rideforwade.com: could not connect to host rideforwade.net: could not connect to host rideforwade.org: could not connect to host -rideworks.com: did not receive HSTS header +rideworks.com: could not connect to host ridingoklahoma.com: could not connect to host ridwan.co: could not connect to host rienasemettre.fr: did not receive HSTS header -riesenmagnete.de: did not receive HSTS header +riesenmagnete.de: could not connect to host rievo.net: did not receive HSTS header right-to-love.name: did not receive HSTS header right2.org: could not connect to host righteousendeavour.com: could not connect to host righttoknow.ie: did not receive HSTS header -rigolitch.fr: could not connect to host -rigsalesaustralia.com: did not receive HSTS header rijndael.xyz: could not connect to host rijnmondeg.nl: did not receive HSTS header rika.me: could not connect to host @@ -11378,16 +12258,19 @@ ring0.xyz: did not receive HSTS header ringh.am: could not connect to host rinj.se: could not connect to host rionewyork.com.br: could not connect to host +rioshop.com.br: could not connect to host ripa.io: did not receive HSTS header rippleunion.com: could not connect to host +risi-china.com: could not connect to host risingsun.red: could not connect to host riskmgt.com.au: could not connect to host +rissato.com.br: could not connect to host ristorantefattoamano.eu: could not connect to host rithm.ch: could not connect to host rittis.ru: did not receive HSTS header rivagecare.it: did not receive HSTS header rivercruiseadvisor.com: did not receive HSTS header -rivermendhealthcenters.com: did not receive HSTS header +rivermendhealthcenters.com: could not connect to host riversideauto.net: did not receive HSTS header riverstyxgame.com: could not connect to host rivlo.com: could not connect to host @@ -11396,14 +12279,18 @@ rjnutrition.consulting: did not receive HSTS header rk6.cz: could not connect to host rkc-hygrotherm.de: could not connect to host rkmantpur.org: did not receive HSTS header +rkmedia.no: could not connect to host rmaqequipamentos.com.br: could not connect to host rmdlingerie.com.br: did not receive HSTS header rme.li: did not receive HSTS header +rmk.si: could not connect to host +rmsides.com: did not receive HSTS header roadfeast.com: could not connect to host roan24.pl: did not receive HSTS header +robert-flynn.de: could not connect to host robertabittle.com: could not connect to host -robertglastra.com: could not connect to host roberto-webhosting.nl: did not receive HSTS header +robertocasares.no-ip.biz: could not connect to host robi-net.it: could not connect to host robigalia.org: did not receive HSTS header robinvdmarkt.nl: could not connect to host @@ -11413,7 +12300,8 @@ robtex.com: did not receive HSTS header robtex.net: did not receive HSTS header robtex.org: did not receive HSTS header robust.ga: could not connect to host -rochman.id: could not connect to host +roc.net.au: could not connect to host +rochman.id: did not receive HSTS header rocketnet.ml: could not connect to host rockeyscrivo.com: did not receive HSTS header rocksberg.net: could not connect to host @@ -11429,21 +12317,22 @@ roesemann.email: could not connect to host rofrank.space: could not connect to host rogeiro.net: could not connect to host rogerdat.ovh: could not connect to host +roguefortgame.com: could not connect to host +rohanbassett.com: could not connect to host rohankrishnadev.in: could not connect to host -rohlik.cz: did not receive HSTS header roketix.co.uk: did not receive HSTS header rolandinsh.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] rolandkolodziej.com: max-age too low: 86400 +rolandreed.cn: did not receive HSTS header rolandslate.com: did not receive HSTS header rolemaster.net: could not connect to host -roleplayhome.com: could not connect to host rolroer.co.za: could not connect to host romaimperator.com: did not receive HSTS header romainmuller.xyz: did not receive HSTS header romans-place.me.uk: could not connect to host romanticschemermovie.com: could not connect to host -romanticvillas.com.au: could not connect to host romeoferraris.com: did not receive HSTS header +roms.fun: could not connect to host romulusapp.com: could not connect to host ron2k.za.net: could not connect to host rondoniatec.com.br: did not receive HSTS header @@ -11454,13 +12343,14 @@ ronwo.de: max-age too low: 1 roo.ie: could not connect to host rool.me: did not receive HSTS header roolevoi.ru: could not connect to host -room-checkin24.de: could not connect to host +room-checkin24.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +roosteroriginals.com: could not connect to host rootbsd.at: could not connect to host rootforum.org: did not receive HSTS header -rootrelativity.com: did not receive HSTS header +rootrelativity.com: could not connect to host rootservice.org: did not receive HSTS header rootwpn.com: could not connect to host -rop.io: could not connect to host +rop.io: did not receive HSTS header roquecenter.org: did not receive HSTS header roromendut.online: could not connect to host rorymcdaniel.com: did not receive HSTS header @@ -11470,11 +12360,14 @@ rospa100.com: did not receive HSTS header rossclark.com: did not receive HSTS header rossen.be: did not receive HSTS header rossiworld.com: did not receive HSTS header +rosslug.org.uk: could not connect to host rotex1840.de: did not receive HSTS header rotozen.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] rotter-dam.nl: did not receive HSTS header rotterdamjazz.info: could not connect to host +rotzonline.com: could not connect to host rough.nu: could not connect to host +roundaboutweb.info: did not receive HSTS header roundtheme.com: did not receive HSTS header rous.se: could not connect to host rouvray.org: could not connect to host @@ -11486,6 +12379,7 @@ royalsignaturecruise.com: could not connect to host roychan.org: max-age too low: 0 royzez.com: could not connect to host rozalisbengal.ro: could not connect to host +rozalynne-dawn.ga: could not connect to host rozeapp.nl: could not connect to host rpasafrica.com: could not connect to host rr.in.th: could not connect to host @@ -11494,30 +12388,30 @@ rrom.me: did not receive HSTS header rs-devdemo.host: could not connect to host rsajeey.info: could not connect to host rsampaio.info: did not receive HSTS header -rsblake.net: could not connect to host rsf.io: could not connect to host rsi.im: did not receive HSTS header rskuipers.com: did not receive HSTS header rsmaps.org: could not connect to host -rstraining.co.uk: could not connect to host +rsships.com: could not connect to host +rstraining.co.uk: did not receive HSTS header rstsecuritygroup.co.uk: could not connect to host rtc.fun: could not connect to host -rte.eu: could not connect to host rtho.me: did not receive HSTS header rtvi.com: did not receive HSTS header +ru-music.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] rubbereggs.ca: could not connect to host rubbix.net: could not connect to host rubecodeberg.com: could not connect to host -ruben.am: did not receive HSTS header rubendv.be: did not receive HSTS header +rubens.cloud: did not receive HSTS header rubenschulz.nl: could not connect to host rubi-ka.net: max-age too low: 0 ruborr.se: did not receive HSTS header rubysecurity.org: did not receive HSTS header -rubyshop.nl: did not receive HSTS header +rubyshop.nl: could not connect to host rudeotter.com: did not receive HSTS header rue-de-la-vieille.fr: max-age too low: 0 -rueg.eu: could not connect to host +ruedigervoigt.de: could not connect to host ruflay.ru: could not connect to host rugirlfriend.com: could not connect to host rugs.ca: did not receive HSTS header @@ -11527,27 +12421,29 @@ ruig.jp: could not connect to host ruitershoponline.nl: did not receive HSTS header ruja.dk: did not receive HSTS header rukhaiyar.com: could not connect to host +rullzer.com: did not receive HSTS header +rumlager.de: max-age too low: 600000 rummel-platz.de: could not connect to host rumoterra.com.br: could not connect to host run-forrest.run: could not connect to host runawebinar.nl: could not connect to host runcarina.com: could not connect to host rundumcolumn.xyz: could not connect to host -runementors.com: could not connect to host runhardt.eu: did not receive HSTS header runtl.com: did not receive HSTS header runtondev.com: did not receive HSTS header -ruobiyi.com: could not connect to host ruqu.nl: could not connect to host rusadmin.biz: did not receive HSTS header +rushball.net: could not connect to host rusl.me: could not connect to host -rusmolotok.ru: could not connect to host russmarshall.com: could not connect to host rustbyexample.com: did not receive HSTS header rustfanatic.com: did not receive HSTS header ruurdboomsma.nl: could not connect to host ruxit.com: did not receive HSTS header rvg.zone: could not connect to host +rvoigt.eu: could not connect to host +rvolve.net: could not connect to host rw-solutions.tech: could not connect to host rwanderlust.com: did not receive HSTS header rxprep.com: did not receive HSTS header @@ -11561,24 +12457,22 @@ rylore.com: could not connect to host ryssland.guide: could not connect to host rzegroup.com: did not receive HSTS header s-d-v.ch: could not connect to host -s-ip-media.de: could not connect to host s-on.li: could not connect to host s-rickroll-p.pw: could not connect to host s.how: could not connect to host s0923.com: could not connect to host s0laris.co.uk: could not connect to host -s13d.fr: could not connect to host s1mplescripts.de: could not connect to host +s1ris.org: did not receive HSTS header +s3cases.com: did not receive HSTS header s3n.se: could not connect to host saabwa.org: did not receive HSTS header sabatek.pl: did not receive HSTS header -sabine-forschbach.de: could not connect to host -sabineforschbach.de: could not connect to host -sabtunes.com: did not receive HSTS header +sac-shop.com: did not receive HSTS header saco-ceso.com: could not connect to host sadiejanehair.com: could not connect to host +sadsu.com: did not receive HSTS header safari-afrique.com: did not receive HSTS header -safe.moe: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] safedevice.net: did not receive HSTS header safelist.eu: did not receive HSTS header safemovescheme.co.uk: could not connect to host @@ -11589,7 +12483,7 @@ safersurfing.eu: did not receive HSTS header safesecret.info: did not receive HSTS header safetyrisk.net: did not receive HSTS header safewings-nh.nl: could not connect to host -safing.me: did not receive HSTS header +safing.me: could not connect to host safnah.com: did not receive HSTS header sagarhandicraft.com: could not connect to host sageth.com: could not connect to host @@ -11597,16 +12491,22 @@ sah3.net: could not connect to host sail-nyc.com: did not receive HSTS header saint-astier-triathlon.com: did not receive HSTS header saintjohnlutheran.church: did not receive HSTS header +saintw.com: could not connect to host sairai.bid: could not connect to host sakaserver.com: did not receive HSTS header sakib.ninja: did not receive HSTS header sakurabuff.com: could not connect to host +sakuraplay.com: did not receive HSTS header salaervergleich.com: did not receive HSTS header sale.sh: could not connect to host salearnership.co.za: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] saleslift.pl: did not receive HSTS header +salishseawhalewatching.ca: could not connect to host sallysubs.com: could not connect to host +salmo23.com.br: could not connect to host +salon-claudia.ch: could not connect to host salonestella.it: could not connect to host +salrosadohimalaia.com: did not receive HSTS header salserocafe.com: did not receive HSTS header salserototal.com: could not connect to host saltedskies.com: could not connect to host @@ -11618,10 +12518,8 @@ samanthahumphreysstudio.com: did not receive HSTS header samaritan.tech: could not connect to host samaritansnet.org: did not receive HSTS header sametovymesic.cz: could not connect to host -samkelleher.com: could not connect to host saml2.com: could not connect to host -samlamac.com: did not receive HSTS header -samm.com.au: did not receive HSTS header +samlamac.com: could not connect to host sammyjohnson.com: could not connect to host samp.im: could not connect to host sampcup.com: could not connect to host @@ -11631,49 +12529,56 @@ samsen.club: could not connect to host samsonova.de: could not connect to host samsungxoa.com: could not connect to host samvanderkris.com: did not receive HSTS header -samwu.tw: could not connect to host +samvanderkris.xyz: did not receive HSTS header sanael.net: could not connect to host +sanandreasstories.com: did not receive HSTS header sanasalud.org: could not connect to host sanatfilan.com: did not receive HSTS header sanatrans.com: could not connect to host +sand-islets.de: did not receive HSTS header +sanderknape.com: did not receive HSTS header +sandhaufen.tk: could not connect to host +sandtonplumber24-7.co.za: did not receive HSTS header sandviks.com: did not receive HSTS header sanguoxiu.com: could not connect to host sanhei.ch: did not receive HSTS header -sanik.my: could not connect to host -sanissimo.com.mx: max-age too low: 86400 -sannesfotklinikk.no: did not receive HSTS header +sanik.my: did not receive HSTS header sanradon.by: did not receive HSTS header sansage.com.br: could not connect to host sansdev.com: could not connect to host sansemea.com: did not receive HSTS header -santanderideas.com: could not connect to host santi.eu: did not receive HSTS header +santing.net: could not connect to host santmark.com: could not connect to host santmark.eu: could not connect to host santmark.fi: could not connect to host santmark.info: could not connect to host santmark.net: could not connect to host santmark.org: could not connect to host -santodomingocg.org: did not receive HSTS header +santodomingocg.org: could not connect to host santorinibbs.com: did not receive HSTS header santouri.be: could not connect to host saotn.org: did not receive HSTS header sapereaude.com.pl: did not receive HSTS header +sapporobeer.com: could not connect to host sapuncheta.com: could not connect to host +saq.com: could not connect to host sarah-beckett-harpist.com: did not receive HSTS header +sarahdoyley.com: could not connect to host +sarahlouisesearle.com: could not connect to host sarahsweetlife.com: could not connect to host sarahsweger.com: could not connect to host sarakas.com: could not connect to host -saraleebread.com: max-age too low: 86400 sarangsemutbandung.com: could not connect to host sarindia.com: could not connect to host sarindia.de: could not connect to host sarisonproductions.com: did not receive HSTS header +sarkarikhoj.com: could not connect to host sarkarischeme.in: could not connect to host sarkisozleri.us: could not connect to host sarndipity.com: could not connect to host +saro.me: did not receive HSTS header saruwebshop.co.za: could not connect to host -sash.pw: could not connect to host sat.rent: did not receive HSTS header sat7a-riyadh.com: did not receive HSTS header satanichia.moe: could not connect to host @@ -11683,14 +12588,14 @@ satoshicrypt.com: did not receive HSTS header satragreen.com: did not receive HSTS header satrent.com: did not receive HSTS header satrent.se: did not receive HSTS header -satriyowibowo.my.id: did not receive HSTS header +satriyowibowo.my.id: could not connect to host satsang-uwe.de: did not receive HSTS header satsukii.moe: did not receive HSTS header +sattamatkadpboss.mobi: could not connect to host saturne.tk: could not connect to host saturngames.co.uk: could not connect to host saucyfox.net: did not receive HSTS header saudeeconforto.com.br: did not receive HSTS header -sauenytt.no: could not connect to host saumon.io: did not receive HSTS header saumon.xyz: could not connect to host saunasandstuff.ca: did not receive HSTS header @@ -11701,23 +12606,26 @@ saveaward.gov: could not connect to host savecashindia.com: did not receive HSTS header savekorea.net: max-age too low: 0 savemoneyonenergy.com: did not receive HSTS header +saveora.shop: could not connect to host savethedogfishfoundation.org: could not connect to host saveyour.biz: could not connect to host -savingbytes.com: could not connect to host +savingbytes.com: did not receive HSTS header savinggoliath.com: could not connect to host savvysuit.com: did not receive HSTS header saxol-group.com: could not connect to host +saxotex.de: did not receive HSTS header say-hanabi.com: could not connect to host sayhanabi.com: could not connect to host sazima.ru: did not receive HSTS header -sbirecruitment.co.in: could not connect to host sbm.cloud: could not connect to host sbobetfun.com: did not receive HSTS header sbox-archives.com: could not connect to host sby.de: did not receive HSTS header sc4le.com: could not connect to host +scaffoldhireeastrand.co.za: did not receive HSTS header scaffoldhirefourways.co.za: did not receive HSTS header scaffoldhirerandburg.co.za: did not receive HSTS header +scaffoldhiresandton.co.za: did not receive HSTS header scala.click: did not receive HSTS header scannabi.com: could not connect to host sch44r0n.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] @@ -11729,10 +12637,12 @@ schau-rein.co.at: did not receive HSTS header schauer.so: could not connect to host schd.io: did not receive HSTS header schermreparatierotterdam.nl: did not receive HSTS header +schil.li: could not connect to host schlabbi.com: did not receive HSTS header schmidttulskie.de: could not connect to host schmitt.ovh: could not connect to host schmitt.ws: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +schneider-electric.tg: could not connect to host schnell-abnehmen.tips: did not receive HSTS header schnell-gold.com: did not receive HSTS header scholl.io: could not connect to host @@ -11740,6 +12650,7 @@ schooli.io: could not connect to host schooltrends.co.uk: did not receive HSTS header schoolze.com: did not receive HSTS header schoop.me: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +schorel.ovh: could not connect to host schraebanowicz.net: did not receive HSTS header schreiber-netzwerk.eu: did not receive HSTS header schreibnacht.de: did not receive HSTS header @@ -11749,7 +12660,9 @@ schrodinger.io: could not connect to host schroepfglas-versand.de: did not receive HSTS header schroettle.com: did not receive HSTS header schulterglatzen-altenwalde.de: could not connect to host +schur-it.de: could not connect to host schwarzkopfforyou.de: did not receive HSTS header +schwarzwaldcon.de: could not connect to host schweiz.guide: could not connect to host schweizerbolzonello.net: could not connect to host schwetz.net: could not connect to host @@ -11758,8 +12671,9 @@ scib.tk: could not connect to host scicasts.com: max-age too low: 7776000 science-anatomie.com: did not receive HSTS header scienceathome.org: did not receive HSTS header -sciencebase.gov: did not receive HSTS header sciencemonster.co.uk: could not connect to host +scientific.boston: could not connect to host +scifi.fyi: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] scintillating.stream: could not connect to host scionasset.com: did not receive HSTS header scivillage.com: did not receive HSTS header @@ -11769,6 +12683,7 @@ scooshonline.co.uk: did not receive HSTS header scopea.fr: max-age too low: 0 score-savers.com: max-age too low: 10540800 scores4schools.com: could not connect to host +scorobudem.ru: could not connect to host scotbirchfield.com: did not receive HSTS header scottainslie.me.uk: could not connect to host scottdial.com: did not receive HSTS header @@ -11785,7 +12700,7 @@ scrambler.in: could not connect to host scrapings.net: could not connect to host screencaster.io: did not receive HSTS header screenresolution.space: could not connect to host -screensaversplanet.com: could not connect to host +screensaversplanet.com: did not receive HSTS header scribbleserver.com: could not connect to host scribe.systems: could not connect to host scrion.com: could not connect to host @@ -11796,6 +12711,7 @@ scriptict.nl: could not connect to host scriptjunkie.us: could not connect to host scrollstory.com: did not receive HSTS header scruffymen.com: could not connect to host +scrumplex.net: did not receive HSTS header sctm.at: could not connect to host sdhmanagementgroup.com: could not connect to host sdia.ru: could not connect to host @@ -11803,13 +12719,16 @@ sdl-corporatesite-staging.azurewebsites.net: did not receive HSTS header sdmoscow.ru: could not connect to host sdrobs.com: did not receive HSTS header sdsl-speedtest.de: could not connect to host +se-theories.org: could not connect to host se7ensins.com: did not receive HSTS header +seadus.ee: could not connect to host seanationals.org: did not receive HSTS header seanchaidh.org: could not connect to host seans.cc: did not receive HSTS header seanstrout.com: did not receive HSTS header seansyardservice.com: did not receive HSTS header searchgov.gov.il: did not receive HSTS header +searchshops.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] searx.pw: could not connect to host seatshare.co.uk: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] sebastian-bair.de: could not connect to host @@ -11819,10 +12738,16 @@ sebastianpedersen.com: did not receive HSTS header sebastiensenechal.com: did not receive HSTS header sebi.cf: could not connect to host sebster.com: did not receive HSTS header +sec44.com: could not connect to host +sec44.net: could not connect to host +sec44.org: could not connect to host secandtech.com: could not connect to host +secanje.nl: did not receive HSTS header seccomp.ru: did not receive HSTS header seceye.cn: could not connect to host +secitem.at: did not receive HSTS header secitem.de: could not connect to host +secitem.eu: did not receive HSTS header secnet.ga: could not connect to host secondary-survivor.com: could not connect to host secondary-survivor.help: could not connect to host @@ -11836,7 +12761,7 @@ secondpay.nl: could not connect to host secondspace.ca: could not connect to host secretnation.net: did not receive HSTS header secretofanah.com: could not connect to host -secretsanta.fr: could not connect to host +secretpanties.com: could not connect to host sectest.ml: could not connect to host sectia22.ro: did not receive HSTS header secur3.us: did not receive HSTS header @@ -11850,10 +12775,8 @@ securedevelop.net: could not connect to host securefuture.nl: did not receive HSTS header secureideas.com: did not receive HSTS header secureindia.co: could not connect to host -securejabber.me: could not connect to host secureradio.net: could not connect to host securesuisse.ch: could not connect to host -securetronic.ch: could not connect to host securita.eu: did not receive HSTS header security-carpet.com: could not connect to host security-thoughts.org: could not connect to host @@ -11862,7 +12785,6 @@ security.xn--q9jyb4c: could not connect to host securityarena.com: could not connect to host securitybsides.pl: did not receive HSTS header securityglance.com: could not connect to host -securityheaders.io: did not receive HSTS header securityinet.biz: did not receive HSTS header securityinet.net: did not receive HSTS header securityinet.org.il: could not connect to host @@ -11879,7 +12801,6 @@ sedrubal.de: could not connect to host sedziapilkarski.pl: did not receive HSTS header seedalpha.com: could not connect to host seedboxers.net: could not connect to host -seednode.co: could not connect to host seefirm.com: could not connect to host seefunk.net: did not receive HSTS header seehimnaked.com: could not connect to host @@ -11889,7 +12810,7 @@ seele.ca: could not connect to host seen.life: could not connect to host sehenderson.com: did not receive HSTS header seida.at: could not connect to host -seiko-dojo.com: could not connect to host +seiko-dojo.com: did not receive HSTS header seiler-bad.de: did not receive HSTS header seizoushokoyuubangou.com: did not receive HSTS header sektor.team: could not connect to host @@ -11899,11 +12820,10 @@ selectary.com: could not connect to host selectcertifiedautos.com: did not receive HSTS header selectruckscalltrackingreports.com: could not connect to host seleondar.ru: did not receive HSTS header -self-injury.net: did not receive HSTS header +self.nu: could not connect to host selfdefenserx.com: did not receive HSTS header selfhosters.com: could not connect to host selfie-france.fr: could not connect to host -selfmade4u.de: did not receive HSTS header selfserverx.com: could not connect to host selitysvideot.fi: did not receive HSTS header selldorado.com: could not connect to host @@ -11913,21 +12833,22 @@ sellservs.co.za: could not connect to host semantheme.fr: did not receive HSTS header semen3325.xyz: could not connect to host semenkovich.com: did not receive HSTS header -semenov.su: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] sementes.gratis: could not connect to host semps-servers.de: could not connect to host sendash.com: did not receive HSTS header sendmeback.de: did not receive HSTS header senedirect.com: could not connect to host senmonsyoku.top: did not receive HSTS header -sens2lavie.com: max-age too low: 0 +sens2lavie.com: did not receive HSTS header senseofnumber.co.uk: did not receive HSTS header senseye.io: did not receive HSTS header sensiblemn.org: could not connect to host sensibus.com: did not receive HSTS header sensoft-int.com: could not connect to host -sentinel.gov: did not receive HSTS header +sensualism.com: could not connect to host +sentic.info: did not receive HSTS header seo-lagniappe.com: did not receive HSTS header +seoarchive.org: could not connect to host seobot.com.au: could not connect to host seohochschule.de: could not connect to host seomarketingdeals.com: did not receive HSTS header @@ -11939,8 +12860,10 @@ seosec.xyz: could not connect to host seotronix.net: did not receive HSTS header seowarp.net: did not receive HSTS header sep23.ru: could not connect to host +sepakbola.win: could not connect to host sephr.com: did not receive HSTS header sepie.gob.es: did not receive HSTS header +seproco.com: could not connect to host seq.tf: did not receive HSTS header serafin.tech: could not connect to host serathius.ovh: could not connect to host @@ -11948,7 +12871,7 @@ serbien.guide: could not connect to host serenitycreams.com: did not receive HSTS header serfdom.io: did not receive HSTS header serized.pw: could not connect to host -serkaneles.com: could not connect to host +serkaneles.com: did not receive HSTS header servecrypt.com: could not connect to host servecrypt.net: could not connect to host servecrypt.ru: could not connect to host @@ -11961,27 +12884,35 @@ servergno.me: did not receive HSTS header serverlauget.no: could not connect to host servermonkey.nl: could not connect to host servfefe.com: could not connect to host +service.gov.uk: could not connect to host servicevie.com: did not receive HSTS header -servious.org: could not connect to host +servpanel.de: could not connect to host servu.de: did not receive HSTS header +servx.ru: did not receive HSTS header +serwusik.pl: did not receive HSTS header seryo.moe: could not connect to host seryo.net: could not connect to host seryovpn.com: could not connect to host -sesha.co.za: did not receive HSTS header -setkit.net: did not receive HSTS header +sesha.co.za: could not connect to host +setkit.net: could not connect to host setuid.de: could not connect to host setuid.io: did not receive HSTS header -setuid0.kr: could not connect to host sevenhearts.online: could not connect to host +sewoo.co.uk: could not connect to host +sex-education.com: could not connect to host +sexgarage.de: could not connect to host +sexocomgravidas.com: could not connect to host +sexoyrelax.com: could not connect to host +sexpay.net: could not connect to host sexshopfacil.com.br: could not connect to host sexshopsgay.com: did not receive HSTS header +sexwork.net: could not connect to host seyahatsagliksigortalari.com: could not connect to host seydaozcan.com: did not receive HSTS header -seyr.it: could not connect to host sfashion.si: did not receive HSTS header +sfaturiit.ro: could not connect to host sfhobbies.com.br: could not connect to host sfsltd.com: did not receive HSTS header -sgcaccounts.co.uk: did not receive HSTS header sgovaard.nl: did not receive HSTS header sgthotshot.com: could not connect to host sh11.pp.ua: did not receive HSTS header @@ -11994,7 +12925,6 @@ shadow-socks.org: did not receive HSTS header shadow-socks.pro: could not connect to host shadowguardian507-irl.tk: did not receive HSTS header shadowguardian507.tk: did not receive HSTS header -shadowict.net: could not connect to host shadowmorph.info: did not receive HSTS header shadowplus.net: could not connect to host shadowrocket.net: could not connect to host @@ -12016,14 +12946,16 @@ shahbeat.com: could not connect to host shaitan.eu: could not connect to host shakebox.de: could not connect to host shamka.ru: could not connect to host +shandonsg.co.uk: could not connect to host shanesage.com: could not connect to host shang-yu.cn: could not connect to host -shankangke.com: did not receive HSTS header shanxiapark.com: could not connect to host +shanyhs.com: did not receive HSTS header shapesedinburgh.co.uk: did not receive HSTS header shardsoft.com: could not connect to host shareimg.xyz: could not connect to host sharejoy.cn: did not receive HSTS header +sharemessage.net: could not connect to host shareoine.com: did not receive HSTS header sharepass.pw: could not connect to host sharepic.xyz: could not connect to host @@ -12043,12 +12975,14 @@ shawnstarrcustomhomes.com: did not receive HSTS header shawnwilson.info: could not connect to host shellj.me: did not receive HSTS header shellsec.pw: did not receive HSTS header +shemissed.me: did not receive HSTS header shentengtu.idv.tw: could not connect to host shep.co.il: did not receive HSTS header sheratan.web.id: could not connect to host -shereallyheals.com: did not receive HSTS header +shereallyheals.com: could not connect to host shermantank.biz: did not receive HSTS header shervik.ga: could not connect to host +shethbox.com: could not connect to host shevronpatriot.ru: did not receive HSTS header sheying.tm: could not connect to host shg-pornographieabhaengigkeit.de: did not receive HSTS header @@ -12056,8 +12990,6 @@ shh.sh: could not connect to host shiatsu-institut.ch: could not connect to host shibainu.com.br: could not connect to host shibe.club: could not connect to host -shieldfe.com: could not connect to host -shieldofachilles.in: could not connect to host shift.ooo: did not receive HSTS header shiftins.com: could not connect to host shiftnrg.org: did not receive HSTS header @@ -12079,7 +13011,7 @@ shiroki-k.net: could not connect to host shirosaki.org: could not connect to host shiseki.top: did not receive HSTS header shishkin.link: did not receive HSTS header -shitfest.info: could not connect to host +shitfest.info: did not receive HSTS header shitposting.life: could not connect to host shk.im: could not connect to host shlemenkov.by: could not connect to host @@ -12088,7 +13020,6 @@ sho-tanaka.jp: did not receive HSTS header shocksrv.com: did not receive HSTS header shooshosha.com: could not connect to host shootpooloklahoma.com: could not connect to host -shopatkei.com: could not connect to host shopdopastor.com.br: could not connect to host shopherbal.co.za: could not connect to host shopods.com: did not receive HSTS header @@ -12101,12 +13032,12 @@ shops.neonisi.com: could not connect to host shortpath.com: could not connect to host shortr.li: could not connect to host shota.party: could not connect to host -shota.vip: could not connect to host shotpixonline.com.br: did not receive HSTS header show-stream.tv: could not connect to host shower.im: did not receive HSTS header showkeeper.tv: did not receive HSTS header showroom.de: did not receive HSTS header +shoxmusic.net: did not receive HSTS header shred.ch: could not connect to host shredoptics.ch: could not connect to host shtorku.com: could not connect to host @@ -12128,39 +13059,39 @@ sichere-kartenakzeptanz.de: could not connect to host siciliadigitale.pro: could not connect to host sictame-tigf.org: did not receive HSTS header siebens.net: could not connect to host +sieh.es: did not receive HSTS header sifls.com: could not connect to host sifreuret.com: could not connect to host signere.com: could not connect to host -signere.no: could not connect to host +signere.no: did not receive HSTS header signoracle.com: could not connect to host signosquecombinam.com.br: could not connect to host sigsegv.run: did not receive HSTS header -sigterm.no: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +sihaizixun.net: could not connect to host siikarantacamping.fi: did not receive HSTS header sijimi.cn: could not connect to host sijmenschoon.nl: could not connect to host sikatehtaat.fi: could not connect to host siku.pro: could not connect to host -silent.live: could not connect to host silentcircle.com: did not receive HSTS header silentcircle.org: could not connect to host silentexplosion.de: could not connect to host silentlink.io: could not connect to host silentmode.com: max-age too low: 7889238 silicagelpackets.ca: did not receive HSTS header -sillisalaatti.fi: could not connect to host +silke-hunde.de: did not receive HSTS header silqueskineyeserum.com: could not connect to host silver-drachenkrieger.de: did not receive HSTS header silverback.is: did not receive HSTS header silvergoldbull.ba: could not connect to host silvergoldbull.md: could not connect to host -silvergoldbull.ru: could not connect to host silverhome.ninja: could not connect to host silverpvp.com: could not connect to host silverstartup.sk: could not connect to host silviamacallister.com: did not receive HSTS header silvistefi.com: could not connect to host -silvobeat.blog: could not connect to host +sim-sim.appspot.com: did not receive HSTS header +sim4seed.org: could not connect to host simbast.com: could not connect to host simbihaiti.com: max-age too low: 7889238 simbol.id: could not connect to host @@ -12168,7 +13099,7 @@ simbolo.co.uk: could not connect to host simccorp.com: did not receive HSTS header simeon.us: max-age too low: 2592000 simfri.com: could not connect to host -simha.online: could not connect to host +simha.online: did not receive HSTS header simhaf.cf: could not connect to host simnovo.net: did not receive HSTS header simobilklub.si: could not connect to host @@ -12178,6 +13109,7 @@ simon.butcher.name: max-age too low: 2629743 simon.lc: did not receive HSTS header simongong.net: did not receive HSTS header simonsaxon.com: did not receive HSTS header +simonschmitt.ch: could not connect to host simonsmh.cc: did not receive HSTS header simpan.id: could not connect to host simpeo.fr: did not receive HSTS header @@ -12193,6 +13125,7 @@ simplixos.org: could not connect to host simplyenak.com: did not receive HSTS header sims4hub.ga: could not connect to host simtin-net.de: could not connect to host +simumiehet.com: could not connect to host simyo.nl: did not receive HSTS header sin30.net: could not connect to host sincai666.com: could not connect to host @@ -12201,27 +13134,29 @@ sincron.org: could not connect to host sinefili.com: did not receive HSTS header sinful.pw: could not connect to host singee.site: could not connect to host -singerwang.com: did not receive HSTS header +singerwang.com: could not connect to host +singles-berlin.de: could not connect to host singul4rity.com: could not connect to host sinkip.com: could not connect to host sinneserweiterung.de: could not connect to host +sinon.org: did not receive HSTS header sinoscandinavia.se: could not connect to host sinosky.org: did not receive HSTS header -sinsojb.me: could not connect to host +sinsojb.me: did not receive HSTS header sintesysglobal.com: did not receive HSTS header sinusbot.online: did not receive HSTS header sion.moe: did not receive HSTS header -sipc.org: did not receive HSTS header -sipsik.net: could not connect to host +sipsik.net: did not receive HSTS header siqi.wang: could not connect to host +sirburton.com: did not receive HSTS header siriad.com: could not connect to host sirius-lee.net: could not connect to host siro.gq: did not receive HSTS header siroop.ch: max-age too low: 86400 -sisseastumine.ee: did not receive HSTS header +sisgopro.com: could not connect to host sistemasespecializados.com: did not receive HSTS header +sistemlash.com: did not receive HSTS header sistersurprise.de: did not receive HSTS header -sitc.sk: could not connect to host sitecloudify.com: could not connect to host sitecuatui.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] sitehome.eu: could not connect to host @@ -12231,15 +13166,17 @@ sitennisclub.com: did not receive HSTS header siterip.org: could not connect to host sites.google.com: did not receive HSTS header (error ignored - included regardless) sitesforward.com: did not receive HSTS header -sitesource101.com: did not receive HSTS header +sitesko.de: did not receive HSTS header +sitesource101.com: could not connect to host sitesten.com: did not receive HSTS header sittinginoblivion.com: did not receive HSTS header -sixcorners.info: could not connect to host sizingservers.be: did not receive HSTS header sizzle.co.uk: did not receive HSTS header +sja-se-training.com: could not connect to host +sjdaws.com: could not connect to host +sjdtaxi.com: did not receive HSTS header sjhyl11.com: could not connect to host sjsc.fr: did not receive HSTS header -sjsmith.id.au: did not receive HSTS header skandiabanken.no: did not receive HSTS header skaraborgsassistans.com: did not receive HSTS header skarox.com: could not connect to host @@ -12248,9 +13185,9 @@ skarox.eu: could not connect to host skarox.net: could not connect to host skarox.ru: could not connect to host skates.guru: did not receive HSTS header +skday.com: did not receive HSTS header ski-insurance.com.au: did not receive HSTS header skidstresser.com: could not connect to host -skifairview.com: did not receive HSTS header skiinstructor.services: did not receive HSTS header skilldetector.com: could not connect to host skillproxy.com: could not connect to host @@ -12265,6 +13202,7 @@ skoda-clever-lead.de: could not connect to host skoda-im-dialog.de: could not connect to host skoda-nurdiebesten.de: did not receive HSTS header skoda-service-team-cup.de: did not receive HSTS header +skomski.org: did not receive HSTS header skotty.io: did not receive HSTS header skpdev.net: could not connect to host skrivande.co: could not connect to host @@ -12272,14 +13210,17 @@ skullhouse.nyc: did not receive HSTS header sky-aroma.com: could not connect to host skyasker.cn: could not connect to host skyasker.com: did not receive HSTS header -skybound.link: could not connect to host +skybloom.com: could not connect to host skyflix.me: could not connect to host skyline.link: could not connect to host skyline.tw: did not receive HSTS header skylocker.net: could not connect to host +skylocker.nl: could not connect to host skyoy.com: did not receive HSTS header skypeassets.com: could not connect to host +skypoker.com: could not connect to host skyrunners.ch: could not connect to host +skytec.host: did not receive HSTS header skyvault.io: could not connect to host skyveo.ml: did not receive HSTS header skyway.capital: did not receive HSTS header @@ -12294,7 +13235,7 @@ slashand.co: could not connect to host slashbits.no: did not receive HSTS header slashdesign.it: did not receive HSTS header slashem.me: did not receive HSTS header -slattery.co: could not connect to host +slattery.co: did not receive HSTS header slauber.de: did not receive HSTS header sleeklounge.com: did not receive HSTS header sleep10.com: could not connect to host @@ -12309,34 +13250,40 @@ sln.cloud: could not connect to host slope.haus: could not connect to host slovakiana.sk: did not receive HSTS header slovoice.org: could not connect to host +slowfood.es: did not receive HSTS header slowsociety.org: could not connect to host slse.ca: max-age too low: 0 +sluimann.de: could not connect to host sluplift.com: did not receive HSTS header -slycurity.de: did not receive HSTS header +slycurity.de: could not connect to host slytech.ch: could not connect to host smallcdn.rocks: could not connect to host smallchat.nl: could not connect to host smalldata.tech: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -smallplanet.ch: could not connect to host +smallplanet.ch: did not receive HSTS header smallshopit.com: did not receive HSTS header smart-mirror.de: did not receive HSTS header smart-ov.nl: could not connect to host smartbiz.vn: could not connect to host -smartboleta.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +smartboleta.com: did not receive HSTS header smartbuyelectric.com: could not connect to host smartcoin.com.br: could not connect to host smarterskies.gov: did not receive HSTS header smarthomedna.com: did not receive HSTS header +smartietop.com: could not connect to host smartit.pro: did not receive HSTS header smartlend.se: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] smartofficesandsmarthomes.com: did not receive HSTS header smartofficeusa.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] smartphone.continental.com: could not connect to host smartrak.co.nz: did not receive HSTS header +smartshoppers.es: did not receive HSTS header +smcbox.com: could not connect to host smdev.fr: could not connect to host smet.us: could not connect to host smexpt.com: did not receive HSTS header smi-a.me: could not connect to host +smiatek.name: could not connect to host smileawei.com: could not connect to host smimea.com: did not receive HSTS header smirkingwhorefromhighgarden.pro: could not connect to host @@ -12348,7 +13295,8 @@ smksultanismail2.com: could not connect to host smkw.com: did not receive HSTS header sml.lc: could not connect to host smmcab.ru: could not connect to host -smol.cat: did not receive HSTS header +smmcab.website: could not connect to host +smokinghunks.com: could not connect to host smove.sg: did not receive HSTS header smplix.com: could not connect to host smries.com: could not connect to host @@ -12365,7 +13313,8 @@ snakehosting.dk: did not receive HSTS header snapappts.com: could not connect to host snapworks.net: did not receive HSTS header snarf.in: could not connect to host -sneaker.date: did not receive HSTS header +sneak.berlin: could not connect to host +sneaker.date: could not connect to host sneed.company: could not connect to host snekchat.moe: could not connect to host snelwerk.be: could not connect to host @@ -12378,13 +13327,19 @@ snod.land: did not receive HSTS header snoozedds.com: max-age too low: 600 snoqualmiefiber.org: could not connect to host snovey.com: could not connect to host +snow-online.de: could not connect to host snowdy.eu: could not connect to host snowdy.link: could not connect to host +snowplane.net: did not receive HSTS header +snowraven.de: did not receive HSTS header so-healthy.co.uk: did not receive HSTS header sobabox.ru: could not connect to host sobinski.pl: did not receive HSTS header soboleva-pr.com.ua: could not connect to host +sobreporcentagem.com: did not receive HSTS header +socal-babes.com: could not connect to host soccergif.com: could not connect to host +soccersavings.com: could not connect to host soci.ml: could not connect to host social-journey.com: could not connect to host socialbillboard.com: could not connect to host @@ -12394,7 +13349,6 @@ socialfacecook.com: could not connect to host socialgrowing.cl: did not receive HSTS header socialhead.io: could not connect to host socialhub.com: did not receive HSTS header -socialnitro.com: could not connect to host socialprize.com: could not connect to host socialspirit.com.br: did not receive HSTS header socialworkout.com: could not connect to host @@ -12407,28 +13361,31 @@ socomponents.co.uk: could not connect to host sodacore.com: could not connect to host soe-server.com: could not connect to host softballsavings.com: did not receive HSTS header -softclean.pt: could not connect to host +softclean.pt: did not receive HSTS header sogeek.me: could not connect to host sogravatas.net.br: could not connect to host sojingle.net: could not connect to host +soju.fi: did not receive HSTS header sokolka.tv: did not receive HSTS header sol-3.de: did not receive HSTS header solarcom.com.br: could not connect to host solartrackerapp.com: could not connect to host soldbygold.net: did not receive HSTS header solentes.com.br: could not connect to host +soleria.eu: did not receive HSTS header solidfuelappliancespares.co.uk: did not receive HSTS header solidimage.com.br: could not connect to host -solidus.systems: could not connect to host +solidtuesday.com: could not connect to host +solidus.systems: did not receive HSTS header solidwebnetworks.co.uk: did not receive HSTS header solinter.com.br: did not receive HSTS header solisrey.es: could not connect to host soljem.com: did not receive HSTS header soll-i.ch: did not receive HSTS header -solos.im: did not receive HSTS header solosmusic.xyz: could not connect to host solsystems.ru: did not receive HSTS header solutive.fi: did not receive HSTS header +solvingproblems.com.au: could not connect to host solymar.co: could not connect to host some.rip: max-age too low: 6307200 somebodycares.org: did not receive HSTS header @@ -12436,8 +13393,10 @@ someshit.xyz: could not connect to host something-else.cf: could not connect to host somethingnew.xyz: could not connect to host somethingsimilar.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +somewherein.jp: did not receive HSTS header sonafe.info: did not receive HSTS header sonerezh.bzh: did not receive HSTS header +sonialive.com: did not receive HSTS header sonic.network: did not receive HSTS header sonicrainboom.rocks: could not connect to host sonja-daniels.com: could not connect to host @@ -12450,12 +13409,11 @@ soply.com: could not connect to host soporte.cc: could not connect to host sorenam.com: could not connect to host sorensen-online.com: could not connect to host -sorincocorada.ro: could not connect to host sorinmuntean.ro: did not receive HSTS header -sorn.service.gov.uk: did not receive HSTS header sortaweird.net: could not connect to host sortingwizard.com: could not connect to host soruly.moe: did not receive HSTS header +sos.de: did not receive HSTS header sosaka.ml: could not connect to host sosecu.red: could not connect to host sosiolog.com: could not connect to host @@ -12468,11 +13426,16 @@ soulcraft.bz: could not connect to host soulema.com: could not connect to host soulfulglamour.uk: could not connect to host soulsteer.com: could not connect to host +soumikghosh.com: did not receive HSTS header +soundbytemedia.com: did not receive HSTS header soundforsound.co.uk: did not receive HSTS header -souravsaha.com: did not receive HSTS header +soundgasm.net: could not connect to host +soundsecurity.io: could not connect to host +souqtajmeel.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] sourcecode.love: could not connect to host sourcelair.com: did not receive HSTS header sourcitec.com: did not receive HSTS header +sous-surveillance.net: could not connect to host southcoastkitesurf.co.uk: did not receive HSTS header southcoastswords.com: did not receive HSTS header southernjamusa.com: did not receive HSTS header @@ -12488,6 +13451,7 @@ sovereignshare.com: could not connect to host sown.dyndns.org: could not connect to host sowncloud.de: could not connect to host soz6.com: did not receive HSTS header +sp-sephiroth.jp: max-age too low: 0 sp.rw: could not connect to host spacecafe.org: did not receive HSTS header spacedust.xyz: could not connect to host @@ -12500,9 +13464,9 @@ spaggel.nl: did not receive HSTS header spaldingwall.com: could not connect to host spam.lol: could not connect to host spamloco.net: did not receive HSTS header +spanda.io: could not connect to host spangehlassociates.com: did not receive HSTS header spanien.guide: could not connect to host -spar.co.uk: max-age too low: 0 sparelib.com: max-age too low: 3650 spark.team: could not connect to host sparkbase.cn: could not connect to host @@ -12518,31 +13482,29 @@ spcx.eu: could not connect to host spdysync.com: could not connect to host specialedesigns.com: could not connect to host specialistnow.com.au: did not receive HSTS header +spectreattack.com: did not receive HSTS header speculor.net: could not connect to host -spedition-transport-umzug.de: could not connect to host spedplus.com.br: did not receive HSTS header speed-mailer.com: could not connect to host speedcounter.net: could not connect to host speeds.vip: could not connect to host speedway.com.pl: did not receive HSTS header +speedychat.it: could not connect to host speedyprep.com: did not receive HSTS header speidel.com.tr: did not receive HSTS header spencerbaer.com: could not connect to host spendwise.com.au: could not connect to host sperohub.io: could not connect to host sperohub.lt: did not receive HSTS header -spherenix.org: could not connect to host sphinx.network: could not connect to host spicydog.tk: could not connect to host spicywombat.com: could not connect to host -spidermail.tk: could not connect to host -spidernet.tk: could not connect to host spiegels.nl: could not connect to host spielcasinos.com: did not receive HSTS header -spiet.nl: could not connect to host spikeykc.me: did not receive HSTS header spilsbury.io: could not connect to host spineandscoliosis.com: did not receive HSTS header +spinner.dnshome.de: could not connect to host spirit-dev.net: max-age too low: 0 spirit-hunters-germany.de: did not receive HSTS header spiritbionic.ro: could not connect to host @@ -12555,14 +13517,19 @@ split.is: could not connect to host splunk.zone: could not connect to host spokonline.com: could not connect to host spon.cz: did not receive HSTS header +sponsorowani.pl: did not receive HSTS header sponsortobias.com: could not connect to host spontex.org: did not receive HSTS header +spookyinternet.com: could not connect to host sporara.com: did not receive HSTS header +sport247.bet: max-age too low: 2592000 sportchirp-internal.azurewebsites.net: did not receive HSTS header sporthit.ru: could not connect to host sportifik.com: did not receive HSTS header sportingoods.com.br: could not connect to host +sportressofblogitude.com: did not receive HSTS header sportscollection.com.br: could not connect to host +sportsmanadvisor.com: could not connect to host sportwette.eu: did not receive HSTS header spot-events.com: could not connect to host spotifyripper.tk: could not connect to host @@ -12574,18 +13541,18 @@ sprigings.com: did not receive HSTS header springsoffthegrid.com: could not connect to host sprint.ml: did not receive HSTS header sprk.fitness: did not receive HSTS header +sproing.ca: max-age too low: 0 spron.in: could not connect to host sproutconnections.com: could not connect to host -sprueche-zum-valentinstag.de: did not receive HSTS header -sprueche-zur-geburt.info: did not receive HSTS header +sprueche-zum-valentinstag.de: could not connect to host +sprueche-zur-geburt.info: could not connect to host sprueche-zur-hochzeit.de: did not receive HSTS header sprueche-zur-konfirmation.de: did not receive HSTS header sprutech.de: could not connect to host -sputnik1net.org: could not connect to host +spykedigital.com: could not connect to host sqetsa.com: did not receive HSTS header sqshq.de: did not receive HSTS header squaddraft.com: did not receive HSTS header -squadlinx.com: could not connect to host square.gs: could not connect to host squarelab.it: did not receive HSTS header squatldf.org: could not connect to host @@ -12610,9 +13577,9 @@ ssh.nu: could not connect to host sshool.at: could not connect to host ssl.panoramio.com: could not connect to host ssl.rip: could not connect to host +sslpoint.com: did not receive HSTS header sslzilla.de: did not receive HSTS header ssn1.ru: did not receive HSTS header -sso.to: could not connect to host sspanda.com: could not connect to host ssrvpn.tech: could not connect to host sss3s.com: could not connect to host @@ -12625,14 +13592,16 @@ stackhub.cc: could not connect to host stadionmanager.com: could not connect to host stadjerspasonline.nl: could not connect to host stadtbauwerk.at: did not receive HSTS header +stadtbuecherei-bad-wurzach.de: max-age too low: 0 stadtgartenla.com: could not connect to host staffjoy.com: did not receive HSTS header staffjoystaging.com: could not connect to host stagingjobshq.com: did not receive HSTS header -stahl.xyz: could not connect to host +stahl.xyz: did not receive HSTS header stalkerhispano.com: max-age too low: 0 stalkerteam.pl: did not receive HSTS header stalkthe.net: could not connect to host +stall-zur-linde.de: did not receive HSTS header stalschermer.nl: could not connect to host stanandjerre.org: could not connect to host standardssuck.org: did not receive HSTS header @@ -12641,6 +13610,7 @@ standoutbooks.com: max-age too low: 0 standuppaddlesports.com.au: did not receive HSTS header stannahtrapliften.nl: did not receive HSTS header star-stuff.de: did not receive HSTS header +star.do: could not connect to host starandshield.com: did not receive HSTS header starapple.nl: did not receive HSTS header starcafe.me: could not connect to host @@ -12648,15 +13618,17 @@ stardeeps.net: max-age too low: 0 starease.net: could not connect to host starfeeling.net: could not connect to host stargatepartners.com: did not receive HSTS header -starina.ru: could not connect to host starklane.com: max-age too low: 300 starmusic.ga: could not connect to host starplatinum.jp: could not connect to host starquake.nl: could not connect to host +starsam80.net: could not connect to host starsbattle.net: could not connect to host +starteesforsale.co.za: did not receive HSTS header startup.melbourne: could not connect to host startuplevel.com: could not connect to host startuponcloud.com: max-age too low: 2678400 +startuppeople.co.uk: could not connect to host startupum.ru: could not connect to host stash.ai: did not receive HSTS header state-of-body-and-mind.com: could not connect to host @@ -12670,10 +13642,11 @@ static.hosting: could not connect to host static.or.at: did not receive HSTS header staticanime.net: could not connect to host staticisnoise.com: could not connect to host -stationaryjourney.com: could not connect to host +stationaryjourney.com: did not receive HSTS header stationcharlie.com: could not connect to host stationnementdenuit.ca: did not receive HSTS header status-sprueche.de: did not receive HSTS header +status.coffee: could not connect to host statusbot.io: could not connect to host statuschecks.net: could not connect to host stavebnice.net: did not receive HSTS header @@ -12681,11 +13654,9 @@ staxflax.tk: could not connect to host stayokhotelscdc-mailing.com: could not connect to host stcable.net: did not receive HSTS header stcomex.com: did not receive HSTS header -stdrc.cc: did not receive HSTS header +stdev.org: could not connect to host steamhours.com: could not connect to host steampunkrobot.com: did not receive HSTS header -steborio.pw: could not connect to host -stedbg.net: could not connect to host steelbea.ms: could not connect to host steelrhino.co: could not connect to host steem.io: did not receive HSTS header @@ -12699,33 +13670,39 @@ steph3n.me: could not connect to host stephanierxo.com: did not receive HSTS header stephanos.me: could not connect to host stephenandburns.com: did not receive HSTS header +stephenjvoiceovers.com: did not receive HSTS header stephensolis.net: could not connect to host stephensolisrey.es: could not connect to host steplogictalent.com: could not connect to host sterjoski.com: did not receive HSTS header +stesti.cz: could not connect to host stevechekblain.win: could not connect to host stevengoodpaster.com: could not connect to host stevensheffey.me: could not connect to host stevensononthe.net: did not receive HSTS header steventruesdell.com: could not connect to host stewartremodelingadvantage.com: could not connect to host +stewonet.nl: did not receive HSTS header +stge.uk: could not connect to host sticklerjs.org: could not connect to host stickmy.cn: could not connect to host stickswag.cf: could not connect to host +stig.io: did not receive HSTS header stiger.me: could not connect to host stigroom.com: could not connect to host +stijnbelmans.be: max-age too low: 604800 stilettomoda.com.br: could not connect to host stillblackhat.id: could not connect to host stillyarts.com: did not receive HSTS header stinkytrashhound.com: could not connect to host stirlingpoon.net: could not connect to host stirlingpoon.xyz: could not connect to host -stitthappens.com: could not connect to host +stitthappens.com: did not receive HSTS header stjohnmiami.org: did not receive HSTS header stjohnsc.com: could not connect to host stkbn.com: could not connect to host stkeverneparishcouncil.org.uk: did not receive HSTS header -stl.news: did not receive HSTS header +stl.news: max-age too low: 0 stlucasmuseum.org: did not receive HSTS header stmbgr.com: could not connect to host stn.me.uk: did not receive HSTS header @@ -12740,7 +13717,6 @@ stole-my.tv: could not connect to host stomadental.com: did not receive HSTS header stonecutterscommunity.com: could not connect to host stonemanbrasil.com.br: could not connect to host -stonewuu.com: could not connect to host stopakwardhandshakes.org: could not connect to host stopwoodfin.org: could not connect to host storbritannien.guide: could not connect to host @@ -12753,13 +13729,13 @@ storiesofhealth.org: did not receive HSTS header stormhub.org: could not connect to host stormwatcher.org: could not connect to host stormyyd.com: max-age too low: 0 +storytime.hu: could not connect to host stpatricksguild.com: did not receive HSTS header stqry.com: did not receive HSTS header str0.at: did not receive HSTS header strangeplace.net: did not receive HSTS header strangescout.me: did not receive HSTS header strasweb.fr: did not receive HSTS header -strathewerd.de: did not receive HSTS header strbt.de: could not connect to host strchr.com: did not receive HSTS header stream-ing.xyz: could not connect to host @@ -12769,18 +13745,18 @@ streamer.tips: did not receive HSTS header streamingeverywhere.com: could not connect to host streamingmagazin.de: could not connect to host streampanel.net: did not receive HSTS header -streampleasure.xyz: did not receive HSTS header streamthemeeting.com: did not receive HSTS header streamzilla.com: did not receive HSTS header -streetmarket.ru: could not connect to host +street-smart-home.de: could not connect to host strehl.tk: could not connect to host -streklhof.at: did not receive HSTS header +strelitzia02.com: could not connect to host stressfreehousehold.com: could not connect to host strictlysudo.com: could not connect to host strife.tk: could not connect to host strila.me: could not connect to host striptizer.tk: did not receive HSTS header stroeercrm.de: could not connect to host +strommenhome.com: could not connect to host strongest-privacy.com: could not connect to host stuartbaxter.co: could not connect to host stubbings.eu: could not connect to host @@ -12796,10 +13772,12 @@ studio-panic.com: did not receive HSTS header studiocn.cn: did not receive HSTS header studiodoprazer.com.br: could not connect to host studiozelden.com: did not receive HSTS header +studport.rv.ua: max-age too low: 604800 studyabroadstation.com: could not connect to host studybay.com: did not receive HSTS header studydrive.net: did not receive HSTS header studyhub.cf: did not receive HSTS header +studying-neet.com: could not connect to host stugb.de: did not receive HSTS header stumeta2018.de: could not connect to host stupidstatetricks.com: could not connect to host @@ -12809,8 +13787,9 @@ sturge.co.uk: did not receive HSTS header stuudium.life: could not connect to host stylenda.com: could not connect to host stylle.me: could not connect to host -stytt.com: could not connect to host +stytt.com: did not receive HSTS header suareforma.com: could not connect to host +suave.io: did not receive HSTS header subbing.work: could not connect to host subdimension.org: could not connect to host subeesu.com: could not connect to host @@ -12821,14 +13800,17 @@ subsys.no: did not receive HSTS header subtitle.rip: could not connect to host subwayz.de: did not receive HSTS header subzerolosangeles.com: did not receive HSTS header +subzerotech.co.uk: could not connect to host successwithflora.com: could not connect to host succubus.network: could not connect to host succubus.xxx: could not connect to host +suche.org: could not connect to host suchprogrammer.net: did not receive HSTS header sudo.im: could not connect to host sudo.li: did not receive HSTS header sudosu.fr: could not connect to host suempresa.cloud: could not connect to host +suffts.de: did not receive HSTS header sugarcitycon.com: could not connect to host sugarsweetorsour.com: did not receive HSTS header sugartownfarm.com: could not connect to host @@ -12838,23 +13820,24 @@ suitocracy.com: could not connect to host summer.ga: could not connect to host summitbankofkc.com: did not receive HSTS header summitmasters.net: did not receive HSTS header -sumoscout.de: could not connect to host -sun-wellness-online.com.vn: did not receive HSTS header +sumoscout.de: did not receive HSTS header sun.re: could not connect to host suncountrymarine.com: did not receive HSTS header sundaycooks.com: max-age too low: 2592000 suneilpatel.com: could not connect to host +sunfeathers.net: could not connect to host sunfireshop.com.br: could not connect to host -sunjaydhama.com: could not connect to host sunlandsg.vn: did not receive HSTS header sunnyfruit.ru: could not connect to host sunriseafricarelief.com: did not receive HSTS header sunshinepress.org: could not connect to host sunxchina.com: could not connect to host sunyanzi.tk: could not connect to host +sunyataherb.com: could not connect to host suos.io: could not connect to host supcro.com: could not connect to host -super-demarche.com: could not connect to host +super-demarche.com: did not receive HSTS header +super-erotica.ru: could not connect to host super-garciniaslim.com: could not connect to host super-o-blog.com: could not connect to host super-radiant-skin.com: could not connect to host @@ -12862,6 +13845,7 @@ super-ripped-power.com: could not connect to host super-slim-coffee.com: could not connect to host superbabysitting.ch: could not connect to host superbike.tw: could not connect to host +superbshare.com: could not connect to host supercastlessouthsydney.com.au: could not connect to host supercreepsvideo.com: did not receive HSTS header superiorfloridavacation.com: could not connect to host @@ -12870,6 +13854,7 @@ superlandnetwork.de: did not receive HSTS header superlentes.com.br: could not connect to host supernovabrasil.com.br: did not receive HSTS header superpase.com: could not connect to host +supersahnetorten.de: could not connect to host supersalescontest.nl: did not receive HSTS header superschnappchen.de: could not connect to host supersecurefancydomain.com: could not connect to host @@ -12877,22 +13862,24 @@ supertramp-dafonseca.com: did not receive HSTS header superuser.fi: could not connect to host superwally.org: could not connect to host supes.io: did not receive HSTS header +supperclub.es: could not connect to host support4server.de: could not connect to host supportfan.gov: could not connect to host suprlink.net: could not connect to host supweb.ovh: could not connect to host -surasak.org: could not connect to host surasak.xyz: could not connect to host suraya.online: could not connect to host surfeasy.com: did not receive HSTS header surfone-leucate.com: did not receive HSTS header surkatty.org: did not receive HSTS header -survivalistplanet.com: did not receive HSTS header susastudentenjobs.de: could not connect to host susconam.org: could not connect to host suseasky.com: did not receive HSTS header +sushifrick.de: could not connect to host +sushiwereld.be: did not receive HSTS header suspiciousdarknet.xyz: could not connect to host sussexwebdesigns.com: could not connect to host +sussexwebsites.info: could not connect to host sustainability.gov: did not receive HSTS header suts.co.uk: could not connect to host suttonbouncycastles.co.uk: could not connect to host @@ -12905,6 +13892,7 @@ svatba-frantovi.cz: could not connect to host svenluijten.com: did not receive HSTS header svenskacasino.com: did not receive HSTS header svenskaservern.se: could not connect to host +svetdrzaku.cz: did not receive HSTS header svetjakonadlani.cz: did not receive HSTS header sviz.pro: could not connect to host svj-stochovska.cz: could not connect to host @@ -12916,41 +13904,44 @@ swallsoft.co.uk: could not connect to host swallsoft.com: could not connect to host swanseapartyhire.co.uk: could not connect to host swarmation.com: did not receive HSTS header +sway.com: did not receive HSTS header swdatlantico.pt: could not connect to host sweep.cards: did not receive HSTS header sweetlegs.jp: could not connect to host sweetstreats.ca: could not connect to host sweetvanilla.jp: could not connect to host -sweharris.org: could not connect to host swfloshatraining.com: could not connect to host -swift-devedge.de: did not receive HSTS header +swift-devedge.de: could not connect to host swiftconf.com: did not receive HSTS header swiftcrypto.com: could not connect to host +swiftpk.net: could not connect to host swiggy.com: did not receive HSTS header swimming.ca: did not receive HSTS header swissentreprises.ch: could not connect to host swisstranslate.ch: did not receive HSTS header swisstranslate.fr: did not receive HSTS header swisswebhelp.ch: could not connect to host +swissxperts.ch: could not connect to host swite.com: did not receive HSTS header swmd5c.org: could not connect to host swordfighting.net: could not connect to host swu.party: could not connect to host -swuosa.org: could not connect to host sx3.no: could not connect to host sxbk.pw: could not connect to host syam.cc: could not connect to host sydgrabber.tk: could not connect to host -syha.org.uk: did not receive HSTS header sykl.us: could not connect to host +sylvaincombe.net: could not connect to host sylvangarden.org: could not connect to host sylvanorder.com: could not connect to host +symetria.io: max-age too low: 2592000 synackr.com: did not receive HSTS header synapticconsulting.co.uk: could not connect to host syncaddict.net: could not connect to host syncappate.com: could not connect to host syncclinicalstudy.com: could not connect to host syncer.jp: did not receive HSTS header +synchrocube.com: could not connect to host syncmylife.net: could not connect to host syncserve.net: did not receive HSTS header syneic.com: did not receive HSTS header @@ -12970,16 +13961,16 @@ syspen.space: could not connect to host sysrq.tech: could not connect to host syss.de: did not receive HSTS header systea.net: could not connect to host +system-online.cz: did not receive HSTS header systemd.me: could not connect to host +systemweb.no: could not connect to host syy.hk: did not receive HSTS header szaszm.tk: could not connect to host -szczot3k.pl: did not receive HSTS header szerbnyelvkonyv.hu: could not connect to host szlovaknyelv.hu: could not connect to host szlovennyelv.hu: could not connect to host szongott.net: did not receive HSTS header -szunia.com: could not connect to host -szymczak.at: could not connect to host +szymczak.at: did not receive HSTS header t-complex.space: could not connect to host t-ken.xyz: could not connect to host t-point.eu: did not receive HSTS header @@ -12995,8 +13986,10 @@ taberu-fujitsubo.com: did not receive HSTS header tabino.top: did not receive HSTS header tabitatsu.jp: did not receive HSTS header tabla-periodica.com: could not connect to host +tachyonapp.com: could not connect to host tacoma-games.com: did not receive HSTS header tacotown.tk: could not connect to host +tadata.me: could not connect to host tadcastercircuit.org.uk: did not receive HSTS header tadigitalstore.com: could not connect to host tafoma.com: did not receive HSTS header @@ -13006,9 +13999,14 @@ tahakomat.cz: could not connect to host tahf.net: could not connect to host taichi-jade.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] taidu.news: could not connect to host +tailandfur.com: did not receive HSTS header tailify.com: did not receive HSTS header +tailpuff.net: did not receive HSTS header tails.com.ar: could not connect to host taim.io: could not connect to host +takebackyourstate.com: could not connect to host +takebackyourstate.net: could not connect to host +takebackyourstate.org: could not connect to host takebonus.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] takedownthissite.com: could not connect to host takinet.kr: could not connect to host @@ -13018,18 +14016,21 @@ talentuar.com: could not connect to host tales-of-interia.de: could not connect to host talheim-records.ca: could not connect to host talk.google.com: did not receive HSTS header (error ignored - included regardless) +talk.xyz: could not connect to host talkitup.mx: could not connect to host talkitup.online: could not connect to host talklifestyle.nl: could not connect to host tallr.se: could not connect to host tallshoe.com: could not connect to host +talsi.eu: could not connect to host tam7t.com: did not receive HSTS header -tamasszabo.net: could not connect to host +tamaraboutique.com: could not connect to host +tamasszabo.net: did not receive HSTS header tamersunion.org: did not receive HSTS header tamex.xyz: could not connect to host tandarts-haarlem.nl: did not receive HSTS header tandblekningidag.com: could not connect to host -tandk.com.vn: did not receive HSTS header +tangel.me: could not connect to host tangerine.ga: could not connect to host tangibilizing.com: could not connect to host tangiblesecurity.com: did not receive HSTS header @@ -13039,16 +14040,17 @@ tangzhao.net: could not connect to host taniesianie.pl: did not receive HSTS header tankfreunde.de: did not receive HSTS header tante-bugil.net: could not connect to host +tantetilli.de: did not receive HSTS header tantotiempo.de: did not receive HSTS header tanze-jetzt.de: could not connect to host taotuba.net: did not receive HSTS header -taozj.org: could not connect to host +taozj.org: did not receive HSTS header tapestries.tk: could not connect to host tapfinder.ca: could not connect to host tapka.cz: did not receive HSTS header tappublisher.com: did not receive HSTS header +taqsim.jp: max-age too low: 0 taranis.re: could not connect to host -tarantul.org.ua: could not connect to host taravancil.com: did not receive HSTS header tarek.link: could not connect to host targaryen.house: could not connect to host @@ -13059,35 +14061,38 @@ taskstats.com: could not connect to host tasmansecurity.com: could not connect to host tassup.com: could not connect to host tasta.ro: did not receive HSTS header -tasticfilm.com: could not connect to host +tasticfilm.com: did not receive HSTS header tastyyy.co: could not connect to host tasyacherry-anal.com: could not connect to host tatilbus.com: could not connect to host tatilmix.com: could not connect to host -tatort-fanpage.de: did not receive HSTS header +tatort-fanpage.de: could not connect to host tatt.io: could not connect to host tauchkater.de: could not connect to host tavoittaja.fi: did not receive HSTS header tavopica.lt: did not receive HSTS header taxaudit.com: did not receive HSTS header taxbench.com: could not connect to host +taxiindenbosch.nl: could not connect to host taxmadras.com: could not connect to host taxsnaps.co.nz: did not receive HSTS header -taxsquirrel.com: could not connect to host +taxspeaker.com: did not receive HSTS header tazemama.biz: could not connect to host tazj.in: did not receive HSTS header tazz.in: could not connect to host tbarter.com: did not receive HSTS header tbrss.com: did not receive HSTS header +tbtech.cz: did not receive HSTS header +tbys.us: could not connect to host tc-bonito.de: did not receive HSTS header tcao.info: could not connect to host tcby45.xyz: could not connect to host -tchaka.top: could not connect to host tcl.ath.cx: did not receive HSTS header tcp.expert: did not receive HSTS header tcwebvn.com: could not connect to host tdelmas.eu: could not connect to host tdelmas.ovh: could not connect to host +tdpblog.site: could not connect to host tdsb.cf: could not connect to host tdsb.ga: could not connect to host tdsb.gq: could not connect to host @@ -13103,6 +14108,7 @@ tealdrones.com: did not receive HSTS header team-pancake.eu: did not receive HSTS header team-teasers.com: could not connect to host team2fou.cf: did not receive HSTS header +teamassists.com: did not receive HSTS header teambeoplay.co.uk: did not receive HSTS header teamblueridge.org: could not connect to host teamdaylo.xyz: could not connect to host @@ -13111,10 +14117,11 @@ teampoint.cz: could not connect to host teams.microsoft.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] teamsocial.co: did not receive HSTS header teamup.rocks: did not receive HSTS header -teamx-gaming.de: could not connect to host +teamx-gaming.de: did not receive HSTS header teamzeus.cz: could not connect to host teaparty.id: could not connect to host tearoy.faith: could not connect to host +teasenetwork.com: could not connect to host tebieer.com: could not connect to host tech-blog.fr: did not receive HSTS header tech-finder.fr: could not connect to host @@ -13123,7 +14130,7 @@ techandtux.de: could not connect to host techask.it: could not connect to host techassist.io: did not receive HSTS header techcavern.ml: did not receive HSTS header -techelements.co: could not connect to host +techelements.co: did not receive HSTS header techfactslive.com: did not receive HSTS header techhipster.net: could not connect to host techhub.ml: could not connect to host @@ -13134,9 +14141,11 @@ techmasters.andover.edu: could not connect to host techmatehq.com: could not connect to host technicalforensic.com: could not connect to host technicalpenguins.com: did not receive HSTS header +techniclab.net: could not connect to host +techniclab.org: could not connect to host +techniclab.ru: could not connect to host technikrom.org: did not receive HSTS header technogroup.cz: did not receive HSTS header -technologyand.me: could not connect to host technosavvyport.com: did not receive HSTS header technosuport.com: did not receive HSTS header technotonic.com.au: did not receive HSTS header @@ -13158,16 +14167,19 @@ tedxkmitl.com: could not connect to host tee-idf.net: could not connect to host teedb.de: could not connect to host teehaus-shila.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +teenerotic.net: could not connect to host teeplelaw.com: did not receive HSTS header tefl.io: did not receive HSTS header tegelsensanitaironline.nl: did not receive HSTS header tehotuotanto.net: did not receive HSTS header tehplace.club: could not connect to host +tehranperfume.com: did not receive HSTS header tekiro.com: did not receive HSTS header teknogeek.id: could not connect to host teknologi.or.id: max-age too low: 36000 teknotes.co.uk: could not connect to host tekshrek.com: did not receive HSTS header +teksuperior.com: could not connect to host tektoria.de: could not connect to host tel-dithmarschen.de: did not receive HSTS header teleallarme.ch: could not connect to host @@ -13176,14 +14188,15 @@ telecharger-open-office.com: could not connect to host telecharger-winrar.com: could not connect to host telefisk.org: did not receive HSTS header telefonnummer.online: could not connect to host -telefonogratuito.com: did not receive HSTS header telefoonnummerinfo.nl: could not connect to host telekollektiv.org: could not connect to host telescam.com: could not connect to host +teleshop.be: could not connect to host teletechnology.in: did not receive HSTS header teletra.ru: could not connect to host telfordwhitehouse.co.uk: did not receive HSTS header tellingua.com: did not receive HSTS header +telugu4u.net: could not connect to host temasa.net: did not receive HSTS header temehu.com: did not receive HSTS header tempcraft.net: could not connect to host @@ -13207,8 +14220,11 @@ teodio.cl: did not receive HSTS header teoleonie.com: did not receive HSTS header teos.online: could not connect to host teoskanta.fi: could not connect to host +tequilazor.com: could not connect to host teranga.ch: did not receive HSTS header +tercerapuertoaysen.cl: could not connect to host terminalvelocity.co.nz: could not connect to host +termino.eu: did not receive HSTS header terra-x.net: could not connect to host terra.by: did not receive HSTS header terrax.berlin: could not connect to host @@ -13216,6 +14232,7 @@ terrax.info: did not receive HSTS header terrax.net: could not connect to host terrazoo.de: did not receive HSTS header teru.com.br: could not connect to host +test-dns.eu: could not connect to host test02.dk: did not receive HSTS header testadron.com: could not connect to host testandroid.xyz: could not connect to host @@ -13224,7 +14241,6 @@ testbirds.cz: could not connect to host testbirds.sk: could not connect to host testdomain.ovh: could not connect to host testnode.xyz: could not connect to host -testosterone-complex.com: could not connect to host testovaci.ml: could not connect to host tetrafinancial-commercial-business-equipment-financing.com: did not receive HSTS header tetrafinancial-energy-mining-equipment-financing.com: did not receive HSTS header @@ -13233,20 +14249,20 @@ tetrafinancial-manufacturing-industrial-equipment-financing.com: did not receive tetrafinancial-news.com: did not receive HSTS header tetrafinancial-technology-equipment-software-financing.com: did not receive HSTS header tetramax.eu: did not receive HSTS header +tetrarch.co: could not connect to host tetsai.com: could not connect to host teufelsystem.de: could not connect to host teuniz.nl: did not receive HSTS header texte-zur-taufe.de: did not receive HSTS header textoplano.xyz: could not connect to host textracer.dk: could not connect to host -tf2stadium.com: could not connect to host +tf2stadium.com: did not receive HSTS header tfcoms-sp-tracker-client.azurewebsites.net: could not connect to host tffans.com: could not connect to host tfl.lu: did not receive HSTS header tgbyte.com: did not receive HSTS header tgod.co: could not connect to host tgr.re: could not connect to host -tgtv.tn: did not receive HSTS header th-bl.de: did not receive HSTS header th3nd.com: did not receive HSTS header thackert.myfirewall.org: could not connect to host @@ -13270,7 +14286,6 @@ the-finance-blog.com: could not connect to host the-gist.io: could not connect to host the-paddies.de: did not receive HSTS header the-sky-of-valkyries.com: could not connect to host -the-zenti.de: did not receive HSTS header the.ie: max-age too low: 0 the420vape.org: could not connect to host theamateurs.net: did not receive HSTS header @@ -13287,26 +14302,30 @@ thebreakhotel.com: did not receive HSTS header thebrotherswarde.com: could not connect to host thebte.com: could not connect to host thebuffalotavern.com: could not connect to host +thecandidforum.com: could not connect to host thecapitalbank.com: did not receive HSTS header thecharlestonwaldorf.com: did not receive HSTS header +thecitizens.com: did not receive HSTS header theclementinebutchers.com: could not connect to host theclimbingunit.com: did not receive HSTS header +thecloudmigrator.com: did not receive HSTS header thecloudrevolution.net: did not receive HSTS header theclubjersey.com: did not receive HSTS header thecodeninja.net: did not receive HSTS header thecoffeehouse.xyz: could not connect to host thecoffeepod.co.uk: did not receive HSTS header -thecskr.in: could not connect to host +thecskr.in: did not receive HSTS header thecsw.com: did not receive HSTS header +thecustomizewindows.com: did not receive HSTS header thedailyupvote.com: could not connect to host thedarkartsandcrafts.com: could not connect to host thedevilwearswibra.nl: did not receive HSTS header -thedisc.nl: could not connect to host thedominatorsclan.com: did not receive HSTS header thedrinks.co: did not receive HSTS header thedrop.pw: did not receive HSTS header thedrunkencabbage.com: could not connect to host thedystance.com: could not connect to host +theel0ja.info: did not receive HSTS header theelitebuzz.com: could not connect to host theendofzion.com: did not receive HSTS header theepankar.com: could not connect to host @@ -13317,24 +14336,28 @@ theeyeopener.com: did not receive HSTS header thefarbeyond.com: could not connect to host thefootballanalyst.com: did not receive HSTS header thefox.co: could not connect to host +thefox.com.fr: could not connect to host thefreebirds.in: could not connect to host thefrk.xyz: could not connect to host thefrozenfire.com: did not receive HSTS header thefutureharrills.com: could not connect to host +thegcccoin.com: max-age too low: 0 thegemriverside.com.vn: could not connect to host thego2swatking.com: could not connect to host thegoldregister.co.uk: could not connect to host thegraciousgourmet.com: did not receive HSTS header +thegreens.us: could not connect to host thegreenvpn.com: could not connect to host thehiddenbay.cc: could not connect to host thehiddenbay.eu: could not connect to host +thehiddenbay.fi: could not connect to host thehiddenbay.me: could not connect to host thehiddenbay.net: could not connect to host +thehiddenbay.ws: could not connect to host thehighersideclothing.com: did not receive HSTS header thehistory.me: could not connect to host thehonorguard.org: did not receive HSTS header thehoopsarchive.com: could not connect to host -thehotfix.net: could not connect to host theimagesalon.com: max-age too low: 43200 theinvisibletrailer.com: could not connect to host theitsage.com: did not receive HSTS header @@ -13348,14 +14371,15 @@ thelostyankee.com: could not connect to host themadmechanic.net: could not connect to host themanufacturingmarketingagency.com: could not connect to host themarble.co: could not connect to host -themaster.site: did not receive HSTS header themathbehindthe.science: could not connect to host themathematician.uk: could not connect to host +themeaudit.com: could not connect to host themerchandiser.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] themesurgeons.net: could not connect to host themicrocapital.com: could not connect to host themoderate.xyz: could not connect to host thenextstep.events: could not connect to host +thenichecast.com: could not connect to host thenorthschool.org.uk: did not receive HSTS header thenrdhrd.nl: could not connect to host theodorejones.info: could not connect to host @@ -13367,7 +14391,6 @@ theoverfly.co: could not connect to host thepaffy.de: could not connect to host thepartywarehouse.co.uk: did not receive HSTS header thepcweb.tk: could not connect to host -thepeninsulaires.com: could not connect to host thepiratebay.al: could not connect to host thepiratebay.poker: could not connect to host thepiratebay.tech: could not connect to host @@ -13377,7 +14400,9 @@ theprivacysolution.com: could not connect to host thequillmagazine.org: could not connect to host therise.ca: max-age too low: 300 thermique.ch: could not connect to host +theroamingnotary.com: did not receive HSTS header therockawaysny.com: did not receive HSTS header +thesassynut.com: did not receive HSTS header thesearchnerds.co.uk: did not receive HSTS header thesecurityteam.net: could not connect to host thesehighsandlows.com: could not connect to host @@ -13389,34 +14414,35 @@ thesplit.is: could not connect to host thestack.xyz: could not connect to host thestagchorleywood.co.uk: did not receive HSTS header thestonegroup.de: could not connect to host +thestoritplace.com: max-age too low: 0 thetapirsmouth.com: could not connect to host -thethirdroad.com: did not receive HSTS header -thetradinghall.com: could not connect to host +thethirdroad.com: could not connect to host thetruthhurvitz.com: could not connect to host theurbanyoga.com: did not receive HSTS header theuucc.org: did not receive HSTS header thevintagenews.com: did not receive HSTS header thevoid.one: could not connect to host thewallset.com: could not connect to host -thewebdexter.com: could not connect to host thewebfellas.com: did not receive HSTS header thewego.com: could not connect to host theweilai.com: could not connect to host thewhiterabbit.space: could not connect to host theworkingeye.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] thewp.pro: could not connect to host -thezero.org: could not connect to host thezonders.com: did not receive HSTS header thgros.fr: could not connect to host +thibautcharles.net: did not receive HSTS header thierfreund.de: did not receive HSTS header thinkcash.nl: could not connect to host thinkcoding.de: could not connect to host thinkcoding.org: could not connect to host thinkdo.jp: could not connect to host +thinklikeanentrepreneur.com: did not receive HSTS header thinkswap.com: did not receive HSTS header thinlyveiledcontempt.com: could not connect to host thirdpartytrade.com: did not receive HSTS header thirty5.net: did not receive HSTS header +thirtyspot.com: could not connect to host thisisacompletetest.ga: could not connect to host thisisforager.com: could not connect to host thismumdoesntknowbest.com: could not connect to host @@ -13426,33 +14452,34 @@ thkb.net: could not connect to host thomas-ferney.fr: did not receive HSTS header thomas-gibertie.fr: did not receive HSTS header thomas-grobelny.de: could not connect to host -thomasbreads.com: max-age too low: 86400 thomascloud.ddns.net: could not connect to host -thomasetsophie.fr: could not connect to host +thomasgriffin.io: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] thomasharvey.me: did not receive HSTS header thomaskliszowski.fr: did not receive HSTS header -thomasmeester.nl: did not receive HSTS header thomasnet.fr: could not connect to host thomasscholz.com: max-age too low: 2592000 thomasschweizer.net: could not connect to host thomasvt.xyz: max-age too low: 2592000 thorbis.com: could not connect to host -thorbiswebsitedesign.com: did not receive HSTS header +thorbiswebsitedesign.com: could not connect to host thorgames.nl: did not receive HSTS header thorncreek.net: did not receive HSTS header thot.space: could not connect to host threatcentral.io: could not connect to host threebrothersbrewing.com: max-age too low: 2592000 threebulls.be: did not receive HSTS header +threit.de: did not receive HSTS header thriveapproach.co.uk: did not receive HSTS header thrivewellnesshub.co.za: did not receive HSTS header throughthelookingglasslens.co.uk: could not connect to host thrx.net: did not receive HSTS header thumbtack.com: did not receive HSTS header thundercampaign.com: could not connect to host +thuybich.com: did not receive HSTS header thyrex.fr: could not connect to host ti-js.com: could not connect to host -ti.blog.br: could not connect to host +ti.blog.br: did not receive HSTS header +tiacollection.com: did not receive HSTS header tianxicaipiao.com: could not connect to host tianxicaipiao.win: could not connect to host tianxicp.com: could not connect to host @@ -13463,12 +14490,14 @@ tibovanheule.site: could not connect to host ticketoplichting.nl: did not receive HSTS header tickopa.co.uk: could not connect to host tickreport.com: did not receive HSTS header -ticktock.today: did not receive HSTS header +ticktock.today: could not connect to host tictactux.de: could not connect to host tidmore.us: could not connect to host tie-online.org: did not receive HSTS header +tiendafetichista.com: could not connect to host tiendschuurstraat.nl: could not connect to host tiensnet.com: could not connect to host +tierarztpraxis-illerwinkel.de: did not receive HSTS header tierrarp.com: could not connect to host tiffanytravels.com: did not receive HSTS header tightlineproductions.com: did not receive HSTS header @@ -13476,7 +14505,6 @@ tigit.co.nz: could not connect to host tikutiku.pl: could not connect to host tildebot.com: could not connect to host tilient.eu: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -tilikum.io: did not receive HSTS header tilkah.com.au: did not receive HSTS header tillcraft.com: could not connect to host timbeilby.com: could not connect to host @@ -13494,7 +14522,10 @@ timeserver2.de: could not connect to host timeserver3.de: could not connect to host timestamp.io: did not receive HSTS header timestamp.uk: could not connect to host +timhieubenh.net: could not connect to host timhjalpen.se: could not connect to host +timklefisch.de: did not receive HSTS header +timmy.im: could not connect to host timmy.ws: could not connect to host timotrans.de: did not receive HSTS header timotrans.eu: did not receive HSTS header @@ -13510,24 +14541,26 @@ tinchbear.xyz: did not receive HSTS header tindewen.net: could not connect to host tink.network: could not connect to host tipiakers.club: could not connect to host -tipps-fuer-den-haushalt.de: did not receive HSTS header +tipps-fuer-den-haushalt.de: could not connect to host tippspiel.cc: could not connect to host tipsyk.ru: could not connect to host tiredofeating.com: could not connect to host tiremoni.ch: did not receive HSTS header tirex.media: did not receive HSTS header +tism.in: could not connect to host tiste.org: could not connect to host titanlab.de: could not connect to host titanleaf.com: could not connect to host tittarpuls.se: could not connect to host titties.ml: could not connect to host +tjandpals.com: could not connect to host tjc.wiki: could not connect to host tjeckien.guide: could not connect to host tjs.me: could not connect to host tju.me: could not connect to host tkappertjedemetamorfose.nl: could not connect to host tkarstens.de: did not receive HSTS header -tkhw.tk: could not connect to host +tkhw.tk: did not receive HSTS header tkonstantopoulos.tk: could not connect to host tkts.cl: could not connect to host tlach.cz: did not receive HSTS header @@ -13541,6 +14574,7 @@ tlshost.net: could not connect to host tm-solutions.eu: could not connect to host tm.id.au: did not receive HSTS header tmaward.net: could not connect to host +tmconnects.com: did not receive HSTS header tmdc.ddns.net: could not connect to host tmhlive.com: could not connect to host tmin.cf: could not connect to host @@ -13550,13 +14584,12 @@ tmtradingmorocco.ma: could not connect to host tnb-plattform.de: could not connect to host tncnanet.com.br: could not connect to host tno.io: could not connect to host -tob-rulez.de: could not connect to host +to2mbn.org: could not connect to host tobaby.com.br: could not connect to host tobaccore.eu: could not connect to host tobaccore.sk: could not connect to host tobias-bielefeld.de: did not receive HSTS header tobiasbergius.se: could not connect to host -tobiaskorf.de: could not connect to host tobiasmathes.com: could not connect to host tobiasmathes.name: could not connect to host tobiasofficial.at: could not connect to host @@ -13571,10 +14604,12 @@ todosrv.com: could not connect to host tofa-koeln.de: could not connect to host tofu.im: could not connect to host togelonlinecommunity.com: did not receive HSTS header -tojeto.eu: could not connect to host +tohokufd.com: could not connect to host +tojeto.eu: did not receive HSTS header toka.sg: could not connect to host tokage.me: could not connect to host tokenloan.com: could not connect to host +tokfun.com: could not connect to host tokobungaasryflorist.com: did not receive HSTS header tokobungadijambi.com: did not receive HSTS header tokobungadilampung.com: could not connect to host @@ -13586,25 +14621,29 @@ tokotimbangandigitalmurah.web.id: did not receive HSTS header tokototech.com: could not connect to host tokoyo.biz: could not connect to host tollmanz.com: did not receive HSTS header -tollsjekk.no: did not receive HSTS header +tollsjekk.no: could not connect to host tolud.com: could not connect to host tom.run: did not receive HSTS header +tomandshirley.com: could not connect to host tomeara.net: could not connect to host tomevans.io: did not receive HSTS header tomharling.co.uk: could not connect to host tomlankhorst.nl: did not receive HSTS header +tomli.blog: could not connect to host tomli.me: could not connect to host tommounsey.com: did not receive HSTS header tommsy.com: did not receive HSTS header tommy-bordas.fr: did not receive HSTS header tommyads.com: could not connect to host tommyweber.de: did not receive HSTS header +tomochun.net: max-age too low: 0 tomphill.co.uk: could not connect to host +tomy.icu: could not connect to host tonburi.jp: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] tongmu.me: could not connect to host toniharant.de: could not connect to host +tono.us: could not connect to host toomanypillows.com: could not connect to host -top-solar-info.de: could not connect to host top-stage.net: could not connect to host top10mountainbikes.info: could not connect to host topanlage.de: could not connect to host @@ -13621,14 +14660,16 @@ topnovini.com: did not receive HSTS header toppik.com.br: could not connect to host topservercccam.com: did not receive HSTS header topshelfguild.com: could not connect to host +topshoptools.com: could not connect to host toptenthebest.com: did not receive HSTS header toptranslation.com: did not receive HSTS header +topwin.la: could not connect to host topyx.com: did not receive HSTS header tor2web.org: could not connect to host torbay.ga: could not connect to host +torbe.es: could not connect to host torchl.it: could not connect to host toretfaction.net: could not connect to host -torg-room.ru: could not connect to host torlock.download: could not connect to host torproject.org.uk: could not connect to host torproject.ovh: could not connect to host @@ -13639,6 +14680,7 @@ torrentz.website: could not connect to host torrentz2.eu: did not receive HSTS header tortugalife.de: could not connect to host torv.rocks: did not receive HSTS header +toscer.me: did not receive HSTS header tosecure.link: could not connect to host toshnix.com: could not connect to host toshub.com: could not connect to host @@ -13654,35 +14696,38 @@ totot.net: did not receive HSTS header toucedo.de: could not connect to host touch-up-net.com: could not connect to host touchbasemail.com: did not receive HSTS header +touchinformatica.com: did not receive HSTS header touchpointidg.us: could not connect to host touchscreen-handy.de: did not receive HSTS header +touchscreentills.com: could not connect to host touchstonefms.co.uk: did not receive HSTS header touray-enterprise.ch: could not connect to host tournaire.fr: did not receive HSTS header tourpeer.com: did not receive HSTS header toursandtransfers.it: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] tousproducteurs.fr: did not receive HSTS header -towandalibrary.org: did not receive HSTS header towaway.ru: could not connect to host town-farm.surrey.sch.uk: could not connect to host +tox.im: did not receive HSTS header toxicboot.com: could not connect to host toxicip.com: could not connect to host toxme.se: did not receive HSTS header toymania.de: could not connect to host toyotamotala.se: could not connect to host -tpansino.com: did not receive HSTS header tpbcdn.com: could not connect to host -tpblist.xyz: could not connect to host +tpblist.xyz: max-age too low: 0 tpbunblocked.org: could not connect to host tpe-edu.com: could not connect to host tpms4u.at: did not receive HSTS header tppdebate.org: did not receive HSTS header +trabajarenperu.com: did not receive HSTS header tracetracker.com: did not receive HSTS header tracetracker.no: did not receive HSTS header +tracewind.top: could not connect to host track.plus: could not connect to host trackdays4fun.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] tracker-gps.ch: could not connect to host -trackingstream.com: did not receive HSTS header +trackmeet.io: did not receive HSTS header tracktivity.com.au: did not receive HSTS header trade-smart.ru: could not connect to host tradietrove.com.au: did not receive HSTS header @@ -13692,37 +14737,51 @@ tradingcentre.com.au: did not receive HSTS header tradinghope.com: could not connect to host tradingrooms.com: did not receive HSTS header traditional-knowledge.tk: did not receive HSTS header +tradiz.org: could not connect to host traeningsprojekt.dk: did not receive HSTS header trafficquality.org: could not connect to host traffictigers.com: did not receive HSTS header traforet.win: could not connect to host train-track.co.uk: did not receive HSTS header traindb.nl: did not receive HSTS header +trainhorns.us: did not receive HSTS header training4girls.ru: could not connect to host traininglist.org: could not connect to host trainingproviderresults.gov: could not connect to host +trainline.at: could not connect to host +trainline.cn: could not connect to host +trainline.com.br: could not connect to host +trainline.com.pt: could not connect to host +trainline.cz: could not connect to host +trainline.dk: could not connect to host trainline.io: could not connect to host +trainline.nl: could not connect to host +trainline.no: could not connect to host +trainline.pl: could not connect to host +trainline.se: could not connect to host trainut.com: could not connect to host trakfusion.com: could not connect to host -tranhsondau.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] tranos.de: did not receive HSTS header transbike.es: did not receive HSTS header transcendmotor.sg: could not connect to host transcriptionwave.com: did not receive HSTS header transdirect.com.au: did not receive HSTS header transformify.org: did not receive HSTS header +transgendernetwerk.nl: did not receive HSTS header transl8.eu: did not receive HSTS header translate.googleapis.com: did not receive HSTS header (error ignored - included regardless) transmithe.net: could not connect to host transportal.sk: did not receive HSTS header transsexualpantyhose.com: could not connect to host -trauertexte.info: did not receive HSTS header +tratamentoparacelulite.biz: did not receive HSTS header +tratamentoparacelulite.net: did not receive HSTS header +trauertexte.info: could not connect to host traumhuetten.de: did not receive HSTS header travality.ru: could not connect to host travel-kuban.ru: did not receive HSTS header -travel1x1.com: could not connect to host +travel1x1.com: did not receive HSTS header travelinsightswriter.com: could not connect to host -travelinsurance.co.nz: did not receive HSTS header +travelling.expert: could not connect to host travotion.com: could not connect to host trazosdearte.com: did not receive HSTS header treasuredinheritanceministry.com: did not receive HSTS header @@ -13733,11 +14792,14 @@ treeremovaljohannesburg.co.za: could not connect to host treino.blog.br: could not connect to host treker.us: could not connect to host trell.co.in: did not receive HSTS header -tremoureux.fr: did not receive HSTS header +tremoureux.fr: could not connect to host trendberry.ru: could not connect to host trendingpulse.com: could not connect to host trendisland.de: did not receive HSTS header trendydips.com: could not connect to host +trentmaydew.com: did not receive HSTS header +tretkowski.de: did not receive HSTS header +trewe.eu: could not connect to host triadwars.com: did not receive HSTS header triageo.com.au: could not connect to host trialmock.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] @@ -13761,18 +14823,22 @@ trixies-wish.nz: could not connect to host trixy.com.br: could not connect to host troi.de: did not receive HSTS header trollme.me: could not connect to host +trollscave.xyz: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] tronflix.com: did not receive HSTS header troo.ly: could not connect to host trouter.io: could not connect to host trouver-son-chemin.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +truckgpsreviews.com: did not receive HSTS header true.ink: did not receive HSTS header truebred-labradors.com: did not receive HSTS header truejob.com: did not receive HSTS header +trumeet.top: did not receive HSTS header trunkjunk.co: could not connect to host trush.in: could not connect to host trustedinnovators.com: could not connect to host trusteecar.com: did not receive HSTS header trustmeimfancy.com: could not connect to host +try2services.cm: did not receive HSTS header trybind.com: could not connect to host tryfabulousdiet.com: could not connect to host tryfm.net: did not receive HSTS header @@ -13789,6 +14855,7 @@ tsgbit.net: could not connect to host tsgoc.com: did not receive HSTS header tsigaradiko.com: could not connect to host tsrstore.gq: could not connect to host +tsu-ku-ro.com: could not connect to host tsukeawase.com: did not receive HSTS header tsukuba.style: could not connect to host tsumegumi.net: could not connect to host @@ -13811,18 +14878,20 @@ tubex.ga: could not connect to host tucidi.net: could not connect to host tucker.wales: could not connect to host tucnak.eu: could not connect to host +tudorapido.com.br: did not receive HSTS header tueche.com.ar: did not receive HSTS header -tuingereedschappen.net: did not receive HSTS header +tufilo.com: could not connect to host +tugers.com: did not receive HSTS header tuja.hu: could not connect to host +tulenceria.es: could not connect to host tulsameetingroom.com: could not connect to host -tuminauskas.lt: did not receive HSTS header -tunai.id: could not connect to host tunca.it: did not receive HSTS header tunebitfm.de: could not connect to host tungstenroyce.com: did not receive HSTS header tupizm.com: could not connect to host turismo.cl: could not connect to host turkiet.guide: could not connect to host +turkrock.com: did not receive HSTS header turn-sticks.com: could not connect to host turnik-67.ru: could not connect to host turniker.ru: could not connect to host @@ -13832,6 +14901,8 @@ turtles.ga: could not connect to host tusb.ml: did not receive HSTS header tussengelegenwoningverkopen.nl: could not connect to host tuthowto.com: did not receive HSTS header +tutiendaroja.com: did not receive HSTS header +tutiendarosa.com: did not receive HSTS header tutorio.ga: could not connect to host tutu.ro: could not connect to host tuturulianda.com: did not receive HSTS header @@ -13839,8 +14910,9 @@ tuvalie.com: did not receive HSTS header tuxhound.org: could not connect to host tv.search.yahoo.com: could not connect to host tvc.red: could not connect to host +tverdohleb.com: could not connect to host tvoru.com.ua: did not receive HSTS header -tvtubeflix.com: max-age too low: 2592000 +tvtubeflix.com: could not connect to host tvz-materijali.com: could not connect to host tw2-tools.ga: could not connect to host twarog.cc: could not connect to host @@ -13858,23 +14930,25 @@ twee-onder-een-kap-woning-in-zwartewaterland-kopen.nl: could not connect to host tweeondereenkapverkopen.nl: could not connect to host tweeondereenkapwoningverkopen.nl: could not connect to host tweetify.io: could not connect to host +twelve.rocks: could not connect to host twelve.today: could not connect to host -twelverocks.com: did not receive HSTS header +twelverocks.com: could not connect to host twillionmas.com: could not connect to host twinkieman.com: could not connect to host twinkseason.ca: could not connect to host twinkseason.co: could not connect to host twinkseason.co.uk: could not connect to host -twinkseason.com: could not connect to host twinkseason.net: could not connect to host twinkseason.org: could not connect to host twinkseason.xyz: could not connect to host twiri.net: could not connect to host twist.party: could not connect to host +twisted-brains.org: could not connect to host twitter.ax: could not connect to host twogo.com: did not receive HSTS header twolinepassbrewing.com: could not connect to host twolivelife.com: could not connect to host +twoo.com: could not connect to host twotube.ie: could not connect to host twuni.org: could not connect to host tx041cap.org: could not connect to host @@ -13884,32 +14958,36 @@ txcp01.com: could not connect to host txcp02.com: could not connect to host txf.pw: could not connect to host ty2u.com: did not receive HSTS header -tycjt.vip: could not connect to host +tycjt.vip: did not receive HSTS header tykoon.com: could not connect to host tyler.coach: could not connect to host tylercoach.com: could not connect to host -tylerharcourt.ca: could not connect to host +tylerharcourt.ca: max-age too low: 86400 tylerharcourt.com: could not connect to host -tylerharcourt.net: could not connect to host -tylerharcourt.org: could not connect to host +tylerharcourt.org: did not receive HSTS header tylerharcourt.xyz: could not connect to host tylerjharcourt.com: could not connect to host tylian.net: max-age too low: 0 +type1joe.com: could not connect to host +type1joe.net: could not connect to host +type1joe.org: could not connect to host typeofweb.com: did not receive HSTS header +typeonejoe.com: could not connect to host +typeonejoe.net: could not connect to host +typeonejoe.org: could not connect to host typingrevolution.com: did not receive HSTS header -tyreis.com: could not connect to host +tyreis.com: did not receive HSTS header tyrelius.com: could not connect to host tyroproducts.eu: did not receive HSTS header tyskland.guide: could not connect to host tysye.ca: could not connect to host +tyuo-keibi.co.jp: did not receive HSTS header tzappa.net: could not connect to host tzwe.com: could not connect to host u-master.net: did not receive HSTS header -u-tokyo.club: could not connect to host u175.com: could not connect to host uadp.pw: could not connect to host uahs.org.uk: did not receive HSTS header -uatgootax.ru: did not receive HSTS header ubalert.com: could not connect to host uber.com.au: did not receive HSTS header ubercalculator.com: did not receive HSTS header @@ -13918,22 +14996,27 @@ ubicloud.de: could not connect to host ubicv.com: could not connect to host ublox.com: did not receive HSTS header ubtce.com: could not connect to host -ubuntuhot.com: could not connect to host -udruga-point.hr: did not receive HSTS header +ubuntuhot.com: did not receive HSTS header +uc.ac.id: did not receive HSTS header +uclanmasterplan.co.uk: could not connect to host +udbhav.me: could not connect to host ueba1085.jp: could not connect to host uefeng.com: did not receive HSTS header uega.net: did not receive HSTS header +uerdingen.info: did not receive HSTS header uesociedadlimitada.com: could not connect to host ueu.me: could not connect to host uevan.com: could not connect to host ufgaming.com: did not receive HSTS header uflixit.com: did not receive HSTS header +ufo.moe: did not receive HSTS header ufotable.uk: could not connect to host ugcdn.com: could not connect to host ugisgutless.com: could not connect to host ugo.ninja: could not connect to host ugosadventures.com: could not connect to host uhasseltctf.ga: could not connect to host +uhlhosting.ch: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] uhm.io: did not receive HSTS header uhuru-market.com: could not connect to host uitslagensoftware.nl: did not receive HSTS header @@ -13945,33 +15028,34 @@ ukkeyholdingcompany.co.uk: could not connect to host ukrgadget.com: could not connect to host ulabox.cat: did not receive HSTS header ulabox.es: did not receive HSTS header -ulalau.com: could not connect to host +ulalau.com: did not receive HSTS header ullamodaintima.com.br: could not connect to host ulmo.dk: could not connect to host -ulti.gq: could not connect to host +ulti.gq: did not receive HSTS header ultimate-garcinia-plus.com: could not connect to host ultimate-glow-skin.com: could not connect to host ultimate-memoryplus.com: could not connect to host ultimate-neuroplus.com: could not connect to host ultros.io: did not receive HSTS header umaimise.info: did not receive HSTS header +umassfive.coop: did not receive HSTS header umgardi.ca: could not connect to host umidev.com: could not connect to host umie.cc: did not receive HSTS header ump45.moe: did not receive HSTS header -umsapi.com: could not connect to host -unapolegetic.co: did not receive HSTS header unart.info: could not connect to host unbanthe.net: could not connect to host -unblockat.tk: could not connect to host +unblockat.tk: did not receive HSTS header unblocked-networks.org: could not connect to host -unblocked.blue: could not connect to host +unblocked.blue: did not receive HSTS header unblocked.date: could not connect to host unblocked.faith: could not connect to host unblocked.host: could not connect to host unblocked.party: could not connect to host +unblocked.sh: could not connect to host unblocked.st: did not receive HSTS header unblocked.today: could not connect to host +unblocked.vc: could not connect to host unblocked.win: could not connect to host unblocked.works: could not connect to host unblocked.world: could not connect to host @@ -13987,9 +15071,10 @@ unblockthe.site: could not connect to host unblockthe.top: could not connect to host unccdesign.club: could not connect to host unclegen.xyz: could not connect to host +undeadbrains.de: did not receive HSTS header under30stravelinsurance.com.au: did not receive HSTS header +undercovercondoms.com: could not connect to host underkin.com: could not connect to host -underskatten.tk: could not connect to host unefuite.ch: could not connect to host unfiltered.nyc: could not connect to host ungern.guide: could not connect to host @@ -14007,7 +15092,9 @@ uniformehope.com.br: did not receive HSTS header uniformehumboldt.com.br: did not receive HSTS header uniformespousoalegre.com.br: did not receive HSTS header unikitty-on-tour.com: could not connect to host +unikrn.com: could not connect to host unionstationapp.com: could not connect to host +unipig.de: could not connect to host unirenter.ru: did not receive HSTS header unison.com: did not receive HSTS header unisyssecurity.com: could not connect to host @@ -14016,12 +15103,12 @@ unitedcyberdevelopment.com: [Exception... "Component returned failure code: 0x80 unitlabs.net: could not connect to host unitrade-425.co.za: did not receive HSTS header university4industry.com: did not receive HSTS header +universogay.com: could not connect to host univstore.win: could not connect to host univz.com: could not connect to host unixtime.pro: could not connect to host -unknownbreakup.com: did not receive HSTS header unknownphenomena.net: could not connect to host -unmonito.red: could not connect to host +unmanaged.space: could not connect to host unplugg3r.dk: could not connect to host unravel.ie: could not connect to host unschoolrules.com: did not receive HSTS header @@ -14036,35 +15123,35 @@ unyq.me: did not receive HSTS header uonstaffhub.com: could not connect to host uow.ninja: could not connect to host up1.ca: could not connect to host -upaknship.com: did not receive HSTS header -upbad.com: could not connect to host upboard.jp: could not connect to host -upgauged.com: could not connect to host upldr.pw: could not connect to host uploadbro.com: could not connect to host upmchealthsecurity.us: could not connect to host uporoops.com: could not connect to host uprotect.it: could not connect to host upstats.eu: could not connect to host -uptic.net: did not receive HSTS header +uptic.net: could not connect to host upupming.site: did not receive HSTS header ur-lauber.de: did not receive HSTS header urban-garden.lt: could not connect to host urban-garden.lv: could not connect to host urbanmic.com: could not connect to host +urbansparrow.in: could not connect to host +urbanstylestaging.com: did not receive HSTS header urbpic.com: could not connect to host urcentral.org: could not connect to host urlachershop.com.br: did not receive HSTS header +urlakite.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] urlchomp.com: did not receive HSTS header urology.wiki: did not receive HSTS header -urphp.com: could not connect to host -us-immigration.com: could not connect to host +urphp.com: did not receive HSTS header +us-immigration.com: did not receive HSTS header usaab.org: did not receive HSTS header usafuelservice.com: did not receive HSTS header usatomotori.com: did not receive HSTS header usbirthcertificate.com: could not connect to host usbtypeccompliant.com: could not connect to host -uscitizenship.info: could not connect to host +uscitizenship.info: did not receive HSTS header uscntalk.com: could not connect to host uscp8.com: could not connect to host uscurrency.gov: did not receive HSTS header @@ -14076,24 +15163,27 @@ usercare.com: did not receive HSTS header useresponse.com: did not receive HSTS header userify.com: max-age too low: 0 uslab.io: could not connect to host +usparklodging.com: did not receive HSTS header usportsgo.com: could not connect to host usr.nz: did not receive HSTS header +utdscanner.com: did not receive HSTS header utilitronium-shockwave.com: could not connect to host +utilityreport.eu: did not receive HSTS header utleieplassen.no: could not connect to host utopiagalaxy.space: could not connect to host +utopialgb.org.uk: could not connect to host utopian-surgery.com: could not connect to host utopianconcept.com: did not receive HSTS header utopianhomespa.com: did not receive HSTS header utopianrealms.org: did not receive HSTS header utopians.dk: did not receive HSTS header uttnetgroup.fr: could not connect to host -utumno.ch: did not receive HSTS header +utumno.ch: could not connect to host utvbloggen.se: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] uvarov.pw: did not receive HSTS header uwesander.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] uwfreelanceopticien.nl: could not connect to host -uwimonacs.org.jm: could not connect to host -uwsoftware.be: max-age too low: 0 +uwsoftware.be: did not receive HSTS header uwstartups.com: could not connect to host uxux.pl: could not connect to host uygindir.ml: could not connect to host @@ -14107,7 +15197,7 @@ v0tti.com: did not receive HSTS header v12.co.uk: did not receive HSTS header v2.pw: did not receive HSTS header v2ex.us: could not connect to host -v4s.ro: could not connect to host +v4s.ro: did not receive HSTS header v4veedu.com: could not connect to host v5wz.com: did not receive HSTS header v5xp.com: did not receive HSTS header @@ -14127,6 +15217,7 @@ vadennissanofhinesvilleparts.com: could not connect to host vadik.me: could not connect to host vadodesign.nl: did not receive HSTS header vaibhavchatarkar.com: could not connect to host +val-sec.com: could not connect to host valaeris.de: did not receive HSTS header valecnatechnika.cz: could not connect to host valenhub.com: could not connect to host @@ -14142,7 +15233,6 @@ valleyridgepta.org: could not connect to host vallis.net: could not connect to host valmagus.com: could not connect to host valopv.be: could not connect to host -valtoaho.com: could not connect to host vamoaeturismo.com.br: could not connect to host vamosfalardesaude.pt: could not connect to host vampirism.eu: could not connect to host @@ -14153,10 +15243,11 @@ vanderkroon.nl: could not connect to host vanderstraeten.dynv6.net: could not connect to host vanessabalibridal.com: could not connect to host vanestack.com: could not connect to host +vanetv.com: could not connect to host +vangeluwedeberlaere.be: did not receive HSTS header vanitas.xyz: did not receive HSTS header vanitynailworkz.com: could not connect to host vanlaanen.com: did not receive HSTS header -vanouwerkerk.net: could not connect to host vansieleghem.com: could not connect to host vapecraftinc.com: did not receive HSTS header vapemania.eu: could not connect to host @@ -14164,22 +15255,24 @@ vapeshopsupply.com: max-age too low: 7889238 varela-electricite.fr: could not connect to host variablyconstant.com: could not connect to host varta.io: could not connect to host -varunagw.com: could not connect to host vasa-webstranka.sk: did not receive HSTS header vasanth.org: could not connect to host -vascomm.co.id: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +vase-eroticke-povidky.cz: could not connect to host vastkustenrunt.se: did not receive HSTS header +vati.pw: did not receive HSTS header vavai.net: did not receive HSTS header vayaport.com: could not connect to host vbest.net: could not connect to host vbhelp.org: did not receive HSTS header vbulletin-russia.com: could not connect to host vbulletinrussia.com: could not connect to host +vcdn.xyz: could not connect to host vcdove.com: could not connect to host vconcept.ch: could not connect to host vconcept.me: could not connect to host vcr.re: could not connect to host vdhco.be: did not receive HSTS header +vdownloader.com: could not connect to host vdrpro.com: could not connect to host veblen.com: did not receive HSTS header vechkasov.ru: could not connect to host @@ -14190,13 +15283,12 @@ vega.dyndns.info: could not connect to host vegalayer.com: did not receive HSTS header vegalengd.com: did not receive HSTS header veganosonline.com: could not connect to host +vegasdocs.com: did not receive HSTS header veggiefasting.com: could not connect to host veggiesbourg.fr: did not receive HSTS header vegis.ro: did not receive HSTS header -veglog.com: could not connect to host +veglog.com: did not receive HSTS header vehent.org: did not receive HSTS header -vehicleenquiry.service.gov.uk: did not receive HSTS header -vehicletax.service.gov.uk: did not receive HSTS header vehicleuplift.co.uk: did not receive HSTS header vekenz.com: could not connect to host velasense.com: could not connect to host @@ -14206,6 +15298,7 @@ vemokin.net: could not connect to host venicecomputerrepair.com: could not connect to host venicefloridawebsitedesign.com: could not connect to host venicerealdeal.com: could not connect to host +venirextra.com: did not receive HSTS header venirideal.com: did not receive HSTS header venixplays-stream.ml: could not connect to host venmos.com: could not connect to host @@ -14213,7 +15306,6 @@ venninvestorplatform.com: did not receive HSTS header venoom.eu: did not receive HSTS header vensl.org: could not connect to host venturepro.com: did not receive HSTS header -ventzke.com: did not receive HSTS header venzocrm.com: did not receive HSTS header ver-ooginoog.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] veraandsteve.date: could not connect to host @@ -14221,6 +15313,7 @@ verdeandco.co.uk: could not connect to host verifiedinvesting.com: could not connect to host verifikatorindonesia.com: could not connect to host veristor.com: did not receive HSTS header +verliefde-jongens.nl: could not connect to host vermontcareergateway.org: could not connect to host vernonfishandgame.ca: did not receive HSTS header versfin.net: could not connect to host @@ -14238,9 +15331,12 @@ veto.fish: could not connect to host vfree.org: could not connect to host vgatest.nl: could not connect to host vglimg.com: could not connect to host +vgorcum.com: could not connect to host vhost.co.id: could not connect to host +vi.photo: could not connect to host viabemestar.com.br: could not connect to host viadeux.com: did not receive HSTS header +vialibido.com.br: could not connect to host viasinc.com: did not receive HSTS header vibrashop.com.br: did not receive HSTS header vicenage.com: could not connect to host @@ -14257,18 +15353,20 @@ videnskabsklubben.dk: did not receive HSTS header videoload.co: could not connect to host videomuz.com: could not connect to host videorullen.se: could not connect to host +videosxgays.com: could not connect to host videotogel.net: could not connect to host videoueberwachung-set.de: did not receive HSTS header vider.ga: could not connect to host vidid.net: could not connect to host vidiproject.com: did not receive HSTS header viditut.com: could not connect to host +vidkovaomara.si: could not connect to host vidlyoficial.com: could not connect to host vidz.ga: could not connect to host viennan.net: could not connect to host vietnam-lifer.com: could not connect to host vietnamchevrolet.net: did not receive HSTS header -vietnamphotographytours.com: could not connect to host +vietnamphotographytours.com: did not receive HSTS header viewsea.com: max-age too low: 0 vigilo.cf: could not connect to host vigilo.ga: could not connect to host @@ -14280,9 +15378,10 @@ viktorsvantesson.net: did not receive HSTS header viladochurrasco.com.br: could not connect to host vilaydin.com: did not receive HSTS header vilight.com.br: could not connect to host -villa-romantica-zillertal.at: did not receive HSTS header +villa-bellarte.de: could not connect to host villacarmela.com.br: did not receive HSTS header villainsclothing.com.au: could not connect to host +villalaskowa.pl: did not receive HSTS header villasenor.online: could not connect to host villekaaria.eu: could not connect to host vilog.me: could not connect to host @@ -14304,17 +15403,21 @@ vinesauce.info: could not connect to host vinetalk.net: could not connect to host vinicius.sl: could not connect to host viniferawineclub.com: did not receive HSTS header +vinogradovka.com: did not receive HSTS header vio.no: did not receive HSTS header violenceinterrupted.org: did not receive HSTS header violet-letter.delivery: could not connect to host viosey.com: could not connect to host +vioye.com: did not receive HSTS header viperdns.com: could not connect to host +vipesball.net: could not connect to host viphospitality.se: could not connect to host viplentes.com.br: did not receive HSTS header vipmusic.ga: could not connect to host -vipnettikasinoklubi.com: could not connect to host +vipnettikasinoklubi.com: did not receive HSTS header viral8.jp: could not connect to host virginiacrimeanalysisnetwork.org: did not receive HSTS header +virial.de: did not receive HSTS header viris.si: max-age too low: 536000 virtualhealth.com: did not receive HSTS header virtualstrongbox.ca: did not receive HSTS header @@ -14338,6 +15441,7 @@ vitalamin.ch: could not connect to host vitalita.cz: did not receive HSTS header vitalorange.com: did not receive HSTS header vitalthings.de: could not connect to host +vitamaxxi.com.br: could not connect to host vitapingu.de: could not connect to host vitta.me: did not receive HSTS header vitzro.kr: could not connect to host @@ -14346,6 +15450,7 @@ vivanosports.com.br: did not receive HSTS header vivasports.com.br: could not connect to host vivocloud.com: could not connect to host vivoregularizafacil.com.br: did not receive HSTS header +vivoseg.com: did not receive HSTS header vivremoinscher.fr: did not receive HSTS header vizeat.com: did not receive HSTS header vkino.com: could not connect to host @@ -14353,31 +15458,39 @@ vkulagin.ru: could not connect to host vladimiroff.org: did not receive HSTS header vldkn.net: could not connect to host vleij.family: could not connect to host -vlogge.com: could not connect to host +vlogge.com: did not receive HSTS header vlzbazar.ru: could not connect to host +vmhydro.ru: could not connect to host vmrdev.com: could not connect to host vmstan.com: did not receive HSTS header +vmzone.de: could not connect to host +vndb.org: could not connect to host vocab.guru: could not connect to host +vocalsynth.space: could not connect to host voceinveste.com: did not receive HSTS header vogt.tech: could not connect to host voice-of-design.com: could not connect to host voicesuk.co.uk: did not receive HSTS header +void-it.nl: did not receive HSTS header voidark.com: did not receive HSTS header voidi.ca: could not connect to host voidserv.net: could not connect to host -voilo.club: did not receive HSTS header -voilodaisuki.club: did not receive HSTS header +voidshift.com: could not connect to host +voilo.club: could not connect to host +voilodaisuki.club: could not connect to host voipkb.com: did not receive HSTS header -voiro.club: did not receive HSTS header -voirodaisuki.club: did not receive HSTS header +voiro.club: could not connect to host +voirodaisuki.club: could not connect to host volatimer.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] volbyzive.cz: did not receive HSTS header volcain.io: could not connect to host volcrado.com: did not receive HSTS header volkden.com: could not connect to host -voltimax.com: could not connect to host +volkswurst.de: did not receive HSTS header +voltimax.com: did not receive HSTS header voltotc.com: did not receive HSTS header voluptueuse.com: did not receive HSTS header +volvipress.gr: did not receive HSTS header vonavy-cukor.sk: could not connect to host vonavycukor.sk: could not connect to host vonedelmann.de: did not receive HSTS header @@ -14387,13 +15500,16 @@ vooreenveiligthuis.nl: did not receive HSTS header voorjou.com: did not receive HSTS header vorangerie.com: could not connect to host vorderklier.de: could not connect to host +vorm2.com: did not receive HSTS header vortexhobbies.com: did not receive HSTS header vosjesweb.nl: could not connect to host +votercircle.com: did not receive HSTS header voterstartingpoint.uk: could not connect to host votresiteweb.ch: could not connect to host vow.vn: could not connect to host vowsy.club: did not receive HSTS header vox.vg: did not receive HSTS header +vozami.com: could not connect to host vpip.net: could not connect to host vpl.me: did not receive HSTS header vpn-byen.dk: did not receive HSTS header @@ -14416,13 +15532,19 @@ vrijstaandhuis-in-zuid-holland-kopen.nl: could not connect to host vrijstaandhuis-in-zuidplas-kopen.nl: could not connect to host vrijstaandhuis-in-zwartewaterland-kopen.nl: could not connect to host vrijstaandhuisverkopen.nl: could not connect to host +vrlaid.com: could not connect to host vrobert.fr: could not connect to host +vrtak-cz.net: could not connect to host vrzl.pro: could not connect to host +vsamsonov.com: could not connect to host vsc-don-stocksport.de: did not receive HSTS header +vsestiralnie.com: did not receive HSTS header vucdn.com: could not connect to host +vulnerabilities.io: could not connect to host vuosaarenmontessoritalo.fi: did not receive HSTS header vvl.me: did not receive HSTS header vwoforangeparts.com: could not connect to host +vwt-event.nl: could not connect to host vxapps.com: could not connect to host vxml.club: could not connect to host vynedmusic.com: could not connect to host @@ -14435,14 +15557,17 @@ w10club.com: could not connect to host w2gshop.com.br: could not connect to host w4.no: did not receive HSTS header w4a.fr: could not connect to host +w4b.in: could not connect to host w4xzr.top: could not connect to host w4xzr.xyz: could not connect to host w9rld.com: did not receive HSTS header wabifoggynuts.com: could not connect to host wachtwoordencheck.nl: could not connect to host +waelti.xxx: could not connect to host wafni.com: could not connect to host -wahhoi.net: did not receive HSTS header +wai-in.com: could not connect to host wait.moe: could not connect to host +waixingrenfuli.vip: could not connect to host waixingrenfuli7.vip: could not connect to host wakapp.de: could not connect to host wakened.net: did not receive HSTS header @@ -14452,6 +15577,7 @@ wallabag.it: did not receive HSTS header wallabag.org: did not receive HSTS header wallacequinn.co.uk: did not receive HSTS header wallet.google.com: did not receive HSTS header (error ignored - included regardless) +wallpapers.pub: could not connect to host wallsblog.dk: could not connect to host walnutgaming.co.uk: could not connect to host walterlynnmosley.com: did not receive HSTS header @@ -14468,10 +15594,13 @@ wangjiatun.com.tw: could not connect to host wangkezun.com: could not connect to host wangqiliang.xn--fiqs8s: could not connect to host wangql.cn: could not connect to host -wangyubao.cn: could not connect to host +wanquanojbk.com: did not receive HSTS header wantshow.com.br: did not receive HSTS header +wanybug.cn: could not connect to host +wanybug.com: could not connect to host wapjt.cn: could not connect to host -wapking.live: did not receive HSTS header +wapking.co: could not connect to host +wapking.live: could not connect to host wapt.fr: did not receive HSTS header warandpeace.xyz: could not connect to host warcraftjournal.org: could not connect to host @@ -14483,16 +15612,17 @@ warezaddict.com: could not connect to host warhistoryonline.com: did not receive HSTS header warlions.info: could not connect to host warped.com: did not receive HSTS header +warren.sh: could not connect to host warrencreative.com: did not receive HSTS header -warsentech.com: could not connect to host +warsentech.com: did not receive HSTS header warumsuchen.at: did not receive HSTS header wasatchconstables.com: did not receive HSTS header wasatchcrest.com: did not receive HSTS header wasfuereintheater.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -wassim.is: could not connect to host +wassim.is: did not receive HSTS header watashi.bid: could not connect to host watchium.com: did not receive HSTS header -watchtv-online.pw: could not connect to host +watchtv-online.pw: max-age too low: 0 watchweasel.com: could not connect to host waterforlife.net.au: did not receive HSTS header waterpoint.com.br: could not connect to host @@ -14507,8 +15637,8 @@ waylee.net: did not receive HSTS header wbit.co.il: did not receive HSTS header wbut.ml: could not connect to host wdesk.com: did not receive HSTS header +wdmg.com.ua: max-age too low: 604800 wdt.io: did not receive HSTS header -we-bb.com: could not connect to host we.serveftp.net: could not connect to host wealthformyhealth.com: did not receive HSTS header wear2work.nl: could not connect to host @@ -14516,10 +15646,10 @@ wearedisneyland.com: did not receive HSTS header weareincognito.org: could not connect to host wearewithyou.org: could not connect to host weaverhairextensions.nl: could not connect to host +web-adminy.co.uk: did not receive HSTS header web-demarche.com: could not connect to host web-industry.fr: could not connect to host web-insider.net: did not receive HSTS header -web-mail.info: could not connect to host web-vision.de: did not receive HSTS header web4all.fr: did not receive HSTS header web4pro.fr: could not connect to host @@ -14533,7 +15663,7 @@ webbuzz.com.au: did not receive HSTS header webchat.domains: did not receive HSTS header webcreation.rocks: did not receive HSTS header webdesign-kronberg.de: did not receive HSTS header -webdesignssussex.co.uk: did not receive HSTS header +webdesignssussex.co.uk: could not connect to host webdev-quiz.de: did not receive HSTS header webdev.mobi: could not connect to host webdosh.com: did not receive HSTS header @@ -14548,13 +15678,14 @@ webhelyesarcu.hu: did not receive HSTS header webhosting4.net: did not receive HSTS header webhostingpros.ml: could not connect to host webies.ro: did not receive HSTS header +webless.com: could not connect to host webm.to: could not connect to host webmail.mayfirst.org: did not receive HSTS header webmaniabr.com: did not receive HSTS header webmarketingfestival.it: did not receive HSTS header webmixseo.com: did not receive HSTS header webnetmail4u.com: could not connect to host -webneuch.ch: did not receive HSTS header +webneuch.ch: could not connect to host webneuch.com: did not receive HSTS header webneuch.eu: did not receive HSTS header webneuch.fr: did not receive HSTS header @@ -14565,14 +15696,18 @@ webnosql.com: could not connect to host webperformance.ru: could not connect to host webproshosting.tk: could not connect to host webpublica.pt: could not connect to host +webqueens.com: could not connect to host +webreslist.com: could not connect to host websandbox.uk: could not connect to host +websectools.com: could not connect to host +webseo.de: did not receive HSTS header websitedesign.bg: did not receive HSTS header websitesabq.com: did not receive HSTS header websmartmedia.co.uk: did not receive HSTS header webspotter.nl: could not connect to host webstationservice.fr: could not connect to host webstellung.com: could not connect to host -webstory.xyz: did not receive HSTS header +webstory.xyz: could not connect to host webswitch.io: could not connect to host webtar.info: could not connect to host webtech.com.br: could not connect to host @@ -14582,14 +15717,15 @@ webthings.com.br: did not receive HSTS header webtiles.co.uk: could not connect to host webukhost.com: could not connect to host webuni.hu: did not receive HSTS header -webveloper.com: max-age too low: 0 +webveloper.com: did not receive HSTS header webwork.pw: could not connect to host webypass.xyz: could not connect to host webzanem.com: could not connect to host wecanfindit.co.za: could not connect to host +wedding-m.jp: did not receive HSTS header weddingenvelopes.co.uk: did not receive HSTS header weddingibiza.nl: could not connect to host -wedotrains.club: could not connect to host +wedotrains.club: did not receive HSTS header weebsr.us: could not connect to host weed.ren: could not connect to host weekly.fyi: could not connect to host @@ -14599,20 +15735,25 @@ weicn.org: did not receive HSTS header weightreviews.com: did not receive HSTS header weiji.ga: could not connect to host weiler.xyz: could not connect to host +weinhandel-preissler.de: could not connect to host +weirdserver.com: could not connect to host weiyuz.com: max-age too low: 6585555 weizenke.im: could not connect to host wejumall.com: could not connect to host wekibe.de: could not connect to host welby.cat: did not receive HSTS header -welches-kinderfahrrad.de: did not receive HSTS header +welches-kinderfahrrad.de: could not connect to host welkers.org: could not connect to host wellastore.ru: could not connect to host wellcomp.com.br: did not receive HSTS header +wellmarts.com: did not receive HSTS header wellness.so: could not connect to host wellopp.com: did not receive HSTS header wellproducedwines.com: did not receive HSTS header -wellsolveit.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +wellsplasticsurgery.com: did not receive HSTS header +wellspringcamps.com: did not receive HSTS header welovejobs.com: did not receive HSTS header +welovemail.com: could not connect to host welpy.com: could not connect to host weltentreff.com: could not connect to host weltmeisterschaft.net: could not connect to host @@ -14620,7 +15761,8 @@ weme.eu: could not connect to host wendalyncheng.com: did not receive HSTS header wendigo.pl: could not connect to host wengebowuguan.com: could not connect to host -wenode.net: could not connect to host +wenode.net: did not receive HSTS header +wensing-und-koenig.de: could not connect to host wentu.ml: could not connect to host wenz.io: did not receive HSTS header wer.sh: could not connect to host @@ -14636,9 +15778,8 @@ wernerschaeffer.de: did not receive HSTS header wesayyesprogram.com: could not connect to host wesleyharris.ca: did not receive HSTS header wespeakgeek.co.za: could not connect to host -west-wind.net: did not receive HSTS header westcoastaggregate.com: could not connect to host -westendzone.com: max-age too low: 0 +westendzone.com: could not connect to host westerhoud.nl: did not receive HSTS header westlinwinds.com: could not connect to host westsussexconnecttosupport.org: could not connect to host @@ -14654,23 +15795,27 @@ wetthost.com: could not connect to host wetttipps.com: could not connect to host wetttipps.de: could not connect to host wevahoo.com: could not connect to host +wevg.org: could not connect to host wevolver.com: did not receive HSTS header wewillgo.com: could not connect to host wewillgo.org: did not receive HSTS header wewlad.me: could not connect to host +wezl.net: did not receive HSTS header wf-training-master.appspot.com: did not receive HSTS header (error ignored - included regardless) wftda.com: did not receive HSTS header wg-tools.de: could not connect to host +wgraphics.ru: could not connect to host whatisl.ovh: could not connect to host whats.io: could not connect to host whatsstalk.me: could not connect to host -whatsyouroffer.co.uk: could not connect to host +whatsyouroffer.co.uk: did not receive HSTS header when-release.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] when-release.ru: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] whereisjason.com: could not connect to host whereismyorigin.cf: could not connect to host -wherephoto.com: could not connect to host +wherephoto.com: did not receive HSTS header wheresben.today: could not connect to host +whexit.nl: could not connect to host whilsttraveling.com: could not connect to host whisker.network: could not connect to host whiskyglazen.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] @@ -14679,13 +15824,15 @@ whitehat.id: did not receive HSTS header whiterabbit.org: did not receive HSTS header whiterabbitcakery.com: could not connect to host whiteroom.agency: did not receive HSTS header -whitestagforge.com: could not connect to host +whiteshadowimperium.com: could not connect to host +whitestagforge.com: did not receive HSTS header whoclicks.net: could not connect to host +whoisamitsingh.com: did not receive HSTS header whoisapi.online: could not connect to host wholebites.com: max-age too low: 7889238 -wholesomeharvestbread.com: max-age too low: 86400 wholikes.us: could not connect to host whoneedstobeprimaried.today: could not connect to host +whonix.org: did not receive HSTS header whoownsmyavailability.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] whoshotya.de: did not receive HSTS header whysuck.com: could not connect to host @@ -14695,13 +15842,14 @@ wibuw.com: could not connect to host widdleguy.com: did not receive HSTS header wideinfo.org: did not receive HSTS header widenews.org: did not receive HSTS header -wienerwichtelchallenge.at: could not connect to host +wienerwichtelchallenge.at: did not receive HSTS header wieninternational.at: did not receive HSTS header wificafehosting.com: did not receive HSTS header wifimapa.cz: could not connect to host wiiaam.com: could not connect to host wiiforum.no: did not receive HSTS header wiire.me: could not connect to host +wiki-play.ru: could not connect to host wikiclash.info: could not connect to host wikipeter.nl: did not receive HSTS header wikisports.eu: could not connect to host @@ -14716,6 +15864,7 @@ wilhelm-nathan.de: could not connect to host willcipriano.com: could not connect to host willeminfo.ch: did not receive HSTS header willemsjort.be: did not receive HSTS header +william.gg: could not connect to host william.si: did not receive HSTS header williamboundsltd.com: could not connect to host williamle.com: did not receive HSTS header @@ -14734,7 +15883,9 @@ winds.cf: could not connect to host windwoodmedia.com: could not connect to host windwoodweb.com: could not connect to host wine-importer.ru: could not connect to host +winebid.com: could not connect to host winecodeavocado.com: could not connect to host +wineworksonline.com: could not connect to host winfield.me.uk: did not receive HSTS header winfieldchen.me: did not receive HSTS header winged.io: did not receive HSTS header @@ -14747,12 +15898,14 @@ winsec.nl: could not connect to host winshiplending.com: could not connect to host winsufi.biz: could not connect to host wintercircle.co: max-age too low: 60 -wipc.net: could not connect to host +wipc.net: did not receive HSTS header wipply.com: could not connect to host wirbatz.org: did not receive HSTS header wirc.gr: could not connect to host +wiredcut.com: did not receive HSTS header wireless-emergency-stop.com: did not receive HSTS header -wirkaufendeinau.to: did not receive HSTS header +wiretrip.io: did not receive HSTS header +wirkaufendeinau.to: could not connect to host wisak.eu: could not connect to host wisdomize.me: could not connect to host wiseloan.com: did not receive HSTS header @@ -14763,7 +15916,7 @@ witae.com: could not connect to host withgoogle.com: did not receive HSTS header (error ignored - included regardless) withmy.beer: could not connect to host withoutacrystalball.com: did not receive HSTS header -withustrading.com: could not connect to host +withustrading.com: did not receive HSTS header withyoutube.com: did not receive HSTS header (error ignored - included regardless) wittcher.com: could not connect to host wittepapaver.nl: did not receive HSTS header @@ -14773,11 +15926,10 @@ witzemaschine.com: max-age too low: 0 wizardmeow.xin: could not connect to host wizardspire.com: did not receive HSTS header wizznab.tk: could not connect to host -wjglerum.nl: could not connect to host wk-cpm.com: could not connect to host -wk.is: could not connect to host wk577.com: could not connect to host wlzhiyin.cn: could not connect to host +wm-talk.net: could not connect to host wmawri.com: did not receive HSTS header wmcuk.net: did not receive HSTS header wmfinanz.com: could not connect to host @@ -14791,15 +15943,16 @@ wod-stavby.cz: could not connect to host wodice.com: could not connect to host wohnungsbau-ludwigsburg.de: did not receive HSTS header woima.fi: max-age too low: 604800 -wokeai.net: did not receive HSTS header +wokeai.net: could not connect to host +woktoss.com: could not connect to host wolfemg.com: could not connect to host wolfenland.net: did not receive HSTS header wolfesden.com: could not connect to host wolfram.io: could not connect to host +wolkenspeicher.org: could not connect to host wollekorb.de: could not connect to host womf.org: did not receive HSTS header womosale.de: could not connect to host -wonder.com.mx: max-age too low: 86400 wonderbooks.club: could not connect to host wonderfall.xyz: could not connect to host wonderhost.info: could not connect to host @@ -14808,6 +15961,7 @@ wondy.com: could not connect to host woodlandschurch.net: max-age too low: 43200 woodmafia.com.au: could not connect to host woodworkertip.com: did not receive HSTS header +woomai.net: did not receive HSTS header woomu.me: could not connect to host woording.com: could not connect to host wootton95.com: could not connect to host @@ -14818,33 +15972,33 @@ wordplay.one: could not connect to host wordpresspro.cl: did not receive HSTS header wordsofamaster.com: could not connect to host work-and-jockel.de: did not receive HSTS header -workemy.com: did not receive HSTS header +workemy.com: could not connect to host workfone.io: could not connect to host workpermit.com.vn: could not connect to host -workray.com: did not receive HSTS header worksofwyoming.org: did not receive HSTS header workwithgo.com: could not connect to host world-education-association.org: could not connect to host +worldchess.london: could not connect to host worldfree4.org: could not connect to host worldlist.org: could not connect to host worldpovertysolutions.org: did not receive HSTS header worldsbeststory.com: did not receive HSTS header worldwhisperer.net: could not connect to host wormholevpn.net: could not connect to host -worshapp.com: could not connect to host +worshapp.com: did not receive HSTS header +wow-foederation.de: could not connect to host wow-travel.eu: could not connect to host wowapi.org: could not connect to host wowinvasion.com: did not receive HSTS header wp-fastsearch.de: could not connect to host -wp-rescue.com.au: did not receive HSTS header +wp-rescue.com.au: could not connect to host wp-stack.pro: could not connect to host wp6.pw: could not connect to host wpblog.com.tw: could not connect to host wpcarer.pro: could not connect to host -wpcdn.bid: did not receive HSTS header wpcheck.io: could not connect to host wpcontrol.se: could not connect to host -wpdesigner.ir: did not receive HSTS header +wpdesigner.ir: could not connect to host wpfortify.com: could not connect to host wpg-inc.com: did not receive HSTS header wphelpwithhomework.tk: could not connect to host @@ -14867,13 +16021,14 @@ wrfu.co.nz: did not receive HSTS header wriedts.de: did not receive HSTS header wrightdoumawedding.com: could not connect to host writeapp.me: did not receive HSTS header +writing-expert.com: could not connect to host wrldevelopment.com: did not receive HSTS header wroffle.com: did not receive HSTS header wrwg.ca: could not connect to host -ws-meca.com: could not connect to host +ws-meca.com: did not receive HSTS header wsb-immo.at: could not connect to host wsdcap.com: could not connect to host -wsor.group: could not connect to host +wsor.group: did not receive HSTS header wss.com.ve: could not connect to host wsscompany.com.ve: could not connect to host wsup.social: could not connect to host @@ -14885,7 +16040,7 @@ wuchipc.com: could not connect to host wufupay.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] wuhengmin.com: could not connect to host wulpi.it: did not receive HSTS header -wumai-p.cn: could not connect to host +wumai.cloud: did not receive HSTS header wumbo.kiwi: could not connect to host wundtherapie-schulung.de: could not connect to host wurzelzwerg.net: could not connect to host @@ -14893,24 +16048,23 @@ wusx.club: could not connect to host wutianxian.com: did not receive HSTS header wvr-law.de: did not receive HSTS header wvw698.com: max-age too low: 2592000 -wwjd.dynu.net: could not connect to host www-001133.com: could not connect to host www-0385.com: could not connect to host -www-1116.com: did not receive HSTS header +www-1116.com: could not connect to host www-1117.com: could not connect to host www-38978.com: could not connect to host www-39988.com: did not receive HSTS header www-507.net: could not connect to host -www-62755.com: could not connect to host +www-62755.com: did not receive HSTS header www-68277.com: could not connect to host www-746.com: could not connect to host www-771122.com: did not receive HSTS header -www-8003.com: did not receive HSTS header +www-8003.com: could not connect to host www-88599.com: did not receive HSTS header www-8887999.com: could not connect to host -www-9995.com: did not receive HSTS header -www-djbet.com: did not receive HSTS header -www-jinshavip.com: did not receive HSTS header +www-9995.com: could not connect to host +www-djbet.com: could not connect to host +www-jinshavip.com: could not connect to host www.amazon.ca: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] www.amazon.co.jp: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] www.amazon.co.uk: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] @@ -14948,38 +16102,42 @@ www.zenpayroll.com: did not receive HSTS header www3.info: could not connect to host wxrlab.com: could not connect to host wxukang.cn: did not receive HSTS header +wxyz.buzz: could not connect to host wy6.org: did not receive HSTS header wybmabiity.com: could not connect to host wygluszanie.eu: could not connect to host wyu.cc: could not connect to host wyzphoto.nl: did not receive HSTS header wyzwaniemilosci.com: could not connect to host +x-iweb.ru: did not receive HSTS header x-pertservice.com: did not receive HSTS header x-power-detox.com: could not connect to host x-ripped-hd.com: could not connect to host +x1be.win: did not receive HSTS header x23.eu: did not receive HSTS header x2c0.net: did not receive HSTS header x2w.io: could not connect to host x3led.com: could not connect to host x509.pub: could not connect to host x509.pw: could not connect to host -x64architecture.com: could not connect to host -xa1.uk: could not connect to host -xanax.pro: could not connect to host +x69.biz: could not connect to host +x69x.net: could not connect to host xanderweaver.com: did not receive HSTS header xandocs.com: could not connect to host xat.re: did not receive HSTS header -xavierbarroso.com: could not connect to host +xavierbarroso.com: did not receive HSTS header xbc.nz: could not connect to host xbind.io: could not connect to host xchangeinfo.com: could not connect to host xchating.com: could not connect to host -xcler8.com: could not connect to host xcompany.one: could not connect to host xcoop.me: did not receive HSTS header +xd.fi: did not receive HSTS header xd.gov: did not receive HSTS header xdd.io: could not connect to host xdty.org: could not connect to host +xecure.zone: could not connect to host +xecureit.com: could not connect to host xehoivn.vn: could not connect to host xellos.ga: could not connect to host xellos.ml: could not connect to host @@ -14987,7 +16145,6 @@ xenesisziarovky.sk: could not connect to host xenosphere.tk: could not connect to host xeonlab.com: could not connect to host xeonlab.de: could not connect to host -xerownia.eu: could not connect to host xett.com: could not connect to host xfive.de: could not connect to host xg3n1us.de: did not receive HSTS header @@ -15001,11 +16158,13 @@ xiaolvmu.com: could not connect to host xiaolvmu.me: could not connect to host xiaomionline24.pl: could not connect to host xiaoxiao.im: could not connect to host -xiaxuejin.cn: did not receive HSTS header +xiaxuejin.cn: could not connect to host +xilegames.com: could not connect to host xiliant.com: did not receive HSTS header ximage.me: could not connect to host ximens.me: could not connect to host xinbiji.cn: could not connect to host +xinex.cz: could not connect to host xing.ml: could not connect to host xinghuokeji.xin: could not connect to host xingiahanvisa.net: did not receive HSTS header @@ -15017,6 +16176,7 @@ xivpn.com: could not connect to host xiyu.it: did not receive HSTS header xiyu.moe: did not receive HSTS header xjoi.net: could not connect to host +xjoin.de: could not connect to host xlaff.com: could not connect to host xlboo.com: did not receive HSTS header xlfblog.com: did not receive HSTS header @@ -15025,6 +16185,7 @@ xmiui.com: could not connect to host xmonk.org: did not receive HSTS header xmr.my: could not connect to host xn----7sbmucgqdbgwwc5e9b.xn--p1ai: could not connect to host +xn--3lqp21gwna.cn: could not connect to host xn--3lqp21gwna.xn--fiqs8s: could not connect to host xn--3lqp21gwna.xn--fiqz9s: could not connect to host xn--3lqt7ir4md4tzwa.cn: did not receive HSTS header @@ -15035,12 +16196,15 @@ xn--4dbjwf8c.ga: could not connect to host xn--4dbjwf8c.gq: could not connect to host xn--4dbjwf8c.ml: could not connect to host xn--4dbjwf8c.tk: could not connect to host +xn--68jub.pw: could not connect to host xn--6cv66l79sp0n0ibo7s9ne.xyz: did not receive HSTS header xn--7rvz7ku3ppnr.jp: could not connect to host xn--7v8h.cf: could not connect to host +xn--80aaagmgvmvmcuoq7r.xn--p1ai: did not receive HSTS header xn--80aaihqncaejjobbu6v.xn--p1ai: did not receive HSTS header xn--80ablh1c.online: could not connect to host xn--80ac0aqlt.xn--p1ai: could not connect to host +xn--80anogxed.xn--p1ai: could not connect to host xn--80aocgsfei.xn--p1ai: could not connect to host xn--88j2fy28hbxmnnf9zlw5buzd.com: did not receive HSTS header xn--8mr166hf6s.xn--fiqs8s: could not connect to host @@ -15073,6 +16237,7 @@ xn--lna-4000-9za.nu: could not connect to host xn--lnakuten-9za.com: did not receive HSTS header xn--ls8hi7a.tk: could not connect to host xn--maraa-rta.org: could not connect to host +xn--mensenges-o1a8c.gq: could not connect to host xn--mhringen-65a.de: did not receive HSTS header xn--milchaufschumer-test-lzb.de: could not connect to host xn--n8jubz39q0g0afpa985c.com: could not connect to host @@ -15084,6 +16249,7 @@ xn--pckqk6xk43lunk.net: could not connect to host xn--qckqc0nxbyc4cdb4527err7c.biz: did not receive HSTS header xn--qckyd1cu698a35zarib.xyz: could not connect to host xn--r77hya.ga: could not connect to host +xn--rlcus7b3d.xn--xkc2dl3a5ee0h: could not connect to host xn--rt-cja.eu: could not connect to host xn--sdkwa9azd389v01ya.com: did not receive HSTS header xn--srenpind-54a.dk: could not connect to host @@ -15110,24 +16276,29 @@ xn--yoamomisuasbcn-ynb.com: could not connect to host xn--zck9a4b352yuua.jp: did not receive HSTS header xng.io: did not receive HSTS header xobox.me: could not connect to host +xoda.pw: could not connect to host xoffy.com: did not receive HSTS header xom.party: could not connect to host xombra.com: could not connect to host xor-a.net: could not connect to host +xotika.tv: could not connect to host +xpenology-fr.net: could not connect to host xperiacodes.com: could not connect to host xpi.fr: could not connect to host +xpj.bet: did not receive HSTS header xpj.sx: could not connect to host xpressprint.com.br: max-age too low: 90 xpwn.cz: could not connect to host +xq55.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] xqin.net: could not connect to host xrp.pw: could not connect to host +xs74.com: did not receive HSTS header +xscancun.com: could not connect to host xscapers.com: did not receive HSTS header -xserownia.com.pl: could not connect to host -xserownia.eu: could not connect to host -xserownia.pl: could not connect to host xsstime.nl: could not connect to host xsyds.cn: did not receive HSTS header xt.om: did not receive HSTS header +xtenz.xyz: could not connect to host xtom.email: could not connect to host xtream-hosting.com: did not receive HSTS header xtream-hosting.de: could not connect to host @@ -15136,12 +16307,14 @@ xtreamhosting.eu: could not connect to host xtrim.ru: did not receive HSTS header xtzone.be: could not connect to host xuexb.com: did not receive HSTS header +xujan.com: could not connect to host xuntaosms.com: could not connect to host xupeng.me: could not connect to host xuyh0120.win: did not receive HSTS header xwalck.se: could not connect to host -xx0r.eu: could not connect to host xxbase.com: did not receive HSTS header +xxx3dbdsm.com: could not connect to host +xxxladyboysporn.com: could not connect to host xy1919.com: could not connect to host xy6161.com: could not connect to host xy6262.com: could not connect to host @@ -15152,10 +16325,12 @@ xy7373.com: could not connect to host xyndrac.net: max-age too low: 2592000 xynex.us: could not connect to host xynta.ch: could not connect to host +xzoneadventure.com: did not receive HSTS header y-o-w.com: did not receive HSTS header y-s.pw: could not connect to host y3451.com: could not connect to host yaay.com.br: could not connect to host +yabrt.cn: could not connect to host yaccin.com: could not connect to host yachts-magazine.com: did not receive HSTS header yagi2.com: did not receive HSTS header @@ -15164,12 +16339,13 @@ yalla.jp: did not receive HSTS header yamamo10.com: could not connect to host yameveo.com: did not receive HSTS header yanwh.xyz: did not receive HSTS header -yaoidreams.com: did not receive HSTS header -yaporn.tv: did not receive HSTS header +yaoidreams.com: could not connect to host +yaporn.tv: could not connect to host yarchives.jp: could not connect to host yard-fu.com: could not connect to host yardbird.us: could not connect to host yarnhookup.com: did not receive HSTS header +yarogneva.ru: could not connect to host yasinaydin.net: did not receive HSTS header yasutomonodokoiko.com: did not receive HSTS header yaucy.win: could not connect to host @@ -15182,8 +16358,9 @@ ydy.jp: could not connect to host yecl.net: did not receive HSTS header yello.website: could not connect to host yellowcar.website: could not connect to host -yemalu.com: did not receive HSTS header +yemalu.com: could not connect to host yemekbaz.az: could not connect to host +yennhi.co: could not connect to host yenniferallulli.com: could not connect to host yenniferallulli.de: could not connect to host yenniferallulli.es: did not receive HSTS header @@ -15192,13 +16369,14 @@ yenniferallulli.nl: could not connect to host yepbitcoin.com: could not connect to host yesdevnull.net: did not receive HSTS header yesfone.com.br: could not connect to host +yeshu.org: did not receive HSTS header yestees.com: did not receive HSTS header -yeswecan.co.bw: did not receive HSTS header yetcore.io: could not connect to host yetishirt.com: could not connect to host yffengshi.ml: could not connect to host ygcdyf.com: did not receive HSTS header yggdar.ga: could not connect to host +yh35.net: max-age too low: 86400 yhori.xyz: could not connect to host yibaoweilong.top: could not connect to host yibin0831.com: could not connect to host @@ -15213,6 +16391,7 @@ yinhe12.net: did not receive HSTS header yippie.nl: could not connect to host yizhu.com: could not connect to host yjsoft.me: could not connect to host +ylilauta.org: could not connect to host ylk.io: could not connect to host ynode.co: did not receive HSTS header ynsn.nl: could not connect to host @@ -15229,62 +16408,75 @@ yoimise.net: did not receive HSTS header yoiyado.info: did not receive HSTS header yokeepo.com: could not connect to host yolo-csgo.com: could not connect to host -yolocelebs.com: did not receive HSTS header +yolocelebs.com: could not connect to host yoloprod.fr: could not connect to host yoloseo.com: could not connect to host yomena.in: could not connect to host yomepre.com: could not connect to host yopers.com: did not receive HSTS header yorkshireterrier.com.br: could not connect to host +yorname.ml: could not connect to host yoru.me: could not connect to host -yoticonnections.com: could not connect to host yotilabs.com: could not connect to host youcaitian.com: did not receive HSTS header youcancraft.de: could not connect to host youcanfuckoff.xyz: could not connect to host +youcanmakeit.at: could not connect to host youcontrol.ru: could not connect to host +youdowell.com: could not connect to host youfencun.com: did not receive HSTS header +youjizz.bz: could not connect to host +youlend.com: did not receive HSTS header youlog.net: could not connect to host youngandunited.nl: did not receive HSTS header +youngdogs.org: could not connect to host younl.net: could not connect to host youon.tokyo: did not receive HSTS header yourbapp.ch: could not connect to host -yourcomputer.expert: did not receive HSTS header yourgame.co.il: did not receive HSTS header youri.me: could not connect to host yourlovesong.com.mx: could not connect to host +yourname.xyz: could not connect to host yoursbookstore.jp: max-age too low: 0 yoursecondphone.co: could not connect to host yourself.today: could not connect to host yourstrongbox.com: could not connect to host +yourtrainingsolutions.com: did not receive HSTS header youruseragent.info: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] yourznc.com: could not connect to host yousite.by: could not connect to host youth2009.org: did not receive HSTS header youtube: could not connect to host youtubeviews.ml: could not connect to host -youyoulemon.com: could not connect to host +youwatchporn.com: could not connect to host ypcs.fi: did not receive HSTS header +yqjf68.com: could not connect to host yryz.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +ysicing.net: could not connect to host +yslbeauty.com: did not receive HSTS header +yspeo.com: max-age too low: 2592000 ytcuber.xyz: could not connect to host ythyth.com: max-age too low: 2592000 ytvwld.de: did not receive HSTS header yu7.jp: did not receive HSTS header +yuanbenlian.com: did not receive HSTS header yudan.com.br: could not connect to host yude.ml: could not connect to host yue2.net: did not receive HSTS header +yuema.net.cn: could not connect to host yufan.me: did not receive HSTS header yugege.cf: could not connect to host yuhen.ru: did not receive HSTS header -yuhuo.org: could not connect to host yui.cat: did not receive HSTS header -yukijinji.moe: could not connect to host +yukijinji.moe: did not receive HSTS header yukiminami.net: could not connect to host yuko.moe: could not connect to host yukonrefugees.com: could not connect to host yum.beer: could not connect to host yum0.cn: could not connect to host +yumli.net: could not connect to host yummyfamilyrecipes.com: could not connect to host +yummylooks.com: did not receive HSTS header yuna.love: could not connect to host yuna.tg: could not connect to host yunpan.blue: could not connect to host @@ -15294,24 +16486,27 @@ yunzhu.org: could not connect to host yuppi.tv: max-age too low: 43200 yurinet.org: could not connect to host yuriykuzmin.com: did not receive HSTS header -yusu.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] yutabon.com: could not connect to host -yutang.vn: could not connect to host yuushou.com: could not connect to host yux.fr: could not connect to host yux.io: did not receive HSTS header yuzu.tk: did not receive HSTS header ywei.org: could not connect to host ywyz.tech: could not connect to host -yzcloud.me: could not connect to host z-coder.com: could not connect to host z0rro.net: could not connect to host +z33.ch: did not receive HSTS header +z33.co: could not connect to host z3liff.com: could not connect to host z3liff.net: could not connect to host zacharopoulos.me: could not connect to host zachbolinger.com: could not connect to host +zachgibbens.org: could not connect to host +zachpeters.org: could not connect to host zadieheimlich.com: did not receive HSTS header zaem.tv: could not connect to host +zahnarzt-hofer.de: could not connect to host +zahnarzt-muenich.de: could not connect to host zahnrechner-staging.azurewebsites.net: could not connect to host zahyantechnologies.com: did not receive HSTS header zaidan.de: could not connect to host @@ -15329,7 +16524,8 @@ zaneweb.org: could not connect to host zao.fi: could not connect to host zaoext.com: could not connect to host zaoshanghao-dajia.rhcloud.com: could not connect to host -zap.yt: did not receive HSTS header +zap.yt: could not connect to host +zapatoshechoamano.pe: did not receive HSTS header zargaripour.com: did not receive HSTS header zarooba.com: could not connect to host zavca.com: did not receive HSTS header @@ -15342,6 +16538,7 @@ zdravotnickasluzba.eu: could not connect to host zdrowiepaleo.pl: did not receive HSTS header zdx.ch: max-age too low: 0 zeb.fun: could not connect to host +zebibyte.cn: could not connect to host zebrababy.cn: could not connect to host zebry.nl: did not receive HSTS header zecrypto.com: could not connect to host @@ -15353,42 +16550,47 @@ zehntner.ch: max-age too low: 3600 zeitzer-turngala.de: could not connect to host zelfmoord.ga: could not connect to host zelfstandigemakelaars.net: could not connect to host -zellari.ru: did not receive HSTS header +zellari.ru: could not connect to host zeloz.xyz: could not connect to host +zengdong.ren: did not receive HSTS header zenghx.tk: could not connect to host -zenhaiku.com: did not receive HSTS header +zenhaiku.com: could not connect to host zeno-system.com: did not receive HSTS header zenpayroll.com: did not receive HSTS header -zenti.cloud: did not receive HSTS header zentience.dk: did not receive HSTS header zentience.net: did not receive HSTS header zentience.org: did not receive HSTS header +zentiweb.nl: did not receive HSTS header zentraler-kreditausschuss.de: did not receive HSTS header zentralwolke.de: did not receive HSTS header zenvite.com: could not connect to host zenwears.com: could not connect to host zenycosta.com: could not connect to host zepect.com: did not receive HSTS header -zera.com.au: max-age too low: 0 +zera.com.au: could not connect to host zerekin.net: did not receive HSTS header zero-sum.xyz: could not connect to host zero-x-baadf00d.com: could not connect to host zerocool.io: could not connect to host zeroday.sk: did not receive HSTS header zerofox.gq: could not connect to host +zerolab.org: could not connect to host zeroling.com: could not connect to host zeroml.ml: could not connect to host zerosource.net: could not connect to host zerudi.com: did not receive HSTS header zetadisseny.es: did not receive HSTS header zeto365.pl: did not receive HSTS header +zetrov.pl: did not receive HSTS header zett4.me: max-age too low: 172800 zeug.co: could not connect to host -zewtie.com: did not receive HSTS header +zewtie.com: could not connect to host zeytin.pro: could not connect to host +zfo.gg: could not connect to host zgan.ga: could not connect to host zh1.li: could not connect to host zhang.wtf: could not connect to host +zhangcheng.org: did not receive HSTS header zhangruilin.com: did not receive HSTS header zhangsir.net: could not connect to host zhaochen.xyz: could not connect to host @@ -15398,15 +16600,21 @@ zhengouwu.com: could not connect to host zhenmeish.com: could not connect to host zhh.in: could not connect to host zhihua-lai.com: did not receive HSTS header -zhiin.net: did not receive HSTS header +zhiin.net: could not connect to host zhikin.com: could not connect to host zhimajk.com: could not connect to host +zhome.info: could not connect to host zhoujiashu.com: could not connect to host +zhuji.com: could not connect to host +zhuji.com.cn: could not connect to host +zhuji5.com: could not connect to host zhujicaihong.com: could not connect to host +zhuweiyou.com: did not receive HSTS header zi0r.com: did not receive HSTS header zian.online: could not connect to host zicklam.com: could not connect to host zigcore.com.br: could not connect to host +zii.bz: could not connect to host zikirakhirzaman.com: could not connect to host zinc-x.com: did not receive HSTS header zinenapse.info: could not connect to host @@ -15416,13 +16624,16 @@ zirtue.io: could not connect to host zivagold.com: did not receive HSTS header zivver.com: could not connect to host zivy-ruzenec.cz: could not connect to host +zixo.sk: could not connect to host ziyuanabc.xyz: could not connect to host +ziz.exchange: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] zizoo.com: did not receive HSTS header zju.tv: could not connect to host zjubtv.com: could not connect to host zjutv.com: could not connect to host zkillboard.com: did not receive HSTS header zking.ga: could not connect to host +zlc1994.com: did not receive HSTS header zlcp.com: could not connect to host zmsastro.co.za: could not connect to host zmscable.com: did not receive HSTS header @@ -15435,44 +16646,51 @@ zoe.vc: could not connect to host zohar.link: could not connect to host zohar.shop: could not connect to host zokster.net: could not connect to host -zollihood.ch: did not receive HSTS header zolotoy-standart.com.ua: did not receive HSTS header +zombiesecured.com: could not connect to host zomiac.pp.ua: could not connect to host zonadebolsa.es: did not receive HSTS header +zone403.net: could not connect to host zoneminder.com: did not receive HSTS header zoners.si: did not receive HSTS header -zonesec.org: could not connect to host zonky.io: could not connect to host +zoo.city: could not connect to host zoo24.de: did not receive HSTS header zoofaeth.de: did not receive HSTS header +zoofit.com.au: did not receive HSTS header zoological-gardens.eu: could not connect to host zoomingin.net: max-age too low: 5184000 zoommailing.com: did not receive HSTS header zoorigin.com: did not receive HSTS header +zooxdata.com: could not connect to host zortium.report: could not connect to host zorz.info: could not connect to host -zotero.org: did not receive HSTS header zoznamrealit.sk: did not receive HSTS header +zpy.fun: could not connect to host zq789.com: could not connect to host zqhong.com: could not connect to host zqjs.tk: could not connect to host +zqwqz.com: could not connect to host zrn.in: did not receive HSTS header ztan.tk: could not connect to host ztcaoll222.cn: could not connect to host ztytian.com: could not connect to host +zuan-in.com: could not connect to host zuckerfloh.de: did not receive HSTS header zudomc.me: could not connect to host zuehlcke.de: could not connect to host zukix.com: could not connect to host zulu7.com: did not receive HSTS header -zumazar.ru: could not connect to host zunftmarke.de: did not receive HSTS header zutsu-raku.com: did not receive HSTS header zuviel.space: could not connect to host +zvejonys.lt: did not receive HSTS header zvncloud.com: did not receive HSTS header zvz.im: could not connect to host -zwembadheeten.nl: could not connect to host -zxity.co.uk: did not receive HSTS header +zwembadheeten.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +zx1168.com: could not connect to host +zx2268.com: could not connect to host +zxity.co.uk: could not connect to host zxity.ltd: could not connect to host zxity.uk: could not connect to host zyf.pw: could not connect to host @@ -15484,5 +16702,4 @@ zyso.org: could not connect to host zzb510.com: could not connect to host zzb6688.com: could not connect to host zzb8899.com: could not connect to host -zzpd.nl: did not receive HSTS header zzw.ca: could not connect to host diff --git a/security/manager/ssl/nsSTSPreloadList.inc b/security/manager/ssl/nsSTSPreloadList.inc index 85f33eb035..36a933f71c 100644 --- a/security/manager/ssl/nsSTSPreloadList.inc +++ b/security/manager/ssl/nsSTSPreloadList.inc @@ -8,7 +8,7 @@ /*****************************************************************************/ #include <stdint.h> -const PRTime gPreloadListExpirationTime = INT64_C(1542710641724000); +const PRTime gPreloadListExpirationTime = INT64_C(1546247908476000); class nsSTSPreload { @@ -18,8 +18,6 @@ class nsSTSPreload }; static const nsSTSPreload kSTSPreloadList[] = { - { "0.me.uk", true }, - { "0005pay.com", true }, { "00100010.net", true }, { "0010100.net", true }, { "00120012.net", true }, @@ -35,7 +33,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "00660066.net", true }, { "00770077.net", true }, { "00778899.com", true }, - { "00880088.net", true }, + { "0086286.com", true }, { "00990099.net", true }, { "00dani.me", true }, { "00f.net", true }, @@ -50,7 +48,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "01electronica.com.ar", true }, { "01seguridad.com.ar", true }, { "01smh.com", true }, - { "0222.mg", true }, { "022367.com", true }, { "022379.com", true }, { "022391.com", true }, @@ -65,6 +62,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "02327.net", true }, { "02375.net", true }, { "023sec.com", true }, + { "02607.com", true }, { "026122.com", true }, { "02638.net", true }, { "028718.com", true }, @@ -121,6 +119,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "083965.com", true }, { "083967.com", true }, { "086628.com", true }, + { "09115.com", true }, { "0916app.com", true }, { "09892.net", true }, { "0au.de", true }, @@ -137,11 +136,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "0wx.org", true }, { "0x.cx", true }, { "0x.sk", true }, + { "0x0.cloud", true }, { "0x0.li", true }, { "0x00ff00ff.com", true }, { "0x17.de", true }, { "0x52.net", true }, - { "0x5f3759df.cf", true }, { "0x7d.com", true }, { "0x7fffffff.net", true }, { "0x90.io", true }, @@ -157,10 +156,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "0yen.org", true }, { "1-2-3bounce.co.uk", true }, { "100-downloads.com", true }, - { "10000v.ru", true }, { "1000minds.com", true }, - { "1000serien.com", false }, - { "1001firms.com", true }, { "1001kerstpakketten.com", false }, { "1001mv.com", true }, { "10086.nl", true }, @@ -194,7 +190,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "10v2.com", true }, { "1100.so", true }, { "110110110.net", true }, - { "1116pay.com", true }, { "112112112.net", true }, { "112app.nl", true }, { "112hz.com", true }, @@ -217,21 +212,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "123bearing.co.uk", true }, { "123bearing.com", true }, { "123bearing.eu", true }, - { "123comparer.fr", false }, - { "123djdrop.com", true }, { "123midterm.com", true }, + { "123opstalverzekeringen.nl", true }, { "123pay.ir", false }, { "123plons.nl", true }, { "123roulement.be", true }, { "123roulement.com", true }, - { "123termpapers.com", true }, { "123test.com", true }, { "123test.nl", true }, { "123writings.com", true }, { "124133.com", true }, { "124633.com", true }, { "125m125.de", true }, - { "1288fc.com", true }, { "12photos.eu", true }, { "12thmanrising.com", true }, { "12vpn.net", true }, @@ -241,7 +233,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "13318522.com", true }, { "1391kj.com", true }, { "1395kj.com", true }, - { "1396.net", true }, { "13th-dover.uk", true }, { "143533.com", true }, { "143633.com", true }, @@ -269,7 +260,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "149733.com", true }, { "14it.de", true }, { "14x3.de", true }, - { "15-10.com", true }, { "1511774230.rsc.cdn77.org", true }, { "152433.com", true }, { "154233.com", true }, @@ -278,20 +268,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "156433.com", true }, { "1590284872.rsc.cdn77.org", true }, { "1600esplanade.com", true }, - { "160887.com", true }, { "1644091933.rsc.cdn77.org", true }, { "1661237.com", true }, { "166166.com", true }, { "1689886.com", true }, { "168bo9.com", true }, { "168bo9.net", true }, - { "168esb.com", true }, + { "16book.org", true }, { "1750studios.com", false }, { "17hats.com", true }, { "1811559.com", true }, { "1844329061.rsc.cdn77.org", true }, { "1876996.com", true }, - { "18888msc.com", true }, + { "188da.com", true }, { "188dv.com", true }, { "189dv.com", true }, { "189fc.com", true }, @@ -316,14 +305,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "1cover.com.au", true }, { "1e9.nl", true }, { "1f123.net", true }, + { "1fach-digital.de", true }, { "1hourproofreading.com", true }, { "1it.click", true }, - { "1item.co.il", true }, { "1js.de", true }, { "1kando.com", false }, { "1km.ro", true }, { "1kmi.co", true }, { "1ll.uk", true }, + { "1lord1faith.com", true }, { "1m.duckdns.org", true }, { "1montre.fr", true }, { "1morebounce.co.uk", true }, @@ -333,7 +323,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "1on1on1.tv", true }, { "1panorama.ru", true }, { "1para.net", true }, + { "1password.ca", true }, { "1password.com", true }, + { "1password.eu", true }, { "1px.tv", true }, { "1r.is", true }, { "1rs.nl", true }, @@ -346,13 +338,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "1stclassbouncycastles.co.uk", true }, { "1stforfun.co.uk", true }, { "1stpeninsulabouncers.co.uk", true }, - { "1ststop.co.uk", true }, - { "1upinternet.com", true }, { "1volcano.ru", true }, { "1whw.co.uk", true }, { "1wirelog.de", true }, { "1wl.uk", true }, { "2.wtf", true }, + { "200.network", true }, { "200fcw.com", true }, { "2018.wales", true }, { "2048-spiel.de", true }, @@ -371,40 +362,46 @@ static const nsSTSPreload kSTSPreloadList[] = { { "2333blog.com", true }, { "233abc.com", true }, { "233blog.com", true }, - { "233ss.net", true }, + { "233boy.com", true }, { "233vps.com", true }, { "24-7.jp", true }, { "245meadowvistaway.com", true }, { "246060.ru", true }, - { "247a.co.uk", true }, { "247exchange.com", true }, { "247healthshop.com", true }, { "247medplan.com", true }, { "24dian30.com", true }, + { "24hour-locksmithsanantonio.com", true }, + { "24hourlocksmithbaltimore.com", true }, + { "24hourlocksmithdallastx.com", true }, { "24hoursanantoniolocksmiths.com", true }, { "24hourscienceprojects.com", true }, { "24ip.com", true }, { "24ip.de", true }, { "24ip.fr", true }, { "24timeravis.dk", true }, + { "24zpravy.cz", true }, + { "2566335.xyz", true }, { "256pages.com", false }, { "258da.com", true }, { "25reinyan25.net", true }, { "2600edinburgh.org", true }, { "2600hq.com", true }, - { "260887.com", true }, { "263.info", true }, { "27728522.com", true }, { "28-industries.com", true }, { "281180.de", true }, { "2858958.com", true }, + { "286.com", true }, { "288da.com", true }, { "28peaks.com", true }, { "28spots.net", true }, { "2912.nl", true }, { "2948.ca", true }, + { "297computers.com", true }, { "298da.com", true }, { "2991236.com", true }, + { "2au.ru", true }, { "2bas.nl", true }, { "2bcompany.ch", true }, { "2bis10.de", true }, @@ -420,7 +417,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "2cv-fahrer.de", true }, { "2fm.ie", true }, { "2fraud.pro", true }, - { "2gen.com", true }, { "2heartsbookings.co.uk", true }, { "2hypeenterprises.com", true }, { "2kgwf.fi", true }, @@ -456,6 +452,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "314122.com", true }, { "314322.com", true }, { "314522.com", true }, + { "314553.com", true }, { "314622.com", true }, { "314633.com", true }, { "314922.com", true }, @@ -464,7 +461,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "319422.com", true }, { "319k3.com", true }, { "31klabs.com", true }, - { "31tv.ru", true }, { "320281.net", true }, { "321live.nl", true }, { "324022.com", true }, @@ -526,7 +522,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "349233.com", true }, { "349433.com", true }, { "349533.com", true }, - { "34oztonic.eu", true }, { "350422.com", true }, { "354022.com", true }, { "354133.com", true }, @@ -537,7 +532,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "354933.com", true }, { "356433.com", true }, { "360live.fr", true }, + { "360rail.nl", true }, { "360woodworking.com", true }, + { "364553.com", true }, { "365365.com", true }, { "365daysreview.com", true }, { "365healthworld.com", true }, @@ -551,8 +548,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "3778vip.com", true }, { "379700.com", true }, { "380422.com", true }, - { "38888msc.com", true }, - { "38blog.com", true }, + { "388da.com", true }, { "390422.com", true }, { "392422.com", true }, { "393335.ml", true }, @@ -561,11 +557,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "394122.com", true }, { "394322.com", true }, { "394522.com", true }, + { "394553.com", true }, { "394622.com", true }, { "394922.com", true }, { "396422.com", true }, { "398.info", true }, { "39sihu.com", false }, + { "3aandl.com", true }, { "3ags.de", true }, { "3amtoolbox.se", true }, { "3ank.in", true }, @@ -576,6 +574,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "3circlefunding.ch", true }, { "3countiescastlehire.co.uk", true }, { "3cs.ch", true }, + { "3deeplearner.com", true }, { "3djuegos.com", true }, { "3dmedium.de", true }, { "3dmusiclab.nl", true }, @@ -584,8 +583,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "3drenaline.com", true }, { "3haeuserprojekt.org", true }, { "3haueserprojekt.org", true }, + { "3hl0.net", true }, + { "3ik.us", true }, { "3james.com", true }, { "3logic.ru", true }, + { "3lot.ru", true }, { "3n5b.com", true }, { "3os.ooo", true }, { "3phase.pw", true }, @@ -612,7 +614,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "3typen.tv", true }, { "3v4l.org", true }, { "3weekdietworks.com", true }, - { "3xx.link", true }, { "4-1-where.com", true }, { "4-it.de", true }, { "40-grad.de", true }, @@ -627,42 +628,29 @@ static const nsSTSPreload kSTSPreloadList[] = { { "411film.com", true }, { "411movie.com", true }, { "414553.com", true }, + { "41studio.com", true }, { "41where.com", true }, { "420java.com", true }, - { "4237.com", true }, { "42day.info", true }, - { "42entrepreneurs.fr", true }, { "439050.com", true }, - { "440887.com", true }, { "441jj.com", false }, - { "442887.com", true }, - { "443887.com", true }, { "4444yh.com", true }, - { "444887.com", true }, - { "445887.com", true }, { "448da.com", true }, { "44scc.com", true }, - { "44sec.com", true }, - { "4500.co.il", true }, { "451.ooo", true }, { "4553s.com", true }, { "4553vip.com", true }, - { "4706666.com", true }, - { "4716666.com", true }, - { "4726666.com", true }, { "4736666.com", true }, - { "4756666.com", true }, - { "4786666.com", true }, - { "478933.com", true }, { "47essays.com", true }, { "491mhz.net", true }, { "49889.com", true }, - { "4997777.com", true }, { "49dollaridahoregisteredagent.com", true }, + { "4c-haircare.com", true }, { "4decor.org", true }, { "4everproxy.com", true }, { "4eyes.ch", true }, { "4fit.ro", true }, + { "4flex.info", true }, { "4freepress.com", true }, { "4g-server.eu", false }, { "4garage.com.br", true }, @@ -682,6 +670,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "4x.fi", true }, { "4x4.lk", true }, { "4xlabs.co", true }, + { "50.pe", true }, { "500a500.com", true }, { "500b500.com", true }, { "500c500.com", true }, @@ -715,6 +704,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "504922.com", true }, { "506422.com", true }, { "506pay.com", true }, + { "508088.com", true }, { "50lakeshore.com", true }, { "50ma.xyz", true }, { "50north.de", true }, @@ -734,8 +724,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "524622.com", true }, { "524922.com", true }, { "525.info", true }, - { "52b9.com", true }, - { "52b9.net", true }, + { "52hentai.ml", true }, { "52kb365.com", true }, { "52ncp.net", true }, { "52sykb.com", true }, @@ -756,19 +745,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "541622.com", true }, { "541722.com", true }, { "541922.com", true }, - { "5432.cc", true }, { "545922.com", true }, { "546802.com", true }, { "54below.com", true }, { "5518k3.com", true }, { "5533445.com", true }, { "5555yh.com", true }, + { "55797.com", true }, { "558da.com", true }, { "55bt.cc", true }, { "55scc.com", true }, { "576422.com", true }, { "579422.com", true }, - { "57he.com", true }, { "57wilkie.net", true }, { "583422.com", true }, { "585422.com", true }, @@ -786,13 +774,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "5997891.com", true }, { "5apps.com", true }, { "5c1fd0f31022cbc40af9f785847baaf9.space", true }, - { "5chat.it", true }, { "5crowd.com", true }, { "5dm.tv", true }, { "5ece.de", true }, { "5francs.com", true }, { "5gb.space", true }, { "5kraceforals.com", true }, + { "5percentperweek.com", true }, { "5starbouncycastlehire.co.uk", true }, { "5thchichesterscouts.org.uk", true }, { "5w5.la", true }, @@ -863,7 +851,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "64970.com", true }, { "649722.com", true }, { "649822.com", true }, - { "64bitgaming.de", true }, + { "64bitservers.net", true }, { "651422.com", true }, { "652422.com", true }, { "6541166.com", true }, @@ -879,7 +867,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "6547766.com", true }, { "6548855.com", true }, { "6548877.com", true }, + { "656088.com", true }, { "659422.com", true }, + { "66136.com", true }, { "6616fc.com", true }, { "66205.net", true }, { "6633445.com", true }, @@ -888,8 +878,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "6664553.com", true }, { "666668722.com", true }, { "6666yh.com", true }, - { "6677.us", true }, - { "668da.com", true }, + { "666omg.com", true }, { "670422.com", true }, { "671422.com", true }, { "672422.com", true }, @@ -899,7 +888,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "679422.com", true }, { "680422.com", true }, { "686848.com", true }, - { "688da.com", true }, { "690422.com", true }, { "691422.com", true }, { "692422.com", true }, @@ -917,11 +905,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "6pm.com", true }, { "6t-montjoye.org", true }, { "6w6.la", true }, - { "6z3.net", true }, { "700.az", true }, { "704233.com", true }, { "704533.com", true }, - { "7045h.com", true }, { "704633.com", true }, { "712433.com", true }, { "713433.com", true }, @@ -942,25 +928,26 @@ static const nsSTSPreload kSTSPreloadList[] = { { "736433.com", true }, { "738433.com", true }, { "739433.com", true }, - { "73info.com", true }, { "740833.com", true }, { "741833.com", true }, { "742833.com", true }, { "743833.com", true }, { "74th.jp", true }, + { "755k3.com", true }, + { "7570.com", true }, { "762.ch", true }, - { "771122.tv", true }, { "7717a.com", true }, { "772244.net", true }, { "7733445.com", true }, { "7777yh.com", true }, { "777coin.com", true }, { "778da.com", true }, + { "783lab.com", true }, + { "787k3.com", true }, { "7885765.com", true }, { "788da.com", true }, { "7891553.com", true }, { "7891997.com", true }, - { "789zr.com", true }, { "7careconnect.com", true }, { "7delights.com", true }, { "7delights.in", true }, @@ -968,12 +955,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "7graus.pt", true }, { "7kicks.com", true }, { "7kovrikov.ru", true }, - { "7nw.eu", true }, { "7proxies.com", true }, { "7sons.de", true }, { "7thcircledesigns.com", true }, { "7trade8.com", true }, { "7x24servis.com", true }, + { "80036.com", true }, { "804322.com", true }, { "809422.com", true }, { "80993.net", true }, @@ -988,13 +975,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "8522top.com", true }, { "8522tw.com", true }, { "8522usa.com", true }, + { "86286286.com", true }, { "86499.com", true }, { "8649955.com", true }, { "8649966.com", true }, { "8649977.com", true }, { "8688fc.com", true }, { "86metro.ru", true }, - { "8722.com", true }, { "8722am.com", true }, { "8722cn.com", true }, { "8722hk.com", true }, @@ -1004,7 +991,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "8818k3.com", true }, { "8833445.com", true }, { "88522am.com", true }, - { "887.ag", true }, { "888888722.com", true }, { "88889822.com", true }, { "8888esb.com", true }, @@ -1020,41 +1006,42 @@ static const nsSTSPreload kSTSPreloadList[] = { { "8917818.net", true }, { "8951889.com", true }, { "8951889.net", true }, - { "8989k3.com", true }, { "8992088.com", true }, { "8992088.net", true }, { "8ack.de", true }, { "8ackprotect.com", true }, { "8da188.com", true }, { "8da2017.com", true }, - { "8da2018.com", true }, + { "8da222.com", true }, { "8da88.com", true }, { "8da999.com", true }, + { "8dabet.com", true }, { "8hrs.net", true }, { "8maerz.at", true }, { "8pecxstudios.com", true }, { "8shequapp.com", true }, + { "8svn.com", true }, { "8t8.eu", true }, { "8tech.com.hk", true }, { "8thportsmouth.org.uk", true }, { "8tuffbeers.com", true }, { "8ung.online", true }, + { "8xx.bet", true }, + { "8xx.io", true }, + { "8xx888.com", true }, + { "8xxbet.net", true }, { "9-11commission.gov", true }, { "903422.com", true }, { "905422.com", true }, { "90r.jp", true }, - { "910kj.com", true }, { "9118.com", true }, { "911commission.gov", true }, { "912422.com", true }, { "913422.com", true }, { "914122.com", true }, { "918116.com", true }, - { "918gd.com", true }, - { "918yy.com", true }, { "919422.com", true }, { "91966.com", true }, - { "919945.com", true }, { "91tianmi.com", false }, { "91travel.info", true }, { "924122.com", true }, @@ -1067,7 +1054,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "934122.com", true }, { "943022.com", true }, { "9449-27a1-22a1-e0d9-4237-dd99-e75e-ac85-2f47-9d34.de", true }, - { "9454.com", true }, { "946022.com", true }, { "946422.com", true }, { "949022.com", true }, @@ -1075,8 +1061,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "949622.com", true }, { "949722.com", true }, { "9500years.com", true }, - { "9617818.com", true }, - { "9617818.net", true }, { "9679693.com", true }, { "9681909.com", true }, { "9696178.com", true }, @@ -1084,7 +1068,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "972422.com", true }, { "9788876.com", true }, { "97bros.com", true }, - { "9822.com", true }, { "9822.info", true }, { "9822am.com", true }, { "9822cn.com", true }, @@ -1092,7 +1075,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "9822ph.com", true }, { "9822tw.com", true }, { "9822usa.com", true }, - { "987987.com", true }, { "98laba.com", true }, { "98laba.net", true }, { "9906753.net", true }, @@ -1101,22 +1083,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "99599.fi", true }, { "99599.net", true }, { "9994553.com", true }, + { "9998722.com", true }, { "99998522.com", true }, { "99999822.com", true }, { "999998722.com", true }, { "99rst.org", true }, { "9bingo.net", true }, { "9farm.com", true }, - { "9iwan.net", true }, + { "9fvip.net", true }, { "9jajuice.com", true }, { "9pkfz.com", true }, - { "9ss6.com", true }, + { "9riddles.com", true }, { "9tolife.be", true }, { "9uelle.jp", true }, - { "9vies.ca", true }, { "9vx.org", true }, { "9won.kr", true }, - { "9y.at", true }, { "9yw.me", true }, { "a-1basements.com", true }, { "a-1indianawaterproofing.com", true }, @@ -1125,7 +1106,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "a-little-linux-box.at", true }, { "a-msystems.com", true }, { "a-oben.org", true }, - { "a-shafaat.ir", true }, { "a-starbouncycastles.co.uk", true }, { "a0print.nl", true }, { "a1bouncycastlehire.com", true }, @@ -1139,8 +1119,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "a4sound.com", true }, { "a632079.me", true }, { "a7m2.me", true }, + { "a8q.org", true }, { "aa-tour.ru", true }, { "aa1718.net", true }, + { "aa43d.cn", true }, { "aa6688.net", true }, { "aaapl.com", true }, { "aabanet.com.br", true }, @@ -1160,22 +1142,26 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aaomidi.com", true }, { "aapas.org.ar", true }, { "aardvarksolutions.co.za", true }, + { "aarkue.eu", true }, + { "aaron.cm", true }, { "aaron.xin", true }, + { "aaronburt.co.uk", true }, { "aaronhorler.com", true }, - { "aaronhorler.com.au", true }, { "aaronkimmig.de", true }, { "aaronroyle.com", true }, { "aaronsilber.me", true }, { "aatf.us", true }, { "aati.be", true }, + { "aati.info", true }, { "aavienna.com", true }, + { "ab-bauservice-berlin.de", true }, { "abaapplianceservice.com", true }, + { "abaaustin.com", true }, { "abacus-events.co.uk", true }, { "abacusbouncycastle.co.uk", true }, { "abacustech.co.jp", true }, { "abacustech.net", true }, { "abacustech.org", true }, - { "abandonedmines.gov", true }, { "abbadabbabouncycastles.co.uk", true }, { "abbas.ch", true }, { "abborsjo.fi", true }, @@ -1187,18 +1173,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "abc.li", true }, { "abcbouncycastlessurrey.co.uk", true }, { "abcbouncyfactory.co.uk", true }, - { "abcdef.be", true }, { "abcheck.se", true }, { "abckam.com", true }, { "abcpartyhire.com", true }, { "abcstudio.com.au", true }, - { "abdullah.pw", true }, + { "abdelsater.net", true }, + { "abdulwahaab.ca", true }, { "abe-elektro.de", true }, { "abe-medical.jp", true }, { "abeestrada.com", false }, { "abeilles-idapi.fr", true }, { "abenteuer-ahnenforschung.de", true }, - { "abeontech.com", true }, { "aberdeenalmeras.com", true }, { "aberdeencastles.co.uk", true }, { "aberdeenjudo.co.uk", true }, @@ -1270,13 +1255,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "abristolgeek.co.uk", true }, { "abseits.org", true }, { "absolem.cc", true }, + { "absolutedouble.co.uk", true }, { "absolutehaitian.com", true }, { "absolutehosting.co.za", true }, { "absolutelyinflatables.co.uk", true }, { "absoluterush.net", true }, - { "absolutewaterproofingsolutions.com", true }, { "absolutewebdesigns.com", true }, { "abstraction21.com", true }, + { "absturztau.be", true }, + { "absturztaube.ch", true }, { "absynthe-inquisition.fr", true }, { "abthorpe.org", true }, { "abulanov.com", true }, @@ -1297,11 +1284,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "academytv.com.au", true }, { "acaeum.com", true }, { "acampar.com.br", true }, + { "acaptureservices.com", true }, { "acara-yoga.de", true }, + { "acareer.in", true }, { "acat.io", true }, { "acbrussels-used.be", true }, { "accadoro.it", true }, - { "accbay.com", true }, { "accelaway.com", true }, { "acceleratenetworks.com", true }, { "accelerateyourworld.org", true }, @@ -1334,15 +1322,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "acecolleges.edu.au", true }, { "aceinflatables.com", true }, { "aceinstituteonline.com", true }, - { "acelpb.com", true }, { "acem.org.au", true }, { "acemobileforce.com", true }, { "acemypaper.com", true }, + { "acen.eu", true }, { "acendealuz.com.br", true }, { "acerentalandsales.com", true }, { "acerislaw.com", true }, { "acessoeducacao.com", true }, { "acevik.de", true }, + { "acfo.org", true }, { "acg18.us", false }, { "acgtalktw.com", true }, { "achalay.org", true }, @@ -1355,15 +1344,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "achtzehn.eu", true }, { "achtzehnterachter.de", true }, { "achwo.de", true }, + { "acid.ninja", true }, { "acidbin.co", true }, { "aciety.com", true }, { "aciksite.com", true }, + { "ackermann.ch", true }, { "ackis.duckdns.org", false }, { "aclu.org", false }, { "acluva.org", false }, { "acme.beer", true }, { "acmexyz123.info", true }, { "acnpacific.com", true }, + { "acodess.com", true }, { "aconnor.xyz", true }, { "acordes.online", true }, { "acorncastles.co.uk", true }, @@ -1372,6 +1364,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "acoshift.me", true }, { "acourse.io", true }, { "acousti-tech.com", true }, + { "acousticalsolutions.com", true }, { "acoustics.network", true }, { "acoustics.tech", true }, { "acoustique-tardy.com", true }, @@ -1384,6 +1377,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "acrepairhutto.com", true }, { "acrepairroundrocktx.com", true }, { "acrevalue.com", true }, + { "acriticismlab.org", true }, { "acrolife.cz", true }, { "acroso.me", true }, { "across.ml", true }, @@ -1414,14 +1408,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "activehire.co.uk", true }, { "activeleisure.ie", true }, { "activeworld.net", false }, - { "activistasconstructivos.org", true }, { "activitesaintnicaise.org", true }, { "activityeventhire.co.uk", true }, { "actom.cc", true }, { "actors-cafe.net", true }, { "actorsroom.com", true }, { "actserv.co.ke", true }, - { "actu-film.com", true }, { "acuica.co.uk", false }, { "acul.me", true }, { "acupofsalt.tv", true }, @@ -1430,6 +1422,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "acwi.gov", true }, { "acy.com", true }, { "acyfxasia.com", true }, + { "acyume.com", true }, { "ad-notam.asia", true }, { "ad-notam.ch", true }, { "ad-notam.co.uk", true }, @@ -1457,10 +1450,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "adamradocz.com", true }, { "adams.dk", true }, { "adamsbouncycastles.co.uk", true }, - { "adamsfoundationrepair.com", true }, { "adamstas.com", true }, { "adamwallington.co.uk", true }, { "adamwilcox.org", true }, + { "adamyuan.xyz", true }, { "adapt-elektronik.com", true }, { "adapt.de", true }, { "adaptablesecurity.org", true }, @@ -1478,13 +1471,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "addiko.net", true }, { "addisoncrump.info", true }, { "addnine.com", true }, + { "addon.watch", true }, { "addones.net", true }, { "addtoany.com", true }, { "adduono.com", true }, { "adelebeals.com", true }, { "adelightfulglow.com", true }, + { "adeline.mobi", true }, { "adentalsolution.com", true }, { "adept.org.pl", true }, + { "adesa.co.uk", true }, { "adevel.eu", true }, { "adf-safetytools.com", true }, { "adftrasporti.it", true }, @@ -1494,7 +1490,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "adimaja.com", true }, { "adinariversloveschool.com", true }, { "adingenierie.fr", true }, - { "adint.net", true }, { "adiponectinsupplement.info", true }, { "adiponectinsupplement.net", true }, { "adjagu.org", true }, @@ -1505,8 +1500,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "adlershop.ch", true }, { "adm-sarov.ru", true }, { "adme.co.il", true }, - { "admin-numerique.com", true }, { "admin-serv.net", true }, + { "admin.casa", true }, { "admin.fedoraproject.org", true }, { "admin.google.com", true }, { "admin.stg.fedoraproject.org", true }, @@ -1514,15 +1509,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "administratorserwera.pl", true }, { "adminlinux.pl", true }, { "admino.cz", true }, - { "adminwerk.com", true }, { "adminwiki.fr", true }, - { "admirable.one", true }, { "admody.com", true }, { "admongo.gov", true }, { "adnanotoyedekparca.com", true }, { "adnot.am", true }, { "adnseguros.es", true }, - { "adoniscabaret.co.uk", true }, { "adonnante.com", true }, { "adoptionlink.co.uk", true }, { "adora-illustrations.fr", true }, @@ -1546,9 +1538,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "adrien.vin", true }, { "adrienkohlbecker.com", true }, { "adriennesmiles.com", true }, - { "adrinet.tk", true }, { "adrup.com", true }, + { "adsamcik.com", true }, { "adsbouncycastles.co.uk", true }, + { "adsbtc.org", true }, { "adsl2meg.fr", true }, { "adtgroup.com", true }, { "adurra.com", true }, @@ -1560,7 +1553,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "advancedprotectionkey.com", true }, { "advancedprotectionsecuritykey.com", true }, { "advancedweb.hu", true }, - { "advancedwriters.com", true }, { "advanceworx.com", true }, { "advancis.net", true }, { "advancyte.com", true }, @@ -1583,10 +1575,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "advocate-europe.eu", true }, { "advocaten-avocats.be", true }, { "advocatenalkmaar.org", true }, + { "advocator.ca", true }, { "advocoeurdehaan.nl", true }, { "advokat-romanov.com", true }, { "advtran.com", true }, { "adware.pl", true }, + { "adwokatkosterka.pl", true }, + { "adwokatzdunek.pl", true }, { "adws.io", true }, { "adxperience.com", true }, { "adzuna.at", true }, @@ -1614,6 +1609,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aegrel.ee", true }, { "aehe.us", true }, { "aei.co.uk", true }, + { "aelurus.com", true }, { "aeon.co", true }, { "aep-digital.com", true }, { "aeradesign.com", true }, @@ -1622,6 +1618,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aergia.eu", true }, { "aerisnetwork.com", true }, { "aero-pioneer.com", true }, + { "aerobasegroup.com", true }, { "aerobotz.com", true }, { "aerosimexperience.com", true }, { "aertel.ie", true }, @@ -1643,21 +1640,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "afb24.de", true }, { "afbeelding.im", true }, { "afbeeldinguploaden.nl", true }, - { "afeefzarapackages.com", true }, { "affichagepub3.com", true }, { "affiliatefeatures.com", true }, { "affiliateroyale.com", true }, { "affiliatetest.azurewebsites.net", true }, { "affilie.de", true }, - { "affinity.vc", true }, { "affinitysync.com", true }, { "affissioni.roma.it", true }, { "affittacamere.roma.it", true }, { "affordableazdivorce.com", true }, + { "affordableblindsexpress.com", true }, { "affordablehealthquotesforyou.com", true }, { "affordablekilimanjaro.com", true }, { "affordablemudjacking.com", true }, - { "affordablepapers.com", true }, { "affordableracingparts.com.au", true }, { "affping.com", true }, { "affvps.net", true }, @@ -1666,7 +1661,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aficionados.com.br", true }, { "afinadoronline.com.br", true }, { "afinaudio.com", true }, - { "aflamtorrent.com", true }, { "aflfreebets.com", true }, { "aflowershop.ca", true }, { "afmt.fr", true }, @@ -1690,17 +1684,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "afva.net", true }, { "afzco.asia", true }, { "ag-websolutions.de", true }, + { "ag8-game.com", true }, { "agalliasis.ch", true }, { "agamsecurity.ch", true }, { "agatajanik.de", true }, { "agate.pw", true }, { "agechecker.net", true }, - { "ageg.ca", true }, { "agenceklic.com", true }, + { "agencewebstreet.com", true }, { "agenciadeempregosdourados.com.br", true }, { "agenciafiscal.pe", true }, { "agenda-loto.net", false }, { "agenda21senden.de", true }, + { "agendatelefonica.com.br", true }, { "agent-grow.com", true }, { "agent6.com.au", true }, { "agentprocessing.com", true }, @@ -1715,7 +1711,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "agilebits.com", true }, { "agilebits.net", false }, { "agilecraft.com", true }, - { "agileecommerce.com.br", true }, { "agileui.com", true }, { "agiley.se", true }, { "agilizing.us", true }, @@ -1726,11 +1721,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "agiserv.fr", true }, { "agliamici.it", true }, { "agnesk.blog", true }, - { "agonswim.com", false }, { "agoodmind.com", true }, { "agoravox.fr", true }, { "agoravox.it", true }, { "agoravox.tv", true }, + { "agostinhoenascimento.com.br", true }, { "agotnes.com", true }, { "agouraelectrical.com", true }, { "agouraelectrician.com", true }, @@ -1757,9 +1752,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "agrilinks.org", true }, { "agrios.de", true }, { "agro-forestry.net", true }, - { "agro.rip", true }, + { "agroline.by", true }, + { "agroxxi.ru", true }, { "agroyard.com.ua", true }, { "agsb.ch", true }, + { "agscinemas.com", true }, + { "agscinemasapp.com", true }, { "agung-furniture.com", true }, { "agwa.name", true }, { "ahd.com", false }, @@ -1771,6 +1769,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ahmad.works", true }, { "ahmadly.com", true }, { "ahmedabadflowermall.com", true }, + { "ahmedcharles.com", true }, { "ahmerjamilkhan.org", true }, { "ahmetozer.org", true }, { "ahosi.com", true }, @@ -1781,9 +1780,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ahxxm.com", true }, { "ai-english.jp", true }, { "ai-soft.co.jp", true }, + { "ai.gov", true }, { "aia.de", true }, - { "aibaoyou.com", true }, { "aibenzi.com", true }, + { "aicial.co.uk", true }, { "aidanapple.com", true }, { "aidanmontare.net", true }, { "aide-valais.ch", true }, @@ -1795,6 +1795,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aifriccampbell.com", true }, { "aigcev.org", true }, { "aigenpul.se", true }, + { "aignermunich.jp", true }, { "aiicy.org", true }, { "aiida.se", true }, { "aijsk.com", true }, @@ -1805,10 +1806,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aikido-kiel.de", true }, { "aikido-linz.at", true }, { "aikido-wels.at", true }, + { "aimax.com", true }, { "aimeeandalec.com", true }, - { "aimerworld.com", true }, { "aimgroup.co.tz", true }, { "aimotive.com", true }, + { "aintevenmad.ch", true }, { "aiois.com", true }, { "aipbarcelona.com", true }, { "air-craftglass.com", true }, @@ -1820,12 +1822,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "airborne-inflatables.co.uk", true }, { "airclass.com", true }, { "aircomms.com", true }, - { "airconsboksburg.co.za", true }, - { "airconsfourways.co.za", true }, - { "airconsmidrand.co.za", true }, { "airconssandton.co.za", true }, { "airductclean.com", false }, { "airductcleaning-fresno.com", true }, + { "airductcleaninggrandprairie.com", true }, + { "airductcleaningirving.com", true }, { "airdur.eu", true }, { "aireaseleaks.org", true }, { "airetvie.com", true }, @@ -1845,8 +1846,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "airportlimototoronto.com", true }, { "airpurifierproductsonline.com", true }, { "airrestoration.ch", true }, - { "airsick.guide", true }, { "airsoft.ch", true }, + { "airtimerewards.co.uk", true }, { "airvpn.org", true }, { "airvuz.com", true }, { "airwegobouncycastles.co.uk", true }, @@ -1856,6 +1857,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aisi316l.net", true }, { "aisr.nl", true }, { "aistockcharts.com", true }, + { "aistrope.com", true }, { "ait.com.ar", true }, { "aiticon.com", true }, { "aitosoftware.com", true }, @@ -1863,7 +1865,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aivd.lol", true }, { "aivene.com", true }, { "aiwdirect.com", true }, - { "aixvox.com", true }, + { "aixvox.com", false }, { "aixxe.net", true }, { "aizxxs.com", true }, { "aizxxs.net", true }, @@ -1883,6 +1885,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ajsb85.com", true }, { "ak-varazdin.hr", true }, { "ak-webit.de", true }, + { "aka.ms", true }, { "akachanikuji.com", true }, { "akademeia.moe", true }, { "akalashnikov.ru", true }, @@ -1894,7 +1897,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "akelius.de", false }, { "akfoundationindia.com", true }, { "akhealthconnection.com", true }, - { "akihiro.xyz", false }, { "akihito.com", true }, { "akijo.de", true }, { "akita-boutique.com", true }, @@ -1902,22 +1904,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "akj.io", true }, { "akkbouncycastles.co.uk", true }, { "akkeylab.com", true }, - { "akoch.net", true }, { "akostecki.de", true }, { "akovana.com", true }, { "akoya.fi", true }, { "akplates.org", true }, { "akpwebdesign.com", true }, { "akr.io", true }, + { "akr.services", true }, { "akracing.se", true }, { "akritikos.info", true }, - { "akronet.cz", true }, - { "akropol.cz", true }, { "akropolis-ravensburg.de", true }, { "aksehir.bel.tr", true }, { "akselinurmio.fi", false }, { "akshi.in", true }, - { "aktan.com.br", true }, { "aktiv-naturheilmittel.at", true }, { "aktiv-naturheilmittel.ch", true }, { "aktiv-naturheilmittel.de", true }, @@ -1926,7 +1925,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aktuelle-uhrzeit.at", true }, { "akuislam.com", true }, { "akukas.com", true }, - { "akul.co.in", true }, { "akustik.tech", true }, { "akutun.cl", true }, { "akvorrat.at", true }, @@ -1936,11 +1934,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aladdin.ie", true }, { "aladdinschools.appspot.com", true }, { "alainbaechlerphotography.ch", true }, + { "alainfrancois.eu", true }, { "alainmargot.ch", true }, { "alainodea.com", true }, { "alainwolf.ch", true }, { "alainwolf.net", true }, { "alair.cn", false }, + { "alamancetv.com", true }, + { "alamgir.works", true }, { "alanberger.me.uk", true }, { "alanhua.ng", true }, { "alaninkenya.org", true }, @@ -1958,8 +1959,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "albbounce.co.uk", true }, { "albersdruck.de", true }, { "albertathome.org", true }, + { "albertbogdanowicz.pl", true }, { "albertinum-goettingen.de", true }, - { "albertonplumber24-7.co.za", true }, { "albion2.org", true }, { "alboweb.nl", true }, { "albuic.tk", true }, @@ -1969,15 +1970,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alcnutrition.com", true }, { "alco-united.com", true }, { "alcoholapi.com", true }, - { "aldes.co.za", true }, + { "aldiabcs.com", true }, { "aldien.com.br", true }, { "aldo-vandini.de", true }, - { "aldorr.net", true }, + { "aldorr.net", false }, { "aldous-huxley.com", true }, { "aldred.cloud", true }, { "alecpap.com", true }, { "alecpapierniak.com", true }, { "alecrust.com", true }, + { "aledg.cl", true }, + { "aleksejjocic.tk", true }, { "aleksib.fi", true }, { "alela.fr", true }, { "alerbon.net", true }, @@ -2000,6 +2003,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alexandrastylist.com", true }, { "alexandre-blond.fr", true }, { "alexandros.io", true }, + { "alexbaker.org", true }, { "alexberts.ch", true }, { "alexbresnahan.com", true }, { "alexcoman.com", true }, @@ -2011,11 +2015,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alexhd.de", true }, { "alexio.ml", true }, { "alexisabarca.com", true }, - { "alexischaussy.xyz", true }, - { "alexismeza.com", true }, - { "alexismeza.com.mx", true }, - { "alexismeza.es", true }, - { "alexismeza.nl", true }, { "alexkott.com", true }, { "alexlouden.com", true }, { "alexmerkel.com", true }, @@ -2024,7 +2023,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alexmroberts.net", true }, { "alexn.org", true }, { "alexpavel.com", true }, - { "alexpotter.net", false }, + { "alexpotter.net", true }, { "alexs.de", true }, { "alexschroeder.ch", true }, { "alexsergeyev.com", true }, @@ -2039,6 +2038,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alexwardweb.com", true }, { "alexyang.me", true }, { "alfa-tech.su", true }, + { "alftrain.com", true }, + { "alghanimcatering.com", true }, { "algoentremanos.com", true }, { "algofactory.de", true }, { "algolia.com", true }, @@ -2054,8 +2055,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alicemaywebdesign.com.au", true }, { "alicestudio.it", true }, { "alicetone.net", true }, - { "alicialab.org", true }, - { "alien.bz", true }, { "alienation.biz", true }, { "alienflight.com", true }, { "alienslab.net", true }, @@ -2063,7 +2062,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alignrs.com", true }, { "aliim.gdn", true }, { "alijammusic.com", true }, - { "alikulov.me", true }, { "alinasmusicstudio.com", true }, { "alinode.com", true }, { "alisonisrealestate.com", true }, @@ -2077,11 +2075,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aljaspod.hu", true }, { "aljaspod.net", true }, { "aljweb.com", true }, - { "alkel.info", true }, { "all-connect.net", false }, { "all-markup-news.com", true }, { "all4hardware4u.de", true }, - { "allaboutbelgaum.com", false }, { "allaboutfunuk.com", true }, { "allaboutswing.co.uk", true }, { "allaboutswing.com", true }, @@ -2122,12 +2118,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "allinone-ranking150.com", true }, { "allis.studio", true }, { "alljamin.com", true }, - { "allladyboys.com", true }, { "allmebel.ru", true }, { "allmend-ru.de", true }, { "allns.fr", true }, { "allo-credit.ch", true }, - { "allo-symo.fr", true }, { "allontanamentovolatili.it", true }, { "allontanamentovolatili.milano.it", true }, { "alloverthehill.com", true }, @@ -2135,9 +2129,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "allplayer.tk", true }, { "allpointsblog.com", true }, { "allproptonline.com", true }, - { "allroundpvp.net", true }, + { "allsaints.church", true }, { "allsearch.io", true }, - { "allseasons-cleaning.co.uk", true }, { "allshousedesigns.com", true }, { "allstakesupply.com.au", true }, { "allstarautokiaparts.com", true }, @@ -2145,6 +2138,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "allstarquilts.com", true }, { "allsync.com", true }, { "allsync.nl", true }, + { "allteach.co.uk", true }, { "allthecryptonews.com", true }, { "allthethings.co.nz", true }, { "allthings.me", true }, @@ -2159,6 +2153,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aloesoluciones.com.ar", true }, { "alohapartyevents.co.uk", true }, { "alonetone.com", true }, + { "alorenzi.eu", true }, { "alp.od.ua", true }, { "alpca.org", true }, { "alpe-d-or.dyn-o-saur.com", true }, @@ -2177,9 +2172,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alphabouncycastles.co.uk", true }, { "alphabrock.cn", true }, { "alphachat.net", true }, + { "alphadote.com", true }, { "alphaetomega3d.fr", true }, { "alphafiduciaryservices.ch", true }, { "alphafitnesslibya.com", true }, + { "alphagateanddoor.com", true }, { "alphainflatablehire.com", true }, { "alphapengu.in", true }, { "alpharotary.com", true }, @@ -2197,7 +2194,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alpinestarmassage.com", true }, { "alpinetrek.co.uk", true }, { "alpiniste.fr", true }, - { "alqassam.net", true }, { "alquiaga.com", true }, { "alrait.com", true }, { "alroniks.com", true }, @@ -2206,11 +2202,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alt-three.com", true }, { "alt.org", true }, { "altaplana.be", true }, - { "altbinaries.com", true }, { "altedirect.com", true }, { "alter-news.fr", true }, { "alterbaum.net", true }, - { "altered.network", true }, { "alternador.com.br", true }, { "alternative.bike", true }, { "alternativebit.fr", true }, @@ -2224,7 +2218,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "altmaestrat.es", true }, { "altoa.cz", true }, { "altonblom.com", true }, - { "altoneum.com", true }, { "altopartners.com", true }, { "altopia.com", true }, { "altphotos.com", true }, @@ -2234,7 +2227,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alttrackr.com", true }, { "altunbas.info", true }, { "alumni-kusa.jp", true }, - { "aluoblog.pw", true }, { "alupferd.de", true }, { "aluroof.eu", true }, { "alvcs.com", true }, @@ -2260,8 +2252,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "am2s.fr", true }, { "am3.se", true }, { "ama.ne.jp", true }, - { "amadilo.de", false }, - { "amadoraslindas.com", true }, { "amadvice.com", true }, { "amaforro.com", true }, { "amagdic.com", true }, @@ -2275,9 +2265,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "amandasage.ca", true }, { "amani-kinderdorf.de", true }, { "amaresq.com", true }, - { "amartinz.at", true }, - { "amateri.com", true }, { "amateurvoicetalent.com", true }, + { "amati.solutions", true }, { "amato.tk", true }, { "amatsuka.com", true }, { "amauf.de", true }, @@ -2308,9 +2297,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "amees.me", false }, { "amelandadventure.nl", true }, { "amello.de", true }, + { "amend-friseur-schwabing.de", true }, { "america.gov", true }, { "americafamilylawcenter.org", true }, { "american.dating", true }, + { "americandetour.com", true }, { "americanfoundationbr.com", true }, { "americanmediainstitute.com", true }, { "americasbasementcontractor.com", true }, @@ -2323,11 +2314,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "amesgen.de", true }, { "amesvacuumrepair.com", true }, { "amethystdevelopment.co.uk", true }, - { "ameza.co.uk", true }, - { "ameza.com.mx", true }, - { "ameza.io", true }, - { "ameza.me", true }, - { "ameza.net", true }, { "amf.to", true }, { "amg-exterieur.fr", true }, { "amg-microwave.com", true }, @@ -2336,16 +2322,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "amicalecanyon.ch", true }, { "amiciidogrescue.org.uk", true }, { "amielucha.com", true }, + { "amifoundation.net", true }, { "amikootours.com", true }, - { "amin.ga", true }, - { "amin.one", true }, { "aminafrance.com", true }, { "amineptine.com", true }, + { "aminorth.com", true }, { "amirautos.com", true }, { "amirmahdy.com", true }, { "amisderodin.fr", true }, { "amisharingstuff.com", true }, + { "amitabhsirkiclasses.org.in", true }, { "amitpatra.com", true }, + { "amiu.org", true }, { "ammanagingdirectors.com", true }, { "amministratore.biz", true }, { "amministratore.roma.it", true }, @@ -2376,16 +2364,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "amzn.rocks", true }, { "anacreon.de", true }, { "anadiyogacentre.com", true }, - { "anadoluefessk.org", true }, { "anaethelion.fr", true }, { "anaiscoachpersonal.es", true }, + { "anaisypirueta.es", true }, { "anajianu.ro", true }, - { "analangelsteen.com", true }, { "analbleachingguide.com", true }, { "analgesia.net", true }, { "analisilaica.it", true }, { "analogist.net", true }, - { "analteengirls.net", true }, { "analyticsinmotion.com", true }, { "analyticum.at", true }, { "analyticum.com", true }, @@ -2400,7 +2386,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "anarchistischegroepnijmegen.nl", false }, { "anassiriphotography.com", false }, { "anastasia-shamara.ru", true }, - { "anastasiafond.com", true }, { "ancestramil.fr", true }, { "anchev.net", true }, { "anchovy.nz", false }, @@ -2422,31 +2407,36 @@ static const nsSTSPreload kSTSPreloadList[] = { { "andiscyber.space", true }, { "anditi.com", true }, { "andoms.fi", true }, + { "andre-ballensiefen.de", true }, { "andre-lategan.com", true }, { "andre-otto.com", true }, { "andrea-kiaora.de", true }, { "andrea-m.me", true }, { "andrea-wirthensohn.at", true }, { "andreaboero.it", true }, + { "andreadraghetti.it", true }, { "andreagourmet.it", true }, { "andreahruby.it", true }, { "andreamcnett.com", true }, - { "andreasbasurto.com", true }, + { "andreas-hecht.com", true }, { "andreaseracleous.com", true }, { "andreasfeusi.ch", true }, + { "andreashecht-blog.de", true }, { "andreaskrasa.com", true }, { "andreaslicht.nl", true }, { "andreasolsson.se", true }, { "andreasr.com", true }, + { "andree.cloud", true }, { "andrefaber.nl", true }, { "andrehansen.de", true }, + { "andrei-nakov.org", true }, { "andrejbenz.com", true }, { "andreoliveira.io", true }, { "andrepicard.de", true }, { "andrespaz.com", true }, { "andreundnina.de", true }, + { "andrew.london", true }, { "andrewbdesign.com", true }, - { "andrewdavidwong.com", true }, { "andrewdaws.io", true }, { "andrewensley.com", true }, { "andrewhowden.com", true }, @@ -2460,6 +2450,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "andrewryno.com", true }, { "andrewsun.com", true }, { "andrewtchin.com", true }, + { "andrewx.net", true }, { "andrezadnik.com", true }, { "andro2id.com", true }, { "andro4all.com", true }, @@ -2492,6 +2483,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "anedot.com", true }, { "anedot.space", true }, { "anedot.xyz", true }, + { "aneebahmed.com", true }, { "anegabawa.com", true }, { "anetaben.nl", true }, { "anextraordinaryday.net", true }, @@ -2499,7 +2491,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "angehardy.com", true }, { "angel-body.com", true }, { "angelesydemonios.es", true }, - { "angelicare.co.uk", true }, { "angelinahair.com", true }, { "angelremigene.com", true }, { "angelsgirl.eu.org", true }, @@ -2514,10 +2505,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "angrapa.ru", true }, { "angristan.fr", true }, { "angristan.xyz", true }, - { "angrut.com", true }, { "angry.im", true }, { "angrysnarl.com", true }, - { "angryteeth.net", true }, + { "angryteeth.net", false }, { "anguiao.com", true }, { "angularjs.org", false }, { "angusmak.com", true }, @@ -2529,10 +2519,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "animacurse.moe", true }, { "animaemundi.be", true }, { "animal-liberation.com", true }, + { "animal-nature-human.com", true }, { "animal-rights.com", true }, { "animalistic.io", true }, { "animaltesting.fr", true }, { "animan.ca", true }, + { "animatelluris.nl", true }, { "animationsmusicales.ch", true }, { "anime-culture.com", true }, { "anime-rg.com", true }, @@ -2541,17 +2533,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "anime1.me", true }, { "anime1.moe", true }, { "anime1.pw", true }, - { "anime1.top", true }, { "animeai.com", true }, { "animefluxxx.com", true }, + { "animeinsights.net", true }, { "animesharp.com", true }, { "animetriad.com", true }, { "animojis.es", true }, - { "animorphsfanforum.com", true }, { "anipassion.com", true }, { "anitaalbersen.nl", true }, { "anitube.ch", true }, { "aniwhen.com", true }, + { "anjoola.com", true }, { "ankarakart.com.tr", true }, { "ankaraprofesyonelwebtasarim.com", true }, { "ankarauzmanlarnakliyat.com", true }, @@ -2595,18 +2587,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "anojan.com", true }, { "anon-next.de", true }, { "anoncom.net", true }, - { "anoneko.com", true }, { "anongoth.pl", true }, - { "anonrea.ch", true }, { "anons.fr", true }, { "anonukradio.org", true }, - { "anonym-surfen.de", true }, { "anonyme-spieler.at", true }, { "anorak.tech", true }, { "another.ch", true }, { "anotherchef.com", true }, { "anotherfatgeek.net", true }, { "anowicki.pl", false }, + { "anoxinon.de", false }, { "ans-delft.nl", true }, { "ans-ge.ch", true }, { "ansas.eu", true }, @@ -2615,6 +2605,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ansermet.net", true }, { "ansgar-sonntag.de", true }, { "ansgarsonntag.de", true }, + { "anshar.eu", true }, + { "ansibeast.net", true }, { "ansichtssache.at", true }, { "ansogning-sg.dk", true }, { "anstaskforce.gov", true }, @@ -2625,7 +2617,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "antarees.net", true }, { "antarespc.com", true }, { "antcas.com", true }, - { "antecim.fr", true }, { "antennista.catania.it", true }, { "antennista.milano.it", true }, { "antennista.pavia.it", true }, @@ -2635,17 +2626,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "anteprima.info", true }, { "anthedesign.fr", true }, { "anthisis.tv", true }, - { "anthony-rouanet.com", true }, { "anthony.codes", true }, { "anthonyaires.com", true }, { "anthonycarbonaro.com", true }, { "anthonygaidot.fr", true }, + { "anthonyvadala.me", true }, { "anthropoid.ca", true }, { "anti-bible.com", true }, { "anti-radar.org", true }, { "antibioticshome.com", true }, { "anticopyright.com", true }, - { "antifraud.net.ru", true }, + { "antiekboerderijgraafland.nl", true }, { "antihype.space", true }, { "antik-trodelmarkt.de", true }, { "antikvariat.ru", true }, @@ -2654,7 +2645,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "antimine.me", true }, { "antipolygraph.org", true }, { "antique-pedalcars.ch", true }, - { "antirayapmalang.com", true }, { "antirepressionbayarea.com", true }, { "antispeciesism.com", true }, { "antispeciesist.com", true }, @@ -2690,9 +2680,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "anzeiger.ag", true }, { "ao-dev.com", true }, { "ao2.it", true }, + { "aoadatacommunity.us", true }, { "aoaprograms.net", true }, + { "aofusa.net", true }, { "aoku3d.com", true }, - { "aomonk.com", true }, { "aopedeure.nl", true }, { "aopsy.de", true }, { "aosc.io", false }, @@ -2700,6 +2691,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aotearoa.maori.nz", true }, { "aotearoaleaks.org", true }, { "ap-swiss.ch", true }, + { "apac-tech.com", false }, { "apache-portal.com", true }, { "apachehaus.de", false }, { "apadvantage.com", true }, @@ -2715,7 +2707,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "apdx.com", true }, { "apef.ch", true }, { "apercloud.es", true }, - { "aperim.com", true }, { "apertis.org", true }, { "aperturesciencelabs.de", true }, { "apervita.net", true }, @@ -2744,11 +2735,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "apiled.io", true }, { "apination.com", true }, { "apio.systems", true }, - { "apis.blue", true }, { "apis.google.com", true }, { "apis.moe", true }, { "apisyouwonthate.com", true }, - { "apivia.fr", true }, { "apk.li", true }, { "apk4fun.com", true }, { "aplikaceproandroid.cz", true }, @@ -2758,7 +2747,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "apmpproject.org", true }, { "apn-dz.org", true }, { "apn-einstellungen.de", true }, + { "apo-deutschland.biz", true }, { "apobot.de", true }, + { "apogeephoto.com", true }, { "apoil.org", true }, { "apollyon.work", true }, { "apoly.de", true }, @@ -2767,6 +2758,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aposke.com", true }, { "aposke.net", true }, { "aposke.org", true }, + { "apostilasaprovacao.com", true }, { "apotheek-nl.org", true }, { "apotheke-ch.org", true }, { "apothes.is", true }, @@ -2801,18 +2793,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "applesencia.com", true }, { "applewatch.co.nz", true }, { "applian.jp", true }, - { "appliancerepairlosangeles.com", true }, { "applicationmanager.gov", true }, { "apply.eu", true }, - { "apply55gx.com", true }, { "appmeas.co.uk", true }, { "appmobile.io", true }, { "appninjas.com", true }, { "apponic.com", true }, { "apponline.com", true }, { "apprank.in", true }, - { "apprenticeship.gov", true }, - { "apprenticeships.gov", true }, { "approbo.com", true }, { "approvedtreecare.com", true }, { "apps.co", true }, @@ -2829,7 +2817,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "appuals.com", true }, { "appui-de-fenetre.fr", true }, { "appveyor.com", true }, - { "appxcrypto.com", true }, { "appzoojoo.be", true }, { "apratimsaha.com", true }, { "aprefix.com", true }, @@ -2841,9 +2828,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aprr.org", true }, { "aprsdroid.org", true }, { "aprz.de", true }, + { "apsa.paris", true }, { "apstudynotes.org", true }, { "apu-board.de", true }, { "apv-ollon.ch", true }, + { "aqilacademy.com.au", true }, { "aqsiq.net", true }, { "aqua-fitness-nacht.de", true }, { "aqua-fotowelt.de", true }, @@ -2851,6 +2840,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aquabio.ch", true }, { "aquadonis.ch", true }, { "aquahomo.com", true }, + { "aquainfo.net", true }, { "aqualife.com.gr", true }, { "aqualifeprojects.com", true }, { "aqualysis.nl", true }, @@ -2859,14 +2849,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aquaron.com", true }, { "aquaselect.eu", true }, { "aquatechnologygroup.com", true }, - { "aquaundine.net", true }, { "aquavitaedayspa.com.au", true }, + { "aquelarreweb.com", true }, { "aquila.co.uk", true }, { "aquitainebrasserie.com.au", true }, { "aquitroc.com", true }, { "ar-informatique.ch", true }, { "arab.dating", true }, - { "arabsexi.info", true }, + { "arabicxz.com", true }, { "arachina.com", true }, { "arados.de", true }, { "arai21.net", true }, @@ -2880,6 +2870,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "araseifudousan.com", true }, { "arawaza.biz", true }, { "arawaza.com", false }, + { "arawaza.info", true }, { "araxis.com", true }, { "arbeitskreis-asyl-eningen.de", true }, { "arbeitslosenverwaltung.de", true }, @@ -2898,9 +2889,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "archivesdelavieordinaire.ch", true }, { "archlinux.de", true }, { "archlinux.org", true }, + { "arclandholdings.com.au", true }, { "arcobalabs.ca", true }, { "arcridge.ca", true }, { "arctic.gov", true }, + { "arctica.io", true }, { "arcueil-cachan.fr", false }, { "arcusnova.de", true }, { "arda-audio.pt", true }, @@ -2911,10 +2904,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "areaclienti.net", true }, { "areafiftylan.nl", true }, { "areatrend.com", true }, + { "arefidgetspinnersgay.com", true }, { "arekatieandchrisgettingmarried.com", true }, { "arekatieandchrisgettingmarried.today", true }, { "arekatieandchrismarriedyet.com", true }, { "arendburgers.nl", true }, + { "arenlor.com", true }, + { "arenlor.info", true }, + { "arenns.com", true }, { "areqgaming.com", true }, { "ares-trading.de", true }, { "arethsu.se", true }, @@ -2924,9 +2921,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "argb.de", true }, { "argekultur.at", true }, { "argot.com", true }, + { "argovpay.com", true }, { "ariaartgallery.com", true }, { "ariadermspa.com", true }, { "arian.io", true }, + { "arias.re", true }, { "ariba.info", true }, { "ariege-pyrenees.net", true }, { "arieswdd.com", true }, @@ -2943,6 +2942,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aristocratps.com", true }, { "aritec-la.com", true }, { "arivo.com.br", true }, + { "arizer.com", true }, { "arizonaautomobileclub.com", true }, { "arjandejong.eu", true }, { "arjanvaartjes.net", true }, @@ -2957,13 +2957,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "arlen.tv", true }, { "arlenarmageddon.com", true }, { "arlet.click", true }, - { "arlingtonwine.net", true }, - { "arm-host.com", true }, { "armadaquadrat.com", true }, { "armandsdiscount.com", true }, { "armansfinejewellery.com", true }, { "armansfinejewellery.com.au", true }, { "armarinhovirtual.com.br", true }, + { "armbrust.me", true }, { "armedpoet.com", true }, { "armeni-jewellery.gr", true }, { "armil.it", true }, @@ -2977,6 +2976,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "arnaudb.net", true }, { "arnaudfeld.de", true }, { "arnaudminable.net", true }, + { "arnevankauter.com", true }, { "arniescastles.co.uk", true }, { "arno-klein.de", true }, { "arno-klein.eu", true }, @@ -2994,16 +2994,23 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aromacos.ch", true }, { "aron.host", true }, { "aroonchande.com", true }, + { "aros.pl", true }, + { "arose.io", true }, { "arox.eu", true }, + { "arpamip.org", true }, + { "arpnet.co.jp", true }, { "arqueo-ecuatoriana.ec", true }, { "arquitetura.pt", true }, { "arrakis.se", true }, + { "arrazane.com.br", true }, + { "arresttracker.com", true }, { "arrive.by", true }, { "arrmaforum.com", true }, { "arrow-analytics.nl", true }, { "arrow-api.nl", true }, { "arrowfastener.com", true }, { "arrowheadaddict.com", true }, + { "arrowheadflats.com", true }, { "arrowwebprojects.nl", true }, { "arschkrebs.org", true }, { "arswb.men", true }, @@ -3035,11 +3042,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "arthermitage.org", true }, { "arthur.cn", true }, { "arthurlaw.ca", true }, - { "artificial.army", true }, { "artik.cloud", true }, { "artimpact.ch", true }, { "artioml.net", true }, { "artionet.ch", true }, + { "artisan-cheminees-poeles-design.fr", true }, { "artisans-libres.com", true }, { "artisansoftaste.com", true }, { "artistagenda.com", true }, @@ -3054,7 +3061,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "artmarketingnews.com", true }, { "artmaxi.eu", true }, { "artmoney.com", true }, - { "artnims.com", true }, { "artofmonitoring.com", false }, { "artofwhere.com", true }, { "artratio.net", true }, @@ -3063,7 +3069,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "arts.gov", true }, { "artschmidtoptical.com", true }, { "artspac.es", true }, - { "artstopinc.com", true }, + { "arturkohut.com", true }, { "arturrossa.de", true }, { "arturszalak.com", true }, { "artweby.cz", true }, @@ -3091,15 +3097,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "asanger.biz", true }, { "asato-jewelry.com", true }, { "asbito.de", true }, + { "ascamso.com", true }, { "ascendprime.com", true }, { "ascension.run", true }, { "ascensori.biz", true }, { "ascgathering.com", true }, + { "ascii.moe", true }, { "asciiwwdc.com", true }, { "asd.gov.au", true }, { "asdyx.de", true }, { "asec01.net", true }, { "aseith.com", true }, + { "aseko.gr", true }, { "asenno.com", true }, { "aserver.co", true }, { "asexualitat.cat", true }, @@ -3108,8 +3117,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ashd1.goip.de", true }, { "ashd2.goip.de", true }, { "ashd3.goip.de", true }, + { "ashleyedisonuk.com", true }, { "ashlocklawgroup.com", true }, { "ashmportfolio.com", true }, + { "ashutoshmishra.org", true }, { "asia-gazette.com", true }, { "asia-global-risk.com", true }, { "asia.dating", true }, @@ -3120,11 +3131,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "asianshops.net", true }, { "asianspa.co.uk", true }, { "asiba.com.au", true }, - { "asiesvenezuela.com", true }, { "asile-colis.fr", true }, { "asinetasima.com", true }, { "asisee.photography", true }, - { "ask.pe", true }, { "ask1.org", true }, { "askcaisse.com", true }, { "askizzy.org.au", true }, @@ -3137,7 +3146,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aslinfinity.com", true }, { "asmbsurvey.com", true }, { "asmdz.com", true }, - { "asmik-armenie.com", true }, + { "asmm.cc", true }, { "asmood.net", true }, { "asoul.tw", true }, { "aspargesgaarden.no", true }, @@ -3183,8 +3192,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "astral.org.pl", true }, { "astrology42.com", true }, { "astroscopy.ch", true }, - { "astrosnail.pt.eu.org", true }, { "astrovandalistas.cc", true }, + { "astural.org", true }, { "astutikhonda.com", true }, { "asuclassfinder.com", true }, { "asucrews.com", true }, @@ -3199,7 +3208,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "at.search.yahoo.com", false }, { "atac.no", true }, { "atacadocervejeiro.com.br", true }, - { "atacadodesandalias.com.br", true }, { "ataton.ch", true }, { "atc.io", true }, { "atchleyjazz.com", true }, @@ -3218,11 +3226,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "atelierdefrancais.ch", true }, { "atelierdeloulou.fr", true }, { "atelierdesflammesnoires.fr", true }, + { "atelierfantazie.sk", true }, { "atelierhupsakee.nl", true }, { "ateliernaruby.cz", true }, { "ateliers-veronese-nantes.fr", true }, { "atelierssud.ch", true }, { "atelierssud.swiss", true }, + { "atencionbimbo.com", false }, { "atendimentodelta.com.br", true }, { "atg.soy", true }, { "atgoetschel.ch", true }, @@ -3257,7 +3267,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "atlantischild.hu", true }, { "atlantishq.de", true }, { "atlantiswaterproofing.com", true }, - { "atlas.co", true }, { "atlaschiropractic.org", true }, { "atlascultural.com", true }, { "atlasdev.nl", true }, @@ -3282,7 +3291,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "atpnutrition.com", true }, { "atraining.ru", true }, { "atraverscugy.ch", true }, - { "atrevillot.com", true }, { "atrinik.org", true }, { "atsoftware.de", true }, { "attac.us", true }, @@ -3290,6 +3298,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "attendantdesign.com", true }, { "attendu.cz", true }, { "attention.horse", true }, + { "attilagyorffy.com", true }, { "attilavandervelde.nl", true }, { "attinderdhillon.com", true }, { "attitudes-bureaux.fr", true }, @@ -3299,6 +3308,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "atulhost.com", true }, { "atviras.lt", false }, { "atwonline.org", true }, + { "atyourprice.net", true }, { "atypicom.es", true }, { "atypicom.fr", true }, { "atypicom.it", true }, @@ -3332,11 +3342,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "audisto.com", true }, { "auditmatrix.com", true }, { "auditos.com", true }, + { "audits.io", true }, { "auditsquare.com", true }, { "auerbach-verlag.de", true }, { "auf-feindgebiet.de", true }, - { "aufprise.de", true }, - { "augaware.org", true }, { "augen-seite.de", true }, { "augiero.it", true }, { "augmentable.de", true }, @@ -3364,19 +3373,24 @@ static const nsSTSPreload kSTSPreloadList[] = { { "auroraassociationofrealtors.com", true }, { "aurosa.cz", true }, { "auroware.com", true }, + { "auroz.tech", true }, + { "auroz.video", true }, { "aus-ryugaku.info", true }, { "ausmwoid.de", true }, + { "ausschreibungen-suedtirol.it", true }, { "aussiefunadvisor.com", true }, { "aussieservicedown.com", true }, { "aussiestoresonline.com", true }, { "austin-pearce.com", true }, { "austin-security-cameras.com", true }, { "austincardiac.com", true }, - { "austinheap.com", true }, + { "austinheap.com", false }, + { "austinlockout.com", true }, + { "austintxacrepairtoday.com", true }, + { "austintxlocksmiths.com", true }, { "austinuniversityhouse.com", true }, { "australian.dating", true }, { "australianarmedforces.org", true }, - { "australianimmigrationadvisors.com.au", true }, { "australien-tipps.info", true }, { "austromorph.space", true }, { "auszeit-lanzarote.com", true }, @@ -3387,9 +3401,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "authinity.com", true }, { "author24.biz", true }, { "authoritysolutions.com", true }, - { "authorsguild.in", true }, { "autimatisering.nl", true }, - { "autism-osaka.org", true }, { "auto-anleitung.de", true }, { "auto-motor-i-sport.pl", true }, { "auto-plus.tn", true }, @@ -3397,6 +3409,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "auto.nl", true }, { "autoauctionsohio.com", true }, { "autoauctionsvirginia.com", true }, + { "autobahnco.com", true }, { "autobedrijfgarant.nl", true }, { "autobelle.it", true }, { "autobourcier.com", true }, @@ -3407,6 +3420,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "autocrypt.org", true }, { "autod.hu", true }, { "autodalmacija.com", true }, + { "autodidactic.ai", true }, + { "autodidacticstudios.com", true }, + { "autodidacticstudios.net", true }, + { "autodidacticstudios.org", true }, { "autoentrepreneurinfo.com", true }, { "autoepc.ro", true }, { "autoinsurancehavasu.com", true }, @@ -3428,6 +3445,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "autorando.com", true }, { "autoschadeschreuder.nl", true }, { "autoscuola.roma.it", true }, + { "autosecurityfinance.com", true }, { "autoshinka72.ru", true }, { "autoshopsolutions.com", true }, { "autoshun.org", true }, @@ -3440,12 +3458,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "autoterminus-used.be", true }, { "autoverzekeringafsluiten.com", true }, { "autowerkstatt-puchheim.de", true }, + { "autozane.com", true }, { "autres-talents.fr", true }, { "auux.com", true }, + { "auvernet.org", true }, { "aux-arts-de-la-table.com", true }, { "auxquatrevents.ch", true }, { "av-yummy.com", true }, - { "av01.tv", true }, { "av0ndale.de", true }, { "ava-creative.de", false }, { "ava-software.at", true }, @@ -3453,6 +3472,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "avabouncehire.co.uk", true }, { "avacariu.me", true }, { "availablecastles.com", true }, + { "avalon-island.ru", true }, { "avalon-rpg.com", true }, { "avalon-studios.de", true }, { "avanet.ch", true }, @@ -3481,12 +3501,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aviapoisk.kz", true }, { "aviationstrategy.aero", true }, { "avid.blue", true }, + { "avidmode-dev.com", true }, + { "avidmode-staging.com", true }, + { "avidmode.com", true }, { "avietech.com", true }, - { "avitres.com", true }, { "aviv.nyc", true }, { "avlhostel.com", true }, - { "avmemo.com", true }, - { "avmoo.com", true }, { "avnet.ws", true }, { "avocadooo.stream", true }, { "avocatbeziau.com", true }, @@ -3508,7 +3528,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "awaresec.no", true }, { "awaro.net", true }, { "awbouncycastlehire.com", true }, - { "awccanadianpharmacy.com", true }, { "awen.me", true }, { "awesomebouncycastles.co.uk", true }, { "awesomesit.es", true }, @@ -3522,7 +3541,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "awsome-books.co.uk", true }, { "awxg.com", true }, { "ax25.org", true }, - { "axa-middleeast.com", true }, { "axchap.ir", true }, { "axelname.ru", true }, { "axelteichmann.net", true }, @@ -3532,12 +3550,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "axiomer.me", true }, { "axiomer.net", true }, { "axiomer.org", true }, + { "axis-stralis.co.uk", true }, + { "axisfleetmanagement.co.uk", true }, { "axka.com", false }, - { "axolotlfarm.org", true }, { "axonholdingse.eu", true }, { "axrec.de", true }, - { "axtudo.com", true }, - { "axtux.tk", true }, { "ayanomimi.com", true }, { "aycomba.de", true }, { "ayesh.me", true }, @@ -3545,19 +3562,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aykutcevik.com", true }, { "aylak.com", true }, { "aylesburycastlehire.co.uk", true }, - { "aymericlagier.com", true }, + { "aymerick.fr", true }, { "ayon.group", true }, { "ayothemes.com", true }, { "ayrohq.com", true }, { "ayrshirebouncycastlehire.co.uk", true }, { "ayumindev.net", true }, { "ayurveda-mantry.com", true }, + { "az-moga.bg", true }, { "az.search.yahoo.com", false }, + { "azabani.com", true }, { "azadliq.info", true }, { "azazy.net", false }, { "azgfd.com", true }, - { "azia.info", true }, { "azimut.fr", true }, + { "azizfirat.com", true }, { "azlk-team.ru", true }, { "azort.com", true }, { "azrazalea.net", true }, @@ -3566,12 +3585,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aztrix.me", true }, { "azu-l.com", true }, { "azu-l.jp", true }, - { "azun.pl", true }, - { "azuxul.fr", true }, + { "azuki.cloud", true }, + { "azurecrimson.com", true }, + { "azuriasky.com", true }, + { "azuriasky.net", true }, { "azzag.co.uk", true }, { "azzorti.com", true }, { "azzurrapelletterie.it", true }, { "b-b-law.com", true }, + { "b-boom.nl", true }, { "b-cyclesshop.ch", true }, { "b-f-s.pl", true }, { "b-freerobux.ga", true }, @@ -3595,7 +3617,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "b1rd.tk", true }, { "b2486.com", true }, { "b2486.net", true }, - { "b2and.com", false }, { "b2bmuzikbank.com", true }, { "b303.me", true }, { "b422edu.com", true }, @@ -3609,7 +3630,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "b5289.net", true }, { "b5989.com", true }, { "b5989.net", true }, - { "b61688.com", true }, { "b64.club", true }, { "b72.com", true }, { "b72.net", true }, @@ -3676,7 +3696,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "b9883.net", true }, { "b9884.net", true }, { "b9885.net", true }, - { "b9886.com", true }, { "b9886.net", true }, { "b9887.net", true }, { "b9888.net", true }, @@ -3684,12 +3703,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "b9920.com", true }, { "b9948.com", true }, { "b9948.net", true }, - { "b99520.com", true }, { "b9960.com", true }, - { "b99881.com", true }, - { "b99882.com", true }, - { "b99883.com", true }, - { "b99885.com", true }, { "b99886.com", true }, { "b9best.cc", true }, { "b9best.net", true }, @@ -3705,18 +3719,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "babarkata.com", true }, { "babeleo.com", true }, { "baby-digne.com", true }, + { "baby-fotografie-muenchen.de", true }, + { "babybauch-shooting-muenchen.de", true }, { "babyboom.pl", true }, { "babycamapp.com", true }, { "babyfotograf-schweiz.ch", true }, { "babymasaze.cz", true }, { "babyphototime.com", true }, { "babypibu.com", true }, + { "babyshoprimini.com", true }, { "bacgrouppublishing.com", true }, { "bachata.info", true }, { "baches-piscines.com", true }, { "baciu.ch", true }, { "backeby.eu", true }, - { "backlogapp.io", true }, { "backmountaingas.com", true }, { "backpacken.org", true }, { "backpacker.dating", true }, @@ -3727,11 +3743,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "backterris.com", true }, { "backtest.org", true }, { "backupcloud.ru", true }, - { "backupsinop.com.br", true }, { "bacon-monitoring.org", true }, { "baconismagic.ca", true }, { "bacontreeconsulting.com", true }, { "bacoux.com", true }, + { "bacsituvansuckhoe.com", true }, { "bacula.jp", true }, { "bad.horse", true }, { "bad.pet", true }, @@ -3740,14 +3756,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "badblock.fr", true }, { "badboyzclub.de", true }, { "badf00d.de", true }, + { "badgersystems.de", true }, { "badges.fedoraproject.org", true }, { "badges.stg.fedoraproject.org", true }, { "badgesenpatches.nl", true }, - { "badgirlsbible.com", true }, { "badhusky.com", true }, { "badmania.fr", true }, { "badmintonbible.com", true }, { "badoo.com", true }, + { "badoo.de", true }, + { "badoo.eu", true }, + { "badoo.us", true }, { "badpackets.net", true }, { "badrequest.me", true }, { "badseacoffee.com", true }, @@ -3768,8 +3787,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bagstage.de", true }, { "bah.im", false }, { "bahnbonus-praemienwelt.de", true }, + { "bahnenimbild.de", true }, + { "bahnenimbild.eu", true }, { "bahnhelden.de", true }, { "bahninrotweissrot.at", true }, + { "bahnmagazine.de", true }, + { "baiduo.com", true }, { "baifubao.com", true }, { "baiker.info", true }, { "bailakomigo.com.br", true }, @@ -3800,63 +3823,62 @@ static const nsSTSPreload kSTSPreloadList[] = { { "balconnr.com", true }, { "balconsverdun.com", true }, { "baldur.cc", true }, - { "balenciaspa.com", true }, { "balia.de", true }, { "balicekzdravi.cz", true }, + { "balidesignshop.com.br", true }, { "balikonos.cz", true }, - { "balilingo.ooo", true }, { "balinese.dating", true }, { "balist.es", true }, { "balivillassanur.com", true }, { "balkonien.org", true }, { "ball.holdings", true }, + { "ball3d.es", true }, { "ballarin.cc", true }, - { "ballbusting-cbt.com", true }, { "ballejaune.com", true }, { "ballinarsl.com.au", true }, + { "ballitolocksmith.com", true }, { "ballmerpeak.org", true }, { "ballonsportclub-erlangen.de", true }, { "ballotapi.com", true }, { "ballothero.com", true }, + { "ballparkbuns.com", false }, { "ballroom.info", true }, { "balslev.io", true }, - { "balticer.de", true }, { "balticnetworks.com", true }, { "bamahammer.com", true }, { "bambooforest.nl", true }, { "bamboorelay.com", true }, { "bambumania.com.br", true }, + { "bamily.rocks", true }, + { "bananavapes.com", true }, { "banburybid.com", true }, { "bancacrs.it", true }, { "bancaolhares.com.br", true }, { "bancobai.ao", true }, { "bancoctt.pt", true }, - { "bandar303.id", true }, - { "bandar303.win", true }, { "bandeira1.com.br", true }, { "bandgap.io", true }, { "bandiga.it", true }, { "bandito.re", true }, { "banes.ch", true }, - { "bangdream.ga", true }, { "bangkok-dark-night.com", true }, { "bangkok.dating", true }, { "bangkokcity.de", true }, - { "bangorfederal.com", true }, + { "bangorfederal.com", false }, { "bangumi.co", true }, + { "banham.co.uk", true }, + { "banham.com", true }, { "bank.simple.com", false }, { "bankbranchlocator.com", true }, { "bankcardoffer.com", true }, { "bankee.us", true }, { "bankerbuch.de", true }, - { "bankersonline.com", true }, { "banketbesteld.nl", true }, { "bankfreeoffers.com", true }, { "bankgradesecurity.com", true }, { "bankin.com", true }, { "bankinter.pt", true }, { "bankio.se", true }, - { "bankitt.network", true }, { "banknet.gov", true }, { "bankofdenton.com", true }, { "banksiaparkcottages.com.au", true }, @@ -3868,14 +3890,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "banoviny.sk", true }, { "banquevanbreda.be", true }, { "banter.city", true }, - { "banxehoi.com", true }, { "bao-in.com", true }, { "bao-in.net", true }, { "baobeiglass.com", true }, { "baodan666.com", true }, { "baofengtech.com", true }, { "baopublishing.it", true }, - { "baptistboard.com", true }, { "baptistedeleris.fr", true }, { "bar-harcourt.com", true }, { "barabrume.fr", true }, @@ -3885,25 +3905,27 @@ static const nsSTSPreload kSTSPreloadList[] = { { "barbarians.com", false }, { "barbaros.info", true }, { "barbate.fr", true }, + { "barbershop-harmony.org", true }, + { "barbershop-lasvillas.com", true }, { "barbu.family", true }, { "barburas.com", true }, { "barcamp.koeln", true }, + { "barcel.com.mx", true }, { "barclays.net", true }, { "barcodeberlin.com", true }, { "barcoderealty.com", true }, - { "bardiel.de", true }, { "bardiharborow.tk", true }, + { "baresquare.com", true }, { "barf-alarm.de", true }, { "baripedia.org", true }, { "baris-sagdic.com", true }, { "bariseau-mottrie.be", true }, - { "barisi.me", true }, { "bariskaragoz.nl", true }, + { "baristador.com", true }, { "barkerjr.xyz", true }, { "barlotta.net", true }, { "barnabycolby.io", true }, { "barnel.com", true }, - { "barnrats.com", true }, { "barpodsosnami.pl", true }, { "barracuda.com.tr", true }, { "barrera.io", true }, @@ -3917,15 +3939,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bart-f.com", true }, { "barta.me", true }, { "bartel.ws", true }, - { "bartelldrugs.com", true }, { "bartelt.name", true }, { "barthonia-showroom.de", true }, { "bartlamboo.nl", true }, + { "bartolomebellido.com", true }, { "bartula.de", true }, { "bartzutow.xyz", true }, { "baruch.me", true }, { "bas.co.jp", true }, - { "bascht.com", true }, { "base-autonome-durable.com", true }, { "baseballrampage.com", true }, { "baseballsavings.com", true }, @@ -3937,15 +3958,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "basementdoctor.com", true }, { "basementdoctornorthwest.com", true }, { "basementfinishingohio.com", true }, + { "basercap.co.ke", true }, { "bashstreetband.co.uk", true }, { "basicapparel.de", true }, { "basicattentiontoken.org", true }, { "basilicaknights.org", true }, - { "basilm.co", true }, { "basketball-brannenburg.de", true }, { "basketsbymaurice.com", false }, { "basnoslovno.com.ua", false }, { "basnoslovno.ru", true }, + { "basonlinemarketing.nl", true }, { "bass-pro.ru", true }, { "bassblog.net", true }, { "bassment.ph", true }, @@ -3974,7 +3996,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "batonger.com", true }, { "batook.org", true }, { "batschu.de", true }, - { "batten.eu.org", true }, { "batteryservice.ru", false }, { "batterystaple.pw", true }, { "battle-game.com", true }, @@ -3991,6 +4012,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bauthier-occasions.be", true }, { "bautied.de", true }, { "bauunternehmen-herr.de", true }, + { "bauwens.cloud", true }, { "bayareaenergyevents.com", true }, { "baychimo.com", true }, { "bayden.com", true }, @@ -4000,17 +4022,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bayerhazard.de", true }, { "bayerstefan.com", true }, { "bayerstefan.de", true }, - { "bayerstefan.eu", true }, { "bayherbalist.com", true }, { "bayilelakiku.com", true }, { "bayly.eu", true }, { "baymard.com", true }, + { "baytalebaa.com", true }, { "baywatch.io", true }, { "bayz.de", true }, { "bazaarcompass.com", true }, { "bazdell.com", false }, { "bazos.at", true }, { "bazos.cz", true }, + { "bazos.pl", true }, { "bazos.sk", true }, { "bazziergraphik.com", true }, { "bb1718.net", true }, @@ -4019,8 +4042,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bbcastles.com", true }, { "bbgeschenke.ch", true }, { "bbimarketing.com", true }, - { "bbj.io", true }, { "bbka.org.uk", true }, + { "bbkaforum.co.uk", true }, { "bbkworldwide.jp", true }, { "bblove.me", true }, { "bblsa.ch", true }, @@ -4028,6 +4051,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bbnx.net", true }, { "bbswin9.cc", true }, { "bbswin9.com", true }, + { "bbuio.com", false }, { "bbw.dating", true }, { "bbwcs.co.uk", true }, { "bbxin9.com", true }, @@ -4035,6 +4059,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bc-bd.org", false }, { "bc-diffusion.com", true }, { "bc-personal.ch", true }, + { "bc416.com", true }, + { "bc418.com", true }, + { "bc419.com", true }, { "bcansw.com.au", true }, { "bcbulle.ch", true }, { "bcdonadio.com", true }, @@ -4053,14 +4080,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bcmhire.co.uk", true }, { "bcmlu.org", true }, { "bcnet.com.hk", true }, - { "bcodeur.com", true }, { "bcpc-ccgpfcheminots.com", true }, { "bcrook.com", true }, + { "bcs.adv.br", true }, { "bcswampcabins.com", true }, { "bcvps.com", true }, { "bd2positivo.com", true }, { "bda-boulevarddesairs.com", true }, - { "bdata.cl", true }, { "bdd.fi", true }, { "bdikaros-network.net", true }, { "bdpachicago.tech", true }, @@ -4083,7 +4109,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "be958.info", true }, { "be958.net", true }, { "be958.org", true }, - { "be9966.com", true }, + { "beacham.online", true }, { "beachfutbolclub.com", true }, { "beacinsight.com", true }, { "beadare.com", true }, @@ -4095,6 +4121,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "beans-one.com", false }, { "bearcosports.com.br", true }, { "bearded.sexy", true }, + { "beardic.cn", true }, { "bearingworks.com", true }, { "beastowner.li", true }, { "beatfeld.de", true }, @@ -4106,7 +4133,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "beauty24.de", true }, { "beautybear.dk", true }, { "beautyby.tv", true }, - { "beautyconcept.co", false }, { "beautyevent.fr", true }, { "beautykat.ru", true }, { "bebef.de", true }, @@ -4115,6 +4141,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bebest.gov", false }, { "bebetrotteur.com", true }, { "bebout.domains", true }, + { "bebout.pw", true }, { "beckenhamcastles.co.uk", true }, { "beckerantiques.com", false }, { "beckon.com", true }, @@ -4129,7 +4156,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bedfordnissanparts.com", true }, { "bedlingtonterrier.com.br", true }, { "bednar.co", true }, - { "bedouille.com", true }, { "bedrocklinux.org", true }, { "bedste10.dk", true }, { "bee-creative.nl", true }, @@ -4153,8 +4179,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "beekeeping.clothing", true }, { "beekeeping.tools", true }, { "beeksnetwork.nl", true }, - { "beelen.fr", true }, { "beelit.com", true }, + { "beeming.net", true }, { "beercandle.com", true }, { "beergazetteer.com", true }, { "beerians.com", true }, @@ -4163,7 +4189,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "beerjet.ro", true }, { "beerjet.sk", true }, { "beerjetcz.cz", true }, - { "beermedlar.com", true }, + { "beerly.eu", true }, { "beerradar.no", true }, { "beerradar.party", true }, { "beersconf.com", true }, @@ -4234,8 +4260,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "belvoirbouncycastles.co.uk", true }, { "bely-mishka.by", true }, { "belyvly.com", true }, + { "bemindly.com", true }, { "bemsoft.pl", true }, { "ben-energy.com", false }, + { "ben-jarvis.co.uk", true }, { "ben-stock.de", true }, { "ben.ninja", true }, { "ben2.co.il", true }, @@ -4259,14 +4287,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "benepiscinas.com.br", true }, { "beneri.se", true }, { "benevita.bio", true }, - { "benevita.life", true }, - { "benevita.live", true }, - { "benevita.organic", true }, { "bengalurugifts.com", true }, { "bengisureklam.com", true }, { "benhaney.com", true }, { "benhartmann.de", true }, { "benhavenarchives.org", true }, + { "benjamin-hering.com", true }, { "benjamin.pe", true }, { "benjaminblack.net", true }, { "benjamindietrich.com", true }, @@ -4309,11 +4335,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bequiia.com", true }, { "beranovi.com", true }, { "berasavocate.com", true }, - { "beraten-entwickeln-steuern.de", true }, { "berdaguermontes.eu", false }, + { "beretech.fr", true }, { "bergenhave.nl", true }, { "bergevoet-fa.nl", true }, - { "bergfex.at", true }, { "bergfreunde.de", true }, { "bergfreunde.dk", true }, { "bergfreunde.es", true }, @@ -4324,9 +4349,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bergfreunde.no", true }, { "bergfreunde.se", true }, { "berglust-pur.de", true }, - { "bergstoneware.com", true }, + { "bergmann-fotografin-berlin.de", true }, + { "bergmann-fotografin-dortmund.de", true }, + { "bergmann-fotografin-duesseldorf.de", true }, + { "bergmann-fotografin-essen.de", true }, + { "bergmann-fotografin-frankfurt.de", true }, + { "bergmann-fotografin-hamburg.de", true }, + { "bergmann-fotografin-koeln.de", true }, + { "bergmann-fotografin-muenchen.de", true }, + { "bergmann-fotografin-stuttgart.de", true }, { "berichtsheft-vorlage.de", true }, { "berikod.ru", true }, + { "berliancom.com", false }, { "berlin-flirt.de", true }, { "berlin.dating", true }, { "bermeitinger.eu", true }, @@ -4346,9 +4380,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bernhardluginbuehl.com", true }, { "bernieware.de", true }, { "berodes.be", true }, + { "berr.yt", true }, { "berra.se", true }, { "berruezoabogados.com", true }, { "berrus.com", true }, + { "berry.cat", true }, { "berrypay.com", true }, { "bersierservices.ch", true }, { "bersotavocats.fr", true }, @@ -4387,6 +4423,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bestbridal.top", true }, { "bestbyte.com.br", true }, { "bestcellular.com", false }, + { "bestdating.today", true }, { "bestemailmarketingsoftware.org", true }, { "bestesb.com", true }, { "bestesb.net", true }, @@ -4395,17 +4432,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bestfriendsequality.org", true }, { "bestgiftever.ca", true }, { "bestgifts4you.com", true }, + { "bestiahosting.com", true }, { "bestinductioncooktop.us", true }, + { "bestjumptrampolines.be", true }, { "bestlashesandbrows.com", true }, { "bestlashesandbrows.hu", true }, { "bestmotherfucking.website", true }, { "bestoffert.club", true }, { "bestoliveoils.com", true }, + { "bestparking.xyz", true }, { "bestpartyhire.com", true }, { "bestperfumebrands.com", true }, + { "bestpig.fr", true }, + { "bestschools.io", true }, { "bestseries.tv", true }, { "bestshoesmix.com", true }, - { "bestwarezone.com", true }, { "bestwebsite.gallery", true }, { "bet-99.cc", true }, { "bet-99.com", true }, @@ -4413,11 +4454,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bet168wy.com", true }, { "bet168wy.net", true }, { "bet909.com", true }, - { "bet990.com", true }, { "bet9bet9.net", true }, { "betacavi.com", true }, { "betacloud.io", true }, { "betalenviainternet.nl", true }, + { "betaprofiles.com", true }, { "betaworx.de", true }, { "betaworx.eu", true }, { "betecnet.de", true }, @@ -4428,7 +4469,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "betpamm.com", true }, { "betrallyarabia.com", true }, { "betseybuckheit.com", true }, - { "betshoot.com", true }, { "betsyshilling.com", true }, { "bett1.de", true }, { "better-bounce.co.uk", true }, @@ -4438,10 +4478,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "betterconsult.com", true }, { "bettercrypto.org", true }, { "betterhelp.com", true }, + { "betterjapanese.blog", true }, + { "betterjapanese.com", true }, { "betterjapanese.org", true }, + { "betterjapanese.xyz", true }, { "betterna.me", true }, { "betterscience.org", true }, { "bettertechinterviews.com", true }, + { "bettertest.it", true }, { "betterweb.fr", true }, { "betterworldinternational.org", true }, { "bettflaschen.ch", true }, @@ -4465,17 +4509,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bevinco2020.com", true }, { "bevinsco.org", true }, { "bevnut.com", true }, - { "bewegungsfluss.com", true }, + { "bewegungsfluss.com", false }, { "bewerbungsfoto-deinfoto.ch", true }, - { "bewertet.de", true }, { "bewonderen.com", true }, { "bexit.nl", true }, { "bexithosting.nl", true }, { "bexleycastles.co.uk", true }, { "beybiz.com", true }, { "beylikduzuvaillant.com", true }, - { "beyond-infinity.org", true }, - { "beyond-rational.com", true }, + { "beyond-infinity.org", false }, { "beyondalderaan.net", true }, { "beyondbounce.co.uk", true }, { "beyondpricing.com", true }, @@ -4502,9 +4544,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bg-sexologia.com", true }, { "bg16.de", true }, { "bgbhsf.top", true }, - { "bgenlisted.com", true }, { "bgeo.io", true }, - { "bgfashion.net", true }, { "bgfoto.info", true }, { "bghost.xyz", true }, { "bgkoleda.bg", true }, @@ -4513,6 +4553,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bgr34.cz", true }, { "bgtgames.com", true }, { "bgtoyou.com", true }, + { "bgwfans.com", true }, { "bh-oberland.de", true }, { "bh.sb", true }, { "bharath-g.in", true }, @@ -4523,13 +4564,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bhuntr.com", true }, { "bi.search.yahoo.com", false }, { "biaggeo.com", true }, + { "biancolievito.it", true }, { "biano-ai.com", true }, { "biasmath.es", true }, { "biathloncup.ru", true }, { "bible-maroc.com", true }, { "bible.ru", true }, { "bibleonline.ru", true }, - { "bibliafeminina.com.br", true }, { "bibliaon.com", true }, { "biblio.wiki", true }, { "biblioblog.fr", true }, @@ -4540,11 +4581,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bibuch.com", true }, { "bicecontracting.com", true }, { "bicha.net", true }, - { "bichines.es", true }, { "bicranial.io", true }, { "bicycle-events.com", true }, { "biddl.com", true }, - { "bidorbuy.co.ke", true }, { "bidu.com.br", true }, { "bie.edu", false }, { "biegner-technik.de", true }, @@ -4554,11 +4593,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bienici.com", true }, { "bienoubien.org", true }, { "biensenvue.com", true }, + { "bienstar.tv", true }, { "bierbaumer.net", true }, { "biergaizi.info", true }, { "bieser.ch", true }, { "biester.pro", true }, + { "bieumau.net", true }, { "bifrost.cz", true }, + { "biftin.net", true }, { "big-andy.co.uk", true }, { "big-bounce.co.uk", true }, { "big-fluglaerm-hamburg.de", true }, @@ -4570,16 +4612,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bigcakes.dk", true }, { "bigclassaction.com", true }, { "bigdinosaur.org", true }, - { "bigfunbouncycastles.com", true }, { "biggreenexchange.com", true }, { "bigio.com.br", true }, { "bigjohn.ru", true }, + { "bignumworks.com", true }, { "bigshort.org", true }, { "bigsisterchannel.com", true }, { "bigskymontanalandforsale.com", true }, { "bihub.io", true }, { "biilo.com", true }, - { "bijoux.com.br", true }, { "bijouxbrasil.com.br", true }, { "bijouxcherie.com", true }, { "bijuteriicualint.ro", true }, @@ -4608,12 +4649,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bilibili.red", true }, { "bilimoe.com", true }, { "bilke.org", true }, - { "billaud.eu.org", true }, { "billgoldstein.name", true }, { "billhartzer.com", true }, { "billiger-mietwagen.de", true }, { "billigerfinder.de", true }, { "billigpoker.dk", true }, + { "billin.net", true }, + { "billionaire365.com", true }, { "billionairemailinglist.com", false }, { "billionkiaparts.com", true }, { "billogram.com", true }, @@ -4627,6 +4669,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "biloplysninger.dk", true }, { "bilsho.com", true }, { "biltullen.com", true }, + { "bimbo.com", false }, + { "bimbo.com.ar", false }, + { "bimbobakeriesusa.com", false }, { "bimmerlabs.com", true }, { "bin95.com", true }, { "bina.az", true }, @@ -4637,12 +4682,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "binans.net", true }, { "binans.xyz", true }, { "binarization.com", true }, - { "binarization.net", true }, - { "binarization.org", true }, { "binaryapparatus.com", true }, { "binaryappdev.com", true }, { "binarycreations.scot", true }, { "binarydream.fi", true }, + { "binaryevolved.com", true }, { "binaryrebel.net", true }, { "binarystud.io", true }, { "binbin9.com", true }, @@ -4651,11 +4695,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "binfind.com", true }, { "bing.com", true }, { "bingobank.org", true }, - { "bingostars.com", true }, { "binhex.net", true }, { "binkanhada.biz", true }, { "binkconsulting.be", true }, - { "binsp.net", true }, + { "binnenmeer.de", true }, { "binti.com", true }, { "bintooshoots.com", true }, { "bio-disinfestazione.it", true }, @@ -4681,11 +4724,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "biohappiness.com", true }, { "bioharmony.ca", true }, { "biointelligence-explosion.com", true }, + { "bioknowme.com", true }, { "bioligo.ch", true }, - { "biomax-mep.com.br", true }, + { "biomasscore.com", true }, { "biometrics.es", true }, { "biomodra.cz", true }, - { "biopreferred.gov", true }, { "biopsychiatry.com", true }, { "bioresonanz-ibiza.com", true }, { "biosafe.ch", true }, @@ -4700,7 +4743,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "birchbarkfurniture.ch", true }, { "birchbarkfurniture.com", true }, { "birchbarkfurniture.fr", true }, - { "birdandbranchnyc.com", true }, { "birdbrowser.com", true }, { "birdfeeder.online", true }, { "birdiehosting.nl", true }, @@ -4709,13 +4751,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "birgerschwarz.de", true }, { "birgit-rydlewski.de", true }, { "birgitandmerlin.com", true }, - { "birkengarten.ch", true }, { "birkenstab.de", true }, - { "birkhoff.me", false }, + { "birkhoff.me", true }, { "birminghamcastlehire.co.uk", true }, { "birminghamsunset.com", true }, { "birthdaytip.com", true }, { "birthmatters.us", true }, + { "birthright.website", true }, { "birzan.org", true }, { "bisa-sis.net", true }, { "biscoint.io", true }, @@ -4729,11 +4771,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bit-cloud.de", true }, { "bit-rapid.com", true }, { "bit-sentinel.com", true }, + { "bit-service-aalter.be", true }, + { "bit.biz.tr", true }, { "bit.voyage", true }, { "bit8.com", true }, - { "bitace.com", true }, { "bitbank.cc", true }, { "bitbeans.de", true }, + { "bitbox.me", true }, { "bitbucket.com", true }, { "bitbucket.io", true }, { "bitbucket.org", true }, @@ -4746,7 +4790,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bitcoin.asia", true }, { "bitcoin.ch", true }, { "bitcoin.co.nz", true }, - { "bitcoin.com", true }, { "bitcoin.de", true }, { "bitcoin.im", true }, { "bitcoin.info", true }, @@ -4755,7 +4798,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bitcoinbitcoin.com", true }, { "bitcoinclashic.ninja", true }, { "bitcoincore.org", true }, - { "bitcoinfo.jp", false }, { "bitcoinindia.com", true }, { "bitcoinkarlsruhe.de", true }, { "bitcoinrealestate.com.au", true }, @@ -4763,7 +4805,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bitcoinwalletscript.tk", true }, { "bitcoinx.gr", true }, { "bitcoinx.ro", true }, - { "bitedge.com", true }, { "bitenose.com", true }, { "bitex.la", true }, { "bitfasching.de", false }, @@ -4776,6 +4817,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bithap.com", true }, { "bithir.co.uk", true }, { "bititrain.com", true }, + { "bitk.co", true }, + { "bitk.co.uk", true }, + { "bitk.eu", true }, { "bitk.uk", true }, { "bitlish.com", true }, { "bitlo.com", true }, @@ -4783,25 +4827,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bitlo.io", true }, { "bitlo.org", true }, { "bitmainwarranty.com", true }, - { "bitmainwarranty.com.ua", true }, - { "bitmainwarranty.ru", true }, { "bitmarket.net", true }, { "bitmarket.pl", true }, { "bitmessage.ch", true }, - { "bitmex.com", true }, { "bitmidi.com", true }, { "bitminter.com", true }, - { "bitmon.net", true }, + { "bitmoe.com", true }, { "bitok.com", true }, - { "bitpoll.de", true }, - { "bitpoll.org", true }, { "bitpumpe.net", true }, { "bitref.com", true }, - { "bitroll.com", true }, { "bitrush.nl", true }, { "bitsafe.com.my", true }, { "bitsburg.ru", true }, { "bitshaker.net", true }, + { "bitskins.co", true }, { "bitskrieg.net", true }, { "bitstorm.nl", true }, { "bitstorm.org", true }, @@ -4810,8 +4849,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bitten.pw", true }, { "bittersweetcandybowl.com", true }, { "bittylicious.com", true }, - { "bituptick.com", true }, - { "bitvegas.com", true }, { "bitvest.io", true }, { "bitwolk.nl", true }, { "bitxel.com.co", true }, @@ -4827,12 +4864,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bizstarter.cz", true }, { "biztera.com", true }, { "biztok.eu", true }, + { "biztouch.work", true }, { "bizzi.tv", true }, { "bjarnerest.de", true }, { "bjl5689.com", true }, { "bjl5689.net", true }, { "bjornhelmersson.se", true }, { "bjornjohansen.no", true }, + { "bjrn.io", true }, { "bjs.gov", true }, { "bjsbouncycastles.com", true }, { "bkentertainments.co.uk", true }, @@ -4866,9 +4905,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "blablacar.ro", true }, { "blablacar.rs", true }, { "blablacar.ru", true }, - { "black-gay-porn.biz", true }, { "black-khat.com", true }, { "black-mail.nl", true }, + { "black-pool.net", true }, { "black-raven.fr", true }, { "black.dating", true }, { "black.host", true }, @@ -4893,12 +4932,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "blackhat.dk", true }, { "blackhelicopters.net", true }, { "blackhillsinfosec.com", true }, - { "blackilli.de", true }, { "blackislegroup.com", true }, - { "blackkeg.ca", true }, { "blackl.net", true }, + { "blackmonday.gr", true }, { "blacknetwork.eu", true }, - { "blacknova.io", true }, { "blackonion.com", true }, { "blackpapermoon.de", true }, { "blackphoenix.de", true }, @@ -4909,9 +4946,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "blaise.io", true }, { "blakecoin.org", true }, { "blakekhan.com", true }, + { "blameomar.com", true }, { "blancodent.com", true }, { "blankersfamily.com", true }, { "blanket.technology", true }, + { "blantr.com", true }, { "blasorchester-runkel.de", true }, { "blastentertainment.com.au", true }, { "blastersklan.com", true }, @@ -4933,6 +4972,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "blendle.com", true }, { "blendle.nl", true }, { "blendr.com", true }, + { "blenheimears.com", true }, { "blenneros.net", false }, { "blessedearth.com.au", true }, { "blessedguy.com", true }, @@ -4941,9 +4981,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "blichmann.eu", true }, { "blidz.com", true }, { "blieque.co.uk", true }, + { "bliesekow.net", true }, { "blikk.no", true }, { "blikund.swedbank.se", true }, { "blindpigandtheacorn.com", true }, + { "blinds-unlimited.com", true }, { "bling9.com", true }, { "bling999.cc", true }, { "bling999.com", true }, @@ -4970,9 +5012,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "block65.com", true }, { "blockchain.com", true }, { "blockchain.info", true }, - { "blockchainced.com", true }, { "blockchaindaigakko.jp", true }, { "blockchainwhiz.com", true }, + { "blockcheck.network", true }, { "blockedyourcar.com", true }, { "blockedyourcar.net", true }, { "blockedyourcar.org", true }, @@ -4987,9 +5029,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "blog.linode.com", false }, { "blog.lookout.com", false }, { "blogaid.net", true }, + { "blogarts.net", true }, { "blogbooker.com", true }, { "blogconcours.net", true }, { "blogcuaviet.com", true }, + { "blogdelosjuguetes.com", true }, { "blogdeyugioh.com", true }, { "blogexpert.ca", true }, { "bloggermumofthreeboys.com", true }, @@ -5011,8 +5055,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bltc.org", true }, { "bltc.org.uk", true }, { "bltdirect.com", true }, - { "blubberladen.de", true }, { "bludnykoren.ml", true }, + { "blue-gmbh-erfahrungen.de", true }, + { "blue-gmbh.de", true }, { "blue-leaf81.net", true }, { "blue42.net", true }, { "blueblou.com", true }, @@ -5022,17 +5067,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bluecon.ninja", true }, { "bluecrazii.nl", true }, { "blued.moe", true }, + { "bluedata.ltd", true }, { "bluedeck.org", true }, - { "bluefinger.nl", true }, { "blueflare.org", true }, { "bluefrag.com", true }, { "bluefuzz.nl", true }, + { "bluehelixmusic.com", true }, { "blueimp.net", true }, { "blueliquiddesigns.com.au", true }, { "bluemeda.web.id", true }, - { "bluemoonroleplaying.com", true }, + { "bluemosh.com", true }, { "bluemtnrentalmanagement.ca", true }, { "bluenote9.com", true }, + { "blueoakart.com", true }, { "bluepearl.tk", true }, { "blueperil.de", true }, { "bluepoint.one", true }, @@ -5040,9 +5087,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "blueprintloans.co.uk", true }, { "bluerootsmarketing.com", true }, { "blues-and-pictures.com", true }, - { "bluesecure.com.br", true }, { "blueskycoverage.com", true }, { "bluestardiabetes.com", true }, + { "bluetexservice.com", true }, { "bluewavewebdesign.com", true }, { "bluex.im", true }, { "bluex.info", true }, @@ -5051,6 +5098,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "blueyed.eu", true }, { "blui.cf", true }, { "bluiandaj.ml", true }, + { "bluimedia.com", true }, { "blumenfeldart.com", true }, { "blumiges-fischbachtal.de", false }, { "blundell.wedding", true }, @@ -5062,6 +5110,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "blutopia.xyz", true }, { "blyat.science", true }, { "blyth.me.uk", true }, + { "blzrk.com", true }, { "bmhglobal.com.au", true }, { "bmone.net", true }, { "bmriv.com", true }, @@ -5069,7 +5118,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bmw-motorradclub-seefeld.de", true }, { "bmwcolors.com", true }, { "bn1digital.co.uk", true }, - { "bn4t.me", true }, { "bnb-buddy.nl", true }, { "bnboy.cn", true }, { "bnbsinflatablehire.co.uk", true }, @@ -5098,11 +5146,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bobancoamigo.com", true }, { "bobazar.com", true }, { "bobcopeland.com", true }, - { "bobep.ru", true }, { "bobkidbob.com", true }, { "bobkoetsier.nl", true }, { "bobnbouncedublin.ie", true }, - { "boboates.com", true }, { "bobobox.net", true }, { "boboolo.com", true }, { "bobstronomie.fr", true }, @@ -5121,6 +5167,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bodymusclejournal.com", true }, { "bodypainter.pl", true }, { "bodypainting.waw.pl", true }, + { "bodyweb.com.br", true }, { "bodyworkbymichael.com", true }, { "boeddhashop.nl", true }, { "boekenlegger.nl", true }, @@ -5138,12 +5185,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "boisewaldorf.org", true }, { "boke112.com", true }, { "bokka.com", true }, - { "bokutake.com", true }, + { "bokkeriders.com", true }, { "boldmediagroup.com", true }, { "boldt-metallbau.de", true }, { "bolektro.de", true }, { "bolgarnyelv.hu", true }, - { "bolivarfm.com.ve", true }, { "bollywood.uno", true }, { "bologna-disinfestazioni.it", true }, { "bolovegna.it", true }, @@ -5158,7 +5204,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bonami.ro", true }, { "bonami.sk", true }, { "bonbonmania.com", true }, - { "bondagefetishstore.com", true }, { "bondank.com", true }, { "bondarenko.dn.ua", true }, { "bondingwithbaby.ca", true }, @@ -5170,6 +5215,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bonibuty.com", true }, { "bonifacius.be", true }, { "bonita.com.br", true }, + { "bonito.pl", true }, { "bonnant-associes.ch", true }, { "bonnant-partners.ch", true }, { "bonnebouffe.fr", true }, @@ -5199,7 +5245,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bookshopofindia.com", true }, { "booksinthefridge.at", true }, { "booktracker-org.appspot.com", true }, - { "bookwitty.social", true }, { "bool.be", true }, { "boomersurf.com", true }, { "boomshelf.com", true }, @@ -5217,18 +5262,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "booq.org", true }, { "booquiz.com", true }, { "boosinflatablegames.co.uk", true }, + { "boost.fyi", true }, { "boost.ink", true }, + { "boostgame.win", true }, { "booter.pw", true }, { "bootjp.me", false }, { "bopiweb.com", true }, { "bopp.org", true }, { "borahan.net", true }, - { "borchers-media.de", true }, - { "borchers.ninja", true }, { "bordadoenpedreria.com", true }, { "bordes.me", true }, { "boredhackers.com", true }, { "borg.cloud", true }, + { "borgmestervangen.xyz", true }, { "boringsmith.com", true }, { "boris64.net", true }, { "borisenko.by", true }, @@ -5251,7 +5297,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bosun.io", true }, { "bosworthdental.co.uk", true }, { "botlab.ch", true }, - { "botmanager.pl", true }, { "bots.cat", true }, { "botserver.de", true }, { "botstack.host", true }, @@ -5265,7 +5310,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bouckaert-usedcars.be", true }, { "boudah.pl", true }, { "bougeret.fr", true }, - { "bouk.co", true }, { "boukoubengo.com", true }, { "boulzicourt.fr", true }, { "bounce-a-mania.co.uk", true }, @@ -5378,6 +5422,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bountyfactory.io", true }, { "bourasse.fr", true }, { "bourdon.fr.eu.org", true }, + { "bourgdepabos.com", true }, { "bourhis.info", true }, { "bournefun.co.uk", true }, { "bourqu.in", true }, @@ -5401,11 +5446,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bownty.it", true }, { "bownty.nl", true }, { "bowntycdn.net", true }, + { "boxmoe.cn", true }, { "boxpeg.com", true }, { "boxpirates.to", true }, { "boxvergelijker.nl", true }, + { "boyfriendcookbook.com", true }, { "boyhost.cn", true }, - { "boypoint.de", true }, { "boz.nl", false }, { "bozdoz.com", true }, { "bozit.com.au", true }, @@ -5423,6 +5469,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "braams.nl", true }, { "bracho.xyz", true }, { "brackets-salad.com", true }, + { "bracoitaliano.com.br", true }, { "bradbrockmeyer.com", true }, { "bradfordhottubhire.co.uk", true }, { "bradfordmascots.co.uk", true }, @@ -5430,7 +5477,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bradler.net", true }, { "bradlinder.org", true }, { "bradypatterson.com", true }, - { "braemer-it-consulting.de", true }, { "braeunlich-gmbh.com", true }, { "brage.info", true }, { "brahmins.com", true }, @@ -5457,8 +5503,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "brammingfys.dk", true }, { "bramstaps.nl", true }, { "bramvanaken.be", true }, + { "bramygrozy.pl", true }, { "bran.land", true }, { "branch-bookkeeper.com", true }, + { "branchtrack.com", true }, + { "brandand.co.uk", true }, { "brandbil.dk", true }, { "brandbuilderwebsites.com", true }, { "brandcodeconsulting.com", true }, @@ -5479,10 +5528,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "brasalcosmetics.com", true }, { "brashear.me", true }, { "brasilbombas.com.br", true }, + { "brasildxn.com.br", true }, { "brasserie-mino.fr", true }, { "brasspipedreams.org", true }, { "bratislava-airport-taxi.com", true }, { "bratteng.me", true }, + { "bratteng.xyz", true }, { "bratvanov.com", true }, { "brau-ingenieur.de", true }, { "braudoktor.de", true }, @@ -5518,6 +5569,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "brecknell.org", true }, { "breda.computer", true }, { "bredvid.no", true }, + { "breest.net", true }, { "breeyn.com", true }, { "brefy.com", true }, { "brege.org", true }, @@ -5561,6 +5613,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "brickvortex.com", true }, { "bricolajeux.ch", true }, { "brid.gy", false }, + { "brideandgroomdirect.ie", true }, { "bridgeglobalmarketing.com", true }, { "bridgement.com", true }, { "bridgevest.com", true }, @@ -5572,17 +5625,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "briggsleroux.com", true }, { "brighouse-leisure.co.uk", true }, { "brightday.bz", true }, + { "brightlifedirect.com", true }, { "brightonbank.com", true }, { "brightonbouncycastles.net", true }, { "brightonchilli.org.uk", true }, { "brightonzhang.com", true }, { "brigidaarie.com", true }, + { "brigittebutt.tk", true }, { "brilliantbouncyfun.co.uk", true }, { "brilliantdecisionmaking.com", true }, { "brilliantproductions.co.nz", true }, { "brimspark.systems", true }, - { "brinkhu.is", true }, - { "brinquedoseducativos.art.br", true }, { "brio-shop.ch", true }, { "brisbanelogistics.com.au", true }, { "bristebein.com", true }, @@ -5591,14 +5644,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "britelocate.com", true }, { "britishbeef.com", true }, { "britishbookmakers.co.uk", true }, + { "britishchronicles.com", true }, { "britishgroupsg.com", true }, - { "britishmeat.com", true }, { "britishpearl.com", true }, { "britishsciencefestival.org", true }, { "britishscienceweek.org", true }, + { "britishsnoring.co.uk", true }, { "britneyclause.com", true }, + { "brittanyferriesnewsroom.com", true }, { "britton-photography.com", true }, + { "brmsalescommunity.com", true }, { "brn.by", true }, + { "brnojebozi.cz", true }, { "bro.hk", true }, { "broadleft.org", true }, { "broadsheet.com.au", true }, @@ -5619,7 +5676,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "brookehatton.com", true }, { "brooklynrealestateblog.com", true }, { "brookworth.com", true }, - { "brossman.it", true }, { "brossmanit.com", true }, { "brother-printsmart.nl", true }, { "brouillard.ch", true }, @@ -5628,6 +5684,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "brown-devost.com", true }, { "brownfieldstsc.org", true }, { "brownihc.com", true }, + { "browsemycity.com", true }, { "brring.com", true }, { "bru6.de", true }, { "brucemartin.net", true }, @@ -5639,8 +5696,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "brunn.email", true }, { "brunner.ninja", false }, { "brunohenc.from.hr", true }, - { "brunoramos.com", true }, - { "brunoramos.org", true }, { "brunosouza.org", true }, { "brush.ninja", true }, { "bruun.co", true }, @@ -5702,6 +5757,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "btserv.de", true }, { "btsoft.eu", true }, { "btsow.com", true }, + { "bttc.co.uk", true }, { "btth.live", true }, { "btth.pl", true }, { "btth.tv", true }, @@ -5751,7 +5807,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bugginslab.co.uk", true }, { "bugs.chromium.org", true }, { "bugsmashed.com", true }, - { "bugtrack.co.uk", true }, { "bugzil.la", true }, { "bugzilla.mozilla.org", true }, { "build.chromium.org", true }, @@ -5768,6 +5823,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "buileo.com", true }, { "builtvisible.com", true }, { "builtwith.com", true }, + { "bukai.men", true }, { "bukkenfan.jp", true }, { "bul3seas.eu", true }, { "bulario.com", true }, @@ -5780,7 +5836,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bulkwholesalesweets.co.uk", true }, { "bull.id.au", true }, { "bulldog-hosting.de", true }, - { "bulldoghire.co.uk", true }, { "bulledair-savons.ch", true }, { "bullettags.com", true }, { "bullpay.com", true }, @@ -5790,15 +5845,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bumarkamoda.com", true }, { "bunbun.be", false }, { "bund-von-theramore.de", true }, - { "bundaberg.com", true }, { "bundespolizei-forum.de", true }, { "bunkyo-life.com", true }, { "bunny-rabbits.com", true }, { "bunnyvishal.com", true }, { "bunzy.ca", true }, { "bupropion.com", true }, + { "bupu.ml", true }, { "buradangonder.com", true }, { "burcevo.info", true }, + { "burfordbedandbreakfast.co.uk", true }, { "burgernet.nl", true }, { "burgers.io", true }, { "burghardt.pl", true }, @@ -5807,6 +5863,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "buricloud.fr", true }, { "burke.services", true }, { "burlapsac.ca", true }, + { "burncorp.org", true }, { "burnerfitness.com", true }, { "burnhamonseabouncycastles.co.uk", true }, { "burningbird.net", true }, @@ -5816,7 +5873,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "buronwater.com", true }, { "burotec-sarl.com", true }, { "burr.is", true }, - { "burroughsid.com", true }, { "bursaries-southafrica.co.za", true }, { "burtplasticsurgery.com", true }, { "burtrum.family", true }, @@ -5824,6 +5880,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "burtrum.name", true }, { "burtrum.org", true }, { "burzmali.com", true }, + { "busanhs.bid", true }, + { "busanhs.win", true }, { "buserror.cn", true }, { "bushbaby.com", true }, { "bushcraftfriends.com", true }, @@ -5857,19 +5915,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "buxum-communication.ch", true }, { "buy-thing.com", true }, { "buyaccessible.gov", true }, - { "buybike.shop", true }, { "buycarpet.shop", true }, + { "buycbd.store", true }, { "buycook.shop", true }, { "buydissertations.com", true }, { "buyerdocs.com", true }, - { "buyessay.org", true }, - { "buyessays.net", true }, { "buyessayscheap.com", true }, + { "buyhealth.shop", true }, { "buyinginvestmentproperty.com", true }, { "buyjewel.shop", true }, { "buymindhack.com", true }, { "buypapercheap.net", true }, - { "buyplussize.shop", true }, { "buyprofessional.shop", true }, { "buyritefairview.com", true }, { "buyseo.store", true }, @@ -5902,12 +5958,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bx-n.de", true }, { "bxp40.at", true }, { "by.cx", true }, + { "byange.pro", true }, { "byatte.com", true }, { "bydisk.com", false }, { "byeskille.no", true }, { "bygningsregistrering.dk", true }, { "byiu.info", true }, - { "byken.cn", true }, { "bymark.co", true }, { "bymike.co", true }, { "bynder.com", true }, @@ -5918,7 +5974,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "byronkg.us", true }, { "byronprivaterehab.com.au", true }, { "byronr.com", true }, - { "byronwade.com", true }, { "byrtz.de", true }, { "bysb.net", false }, { "byte-time.com", true }, @@ -5929,11 +5984,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bytejail.com", true }, { "bytema.cz", true }, { "bytema.eu", true }, - { "bytema.re", true }, { "bytema.sk", true }, { "byteowls.com", false }, { "bytepark.de", true }, - { "bytepen.com", true }, { "bytes.co", true }, { "bytes.fyi", true }, { "bytesatwork.de", true }, @@ -5950,6 +6003,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bziaks.xyz", true }, { "bzsparks.com", true }, { "bztech.com.br", true }, + { "bztraveler.com", true }, + { "bztraveler.net", true }, { "bzv-fr.eu", true }, { "c-aeroconsult.com", true }, { "c-path.org", true }, @@ -5960,6 +6015,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "c-world.co.uk", true }, { "c.cc", true }, { "c0rn3j.com", true }, + { "c0rporation.com", true }, { "c2design.it", true }, { "c2o-library.net", true }, { "c3hv.cn", true }, @@ -5976,8 +6032,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ca5.de", true }, { "caarecord.org", true }, { "caasd.org", true }, + { "cabaladada.org", true }, { "cabarave.com", true }, { "cabforum.org", true }, + { "cabineritten.nl", true }, { "cabinet-bedin.com", true }, { "cablehighspeed.net", true }, { "cablemod.com", true }, @@ -5990,7 +6048,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "caceis.bank", true }, { "cachetagalong.com", true }, { "cachethome.com", true }, - { "cachethq.io", true }, { "cachetur.no", true }, { "cackette.com", true }, { "cad-noerdlingen.de", true }, @@ -6011,12 +6068,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cafedupont.co.uk", true }, { "cafedupont.de", true }, { "cafedupont.nl", true }, - { "cafefresco.pe", true }, { "cafeimsueden.de", true }, { "cafelandia.net", true }, { "cafeobscura.nl", true }, + { "cafericoy.com", true }, { "caffeinatedcode.com", true }, - { "caibi.io", true }, + { "cagalogluyayinevi.com", true }, { "cainhosting.com", false }, { "caitcs.com", true }, { "caiwenjian.xyz", true }, @@ -6024,7 +6081,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "caja-pdf.es", true }, { "cajio.ru", true }, { "cajunuk.co.uk", true }, - { "cake-time.co.uk", true }, { "cakestart.net", true }, { "caketoindia.com", true }, { "cakingandbaking.com", true }, @@ -6049,11 +6105,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "calculator.tf", true }, { "calcworkshop.com", true }, { "caldecotevillagehall.co.uk", true }, + { "caleb.cx", true }, { "caleb.host", true }, - { "calebmorris.com", false }, { "calebthompson.io", true }, { "calendarr.com", true }, { "calendarsnow.com", true }, + { "calendly.com", true }, { "caletka.cz", true }, { "calgoty.com", true }, { "calibreapp.com", true }, @@ -6062,7 +6119,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "calidoinvierno.com", true }, { "calixte-concept.fr", true }, { "call.me", true }, - { "callanbryant.co.uk", true }, { "callawayracing.se", true }, { "callear.org", true }, { "callhub.io", true }, @@ -6072,10 +6128,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "callumsilcock.me", true }, { "calluna.nl", true }, { "calmtech.com", true }, - { "calomel.org", true }, { "calotte-academy.com", true }, + { "calrotaract.org", true }, { "calvin.my", true }, - { "calypso-tour.net", true }, + { "calvinallen.net", false }, { "calyxengineers.com", true }, { "camaradivisas.com", true }, { "camaras.uno", true }, @@ -6089,12 +6145,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cambier.org", true }, { "cambiowatch.ch", true }, { "cambodian.dating", true }, + { "cambridge-security.com", true }, { "cambridgebouncers.co.uk", true }, { "camconn.cc", true }, { "camelservers.com", true }, + { "cameo-membership.uk", true }, { "cameraviva.com.br", true }, { "camerweb.es", true }, { "camilomodzz.net", true }, + { "camjobs.net", true }, + { "camolist.com", true }, + { "camomile.desi", true }, { "camp-pleinsoleil.ch", true }, { "camp.co.uk", true }, { "campaign-ad.com", true }, @@ -6106,6 +6167,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "campbrainybunch.com", true }, { "campcambodia.org", true }, { "campcanada.org", true }, + { "campeoesdofutebol.com.br", true }, { "campeonatoalemao.com.br", true }, { "camperdays.de", true }, { "camperlist.com", true }, @@ -6121,11 +6183,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "campus-discounts.com", true }, { "campus-finance.com", true }, { "campusdrugprevention.gov", true }, + { "campusportalng.com", true }, { "campuswire.com", true }, + { "campvana.com", true }, { "campwabashi.org", true }, - { "camshowhub.com", true }, - { "camsky.de", true }, + { "camsky.de", false }, { "canada-tourisme.ch", true }, + { "canadabread.com", false }, { "canadalife.de", true }, { "canadasmotorcycle.ca", true }, { "canadian-nurse.com", true }, @@ -6157,11 +6221,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "canlidoviz.com", true }, { "canmipai.com", true }, { "cannabis-marijuana.com", true }, - { "cannahealth.com", false }, + { "cannacards.ca", true }, + { "cannahealth.com", true }, { "cannarobotics.com", true }, { "cannoli.london", true }, { "cannyfoxx.me", true }, { "canoonic.se", true }, + { "cant.at", true }, { "cantatio.ch", true }, { "canterberry.cc", true }, { "canterburybouncycastlehire.co.uk", true }, @@ -6173,9 +6239,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cao.gov", true }, { "cao.la", true }, { "caodesantohumberto.com.br", true }, + { "caoshan60.com", true }, { "capacent.is", true }, { "capachitos.cl", true }, - { "capacitacionyautoempleo.com", true }, { "capacityproject.org", true }, { "capekeen.com", true }, { "capellidipremoli.com", true }, @@ -6196,16 +6262,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "capper.de", true }, { "capriccio.to", true }, { "caprichosdevicky.com", true }, + { "caps.is", true }, { "capsogusto.com", true }, { "capstansecurity.co.uk", true }, { "capstansecurity.com", true }, - { "captainark.net", true }, + { "capstoneinsights.com", true }, + { "captain-dandelion.com", true }, { "captainsinn.com", true }, { "captalize.com", true }, { "capturapp.com", false }, { "capture-app.com", true }, { "captured-symphonies.com", true }, - { "capturethepen.co.uk", true }, { "capuchinox.com", true }, { "caputo.com", true }, { "caputodesign.com", true }, @@ -6222,7 +6289,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "carbon-project.org", true }, { "carbon12.org", true }, { "carbon12.software", true }, + { "carboneselectricosnettosl.info", false }, { "carbonmade.com", false }, + { "carbonmonoxidelawyer.net", true }, { "carbono.uy", true }, { "carbontv.com", true }, { "carck.co.uk", true }, @@ -6237,6 +6306,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cardelmar.de", true }, { "cardelmar.es", true }, { "cardexchangesolutions.com", true }, + { "cardgames.com", true }, { "cardios.srv.br", true }, { "cardranking.jp", true }, { "cardrecovery.fr", true }, @@ -6259,6 +6329,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "carezone.com", false }, { "cargobay.net", true }, { "cargorestraintsystems.com.au", true }, + { "carhunters.cz", true }, { "caribbean.dating", true }, { "caribbeanarthritisfoundation.org", true }, { "caribbeanexams.com", true }, @@ -6268,15 +6339,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "carinthia.eu", true }, { "cariocacooking.com", true }, { "carisenda.com", true }, + { "carkeysanantonio.com", true }, { "carlandfaith.com", true }, { "carlife-at.jp", true }, { "carlili.fr", true }, { "carlingfordapartments.com.au", true }, { "carlmjohnson.net", true }, { "carlobiagi.de", true }, + { "carlocksmith--dallas.com", true }, + { "carlocksmithellicottcity.com", true }, { "carlocksmithfallbrook.com", true }, + { "carlocksmithlewisville.com", true }, + { "carlocksmithmesquite.com", true }, { "carlosfelic.io", true }, + { "carloshmm.com", true }, { "carlosjeurissen.com", true }, + { "carlot-j.com", true }, { "carnaticalifornia.com", true }, { "carnet-du-voyageur.com", true }, { "carnildo.com", true }, @@ -6284,11 +6362,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "carol-lambert.com", true }, { "carolcappelletti.com", true }, { "carolcestas.com", true }, - { "caroli.biz", true }, { "caroli.com", true }, { "caroli.info", true }, { "caroli.name", true }, { "caroli.net", true }, + { "carolina.cz", true }, { "carolinaclimatecontrolsc.com", true }, { "carolynjoyce.com.au", true }, { "carpetcleaningtomball.com", true }, @@ -6298,10 +6376,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "carriedin.com", true }, { "carrierplatform.com", true }, { "carringtonrealtygroup.com", true }, + { "carroceriascarluis.com", true }, { "carrollservicecompany.com", true }, + { "carseatchecks.ca", true }, { "carson-aviation-adventures.com", true }, + { "carsoug.com", true }, { "carspneu.cz", true }, - { "carsten.pw", true }, { "cartadeviajes.cl", true }, { "cartadeviajes.co", true }, { "cartadeviajes.com", true }, @@ -6316,6 +6396,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cartadeviajes.uk", true }, { "carteirasedistintivos.com.br", true }, { "cartelcircuit.com", true }, + { "carterstad.se", true }, { "cartertonscouts.org.nz", true }, { "cartesentreprises-unicef.fr", true }, { "carthedral.com", true }, @@ -6326,7 +6407,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cartouche-deal.fr", true }, { "cartouche24.eu", true }, { "cartucce24.it", true }, - { "carun.us", true }, { "carusorealestate.com", true }, { "caryefurd.com", true }, { "casa-due-pur.com", true }, @@ -6367,15 +6447,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "casino-trio.com", true }, { "casinobonuscodes.online", true }, { "casinocashflow.ru", true }, - { "casinolistings.com", true }, - { "casinoluck.com", true }, + { "casinolegal.pt", true }, { "casinoonlinesicuri.com", true }, { "casio-caisses-enregistreuses.fr", true }, + { "casjay.cloud", true }, { "casjay.com", true }, { "casjay.info", true }, { "caspar.ai", true }, { "casperpanel.com", true }, { "cassimo.com", true }, + { "castbulletassoc.org", false }, + { "casteloinformatica.com.br", true }, { "castible.de", true }, { "castlecapers.com.au", true }, { "castlecms.io", true }, @@ -6389,6 +6471,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "castles4rascalsiow.co.uk", true }, { "castlesrus-kent.com", true }, { "castleswa.com.au", true }, + { "casualdesignsfurniture.com", true }, { "casusgrillcaribbean.com", true }, { "cat-blum.com", true }, { "cat-box.de", true }, @@ -6397,17 +6480,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "catalog.beer", true }, { "catalogobiblioteca.com", true }, { "catalogoreina.com", true }, + { "catalogosvirtualesonline.com", true }, { "catalystapp.co", true }, { "catbold.space", true }, { "catbull.com", true }, { "catburton.co.uk", true }, + { "catchers.cc", true }, { "catchersgear.com", true }, { "catchfotografie.nl", true }, { "catchhimandkeephim.com", true }, { "catchief.com", true }, - { "catdecor.ru", true }, { "catenacondos.com", true }, - { "catgirl.me", true }, + { "catfooddispensersreviews.com", true }, + { "catgirl.science", true }, { "catharinesomerville.com", true }, { "catharisme.eu", true }, { "catharisme.net", true }, @@ -6419,12 +6504,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "catl.st", true }, { "catmoose.ca", true }, { "catnet.dk", false }, + { "catprog.org", true }, { "cattivo.nl", false }, { "catuniverse.org", true }, { "catveteran.com", true }, + { "caughtredhanded.co.nz", true }, { "caulfieldeastapartments.com.au", true }, { "caulfieldracecourseapartments.com.au", true }, { "caulong-ao.net", true }, + { "cav.ac", true }, { "cavac.at", true }, { "cave-reynard.ch", true }, { "cavevinsdefrance.fr", true }, @@ -6441,11 +6529,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cbdev.de", true }, { "cbdmarket.space", true }, { "cbecrft.net", true }, + { "cbin168.com", true }, { "cbintermountainrealty.com", true }, { "cbr-xml-daily.ru", true }, { "cbsdeheidevlinder.nl", true }, { "cbw.sh", true }, { "cc-brantomois.fr", true }, + { "cc2729.com", true }, { "ccac.gov", true }, { "ccavenue.com", true }, { "cccwien.at", true }, @@ -6455,13 +6545,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ccoooss.com", true }, { "ccprwebsite.org", true }, { "ccsource.org", true }, + { "ccss-cces.com", true }, { "ccsys.com", true }, { "cctvview.info", true }, { "ccu.io", true }, { "ccu.plus", true }, { "ccv-deutschland.de", true }, { "ccv.ch", true }, - { "ccv.eu", true }, { "ccv.nl", true }, { "cd-sport.com", true }, { "cd.search.yahoo.com", false }, @@ -6474,6 +6564,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cdbtech.com", true }, { "cdburnerxp.se", true }, { "cdda.ch", true }, + { "cdeck.net", true }, { "cdepot.eu", true }, { "cdkeykopen.com", true }, { "cdlcenter.com", true }, @@ -6485,6 +6576,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cdom.de", true }, { "cdsdigital.de", true }, { "cdu-wilgersdorf.de", true }, + { "cduckett.net", true }, { "ce-pimkie.fr", true }, { "cebz.org", true }, { "ceciliacolombara.com", true }, @@ -6495,13 +6587,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cedricmartineau.com", true }, { "ceebee.com", true }, { "cejhon.cz", false }, - { "cekaja.com", true }, { "celcomhomefibre.com.my", true }, + { "celebmasta.com", true }, + { "celebrityhealthcritic.com", true }, { "celebrityscope.net", true }, { "celectro-pro.com", true }, { "celiendev.ch", true }, { "celine-patisserie.fr", true }, - { "cellartracker.com", true }, { "celltek-server.de", false }, { "celluliteorangeskin.com", true }, { "celluliteremovaldiet.com", true }, @@ -6519,7 +6611,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "censys.io", true }, { "centaur.de", true }, { "centennialradon.com", true }, - { "centerpereezd.ru", false }, { "centerpoint.ovh", true }, { "centillien.com", false }, { "centio.bg", true }, @@ -6542,6 +6633,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "centrosocialferrel.pt", true }, { "centrumhodinek.cz", true }, { "centruvechisv.ro", true }, + { "centrym.top", true }, { "centum.no", true }, { "centura.de", true }, { "centurialeonina.com", true }, @@ -6562,7 +6654,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cerebelo.info", true }, { "cerena-silver.ru", true }, { "ceres-corp.org", true }, - { "ceres1.space", true }, { "cerivo.co.uk", true }, { "cermak.photos", true }, { "cernakova.eu", true }, @@ -6580,6 +6671,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "certfa.com", true }, { "certible.com", true }, { "certificatedetails.com", true }, + { "certificatespending.com", true }, { "certificatetools.com", true }, { "certifiednurses.org", true }, { "certmonitor.com.au", true }, @@ -6587,7 +6679,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "certnazionale.it", true }, { "certspotter.com", true }, { "certspotter.org", true }, - { "cervejista.com", true }, { "cesboard.com", true }, { "cesdb.com", true }, { "cesipagano.com", true }, @@ -6600,20 +6691,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cetamol.com", true }, { "ceu.edu", false }, { "cevo.com.hr", true }, - { "ceyizlikelisleri.com", true }, { "cf-ide.de", true }, { "cf-tm.net", true }, - { "cf11.de", true }, { "cfa.gov", true }, { "cfan.space", true }, + { "cfda.gov", true }, { "cfdcre5.org", true }, { "cfh.com", true }, { "cfno.org", true }, { "cfo.gov", true }, { "cfpa-formation.fr", true }, - { "cfsh.tk", true }, { "cftc.gov", true }, { "cftcarouge.com", true }, + { "cfttt.com", true }, + { "cfurl.cf", true }, { "cfxdesign.com", true }, { "cg-systems.hu", true }, { "cg.search.yahoo.com", false }, @@ -6635,6 +6726,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chabert-provence.fr", true }, { "chad.ch", true }, { "chadstoneapartments.com.au", true }, + { "chadtaljaardt.com", true }, { "chaifeng.com", true }, { "chainedunion.info", true }, { "chaip.org", true }, @@ -6650,7 +6742,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "challstrom.com", true }, { "chamathellawala.com", true }, { "chambion.ch", true }, - { "chameleon-ents.co.uk", true }, + { "chamicro.com", true }, { "champdogs.co.uk", true }, { "champdogs.com", true }, { "champicreuse.fr", true }, @@ -6688,14 +6780,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chapelfordbouncers.co.uk", true }, { "chapiteauxduleman.fr", true }, { "chaplain.co", true }, - { "charakato.com", true }, { "charbonnel.eu", true }, { "charcoal-se.org", true }, { "charcoalvenice.com", true }, + { "chargedmonkey.com", true }, { "chargify.com", true }, + { "charisma.ai", true }, { "charissadescande.com", true }, { "charitylog.co.uk", true }, { "charl.eu", true }, + { "charlenevondell.com", true }, { "charles-darwin.com", true }, { "charlesbwise.com", true }, { "charlesjay.com", true }, @@ -6714,8 +6808,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "charlottesvillegolfcommunities.com", true }, { "charlotteswimmingpoolbuilder.com", true }, { "charmander.me", true }, + { "charmanterelefant.at", true }, { "charmingsaul.com", true }, - { "charmyadesara.com", true }, { "charr.xyz", true }, { "chars.ga", true }, { "charta-digitale-vernetzung.de", true }, @@ -6738,7 +6832,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chatbotclick.com", true }, { "chatbots.systems", true }, { "chatear.social", true }, - { "chateau-belvoir.com", true }, { "chateau-de-lisle.fr", true }, { "chateaudestrainchamps.com", true }, { "chatfacile.org", true }, @@ -6754,14 +6847,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chatu.io", true }, { "chatu.me", true }, { "chatucomputers.com", true }, - { "chatxp.com", true }, { "chatxsingle.net", true }, { "chatxtutti.com", true }, { "chatzimanolis.com", true }, { "chatzimanolis.gr", true }, { "chaurocks.com", true }, { "chaussenot.net", true }, - { "chaverde.org", true }, { "chavetaro.com", true }, { "chaz6.com", true }, { "chazalet.fr", true }, @@ -6789,7 +6880,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cheapgeekts.com", false }, { "cheapgoa.com", true }, { "cheapiesystems.com", true }, - { "cheapssl.com.tr", true }, { "cheapticket.in", true }, { "cheapwritinghelp.com", true }, { "check.torproject.org", false }, @@ -6800,6 +6890,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "checkmypsoriasis.com", true }, { "checkout.google.com", true }, { "checkpoint-tshirt.com", true }, + { "checkrente.nl", true }, { "checkspf.net", true }, { "checktype.com", true }, { "checkui.com", true }, @@ -6817,6 +6908,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cheetahwerx.com", true }, { "cheez.systems", true }, { "cheezflix.uk", true }, + { "chefwear.com", true }, { "chehalemgroup.com", true }, { "cheladmin.ru", true }, { "chelema.xyz", true }, @@ -6832,6 +6924,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chenqinghua.com", true }, { "chentianyi.cn", true }, { "chenzhekl.me", true }, + { "chenzhipeng.com.cn", true }, { "cheolguso.com", true }, { "cherevoiture.com", true }, { "cherie-belle.com", true }, @@ -6841,6 +6934,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cherrywoodtech.com", true }, { "chertseybouncycastles.co.uk", true }, { "chesspoint.ch", true }, + { "chestnut.cf", true }, { "chevy37.com", true }, { "chevymotor-occasions.be", true }, { "chewey.de", true }, @@ -6855,6 +6949,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chiaramail.com", true }, { "chiaseeds24.com", true }, { "chiboard.co", true }, + { "chibr.eu", true }, { "chic-leather.com", true }, { "chicagolug.org", true }, { "chicagostudentactivists.org", true }, @@ -6863,9 +6958,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chiemgauflirt.de", true }, { "chif16.at", true }, { "chikan-beacon.net", true }, - { "chikatomo-ryugaku.com", true }, { "chikazawa.info", true }, - { "chikory.com", true }, { "childcare.gov", true }, { "childcounseling.org", true }, { "childcustodylegalaid.org", true }, @@ -6880,9 +6973,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "childvisitationassistance.org", true }, { "childwelfare.gov", true }, { "chilihosting.eu", true }, + { "chilimath.com", true }, { "chilio.net", true }, { "chillebever.nl", true }, - { "chilli943.info", true }, { "chima.net", true }, { "chima.us", true }, { "chimeratool.com", true }, @@ -6893,14 +6986,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chinaspaceflight.com", true }, { "chinatrademarkoffice.com", true }, { "chinawhale.com", true }, + { "ching.tv", true }, { "chint.ai", true }, { "chinwag.im", true }, { "chinwag.org", true }, { "chipcore.com", true }, + { "chipglobe.com", true }, { "chippy.ch", false }, + { "chips-scheduler.de", true }, { "chiralsoftware.com", true }, { "chireiden.net", true }, { "chiro-neuchatel.ch", true }, + { "chiropractic.gr", true }, { "chiropracticwpb.com", true }, { "chiropraktik-riemann.de", true }, { "chiropraticien-neuchatel.ch", true }, @@ -6913,10 +7010,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chitoku.jp", false }, { "chksite.com", true }, { "chl.la", true }, - { "chloeallison.co.uk", true }, - { "chloehorler.com", true }, { "chloescastles.co.uk", true }, { "chlth.com", true }, + { "chmielarz.it", true }, { "chmsoft.com.ua", true }, { "chmsoft.ru", true }, { "chmurakotori.ml", true }, @@ -6927,8 +7023,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chocolatesandhealth.com", true }, { "chocolatier-tristan.ch", true }, { "chocotough.nl", false }, - { "chodocu.com", true }, - { "choe.fi", true }, { "choisirmonerp.com", true }, { "chokladfantasi.net", true }, { "chollima.pro", true }, @@ -6945,6 +7039,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chosenplaintext.org", true }, { "chourishi-shigoto.com", true }, { "chowii.com", true }, + { "choyri.com", true }, { "chris-edwards.net", true }, { "chrisaitch.com", true }, { "chrisb.me", true }, @@ -6952,6 +7047,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chrisbryant.me.uk", true }, { "chrisburnell.com", true }, { "chriscarey.com", true }, + { "chriscowley.me.uk", true }, { "chrisdecairos.ca", true }, { "chrisirwin.ca", true }, { "chrisjean.com", true }, @@ -6982,11 +7078,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "christianillies.de", true }, { "christianjens.com", true }, { "christianliebel.com", true }, + { "christianlis.org.uk", true }, + { "christianlis.uk", true }, { "christianpeltier.com", true }, { "christianpilgrimage.com.au", true }, { "christians.dating", true }, { "christianscholz.de", true }, - { "christianscholz.eu", true }, { "christiehawkes.com", true }, { "christiesantiques.com", true }, { "christmascard.be", true }, @@ -7002,6 +7099,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "christophertruncer.com", true }, { "christophkreileder.com", true }, { "christophsackl.de", true }, + { "christthekingparish.net", true }, { "chriswald.com", true }, { "chriswarrick.com", true }, { "chriswbarry.com", true }, @@ -7020,18 +7118,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chronoshop.cz", true }, { "chrpaul.de", true }, { "chrstn.eu", true }, + { "chrysanthos.net", true }, { "chsterz.de", true }, - { "chua.family", true }, { "chuchote-moi.fr", true }, { "chuck.ovh", true }, { "chun.pro", true }, { "chunche.net", true }, { "chunk.science", true }, { "chupadelfrasco.com", true }, + { "chuppa.com.au", true }, { "churchlinkpro.com", true }, { "churchthemes.com", true }, - { "churchwebcanada.ca", true }, - { "churchwebsupport.com", true }, { "churningtracker.com", true }, { "chxdf.net", true }, { "chyen.cc", true }, @@ -7044,17 +7141,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cianmawhinney.me", true }, { "ciansc.com", true }, { "ciat.no", false }, - { "cidadedopoker.com.br", true }, { "cidbot.com", true }, - { "ciderclub.com", true }, { "cidersus.com.ec", true }, { "cie-theatre-montfaucon.ch", true }, { "cielbleu.org", true }, - { "cielly.com", true }, { "cifop-numerique.fr", true }, { "cig-dem.com", true }, { "cigar-cartel.com", true }, - { "cigarterminal.com", false }, { "cilloc.be", true }, { "cima-idf.fr", true }, { "cimballa.com", true }, @@ -7062,12 +7155,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cinafilm.com", true }, { "cinay.pw", true }, { "cindey.io", true }, + { "cindydudley.com", true }, { "cine-music.de", true }, { "cine.to", true }, { "cinefilzonen.se", true }, { "cinelite.club", true }, - { "cinema5.ru", false }, { "cinemarxism.com", true }, + { "cinemasetfree.com", true }, { "cinemysticism.com", true }, { "cineplex.my", true }, { "ciner.is", true }, @@ -7094,7 +7188,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cipri.nl", true }, { "cipri.org", true }, { "cipria.no", true }, - { "cipriano.nl", true }, { "cipy.com", true }, { "cir.is", true }, { "circara.com", true }, @@ -7110,8 +7203,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cirujanooral.com", true }, { "cirurgicagervasio.com.br", true }, { "cirurgicalucena.com.br", true }, + { "cirurgicasalutar.com.br", true }, { "ciscodude.net", true }, { "cisoaid.com", true }, + { "cisofy.com", true }, + { "cispeo.org", true }, { "ciss.ltd", true }, { "cisum-cycling.com", true }, { "cisy.me", true }, @@ -7125,7 +7221,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "citizensleague.org", true }, { "citizenspact.eu", true }, { "citizing.org", true }, - { "citroner.blog", true }, { "citrusui.me", true }, { "cittadesign.com", false }, { "citton.com.br", true }, @@ -7140,12 +7235,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "citysportapp.com", true }, { "cityworksonline.com", true }, { "ciubotaru.tk", true }, - { "civicunicorn.com", true }, - { "civicunicorn.us", true }, + { "ciurcasdan.eu", true }, { "civilg20.org", true }, { "civillines.nl", true }, { "cj-espace-vert.fr", true }, { "cj-jackson.com", true }, + { "cjdby.net", true }, + { "cjdpenterprises.com", true }, + { "cjdpenterprises.com.au", true }, + { "cjean.fr", true }, { "cjey.me", true }, { "cjhzp.net", true }, { "cjr.host", true }, @@ -7164,6 +7262,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ckostecki.de", true }, { "cktennis.com", true }, { "cl.search.yahoo.com", false }, + { "clacetandil.com.ar", true }, { "clad.cf", true }, { "claimconnect.com", true }, { "claimconnect.us", true }, @@ -7202,6 +7301,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "clazzrooms.com", true }, { "cldfile.com", true }, { "cldly.com", true }, + { "cleanapproachnw.com", true }, { "cleanbeautymarket.com.au", true }, { "cleanbrowsing.org", true }, { "cleancode.club", true }, @@ -7230,7 +7330,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "clickclock.cc", true }, { "clickenergy.com.au", true }, { "clickforclever.com", true }, - { "clickomobile.com", true }, { "clickphish.com", true }, { "clicksaveandprint.com", true }, { "clien.net", true }, @@ -7244,7 +7343,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "climatestew.com", true }, { "clindoeilmontagne.com", true }, { "clingout.com", true }, - { "clinicadam.com", true }, + { "clinicadam.com", false }, { "clinicadelogopedia.net", true }, { "clinicalrehabilitation.info", true }, { "clinicaltrials.gov", true }, @@ -7264,11 +7363,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "clochix.net", true }, { "clockcaster.com", true }, { "clockworksms.com", true }, - { "clod-hacking.com", true }, { "clojurescript.ru", true }, { "cloppenburg-autmobil.com", true }, { "cloppenburg-automobil.com", true }, - { "clorik.com", true }, { "clorophilla.net", true }, { "closeli.cn", true }, { "closelinksecurity.co.uk", true }, @@ -7283,7 +7380,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cloud42.ch", false }, { "cloud9bouncycastlehire.com", true }, { "cloudapps.digital", true }, - { "cloudbolin.es", true }, { "cloudbreaker.de", true }, { "cloudbrothers.info", true }, { "cloudcactuar.com", false }, @@ -7300,21 +7396,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cloudia.org", true }, { "cloudily.com", true }, { "cloudimproved.com", true }, - { "cloudimprovedtest.com", true }, + { "cloudkeep.nl", true }, { "cloudkit.pro", false }, + { "cloudlessdreams.com", true }, { "cloudlight.biz", true }, - { "cloudmigrator365.com", true }, { "cloudnote.cc", true }, { "cloudns.net", true }, { "cloudoptimizedsmb.com", true }, { "cloudoptimus.com", true }, - { "cloudpagesforwork.com", true }, - { "cloudpebble.net", true }, { "cloudpengu.in", true }, { "cloudpipes.com", true }, { "cloudsecurityalliance.org", true }, { "cloudservice.io", true }, { "cloudservices.nz", true }, + { "cloudsign.jp", true }, { "cloudsocial.io", true }, { "cloudspace-analytics.com", true }, { "cloudspeedy.net", true }, @@ -7328,35 +7423,38 @@ static const nsSTSPreload kSTSPreloadList[] = { { "clownindeklas.nl", true }, { "cloxy.com", true }, { "clr3.com", true }, + { "clsfoundationrepairandwaterproofing.com", true }, { "clsimage.com", true }, { "clsoft.ch", true }, { "clu-in.org", true }, { "club-adulti.ro", true }, { "club-corsicana.de", true }, + { "club-creole.com", true }, { "club-duomo.com", true }, { "club-is.ru", true }, + { "club-premiere.com", true }, { "club-reduc.com", true }, { "club103.ch", true }, + { "clubcorsavenezuela.com", true }, { "clubdelzapato.com", true }, { "clubedalutashop.com", true }, { "clubefiel.com.br", true }, { "clubempleos.com", true }, { "clubeohara.com", true }, { "clubfamily.de", true }, + { "clubgalaxy.futbol", true }, { "clubiconkenosha.com", true }, - { "clubmate.rocks", true }, { "clubmini.jp", true }, { "clubnoetig-ink2g.de", true }, { "clubon.space", true }, { "clubscannan.ie", true }, { "clueful.ca", true }, - { "cluefulca.com", true }, - { "cluefulca.net", true }, - { "cluefulca.org", true }, + { "cluster.biz.tr", true }, { "clusteranalyse.net", true }, { "clusterfuck.nz", true }, { "clustermaze.net", true }, { "clweb.ch", true }, + { "cm.center", true }, { "cmacacias.ch", true }, { "cmadeangelis.it", true }, { "cmahy.be", true }, @@ -7394,6 +7492,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cnet-hosting.com", true }, { "cni-certing.it", true }, { "cnre.eu", true }, + { "cnvt.fr", true }, { "co-factor.ro", true }, { "co-founder-stuttgart.de", true }, { "co.search.yahoo.com", false }, @@ -7408,11 +7507,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "coastline.net.au", true }, { "coathangastrangla.com", true }, { "coathangastrangler.com", true }, - { "coathangerstrangla.com", true }, - { "coathangerstrangler.com", true }, - { "coatl-industries.com", true }, { "cobalt.io", true }, { "cobaltgp.com", true }, + { "cobcode.com", true }, { "cobracastles.co.uk", true }, { "cocaine-import.agency", true }, { "cocaine.ninja", true }, @@ -7425,7 +7522,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "coco-line.ch", true }, { "cocoaheads.at", false }, { "cocoamexico.com", true }, - { "cocodemy.com", true }, { "cocodroid.com", true }, { "coconutoil24.com", true }, { "cocoscastles.co.uk", true }, @@ -7454,6 +7550,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "codeine.co.uk", true }, { "codeit.guru", true }, { "codeit.us", true }, + { "codejots.com", true }, + { "codejunkie.de", false }, { "codemonster.eu", true }, { "codenode.io", true }, { "codeofthenorth.com", true }, @@ -7465,7 +7563,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "codercy.com", true }, { "codereview.appspot.com", false }, { "codereview.chromium.org", false }, - { "coderhangout.com", true }, { "coderme.com", true }, { "codersbistro.com", true }, { "codes.pk", true }, @@ -7483,6 +7580,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "codeventure.de", true }, { "codeversetech.com", true }, { "codewild.de", true }, + { "codexpo.net", true }, { "codeyellow.nl", true }, { "codific.com", true }, { "codific.eu", true }, @@ -7493,11 +7591,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "coding.net", true }, { "codingforspeed.com", true }, { "codingfromhell.net", true }, + { "codinginfinity.me", true }, { "codingrobots.com", true }, { "codxg.org", true }, { "codyevanscomputer.com", true }, { "codymoniz.com", true }, { "codyqx4.com", true }, + { "coentropic.com", true }, { "coffee-mamenoki.jp", true }, { "coffeeandteabrothers.com", true }, { "coffeetocode.me", true }, @@ -7508,10 +7608,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cognitip.com", true }, { "cognitivecomputingconsortium.com", true }, { "cognitohq.com", true }, + { "cogsquad.house", true }, { "coi-verify.com", true }, { "coiffeurschnittstelle.ch", true }, { "coigach-assynt.org", true }, - { "coimmvest.com", true }, { "coin-quest.net", true }, { "coin.dance", true }, { "coinapult.com", true }, @@ -7532,6 +7632,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "coinloan.io", true }, { "coinmewallet.com", true }, { "coinpit.io", true }, + { "coins2001.ru", true }, { "coinx.pro", true }, { "coisasdemulher.org", true }, { "cojam.ru", true }, @@ -7571,9 +7672,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "collabornation.net", true }, { "collaction.hk", true }, { "collada.org", true }, - { "collbox.co", true }, { "collectdocs.com", true }, { "collectfood.com", true }, + { "collectiblebeans.com", true }, { "collectivesupply.com", true }, { "collectorknives.net", true }, { "collectorsystems.com", true }, @@ -7595,9 +7696,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "colorectalcompounding.com", true }, { "colorfuldots.com", true }, { "colorhexa.com", true }, - { "coloringnotebook.com", true }, { "coloristcafe.com", true }, - { "colorlifesupport.com", true }, { "colorsbycarin.com", true }, { "colossal-events.co.uk", true }, { "colourfulcastles.co.uk", true }, @@ -7607,6 +7706,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "colyakootees.com", true }, { "com-in.de", true }, { "comalia.com", true }, + { "comandofilmes.club", true }, { "comarkinstruments.net", true }, { "combatircelulitis.com", true }, { "combattrecellulite.com", true }, @@ -7614,17 +7714,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "combron.co.uk", true }, { "combron.com", true }, { "combron.nl", true }, - { "comchezmeme.com", true }, { "comcol.nl", true }, - { "comdotgame.com", true }, { "comdurav.com", true }, + { "comeals.com", true }, + { "comeoishii.com", true }, { "comercialtpv.com", true }, { "comerford.net", true }, { "comestoarra.com", true }, { "cometbot.cf", true }, { "cometcache.com", true }, { "cometonovascotia.ca", true }, - { "cometrueunlimited.com", true }, + { "comevius.com", true }, + { "comevius.org", true }, + { "comevius.xyz", true }, { "comff.net", true }, { "comfintouch.com", true }, { "comflores.com.br", true }, @@ -7636,6 +7738,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "comidasperuanas.net", true }, { "comiteaintriathlon.fr", true }, { "comm.cx", true }, + { "commania.co.kr", true }, { "commco.nl", true }, { "commechezvous.ch", true }, { "commerce.gov", true }, @@ -7648,6 +7751,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "commoncore4kids.com", true }, { "communityblog.fedoraproject.org", true }, { "communitycodeofconduct.com", true }, + { "communityflow.info", true }, { "communote.net", true }, { "como-se-escribe.com", true }, { "comocurarlagastritistratamientonatural.com", true }, @@ -7659,18 +7763,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "comogene.com", true }, { "comohacerelamoraunhombrenet.com", true }, { "comohacerpara.com", true }, - { "comoimportar.net", true }, { "comopuededejardefumar.net", true }, { "comoquitarlacaspa24.com", true }, { "comoquitarlasestriasrapidamente.com", true }, { "comorecuperaratumujerpdf.com", true }, { "comosatisfaceraunhombreenlacamaydejarloloco.com", true }, - { "comosecarabarriga.net", true }, - { "comoseduzir.net", true }, + { "comosefazisto.com.br", true }, { "comp2go.com.au", true }, { "compagnia-buffo.de", true }, { "compagniemartin.com", true }, { "comparatif-moto.fr", true }, + { "compareandrecycle.co.uk", true }, { "compareandrecycle.com", false }, { "compareinsurance.com.au", true }, { "comparesoft.com", true }, @@ -7698,8 +7801,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "compraneta.com", false }, { "compreautomacao.com.br", true }, { "compree.com", true }, - { "compromised.com", true }, - { "compsmag.com", true }, + { "compros.me", true }, + { "compservice.in.ua", true }, { "compubench.com", true }, { "compucastell.ch", true }, { "compucorner.mx", true }, @@ -7719,6 +7822,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "comunidadmontepinar.es", true }, { "comw.cc", true }, { "conalcorp.com", true }, + { "conatus.ai", true }, { "conaudisa.com", false }, { "concept-web.ch", true }, { "concertengine.com", true }, @@ -7726,6 +7830,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "concertsenboite.fr", true }, { "concertsto.com", true }, { "conciliumnotaire.ca", true }, + { "concretelevelingsystems.com", true }, { "concreterepairatlanta.com", true }, { "concursopublico.com.br", true }, { "concursos.com.br", true }, @@ -7747,6 +7852,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "conejovalleylandscapelighting.com", true }, { "conejovalleylighting.com", true }, { "conejovalleyoutdoorlighting.com", true }, + { "conexiontransporte.com", true }, { "confiancefoundation.org", true }, { "confidential.network", true }, { "config.schokokeks.org", false }, @@ -7754,17 +7860,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "conflux.tw", true }, { "conformax.com.br", true }, { "conformist.jp", true }, + { "confucio.cl", true }, { "confuddledpenguin.com", true }, { "cong5.net", true }, { "congineer.com", true }, { "congobunkering.com", true }, { "conju.cat", true }, { "conjugacao.com.br", true }, - { "conkret.ch", true }, { "conkret.de", true }, { "conkret.mobi", true }, { "conmedapps.com", true }, + { "conn.cx", true }, { "connect-ed.network", true }, + { "connect-me.com", true }, { "connect.dating", true }, { "connect.facebook.net", true }, { "connecta.store", true }, @@ -7774,17 +7882,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "connectmy.car", true }, { "connecto-data.com", true }, { "connectum.eu", true }, + { "conner.work", true }, { "connexas.eu", true }, { "connext.de", true }, { "connictro.de", true }, { "conniesacademy.com", true }, + { "connorhatch.com", true }, { "connorsmith.co", true }, { "connyduck.at", true }, + { "conociendosalama.com", true }, { "conocimientosdigitales.com", true }, { "conory.com", true }, { "conpins.nl", true }, { "conrad-kostecki.de", true }, { "conradkostecki.de", true }, + { "conrail.blue", true }, { "consciousbrand.co", true }, { "consciouschoices.net", true }, { "consec-systems.de", true }, @@ -7804,12 +7916,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "constancechen.me", true }, { "constant-rough.de", true }, { "constares.de", true }, - { "construct-trust.com", true }, { "constructexpres.ro", true }, + { "constructieve.nl", true }, { "construction-student.co.uk", true }, { "constructionjobs.com", true }, { "consul.io", true }, { "consulenza.pro", true }, + { "consultation.biz.tr", true }, { "consultimator.com", true }, { "consultimedia.de", true }, { "consultpetkov.com", true }, @@ -7830,6 +7943,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "conti-profitlink.co.uk", true }, { "continuum.memorial", true }, { "contrabass.net", true }, + { "contractdigital.co.uk", true }, { "contractormountain.com", true }, { "contractwriters.com", true }, { "contraspin.co.nz", true }, @@ -7839,6 +7953,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "controlautocom.com.br", true }, { "controlbooth.com", true }, { "controle.net", true }, + { "controleer-maar-een-ander.nl", true }, { "controltickets.com.br", true }, { "contxt-agentur.de", true }, { "conv2pdf.com", true }, @@ -7875,6 +7990,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cool110.tk", true }, { "cool110.xyz", true }, { "coolattractions.co.uk", true }, + { "coolbitx.com", true }, { "cooldan.com", true }, { "coole-fete.de", true }, { "coolerssr.space", true }, @@ -7883,6 +7999,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "coolrc.me", true }, { "coolviewthermostat.com", true }, { "coolwallet.io", true }, + { "coonawarrawines.com.au", true }, { "coopens.com", true }, { "coor.fun", true }, { "coore.jp", true }, @@ -7891,8 +8008,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "copinstant.com", true }, { "copperhead.co", true }, { "copperheados.com", true }, + { "coppermein.co.za", true }, { "copplaw.com", true }, - { "coptic-treasures.com", true }, { "coptkm.cz", true }, { "copycaught.co", true }, { "copycaught.net", true }, @@ -7902,6 +8019,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "copypoison.com", true }, { "copyright-watch.org", true }, { "copytrack.com", true }, + { "coquibus.net", true }, { "corbi.net.au", true }, { "cordep.biz", true }, { "corder.tech", true }, @@ -7909,10 +8027,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cordis.io", true }, { "cordis.tk", true }, { "cordlessdog.com", true }, - { "core-concepts.de", true }, + { "core-concepts.de", false }, { "core-networks.de", true }, { "core.mx", true }, - { "core.org.pt", false }, + { "core.org.pt", true }, { "coreapm.org", true }, { "corecodec.com", true }, { "coredump.gr", true }, @@ -7920,11 +8038,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "corelia.net", true }, { "corepartners.com.ua", true }, { "coresolutions.ca", true }, - { "coresos.com", true }, { "coreum.ca", true }, { "coreyjmahler.com", true }, { "corgi.party", true }, { "coribi.com", true }, + { "corinastefan.ro", true }, { "corintech.net", true }, { "corisu.co", true }, { "corkedwinebar.com", true }, @@ -7949,6 +8067,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "corporateclash.net", true }, { "corporatecomputingsolutions.com", true }, { "corporateinfluencers.com", true }, + { "corporativoarval.info", true }, { "corpsepaint.life", true }, { "corpulant.coffee", true }, { "corpulantcoffee.com", true }, @@ -7957,6 +8076,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "corpusslayer.com", true }, { "corrbee.com", true }, { "correctiv.org", true }, + { "corrick.io", true }, { "corrupted.io", true }, { "corsa-b.uk", true }, { "corsectra.com", true }, @@ -7987,6 +8107,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cospol.ch", true }, { "costa-rica-reisen.ch", true }, { "costa-rica-reisen.de", true }, + { "costablanca.villas", true }, { "costablancavoorjou.com", true }, { "costcofinance.com", true }, { "costinstefan.eu", true }, @@ -8001,6 +8122,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "counter-team.ch", true }, { "counterglobal.com", true }, { "countermail.com", true }, + { "countermats.net", true }, + { "countersolutions.co.uk", true }, { "countingto.one", true }, { "countryattire.com", true }, { "countrybrewer.com.au", true }, @@ -8015,11 +8138,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "couragefound.org", true }, { "coursables.com", true }, { "coursera.org", true }, - { "courseworkbank.info", true }, { "courtlistener.com", true }, { "couscous.recipes", true }, { "cousincouples.com", true }, { "coussinsky.net", true }, + { "couvreur-hinault.fr", true }, { "covbounce.co.uk", true }, { "covenantoftheriver.org", true }, { "covermytrip.com.au", true }, @@ -8050,9 +8173,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cprheartcenter.com", true }, { "cprnearme.com", true }, { "cptoon.com", true }, + { "cpu.biz.tr", true }, { "cpvmatch.eu", true }, { "cpy.pt", true }, - { "cqchome.com", true }, { "cqn.ch", true }, { "cr.search.yahoo.com", false }, { "cr0nus.net", true }, @@ -8069,7 +8192,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "craftinginredlipstick.com", true }, { "craftist.de", true }, { "craftsmandruggets.com", true }, - { "craftwmcp.xyz", true }, { "craftyguy.net", true }, { "craftyphotons.net", true }, { "crag.com.tw", true }, @@ -8085,6 +8207,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "crawcial.de", true }, { "crawfordcountytcc.org", true }, { "crawl.report", true }, + { "crawler.ninja", true }, { "crawleybouncycastles.co.uk", true }, { "crawlspaceandbasementsolutions.com", true }, { "crazy-coders.com", true }, @@ -8094,7 +8217,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "crazydomains.co.uk", true }, { "crazydomains.com.au", true }, { "crazydomains.in", true }, - { "crazyfamily11.de", true }, { "crazymeeshu.com", true }, { "crazynoisybizarre.town", true }, { "crazypaul.com", true }, @@ -8105,16 +8227,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "crea-shops.ch", true }, { "crea.bg", true }, { "creadstudy.com", true }, + { "crealogix-online.com", true }, { "creamcastles.co.uk", true }, { "creared.edu.co", true }, - { "create-ls.jp", true }, { "create-together.nl", true }, { "createme.com.pl", true }, { "createursdefilms.com", true }, { "creatieven.com", true }, { "creation-contemporaine.com", true }, { "creations-edita.com", true }, - { "creative-coder.de", false }, { "creative-wave.fr", true }, { "creativebites.de", true }, { "creativecaptiv.es", true }, @@ -8125,6 +8246,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "creativedigital.co.nz", true }, { "creativefolks.co.uk", true }, { "creativefreedom.ca", true }, + { "creativeglassgifts.com.au", true }, + { "creativeink.de", true }, { "creativekkids.com", true }, { "creativelaw.eu", true }, { "creativeliquid.com", true }, @@ -8138,7 +8261,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "creators.co", true }, { "creators.direct", true }, { "creatujoya.com", true }, - { "crecips.com", true }, { "credential.eu", true }, { "credex.bg", true }, { "credigo.se", true }, @@ -8156,7 +8278,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "crem.in", false }, { "cremepassion.de", true }, { "crena.ch", true }, - { "creorin.com", true }, { "crepa.ch", true }, { "crepererum.net", true }, { "crescent.gr.jp", true }, @@ -8166,7 +8287,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cretica.no", true }, { "creusalp.ch", true }, { "crew505.org", true }, - { "crge.eu", true }, { "crgm.net", true }, { "criadorespet.com.br", true }, { "cribcore.com", true }, @@ -8197,11 +8317,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "croceverdevb.it", true }, { "crochetnerd.com", true }, { "croisedanslemetro.com", true }, - { "croisieres.discount", true }, { "croixblanche-haguenau.fr", true }, { "cromefire.myds.me", true }, { "cronberg.ch", true }, { "croncron.io", true }, + { "cronix.cc", true }, { "cronologie.de", true }, { "cronometer.com", true }, { "cropdiagnosis.com", true }, @@ -8225,6 +8345,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "crowdbox.net", true }, { "crowdcloud.be", true }, { "crowdliminal.com", true }, + { "crowdsim3d.com", true }, { "crowdsupply.com", true }, { "crowdwis.com", true }, { "crowncastles.co.uk", true }, @@ -8258,19 +8379,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "crypto.cat", false }, { "crypto.graphics", true }, { "crypto.is", false }, - { "cryptobells.com", false }, { "cryptobin.co", true }, { "cryptocon.org", true }, - { "cryptoegg.ca", true }, { "cryptofan.org", true }, - { "cryptofrog.co", true }, { "cryptography.ch", true }, { "cryptography.io", true }, { "cryptoguidemap.com", true }, - { "cryptoisnotacrime.org", true }, - { "cryptojourney.com", true }, { "cryptolinc.com", true }, { "cryptology.ch", true }, + { "cryptolosophy.io", true }, { "cryptolosophy.org", true }, { "cryptonom.org", true }, { "cryptonym.com", true }, @@ -8289,6 +8406,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "crystalapp.ca", true }, { "crystalchandelierservices.com", true }, { "crystalgrid.net", true }, + { "crystallizedcouture.com", true }, { "crystone.me", true }, { "cryz.ru", true }, { "cs2016.ch", true }, @@ -8299,22 +8417,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "csca.me", true }, { "cscdn.net", true }, { "csd-sevnica.si", true }, - { "csfcloud.com", true }, { "csfd.cz", true }, { "csfloors.co.uk", true }, { "csfm.com", true }, { "csgo.su", true }, - { "csgogamers.com", false }, - { "csgohandouts.com", true }, { "csgoswap.com", true }, { "csgotwister.com", true }, { "csharpmarc.net", true }, { "cshopify.com", true }, { "csi.lk", true }, + { "csinterstargeneve.ch", true }, { "cskentertainment.co.uk", true }, { "csmainframe.com", true }, { "csokolade.hu", true }, { "csp.ch", true }, + { "cspeti.hu", true }, { "cspvalidator.org", true }, { "csrichter.com", true }, { "csru.net", true }, @@ -8327,7 +8444,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "csu.st", true }, { "csuw.net", true }, { "csvalpha.nl", true }, - { "cswarzone.com", true }, { "ct.search.yahoo.com", false }, { "ctc-transportation.com", true }, { "ctcue.com", true }, @@ -8344,7 +8460,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ctomp.io", true }, { "ctpe.net", true }, { "ctrld.me", true }, - { "ctyi.me", true }, { "cu247secure.ie", true }, { "cub-bouncingcastles.co.uk", true }, { "cube-cloud.com", true }, @@ -8352,13 +8467,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cubecart-demo.co.uk", true }, { "cubecart-hosting.co.uk", true }, { "cubecraft.net", true }, - { "cubecraftstore.com", true }, - { "cubecraftstore.net", true }, { "cubekrowd.net", true }, { "cubia.de", true }, { "cubia3.com", true }, { "cubia4.com", true }, { "cubile.xyz", true }, + { "cublick.com", true }, { "cubos.io", false }, { "cubostecnologia.com", false }, { "cubostecnologia.com.br", false }, @@ -8380,29 +8494,31 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cultureelbeleggen.nl", true }, { "culturerain.com", true }, { "cultureroll.com", true }, + { "culturesouthwest.org.uk", true }, { "cumplegenial.com", true }, - { "cunha.be", true }, + { "cuntflaps.me", true }, { "cuoc.org.uk", true }, { "cup.al", true }, { "cupcakesandcrinoline.com", true }, { "cupcao.gov", true }, { "cupi.co", true }, - { "cupofarchitects.net", true }, { "cupom.net", true }, { "cuppycakes.fi", true }, { "cur.by", true }, { "curacao-firma.com", true }, { "curamail.co.uk", true }, { "curareldolordeespalda.com", true }, + { "curatedgeek.com", true }, { "curbside.com", true }, { "curia.fi", true }, { "curieux.digital", true }, { "curio-shiki.com", true }, { "curiosity-driven.org", true }, + { "curiouspeddler.com", true }, { "curlybracket.co.uk", true }, { "currency-strength.com", true }, - { "current.com", true }, { "currentlystreaming.com", true }, + { "currentlyusa.com", true }, { "currentobserver.com", true }, { "currynissanmaparts.com", true }, { "cursos.com", true }, @@ -8415,6 +8531,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "curtislinville.net", true }, { "curtissmith.me.uk", true }, { "curtissmith.uk", true }, + { "curva.co", true }, { "curveprotect.com", true }, { "curveprotect.cz", true }, { "curveprotect.net", true }, @@ -8423,17 +8540,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "curvissa.co.uk", true }, { "custerweb.com", true }, { "custodyxchange.com", true }, + { "custombikes.cl", true }, { "customdissertation.com", true }, { "customerbox.ir", true }, { "customfitbymj.net", true }, { "customfitmarketing.com", true }, { "customgear.com.au", true }, - { "customizeyourshower.com", true }, { "customizeyoursink.com", true }, - { "custompapers.com", true }, - { "customromlist.com", true }, { "customshort.link", true }, - { "customwritings.com", true }, { "customwritingservice.com", true }, { "customwritten.com", true }, { "cutephil.com", true }, @@ -8473,7 +8587,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cwgaming.co.uk", true }, { "cwinfo.fi", true }, { "cwmart.in", true }, - { "cwningen.cymru", false }, + { "cwrau.com", true }, + { "cwrau.de", true }, + { "cwrau.info", true }, + { "cwrau.io", true }, + { "cwrau.me", true }, + { "cwrau.name", true }, + { "cwrau.rocks", true }, + { "cwrau.tech", true }, { "cwrcoding.com", true }, { "cy.ax", true }, { "cyber.cafe", true }, @@ -8483,6 +8604,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cybercocoon.com", true }, { "cybercrew.cc", true }, { "cybercrime-forschung.de", true }, + { "cybercymru.co.uk", true }, { "cyberduck.io", true }, { "cyberdyne-industries.net", true }, { "cyberexplained.info", true }, @@ -8496,15 +8618,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cybermeldpunt.nl", true }, { "cyberoptic.de", true }, { "cyberphaze.com", true }, + { "cyberpioneer.net", false }, { "cyberpubonline.com", true }, { "cyberregister.nl", true }, { "cyberregister.org", true }, + { "cybersafesolutions.com", true }, { "cybersantri.com", true }, { "cybersecurity.nz", true }, + { "cybersecurity.run", true }, { "cybersecuritychallenge.be", true }, { "cybersecurityketen.nl", true }, { "cyberseguranca.com.br", true }, - { "cyberserver.org", true }, { "cybersins.com", true }, { "cybersmart.co.uk", true }, { "cybersmartdefence.com", true }, @@ -8516,11 +8640,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cybertu.be", true }, { "cyberwars.dk", true }, { "cyberwire.nl", true }, - { "cybit.io", true }, + { "cyberxpert.nl", true }, { "cybozu.cn", true }, { "cybozu.com", true }, { "cybozulive-dev.com", true }, { "cybozulive.com", true }, + { "cybrary.it", true }, { "cyclebeads.com", true }, { "cycleluxembourg.lu", true }, { "cyclisjumper.gallery", true }, @@ -8531,12 +8656,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cygnan.com", true }, { "cygnatus.com", true }, { "cygnius.net", true }, - { "cygu.ch", true }, { "cyhour.com", true }, { "cykelbanor.se", true }, { "cylindricity.com", true }, { "cyon.ch", true }, - { "cype.dedyn.io", true }, { "cyph.audio", true }, { "cyph.com", true }, { "cyph.healthcare", true }, @@ -8546,18 +8669,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cyph.video", true }, { "cyph.ws", true }, { "cypherpunk.at", true }, - { "cypressinheritancesaga.com", true }, + { "cypherpunk.com", true }, { "cypresslegacy.com", true }, { "cyprus-company-service.com", true }, { "cyrating.com", true }, { "cysec.biz", true }, { "cyson.tech", true }, { "cytech.com.tr", true }, - { "cytegic-update-packages.com", true }, { "cyumus.com", true }, { "cyyzaid.cn", true }, { "czakey.net", true }, { "czbix.com", true }, + { "czbtm.com", true }, { "czc.cz", true }, { "czechamlp.com", true }, { "czechvirus.cz", true }, @@ -8568,7 +8691,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "d-designerin.de", true }, { "d-eisenbahn.com", true }, { "d-loop.de", true }, - { "d-macindustries.com", true }, { "d-msg.com", true }, { "d-parts24.de", true }, { "d-quantum.com", true }, @@ -8582,11 +8704,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "d0m41n.name", true }, { "d0xq.com", true }, { "d2s.uk", true }, + { "d3lab.net", true }, { "d3njjcbhbojbot.cloudfront.net", true }, { "d3xt3r01.tk", true }, { "d3xx3r.de", true }, { "d42.no", true }, - { "d4wson.com", true }, + { "d4rkdeagle.tk", true }, { "d4x.de", true }, { "d66.nl", true }, { "d8.io", true }, @@ -8594,6 +8717,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "da.hn", true }, { "da42foripad.com", true }, { "daallexx.eu", true }, + { "dabneydriveanimalhospital.com", true }, { "dabuttonfactory.com", true }, { "dachb0den.net", true }, { "dachdecker-ranzenberger.de", true }, @@ -8609,6 +8733,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dadrian.io", true }, { "daduke.org", true }, { "daemen.org", true }, + { "daemon.xin", true }, { "daemonslayer.net", true }, { "daemwool.ch", true }, { "daevel.fr", true }, @@ -8621,6 +8746,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dagmar2018.cz", true }, { "dahlberg.cologne", true }, { "dai.top", true }, + { "daigakujuken-plus.com", true }, { "daikoz.com", true }, { "dailybits.be", true }, { "dailyblogged.com", true }, @@ -8630,9 +8756,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dailyxenang.com", true }, { "daintymeal.com", true }, { "dairyshrine.org", true }, + { "daisakuikeda.org", true }, { "daisidaniels.co.uk", true }, { "daisy-peanut.com", true }, { "daisypeanut.com", true }, + { "daiwai.de", false }, { "daiweihu.com", true }, { "dak.org", true }, { "daknob.net", true }, @@ -8661,6 +8789,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "damngoodpepper.com", false }, { "damongant.de", true }, { "damonline.dk", true }, + { "dampedia.com", true }, { "dan-informacijske-varnosti.si", true }, { "dan.me.uk", true }, { "dan.org.nz", true }, @@ -8672,9 +8801,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "danchen.org", true }, { "dancingcubs.co.uk", true }, { "dancingshiva.at", true }, - { "dandenongroadapartments.com.au", true }, { "daneandthepain.com", true }, - { "dango.in", true }, { "danhalliday.com", true }, { "daniel-baumann.ch", true }, { "daniel-cholewa.de", true }, @@ -8682,13 +8809,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "daniel-kulbe.de", true }, { "daniel-milnes.uk", true }, { "daniel-ruf.de", true }, + { "daniel-wildhaber.ch", true }, { "danielalvarez.net", true }, { "danielas.boutique", true }, { "danielehniss.de", true }, { "danielepestilli.com", true }, { "danielgorr.de", true }, { "danielheal.net", true }, - { "danielhinterlechner.eu", false }, + { "danielhinterlechner.eu", true }, { "danielhochleitner.de", true }, { "danieljamesscott.org", true }, { "danieljireh.com", true }, @@ -8697,19 +8825,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "danielmarquard.com", true }, { "danielmartin.de", true }, { "danielmoch.com", true }, + { "danielmorell.com", true }, { "danielmostertman.com", false }, { "danielmostertman.nl", false }, { "danielpeukert.cz", true }, + { "danielran.com", true }, { "danielrozenberg.com", true }, { "danielsblog.org", true }, { "danielschreurs.com", true }, { "danielstach.cz", true }, - { "danielsteiner.net", true }, { "danielstiner.me", true }, - { "danielt.co.uk", true }, + { "danielt.co.uk", false }, { "danielthompson.info", true }, { "danieltollot.de", true }, { "danielvoogsgerd.nl", true }, + { "danielwildhaber.ch", true }, { "danifabi.eu", true }, { "danilapisarev.com", true }, { "danjesensky.com", true }, @@ -8735,6 +8865,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "danpiel.net", true }, { "dansage.co", true }, { "danscomp.com", true }, + { "dansdiscounttools.com", true }, { "danselibre.net", true }, { "danselibre.org", true }, { "danseressen.nl", true }, @@ -8754,6 +8885,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "daphne.informatik.uni-freiburg.de", true }, { "dapim.co.il", true }, { "daplie.com", true }, + { "dappworld.com", true }, { "daracokorilo.com", true }, { "daravk.ch", true }, { "darbi.org", true }, @@ -8771,12 +8903,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "darisni.me", true }, { "dark-infection.de", true }, { "dark-vision.cz", true }, + { "dark.ninja", true }, { "darkag.ovh", true }, { "darkcores.net", true }, { "darkengine.io", true }, { "darkengine.net", true }, + { "darkerlystormy.com", true }, + { "darkerstormy.com", true }, { "darkeststar.org", true }, { "darkfire.ch", true }, + { "darknessflickers.com", true }, { "darknetlive.com", true }, { "darknight.blog", true }, { "darkroomsaredead.com", true }, @@ -8791,6 +8927,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "darkx.me", true }, { "darom.jp", true }, { "darookee.net", false }, + { "daropia.org", true }, { "darshnam.com", true }, { "dart-tanke.com", true }, { "dart-tanke.de", true }, @@ -8809,7 +8946,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dashboard.run", true }, { "dashlane.com", true }, { "dashnearby.com", true }, + { "dashwebconsulting.com", true }, { "dasinternetluegt.at", true }, + { "dasteichwerk.at", true }, { "dasug.de", true }, { "data-detox.de", true }, { "data.gov", true }, @@ -8827,11 +8966,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "datacool.tk", true }, { "datadit.hu", true }, { "datadyne.technology", true }, - { "datafd.com", true }, - { "datafd.net", true }, { "dataformers.at", true }, + { "datagrail.io", true }, { "dataharvest.at", true }, - { "datahoarderschool.club", true }, + { "datahoarder.xyz", true }, { "datakick.org", true }, { "datalife.gr", true }, { "datalysis.ch", true }, @@ -8842,7 +8980,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "datascience.cafe", true }, { "datascience.ch", true }, { "datascomemorativas.com.br", true }, - { "datasharesystem.com", true }, { "dataskydd.net", true }, { "dataspace.pl", true }, { "dataswamp.org", true }, @@ -8856,7 +8993,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "datememe.com", true }, { "datengrab.xyz", true }, { "datenkeks.de", true }, - { "datenlast.de", true }, { "dateno1.com", true }, { "datenreiter.org", true }, { "datenschutz-consult.de", true }, @@ -8869,7 +9005,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "datingticino.ch", true }, { "datmancrm.com", true }, { "datovyaudit.cz", true }, - { "datsound.ru", true }, { "datumou-osusume.com", true }, { "datumou-recipe.com", true }, { "datumstudio.jp", true }, @@ -8883,6 +9018,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "davepage.me.uk", true }, { "davepearce.com", true }, { "davescomputertips.com", true }, + { "davesharpe.com", true }, { "davesinclair.com.au", true }, { "davetempleton.com", true }, { "davevelopment.net", true }, @@ -8901,6 +9037,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "davidbuckell.com", true }, { "davidcrx.net", true }, { "daviddever.net", true }, + { "davidforward.com", true }, + { "davidforward.net", true }, { "davidfrancoeur.com", true }, { "davidgouveia.net", true }, { "davidgow.net", true }, @@ -8908,10 +9046,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "davidking.xyz", true }, { "davidlamprea.com", true }, { "davidlane.io", true }, - { "davidlillo.com", true }, { "davidlyness.com", true }, { "davidmcevoy.org.uk", true }, { "davidmessenger.co.uk", true }, + { "davidmn.org", true }, { "davidnadaski.com", true }, { "davidpearce.com", true }, { "davidpearce.org", true }, @@ -8926,19 +9064,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "davisroi.com", true }, { "davo-usedcars.be", true }, { "davy-server.com", true }, - { "daw.nz", true }, { "dawena.de", true }, + { "dawgs.ga", true }, { "dawnbringer.eu", true }, { "dawnbringer.net", true }, { "dawnofeden.net", true }, - { "dawnsonb.com", true }, { "dawoud.org", true }, { "dawson-floridavilla.co.uk", true }, { "day-peak.com", true }, { "daycontactlens.com", true }, { "daylight-dream.ee", true }, { "daylightpirates.org", true }, - { "dayman.net", true }, + { "dayman.net", false }, { "daymprove.life", true }, { "dayofdays.be", true }, { "daysoftheyear.com", true }, @@ -8978,10 +9115,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dchest.org", true }, { "dckd.nl", true }, { "dcl.re", true }, + { "dclaisse.fr", true }, { "dcmt.co", true }, { "dcpower.eu", true }, { "dcrdev.com", true }, - { "dd.art.pl", true }, { "ddays2008.org", true }, { "ddel.de", true }, { "dden.ca", true }, @@ -8993,11 +9130,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ddproxy.cf", true }, { "ddracepro.net", true }, { "dds.mil", true }, + { "ddy.tw", true }, { "de-gucci.com", true }, { "de-mail.info", true }, { "de-medici.nl", true }, { "de-rwa.de", true }, - { "de-spil.be", true }, { "de.search.yahoo.com", false }, { "deadbeef.ninja", true }, { "deadc0de.re", true }, @@ -9016,12 +9153,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dealbanana.it", true }, { "dealbanana.se", true }, { "dealcruiser.nl", true }, + { "dealerselectric.com", true }, { "dealinflatables.co.uk", true }, { "dealpass.no", true }, { "deamuseum.org", true }, { "deanbank.com", true }, { "deanisa.ninja", true }, - { "deanjerkovich.com", true }, { "deanmorgan.org", true }, { "deano-s.co.uk", true }, { "deanosplace.net", true }, @@ -9031,6 +9168,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dearfcc.org", true }, { "dearktiel.nl", true }, { "dearnevalleybouncycastles.co.uk", true }, + { "deathofspring.com", true }, { "deathy.ro", true }, { "debarrasantony.com", true }, { "debarrasasnieressurseine.com", true }, @@ -9041,7 +9179,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "debbyefurd.com", true }, { "debie-usedcars.be", true }, { "debigare.com", true }, - { "debitpaie.com", true }, { "debron-ot.nl", true }, { "debrusoft.ch", true }, { "debt.com", true }, @@ -9081,13 +9218,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "deechtebakkers.nl", true }, { "deegeeinflatables.co.uk", true }, { "deelmijnreis.nl", true }, - { "deep.club", true }, { "deep.social", true }, { "deepaero.com", true }, { "deeparamaraj.com", true }, { "deepbluecrafting.co.uk", true }, { "deepcode.io", true }, { "deeperxh.com", true }, + { "deephill.com", true }, { "deeployr.io", true }, { "deepserve.info", true }, { "deepsouthsounds.com", true }, @@ -9097,7 +9234,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "deepzz.com", true }, { "deer.team", true }, { "deezeno.com", true }, - { "def-pos.ru", true }, { "defcon.org", true }, { "defcongroups.org", true }, { "defeestboek.nl", true }, @@ -9175,6 +9311,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "deltafinanceiro.com.br", true }, { "deltaonlineguards.com", true }, { "deltaservers.com.br", true }, + { "deltasigmachi.org", true }, { "deltasmart.ch", true }, { "deltava.org", true }, { "demarle.ch", true }, @@ -9194,6 +9331,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "demonwav.com", true }, { "demonwolfdev.com", true }, { "demotivatorbi.ru", true }, + { "dempsters.ca", false }, { "demuzere.be", true }, { "demuzere.com", true }, { "demuzere.eu", true }, @@ -9203,6 +9341,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "denaehula.com", true }, { "denardbrewing.com", true }, { "denbkh.ru", true }, + { "dengchangdong.com", true }, { "dengode.eu", true }, { "denimio.com", true }, { "denimtoday.com", true }, @@ -9221,6 +9360,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dent.uy", true }, { "dentallaborgeraeteservice.de", true }, { "dentfix.ro", true }, + { "dentistesdarveauetrioux.com", true }, { "dentistglasgow.com", true }, { "dentrassi.de", true }, { "dentystabirmingham.co.uk", true }, @@ -9236,10 +9376,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "depotsquarekerrville.com", true }, { "depotter-usedcars.be", true }, { "deprecate.de", true }, - { "deprobe.pro", true }, - { "depth-co.jp", true }, { "depthe.gr", true }, { "der-bank-blog.de", true }, + { "der-fliesenzauberer.de", true }, { "der-gardinenmann.de", true }, { "der-lan.de", true }, { "der-rudi.eu", true }, @@ -9252,6 +9391,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "derbybouncycastles.com", true }, { "derdewereldrommelmarkt.nl", true }, { "derechosdigitales.org", true }, + { "dereddingsklos.nl", true }, { "dereferenced.net", true }, { "derehamcastles.co.uk", true }, { "derekheld.com", true }, @@ -9281,6 +9421,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "desertsounds.org", true }, { "desgenst.ch", true }, { "design-fu.com", false }, + { "design-in-bad.eu", true }, { "design-tooning.de", true }, { "designdevs.eu", true }, { "designed-cybersecurity.com", true }, @@ -9300,6 +9441,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "deskvip.com", true }, { "desmaakvanplanten.be", true }, { "desmo.gg", true }, + { "desormiers.com", true }, { "despachomartinyasociados.com", true }, { "despertadoronline.com.es", true }, { "desplats.com.ar", true }, @@ -9309,6 +9451,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "destileria.net.br", true }, { "destinationsofnewyorkstate.com", true }, { "destinattorneyjohngreene.com", true }, + { "destinopiriapolis.com", true }, { "desu.ne.jp", true }, { "desveja.com.br", true }, { "det-te.ch", true }, @@ -9317,17 +9460,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "detectify.com", false }, { "detekenmuze.nl", true }, { "dethemium.com", true }, + { "detodojuegos.com", true }, { "detoxetmoi.com", true }, + { "detoxic.vn", true }, { "detoxsinutritie.ro", true }, { "detroit-english.de", true }, - { "detroitrocs.org", true }, { "detroitstylepizza.com", true }, { "detroitzoo.org", true }, { "detski.center", true }, { "detskysad.com", true }, { "detuinmuze.nl", true }, { "detype.nl", true }, - { "deuchnord.fr", true }, { "deude.de", true }, { "deukie.nl", true }, { "deurenfabriek.nl", true }, @@ -9339,11 +9482,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "deutscher-rollenspielpreis.de", true }, { "deutscheshoponline.com", true }, { "deutschland-dsl.de", true }, - { "deux.solutions", true }, { "deuxmetrescubes.fr", true }, - { "deuxsol.co", true }, - { "deuxsol.com", true }, - { "deuxsolutions.com", true }, { "dev-brandywineglobal.com", true }, { "dev-pulse-mtn.pantheonsite.io", true }, { "dev-tek.de", true }, @@ -9355,7 +9494,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "devct.cz", false }, { "devcu.com", true }, { "devcu.net", true }, - { "devdom.io", true }, { "devdoodle.net", true }, { "devel.cz", true }, { "develerik.com", true }, @@ -9364,7 +9502,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "developer.mydigipass.com", false }, { "developerdan.com", true }, { "developerfair.com", true }, - { "developermail.io", true }, { "developers.facebook.com", false }, { "developfx.com", true }, { "developmentaid.org", true }, @@ -9382,8 +9519,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "devisnow.fr", true }, { "devjack.de", true }, { "devkid.net", true }, + { "devkit.cc", false }, { "devklog.net", true }, - { "devlamvzw.org", true }, + { "devlamvzw.org", false }, { "devlatron.net", true }, { "devlogr.com", true }, { "devolution.ws", true }, @@ -9391,7 +9529,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "devopers.com.br", true }, { "devops-survey.com", true }, { "devpgsv.com", true }, + { "devpsy.info", true }, { "devrandom.net", true }, + { "devsjournal.com", true }, + { "devsrvr.ru", true }, { "devstaff.gr", true }, { "devyn.ca", true }, { "devzero.io", true }, @@ -9399,7 +9540,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dewalch.net", true }, { "dewapress.com", true }, { "dewinter.com", true }, + { "dex.top", true }, { "dexalo.de", true }, + { "dexigner.com", true }, { "deyute.com", true }, { "dezeregio.nl", true }, { "dezet-ev.de", true }, @@ -9410,14 +9553,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dfctaiwan.org", true }, { "dfekt.no", true }, { "dfektlan.no", true }, - { "dfl.mn", true }, { "dflcares.com", true }, { "dfmn.berlin", true }, { "dfranke.com", true }, { "dg7.in", true }, - { "dgblaw.com.au", true }, + { "dgblaw.com.au", false }, { "dgbouncycastlehire.com", true }, - { "dgby.org", true }, { "dgeex.eu", true }, { "dggm.ru", true }, { "dgitup.com", true }, @@ -9438,10 +9579,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dhuy.net", true }, { "di2pra.com", true }, { "di2pra.fr", true }, + { "diablovalleytech.com", true }, { "diadorafitness.es", true }, { "diadorafitness.it", true }, + { "diagnocentro.cl", true }, { "diagnostix.org", true }, - { "dialoegue.com", true }, + { "dialapicnic.co.za", true }, + { "dialectic-og.com", true }, { "diamante.ro", true }, { "diamantovaburza.cz", true }, { "diamondsleepsolutions.com", true }, @@ -9467,7 +9611,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dicionariodesimbolos.com.br", true }, { "dicionarioetimologico.com.br", true }, { "dickieslife.com", true }, - { "dickpics.ru", true }, { "dicoding.com", true }, { "dictionaryofnumbers.com", true }, { "dictzone.com", true }, @@ -9484,11 +9627,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "die-seide.de", true }, { "die-sinlosen.de", true }, { "die-speisekammer-reutlingen.de", true }, - { "diedrich.co", true }, + { "diedrich.co", false }, { "diedrich.me", true }, { "dieecpd.org", true }, { "diegelernten.de", true }, { "diegerbers.de", true }, + { "diegobarrosmaia.com.br", true }, { "diegogelin.com", true }, { "diegorbaquero.com", true }, { "diehl.io", true }, @@ -9500,7 +9644,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dienstplan.one", true }, { "dierabenmutti.de", true }, { "dierenartsdeconinck.be", true }, - { "dierencompleet.nl", true }, { "dieselanimals.lt", true }, { "dieselgalleri.com", true }, { "diesteppenreiter.de", true }, @@ -9529,12 +9672,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "digibull.link", true }, { "digicert-support.com", true }, { "digicert.nl", true }, + { "digicy.cloud", true }, { "digideli.ee", true }, { "digidroom.be", true }, { "digilicious.com", true }, { "digimagical.com", true }, { "digimedia.cd", false }, - { "digioccumss.ddns.net", true }, { "digired.ro", true }, { "digital-compounds.com", true }, { "digital-eastside.de", true }, @@ -9542,8 +9685,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "digital.gov", false }, { "digital.govt.nz", true }, { "digital1st.co.uk", true }, - { "digital1world.com", true }, - { "digital2web.com", true }, + { "digital2web.com", false }, { "digitalarchitecture.com", true }, { "digitalbitbox.com", true }, { "digitalcash.cf", true }, @@ -9561,7 +9703,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "digitaldem.it", true }, { "digitalehandtekeningen.nl", true }, { "digitaleoverheid.nl", true }, - { "digitalewelten.de", true }, { "digitalezukunft-hagen.de", true }, { "digitalezukunft.nrw", true }, { "digitalfishfun.com", true }, @@ -9576,6 +9717,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "digitalrights.fund", true }, { "digitalskillswap.com", true }, { "digitalsurge.io", true }, + { "digitaltcertifikat.dk", true }, { "digitaltechnologies.ltd.uk", true }, { "digitkon.com", true }, { "digminecraft.com", true }, @@ -9612,10 +9754,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "din-hkd.jp", true }, { "dineachook.com.au", true }, { "dinepont.fr", true }, + { "dingcc.me", true }, { "dinge.xyz", true }, - { "dingelbob-schuhcreme.gq", true }, { "dingsbums.shop", true }, - { "dinheirolucrar.com", true }, { "dinkommunikasjon.no", true }, { "dinmtb.dk", true }, { "dinocarrozzeria.com", true }, @@ -9634,7 +9775,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "direct-sel.com", true }, { "directebanking.com", true }, { "directelectricalltd.co.uk", true }, - { "directinsure.in", true }, { "directlinkfunding.co.uk", true }, { "directme.ga", true }, { "directnews.be", true }, @@ -9644,14 +9784,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "direktvermarktung-schmitzberger.at", true }, { "dirips.com", true }, { "dirk-scheele.de", true }, + { "dirkdoering.de", true }, { "dirko.net", true }, - { "dirkwolf.de", true }, { "dirtcraft.ca", true }, { "dirtygeek.ovh", true }, { "disability.gov", true }, { "disabled.dating", true }, { "disanteimpianti.com", true }, - { "disarc.com", true }, { "disavow.tools", true }, { "disc.uz", true }, { "discarica.it", true }, @@ -9668,12 +9807,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "discordapp.com", true }, { "discordghost.space", true }, { "discordia.me", true }, - { "discotek.club", false }, + { "discotek.club", true }, { "discount24.de", true }, { "discountplush.com", true }, { "discover-shaken.com", true }, { "discoverthreejs.com", true }, + { "discoverucluelet.com", true }, { "discoveryaima.com", true }, + { "discoveryottawa.ca", true }, { "discoveryrom.org", true }, { "discreet-condooms.nl", true }, { "dise-online.de", true }, @@ -9708,7 +9849,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "disinisharing.com", true }, { "diskbit.com", true }, { "diskbit.nl", true }, - { "dismail.de", true }, { "dispatchitsolutions.com", true }, { "dispatchitsolutions.io", true }, { "disposable.link", true }, @@ -9717,7 +9857,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dissertationhelp.com", true }, { "dissidence.ovh", true }, { "dissident.host", true }, - { "dissieux.com", true }, { "dist.torproject.org", false }, { "disti.com", true }, { "distiduffer.org", true }, @@ -9746,6 +9885,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "divinegames.studio", true }, { "diving.photo", true }, { "divorciosmurcia.com", true }, + { "divvymonkey.com", true }, { "dixi.fi", true }, { "diybook.at", true }, { "diycc.org", true }, @@ -9766,7 +9906,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "djc.me", true }, { "djcursuszwolle.nl", true }, { "djdavid98.hu", true }, + { "djieno.com", true }, { "djipanov.com", true }, + { "djleon.net", true }, { "djlive.pl", true }, { "djlnetworks.co.uk", true }, { "djsbouncycastlehire.com", true }, @@ -9774,6 +9916,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "djt-vom-chausseehaus.de", true }, { "djursland-psykologen.dk", true }, { "djwaynepryke.com", true }, + { "djz4music.com", false }, { "dk-kromeriz.cz", true }, { "dk.com", true }, { "dk.search.yahoo.com", false }, @@ -9790,7 +9933,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dlitz.net", true }, { "dll4free.com", true }, { "dlld.com", true }, - { "dlouwrink.nl", true }, { "dlrsp.org", true }, { "dlscomputers.com.au", true }, { "dlunch.net", true }, @@ -9807,10 +9949,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dmd.lv", true }, { "dmdd.org.uk", true }, { "dmeevalumate.com", true }, - { "dmfd.net", true }, { "dmi.es", true }, { "dmitry.sh", true }, - { "dmmkenya.co.ke", true }, { "dmmultionderhoud.nl", true }, { "dmschilderwerken.nl", true }, { "dmx.xyz", true }, @@ -9834,12 +9974,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dns8.online", true }, { "dnscrawler.com", true }, { "dnscrypt.info", true }, - { "dnscrypt.nl", true }, { "dnscurve.io", true }, { "dnshallinta.fi", true }, { "dnsinfo.ml", true }, { "dnsman.se", true }, + { "dnspod.ml", true }, { "dnstwister.report", true }, + { "dnzz123.com", true }, { "do-it.cz", true }, { "do-prod.com", true }, { "do.gd", true }, @@ -9847,9 +9988,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "do13.net", true }, { "do67.de", true }, { "do67.net", true }, + { "dobraprace.cz", true }, { "dobrev.family", true }, { "dobrisan.ro", true }, - { "dobsnet.net", true }, { "doc.python.org", true }, { "doc.to", true }, { "doc8643.com", true }, @@ -9861,7 +10002,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dochitaceahlau.ro", true }, { "dockerbook.com", false }, { "dockerm.com", true }, - { "dockerturkiye.com", true }, { "dockerup.net", true }, { "doclassworks.com", true }, { "docline.gov", true }, @@ -9876,7 +10016,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "doctafit.com", true }, { "doctor-locks.co.uk", true }, { "doctor.dating", true }, + { "doctorbini.com", true }, { "doctorfox.co.uk", true }, + { "doctorsonmaps.com", true }, { "doctorwho.cz", true }, { "docubox.info", true }, { "docucopies.com", true }, @@ -9899,7 +10041,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dogmap.jp", true }, { "dogoo.com", true }, { "dogpawstudio.com", true }, - { "dogprograms.net", true }, { "dogrescuegreece.nl", true }, { "dogworld.com.br", true }, { "dohanews.co", true }, @@ -9918,7 +10059,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dollemore.com", true }, { "dolorism.com", true }, { "dolphin-it.de", true }, - { "dolt.xyz", true }, { "dom-medicina.ru", true }, { "doma.in", true }, { "domadillo.com", true }, @@ -9987,16 +10127,28 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dongxuwang.com", true }, { "donkennedyandsons.com", true }, { "donkeytrekkingkefalonia.com", true }, + { "donlydental.ca", true }, { "donmaldeamores.com", true }, + { "donna-bellini-business-fotografie-muenchen.de", true }, + { "donna-bellini-fotografie-berlin.de", true }, + { "donna-bellini-fotografie-erfurt.de", true }, + { "donna-bellini-fotografie-frankfurt.de", true }, + { "donna-bellini-fotografie-hamburg.de", true }, + { "donna-bellini-fotografie-koeln.de", true }, + { "donna-bellini-fotografie-muenchen.de", true }, + { "donna-bellini-fotografie-nuernberg.de", true }, + { "donna-bellini-fotografie-stuttgart.de", true }, + { "donna-bellini-fotografie-wien.de", true }, + { "donna-bellini-hochzeitsfotograf-frankfurt.de", true }, + { "donna-bellini-hochzeitsfotograf-muenchen.de", true }, { "donnacha.blog", true }, { "donnachie.net", true }, { "donner-reuschel.de", true }, { "donnons.org", false }, - { "donnoval.ru", true }, { "donotlink.it", true }, { "donovand.info", true }, - { "donpaginasweb.com", true }, { "donpomodoro.com.co", true }, + { "donsbach-edv.de", true }, { "dont.re", true }, { "dont.watch", true }, { "dontbubble.me", true }, @@ -10025,23 +10177,31 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dopsi.ch", true }, { "dora.moe", true }, { "dorde.eu", true }, + { "dorfbaeck.at", true }, { "dorfbrunnen.eu", true }, { "dorfzittig.de", true }, { "doriangirod.ch", true }, { "dorianharmans.nl", true }, { "dorianmuthig.com", true }, + { "doridian.com", true }, + { "doridian.de", true }, { "doridian.net", true }, + { "doridian.org", true }, + { "dormirmucho.com", true }, { "dormiu.com", true }, { "dormiu.com.br", true }, + { "dornhecker.me", true }, { "dorquelle.com", true }, { "dorsetentertainments.co.uk", true }, { "dorth.nl", true }, + { "dosdediez.com", true }, { "dosenbierrepublik.com", true }, { "dosenkiwi.at", true }, { "doska.by", true }, { "doska.ru", true }, { "dosomeworks.biz", true }, { "dossplumbing.co.za", true }, + { "dostlar.fr", true }, { "dosvientoselectric.com", true }, { "dosvientoselectrical.com", true }, { "dosvientoselectrician.com", true }, @@ -10052,8 +10212,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "doswap.com", true }, { "dosyauzantisi.com", true }, { "dot.ro", true }, - { "dotacni-parazit.cz", true }, - { "dotb.dn.ua", false }, + { "dot42.no", true }, { "dotbigbang.com", true }, { "dotbox.org", true }, { "dotcircle.co", true }, @@ -10061,6 +10220,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dotgov.gov", true }, { "dothebangthingsalon.com", true }, { "dothydesign.com", true }, + { "dotjesper.com", true }, + { "dotjesper.dk", true }, + { "dotjesper.net", true }, { "dotjs.party", true }, { "dotkniseandroida.cz", true }, { "dotkod.pl", true }, @@ -10072,8 +10234,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dotshule.ug", true }, { "dotsiam.co.th", true }, { "dotsiam.com", true }, + { "dotsiam.in.th", true }, { "douai.me", true }, - { "doubleaste.com", true }, { "doubleavineyards.com", true }, { "doublefun.net", true }, { "doublestat.me", true }, @@ -10091,6 +10253,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "downloadaja.com", true }, { "downloadgamemods.com", true }, { "downloadgram.com", true }, + { "downloads.zdnet.com", true }, { "downloadsoftwaregratisan.com", true }, { "downrightcute.com", true }, { "downtimerobot.com", true }, @@ -10107,6 +10270,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dpd.com.pl", true }, { "dperson.net", true }, { "dpfsolutionsfl.com", true }, + { "dpg.no", true }, { "dpi-design.de", true }, { "dpisecuretests.com", true }, { "dprb.biz", true }, @@ -10117,7 +10281,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dr-bodendorf.de", true }, { "dr-jakob-zahnaerzte.de", true }, { "dr-klotz.info", true }, - { "dr-knirr.de", true }, { "dr-krebs.net", true }, { "dr-marlen-nystroem.de", true }, { "dr-moldovan.de", true }, @@ -10129,7 +10292,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dr-www.de", true }, { "drabadir.com", true }, { "drabben.be", true }, - { "drabbin.com", true }, + { "drabim.org", true }, { "drach.xyz", true }, { "drachenleder.de", true }, { "dracisvet.cz", true }, @@ -10139,6 +10302,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "drafton.com", true }, { "drageeparadise.fr", true }, { "dragfiles.com", true }, + { "draghetti.it", true }, { "draghive.asia", true }, { "draghive.ca", true }, { "draghive.co", true }, @@ -10150,7 +10314,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dragon-chem.eu", true }, { "dragon-hearts.co.uk", true }, { "dragoncave.me", true }, - { "dragoncityhack.tips", true }, { "dragonfly.co.uk", true }, { "dragonheartsrpg.com", true }, { "dragonkin.net", true }, @@ -10174,6 +10337,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "draw.uy", true }, { "drawesome.uy", true }, { "drawingcode.net", true }, + { "drawxp.com", true }, + { "drbarnabus.com", true }, { "drbethanybarnes.com", true }, { "drbriones.com", true }, { "drchrislivingston.com", true }, @@ -10200,6 +10365,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dreid.org", true }, { "dreiweiden.de", true }, { "dress-cons.com", true }, + { "drevanbeale.com", true }, { "drevo-door.cz", true }, { "drew.beer", true }, { "drew.red", true }, @@ -10207,6 +10373,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "drewsilcock.co.uk", true }, { "dreyfussplasticsurgery.com", true }, { "drezzy.it", true }, + { "drfranciscofonseca.com.br", true }, { "drfrey.ch", true }, { "drgn.no", true }, { "drhathazi.hu", true }, @@ -10218,7 +10385,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "drillingsupplystore.com", true }, { "drillion.net", true }, { "drillshackresort.com", true }, + { "drinkcontrolapp.com", true }, { "drinkplanet.eu", true }, + { "dripdoctors.com", true }, { "drive.google.com", false }, { "driven2shine.eu", true }, { "drivenes.net", true }, @@ -10239,6 +10408,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "drjulianneil.com", true }, { "drkhsh.at", false }, { "drkmtrx.xyz", true }, + { "drlandis.com", true }, { "drlangsdon.com", true }, { "drmayakato.com", true }, { "drmcdaniel.com", true }, @@ -10277,19 +10447,24 @@ static const nsSTSPreload kSTSPreloadList[] = { { "drubn.de", false }, { "drugs.com", true }, { "drumbe.at", true }, + { "drummondframing.com", true }, { "drunkscifi.com", true }, { "drupal-expert.it", true }, { "drupal.org", true }, { "drupalspb.org", true }, + { "drusantia.net", true }, { "drusillas.co.uk", true }, { "druwe.net", true }, { "druznek.me", true }, { "drvr.xyz", true }, { "drweissbrot.net", true }, + { "drwxr.org", true }, { "drybjed.net", true }, { "drycleancoalition.org", true }, { "drycreekphoto.com", true }, { "drydrydry.com", true }, + { "dryerventcleaningarlington.com", true }, + { "dryerventcleaningcarrollton.com", true }, { "ds67.de", true }, { "dsancomics.com", true }, { "dsanraffleshangbai.xyz", true }, @@ -10298,19 +10473,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dsdalismerkezi.com", true }, { "dsebastien.net", true }, { "dsektionen.se", false }, + { "dsgvo.name", true }, { "dshield.org", true }, { "dsm5.com", true }, { "dsmjs.com", true }, { "dso-imaging.co.uk", true }, + { "dso-izlake.si", true }, { "dsol.hu", true }, - { "dsouzamusic.com", true }, { "dsrw.org", true }, { "dssale.com", true }, { "dstamou.de", true }, { "dsteiner.at", true }, { "dstvinstallrandburg.co.za", true }, - { "dsuinnovation.com", true }, - { "dsyunmall.com", true }, { "dt27.org", true }, { "dtbouncycastles.co.uk", true }, { "dtdsh.com", true }, @@ -10323,8 +10497,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dtnx.eu", true }, { "dtnx.net", true }, { "dtnx.org", true }, - { "dtp-mstdn.jp", true }, { "dtuaarsfest.dk", true }, + { "dtx.sk", true }, { "dualascent.com", true }, { "dualias.xyz", false }, { "dub.cz", true }, @@ -10339,26 +10513,29 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ducalendars.com", true }, { "duch.cloud", true }, { "duchyoffeann.com", true }, - { "duckasylum.com", true }, + { "duckasylum.com", false }, { "duckbase.com", true }, { "duckduck.horse", true }, { "duckduckstart.com", true }, { "duckinc.net", true }, { "duct.me", true }, + { "due-diligence-security.com", true }, + { "duerlund-falkenberg.dk", true }, { "duernberg.at", true }, + { "duesee.org", true }, { "duesterhus.eu", true }, { "dufrei.com", true }, { "dugnet.com", false }, { "dugnet.io", false }, { "dugnet.net", false }, { "dugnet.org", false }, - { "dugnet.tech", false }, { "dugunedavet.com", true }, { "duh.se", true }, { "duijf.info", true }, { "duijfathome.nl", true }, { "duitang.com", true }, { "dukan-recepty.ru", true }, + { "dukatek.cz", true }, { "dukegat.de", false }, { "dukesatqueens.com", true }, { "dukun.de", true }, @@ -10377,20 +10554,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "duncancmt.com", true }, { "duncanfamilytrust.org", true }, { "duncanwinfrey.com", true }, - { "dundalkdonnie.com", true }, + { "dunesadventure.net", true }, { "dungeon-bbs.de", true }, - { "dunklau.fr", true }, { "dunkle-seite.org", true }, { "dunloptrade.com", true }, { "dunmanelectric.com", true }, { "duobus.nl", true }, { "duocircle.com", true }, + { "duoluodeyu.com", true }, { "duonganhtuan.com", true }, { "duoquadragintien.fr", true }, { "dupisces.com.tw", true }, { "dupree.co", true }, { "dupree.pe", true }, { "durand.tf", true }, + { "durbanlocksmiths.co.za", true }, { "durchblick-shop.de", true }, { "durdle.com", true }, { "dureuil.info", true }, @@ -10408,11 +10586,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dustyspokesbnb.ca", true }, { "dutch.desi", true }, { "dutchdare.nl", true }, - { "dutchessuganda.com", true }, { "dutchforkrunners.com", true }, { "dutchrank.nl", true }, { "dutchwanderers.nl", true }, { "dutchweballiance.nl", true }, + { "dv189.com", true }, { "dvbris.co.uk", true }, { "dvbris.com", true }, { "dvdland.com.au", true }, @@ -10421,9 +10599,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dvorupotocnych.sk", true }, { "dvwc.org", true }, { "dvx.cloud", true }, + { "dw-loewe.de", true }, { "dwbtoftshit.com", true }, { "dwgf.xyz", true }, { "dwi-sued.de", true }, + { "dwienzek.de", true }, { "dworzak.ch", true }, { "dwscdv3.com", true }, { "dwtm.ch", true }, @@ -10437,19 +10617,26 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dybuster.es", true }, { "dybuster.it", true }, { "dybuster.se", true }, - { "dycoa.com", true }, { "dyeager.org", true }, { "dyktig.as", true }, { "dyktig.no", true }, { "dylanboudro.com", true }, + { "dylancl.cf", true }, { "dylankatz.com", true }, { "dylanknoll.ca", true }, { "dylanspcrepairs.com", true }, { "dylanwise.net", true }, { "dylmye.me", true }, + { "dym.asia", true }, + { "dym.bz", true }, + { "dym2012.com", true }, + { "dym2013.com", true }, + { "dym2014.com", true }, + { "dym2017.com", true }, { "dymersion.com", true }, { "dymfbbs.com", true }, - { "dymowski.de", true }, + { "dymmovie.com", true }, + { "dymowski.de", false }, { "dyn-dnhensel.de", true }, { "dyn-nserve.net", true }, { "dyn.im", true }, @@ -10459,12 +10646,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dynamics-365.no", true }, { "dynamics365.no", true }, { "dynamicsnetwork.net", true }, - { "dynamictostatic.com", true }, { "dynamicyou.co.uk", true }, { "dynamo.city", true }, { "dynapptic.com", true }, { "dynastic.co", true }, - { "dyncdn.me", true }, { "dynn.be", true }, { "dynorphin.com", true }, { "dynorphins.com", true }, @@ -10475,7 +10660,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dyscalculia-blog.com", true }, { "dysthymia.com", true }, { "dyyn.de", true }, - { "dyz.pw", true }, { "dzeina.ch", true }, { "dzet.de", true }, { "dziary.com", true }, @@ -10485,12 +10669,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dzndk.org", true }, { "dznn.nl", true }, { "dzomo.org", true }, - { "dzsibi.com", true }, { "dzsula.hu", true }, { "dzyabchenko.com", true }, + { "dzyszla.pl", true }, { "e-apack.com.br", true }, + { "e-baraxolka.ru", true }, { "e-bikesdirect.co.uk", true }, { "e-biografias.net", true }, + { "e-borneoshop.com", true }, { "e-briancon.com", true }, { "e-colle.info", true }, { "e-cottage.com.br", true }, @@ -10501,8 +10687,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "e-lambre.com", true }, { "e-learningbs.com", true }, { "e-lifetechnology.com", true }, - { "e-migration.ch", true }, { "e-planetelec.fr", false }, + { "e-ptn.com", true }, { "e-speak24.pl", true }, { "e-standardstore.org", true }, { "e-surveillant.nl", true }, @@ -10525,7 +10711,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "e2feed.com", true }, { "e30.ee", true }, { "e4metech.com", true }, - { "e51888.com", true }, { "e52888.com", true }, { "e52888.net", true }, { "e53888.com", true }, @@ -10540,12 +10725,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "e965.ru", true }, { "e9a.at", true }, { "ea2drocks.com", true }, + { "eacero.com", true }, { "ead-italia.it", true }, { "eagle.net", true }, { "eagleindustriesltd.com", true }, { "eaglemessaging.com", true }, { "eaglesecurity.com", true }, { "eagletechz.com.br", true }, + { "eaglewreck.info", true }, { "eagleyecs.com", true }, { "eaimty.com", true }, { "ealev.de", true }, @@ -10556,15 +10743,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "earn.com", true }, { "earthsystemprediction.gov", true }, { "earticleblog.com", true }, - { "earvinkayonga.com", true }, + { "earvinkayonga.com", false }, { "easelforart.com", true }, { "easez.net", true }, { "eashwar.com", true }, { "eason-yang.com", true }, { "east-line.su", true }, { "eastarm.net", true }, + { "eastblue.org", true }, { "eastcoastbubbleandbounce.co.uk", true }, - { "eastcoastinflatables.co.uk", true }, { "easterncapebirding.co.za", true }, { "eastlothianbouncycastles.co.uk", true }, { "eastmanbusinessinstitute.com", true }, @@ -10585,16 +10772,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "easypay.bg", true }, { "easyproperty.com", true }, { "easypv.ch", true }, - { "easyreal.ru", true }, + { "easyqr.codes", true }, { "easyroad.fr", true }, { "easyschools.org", true }, { "easyslide.be", true }, + { "easyssl.com.cn", true }, { "easystore.co", true }, { "easytechguides.com", true }, { "easytechsecurity.com", true }, { "easyweenies.com", true }, { "eat-sleep-code.com", true }, - { "eat4happiness.com", true }, { "eatery.co.il", true }, { "eatmebudapest.hu", true }, { "eaton-works.com", true }, @@ -10626,12 +10813,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ebonyriddle.com", true }, { "ebooki.eu.org", true }, { "ebop.ch", true }, + { "eboutic.ch", true }, { "eboyer.com", true }, { "ebrnd.de", true }, { "ec-baran.de", true }, { "ec-current.com", true }, + { "ec.mine.nu", true }, + { "eca.edu.au", true }, { "ecacollege.nsw.edu.au", true }, { "ecardoo.com", true }, + { "ecardoo.de", true }, + { "ecardoo.net", true }, + { "ecardoo.org", true }, { "ecchidreams.com", true }, { "ecclesia-koeln.de", true }, { "ecco-verde.com", false }, @@ -10642,7 +10835,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "echatta.org", true }, { "echidna-rocktools.eu", true }, { "echo-security.co", true }, - { "echo.cc", true }, { "echoactive.com", true }, { "echoanalytics.com", true }, { "echodio.com", true }, @@ -10670,7 +10862,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ecoccinelles.com", true }, { "ecococon.fr", true }, { "ecocreativity.org", true }, - { "ecodedi.com", true }, { "ecodesigns.nl", true }, { "ecodigital.social", true }, { "ecofabrica.com.br", true }, @@ -10686,12 +10877,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ecombustibil.ro", true }, { "ecommercestore.net.br", true }, { "ecompen.co.za", true }, + { "ecomycie.com", true }, { "economias.pt", true }, { "economic-sanctions.com", true }, { "economicinclusion.gov", true }, { "economiefidu.ch", true }, { "economies.ch", true }, - { "economycarrentalscyprus.com", true }, { "econsumer.gov", true }, { "econverter.cloud", true }, { "ecorp.cc", true }, @@ -10699,19 +10890,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ecos.srl", true }, { "ecoshare.info", true }, { "ecoskif.ru", true }, - { "ecosoftconsult.com", true }, { "ecosound.ch", true }, { "ecostruxureit.com", true }, { "ecosystem.atlassian.net", true }, { "ecoterramedia.com", true }, { "ecotur.org", true }, { "ecovision.com.br", true }, + { "ecpannualmeeting.com", true }, { "ecrandouble.ch", true }, { "ecupcafe.com", false }, { "ecxforum.com", true }, { "ed.gs", true }, { "ed4becky.net", true }, { "edakoe.ru", true }, + { "edanni.io", true }, { "edd-miles.com", true }, { "eddesign.ch", true }, { "eddmil.es", true }, @@ -10719,21 +10911,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "eddyn.net", true }, { "edeca.net", true }, { "edehsa.com", true }, - { "edenvalerubbleremovals.co.za", true }, { "edesseglabor.hu", true }, { "edfinancial.com", true }, { "edge-cloud.net", true }, { "edgeservices.co.uk", true }, { "edgetalk.net", true }, { "edgevelder.com", true }, - { "edh.email", true }, { "edhesive.com", true }, { "edholm.pub", true }, { "edibarcode.com", true }, { "edicct.com", true }, { "edinburghsportsandoutdoorlearning.com", true }, { "edincmovie.com", true }, - { "edisonchee.com", true }, + { "ediscomp.sk", true }, { "edisonlee55.com", true }, { "edisonluiz.com", true }, { "edisonnissanparts.com", true }, @@ -10750,6 +10940,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "edoss.co.za", true }, { "edp-collaborative.com", true }, { "edplan.io", true }, + { "edpubs.gov", false }, { "edragneainpuscarie.ro", true }, { "edsby.com", true }, { "edservicing.com", true }, @@ -10760,14 +10951,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "edu-kingdom.com", true }, { "edu6.cloud", true }, { "eduard-dopler.de", true }, - { "eduardnikolenko.com", true }, - { "eduardnikolenko.ru", true }, { "edubras.com.br", true }, { "educationevolving.org", true }, { "educationfutures.com", true }, { "educationunlimited.com", true }, { "educator-one.com", true }, { "educators.co.nz", true }, + { "eductf.org", true }, { "eduid.se", false }, { "edumundo.nl", true }, { "eduroam.no", true }, @@ -10778,7 +10968,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "edv-bv.de", true }, { "edv-kohls.de", true }, { "edv-lehrgang.de", true }, - { "edvgarbe.de", true }, { "edvmesstec.de", true }, { "edwar.do", true }, { "edwards.me.uk", true }, @@ -10796,17 +10985,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "eelzak.nl", true }, { "eemcevn.com", true }, { "eengoedenotaris.nl", true }, - { "eeqj.com", true }, + { "eentweevijf.be", true }, { "eer.io", true }, { "eerlijktransport.nl", true }, { "eerstejaarsweekend.nl", true }, { "eery.de", true }, + { "eesti.xyz", true }, { "eewna.org", true }, { "ef-georgia.org", true }, { "ef.gy", true }, { "efa-football.com", true }, { "efaas.nl", true }, { "efag.com", true }, + { "efcross.com", true }, { "efeen.nl", true }, { "eff-bee-eye.de", true }, { "eff.org", true }, @@ -10814,13 +11005,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "effe.ch", true }, { "effective-altruist.com", true }, { "effectivecoffee.com", true }, - { "effectivepapers.com", true }, { "effero.net", true }, { "effex.ru", true }, { "effizienta.ch", true }, { "efflam.net", true }, { "efg-darmstadt.de", false }, - { "efinity.io", true }, { "efmcredentialing.org", true }, { "eft.boutique", true }, { "egablo.black", true }, @@ -10831,7 +11020,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "egb.at", false }, { "egbert.net", true }, { "egeozcan.com", true }, - { "egfl.org.uk", true }, { "egg-ortho.ch", true }, { "eggblast.com", true }, { "eggert.org", false }, @@ -10844,6 +11032,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "egoroof.ru", true }, { "egov4.ch", true }, { "egovernment-podcast.com", true }, + { "egres.xyz", true }, { "egrojsoft.info", true }, { "egrp365.ru", true }, { "egumenita.ro", true }, @@ -10852,6 +11041,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ehaccp.it", true }, { "ehandel.com", true }, { "ehazi.hu", true }, + { "ehbssl.com", true }, { "eheliche-disziplin.schule", true }, { "ehertz.uk", true }, { "ehipaa.com", true }, @@ -10860,6 +11050,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ehmtheblueline.com", true }, { "ehne.de", true }, { "ehomusicgear.com", true }, + { "ehub.cz", true }, + { "ehub.hu", true }, + { "ehub.pl", true }, + { "ehub.sk", true }, { "eichel.eu", true }, { "eichornenterprises.com", true }, { "eickemeyer.nl", true }, @@ -10868,11 +11062,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "eickhofcolumbaria.com", true }, { "eidolons.org", true }, { "eifel.website", true }, - { "eiga-movie.com", true }, { "eigenpul.se", true }, { "eigenpulse.com", true }, { "eighty-aid.com", true }, - { "eightyfour.ca", true }, { "eigpropertyauctions.co.uk", true }, { "eihaikyo.com", true }, { "eilhan.com", true }, @@ -10882,13 +11074,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "einfachbahn.de", true }, { "einheft.info", true }, { "einheizpreis.de", true }, - { "einmonolog.de", true }, { "einrichtwerk.de", true }, { "einrichtwerk.shop", true }, { "einsatzstellenverwaltung.de", true }, { "einser.com", true }, - { "einsit.com", true }, - { "einsitapis.com", true }, { "einsteinathome.org", true }, { "eintageinzug.de", true }, { "eintragsservice24.de", true }, @@ -10901,6 +11090,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "eiyoushi-shigoto.com", true }, { "ejdv-anmeldung.de", true }, { "ejeff.org", true }, + { "ejkmedia.nl", true }, + { "ejkmuseum.nl", true }, + { "ejknet.nl", true }, + { "ejkwebdesign.nl", true }, { "ejuicelab.co.uk", true }, { "ek-networks.de", true }, { "ek.network", true }, @@ -10936,8 +11129,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "elbetech.net", true }, { "elbohlyart.com", true }, { "elcambiador.es", true }, + { "elcontadorsac.com", true }, { "eldapoint.co.uk", true }, - { "elderoost.com", true }, { "eldertons.co.uk", true }, { "eldietista.es", true }, { "eldinhadzic.com", true }, @@ -10945,8 +11138,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "eldisagjapi.de", true }, { "eldrid.ge", true }, { "eldritchfiction.net", true }, + { "eleaut.com.br", true }, { "electionsbycounty.com", true }, { "electionsdatabase.com", true }, + { "electmikewaters.com", true }, { "electr0sheep.com", true }, { "electragirl.com", true }, { "electric-vault.co.uk", true }, @@ -10965,6 +11160,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "electricalmoorpark.com", true }, { "electricalnewburypark.com", true }, { "electricaloakpark.com", true }, + { "electricalpacificpalisades.com", true }, { "electricalsimivalley.com", true }, { "electricalthousandoaks.com", true }, { "electricalwestlakevillage.com", true }, @@ -10972,8 +11168,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "electriccamarillo.com", true }, { "electricconejovalley.com", true }, { "electricdosvientos.com", true }, - { "electricfencealberton.co.za", true }, { "electricfencebenoni.co.za", true }, + { "electricfencingballito.co.za", true }, { "electricgatemotorgermiston.co.za", true }, { "electricgatemotorrandburg.co.za", true }, { "electricgatemotorskemptonpark.co.za", true }, @@ -11017,9 +11213,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "eleicoes2014.com.br", true }, { "eleicoes2016.com.br", true }, { "eleicoes2018.com", true }, + { "elekharris.com", true }, { "elektro-adam.de", true }, { "elektro-collee.de", true }, { "elektro-diehm.de", true }, + { "elektro-doerr.com", true }, { "elektro-hammes.net", true }, { "elektro-hofmann-gmbh.de", true }, { "elektro-hornetz.de", true }, @@ -11063,12 +11261,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "elfe.de", true }, { "elfnon.com", true }, { "elgalponazo.com.ar", true }, + { "elglobo.com.mx", false }, { "elgosblanc.com", false }, { "elguadia.faith", true }, { "elhamadimi.com", true }, { "elhorizontal.com", true }, { "elhossari.com", true }, - { "elia.cloud", true }, { "elian-art.de", true }, { "elibom.com", true }, { "elie.net", true }, @@ -11088,7 +11286,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "elisabethkostecki.de", true }, { "elisabethrene.com", true }, { "elisechristie.com", true }, - { "elite-porno.ru", true }, + { "elistor6100.xyz", true }, { "elite12.de", true }, { "elitebouncingfun.com", true }, { "elitegameservers.net", true }, @@ -11104,13 +11302,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ell-net.tokyo", true }, { "ella-kwikmed.com", false }, { "ellak.gr", true }, + { "ellegaard.dk", true }, { "ellemental.me", true }, { "ellencorddry.com", true }, { "ellevit.ch", true }, { "elliesbouncers.co.uk", true }, { "elliff.net", true }, { "elliot.cat", true }, - { "elliquiy.com", true }, { "elliriehl.at", true }, { "ellisamusements.co.uk", true }, { "ellisleisure.co.uk", true }, @@ -11122,11 +11320,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "elodieclerc.ch", true }, { "elohellp.com", false }, { "elonaspitze.de", true }, + { "elonm.ru", true }, { "elosrah.com", true }, { "elosuite.com", true }, { "eloxt.com", true }, { "elpado.de", true }, - { "elpo.net", true }, { "elpoderdelespiritu.org", true }, { "elrinconderovica.com", true }, { "elsagradocoran.org", true }, @@ -11140,18 +11338,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "elternbeiratswahl.online", true }, { "elternforum-birmensdorf.ch", true }, { "elternverein-utzenstorf.ch", true }, - { "eltrox.me", true }, { "elucron.com", true }, { "eluhome.de", true }, + { "eluvio.com", true }, { "elvidence.com.au", true }, { "elviraszabo.com", true }, { "elvispresley.net", true }, { "elvisripley.com", true }, + { "elvn.tokyo", true }, { "elwave.org", true }, { "elwix.com", true }, { "elxsi.de", true }, { "elyasweb.com", true }, - { "elyisus.info", true }, { "elysiria.fr", true }, { "elysiumware.com", true }, { "em-biotek.cz", true }, @@ -11166,7 +11364,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "emailtools.io", true }, { "emaily.eu", true }, { "emanuel.photography", true }, - { "emanuelduss.ch", true }, { "emanueleanastasio.com", true }, { "emanuelemazzotta.com", true }, { "embassycargo.eu", true }, @@ -11176,8 +11373,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "embroideryexpress.co.uk", true }, { "emby.cloud", true }, { "emcspotlight.com", true }, - { "emedworld.com", true }, { "emeliefalk.se", true }, + { "ememsei.com", true }, + { "emeraldcbdshop.com", true }, { "emeraldcityswagger.com", true }, { "emeraldcoastrideshare.com", true }, { "emeraldonion.org", true }, @@ -11205,9 +11403,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "emma.ca", true }, { "emmababy420.com", true }, { "emmagraystore.com", true }, - { "emmaliddell.com", true }, { "emobilityforum.org", true }, - { "emoji.bzh", true }, + { "emoji.bzh", false }, { "emolafarm.com", true }, { "emond-usedcars.net", true }, { "empathogen.com", true }, @@ -11235,9 +11432,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "emtradingacademy.com", true }, { "emultiagent.pl", true }, { "emupedia.net", true }, + { "emvoice.net", true }, { "emvoiceapp.com", true }, { "emw3.com", true }, { "emyr.net", true }, + { "emyself.org", true }, { "en-booster.jp", true }, { "en-crypt.me", true }, { "en-maktoob.search.yahoo.com", false }, @@ -11246,12 +11445,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "enaim.de", true }, { "enamae.net", true }, { "enbecom.net", true }, - { "encadrer-mon-enfant.com", true }, { "encfs.win", true }, { "encircleapp.com", true }, { "encnet.de", true }, { "encode.host", true }, - { "encoderx.uk", true }, + { "encore.io", true }, { "encouragemarketing.com", true }, { "encredible.de", false }, { "encredible.org", false }, @@ -11273,7 +11471,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "enduranceday.be", true }, { "endzeit-architekten.com", false }, { "enemiesoflight.de", true }, - { "energethik-tulln.at", true }, { "energie-sante.ch", true }, { "energiekeurplus.nl", true }, { "energisammenslutningen.dk", true }, @@ -11288,13 +11485,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "energyelephant.com", true }, { "energyled.com.br", true }, { "energystar.gov", true }, - { "enersaveapp.org", true }, - { "enersec.co.uk", true }, { "enet-navigator.de", true }, { "enfantsdelarue.ch", true }, { "enfield-kitchens.co.uk", true }, { "enflow.nl", true }, - { "enfoqueseguro.com", true }, { "enfu.se", true }, { "engarde.net", true }, { "engaugetools.com", true }, @@ -11305,11 +11499,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "engiedev.net", true }, { "engineowning.com", true }, { "enginepit.com", true }, - { "enginx.cn", true }, { "enginx.net", true }, { "englishbulgaria.net", true }, { "englishcast.com.br", true }, - { "englishclub.com", true }, { "englishforums.com", true }, { "englishlol.com", true }, { "englishphonopass.com", true }, @@ -11318,14 +11510,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "enigma.swiss", true }, { "enijew.com", true }, { "enitso.de", true }, + { "enixgaming.com", true }, { "enjincoin.io", true }, { "enjinwallet.io", true }, { "enjinx.io", true }, + { "enjoy-drive.com", true }, { "enjoyphoneblog.it", true }, - { "enjoystudio.ro", true }, - { "enlatte.com", true }, { "enlazaresbueno.cl", true }, - { "enlightened.si", true }, { "enlightenedhr.com", true }, { "enlightenment.org", true }, { "enlnf.link", true }, @@ -11334,15 +11525,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "enness.co.uk", true }, { "ennori.jp", true }, { "enomada.net", true }, + { "enord.fr", true }, { "enorekcah.com", true }, { "enot32.ru", true }, { "enotecastore.it", true }, + { "enpasenerji.com.tr", true }, { "enquos.com", true }, { "enriquepiraces.com", true }, { "enrollapp.com", true }, { "ensage.io", true }, { "enscosupply.com", true }, { "ensemble-rubato.de", true }, + { "ensembling.com", true }, { "enskat.de", true }, { "enskatson-sippe.de", true }, { "ensley.tech", true }, @@ -11354,7 +11548,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "entabe.jp", true }, { "entactogen.com", true }, { "entactogens.com", true }, - { "enteente.com", true }, + { "entercenter.ru", true }, { "enterprisechannel.asia", true }, { "enterprisey.enterprises", true }, { "entheogens.com", true }, @@ -11372,16 +11566,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "envant.co.uk", true }, { "enveloppenopmaat.nl", true }, { "envescent.com", true }, - { "enviam.de", true }, { "enviaya.com.mx", true }, - { "environment.ai", true }, { "environmentkirklees.org", true }, { "enviroprobasements.com", true }, { "envirotech.com.au", true }, { "envoie.moi", true }, + { "envoutement-desenvoutement.com", true }, { "envoyez.moi", true }, { "envoyglobal.com", true }, - { "envoyworld.com", true }, { "envygeeks.io", true }, { "eocservices.co.uk", true }, { "eoitek.com", true }, @@ -11393,7 +11585,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "epassafe.com", true }, { "epave.paris", true }, { "epay.bg", true }, - { "ephe.be", true }, + { "epdeveloperchallenge.com", true }, { "ephesusbreeze.com", true }, { "epi.one", true }, { "epic-vistas.com", true }, @@ -11403,7 +11595,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "epicenter.work", true }, { "epicenter.works", true }, { "epicentre.works", true }, - { "epichouse.net", true }, + { "epichouse.net", false }, { "epicinflatables.co.uk", true }, { "epickitty.co.uk", true }, { "epicpages.com", true }, @@ -11412,6 +11604,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "epicvistas.com", true }, { "epicvistas.de", true }, { "epicwalnutcreek.com", true }, + { "epidauros.be", true }, + { "epigrafes-led-farmakeia.gr", true }, { "epilis.gr", true }, { "epiphyte.network", true }, { "episkevh-plaketas.gr", true }, @@ -11424,34 +11618,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "epo32.ru", true }, { "epoch.com", true }, { "epolitiker.com", true }, - { "epos-distributor.co.uk", true }, { "epos.az", true }, - { "eposbirmingham.co.uk", true }, - { "eposbrighton.co.uk", true }, - { "eposbristol.co.uk", true }, - { "eposcardiff.co.uk", true }, - { "eposkent.co.uk", true }, - { "eposleeds.co.uk", true }, - { "eposleicester.co.uk", true }, - { "eposliverpool.co.uk", true }, - { "eposlondon.co.uk", true }, - { "eposmidlands.co.uk", true }, - { "eposnewport.co.uk", true }, - { "eposnottingham.co.uk", true }, - { "eposreading.co.uk", true }, - { "eposreview.co.uk", true }, - { "epossheffield.co.uk", true }, - { "epossurrey.co.uk", true }, - { "epossussex.co.uk", true }, - { "eposswansea.co.uk", true }, - { "epossystems.co.uk", true }, + { "eposig.net", true }, { "epostplus.li", true }, - { "eposwales.co.uk", true }, - { "eposyork.co.uk", true }, { "eppelblei.lu", true }, { "eppelduerferjugend.lu", true }, { "eppelpress.lu", true }, { "epreskripce.cz", true }, + { "epsilon.dk", true }, { "epsorting.cz", true }, { "epublibre.org", true }, { "epulsar.ru", true }, @@ -11459,6 +11633,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "epyonsuniverse.net", true }, { "eq-serve.com", true }, { "equalcloud.com", true }, + { "equeim.ru", true }, { "equidam.com", true }, { "equinecoaching.ca", true }, { "equinetherapy.ca", true }, @@ -11497,19 +11672,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ericleuthardt.com", true }, { "erico.jp", true }, { "ericoc.com", true }, + { "erics.site", true }, { "ericwie.se", true }, { "eridanus.uk", true }, { "erigrid.eu", true }, { "eriix.org", true }, { "erikheemskerk.nl", true }, { "erikhubers.nl", true }, + { "erikkruithof.nl", true }, { "erikserver2.tk", true }, { "erikseth.de", true }, - { "erikwagner.de", true }, { "erikwalther.eu", true }, { "erinaceinae.com", true }, { "eriner.me", true }, - { "erinlin.com", true }, { "erinn.io", true }, { "erisrenee.com", true }, { "erixschueler.de", true }, @@ -11517,7 +11692,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ernest.ly", true }, { "eroma.com.au", true }, { "eron.info", true }, - { "erotpo.cz", false }, + { "eroticforce.com", true }, { "erp-band.ru", true }, { "erp.band", true }, { "erpax.com", true }, @@ -11556,9 +11731,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "es-geenen.de", true }, { "es.search.yahoo.com", false }, { "es888.net", true }, - { "es8888.net", true }, { "es999.net", true }, { "es9999.net", true }, + { "esaborit.ddns.net", true }, { "esagente.com", true }, { "esailinggear.com", true }, { "esalesdata.com", true }, @@ -11569,7 +11744,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "esb-top.net", true }, { "esb116.com", true }, { "esb1314.net", true }, - { "esb1668.com", true }, { "esb168168.com", true }, { "esb168168.info", true }, { "esb168168.net", true }, @@ -11585,7 +11759,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "esb1788.info", true }, { "esb1788.net", true }, { "esb1788.org", true }, - { "esb17888.com", true }, { "esb2013.com", true }, { "esb2013.net", true }, { "esb2099.com", true }, @@ -11601,17 +11774,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "esb553.com", true }, { "esb555.biz", true }, { "esb555.cc", true }, - { "esb556.com", true }, { "esb5889.com", true }, { "esb5889.net", true }, { "esb6.net", true }, { "esb677.net", true }, { "esb775.net", true }, { "esb777.biz", true }, - { "esb777.cc", true }, - { "esb777.com", true }, { "esb777.me", true }, - { "esb777.net", true }, { "esb777.org", true }, { "esb886.com", true }, { "esb888.net", true }, @@ -11620,13 +11789,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "esb9588.com", true }, { "esb9588.net", true }, { "esb9588.org", true }, - { "esb999.com", true }, - { "esb999.info", true }, { "esb999.org", true }, - { "esba11.cc", true }, { "esba11.com", true }, { "esba11.in", true }, - { "esba11.net", true }, { "esball-in.com", true }, { "esball-in.net", true }, { "esball.bz", true }, @@ -11642,8 +11807,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "esball518.info", true }, { "esball518.net", true }, { "esball518.org", true }, - { "esball888.com", true }, - { "esball888.net", true }, { "esballs.com", true }, { "esbbon.com", true }, { "esbbon.net", true }, @@ -11656,6 +11819,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "esbm4.net", true }, { "esbm5.net", true }, { "esc.chat", true }, + { "escael.org", true }, { "escape2rooms.fr", true }, { "escapeplaza.de", true }, { "escapetalk.nl", true }, @@ -11674,10 +11838,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "eservices-greece.com", true }, { "esg-abi2001.de", true }, { "esgr.in", true }, - { "eshepperd.com", true }, { "eshobe.com", true }, { "eshop-prices.com", true }, - { "eshtapay.com", true }, { "esibun.net", true }, { "esigmbh.de", true }, { "esipublications.com", true }, @@ -11708,7 +11870,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "esphigmenou.gr", true }, { "espigol.org", true }, { "esports-network.de", true }, - { "esprit-cloture.fr", true }, { "espritrait.com", true }, { "esquirou-trieves.fr", true }, { "esquisse.fr", true }, @@ -11718,13 +11879,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "essaychecker.com", true }, { "essaydirectory.com", true }, { "essayforsale.net", true }, - { "essayforum.com", true }, { "essayhave.com", true }, - { "essaylib.com", true }, { "essaynews.com", true }, { "essaypro.net", true }, - { "essayscam.org", true }, - { "essayshark.com", true }, { "essaytalk.com", true }, { "essaywebsite.com", true }, { "essaywriting.biz", true }, @@ -11734,9 +11891,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "esslm.sk", true }, { "essoduke.org", true }, { "essteebee.ch", true }, + { "establo.pro", true }, { "estafallando.es", true }, { "estafallando.mx", true }, - { "estaleiro.org", true }, { "estan.cn", true }, { "estate360.co.tz", true }, { "estateczech-eu.ru", true }, @@ -11749,10 +11906,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "estetista.net", true }, { "esthesoleil.jp", true }, { "estilopack-loja.com.br", true }, + { "estoic.net", true }, { "estoniantrade.ee", true }, { "estonoentraenelexamen.com", true }, - { "estoqueinformatica.com.br", true }, - { "estudioamazonico.com", true }, { "estudiserradal.com", true }, { "esw00.com", true }, { "esw06.com", true }, @@ -11803,6 +11959,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ethosinfo.com", true }, { "etienne.cc", true }, { "etikus-hacker.hu", true }, + { "etincelle.ml", true }, { "etiquetaunica.com.br", true }, { "etoile-usedcars.com", true }, { "etre-soi.ch", true }, @@ -11810,8 +11967,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "etrecosmeticderm.com", true }, { "etresmant.es", true }, { "etrker.com", true }, - { "etskinner.com", true }, - { "etskinner.net", true }, { "etudesbibliques.fr", true }, { "etudesbibliques.net", true }, { "etudesbibliques.org", true }, @@ -11825,6 +11980,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "euaggelion.blog.br", true }, { "euanbarrett.com", true }, { "euchre.us", true }, + { "eucl3d.com", true }, + { "eugenechae.com", true }, { "eugenekay.com", true }, { "eugenetech.org", true }, { "eujuicers.bg", true }, @@ -11851,7 +12008,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "eurekaarchitecture.com", true }, { "euro-servers.de", true }, { "euroalter.com", true }, - { "euroapo.org", true }, { "eurocenterobuda.hu", true }, { "eurocomcompany.cz", true }, { "eurofrank.eu", true }, @@ -11868,8 +12024,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "europapier.si", true }, { "europapier.sk", true }, { "europapier.ua", true }, + { "europarts-sd.com", true }, { "europastudien.de", true }, { "european-agency.org", true }, + { "europeancupinline.eu", true }, { "europeanpreppers.com", true }, { "europeantimberconnectors.ca", true }, { "europeantransportmanagement.com", true }, @@ -11881,7 +12039,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "euroscot.de", true }, { "euroservice.com.gr", true }, { "euroshop.or.at", true }, - { "euroskano.nl", true }, + { "eurotime.ua", true }, { "eurotramp.com", true }, { "eurotravelstar.eu", true }, { "eurousa.us", true }, @@ -11907,10 +12065,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "evanfiddes.com", true }, { "evangelicalmagazine.com", true }, { "evangelosm.com", true }, + { "evanreev.es", true }, { "evantage.org", true }, { "evantageglobal.com", true }, - { "evapp.org", true }, { "evasovova.cz", true }, + { "evavolfova.cz", true }, { "eve.ac", true }, { "eve0s.com", true }, { "evelienzorgt.nl", true }, @@ -11918,12 +12077,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "evemarketer.com", true }, { "evemodx.com", true }, { "evenementenhoekvanholland.nl", true }, - { "evenstar-gaming.com", true }, { "event4fun.no", true }, { "eventaro.com", true }, { "eventive.org", true }, + { "eventnexus.co.uk", true }, { "eventosenmendoza.com.ar", true }, - { "eventplace.me", false }, { "events-hire.co.uk", true }, { "eventtech.com", false }, { "ever.sale", true }, @@ -11937,12 +12095,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "evertonarentwe.com", true }, { "everwaking.com", false }, { "everybodyhertz.co.uk", true }, - { "everyday.eu.org", true }, { "everydaygary.com", true }, - { "everydaywot.com", true }, { "everydaywp.com", true }, { "everyex.com", true }, { "everyfad.com", true }, + { "everygayporn.com", false }, { "everythingaccess.com", true }, { "everytrycounts.gov", false }, { "everywhere.cloud", true }, @@ -11982,6 +12139,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "evoting.ch", true }, { "evrial.com", true }, { "evrica.me", true }, + { "evromandie.ch", true }, { "evstatus.com", true }, { "evtripping.com", true }, { "ewaipiotr.pl", true }, @@ -12004,9 +12162,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "exagoni.com.my", true }, { "example.sc", true }, { "example.wf", true }, - { "exampleessays.com", true }, { "examsmate.in", true }, { "exaplac.com", true }, + { "exarpy.com", true }, { "exatmiseis.net", false }, { "exceed.global", true }, { "exceedagency.com", true }, @@ -12014,6 +12172,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "exceltechoman.com", true }, { "exceltobarcode.com", true }, { "excentos.com", true }, + { "exceptionalservers.com", true }, { "excessamerica.com", true }, { "excesssecurity.com", true }, { "exchangeworks.co", true }, @@ -12023,6 +12182,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "exdamo.de", false }, { "exe-boss.tech", true }, { "exebouncycastles.co.uk", true }, + { "execution.biz.tr", true }, { "exehack.net", true }, { "exeintel.com", true }, { "exekutori.com", true }, @@ -12031,7 +12191,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "exerforge.net", true }, { "exeria.de", true }, { "exexcarriers.com", true }, - { "exgaywatch.com", true }, { "exgen.io", true }, { "exhaledayspa.com.au", true }, { "exhalespa.com", true }, @@ -12041,17 +12200,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "exmoe.com", true }, { "exocen.com", true }, { "exon.io", true }, + { "exoplatform.com", true }, { "exoscale.ch", true }, { "exoscale.com", true }, { "exoten-spezialist.de", true }, - { "exoticads.com", true }, { "exousiakaidunamis.pw", true }, { "exp.de", true }, { "expancio.com", true }, { "expandeco.com", true }, { "expatmortgage.uk", true }, - { "expatriate.pl", true }, - { "expecting.com.br", true }, { "experienceoutdoors.org.uk", true }, { "experienceoz.com.au", true }, { "expert-korovin.ru", true }, @@ -12068,11 +12225,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "exploitit.com.au", true }, { "exploodo.rocks", true }, { "exploravacations.in", true }, + { "exploremonero.com", true }, { "exploringenderby.com", true }, { "expo-america.ru", true }, { "expo-asia.ru", true }, { "expo-europe.ru", true }, - { "expokohler.com", true }, + { "expo-larionov.org", true }, { "exponentialnews.net", true }, { "expoort.co.uk", true }, { "expoort.com", true }, @@ -12084,7 +12242,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "exporta.cz", true }, { "express-shina.ru", true }, { "express-vpn.com", true }, - { "expressemotion.net", true }, { "expresshosting.org", true }, { "expressmarket.ru", true }, { "expresstinte.de", true }, @@ -12097,6 +12254,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "extasic.com", true }, { "extendwings.com", true }, { "extensia.it", true }, + { "extensibility.biz.tr", true }, { "extensiblewebmanifesto.org", true }, { "extensiblewebreportcard.org", true }, { "extensiblewebsummit.org", true }, @@ -12129,7 +12287,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "extremeservicesandrestoration.com", true }, { "exultcosmetics.co.uk", true }, { "exyplis.com", true }, - { "eyasc.nl", true }, { "eydesignguidelines.com", true }, { "eyeandfire.com", true }, { "eyecandy.gr", true }, @@ -12143,7 +12300,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "eyesonly.cc", true }, { "eynio.com", true }, { "eyona.com", true }, - { "eyps.net", true }, { "eyyit.com", false }, { "eyyubyilmaz.com", true }, { "ez3d.eu", true }, @@ -12153,7 +12309,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ezgamble.com", true }, { "ezgif.com", true }, { "ezhik-din.ru", true }, - { "eznfe.com", true }, { "eztvtorrent.com", true }, { "ezwritingservice.com", true }, { "ezzhole.net", true }, @@ -12173,12 +12328,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "f2h.io", true }, { "f3nws.com", true }, { "f43.me", true }, - { "f5movies.top", true }, { "f5nu.com", true }, { "f5w.de", true }, { "fa-works.com", true }, { "faber.org.ru", true }, - { "fabian-fingerle.de", true }, { "fabian-koeppen.de", true }, { "fabianackle.ch", true }, { "fabianasantiago.com", true }, @@ -12190,6 +12343,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fabiobier.com", true }, { "fabjansisters.eu", true }, { "fableforge.nl", true }, + { "fabmart.com", true }, { "fabrica360.com", true }, { "fabriceleroux.com", true }, { "fabriziocavaliere.it", true }, @@ -12203,7 +12357,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "facciadastile.it", true }, { "face-mania.com", true }, { "facealacrise.fr", true }, - { "facebattle.com", true }, { "facebook-atom.appspot.com", true }, { "facebook.com", true }, { "facebydrh.com", true }, @@ -12248,6 +12401,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fahrwerk.io", true }, { "fai.gov", true }, { "fail.coach", true }, + { "fail4free.de", true }, { "failover.de", true }, { "failover.eu", true }, { "failoverplan.it", true }, @@ -12260,6 +12414,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fairviewmotel-simcoe.com", true }, { "fairydust.space", true }, { "faithgrowth.com", true }, + { "faithindemocracy.eu", false }, { "faithleaks.org", true }, { "faithmissionaries.com", true }, { "faithwatch.org", true }, @@ -12275,9 +12430,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "falconfrag.com", true }, { "falconvintners.com", true }, { "falcoz.co", true }, - { "faldoria.de", false }, + { "faldoria.de", true }, { "falegname-roma.it", true }, - { "falldennismarketing.com", true }, + { "falkhusemann.de", true }, { "fallenangeldrinks.co.uk", true }, { "fallenangeldrinks.com", true }, { "fallenangelspirits.co.uk", true }, @@ -12295,6 +12450,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fameng.nl", true }, { "famfi.co", true }, { "familiaperez.net", true }, + { "familie-kruithof.nl", true }, { "familie-kupschke.de", true }, { "familie-leu.ch", true }, { "familie-monka.de", true }, @@ -12316,6 +12472,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "famvangelder.nl", true }, { "famvsomeren.nl", true }, { "fanactu.com", true }, + { "fanatical.com", true }, { "fanboi.ch", true }, { "fancy-bridge.com", true }, { "fancy.org.uk", true }, @@ -12327,7 +12484,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fanhouwan.com", true }, { "fanjoe.be", true }, { "fansided.com", true }, - { "fansmade.art", true }, { "fantasiapainter.com", true }, { "fantasticcleaners.com.au", true }, { "fantastichandymanmelbourne.com.au", true }, @@ -12338,6 +12494,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fantasyspectrum.com", true }, { "fantopia.club", true }, { "fanvoice.com", true }, + { "fanyina.com", true }, { "fanyue123.tk", true }, { "fanz.pro", true }, { "fanzlive.com", true }, @@ -12345,14 +12502,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "faq.ie", true }, { "fara.gov", true }, { "faradji.nu", true }, - { "faradome.ws", true }, { "faraslot8.com", true }, { "farcecrew.de", true }, { "farfallapets.com.br", true }, { "farfetchos.com", true }, { "fargtorget.se", true }, { "farhadexchange.com", true }, - { "farhood.org", true }, { "farid.is", true }, { "farmacia-discreto.com", true }, { "farmacialaboratorio.it", true }, @@ -12369,6 +12524,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "farsil.eu", true }, { "fart.wtf", true }, { "farwat.ru", true }, + { "faschingmd.com", true }, + { "fascia.fit", true }, { "fashion-stoff.de", true }, { "fashion24.de", true }, { "fashion4ever.pl", true }, @@ -12408,6 +12565,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fastvistorias.com.br", true }, { "fastwebsites.com.br", true }, { "faszienrollen-info.de", false }, + { "fateandirony.com", true }, + { "fatecdevday.com.br", true }, { "fatedata.com", true }, { "fathers4equalrights.org", true }, { "fatidique.com", true }, @@ -12422,11 +12581,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fawong.com", true }, { "faxite.com", true }, { "faxvorlagen-druckvorlagen.de", true }, - { "fayntic.com", true }, { "fb.me", true }, { "fbcdn.net", true }, { "fbcopy.com", true }, - { "fbi.pw", true }, { "fbigame.com", true }, { "fbiic.gov", true }, { "fbijobs.gov", true }, @@ -12441,7 +12598,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fcitasc.com", true }, { "fckd.net", true }, { "fcosinus.com", true }, - { "fcp.cn", true }, { "fcprovadia.com", true }, { "fcsic.gov", true }, { "fdevs.ch", true }, @@ -12451,11 +12607,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fdm.ro", true }, { "fdms.gov", true }, { "fdn.one", true }, - { "fdos.me", true }, { "fdp-brig-glis.ch", true }, { "fdsys.gov", false }, { "feac.us", true }, { "feaden.me", true }, + { "fearby.com", true }, { "fearghus.org", true }, { "fearsomegaming.com", true }, { "feastr-dev.de", true }, @@ -12468,6 +12624,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fedcenter.gov", true }, { "federaljobs.gov", true }, { "federalreserve.gov", true }, + { "federalreserveconsumerhelp.gov", true }, { "federatedbank.com", true }, { "federicomigliavacca.it", true }, { "fedjobs.gov", true }, @@ -12475,6 +12632,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fedoramagazine.org", true }, { "fedorapeople.org", true }, { "fedoraproject.org", true }, + { "fedpartnership.gov", true }, { "fedramp.gov", false }, { "fedrtc.org", true }, { "fedshirevets.gov", true }, @@ -12498,7 +12656,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "feeriedesign-event.com", true }, { "feetpa.ws", true }, { "feezmodo.com", false }, - { "fefelovalex.ru", true }, { "fegame.eu", true }, { "fegame.mobi", true }, { "fegame.net", true }, @@ -12506,18 +12663,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fegli.gov", true }, { "fehngarten.de", true }, { "fehnladen.de", true }, - { "feigling.net", true }, + { "feigling.net", false }, + { "feildel.fr", true }, { "feilen.de", true }, - { "feisbed.com", true }, { "feisim.com", true }, { "feisim.org", true }, - { "feist.io", true }, { "feistyduck.com", true }, { "feizhujianzhi.com", true }, { "fejes.house", true }, { "feld.design", true }, { "feld.saarland", true }, { "feldhousen.com", true }, + { "felett.es", true }, { "felgitscher.xyz", true }, { "felicifia.org", true }, { "felinepc.com", true }, @@ -12526,16 +12683,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "felixbarta.de", true }, { "felixcrux.com", true }, { "felixgenicio.com", true }, - { "felixhefner.de", true }, { "felixkauer.de", true }, - { "felixqu.com", true }, { "felixsanz.com", true }, { "felixseele.de", true }, { "felsing.net", true }, { "felsmalerei.net", true }, { "femanca.com", true }, { "femastudios.com", true }, - { "femdombbw.com", true }, { "feminina.pt", true }, { "femradio.es", true }, { "femtomind.com", true }, @@ -12574,7 +12728,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "festival-tipps.com", true }, { "festivaljapon.com", true }, { "festivalxdentro.com", true }, - { "fetlife.com", true }, { "fettlaus.de", true }, { "feudalisten.de", true }, { "feuerhuhn.de", true }, @@ -12592,11 +12745,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fexco.com", true }, { "feyermedia.de", true }, { "ff-bad-hoehenstadt.de", true }, - { "ff-bg.xyz", true }, { "ff-getzersdorf.at", true }, { "ff-obersunzing-niedersunzing.de", true }, { "ff14-mstdn.xyz", true }, - { "ffb.gov", false }, { "ffbans.org", true }, { "ffiec.gov", true }, { "ffis.me", true }, @@ -12652,7 +12803,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fight215.org", true }, { "figinstitute.org", true }, { "figshare.com", true }, - { "figura.cz", true }, { "figurasdelinguagem.com.br", true }, { "fiilr.com", true }, { "fiissh.tech", true }, @@ -12661,14 +12811,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fijnewoensdag.nl", true }, { "fiken.no", true }, { "fil.fi", true }, + { "filamentia.nl", true }, { "filanthropystar.org", true }, + { "file-cloud.eu", true }, { "file-pdf.it", true }, - { "filebox.moe", false }, { "filecopa.com", true }, { "files.from-me.org", true }, { "filestar.io", true }, { "filetransfer.one", true }, - { "filewall.de", true }, { "filezilla-project.org", true }, { "filezilla.cn", true }, { "filhin.es", true }, @@ -12677,16 +12827,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "filidorwiese.nl", true }, { "filiio.com", true }, { "filingsmadeeasy.com", true }, + { "filiosoft.cloud", true }, { "filip-prochazka.com", true }, { "filippo.io", true }, { "filipsebesta.com", true }, { "filleritemsindia.com", true }, { "fillo.sk", true }, { "film-tutorial.com", true }, - { "film.photography", true }, - { "film.photos", true }, - { "filmatiporno.xxx", true }, { "filme-onlines.com", true }, + { "filmers.net", true }, { "filmesonline.online", true }, { "filmitis.com", true }, { "filmreviewonline.com", true }, @@ -12728,7 +12877,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "finefriends.nl", true }, { "finelovedolls.com", true }, { "finenet.com.tw", true }, - { "finewineonline.com", true }, { "finfev.de", true }, { "finflix.net", true }, { "finform.ch", true }, @@ -12738,6 +12886,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "finkenberger.org", false }, { "finnclass.cz", true }, { "finnwea.com", true }, + { "finpt.com", false }, { "finsprings.org", true }, { "fintandunleavy.com", true }, { "fintechnics.com", false }, @@ -12758,9 +12907,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "firefighters.dating", true }, { "firefly-iii.org", true }, { "firegoby.jp", true }, + { "firegore.com", true }, { "fireleadership.gov", true }, { "firemudfm.com", true }, - { "firepeak.ru", true }, + { "fireplex.co.uk", true }, { "fireportal.cz", true }, { "fireportal.sk", true }, { "fireshellsecurity.team", true }, @@ -12785,6 +12935,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "firstclasscastles.com", true }, { "firstclassleisure.co.uk", true }, { "firstderm.com", true }, + { "firstdry.com.br", true }, { "firstfinca.de", true }, { "firstinnovation.co.jp", true }, { "firstinnovationltd.com", true }, @@ -12793,7 +12944,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fischer-its.com", false }, { "fischer-kundendienst.de", true }, { "fischers.cc", true }, - { "fischers.it", true }, { "fischers.srv.br", true }, { "fise.cz", true }, { "fish-hook.ru", true }, @@ -12804,7 +12954,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fishermansbendcorporation.com.au", true }, { "fishermansbendtownhouses.com.au", true }, { "fishexport.eu", true }, - { "fishfinders.info", true }, { "fishgen.no", true }, { "fishserver.net", true }, { "fishtacos.blog", true }, @@ -12815,7 +12964,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fit365.jp", true }, { "fitchannel.com", true }, { "fitfitup.com", true }, + { "fitinclass.com", true }, { "fitkram.cz", true }, + { "fitmeat.at", true }, { "fitness-challenge.co.uk", true }, { "fitness.gov", true }, { "fitseven.ru", true }, @@ -12824,7 +12975,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fiuxy.bz", true }, { "fiuxy.co", true }, { "fiuxy.me", true }, - { "fiuxy.org", true }, { "fiveboosts.xyz", true }, { "fivethirtyeight.com", true }, { "fixatom.com", true }, @@ -12856,7 +13006,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "flamme-von-anor.de", true }, { "flana.com", true }, { "flanga.io", true }, - { "flangaapis.com", true }, { "flapoverspeed.com", true }, { "flashback.org", true }, { "flashbeing.com", true }, @@ -12869,6 +13018,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "flatpackmates.co.uk", true }, { "flauschig.net", true }, { "flaviu.co.uk", true }, + { "flavo.io", true }, { "flavr.be", true }, { "flawlesscowboy.xyz", true }, { "fleamarketgoods.com", true }, @@ -12893,7 +13043,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fletchto99.com", true }, { "flets-ms.com", true }, { "fleurenplume.fr", true }, - { "fleurette.me", true }, { "fleuryfleury.com", true }, { "flexapplications.se", true }, { "fleximaal.com", true }, @@ -12904,6 +13053,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "flextrack.dk", true }, { "flextribly.xyz", true }, { "fliacuello.com.ar", true }, + { "flickcritter.com", true }, { "flight.school", true }, { "flightdeckfriend.com", true }, { "flightmedx.com", true }, @@ -12918,7 +13068,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fliio.com", true }, { "flikmsg.co", true }, { "flinch.io", true }, - { "fling.dating", true }, { "flipneus.net", true }, { "fliptable.org", true }, { "flirt-norden.de", true }, @@ -12936,8 +13085,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "floffi.media", true }, { "floj.tech", true }, { "flokinet.is", true }, + { "flomeyer.de", true }, { "floobits.com", true }, { "flood.io", true }, + { "floorballpoint.cz", true }, { "flooringnightmares.com", true }, { "flooringsourcetx.com", true }, { "floort.net", false }, @@ -12947,6 +13098,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "florentynadawn.co.uk", true }, { "florian-bachelet.fr", true }, { "florian-thie.de", true }, + { "florian2833z.de", true }, { "floriankarmen.com", true }, { "floriankeller.de", true }, { "florianmitrea.uk", true }, @@ -12963,7 +13115,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "flosch.at", false }, { "floseed.fr", true }, { "floskelwolke.de", true }, - { "flosserver.de", true }, { "flow.su", true }, { "flowair24.ru", true }, { "flowcom.de", true }, @@ -12980,6 +13131,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "flugsportvereinigungcelle.de", true }, { "fluhrers.de", true }, { "fluidmeterusa.com", true }, + { "fluids.ac.uk", true }, { "flumble.nl", true }, { "flunschi.goip.de", true }, { "fluoxetine.net", true }, @@ -12990,7 +13142,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fluxent.de", false }, { "fluxfingers.net", true }, { "fluxforge.com", true }, - { "fluxi.fi", true }, { "fluxoid.com", true }, { "flw365365.com", true }, { "fly-en-drive.nl", true }, @@ -13000,7 +13151,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "flydrivesicilie.nl", true }, { "flyer.tools", true }, { "flygon.pink", true }, - { "flyinglocksmiths.com", false }, + { "flyinglocksmiths.com", true }, { "flyingpackets.net", true }, { "flyingrub.me", true }, { "flyingspaghettimonsterdonationsfund.nl", true }, @@ -13009,6 +13160,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "flyserver.co.il", true }, { "flyshe.co.uk", true }, { "flyspace.ml", true }, + { "flyssh.net", true }, { "flyswoop.com", true }, { "flyt.online", true }, { "flytoadventures.com", true }, @@ -13023,9 +13175,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fmodoux.biz", true }, { "fmovies.fyi", true }, { "fmussatmd.com", true }, + { "fnanen.net", true }, { "fnb-griffinonline.com", true }, { "fnbnokomis.com", true }, - { "fnfpt.co.uk", true }, { "fnkr.net", true }, { "fnof.ch", true }, { "fnordserver.eu", true }, @@ -13039,6 +13191,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "foej-aktiv.de", true }, { "foej.net", true }, { "fogpublishingph.com", true }, + { "fogway.net", true }, { "foia.gov", true }, { "foiaonline.gov", true }, { "fojing.com", true }, @@ -13055,6 +13208,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "folkfests.org", true }, { "follandviolins.com", true }, { "followback.net", true }, + { "follower98.ir", true }, { "followerrocket.com", true }, { "followersya.com", true }, { "followings-live.com", true }, @@ -13065,13 +13219,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "folwark.krakow.pl", true }, { "folwarkwiazy.pl", true }, { "fomopop.com", true }, - { "fondanastasia.ru", true }, { "fondationwiggli.ch", true }, { "fondsdiscountbroker.de", true }, { "fondy.eu", true }, { "fondy.ua", true }, { "fonga.ch", true }, { "fonolo.com", true }, + { "fonseguin.ca", true }, { "font-converter.net", true }, { "fonte-trading.com", true }, { "fontein.de", true }, @@ -13079,14 +13233,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fonts4free.net", true }, { "foo.fo", true }, { "foo.hamburg", true }, - { "foodacademy.capetown", true }, { "foodattitude.ch", true }, { "foodblogger.club", true }, { "foodcowgirls.com", true }, { "foodev.de", true }, { "foodsafety.gov", true }, { "foodsafetyjobs.gov", true }, - { "foodserve.in", true }, { "foodsouvenirs.it", true }, { "foodtable.at", true }, { "foodwise.marketing", true }, @@ -13119,10 +13271,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "forestraven.net", true }, { "foreverssl.com", true }, { "foreversummertime.com", true }, + { "forewordreviews.com", true }, + { "forex-plus.com", true }, { "forex.ee", true }, { "forexchef.de", true }, { "forexee.com", true }, - { "forexsignals7.com", true }, + { "forextickler.com", true }, { "forextimes.ru", false }, { "forfunssake.co.uk", true }, { "forge-goerger.eu", true }, @@ -13141,15 +13295,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "formula-ot.ru", true }, { "formulacionquimica.com", true }, { "fornoreason.net.au", true }, + { "fornwall.net", true }, { "foro.io", false }, { "forodeespanol.com", true }, { "forodieta.com", true }, { "forologikidilosi.com.gr", true }, { "forourselves.com", true }, { "forpc.us", true }, + { "forquilhinhanoticias.com.br", true }, { "forrestheller.com", true }, { "forro.info", true }, { "forsakringsarkivet.se", true }, + { "forschbach-janssen.de", true }, { "forsec.nl", true }, { "forstbetrieb-hennecke.de", true }, { "forstprodukte.de", true }, @@ -13161,6 +13318,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fortran.io", true }, { "fortress.no", true }, { "fortress.sk", true }, + { "forty-two.nl", true }, { "forty8creates.com", true }, { "fortytwo.cloud", true }, { "forum-bonn.de", true }, @@ -13169,7 +13327,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "forum-kinozal.appspot.com", true }, { "forum.quantifiedself.com", false }, { "forum3.ru", true }, - { "forumjuridico.org", true }, { "forumvoordemocratie.nl", true }, { "forvisualdesign.com", true }, { "forward-fly-fishing.ch", true }, @@ -13195,10 +13352,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fotoflits.net", true }, { "fotografiadellalucerossa.com", true }, { "fotohome.dk", true }, + { "fotokomorkomania.pl", true }, { "fotoleitner.com", true }, { "fotoleitner.de", true }, - { "fotonjan.com", true }, - { "fotostravestisbr.com", true }, { "fotostudio-leitner.com", true }, { "fotostudio-leitner.de", true }, { "fotostudio-schweiz.ch", true }, @@ -13206,6 +13362,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fotowolfy.com", true }, { "fougner.co", true }, { "found.website", true }, + { "foundationspecialisteast.com", true }, + { "foundationspecialistmi.com", true }, { "foundchurch.co.uk", true }, { "foundsounds.me", true }, { "fourashesgolfcentre.co.uk", true }, @@ -13215,24 +13373,25 @@ static const nsSTSPreload kSTSPreloadList[] = { { "foutrelis.com", true }, { "fowlervwparts.com", true }, { "fowlsmurf.net", true }, + { "fox.my", true }, { "foxbnc.co.uk", true }, { "foxdev.co", true }, + { "foxes.no", true }, { "foxhound.com.br", true }, { "foxing.club", true }, + { "foxo.blue", true }, { "foxontheinter.net", true }, { "foxphotography.ch", true }, { "foxquill.com", true }, { "foxterrier.com.br", true }, - { "foyale.io", true }, { "fpc.gov", true }, { "fpersona.com", true }, - { "fpki.sh", true }, - { "fptravelling.com", false }, { "fpvr.org", true }, { "fpy.cz", true }, { "fr.search.yahoo.com", false }, { "fr33tux.org", true }, { "frack.nl", true }, + { "fracreazioni.it", true }, { "fraesentest.de", true }, { "fragmentspuren.de", true }, { "fragstore.net", true }, @@ -13242,7 +13401,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "framedpaws.com", true }, { "framezdakkapellen.nl", true }, { "fran.cr", true }, - { "francesca-and-lucas.com", true }, { "francescopalazzo.com", true }, { "francescoservida.ch", true }, { "francetraceur.fr", true }, @@ -13258,8 +13416,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "francoislepage.com", true }, { "francoz.me", true }, { "frandor.co.uk", true }, + { "frank.fyi", true }, + { "frankbellamy.co.uk", true }, { "franke-chemie.de", true }, - { "frankedier.com", true }, { "franken-lehrmittel.de", true }, { "frankenhost.de", true }, { "frankenlehrmittel.de", true }, @@ -13268,10 +13427,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "frankierprofi.de", true }, { "frankierstar.de", true }, { "frankinteriordesign.co.uk", true }, - { "frankl.in", true }, { "frankmorrow.com", true }, - { "franksiler.com", true }, { "frankslaughterinsurance.com", true }, + { "frankwei.xyz", true }, { "frankyan.com", true }, { "fransallen.com", true }, { "frantic1048.com", true }, @@ -13279,6 +13437,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "franz-vatter.de", true }, { "franz.beer", true }, { "franziska-pascal.de", true }, + { "franzknoll.de", true }, { "frappant.cc", false }, { "fraselab.ru", true }, { "frasesdodia.com", true }, @@ -13298,11 +13457,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "frdl.ch", true }, { "freaksites.dk", true }, { "freaksports.com.au", true }, + { "freakyawesome.com", true }, { "frebi.org", true }, { "frebib.co.uk", true }, { "frebib.com", true }, { "frebib.me", true }, { "frebib.net", true }, + { "freddieonfire.tk", false }, { "freddyfazbearspizzeria.com", true }, { "freddysfuncastles.co.uk", true }, { "fredericcote.com", true }, @@ -13311,22 +13472,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "frederikvig.com", true }, { "fredloya.com", true }, { "fredriksslekt.se", true }, - { "fredtec.ru", true }, { "fredvoyage.fr", true }, { "free-your-pc.com", true }, + { "free.ac.cn", true }, { "free.com.tw", true }, + { "freeassangenow.org", true }, { "freeasyshop.com", true }, { "freebarrettbrown.org", true }, { "freebcard.com", true }, { "freebetoffers.co.uk", true }, - { "freeblog.me", true }, { "freebookmakersbetsandbonuses.com.au", true }, { "freeboson.org", true }, - { "freecam2cam.site", true }, { "freecloud.at", true }, - { "freecookies.nl", true }, { "freedev.cz", true }, + { "freedom.nl", true }, { "freedom.press", true }, + { "freedom35.org", true }, { "freedomfinance.se", true }, { "freedomflotilla.org", true }, { "freedomfrontier.tk", true }, @@ -13334,7 +13495,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "freedomonline.bg", true }, { "freedomrahoitus.fi", true }, { "freeenglishhelp.com", true }, - { "freeexampapers.com", true }, { "freeform4u.de", true }, { "freegame-mugen.jp", true }, { "freegutters.com", true }, @@ -13376,6 +13536,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "freevps.us", false }, { "freeweibo.com", true }, { "freeyourmusic.com", true }, + { "freezion.com", true }, { "frei.social", true }, { "freifahrt.de", true }, { "freifamily.ch", true }, @@ -13394,7 +13555,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "freizeitplaza.de", true }, { "frejasdal.dk", true }, { "frenchcreekcog.org", true }, - { "frenzel.dk", true }, { "frequencebanane.ch", true }, { "frequentflyerapp.com", true }, { "fresh-hotel.org", true }, @@ -13426,7 +13586,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "friends24.cz", true }, { "friendship-quotes.co.uk", true }, { "friendshipismagicsquad.com", true }, - { "frieslandrail.nl", true }, { "friet.org", true }, { "frietbesteld.nl", true }, { "friezy.ru", true }, @@ -13443,7 +13602,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "frizo.com", true }, { "frly.de", true }, { "frob.nl", true }, - { "froehlich.it", true }, { "froehliche-hessen.de", true }, { "frogatto.com", true }, { "frogeye.fr", true }, @@ -13451,21 +13609,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "frogsonamission.de", true }, { "froh.co.jp", true }, { "frolova.org", true }, - { "from-the-net.com", true }, { "fromscratch.rocks", true }, { "fromthesoutherncross.com", true }, { "fronteers.nl", false }, + { "frontierdiscount.com", true }, { "fropky.com", true }, - { "frosthall.com", true }, { "frostprotection.co.uk", true }, { "frostwarning.com", true }, + { "frostysummers.com", true }, { "frothy.coffee", true }, { "froufe.com", true }, { "frozen-geek.net", true }, { "frozen-solid.net", true }, - { "frprn.com", true }, { "frprn.es", true }, - { "frprn.xxx", true }, { "frtn.com", true }, { "frtr.gov", true }, { "frtrains.com", true }, @@ -13485,6 +13641,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fs-fitness.eu", true }, { "fs-maistadt.de", true }, { "fs257.com", true }, + { "fsapubs.gov", false }, { "fsbn.eu", true }, { "fsbnh.bank", true }, { "fsbpaintrock.com", true }, @@ -13496,12 +13653,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fsdress.com", true }, { "fsfxpackages.com", true }, { "fsj4u.ch", true }, - { "fsk.fo", true }, { "fsky.info", true }, { "fsm2016.org", true }, { "fsps.ch", true }, { "fsstyle.com", true }, - { "fsvoboda.cz", true }, { "fsvt.ch", true }, { "ft.com", false }, { "ftang.de", true }, @@ -13534,7 +13689,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fuglede.dk", true }, { "fuite.ch", true }, { "fuites.ch", true }, - { "fujianshipbuilding.com", true }, { "fujiorganics.com", false }, { "fujiwaraqol.com", true }, { "fukakukeiba.com", true }, @@ -13548,17 +13702,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "full-stack.ninja", true }, { "fullautomotivo.com.br", true }, { "fullbundle.com", true }, + { "fullereno.com", true }, + { "fullerlife.org.uk", true }, { "fullhost.com", true }, { "fullhub.ru", true }, { "fullmatch.net", true }, - { "fullpackage.co.uk", true }, { "fullstacknotes.com", true }, - { "fulltxt.ml", true }, { "fumblers.ca", true }, { "fumerolles.ch", true }, { "fumo.se", false }, { "fun-bounce.co.uk", true }, { "fun-tasia.co.uk", true }, + { "fun25.tk", true }, { "fun4kidzbouncycastles.co.uk", true }, { "fun4ubouncycastles.co.uk", true }, { "funadvisor.ca", true }, @@ -13569,7 +13724,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "funchestra.at", false }, { "functional.cc", true }, { "functions-online.com", true }, - { "fundayltd.com", true }, { "fundays.nl", true }, { "fundchan.com", true }, { "fundeego.com", true }, @@ -13578,12 +13732,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "funds.ddns.net", true }, { "funerariahogardecristo.cl", true }, { "funfactorleeds.co.uk", true }, + { "funfair.io", true }, { "funfoodco.co.uk", true }, { "funfunmstdn.tokyo", true }, + { "fungames.com", true }, { "funhouse-inflatables.co.uk", true }, - { "funi4u.com", true }, { "funinbeds.org.uk", true }, { "funken-networks.de", true }, + { "funkner.ru", true }, { "funktionel.co", true }, { "funktionsverket.se", true }, { "funkygamer1.de", true }, @@ -13596,7 +13752,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "funtime-inflatables.co.uk", true }, { "funtime.com.ua", true }, { "funtime.kiev.ua", true }, - { "funtimebourne.co.uk", true }, { "funtimeentertainment.co.uk", true }, { "funtimesbouncycastles.co.uk", true }, { "fur.red", true }, @@ -13615,6 +13770,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "furnfurs.com", true }, { "furnitureconcept.co.uk", true }, { "furry.agency", true }, + { "furry.cat", true }, { "furry.dk", true }, { "furry.zone", false }, { "furrybot.me", true }, @@ -13626,13 +13782,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fuseos.net", true }, { "fushee.com", true }, { "fusiongaming.de", true }, - { "fuskator.com", true }, { "fussball-xxl.de", true }, - { "fussell.io", true }, { "futagro.com", true }, + { "futcre.com", true }, { "futrou.com", true }, { "future-moves.com", true }, - { "futurefire.de", true }, { "futurefund.com", true }, { "futurefundapp.com", true }, { "futurehack.io", true }, @@ -13643,14 +13797,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "futurope.com", true }, { "fuwafuwa.moe", true }, { "fuyu.moe", true }, - { "fuzoku.jp", true }, { "fuzzing-project.org", true }, { "fveevaete.com", true }, { "fwdx.net", true }, { "fwest.ovh", true }, { "fwest98.nl", true }, { "fwest98.ovh", true }, - { "fwww7.com", true }, { "fx-rk.com", true }, { "fx24.uk", true }, { "fx5.de", true }, @@ -13673,8 +13825,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fxwebsites.com.au", true }, { "fxwebsites.net.au", true }, { "fxwebstudio.net.au", true }, + { "fyfywka.com", true }, { "fyksen.me", true }, { "fyn.nl", true }, + { "fyol.xyz", false }, { "fyretrine.com", true }, { "fysesbjerg.dk", true }, { "fysio123.nl", true }, @@ -13689,10 +13843,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "g-m-w.eu", true }, { "g-marketing.ro", true }, { "g-o.pl", true }, + { "g-p-design.com", true }, { "g-rom.net", true }, { "g0881.com", true }, { "g1.ie", true }, { "g10e.ch", true }, + { "g1s.cc", true }, { "g2links.com", true }, { "g2pla.net", true }, { "g2soft.net", true }, @@ -13704,12 +13860,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "g8energysolutions.co.uk", true }, { "gaaz.fr", true }, { "gabe565.com", true }, + { "gabeb1920.com", true }, { "gabecook.com", true }, { "gabemack.com", true }, { "gabinetpsychoterapii.krakow.pl", true }, { "gabriel.to", true }, { "gabrielsimonet.ch", true }, { "gabrielsteens.nl", true }, + { "gachimuchi.ru", true }, + { "gachiyase.com", true }, { "gachter.name", true }, { "gadabit.pl", true }, { "gadgethacks.com", true }, @@ -13726,17 +13885,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gagniard.org", true }, { "gagor.pl", true }, { "gagygnole.ch", true }, + { "gaiavanderzeyp.com", true }, { "gaichon.com", true }, { "gailfellowsphotography.com", true }, { "gaines-sodiamex.fr", true }, { "gaio-automobiles.fr", true }, { "gaireg.de", true }, - { "gaiserik.com", true }, { "gaitandmobility.com", true }, { "gaitrehabilitation.com", true }, { "gaitresearch.com", true }, - { "gajas18.com", true }, - { "gakkainavi-epsilon.jp", true }, { "gakkainavi-epsilon.net", true }, { "gakkainavi.jp", true }, { "gakkainavi.net", true }, @@ -13746,14 +13903,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gala.kiev.ua", false }, { "galactic-crew.org", true }, { "galak.ch", true }, + { "galanight.cz", true }, + { "galeria42.com", true }, { "galerieautodirect.com", true }, { "galeries.photo", true }, { "galgopersa.com.br", true }, + { "galilahiskye.com", true }, { "galileanhome.org", true }, - { "galileomtz.com", true }, { "galinas-blog.de", true }, { "galinos.gr", true }, { "galle.cz", true }, + { "gallerify.eu", true }, + { "galletasgabi.com.mx", false }, { "galleyfoods.com", true }, { "gallicrooster.com", true }, { "gallifreyapp.co.uk", true }, @@ -13769,11 +13930,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gambitnash.com", true }, { "gambitprint.com", true }, { "gamblersgaming.eu", true }, - { "game-files.net", false }, + { "game4less.com", true }, { "game7.de", true }, { "gameblabla.nl", true }, { "gamebrott.com", true }, { "gamecard-shop.nl", true }, + { "gameclue.jp", true }, { "gamecollector.be", true }, { "gameconservation.org.uk", true }, { "gamedevelopers.pl", true }, @@ -13785,9 +13947,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gamenerd.net", true }, { "gameofpwnz.com", true }, { "gamepad.com.br", true }, + { "gameplaysforkids.com", true }, + { "gamequest.info", true }, { "gamercredo.com", true }, + { "gamereader.de", true }, { "gamerezo.com", true }, - { "gamerz-stream.com", true }, { "gamerzdot.com", true }, { "games4theworld.org", true }, { "gamesaviour.com", true }, @@ -13797,6 +13961,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gamesplanet.com", true }, { "gamesputnik.ru", true }, { "gamestats.gg", true }, + { "gametube.website", true }, { "gamilab.com", true }, { "gamilab.no", true }, { "gamingexodus.com", true }, @@ -13805,6 +13970,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gamingwithcromulent.com", true }, { "gamingzoneservers.com", true }, { "gamishou.fr", true }, + { "gamivo.com", true }, { "gamoloco.com", true }, { "gan.wtf", true }, { "ganado.org", true }, @@ -13817,17 +13983,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gandgliquors.com", true }, { "ganggalbichler.at", true }, { "gansleit.com", false }, - { "ganzgraph.de", true }, + { "ganyouxuan.com", true }, { "ganztagplus.de", true }, { "gao.rocks", true }, { "gaojianli.tk", true }, - { "gaon.network", true }, { "gaos.org", true }, { "gapdirect.com", true }, { "gapfa.org", true }, { "gaptek.id", false }, { "gar-nich.net", false }, - { "garage-abri-chalet.fr", true }, { "garage-leone.com", true }, { "garage-meynard.com", true }, { "garageenginuity.com", true }, @@ -13837,6 +14001,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "garanteasy.com", true }, { "garbage-juice.com", true }, { "garbomuffin.com", true }, + { "garciagerman.com", true }, { "garda-see.mobi", true }, { "gardedenfantspourtous.fr", true }, { "garden-life.org", true }, @@ -13846,12 +14011,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gardinte.com", true }, { "garedtech.com", false }, { "garethbowker.com", true }, + { "garethkirk.com", true }, { "garethkirkreviews.com", true }, { "garethrhugh.es", true }, { "garforthgolfclub.co.uk", true }, { "gargazon.net", true }, { "garron.net", true }, { "garrowmediallc.com", true }, + { "gartenhauszentrum.de", true }, { "gartenplanung-brendes.de", true }, { "garycarmell.com", true }, { "garycwaite.com", true }, @@ -13862,43 +14029,43 @@ static const nsSTSPreload kSTSPreloadList[] = { { "garywhittington.com", true }, { "gashalot.com", true }, { "gastoudererenda.nl", true }, - { "gastritisolucion.com", true }, + { "gastromedicalcenter.com.br", true }, { "gastrotiger.at", true }, { "gastrotiger.de", true }, { "gate2home.com", true }, { "gateaucreation.fr", true }, { "gatewaybridal.com", true }, { "gatewaybronco.com", true }, - { "gatilagata.com.br", true }, { "gauche.com", true }, { "gaudeamus-folklor.cz", true }, { "gaudere.co.jp", true }, + { "gaurl.ga", true }, { "gaussianwaves.com", true }, { "gautham.it", false }, { "gauthier.dk", true }, { "gautvedt.no", true }, { "gavins.stream", true }, { "gavinsblog.com", true }, + { "gawrimanecuta.com", true }, { "gay-jays.com", true }, - { "gay-sissies.com", true }, + { "gaya-sa.org", true }, { "gayforgenji.com", true }, { "gayjays.com", true }, { "gaysexpositions.guide", true }, - { "gaysfisting.com", true }, - { "gaytorrent.ru", true }, { "gayukai.net", true }, - { "gayxsite.com", true }, { "gazachallenge.org", true }, { "gazee.net", true }, { "gazellegames.net", false }, + { "gazete.org", true }, { "gazette.govt.nz", true }, { "gbc-radio.nl", true }, { "gbcsummercamps.com", true }, - { "gbit.xyz", true }, { "gbl.selfip.net", true }, { "gboys.net", true }, + { "gc-mc.de", true }, { "gc.gy", true }, { "gcbit.dk", true }, + { "gccm-events.com", true }, { "gcfadvisors.com", true }, { "gcgeeks.com.au", true }, { "gcguild.net", true }, @@ -13909,9 +14076,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gdax.com", true }, { "gdb-tutorial.net", true }, { "gdgrzeszow.pl", true }, + { "gdhzcgs.com", true }, { "gdiary.net", true }, + { "gdngs.de", true }, { "gdpr-pohotovost.cz", true }, - { "gdutnic.com", true }, { "gdv.me", true }, { "gdz-spishy.com", true }, { "ge3k.net", false }, @@ -13921,7 +14089,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gearfinder.nl", true }, { "gearseo.com.br", true }, { "gearset.com", true }, - { "geaskb.nl", true }, { "geass.xyz", true }, { "geba-online.de", true }, { "gebn.co.uk", true }, @@ -13935,6 +14102,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gedankenworks.com", true }, { "geder.at", true }, { "gedlingcastlehire.co.uk", true }, + { "gee.is", true }, { "geecrat.com", true }, { "geek-hub.de", true }, { "geek.ch", true }, @@ -13942,29 +14110,31 @@ static const nsSTSPreload kSTSPreloadList[] = { { "geekabit.nl", true }, { "geekandi.com", true }, { "geekariom.com", true }, - { "geekchimp.com", true }, { "geekclubbooks.com", true }, { "geeklair.net", true }, { "geeklan.co.uk", true }, { "geekles.net", true }, { "geeknik.com", true }, { "geekpad.com", true }, - { "geekseries.fr", true }, + { "geeks.one", true }, { "geekshirts.cz", true }, { "geektopia.es", true }, { "geekwhack.org", true }, { "geekwithabudget.com", true }, { "geekwu.org", true }, - { "geeky.software", true }, { "geekystudios.us", true }, { "geekz.sk", true }, { "geekzone.co.nz", true }, { "geekzone.fr", true }, { "geeq.ch", true }, { "geerdsen.net", true }, + { "geertdegraaf.nl", true }, { "geertswei.nl", true }, { "gegeco.ch", true }, { "geh.li", true }, + { "gehaowu.com", true }, + { "gehirn.co.jp", true }, + { "gehirn.jp", true }, { "gehopft.de", true }, { "gehreslaw.com", true }, { "gehrke.in", true }, @@ -13990,7 +14160,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gemini.com", true }, { "gemquery.com", true }, { "genchev.io", true }, - { "gencmedya.com", true }, + { "gencmedya.com", false }, { "genderidentiteit.nl", true }, { "gendrin.com", true }, { "gendundrupa.ch", true }, @@ -14000,6 +14170,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "geneau.net", true }, { "genehightower.com", true }, { "genehome.com.au", true }, + { "generace-id.org", true }, { "generador-electrico.com", true }, { "general-anaesthesia.com", true }, { "general-anaesthetics.com", true }, @@ -14019,7 +14190,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "geneve-naturisme.ch", true }, { "genevoise-entretien.ch", true }, { "genfaerd.dk", true }, - { "genie-seiner-generation.de", true }, + { "geniush.ovh", true }, { "geniusteacher.in", true }, { "geniuszone.biz", true }, { "genocidediary.org", true }, @@ -14034,10 +14205,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gensicke.de", true }, { "genslerapps.com", true }, { "genslerwisp.com", true }, + { "gensokyo.chat", true }, { "gensonline.eu", true }, { "gentianes.ch", true }, { "gentoo-blog.de", true }, - { "gentooblog.de", true }, { "genusshotel-riegersburg.at", true }, { "genuxtsg.com", true }, { "genxnotes.com", true }, @@ -14051,6 +14222,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "geomex.be", true }, { "geoponika.gr", true }, { "geoport.al", true }, + { "georadar-algerie.com", true }, { "george-brighton.co.uk", true }, { "george-orwell.com", true }, { "georgebrighton.co.uk", true }, @@ -14060,6 +14232,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "georgemaschke.net", true }, { "georgescarryout.com", true }, { "georgewbushlibrary.gov", true }, + { "georgiaautoglass.net", true }, { "georgiaglassrepair.com", true }, { "georgiastuartyoga.co.uk", true }, { "georgioskontaxis.com", true }, @@ -14071,26 +14244,30 @@ static const nsSTSPreload kSTSPreloadList[] = { { "geosphereservices.com", true }, { "geotab.com", true }, { "gepe.ch", true }, + { "gepgroup.gr", true }, { "gepps.de", true }, { "geraintwhite.co.uk", true }, { "gerald-zojer.com", true }, { "geraldsonrealty.com", true }, + { "gerardinden.nl", true }, { "gerardozamudio.mx", true }, + { "gerbyte.co.uk", true }, + { "gerbyte.com", true }, + { "gerbyte.uk", true }, { "germandarknes.net", true }, { "germansoldiers.net", true }, { "germanssky.de", true }, { "gernert-server.de", true }, { "gero.io", true }, { "gerritcodereview.com", true }, - { "gerum.dynv6.net", true }, { "gerwinvanderkamp.nl", true }, { "ges-bo.de", true }, { "geschichtscheck.de", true }, { "geschmacksache.online", true }, { "geschwinder.net", true }, + { "gesica.cloud", true }, { "gestorehotel.com", true }, { "gestormensajeria.com", true }, - { "gesundes-im-napf.de", true }, { "gesundheitmassage.com", true }, { "gesundheitswelt24.de", true }, { "get-erp.ru", true }, @@ -14123,6 +14300,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "geti2p.com", true }, { "getidmcc.com", true }, { "getimgs.com", true }, + { "getinphase.com", true }, { "getitpeople.com", true }, { "getmango.com", true }, { "getmdl.io", true }, @@ -14142,7 +14320,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "getsecure.nl", true }, { "getsensibill.com", true }, { "getsetbounce.co.uk", true }, - { "getsetupfile.com", true }, { "getsilknow.com", true }, { "getsmartaboutdrugs.gov", true }, { "getsport.mobi", true }, @@ -14155,16 +14332,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "getupandbounce.co.uk", true }, { "getvdownloader.com", true }, { "getweloop.io", true }, + { "getwemap.com", true }, { "getwisdom.io", true }, { "getyeflask.com", true }, { "getyou.onl", true }, { "getyourlifestraight.com", true }, { "geyduschek.be", true }, { "gf-franken.de", true }, + { "gf5fcalc.com", true }, { "gfahnen.de", true }, { "gfast.ru", true }, { "gfcleisure.co.uk", true }, - { "gfe.li", true }, { "gfe.link", true }, { "gfelite.de", true }, { "gfestival.fo", true }, @@ -14175,31 +14353,32 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gfnetfun.cf", true }, { "gforce.ninja", true }, { "gfoss.eu", true }, - { "gfournier.ca", true }, { "gfxbench.com", true }, { "ggdcpt.com", true }, { "gginin.today", true }, { "ggl-luzern.ch", true }, { "ggma.co.uk", true }, { "ggmmontascale.it", true }, - { "ggobbo.com", true }, { "ggp2.com", true }, { "ggs-marschallstrasse.de", true }, { "ggs.jp", true }, { "ggservers.com", true }, { "ggx.us", true }, { "gha.st", true }, + { "ghaglund.se", true }, + { "ghid-pitesti.ro", true }, { "ghini.com", true }, { "ghislainphu.fr", true }, { "ghostblog.info", false }, { "ghostcir.com", true }, + { "ghowell.io", true }, { "ghrelinblocker.info", true }, { "ghrelinblocker.org", true }, - { "ghuntley.com", false }, { "giac.org", true }, { "giacomodrago.com", true }, { "giacomodrago.it", true }, { "giacomopelagatti.it", true }, + { "giaithich.net", true }, { "gianproperties.com", true }, { "giant-panda.com", true }, { "giant-tortoise.com", true }, @@ -14214,6 +14393,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "giddyaunt.net", true }, { "giduv.com", true }, { "giebel.it", true }, + { "giegler.software", true }, { "gierds.de", true }, { "giethoorn.com", true }, { "gietvloergarant.nl", false }, @@ -14221,15 +14401,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "giftedconsortium.com", true }, { "giftking.nl", false }, { "giftmaniabrilhos.com.br", true }, + { "gifts.best", true }, { "gifts365.co.uk", true }, - { "giftservices.nl", true }, { "gig-raiffeisen.de", true }, { "giga.nl", true }, { "gigabitz.pw", true }, { "gigacog.com", true }, { "gigantism.com", true }, { "gigawa.lt", true }, - { "gigawattz.com", true }, { "giggletotz.co.uk", true }, { "gigime.com", true }, { "gigin.eu", true }, @@ -14237,7 +14416,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gigis-pizzeria.de", true }, { "gigis.cloud", true }, { "giglink.club", true }, - { "gigolodavid.be", true }, { "gigseekr.com", true }, { "gigtroll.eu", true }, { "gijsbertus.com", true }, @@ -14254,13 +14432,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gilmoreid.com.au", true }, { "gilnet.be", true }, { "gina-architektur.design", true }, - { "ginie.de", true }, + { "gingersutton.com", true }, { "ginionusedcars.be", true }, { "ginja.co.th", true }, { "ginnegappen.nl", true }, { "ginniemae.gov", true }, + { "gino-gelati.de", true }, { "ginza-luce.net", true }, { "ginzadelunch.jp", true }, + { "ginzaj.com", true }, { "giochi-online.ws", true }, { "giochiecodici.it", true }, { "gioielleriamolena.com", true }, @@ -14278,12 +14458,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "girsa.org", true }, { "girvas.ru", true }, { "gisgov.be", true }, + { "gisher.news", true }, { "gisher.org", true }, + { "gisher.video", true }, { "gistr.io", true }, { "git.ac.cn", true }, { "git.market", true }, + { "git.sb", true }, { "git.tt", true }, - { "gitar.io", true }, { "gitep.org.uk", true }, { "gites-alizea.com", true }, { "gitesdeshautescourennes.com", true }, @@ -14291,8 +14473,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gitla.in", true }, { "gitstuff.tk", true }, { "gittigidiyor.com", true }, - { "gittr.ch", true }, - { "giuem.com", true }, + { "giuem.com", false }, { "giunchi.net", true }, { "giuseppemacario.men", true }, { "givastar.com", true }, @@ -14318,10 +14499,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gl.search.yahoo.com", false }, { "glaciernursery.com", true }, { "gladwellentertainments.co.uk", true }, - { "glahcks.com", true }, { "glamguru.co.il", true }, { "glamguru.world", true }, { "glamour4you.de", true }, + { "glamourdaze.com", true }, { "glasdon.com", true }, { "glasen-hardt.de", true }, { "glasfaser-im-hanseviertel.de", true }, @@ -14335,14 +14516,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gleanview.com", true }, { "gleich-aluminium-shop.de", true }, { "glenberviegolfclub.com", true }, + { "glencambria.com", true }, { "glencarbide.com", true }, { "glendarraghbouncycastles.co.uk", true }, { "glenhuntlyapartments.com.au", true }, { "glenshere.com", true }, { "glevolution.com", true }, + { "glicerina.online", true }, { "glidingshop.cz", true }, { "glidingshop.de", true }, { "glidingshop.eu", true }, + { "glitzerstuecke.de", true }, { "glloq.org", true }, { "glob-coin.com", true }, { "global-adult-webcams.com", true }, @@ -14372,9 +14556,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "glocalworks.jp", true }, { "glofox.com", true }, { "gloneta.com", false }, + { "glosiko.com", true }, + { "glossopnorthendafc.co.uk", true }, { "glotech.co.uk", true }, { "glotechkitchens.co.uk", true }, { "glotechrepairs.co.uk", true }, + { "glu3cifer.rocks", true }, { "glueck-im-norden.de", true }, { "gluecksgriff-taschen.de", true }, { "glueckskindter.de", true }, @@ -14384,6 +14571,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "glutenfreevr.com", true }, { "glykofridis.nl", true }, { "glyxins.com", true }, + { "gm-net.jp", true }, { "gm.search.yahoo.com", false }, { "gmail.com", false }, { "gmantra.org", true }, @@ -14396,8 +14584,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gmod.de", true }, { "gmpark.dk", true }, { "gmpartsdb.com", true }, + { "gmslparking.co.uk", true }, { "gmta.nl", true }, - { "gmw-hannover.de", true }, + { "gmtplus.co.za", true }, { "gmw-ingenieurbuero.de", true }, { "gmx.at", true }, { "gmx.ch", true }, @@ -14407,11 +14596,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gmx.es", true }, { "gmx.fr", true }, { "gmx.net", true }, + { "gn00.com", true }, { "gnax.jp", false }, + { "gndh.net", true }, { "gnetion.com", true }, { "gnetwork.eu", true }, + { "gnfrazier.me", true }, { "gnhub.org", true }, { "gnilebein.de", true }, + { "gnk.io", true }, { "gnuand.me", true }, { "gnucashtoqif.us", true }, { "gnunet.org", true }, @@ -14422,6 +14615,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "go-embedded.de", true }, { "go-wild.co.uk", true }, { "go-zh.org", true }, + { "go.microsoft.com", true }, { "go.xero.com", false }, { "go2ubl.nl", true }, { "goa8.xyz", true }, @@ -14435,7 +14629,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gobouncy.co.uk", true }, { "gobouncy.com", true }, { "gobranding.com.vn", true }, - { "gocardless.com", true }, + { "gocher.me", true }, { "gochu.se", true }, { "gocleanerslondon.co.uk", true }, { "god-clan.hu", true }, @@ -14457,6 +14651,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "goedverzekerd.net", true }, { "goemail.me", true }, { "goerlitz-zgorzelec.org", true }, + { "goerres2014.de", true }, + { "goesta-hallenbau.de", true }, { "goetemp.de", true }, { "goetic.space", true }, { "goettinger-biergarten.de", true }, @@ -14477,9 +14673,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "goingreen.com.au", true }, { "gokhankesici.com", true }, { "gokmenguresci.com", true }, + { "golang.zone", true }, { "gold24.ru", true }, - { "goldclubcasino.com", true }, + { "goldcoastasian.com", true }, { "goldcoasthypnotherapyhypnosis.com.au", true }, + { "goldcoastphotographycourses.com", true }, { "goldcoaststumpbusters.com", true }, { "goldegg-training.com", false }, { "goldenbadger.de", true }, @@ -14487,14 +14685,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "goldenhillsoftware.com", true }, { "goldenhost.ca", true }, { "goldenplate.com.sg", true }, + { "goldfmromania.ro", true }, { "goldmark.com.au", true }, { "goldpreisfinder.at", true }, { "goldsecurity.com", true }, - { "goldsky.com.au", true }, { "goldstein.tel", true }, { "golf18network.com", true }, { "golf18staging.com", true }, - { "golfburn.com", true }, { "golfhausmallorca.com", true }, { "golfmeile.de", true }, { "golfpark-bostalsee.de", true }, @@ -14504,6 +14701,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "golser.info", true }, { "gomasy.jp", true }, { "gomelchat.com", true }, + { "gomiblog.com", true }, { "gommista.roma.it", true }, { "gondawa.com", true }, { "gongjianwei.com", true }, @@ -14517,7 +14715,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gooddomainna.me", true }, { "goodenough.nz", false }, { "goodfeels.net", true }, - { "goodvibesblog.com", true }, { "google", true }, { "google-analytics.com", true }, { "googleandroid.cz", true }, @@ -14526,14 +14723,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "googlesource.com", true }, { "goombi.fr", true }, { "goonersworld.co.uk", true }, + { "goooo.info", true }, { "gootlijsten.nl", true }, { "goozp.com", true }, { "gopher.tk", true }, { "goproallaccess.com", true }, { "goquiq.com", true }, - { "gorakukai.jp", true }, - { "gordonobrecht.com", true }, { "gordonscouts.com.au", true }, + { "gorf.chat", true }, + { "gorf.club", true }, { "gorgias.me", true }, { "gorky.media", true }, { "gorn.ch", true }, @@ -14543,11 +14741,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gosforthdentalsurgery.co.uk", true }, { "goshawkdb.io", true }, { "goshin-group.co.jp", true }, - { "goshow.tv", true }, { "gospelfollower.com", true }, + { "gospelofmark.ch", true }, { "gospelvestcination.de", true }, { "gostaffer.com", true }, { "gostest.org", true }, + { "gosu.pro", true }, { "gosuland.org", true }, { "got-tty.de", true }, { "goteborgsklassikern.se", true }, @@ -14567,8 +14766,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gottcode.org", false }, { "goudenharynck.be", true }, { "gouforit.com", true }, - { "goujianwen.com", true }, - { "goukon.ru", true }, { "gouldcooksey.com", true }, { "goup.co", true }, { "goup.com.tr", true }, @@ -14588,13 +14785,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gowin9.net", true }, { "gowithflo.de", true }, { "gozenhost.com", true }, - { "gpalabs.com", true }, { "gpcsolutions.fr", true }, { "gpdimaranathasiantar.org", true }, { "gpfclan.de", true }, { "gpgscoins.com", true }, { "gplans.us", true }, - { "gplintegratedit.com", true }, { "gpm.ltd", true }, { "gprs.uk.com", true }, { "gps.com.br", true }, @@ -14608,15 +14803,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gra2.com", true }, { "graasp.net", false }, { "grabacabpa.com", true }, - { "grabi.ga", true }, { "grace-wan.com", true }, + { "gracebaking.com", false }, { "gracedays.org", true }, { "gracethrufaith.com", true }, { "gracetini.com", true }, { "graciousmay.com", true }, - { "gradenotify.com", true }, + { "gradecam.com", true }, { "gradienthosting.co.uk", true }, { "gradients.com", true }, + { "gradingcontractornc.com", true }, { "gradualgram.com", true }, { "graeber.com", true }, { "graecum.org", true }, @@ -14630,6 +14826,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "grafoteka.pl", true }, { "graft.community", true }, { "graft.observer", true }, + { "grahamcarruthers.co.za", true }, { "grahamcluley.com", true }, { "grahamofthewheels.com", true }, { "grailians.com", true }, @@ -14639,8 +14836,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gram.tips", true }, { "gramati.com.br", true }, { "grammysgrid.com", true }, + { "grana.com", true }, { "granary-demo.appspot.com", false }, { "grancellconsulting.com", true }, + { "grandcafecineac.nl", true }, { "grandcafetwist.nl", true }, { "grandcapital.cn", true }, { "grandcapital.id", true }, @@ -14650,13 +14849,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "grandefratellonews.com", true }, { "grandeto.com", true }, { "grandjunctionbrewing.com", true }, - { "grandmasfridge.org", true }, { "grandmusiccentral.com.au", true }, { "grandpadusercontent.com", true }, - { "grandwailea.com", true }, { "granfort.es", false }, { "granian.pro", true }, { "granishe.com", true }, + { "graniteind.com", true }, { "grannys-stats.com", true }, { "grannyshouse.de", true }, { "grantcooper.com", true }, @@ -14669,6 +14867,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "graphcommons.com", true }, { "graphene.software", true }, { "graphic-shot.com", true }, + { "graphified.nl", false }, { "graphire.io", true }, { "grapholio.net", true }, { "grasmark.com", true }, @@ -14698,7 +14897,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "grazieitalian.com", true }, { "grc.com", false }, { "greatagain.gov", true }, - { "greatergoodoffers.com", true }, { "greatestwebsiteonearth.com", true }, { "greatfire.org", true }, { "greatislandarts.ca", true }, @@ -14715,21 +14913,25 @@ static const nsSTSPreload kSTSPreloadList[] = { { "green-light.co.nz", true }, { "greenaddress.it", true }, { "greenapproach.ca", true }, + { "greenbaysecuritysolutions.com", true }, { "greencircleplantnursery.com.au", true }, { "greencircleplantnursery.net.au", true }, - { "greenenergysolution.uk", true }, + { "greenconn.ca", true }, { "greener.pl", true }, { "greenglam.biz", true }, { "greengoblindev.com", true }, { "greenhats.de", true }, { "greenliquidsystem.com", true }, + { "greenliv.pl", true }, { "greenlungs.net", true }, { "greenoutdoor.dk", false }, { "greenpanda.de", true }, { "greenpartyofnewmilford.org", true }, { "greenpeace-magazin.de", true }, + { "greenpeace.berlin", true }, { "greenroach.ru", true }, { "greenrushdaily.com", true }, + { "greensborosecuritycameras.com", true }, { "greensdictofslang.com", true }, { "greensquare.tk", true }, { "greenteamtwente.nl", true }, @@ -14738,8 +14940,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "greer.ru", true }, { "greg.red", true }, { "greger.me", true }, - { "gregmilton.com", true }, - { "gregmilton.org", true }, + { "gregmote.com", true }, { "gregoirow.be", true }, { "gregorians.org", true }, { "gregorkofler.com", true }, @@ -14763,6 +14964,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "greybeards.ca", true }, { "greyhash.se", true }, { "greymattertechs.com", true }, + { "greysky.me", true }, { "greyskymedia.com", true }, { "greysolutions.it", true }, { "greywizard.com", true }, @@ -14780,6 +14982,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "griegshipbrokers.com", true }, { "griegshipbrokers.no", true }, { "griesser2.de", true }, + { "grillen-darf-nicht-gesund-sein.de", true }, { "grillteller42.de", true }, { "grimcalc.com", true }, { "grimm-gastrobedarf.de", true }, @@ -14790,6 +14993,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gritte.ch", true }, { "grizzlys.com", true }, { "grmp.fr", true }, + { "grocerybuild.com", true }, { "grocock.me.uk", true }, { "groenaquasolutions.nl", true }, { "groenewoud.me", true }, @@ -14807,23 +15011,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "groovygoldfish.org", true }, { "gropp.org", true }, { "gross.business", true }, - { "grossell.ru", true }, { "groszek.pl", true }, { "groth.im", true }, { "groth.xyz", true }, { "grothoff.org", true }, + { "grottenthaler.eu", true }, { "grouchysysadmin.com", true }, { "group4layers.net", true }, { "groupe-neurologique-nord.lu", true }, { "groupebaillargeon.com", true }, { "groupghistelinck-cars.be", true }, - { "grouphomes.com.au", false }, { "groupme.com", true }, { "groups.google.com", true }, { "growingallthings.co.uk", true }, { "growit.events", true }, { "growy.ch", true }, - { "grozter.se", true }, + { "grrmmll.com", true }, { "grsecurity.net", true }, { "gruble.de", true }, { "gruebebraeu.ch", true }, @@ -14834,6 +15037,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gruenes-wp.de", true }, { "gruenprint.de", true }, { "gruenstreifen-ev.de", true }, + { "grumples.biz", true }, { "grumpy.fr", true }, { "grumpygamers.com", true }, { "grunwaldzki.center", true }, @@ -14849,11 +15053,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gs93.de", true }, { "gsaj114.net", true }, { "gscloud.xyz", true }, + { "gsdb.net", true }, { "gsi-network.com", true }, { "gsimagebank.co.uk", true }, { "gslink.me", true }, { "gsmsecurity.net", true }, - { "gsoc.se", true }, { "gsrc.io", true }, { "gst.name", true }, { "gst.priv.at", true }, @@ -14870,6 +15074,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gtmasterclub.it", false }, { "gtmetrix.com", true }, { "gtopala.com", true }, + { "gtopala.net", true }, { "gtour.info", false }, { "gtravers-basketmaker.co.uk", true }, { "gts-dp.de", true }, @@ -14881,12 +15086,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "guardiansoftheearth.org", true }, { "gubagoo.com", true }, { "gubagoo.io", true }, - { "gudangpangan.id", true }, { "gudini.net", true }, - { "gudrun.ml", true }, { "guegan.de", true }, { "guelo.ch", true }, { "guenthereder.at", true }, + { "guerard.info", true }, { "guerrilla.technology", true }, { "guesthouse-namaste.com", true }, { "guevener.de", true }, @@ -14896,7 +15100,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "guffr.it", true }, { "guge.ch", true }, { "gugert.net", true }, - { "guhei.net", true }, { "guhenry3.tk", true }, { "guiacidade.com.br", true }, { "guichet-entreprises.fr", true }, @@ -14906,9 +15109,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "guide-peche-cantal.com", true }, { "guidebook.co.tz", true }, { "guidedselling.net", true }, + { "guideline.gov", false }, + { "guidelines.gov", false }, { "guideo.ch", true }, { "guidepointsecurity.com", true }, - { "guides-et-admin.com", true }, { "guides-peche64.com", true }, { "guidesetc.com", true }, { "guidetoiceland.is", false }, @@ -14941,7 +15145,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gurmel.ru", true }, { "gurpusmaximus.com", true }, { "guru-naradi.cz", true }, - { "gurubetng.com", true }, { "gurucomi.com", true }, { "gurueffect.com", true }, { "gurugardener.co.nz", true }, @@ -14955,15 +15158,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "guus-thijssen.nl", true }, { "guusvandewal.nl", true }, { "guvernalternativa.ro", true }, - { "guyot-tech.com", true }, + { "guyeskens.be", true }, { "gv-neumann.de", true }, { "gvatas.in", true }, { "gveh.de", true }, { "gvi-timing.ch", true }, - { "gvi.be", true }, { "gviedu.com", true }, { "gvitiming.ch", true }, - { "gvm.io", true }, { "gvobgyn.ca", true }, { "gvt2.com", true }, { "gvt3.com", true }, @@ -14977,6 +15178,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gwrtech.com", true }, { "gwsec.co.uk", true }, { "gxmyqy.net", true }, + { "gyara.moe", true }, { "gyas.nl", true }, { "gycis.me", false }, { "gymagine.ch", true }, @@ -14987,6 +15189,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gymnasium-hittfeld.de", true }, { "gympap.de", true }, { "gynaecology.co", true }, + { "gynoguide.com", true }, { "gypsyreel.com", true }, { "gyre.ch", true }, { "gyrenens.ch", true }, @@ -15011,7 +15214,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "h2s-design.de", true }, { "h2u.tv", true }, { "h3artbl33d.nl", true }, - { "h3z.jp", false }, + { "h3z.jp", true }, { "h404bi.com", true }, { "ha-kunamatata.de", true }, { "ha3.eu", true }, @@ -15031,9 +15234,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "haccp.bergamo.it", true }, { "haccp.milano.it", true }, { "haccp.roma.it", true }, + { "hacertest.com", true }, { "hacettepeteknokent.com.tr", true }, - { "hachre.de", true }, - { "hack.club", true }, + { "hachre.de", false }, + { "hack.cz", true }, { "hackademix.net", true }, { "hackanders.com", true }, { "hackattack.com", true }, @@ -15043,12 +15247,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hackdown.me", true }, { "hackenkunjeleren.nl", true }, { "hackenturet.dk", true }, - { "hacker.club", true }, + { "hacker.holiday", true }, { "hacker.im", true }, { "hacker.one", true }, { "hacker.parts", true }, { "hacker1.com", true }, { "hacker101.com", true }, + { "hackerchai.com", true }, { "hackerco.com", true }, { "hackereyes.com", true }, { "hackergateway.com", true }, @@ -15059,6 +15264,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hackerone.at", true }, { "hackerone.com", true }, { "hackerone.net", true }, + { "hackerpoints.com", true }, { "hackerschat.net", true }, { "hackerstxt.org", true }, { "hackettrecipes.com", true }, @@ -15073,7 +15279,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hackthissite.org", true }, { "hacktic.info", true }, { "hacktivis.me", true }, - { "hackyourfaceoff.com", true }, + { "hackworx.com", false }, { "hackzogtum-coburg.de", true }, { "hadaly.fr", true }, { "hadleighswimmingclub.co.uk", true }, @@ -15085,24 +15291,27 @@ static const nsSTSPreload kSTSPreloadList[] = { { "haferman.net", true }, { "haferman.org", true }, { "hafniatimes.com", true }, - { "haggeluring.su", true }, { "hagueaustralia.com.au", true }, { "haha-raku.com", true }, { "hahay.es", true }, { "haiboxu.com", true }, - { "hail2u.net", true }, + { "haidihai.ro", true }, { "hailer.com", true }, + { "haim.bio", true }, + { "haimablog.ooo", true }, { "hairbeautyartists.it", true }, { "haircrazy.com", true }, - { "hairplaybychenellekay.com", true }, + { "hairplaybychenellekay.com", false }, { "hairraisingphotobooths.co.uk", true }, { "hairtonic-lab.com", true }, { "haixihui.cn", true }, { "haizum.pro", true }, + { "hajekdavid.cz", true }, { "hajekj.net", true }, { "hak5.org", true }, { "hakaru.org", true }, { "hakase.io", true }, + { "hakase.pw", true }, { "hakatabijin-mind.com", true }, { "hake.me", true }, { "hal-9th.space", true }, @@ -15117,6 +15326,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "halkyon.net", true }, { "hallelujahsoftware.com", true }, { "halletienne.fr", true }, + { "hallettxn.com", true }, { "hallhuber.com", true }, { "halliday.work", true }, { "halligladen.de", true }, @@ -15127,6 +15337,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "halongbaybackpackertour.com", true }, { "haloobaloo.com", true }, { "haloria.com", true }, + { "haltegame.com", true }, { "hamacho-kyudo.com", true }, { "hamali.bg", true }, { "hamburgerbesteld.nl", true }, @@ -15134,7 +15345,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hamcram.io", true }, { "hamiltonlinen.com", true }, { "hamiltonmedical.nl", true }, - { "hamish.ca", true }, { "hammer-corp.com", true }, { "hammer-schnaps.com", true }, { "hammer-sms.com", true }, @@ -15151,8 +15361,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "handlecoin.com", true }, { "handleidingkwijt.com", true }, { "handmade-workshop.de", true }, - { "handmadegobelin.com", true }, - { "handmadeshoes.pe", true }, { "handyglas.com", true }, { "handymanlondonplease.co.uk", true }, { "handynummer.online", true }, @@ -15168,6 +15376,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hannah.link", true }, { "hannoluteijn.nl", true }, { "hanoibuffet.com", true }, + { "hanpenblog.com", true }, { "hansbijster.nl", true }, { "hansch.ventures", true }, { "hanschventures.com", true }, @@ -15186,7 +15395,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hanzubon.jp", true }, { "hao-zhang.com", true }, { "haogoodair.ca", true }, - { "haoqi.men", true }, { "haotown.cn", true }, { "haozhang.org", true }, { "haozi.me", true }, @@ -15218,8 +15426,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "harald-pfeiffer.de", true }, { "harapecorita.com", true }, { "harbor-light.net", true }, - { "hardeman.nu", true }, { "hardenize.com", true }, + { "hardergayporn.com", true }, { "hardertimes.com", true }, { "hardesec.com", true }, { "hardez.de", true }, @@ -15229,12 +15437,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hardloopfysio.nl", true }, { "hardrain980.com", true }, { "hardtfrieden.de", true }, - { "hardtime.ru", true }, + { "hardwareschotte.de", true }, { "harekaze.info", true }, { "haribilalic.com", true }, { "harilova.fr", true }, + { "harion.fr", true }, { "harisht.me", false }, - { "haritsa.co.id", true }, { "harjitbhogal.com", true }, { "harlor.de", true }, { "harmfarm.nl", true }, @@ -15246,7 +15454,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "harp.gov", true }, { "harrcostl.com", true }, { "harringtonca.com", true }, - { "harrisonsdirect.co.uk", true }, { "harrisonswebsites.com", true }, { "harrisonvillenaz.org", true }, { "harry-baker.com", true }, @@ -15266,11 +15473,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "harveyauzorst.com", true }, { "harveymilton.com", true }, { "has-no-email-set.de", false }, - { "haschrebellen.de", true }, + { "has.work", true }, { "hasdf.de", true }, { "hasecuritysolutions.com", true }, { "haselsteiner.me", true }, { "hash-archive.org", true }, + { "hash.army", true }, { "hash.works", true }, { "hashcat.net", true }, { "hashes.org", true }, @@ -15296,12 +15504,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "haus-garten-test.de", true }, { "haus-henne.de", true }, { "haus-zeitlos.de", true }, - { "hausarztpraxis-linn.de", true }, { "haushenne.de", true }, + { "hausjugo.de", true }, { "haustechnik-breu.de", true }, { "hausundhof.com", true }, { "hausverbrauch.de", true }, - { "hauswarteam.com", true }, { "hautaka.com", true }, { "hautarztzentrum.ch", true }, { "hauteslatitudes.com", true }, @@ -15330,6 +15537,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hayashi-rin.net", true }, { "hayden.one", false }, { "haydenjames.io", true }, + { "haydentomas.com", true }, { "hayfordoleary.com", true }, { "haynes-davis.com", true }, { "hayvid.com", true }, @@ -15344,13 +15552,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hbpowell.com", true }, { "hcaz.io", true }, { "hcbj.io", true }, - { "hcoe.fi", true }, { "hd-gaming.com", true }, { "hd-offensive.at", false }, { "hd-only.org", true }, { "hd-outillage.com", true }, { "hda.me", true }, { "hdc.cz", true }, + { "hdcamvids.com", true }, { "hdcenter.cc", true }, { "hdeaves.uk", true }, { "hdf.world", true }, @@ -15361,7 +15569,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hdrsource.com", true }, { "hdrtranscon.com", true }, { "hds-lan.de", true }, - { "hdwallpapers.net", true }, { "heaaart.com", true }, { "head.org", true }, { "head.ru", true }, @@ -15370,12 +15577,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "headshopinternational.com", true }, { "headshotharp.de", true }, { "healey.io", true }, + { "health-booster.com", true }, { "health-match.com.au", true }, { "health-plan-news.com", true }, { "health.gov", true }, { "health.graphics", true }, { "healthcare.gov", false }, - { "healthcare6.com", true }, { "healtheals.com", true }, { "healtheffectsofasbestos.com", true }, { "healthery.com", true }, @@ -15383,6 +15590,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "healthfoam.com", true }, { "healthgames.co.uk", true }, { "healthiercompany.com", true }, + { "healthiergenerations.co.uk", true }, { "healthit.gov", true }, { "healthlabs.com", true }, { "healthmatchapp.com", true }, @@ -15394,6 +15602,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "healthybeterlife.click", true }, { "healthyfitfood.com", true }, { "healthypeople.gov", true }, + { "healthyteame.com", true }, { "heap.zone", true }, { "hearmeraw.uk", true }, { "heart.taxi", true }, @@ -15407,7 +15616,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "heartview.com.br", true }, { "heartwoodart.com", true }, { "hearty.blog", true }, - { "hearty.cf", true }, { "hearty.ga", true }, { "hearty.gq", true }, { "hearty.me", true }, @@ -15416,7 +15624,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hearty.org.tw", true }, { "hearty.taipei", true }, { "hearty.us", true }, - { "heartyapp.com", true }, { "heartycraft.com", true }, { "heatershop.co.uk", true }, { "heatingandairconditioningdallastx.com", true }, @@ -15435,14 +15642,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "heckelektro.de", true }, { "heckerundknopp.de", true }, { "heckticmedia.com", true }, - { "hectorj.net", true }, - { "hedgeschool.ie", true }, { "hedonism.org", true }, { "hedonistic-imperative.com", true }, { "hedonistic.org", true }, { "hedonium.com", true }, { "hedweb.co.uk", true }, - { "hedweb.com", true }, { "hedweb.net", true }, { "hedweb.org", true }, { "heeler.blue", true }, @@ -15470,6 +15674,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "heimonen.eu", true }, { "heimprofis.de", true }, { "heinemann.io", true }, + { "heinemeier.dk", true }, { "heinpost.nl", false }, { "heinzelmann.co", true }, { "heiraten-gardasee.de", true }, @@ -15478,7 +15683,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "heistheguy.com", true }, { "heitland-it.de", true }, { "heiwa-valve.co.jp", true }, - { "hejahanif.se", true }, { "hejianpeng.cn", true }, { "heka.ai", true }, { "helber-it-services.de", true }, @@ -15507,10 +15711,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "helmut-a-binser.de", true }, { "help.simpletax.ca", true }, { "helpconnect.com.au", true }, - { "helpdebit.com", true }, - { "helpfacile.com", true }, - { "helpfixe.com", true }, - { "helpflux.com", true }, { "helpgoabroad.com", true }, { "helpmij.cf", true }, { "helpscoutdocs.com", true }, @@ -15529,9 +15729,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hendyisaac.com", true }, { "hengelsportdeal.com", true }, { "hengstumone.com", true }, - { "henhenlu.com", true }, { "henkboelman.com", true }, - { "henkbrink.com", true }, { "henker.net", true }, { "henkverlinde.com", false }, { "henley-computer-repairs.co.uk", true }, @@ -15548,10 +15746,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "henrock.net", true }, { "henry.gg", true }, { "henryphan.com", false }, - { "hentaiz.net", true }, + { "hentaiworld.cc", true }, { "hentschke-bau.de", true }, { "hentschke-betonfertigteilwerk.de", true }, { "hentschke-invest.de", true }, + { "henzenhoning.nl", true }, { "heppler.net", true }, { "heptafrogs.de", true }, { "herbal-id.com", true }, @@ -15565,6 +15764,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "herds.eu", true }, { "herdserv.de", true }, { "herebedragons.io", true }, + { "herecsrymy.cz", true }, { "heritagebaptistchurch.com.ph", true }, { "herkam.pl", true }, { "hermanbrouwer.nl", true }, @@ -15595,7 +15795,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "herzbotschaft.de", true }, { "herzfuersoziales.at", true }, { "herzig.cc", true }, - { "hesa.com", true }, { "hesaplama.net", true }, { "hessen-liebe.de", true }, { "hestervanderheijden.nl", true }, @@ -15621,7 +15820,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hexicurity.com", true }, { "hexid.me", true }, { "hexieshe.com", true }, - { "hexo.io", true }, { "hexony.com", true }, { "hexr.org", true }, { "hexstream.net", true }, @@ -15633,16 +15831,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "heywood.cloud", true }, { "hf-tekst.nl", true }, { "hf51.nl", true }, - { "hflsdev.org", false }, { "hfox.org", true }, { "hg.gg", true }, { "hg.python.org", true }, - { "hg525.com", true }, { "hgbet.com", true }, - { "hgfa.fi", true }, + { "hgvnet.de", true }, { "hgw168.com", true }, { "hh-medic.com", true }, - { "hh-wolke.dedyn.io", true }, { "hhgdo.de", true }, { "hhhdb.com", true }, { "hhidr.org", true }, @@ -15673,16 +15868,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "highlatitudestravel.com", true }, { "highlegshop.com", true }, { "highlevelwoodlands.com", true }, - { "highlightsfootball.com", false }, + { "highlightsfootball.com", true }, { "highlnk.com", true }, { "highperformancehvac.com", true }, { "highspeed-arnsberg.de", true }, { "highspeedinternet.my", true }, { "highspeedinternetservices.ca", true }, { "hightechbasementsystems.com", true }, - { "hightimes.com", true }, { "highwaytohoell.de", true }, { "higilopocht.li", true }, + { "hikarukujo.com", true }, { "hike.pics", true }, { "hikingguy.com", true }, { "hilahdih.cz", true }, @@ -15709,6 +15904,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hintergrundbewegung.de", true }, { "hinterhofbu.de", true }, { "hinterposemuckel.de", true }, + { "hiojbk.com", true }, { "hipi.jp", true }, { "hippies.com.br", true }, { "hippo.ge", true }, @@ -15718,16 +15914,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hipstercat.fr", true }, { "hiqfleet.co.uk", true }, { "hiqfranchise.co.uk", true }, + { "hiqhub.co.uk", false }, { "hiqonline.co.uk", true }, { "hirake55.com", true }, { "hiratake.xyz", true }, { "hire-a-coder.de", true }, { "hireabouncycastle.net", true }, { "hirefitness.co.uk", true }, - { "hireprofs.com", true }, { "hiresteve.ca", true }, { "hiretech.com", true }, - { "hirevets.gov", true }, { "hirezzportal.com", true }, { "hiring-process.com", true }, { "hiromuogawa.com", true }, @@ -15746,11 +15941,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hiteco.com", true }, { "hititgunesi-tr.com", true }, { "hitmanstat.us", true }, + { "hitn.at", true }, { "hitoapi.cc", true }, { "hitocom.net.br", true }, { "hitokoto-mania.com", true }, { "hitokoto.cn", true }, { "hitomecha.com", true }, + { "hitrek.ml", true }, { "hitter-lauzon.com", true }, { "hitter.family", true }, { "hitterfamily.com", true }, @@ -15767,18 +15964,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hizzacked.xxx", true }, { "hj-mosaiques.be", true }, { "hj.rs", true }, + { "hj2999.com", true }, + { "hj3455.com", true }, { "hjartasmarta.se", true }, - { "hjf-immobilien.de", true }, { "hjkbm.cn", true }, - { "hjkhs.cn", true }, { "hjort.land", true }, { "hjortland.org", true }, { "hjphoto.co.uk", true }, { "hjtky.cn", true }, { "hjw-kunstwerk.de", true }, { "hk.search.yahoo.com", false }, + { "hkbsurgery.com", true }, { "hkdobrev.com", true }, { "hks.pw", true }, + { "hktkl.com", true }, { "hkustmbajp.com", true }, { "hl7999.com", true }, { "hl8999.com", true }, @@ -15789,8 +15988,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hlfh.space", true }, { "hlidacnajemneho.cz", true }, { "hlinformatics.nl", true }, + { "hloe0xff.ru", true }, { "hlsmandarincentre.com", true }, { "hlucas.de", true }, + { "hm773.net", true }, { "hmcdj.cn", true }, { "hmhotelec.com", false }, { "hmoegirl.com", true }, @@ -15806,8 +16007,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hoarding.me", true }, { "hobby-drechselei.de", true }, { "hobbyspeed.com", true }, - { "hocassian.cn", true }, + { "hochhaus.us", true }, { "hochoukikikiraku.com", true }, + { "hochyi.com", true }, { "hochzeit-dana-laurens.de", true }, { "hochzeitsfotograf-deinfoto.ch", true }, { "hochzeitsgezwitscher.de", true }, @@ -15820,7 +16022,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hoe.re", true }, { "hoeft-autolackierung.de", true }, { "hoekvanholland.eu", true }, - { "hoelty.network", true }, { "hoeren.club", true }, { "hoesnelwasik.nl", true }, { "hoevenstein.nl", true }, @@ -15830,13 +16031,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hofapp.de", true }, { "hofauer.de", true }, { "hoflerlawfirm.com", true }, + { "hogepad.com", true }, { "hogl.dk", true }, { "hogrebe.de", true }, { "hogwarts.io", true }, + { "hohenleimbach.de", true }, { "hohm.in", true }, { "hoiquanadida.com", true }, { "hoken-wakaru.jp", true }, - { "hokepon.com", true }, { "hokieprivacy.org", true }, { "hokify.at", true }, { "hokify.ch", true }, @@ -15849,7 +16051,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "holistichealer.in", true }, { "holisticon.de", true }, { "hollandsdiep.nl", true }, - { "hollerau.de", true }, { "hollermann.eu", true }, { "hollo.me", true }, { "hollowpoint.xyz", true }, @@ -15864,11 +16065,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "holoxplor.space", true }, { "holstphoto.com", true }, { "holvonix.com", true }, - { "holy-hi.com", true }, { "holydragoon.jp", true }, { "holygrail.games", true }, { "holyhiphopdatabase.com", true }, { "holymolycasinos.com", true }, + { "holytransaction.com", true }, { "holywhite.com", true }, { "holz.nu", true }, { "holzheizer-forum.de", true }, @@ -15879,18 +16080,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "holzundgarten.de", true }, { "holzvergaser-forum.de", true }, { "homatism.com", true }, - { "home-work-jobs.com", true }, + { "home-v.ind.in", true }, { "homeautomated.com", true }, { "homebasedsalons.com.au", true }, { "homebodyalberta.com", true }, { "homecareassociatespa.com", true }, { "homecarpetcleaning.co.uk", true }, { "homecheck.gr", true }, - { "homecoming.city", true }, + { "homefacialpro.com", false }, { "homegardeningforum.com", true }, { "homegardenresort.nl", true }, { "homehuntertoronto.com", true }, { "homehunting.pt", true }, + { "homeimagician.com.au", true }, + { "homem-viril.com", true }, { "homeodynamics.com", true }, { "homeoesp.org", true }, { "homeofjones.net", true }, @@ -15901,6 +16104,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "homeprivate.de", true }, { "homeseller.com", true }, { "homeserver-kp.de", true }, + { "homesteadandprepper.com", true }, { "homesteadfarm.org", true }, { "homewatt.co.uk", true }, { "homeyou.com", true }, @@ -15914,11 +16118,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hondenoppasfraneker.nl", true }, { "honey.is", true }, { "honeybadger.io", false }, - { "honeybeard.co.uk", true }, { "honeycome.net", true }, { "honeycreeper.com", true }, { "honeyhaw.com", true }, { "honeypot.net", true }, + { "hong.io", true }, { "hongoi.com", true }, { "honkion.net", true }, { "honovere.de", true }, @@ -15930,19 +16134,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hoop.la", true }, { "hoopertechnicalsolutions.com", true }, { "hooplessinseattle.com", true }, - { "hooray.beer", true }, { "hoorr.com", true }, { "hootworld.net", false }, + { "hoowhen.cn", true }, { "hopconseils.ch", true }, { "hopconseils.com", true }, { "hope-line-earth.jp", true }, - { "hopesb.org", true }, + { "hopesanddreams.org.uk", true }, { "hopla.sg", true }, { "hoplongtech.com", true }, { "hoponmedia.de", true }, { "hopps.me", true }, { "hoppyx.com", true }, - { "hopzone.net", true }, { "hor.website", true }, { "horaceli.com", true }, { "horackova.info", true }, @@ -15960,8 +16163,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "horodance.dk", true }, { "horrell.ca", true }, { "horrendous-servers.com", true }, + { "horrormovies.gr", true }, { "horsehunter.co.uk", true }, { "horstmanshof.eu", true }, + { "horton-brasses.com", true }, { "hory.me", true }, { "horza.org", true }, { "hoshimaq.com.br", true }, @@ -15998,16 +16203,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hosyaku.gr.jp", true }, { "hotcandlestick.com", true }, { "hotchillibox.com", true }, + { "hotcoin.io", true }, + { "hotdoc.com.au", true }, { "hotel-kronjuwel.de", true }, { "hotel-le-vaisseau.ch", true }, { "hotel-pension-sonnalp.eu", true }, + { "hotel-rosner.at", true }, { "hotelamgarnmarkt.at", false }, + { "hotelarevalo.com", true }, { "hotelcoliber.pl", true }, { "hotelflow.com.br", true }, { "hotelident.de", true }, { "hotello.io", true }, { "hotelmap.com", true }, { "hotels-insolites.com", true }, + { "hotels3d.com", true }, { "hotels4teams.com", true }, { "hotelsinbuxton.com", true }, { "hotelsinformer.com", true }, @@ -16017,11 +16227,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hotesb.com", true }, { "hotesb.net", true }, { "hothbricks.com", true }, - { "hotjuice.com", true }, { "hotnewhiphop.com", true }, { "hoto.us", true }, { "hoton.in", true }, - { "hotornot.com", true }, { "hotplate.co.nz", true }, { "hotplug.gr", true }, { "hottaro.com", true }, @@ -16037,25 +16245,30 @@ static const nsSTSPreload kSTSPreloadList[] = { { "housekeeperlondon.co.uk", true }, { "houseofherbs.gr", true }, { "houseofhouston.com", true }, + { "houseofyee.com", true }, { "houser.lu", true }, { "housese.at", true }, { "housetalk.ru", true }, { "houstonapartmentinsiders.com", true }, { "houstonauthorizedrepair.com", true }, { "houstoncreditlaw.com", true }, + { "houstontxlocksmiths.com", true }, { "houtinee.com", true }, { "how2play.pl", true }, { "howa-n.net", true }, { "howardtyson.com", true }, { "howbehealthy.com", true }, { "howbigismybuilding.com", true }, + { "howellaccounts.co.uk", true }, { "howgoodwasmysex.com", true }, + { "howieisawesome.com", true }, { "howlongtobeatsteam.com", true }, { "howmanymilesfrom.com", true }, { "howsecureismypassword.net", true }, { "howsmyssl.com", true }, { "howsmytls.com", true }, { "howsyourhealth.org", true }, + { "howtocommunicate.com.au", true }, { "howtogeek.com", true }, { "howtogeekpro.com", true }, { "howtogosolar.org", true }, @@ -16067,14 +16280,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hp42.de", true }, { "hpac-portal.com", true }, { "hpbn.co", true }, - { "hpeditor.tk", true }, - { "hpepub.com", false }, { "hpisavageforum.com", true }, { "hpkp-faq.de", true }, { "hpnow.com.br", true }, { "hps.hu", true }, - { "hqq.tv", true }, - { "hquest.pro.br", true }, { "hqwebhosting.tk", false }, { "hr-tech.shop", true }, { "hr98.xyz", true }, @@ -16088,6 +16297,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hreflang.info", true }, { "hrjfeedstock.com", true }, { "hrjfeedstock.org", true }, + { "hrk.io", true }, { "hrobert.hu", true }, { "hroling.nl", true }, { "hroschyk.cz", true }, @@ -16099,13 +16309,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hs-arbeitsschutz.de", true }, { "hs-group.net", true }, { "hs-umformtechnik.de", true }, + { "hsappstatic.net", true }, { "hscorp.de", true }, + { "hsex.tv", true }, { "hsivonen.com", true }, { "hsivonen.fi", true }, { "hsivonen.iki.fi", true }, { "hsmr.cc", true }, { "hsn.com", true }, - { "hsr.gov", true }, + { "hsr.gov", false }, { "hsts.me", true }, { "hstsfail.appspot.com", true }, { "hstspreload.appspot.com", true }, @@ -16117,6 +16329,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "htaccessbook.com", true }, { "htaps.com", true }, { "hte.ovh", true }, + { "hti.digital", true }, { "html.moe", true }, { "html5.org", true }, { "html5media.info", true }, @@ -16130,7 +16343,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "http2.pro", true }, { "https.dk", true }, { "https.jetzt", true }, - { "https.ren", true }, { "https4all.org", true }, { "httpsecured.net", true }, { "httpsecurityreport.com", true }, @@ -16154,17 +16366,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hua-li88.net", true }, { "huagati.com", true }, { "huahinpropertylisting.com", true }, - { "huang-haitao.com", true }, { "huangjingjing.com", true }, { "huangliangbo.com", true }, { "huangting.me", true }, + { "huangzenghao.cn", false }, { "huashan.co.uk", true }, { "huaxueba.com", true }, { "hub.org.ua", true }, { "hub385.com", true }, + { "hubapi.com", true }, + { "huber-informatik.de", true }, { "hubok.net", true }, { "hubrecht.at", true }, { "hubrick.com", true }, + { "hubspot.com", true }, { "huchet.me", true }, { "hudebnibazarmixer.cz", true }, { "hudrydum.cz", true }, @@ -16173,13 +16388,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "huendeleskopfhuette.de", true }, { "huersch.com", true }, { "huffduffer.com", true }, + { "huffsinsurance.com", true }, { "hughtodd.ink", true }, { "hugi.is", true }, { "hugizrecords.com", true }, { "huglen.info", true }, + { "hugofs.com", true }, { "hugolynx.fr", true }, { "huguesblanchard.paris", true }, { "huguesditciles.com", true }, + { "huh.gdn", true }, { "huh.today", true }, { "hui-in.com", true }, { "hui-in.net", true }, @@ -16232,9 +16450,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "humblebeeshop.com.au", true }, { "humbledot.com", true }, { "humboldtmfg.com", true }, + { "humeur.de", true }, { "hummy.tv", true }, { "humorcaliente.com", true }, - { "humorce.com", true }, + { "humorce.com", false }, { "humpchies.com", true }, { "humpen.se", true }, { "humppakone.com", true }, @@ -16243,14 +16462,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hundesport-psvhalle.de", true }, { "hundeverwaltung.de", true }, { "hundter.com", true }, - { "hunqz.com", true }, { "hunstoncanoeclub.co.uk", true }, { "hunter.io", true }, { "hunterkehoe.com", true }, { "huntexpired.com", true }, { "huntingdonbouncers.co.uk", true }, { "huntingdonlifesciences.com", true }, + { "huntsmansecurity.com", true }, { "huoduan.com", true }, + { "huonit.com.au", true }, { "hup.hu", true }, { "hupp.se", true }, { "hurd.is", true }, @@ -16262,10 +16482,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "husakbau.at", true }, { "hushfile.it", true }, { "husic.net", false }, + { "huskyeye.de", true }, { "huskyinc.us", true }, { "hussam.eu.org", true }, - { "hustle.com", true }, - { "hustle.life", true }, { "hustlehope.com", true }, { "hustunique.com", true }, { "huto.ml", true }, @@ -16289,8 +16508,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hxp.io", true }, { "hxsf.me", true }, { "hxying.com", true }, - { "hybridiyhdistys.fi", true }, - { "hybridklubben.fi", true }, { "hybridworx.com", true }, { "hybridworx.de", true }, { "hybridworx.eu", true }, @@ -16300,21 +16517,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hycken.com", true }, { "hyckenberg.com", true }, { "hyderabadonlinegifts.com", true }, - { "hydrabit.nl", true }, { "hydrasolutions.de", true }, { "hydrazin.pw", true }, { "hydro17.com", true }, { "hydroagro.pl", true }, + { "hydrocloud.net", true }, { "hydrographicsocietybenelux.eu", true }, { "hydroturbine.info", true }, { "hydrozone.fr", true }, { "hyec.jp", true }, - { "hyeok.org", true }, { "hygo.com", true }, { "hyk.me", true }, { "hylemorphica.org", true }, { "hylians.com", true }, { "hynek.me", true }, + { "hyparia.fr", true }, { "hype.ru", true }, { "hypemgmt.com", true }, { "hyper-text.org", true }, @@ -16322,10 +16539,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hyperautomotive.com.au", true }, { "hyperbolic-mayonnaise-interceptor.ovh", true }, { "hyperion.io", true }, - { "hyperporn.net", true }, { "hyperreal.biz", true }, - { "hyperreal.info", true }, { "hypersomnia.com", true }, + { "hyperstack.org", true }, { "hyperthymia.com", true }, { "hyphen.co.za", true }, { "hyphenpda.co.za", true }, @@ -16335,7 +16551,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hypothes.is", true }, { "hypothyroidmom.com", true }, { "hyundai.no", true }, + { "hyvanilmankampaamo.fi", true }, { "hyvinvointineuvoja.fi", true }, + { "i-aloks.ru", true }, { "i-geld.de", true }, { "i-hakul.net", true }, { "i-logic.co.jp", false }, @@ -16351,7 +16569,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "i00.eu", true }, { "i1314.gdn", true }, { "i1place.com", true }, - { "i28s.com", true }, { "i2b.ro", true }, { "i5y.co.uk", true }, { "i5y.org", true }, @@ -16363,18 +16580,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "iactu.info", true }, { "iaeste.no", true }, { "iaeste.or.jp", true }, + { "iaf.gov", true }, { "iahemobile.net", true }, { "iainsimms.co.uk", true }, { "iainsimms.com", true }, { "iainsimms.me", true }, { "ialis.me", true }, + { "iam.lc", true }, { "iam.soy", true }, { "iambozboz.co.uk", true }, { "iamcarrico.com", true }, { "iamhansen.xyz", true }, { "iamjoshellis.com", true }, { "iamlbk.com", true }, - { "iamle.com", true }, { "iamtheib.me", true }, { "iamtonyarthur.com", true }, { "iamusingtheinter.net", true }, @@ -16384,6 +16602,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "iane-ccs.com", true }, { "ianix.com", true }, { "ianjmoriarty.com", true }, + { "ianklug.com", true }, { "iankmusic.com", true }, { "ianmooreis.me", true }, { "ianmoriarty.com.au", true }, @@ -16400,13 +16619,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "iberiaversicherungen.com", true }, { "ibericaderedes.es", true }, { "ibexcore.com", true }, + { "ibigawamizueco.com", true }, { "ibin.co", true }, { "ibiz.mk", true }, { "ibnw.de", true }, + { "ibodyiq.com", true }, { "ibpegasus.tk", true }, - { "ibpsrecruitment.co.in", true }, { "ibrainmedicine.org", true }, { "ibrom.eu", true }, + { "ibstyle.tk", true }, { "ibwc.gov", true }, { "ic-lighting.com.au", true }, { "ic3.gov", true }, @@ -16414,7 +16635,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "icake.life", true }, { "icanhasht.ml", true }, { "icarlos.net", true }, + { "icasture.top", true }, { "icbemp.gov", true }, + { "iccpublisher.com", true }, { "iceberg.academy", true }, { "icebook.co.uk", true }, { "icecars.net", true }, @@ -16434,10 +16657,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "icmshoptrend.com", true }, { "icnsoft.me", true }, { "icnsoft.org", true }, - { "ico500.com", true }, { "icodeconnect.com", true }, { "icoh.it", true }, - { "icondoom.nl", true }, { "iconomi.net", true }, { "icowhitepapers.co", true }, { "icq-project.net", true }, @@ -16471,6 +16692,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "idc-business.be", true }, { "idc.yn.cn", true }, { "idconsult.nl", true }, + { "idealimplant.com", true }, { "idealinflatablehire.co.uk", true }, { "idealninajemce.cz", false }, { "idealtruss.com", true }, @@ -16488,11 +16710,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "idered.net", true }, { "idesignstudio.de", true }, { "idexxpublicationportal.com", true }, + { "idfy.io", true }, { "idgard.de", false }, { "idgateway.co.uk", true }, { "idhosts.co.id", true }, - { "idid.tk", true }, - { "idiotentruppe.de", true }, + { "idisposable.co.uk", true }, { "idlethoughtsandramblings.com", true }, { "idmanagement.gov", true }, { "idmobile.co.uk", true }, @@ -16500,29 +16722,31 @@ static const nsSTSPreload kSTSPreloadList[] = { { "idoc24.com", true }, { "idolf.dk", true }, { "idolish7.fun", true }, + { "idolknow.com", true }, { "idolshop.dk", true }, { "idolshop.me", true }, { "idontplaydarts.com", true }, { "idranktoomuch.coffee", true }, + { "idratherbequilting.com", true }, { "idraulico-roma.it", true }, { "idraulico-roma.org", true }, { "idraulico.roma.it", true }, { "idrinktoomuch.coffee", true }, { "idrissi.eu", true }, { "idrycleaningi.com", true }, + { "idtheft.gov", true }, { "idubaj.cz", true }, { "idunno.org", true }, { "idvl.de", true }, { "ie.search.yahoo.com", false }, { "iea-annex61.org", true }, - { "iec.pe", true }, { "ieedes.com", true }, + { "ieeedeis.org", true }, { "ieeesb.nl", true }, { "ieeesbe.nl", true }, { "ieeespmb.org", true }, { "ieji.de", false }, { "iemas.azurewebsites.net", true }, - { "iemb.tk", true }, { "ienakanote.com", false }, { "ies-italia.it", true }, { "ietsdoenofferte.nl", true }, @@ -16531,7 +16755,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ifamily.top", false }, { "ifangpei.cn", true }, { "ifangpei.com.cn", true }, - { "ifconfig.co", true }, { "ifelse.io", true }, { "ifengge.cn", true }, { "ifengge.me", true }, @@ -16544,12 +16767,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ifort.fr", true }, { "ifosep.fr", true }, { "ifoss.me", true }, + { "ifreetion.cn", true }, { "ifsac.org", true }, { "ifsclist.com", true }, { "ifsr.de", true }, { "iftarsaati.org", true }, { "iftrue.de", true }, { "ifttl.com", false }, + { "ifxd.bid", true }, { "ifyou.live", true }, { "ig.com", true }, { "igaryhe.io", true }, @@ -16564,8 +16789,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "igk.nz", true }, { "igm-be.ch", true }, { "igmus.org", true }, - { "ignace72.eu", true }, { "ignacjanskiednimlodziezy.pl", true }, + { "ignat-mag.com", true }, { "ignat.by", true }, { "ignatovich.me", true }, { "ignet.gov", true }, @@ -16580,14 +16805,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "iha6.com", true }, { "ihacklabs.com", true }, { "ihatethissh.it", true }, - { "ihc.im", false }, + { "ihc.im", true }, { "ihkk.net", true }, + { "ihls.stream", true }, + { "ihls.world", true }, + { "ihls.xyz", true }, + { "ihoey.com", true }, { "ihollaback.org", true }, { "ihopeit.works", true }, { "ihostup.net", true }, { "ihrhost.com", true }, + { "ihtdenisjaccard.com", true }, { "ii74.com", true }, { "iiit.pl", true }, + { "iilin.com", false }, + { "iiong.com", false }, { "iirii.com", true }, { "iix.se", true }, { "ijm.io", true }, @@ -16597,8 +16829,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ijunohana.jp", true }, { "ikachalife.com", true }, { "ikarate.ru", true }, - { "ike.io", true }, + { "ikarr.com", true }, { "ikeacareers.co.uk", true }, + { "ikedaquotes.org", true }, { "ikespta.com", true }, { "ikeyless.com", true }, { "ikigaiweb.com", true }, @@ -16610,6 +16843,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ikkev.de", true }, { "ikkoku.de", true }, { "iklive.org", false }, + { "ikraenglish.com", true }, { "ikulist.me", true }, { "ikvts.de", true }, { "ikwilthepiratebay.org", true }, @@ -16628,6 +16862,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ilektronika-farmakeia-online.gr", true }, { "ilemonrain.com", false }, { "ilhan.name", true }, + { "ilhansubasi.com", true }, { "iliastsi.net", true }, { "iligang.cn", true }, { "iligang.com", true }, @@ -16654,7 +16889,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ilmuk.org", false }, { "ilove.fish", true }, { "ilrg.com", true }, - { "iltec-prom.ru", true }, { "iltec.ru", true }, { "iltisim.ch", true }, { "ilweb.es", true }, @@ -16667,8 +16901,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "imadalin.ro", true }, { "image-drive.de", true }, { "imagebin.ca", true }, - { "imagecurl.com", true }, - { "imagecurl.org", true }, { "imagefu.com", true }, { "imageination.co", true }, { "imagenesdedibujosalapizfacilesdehacer.com", true }, @@ -16683,6 +16915,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "imanageproducts.co.uk", true }, { "imanageproducts.uk", true }, { "imanesdeviaje.com", true }, + { "imaple.org", true }, { "imarkethost.co.uk", true }, { "imask.ml", true }, { "imawhale.com", true }, @@ -16702,9 +16935,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "imgaa.com", true }, { "imgbb.com", true }, { "imgg.es", true }, - { "imguoguo.com", true }, + { "imgup.co", true }, { "imguploaden.nl", true }, + { "imhua.com", true }, { "imi-rhapsody.eu", true }, + { "iminshell.com", true }, { "imirhil.fr", true }, { "imitza.com", true }, { "imjad.cn", true }, @@ -16712,6 +16947,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "imjustcreative.com", true }, { "imkerei-freilinger.de", false }, { "imkerverein-moenchswald.de", true }, + { "imlinan.com", true }, { "imlonghao.com", true }, { "immaterium.de", true }, { "immaternity.com", true }, @@ -16732,7 +16968,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "immortal.run", true }, { "imobile3.com", true }, { "imokuri123.com", true }, - { "imoner.com", true }, { "imouto.my", false }, { "imouyang.com", true }, { "impact.health.nz", true }, @@ -16758,12 +16993,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "imppac.de", true }, { "imprendo.co", true }, { "imprendo.pro", true }, - { "imprenta-es.com", false }, { "impresa-di-pulizie.org", true }, { "impresa-pulizie.it", true }, { "impresadipulizie.roma.it", true }, { "impresaedile.roma.it", true }, { "imprimante-3d-store.fr", true }, + { "improfestival.ee", true }, { "improklinikken.dk", true }, { "improved-madness.de", true }, { "impulsionsa.com", true }, @@ -16774,7 +17009,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "imrunner.ru", true }, { "ims-sargans.ch", true }, { "imscompany.com", true }, - { "imwnk.cn", false }, + { "imwalking.de", true }, + { "imwnk.cn", true }, { "imydl.com", true }, { "imydl.tech", true }, { "imyunya.com", true }, @@ -16809,6 +17045,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "incowrimo.org", true }, { "incparadise.net", true }, { "incubos.org", true }, + { "incy.io", true }, { "ind.ie", true }, { "indarceky.sk", false }, { "indecipherable.info", true }, @@ -16821,15 +17058,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "indian-elephant.com", true }, { "indianaantlersupply.com", true }, { "indianaberry.com", true }, + { "indianapolislocksmithinc.com", true }, + { "indiatrademarkwatch.com", true }, { "indiawise.co.uk", true }, { "indiayogastudio.net", true }, { "indicateurs-flash.fr", true }, { "indiegame.space", true }, { "indievelopment.nl", true }, + { "indigitalagency.com", true }, { "indigoinflatables.com", true }, { "indigosakura.com", true }, { "indiraactive.com", true }, - { "indiroyunu.com", true }, { "inditip.com", true }, { "indochina.io", true }, { "indogerman.de", true }, @@ -16837,14 +17076,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "indogermantrade.de", true }, { "indoorcomfortteam.com", true }, { "indoorplantsexpert.com", true }, - { "indostar303.com", true }, { "indovinabank.com.vn", true }, { "indusap.com", true }, { "indusfastremit-us.com", true }, { "indusfastremit.com", true }, { "indust.me", true }, { "industrialstarter.com", true }, - { "industriasrenova.com", true }, { "indybay.org", true }, { "ineardisplay.com", true }, { "inebula.it", true }, @@ -16853,10 +17090,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "inesfinc.es", true }, { "inesta.nl", true }, { "inet.se", true }, + { "inetpub.cn", true }, { "inetserver.eu", true }, { "inetsoftware.de", true }, { "inevitavelbrasil.com.br", true }, { "inf-fusion.ca", true }, + { "inference.biz.tr", true }, { "infermiere.roma.it", true }, { "inficom.org", true }, { "infinite.hosting", true }, @@ -16865,25 +17104,26 @@ static const nsSTSPreload kSTSPreloadList[] = { { "infinitiofaugustaparts.com", true }, { "infinitioflynnwoodparts.com", true }, { "infinity.to", true }, - { "infinitybas.com", true }, + { "infinitybc.se", true }, { "infinityengine.org", true }, - { "infinityepos.co.uk", true }, { "infirmiere-canadienne.com", true }, { "infirmieredevie.ch", true }, { "inflatablehire-scotland.co.uk", true }, { "inflatablesny.com", true }, { "inflatadays.co.uk", true }, { "inflatamania.com", true }, + { "inflationstation.net", true }, { "inflexsys.com", true }, { "influencerchampions.com", true }, + { "influo.com", true }, { "infmed.com", true }, { "info-beamer.com", true }, { "info-d-74.com", true }, { "info-screen.me", true }, { "info-screw.com", true }, - { "infoamin.com", true }, { "infobae.com", true }, { "infocity-tech.fr", true }, + { "infocoin.es", true }, { "infocommsociety.com", true }, { "infocon.org", true }, { "infocusvr.net", true }, @@ -16897,6 +17137,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "informatiebeveiliging.nl", true }, { "informatik-handwerk.de", true }, { "informationrx.org", true }, + { "informhealth.com", true }, { "informnapalm.org", true }, { "infosec-handbook.eu", true }, { "infosec.exchange", true }, @@ -16909,8 +17150,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "infotune.nl", true }, { "infovision-france.com", true }, { "infoweb.ee", true }, + { "infr.red", true }, { "infra.land", true }, { "infra.press", true }, + { "infradio.am", true }, { "infrafire.com", true }, { "infraflip.com", true }, { "infraflux.com", true }, @@ -16920,13 +17163,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "infranium.net", true }, { "infranium.org", true }, { "infranotes.com", true }, + { "infrapass.com", true }, { "infrapirtis.lt", true }, - { "infrarank.com", true }, { "infrarank.net", true }, + { "infrathink.com", true }, { "ing-buero-junk.de", true }, { "ing89.cc", true }, { "ing89.com", true }, - { "ingalls.run", true }, { "ingatlanjogaszok.hu", true }, { "ingatlanneked.hu", true }, { "ingber.com", true }, @@ -16953,7 +17196,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "inixal.com", true }, { "ink.horse", true }, { "inkable.com.au", true }, - { "inkbunny.net", false }, + { "inkeliz.com", true }, { "inkhor.se", true }, { "inkontriamoci.com", true }, { "inksay.com", true }, @@ -16970,9 +17213,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "inmoodforsex.com", true }, { "inmusrv.de", true }, { "innerfence.com", true }, - { "innerform.com", true }, + { "innerlightcrystals.co.uk", true }, { "innermostparts.org", true }, { "innersafe.com", true }, + { "innocenceseekers.net", true }, { "innohb.com", true }, { "innolabfribourg.ch", true }, { "innoloop.com", true }, @@ -16984,12 +17228,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "innovate-indonesia.com", true }, { "innovation-workshop.ro", true }, { "innovation.gov", false }, - { "innoventure.de", true }, - { "innovum.cz", true }, { "innsalzachsingles.de", true }, { "innwan.com", true }, { "inoa8.com", true }, - { "inorder.website", true }, + { "inobun.jp", true }, { "inovat.ma", true }, { "inovatec.com", true }, { "inovatecsystems.com", true }, @@ -17007,12 +17249,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "insho.fashion", true }, { "inside19.com", true }, { "insideaudit.com", true }, - { "insidethefirewall.tk", true }, { "insightera.co.th", true }, { "insighti.com", true }, { "insighti.eu", true }, { "insighti.org", true }, { "insighti.sk", true }, + { "insignificant.space", true }, { "insinuator.net", true }, { "insistel.com", true }, { "insolent.ch", true }, @@ -17029,12 +17271,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "installatietechniekgresnigt.nl", true }, { "installgentoo.net", true }, { "instamojo.com", true }, - { "instant-hack.io", true }, { "instant-thinking.de", true }, { "instant.io", true }, { "instantkhabar.com", true }, - { "instantsubs.de", true }, - { "instaquiz.ru", true }, { "instava.cz", true }, { "instawi.com", true }, { "instela.com", true }, @@ -17043,13 +17282,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "instinctive.io", true }, { "instinctiveads.com", true }, { "institut-confucius-montpellier.org", true }, - { "institutmaupertuis.hopto.org", true }, { "institutolancaster.com", false }, { "instrumart.ru", false }, { "insult.es", true }, { "insurance321.com", true }, { "insureon.com", true }, - { "insurethebox.tk", true }, { "insurgentsmustdie.com", true }, { "int-ma.in", true }, { "intae.it", true }, @@ -17061,6 +17298,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "integraelchen.de", true }, { "integralblue.com", true }, { "integralkk.com", true }, + { "integratedintegrations.xyz", true }, { "integratedmedicalonline.com", true }, { "integraxor.com.tw", true }, { "integrity.gov", true }, @@ -17095,26 +17333,23 @@ static const nsSTSPreload kSTSPreloadList[] = { { "interfesse.net", true }, { "interfloraservices.co.uk", true }, { "interflores.com.br", true }, - { "interfug.de", true }, { "intergozd.si", true }, { "interiery-waters.cz", true }, { "interimages.fr", true }, - { "interiorcheapo.com", true }, { "interiordesignsconcept.com", true }, { "interiortradingco.com.au", true }, { "interisaudit.com", true }, { "interlingvo.biz", true }, { "intermax.nl", true }, { "intermedinet.nl", true }, - { "internacao.com", true }, { "internalkmc.com", true }, { "internaluse.net", true }, { "international-arbitration-attorney.com", true }, { "international-nash-day.com", true }, { "internationalfashionjobs.com", true }, { "internationaltalento.it", true }, - { "internaut.co.za", true }, { "internect.co.za", true }, + { "internet-aukcion.info", true }, { "internet-software.eu", true }, { "internetaanbieders.eu", true }, { "internetbank.swedbank.se", true }, @@ -17131,11 +17366,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "internetofinsecurethings.com", true }, { "internetovehazardnihry.cz", true }, { "internetpro.me", true }, + { "internetstaff.com", true }, { "internetzentrale.net", true }, { "interracial.dating", true }, { "interseller.io", true }, { "interserved.com", false }, - { "interstellarhyperdrive.com", true }, { "intertime.services", true }, { "interview-suite.com", true }, { "interways.de", true }, @@ -17147,6 +17382,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "intl-webs.com", true }, { "intmissioncenter.org", true }, { "into.technology", true }, + { "intocities.de", false }, { "inton.biz", true }, { "intoparking.com", false }, { "intpforum.com", true }, @@ -17157,7 +17393,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "intraobes.com", true }, { "intrasoft.com.au", true }, { "intraxia.com", true }, + { "intune.life", true }, { "intvonline.com", true }, + { "intxt.net", true }, { "inup.jp", true }, { "inusasha.de", true }, { "inuyasha-petition.tk", true }, @@ -17178,16 +17416,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "investigatore.it", true }, { "investigazionimoretti.it", true }, { "investir.ch", true }, + { "investor-academy.jp", true }, { "investor.gov", true }, { "investoren-beteiligung.de", true }, { "investorforms.com", true }, { "investorloanshub.com", true }, { "investosure.com", true }, { "investpay.ru", true }, - { "invidio.us", true }, { "invioinc.com", true }, { "inviosolutions.com", true }, - { "invis.net", true }, { "invisible-college.com", true }, { "invisibles.ch", true }, { "invisionita.com", true }, @@ -17203,6 +17440,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "inwestcorp.se", true }, { "inzdr.com", true }, { "inzelabs.com", true }, + { "inzestfreunde.de", true }, + { "ioactive.com", true }, { "iobint.com", true }, { "iocheck.com", false }, { "iochen.com", true }, @@ -17216,6 +17455,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "iompost.com", true }, { "iomstamps.com", true }, { "ionlabs.kr", true }, + { "ionote.me", true }, { "ionovia.de", true }, { "ionx.co.uk", true }, { "ioover.net", true }, @@ -17223,8 +17463,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "iosjailbreakiphone.com", true }, { "ioslo.net", true }, { "iosnoops.com", true }, + { "iossifovlab.com", true }, { "iostream.by", true }, - { "iotfen.com", true }, { "iowaschoolofbeauty.com", true }, { "ip-blacklist.net", true }, { "ip-hahn.de", true }, @@ -17232,7 +17472,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ip.sb", true }, { "ip2country.info", true }, { "ip3office.com", true }, - { "ip6.li", true }, + { "ip6.li", false }, { "ipad.li", true }, { "ipadkaitori.jp", true }, { "ipadportfolioapp.com", true }, @@ -17253,7 +17493,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "iphonote.com", true }, { "ipintel.io", true }, { "iplabs.de", true }, - { "iplantom.com", true }, { "iplayradio.net", false }, { "ipleak.net", true }, { "ipledgeonline.org", false }, @@ -17264,9 +17503,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ipresent.com", true }, { "iprim.ru", true }, { "iproducemusic.com", true }, - { "iprody.com", true }, { "ipsec.pl", true }, { "ipssl.li", true }, + { "ipstoragesolutions.com", true }, { "ipstream.it", true }, { "ipswitch.com.tw", true }, { "iptvzoom.xyz", true }, @@ -17278,6 +17517,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ipv6-handbuch.de", true }, { "ipv6.gr", true }, { "ipv6.jetzt", true }, + { "ipv6demo.de", true }, { "ipv6vpn.net", true }, { "ipv6wallofshame.com", true }, { "ipv8.net", true }, @@ -17286,13 +17526,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ir1s.com", true }, { "iramellor.com", true }, { "iran-geo.com", true }, + { "irandp.net", true }, { "iranian.lgbt", true }, { "iranianholiday.com", true }, { "iranjeunesse.com", true }, { "irasandi.com", true }, { "irayo.net", true }, { "irc-results.com", true }, + { "ircmett.de", true }, { "iready.ro", true }, + { "ireef.tv", true }, { "iren.ch", true }, { "irenekauer.com", true }, { "irf2.pl", true }, @@ -17315,8 +17558,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ironcarnival.com", true }, { "irondaleirregulars.com", true }, { "ironfistdesign.com", true }, - { "ironhide.de", true }, { "ironpeak.be", true }, + { "irrewilse.se", true }, { "irritant.net", true }, { "iruarts.ch", true }, { "iruca.co", true }, @@ -17347,13 +17590,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "isecrets.se", true }, { "iservicio.mx", true }, { "isfff.com", true }, + { "isfriday.com", true }, { "isgp-studies.com", true }, { "ishamf.com", true }, { "ishangirdhar.com", true }, { "ishet.al", true }, { "ishiharaken.com", true }, { "ishtarfreya.com", true }, - { "isidom.fr", true }, { "isil.fi", true }, { "isimonbrown.co.uk", true }, { "isincheck.com", true }, @@ -17362,6 +17605,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "isitchristmas.com", true }, { "isitcoffeetime.com", true }, { "isitdoneyet.gov", true }, + { "isitpatchtuesday.com", true }, { "isitup.org", true }, { "iskaron.de", true }, { "iskaz.rs", true }, @@ -17374,12 +17618,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "islazia.fr", true }, { "isletech.net", true }, { "isliada.org", true }, - { "islief.com", true }, + { "islykaithecutest.cf", true }, + { "islykaithecutest.ml", true }, + { "ismailkarsli.com", true }, { "ismat.com", true }, { "ismena.bg", true }, { "ismetroonfiretoday.com", true }, { "ismywebsitepenalized.com", true }, { "isn.cz", true }, + { "isognattori.com", true }, { "isolta.com", true }, { "isolta.de", true }, { "isolta.ee", true }, @@ -17407,12 +17654,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "issasfrissa.se", true }, { "issforum.org", true }, { "issio.net", true }, + { "issue.watch", true }, { "issues.email", true }, { "issuesofconcern.in", true }, { "ist-intim.de", true }, { "istdieweltschonuntergegangen.de", true }, { "isteinbaby.de", true }, - { "istheapplestoredown.com", true }, { "istheapplestoredown.de", true }, { "isthedoorlocked.com", true }, { "istheinternetdown.com", true }, @@ -17439,10 +17686,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "it-faul.de", true }, { "it-fernau.com", true }, { "it-jobbank.dk", true }, - { "it-kron.de", true }, { "it-maker.eu", true }, { "it-rotter.de", true }, { "it-schamans.de", true }, + { "it-seems-to.work", true }, { "it-service24.at", true }, { "it-service24.ch", true }, { "it-service24.com", true }, @@ -17460,6 +17707,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "italia-store.com", true }, { "italiachegioca.com", true }, { "italian.dating", true }, + { "italianjourneys.com.au", true }, { "italianshoemanufacturers.com", true }, { "italieflydrive.nl", true }, { "italserrande.it", true }, @@ -17469,7 +17717,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "itblog.pp.ua", true }, { "itbrief.co.nz", true }, { "itbrief.com.au", true }, - { "itchy.nl", true }, { "itchybrainscentral.com", true }, { "itcko.sk", true }, { "itdashboard.gov", true }, @@ -17488,7 +17735,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "itesign.de", true }, { "itfh.eu", true }, { "itfix.cz", true }, - { "itforcc.com", true }, { "itforge.nl", true }, { "itgirls.rs", true }, { "ithakama.com", true }, @@ -17511,11 +17757,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "itogoyomi.com", true }, { "itooky.com", true }, { "itpro.ua", true }, - { "itproject.guru", false }, { "itrack.in.th", true }, { "itraveille.fr", true }, { "itring.pl", false }, { "itruss.com.tw", true }, + { "itruth.tk", true }, { "its-future.com", true }, { "its-gutachten.de", true }, { "its4living.com", true }, @@ -17523,14 +17769,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "itsanicedoor.co.uk", true }, { "itsasaja.com", true }, { "itsaw.de", true }, - { "itsblue.de", true }, { "itsdcdn.com", true }, { "itsecblog.de", true }, { "itsecguy.com", true }, { "itsense.fr", true }, { "itsevident.com", true }, { "itsgoingdown.org", true }, - { "itshka.rv.ua", true }, { "itskayla.com", true }, { "itsmyparty.ie", true }, { "itsnotquitethehilton.com", true }, @@ -17544,7 +17788,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "itswincer.com", true }, { "ittop-gabon.com", true }, { "itzap.com.au", true }, + { "iusedtosmoke.com", true }, + { "iuyos.com", true }, { "ivanbenito.com", true }, + { "ivanboi.com", true }, { "ivancacic.com", false }, { "ivanmeade.com", true }, { "ivaoru.org", true }, @@ -17557,6 +17804,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ivi.mx", true }, { "ivi.net.br", true }, { "ivi.pt", true }, + { "ivig.com.br", true }, { "ivinet.cl", true }, { "ivitalia.it", true }, { "ivo.co.za", true }, @@ -17589,6 +17837,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ixquick.info", true }, { "ixquick.nl", true }, { "iyassu.com", true }, + { "iyouewo.com", true }, { "iyuanbao.net", true }, { "iz8mbw.net", true }, { "izaakbeekman.com", true }, @@ -17614,6 +17863,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "j8y.de", true }, { "ja-dyck.de", true }, { "ja-gps.com.au", true }, + { "ja-publications.agency", true }, { "ja.md", true }, { "jaakkohannikainen.fi", true }, { "jaalits.com", true }, @@ -17621,6 +17871,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jaba.hosting", true }, { "jababu.cz", true }, { "jabbari.io", true }, + { "jabbas.eu", true }, { "jabber.at", true }, { "jabberfr.org", true }, { "jabbers.one", true }, @@ -17631,6 +17882,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jabjab.de", true }, { "jaccblog.com", true }, { "jacekowski.org", true }, + { "jacik.cz", true }, { "jackdawphoto.co.uk", true }, { "jackdelik.de", true }, { "jackf.me", true }, @@ -17640,6 +17892,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jackson-quon.com", true }, { "jackson.jp", true }, { "jacksonvillestation.com", true }, + { "jacksutton.info", true }, { "jackyliao123.tk", true }, { "jaco.by", true }, { "jacobamunch.com", true }, @@ -17647,10 +17900,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jacobhaug.com", false }, { "jacobi-server.de", true }, { "jacobian.org", true }, + { "jacobjangles.com", true }, { "jacobphono.com", true }, { "jacuzziprozone.com", true }, + { "jadara.info", true }, { "jadchaar.me", true }, - { "jadopado.com", true }, { "jaegerlacke.de", true }, { "jagbouncycastles.co.uk", true }, { "jagerman.com", true }, @@ -17665,7 +17919,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jaion.tech", true }, { "jaispirit.com", false }, { "jaitnetworking.com", false }, - { "jak-na-les.cz", true }, { "jakarta.dating", true }, { "jakdelatseo.cz", true }, { "jake.eu.org", true }, @@ -17673,11 +17926,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jake.nom.za", true }, { "jakebeardsley.com", true }, { "jakecurtis.de", true }, - { "jakenbake.com", true }, { "jakereynolds.co", true }, { "jakerullman.com", true }, { "jakeslab.tech", true }, { "jaketremper.com", true }, + { "jakewestrip.com", true }, { "jakob-server.tk", true }, { "jakobejitblokaci.cz", true }, { "jakobkrigovsky.com", true }, @@ -17687,7 +17940,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jakub-boucek.cz", true }, { "jakubarbet.eu", true }, { "jakubboucek.cz", true }, - { "jakubtopic.cz", true }, + { "jakubklimek.com", true }, { "jakubvrba.cz", true }, { "jala.co.jp", true }, { "jaleo.cn", true }, @@ -17695,7 +17948,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jamaat.hk", true }, { "jamacha.org", true }, { "jamalfi.bio", true }, - { "jamaware.org", true }, { "jamberry.com.mx", true }, { "jamberrynails.co.uk", true }, { "james-bell.co.uk", true }, @@ -17704,7 +17956,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jamesachambers.com", true }, { "jamesaimonetti.com", true }, { "jamesbillingham.com", true }, - { "jamesbradach.com", false }, { "jameschorlton.co.uk", true }, { "jamesdorf.com", true }, { "jamesgreenfield.com", true }, @@ -17712,13 +17963,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jameshost.net", true }, { "jameshunt.us", false }, { "jamesj.me", false }, - { "jamesl.ml", true }, { "jamesmarsh.net", true }, { "jamesmilazzo.com", true }, { "jamesmorrison.me", true }, - { "jamesrains.com", true }, + { "jamesmurphy.com.au", true }, { "jamesrobertson.io", true }, { "jamesrobertson.net", true }, + { "jamesross.name", true }, { "jamesrussellward.co.uk", true }, { "jamessmith.me.uk", true }, { "jamhost.org", true }, @@ -17742,6 +17993,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jan-rieger.de", true }, { "jan-roenspies.de", true }, { "jan-von.de", true }, + { "janada.cz", true }, { "janaundgeorgsagenja.eu", true }, { "janbrodda.de", true }, { "jandev.de", true }, @@ -17761,12 +18013,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "janokacer.sk", true }, { "janschaumann.de", true }, { "janssenwigman.nl", true }, - { "janvari.com", true }, - { "janvaribalint.com", true }, + { "janterpstra.eu", true }, + { "jantinaboelens.nl", true }, { "jaot.info", true }, { "japaniac.de", false }, - { "japanphilosophy.com", true }, - { "japansm.com", true }, { "japanwatches.xyz", true }, { "jape.today", true }, { "jardin-exotique-rennes.fr", true }, @@ -17775,16 +18025,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jaredeberle.org", false }, { "jaredfernandez.com", true }, { "jaredfraser.com", true }, + { "jarivisual.com", true }, { "jarl.ninja", true }, { "jarniashop.se", true }, { "jaroku.com", true }, { "jarondl.net", true }, + { "jaroslavc.eu", true }, { "jarrettgraham.com", true }, { "jarroba.com", true }, { "jas-team.net", true }, { "jasl.works", true }, { "jasmijnwagenaar.nl", true }, { "jasminefields.net", true }, + { "jason.re", true }, { "jasonamorrow.com", true }, { "jasongerber.ch", true }, { "jasonian-photo.com", true }, @@ -17798,10 +18051,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jaszbereny-vechta.eu", true }, { "javalestari.com", true }, { "javamilk.com", true }, - { "javfree.me", true }, { "javierburgos.net", true }, { "jaycouture.com", true }, - { "jayf.de", true }, { "jayfreestone.com", true }, { "jaymecd.rocks", true }, { "jayrl.com", true }, @@ -17825,11 +18076,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jcadg.com", true }, { "jcai.dk", true }, { "jcaicedo.com", true }, - { "jcaicedo.tk", true }, + { "jcbgolfandcountryclub.com", true }, { "jci.cc", true }, { "jcra.net", true }, { "jctf.team", true }, { "jcwodan.nl", true }, + { "jcyz.cf", true }, { "jd-group.co.uk", true }, { "jd1.de", true }, { "jdassets.com", true }, @@ -17839,6 +18091,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jdegbau.com", true }, { "jdheysupplies.co.uk", true }, { "jdjohnsonmedia.com", true }, + { "jdjohnsonwaterproofing.com", true }, { "jdm.elk.pl", true }, { "jdncr.com", true }, { "jdoi.pw", true }, @@ -17869,6 +18122,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jeepeg.com", true }, { "jeepmafia.com", true }, { "jeff.forsale", true }, + { "jeffanderson.me", true }, { "jeffcasavant.com", false }, { "jeffcloninger.net", true }, { "jeffersonregan.co.uk", true }, @@ -17882,6 +18136,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jefftickle.com", true }, { "jeffwebb.com", true }, { "jefrydco.id", true }, + { "jej.cz", true }, + { "jej.sk", true }, { "jekhar.com", true }, { "jelena-adeli.com", true }, { "jelewa.de", true }, @@ -17898,6 +18154,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jellybeanbooks.com.au", true }, { "jelmer.co.uk", true }, { "jelmer.uk", true }, + { "jelmoli-shop.ch", true }, { "jem.gov", true }, { "jemangeducheval.com", true }, { "jembatankarir.com", true }, @@ -17907,7 +18164,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jenniferengerwingaantrouwen.nl", true }, { "jennifermason.eu", true }, { "jennifersauer.nl", true }, - { "jennybeaned.com", true }, { "jennythebaker.com", true }, { "jenolson.net", true }, { "jenprace.cz", true }, @@ -17918,7 +18174,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jeremy-chen.org", true }, { "jeremy.hu", true }, { "jeremybentham.com", true }, - { "jeremyc.ca", true }, { "jeremycantu.com", true }, { "jeremycrews.com", true }, { "jeremynally.com", true }, @@ -17928,8 +18183,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jericamacmillan.com", true }, { "jeroendeneef.com", true }, { "jeroenensanne.wedding", true }, + { "jeroensangers.com", true }, { "jeroenvanderwal.nl", true }, { "jerret.de", true }, + { "jerryweb.org", true }, { "jerryyu.ca", true }, { "jerseybikehire.co.uk", true }, { "jerseyjumpingbeans.co.uk", true }, @@ -17940,7 +18197,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jesseerbach.com", true }, { "jessekaufman.com", true }, { "jessesjumpingcastles.co.uk", true }, - { "jessevictors.com", true }, { "jessgranger.com", true }, { "jessicabenedictus.nl", false }, { "jessicahrehor.com", true }, @@ -17957,11 +18213,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jetsieswerda.nl", true }, { "jettlarue.com", true }, { "jetwhiz.com", true }, - { "jeugdkans.nl", true }, { "jeuxetcodes.fr", true }, { "jeweet.net", true }, { "jewishboyscouts.com", true }, { "jexler.net", true }, + { "jf-fotos.de", true }, { "jfbst.net", true }, { "jfmhero.me", true }, { "jfr.im", true }, @@ -17976,16 +18232,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jhe.li", true }, { "jhf.io", true }, { "jhill.de", true }, - { "jhollandtranslations.com", true }, { "jhuang.me", true }, { "jhw-profiles.de", true }, { "jhwestover.com", true }, { "jiacl.com", true }, { "jiahao.codes", true }, + { "jiangzm.com", false }, + { "jianji.de", true }, { "jianshu.com", true }, { "jianyuan.pro", true }, { "jiazhao.ga", true }, + { "jicaivvip.com", true }, { "jichi.io", true }, + { "jichi000.win", true }, { "jimbiproducts.com", true }, { "jimbraaten.com", true }, { "jimbutlerkiaparts.com", true }, @@ -17999,6 +18258,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jimmyroura.ch", true }, { "jimshaver.net", true }, { "jimslop.nl", true }, + { "jinancy.fr", true }, { "jinanshen.com", true }, { "jinbo123.com", false }, { "jinbowiki.org", true }, @@ -18008,21 +18268,25 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jingjo.com.au", true }, { "jinja.ai", true }, { "jinkuru.net", true }, - { "jinliming.ml", true }, { "jino-jossy.appspot.com", true }, { "jinshuju.net", true }, { "jintaiyang123.org", true }, { "jiogo.com", true }, { "jirav.com", true }, + { "jiripudil.cz", true }, { "jirosworld.com", true }, { "jisai.net.cn", true }, { "jisha.site", true }, { "jiveiaktivno.bg", true }, + { "jixun.moe", true }, { "jiyusu.com", true }, { "jjj.blog", true }, + { "jjjconnection.com", true }, { "jjlvk.nl", true }, + { "jjmarketing.co.uk", true }, { "jjspartyhire.co.uk", true }, { "jjspartytime.co.uk", true }, + { "jjsummerboatparty.co.uk", true }, { "jjvanoorschot.nl", true }, { "jk-entertainment.biz", true }, { "jkchocolate.com", true }, @@ -18031,12 +18295,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jkirsche.com", true }, { "jkrippen.com", true }, { "jkuvw.xyz", true }, + { "jkyuan.tk", true }, { "jl-dns.eu", true }, { "jl-dns.nl", true }, { "jl-exchange.nl", true }, { "jl-mail.nl", true }, { "jldp.org", true }, + { "jlink.nl", true }, { "jlkhosting.com", true }, + { "jloh.codes", true }, { "jlot.org", true }, { "jlponsetto.com", true }, { "jlr-luxembourg.com", true }, @@ -18048,6 +18315,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jmbelloteau.com", true }, { "jmcashngold.com.au", true }, { "jmcataffo.com", true }, + { "jmce.eu", true }, { "jmcleaning.services", true }, { "jmedved.com", true }, { "jmentertainment.co.uk", true }, @@ -18060,15 +18328,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jmsolodesigns.com", true }, { "jmssg.jp", true }, { "jmvdigital.com", true }, - { "jncde.de", true }, - { "jncie.de", true }, { "jncie.eu", true }, - { "jncip.de", true }, { "jnjdj.com", true }, { "jnm-art.com", true }, { "joa-ebert.com", true }, { "joaoaugusto.net", true }, { "joaosampaio.com.br", true }, + { "job-offer.de", true }, + { "job.biz.tr", true }, { "jobbkk.com", true }, { "jobbsafari.no", true }, { "jobbsafari.se", true }, @@ -18086,7 +18353,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jobs4sales.ch", true }, { "jobseekeritalia.it", true }, { "jobsisbrown.com", true }, - { "jobss.co.uk", true }, { "jobsuchmaschine.ch", true }, { "jobwinner.ch", true }, { "jobzninja.com", true }, @@ -18102,6 +18368,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "joedinardo.com", true }, { "joedoyle.us", true }, { "joefixit.co", true }, + { "joefixit.co.uk", true }, { "joehenry.co.uk", true }, { "joejohnson.name", true }, { "joel.coffee", true }, @@ -18117,6 +18384,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "joelnichols.uk", true }, { "joemotherfuckingjohnson.com", true }, { "joepitt.co.uk", false }, + { "joerosca.com", true }, { "joerss.at", true }, { "joeskup.com", true }, { "joespaintingpgh.com", true }, @@ -18138,19 +18406,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "johannes.io", true }, { "johannes.wtf", true }, { "johannesburg-escorts.co.za", true }, + { "johannesen.tv", true }, { "johanneskonrad.de", true }, { "johannespichler.com", false }, - { "johansf.tech", true }, { "johego.org", true }, { "johnbeil.com", true }, { "johnblackbourn.com", true }, { "johnbpodcast.com", true }, + { "johncook.ltd.uk", true }, { "johndball.com", true }, { "johnfulgenzi.com", true }, { "johngallias.com", true }, - { "johngo.tk", true }, + { "johngo.tk", false }, { "johnguant.com", true }, { "johnkastler.net", true }, + { "johnmcc.net", true }, { "johnmcintosh.pro", true }, { "johnmh.me", true }, { "johnmichel.org", true }, @@ -18162,7 +18432,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "johnroberts.me", true }, { "johnrockefeller.net", true }, { "johnsegovia.com", true }, - { "johnsiu.com", true }, + { "johnsonho.net", true }, { "johnvanhese.nl", true }, { "johnyytb.be", true }, { "joi-dhl.ch", true }, @@ -18173,12 +18443,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jokewignand.nl", true }, { "joliettech.com", true }, { "jollausers.de", true }, + { "jolle.io", true }, { "jollygoodspudz.ca", true }, { "jollykidswobbleworld.co.uk", true }, { "jolokia.ch", true }, { "jomo.tv", true }, { "jomofojo.co", true }, { "jomofojo.com", true }, + { "jonahperez.com", true }, { "jonandnoraswedding.com", true }, { "jonarcher.info", true }, { "jonas-thelemann.de", true }, @@ -18223,17 +18495,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "joostvanderlaan.nl", true }, { "jopsens.de", true }, { "joran.org", true }, + { "jorcus.com", true }, { "jordan-jungk.de", true }, { "jordanhamilton.me", true }, - { "jordankirby.co.uk", true }, { "jordankmportal.com", true }, { "jordans.co.uk", true }, - { "jordanscorporatelaw.com", true }, { "jordanstrustcompany.com", true }, { "jordhy.com", true }, { "jorisdalderup.nl", true }, { "jornalalerta.com.br", true }, - { "josc.com.au", true }, { "joscares.com", true }, { "jose-alexand.re", true }, { "jose-lesson.com", true }, @@ -18242,6 +18512,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "josef-lotz.de", true }, { "josefjanosec.com", true }, { "josegerber.ch", true }, + { "joseitoda.org", true }, { "josemikkola.fi", true }, { "josepbel.com", true }, { "josephbleroy.com", true }, @@ -18256,9 +18527,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "joshlovephotography.co.uk", true }, { "joshpanter.com", true }, { "joshrickert.com", true }, + { "joshruppe.com", true }, { "joshschmelzle.com", true }, { "joshtriplett.org", true }, { "joshua-kuepper.de", true }, + { "joshua.bio", true }, { "joshuadmiller.info", true }, { "joshuajohnson.ca", true }, { "joshuarogers.net", true }, @@ -18268,18 +18541,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "journeytomastery.net", true }, { "jovani.com", false }, { "jovic.hamburg", true }, - { "joworld.net", true }, { "joyceseamone.com", true }, { "joyful.house", true }, { "joyfulexpressions.gallery", true }, { "joyofcookingandbaking.com", true }, { "jpdeharenne.be", true }, { "jpeg.io", true }, - { "jpgangbang.com", true }, { "jphandjob.com", true }, { "jplesbian.com", true }, { "jpmelos.com", true }, { "jpmelos.com.br", true }, + { "jpod.cc", true }, { "jps-selection.co.uk", true }, { "jps-selection.com", true }, { "jps-selection.eu", true }, @@ -18297,9 +18569,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jross.me", true }, { "jrtapsell.co.uk", true }, { "jrxpress.com", true }, - { "jschoi.org", true }, + { "js93029.com", true }, { "jschumacher.info", true }, { "jsd-cog.org", true }, + { "jsdelivr.com", true }, { "jselby.net", true }, { "jsent.co.uk", true }, { "jsevilleja.org", true }, @@ -18319,9 +18592,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jtp.id", true }, { "jts3servermod.com", true }, { "jtslay.com", true }, + { "ju.io", true }, { "juan23.edu.uy", true }, { "juanfrancisco.tech", true }, - { "juanhub.com", true }, { "juanmaguitar.com", true }, { "juanxt.ddns.net", true }, { "jubileum.online", true }, @@ -18330,10 +18603,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "juchit.at", true }, { "jucktehkeinen.de", true }, { "judc-ge.ch", true }, - { "judge2020.com", true }, { "judge2020.me", true }, { "judoprodeti.cz", true }, - { "judosaintdenis.fr", false }, + { "judosaintdenis.fr", true }, { "juef.space", true }, { "juegosycodigos.es", true }, { "juegosycodigos.mx", true }, @@ -18352,7 +18624,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "juk.life", true }, { "juku-wing.jp", true }, { "jule-spil.dk", true }, - { "julenlanda.com", true }, { "julian-uphoff.de", true }, { "julian-weigle.de", true }, { "juliangonggrijp.com", true }, @@ -18405,7 +18676,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "junethack.net", true }, { "jungaa.fr", true }, { "jungesforumkonstanz.de", true }, - { "jungleculture.co.za", true }, { "jungleducks.ca", true }, { "junglejackscastles.co.uk", true }, { "junglememories.co.uk", true }, @@ -18425,9 +18695,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "juridoc.com.br", true }, { "jurijbuga.de", true }, { "jurisprudent.by", true }, + { "juristas.com.br", true }, { "jurriaan.ninja", true }, { "just-a-clanpage.de", true }, + { "just-english.online", true }, { "just-vet-and-drive.fr", true }, + { "justanothercompany.name", true }, { "justbelieverecovery.com", true }, { "justbelieverecoverypa.com", true }, { "justbookexcursions.com", true }, @@ -18440,24 +18713,25 @@ static const nsSTSPreload kSTSPreloadList[] = { { "justgalak.org", true }, { "justice.gov", true }, { "justice4assange.com", true }, + { "justin-tech.com", true }, { "justinellingwood.com", true }, { "justinharrison.ca", true }, { "justinho.com", true }, { "justinstandring.com", true }, { "justpaste.it", true }, - { "justsome.info", true }, { "justthinktwice.gov", true }, { "justupdate.me", true }, { "justyy.com", true }, { "juszkiewicz.com.pl", true }, { "jutlander-netbank.dk", true }, { "jutlander.dk", true }, + { "juttaheitland.com", true }, { "juusujanar.eu", true }, { "juvenex.co", true }, - { "juventusclublugano.ch", true }, { "juwelierstoopman.nl", true }, { "juzgalo.com", true }, { "jva-wuerzburg.de", true }, + { "jvandenbroeck.com", true }, { "jvanerp.nl", true }, { "jvbouncycastlehire.co.uk", true }, { "jvega.me", true }, @@ -18473,13 +18747,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jwnotifier.org", true }, { "jwschuepfheim.ch", true }, { "jwsoft.nl", true }, - { "jxir.de", true }, { "jydemarked.dk", true }, { "jyggen.com", true }, { "jym.fit", true }, { "jyoti-fairworks.org", true }, { "jzachpearson.com", true }, { "jzbk.org", true }, + { "jzcapital.co", true }, { "k-homes.net", true }, { "k-netz.de", true }, { "k-pan.com", true }, @@ -18489,8 +18763,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "k-tube.com", true }, { "k258059.net", true }, { "k2mts.org", true }, - { "k33k00.com", true }, - { "k3nny.fr", false }, + { "k33k00.com", false }, + { "k3508.com", true }, + { "k3nny.fr", true }, + { "k4law.com", true }, { "k4r.ru", true }, { "k7azx.com", true }, { "k82.org", true }, @@ -18499,9 +18775,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kaamoscreations.com", true }, { "kaangenc.me", true }, { "kaany.io", true }, + { "kaasbesteld.nl", true }, { "kaashosting.nl", true }, { "kaatha-kamrater.se", true }, { "kab-s.de", true }, + { "kabaca.design", true }, { "kabarlinux.id", true }, { "kabashop.com.br", true }, { "kabat-fans.cz", false }, @@ -18525,7 +18803,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kaigojj.com", true }, { "kaikei7.com", true }, { "kaileymslusser.com", true }, - { "kainetsoft.com", true }, { "kairion.de", false }, { "kaisakura.net", true }, { "kaisev.net", true }, @@ -18555,14 +18832,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kall.is", true }, { "kallies-net.de", true }, { "kalmar.com", true }, + { "kalolina.com", true }, { "kalsbouncies.com", true }, { "kaltenbrunner.it", true }, { "kalterersee.ch", true }, { "kalwestelectric.com", true }, { "kam-serwis.pl", true }, - { "kamagra-italia.it", true }, { "kamatajisyaku.tokyo.jp", true }, - { "kamikaichimaru.com", true }, + { "kamikaichimaru.com", false }, { "kaminbau-laub.de", true }, { "kamixa.se", true }, { "kamppailusali.fi", true }, @@ -18576,6 +18853,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kandianshang.com", true }, { "kanecastles.com", true }, { "kanehusky.com", true }, + { "kaneisdi.com", true }, { "kanetix.ca", true }, { "kangaroo-bouncycastle.co.uk", true }, { "kangarooislandholidayaccommodation.com.au", true }, @@ -18593,13 +18871,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kanna.cf", true }, { "kannchen.de", true }, { "kanobu.ru", true }, - { "kanotijd.nl", true }, { "kansaiyamamoto.jp", true }, { "kantankye.nl", true }, { "kantanmt.com", true }, { "kantorkita.net", true }, { "kantorosobisty.pl", true }, - { "kantv1.com", true }, { "kany.me", false }, { "kanzakiranko.jp", true }, { "kanzashi.com", true }, @@ -18608,6 +18884,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kanzlei-sixt.de", true }, { "kanzshop.com", true }, { "kap-genial.de", true }, + { "kapgy-moto.com", true }, { "kapiorr.duckdns.org", true }, { "kapseli.net", true }, { "kaptadata.com", true }, @@ -18616,6 +18893,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "karabas.com", true }, { "karabijnhaken.nl", false }, { "karachi.dating", true }, + { "karaface.com", true }, { "karalane.com", true }, { "karamomo.net", true }, { "karanastic.com", true }, @@ -18637,18 +18915,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "karlis-kavacis.id.lv", true }, { "karlloch.de", true }, { "karlsmithmn.org", true }, - { "karlstabo.se", true }, { "karlzotter.com", true }, { "karmaassurance.ca", true }, { "karmabaker.com", true }, { "karmainsurance.ca", true }, { "karmaplatform.com", true }, { "karmaspa.se", true }, - { "karmic.com", true }, { "karn.nu", true }, { "karneid.info", true }, - { "karpanhellas.com", false }, - { "kars.ooo", true }, { "karsofsystems.com", true }, { "karsten-voigt.de", true }, { "karta-paliwowa.pl", true }, @@ -18662,6 +18936,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "karupp-did.net", true }, { "kasadara.com", true }, { "kasei.im", true }, + { "kashinavi.com", true }, { "kashmirobserver.net", true }, { "kasko.io", true }, { "kasnoffskinclinic.com", true }, @@ -18674,6 +18949,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "katalogbutikker.dk", true }, { "katata-kango.ac.jp", true }, { "katedra.de", true }, + { "kateduggan.net", true }, { "katekligys.com", true }, { "katemihalikova.cz", true }, { "katericke.com", true }, @@ -18684,20 +18960,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "katiechai.xyz", true }, { "katieskandy.co.uk", true }, { "katieskastles.co.uk", true }, + { "katja-und-ronny.de", true }, { "katka.info", true }, { "katnunn.co.uk", true }, { "kato-yane.com", true }, { "katscastles.co.uk", true }, { "kattelans.eu", true }, - { "katthewaffle.fr", true }, { "katyl.info", false }, { "katyusha.net", false }, { "katzenbrunnen-test.de", true }, + { "katzensklave.me", true }, { "katzspeech.com", true }, { "kau-boys.com", true }, { "kau-boys.de", true }, { "kaufberatung.community", true }, - { "kausta.me", true }, + { "kaverti.com", true }, { "kavik.no", true }, { "kavovary-kava.cz", true }, { "kawaii.io", true }, @@ -18705,13 +18982,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kay.la", true }, { "kayakabovegroundswimmingpools.com", true }, { "kayleen.net", true }, + { "kayscs.com", true }, { "kaysis.gov.tr", true }, { "kazakov.lt", true }, { "kazamasion.com", true }, { "kazand.lt", true }, { "kazandaemon.ru", true }, + { "kazek.com.pl", true }, + { "kazekprzewozy.pl", true }, { "kazu.click", true }, { "kazuhirohigashi.com", true }, + { "kazumi.ooo", true }, { "kazumi.ro", true }, { "kazy111.info", true }, { "kb3.net", true }, @@ -18719,7 +19000,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kbb-ev.de", true }, { "kbbouncycastlehire.co.uk", true }, { "kbcequitas.hu", true }, - { "kbfl.org", true }, { "kbit.dk", true }, { "kbjorklu.com", true }, { "kbleventhire.co.uk", true }, @@ -18731,12 +19011,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kcliner.com", true }, { "kcmicapital.com", true }, { "kcolford.com", false }, - { "kcore.org", true }, { "kcptun.com", true }, { "kcshipping.co.uk", true }, { "kcsordparticipation.org", true }, { "kd.net.nz", true }, { "kdex.de", true }, + { "kdfans.com", true }, { "kdw.cloud", true }, { "kdyby.org", true }, { "ke7tlf.us", true }, @@ -18747,8 +19027,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "keb.net.au", true }, { "kebabbesteld.nl", true }, { "kebabbruce.com", true }, + { "kecht.at", true }, { "kedarastudios.com", true }, { "kedibizworx.com", true }, + { "keditor.biz", true }, { "kedv.es", true }, { "keeleysam.com", true }, { "keelove.net", true }, @@ -18766,7 +19048,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kehlenbach.net", true }, { "keifel.de", true }, { "kein-design.de", true }, - { "kein-fidget-spinner-werden.de", true }, { "keinanung.nl", true }, { "keinefilterblase.de", true }, { "keisaku.org", true }, @@ -18789,7 +19070,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kellyskastles.co.uk", true }, { "kellyssportsbarandgrill.com", true }, { "kelmarsafety.com", true }, - { "kelp.agency", true }, { "kelvinfichter.com", true }, { "kemmerer-net.de", true }, { "kempkens.io", true }, @@ -18801,7 +19081,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kenalsworld.com", true }, { "kenbillionsyuan.tk", true }, { "kenbonny.net", true }, - { "kenderhazmagyarorszag.hu", false }, { "kengilmour.com", true }, { "kenguntokku.jp", true }, { "kenia-vakantie.nl", true }, @@ -18822,6 +19101,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kenterlis.gr", true }, { "kenvix.com", false }, { "kenx5.eu.org", true }, + { "kenyons.info", true }, { "keops-spine.fr", true }, { "keops-spine.us", true }, { "kepkonyvtar.hu", true }, @@ -18834,9 +19114,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kernelpanics.nl", true }, { "kerrfrequencycombs.org", true }, { "kersbergen.nl", true }, + { "kersmexico.com", true }, { "kerstkaart.nl", true }, { "kersvers.agency", true }, - { "kerus.net", false }, { "kerzyte.net", true }, { "kescher.site", true }, { "kessawear.com", true }, @@ -18849,21 +19129,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ketty-voyance.com", true }, { "keutel.net", true }, { "kevinapease.com", true }, + { "kevinbowers.me", true }, { "kevinbusse.de", true }, { "kevincox.ca", false }, - { "kevinfoley.cc", true }, - { "kevinfoley.org", true }, { "kevinhill.nl", true }, { "kevinhq.com", true }, { "kevinkla.es", true }, { "kevinlocke.name", true }, { "kevinmeijer.nl", true }, - { "kevinmoreland.com", true }, - { "kevinmorssink.nl", true }, + { "kevinpirnie.com", true }, { "kevinrandles.com", true }, { "kevinratcliff.com", true }, { "kevyn.lu", true }, - { "kewego.co.uk", true }, { "keybase.io", true }, { "keybored.co", true }, { "keybored.me", true }, @@ -18872,6 +19149,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "keycontainers.co.za", true }, { "keyerror.com", true }, { "keyholdingservices.co.uk", true }, + { "keyhomechecker.com", true }, { "keyihao.cn", true }, { "keyinfo.io", true }, { "keylaserinstitute.com", true }, @@ -18884,12 +19162,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kf7joz.com", true }, { "kffs.ru", true }, { "kfirba.me", true }, + { "kfm.ink", true }, { "kforesund.se", true }, { "kfv-kiel.de", false }, { "kfz-hantschel.de", true }, { "kgm-irm.be", true }, { "kgnk.ru", true }, - { "khaledgarbaya.net", true }, + { "kgregorczyk.pl", true }, { "khanovaskola.cz", true }, { "khas.co.uk", true }, { "khasiatmanfaat.com", true }, @@ -18898,7 +19177,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "khipu.com", true }, { "khlee.net", true }, { "khmath.com", true }, - { "khmb.ru", true }, + { "khmb.ru", false }, { "khoury-dulla.ch", true }, { "khs1994.com", true }, { "khudothiswanpark.vn", true }, @@ -18925,6 +19204,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kids-ok.com", true }, { "kids2day.in", true }, { "kidsareatrip.com", true }, + { "kidsclub.photos", true }, { "kidsforsavingearth.org", true }, { "kidsinwoods-interfacesouth.org", true }, { "kidsmark.net", true }, @@ -18942,7 +19222,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kiel-kind.de", true }, { "kieran.ie", true }, { "kieranjones.uk", true }, - { "kiesuwcursus.nl", true }, { "kiesuwkerstkaart.nl", true }, { "kiffmarks.com", true }, { "kigmbh.com", true }, @@ -18956,6 +19235,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "killerit.in", true }, { "killerrobots.com", true }, { "killymoonbouncycastles.com", true }, + { "kilobyte22.de", true }, { "kilogram.nl", true }, { "kilometertje.nl", true }, { "kimamass.com", true }, @@ -18969,6 +19249,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kimotodental.com", true }, { "kimsufi-jordi.tk", true }, { "kimtran.kim", true }, + { "kin.life", true }, { "kin.pet", true }, { "kinautas.com", true }, { "kinderbasar-luhe.de", true }, @@ -18998,6 +19279,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kingtecservices.com", true }, { "kini24.ru", true }, { "kinkenonline.com", true }, + { "kinnettmemorial.org", true }, { "kinnikinnick.com", true }, { "kinniyaonlus.com", true }, { "kinocheck.de", true }, @@ -19007,6 +19289,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kinos.nl", true }, { "kinozal-tv.appspot.com", true }, { "kinsights.com", false }, + { "kintawifi.com", false }, { "kintone.com", true }, { "kintore.tv", true }, { "kiocloud.com", true }, @@ -19015,7 +19298,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kippenbart.gq", true }, { "kipriakipita.gr", true }, { "kiragameforum.net", true }, - { "kirainmoe.com", true }, { "kiraku.co", true }, { "kirbear.com", true }, { "kirche-dortmund-ost.de", true }, @@ -19028,13 +19310,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kirillaristov.com", true }, { "kirillpokrovsky.de", true }, { "kirinas.com", true }, + { "kirito.kr", true }, { "kirkforcongress.com", true }, { "kirkforillinois.com", true }, { "kirkify.com", true }, { "kirkovsky.com", true }, - { "kirrie.pe.kr", true }, { "kirsch-gestaltung.de", true }, { "kirschbaum.me", true }, + { "kirslis.com", true }, { "kirstenbos.ca", true }, { "kirstin-peters.de", true }, { "kirwandigital.com", true }, @@ -19046,7 +19329,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kissesb.net", true }, { "kissflow.com", true }, { "kissgyms.com", true }, - { "kisskiss.ch", true }, { "kissmycreative.com", true }, { "kisstube.tv", true }, { "kitabnamabayi.com", true }, @@ -19071,6 +19353,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kittpress.com", true }, { "kittyhacker101.tk", true }, { "kivitelezesbiztositas.hu", true }, + { "kiwi.com", true }, { "kiwi.digital", true }, { "kiwi.global", true }, { "kiwi.wiki", true }, @@ -19087,6 +19370,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kjarrval.is", true }, { "kjchernov.info", true }, { "kjellner.com", true }, + { "kjellvn.net", true }, { "kjg-ummeln.de", true }, { "kk-neudorf-duissern.de", false }, { "kkaefer.com", true }, @@ -19096,11 +19380,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kks-karlstadt.de", true }, { "kksg.com", true }, { "kkyy.me", true }, + { "kkzxak47.com", true }, { "kl-diaetist.dk", true }, { "klaim.us", true }, { "klamathrestoration.gov", true }, { "klanggut.at", true }, - { "klantenadvies.nl", true }, { "klares-licht.de", true }, { "klarika.com", true }, { "klarmobil-empfehlen.de", true }, @@ -19112,7 +19396,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "klaxon.me", true }, { "klcreations.co.uk", true }, { "kle.cz", true }, - { "klean-ritekc.com", true }, { "kleaning.by", true }, { "klebeband.eu", true }, { "klebetape.de", true }, @@ -19146,6 +19429,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kloia.com", true }, { "klosko.net", true }, { "klotz-labs.com", true }, + { "kloudboy.com", true }, { "kls-agency.com.ua", false }, { "klseet.com", true }, { "klssn.com", true }, @@ -19153,8 +19437,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "klugemedia.de", true }, { "klustekeningen.nl", true }, { "klustermedia.com", true }, + { "klva.cz", true }, + { "klzwzhi.com", true }, { "km-net.pl", true }, { "kmashworth.co.uk", true }, + { "kmdev.me", true }, { "kmkz.jp", true }, { "kmsci.com.ph", true }, { "kn007.net", true }, @@ -19168,14 +19455,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kneblinghausen.de", true }, { "knegten-agilis.com", true }, { "knep.me", true }, - { "knetterbak.nl", true }, { "kngk-group.ru", true }, { "kngk-transavto.ru", true }, { "kngk.org", true }, { "kniga.market", false }, { "knight-industries.org", true }, + { "knightsblog.de", true }, { "knightsbridge.net", true }, - { "knightsbridgegroup.org", true }, { "knightsbridgewine.com", true }, { "knip.ch", true }, { "knispel-online.de", true }, @@ -19202,7 +19488,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kobezda.net", true }, { "kobofarm.com", true }, { "koboldcraft.ch", true }, - { "kobolya.hu", true }, { "kocherev.org", true }, { "kochereva.com", true }, { "kochhar.net", true }, @@ -19220,6 +19505,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "koelnmafia.de", true }, { "koenen-bau.de", true }, { "koenigsbrunner-tafel.de", true }, + { "koenleemans.nl", false }, { "koerper-wie-seele.de", false }, { "koerperkult.ch", true }, { "koertner-muth.com", true }, @@ -19247,7 +19533,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "koketteriet.se", true }, { "kokoiroworks.com", true }, { "kokumoto.com", true }, - { "kolbeck.tk", true }, + { "kolania.com", true }, + { "kolania.de", true }, + { "kolania.net", true }, { "kolbeinsson.se", true }, { "kolcsey.eu", true }, { "koldanews.com", true }, @@ -19260,11 +19548,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kolmann.at", true }, { "kolmann.eu", true }, { "kolonie-am-stadtpark.de", true }, + { "kolorbon.com", true }, { "kolpingsfamilie-vechta-maria-frieden.de", true }, { "koluke.co", true }, { "koluke.com", true }, { "komandakovalchuk.com", false }, { "komelin.com", true }, + { "komenamanda.de", true }, { "komicloud.com", true }, { "komidoc.com", true }, { "komiksbaza.pl", true }, @@ -19345,14 +19635,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kotilinkki.fi", true }, { "kotitesti.fi", true }, { "kotly-marten.com.ua", true }, + { "kotobox.net", true }, { "kotois.com", true }, - { "kotomei.moe", true }, { "kotonoha.cafe", true }, { "kotori.love", true }, { "kouki-food.com", true }, { "koumuwin.com", true }, { "koushinjo.org", true }, - { "kouten-jp.com", true }, { "kov.space", true }, { "koval.io", true }, { "kovaldo.ru", true }, @@ -19405,6 +19694,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "krausoft.hu", true }, { "krautomat.com", true }, { "kraynik.com", true }, + { "krazyboi.com", true }, { "krazykastles.co.uk", true }, { "krazykoolkastles.com", true }, { "krazyphotobooths.co.uk", true }, @@ -19420,12 +19710,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kremalicious.com", true }, { "kretschmann.consulting", true }, { "kreuzpfadfinder.de", true }, + { "krey.is", true }, { "krfuli.com", true }, { "kriechel.de", true }, { "krinetzki.de", true }, { "kriptosec.com", true }, { "kris.click", true }, { "krise-chance.ch", true }, + { "krishnenduayur.org", true }, { "krishofer.com", true }, { "krislamoureux.com", true }, { "krismurray.co.uk", true }, @@ -19435,7 +19727,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kristinbailey.com", true }, { "kristofdv.be", true }, { "krizevci.info", true }, - { "krmeni.cz", true }, + { "krmeni.cz", false }, { "krokedil.se", true }, { "krokodent.de", true }, { "kromamoveis.com.br", true }, @@ -19467,6 +19759,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ks-watch.de", true }, { "kschv-rdeck.de", true }, { "kselenia.ee", true }, + { "ksero.center", true }, { "ksero.wroclaw.pl", true }, { "kshlm.in", true }, { "kspg.tv", true }, @@ -19483,16 +19776,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kualo.com", true }, { "kualo.in", true }, { "kuaza.com", true }, - { "kub.hr", true }, { "kubica.ch", true }, { "kubierecki.pl", true }, { "kubik-rubik.de", false }, - { "kubiwa.net", true }, { "kubkprf.ru", true }, { "kublis.ch", true }, - { "kuchenfeelisa.de", true }, { "kuchentraum.eu", true }, { "kucnibudzet.com", true }, + { "kucukayvaz.com", true }, { "kudo.co.id", true }, { "kueche-co.de", true }, { "kuechenprofi-group.de", false }, @@ -19511,7 +19802,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kulde.net", true }, { "kulickovy-pojezd.cz", true }, { "kulivps.com", true }, - { "kum.com", true }, { "kuma.es", true }, { "kumachan.biz", true }, { "kumalog.com", true }, @@ -19532,6 +19822,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kuponydoher.cz", true }, { "kupschke.net", true }, { "kurashino-mall.com", true }, + { "kuro.link", true }, { "kurofuku.me", true }, { "kuroinu.jp", true }, { "kurona.ga", true }, @@ -19557,6 +19848,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kvadratnimeter.si", true }, { "kvalita-1a.cz", true }, { "kvalitnitesneni.cz", true }, + { "kvantel.no", true }, { "kvcc.com.au", true }, { "kvetinymilt.cz", true }, { "kvhile.com", true }, @@ -19569,7 +19861,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kwcolville.com", true }, { "kwedo.com", true }, { "kwench.com", true }, - { "kwidz.fr", true }, + { "kwiknews.com", true }, { "kwmr.me", true }, { "kwok.cc", true }, { "kwyxz.org", true }, @@ -19577,7 +19869,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kxah35.com", true }, { "kxnrl.com", false }, { "kybi.sk", true }, - { "kydara.com", true }, { "kyledrake.net", true }, { "kylegutschow.com", true }, { "kylejohnson.io", true }, @@ -19589,9 +19880,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kynastonwedding.co.uk", true }, { "kyobostory-events.com", true }, { "kyoko.org", true }, - { "kyonagashima.com", true }, { "kyosaku.org", true }, { "kyoto-k9.com", true }, + { "kyoto-mic.com", true }, { "kyoto-sake.net", true }, { "kyoto-tomikawa.jp", true }, { "kyoto-tomoshibi.jp", true }, @@ -19612,7 +19903,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "l7world.com", true }, { "l9.fr", true }, { "la-baldosa.fr", true }, - { "la-cave-a-nodo.fr", true }, + { "la-cave-a-nodo.fr", false }, { "la-compagnie-des-elfes.fr", true }, { "la-ganiere.com", true }, { "la-kaz-a-velo.fr", true }, @@ -19623,6 +19914,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "laassari.me", false }, { "laatikko.io", true }, { "laatjeniethackmaken.nl", true }, + { "laballoons.com", true }, { "labande-annonce.fr", true }, { "labcoat.jp", true }, { "labms.com.au", true }, @@ -19634,7 +19926,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "laboutiquedejuliette.com", true }, { "laboxfaitsoncinema.com", true }, { "labradorpuppiesforsalebyregisteredlabradorbreeders.com", false }, - { "labrat.mobi", true }, + { "labrat.mobi", false }, + { "labspack.com", true }, { "labtest.ltd", true }, { "lacantine.xyz", true }, { "lacaserita.org", true }, @@ -19645,7 +19938,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lachawoj.de", true }, { "lachlan-harris.com", true }, { "lachlan.com", true }, - { "lachlankidson.net", true }, { "lachosetypo.com", true }, { "lacicloud.net", true }, { "lacigf.org", true }, @@ -19656,9 +19948,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "laclefdor.ch", true }, { "lacliniquefinanciere.com", true }, { "lacoast.gov", true }, + { "lacocinadelila.com", true }, { "lacoquette.gr", true }, { "lacyc3.eu", true }, - { "ladadate.com", true }, { "ladbroke.net", true }, { "ladenzeile.at", true }, { "ladenzeile.de", true }, @@ -19683,7 +19975,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lagerauftrag.info", true }, { "lagit.in", true }, { "laglab.org", false }, - { "lagodny.eu", false }, + { "lagodny.eu", true }, { "lagout.org", true }, { "lagriffeduservice.fr", true }, { "laguiadelvaron.com", true }, @@ -19714,7 +20006,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lakesherwoodlighting.com", true }, { "lakesherwoodoutdoorlighting.com", true }, { "lakeshowlife.com", true }, - { "lakewoodcomputerservices.com", true }, { "lakonia.com.br", true }, { "lalalab.com", true }, { "lalaya.fr", true }, @@ -19729,7 +20020,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lambauer.com", true }, { "lambertshealthcare.co.uk", true }, { "lamboo.be", true }, - { "lamclam.site", true }, { "lame1337.xyz", true }, { "lamiaposta.email", false }, { "lamikvah.org", true }, @@ -19741,8 +20031,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lampenwelt.at", true }, { "lampenwelt.ch", true }, { "lampposthomeschool.com", true }, - { "lan2k.org", true }, + { "lan.biz.tr", true }, { "lana.swedbank.se", true }, + { "lanahallen.com", true }, { "lanbroa.eu", true }, { "lancashirecca.org.uk", true }, { "lancejames.com", true }, @@ -19754,8 +20045,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "landchecker.com.au", true }, { "landflair-magazin.de", true }, { "landhaus-christmann.de", true }, + { "landinfo.no", true }, + { "landlordy.com", true }, { "landofelves.net", true }, { "landrovermerriamparts.com", true }, + { "landscape-photography.org", true }, { "landscapelightingagoura.com", true }, { "landscapelightingagourahills.com", true }, { "landscapelightingcalabasas.com", true }, @@ -19770,7 +20064,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "landscapelightingoakpark.com", true }, { "landscapelightingpacificpalisades.com", true }, { "landscapelightingsimivalley.com", true }, + { "landscapelightingthousandoaks.com", true }, { "landscapelightingwestlakevillage.com", true }, + { "landscapephotography.org.au", true }, { "landyparts.nl", true }, { "lanetix.com", true }, { "lanforalla.se", true }, @@ -19780,6 +20076,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "langguth.io", true }, { "langkahteduh.com", true }, { "langkawitrip.com", true }, + { "langotie.com.br", true }, { "langstreckensaufen.de", true }, { "languageterminal.com", true }, { "langworth.com", true }, @@ -19813,6 +20110,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lapolla.com", true }, { "lapotagere.ch", true }, { "lapparente-aise.ch", true }, + { "lappari.com", true }, + { "lara.photography", true }, { "laracode.eu", true }, { "laraeph.com", true }, { "laraigneedusoir.com", true }, @@ -19830,6 +20129,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "larondinedisinfestazione.com", true }, { "larptreff.de", true }, { "larraz.es", true }, + { "larryli.cn", true }, { "larrysalibra.com", true }, { "lars-ewald.com", true }, { "lars-mense.de", true }, @@ -19838,7 +20138,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "larsbauer.xyz", true }, { "larsklene.nl", true }, { "larsklint.com", true }, - { "larsmerke.de", true }, { "laruga.co.uk", true }, { "lasalle.wa.edu.au", true }, { "lasarmas.com", true }, @@ -19867,7 +20166,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lastweekinaws.com", true }, { "lasuzefc.fr", true }, { "lat.sk", true }, - { "latabledebry.be", true }, { "latabledemontebello.com", true }, { "late.am", true }, { "latecnosfera.com", true }, @@ -19876,7 +20174,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lateral.dog", true }, { "lateralsecurity.com", true }, { "latestdeals.co.uk", true }, - { "lathen-wahn.de", true }, { "latiendadelbebefeliz.com", true }, { "latiendauno.com", true }, { "latiendawapa.com", true }, @@ -19884,7 +20181,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "latinphone.com", true }, { "latintoy.com", true }, { "latitudesign.com", true }, - { "latour-managedcare.ch", true }, { "latremebunda.com", true }, { "latrine.cz", true }, { "latterdaybride.com", true }, @@ -19944,8 +20240,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "layfully.me", true }, { "laylo.io", true }, { "laylo.nl", true }, + { "laymans911.info", true }, { "layoutsatzunddruck.de", true }, - { "lazapateriahandmade.pe", true }, { "lazowik.pl", true }, { "lazurit.com", true }, { "lazyboston.com", true }, @@ -19960,12 +20256,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lbls.me", true }, { "lbphacker.pw", true }, { "lbs-logics.com", true }, + { "lbsi-nordwest.de", true }, { "lbux.org", true }, - { "lc-cs.com", true }, + { "lc-cs.com", false }, + { "lc-promiss.de", true }, { "lca-pv.de", true }, { "lca.gov", true }, { "lcars-sv.info", true }, + { "lcbizsolutions.com", true }, { "lce-events.com", true }, + { "lcgaj.com", true }, { "lcht.ch", false }, { "lcrmscp.gov", true }, { "lcy.cat", true }, @@ -19994,7 +20294,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "leadbox.cz", true }, { "leaderoftheresistance.com", false }, { "leaderoftheresistance.net", false }, - { "leadgenie.me", true }, { "leadinfo.com", true }, { "leadingsalons.com", true }, { "leadquest.nl", true }, @@ -20014,6 +20313,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "learningman.top", true }, { "learnpianogreece.com", true }, { "learnplayground.com", true }, + { "learntale.com", true }, { "learntube.cz", true }, { "leaseit24.com", true }, { "leaseit24.de", true }, @@ -20042,7 +20342,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ledecologie.com.br", true }, { "ledeguisement.com", true }, { "lederer-it.com", true }, - { "ledlampor365.se", true }, { "ledscontato.com.br", true }, { "ledzom.ru", false }, { "lee-fuller.co.uk", true }, @@ -20050,8 +20349,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "leebiblestudycenter.com", true }, { "leebiblestudycentre.co.uk", true }, { "leebiblestudycentre.com", true }, - { "leech360.com", true }, - { "leeclemens.net", true }, + { "leech360.com", false }, + { "leeclemens.net", false }, { "leedev.org", true }, { "leelaylay.com", true }, { "leere.me", true }, @@ -20089,6 +20388,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "legjobblogo.hu", true }, { "legland.fr", true }, { "legoutdesplantes.be", true }, + { "legrandvtc.fr", true }, { "legumefederation.org", true }, { "legumeinfo.org", true }, { "lehighmathcircle.org", true }, @@ -20096,7 +20396,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "leibniz-remscheid.de", false }, { "leideninternationalreview.com", true }, { "leigh.life", true }, - { "leilautourdumon.de", true }, { "leilonorte.com", true }, { "leiming.co", true }, { "leinfelder.in", true }, @@ -20110,7 +20409,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lejardindesmesanges.fr", true }, { "lel.ovh", true }, { "lelambiental.com.br", true }, - { "lelehei.com", true }, { "lemarcheelagrandeguerra.it", true }, { "lemni.top", true }, { "lemoine.at", true }, @@ -20118,13 +20416,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lemondrops.xyz", true }, { "lemonop.com", true }, { "lemonparty.co", true }, - { "lemonthy.ca", true }, - { "lemonthy.com", true }, { "lemouillour.fr", true }, { "lemuslimpost.com", true }, { "lenagroben.de", true }, { "lenaneva.ru", true }, { "lence.net", true }, + { "lendingclub.com", true }, + { "lenget.com", true }, { "lenguajedeprogramacion.com", true }, { "lengzzz.com", true }, { "lenidh.de", true }, @@ -20150,8 +20448,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "leon.net", true }, { "leonauto.de", true }, { "leonax.net", true }, + { "leonbuitendam.nl", true }, { "leondenard.com", true }, - { "leonhooijer.nl", false }, { "leonklingele.de", true }, { "leowkahman.com", true }, { "lep.gov", true }, @@ -20177,9 +20475,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lesancheslibres.fr", true }, { "lesarts.com", true }, { "lesberger.ch", true }, - { "lesbiansslaves.com", true }, - { "lesbofight.com", true }, + { "lesconteursavis.org", true }, { "leseditionsbraquage.com", true }, + { "lesfilmsavivre.com", true }, { "lesgoodnews.fr", true }, { "lesharris.com", true }, { "leshervelines.com", true }, @@ -20194,15 +20492,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lespret.nl", true }, { "lesscloud.com", true }, { "lessets-graphiques.com", true }, - { "lessing.consulting", true }, { "lessis.moe", true }, { "lesterchan.net", true }, { "lesterrassesdusoleil.ch", true }, { "lesyndicat.info", true }, { "let-go.cc", true }, { "letemps.ch", true }, - { "letempsdunefleur.be", true }, - { "lethbridgecoffee.com", true }, { "lets-bounce.com", true }, { "lets-go-acoustic.de", true }, { "lets-ktai.jp", true }, @@ -20258,14 +20553,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lfrconseil.com", true }, { "lgbt.io", true }, { "lgbt.ventures", true }, - { "lgbtqventures.com", true }, { "lgbtventures.com", true }, { "lghfinancialstrategy.ch", true }, { "lgpecasoriginais.com.br", true }, { "lhajn.cz", true }, { "lhakustik.se", true }, + { "lhalbert.xyz", true }, { "lhconsult.tk", false }, - { "lheinrich.de", true }, { "lhost.su", true }, { "li-ke.co.jp", true }, { "li.search.yahoo.com", false }, @@ -20274,8 +20568,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lian-in.net", true }, { "liang-li88.com", true }, { "liang-li88.net", true }, - { "liangbp.com", true }, - { "lianwen.kim", true }, { "lianye1.cc", true }, { "lianye2.cc", true }, { "lianye3.cc", true }, @@ -20291,6 +20583,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "libgame.com", true }, { "libmpq.org", true }, { "libnull.com", true }, + { "libra.com", true }, { "library-quest.com", true }, { "libraryextension.com", true }, { "libraryfreedomproject.org", false }, @@ -20311,13 +20604,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "libskia.so", true }, { "libsodium.org", true }, { "libstock.si", true }, - { "liceo.cn", true }, { "lichess.org", true }, { "lichtmetzger.de", true }, { "lichtspot.de", true }, { "lichttechnik-tumler.com", true }, { "lichttraeumer.de", true }, - { "lickmypussy.us", true }, { "lickthesalt.com", true }, { "lidavidm.me", true }, { "lidel.org", true }, @@ -20333,6 +20624,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lidogr.com", true }, { "lidong.me", true }, { "lidow.eu", true }, + { "liduan.net", false }, { "liebel.org", true }, { "lieberwirth.biz", true }, { "lieblingsholz.de", true }, @@ -20341,14 +20633,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "life-emotions.pt", true }, { "lifebetweenlives.com.au", true }, { "lifecism.com", true }, - { "lifecoach.tw", false }, { "lifegrip.com.au", true }, { "lifeinhex.com", true }, { "lifeinsurancepro.org", true }, { "lifekiss.ru", true }, { "lifematenutrition.com", true }, { "lifemstyle.com", true }, - { "lifenexto.com", true }, { "lifeqa.net", true }, { "lifequotes-uk.co.uk", true }, { "lifesafety.com.br", true }, @@ -20360,6 +20650,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "light-up.xyz", true }, { "light.mail.ru", true }, { "lightbox.co", true }, + { "lightdream.tech", true }, { "lighthouseinstruments.com", true }, { "lighting-centres.co.uk", true }, { "lightingagoura.com", true }, @@ -20384,6 +20675,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lights.co.uk", true }, { "lightspeed.com", false }, { "lightspeedta.co", true }, + { "lighttp.com", true }, { "lightupcollective.co.uk", true }, { "lignoma.com", true }, { "ligonier.com", true }, @@ -20393,13 +20685,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "likc.me", true }, { "likeablehub.com", true }, { "likeabox.de", true }, + { "likebee.gr", true }, { "likegeeks.com", true }, { "likehifi.de", true }, { "likemovies.de", true }, { "likenewhearing.com.au", true }, { "likere.com", true }, { "lilaccakeboutique.com", true }, - { "liliang13.com", true }, { "lillepuu.com", true }, { "lily-bearing.com", true }, { "lily-inn.com", true }, @@ -20411,11 +20703,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "limberg.me", true }, { "limbo.services", true }, { "limeburst.net", true }, + { "limelabs.de", true }, + { "limelabs.io", true }, { "limeres.com", true }, { "limereslaw.com", true }, { "limitededitioncomputers.com", true }, { "limitededitionsolutions.com", true }, - { "limitget.com", true }, { "limitxyz.com", true }, { "limn.me", true }, { "limoairporttoronto.net", true }, @@ -20430,15 +20723,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lincolnfinewines.com", true }, { "lincolnsfh.com", true }, { "lincolnwayflorist.com", true }, - { "lincsbouncycastlehire.co.uk", true }, { "lindalap.fi", true }, { "lindemann.space", true }, { "linden.me", true }, { "lindeskar.se", true }, + { "lindholmen.club", true }, { "lindnerhof-taktik.de", true }, { "lindo.ru", true }, { "lindon.pw", true }, { "lindsayanderson.com", true }, + { "lindsaygorski.com", true }, { "lindskogen.se", true }, { "lindy.co", false }, { "line.biz", true }, @@ -20452,7 +20746,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lingerie.com.br", true }, { "lingeriesilhouette.com", true }, { "lingotaxi.com", true }, - { "lingting.vip", true }, { "linguamilla.com", true }, { "lingvo-svoboda.ru", true }, { "linherest.tk", true }, @@ -20461,6 +20754,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "linkat4.cz", true }, { "linkdr.uk", true }, { "linkedinbackground.com", true }, + { "linkedpipes.com", true }, { "linkenheil.org", true }, { "linklocker.co", true }, { "linkmaker.co.uk", true }, @@ -20474,11 +20768,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "linkycat.com", true }, { "linode.com", false }, { "linost.com", true }, - { "linostassi.net", true }, { "linqhost.nl", true }, { "linss.com", true }, { "lintmx.com", true }, { "linusdrop.tips", true }, + { "linux-audit.com", true }, { "linux-florida.com", true }, { "linux-mint-czech.cz", true }, { "linux-vme.org", true }, @@ -20500,9 +20794,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "linuxlounge.net", true }, { "linuxos.org", true }, { "linuxproperties.com", true }, + { "linuxsecurity.expert", true }, { "linx.li", true }, { "linx.net", true }, - { "linxmind.eu", true }, { "linzgau.de", true }, { "linzyjx.com", true }, { "lionhosting.nl", true }, @@ -20510,6 +20804,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lionsdeal.com", true }, { "lipartydepot.com", true }, { "lipex.com", true }, + { "lipo.lol", true }, { "lipoabaltimore.org", true }, { "liqd.net", true }, { "liquid.cz", true }, @@ -20517,7 +20812,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "liquidinternet.co", true }, { "liquidradio.pro", true }, { "liquidwarp.net", true }, - { "liquimoly.market", true }, { "lirion.de", true }, { "liris-beautywelt.de", true }, { "lirlandais.ch", true }, @@ -20527,6 +20821,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lisburnhottubnbounce.co.uk", true }, { "lisieuxarquitetura.com.br", true }, { "liskgdt.net", true }, + { "lisky.ru", true }, { "lislan.org.uk", true }, { "lisowski-development.com", true }, { "listahu.org", true }, @@ -20540,7 +20835,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "litebit.eu", true }, { "litebits.com", true }, { "litemind.com", true }, - { "literarymachin.es", true }, { "litfin.name", true }, { "lithan.com", true }, { "lithesalar.se", true }, @@ -20556,10 +20850,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "littlepigcreek.com.au", true }, { "littlepincha.fr", true }, { "littleprincessandmascotparties.co.uk", true }, + { "littleqiu.net", true }, { "littleredsbakeshop.com", true }, - { "littlericket.me", true }, + { "littlericket.me", false }, { "littlescallywagsplay.co.uk", true }, - { "littleservice.cn", true }, { "littleskin.cn", true }, { "littleswitch.co.jp", true }, { "littlewatcher.com", true }, @@ -20569,9 +20863,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "liuboznaiko.eu", true }, { "liudon.org", true }, { "liufengyu.cn", true }, + { "liul.in", true }, { "liupeicheng.top", true }, { "liv3d.stream", true }, { "live4k.media", false }, + { "livebandphotos.com", true }, { "livebetterwith.com", true }, { "livebythesun.de", true }, { "livecards.co.uk", true }, @@ -20582,7 +20878,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "livedesign24.de", true }, { "liveflightapp.com", true }, { "liveforspeed.se", true }, - { "livejasmin.dk", true }, { "livekaarten.be", true }, { "livekaarten.nl", true }, { "livekarten.at", true }, @@ -20600,11 +20895,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "livepath.ch", true }, { "liveperformersmeeting.net", true }, { "liveregistratie.nl", true }, - { "livesearch-fukuoka.com", true }, + { "liverider.co.jp", true }, { "livesheep.com", true }, { "livesure.com", true }, + { "livetoride.co.za", true }, { "livetube.tv", true }, - { "livi.co", true }, { "living-space.co.nz", true }, { "living24.de", true }, { "livingforreal.com", true }, @@ -20615,7 +20910,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "livolett.de", true }, { "livrariacoad.com.br", true }, { "livroseuniformes.com.br", true }, - { "lixiaojiang.ga", true }, { "lixtick.com", true }, { "liyin.date", true }, { "liyinjia.com", true }, @@ -20624,7 +20918,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lizhi.io", true }, { "lizhi123.net", true }, { "lizzaran.io", true }, - { "lizzythepooch.com", true }, { "ljason.cn", true }, { "ljs.io", true }, { "lk-hardware.cz", true }, @@ -20646,7 +20939,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lntu.org", true }, { "lnx.li", true }, { "load-ev.de", true }, - { "loadingdeck.com", false }, { "loadlow.me", true }, { "loadwallet.com", true }, { "loafhead.me", true }, @@ -20657,6 +20949,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lob-staging.com", true }, { "lob.com", true }, { "lobivia.de", true }, + { "lobosdomain.hopto.org", true }, { "lobsangstudio.com", true }, { "lobstr.co", true }, { "local360.net", true }, @@ -20665,7 +20958,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "localblitz.com", true }, { "localblock.co.za", true }, { "localbouncycastle.com", true }, - { "localdata.us", true }, { "localdecor.com.br", true }, { "localethereum.com", true }, { "localhorst.duckdns.org", true }, @@ -20673,7 +20965,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "localhost.ee", true }, { "localspot.pl", true }, { "locapos.com", true }, - { "location-fichier-email.com", true }, { "locationvoitureallemagne.com", true }, { "locationvoitureangleterre.com", true }, { "locationvoitureaustralie.com", true }, @@ -20684,17 +20975,32 @@ static const nsSTSPreload kSTSPreloadList[] = { { "locationvoitureportugal.com", true }, { "locatorplus.gov", true }, { "locauxrama.fr", true }, - { "locker.email", true }, + { "locker.email", false }, { "locker.plus", true }, { "lockify.com", true }, { "lockpick.nl", true }, { "lockpicks.se", true }, { "lockr.io", true }, + { "locksmith-durbannorth.co.za", true }, + { "locksmith-sanantonio-tx.com", true }, { "locksmithbalchsprings.com", true }, + { "locksmithballito.com", true }, + { "locksmithbluff.co.za", true }, + { "locksmithedmonds.com", true }, { "locksmithgarland-tx.com", true }, { "locksmithgrapevinetx.com", true }, + { "locksmithhillcrest.co.za", true }, + { "locksmithindurban.co.za", true }, { "locksmithmesquitetx.com", true }, + { "locksmithmissouricity.com", true }, + { "locksmithopen.com", true }, + { "locksmithsanantoniotexas.com", true }, + { "locksmithsbluff.com", true }, + { "locksmithseattleco.com", true }, + { "locksmithservice-houston.com", true }, { "locksmithspring.com", true }, + { "locksmithspringtx.com", true }, + { "locksmithswestville.com", true }, { "locksmiththewoodlands.com", true }, { "locomore.com", true }, { "locomotionds.com", true }, @@ -20714,6 +21020,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "logement.com", true }, { "logentries.com", false }, { "logexplorer.net", true }, + { "logfile.at", true }, + { "logfro.de", true }, { "logicchen.com", true }, { "logiciel-entreprise-seurann.fr", true }, { "logicio.ch", false }, @@ -20744,17 +21052,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "logue.be", true }, { "logze.nl", true }, { "lohanaflores.com.br", true }, + { "lohmeier.it", true }, { "loichot.ch", true }, + { "loigiai.net", true }, + { "loihay.net", true }, { "lojadamimo.com.br", true }, { "lojadanidrea.com.br", true }, { "lojadarenda.com.br", true }, { "lojadewhisky.com.br", true }, { "lojadoarcomprimido.com.br", true }, - { "lojadoprazer.com.br", true }, { "lojadosomautomotivo.com.br", true }, { "lojafazendoarte.com.br", true }, { "lojafilipaper.com.br", true }, - { "lojahunamarcenaria.com.br", true }, { "lojamagicalx.com", true }, { "lojamascate.com.br", true }, { "lojamoleco.com.br", true }, @@ -20774,13 +21083,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "loket.nl", true }, { "lolcorp.pl", true }, { "lolcow.farm", true }, + { "lolhax.org", true }, { "loli.net", true }, { "loli.pet", true }, { "loli.ski", true }, + { "loli.tube", true }, { "loli.world", true }, { "lolibrary.org", true }, { "lolicon.eu", true }, - { "lolis.stream", true }, { "lolkot.ru", true }, { "lolnames.gg", true }, { "lolpatrol.de", true }, @@ -20798,9 +21108,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "londongynaecologist.co", true }, { "londonkan.jp", true }, { "londonkeyholdingcompany.co.uk", true }, - { "londonseedcentre.co.uk", true }, { "lonelytweets.com", true }, { "lonesomecosmonaut.com", true }, + { "long-journey.com", true }, { "longhaircareforum.com", true }, { "longhorn-imports.com", true }, { "longhorn.id.au", true }, @@ -20825,13 +21135,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lookatmysco.re", true }, { "lookbetweenthelines.com", true }, { "lookup-dns.net", true }, + { "lookyman.net", true }, { "lookzook.com", true }, { "loom.no", true }, { "loony.info", true }, { "loopower.com", true }, + { "loopstart.org", true }, { "loothole.com", true }, { "loovto.net", true }, - { "loposchokk.com", true }, { "loqu8.com", true }, { "lordofthebrick.com", true }, { "lore.azurewebsites.net", true }, @@ -20847,8 +21158,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lostkeys.co.uk", true }, { "lostserver.com", true }, { "lostwithdan.com", true }, - { "loteks.de", true }, { "lothlorien.ca", false }, + { "lotl.ru", true }, { "lotn.mobi", true }, { "lotn.nl", true }, { "lotnonline.com", true }, @@ -20879,7 +21190,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lovenwishes.com", true }, { "loveph.one", true }, { "lover-bg.com", true }, - { "loveread-ec.appspot.com", true }, { "loverepublic.ru", true }, { "lovesmagical.com", true }, { "lovesupremefestival.com", true }, @@ -20898,19 +21208,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lowson.ca", true }, { "loxal.net", true }, { "loxal.org", true }, + { "loyaltyondemand.club", true }, + { "loyaltyondemand.eu", true }, { "lp-support.nl", true }, - { "lpacademy.com.br", true }, { "lpt-nebreziny.eu", true }, { "lra-cloud.de", true }, - { "lrhstsa.com", true }, { "lrssystems.com", true }, { "ls-alarm.de", true }, { "lsal.me", true }, { "lsc-dillingen.de", true }, { "lsc.gov", true }, { "lshiy.com", true }, + { "lsmpx.com", true }, { "lsquo.com", true }, { "lsws.de", true }, + { "lsys.ac", true }, { "lt.search.yahoo.com", false }, { "ltaake.com", true }, { "ltecode.com", true }, @@ -20918,7 +21230,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ltls.org", true }, { "ltn-tom-morel.fr", true }, { "lu.search.yahoo.com", false }, - { "luan.ma", true }, { "luav.org", true }, { "lubar.me", true }, { "lubbockyounglawyers.org", true }, @@ -20926,15 +21237,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lubomirkazakov.com", true }, { "luc-oberson.ch", true }, { "luca.swiss", true }, - { "lucacastelnuovo.nl", true }, + { "lucacastelnuovo.nl", false }, { "lucafrancesca.me", true }, { "lucakrebs.de", true }, - { "lucasantarella.com", true }, - { "lucascantor.com", true }, + { "lucasbergen.ca", true }, { "lucasem.com", true }, { "lucasgymnastics.com", true }, { "lucaslarson.net", true }, - { "lucassoler.com.ar", true }, { "luce.life", true }, { "lucid-light.de", true }, { "lucidframeworks.com", true }, @@ -20942,12 +21251,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lucidoccult.com", true }, { "lucielavickova.com", true }, { "luckycastles.co.uk", true }, - { "luckydog.pw", true }, { "luckyfrog.hk", true }, - { "luckystarfishing.com", true }, { "luckyxf.com", true }, { "lucy.science", true }, { "lucyparsonslabs.com", true }, + { "lucysan.net", true }, + { "lucz.co", true }, { "ludek.biz", true }, { "ludikovsky.name", true }, { "ludogue.net", true }, @@ -20956,6 +21265,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ludwig.im", true }, { "ludwiggrill.de", true }, { "ludwigjohnson.se", true }, + { "ludwigpro.net", true }, { "luedeke-bremen.eu", true }, { "luehne.de", true }, { "luelistan.net", true }, @@ -20972,6 +21282,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lugui.in", true }, { "lui.pink", true }, { "luiscapelo.info", true }, + { "luisgf.es", true }, { "luismaier.de", true }, { "luisyr.com", true }, { "luizkowalski.net", true }, @@ -20992,14 +21303,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lukaszwojcik.net", true }, { "lukatz.de", true }, { "luke.ch", true }, + { "luke6887.me", true }, { "lukeistschuld.de", true }, - { "lukem.eu", true }, { "lukem.net", true }, { "lukeng.net", true }, { "lukesbouncycastlehire.com", true }, { "lukestebbing.com", true }, + { "lukesutton.info", true }, { "lukmanulhakim.id", true }, { "lukull-pizza.de", true }, + { "lumen.sh", true }, + { "lumer.tech", true }, { "lumi.pw", true }, { "lumiere.com", true }, { "luminaires-online.fr", true }, @@ -21011,9 +21325,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lunar6.ch", true }, { "lunarlog.com", true }, { "lunarshark.com", true }, - { "lunarsoft.net", true }, { "lunartail.nl", true }, { "lunasqu.ee", true }, + { "lunchbunch.me", true }, { "lune-indigo.ch", true }, { "lungta.pro", true }, { "lunidea.ch", true }, @@ -21027,6 +21341,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "luohua.im", true }, { "luongvu.com", true }, { "lupinencyclopedia.com", true }, + { "lupinenorthamerica.com", true }, { "luso-livros.net", true }, { "lusteniny.cz", false }, { "lustige-zitate.com", true }, @@ -21044,7 +21359,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "luuppi.fi", true }, { "luvare.com", true }, { "luvbridal.com.au", true }, + { "luxcraft.eng.br", true }, { "luxescreenprotector.nl", true }, + { "luxofit.de", true }, { "luxsci.com", true }, { "luxurynsight.net", true }, { "luxurytimepieces.net", true }, @@ -21058,10 +21375,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "luzfaltex.com", true }, { "lv.search.yahoo.com", false }, { "lv0.it", true }, + { "lv5.top", true }, { "lvmoo.com", true }, { "lvrsystems.com", true }, { "lw-addons.net", true }, { "lwhate.com", true }, + { "lwl.moe", true }, { "lwl12.com", true }, { "lxd.cc", true }, { "lxd.pm", true }, @@ -21089,9 +21408,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lyricfm.ie", true }, { "lys.ch", true }, { "lyst.co.uk", true }, + { "lyukaacom.ru", true }, { "lyuly.com", true }, { "lyx.dk", true }, - { "lz.sb", true }, + { "lzh.one", true }, + { "lzwc.nl", true }, { "m-22.com", true }, { "m-chemical.com.hk", true }, { "m-edmondson.co.uk", true }, @@ -21100,7 +21421,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "m-mail.fr", true }, { "m-orthodontic.com", true }, { "m-ses.fr", true }, - { "m-warrior.tk", true }, { "m.facebook.com", true }, { "m.mail.ru", true }, { "m.me", true }, @@ -21119,9 +21439,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "maaya.jp", true }, { "maayogashram.com", true }, { "mabankonline.com", true }, - { "mabulledu.net", true }, { "mac-i-tea.ch", true }, - { "mac-world.pl", true }, + { "mac.biz.tr", true }, { "mac1.net", true }, { "macaw.nl", true }, { "macaws.org", true }, @@ -21156,10 +21475,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "macosxfilerecovery.com", true }, { "macoun.de", true }, { "macros.co.jp", true }, - { "macstore.pe", true }, { "mactools.com.co", true }, + { "mad.ninja", true }, { "madae.nl", true }, - { "madandpissedoff.com", true }, { "madars.org", false }, { "madbin.com", true }, { "madbouncycastles.co.uk", true }, @@ -21171,7 +21489,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "made-in-earth.co.jp", true }, { "madebydusk.com", true }, { "madebyshore.com", true }, - { "madeglobal.com", true }, { "madeinchezmoi.net", true }, { "madeinstudio3.com", true }, { "madeitwor.se", true }, @@ -21183,8 +21500,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "madirc.net", true }, { "madmar.ee", true }, { "madoka.nu", true }, - { "madokami.net", true }, - { "madpeople.net", true }, { "madreacqua.org", true }, { "madridartcollection.com", true }, { "madtec.de", true }, @@ -21192,6 +21507,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mae-berlinistanbul.com", true }, { "maedchenflohmarkt.at", true }, { "maedchenflohmarkt.de", true }, + { "maeln.com", true }, { "maelstrom-fury.eu", true }, { "maelstrom.ninja", true }, { "maeplasticsurgery.com", true }, @@ -21230,7 +21546,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "magicspaceninjapirates.de", true }, { "magictable.com", true }, { "magicvodi.at", true }, + { "magieamour.com", true }, { "magilio.com", true }, + { "magnacarebroker.com", true }, { "magnatronic.com.br", true }, { "magneticattraction.com.au", true }, { "magnetpass.uk", true }, @@ -21240,11 +21558,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "magnoliadoulas.com", true }, { "magnoliastrong.com", true }, { "magonote-nk.com", true }, + { "magu.kz", true }, { "maguire.email", true }, { "magwin.co.uk", true }, { "mahai.me", true }, { "mahatmayoga.org", true }, { "mahefa.co.uk", true }, + { "mahjong-navi.com", true }, { "mahjong.org", true }, { "mahrer.net", true }, { "maiaimobiliare.ro", true }, @@ -21252,6 +21572,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "maiebanatulfruncea.com", true }, { "maijia800.com", true }, { "maikolfish.it", true }, + { "mail-de.jp", true }, { "mail-rotter.de", true }, { "mail-settings.google.com", true }, { "mail.com", true }, @@ -21271,7 +21592,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mailmag.net", false }, { "mailpenny.com", true }, { "mailto.space", true }, - { "mailum.org", true }, + { "mailum.org", false }, { "mainechiro.com", true }, { "mainframeserver.space", true }, { "mainlined.org", true }, @@ -21280,6 +21601,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mainzelmaennchen.net", true }, { "maioresemelhores.com", true }, { "maisgasolina.com", true }, + { "maison-haimard.fr", true }, { "maisondoree.be", true }, { "maisonpaulmier.fr", true }, { "maispa.com", true }, @@ -21296,22 +21618,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "majkassab.net", true }, { "majkassab.org", true }, { "majkl.me", true }, - { "majkl.xyz", true }, - { "majkl578.cz", true }, { "majkyto.cz", true }, + { "majolka.com", true }, { "makaleci.com", true }, + { "makalu.me", true }, { "make-your-own-song.com", true }, { "makeaboldmove.com", true }, { "makedin.net", true }, { "makem-bounce.co.uk", true }, - { "makemejob.com", true }, { "makenaiyo-fx.com", true }, { "makera.ga", true }, { "makersatwork.com", true }, { "maketheneighborsjealous.com", true }, { "makeurbiz.com", true }, - { "makeyourlaws.org", true }, + { "maki-chan.de", true }, { "makinen.ru", true }, + { "makino.games", true }, { "makkusu.photo", true }, { "makowitz.cz", true }, { "maktoob.search.yahoo.com", false }, @@ -21337,7 +21659,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "malinator.net", false }, { "malinheadview.ie", true }, { "maljaars-fotografie.nl", true }, - { "malkaso.com.ua", true }, { "mall.cz", true }, { "mall.hr", true }, { "mall.hu", true }, @@ -21345,7 +21666,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mall.sk", true }, { "mallach.net", true }, { "mallhonda.com", true }, - { "mallner.me", true }, { "mallonline.com.br", true }, { "malmoesport.se", true }, { "malnex.de", true }, @@ -21357,14 +21677,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "malware.watch", true }, { "malwareinvestigator.gov", true }, { "malwarekillers.com", true }, + { "malwaretips.com", false }, { "malwareverse.us", true }, { "maly.cz", true }, - { "maly.io", false }, { "malyshata.com", true }, { "malysvet.net", true }, { "mamaasia.info", true }, { "mamadea.be", true }, - { "mamadoma.com.ua", true }, { "mamafit.club", true }, { "mamamoet.ru", true }, { "mamanecesitaungintonic.com", true }, @@ -21375,16 +21694,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mammooc.org", true }, { "mamospienas.lt", true }, { "mamot.fr", false }, - { "mamout.xyz", true }, { "mamuko.nl", true }, - { "man3s.jp", true }, - { "manaboutahor.se", false }, + { "man3s.jp", false }, { "manach.net", true }, { "manage.cm", true }, { "manage4all.de", true }, { "manageathome.co.uk", true }, { "management-companie.ro", true }, - { "management-ethics.com", true }, { "managementboek.nl", true }, { "managementfeedback.com", true }, { "manageprojects.com", false }, @@ -21412,9 +21728,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "maniorpedi.com", true }, { "maniosglass.gr", true }, { "manipil.ch", true }, + { "maniw.com", true }, { "manja-und-martin.de", true }, { "manjaro.ru", true }, { "mankans.com", true }, + { "manneguiden.no", true }, { "mannheimbloggt.tk", true }, { "manns-solutions.co.uk", true }, { "mannschafft.ch", true }, @@ -21425,11 +21743,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mansdell.net", true }, { "mansfeld.pl", true }, { "mansiontech.cn", true }, + { "manski.net", true }, { "mantabiofuel.com", true }, { "mantor.org", false }, + { "mantra.pictures", true }, + { "manuall.co.uk", true }, { "manuall.de", true }, + { "manuall.fr", true }, { "manuall.info.tr", true }, + { "manuall.it", true }, { "manuall.ro", true }, + { "manuall.se", true }, { "manualscollection.com", true }, { "manuel-herrmann.de", true }, { "manuel-schefczyk.de", true }, @@ -21438,13 +21762,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "manueldopheide.com", true }, { "manueli.de", true }, { "manuelpinto.in", false }, - { "manufacturing.gov", true }, { "manufacturingusa.com", true }, { "manuscript.com", true }, { "manuscriptlink.com", true }, { "manutd.org.np", true }, { "manuth.life", true }, - { "manutrol.com.br", true }, { "manwithavan.co.uk", true }, { "manyetikboya.com", true }, { "manyiu.com", true }, @@ -21460,11 +21782,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "maozedong.red", true }, { "map4erfurt.de", true }, { "map4jena.de", true }, + { "mapasmundi.com.br", true }, { "mapblender.com", true }, { "mapeo.io", true }, { "maplanetebeaute.fr", true }, { "mapletime.com", true }, + { "maps.net", true }, { "mapservices.nl", true }, + { "mapstack.org", true }, { "maquettage.com", true }, { "maquillage-permanent-tatoo.com", true }, { "maquinariaspesadas.org", true }, @@ -21477,6 +21802,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "marc-schlagenhauf.de", true }, { "marcaixala.me", true }, { "marcaudefroy.com", true }, + { "marcbeije.com", true }, + { "marcberndtgen.de", true }, + { "marcceleiro.com", true }, { "marceau.ovh", true }, { "marcel-preuss.de", true }, { "marcel-veronetzki.de", true }, @@ -21486,28 +21814,28 @@ static const nsSTSPreload kSTSPreloadList[] = { { "marcelinofranchini.info", true }, { "marcelinofranchini.net", true }, { "marcelinofranchini.org", true }, + { "marcelkooiman.com", true }, { "marcelpreuss.de", true }, + { "marcelsiegert.com", true }, { "marcelwaldvogel.ch", true }, - { "marcelwiedemeier.com", true }, { "marcelwolf.coach", true }, - { "marcgoertz.de", false }, + { "marcgoertz.de", true }, { "marche-contre-monsanto.ch", true }, + { "marchukov.com", true }, + { "marchwj.pl", true }, { "marciaimportados.com.br", true }, { "marcianoandtopazio.com", true }, { "marclay.co.uk", true }, { "marco-goltz.de", true }, { "marco-hegenberg.net", true }, - { "marco-kretz.de", true }, { "marco-polo-reisen.com", true }, { "marcocasoni.com", true }, { "marcohager.de", true }, { "marcoherten.com", true }, { "marcuskoh.com", true }, - { "marcusserver.synology.me", true }, { "marcusstafford.com", true }, { "marechal-company.com", true }, { "marek.su", true }, - { "mareklecian.cz", true }, { "marelijah.org", true }, { "margagriesser.de", true }, { "margan.ch", true }, @@ -21515,7 +21843,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "margo-co.ch", true }, { "margo.ml", true }, { "margotlondon.co.uk", true }, - { "mariacristinadoces.com.br", true }, + { "marguerite-maison.fr", true }, { "mariage-photo.ch", true }, { "marianatherapy.com", true }, { "marianelaisashi.com", true }, @@ -21537,6 +21865,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "marinbusinesscenter.ch", true }, { "marine.gov", true }, { "marinekaplama.com", true }, + { "marinela.com.mx", false }, + { "marinelausa.com", false }, { "marines-shop.com", true }, { "mario.party", false }, { "marioabela.com", true }, @@ -21550,11 +21880,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "marjoleindens.be", true }, { "marjoriecarvalho.com.br", true }, { "mark-semmler.de", true }, + { "mark1998.com", true }, { "markaconnor.com", true }, { "markantoffice.com", true }, { "markbiesheuvel.nl", true }, { "markdain.net", true }, { "markdescande.com", true }, + { "markel.com.es", true }, { "markepps.com", true }, { "market.android.com", true }, { "marketespace.fr", false }, @@ -21573,15 +21905,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "markhaehnel.de", true }, { "markhenrick.site", true }, { "markholden.guru", true }, + { "markhoodphoto.com", true }, { "markido.com", true }, { "markitzeroday.com", true }, { "markkirkforillinois.com", true }, { "markkirkforsenate.com", true }, - { "marklauman.ca", true }, { "markoh.co.uk", true }, { "markom.rs", true }, { "markprof.ru", true }, - { "markri.nl", false }, + { "markri.nl", true }, + { "markridgwell.co.uk", true }, { "markridgwell.com", true }, { "markridgwellcom.appspot.com", true }, { "markscastles.co.uk", true }, @@ -21601,8 +21934,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "markusehrlicher.de", true }, { "markusgran.de", true }, { "markuskeppeler.no-ip.biz", true }, - { "markusueberallassetmanagement.de", true }, - { "markusueberallconsulting.de", true }, { "marl.fr", true }, { "marloncommunications.com", true }, { "marlonlosurdopictures.com", true }, @@ -21617,8 +21948,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "marocmail.ma", true }, { "marotero.com", true }, { "marpa-wohnen.de", true }, - { "marqperso.ch", true }, - { "marquepersonnelle.ch", true }, { "marqueswines.co.uk", true }, { "marrai.de", true }, { "marriage-shrine.jp", true }, @@ -21650,12 +21979,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "martingansler.de", true }, { "martinkus.eu", true }, { "martinmuc.de", true }, + { "martinreed.net", true }, { "martinvillalba.com", true }, { "martinvillalba.com.ar", true }, { "martinvillalba.info", true }, { "martinvillalba.net", true }, { "martinvillalba.org", true }, { "martonmihaly.hu", true }, + { "martynhare.co.uk", true }, + { "martynhare.uk", true }, { "maru-life.com", true }, { "maruhoi.com", true }, { "marustat.ru", true }, @@ -21670,11 +22002,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "masarik.sh", true }, { "masatotaniguchi.jp", true }, { "masayahost.com", true }, - { "masaze-hanka.cz", true }, { "mascosolutions.com", true }, { "masdillah.com", true }, { "maservant.net", true }, - { "mashandco.it", true }, { "mashandco.tv", true }, { "masiniunelte.store.ro", true }, { "masiul.is", true }, @@ -21691,6 +22021,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "massdrop.com", true }, { "masse.org", true }, { "massflix.com", true }, + { "massfone.com", true }, { "masshiro.blog", true }, { "massive.tk", true }, { "massoni.pl", true }, @@ -21712,13 +22043,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "masterplc.com", true }, { "masters.black", true }, { "mastersquirrel.xyz", true }, - { "mastersthesiswriting.com", true }, { "masterstuff.de", true }, { "mastiffingles.com.br", true }, { "mastodon.at", true }, { "mastodon.host", true }, { "mastodon.rocks", true }, - { "mastodon.top", true }, { "mat.tt", true }, { "matanz.de", true }, { "matatabimix.com", true }, @@ -21727,6 +22056,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "matchatea24.com", true }, { "matchboxdesigngroup.com", true }, { "matchneedle.com", true }, + { "matejgroma.com", true }, { "matel.org", true }, { "materiaischiquinho.com.br", true }, { "material-ui.com", true }, @@ -21734,6 +22064,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "materialism.com", true }, { "materialyinzynierskie.pl", true }, { "maternum.com", true }, + { "mateuszchyla.pl", true }, { "math.hamburg", true }, { "mathalexservice.info", true }, { "mathematik.rocks", true }, @@ -21743,6 +22074,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mathias.is", true }, { "mathiasbynens.be", true }, { "mathiasgarbe.de", true }, + { "mathiaswagner.org", true }, { "mathieuguimond.com", true }, { "mathieui.net", true }, { "mathis.com.tr", true }, @@ -21757,6 +22089,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "matjaz.it", true }, { "matlss.com", true }, { "matmessages.com", true }, + { "matok.me.uk", true }, { "matomeathena.com", true }, { "matoutepetiteboutique.com", true }, { "matridiana.com", true }, @@ -21766,6 +22099,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "matrixmedia.ro", true }, { "matrixreq.com", true }, { "matsu-semi.com", true }, + { "matsu-walk.com", true }, { "matt-brooks.com", true }, { "matt-royal.gr", true }, { "matt.re", true }, @@ -21783,8 +22117,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mattfin.ch", true }, { "mattforster.ca", true }, { "matthecat.com", true }, + { "matthewchapman.co.uk", true }, { "matthewfells.com", true }, { "matthewgallagher.co.uk", true }, + { "matthewgrow.com", true }, + { "matthewj.ca", true }, { "matthewkenny.co.uk", true }, { "matthewohare.com", true }, { "matthewsetter.com", true }, @@ -21800,6 +22137,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "matthijssen.info", true }, { "mattia98.org", true }, { "mattiascibien.net", true }, + { "mattlaks.com", true }, { "mattli.us", true }, { "mattmccutchen.net", true }, { "mattmcshane.com", true }, @@ -21807,12 +22145,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mattwservices.co.uk", true }, { "matviet.vn", true }, { "matway.com", true }, + { "matway.net", true }, { "matze.co", true }, { "mauerwerkstag.info", true }, { "mauldincookfence.com", true }, { "mauran.me", true }, { "maurice-walker.com", true }, { "mauricedb.nl", true }, + { "maurovacca.com", true }, { "maury-moteurs.com", true }, { "mavenclinic.com", true }, { "mavensecurity.com", true }, @@ -21839,8 +22179,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "maxdev72.freeboxos.fr", true }, { "maxfox.me", true }, { "maxhamon.ovh", true }, - { "maxhoechtl.at", true }, - { "maxicore.co.za", true }, { "maximdeboiserie.be", true }, { "maximdens.be", true }, { "maximeferon.fr", true }, @@ -21855,6 +22193,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "maxmilton.com", true }, { "maxp.info", true }, { "maxpl0it.com", true }, + { "maxr1998.de", true }, { "maxrandolph.com", true }, { "maxtruxa.com", true }, { "maxundlara.at", true }, @@ -21870,7 +22209,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mayerbrownllz.com", true }, { "mayomarquees.com", true }, { "mayopartyhire.com", true }, - { "mayoristassexshop.com", true }, { "maypolevilla.co.uk", true }, { "mayrhofer.eu.org", true }, { "mazda-mps.de", true }, @@ -21881,13 +22219,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mazternet.ru", true }, { "mazzotta.me", true }, { "mb-is.info", true }, + { "mb300sd.com", true }, + { "mb300sd.net", true }, { "mbaasy.com", true }, { "mbaestlein.de", true }, { "mbainflatables.co.uk", true }, { "mbardot.com", true }, { "mbasic.facebook.com", false }, { "mbcars.be", true }, - { "mbda.gov", true }, + { "mbda.gov", false }, { "mbeo.ch", true }, { "mbilker.us", true }, { "mbinf.de", false }, @@ -21905,7 +22245,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mc4free.cc", true }, { "mcatnnlo.org", true }, { "mccoolesredlioninn.com", true }, + { "mccordsvillelocksmith.com", true }, { "mccrackon.com", true }, + { "mcculloughjchris.com", true }, { "mcdermottautomotive.com", true }, { "mcdona1d.me", true }, { "mcdonalds.be", true }, @@ -21920,7 +22262,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mcgaccountancy.co.uk", true }, { "mcgarderen.nl", true }, { "mcgovernance.com", true }, - { "mchan.us", true }, + { "mchel.net", true }, { "mchristopher.com", true }, { "mcinterface.de", true }, { "mcivor.me", true }, @@ -21935,22 +22277,24 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mcmillanskiclub.com.au", true }, { "mcneill.io", true }, { "mcnext.net", true }, + { "mcon.se", true }, { "mcpaoffice.com", true }, - { "mcpart.land", true }, { "mcplayman.de", true }, { "mcpro.games", true }, { "mcprocdn.com", true }, - { "mcqyy.com", true }, { "mcrn.jp", true }, { "mcsinflatables.co.uk", true }, + { "mcsniper.co", true }, { "mcsrvstat.us", true }, - { "mctherealm.net", true }, { "mctools.org", true }, + { "mcuuid.net", true }, + { "mcversions.net", true }, { "mcynews.com", true }, { "mcyukon.com", true }, { "md-clinica.com.ua", true }, { "md5file.com", true }, { "md5hashing.net", true }, + { "mdazo.net", true }, { "mdbouncycastlehirelondon.co.uk", true }, { "mdcloudpracticesolutions.com", true }, { "mdcloudps.com", true }, @@ -21959,12 +22303,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mdf-bis.com", true }, { "mdg-online.de", true }, { "mdiv.pl", true }, + { "mdkr.nl", true }, { "mdlayher.com", true }, { "mdma.net", true }, { "mdmed.clinic", true }, { "mdoering.de", true }, { "mdosch.de", true }, { "mdpraha.cz", true }, + { "mds-paris.com", true }, { "mdsave.com", true }, { "mdx.no", true }, { "mdxdave.de", true }, @@ -21974,14 +22320,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "me-groups.com", true }, { "me.net.nz", true }, { "meadowfen.farm", true }, - { "meadowviewfarms.org", true }, { "mealgoo.com", true }, { "meamod.com", false }, - { "meanevo.com", true }, { "meany.xyz", true }, { "meap.xyz", true }, { "measureyourpenis.today", true }, { "meat.org.uk", true }, + { "mebaneattorney.com", true }, + { "mebanesteakhouse.com", true }, { "mecanicoautomotriz.org", true }, { "mechanus.io", true }, { "mechmk1.me", true }, @@ -21999,7 +22345,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "medhy.fr", true }, { "medi-link.co.il", true }, { "medi.com.br", true }, - { "media-courses.com", false }, { "media-credit.eu", true }, { "media-instance.ru", true }, { "media-library.co.uk", true }, @@ -22007,6 +22352,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "media-serwis.com", true }, { "mediaarea.net", true }, { "mediablaster.com", true }, + { "mediabm.jp", true }, { "mediaburst.co.uk", true }, { "mediadex.be", true }, { "mediaexpert.fr", true }, @@ -22045,20 +22391,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "medinsider.ch", true }, { "medinsider.li", true }, { "medireport.fr", true }, + { "meditel.nl", true }, { "medium.com", true }, - { "mediumraw.org", true }, + { "medja.net", true }, { "medlineplus.gov", true }, + { "medmarkt24.com", true }, { "medo64.com", true }, { "medovea.ru", true }, { "medpeer.jp", true }, { "medpics.com", true }, - { "medpot.net", true }, { "medschat.com", true }, { "medtalents.ch", true }, { "medtankers.management", true }, { "medtehnika.ua", true }, { "medusa.wtf", true }, { "meduza.io", true }, + { "medvedikorenka.cz", true }, { "medvet.com.es", true }, { "medwaybouncycastlehire.co.uk", true }, { "medyotan.ga", true }, @@ -22081,6 +22429,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "meeusen-usedcars.be", true }, { "meeztertom.nl", true }, { "meg-a-bounce.co.uk", true }, + { "mega-aukcion.ru", true }, { "mega-byte.nl", true }, { "mega-feeling.de", true }, { "mega.co.nz", true }, @@ -22103,7 +22452,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "megaplonk.com", true }, { "megarex.jp", true }, { "megasslstore.com", true }, - { "megasystem.cl", true }, + { "megauction.tk", true }, { "megaxchange.com", true }, { "megumico.net", true }, { "megustariasaber.com", true }, @@ -22163,6 +22512,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "melitopol.co.ua", true }, { "melnessgroup.com", true }, { "melnikov.ch", true }, + { "melodicprogressivehouse.com", true }, { "melodiouscode.co.uk", true }, { "melodiouscode.com", true }, { "melodiouscode.net", true }, @@ -22185,7 +22535,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "memfrob.org", true }, { "memind.net", true }, { "memiux.com", true }, - { "memo-linux.com", true }, { "memo.ee", true }, { "memoire-resistance-ariege.fr", true }, { "memorycards.ie", true }, @@ -22219,11 +22568,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mentz.info", true }, { "menu.fyi", true }, { "menudieta.com", true }, - { "menuel.me", true }, { "menuonlineordering.com", true }, { "menzel-motors.com", true }, { "menzietti.it", true }, - { "meo.de", true }, { "mephedrone.org", true }, { "mer.gd", true }, { "meransuedtirol.com", true }, @@ -22236,6 +22583,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mercedes-benz.io", true }, { "mercedes-ig.de", true }, { "mercedespartscenter.com", true }, + { "merchant-automotive.com", true }, { "mercier-auto.com", true }, { "mercier-cars.co.uk", true }, { "mercury.photo", true }, @@ -22246,12 +22594,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "merenita.eu", true }, { "merenita.net", true }, { "merenita.nl", true }, + { "meridianmetals.com", true }, { "meridianstore.com.br", true }, { "merkel.me", true }, { "merlet.eu", true }, - { "merloat.club", true }, + { "merlinsoap.com", true }, + { "merloat.club", false }, { "merojob.com", true }, { "meronberry.jp", true }, + { "merson.org", true }, + { "merson.tv", true }, { "mertak.cz", true }, { "mertarauh.com", true }, { "mertcangokgoz.com", true }, @@ -22289,6 +22641,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "metanic.services", true }, { "metanodo.com", true }, { "metapeen.nl", true }, + { "metaregistrar.com", true }, { "metasquare.com.au", true }, { "metasquare.nyc", true }, { "metaword.com", true }, @@ -22322,9 +22675,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "metropop.ch", true }, { "metsasta.com", true }, { "mettekopp.dk", true }, - { "meu-smartphone.com", true }, { "meu-solutions.com", true }, { "meujeitodigital.com.br", true }, + { "meurisse.org", true }, { "mevo.xyz", true }, { "mevs.cz", true }, { "mexican.dating", true }, @@ -22355,12 +22708,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mi-so-ji.com", true }, { "mi80.com", true }, { "miagexport.com", true }, - { "miamicityballet.org", true }, { "miaonagemi.com", true }, { "miaoubox.com", true }, { "miaowo.org", true }, { "miasarafina.de", true }, { "miboulot.com", true }, + { "mibuiin.com", true }, + { "micado-software.com", true }, { "micaiahparker.com", true }, { "micalodeal.ch", true }, { "micasamgmt.com", false }, @@ -22368,11 +22722,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "michael-schefczyk.de", true }, { "michael-steinhauer.eu", true }, { "michael.band", true }, + { "michaelasawyer.com", true }, { "michaelband.co", true }, { "michaelband.com", true }, { "michaeleichorn.com", true }, { "michaelhrehor.com", true }, { "michaeliscorp.com", true }, + { "michaelismold.com", true }, { "michaelizquierdo.com", true }, { "michaeljdennis.com", true }, { "michaelkuchta.me", true }, @@ -22380,7 +22736,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "michaelpelletterie.it", true }, { "michaelpfrommer.de", true }, { "michaelpfrommer.pub", true }, - { "michaels-homepage-service.de", true }, { "michaelschmidt.ch", true }, { "michaelschubert.com", true }, { "michaelsnoeren.nl", true }, @@ -22414,11 +22769,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "microdots.de", true }, { "microlinks.org", true }, { "microlog.org", true }, + { "micromata.de", true }, { "microsoftaffiliates.azurewebsites.net", true }, { "microvb.com", true }, { "midair.io", true }, { "midasjewellery.com.au", true }, - { "midgawash.com", true }, { "midkam.ca", true }, { "midlandgate.de", true }, { "midlandleisuresales.co.uk", true }, @@ -22426,13 +22781,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "midlandsphotobooths.co.uk", true }, { "midlgx.com", true }, { "midnight-visions.de", true }, + { "midnightmango.co.uk", true }, + { "midnightmango.de", true }, { "midnightmechanism.com", true }, { "midstatebasement.com", true }, - { "midterm.us", true }, { "midtowndentistry.com", true }, { "midwestbloggers.org", true }, { "midweststructuralrepair.com", true }, { "miegl.com", true }, + { "miembarcacion.com", true }, { "miemus.eu", true }, { "mietwohnungen-vermietung.com", true }, { "mieuxgrandir.ch", true }, @@ -22453,14 +22810,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mijcorijneveld.nl", true }, { "mijn-financien.be", true }, { "mijnavg.eu", true }, - { "mijndiad.nl", true }, { "mijnetickets.nl", false }, { "mijnetz.nl", true }, { "mijnkerstkaarten.be", true }, { "mijnreisoverzicht.nl", true }, { "mijnsite.ovh", true }, { "mijnstembureau.nl", true }, - { "mijntransacties.nl", true }, { "mika.moe", true }, { "mikadoe.nl", true }, { "mikakalathil.ca", true }, @@ -22477,18 +22832,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mikeguy.co.uk", true }, { "mikehamburg.com", true }, { "mikehilldesign.co.uk", true }, - { "mikerichards.photography", true }, + { "mikerichards.photography", false }, { "miketabor.com", true }, { "miketheuer.com", true }, { "mikevesch.com", true }, { "mikewest.org", true }, + { "mikewillia.ms", true }, { "mikewritesstuff.com", true }, - { "mikeybailey.org", true }, + { "mikhirev.ru", true }, { "mikhlevich.ru", true }, { "miki-boras.de", true }, { "miki.it", true }, { "mikkelscheike.com", true }, { "mikkelvej.dk", true }, + { "mikkonen.bio", true }, { "miklcct.com", true }, { "miknight.com", true }, { "mikonmaa.fi", true }, @@ -22511,20 +22868,30 @@ static const nsSTSPreload kSTSPreloadList[] = { { "milesapart.dating", true }, { "milhoazul.com.br", true }, { "milionshop.sk", true }, + { "milkandcookies.ca", true }, { "milkingit.co.uk", true }, + { "milktea.info", true }, { "millanova.wedding", false }, { "milldyke.com", true }, { "milldyke.nl", true }, { "millefleurs.eu", true }, { "millennium-thisiswhoweare.net", true }, + { "millenniumweb.com", false }, { "millhousenchurch.com", true }, - { "millibitcoin.jp", true }, { "millionairegames.com", true }, + { "millions57.com", true }, + { "millions58.com", true }, + { "millions60.com", true }, + { "millions61.com", true }, + { "millions62.com", true }, + { "millions63.com", true }, { "millistream.com", true }, + { "milsonhypnotherapyservices.com", true }, { "mim.properties", true }, { "mimemo.io", true }, { "mimeo.digital", true }, { "mimithedog.com", true }, + { "mimobile.website", true }, { "mimocad.io", true }, { "mimovrste.com", true }, { "min-sky.no", true }, @@ -22537,8 +22904,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mind-box.ch", true }, { "mind-hochschul-netzwerk.de", true }, { "mind-moves.es", true }, + { "mindbodycontinuum.com", true }, { "mindbodytherapymn.com", true }, - { "mindcell.no", true }, { "mindcoding.ro", true }, { "mindercasso.nl", true }, { "mindfactory.de", true }, @@ -22566,10 +22933,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "minerstat.com", true }, { "minerva2015.it", true }, { "minesouls.fr", true }, + { "minetracker.dk", true }, { "minez-nightswatch.com", false }, { "minf3-games.de", true }, { "mingky.net", true }, - { "mingkyaa.com", true }, + { "mingming.info", true }, { "mingram.net", true }, { "mingwah.ch", true }, { "mini2.fi", true }, @@ -22598,7 +22966,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "minpingvin.dk", true }, { "minschuns.ch", true }, { "mintclass.com", true }, - { "mintea-noua.ro", true }, { "mintosherbs.com", true }, { "mintrak2.com", true }, { "minu.link", true }, @@ -22620,8 +22987,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mirfire.com", true }, { "mirjamderijk.nl", true }, { "mirkofranz.de", true }, - { "mirodasilva.be", true }, { "mironet.cz", true }, + { "mirrorbot.ga", true }, { "mirrorsedgearchive.de", true }, { "mirshak.com", true }, { "mirtes.cz", true }, @@ -22630,21 +22997,23 @@ static const nsSTSPreload kSTSPreloadList[] = { { "misanci.cz", true }, { "misclick.nl", true }, { "mishkovskyi.net", true }, + { "misinstrumentos.com", true }, { "miskatonic.org", true }, { "misoji-resist.com", true }, { "misol.kr", true }, - { "misrv.com", true }, { "miss-inventory.co.uk", true }, { "miss-platinum.net", true }, { "miss.com.tw", true }, { "missdream.org", true }, { "misseguf.dk", true }, + { "missevent.pl", true }, { "missguidedus.com", true }, { "mission-orange.de", true }, { "missionsgemeinde.de", true }, { "missip.nl", true }, { "missjoias.com.br", true }, - { "misskey.xyz", false }, + { "misskey.jp", true }, + { "misskey.xyz", true }, { "missoy.me", true }, { "misssex.de", true }, { "missualready.com", true }, @@ -22655,7 +23024,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mistybox.com", true }, { "misupport.dk", true }, { "misura.re", true }, - { "misuzu.moe", true }, { "mit-uns.org", true }, { "mita.me", true }, { "mitabu.net", true }, @@ -22668,6 +23036,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mitnetz-gas.de", true }, { "mitnetz-strom.de", true }, { "mitrax.com.br", true }, + { "mitre10.com.au", true }, { "mitrecaasd.org", true }, { "mitremai.org", true }, { "mitrostudios.com", true }, @@ -22688,6 +23057,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mivzakim.net", true }, { "mivzakim.org", true }, { "mivzakim.tv", true }, + { "mivzaklive.co.il", true }, { "miweb.cr", false }, { "mixinglight.com", true }, { "mixnshake.com", true }, @@ -22699,6 +23069,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "miyugirls.com", true }, { "mizipack.com", true }, { "mizque.ch", true }, + { "mizu.coffee", true }, { "mizuho-trade.net", true }, { "mizumax.me", true }, { "mj420.com", true }, @@ -22721,9 +23092,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mkd.mk", true }, { "mkes.com", true }, { "mkg-chirurgie-bruchsal.de", true }, - { "mkg-palais-hanau.de", true }, { "mkg-scherer.de", true }, - { "mkg-wiebelskirchen.de", true }, { "mkhsoft.eu", true }, { "mkimage.com", true }, { "mkk.de", true }, @@ -22736,16 +23105,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mkse.com", true }, { "mkset.ru", true }, { "mktdigital.info", true }, + { "mktemp.org", true }, { "mkuznets.com", true }, { "mlarte.com", true }, - { "mlcambiental.com.br", true }, { "mlcnfriends.com", true }, { "mlemay.com", true }, { "mlm-worldwide.de", true }, { "mlmjam.com", true }, { "mlp.ee", true }, { "mlpvector.club", true }, - { "mlsrv.de", true }, { "mlundberg.se", true }, { "mlvbphotography.com", true }, { "mlytics.com", true }, @@ -22753,10 +23121,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mm404.com", true }, { "mma-acareporting.com", true }, { "mmalisz.com", true }, - { "mmaps.ddns.net", true }, { "mmarnitz.de", true }, { "mmbb.org", true }, - { "mmcc.pe", true }, { "mmin.us", false }, { "mmmarco.com", true }, { "mmogah.com", true }, @@ -22773,6 +23139,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mnguyen.io", true }, { "mnitro.com", true }, { "mnium.de", true }, + { "mnml.art", true }, + { "mnml.jp", true }, { "mnnknz.de", true }, { "mnsure.org", true }, { "mnt-tech.fr", true }, @@ -22782,10 +23150,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mo2021.de", true }, { "mo3.club", true }, { "moa.moe", true }, - { "moas.design", true }, { "mobag.ru", true }, { "mobal.com", true }, { "mobidea.com", true }, + { "mobifinans.ru", true }, { "mobil-bei-uns.de", true }, { "mobila-chisinau.md", true }, { "mobilcom-debitel-empfehlen.de", true }, @@ -22825,15 +23193,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "modafinil.wiki", true }, { "modafo.com", true }, { "modalogi.com", true }, - { "modalrakyat.com", true }, - { "modalrakyat.id", true }, { "modcasts.video", true }, { "modcentral.pw", true }, { "modding-forum.com", true }, { "modding-welt.com", true }, { "mode-hautnah.de", true }, { "mode-individuell.de", true }, - { "modecaso.com", true }, { "modehaus-marionk.de", true }, { "modelcase.co.jp", false }, { "modelclub-draveil.eu", true }, @@ -22848,19 +23213,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "moderatorenpool.org", true }, { "modernapprenticeships.org", true }, { "moderncoinmart.com", true }, - { "moderntld.net", true }, { "modifiedmind.com", true }, { "modistry.com", true }, { "modistryusercontent.com", true }, { "modmountain.com", true }, { "modosaude.com.br", true }, { "module.market", true }, + { "modulex-gmbh.de", true }, { "moechel.com", true }, { "moefactory.com", true }, - { "moehrke.cc", true }, { "moeking.me", true }, { "moellers.systems", true }, { "moetrack.com", true }, + { "moeyoo.net", true }, + { "moeyun.net", true }, { "mofohome.dyndns.org", true }, { "moha-swiss.com", true }, { "mohanmekap.com", true }, @@ -22876,6 +23242,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mojeco2.cz", true }, { "mojefedora.cz", true }, { "mojilitygroup.com", true }, + { "mojizuri.com", true }, { "mojnet.eu", true }, { "mojnet.net", true }, { "mojoco.co.za", true }, @@ -22890,12 +23257,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "molecularbiosystems.org", true }, { "molinero.xyz", true }, { "mollaretsmeningitis.org", true }, - { "molokai.org", true }, { "molti.hu", true }, { "molun.net", false }, { "molunerfinn.com", true }, { "molwick.com", true }, - { "momento.co.id", true }, { "momentumdash.com", true }, { "momirfarooq.com", true }, { "momjoyas.com", true }, @@ -22912,7 +23277,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "monaco-automaten.de", true }, { "monad.io", true }, { "monakasatmasr.com", true }, - { "monalisa.wtf", true }, { "monalyse.com", true }, { "monarchcleanersnc.com", true }, { "monbudget.org", true }, @@ -22922,7 +23286,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mondial-movers.nl", true }, { "mondo-it.ch", true }, { "moneni.com", true }, + { "moneoci.com.br", true }, { "moneybird.com", true }, + { "moneybird.nl", true }, { "moneychangersoftware.com", true }, { "moneycredit.eu", true }, { "moneygo.se", true }, @@ -22944,29 +23310,24 @@ static const nsSTSPreload kSTSPreloadList[] = { { "monkeyhill.us", true }, { "monkeytek.ca", true }, { "monkieteel.com", true }, - { "monkieteel.nl", true }, { "monlabs.com", true }, { "monloyer.quebec", true }, { "monnyonle.hu", true }, { "mono.cafe", true }, { "mono0x.net", true }, { "monobank.no", true }, - { "monodukuri.cafe", true }, { "monodukuri.com", true }, - { "monodzukuri.cafe", true }, - { "monokoo.com", true }, { "monolithapps.com", true }, { "monolithindustries.com", true }, { "monolithinteractive.com", true }, { "monothesis.com", true }, + { "monotributo.online", true }, { "monoworks.co.jp", true }, - { "monozukuri.cafe", true }, { "monpc-pro.fr", true }, { "monpermismoto.com", true }, { "monpermisvoiture.com", true }, { "monpetitforfait.com", true }, { "monpetitmobile.com", true }, - { "monsieurbureau.com", true }, { "monsieursavon.ch", true }, { "monstermashentertainments.co.uk", true }, { "montage-kaika.de", true }, @@ -22996,6 +23357,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "moolah.rocks", true }, { "moon.fish", true }, { "moonagic.com", true }, + { "moonagic.io", true }, { "moonbot.io", true }, { "moondrop.org", true }, { "moonkin.eu", true }, @@ -23003,8 +23365,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "moonmelo.com", true }, { "moonraptor.co.uk", true }, { "moonraptor.com", true }, - { "moonrhythm.info", true }, - { "moonrhythm.io", true }, { "moonshyne.org", true }, { "moontaj.com", true }, { "moonvpn.org", true }, @@ -23050,6 +23410,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "morganino.it", true }, { "morgansleisure.co.uk", true }, { "morgner.com", true }, + { "morhys.com", true }, { "moritz-baestlein.de", true }, { "moritztremmel.de", true }, { "moriz.de", true }, @@ -23059,6 +23420,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "morningstar.moe", true }, { "morphy2k.io", true }, { "morrisby.com", true }, + { "morrodafumacanoticias.com.br", true }, { "morteruelo.net", true }, { "mortgagecalculator.biz", true }, { "mortgagecentersmo.com", true }, @@ -23072,6 +23434,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mosin.org", true }, { "moskeedieren.nl", true }, { "mosos.de", true }, + { "mosquitojoe.com", true }, { "mosscade.com", true }, { "mosshi.be", true }, { "mosstier.com", true }, @@ -23092,11 +23455,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "motifstudio.com.ua", true }, { "motionless.nl", true }, { "motiweb.fr", true }, + { "motocollection.pl", true }, { "motohell.com", true }, { "motojato.com.br", true }, { "motonauticaibiza.com", true }, { "motoreflex.com", true }, - { "motornomaslo.bg", true }, { "motorpointarenacardiff.co.uk", true }, { "motorring.ru", true }, { "motorsplus.com", false }, @@ -23104,19 +23467,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "motosikletevi.com", true }, { "motostorie.blog", false }, { "motovated.co.nz", true }, - { "motovio.de", true }, { "motowilliams.com", true }, { "motstats.co.uk", true }, { "mottomortgage.com", true }, - { "moube.fr", true }, { "moucloud.cn", true }, { "moulinaparoles.ca", true }, - { "mountain-rock.ru", true }, { "mountainactivitysection.org.uk", true }, { "mountainroseherbs.com", true }, { "mountfarmer.de", true }, { "mousemessages.com", true }, { "moutiezhaller.com", true }, + { "move.mil", true }, { "moveek.com", true }, { "moveisfit.com.br", true }, { "moveltix.net", true }, @@ -23125,13 +23486,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "movie-cross.net", true }, { "movie-infos.net", true }, { "movie1000.com", true }, - { "movie4kto.site", true }, { "movie4kto.stream", true }, { "movieboost.nl", true }, { "moviedeposit.com", true }, { "moviefreeze.com", true }, { "movieguys.org", true }, - { "movienang.com", true }, { "movienized.de", true }, { "moviepilot.com", true }, { "moviesetc.net", true }, @@ -23140,6 +23499,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "movimento-terra.it", true }, { "movinglogistics.nl", false }, { "movingtohttps.com", true }, + { "movingtojapan.life", true }, { "movlib.org", true }, { "moy.cat", true }, { "moyer.pub", true }, @@ -23148,10 +23508,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "moysovet.info", true }, { "mozartgroup.hu", true }, { "mozektevidi.net", true }, - { "mozgb.ru", true }, { "mozilla.cz", true }, { "mozzez.de", true }, - { "mp3gratuiti.com", true }, { "mpa-pro.fr", true }, { "mpac.ca", false }, { "mpc-hc.org", true }, @@ -23161,26 +23519,27 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mpg-universal.com", true }, { "mpg.ovh", true }, { "mpgaming.pro", true }, + { "mphoto.at", true }, { "mpintaamalabanna.it", true }, { "mpkrachtig.nl", true }, { "mplanetphl.fr", true }, { "mplant.io", true }, { "mplicka.cz", true }, { "mplusm.eu", true }, - { "mpn.poker", true }, { "mpnpokertour.com", true }, { "mpodraza.pl", true }, { "mpreserver.com", true }, { "mprsco.eu", true }, { "mpsgarage.com.au", true }, { "mpsoundcraft.com", true }, + { "mpu-giessen.com", true }, + { "mpu-vorbereitung.com", true }, { "mpy.ovh", true }, { "mqas.net", true }, { "mr-anderson.org", true }, { "mr-designer-oman.com", true }, { "mr-labo.jp", true }, - { "mr-nachhilfe.de", true }, - { "mr-wolf.nl", true }, + { "mr-wolf.nl", false }, { "mr3.io", true }, { "mrazek.biz", true }, { "mrbmafrica.com", true }, @@ -23194,16 +23553,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mrdayman.com", true }, { "mremallin.ca", true }, { "mrevolution.eu", true }, + { "mrgiveaways.com", true }, { "mrinalpurohit.in", true }, + { "mrjhnsn.com", true }, { "mrjooz.com", true }, { "mrkapowski.com", true }, + { "mrketolocksmith.com", true }, { "mrknee.gr", true }, { "mrkrabat.de", true }, - { "mrksk.com", true }, { "mrmoregame.de", true }, { "mrnh.de", true }, - { "mrpropop.com", true }, + { "mrning.com", true }, + { "mrprintables.com", true }, { "mrs-labo.jp", true }, + { "mrsbairds.com", false }, { "mrserge.lv", true }, { "mrsk.me", true }, { "mrstat.co.uk", true }, @@ -23227,7 +23590,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "msmails.de", true }, { "msnr.net", true }, { "msopopop.cn", true }, - { "msp66.de", false }, { "mspsocial.net", true }, { "msquadrat.de", true }, { "msroot.de", true }, @@ -23235,6 +23597,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mstdn.blue", true }, { "mstdn.club", true }, { "mstdn.fr", true }, + { "mstdn.io", true }, { "mstdn.onl", false }, { "msuna.net", true }, { "msv-limpezas.pt", true }, @@ -23255,20 +23618,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mthrbrd.net", true }, { "mths.be", false }, { "mticareportal.com", true }, + { "mtiryaki.com", true }, { "mtlconcerts.com", true }, { "mtltransport.com", true }, { "mtnz.co.za", true }, { "mtouch.facebook.com", false }, { "mtr.md", true }, - { "mtrock.ru", true }, + { "mtrip.com", true }, { "mts-energia.eu", true }, { "mts-server.com", true }, { "mtsolar.es", true }, { "mu.search.yahoo.com", false }, { "muabannhanh.com", false }, - { "muahahahaha.co.uk", true }, { "mubiflex.nl", true }, - { "muchohentai.com", true }, { "muckingabout.eu", true }, { "muckrack.com", true }, { "mucmail.de", true }, @@ -23282,15 +23644,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "muellapp.com", true }, { "muenchberger.com", true }, { "muenzubi.de", true }, - { "muffet.pw", true }, { "mufibot.net", true }, { "muguayuan.com", true }, { "muh.io", true }, + { "muitadica.com", true }, { "muk-kobetsu.com", true }, { "mulaccosmetics.com", true }, { "mulaisehat.com", true }, { "mulej.net", true }, - { "mulheres18.com", true }, { "muling.lu", true }, { "mullens-usedcars.be", true }, { "multi-vpn.biz", true }, @@ -23314,7 +23675,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "multitek.no", true }, { "multitenantlaravel.com", true }, { "multitheftauto.com", true }, - { "multiworldsoftware.com", true }, { "multizone.games", true }, { "multrier.fr", true }, { "mumakil.fi", true }, @@ -23323,11 +23683,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mumolabs.com", true }, { "munch.me", true }, { "munchcorp.com", true }, - { "mundoadulto.com.br", true }, { "mundoarabe.com.br", true }, { "mundodasmensagens.com", true }, { "mundokinderland.com.br", true }, { "mundolarraz.es", true }, + { "mundomagicotv.com", true }, { "mundschenk.at", true }, { "mundtec.com.br", true }, { "munduch.cz", true }, @@ -23345,9 +23705,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "murgi.de", true }, { "murmel.it", false }, { "murof.com.br", true }, + { "murray.xyz", true }, { "murzik.space", true }, + { "musaccostore.com", true }, { "muscle-tg.com", true }, - { "muscleangels.com", true }, { "musclecarresearch.com", true }, { "muscolinomusic.com", true }, { "musearchengine.com", true }, @@ -23379,6 +23740,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "musikzentrale.net", true }, { "musketonhaken.nl", false }, { "muslim.singles", true }, + { "musmann.io", true }, { "muspla.com", true }, { "muspla.com.br", true }, { "musselsblog.com", true }, @@ -23398,15 +23760,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "muthai.in.th", true }, { "mutuals.cool", true }, { "mutuelle.fr", true }, + { "muusika.fun", true }, { "muusikoiden.net", true }, { "muwatenraqamy.org", true }, { "muzeumkomiksu.eu", true }, { "muzhijy.com", true }, - { "muzi.cz", true }, { "muzikantine.nl", true }, { "mv-wohnen.de", true }, { "mvandek.nl", true }, { "mvbits.com", true }, + { "mvisioncorp.com", true }, { "mvno.io", true }, { "mvp-stars.com", true }, { "mw.search.yahoo.com", false }, @@ -23415,15 +23778,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mwavuli.co.ke", true }, { "mwba.org", true }, { "mwe.st", true }, + { "mwezi-foundation.org", true }, + { "mwezi.org", true }, { "mwohlfarth.de", true }, { "mwtdev.se", true }, { "mww.moe", true }, + { "mx.org.ua", true }, { "mx.search.yahoo.com", false }, { "mx5international.com", true }, { "mxihan.xyz", true }, { "mxn8.com", true }, { "mxp.tw", true }, { "my-aftershave-store.co.uk", true }, + { "my-best-wishes.com", true }, { "my-cdn.de", true }, { "my-contract.ch", true }, { "my-contract.info", true }, @@ -23454,12 +23821,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "myaggic.com", true }, { "myalliancechurch.com", true }, { "myamend.com", true }, + { "myamihealth.com", true }, { "myamity.info", true }, { "myammo.ru", true }, { "myanimelist.net", true }, { "myapexcard.com", true }, - { "myappliancerepairhouston.com", true }, - { "myartsway.com", true }, { "mybagofcoffee.com", true }, { "mybb.com", true }, { "mybb.de", true }, @@ -23476,6 +23842,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mycieokien.info", false }, { "mycinema.pro", true }, { "mycircleworks.com", true }, + { "myclasscam.com", true }, + { "myclasscam.org", true }, { "myclinicalstudybuddy.com", true }, { "mycloud-system.com", true }, { "mycofairtrade.com", true }, @@ -23530,6 +23898,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mygeotrip.com", true }, { "mygigabitnation.com", true }, { "mygignation.com", true }, + { "mygirlfriendshouse.com", true }, { "mygoldennetwork.com", true }, { "mygreatjobs.de", true }, { "mygreatlakes.org", true }, @@ -23540,9 +23909,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "myhatsuden.jp", true }, { "myhealthreviews.com", true }, { "myhollywoodnews.com", true }, - { "myhostname.net", true }, + { "myhome-24.pl", true }, { "myimds.com", true }, { "myimmitracker.com", true }, + { "myinvite.nl", true }, { "myipaddr.de", true }, { "myipv4.de", true }, { "myjudo.net", true }, @@ -23554,6 +23924,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mylawyer.be", true }, { "myleanfactory.de", true }, { "mylifeabundant.com", true }, + { "mylittlechat.ru", true }, { "myliveupdates.com", true }, { "mylookout.com", false }, { "mylstrom.com", true }, @@ -23564,19 +23935,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mymed.de", true }, { "mymed.eu", true }, { "mymedz.nl", true }, + { "mymixtapez.com", true }, { "mymommyworld.com", true }, { "mymotor.nl", true }, { "myms.eu", true }, + { "mymun.com", true }, { "mymun.net", true }, { "mymusiclist.alwaysdata.net", true }, { "mymx.lu", true }, { "myna.go.jp", true }, { "mynameistavis.com", true }, - { "mynetworkingbuddy.com", true }, { "mynext.events", true }, { "mynextmove.org", true }, { "mynn.io", true }, - { "mynook.info", true }, + { "mynook.info", false }, { "mynortherngarden.com", true }, { "myonline.hu", true }, { "myoptumhealthcomplexmedical.com", true }, @@ -23599,6 +23971,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mypcqq.cc", true }, { "myperfecthome.ca", true }, { "myperfumecollection.com", true }, + { "myperks.in", true }, { "myphotoshopbrushes.com", true }, { "mypillcard.com", true }, { "myplaceonline.com", true }, @@ -23644,6 +24017,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "myrepublic.nz", true }, { "myrepublic.ph", true }, { "myrepublic.rocks", true }, + { "myrepublic.run", true }, { "myrepublic.tk", true }, { "myrepublic.tv", true }, { "myrepublic.tw", true }, @@ -23666,6 +24040,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "myriadof.com", true }, { "myrig.com", true }, { "myrig.com.ua", true }, + { "myrig.net", true }, { "myrig.ru", true }, { "myrotvorets.center", true }, { "myrp.co", true }, @@ -23693,13 +24068,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "myssl.com", true }, { "mystatus24.com", false }, { "mysteriouscode.io", true }, + { "mysterydata.com", true }, { "mysterymind.ch", true }, { "mysterysear.ch", true }, { "mystic-welten.de", true }, { "mystickphysick.com", true }, { "mysticplumes.com", true }, { "mystorymonster.com", true }, - { "mystown.org", true }, { "mystudycart.com", true }, { "mysupboard.de", true }, { "myswissmailaddress.com", true }, @@ -23708,6 +24083,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mythengay.ch", true }, { "mythicdelirium.com", true }, { "myting.net", true }, + { "mytraiteurs.com", true }, { "mytripcar.co.uk", true }, { "mytripcar.com", true }, { "mytripcar.de", true }, @@ -23735,17 +24111,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mywebinar.io", true }, { "mywebpanel.eu", true }, { "mywebpanel.nl", true }, + { "myweddingreceptionideas.com", true }, { "myworkinfo.com", false }, { "myworth.com.au", true }, + { "myxnr.com", true }, { "myyubikey.net", true }, { "myyubikey.org", true }, { "myzina.cz", false }, { "mz-mz.net", true }, { "mzh.io", true }, + { "mziulu.me", false }, { "mznet.de", true }, + { "mzzj.de", true }, { "n-a.date", true }, { "n-design.de", true }, - { "n-kanazawa.jp", true }, { "n-m.lu", true }, { "n-man.info", true }, { "n-pix.com", false }, @@ -23754,18 +24133,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "n0paste.tk", false }, { "n0psled.nl", true }, { "n26.com", true }, - { "n2host.eu", true }, - { "n3twork.net", true }, + { "n2servers.com", true }, { "n4v.eu", true }, { "n5118.com", true }, { "n6a.net", true }, { "n7.education", true }, + { "n8mgt.com", true }, + { "n8nvi.com", true }, + { "n8solutions.net", true }, { "na-school.nl", true }, { "naam.me", true }, { "nabaleka.com", true }, { "nabankco.com", true }, { "nabidkamajetku.cz", true }, { "nabytek-valmo.cz", true }, + { "nacfit.com", true }, { "nachsendeauftrag.net", true }, { "nachsenden.info", true }, { "nachtmuziek.info", true }, @@ -23775,7 +24157,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nadejeproninu.cz", true }, { "nadelholzkulturen.de", true }, { "nadine-chaudier.net", true }, - { "nadyaolcer.fr", true }, + { "nadsandgams.com", true }, { "nafod.net", true }, { "naga-semi.com", true }, { "nagashi.ma", false }, @@ -23783,14 +24165,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nagb.gov", true }, { "nagb.org", true }, { "nagel-dentaltechnik.de", true }, - { "nagelfam.com", true }, { "naggie.net", true }, { "nah.nz", true }, { "nah.re", true }, { "nahura.com", true }, { "nailattitude.ch", true }, { "nailchiodo.com", true }, - { "nailedithomebuilders.com", true }, { "nailsalon-aztplus.com", true }, { "nairobibusinessreview.com", true }, { "najany.de", true }, @@ -23798,13 +24178,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "najany.fr", true }, { "najany.nl", true }, { "najany.se", true }, - { "nakada4610.com", true }, + { "nakalabo.jp", true }, { "nakama.tv", true }, { "nakandya.com", true }, + { "nakanishi-paint.com", true }, + { "nakayama.systems", true }, { "nakedalarmclock.me", true }, { "nakedtruthbeauty.com", true }, + { "nakene.com", true }, { "nakliyatsirketi.biz.tr", true }, - { "nako.no", true }, { "nalepky-na-zed.cz", true }, { "nalepte.cz", true }, { "nalexandru.xyz", true }, @@ -23816,7 +24198,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nameid.org", true }, { "namepros.com", true }, { "namereel.com", true }, - { "namethatporn.com", true }, + { "namethissymbol.com", true }, { "nametiles.co", true }, { "nami.bo", true }, { "nami.exchange", true }, @@ -23828,14 +24210,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "namu.moe", true }, { "namu.wiki", true }, { "namuwikiusercontent.com", true }, - { "nanami.moe", true }, { "nanarose.ch", true }, { "nanch.com", true }, { "nandex.org", true }, { "nange.co", true }, { "nankiseamansclub.com", true }, { "nanofy.org", true }, - { "nanogi.ga", true }, { "nanotechnologist.com", true }, { "nanotechtorsion.com", true }, { "nanovolt.nl", true }, @@ -23851,6 +24231,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "naphogar.com", true }, { "napisdata.us", true }, { "napolinissanctparts.com", true }, + { "nappynko.com", true }, { "narada.com.ua", true }, { "narakenkoland.net", true }, { "naralogics.com", true }, @@ -23883,6 +24264,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nastoletni.pl", true }, { "nataldigital.com", true }, { "nataliedawnhanson.com", true }, + { "natanaelys.com", false }, { "natation-nsh.com", false }, { "natatorium.org", true }, { "natchmatch.com", true }, @@ -23906,11 +24288,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nationalpriorities.org", true }, { "nationaltaxprep.com", true }, { "nationaltrails.ru", true }, + { "nationwiderealtyinvestors.com", true }, { "natives-team.ch", true }, { "nativs.ch", true }, { "natlec.com", true }, { "natropie.pl", true }, { "natsumihoshino.com", true }, + { "natur.com", true }, + { "natura-sense.com", true }, + { "naturalhealthcures.net", true }, { "naturalkitchen.co.uk", true }, { "naturalspacesdomes.com", true }, { "naturaum.de", true }, @@ -23930,8 +24316,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nausicaahotel.it", true }, { "nautiljon.com", true }, { "nautsch.de", true }, - { "navdeep.ca", true }, - { "navenlle.com", false }, + { "navarralanparty.org", true }, + { "navenlle.com", true }, { "navienna.com", true }, { "navient.com", true }, { "navigate-it-services.de", false }, @@ -23940,9 +24326,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "navycs.com", true }, { "nawir.de", true }, { "nayahe.ru", true }, + { "nayami64.xyz", true }, { "nayanaas.com", true }, { "nazevfirmy.cz", true }, { "nazigol.com", true }, + { "nazukebanashi.com", true }, { "nazuna.blue", true }, { "nb.zone", true }, { "nb6.de", true }, @@ -24003,12 +24391,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nbgrooves.de", true }, { "nbhorsetraining.com", true }, { "nbib.gov", true }, - { "nbl.org.tw", true }, { "nbp.com.pk", true }, { "nbrain.de", true }, { "nbrii.com", true }, { "nbriresearch.com", true }, - { "nbtparse.org", true }, { "nbur.co.uk", true }, { "nc-beautypro.fr", true }, { "nc-formation.fr", true }, @@ -24025,6 +24411,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nchangfong.com", true }, { "nchponline.org", true }, { "ncic.gg", true }, + { "ncloud.freeddns.org", true }, { "nclvle.co.uk", true }, { "ncm-malerbetrieb.de", true }, { "ncsc.gov.uk", true }, @@ -24036,7 +24423,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ndeoffshore.com", true }, { "nder.be", true }, { "ndhlink.com", true }, - { "ndmath.club", true }, { "ndpbrn-research.org", true }, { "nds-helicopter.de", true }, { "ndy.sex", true }, @@ -24058,6 +24444,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nebuluxcapital.com", true }, { "necessaryandproportionate.net", true }, { "necessaryandproportionate.org", true }, + { "nechiactua.com", true }, { "necormansir.com", true }, { "nectarleaf.com", true }, { "nedcdata.org", true }, @@ -24075,6 +24462,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "neemzy.org", true }, { "neet-investor.biz", true }, { "nefertitis.cz", true }, + { "neffat.si", true }, { "neflabs.com", true }, { "neftis.es", true }, { "neg9.org", false }, @@ -24096,7 +24484,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nejlevnejsi-parapety.cz", true }, { "neko-nyan-nuko.com", true }, { "neko-nyan.org", true }, - { "neko.ml", true }, { "nekodex.net", true }, { "nekolove.jp", true }, { "nekomimi.pl", true }, @@ -24110,7 +24497,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nellacms.com", true }, { "nellacms.org", true }, { "nellafw.org", true }, - { "nemanja.top", true }, { "nemcd.com", true }, { "nemecl.eu", true }, { "nemez.net", true }, @@ -24128,7 +24514,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "neodrive.ch", true }, { "neoedresources.org", true }, { "neoeliteconsulting.com", true }, - { "neojames.me", true }, { "neojo.org", true }, { "neokobe.city", true }, { "neolaudia.es", true }, @@ -24138,8 +24523,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "neonknight.ch", true }, { "neons.org", true }, { "neophilus.net", true }, + { "neos.co.jp", true }, { "neosdesignstudio.co.uk", true }, { "neostralis.com", true }, + { "neowa.tk", true }, { "neowlan.net", true }, { "neoxcrf.com", true }, { "neoz.com.br", true }, @@ -24153,7 +24540,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nepremicnine.click", true }, { "nepremicnine.net", true }, { "nepustil.net", false }, - { "nerdbox.cc", true }, { "nerdhouse.io", true }, { "nerdmind.de", true }, { "nerdoutstudios.tv", true }, @@ -24206,6 +24592,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nethunter.top", true }, { "netki.com", true }, { "netlentes.com.br", true }, + { "netlocal.ru", true }, { "netmagicas.com.br", true }, { "netmeister.org", true }, { "netnik.de", true }, @@ -24216,7 +24603,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "netrider.net.au", false }, { "netrogue.ninja", true }, { "netronix.be", true }, - { "netronome.com", true }, + { "netsec.cloud", true }, { "netsigna.de", true }, { "netsite.dk", true }, { "netsoins.org", true }, @@ -24224,6 +24611,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "netsparker.com.tr", true }, { "netspeedia.net", true }, { "netsphere.cz", true }, + { "nettacompany.com.tr", true }, { "nettamente.com", true }, { "nette.org", true }, { "nettegeschenke.de", true }, @@ -24240,15 +24628,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "netwarc.eu", true }, { "netwarc.nl", true }, { "netweaver.uk", true }, + { "network-midlands.co.uk", true }, + { "network-midlands.uk", true }, { "network-notes.com", true }, { "network23.nl", true }, { "networkersdiary.com", true }, + { "networking-groups.co.uk", true }, { "networking4all.com", true }, - { "networking4all.net", true }, { "networkingnexus.net", true }, { "networkingphoenix.com", true }, + { "networkmidlands.co.uk", true }, + { "networkmidlands.uk", true }, + { "networkmon.net", true }, { "networkposting.com", true }, { "networth.at", true }, + { "networx-online.de", true }, + { "netz-yokohama.co.jp", true }, { "netzfabrik.com", true }, { "netzfrauen.org", true }, { "netzwerkwerk.de", true }, @@ -24268,7 +24663,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "neurozentrum-zentralschweiz.ch", true }, { "neutralox.com", false }, { "neuwal.com", true }, - { "neva.li", true }, { "never.pet", true }, { "nevergreen.io", true }, { "nevermore.fi", true }, @@ -24285,7 +24679,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "new-process.eu", true }, { "new.travel.pl", true }, { "newaccess.ch", true }, - { "newbieboss.com", false }, + { "newbasemedia.us", true }, { "newbietech.cn", false }, { "newborncryptocoin.com", false }, { "newburybouncycastles.co.uk", true }, @@ -24301,8 +24695,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "newcloudwhodis.com", true }, { "newcreamforface.com", true }, { "newday.host", true }, - { "newdeveloper.download", true }, { "newearth.press", true }, + { "newfangledscoop.com", true }, { "newfiepedia.ca", true }, { "newgrowbook.com", true }, { "newguidance.ch", true }, @@ -24311,13 +24705,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "newjianzhi.com", true }, { "newkaliningrad.ru", true }, { "newknd.com", true }, + { "newlifeband.de", true }, { "newmarketbouncycastlehire.co.uk", true }, { "newmed.com.br", true }, { "newmediaone.net", true }, { "newmovements.net", true }, { "newodesign.com", true }, { "newpathintegratedtherapy.com", true }, - { "newpoke.net", true }, + { "newposts.ru", true }, { "newreleases.io", true }, { "news47ell.com", true }, { "newsa2.com", true }, @@ -24326,11 +24721,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "newsmotor.info", true }, { "newspsychology.com", true }, { "newstone-tech.com", true }, + { "newsyslog.org", true }, { "newtonproject.org", true }, { "newtrackon.com", true }, { "newvehicle.com", true }, { "nex.sx", true }, - { "nexgeneration-solutions.com", true }, { "nexicafiles.com", true }, { "nexril.net", true }, { "next-web.ad.jp", true }, @@ -24344,9 +24739,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nextend.net", true }, { "nextend.org", true }, { "nextevolution.co.uk", true }, + { "nextgen.sk", true }, { "nextgencel.com", true }, + { "nextgenthemes.com", true }, { "nextgreatmess.com", true }, { "nexthop.jp", true }, + { "nextiot.de", true }, { "nextmbta.com", true }, { "nextme.se", true }, { "nextnely.com", true }, @@ -24355,6 +24753,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nextstep-labs.gr", true }, { "nexttv.co.il", true }, { "nexus-exit.de", true }, + { "nexus-vienna.at", true }, { "nexusconnectinternational.eu", true }, { "nexwebsites.com", true }, { "nexxus-sistemas.net.br", true }, @@ -24364,12 +24763,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nf4.net", true }, { "nf9q.com", true }, { "nfe-elektro.de", true }, - { "nfhome.be", true }, { "nfir.nl", true }, { "nfl.dedyn.io", true }, { "nfl.duckdns.org", true }, { "nflmocks.com", true }, - { "nfls.io", true }, + { "nflsic.org", true }, { "nfluence.org", true }, { "nframe.io", true }, { "nfrost.me", true }, @@ -24377,6 +24775,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nfz.moe", true }, { "ng-musique.com", true }, { "ngasembaru.com", true }, + { "ngc.gov", false }, { "nghe.net", true }, { "nginxconfig.com", true }, { "nginxconfig.io", true }, @@ -24388,7 +24787,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nhchalton.com", true }, { "nhgteam.hu", true }, { "nhimf.org", true }, - { "nhliberty.org", true }, { "nhome.ba", true }, { "nhsolutions.be", true }, { "nhw.ovh", true }, @@ -24411,7 +24809,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nicesco.re", true }, { "nicestudio.co.il", false }, { "nichijou.com", true }, - { "nicholasperkins.io", true }, { "nicholaspruss.com", true }, { "nicholasquigley.com", true }, { "nicholaswilliams.net", true }, @@ -24422,14 +24819,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nickcraver.com", true }, { "nickdekruijk.nl", true }, { "nickguyver.com", true }, + { "nickhitch.co.uk", true }, { "nickloose.de", true }, { "nicklord.com", true }, { "nickmorri.com", true }, { "nickplotnek.co.uk", true }, { "nickrickard.co.uk", true }, + { "nicks-autos.com", true }, { "nickscomputers.nl", true }, { "nickserve.com", true }, { "nickstories.de", true }, + { "nicktheitguy.com", true }, { "niclasreich.de", true }, { "nicn.me", true }, { "nico.st", true }, @@ -24444,6 +24844,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nicolasiung.me", true }, { "nicolaszambetti.ch", true }, { "nicolaw.uk", true }, + { "nicolemathew.com", true }, { "nicoleoquendo.com", true }, { "niconico.ooo", true }, { "niconode.com", false }, @@ -24475,13 +24876,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "niesstar.com", true }, { "nietzsche.com", true }, { "nieuwslagmaat.nl", true }, - { "niffler.software", true }, { "niftiestsoftware.com", true }, { "nigelwakefield.com", true }, { "nigensha.co.jp", true }, { "niggemeier.cc", true }, { "nigger.racing", true }, - { "niggo.eu", true }, { "night2stay.cn", true }, { "night2stay.com", true }, { "night2stay.de", true }, @@ -24494,6 +24893,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nightsi.de", true }, { "nightstand.io", true }, { "nightwinds.tk", true }, + { "nigt.cf", true }, { "nihon-no-sake.net", true }, { "nijiero-ch.com", false }, { "nijikata.com", true }, @@ -24506,13 +24906,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nikkasystems.com", true }, { "nikkila.me", true }, { "nikklassen.ca", true }, - { "niklas.host", true }, { "niklas.pw", true }, { "niklasanderson.com", true }, { "niklasbabel.com", true }, { "nikolasgrottendieck.com", true }, { "nikomo.fi", false }, { "nikoninframe.co.uk", true }, + { "nikonlibrary.co.uk", true }, + { "nikonnps.co.uk", true }, { "nikonpromotions.co.uk", true }, { "nikonschool.co.uk", true }, { "nikz.in", true }, @@ -24521,7 +24922,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "niles.xyz", true }, { "nilrem.org", true }, { "nimeshjm.com", true }, - { "nimidam.com", true }, { "nina-laaf.de", true }, { "ninaforever.com", true }, { "ninarinaldi.com.br", true }, @@ -24535,9 +24935,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ninetaillabs.xyz", true }, { "ninfora.com", true }, { "ninja-galerie.de", true }, + { "ninja-skillz.com", true }, { "ninjaworld.co.uk", true }, { "ninjio.com", true }, { "ninov.de", true }, + { "ninreiei.jp", true }, { "nintendoforum.no", true }, { "ninth.cat", true }, { "ninthfloor.org", true }, @@ -24545,29 +24947,26 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nipax.cz", true }, { "nipe-systems.de", true }, { "nippon-oku.com", true }, - { "nippon.fr", true }, { "niqex.com", true }, - { "nirjharstudio.com", true }, { "nirjonmela.com", true }, { "nirjonmela.net", true }, { "nirudo.me", true }, - { "nirvanashop.com", true }, { "nissanofbismarckparts.com", true }, - { "nitaonline.org", true }, { "nitifilter.com", true }, + { "nitix.games", true }, { "nitrix.me", true }, - { "nitrohorse.com", true }, + { "nitrohorse.com", false }, { "nitrokey.com", true }, { "nitropanel.com", true }, { "nitropur.com", true }, { "nitropur.de", true }, { "nitrous-networks.com", true }, + { "nitschinger.at", true }, { "niu.moe", true }, - { "niva.synology.me", true }, { "nivi.ca", true }, { "nix.black", true }, - { "nixne.st", true }, { "nixonlibrary.gov", true }, + { "nixx-gel.cz", true }, { "niyawe.de", true }, { "nja.id.au", true }, { "njast.net", true }, @@ -24576,7 +24975,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "njpjanssen.nl", true }, { "nkapliev.org", true }, { "nkinka.de", true }, - { "nkp-media.de", true }, { "nl-ix.net", true }, { "nl.search.yahoo.com", false }, { "nlap.ca", false }, @@ -24588,8 +24986,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nlrb.gov", true }, { "nlt.by", false }, { "nmd.so", true }, - { "nmgb.ga", true }, - { "nmgb.ml", true }, { "nmnd.de", true }, { "nmontag.com", true }, { "nn.cz", true }, @@ -24599,6 +24995,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "no-xice.com", true }, { "no.search.yahoo.com", false }, { "noagendahr.org", true }, + { "noahjacobson.com", true }, { "noahmodas.com.br", true }, { "noahsaso.com", true }, { "nobitakun.com", true }, @@ -24648,26 +25045,28 @@ static const nsSTSPreload kSTSPreloadList[] = { { "noisky.cn", true }, { "noisyfox.cn", true }, { "nojestorget.se", true }, - { "nojok.es", true }, { "nokia.la", true }, { "nokono.com", true }, { "nolaviz.org", true }, { "noleggio-bagni-chimici.it", true }, { "noma-film.com", true }, { "nomadproject.io", true }, + { "nomagic.software", true }, { "nomenclator.org", true }, { "nomesbiblicos.com", true }, { "nomial.co.uk", true }, { "nomifensine.com", true }, + { "nomoondev.azurewebsites.net", true }, { "nomsy.net", true }, + { "nonabytes.xyz", true }, { "noname-ev.de", true }, { "nonametheme.com", true }, { "noncombatant.org", true }, { "noob-box.net", true }, { "noobswhatelse.net", true }, { "noobunbox.net", true }, + { "noodlecrave.com", true }, { "noodles.net.nz", true }, - { "noodleyum.com", true }, { "noodplan.co.za", true }, { "noodweer.be", true }, { "noofficewalls.com", true }, @@ -24675,6 +25074,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "noop.ch", true }, { "noordsee.de", true }, { "noorsolidarity.com", true }, + { "noortronic.com", true }, { "nootronerd.com", true }, { "nootropic.com", true }, { "nootropicpedia.com", true }, @@ -24690,19 +25090,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nordmoregatebilklubb.com", true }, { "nordnetz-hamburg.de", true }, { "nordseeblicke.de", true }, + { "nordwal.de", true }, { "nordwaldzendo.de", true }, { "noref.tk", true }, { "noreply.mx", true }, + { "noret.com", true }, { "norichanmama.com", true }, { "noriel.ro", true }, { "normaculta.com.br", true }, - { "normalady.com", true }, { "norman-preusser-gmbh.de", true }, { "normanbauer.com", true }, { "normandgascon.com", true }, { "normankranich.de", true }, { "norrkemi.se", true }, { "norrliden.de", true }, + { "norsewars.com", true }, { "norskpensjon.no", true }, { "northatlantalaw.net", true }, { "northbrisbaneapartments.com.au", true }, @@ -24714,7 +25116,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "northern-lakes.com", true }, { "northerngate.net", true }, { "northernhamsterclub.com", true }, - { "northernmuscle.ca", true }, + { "northernpage.com", true }, { "northernselfstorage.co.za", true }, { "northfieldyarn.com", true }, { "northokanaganbookkeeping.com", true }, @@ -24736,13 +25138,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nostosh.eu.org", true }, { "nostraforma.com", false }, { "noswap.com", true }, - { "nosx.tk", true }, { "nosyu.pe.kr", true }, - { "nota-web.com", true }, { "nota.moe", true }, { "notabug.org", true }, { "notadd.com", true }, - { "notadd.store", true }, { "notallmine.net", true }, { "notalone.gov", true }, { "notar-glagowski.com", true }, @@ -24754,10 +25153,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "notepad.nz", true }, { "noteskeeper.ru", true }, { "noticiasdehumor.com", true }, - { "notificami.com", true }, { "notify.moe", true }, { "notinglife.com", true }, { "notjustvacs.com", true }, + { "notmybox.com", true }, { "notnize.net", true }, { "notnl.com", true }, { "notofilia.com", true }, @@ -24765,11 +25164,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "notoriousdev.com", true }, { "notrecourrier.net", true }, { "notsafefor.work", true }, - { "nottori.com", true }, { "nottres.com", true }, { "noudjalink.nl", true }, { "noustique.com", true }, { "nova-dess.ch", true }, + { "nova-kultura.org", true }, { "nova-wd.org.uk", true }, { "nova.live", true }, { "novabench.com", true }, @@ -24802,6 +25201,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nowlas.org", true }, { "nowloading.co", true }, { "nowremindme.com", true }, + { "noxi.ga", true }, { "noxlogic.nl", true }, { "noyocenter.org", true }, { "np-edv.at", true }, @@ -24812,17 +25212,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "npw.net", true }, { "nqesh.com", true }, { "nqeshreviewer.com", true }, - { "nrc-gateway.gov", true }, { "nrd.li", true }, { "nrdstd.io", true }, { "nrev.ch", true }, { "nrkn.fr", true }, { "nrsweb.org", true }, - { "nrvn.cc", true }, + { "nrvn.cc", false }, { "ns-frontier.com", true }, { "ns2servers.pw", true }, { "nsa.lol", true }, - { "nsa.ovh", true }, { "nsa.wtf", true }, { "nsapwn.com", true }, { "nsboston.org", true }, @@ -24837,6 +25235,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nsp.ua", true }, { "nst-maroc.com", true }, { "nstd.net", true }, + { "nstremsdoerfer.ovh", true }, + { "nstrust.co.uk", true }, { "nsworks.com", true }, { "ntags.org", true }, { "ntcoss.org.au", true }, @@ -24844,29 +25244,31 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nth.sh", true }, { "nti.de", true }, { "ntotten.com", true }, - { "ntppool.org", true }, + { "ntppool.org", false }, { "ntwt.us", true }, { "ntx360grad-fallakte.de", true }, { "ntzwrk.org", true }, + { "nu-pogodi.net", true }, + { "nu3.com", true }, + { "nu3.dk", true }, + { "nu3.fi", true }, + { "nu3.no", true }, + { "nu3.se", true }, { "nu3tion.com", true }, { "nu3tion.cz", true }, { "nuacht.ie", true }, { "nuamooreaindonesia.com", true }, { "nubella.com.au", true }, - { "nubeslayer.com", true }, { "nubu.at", true }, - { "nuclear-crimes.com", true }, { "nuclearcat.com", true }, - { "nuclearcrimes.com", true }, - { "nuclearcrimes1.com", true }, { "nucleuscore.org", true }, - { "nudestpics.com", true }, { "nuel.cl", true }, { "nuevaimagenpublicidad.es", true }, { "nuffield.nl", true }, { "nugdev.co", true }, { "null-life.com", true }, { "nullday.de", true }, + { "nulle-part.org", true }, { "nullonerror.org", true }, { "nullpointer.io", true }, { "nullroute.com", true }, @@ -24883,7 +25285,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "numero1.ch", true }, { "numerologist.com", true }, { "numerossanos.com.ar", true }, - { "numis.tech", true }, + { "numis.tech", false }, { "numismed-seniorcare.de", true }, { "numm.fr", true }, { "numwave.nl", true }, @@ -24900,7 +25302,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nurses.dating", true }, { "nursingschool.network", true }, { "nuryahan.com.br", true }, - { "nusku.biz", true }, { "nussadoclub.org", true }, { "nutikell.com", true }, { "nutleyeducationalfoundation.org", true }, @@ -24910,7 +25311,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nutri-spec.me", true }, { "nutricaovegana.com", true }, { "nutriciametabolics-shop.de", true }, - { "nutrifyyourself.com", true }, { "nutripedia.gr", true }, { "nutrishop.com", true }, { "nutrivisa.com.br", true }, @@ -24923,7 +25323,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nvq.nl", true }, { "nvr.bz", true }, { "nwbc.gov", true }, + { "nwerc.party", true }, { "nwgh.org", false }, + { "nwk1.com", true }, { "nwr-waffenbuch.de", true }, { "nwra.com", true }, { "nwuss.okinawa", true }, @@ -24931,12 +25333,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nwwnetwork.net", true }, { "nxinfo.ch", true }, { "nya.as", true }, + { "nyadora.moe", true }, { "nyan.it", true }, { "nyan.stream", true }, { "nyanco.space", true }, + { "nyansparkle.com", true }, { "nyantec.com", true }, { "nybiz.nyc", true }, { "nycoyote.org", true }, + { "nydig.com", true }, + { "nydnxs.com", true }, { "nyffo.com", true }, { "nyhaoyuan.net", true }, { "nyiad.edu", true }, @@ -24944,18 +25350,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nyip.edu", true }, { "nylevemusic.com", true }, { "nyloc.de", true }, - { "nylonfeetporn.com", true }, { "nymphetomania.net", true }, { "nynex.net", true }, { "nyoronfansubs.org", true }, { "nyphox.ovh", true }, { "nys-hk.com", false }, - { "nystudio107.com", true }, { "nytrafficticket.com", true }, - { "nyuusannkinn.com", true }, { "nyxi.eu", true }, { "nyyu.tk", true }, { "nzb.cat", false }, + { "nzbr.de", true }, { "nzdmo.govt.nz", true }, { "nzstudy.ac.nz", true }, { "nzws.me", true }, @@ -24978,8 +25382,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "oakslighting.co.uk", true }, { "oanalista.com.br", true }, { "oasisdabeleza.com.br", true }, + { "oatmealdome.me", true }, { "oauth-dropins.appspot.com", false }, { "obamalibrary.gov", true }, + { "obamawhitehouse.gov", true }, { "oberhofdrinks.com", true }, { "obermeiers.eu", true }, { "obfuscate.xyz", true }, @@ -24991,14 +25397,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "oblast45.ru", false }, { "oboeta.com", true }, { "obono.at", true }, + { "obs.group", true }, { "obscur.us", true }, + { "obsessharness.com", true }, { "obsidianirc.net", true }, { "obsproject.com", true }, { "obtima.org", true }, { "obud.cz", true }, { "obyvateleceska.cz", true }, { "oc-sa.ch", true }, - { "ocad.com.au", true }, + { "ocarupo.com", true }, { "occenterprises.org", true }, { "occentus.net", true }, { "occmon.net", true }, @@ -25008,6 +25416,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "oceandns.eu", true }, { "oceandns.net", true }, { "oceandns.nl", true }, + { "oceanlord.me", true }, { "oceanvisuals.com", true }, { "ocelot.help", true }, { "ocenovani-inspekce.cz", true }, @@ -25032,12 +25441,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "octohedralpvp.tk", true }, { "octohost.net", true }, { "octolopagon.games", true }, + { "octopus-agents.com", true }, { "octosniff.net", true }, { "octosys.net", true }, { "octosys.org", true }, { "octosys.ru", true }, { "octothorpe.club", true }, - { "octothorpe.ninja", true }, { "oculus.com", true }, { "oddmuse.org", true }, { "oddnumber.ca", true }, @@ -25063,12 +25472,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "oemspace.net", true }, { "oemspace.nl", true }, { "oemwolf.com", true }, + { "oenings.eu", true }, { "ofcampuslausanne.ch", true }, + { "ofda.gov", true }, { "offandonagain.org", true }, { "offbyinfinity.com", true }, { "offenekommune.de", true }, { "offenes-deutschland.de", true }, - { "offerstone.cl", true }, + { "offertegiuste.com", true }, { "offfbynight.be", true }, { "offgames.io", true }, { "office-discount.at", true }, @@ -25090,7 +25501,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "oftn.org", true }, { "oge.ch", true }, { "ogis.gov", true }, - { "oglen.ca", true }, { "ogocare.com", true }, { "oguya.ch", true }, { "ogyaa.jp", true }, @@ -25105,10 +25515,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ohiohealthfortune100.com", true }, { "ohling.org", true }, { "ohne-name.de", true }, - { "ohreally.de", true }, + { "ohnonotme.com", true }, { "ohsohairy.co.uk", true }, { "ohyooo.com", true }, { "oiaio.cn", true }, + { "oilfieldinjury.attorney", true }, { "oilpaintingsonly.com", true }, { "oirealtor.com", true }, { "oisd.nl", true }, @@ -25117,7 +25528,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ojanaho.com", true }, { "ojdip.net", true }, { "ojomovies.com", true }, - { "ojp.gov", true }, { "okakuro.org", true }, { "okanaganrailtrail.ca", true }, { "okay.cf", true }, @@ -25130,6 +25540,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "okib.ca", true }, { "okin-jp.net", true }, { "okinawa-mag.net", true }, + { "okmx.cloud", true }, { "okmx.de", true }, { "okna-tm.kz", true }, { "okonetwork.org.uk", true }, @@ -25143,23 +25554,27 @@ static const nsSTSPreload kSTSPreloadList[] = { { "olanderflorist.com", true }, { "olasouris.com", true }, { "olback.net", true }, + { "olbat.net", true }, { "olcayanar.com", true }, { "oldbrookinflatables.co.uk", true }, { "oldbrookmarqueehire.co.uk", true }, { "oldchaphome.nl", true }, { "oldenglishsheepdog.com.br", true }, + { "oldita.ru", true }, { "oldking.net", true }, { "oldnews.news", true }, { "oldoakflorist.com", true }, { "oldprop.com", true }, + { "oldroutetwo.com", true }, { "oldtimerreifen-moeller.de", true }, { "olegon.ru", true }, { "olegs.be", true }, { "oleksii.name", true }, { "oleodecopayba.com.br", true }, + { "oles-hundehaus.de", true }, { "olgiati.org", true }, - { "olgui.net", true }, { "olgun.eu", true }, + { "olifant.fr", true }, { "olightstore.com", true }, { "olightstore.ro", true }, { "oliode.tk", true }, @@ -25210,7 +25625,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "omgbouncycastlehire.co.uk", true }, { "omi-news.fr", true }, { "omifind.com", true }, - { "omise.co", true }, { "omitech.co.uk", true }, { "omlmetal.co.jp", true }, { "omniasig.ro", true }, @@ -25223,7 +25637,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "omnisky.dk", true }, { "omnitrack.org", true }, { "omniverse.ru", true }, - { "omorashi.org", true }, + { "omoide-hitokoto.com", true }, { "omori.ch", true }, { "omoteura.com", true }, { "omranic.com", true }, @@ -25253,6 +25667,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "onebigcow.com", true }, { "oneclic.ch", true }, { "oneclickonejob.com", true }, + { "onedegreehealth.com", true }, { "onedot.nl", true }, { "onedottwelve.co.jp", true }, { "onedottwelve.com", true }, @@ -25261,17 +25676,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "onee3.org", true }, { "onefour.ga", false }, { "oneheartbali.church", true }, + { "oneidentity.me", true }, { "oneiroi.co.uk", true }, { "onemid.net", true }, { "oneminute.io", false }, { "onemoonmedia.de", true }, - { "onemusou.com", true }, { "oneononeonone.de", true }, { "oneononeonone.tv", true }, { "onepointsafeband.ca", true }, { "onepointsafeband.com", true }, { "onepointzero.com", true }, { "oneprediction.com", true }, + { "onesnzeroes.com", true }, { "onesports.cz", true }, { "onestepfootcare.com", true }, { "onestopcastles.co.uk", true }, @@ -25312,9 +25728,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "online24.pt", true }, { "onlinebizdirect.com", false }, { "onlinecasino.vlaanderen", true }, - { "onlinecasinobluebook.com", true }, { "onlinecensorship.org", true }, { "onlinecollegeessay.com", true }, + { "onlinecorners.com", true }, { "onlinefashion.it", true }, { "onlineinfographic.com", true }, { "onlinekmc.com", true }, @@ -25323,7 +25739,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "onlinelighting.com.au", true }, { "onlinemarketingtraining.co.uk", true }, { "onlinepokerspelen.be", true }, - { "onlineporno.tv", true }, + { "onlineporno.xyz", true }, { "onlinerollout.de", true }, { "onlinestoreninjas.com", true }, { "onlineth.com", false }, @@ -25334,9 +25750,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "onlylebanon.net", true }, { "onmaps.de", true }, { "onmarketbookbuilds.com", true }, - { "onnee.ch", true }, + { "onnaguse.com", true }, { "onnext.cc", true }, - { "ono.es", true }, { "onoranze-funebri.biz", true }, { "onpay.io", true }, { "onpermit.net", true }, @@ -25368,6 +25783,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "oosoo.org", true }, { "ooyo.be", true }, { "op11.co.uk", false }, + { "opadaily.com", true }, { "opalesurfcasting.net", true }, { "oparl.org", true }, { "opcenter.de", true }, @@ -25378,6 +25794,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "open-desk.org", true }, { "open-domotics.info", true }, { "open-freax.fr", true }, + { "open-gaming.net", true }, { "open-infrastructure.net", true }, { "open-letters.de", true }, { "open-mesh.org", true }, @@ -25388,6 +25805,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "openacte.ch", true }, { "openas.org", true }, { "openbankproject.com", true }, + { "openbayes.com", true }, { "openbeecloud.com", true }, { "openblox.org", true }, { "openbsd.id", true }, @@ -25396,6 +25814,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "openclima.com", true }, { "opencluster.at", true }, { "opencrm.co.uk", true }, + { "opendata.cz", true }, { "opendataincubator.eu", true }, { "opendecide.com", true }, { "openfir.st", true }, @@ -25438,28 +25857,29 @@ static const nsSTSPreload kSTSPreloadList[] = { { "openwaveguide.de", true }, { "openwifi.gr", true }, { "openwireless.org", true }, - { "operad.fr", true }, { "operationforever.com", true }, { "opfin.com", true }, + { "ophis-phosphoros.com", true }, { "opiates.ca", true }, { "opin.me", true }, { "opioids.co.uk", true }, - { "opioids.com", true }, { "opioids.gov", true }, { "opium.io", true }, { "oplop.appspot.com", true }, { "opoleo.com", false }, { "oportho.com.br", true }, { "opp.ag", true }, - { "oppag.com.br", true }, { "oppaiti.me", true }, { "oppejoud.ee", true }, { "opportunis.me", true }, - { "opposer.me", true }, + { "opportunity.de", true }, + { "oppwa.com", true }, { "opq.pw", true }, + { "oprbox.com", true }, { "oprechtgezegd.nl", true }, { "oprueba.com", true }, { "opryshok.com", true }, + { "ops-com.com", true }, { "opsmate.com", false }, { "opsnotepad.com", true }, { "opti-net.at", true }, @@ -25467,9 +25887,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "optiekzien.nl", true }, { "optik-trosdorff.de", true }, { "optimalsetup.com", true }, + { "optimised.cloud", true }, + { "optimised.io", true }, + { "optimisedlabs.co.uk", true }, { "optimisedlabs.com", true }, + { "optimisedlabs.info", true }, + { "optimisedlabs.net", true }, + { "optimisedlabs.uk", true }, { "optimist.bg", true }, - { "optimize-jpg.com", true }, + { "optimizedlabs.co.uk", true }, + { "optimizedlabs.info", true }, + { "optimizedlabs.net", true }, + { "optimizedlabs.uk", true }, { "optimumwebdesigns.com", true }, { "optimus.io", true }, { "optimuscrime.net", true }, @@ -25478,6 +25907,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "optmos.at", true }, { "optometryscotland.org.uk", true }, { "optoutday.de", true }, + { "opure.ru", true }, { "opus-codium.fr", true }, { "oraculum.cz", true }, { "orang-utans.com", true }, @@ -25488,10 +25918,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "orangenbaum.at", true }, { "orangenuts.in", true }, { "oranges.tokyo", true }, - { "orangetravel.eu", true }, { "orangutan-appeal.org.uk", true }, { "orbu.net", true }, - { "orcahq.com", true }, + { "orca.pet", true }, { "orcamoney.com", true }, { "orchideenettoyage.com", true }, { "orchidlive.com", true }, @@ -25502,20 +25931,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ordernow.at", true }, { "orderswift.com", true }, { "ordr.mobi", true }, + { "oreka.online", true }, { "oreshinya.xyz", true }, { "oreskylaw.com", true }, { "oreto.de", true }, { "orf-digitalsatkarte.at", false }, { "orf-kartentausch.at", false }, { "organica.co.za", true }, - { "organicae.com", true }, { "organisatieteam.nl", true }, - { "organisationsberatung-jacobi.de", true }, { "organix.ma", true }, { "orgasmium.com", true }, { "orgatech-gmbh.de", true }, { "orgsyn.in", true }, - { "orhideous.name", true }, { "orians.eu", true }, { "oribia.net", true }, { "orientalart.nl", true }, @@ -25525,11 +25952,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "originalniknihy.cz", true }, { "origincoffee.com", true }, { "origincoffee.nz", true }, + { "originpc.com", false }, { "orikadabra.nl", true }, { "orikum.org", true }, { "orimex-mebel.ru", true }, { "orion-universe.com", true }, { "orioncokolada.cz", true }, + { "orionfinancialservices.com", true }, { "oriongames.eu", true }, { "orkestar-krizevci.hr", true }, { "orkiv.com", true }, @@ -25546,7 +25975,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "orthotictransfers.com", true }, { "ortlepp.eu", true }, { "ortodonciaian.com", true }, - { "orui.com.br", true }, + { "orum.in", true }, { "orwell1984.today", true }, { "oryva.com", true }, { "orz.uno", true }, @@ -25555,8 +25984,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "os-t.de", true }, { "os24.cz", true }, { "osacrypt.studio", true }, - { "osaka-fukushi.jp", true }, - { "osaka-jusan.jp", true }, { "osaka-onakura.com", true }, { "osakeannit.fi", true }, { "osao.org", true }, @@ -25566,8 +25993,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "osburn.com", true }, { "oscamp.eu", true }, { "oscarvk.ch", true }, + { "oscloud.com", true }, { "osepideasthatwork.org", true }, - { "osereso.tn", true }, { "oses.mobi", true }, { "oshayr.com", true }, { "oshell.me", true }, @@ -25579,8 +26006,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "oslinux.net", true }, { "osm.is", true }, { "osmanlitorunu.com", true }, + { "osmestres.com", true }, { "osmosis.org", true }, { "osmre.gov", true }, + { "osnova.cz", true }, + { "osobliwydom.pl", true }, + { "ospf.sk", true }, { "ospree.me", true }, { "osquery.io", true }, { "ostan-collections.net", true }, @@ -25599,6 +26030,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "otakubox.de", true }, { "otakurepublic.com", true }, { "otakurumi.de", true }, + { "otakuyun.com", true }, { "otchecker.com", true }, { "otellio.com", true }, { "otellio.de", true }, @@ -25606,7 +26038,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "otherkinforum.com", true }, { "oticasaopaulo.com.br", true }, { "oticasvisao.net.br", true }, - { "otmns.net", true }, { "otorrino.pt", true }, { "otoy.com", true }, { "otoya.space", true }, @@ -25616,6 +26047,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "otsfreestyle.jp", true }, { "otsu.beer", true }, { "ottoproject.io", true }, + { "ottoversand.at", true }, { "otus-magnum.com", true }, { "otvaracie-hodiny.sk", true }, { "otya.me", true }, @@ -25624,12 +26056,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ouestsolutions.com", true }, { "ouglor.com", true }, { "ouimoove.com", true }, + { "ouin.land", true }, { "oulunjujutsu.com", true }, { "ouowo.gq", true }, + { "our-box.net", true }, { "ourai.ws", true }, { "ourcloud.at", true }, + { "ourdocuments.gov", true }, { "ourevents.net", true }, - { "ourls.win", true }, + { "ourmaster.org", true }, { "ouruglyfood.com", true }, { "ourwedding.xyz", true }, { "ourworldindata.org", true }, @@ -25658,9 +26093,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "outlookonthedesktop.com", true }, { "outpostinfo.com", true }, { "outsideconnections.com", true }, + { "outsiders.paris", true }, { "ovelhaostra.com", true }, { "overalglas.nl", true }, { "overamsteluitgevers.nl", true }, + { "overclockers.ge", true }, { "overdrive-usedcars.be", true }, { "overkillshop.com", true }, { "overseamusic.de", true }, @@ -25669,6 +26106,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "overstap.deals", true }, { "overstappen.nl", true }, { "overstemmen.nl", true }, + { "overstockpromote.com", true }, { "overthecloud.it", true }, { "overthinkingit.com", true }, { "overtrolls.de", true }, @@ -25688,12 +26126,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "owl-square.com", true }, { "owl-stat.ch", true }, { "owl.net", true }, + { "owlandrabbitgallery.com", true }, { "owlishmedia.com", true }, { "own3d.ch", true }, { "ownc.at", true }, { "ownmay.com", true }, - { "owothisdiz.pw", true }, - { "oxanababy.com", true }, { "oxborrow.ca", true }, { "oxelie.com", true }, { "oxo.cloud", true }, @@ -25716,6 +26153,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "p-t.io", true }, { "p.ki", true }, { "p1984.nl", false }, + { "p1cn.com", true }, { "p1ratrulezzz.me", true }, { "p4chivtac.com", true }, { "p5r.uk", true }, @@ -25750,7 +26188,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pace.car", true }, { "paceda.nl", true }, { "pacelink.de", true }, - { "pachaiyappas.org", true }, { "pacificpalisadeselectric.com", true }, { "pacificpalisadeselectrical.com", true }, { "pacificpalisadeselectrician.com", true }, @@ -25766,11 +26203,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "packer.io", true }, { "packetdigital.com", true }, { "packetlinux.com", true }, + { "packshot-creator.com", true }, + { "pact2017.nl", true }, { "pactf.com", true }, { "padam-group.com", true }, { "padberx-marketing-consultants.de", true }, { "paddy.rocks", true }, - { "padeoe.com", true }, { "padianda.com", true }, { "padovani.de", true }, { "padpilot.co", true }, @@ -25785,19 +26223,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pagalworld.info", true }, { "pagalworld.la", true }, { "pagalworld.me", true }, + { "pagalworld.org", true }, { "page-builders.com", true }, { "pageantsnews.com", false }, { "pagedesignhub.com", true }, { "pagedesignpro.com", true }, { "pagedesignshop.com", true }, { "pagedesignweb.com", true }, + { "pagefulloflies.io", true }, { "pagewizz.com", true }, { "pagiamtzis.com", true }, { "pagina.com.mx", true }, { "pagure.io", true }, - { "pagure.org", true }, { "pahae.de", true }, { "pahealthbilling.com", true }, + { "pahlawanpulsa.com", true }, { "paichai.space", false }, { "paincareehr.com", true }, { "paindata.dk", true }, @@ -25808,12 +26248,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "paintcolorsbysue.com", true }, { "paintingindurban.co.za", true }, { "paipuman.jp", true }, - { "paizinhovirgula.com", true }, { "pajadam.me", true }, { "pajuvuo.fi", true }, - { "paketkreditsuzuki.com", true }, { "paketo.cz", true }, - { "paketwatch.de", true }, + { "paketo.sk", true }, + { "paketwatch.de", false }, { "pakho.xyz", true }, { "pakistani.dating", true }, { "pakitow.fr", true }, @@ -25824,10 +26263,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "palatin.at", true }, { "palava.tv", true }, { "palavatv.com", true }, - { "palawan.jp", false }, { "palazzo.link", true }, { "palazzo.work", true }, - { "paleolowcarb.de", true }, { "paleotraining.com", true }, { "palladium46.com", true }, { "pallas.in", true }, @@ -25882,8 +26319,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "panthur.com.au", false }, { "pantographe.info", true }, { "pantou.org", false }, + { "pants-off.xyz", true }, { "panzer72.ru", true }, - { "paolo565.org", true }, { "pap.la", false }, { "papa-webzeit.de", true }, { "papadopoulos.me", true }, @@ -25895,10 +26332,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "papelcraft.co.uk", true }, { "paper-driver.biz", true }, { "paper-republic.org", true }, - { "paperhaven.com.au", true }, + { "paper.sc", true }, { "paperhoney.by", true }, - { "papermasters.com", true }, - { "papersmart.net", true }, { "papertracker.net", true }, { "paperturn.com", true }, { "paperwallets.io", true }, @@ -25920,23 +26355,26 @@ static const nsSTSPreload kSTSPreloadList[] = { { "paradiselost.com", true }, { "paradoxdesigns.org", true }, { "paragonie.com", false }, + { "paragonremodeling.com", true }, { "paragreen.net", true }, + { "paranoidcrypto.com", true }, { "paranoidmode.com", true }, { "paranoidpenguin.net", true }, { "paranoxer.hu", true }, { "parasitologyclub.org", true }, { "paratlan.hu", true }, { "paratxt.org", true }, - { "parav.xyz", true }, { "parcelbroker.co.uk", true }, { "parchcraftaustralia.com", true }, { "parckwart.de", true }, { "parcon.it", true }, + { "parentelement.com", true }, { "parentheseardenne.be", true }, { "parentinterview.com", true }, { "parentsintouch.co.uk", true }, { "pariga.co.uk", true }, { "paris-store.com", true }, + { "parisbloom.com", true }, { "parisderriere.fr", true }, { "parisescortgirls.com", true }, { "parisfranceparking.com", true }, @@ -25945,6 +26383,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "parisfranceparking.nl", true }, { "parisprovincedemenagements.fr", true }, { "parkeren.in", true }, + { "parkfans.net", true }, + { "parkhost.eu", true }, { "parkinginparis.fr", true }, { "parkingpoint.co.uk", true }, { "parkrunstats.servehttp.com", true }, @@ -25959,6 +26399,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "parolu.io", true }, { "parquettista.milano.it", true }, { "parquettista.roma.it", true }, + { "parroquiasanrafaeldegramalote.com", true }, { "parry.org", true }, { "parsemail.org", true }, { "parser.nu", true }, @@ -25991,14 +26432,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "partyhireliverpool.co.uk", true }, { "partypearl.de", true }, { "partyrocksbounce.co.uk", true }, - { "partyschnaps.com", true }, { "partyspaces.co.uk", true }, { "partytime-uk.co.uk", true }, { "partytimeltd.ie", true }, { "partytownireland.co.uk", true }, { "partytownmarquees.co.uk", true }, { "partyvan.io", true }, + { "partyyy.io", true }, { "partyzone.ie", true }, + { "parvaneh.fr", true }, { "pasadenapooch.org", true }, { "pasadenasandwich.co", true }, { "pasadenasandwichcompany.com", true }, @@ -26017,7 +26459,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pascualinmuebles.com", true }, { "pasearch.nl", true }, { "pashminacachemire.com", true }, - { "pasportaservo.org", true }, { "pass.org.my", true }, { "passabook.com", true }, { "passcod.name", true }, @@ -26025,8 +26466,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "passfilesafe.com", true }, { "passfoto-deinfoto.ch", true }, { "passieposse.nl", true }, + { "passionandbalance.com", true }, { "passionatefoodie.co.uk", true }, { "passionatehorsemanship.com", true }, + { "passionatelife.com.au", true }, + { "passionebenessere.com", true }, { "passionpictures.eu", true }, { "passions-art.com", true }, { "passphrase.today", true }, @@ -26054,7 +26498,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "passwordsecurity.info", true }, { "passworks.io", true }, { "passy.pw", true }, - { "pasta-factory.co.il", true }, { "pastaenprosecco.nl", true }, { "paste.fedoraproject.org", true }, { "paste.gg", true }, @@ -26069,12 +26512,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pastormaremanoabruzes.com.br", true }, { "pastorsuico.com.br", true }, { "pasztor.at", true }, + { "patapwn.com", true }, { "patatbesteld.nl", true }, { "pataterosviajeros.com", true }, + { "patbatesremodeling.com", false }, { "patdorf.com", true }, { "patechmasters.com", true }, { "patentados.com", true }, - { "patentfamily.de", true }, { "paterno-gaming.com", true }, { "pathagoras.com", true }, { "pathwaystoresilience.org", true }, @@ -26104,12 +26548,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "paudley.com", true }, { "paudley.org", true }, { "paul-bronski.de", true }, - { "paul-schmidt.de", true }, { "paul.reviews", true }, { "pauladamsmith.com", true }, { "paulbakaus.com", true }, { "paulbdelaat.nl", true }, { "paulbramhall.uk", true }, + { "pauldev.co", true }, + { "paulerhof.com", true }, { "paulewen.ca", true }, { "paulinewesterman.nl", true }, { "paulmeier.com", false }, @@ -26123,17 +26568,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "paulschreiber.com", true }, { "paulscustomauto.com", true }, { "paulswartz.net", true }, - { "paultibbetts.uk", false }, { "paulus-foto.pl", true }, { "paulward.net", true }, { "paulwatabe.com", true }, { "paulwendelboe.com", true }, + { "pauly-stahlhandel.com", true }, + { "pauly-stahlhandel.de", true }, { "pauspam.net", true }, { "pautadiaria.com", true }, { "pavando.com", true }, { "pavelfojt.cz", true }, { "pavelrebrov.com", true }, - { "pavelstriz.cz", true }, { "pavio.org", true }, { "paw.cloud", true }, { "paw.pt", true }, @@ -26142,7 +26587,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pawelurbanek.com", true }, { "pawsomebox.co.uk", true }, { "pawsr.us", true }, - { "pawsru.org", true }, { "paxerahealth.com", true }, { "pay.gov", true }, { "pay8522.com", true }, @@ -26151,7 +26595,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "payboy.rocks", true }, { "paybro.eu", true }, { "payfazz.com", true }, - { "paykings.com", true }, { "paylike.io", true }, { "payloc.io", true }, { "payme.uz", true }, @@ -26176,16 +26619,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "payupay.ru", true }, { "payzang.com", true }, { "payzwin.com", true }, + { "pb.ax", false }, { "pback.se", true }, { "pbosquet.com", true }, { "pbourhis.me", true }, + { "pbqs.site", true }, { "pbr.so", true }, { "pbraunschdash.com", true }, { "pbreen.co.uk", true }, { "pbrumby.com", true }, { "pbz.im", true }, { "pc-rescue.me", false }, - { "pc-tablet.com", true }, + { "pc-servis-brno.com", true }, { "pcbricole.fr", true }, { "pccentral.nl", true }, { "pcdocjim.com", true }, @@ -26211,13 +26656,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pcsetting.com", true }, { "pctonic.net", true }, { "pctrouble.net", true }, + { "pculiar.com", true }, { "pdf-archive.com", true }, { "pdfconvert.me", true }, { "pdfmint.com", true }, { "pdfpassword.org", true }, { "pdfpasswort.de", true }, { "pdfresizer.com", true }, - { "pdomo.me", true }, + { "pdfsearches.com", true }, { "pdox.net", true }, { "pdragt.com", true }, { "pdthings.net", true }, @@ -26238,12 +26684,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pebbles.net.in", true }, { "pecker-johnson.com", true }, { "peda.net", true }, + { "peddy.dyndns.org", true }, { "pedicurean.nl", true }, { "pedicureduiven.nl", true }, { "pedidamanosevilla.com", true }, { "pedikura-vitu.cz", true }, { "pedimoda.com.br", true }, { "pedro.com.es", true }, + { "pedrosaurus.com", true }, { "pedrosluiter.nl", true }, { "pedroventura.com", false }, { "peeekaaabooo.com", true }, @@ -26282,13 +26730,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pegas-studio.net", true }, { "pehapkari.cz", true }, { "peifi.de", false }, - { "peinard.net", true }, { "peippo.at", true }, { "pekkapleppanen.fi", true }, { "pekoe.se", true }, { "pelanucto.cz", true }, { "pelican.ie", true }, - { "peliseries24.com", true }, { "pelletizermill.com", true }, { "pelletsprice.com", true }, { "pelopogrund.com", true }, @@ -26299,12 +26745,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pencillab.cn", true }, { "pendriveapps.com", true }, { "penetrationstest.se", true }, - { "penfold.fr", true }, { "pengi.me", true }, { "penguindrum.moe", true }, { "penguinprotocols.com", true }, { "penispumpen.se", true }, { "pennergold.net", true }, + { "pennington.io", true }, { "pennyparkerpaper.com", true }, { "penrithapartments.com.au", true }, { "pens.com", true }, @@ -26325,10 +26771,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "penz.media", true }, { "peoplelikemeapp.com", true }, { "peoplesbankal.com", true }, + { "peoplesdecade.org", true }, { "peoplesguardian.org", true }, { "pepemodelismo.com.br", true }, { "peplog.nl", true }, { "pepwaterproofing.com", true }, + { "pequenosfavoritos.com.br", true }, { "pera.gs", true }, { "perala.me", true }, { "peraparker.cz", true }, @@ -26348,10 +26796,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "perfektesgewicht.de", true }, { "performancehealth.com", true }, { "performancesantafe.org", true }, - { "performaride.com.au", true }, { "perfumeaz.com", true }, { "perfumes.com.br", true }, - { "periodismoactual.com", true }, { "periscope.tv", true }, { "perishablepress.com", true }, { "perm-avia.ru", true }, @@ -26373,6 +26819,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "perroquet-passion.ch", true }, { "persephone.gr", true }, { "personal-genome.com", true }, + { "personal-injury-attorney.co", true }, { "personaltrainer-senti.de", true }, { "personcar.com.br", true }, { "perspectivum.com", true }, @@ -26388,9 +26835,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pescco.com.br", true }, { "pestici.de", true }, { "pestkill.info", true }, + { "pesyun.cn", true }, { "pet-hotel-mura.net", true }, { "petabits.de", true }, - { "petangen.se", true }, + { "petalkr.com", true }, { "petcarvers.com", true }, { "petdesign.pet", true }, { "peteboc.com", true }, @@ -26398,16 +26846,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "petelew.is", true }, { "peter.org.ua", true }, { "peterandjoelle.co.uk", true }, + { "peterboers.info", true }, { "peterborgapps.com", true }, { "peterbruceharvey.com", true }, { "peterdavehello.org", true }, { "peterfiorella.com", true }, - { "peterfolta.net", true }, { "peterhuetz.at", true }, { "peterhuetz.com", true }, { "peterjohnson.io", true }, { "peterlew.is", true }, - { "petermazur.com", true }, { "peters.consulting", true }, { "petersontoscano.com", true }, { "petervanleeuwentweewielers.nl", true }, @@ -26423,9 +26870,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "petplus.com", true }, { "petpost.co.nz", false }, { "petpower.eu", true }, - { "petrachuk.ru", true }, { "petrasestakova.cz", true }, - { "petravdbos.nl", true }, + { "petresort.pt", true }, { "petroscand.eu", true }, { "petrostathis.com", true }, { "petrpikora.com", true }, @@ -26437,12 +26883,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pew.ninja", true }, { "pex.digital", true }, { "peyote.com", true }, - { "peyote.org", true }, { "pf.dk", true }, { "pfa.or.jp", true }, { "pfadfinder-aurich.de", true }, { "pfadfinder-grossauheim.de", true }, { "pfarchimedes-pensioen123.nl", true }, + { "pfarre-kremsmuenster.at", true }, { "pfcafeen.dk", true }, { "pfd-nz.com", false }, { "pferdekauf.de", true }, @@ -26459,7 +26905,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pfudor.tk", true }, { "pg-forum.de", true }, { "pg-mana.net", true }, + { "pglandscapingpaving.com", true }, { "pgmann.cf", true }, + { "pgnetwork.net", true }, { "pgp.guru", true }, { "pgp.network", true }, { "pgpmail.cc", true }, @@ -26471,6 +26919,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pharma-display.com", true }, { "pharmaabsoluta.com.br", true }, { "pharmaboard.de", true }, + { "pharmaboard.org", true }, { "pharmacie-fr.org", true }, { "pharmacieplusfm.ch", true }, { "pharmafoto.ch", true }, @@ -26511,7 +26960,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "philippinedroneassociation.org", true }, { "philippkeschl.at", true }, { "phillipgoldfarb.com", true }, - { "phillipsuk.com", true }, { "phillyinjurylawyer.com", true }, { "philna.sh", true }, { "philosoftware.com.br", true }, @@ -26522,13 +26970,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "philsown.de", true }, { "philsturgeon.uk", true }, { "philux.ch", true }, - { "phippsreporting.com", true }, { "phishing-studie.org", true }, { "phishing.rs", true }, { "phishingusertraining.com", true }, { "phligence.com", true }, { "phocean.net", true }, + { "phoenixlogan.com", true }, { "phone-service-center.de", true }, + { "phonix-company.fr", true }, { "phormance.com", true }, { "phosagro.biz", false }, { "phosagro.com", false }, @@ -26544,6 +26993,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "photodeal.fr", true }, { "photographe-reims.com", true }, { "photographersdaydream.com", true }, + { "photography-workshops.net", true }, { "photolium.net", true }, { "photomodelcasting.com", true }, { "photon.sh", true }, @@ -26564,18 +27014,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "phpprime.com", true }, { "phpsecure.info", true }, { "phpunit.de", true }, + { "phr34kz.pw", true }, { "phra.gs", true }, { "phrive.space", true }, { "phryanjr.com", false }, { "phryneas.de", true }, { "phuket-idc.com", true }, { "phuket-idc.de", true }, + { "phumin.in.th", true }, { "phunehehe.net", true }, { "phurl.de", true }, { "phurl.io", true }, { "phus.lu", true }, { "physicalism.com", true }, { "physicalist.com", true }, + { "physicaltherapist.com", false }, { "physicpezeshki.com", true }, { "physiotherapie-seiwald.de", true }, { "physiovesenaz.ch", true }, @@ -26587,9 +27040,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pianetaottica.com", true }, { "pianetaottica.it", true }, { "pianetatatuaggi.it", true }, + { "pianomover.co.uk", true }, { "pianyigou.com", true }, { "piatabrasil.com.br", true }, - { "piatanoua.md", true }, { "piboubes.me", true }, { "pic.gov", true }, { "pic.sr", true }, @@ -26619,8 +27072,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "picturingjordan.com", true }, { "pidginhost.com", true }, { "pidjipi.com", true }, + { "pie-express.xxx", true }, { "pieces-or.com", true }, - { "piedfeed.com", true }, { "pieinsurance.com", true }, { "piekacz.eu.org", true }, { "piekacz.net", true }, @@ -26644,13 +27097,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pietermaene.be", false }, { "pietz.uk", true }, { "pigritia.de", true }, - { "piils.fr", true }, + { "pigs.pictures", true }, { "pijuice.com", true }, { "pik.bzh", true }, { "pikeitservices.com.au", true }, { "pikimusic.moe", true }, { "pilani.ch", true }, { "pilarguineagil.com", true }, + { "pilatescenteraz.com", true }, { "pildat.org", true }, { "pileofgarbage.net", true }, { "piliszek.net", true }, @@ -26671,7 +27125,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pineapplesapp.com", true }, { "pinemountainnursery.com.au", true }, { "pinemountbaptistchurch.org", true }, - { "pinesandneedles.com", true }, { "pingworks.com", true }, { "pingworks.de", true }, { "pingworks.eu", true }, @@ -26688,13 +27141,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pinklecfest.org", true }, { "pinklittlenotebook.com", true }, { "pinkwalk.co.nz", true }, - { "pinkyf.com", true }, { "pinnaclelife.co.nz", true }, { "pinnaclelife.nz", true }, { "pinnacles.com", true }, { "pinner.io", true }, { "pinoydailytvshow.net", true }, - { "pinoylinux.org", true }, + { "pinoyonlinetv.com", true }, { "pinoytech.ph", true }, { "pinpayments.com", true }, { "pinpointengineer.co.uk", true }, @@ -26708,7 +27160,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pinterest.ie", true }, { "pinterest.info", true }, { "pinterest.jp", true }, - { "pintoselectrician.co.za", true }, + { "pintosplumbing.co.za", true }, { "pioneer-car.eu", true }, { "pioneer-rus.ru", true }, { "pipocao.com", true }, @@ -26720,6 +27172,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pirateproxy.cam", true }, { "pirateproxy.cat", true }, { "pirateproxy.cc", true }, + { "pirateproxy.gdn", true }, { "pirateproxy.ist", true }, { "pirateproxy.la", true }, { "pirateproxy.one", true }, @@ -26749,12 +27202,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pittmantraffic.co.uk", true }, { "pivotaltracker.com", true }, { "pivotanimation.org", true }, + { "piwko.co", true }, { "pix5.de", true }, { "pixabay.com", true }, + { "pixe2019.org", true }, { "pixel.facebook.com", false }, { "pixel.google.com", true }, { "pixelbash.de", true }, - { "pixelesque.uk", true }, + { "pixelcubed.com", true }, { "pixelfou.com", true }, { "pixelminers.net", true }, { "pixelpirat.ch", true }, @@ -26768,6 +27223,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pixivimg.me", true }, { "pixloc.fr", true }, { "pizala.de", true }, + { "pizza-show.fr", true }, { "pizzabesteld.nl", true }, { "pizzabottle.com", false }, { "pizzacook.ch", true }, @@ -26776,6 +27232,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pizzagigant.hu", true }, { "pizzahut.ru", true }, { "pizzalongaway.it", true }, + { "pizzamc.eu", true }, { "pizzeria-mehrhoog.de", true }, { "pizzeriaamadeus.hr", true }, { "pizzeriacolore.com", true }, @@ -26786,7 +27243,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pj00600.com", true }, { "pj00700.com", true }, { "pj00800.com", true }, + { "pj009.com", true }, { "pj00900.com", true }, + { "pj02.com", true }, { "pj539999.com", true }, { "pjentertainments.co.uk", true }, { "pjili.com", true }, @@ -26798,10 +27257,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pkbjateng.or.id", true }, { "pkgt.de", false }, { "pkirwan.com", true }, + { "pkisolutions.com", true }, { "pko.ch", true }, { "pkov.cz", true }, { "pkphotobooths.co.uk", true }, - { "pksps.com", true }, { "pl-cours.ch", true }, { "pl.search.yahoo.com", false }, { "placasonline.com.br", true }, @@ -26819,11 +27278,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "plainmark.com", true }, { "plaintech.net.au", true }, { "plaintray.com", true }, + { "plaisirdumouvement.com", true }, { "plan-immobilier.fr", true }, { "planboardapp.com", true }, { "planecon.nz", true }, { "planeexplanation.com", true }, { "planer.me", true }, + { "planespotterblog.de", true }, { "planet-laas.de", true }, { "planet-work.com", true }, { "planetanim.fr", true }, @@ -26837,8 +27298,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "planeteroliste.fr", true }, { "planetknauer.net", true }, { "planetofthegames.tv", true }, - { "planetromeo.com", true }, { "planetromeofoundation.org", true }, + { "planetsoftware.com.au", true }, { "planformation.com", true }, { "planify.io", true }, { "planitz.com", true }, @@ -26852,11 +27313,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "plant-gift.jp", true }, { "plantarum.com.br", true }, { "plantastique.ch", true }, + { "plantastique.com", true }, { "planteforum.no", true }, { "plantes.ch", true }, { "plantezcheznous.com", true }, { "plantrustler.com", true }, { "planujemywesele.pl", true }, + { "planup.fr", true }, { "plaque-funeraire.fr", true }, { "plassmann.ws", true }, { "plasti-pac.ch", true }, @@ -26879,24 +27342,25 @@ static const nsSTSPreload kSTSPreloadList[] = { { "playanka.com", true }, { "playawaycastles.co.uk", true }, { "playdaysparties.co.uk", true }, + { "playerdb.co", true }, { "playerscout.net", true }, { "playform.cloud", true }, { "playhappywheelsunblocked.com", true }, { "playkh.com", true }, { "playkinder.com", true }, + { "playnation.io", true }, { "playocean.net", true }, { "playpirates.com", true }, { "playreal.city", true }, { "playsharp.com", true }, { "playsnake.org", true }, - { "playsoundevents.be", true }, { "playtictactoe.org", true }, { "playtimebouncycastles.co.uk", true }, - { "playyou.be", true }, + { "playupnow.com", true }, { "playzonecastles.co.uk", true }, + { "plazasummerlin.com", true }, { "pld-entertainment.co.uk", true }, { "pldx.org", true }, - { "pleaseuseansnisupportedbrowser.ml", true }, { "plegro.com", true }, { "pleiades.com.tr", true }, { "pleier-it.de", false }, @@ -26912,8 +27376,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "plissee-experte.de", true }, { "plitu.de", true }, { "plixer.com", true }, + { "plny.eu", true }, { "plob.org", true }, { "plochka.bg", true }, + { "plokko.com", true }, { "plongee-phuket.fr", true }, { "ploofer.com", true }, { "plot.ly", true }, @@ -26933,21 +27399,23 @@ static const nsSTSPreload kSTSPreloadList[] = { { "plumbingbenoni.co.za", true }, { "plumbingcentral.com.au", true }, { "plumbingglenvista.co.za", true }, - { "plumbingman.com.au", true }, { "plumlocosoft.com", true }, { "plumnet.ch", true }, { "plumpie.net", false }, { "plumplat.com", true }, { "plur.com.au", true }, { "plural.cafe", true }, + { "plurr.me", true }, { "plus-5.com", true }, { "plus.google.com", false }, { "plus.sandbox.google.com", true }, - { "pluscbdoil.com", false }, + { "pluscbdoil.com", true }, { "plushev.com", true }, { "pluslink.co.jp", true }, { "plusstreamfeed.appspot.com", true }, + { "plustech.id", true }, { "pluta.net", true }, + { "plutiedev.com", true }, { "pluto.life", true }, { "plutokorea.com", true }, { "plutopia.ch", true }, @@ -26975,7 +27443,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pmg-purchase.com", true }, { "pmg-purchase.net", true }, { "pmgnet.de", true }, + { "pmheart.site", true }, { "pmklaassen.com", true }, + { "pmnaish.co.uk", true }, { "pmoreau.org", true }, { "pmp-art.com", true }, { "pmponline.de", true }, @@ -27002,7 +27472,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pochaneko.com", true }, { "pocitacezababku.cz", true }, { "pocketfruity.com", true }, - { "pocketfullofapps.com", true }, + { "pocketinsure.com", true }, { "podemos.info", true }, { "podia.com.gr", false }, { "podroof.com", true }, @@ -27016,7 +27486,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "poezja.com.pl", true }, { "poezjagala.pl", true }, { "poffenhouse.ddns.net", true }, - { "pogoswine.com", true }, + { "pogera.com", true }, { "pogrebisky.net", true }, { "pohlmann.io", true }, { "poinsot.info", true }, @@ -27030,6 +27500,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "poitiers-ttacc-86.eu.org", true }, { "pojer.me", true }, { "pokalsocial.de", true }, + { "pokazy-iluzji.pl", true }, { "pokefarm.com", true }, { "pokeinthe.io", true }, { "pokemondb.net", true }, @@ -27041,7 +27512,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "polanda.com", true }, { "polar.uk.com", true }, { "pole-emotion.ch", true }, - { "pole.net.nz", true }, { "poleacademie.com", true }, { "poles4pilots.com", true }, { "policedriver.com", true }, @@ -27063,6 +27533,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "polishwomen.com", true }, { "polit.im", true }, { "politic.org.ua", true }, + { "politicachubut.com.ar", true }, { "politiezoneriho.be", true }, { "politik-bei-uns.de", true }, { "polizeiwallis.ch", true }, @@ -27073,21 +27544,23 @@ static const nsSTSPreload kSTSPreloadList[] = { { "polletmera.com", true }, { "polleverywhere.com", true }, { "pollingplace.uk", true }, + { "polly.spdns.org", true }, { "poloniainfo.com", true }, { "poloniex.co.za", true }, + { "polska-robota.com.ua", true }, { "polskiemalzenstwo.org", true }, { "poly-fast.com", true }, { "polycraftual.co.uk", true }, { "polyfill.io", true }, - { "polyfluoroltd.com", true }, + { "polyfluoroltd.com", false }, { "polygamer.net", true }, { "polymake.org", true }, { "polymathematician.com", true }, { "polynomapp.com", true }, { "polypane.rocks", true }, { "polypet.com.sg", true }, + { "polyr.xyz", true }, { "polytarian.com", true }, - { "polytechecosystem.vc", true }, { "polytekniskforening.dk", true }, { "pomar.club", false }, { "pomardaserra.com", true }, @@ -27110,6 +27583,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ponydesignclub.nl", true }, { "ponyfoo.com", true }, { "ponzi.life", true }, + { "poodlefan.net", true }, { "pookl.com", true }, { "poolspondsandwaterscapes.com", true }, { "poolvilla-margarita.net", false }, @@ -27120,7 +27594,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pop3.jp", true }, { "popcat.ru", true }, { "popcornpalacefundraising.com", true }, - { "popcultureshack.com", true }, { "popeyes.com", true }, { "popinga.it", true }, { "popmagz.com", true }, @@ -27134,18 +27607,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "porg.es", true }, { "pork.org.uk", true }, { "porkel.de", true }, - { "porn77.info", true }, - { "pornbay.org", true }, - { "porncandi.com", true }, - { "pornfacefinder.com", true }, + { "pornfacefinder.com", false }, { "pornhubhd.biz", true }, { "porniwi.com", true }, { "pornloupe.com", true }, - { "porno-gif.ru", true }, - { "pornohub.su", true }, - { "pornolab-net.appspot.com", false }, { "pornomens.be", true }, - { "pornoserver.eu", true }, { "pornspider.to", true }, { "porpcr.com", true }, { "pors-sw.cz", true }, @@ -27156,11 +27622,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "port80.hamburg", true }, { "portablebuildingsales.co.uk", true }, { "portablespeakersfinder.com", true }, + { "portailevangelique.ca", true }, { "portal.tirol.gv.at", true }, { "portalcarriers.com", true }, { "portalcentric.net", true }, - { "portalhubnuti.cz", false }, { "portalkla.com.br", true }, + { "portalveneza.com.br", true }, { "portalzine.de", true }, { "portamiinpista.it", true }, { "porte.roma.it", true }, @@ -27168,6 +27635,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "porterranchelectrical.com", true }, { "portofacil.com", true }, { "portofala.pt", true }, + { "portofrotterdam.com", false }, { "portosonline.pl", true }, { "portraitsystem.biz", true }, { "portsdebalears.gob.es", true }, @@ -27175,11 +27643,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "portsmoutheic.com", true }, { "portugal-a-programar.pt", true }, { "portugalsko.net", true }, + { "portvincentcaravanpark.com.au", true }, { "porybox.com", true }, { "pos.co.tz", true }, { "posalji.me", true }, { "posaunenchor-senden.de", true }, - { "posbank.co.uk", true }, { "poseidonwaterproofing.com", true }, { "poshcastles.co.uk", true }, { "poshlashes.se", true }, @@ -27187,7 +27655,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "posijson.stream", true }, { "positionus.io", true }, { "positive.com.cy", true }, - { "positivesobrietyinstitute.com", true }, + { "positivenames.net", true }, { "posobota.cz", true }, { "posoiu.net", true }, { "post-darwinian.com", true }, @@ -27199,7 +27667,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "postblue.info", true }, { "postbox.life", true }, { "postcode.nl", true }, - { "postcodewise.co.uk", true }, { "postdarwinian.com", true }, { "postdarwinism.com", true }, { "postdeck.de", true }, @@ -27219,10 +27686,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "potature.rimini.it", true }, { "potature.roma.it", true }, { "potentialproject.com", false }, - { "potenzmittel-levitra.com", true }, - { "potenzmittel-webshop.com", true }, - { "potenzmittelblog.info", true }, - { "potenzpillen-kaufen.biz", true }, { "potenzprobleme-info.net", true }, { "pothe.com", true }, { "pothe.de", true }, @@ -27232,12 +27695,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pottersheartministry.org", true }, { "pottshome.co.uk", true }, { "potworowski.de", true }, + { "potzwonen.nl", true }, { "poudlard.fr", true }, + { "poundwholesale.co.uk", true }, { "pour-la-culture-aulnay.fr", true }, { "pourlesenfants.info", true }, { "pouwels-oss.nl", true }, { "povareschka.ru", true }, { "povesham.tk", true }, + { "pow-s.com", true }, + { "pow.jp", true }, { "powelljones.co.uk", true }, { "power-coonies.de", true }, { "power-fit.org", true }, @@ -27252,10 +27719,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "powermatic7.com", true }, { "powermeter.at", true }, { "powermint.de", true }, + { "powerplaywashers.com", true }, { "powerpointschool.com", true }, { "powerserg.org", true }, { "powersergdatasystems.com", true }, { "powersergholdings.com", true }, + { "powersergthisisthewebsitefuckyouscott.com", true }, { "powersergusercontent.com", true }, { "powertothebuilder.com", true }, { "powerwellness-korecki.de", true }, @@ -27264,13 +27733,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pozzitiv.ro", true }, { "pp3345.net", true }, { "ppcrestaurants.com", true }, - { "ppembed.com", true }, { "ppipe.net", true }, + { "pplsoft.nl", true }, { "pplsvc.com", true }, { "ppmathis.ch", true }, { "ppmathis.com", true }, { "ppmoon.com", true }, + { "ppoozl.com", true }, { "ppro.com", true }, + { "ppsvcs2.com", true }, { "pptavmdata.org", true }, { "ppy.la", true }, { "ppy.sh", true }, @@ -27297,6 +27768,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "praxino.de", true }, { "praxis-dingeldey.de", true }, { "praxis-familienglueck.de", true }, + { "praxis-odermath.de", true }, { "prayerrequest.com", true }, { "prazeresdavida.com.br", true }, { "prazynka.pl", true }, @@ -27313,6 +27785,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pregono.com", true }, { "pregunteleakaren.gov", true }, { "preigu.de", true }, + { "preio.cn", true }, { "preis-alarm.info", true }, { "preis-alarm.org", true }, { "preloaded-hsts.badssl.com", true }, @@ -27326,7 +27799,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "prelved.nl", true }, { "prelved.pl", true }, { "prelved.se", true }, - { "premaritalsex.info", true }, { "prematureacceleration.club", true }, { "premierbouncycastles.co.uk", true }, { "premieresloges.ca", false }, @@ -27339,19 +27811,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "prenatalgeboortekaartjes.nl", true }, { "prepaid-cards.xyz", true }, { "prepaid-voip.nl", true }, - { "prepaidgirl.com", true }, { "prepaidkredietkaart.be", true }, { "prepare-job-hunting.com", true }, { "presbee.com", true }, { "prescotonline.co.uk", true }, - { "prescriptionrex.com", true }, { "present-m.com", true }, { "presentesdegrife.com.br", true }, { "president.bg", true }, { "prespanok.sk", true }, + { "pressakey.com", true }, + { "pressakey.de", true }, { "presscenter.jp", true }, { "pressertech.com", true }, { "presses.ch", true }, + { "presskr.com", true }, { "pressography.org", true }, { "pressrush.com", true }, { "pressup.it", true }, @@ -27373,18 +27846,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pretzelx.com", true }, { "prevenir.ch", true }, { "preview-it-now.com", true }, - { "priceremoval.net", true }, { "pricesniffer.co", true }, { "prideindomination.com", true }, - { "pridetechdesign.com", true }, { "prielwurmjaeger.de", true }, { "primaconsulting.net", true }, { "primalbase.com", true }, { "primalinea.pro", true }, { "primates.com", true }, { "primewho.org", true }, - { "primordialsnooze.com", true }, { "primorus.lt", true }, + { "primotilesandbathrooms.co.uk", false }, { "princeagency.com", true }, { "princesparktouch.com", true }, { "princessefoulard.com", true }, @@ -27403,7 +27874,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "printerleasing.be", true }, { "printexpress.cloud", true }, { "printf.de", true }, - { "printler.com", true }, { "printmet.com", true }, { "printus.de", true }, { "prior-it.be", true }, @@ -27430,6 +27900,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "prioritynissannewportnewsparts.com", true }, { "prismacloud.com", true }, { "prismacloud.green", true }, + { "prismacloud.xyz", true }, { "pristal.eu", true }, { "pristinegreenlandscaping.com", true }, { "priv.im", true }, @@ -27437,6 +27908,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "privacy-week.at", true }, { "privacy.com", true }, { "privacybadger.org", true }, + { "privacychick.com", true }, + { "privacychick.io", true }, { "privacyforjournalists.org.au", true }, { "privacyinternational.org", true }, { "privacyscore.org", true }, @@ -27449,7 +27922,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "privatebanks.uk", true }, { "privatebin.info", true }, { "privatecapsecurity.org", true }, - { "privategiant.com", true }, { "privateideas.de", true }, { "privateimarketing.com", true }, { "privatepokertour.com", true }, @@ -27458,6 +27930,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "privatewolke.com", true }, { "privatfrei.de", true }, { "privatpatient-krankenhaus.de", true }, + { "privcloud.cc", true }, { "privea.fr", true }, { "privelust.nl", true }, { "priverify.com", true }, @@ -27476,11 +27949,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pro-mile.pl", true }, { "pro-netz.de", false }, { "pro-wiert.pl", true }, + { "proadvanced.com", true }, { "proautorepairs.com.au", true }, { "probase.ph", true }, { "probely.com", true }, { "probiv.biz", true }, { "probiv.cc", true }, + { "procarservices.com", true }, { "procens.us", true }, { "procensus.com", true }, { "procert.ch", true }, @@ -27488,6 +27963,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "procharter.com", true }, { "procinorte.net", true }, { "proclib.org", true }, + { "procrastinatingengineer.co.uk", true }, { "procrastinationland.com", true }, { "procreditbank.com.al", true }, { "proctorio.com", true }, @@ -27496,6 +27972,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "prodietix.cz", true }, { "prodigia.com", false }, { "prodinger.com", true }, + { "prodottogiusto.com", true }, { "prodsim.ninja", true }, { "producepromotions.com", true }, { "producertools.io", true }, @@ -27539,35 +28016,38 @@ static const nsSTSPreload kSTSPreloadList[] = { { "progiscad.com", true }, { "programistka.com", true }, { "programlama.tk", true }, - { "programmaticmagic.com", true }, { "programsupport300procent.com", true }, { "progreso.pl", true }, { "progress-linux.org", true }, { "progress.photos", true }, { "progressive.work", true }, { "progressiveplanning.com", true }, + { "progressnet.nl", true }, { "prohrcloud.com", true }, { "proimpact.it", true }, - { "project-rune.tech", true }, - { "project-splash.com", true }, { "project.supply", true }, { "projectarmy.net", false }, { "projectblackbook.us", true }, + { "projectborealisgitlab.site", true }, { "projectcastle.tech", true }, { "projectforge.org", true }, + { "projectlinuseasttn.org", true }, { "projectnom.com", true }, { "projectsecretidentity.com", true }, { "projectsecretidentity.org", true }, { "projectunity.io", true }, { "projektarbeit-projektplanung.de", true }, - { "projektzentrisch.de", true }, { "projest.ch", true }, { "projet-fly.ch", true }, { "prok.pw", true }, + { "prolan.pw", true }, { "prolearningcentre.com", true }, { "prometheanfire.net", true }, { "prometheanfire.org", true }, { "promisesaplus.com", true }, + { "promo-brille.at", true }, + { "promo-brille.ch", true }, + { "promo-brille.de", true }, { "promo-computers.nl", true }, { "promo-matelas.com", true }, { "promods.net", true }, @@ -27575,11 +28055,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "promolover.com", true }, { "promopony.com", true }, { "promoscuola.net", true }, + { "promoteiq.com", true }, { "promoterms.com.au", true }, { "promotioncentre.co.uk", true }, { "promozione.info", true }, { "pronostic-king.fr", true }, { "pronto-intervento.net", true }, + { "prontointerventoimmediato.it", true }, { "prontossl.com", true }, { "proobec.cz", true }, { "proofwiki.org", true }, @@ -27592,6 +28074,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "properticons.com", true }, { "property-catalogue.eu", true }, { "propertygroup.pl", true }, + { "propertyinside.id", true }, { "propertyone.mk", true }, { "prophiler.de", true }, { "propipesystem.com", true }, @@ -27600,17 +28083,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "proprietairesmaisons.fr", true }, { "propseller.com", true }, { "proseandleprechauns.com", true }, + { "prosharp.com.au", true }, { "prospanek.cz", true }, { "prosperontheweb.com", true }, { "prospo.co", true }, { "prostohobby.ru", true }, - { "prostoporno.net", true }, { "prostoporno.sexy", true }, { "prostye-recepty.com", true }, { "prosurveillancegear.com", true }, { "prot.ch", true }, { "protectem.de", true }, { "protectoraanimalesalicante.org", true }, + { "protectr.de", true }, { "protege.moi", true }, { "protegetudescanso.com", true }, { "protein-riegel-test.de", true }, @@ -27632,15 +28116,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "provectus.de", true }, { "proveits.me", false }, { "provence-appartements.com", true }, + { "providencecmc.com", true }, { "providerlijst.com", true }, { "providerlijst.nl", true }, { "provision-isr.nl", true }, - { "provisionircd.tk", true }, { "provitec.com", true }, { "provitec.de", true }, { "provokator.co.il", true }, { "prowebcenter.com", true }, { "prowise.com", true }, + { "prowise.me", true }, { "proximityradio.fr", true }, { "proxybay.bz", true }, { "proxybay.co", true }, @@ -27683,9 +28168,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "psdsuc.com", true }, { "pself.net", true }, { "pseta.ru", true }, - { "pseudo.coffee", true }, { "psg.bg", true }, + { "pshostpk.com", true }, + { "psici.eu", true }, { "psicoexpansao.com.br", true }, + { "psicologajanainapresotto.com.br", true }, { "psicologasandrabernal.es", true }, { "psicologoforensemadrid.com", true }, { "psm.org.ph", true }, @@ -27696,6 +28183,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pssgcsim.org", true }, { "pst.moe", true }, { "pste.pw", true }, + { "pstrozniak.com", true }, { "psu.je", true }, { "psw-consulting.de", true }, { "psw-group.de", true }, @@ -27710,25 +28198,31 @@ static const nsSTSPreload kSTSPreloadList[] = { { "psycho-lobby.com", true }, { "psycho.space", true }, { "psychoactive.com", true }, + { "psychologie-hofner.at", true }, { "psychotherapie-kp.de", true }, { "psydix.org", true }, { "psylab.cc", true }, { "psylab.re", true }, { "psylab.vip", true }, { "psytrance-pro.com", true }, + { "pt-d.ru", true }, { "pt-server.de", true }, { "ptal.eu", true }, { "ptbi.org.pl", true }, { "ptbx.co", true }, { "pterodactylus.cz", true }, + { "ptfiber.com", true }, + { "ptfiber.ru", true }, + { "ptfiber.spb.ru", true }, { "ptgoldensun.com", true }, { "pthsec.com", true }, { "ptm.ro", false }, { "ptmarquees.ie", true }, + { "ptrbrs.nl", true }, { "ptrl.ws", true }, { "ptron.org", true }, + { "pty.gg", true }, { "puac.de", true }, - { "pub-online.ro", true }, { "pubean.com", true }, { "pubi.me", true }, { "publanda.nl", true }, @@ -27744,12 +28238,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "publicrea.com", true }, { "publicsuffix.org", true }, { "publiq.space", true }, - { "publishingshack.com", true }, + { "pubmire.com", true }, { "pubreview.com.au", true }, { "pubreviews.com", true }, { "pucchi.net", true }, { "pucssa.org", true }, { "puddis.de", true }, + { "puggan.se", true }, { "pugovka72.ru", true }, { "puhka.me", true }, { "puissancemac.ch", true }, @@ -27773,7 +28268,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pure-gmbh.com", true }, { "purecabo.com", true }, { "pureessentialoil.biz", true }, - { "pureholisticliving.me", true }, + { "purefkh.xyz", true }, { "pureitsolutionsllp.com", true }, { "purelunch.co.uk", true }, { "purevapeofficial.com", true }, @@ -27783,6 +28278,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "purplebricks.com", true }, { "purplebricks.com.au", true }, { "purplebricksplc.com", true }, + { "purplegrapegames.com", true }, { "purplemet.com", true }, { "purplemoon.ch", true }, { "purplemoon.mobi", true }, @@ -27799,12 +28295,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pusatinkubatorbayi.com", true }, { "pushers.com.mx", true }, { "pushrax.com", true }, + { "pusichatka.ddns.net", true }, { "put.moe", true }, { "put.re", true }, { "putatara.net", true }, { "putman-it.nl", true }, { "putney.io", true }, { "putomani.rs", true }, + { "putrock.be", true }, { "puurwonengeldrop.nl", false }, { "puxlit.net", true }, { "puyallupnissanparts.com", true }, @@ -27820,10 +28318,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pvpcraft.ca", true }, { "pvpctutorials.de", true }, { "pvtschlag.com", true }, + { "pwaresume.com", true }, { "pwdsafe.com", true }, { "pwe.vision", true }, + { "pwnedpass.tk", true }, { "pwnies.dk", true }, { "pwolk.com", true }, + { "pxl.cl", true }, { "pxx.io", true }, { "py-amf.org", true }, { "py.search.yahoo.com", false }, @@ -27836,12 +28337,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pypi.io", true }, { "pypi.org", true }, { "pypi.python.org", true }, + { "pyramidsofchi.com", true }, + { "pyrios.pro", true }, { "pyrotechnologie.de", true }, { "pysays.net", true }, { "pyspace.org", true }, { "python-hyper.org", true }, { "python.org", false }, { "pyzlnar.com", true }, + { "pzpittsburgh.com", true }, { "pzsearch.nl", true }, { "q-inn.com", true }, { "q-inn.nl", true }, @@ -27856,8 +28360,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "qaconstrucciones.com", true }, { "qadmium.com", true }, { "qambarraza.com", true }, - { "qamrulhaque.com", true }, { "qapital.com", true }, + { "qaz.cloud", true }, { "qbeing.info", true }, { "qbiju.com.br", true }, { "qbus.pl", true }, @@ -27873,7 +28377,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "qcstudentcenter.com", true }, { "qcstyleacademy.com", true }, { "qctravelschool.com", true }, - { "qdon.space", true }, + { "qdon.space", false }, { "qedcon.org", false }, { "qelectrotech.org", true }, { "qetesh.de", true }, @@ -27883,10 +28387,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "qhse-professionals.nl", true }, { "qianalysis.com", true }, { "qianqiao.me", true }, + { "qiaohong.org", true }, { "qicomidadeverdade.com.br", true }, { "qifu.me", true }, - { "qifu.org.cn", true }, { "qiliang.wang", true }, + { "qingcao.org", true }, { "qingpat.com", true }, { "qingpei.me", true }, { "qionouu.cn", true }, @@ -27898,10 +28403,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "qiwi.be", true }, { "qixi.biz", true }, { "qkka.org", true }, + { "qkmortgage.com", true }, { "qldconservation.org.au", true }, { "qldformulaford.org", true }, + { "qledtech.com", false }, { "qlrace.com", false }, { "qm-marzahnnordwest.de", true }, + { "qnq.moe", true }, { "qochealth.com", true }, { "qoml.net", true }, { "qonto.eu", true }, @@ -27911,9 +28419,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "qq-navi.com", true }, { "qq52o.me", true }, { "qqrss.com", true }, - { "qqvips.com", true }, - { "qqvrsmart.cn", true }, { "qr-city.org", true }, + { "qr.cl", true }, + { "qrbird.com", true }, { "qrcontagion.com", true }, { "qrpth.eu", true }, { "qruiser.com", true }, @@ -27921,7 +28429,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "qtacairsoft.com", true }, { "qtl.me", true }, { "qtn.net", true }, - { "qto.com", true }, { "qto.net", true }, { "qtpass.org", true }, { "qtpower.co.uk", true }, @@ -27939,6 +28446,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "qualityhomesystems.com", true }, { "qualityofcourse.com", true }, { "qualitypropertycare.co.uk", true }, + { "qualpay.biz", true }, { "qualtrics.com", true }, { "quant-labs.de", true }, { "quantaloupe.tech", true }, @@ -27965,23 +28473,28 @@ static const nsSTSPreload kSTSPreloadList[] = { { "qubes-os.org", true }, { "qubyte.codes", true }, { "quchao.com", true }, + { "queene.eu", true }, { "queensrdapartments.com.au", true }, { "queer.party", true }, { "queercinema.ch", true }, { "queercoders.com", false }, + { "queextensiones.com", true }, { "quehacerencusco.com", true }, + { "quelle.at", true }, + { "quelle.ch", true }, + { "quelle.de", true }, { "quelleformation.net", true }, { "quemeloquitan.com", true }, { "queminventou.com.br", true }, { "quemmeliga.com", true }, { "quenotejodan.cl", true }, { "quentinchevre.ch", true }, + { "queo.com.co", true }, { "quera.ir", true }, { "querkommentar.de", true }, { "query-massage.com", true }, { "question.com", true }, { "questionable.host", true }, - { "questionyu.com", true }, { "questsocial.it", true }, { "quevisiongrafica.com", true }, { "quic.stream", true }, @@ -28001,22 +28514,23 @@ static const nsSTSPreload kSTSPreloadList[] = { { "quire.io", true }, { "quisido.com", true }, { "quitarlasmanchasde.com", true }, + { "quitimes.com", true }, { "quizogames.com", true }, + { "quizstore.net", true }, { "qul.link", true }, { "quli.nl", false }, { "qunzi.la", true }, { "quocdesign.ch", true }, + { "quoteidiot.com", true }, { "quotev.com", true }, { "quppa.net", true }, { "quuz.org", true }, { "qvggroup.com", true }, { "qvi.st", true }, { "qvitoo.com", true }, - { "qwallet.ca", true }, { "qwans.nl", true }, { "qwant.com", true }, { "qwant.fr", true }, - { "qwaser.fr", true }, { "qwdqwd.de", true }, { "qwe7002.com", true }, { "qweepi.de", false }, @@ -28028,20 +28542,24 @@ static const nsSTSPreload kSTSPreloadList[] = { { "qx.fi", true }, { "qx.se", true }, { "qxy.ch", true }, + { "r-ay.cn", true }, { "r-rwebdesign.com", true }, { "r-t-b.fr", true }, - { "r0t.co", true }, { "r0uzic.net", true }, { "r1ch.net", true }, { "r2d2pc.com", true }, { "r33.space", true }, + { "r3bl.blog", true }, + { "r3bl.me", true }, { "r3nt3r.com", true }, { "r3s1stanc3.me", true }, { "r40.us", true }, { "r6-team.ru", true }, + { "r7.com.au", true }, { "r7h.at", true }, { "r811.de", true }, { "ra-micro-koeln.de", true }, + { "ra-schaal.de", false }, { "ra.co.ke", true }, { "ra.vc", true }, { "ra4wvpn.com", true }, @@ -28052,6 +28570,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rabotaescort.com", true }, { "rabynska.eu", true }, { "raccoltarifiuti.com", true }, + { "racdek.com", true }, + { "racdek.nl", true }, { "racermaster.xyz", true }, { "racesport.nl", false }, { "raceviewcycles.com", true }, @@ -28068,9 +28588,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "raclet.co.uk", true }, { "raconconsulting.co.uk", true }, { "racoo.net", true }, + { "racozo.com", true }, { "racunovodstvo-prina.si", true }, { "radar.sx", true }, { "radaravia.ru", true }, + { "radarnext.com", true }, { "radartatska.se", true }, { "radartek.com", true }, { "radcube.hu", true }, @@ -28091,7 +28613,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "radionicabg.com", true }, { "radiopolarniki.spb.ru", true }, { "radiormi.com", true }, - { "radiorsvp.com", true }, + { "radiosendungen.com", true }, { "radis-adopt.com", true }, { "radiumtree.com", true }, { "radondetectionandcontrol.com", true }, @@ -28104,6 +28626,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rafaelmagalhaesweb.com", true }, { "rafey.xyz", true }, { "raffaellaosti.com", true }, + { "raft.pub", true }, { "rafting-japan.com", true }, { "ragasto.nl", true }, { "rage-overload.ch", true }, @@ -28111,14 +28634,23 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rage4.com", true }, { "raghavdua.in", true }, { "rahulpnath.com", true }, - { "rai-co.net", true }, { "raidensnakesden.co.uk", true }, { "raidensnakesden.com", true }, { "raidensnakesden.net", true }, + { "raidstone.net", true }, { "raiffeisen-kosovo.com", true }, + { "rail-o-rama.nl", true }, + { "rail24.nl", true }, + { "rail360.nl", true }, + { "railbird.nl", true }, { "railgun.ac", true }, { "railjob.cn", true }, + { "railorama.nl", true }, + { "railpassie.nl", true }, { "railtoo.com", true }, + { "railvideo.co.uk", true }, + { "railvideo.net", true }, + { "railvideo.nl", true }, { "railwaytech.net", true }, { "railyardurgentcare.com", true }, { "raimixmotoparts.com.br", true }, @@ -28155,11 +28687,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "raltha.com", true }, { "ram-it.nl", true }, { "ram.nl", true }, - { "ramatola.uk", true }, { "rambii.de", true }, - { "ramblingrf.tech", true }, { "rambo.codes", true }, - { "ramezanloo.com", false }, + { "ramitmittal.com", true }, { "rammstein-portugal.com", true }, { "ramrecha.com", true }, { "ramsor-gaming.de", true }, @@ -28177,6 +28707,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rangsmo.se", true }, { "rank-net.de", true }, { "ranking-deli.jp", true }, + { "ranktopay.com", true }, { "ranson.com.au", true }, { "rantanda.com", true }, { "rante.com", true }, @@ -28206,6 +28737,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rascalscastles.co.uk", true }, { "rascalscastlesdoncaster.co.uk", true }, { "rasebo.ro", true }, + { "raspii.tech", true }, { "rastreie.net", true }, { "rasty.cz", true }, { "ratd.net", true }, @@ -28230,6 +28762,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "raviparekh.co.uk", true }, { "ravis.org", true }, { "rawdutch.nl", true }, + { "rawinfosec.com", true }, { "rawsec.net", true }, { "raxion.cf", true }, { "raxion.tk", true }, @@ -28250,6 +28783,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "razeen.me", true }, { "razeencheng.com", true }, { "raziskovalec-resnice.com", true }, + { "rbcservicehub-uat.azurewebsites.net", true }, { "rbensch.com", true }, { "rbflote.lv", true }, { "rbltracker.com", true }, @@ -28261,12 +28795,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rc-offi.net", true }, { "rc-rp.com", true }, { "rc-shop.ch", true }, - { "rc7.ch", true }, { "rca.fr", true }, { "rcd.cz", true }, { "rcdocuments.com", true }, { "rchrdsn.uk", true }, + { "rcifsgapinsurance.co.uk", true }, { "rclsm.net", true }, + { "rcmlinx.com", true }, { "rcmurphy.com", true }, { "rcnitrotalk.com", true }, { "rcorporation.be", true }, @@ -28276,10 +28811,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rct.sk", true }, { "rctalk.com", true }, { "rdfproject.it", true }, + { "rdjb2b.com", true }, { "rdl.at", false }, { "rdmrotterdam.nl", true }, { "rdmtaxservice.com", true }, { "rdns.cc", true }, + { "rdplumbingsolutions.com.au", true }, { "rdv-prefecture.com", true }, { "rdwh.tech", true }, { "re-curi.com", true }, @@ -28290,6 +28827,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "react-db.com", true }, { "reactivarte.es", true }, { "reactive-press.com", true }, + { "reactpwa.com", true }, { "read.sc", true }, { "reades.co.uk", true }, { "readheadcopywriting.com", true }, @@ -28298,8 +28836,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "readingrats.de", true }, { "readonly.de", true }, { "readouble.com", false }, - { "readtldr.com", true }, { "readysell.net", true }, + { "readytobattle.net", true }, { "readytongue.com", true }, { "readytowear.es", true }, { "reaganlibrary.gov", true }, @@ -28308,7 +28846,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "realcapoeira.ru", true }, { "realestateonehowell.com", true }, { "realestateradioshow.com", true }, - { "realfamilyincest.com", true }, { "realfreedom.city", true }, { "realgarant-shop.de", false }, { "realhorsegirls.net", true }, @@ -28322,10 +28859,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "really-simple-plugins.com", true }, { "really-simple-ssl.com", true }, { "really.ai", true }, + { "reallytrusted.com", true }, { "realme.govt.nz", true }, { "realmofespionage.xyz", true }, { "realoteam.ddns.net", true }, - { "realraghavgupta.com", true }, { "realum.com", true }, { "realum.de", true }, { "realum.eu", true }, @@ -28349,12 +28886,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "recantoshop.com", true }, { "recantoshop.com.br", true }, { "recapp.ch", true }, + { "recaptcha-demo.appspot.com", true }, { "receiliart.com", true }, { "receptionsbook.com", true }, { "recepty.eu", false }, + { "recetasdecocinaideal.com", true }, { "rechenknaecht.de", true }, - { "recht-freundlich.de", true }, - { "rechtenliteratuurleiden.nl", false }, { "rechtsanwaeltin-vollmer.de", true }, { "rechtsanwalt-koeppen-feucht.de", true }, { "rechtschreibpruefung24.de", true }, @@ -28416,7 +28953,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "redelectrical.co.uk", true }, { "redessantaluzia.com.br", true }, { "redfox-infosec.de", true }, - { "redgatesoftware.co.uk", true }, { "redgoose.ca", true }, { "redhandedsecurity.com.au", true }, { "redheeler.com.br", true }, @@ -28431,15 +28967,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "redletter.link", true }, { "redlinelap.com", true }, { "redlink.de", true }, + { "redmind.se", true }, { "redmore.me", true }, { "redneragenturen.org", true }, { "rednsx.org", true }, - { "redporno.cz", true }, { "redprice.by", true }, { "redshield.co", true }, { "redshiftlabs.com.au", true }, { "redshoeswalking.net", true }, { "redsicom.com", true }, + { "redsquirrelcampsite.co.uk", true }, { "redstoner.com", true }, { "redteam-pentesting.de", true }, { "redwaterhost.com", true }, @@ -28457,16 +28994,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "reevu.net", true }, { "reezer.org", true }, { "referdell.com", true }, - { "refficience.com", true }, { "refill-roboter.de", true }, + { "refinansiering.no", true }, { "reflectivity.io", true }, { "reflectores.net", true }, + { "refletindosaude.com.br", true }, { "reflexions.co", true }, { "reflexive-engineering.com", true }, { "reflexive.xyz", true }, { "refood-cascaiscpr.eu", true }, - { "reforesttheplanet.com", true }, - { "reformatreality.com", true }, { "refresh-media.nl", true }, { "refreshliving.us", true }, { "refuelcollective.com", true }, @@ -28493,7 +29029,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "regiovertrieb.de", false }, { "regis.tech", true }, { "regisearch.co.uk", true }, - { "register.gov.uk", true }, { "registerex.me", true }, { "registerforevent.co.uk", true }, { "registerra.nl", true }, @@ -28532,7 +29067,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "reinaertvandecruys.com", true }, { "reinaldudras.ee", true }, { "reinaldudrasfamily.ee", true }, - { "reineberthe.ch", true }, { "reinencaressa.be", true }, { "reinfer.io", true }, { "reinhard.codes", true }, @@ -28546,6 +29080,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "reisenbauer.ee", true }, { "reiseversicherung-werner-hahn.de", true }, { "reishunger.de", true }, + { "reisslittle.com", true }, { "rejahrehim.com", true }, { "rejects.email", true }, { "rejsehuskelisten.dk", true }, @@ -28553,6 +29088,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rekisuta.com", true }, { "reklamjog.hu", true }, { "rekorsanat.com.tr", true }, + { "rekyou.com", false }, { "relates.link", true }, { "relax.hn", true }, { "relaxdom.net", true }, @@ -28563,22 +29099,30 @@ static const nsSTSPreload kSTSPreloadList[] = { { "releasetimes.io", true }, { "reliancebank.bank", true }, { "reliant3sixty.com", true }, - { "religiousforums.com", true }, { "relocatefeds.gov", false }, { "relojeriajoyeria.com", true }, + { "relojes-online.com", true }, + { "relojesseiko.es", true }, { "relvan.com", true }, { "rem0te.net", true }, + { "remaimodern.org", true }, { "remambo.jp", true }, { "remedi.tokyo", true }, + { "remedionaturales.com", true }, { "remedioparaherpes.com", true }, { "remedios-caserospara.com", true }, { "remedioscaserosparalacistitis.com", true }, + { "remedioskaseros.com", false }, { "remejeanne.com", true }, { "rememberthemilk.com", false }, { "remi-saurel.com", true }, + { "remilner.co.uk", true }, + { "remirampin.com", true }, { "remissan.com", true }, + { "remitatm.com", false }, { "remonti.info", true }, { "remote.so", true }, + { "remoteham.com", true }, { "remoteutilities.com", true }, { "removalcellulite.com", true }, { "removedrepo.com", true }, @@ -28592,6 +29136,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rene-schwarz.com", true }, { "rene-stolp.de", true }, { "renearends.nl", true }, + { "reneclemens.nl", true }, + { "renedekoeijer.com", true }, + { "renedekoeijer.nl", true }, { "reneleu.ch", true }, { "renem.net", false }, { "renemayrhofer.com", true }, @@ -28604,7 +29151,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "renezuo.com", true }, { "renkenlaw.com", true }, { "renlen.nl", true }, - { "rennfire.org", true }, { "renov8sa.co.za", true }, { "renovum.es", true }, { "renrenche.com", false }, @@ -28613,6 +29159,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rent-a-c.io", true }, { "rent-a-coder.de", true }, { "rentacaramerica.com", true }, + { "rentalmed.com.br", true }, { "rentasweb.gob.ar", true }, { "renthelper.us", true }, { "rentinsingapore.com.sg", true }, @@ -28623,7 +29170,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "repaik.com", true }, { "repair.by", true }, { "repaper.org", true }, - { "reparo.pe", true }, { "repaxan.com", true }, { "repkord.com", true }, { "replicaswiss.nl", true }, @@ -28637,19 +29183,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "reprogrammingpredators.com", true }, { "reprozip.org", true }, { "repsomelt.com", true }, - { "reptilauksjonen.no", true }, { "reptrax.com", true }, { "republic.gr", true }, { "republictelecom.net", true }, { "republique.org", true }, { "repugnant-conclusion.com", true }, { "repugnantconclusion.com", true }, - { "repustate.com", true }, + { "reputationweaver.com", true }, { "reqrut.net", true }, - { "request-trent.com", true }, { "requestr.co.uk", true }, { "res-kc.com", true }, { "resama.eu", true }, + { "resc.la", true }, { "rescms-secure.com", true }, { "research-panel.jp", true }, { "research.facebook.com", false }, @@ -28658,7 +29203,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "reseausyndic.ca", true }, { "reservar-un-hotel.com", true }, { "reservetonshift.com", true }, - { "reservoirtp.fr", true }, { "resfriatech.com.br", true }, { "residence-simoncelli.com", true }, { "residentiallocksmithsanantoniotx.com", true }, @@ -28668,6 +29212,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "resolvefa.com", true }, { "resolving.com", true }, { "resoplus.ch", true }, + { "resort-islands.net", true }, { "resortohshima.com", true }, { "resourceconnect.com", true }, { "resourceguruapp.com", true }, @@ -28695,6 +29240,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "restoruns.xyz", true }, { "restrealitaet.de", true }, { "restrito.org", true }, + { "resultsatretail.com", true }, { "resursedigitale.ro", true }, { "retefarmaciecostadamalfi.it", true }, { "retetenoi.net", true }, @@ -28705,7 +29251,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "reto.ch", true }, { "reto.com", true }, { "reto.io", true }, - { "retogroup.com", true }, { "retokromer.ch", true }, { "retractableawningssydney.com.au", true }, { "retro.rocks", true }, @@ -28715,6 +29260,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "retrocdn.net", true }, { "retrofitlab.com", true }, { "retroity.net", true }, + { "retronet.nl", true }, { "retroroundup.com", true }, { "retrotracks.net", true }, { "retrovideospiele.com", true }, @@ -28747,10 +29293,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "revisit.date", true }, { "revivalinhisword.com", true }, { "revivingtheredeemed.org", true }, + { "revlect.com", true }, { "revolt.tv", true }, { "revthefox.co.uk", true }, { "rewardingexcellence.com", true }, { "rewrite3.com", true }, + { "rewtherealtor.com", true }, { "rex.tc", true }, { "rexdf.net", true }, { "rexskz.info", true }, @@ -28766,7 +29314,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rgavmf.ru", true }, { "rgbinnovation.com", true }, { "rgcomportement.fr", true }, - { "rgservers.com", true }, { "rhaegal.me", true }, { "rhd-instruments.com", true }, { "rhd-instruments.de", true }, @@ -28790,6 +29337,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rhymix.org", true }, { "rhynl.io", true }, { "riajenaka.com", true }, + { "riaki.net", true }, { "rial.space", true }, { "ribs.com", true }, { "ricardo.nu", true }, @@ -28798,8 +29346,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "riccardopiccioni.it", true }, { "riccy.org", true }, { "riceadvice.info", true }, + { "richadams.me", true }, { "richardbloomfield.blog", true }, { "richardcrosby.co.uk", true }, + { "richardharpur.com", true }, { "richardhering.de", true }, { "richardhicks.us", true }, { "richardjgreen.net", true }, @@ -28813,11 +29363,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "richardwarrender.com", true }, { "richie.fi", true }, { "richie.link", true }, - { "richmtdriver.com", true }, { "richonrails.com", true }, { "ricketyspace.net", true }, { "ricki-z.com", true }, - { "ricknox.com", true }, { "rickrongen.nl", true }, { "rickscastles.co.uk", true }, { "rickvanderzwet.nl", true }, @@ -28827,10 +29375,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rico.ovh", true }, { "ricobaldegger.ch", true }, { "ricochet.im", true }, + { "ricoydesign.com", true }, { "ricozienke.de", true }, - { "riddims.co", true }, { "ride-up.com", true }, { "rideyourdamn.bike", true }, + { "ridgelandchurch.org", true }, { "ridingboutique.de", true }, { "riederle.com", true }, { "riemer.ml", true }, @@ -28848,6 +29397,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rightnetworks.com", true }, { "rightstuff.link", true }, { "righttobuy.gov.uk", true }, + { "rigolitch.fr", true }, + { "rigsalesaustralia.com", true }, { "rijk-catering.nl", false }, { "rijsinkunst.nl", true }, { "rik.onl", true }, @@ -28856,14 +29407,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rileyevans.co.uk", true }, { "rimax.vn", true }, { "rimcountrymuseum.org", true }, + { "rimediogiusto.com", true }, { "rimeto.io", true }, { "rimo.site", true }, + { "rimorrecherche.nl", true }, { "ring.com", true }, { "ringingliberty.com", true }, { "ringjewellery.co.uk", true }, { "rinvex.com", true }, { "rio-weimar.de", true }, - { "rioshop.com.br", true }, + { "rioxmarketing.com", true }, { "rip-sport.cz", true }, { "ripaton.fr", true }, { "ripmixmake.org", true }, @@ -28877,16 +29430,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rise-technologies.com", true }, { "riseup.net", true }, { "rishikeshyoga.in", true }, - { "risi-china.com", true }, { "risiinfo.com", true }, { "riskmitigation.ch", true }, { "risparmiare.info", true }, - { "rissato.com.br", true }, { "ristioja.ee", true }, { "ristoarea.it", true }, { "ristorantefattoamano.it", true }, { "ristoviitanen.fi", true }, { "ristrutturazioneappartamento.roma.it", true }, + { "rit.space", true }, { "rittau.biz", true }, { "rittau.org", true }, { "ritzlux.com.tw", true }, @@ -28901,6 +29453,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "riverviewcourtapts.com", true }, { "riverweb.gr", true }, { "rivierasaints.ch", true }, + { "rivoflor.it", true }, { "rivus.net", true }, { "rivy.org", true }, { "rix.ninja", true }, @@ -28912,7 +29465,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rj-onderneemt.nl", true }, { "rkfp.cz", true }, { "rkkhok.hu", true }, - { "rkmedia.no", true }, + { "rkmns.edu.in", true }, { "rlalique.com", true }, { "rld.org", true }, { "rlds.ch", true }, @@ -28923,15 +29476,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rm-it.de", true }, { "rmb.li", true }, { "rmcbs.de", true }, + { "rmeuropean.com", true }, { "rmf.io", true }, { "rmit.me", true }, - { "rmk.si", true }, { "rmm-i.com", true }, { "rmmanfredi.com", true }, { "rmpsolution.de", true }, { "rmrig.org", true }, { "rms.sexy", true }, - { "rmsides.com", true }, { "rmstudio.tw", true }, { "rmsupply.nl", true }, { "rn29.me", true }, @@ -28951,17 +29503,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "robandjanine.com", true }, { "robbertt.com", false }, { "robdavidson.network", true }, - { "robert-flynn.de", true }, { "robertattfield.com", true }, { "robertayamashita.com", true }, { "robertayamashita.com.br", true }, { "robertbln.com", true }, { "robertg.me", true }, + { "robertglastra.com", true }, { "roberthurlbut.com", true }, { "robertkrueger.de", true }, { "robertlysik.com", true }, { "robertnemec.com", true }, - { "robertocasares.no-ip.biz", true }, { "robertoentringer.com", true }, { "robertof.ovh", true }, { "robertopazeller.ch", true }, @@ -28980,6 +29531,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "robinlinden.eu", true }, { "robinsonstrategy.com", true }, { "robinsonyu.com", true }, + { "robinwill.de", true }, { "robinwinslow.uk", true }, { "robjager-fotografie.nl", true }, { "robocop.no", true }, @@ -28987,6 +29539,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "robohash.org", true }, { "robokits.co.in", true }, { "robot.car", true }, + { "robot.works", true }, { "robotattack.org", true }, { "roboth.am", true }, { "robotham.org", true }, @@ -29036,7 +29589,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rody-design.com", true }, { "rodzina-kupiec.eu.org", true }, { "roeckx.be", true }, - { "roeitijd.nl", true }, + { "roeitijd.nl", false }, { "roelbazuin.com", true }, { "roeldevries.me", true }, { "roeleveld.nl", true }, @@ -29059,14 +29612,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rogoff.xyz", true }, { "rogue-e.xyz", true }, { "roguefinancial.com", true }, - { "roguefortgame.com", true }, { "roguenation.space", true }, { "roguenetworks.me", true }, { "roguesignal.net", true }, { "roguetechhub.org", true }, - { "rohanbassett.com", true }, { "rohedaten.de", true }, { "rohitagr.com", true }, + { "rohlik.cz", true }, { "rointe.online", true }, { "roiscroll.com", true }, { "roka9.de", true }, @@ -29075,8 +29627,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "roksolana.be", true }, { "rokudenashi.de", true }, { "roland.io", true }, - { "rolandreed.cn", true }, { "rolandszabo.com", true }, + { "roleplayhome.com", true }, { "roligprylar.se", true }, { "rollatorweb.nl", true }, { "rollercoasteritalia.it", true }, @@ -29097,6 +29649,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "romanticfirstdance.com", true }, { "romanticschemer.com", true }, { "romanticsexshopguatemala.com", true }, + { "romanticvillas.com.au", false }, { "romapa.com", true }, { "romar-bos.nl", true }, { "romarin.es", true }, @@ -29104,7 +29657,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "romatrip.it", true }, { "rome.dating", true }, { "rommelwood.de", true }, - { "roms.fun", true }, { "ronanrbr.com", true }, { "rondommen.nl", true }, { "rondouin.fr", true }, @@ -29114,7 +29666,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ronniegane.kiwi", true }, { "ronnylindner.de", true }, { "ronomon.com", true }, + { "ronzertnert.xyz", true }, { "roodfruit.studio", true }, + { "roodhealth.co.uk", true }, { "roof.ai", false }, { "roofingomaha.com", true }, { "roofsandbasements.com", true }, @@ -29129,7 +29683,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rooneytours.nl", true }, { "roopakv.com", true }, { "roosabels.nl", false }, - { "roosteroriginals.com", false }, { "roosterpgplus.nl", true }, { "root-space.eu", true }, { "root.bg", true }, @@ -29141,6 +29694,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rootedlifemontessori.com", true }, { "rootkea.me", true }, { "rootlair.com", true }, + { "rootonline.de", true }, { "roots-example-project.com", true }, { "roots.io", true }, { "rootsandrain.com", true }, @@ -29174,8 +29728,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rosset.me", true }, { "rosset.net", true }, { "rossfrancis.co.uk", true }, - { "rosslug.org.uk", true }, { "rossmacphee.com", true }, + { "rostclub.ro", true }, { "rostov-avia.ru", true }, { "rot47.net", true }, { "rotek.at", true }, @@ -29187,14 +29741,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rotol.me", true }, { "rottweil-hilft.de", true }, { "rotunneling.net", true }, - { "rotzonline.com", true }, { "rougechocolat.fr", true }, { "roughcopy.com.au", true }, { "roughgrain.com", true }, { "roulinfo.ch", true }, { "roulons-autrement.com", true }, { "rounda.it", true }, - { "roundaboutweb.info", true }, { "roundcube.mayfirst.org", false }, { "roundrock-locksmith.com", true }, { "roussos.cc", true }, @@ -29212,6 +29764,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "roxiesbouncycastlehire.co.uk", true }, { "roxtri.cz", true }, { "royal-rangers.de", true }, + { "royal812.com", true }, + { "royal818.com", true }, + { "royal850.com", true }, + { "royal853.com", true }, + { "royal857.com", true }, + { "royal859.com", true }, + { "royal862.com", true }, + { "royal863.com", true }, + { "royal865.com", true }, + { "royal867.com", true }, + { "royal868.com", true }, + { "royal871.com", true }, + { "royal876.com", true }, { "royalacademy.org.uk", true }, { "royalasianescorts.co.uk", true }, { "royalbluewa3.cc", true }, @@ -29224,9 +29789,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "royalty-market.com", true }, { "royceandsteph.com", true }, { "roycewilliams.net", true }, - { "rozalynne-dawn.ga", true }, { "rozhodce.cz", true }, { "rpadovani.com", true }, + { "rpgcampaign.website", true }, { "rpgmaker.es", true }, { "rpherbig.com", true }, { "rphl.net", true }, @@ -29244,18 +29809,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rro.rs", true }, { "rrudnik.com", true }, { "rrwolfe.com", true }, + { "rsanahuano.com", true }, { "rsap.ca", true }, { "rsauget.fr", true }, + { "rsblake.net", true }, { "rsgcard.com", true }, { "rsingermd.com", true }, { "rsl.gd", true }, { "rsldb.com", true }, { "rsm-intern.de", true }, { "rsm-liga.de", true }, + { "rsmith.io", true }, { "rsmmail.com", true }, { "rsp-blogs.de", true }, { "rss.sh", false }, - { "rsships.com", true }, { "rssr.se", true }, { "rsttraining.co.uk", true }, { "rsync.eu", false }, @@ -29264,6 +29831,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rtate.se", true }, { "rtcx.net", true }, { "rtd.uk.com", true }, + { "rte.eu", true }, { "rte2fm.ie", true }, { "rteaertel.ie", true }, { "rtechservices.io", true }, @@ -29278,9 +29846,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rtrappman.com", true }, { "rtrinflatables.co.uk", true }, { "rtsr.ch", true }, + { "rttvvip.com", true }, { "rtwcourse.com", true }, { "rtzoeller.com", true }, - { "ru-music.com", true }, { "ru-sprachstudio.ch", true }, { "ru.search.yahoo.com", false }, { "ruaneattorneys.com", true }, @@ -29289,9 +29857,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rubberlegscastles.co.uk", true }, { "rubbermaidoutlet.com", true }, { "rubbleremovalsbenoni.co.za", true }, + { "ruben.am", false }, { "rubenbarbero.com", true }, { "rubenkruisselbrink.nl", true }, - { "rubens.cloud", true }, { "rublacklist.net", true }, { "ruby-auf-schienen.de", true }, { "rubyist.today", true }, @@ -29314,9 +29882,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rudolphmarketing.com", true }, { "rudrastyh.com", true }, { "ruediger-voigt.eu", true }, - { "ruedigervoigt.de", true }, { "ruedirrenggli.ch", true }, - { "rueduparticulier.tk", true }, + { "rueduparticulier.tk", false }, + { "rueegger.me", true }, + { "rueg.eu", true }, { "ruerte.net", true }, { "rufabula-com.appspot.com", true }, { "ruffbeatz.com", true }, @@ -29331,11 +29900,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ruin.one", true }, { "ruiruigeblog.com", true }, { "ruk.ca", true }, - { "rullzer.com", true }, { "rulu.co", true }, { "rulu.tv", true }, { "rulutv.com", true }, - { "rumlager.de", true }, { "rummage4property.co.uk", true }, { "rumplesinflatables.co.uk", true }, { "rumtaste.com", true }, @@ -29344,25 +29911,29 @@ static const nsSTSPreload kSTSPreloadList[] = { { "runagain.ch", true }, { "runebet.com", true }, { "runefake.com", true }, + { "runementors.com", false }, { "runklesecurity.com", true }, { "runnergrapher.com", true }, { "runreport.fr", true }, { "runschrauger.com", true }, { "runvs.io", true }, + { "ruobiyi.com", true }, { "ruobr.ru", true }, { "ruquay.com", true }, + { "ruralink.com.ar", true }, { "ruralsuppliesdirect.co.uk", true }, { "ruri.io", false }, { "rusempire.ru", true }, - { "rushball.net", true }, { "rushiiworks.com", true }, { "rushpoppershop.co.uk", true }, + { "rushter.com", true }, { "rushyo.com", true }, { "rusi-ns.ca", true }, { "ruska-modra.cz", true }, { "ruskamodra.cz", true }, { "ruskod.net", true }, { "rusl.net", true }, + { "rusmolotok.ru", true }, { "russellupevents.co.uk", true }, { "russia.dating", true }, { "russianorthodoxchurch.co.uk", true }, @@ -29378,13 +29949,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rutiger.com", true }, { "ruudkoot.nl", true }, { "ruwhof.net", true }, + { "ruya.com", true }, { "ruyatabirleri.com", true }, { "rv-jpshop.com", true }, { "rva-asbestgroep.nl", true }, { "rvender.cz", true }, + { "rvfu98.com", true }, { "rvnoel.net", true }, - { "rvoigt.eu", true }, - { "rvolve.net", true }, { "rvsa2bevestigingen.nl", true }, { "rvsa4bevestigingen.nl", true }, { "rvsbevestigingen.nl", true }, @@ -29400,6 +29971,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rxgroup.io", true }, { "rxight.com", true }, { "ryan-design.com", true }, + { "ryan-gehring.com", true }, { "ryan-goldstein.com", true }, { "ryanbritton.com", true }, { "ryancarter.co.uk", true }, @@ -29414,12 +29986,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ryois.me", true }, { "ryu22e.org", true }, { "ryuu.es", true }, + { "ryzex.de", true }, { "ryzhov.me", true }, { "rzentarzewski.net", true }, { "s-a.xyz", true }, { "s-c.se", true }, { "s-cubed.net", true }, { "s-huset.dk", true }, + { "s-ip-media.de", true }, { "s-mainte.com", true }, { "s-mdb.com", true }, { "s-n-unso.com", true }, @@ -29427,18 +30001,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "s-s-paint.com", true }, { "s007.co", true }, { "s10y.eu", true }, + { "s13d.fr", true }, { "s16e.no", true }, { "s2member.com", true }, - { "s3cases.com", true }, { "s3cur3.it", true }, { "s3gfault.com", true }, { "s3robertomarini.it", true }, { "s404.de", true }, { "s44.eu", true }, { "s4db.net", true }, + { "s4media.org", true }, { "s4tips.com", true }, { "s4ur0n.com", true }, { "s5118.com", true }, + { "s64.cz", true }, { "s8a.us", true }, { "s95.de", true }, { "sa-blog.net", true }, @@ -29450,9 +30026,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "saba-piserver.info", true }, { "sabahattin-gucukoglu.com", true }, { "sabe.cz", true }, + { "sabine-forschbach.de", true }, + { "sabineforschbach.de", true }, { "sabrinajoias.com.br", true }, { "sabrinajoiasprontaentrega.com.br", true }, - { "sac-shop.com", true }, + { "sabtunes.com", true }, { "sacaentradas.com", true }, { "saccani.net", true }, { "sachk.com", true }, @@ -29469,17 +30047,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sadhawkict.org", true }, { "sadmansh.com", true }, { "sadou.kyoto.jp", true }, - { "sadsu.com", true }, { "saenforcement.agency", true }, { "saengsook.com", true }, { "saengsuk.com", true }, { "safar.sk", true }, { "safaritenten.nl", true }, { "safcstore.com", true }, + { "safe.moe", true }, { "safe.space", true }, { "safebaseflorida.com", true }, { "safebasements.com", true }, { "safebasementsnorthdakota.com", true }, + { "safebasementsofindiana.com", true }, { "safebuyerscheme.co.uk", true }, { "safecar.gov", false }, { "safeex.com", true }, @@ -29490,7 +30069,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "safematix.com", true }, { "safeme.ga", true }, { "safeocs.gov", true }, - { "safer-networking.org", true }, + { "safer-networking.org", false }, { "saferpost.com", true }, { "safescan.com", true }, { "safestore.io", true }, @@ -29504,6 +30083,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sagedocumentmanager.com", true }, { "sagemontchurch.org", true }, { "sagerus.com", true }, + { "saggiocc.com", true }, { "sagracefarms.com", true }, { "sagsmarseille.com", true }, { "sahajbooks.com", true }, @@ -29523,17 +30103,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "saikouji.tokushima.jp", true }, { "sailingonward.com", true }, { "sailormoonevents.org", true }, + { "sailormoonlibrary.org", true }, { "saimoe.moe", true }, { "saimoe.org", true }, { "sainetworks.net", true }, + { "saint-bernard-gouesch.fr", true }, { "saintaardvarkthecarpeted.com", true }, { "saintanthonyscorner.com", true }, { "sainth.de", true }, + { "saintmichelqud.com", true }, { "saintsrobotics.com", true }, - { "saintw.com", true }, { "saipariwar.com", true }, { "saiputra.com", true }, { "saitrance.com", true }, + { "saitv.org", true }, { "saiyasu-search.com", true }, { "sajamstudija.info", true }, { "sajdowski.de", true }, @@ -29541,39 +30124,42 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sakostacloud.de", true }, { "sakura-paris.org", true }, { "sakuraflores.com.br", true }, - { "sakuraplay.com", true }, { "salamon-it.de", false }, { "salde.net", true }, { "sale4ru.ru", true }, { "saleaks.org", true }, + { "saleduck.at", true }, + { "saleduck.ch", true }, { "saleduck.co.id", true }, { "saleduck.co.th", true }, { "saleduck.com.my", true }, { "saleduck.com.ph", true }, { "saleduck.com.sg", true }, { "saleduck.com.vn", true }, + { "saleduck.dk", true }, + { "saleduck.fi", true }, + { "saleduck.se", true }, + { "salemedia.pro", true }, { "salensmotors-usedcars.be", true }, { "salesflare.com", true }, { "salesmachine.io", true }, { "salexy.kz", true }, - { "salishseawhalewatching.ca", true }, { "salixcode.com", true }, { "salland1.nl", true }, { "salle-quali.fr", true }, { "sallydowns.name", true }, - { "salmo23.com.br", true }, { "salmododia.net", true }, { "salmonella.co.uk", true }, { "salmonrecovery.gov", true }, { "salmonvision.com.tw", true }, { "salmos91.com", true }, { "salmotierra-salvatierra.com", true }, - { "salon-claudia.ch", true }, { "salon-minipli.de", true }, { "salon.io", false }, { "salon1.ee", true }, + { "salonasymetria.com", true }, + { "salonasymetria.pl", true }, { "salonsantebienetre.ch", true }, - { "salrosadohimalaia.com", true }, { "salsa-straubing.de", true }, { "saltbythesea.com", true }, { "saltercane.com", false }, @@ -29583,6 +30169,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "salud.top", false }, { "saludsexualmasculina.org", true }, { "saludsis.mil.co", true }, + { "salutethefish.com", true }, + { "salutethegrains.com", true }, { "salutethepig.com", true }, { "salvagedfurnitureparlour.com", true }, { "sam-football.fr", true }, @@ -29608,10 +30196,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "samifar.in", true }, { "samip.fi", true }, { "samizdat.cz", true }, + { "samkelleher.com", true }, { "saml-gateway.org", true }, + { "samm.com.au", true }, { "sammenlignakasser.dk", true }, { "sammyservers.com", true }, + { "sammyservers.net", true }, { "samnya.cn", true }, + { "samrobertson.co.uk", true }, { "samsungmobile.it", true }, { "samsungphonegenerator.xyz", true }, { "samtalen.nl", true }, @@ -29622,30 +30214,28 @@ static const nsSTSPreload kSTSPreloadList[] = { { "samuirehabcenter.com", true }, { "samwilberforce.com", true }, { "samwrigley.co.uk", true }, + { "samwu.tw", true }, { "samyerkes.com", true }, + { "san-mian-ka.ml", true }, { "san.ac.th", true }, { "sana-store.com", true }, { "sana-store.cz", true }, { "sana-store.sk", true }, { "sanalbayrak.com", true }, - { "sanandreasstories.com", true }, { "sanantoniolocksmithinc.com", true }, { "sanasport.cz", true }, { "sanasport.sk", true }, { "sanatorii-sverdlovskoy-oblasti.ru", true }, { "sanatorionosti.com.ar", true }, { "sanchez.adv.br", true }, - { "sand-islets.de", true }, { "sandalj.com", true }, { "sandbagexpress.com", true }, { "sandbox.mydigipass.com", false }, { "sandburner.net", true }, { "sanderdorigo.nl", true }, - { "sanderknape.com", true }, { "sanderkoenders.eu", true }, { "sanderkoenders.nl", true }, { "sandervankasteel.nl", false }, - { "sandhaufen.tk", true }, { "sandiegotown.com", true }, { "sandmanintel.com", true }, { "sandmarc.cz", true }, @@ -29658,7 +30248,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sandrolittke.de", true }, { "sandtears.com", true }, { "sandtonescorts.com", true }, - { "sandtonplumber24-7.co.za", true }, { "sandtonvipcompanions.com", true }, { "sandyrobsonhypnotherapy.co.uk", true }, { "sanepsychologen.nl", true }, @@ -29667,19 +30256,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sangwon.io", true }, { "sanilodge.com", true }, { "sanipousse.com", true }, + { "sanissimo.com.mx", false }, { "sanitairwinkel.be", true }, { "sanitairwinkel.com", true }, { "sanitairwinkel.nl", true }, { "sanitrak.cz", true }, { "sanmuding.com", true }, + { "sannesfotklinikk.no", true }, { "sanpham-balea.org", true }, { "sanskritiyoga.com", true }, { "sansonehowell.com", true }, { "santafemacas.com.br", true }, + { "santamonicapost123.org", true }, + { "santanderideas.com", true }, { "santenatureetcie.com", true }, { "santensautomatics.be", true }, { "santevie.ch", true }, - { "santing.net", true }, { "santojuken.co.jp", true }, { "santoshpandit.com", true }, { "sanvitolocapobus.com", true }, @@ -29699,27 +30291,25 @@ static const nsSTSPreload kSTSPreloadList[] = { { "saposute-s.jp", true }, { "sapphireblue.me", true }, { "sapphirepearl.com.sg", true }, - { "sapporobeer.com", true }, { "sapprendre.ch", true }, { "saprima.de", true }, - { "saq.com", true }, { "sarahbeckettharpist.com", true }, { "sarahlicity.co.uk", true }, { "sarahlicity.me.uk", true }, { "sarahplusdrei.de", true }, { "sarahvictor.co.uk", true }, { "sarahwikeley.co.uk", true }, + { "saraleebread.com", false }, { "sarariman.com", true }, { "sarasturdivant.com", true }, { "sardegnatirocini.it", true }, { "sarink.eu", true }, - { "sarkarikhoj.com", true }, - { "saro.me", true }, { "saronno5stelle.it", true }, { "sarpsb.org", true }, { "sarumtechnologies.com", true }, { "sas-snowboarding.sk", true }, { "sasanika.org", true }, + { "sash.pw", true }, { "sashaokun.com", true }, { "sashascollections.com", true }, { "sasioglu.co.uk", true }, @@ -29737,7 +30327,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "satmd.de", true }, { "satoshinumbers.com", true }, { "sattamatkachart.in", true }, - { "sattamatkadpboss.mobi", true }, { "sattamatkamobi.mobi", true }, { "saturn.pl", true }, { "satyanarayana.xyz", true }, @@ -29745,6 +30334,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "saudeealimentos.com", true }, { "saudeintimadamulher.com.br", true }, { "saudenoclique.com.br", true }, + { "sauenytt.no", true }, { "sauer-systems.net", true }, { "sauerbrey.eu", true }, { "sauerland-schnittgruen.de", true }, @@ -29765,7 +30355,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "savecrypto.org", true }, { "savenet.org", true }, { "saveora.com", true }, - { "saveora.shop", true }, { "savetheinternet.eu", true }, { "saveya.com", true }, { "savic.com", true }, @@ -29799,11 +30388,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sbf888.com", true }, { "sbiewald.de", true }, { "sbir.gov", true }, + { "sbirecruitment.co.in", true }, { "sbit.com.br", true }, { "sblum.de", true }, { "sbo-dresden.de", true }, { "sbr.red", true }, { "sbrouwer.org", true }, + { "sbrownbourne.com", true }, { "sbsavings.bank", true }, { "sbsbaits.com", true }, { "sbsnursery.co.uk", true }, @@ -29813,8 +30404,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sc5.jp", true }, { "scaarus.com", true }, { "scaffalature.roma.it", true }, - { "scaffoldhireeastrand.co.za", true }, - { "scaffoldhiresandton.co.za", true }, { "scalacollege.nl", true }, { "scalaire.com", true }, { "scalaire.fr", true }, @@ -29823,6 +30412,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "scallywagsbouncycastles.co.uk", true }, { "scallywagskids.co.uk", true }, { "scamblockplus.org", true }, + { "scan.co.uk", true }, { "scandicom.fi", true }, { "scandinavia.dating", true }, { "scangeo.net", true }, @@ -29832,6 +30422,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "scatsbouncingcastles.ie", true }, { "scelec.com.au", true }, { "scenastu.pl", true }, + { "scene.mx", true }, { "scenester.tv", true }, { "scenicbyways.info", true }, { "scepticism.com", true }, @@ -29843,6 +30434,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "schatmeester.be", true }, { "schatzibaers.de", true }, { "schawe.me", true }, + { "schbebtv.fr", true }, { "scheduleme.io", true }, { "scheemadigital.com", true }, { "schefczyk.com", true }, @@ -29858,7 +30450,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "scherfke.de", true }, { "scheuchenstuel.at", true }, { "schier.info", true }, - { "schil.li", true }, { "schildbach.de", true }, { "schillers-friedberg.de", true }, { "schimmel-test.info", true }, @@ -29888,7 +30479,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "schnapke.name", true }, { "schneeketten-ratgeber.de", true }, { "schnegg.name", true }, - { "schneider-electric.tg", true }, { "schneids.me", true }, { "schnellno.de", true }, { "schnellsuche.de", true }, @@ -29901,7 +30491,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "schokokeks.org", true }, { "scholarly.com.ph", true }, { "scholarly.ph", true }, - { "scholarnet.cn", true }, + { "scholarnet.cn", false }, { "scholierenvervoerzeeland.nl", true }, { "schollbox.de", false }, { "scholz-kallies.de", true }, @@ -29913,10 +30503,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "schoolotzyv.ru", true }, { "schoolsonice.nl", true }, { "schopenhauer-institut.de", true }, - { "schorel.ovh", true }, { "schorelweb.nl", true }, { "schorers.org", true }, { "schoring.com", true }, + { "schottenland.de", true }, { "schrauger.com", true }, { "schrauger.info", true }, { "schrauger.net", true }, @@ -29952,8 +30542,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "schummar.de", true }, { "schunako.ch", true }, { "schuppentier.org", true }, - { "schur-it.de", true }, { "schurkenstaat.net", true }, + { "schutterijschinveld.nl", true }, { "schutz-vor-schmutz.de", true }, { "schutznetze24.de", false }, { "schutzwerk.com", true }, @@ -29966,7 +30556,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "schwarzhenri.ch", true }, { "schwarztrade.cz", true }, { "schwarzwald-flirt.de", true }, - { "schwarzwaldcon.de", true }, { "schwedenhaus.ag", true }, { "schwerkraftlabor.de", true }, { "schwinabart.com", true }, @@ -29978,12 +30567,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "science-questions.org", true }, { "science-texts.de", true }, { "science360.gov", true }, + { "sciencebase.gov", true }, { "scienceexploits.com", true }, + { "sciencehouse.jp", true }, { "scienceminnesota.com", true }, { "sciencesolutions.eu", true }, { "sciencex.com", true }, - { "scientific.boston", true }, - { "scifi.fyi", true }, { "scijinks.gov", true }, { "scimage.com", true }, { "scintilla.nl", true }, @@ -29993,12 +30582,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "scitopia.net", true }, { "sckc.stream", false }, { "sclns.co", true }, + { "scontogiusto.com", true }, { "scoolcode.com", true }, { "scoop6.co.uk", true }, { "scootaloo.co.uk", true }, { "scooterservis.com", true }, { "scootfleet.com", true }, - { "scorobudem.ru", true }, { "scorocode.ru", true }, { "scorp13.com", true }, { "scottgruber.me", true }, @@ -30030,7 +30619,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "screenlight.tv", true }, { "screenmachine.com", true }, { "screenparadigm.com", true }, - { "screenplay.jp", true }, { "scripo-bay.com", true }, { "script.google.com", true }, { "scripter.co", true }, @@ -30040,7 +30628,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "scrod.me", true }, { "scroll.in", true }, { "scrumbleship.com", true }, - { "scrumplex.net", true }, { "scrumstack.co.uk", true }, { "scryfall.com", true }, { "scs-simulatoren.de", true }, @@ -30050,6 +30637,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sctiger.ml", true }, { "sctrainingllc.com", true }, { "scubadiving-phuket.com", true }, + { "scubaland.hu", true }, { "scul.net", true }, { "sculpture.support", true }, { "scuolaguidalame.ch", true }, @@ -30071,13 +30659,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sdvigpress.org", true }, { "sdvx.net", true }, { "sdxcentral.com", true }, - { "se-theories.org", true }, { "se.com", true }, { "se.search.yahoo.com", false }, { "sea-godzilla.com", false }, { "seac.me", true }, { "seacam-store.com", true }, - { "seadus.ee", true }, { "seafood.co.nz", true }, { "seaholmwines.com", true }, { "sealaw.com", true }, @@ -30088,6 +30674,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sean-wright.com", true }, { "seanholcroft.co.uk", true }, { "seankilgarriff.com", true }, + { "seanrodda.com", true }, { "seaplayhomes.com", true }, { "search-job-in.com", true }, { "search-one.de", true }, @@ -30105,6 +30692,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "searchbrothers.nl", true }, { "searchbrothers.ru", true }, { "searchbrothers.uk", true }, + { "searchcandy.nl", true }, + { "searchcandy.uk", true }, { "searchdatalogy.com", true }, { "seareytraining.com", true }, { "searx.ru", true }, @@ -30120,6 +30709,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "seattlewalkinbathtubs.com", true }, { "seavancouver.com", true }, { "seb-mgl.de", true }, + { "sebald.com", true }, + { "sebald.org", true }, { "sebascelis.com", true }, { "sebastiaandouma.co.uk", true }, { "sebastiaandouma.com", true }, @@ -30133,6 +30724,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sebastiaperis.com", true }, { "sebasveeke.nl", true }, { "sebi.org", true }, + { "seby.io", true }, { "sec-mails.de", true }, { "sec-research.com", true }, { "sec-wiki.com", true }, @@ -30141,13 +30733,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sec.gov", true }, { "sec.red", true }, { "sec3ure.co.uk", true }, - { "sec44.com", true }, - { "sec44.net", true }, - { "sec44.org", true }, { "sec455.com", true }, + { "sec4share.me", true }, { "sec530.com", true }, { "sec555.com", true }, - { "secanje.nl", true }, { "secbone.com", true }, { "secboom.com", true }, { "seccom.ch", true }, @@ -30155,14 +30744,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "secgui.de", true }, { "sech.me", true }, { "sechat.one", true }, - { "secitem.at", true }, - { "secitem.eu", true }, { "secnews.gr", true }, { "secomo.org", true }, + { "secondchancejobsforfelons.com", true }, { "seconfig.sytes.net", true }, { "secpatrol.de", true }, { "secretar.is", true }, - { "secretpanties.com", true }, + { "secretsanta.fr", true }, { "secretsdujeu.com", true }, { "secretserveronline.com", true }, { "secretum.tech", true }, @@ -30189,11 +30777,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "secureesolutions.com", true }, { "secureheaders.com", true }, { "secureim.de", true }, + { "securejabber.me", true }, { "securelect-inspection.com", true }, { "secureobscure.com", true }, { "secureonline.co", false }, { "securethe.news", true }, { "securetheorem.com", true }, + { "securetronic.ch", true }, { "securi-tay.co.uk", true }, { "securify.nl", true }, { "securipy.com", true }, @@ -30212,6 +30802,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "securitycamerasaustin.net", true }, { "securityfest.com", true }, { "securityheaders.com", true }, + { "securityheaders.io", true }, + { "securityheaders.nl", true }, { "securityinet.com", false }, { "securitykey.co", true }, { "securitypluspro.com", true }, @@ -30238,6 +30830,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "see.wtf", true }, { "seeclop.ch", true }, { "seedandleisure.co.uk", true }, + { "seednode.co", true }, { "seedsofangelica.net", true }, { "seekers.ch", true }, { "seeks.ru", true }, @@ -30259,6 +30852,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "seguroviagem.srv.br", false }, { "sehnenweh.org", true }, { "seibert.ninja", true }, + { "seibu-kikaku.co.jp", true }, { "seifried.org", true }, { "seikatu-navi.com", true }, { "seinfeldquote.com", true }, @@ -30276,18 +30870,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "selectel.com", false }, { "selectel.ru", true }, { "selectorders.com", true }, + { "selectsplat.com", true }, { "selegiline.com", true }, { "selent.me", true }, { "self-evident.org", true }, { "self-signed.com", true }, { "self-xss.info", true }, - { "self.nu", true }, { "selfassess.govt.nz", true }, { "selfdestruct.net", true }, { "selfici.com", true }, { "selfici.cz", true }, { "selfishness.com", true }, { "selfloath.in", true }, + { "selfmade4u.de", true }, { "selfoutlet.com", true }, { "selkiemckatrick.com", true }, { "sellajoch.com", true }, @@ -30299,10 +30894,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "semacode.com", true }, { "semaf.at", true }, { "semaflex.it", true }, + { "semantica.cz", true }, { "semaphore-studios.com", true }, + { "semenov.su", false }, { "semianalog.com", true }, { "seminariruum.ee", true }, { "semiocast.com", true }, + { "semiread.com", true }, { "semjonov.de", true }, { "semmlers.com", true }, { "semox.de", true }, @@ -30315,6 +30913,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "semyonov.us", true }, { "senarius.de", true }, { "sendai-sisters.com", true }, + { "sendaiouji.com", true }, { "sendbox.cz", true }, { "sendc.at", true }, { "sendcat.com", true }, @@ -30334,10 +30933,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sensepixel.com", true }, { "senshudo.tv", true }, { "sensoft-int.net", true }, - { "sensualism.com", true }, { "sentandsecure.com", true }, - { "sentic.info", true }, { "sentidosdelatierra.org", true }, + { "sentinel.gov", true }, { "sentinelproject.io", true }, { "sentry.io", true }, { "sentry.nu", true }, @@ -30350,7 +30948,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "seo.london", true }, { "seo.tl", true }, { "seoagentur2go.de", true }, - { "seoarchive.org", true }, { "seobutler.com", true }, { "seocomposer.com", true }, { "seoenmexico.com.mx", true }, @@ -30370,11 +30967,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "seostepbysteplab.com", true }, { "seoul.dating", true }, { "seouniversity.org", true }, - { "sepakbola.win", true }, { "sepalandseed.com", true }, { "seppelec.com", true }, - { "seproco.com", true }, { "septakkordeon.de", true }, + { "septentrionalist.org", true }, { "septfinance.ch", true }, { "septicrepairspecialists.com", true }, { "septillion.cn", true }, @@ -30384,8 +30980,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sera.jp", true }, { "seraph.tokyo", true }, { "serbanpaun.ro", true }, + { "serbianclimbing.com", true }, { "sereema.com", true }, { "serenaden.at", true }, + { "serendeputy.com", true }, { "serf.io", true }, { "sergeemond.ca", true }, { "sergefonville.nl", true }, @@ -30426,6 +31024,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "serveroffline.net", false }, { "serverpedia.de", true }, { "servers4all.co.uk", true }, + { "serversfrom.space", true }, { "serversftw.com", true }, { "serverstuff.info", true }, { "serversuit.com", true }, @@ -30433,17 +31032,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "servethecity-karlsruhe.de", true }, { "servettorna.com", true }, { "servgate.jp", true }, - { "service.gov.uk", true }, { "servicebeaute.fr", true }, { "serviceboss.de", true }, { "servida.ch", true }, { "serviettenhaus.de", true }, { "servingbaby.com", true }, + { "servious.org", true }, { "servitek.de", true }, { "serviziourgente.it", true }, - { "servpanel.de", true }, { "servx.org", true }, - { "servx.ru", true }, { "serw.org", true }, { "serwis-wroclaw.pl", true }, { "seryox.com", true }, @@ -30454,12 +31051,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "setenforce.one", true }, { "setfix.de", true }, { "sethcaplan.com", true }, + { "sethjust.com", true }, { "sethvargo.com", true }, { "setphaserstostun.org", true }, { "setsailanddive.com", true }, { "settberg.de", true }, { "setterirlandes.com.br", true }, { "settleapp.co", true }, + { "setuid0.kr", true }, { "setyoursite.nl", true }, { "seva.fashion", true }, { "seven-purple.com", true }, @@ -30468,6 +31067,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sevenhillsapartments.com.au", true }, { "sevenicealimentos.com.br", true }, { "sevenmatches.com", true }, + { "seventwentynine.com", true }, { "severine-trousselard.com", true }, { "severntrentinsuranceportal.com", true }, { "sevinci.ch", true }, @@ -30475,24 +31075,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sevsopr.ru", true }, { "sewafineseam.com", true }, { "sewinginsight.com", true }, - { "sewoo.co.uk", true }, - { "sex-education.com", true }, { "sexaki.com", true }, { "sexdocka.nu", true }, - { "sexgarage.de", true }, { "sexmobil.de", true }, - { "sexocomgravidas.com", true }, - { "sexoyrelax.com", true }, - { "sexpay.net", true }, { "sexplicit.co.uk", true }, { "sexservice.io", true }, { "sexshopnet.com.br", true }, - { "sexwork.net", true }, { "sexy-store.nl", true }, { "seyfarth.de", true }, + { "seyr.it", true }, { "seyr.me", true }, { "sfa.sk", true }, - { "sfaturiit.ro", true }, { "sfcomercio.com.br", true }, { "sfdev.ovh", true }, { "sfg-nordholz.de", true }, @@ -30505,9 +31098,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sg-elektro.de", true }, { "sg.search.yahoo.com", false }, { "sgb.co", true }, + { "sgcaccounts.co.uk", true }, + { "sgi.org", true }, { "sglibellen.de", true }, { "sgroup-hitoduma.com", true }, { "sgroup-rec.com", true }, + { "sgs.camera", true }, { "sgsp.nl", true }, { "sgtcodfish.com", true }, { "sgtsnookums.net", true }, @@ -30523,7 +31119,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shadesofgraylaw.com", true }, { "shadex.net", true }, { "shadigee.org", true }, + { "shadowict.net", true }, { "shadowict.tech", true }, + { "shadowkingdomrecords.com", true }, { "shadowkitsune.net", true }, { "shadowlurker.com.au", true }, { "shadowsing.com", true }, @@ -30555,16 +31153,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shan.io", false }, { "shan.si", true }, { "shanahanstrategy.com", true }, - { "shandonsg.co.uk", true }, { "shanekoster.net", true }, { "shanetully.com", true }, { "shanewadleigh.com", true }, + { "shankangke.com", true }, { "shannoneichorn.com", true }, { "shansing.cn", true }, { "shansing.com", true }, { "shansing.net", true }, { "shansing.space", true }, - { "shanyhs.com", true }, { "shaobin.wang", true }, { "sharanyamunsi.net", true }, { "share.works", true }, @@ -30573,7 +31170,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shareeri.com", true }, { "sharekey.com", false }, { "sharelovenotsecrets.com", true }, - { "sharemessage.net", true }, { "shareoffice.ch", true }, { "sharepointdrive.com", true }, { "sharescope.co.uk", false }, @@ -30615,10 +31211,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shelleystoybox.com", true }, { "shellfire.de", true }, { "shellgame.io", true }, - { "shelljuggler.com", true }, + { "shelljuggler.com", false }, { "shellshock.eu", true }, { "shellvatore.us", true }, - { "shemissed.me", true }, { "shemsconseils.ma", true }, { "shena.co.uk", true }, { "shenghaiautoparts.com", true }, @@ -30627,7 +31222,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shenyuqi.com", false }, { "sherbers.de", true }, { "sherrikehoetherapy.com", true }, - { "shethbox.com", true }, { "shft.cl", true }, { "shgt.jp", true }, { "shh-listen.com", true }, @@ -30635,6 +31229,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shichibukai.net", true }, { "shico.org", true }, { "shieldcomputer.com", true }, + { "shieldfe.com", true }, + { "shieldofachilles.in", true }, { "shift-record.com", true }, { "shift-to.co.jp", true }, { "shiftdevices.com", true }, @@ -30662,6 +31258,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shirtsdelivered.com", true }, { "shirtsofholland.com", true }, { "shishamania.de", true }, + { "shishkabobnc.com", true }, { "shishkin.us", true }, { "shishlik.net", true }, { "shitagi-shop.com", true }, @@ -30680,10 +31277,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shockercityservices.com", true }, { "shodan.io", true }, { "shoemuse.com", true }, + { "shoeracks.uk", true }, { "shoestringeventing.co.uk", true }, { "shokola.com", true }, { "shome.de", true }, { "shooter.dog", true }, + { "shop-hellsheadbangers.com", true }, { "shop-s.net", true }, { "shop.fr", true }, { "shopadvies.nl", true }, @@ -30699,12 +31298,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shopalike.se", true }, { "shopalike.sk", true }, { "shopapi.cz", true }, + { "shopatkei.com", true }, { "shopbakersnook.com", true }, { "shopcoupon.co.za", true }, { "shopcoupons.co.id", true }, { "shopcoupons.my", true }, { "shopcoupons.ph", true }, { "shopcoupons.sg", true }, + { "shophisway.com", true }, { "shopifycloud.com", true }, { "shopkini.com", true }, { "shoplandia.co", true }, @@ -30721,10 +31322,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shortdiary.me", true }, { "shorten.ninja", true }, { "shoshin-aikido.de", true }, + { "shoshin.technology", true }, + { "shota.vip", true }, { "shotbow.net", true }, { "shotonwhat.com", true }, { "shouldihookupwithmybarista.com", true }, { "shouttag.com", true }, + { "shovonhasan.com", true }, { "show-saratov.ru", false }, { "showbits.net", true }, { "showdepiscinas.com.br", true }, @@ -30737,7 +31341,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "showroom.uk", true }, { "showroom113.ru", true }, { "showsonar.com", true }, - { "shoxmusic.net", true }, { "shredriteservices.com", true }, { "shreyansh26.me", true }, { "shrike.me", false }, @@ -30749,6 +31352,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shu-fu.net", true }, { "shuffleradio.nl", true }, { "shugo.net", true }, + { "shukatsu-support.jp", true }, { "shulan.moe", true }, { "shuletime.ml", true }, { "shura.eu.org", true }, @@ -30763,8 +31367,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "si-benelux.nl", true }, { "si.to", true }, { "si2b.fr", true }, + { "siaggiusta.com", true }, { "siamsnus.com", true }, { "sianbryn.co.uk", true }, + { "sianjhon.com", true }, { "sibfk.org", true }, { "sibiutourguide.com", true }, { "sibrenvasse.nl", true }, @@ -30778,9 +31384,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "siconnect.us", true }, { "sidelka-tver.ru", true }, { "sidema.be", true }, + { "sidemount-forum.com", true }, + { "sidemount-tauchen.com", true }, { "sidepodcast.com", true }, { "sidepodcastdaily.com", true }, { "sidepodcastextra.com", true }, + { "sideropolisnoticias.com.br", true }, { "sideshowbarker.net", true }, { "sidium.de", true }, { "sidnicio.us", true }, @@ -30788,8 +31397,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sidongkim.com", true }, { "sidpod.ru", true }, { "siegemund-frankfurt.de", true }, - { "sieh.es", true }, { "siel.nl", true }, + { "sielsystems.nl", true }, { "sientemendoza.com.ar", true }, { "sieulog.com", true }, { "siewert-kau.de", true }, @@ -30797,6 +31406,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sig6.org", true }, { "sigabrt.org", true }, { "siggerudklatreklubb.no", true }, + { "sight-sound.com", true }, { "sightcure.jp", true }, { "sighup.nz", true }, { "sigismonda.ch", true }, @@ -30816,6 +31426,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "signix.net", true }, { "signtul.com", false }, { "sigsrv.net", true }, + { "sigterm.no", true }, { "sigterm.sh", true }, { "siirtutkusu.com", true }, { "sikayetvar.com", false }, @@ -30826,13 +31437,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "silashes.ru", true }, { "silaslova-ekb.ru", true }, { "silent-clean.de", true }, + { "silent.live", false }, { "silentkernel.fr", false }, { "silentundo.org", true }, { "silerfamily.net", true }, + { "silicon-north.com", true }, + { "silicon-vision.com", true }, { "siliconchip.me", true }, - { "silke-hunde.de", true }, { "silkebaekken.no", true }, { "silkebeckmann.de", true }, + { "silkon.net", true }, + { "sillisalaatti.fi", true }, { "sillysnapz.co.uk", true }, { "silo.org.br", true }, { "siloportem.net", true }, @@ -30903,6 +31518,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "silvergoldbull.pt", true }, { "silvergoldbull.qa", true }, { "silvergoldbull.rs", true }, + { "silvergoldbull.ru", true }, { "silvergoldbull.se", true }, { "silvergoldbull.si", true }, { "silvergoldbull.sn", true }, @@ -30919,11 +31535,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "silverseen.com", true }, { "silverwind.io", true }, { "silvine.xyz", true }, + { "silvobeat.blog", true }, { "silvobeat.com", true }, { "sim-karten.net", true }, { "sim-minaoshi.jp", true }, - { "sim-sim.appspot.com", true }, - { "sim4seed.org", true }, { "simam.de", true }, { "simark.ca", true }, { "simbeton.nl", true }, @@ -30956,11 +31571,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "simonmaddox.com", true }, { "simonpaarlberg.com", true }, { "simonreich.de", true }, - { "simonschmitt.ch", true }, { "simonshine.dk", true }, { "simonspeich.ch", true }, { "simonsreich.de", true }, { "simontaite.com", true }, + { "simonweil.com", true }, { "simonwessel.net", true }, { "simonwoodside.com", true }, { "simpbx.net", true }, @@ -30997,9 +31612,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "simplystudio.com", true }, { "simpte.com", true }, { "simpul.nl", true }, + { "simrail.nl", true }, { "simsnieuws.nl", true }, { "simukti.net", true }, - { "simumiehet.com", true }, { "sin-nombre-alleria.de", true }, { "sin.swiss", true }, { "sinaryuda.web.id", true }, @@ -31014,27 +31629,27 @@ static const nsSTSPreload kSTSPreloadList[] = { { "singel.ch", true }, { "single-in-stuttgart.de", true }, { "singles-aus-hamburg.de", true }, - { "singles-berlin.de", true }, { "singleuse.link", true }, { "singlu10.org", false }, { "sinktank.de", true }, { "sinn.io", true }, { "sinnersprojects.ro", true }, { "sinomod.com", true }, - { "sinon.org", true }, { "sinonimos.com.br", true }, { "sinonimosonline.com", true }, { "sinonimosonline.com.br", true }, { "sinquin.eu", true }, + { "sinronet.com", true }, { "sint-joris.nl", true }, { "sintaxis.org", true }, { "sinterama.biz", true }, { "sinuelovirtual.com.br", true }, { "sioeckes.hu", true }, + { "sipc.org", true }, + { "siratalmustaqim.com", true }, { "siraweb.org", true }, { "sirbouncealotcastles.co.uk", true }, { "sirbouncelot.co.uk", true }, - { "sirburton.com", true }, { "sirchuk.net", true }, { "sircon.no", true }, { "sirena.co.jp", true }, @@ -31044,7 +31659,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sirtaptap.com", true }, { "sirtuins.com", true }, { "sirvoy.com", true }, - { "sisgopro.com", true }, + { "sisseastumine.ee", true }, { "sistel.es", true }, { "sistem-maklumat.com", true }, { "sistem-maklumat.com.my", true }, @@ -31057,13 +31672,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sisver.mx", true }, { "sit-brn.ru", true }, { "sit.ec", true }, + { "sitc.sk", true }, { "sitebuilderreport.com", true }, { "sitedrive.fi", true }, { "sitehoster.org", true }, { "sitenv.org", true }, { "siterencontre.me", true }, { "sites.google.com", true }, - { "sitesko.de", true }, { "sitesuccessful.com", true }, { "sitevandaag.nl", true }, { "sitischu.com", true }, @@ -31071,18 +31686,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sivale.mx", true }, { "sivyerge.com", true }, { "siw64.com", true }, + { "sixcorners.info", true }, + { "sixcorners.net", true }, { "sixpackholubice.cz", true }, { "sixtwentyten.com", true }, { "sj-leisure.com", true }, - { "sja-se-training.com", true }, { "sjaakgilsingfashion.nl", true }, { "sjatsh.com", true }, { "sjd.is", true }, - { "sjdaws.com", true }, - { "sjdtaxi.com", true }, { "sjis.me", true }, { "sjleisure.co.uk", true }, { "sjoorm.com", true }, + { "sjsmith.id.au", true }, { "sjv4u.ch", true }, { "sk-net.cz", true }, { "skala.io", true }, @@ -31094,7 +31709,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "skatingchina.com", true }, { "skatn.de", true }, { "skazka.ru", true }, - { "skday.com", true }, { "skedda.com", true }, { "skedr.io", false }, { "skeeley.com", true }, @@ -31109,6 +31723,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "skia.org", false }, { "skid.church", true }, { "skiddle.com", true }, + { "skifairview.com", true }, { "skifttiljutlanderbank.dk", true }, { "skigebied.nl", true }, { "skigebiete-test.de", true }, @@ -31119,6 +31734,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "skillseo.com", true }, { "skimming.net", true }, { "skin-cosmetic.eu", true }, + { "skincare-note.com", true }, { "skincases.co", true }, { "skincontracts.co", true }, { "sking.io", true }, @@ -31133,6 +31749,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "skizzen-zeichnungen.de", true }, { "skks.cz", true }, { "sklepsamsung.pl", true }, + { "sklepwielobranzowymd.com", true }, { "sklotechnik.cz", true }, { "sknclinics.co.uk", true }, { "skogsbruket.fi", true }, @@ -31142,14 +31759,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "skolem.de", true }, { "skoleniphp.cz", true }, { "skommettiamo.it", true }, - { "skomski.org", true }, { "skontakt.cz", true }, { "skontorp-enterprise.no", true }, { "skortekaas.nl", false }, { "skory.us", true }, { "skou.dk", false }, { "skram.de", true }, - { "skrimix.tk", true }, + { "skrimix.tk", false }, { "skryptersi.pl", true }, { "sksdrivingschool.com.au", true }, { "sktan.com", true }, @@ -31157,36 +31773,37 @@ static const nsSTSPreload kSTSPreloadList[] = { { "skwile-cafe.com", true }, { "skwitko.com", true }, { "sky-live.fr", true }, + { "sky-universe.net", true }, { "skyanchor.com", true }, - { "skybloom.com", true }, - { "skybloom.io", false }, + { "skybloom.io", true }, + { "skybound.link", true }, + { "skycmd.net", true }, { "skyderby.ru", true }, { "skydragoness.com", true }, { "skydrive.live.com", false }, + { "skyem.co.uk", true }, { "skylgenet.nl", true }, { "skylightcreative.com.au", true }, { "skylinertech.com", true }, { "skylineservers.com", true }, - { "skylocker.nl", true }, { "skyloisirs.ch", true }, { "skyminds.net", true }, { "skynet233.ch", true }, - { "skynethk.com", false }, + { "skynethk.com", true }, { "skynetnetwork.eu.org", true }, { "skynetz.tk", true }, { "skype.com", true }, - { "skypoker.com", true }, { "skyquid.co.uk", true }, { "skyris.co", true }, { "skys-entertainment.com", true }, { "skysuite.nl", true }, - { "skytec.host", true }, + { "skyynet.de", true }, { "skyzimba.com.br", true }, { "sl-bildermacher.de", true }, { "sl0.us", true }, { "sl899.com", true }, { "sl998.com", true }, - { "slab.com", true }, + { "slab.com", false }, { "slack-files.com", true }, { "slack.com", true }, { "sladic.si", false }, @@ -31210,11 +31827,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sleeping.town", true }, { "sleeplessbeastie.eu", true }, { "sleepmap.de", true }, + { "sleeps.jp", true }, { "sleepstar.co.uk", true }, { "sleepstar.de", true }, { "sleepstar.fr", true }, { "sleestak.net", true }, { "sleio.com", true }, + { "sletat.ru", true }, { "slever.cz", true }, { "slevermann.de", true }, { "slevomat.cz", true }, @@ -31223,6 +31842,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "slidebatch.com", true }, { "slides.zone", true }, { "slik.ai", true }, + { "slim-slender.com", true }, { "slimk1nd.nl", true }, { "slimspots.com", true }, { "slingo-sta.com", true }, @@ -31247,12 +31867,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "slovenskycestovatel.sk", true }, { "slow.zone", true }, { "slowb.ro", true }, - { "slowfood.es", true }, { "slowgames.xyz", true }, { "slpower.com", true }, { "slrd-isperih.com", true }, { "sluciaconstruccion.com", true }, - { "sluimann.de", true }, { "sluitkampzeist.nl", false }, { "slusham.com", true }, { "slvh.fr", true }, @@ -31266,6 +31884,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "smablo.com", true }, { "smackhappy.com", true }, { "smadav.ml", true }, + { "smakassen.no", true }, { "smallcloudsolutions.co.za", true }, { "smalldogbreeds.net", true }, { "smalle-voet.de", true }, @@ -31315,24 +31934,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "smartservices.nl", true }, { "smartshiftme.com", true }, { "smartship.co.jp", true }, - { "smartshoppers.es", true }, { "smartsparrow.com", true }, { "smartvideo.io", true }, { "smartviewing.com", true }, + { "smartwank.com", true }, { "smartwelve.com", true }, { "smartwoodczech.cz", true }, { "smartwritingservice.com", true }, - { "smartwurk.nl", true }, + { "smartwurk.nl", false }, { "smash-gg.club", true }, { "smatch.com", true }, { "smb445.com", true }, - { "smcbox.com", true }, { "smdavis.us", true }, { "smdcn.net", true }, { "sme-gmbh.net", true }, { "smeetsengraas.com", true }, { "smeso.it", true }, - { "smiatek.name", true }, { "smileandpay.com", true }, { "smiledirectsales.com", true }, { "smilessoftplay.co.uk", true }, @@ -31349,10 +31966,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "smithchow.com", true }, { "smithfieldbaptist.org", true }, { "smm.im", true }, - { "smmcab.website", true }, { "smmlaba.io", true }, { "smokeandmirrors.agency", true }, - { "smokinghunks.com", true }, + { "smol.cat", true }, { "smoo.st", true }, { "smoothcomp.com", true }, { "smoothgesturesplus.com", true }, @@ -31376,6 +31992,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "smskeywords.co.uk", true }, { "smskmail.com", true }, { "smsprivacy.org", true }, + { "smtpdev.com", true }, { "smuncensored.com", true }, { "smutba.se", true }, { "smutek.net", true }, @@ -31390,13 +32007,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "snapfinance.com", true }, { "snapserv.ch", true }, { "snapserv.net", true }, + { "snaptier.co", true }, { "snaptools.io", true }, { "snatch.com.ua", true }, { "snazel.co.uk", true }, { "snazzie.nl", true }, { "sncdn.com", true }, { "sndbouncycastles.co.uk", true }, - { "sneak.berlin", true }, { "sneakpod.de", true }, { "sneakynote.com", true }, { "sneakypaw.com", true }, @@ -31413,6 +32030,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "snelxboxlivegold.nl", true }, { "snerith.com", true }, { "snfdata.com", false }, + { "sngallery.co.uk", true }, { "sniderman.eu.org", true }, { "sniderman.pro", true }, { "sniderman.us", true }, @@ -31427,7 +32045,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "snote.io", true }, { "snoupon.com", true }, { "snow-online.com", true }, - { "snow-online.de", true }, { "snow.dog", true }, { "snowalerts.eu", true }, { "snowalerts.nl", true }, @@ -31437,8 +32054,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "snowhaze.ch", true }, { "snowhaze.com", true }, { "snowpak.com", true }, - { "snowplane.net", true }, - { "snowraven.de", true }, + { "snowpaws.de", true }, + { "snowyluma.com", true }, { "snowyluma.me", true }, { "snrat.com", true }, { "snrub.co", true }, @@ -31451,24 +32068,24 @@ static const nsSTSPreload kSTSPreloadList[] = { { "soapitup.com.au", true }, { "soaringtoglory.com", true }, { "sobaya-gohei.com", true }, + { "sobeau.com", true }, { "sobelift.com", true }, { "sobersys.com", true }, { "sobie.ch", true }, { "sobieray.dyndns.org", true }, { "sobotkama.eu", true }, - { "sobreporcentagem.com", true }, { "soc.net", true }, - { "socal-babes.com", true }, - { "soccersavings.com", true }, { "soccorso-stradale.org", true }, { "sochi-sochno.ru", true }, { "sociability.dk", true }, { "social-events.net", false }, { "social-media-strategies.it", true }, + { "social-media-strategy.org.uk", true }, { "socialhams.net", true }, { "socializam.com", true }, + { "socialmarketingday.nl", true }, { "socialmedia.ro", true }, - { "socialmirror.app", true }, + { "socialnitro.com", true }, { "socialnous.co", true }, { "socialrank.com", true }, { "socialsecurity.gov", false }, @@ -31500,6 +32117,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "softart.club", true }, { "softballrampage.com", true }, { "softcreatr.de", false }, + { "softonic.com", true }, { "softplay4hire.co.uk", true }, { "softplaynation.co.uk", true }, { "softprayog.in", true }, @@ -31510,6 +32128,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "softwarebetrieb.de", true }, { "softwaredesign.foundation", false }, { "softwarevoortherapeuten.nl", true }, + { "softwaylancing.com", true }, { "softwerk-edv.de", true }, { "sogola.com", true }, { "sogravatas.com.br", true }, @@ -31517,7 +32136,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sohamroy.me", true }, { "soia.ca", true }, { "soinvett.com", true }, - { "soju.fi", true }, + { "sokaissues.info", true }, { "sokche.com", true }, { "sokietech.com", true }, { "sokkenhoek.nl", true }, @@ -31535,6 +32154,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "solarplan-berlin.de", true }, { "solarstrom.net", true }, { "soldecom.com", true }, + { "solden.be", true }, + { "soldesduck.be", true }, + { "soldesduck.ch", true }, { "soldout-app.com", true }, { "sole-erdwaermetauscher.de", true }, { "sole-software.de", true }, @@ -31542,14 +32164,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "soledadpenades.com", true }, { "solentbasketball.co.uk", true }, { "solentbubblesandbounce.co.uk", true }, - { "soleria.eu", true }, { "solesoftware.de", true }, { "soleus.nu", false }, { "solfegiator.ch", true }, { "soli.cafe", true }, { "solicafe.at", true }, + { "solidarita-kosovo.net", true }, { "solidshield.com", true }, - { "solidtuesday.com", true }, { "solihullcarnival.co.uk", true }, { "solihullinflatables.com", true }, { "solihulllionsclub.org.uk", true }, @@ -31560,6 +32181,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "solomisael.com", true }, { "solomo.pt", true }, { "solonotizie24.it", true }, + { "solos.im", true }, { "solsocog.de", true }, { "soluphant.de", true }, { "solus-project.com", true }, @@ -31568,7 +32190,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "solve-it.se", true }, { "solved.tips", true }, { "solvemethod.com", true }, - { "solvingproblems.com.au", true }, { "solvops.com", true }, { "somaini.li", true }, { "somali-derp.com", true }, @@ -31579,7 +32200,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "somecrazy.com", true }, { "somersetscr.nhs.uk", true }, { "somersetwellbeing.nhs.uk", true }, - { "somewherein.jp", true }, { "sommefeldt.com", true }, { "somosnoticia.com.br", true }, { "sompani.com", true }, @@ -31596,13 +32216,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "songsmp3.com", true }, { "songsmp3.info", true }, { "songsmp3.io", true }, + { "songsmp3.live", true }, { "songsmp3.me", true }, { "songsmp3.net", true }, { "songsthatsavedyourlife.com", true }, { "songtianyi.com", true }, { "songzhuolun.com", true }, + { "sonia.com.au", true }, { "soniafauville.com", true }, - { "sonialive.com", true }, { "sonic.studio", true }, { "sonicdoe.com", true }, { "sonixonline.com", true }, @@ -31630,13 +32251,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sorenstudios.com", true }, { "sorever.online", true }, { "sorex.photo", true }, + { "sorincocorada.ro", true }, { "sorrowfulunfounded.com", true }, { "sortesim.com.br", true }, { "soruly.com", true }, { "sorz.org", true }, { "sos-falegname.it", true }, { "sos-idraulico.it", true }, - { "sos.de", true }, { "sosoftplay.co.uk", true }, { "sospromotions.com.au", true }, { "sostacancun.com", true }, @@ -31657,24 +32278,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "soulmate.dating", true }, { "soulmating.de", true }, { "soulogic.com", true }, - { "soumikghosh.com", true }, + { "souly.cc", true }, { "soumya92.me", true }, { "soundabout.nl", true }, - { "soundbytemedia.com", true }, { "soundedj.com.br", true }, { "soundeo.com", true }, { "soundeo.net", true }, - { "soundgasm.net", true }, { "soundhunter.xyz", false }, + { "soundonsound.com", true }, + { "soundprotectionllc.com", true }, { "soundscrate.com", true }, - { "soundsecurity.io", true }, - { "souqtajmeel.com", true }, { "sour.is", true }, - { "sourcebox.be", true }, + { "souravsaha.com", true }, + { "sourcebox.be", false }, { "sourcely.net", true }, { "sourceway.de", true }, { "souris.ch", true }, - { "sous-surveillance.net", false }, { "southafrican.dating", true }, { "southambouncycastle.co.uk", true }, { "southamerican.dating", true }, @@ -31697,7 +32316,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sozai-good.com", true }, { "sozialy.com", true }, { "sozon.ca", true }, - { "sp-sephiroth.jp", true }, + { "sp-sites.com.au", true }, { "sp.com.pl", true }, { "sp8ce.co", true }, { "space-it.de", true }, @@ -31716,7 +32335,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "spakurort.eu", true }, { "spamdrain.com", true }, { "spamwc.de", true }, - { "spanda.io", true }, { "spanjeflydrive.nl", true }, { "spanyolul.hu", true }, { "spar-ni.co.uk", true }, @@ -31728,6 +32346,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sparklebastard.com", true }, { "sparkresearch.net", true }, { "sparkreviewcenter.com", true }, + { "sparkz.no", true }, { "sparprofi.at", true }, { "sparta-en.org", true }, { "sparta-solutions.de", true }, @@ -31749,8 +32368,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "speargames.net", true }, { "specialtyalloys.ca", true }, { "speciesism.com", true }, - { "spectreattack.com", true }, { "spectrosoftware.de", true }, + { "spedition-transport-umzug.de", true }, { "speech-balloon.com", true }, { "speechdrop.net", true }, { "speechmate.com", true }, @@ -31762,7 +32381,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "speedsportofhull.co.uk", true }, { "speedtailors.com", true }, { "speedtest-russia.com", true }, - { "speedychat.it", true }, { "speeltoneel.nl", true }, { "speerpunt.info", true }, { "speets.ca", true }, @@ -31778,14 +32396,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "spesys-services.fr", true }, { "spha.info", true }, { "sphereblur.com", true }, + { "spherenix.org", true }, { "sphido.org", true }, { "spicydog.org", true }, { "spicymatch.com", true }, + { "spidermail.tk", true }, + { "spidernet.tk", true }, { "spideroak.com", true }, { "spiders.org.ua", true }, + { "spiel-teppich.de", true }, { "spielezar.ch", true }, { "spielland.ch", true }, { "spiellawine.de", true }, + { "spiet.nl", true }, { "spiff.eu", true }, { "spiga.ch", true }, { "spillersfamily.net", true }, @@ -31795,7 +32418,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "spindle.com.ph", true }, { "spindrift.com", true }, { "spingenie.com", true }, - { "spinner.dnshome.de", true }, + { "spinor.im", true }, { "spins.fedoraproject.org", true }, { "spinspin.wtf", true }, { "spiralschneiderkaufen.de", true }, @@ -31826,19 +32449,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "spongepowered.org", true }, { "sponsor.network", true }, { "sponsormatch.eu", true }, - { "sponsorowani.pl", true }, { "spoofhaus.com", true }, { "spookbook.net", true }, { "spookquest.com", true }, - { "spookyinternet.com", true }, { "spoopy.link", true }, + { "spoorcam.nl", true }, { "sporcard.com", true }, { "spornkuller.de", true }, { "sport-in-sundern.de", true }, { "sport-potreby.cz", true }, { "sport-potreby.sk", true }, { "sport-socken.net", true }, - { "sport247.bet", true }, { "sportakrobatik.at", true }, { "sportbetuwe.nl", true }, { "sporter.com", true }, @@ -31847,10 +32468,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sportovnidum.cz", true }, { "sportparks.com", true }, { "sportparks.org", true }, - { "sportressofblogitude.com", true }, { "sports.dating", true }, { "sportsjaw.com", true }, - { "sportsmanadvisor.com", false }, { "sportsmansblog.com", true }, { "sportstraineradvisor.com", true }, { "sporttown.it", true }, @@ -31878,19 +32497,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sprinklermanohio.com", true }, { "spritmonitor.de", true }, { "spritsail.io", true }, - { "sproing.ca", true }, + { "sproktz.com", true }, { "sprucecreekclubs.com", true }, { "sprucecreekgcc.com", true }, { "sps-lehrgang.de", true }, + { "spslawoffice.com", true }, + { "spsnewengland.org", true }, { "sptk.org", true }, { "spuffin.com", true }, { "spufpowered.com", true }, { "spunkt.fr", true }, { "spur.com.br", true }, + { "sputnik1net.org", true }, { "spydar007.com", true }, { "spydar007.net", true }, { "spydersec.com", true }, - { "spykedigital.com", true }, { "spyprofit.ru", true }, { "spyroszarzonis.com", true }, { "sqkaccountancy.co.uk", true }, @@ -31899,6 +32520,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sqlfeatures.com", true }, { "sqr-training.com", true }, { "sqroot.eu", true }, + { "squadlinx.com", true }, { "square-gaming.org", true }, { "square-src.de", false }, { "square.com", false }, @@ -31916,6 +32538,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "srbija-nekretnine.org", true }, { "src.fedoraproject.org", true }, { "srchub.org", true }, + { "srigc.com", true }, { "srihash.org", true }, { "srinivasan.io", true }, { "sro.center", true }, @@ -31967,12 +32590,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sslmate.com", true }, { "sslok.com", true }, { "sslping.com", true }, - { "sslpoint.com", true }, { "ssls.cz", true }, { "sslsurvey.de", true }, { "ssmato.me", true }, { "ssmca.com", true }, { "ssnet.vip", true }, + { "sso.to", false }, { "ssready.io", true }, { "ssready.org", true }, { "sstaging.com", true }, @@ -31997,28 +32620,29 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stadm.com", true }, { "stadsbygd.info", true }, { "stadt-apotheke-muensingen.de", true }, - { "stadtbuecherei-bad-wurzach.de", true }, { "stadterneuerung-hwb.de", true }, { "stadtpapa.de", true }, { "stadtplan-ilmenau.de", true }, { "staff.direct", true }, + { "staffordlabour.org.uk", true }, { "stage.wepay.com", false }, { "stage4.ch", true }, { "stageirites.com", true }, { "stageirites.fr", true }, { "stageirites.org", true }, - { "stahlfors.com", false }, + { "stahlfors.com", true }, { "stainedglass.net.au", true }, { "stair.ch", true }, { "stairfallgames.com", true }, { "stairlin.com", true }, + { "stakestrategy.com", true }, { "staklim-malang.info", true }, { "stako.jp", true }, { "staktrace.com", true }, { "stalder.work", true }, + { "staljedevledder.nl", true }, { "stalker-shop.com", true }, { "stalkr.net", true }, - { "stall-zur-linde.de", true }, { "stamboommuller.nl", true }, { "stamboomvanderwal.nl", true }, { "stameystreet.com", true }, @@ -32027,10 +32651,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stamonicatourandtravel.com", true }, { "stamparmakarije.me", true }, { "stampederadon.com", true }, + { "stampsbar.co.uk", true }, { "standagainstspying.org", true }, { "standard.co.uk", true }, { "standardequipment.com", true }, { "standards.gov", true }, + { "stanron.com", true }, { "stanthonymaryclaret.org", true }, { "star-citizen.wiki", true }, { "star-clean.it", true }, @@ -32045,6 +32671,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stargarder-jungs.de", true }, { "stargatelrp.co.uk", true }, { "stargazer.de", true }, + { "starina.ru", true }, { "starinvestors.in", true }, { "starka.st", true }, { "starkbim.com", true }, @@ -32055,21 +32682,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "starmtech.fr", true }, { "starpeak.org", true }, { "starphotoboothsni.co.uk", true }, - { "starsam80.net", true }, { "starskim.cn", true }, - { "starstreak.net", true }, + { "starstreak.net", false }, { "startaninflatablebusiness.com", true }, - { "starteesforsale.co.za", true }, { "startergen.com", true }, { "startlab.sk", true }, { "startle.cloud", true }, { "startpage.com", true }, { "startpage.info", true }, { "startrek.in", true }, + { "startsamenvitaal.nu", true }, { "starttraffic.com", true }, { "starttraffic.uk", true }, { "startupgenius.org", true }, - { "startuppeople.co.uk", true }, { "starwatches.eu", true }, { "starwins.co.uk", true }, { "stassi.ch", true }, @@ -32088,10 +32713,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stationatlyndhurst.com", true }, { "stationatwillowgrove.com", true }, { "stationcharlie.co.za", true }, + { "statistik-seminare.de", true }, { "statistikian.com", true }, { "statofus.com", true }, { "stats.g.doubleclick.net", true }, - { "status.coffee", true }, { "statuscode.ch", true }, { "stav.io", true }, { "stavros.ovh", true }, @@ -32101,10 +32726,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stb-schefczyk.de", true }, { "stb-strzyzewski.de", true }, { "stbennett.org", true }, + { "stcplasticsurgery.com", true }, { "stcu.org", false }, { "std-home-test.com", true }, { "stderr.cc", true }, - { "stdev.org", true }, + { "stdrc.cc", false }, { "steakhaus-zumdorfbrunnen.de", true }, { "steakovercooked.com", true }, { "stealingheather.com", true }, @@ -32118,8 +32744,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "steamtrades.com", true }, { "steamwhale.com", true }, { "stebet.net", true }, + { "steborio.pw", true }, { "steckel.cc", true }, { "stedb.eu", true }, + { "stedbg.net", true }, { "steef389.eu", true }, { "steel-roses.de", true }, { "steelephys.com.au", true }, @@ -32162,10 +32790,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stephane-huc.net", false }, { "stephaniedeady.ie", true }, { "stephanieschreiber.com", true }, + { "stephencreilly.com", true }, { "stephenhaunts.com", true }, { "stephenhorler.com.au", true }, { "stephenj.co.uk", true }, - { "stephenjvoiceovers.com", true }, { "stephenperreira.com", true }, { "stephenschrauger.com", true }, { "stephenschrauger.info", true }, @@ -32191,7 +32819,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sternen-sitzberg.ch", true }, { "sternenbund.info", true }, { "sternplastic.com", true }, - { "stesti.cz", true }, { "stetspa.it", true }, { "steuer-voss.de", true }, { "steuerberater-essen-steele.com", true }, @@ -32201,6 +32828,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "steuertipps-sonderausgaben.de", true }, { "steve.kiwi", true }, { "steveborba.com", true }, + { "stevecostar.com", true }, { "stevedesmond.ca", true }, { "stevedoggett.com", true }, { "stevegrav.es", true }, @@ -32219,11 +32847,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stevenz.xyz", true }, { "stevesdrivingschooltyneside.com", true }, { "stewartswines.com", true }, - { "stewonet.nl", true }, { "steyaert.be", false }, - { "stforex.com", true }, + { "stforex.com", false }, { "stfw.info", true }, - { "stge.uk", true }, { "stichtingliab.nl", true }, { "stichtingscholierenvervoerzeeland.nl", true }, { "stichtingsticky.nl", true }, @@ -32238,10 +32864,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stiffordacademy.org.uk", true }, { "stift-kremsmuenster.at", true }, { "stiftemaskinen.no", true }, - { "stig.io", false }, { "stigharder.com", true }, { "stigviewer.com", true }, - { "stijnbelmans.be", true }, { "stijncrevits.be", true }, { "stijnodink.nl", true }, { "stikic.me", true }, @@ -32250,6 +32874,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stilecop.com", true }, { "stillnessproject.com", true }, { "stilmobil.se", true }, + { "stiltmedia.com", true }, { "stimmgabel.lu", true }, { "stin.hr", true }, { "stinaspiegelberg.com", true }, @@ -32260,13 +32885,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stirling.co", true }, { "stirlingpoon.com", true }, { "stitchfiddle.com", true }, + { "stitchinprogress.com", true }, { "stivesbouncycastlehire.co.uk", true }, { "stjohnin.com", true }, { "stln.ml", true }, { "stlu.de", true }, { "stlukesbrandon.org", true }, { "stm-net.de", true }, + { "stma.is", true }, + { "stmarthachurch.com", true }, { "stmaryextra.uk", true }, + { "stmkza.net", true }, { "stmlearning.com", true }, { "stmsolutions.pl", true }, { "stneotsbouncycastlehire.co.uk", true }, @@ -32286,10 +32915,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stolkschepen.nl", true }, { "stolpi.is", true }, { "stomt.com", true }, + { "stoneagehealth.com.au", true }, { "stonedworms.de", true }, { "stonefusion.org.uk", true }, { "stonehammerhead.org", true }, { "stonemain.eu", true }, + { "stonewuu.com", true }, { "stony.com", true }, { "stonystratford.org", true }, { "stopbreakupnow.org", true }, @@ -32299,6 +32930,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "storageideas.uk", true }, { "stordbatlag.no", true }, { "storedsafe.com", true }, + { "storeit.co.uk", true }, { "storillo.com", true }, { "storm-family.com", true }, { "stormi.io", true }, @@ -32310,7 +32942,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "storysift.news", true }, { "storytea.top", true }, { "storytell.com", true }, - { "storytime.hu", true }, { "stouter.nl", true }, { "stoxford.com", true }, { "straatderzotten.nl", true }, @@ -32326,6 +32957,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "strategiccapital.com", true }, { "strategiclivingblog.com", true }, { "strategie-zone.de", true }, + { "strathewerd.de", true }, { "stratmann-b.de", true }, { "stratuscloud.co.za", true }, { "stratuscloudconsulting.cn", true }, @@ -32340,17 +32972,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "strauser.com", true }, { "stravers.shoes", true }, { "streamchan.org", true }, + { "streamelements.com", true }, { "streamlineautogroup.com", true }, + { "streampleasure.xyz", true }, { "streams.dyndns.org", true }, - { "street-smart-home.de", true }, + { "street-medics.fr", true }, { "street-tek.com", true }, { "streetdancecenter.com", true }, + { "streetmarket.ru", true }, { "streets.mn", true }, { "streetshirts.co.uk", true }, { "streetspotr.com", true }, { "streetview.wien", true }, { "strefapi.com", true }, - { "strelitzia02.com", true }, + { "streklhof.at", true }, { "strengthroots.com", true }, { "stretchmyan.us", true }, { "stretchpc.com", true }, @@ -32363,6 +32998,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stringtoolbox.com", true }, { "stringvox.com", true }, { "stripe.com", true }, + { "striped.horse", true }, { "strivephysmed.com", false }, { "strm.hu", true }, { "strming.com", true }, @@ -32372,8 +33008,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stroeerdigital.de", true }, { "stroginohelp.ru", true }, { "strom.family", true }, + { "stromaci.sk", true }, { "stromberger.org", true }, - { "strommenhome.com", true }, + { "stromzivota.sk", true }, { "strongpassword.club", true }, { "strongrandom.com", false }, { "strongsalpinesucculents.com", true }, @@ -32389,12 +33026,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stsolarenerji.com", true }, { "stt.wiki", true }, { "stuartbell.co.uk", true }, + { "stuarteggerton.com", true }, { "stuartmorris.id.au", true }, { "stuartmorris.me", true }, { "stuartmorris.name", true }, { "stuartmorris.tel", true }, { "stuarts.xyz", false }, { "stuco.co", true }, + { "stucorweb.com", true }, { "stucydee.nl", true }, { "studenckiemetody.pl", true }, { "student-eshop.cz", true }, @@ -32414,6 +33053,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "studio-architetto.com", true }, { "studio-fotografico.ru", true }, { "studio-webdigi.com", true }, + { "studiobergaminloja.com.br", true }, { "studiodentisticosanmarco.it", true }, { "studiodewit.nl", true }, { "studiogavioli.com", true }, @@ -32423,6 +33063,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "studiolegalepaternostro.it", true }, { "studiomarcella.com", true }, { "studionowystyl.pl", true }, + { "studiopirrate.com", true }, { "studiopop.com.br", true }, { "studioproapp.com", true }, { "studioriehl.com", true }, @@ -32435,10 +33076,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "studipro-marketing.fr", true }, { "studium.cz", true }, { "studlan.no", true }, - { "studport.rv.ua", true }, { "studyin.jp", true }, - { "studying-neet.com", true }, + { "studyspy.ac.nz", true }, { "studytactics.com", true }, + { "studytale.com", true }, { "stuermer.me", true }, { "stuetzredli.ch", true }, { "stuff-fibre.co.nz", true }, @@ -32475,7 +33116,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "su1ph3r.io", true }, { "suaudeau.fr", true }, { "suaudeau.org", true }, - { "suave.io", true }, { "sub-net.at", true }, { "sub.media", true }, { "subastasdecarros.net", true }, @@ -32495,10 +33135,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "suburban-landscape.net", true }, { "suburbaninfinitioftroyparts.com", true }, { "subversive-tech.com", true }, - { "subzerotech.co.uk", true }, { "succ.in", true }, { "succesprojekter.dk", true }, - { "suche.org", true }, { "suchmaschinen-werkstatt.de", true }, { "suckmyan.us", false }, { "sucretown.net", true }, @@ -32515,18 +33153,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "suevia-ka.de", true }, { "suffa.ac", true }, { "suffix.ru", true }, - { "suffts.de", true }, { "sufix.cz", true }, { "sugarandcloth.com", true }, { "sugarbrother.com", true }, { "sugarfactory.cz", true }, + { "sugarmillmanagement.com", true }, { "sugarshin.net", true }, { "suggea.com", true }, { "suggestim.ch", true }, { "suisui.stream", true }, + { "suited21.com", true }, { "suitesapp.com", true }, { "sujatadev.in", true }, { "sujoydhar.in", true }, + { "suka.moe", true }, + { "suke3.jp", true }, { "suki.moe", true }, { "suko.pe", true }, { "sukrie.net", true }, @@ -32542,36 +33183,39 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sumoatm.com", false }, { "sumthing.com", true }, { "sun-leo.co.jp", true }, + { "sun-wellness-online.com.vn", true }, { "sunboxstore.jp", true }, { "sunbritetv.com", true }, { "sunchasercats.com", true }, { "sundanceusa.com", true }, { "sundayfundayjapan.com", true }, - { "sunfeathers.net", true }, + { "sundayrest.com", true }, + { "sundragon.se", true }, + { "sunfiregold.com", true }, { "sunflyer.cn", false }, { "sunfox.cz", true }, { "sunfulong.blog", true }, { "sunfulong.me", true }, + { "sunjaydhama.com", true }, { "sunjiutuo.com", true }, { "sunlit.cloud", true }, { "sunn.ie", true }, { "sunoikisis.org", true }, + { "sunset.im", true }, { "sunsetwx.com", true }, { "sunshinesf.org", true }, { "sunsmartresorts.com", true }, + { "sunsong.org", true }, { "sunstar.bg", true }, { "sunwolf.studio", true }, - { "sunyataherb.com", true }, { "suool.net", true }, { "supa.sexy", true }, { "supastuds.com", true }, - { "super-erotica.ru", true }, { "superaficionados.com", true }, { "superbart.nl", true }, { "superbdistribute.com", true }, { "superbouncebouncycastles.com", true }, { "superbowlkneel.com", true }, - { "superbshare.com", true }, { "supercalorias.com", true }, { "supercastlesadelaide.com.au", true }, { "supercastlesbrisbane.com.au", true }, @@ -32580,10 +33224,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "supercastlessydney.com.au", true }, { "supercentenarian.com", true }, { "supercinebattle.fr", true }, + { "superdaddy.club", true }, { "supereight.net", true }, { "superguide.com.au", true }, { "superhappiness.com", true }, { "superhome.com.au", true }, + { "supermae.pt", true }, { "supermarx.nl", true }, { "supermercadosdia.com.ar", true }, { "supermercato24.it", true }, @@ -32591,7 +33237,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "supern0va.net", true }, { "supernaut.info", true }, { "supernt.lt", true }, - { "supersahnetorten.de", true }, { "supersec.es", true }, { "supersole.net", true }, { "supersonnig-festival.de", true }, @@ -32605,7 +33250,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "supertutorial.com.br", true }, { "supervisionassist.com", true }, { "supeuro.com", true }, - { "supperclub.es", false }, { "supplementler.com", true }, { "supplies24.at", true }, { "supplies24.es", true }, @@ -32619,43 +33263,53 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sur-v.com", true }, { "surao.cz", true }, { "surasak.io", true }, + { "surasak.net", true }, + { "surasak.org", true }, { "surdam.casa", false }, { "sure-it.de", true }, + { "surefit-oms.com", true }, { "suretone.co.za", true }, + { "surfnetkids.com", true }, { "surfocal.com", true }, { "surgenet.nl", true }, { "surgeongeneral.gov", true }, { "surgicalassociateswny.com", true }, + { "surgiclinic.gr", true }, { "suroil.com", true }, { "surpreem.com", true }, + { "surreyheathyc.org.uk", true }, + { "suruifu.com", true }, + { "suruifu.tk", true }, { "survature.com", true }, { "surveyhealthcare.com", true }, { "surveyinstrumentsales.com", true }, { "surveymill.co.uk", true }, + { "survivalistplanet.com", true }, { "survivalmonkey.com", true }, { "survivebox.fr", true }, { "susanbpilates.co", true }, { "susanbpilates.com", true }, { "susann-kerk.de", true }, { "susanna-komischke.de", true }, + { "susanvelez.com", true }, { "susc.org.uk", true }, { "sush.us", true }, { "sushi.roma.it", true }, { "sushibesteld.nl", true }, - { "sushifrick.de", true }, { "sushikatze.de", true }, - { "sushiwereld.be", true }, + { "susoccm.org", true }, { "susosudon.com", true }, { "suspension-shop.com", true }, - { "sussexwebsites.info", false }, { "sustainabilityknowledgegroup.com", true }, { "sustainoss.org", true }, { "sustsol.com", true }, { "sutas.market", true }, { "suurhelsinki.cf", true }, { "suuria.de", true }, + { "suv4.net", true }, { "suwalls.com", true }, { "suzi3d.com", true }, + { "suziekovner.com", true }, { "suzukimarinepress.com", true }, { "sv-1966-medenbach.de", true }, { "sv-turm-hohenlimburg.de", true }, @@ -32681,10 +33335,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "svetandroida.cz", true }, { "svetlilo.com", true }, { "svetzitrka.cz", false }, + { "svht.nl", true }, { "svijet-medija.hr", true }, { "svinformatica.es", true }, { "svm-basketball.de", true }, { "svm-it.eu", true }, + { "svobodnyblog.cz", true }, { "sw-servers.net", true }, { "sw33tp34.com", true }, { "swagsocial.net", true }, @@ -32697,8 +33353,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "swat4stats.com", true }, { "swattransport.ae", true }, { "sway-cdn.com", true }, - { "sway.com", true }, { "swd.agency", true }, + { "sweak.net", true }, { "swedishhost.com", true }, { "swedishhost.se", true }, { "sweep-me.net", true }, @@ -32709,13 +33365,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sweetgood.de", true }, { "sweets-mimatsu.com", true }, { "swehack.org", true }, + { "sweharris.org", true }, { "swerve-media-testbed-03.co.uk", true }, { "swetrust.com", true }, { "swfmax.com", true }, - { "swiftpk.net", true }, + { "swiftpcbassembly.com", true }, { "swiftqueue.com", true }, { "swilly.org", true }, { "swimbee.nl", true }, + { "swimmingpoolaccidentattorney.net", true }, { "swimready.net", true }, { "swimwear365.co.uk", true }, { "swineson.me", true }, @@ -32734,13 +33392,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "swisslinux.org", true }, { "swisstechassociation.ch", true }, { "swisstechtalks.ch", true }, - { "swissxperts.ch", true }, { "switch-trader.com", true }, { "switch.moe", true }, { "switcheo.exchange", true }, { "switcheo.rocks", true }, { "switzerland-family-office.com", true }, { "swordfeng.xyz", true }, + { "swuosa.org", false }, { "swvaux.com", true }, { "swyn.net", true }, { "sx8.ovh", true }, @@ -32748,6 +33406,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sy-anduril.de", true }, { "sy24.ru", true }, { "syajvo.if.ua", true }, + { "syamutodon.xyz", true }, + { "syamuwatching.xyz", true }, { "sycamorememphis.org", true }, { "sychov.pro", true }, { "sydney-sehen.com", true }, @@ -32756,6 +33416,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sydneylawnandturf.com.au", true }, { "syenar.net", true }, { "syezd.com.au", true }, + { "syha.org.uk", true }, { "syhost.at", true }, { "syhost.ch", true }, { "syhost.de", true }, @@ -32764,7 +33425,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "syleam.in", true }, { "sylfie.net", true }, { "syllogi.xyz", true }, - { "sylvaincombe.net", true }, { "sylvaindurand.fr", true }, { "sylvaindurand.org", true }, { "sylvaloir.fr", true }, @@ -32779,10 +33439,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "symbiose.com", true }, { "symbiosecom.ch", true }, { "symeda.de", true }, - { "symetria.io", true }, { "symfora-meander.nl", true }, { "symlnk.de", true }, { "symphonos.it", true }, + { "sympmarc.com", true }, + { "sympraxisconsulting.com", true }, { "symptome-erklaert.de", true }, { "synabi.com", true }, { "synaptickz.me", true }, @@ -32790,7 +33451,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sync-it.no", true }, { "synccentre.com", true }, { "syncflare.com", true }, - { "synchrocube.com", true }, { "synchrolarity.com", true }, { "synchronyse.com", true }, { "synchtu.be", true }, @@ -32820,7 +33480,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sysmike.de", true }, { "systea.fr", true }, { "system-m.de", true }, - { "system-online.cz", true }, { "system.cf", true }, { "system.is", true }, { "system12.pl", true }, @@ -32828,28 +33487,35 @@ static const nsSTSPreload kSTSPreloadList[] = { { "systemadmin.uk", true }, { "systematic-momo.com", true }, { "systematic-momo.dk", true }, + { "systemchile.com", true }, { "systemd.ch", true }, { "systemd.eu.org", true }, { "systemeprod.fr", true }, { "systemintegra.ru", true }, { "systemli.org", true }, + { "systemonthego.com", true }, { "systemreboot.net", true }, { "systemspace.link", true }, - { "systemweb.no", true }, { "systemzeit.info", true }, { "systoolbox.net", true }, { "sysystems.cz", true }, { "syt3.net", true }, { "sytk.me", true }, + { "syukatsu-net.jp", true }, { "syy.im", true }, { "syzygy-tables.info", true }, { "szafkirtv.pl", true }, { "szagun.net", true }, + { "szaloneigly.com", true }, { "szamitogepdepo.com", true }, { "szaydon.me", false }, + { "szclsya.me", true }, + { "szczot3k.pl", true }, { "szechenyi2020.hu", true }, { "szentistvanpt.sk", true }, { "szerelem.love", true }, + { "szetowah.org.hk", true }, + { "szunia.com", true }, { "szybkiebieganie.pl", true }, { "szyndler.ch", true }, { "t-hawk.com", true }, @@ -32875,6 +33541,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tabarnak.ga", true }, { "tabernadovinho.com.br", true }, { "tabhui.com", true }, + { "tabi-news.com", true }, + { "tabi-runrun.com", true }, { "tabithawebb.co.uk", true }, { "tabledusud.be", true }, { "tabledusud.nl", true }, @@ -32885,13 +33553,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "taborsky.cz", true }, { "tac-volley.com", true }, { "tachi.uk", true }, - { "tachyonapp.com", true }, { "tacklinglife.com", true }, { "tacklog.com", true }, { "tacomafia.net", false }, { "tacostea.net", true }, { "tacticalsquare.com", true }, - { "tadata.me", true }, { "taddiestales.com", true }, { "tadeo.ca", true }, { "tadluedtke.com", true }, @@ -32899,19 +33565,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tadu.de", true }, { "tagabrand.co.uk", true }, { "tagdocumentary.com", true }, + { "tagesmutter-zwitscherlinge.de", true }, { "taggedpdf.com", false }, { "taglioepiega.com", true }, { "taglioepiega.eu", true }, { "taglioepiega.it", true }, { "tagpay.com", true }, + { "tahavu.com", true }, { "tahosa.co", true }, { "tahosalodge.org", true }, { "tai-in.com", true }, { "tai-in.net", true }, - { "tailandfur.com", true }, - { "tailpuff.net", true }, { "tails.boum.org", true }, { "taimane.com", true }, + { "taiphanmem.net", true }, { "taishon.nagoya", true }, { "taitmacleod.com", true }, { "taiwan.dating", true }, @@ -32920,9 +33587,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "taizegroep.nl", true }, { "tajper.pl", true }, { "take1give1.com", false }, - { "takebackyourstate.com", true }, - { "takebackyourstate.net", true }, - { "takebackyourstate.org", true }, { "takeitoffline.co.uk", true }, { "takemoto-ped.com", true }, { "taken.pl", true }, @@ -32941,7 +33605,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "taler.net", true }, { "talideon.com", false }, { "talk.google.com", true }, - { "talk.xyz", true }, { "talkgadget.google.com", true }, { "talking12.com", true }, { "talkingmoose.net", true }, @@ -32957,9 +33620,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tallyfy.com", true }, { "talon.rip", true }, { "talroo.com", true }, - { "talsi.eu", true }, { "talun.de", true }, - { "tamaraboutique.com", true }, { "tamashimx.net", true }, { "tambre.ee", true }, { "tamchunho.com", true }, @@ -32968,12 +33629,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tampabaybusinesslistings.com", true }, { "tamposign.fr", true }, { "tamriel-rebuilt.org", true }, - { "tanak3n.xyz", true }, + { "tanak3n.xyz", false }, { "tancredi.nl", true }, { "tandem-trade.ru", false }, { "tandempartnerships.com", true }, + { "tandilmap.com.ar", true }, + { "tandk.com.vn", true }, { "tandzorg.link", true }, - { "tangel.me", true }, { "tangemann.org", true }, { "tango-cats.de", true }, { "tango-ouest.com", true }, @@ -32987,9 +33649,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tankski.co.uk", true }, { "tannenhof-moelln.de", true }, { "tannerryan.ca", true }, + { "tannerwj.com", true }, { "tantalos.nl", true }, { "tantei100.net", true }, - { "tantetilli.de", true }, { "tanto259.name", false }, { "tanyanama.com", true }, { "tanz.info", true }, @@ -32998,12 +33660,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "taoburee.com", true }, { "taoways.com", true }, { "tapakgram.com", true }, + { "taplamvan.net", true }, { "taplemon.at", true }, { "taplemon.com", true }, { "taprix.org", true }, - { "taqsim.jp", true }, + { "tapsnapp.co", true }, { "taquilla.com", true }, { "taqun.club", true }, + { "tarantul.org.ua", true }, { "tarasecurity.co.uk", true }, { "tarasecurity.com", true }, { "tarasevich.by", true }, @@ -33014,6 +33678,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tariff.cc", true }, { "tarik.io", true }, { "tarmexico.com", true }, + { "tarots-et-oracles.com", true }, { "tarsan.cz", true }, { "tartaneagle.org.uk", true }, { "tartanhamedshop.com.br", true }, @@ -33051,12 +33716,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "taxi-puck.pl", true }, { "taxi-waregem.be", true }, { "taxicollectif.ch", true }, - { "taxiindenbosch.nl", true }, + { "taxid-k.be", true }, { "taxis-collectifs.ch", true }, { "taxisafmatosinhos.pt", true }, { "taxiscollectifs.ch", true }, { "taxlab.co.nz", true }, - { "taxspeaker.com", true }, + { "taxsquirrel.com", true }, { "taylorpearson.me", false }, { "taylors-castles.co.uk", true }, { "taylorstauss.com", true }, @@ -33064,6 +33729,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tb-devel.de", true }, { "tb-itf.de", true }, { "tba.bm", true }, + { "tbejos.com", true }, { "tbfocus.com", true }, { "tbitc.ch", true }, { "tbonejs.org", true }, @@ -33071,9 +33737,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tbrindus.ca", true }, { "tbs-certificates.co.uk", true }, { "tbspace.de", true }, - { "tbtech.cz", true }, { "tbuchloh.de", true }, - { "tbys.us", true }, { "tc-st-leonard.ch", true }, { "tc.nz", true }, { "tcacademy.co.uk", true }, @@ -33083,6 +33747,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tcf.org", true }, { "tcgforum.pl", true }, { "tcgrepublic.com", true }, + { "tchaka.top", true }, { "tchannels.tv", true }, { "tchebb.me", true }, { "tchebotarev.com", true }, @@ -33093,9 +33758,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tcptun.com", true }, { "tcpweb.net", true }, { "tcspartner.net", true }, + { "tcvvip.com", true }, + { "tcwis.com", true }, { "tdchrom.com", true }, { "tdfbfoundation.org", true }, - { "tdpblog.site", true }, { "tdrcartuchos.com.br", true }, { "tdrs.info", true }, { "tdsf.io", true }, @@ -33118,7 +33784,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "team-bbd.com", true }, { "team.house", true }, { "team3482.com", true }, - { "teamassists.com", true }, { "teambeam.at", true }, { "teambeam.ch", true }, { "teambeam.com", true }, @@ -33127,6 +33792,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "teambodyproject.com", true }, { "teamcombat.com", true }, { "teamliquidpro.com", true }, + { "teammateworld.com", true }, { "teammathics.com", true }, { "teamnetsol.com", true }, { "teamninjaapp.com", true }, @@ -33141,7 +33807,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "teamupturn.org", true }, { "teamusec.de", true }, { "tearoomlints.be", true }, - { "teasenetwork.com", true }, { "teaser-trailer.com", true }, { "teatrarium.com", true }, { "teb-akademia.pl", true }, @@ -33158,6 +33823,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tech-seminar.jp", true }, { "tech-value.eu", true }, { "tech-zealots.com", true }, + { "techableme.com", true }, { "techace.jp", true }, { "techademy.nl", true }, { "techarea.fr", true }, @@ -33183,18 +33849,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "techmajesty.com", true }, { "techmasters.io", true }, { "techmunchies.net", false }, + { "technic3000.com", true }, { "technicabv.nl", true }, { "technicalbrothers.cf", true }, { "technicallyeasy.net", true }, { "technicalsystemsprocessing.com", true }, - { "techniclab.net", true }, - { "techniclab.org", true }, - { "techniclab.ru", true }, { "technifocal.com", true }, { "technik-boeckmann.de", true }, { "technikblase.fm", true }, + { "technikman.de", true }, { "technoinfogroup.it", true }, { "technologie-innovation.fr", true }, + { "technologyand.me", true }, { "technologysi.com", true }, { "technoparcepsilon.fr", true }, { "technoscoots.com", true }, @@ -33212,6 +33878,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "techsolvency.com", true }, { "techsys.cz", true }, { "techtalks.no", true }, + { "techtrader.ai", true }, + { "techtrader.io", true }, { "techtuts.info", true }, { "techvalue.gr", true }, { "techview.link", true }, @@ -33220,6 +33888,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "techwithcromulent.com", true }, { "techwords.io", true }, { "teckids.org", true }, + { "tecma.com", true }, { "tecmarkdig.com", true }, { "tecne.ws", true }, { "tecnicoelettrodomestici.roma.it", true }, @@ -33243,7 +33912,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "teemperor.de", true }, { "teemulintula.fi", true }, { "teencounseling.com", true }, - { "teenerotic.net", true }, { "teengirl.pub", true }, { "teensexgo.com", true }, { "teesypeesy.com", true }, @@ -33253,7 +33921,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tehcrayz.com", true }, { "tehrabbitt.com", false }, { "tehrankey.ir", true }, - { "tehranperfume.com", true }, { "teixobactin.com", true }, { "tejarat98.com", true }, { "teknemodus.com.au", true }, @@ -33263,7 +33930,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "teknoforums.com", true }, { "teknolit.com", true }, { "tekstschrijvers.net", true }, - { "teksuperior.com", true }, { "tektuts.com", true }, { "tekuteku.jp", true }, { "telamon.eu", true }, @@ -33281,6 +33947,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "telefoncek.si", true }, { "telefonkonferenz.ch", true }, { "telefonni-ustredna.cz", true }, + { "telefonogratuito.com", true }, { "telefonseelsorge-paderborn.de", true }, { "telefoon.nl", true }, { "telefoonabonnement.nl", true }, @@ -33292,8 +33959,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "telepass.me", true }, { "telephonedirectories.us", true }, { "telepons.com", true }, - { "teleshop.be", true }, { "telework.gov", true }, + { "tellcorpassessoria.com.br", true }, { "telling.xyz", true }, { "tellusaboutus.com", true }, { "telly.site", true }, @@ -33302,7 +33969,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "telos-analytics.com", true }, { "teltonica.com", true }, { "teltru.com", true }, - { "telugu4u.net", true }, { "tem.li", true }, { "tematicas.org", true }, { "temizmama.com", true }, @@ -33343,20 +34009,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tepitus.de", true }, { "teplofom.ru", true }, { "teplomash24.ru", true }, - { "tequilazor.com", true }, { "terabyte.services", true }, { "terabyteharddrive.net", true }, { "terabyteit.co.uk", true }, { "teracloud.at", true }, { "teranacreative.com", true }, - { "tercerapuertoaysen.cl", true }, { "teriiphotography.com", true }, { "terlindung.com", true }, { "termax.me", true }, - { "termino.eu", true }, { "termitemounds.org", true }, { "termitinitus.org", true }, { "termografiranje.si", true }, + { "termux.com", true }, { "terra.fitness", true }, { "terrab.de", false }, { "terracloud.de", false }, @@ -33369,6 +34033,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "terralimno.eu", true }, { "terraluna.space", true }, { "terranova-nutrition.dk", true }, + { "terrapay.com", true }, { "terrastaffinggroup.com", false }, { "terraweb.net", true }, { "terresmagiques.com", true }, @@ -33385,18 +34050,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tessai.ga", true }, { "test-textbooks.com", true }, { "test.de", true }, + { "test.support", true }, { "testadren.com", true }, { "testgeomed.ro", true }, { "testi.info", true }, { "testomato.com", true }, + { "testosterone-complex.com", true }, { "testosteronedetective.com", true }, { "testpornsite.com", true }, { "testsuite.org", true }, { "testuje.net", true }, { "tetedelacourse.ch", true }, { "teto.nu", true }, + { "tetraetc.com", true }, { "tetraktus.org", true }, - { "tetrarch.co", true }, { "tetsugakunomichi.jp", true }, { "tetsumaki.net", true }, { "teufel.dk", true }, @@ -33446,6 +34113,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tgbyte.de", true }, { "tgexport.eu", true }, { "tgmkanis.com", true }, + { "tgtv.tn", true }, { "tgui.eu", true }, { "tgui.net", true }, { "tgw.com", true }, @@ -33460,11 +34128,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thailandpharmacy.net", true }, { "thairehabassociation.com", true }, { "thajskyraj.com", true }, - { "thala.fr", false }, + { "thala.fr", true }, { "thalan.fr", true }, { "thalgott.net", true }, { "thalhammer.it", true }, { "thalia.nu", true }, + { "thaliagetaway.com.au", true }, { "thallinger.me", true }, { "thamesfamilydentistry.com", true }, { "thanabh.at", true }, @@ -33472,8 +34141,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thanhthinhbui.com", true }, { "thatdarkplace.com", true }, { "thatquiz.org", true }, + { "thatsme.io", true }, { "thca.ca", true }, { "thcpbees.co.uk", true }, + { "the-bermanns.com", true }, { "the-body-shop.hu", false }, { "the-fermenter.com", true }, { "the-gdn.net", true }, @@ -33482,6 +34153,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "the-nash-education-program.com", true }, { "the-pcca.org", true }, { "the-webmaster.com", true }, + { "the-woods.org.uk", true }, + { "the-zenti.de", true }, { "the2f.de", true }, { "the3musketeers.biz", true }, { "theactuary.ninja", true }, @@ -33493,16 +34166,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thebakers.com.br", true }, { "thebakery2go.de", true }, { "thebannerstore.com", true }, + { "thebarrens.nu", true }, { "thebasebk.org", true }, { "thebcm.co.uk", true }, { "thebest.ch", true }, { "thebestfun.co.uk", true }, + { "thebestpersonin.ml", true }, { "thebestsavingsplan.com", true }, { "thebigbitch.nl", true }, { "thebigdatacompany.com", true }, { "thebigwave.de", true }, { "thebikeinsurer.co.uk", true }, { "thebimhub.com", true }, + { "thebinarys.com", true }, { "thebirthdaysite.co.uk", true }, { "thebit.link", true }, { "theblackknightsings.com", true }, @@ -33515,18 +34191,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thebreakroom.org", true }, { "thebrightons.co.uk", true }, { "thebrightons.uk", true }, + { "thebulletin.io", true }, { "thebusinessofgoodfilm.com", true }, { "thecamels.org", true }, { "thecameradivision.com", true }, - { "thecandidforum.com", true }, { "thecarolingconnection.com", true }, { "thecellulitediet.com", true }, { "thecherryship.ch", true }, { "thechunk.net", true }, { "theciderlink.com.au", true }, - { "thecitizens.com", true }, { "thecitywarehouse.clothing", true }, - { "thecloudmigrator.com", true }, { "thecloudshelter.com", true }, { "thecoffeecamp.com", true }, { "thecoffeesuperstore.com", true }, @@ -33534,6 +34208,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thecompany.pl", true }, { "theconcordbridge.azurewebsites.net", true }, { "thecondobuyers.com", true }, + { "thecookiejar.me", true }, { "thecozycastle.com", true }, { "thecrazytravel.com", true }, { "thecrew-exchange.com", true }, @@ -33543,13 +34218,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thecuriousdev.com", true }, { "thecurvyfashionista.com", true }, { "thecustomdroid.com", true }, - { "thecustomizewindows.com", true }, { "thedark1337.com", true }, { "thedebug.life", true }, { "thederminstitute.com", true }, { "thediaryofadam.com", true }, + { "thedisc.nl", true }, { "thediscovine.com", true }, { "thedocumentrefinery.com", true }, + { "thedom.site", true }, { "thedreamtravelgroup.co.uk", true }, { "thedronechart.com", true }, { "thedutchmarketers.com", true }, @@ -33557,23 +34233,24 @@ static const nsSTSPreload kSTSPreloadList[] = { { "theeducationchannel.info", true }, { "theeducationdirectory.org", true }, { "theeighthbit.com", true }, - { "theel0ja.info", true }, { "theel0ja.ovh", true }, { "theemasphere.com", true }, + { "thefairieswantmedead.com", true }, { "thefanimatrix.net", true }, { "thefasterweb.com", true }, { "thefbstalker.com", true }, { "thefengshuioffice.com", true }, { "theferrarista.com", true }, { "theflowerbasketonline.com", true }, + { "theflowershopdeddington.com", true }, { "theflyingbear.net", true }, { "thefnafarchive.org", true }, - { "thefox.com.fr", true }, + { "thefourthmoira.com", true }, { "thefrk.pw", true }, + { "thefuckingtide.com", true }, { "thefunfirm.co.uk", true }, { "thefurnitureco.uk", true }, { "thegarrowcompany.com", true }, - { "thegcccoin.com", true }, { "thegeekdiary.com", true }, { "thegioinano.com", true }, { "thegrape.ro", true }, @@ -33582,7 +34259,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thegreenfields.se", true }, { "thegreenmanpottery.com", true }, { "thegreenpark.co.uk", true }, - { "thegreens.us", true }, + { "thegrs.com", true }, { "theguitarcompany.nl", true }, { "thegvoffice.net", true }, { "thegym.org", true }, @@ -33590,12 +34267,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thehairrepublic.net", true }, { "thehairstandard.com", true }, { "thehaxbys.co.uk", true }, - { "thehiddenbay.fi", true }, { "thehiddenbay.info", true }, - { "thehiddenbay.ws", true }, { "thehivedesign.org", true }, { "thehomeicreate.com", true }, { "thehookup.be", true }, + { "thehoryzon.com", true }, + { "thehotfix.net", true }, { "thehotness.tech", true }, { "thehouseofgod.org.nz", true }, { "thehowtohome.com", true }, @@ -33616,6 +34293,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thelaimlife.com", true }, { "thelanscape.com", true }, { "thelastsurprise.com", true }, + { "thelatedcult.com", true }, + { "thelearningenterprise.co.uk", true }, { "thelegionshirley.co.uk", true }, { "thelinuxtree.net", true }, { "thelittlecraft.com", true }, @@ -33625,7 +34304,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "themacoaching.nl", true }, { "themallards.info", true }, { "themarshallproject.org", true }, - { "themeaudit.com", true }, + { "themaster.site", true }, { "themecraft.studio", true }, { "themefoxx.com", true }, { "themetacity.com", true }, @@ -33633,6 +34312,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "themillerslive.com", true }, { "themimitoof.fr", true }, { "themist.cz", true }, + { "themobilestuffs.com", true }, { "themoep.at", true }, { "themoneyconverter.com", true }, { "themonkeytrail.co.uk", true }, @@ -33644,7 +34324,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thenarcissisticlife.com", true }, { "thenexwork.com", true }, { "thenib.com", true }, - { "thenichecast.com", true }, { "thenocman.com", true }, { "thenovaclinic.com", true }, { "thenowheremen.com", true }, @@ -33669,6 +34348,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thepaulagcompany.com", true }, { "thepaymentscompany.com", true }, { "thepb.in", true }, + { "thepeninsulaires.com", true }, { "thephonecaseplace.com", true }, { "thephp.cc", true }, { "thepiabo.ovh", true }, @@ -33679,9 +34359,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "theplaydaysbus.co.uk", true }, { "theplayspot.co.uk", true }, { "theploughharborne.co.uk", true }, + { "thepoplarswines.com.au", true }, { "thepostoffice.ro", true }, { "thepriorybandbsyresham.co.uk", true }, + { "theproductpoet.com", true }, { "thepromisemusic.com", true }, + { "thepurem.com", true }, + { "thepythianseed.com", true }, { "theragran.co.id", true }, { "theralino.de", true }, { "theramo.re", true }, @@ -33691,25 +34375,26 @@ static const nsSTSPreload kSTSPreloadList[] = { { "therapysxm.com", true }, { "therealcost.gov", true }, { "thereaper.net.au", true }, + { "thereisnocloud.fr", true }, + { "therepublicofliverpool.com", true }, { "theresa-mayer.eu", true }, { "therevenge.me", true }, { "therewill.be", true }, { "thermalbad-therme.de", true }, { "thermity.com", true }, { "thermolamina.nl", true }, - { "theroamingnotary.com", true }, { "theroks.com", true }, { "theroyalmarinescharity.org.uk", true }, + { "therugswarehouse.co.uk", true }, { "theruizes.com", true }, { "theruleslawyer.net", true }, { "therumfordcitizen.com", true }, { "thesalonthing.com", false }, - { "thesassynut.com", true }, { "thesaturdaypaper.com.au", true }, { "thesaurus.net", true }, { "theschool.jp", true }, { "thescientists.nl", true }, - { "thesecondsposts.com", true }, + { "thesecondsposts.com", false }, { "theseed.io", true }, { "theseedbox.xyz", true }, { "theseletarmall.com", true }, @@ -33732,10 +34417,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thesmokingcuban.com", true }, { "thesocialmediacentral.com", true }, { "thesplashlab.com", true }, + { "thesslstore.com", true }, { "thestationatwillowgrove.com", true }, { "thesteins.org", false }, { "thestoneage.de", true }, - { "thestoritplace.com", true }, { "thestory.ie", true }, { "thestoryshack.com", true }, { "thestral.pro", true }, @@ -33747,10 +34432,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "theswissbay.ch", true }, { "thetechnical.me", true }, { "thetenscrolls.com", true }, + { "thethreepercent.marketing", true }, { "thetomharling.com", true }, + { "thetradinghall.com", true }, { "thetree.ro", true }, { "thetrendspotter.net", true }, { "thetuxkeeper.de", false }, + { "thetvtraveler.com", true }, { "theunitedstates.io", true }, { "thevacweb.com", true }, { "thevalentineconstitution.com", true }, @@ -33760,6 +34448,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thewaxhouse.academy", true }, { "thewaxhouse.de", true }, { "thewaxhouse.shop", true }, + { "thewebdexter.com", true }, { "thewebflash.com", true }, { "thewebsitedoctors.co.uk", true }, { "thewebsitemarketingagency.com", true }, @@ -33769,6 +34458,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thewinstonatlyndhurst.com", true }, { "thewoodkid.com.au", true }, { "thewoolroom.com.au", true }, + { "theworldexchange.com", true }, + { "theworldexchange.net", true }, + { "theworldexchange.org", true }, { "theworldsend.eu", true }, { "thexfactorgames.com", true }, { "thexme.de", true }, @@ -33777,10 +34469,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "theyear199x.org", true }, { "theyearinpictures.co.uk", true }, { "theyosh.nl", true }, + { "thezero.org", true }, { "thezillersathenshotel.com", true }, { "thiagohersan.com", true }, { "thibaultwalle.com", true }, - { "thibautcharles.net", true }, { "thienteakee.com", true }, { "thiepcuoidep.com", true }, { "thiepxinh.net", true }, @@ -33801,21 +34493,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thinkingandcomputing.com", true }, { "thinkingliberty.com", true }, { "thinkingplanet.net", true }, - { "thinklikeanentrepreneur.com", true }, { "thinkmarketing.ca", true }, { "thinkquality.nl", true }, { "thinkrealty.com", true }, { "thinktux.net", true }, { "thirdbearsolutions.com", true }, { "thirdworld.moe", true }, - { "thirtyspot.com", true }, { "thiry-automobiles.net", true }, { "thisbrownman.com", true }, { "thiscloudiscrap.com", false }, { "thiscode.works", true }, { "thisdot.site", true }, { "thisfreelife.gov", true }, + { "thisisgrey.com", true }, { "thisishugo.com", true }, + { "thisisthefinalact.com", true }, { "thisistheserver.com", true }, { "thisiswhywemom.com", true }, { "thismatter.com", true }, @@ -33833,12 +34525,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thomas-suchon.fr", true }, { "thomas.love", false }, { "thomasbeckers.be", true }, + { "thomasbreads.com", false }, + { "thomasduerlund.com", true }, { "thomasduerlund.dk", true }, + { "thomasetsophie.fr", true }, { "thomaseyck.com", true }, { "thomasfoster.co", true }, - { "thomasgriffin.io", true }, { "thomashunter.name", false }, { "thomasmcfly.com", true }, + { "thomasmeester.nl", false }, + { "thomasmerritt.de", true }, { "thomassen.sh", false }, { "thomasstevensmusic.com", true }, { "thomastimepieces.com.au", true }, @@ -33852,6 +34548,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thor.edu", true }, { "thor.re", true }, { "thoroquel.org", true }, + { "thoroughbreddiesel.com", true }, { "thorsten-schaefer.com", true }, { "thorstenschaefer.name", true }, { "thosci.com", true }, @@ -33893,11 +34590,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thunderkeys.net", true }, { "thundr.eu", true }, { "thunraz.com", true }, - { "thusoy.com", false }, + { "thusoy.com", true }, { "thuthuatios.com", true }, { "thuviensoft.com", true }, { "thuviensoft.net", true }, - { "thuybich.com", false }, { "thw-bernburg.de", true }, { "thxandbye.de", true }, { "thycotic.ru", true }, @@ -33906,7 +34602,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thzone.net", true }, { "ti-pla.net", true }, { "ti-planet.org", true }, - { "tiacollection.com", true }, { "tiagonunes.pt", true }, { "tiaki.org", true }, { "tianeptine.com", true }, @@ -33915,14 +34610,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tibipg.com", true }, { "tibovanheule.space", true }, { "ticfleet.com", true }, + { "tichieru.pw", true }, { "ticketassist.nl", true }, { "ticketluck.com", true }, { "ticketmates.com.au", true }, + { "ticketmaze.com", true }, { "ticketpro.ca", true }, + { "ticketrunway.com", true }, { "ticketslover.com", true }, { "ticketsmate.com", true }, { "ticketsource.co.uk", true }, { "ticketsource.eu", true }, + { "ticketsource.io", true }, { "ticketsource.us", true }, { "ticketsourcebeta.co.uk", true }, { "ticketsvergleichen.de", true }, @@ -33930,14 +34629,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tid.jp", true }, { "tidycustoms.net", true }, { "tielectric.ch", true }, - { "tiendafetichista.com", true }, { "tiendavertigo.com", true }, { "tiens-ib.cz", true }, { "tier-1-entrepreneur.com", true }, { "tierarztpraxis-bogenhausen.de", true }, - { "tierarztpraxis-illerwinkel.de", true }, { "tierarztpraxis-weinert.de", true }, { "tiernanx.com", true }, + { "tierraprohibida.net", true }, { "ties.com", true }, { "tiew.pl", true }, { "tifan.net", true }, @@ -33965,13 +34663,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tiliaze.eu", true }, { "tiliaze.info", true }, { "tiliaze.net", true }, + { "tilikum.io", true }, { "till.im", true }, { "tillberg.us", true }, { "tilleysbouncycastles.co.uk", true }, { "tillseasyscore.com", true }, + { "tilosp.de", true }, + { "tilta.com", true }, { "tiltedwindmillcrafts.com", true }, { "timbarlotta.com", true }, { "timberkel.com", true }, + { "timbers.space", true }, { "timbishopartist.com", true }, { "timbrust.de", true }, { "timco.cloud", true }, @@ -33992,22 +34694,23 @@ static const nsSTSPreload kSTSPreloadList[] = { { "timetotrade.com", true }, { "timewasters.nl", true }, { "timfiedler.net", true }, + { "timhieuthuoc.com", true }, { "timing.com.br", true }, { "timjk.de", true }, - { "timklefisch.de", true }, { "timmersgems.com", true }, - { "timmy.im", true }, { "timmyrs.de", true }, { "timnash.co.uk", true }, { "timonengelke.de", true }, { "timoso.de", true }, { "timothybjacobs.com", true }, { "timoxbrow.com", true }, + { "timsayedmd.com", true }, { "timtaubert.de", true }, { "timtelfer.com", true }, { "timtj.ca", true }, { "timvivian.ca", true }, { "timweb.ca", true }, + { "tina.media", true }, { "tinastahlschmidt.de", true }, { "tindallriley.co.uk", true }, { "tinf15b4.de", true }, @@ -34035,6 +34738,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tioat.net", true }, { "tipaki.gr", true }, { "tipbox.is", true }, + { "tipe.io", false }, { "tiplanet.org", true }, { "tipoftheday.tips", true }, { "tippytoad.com", true }, @@ -34047,10 +34751,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tirlins.com", true }, { "tiroler-kupferschmiede.com", true }, { "tirs4ne.ch", true }, + { "tis.ph", true }, { "tischlerei-klettke.de", true }, - { "tism.in", true }, { "tissot-mayenfisch.com", true }, { "tit-cdn.de", true }, + { "tit-dev.de", true }, { "tit-dns.de", true }, { "tit-mail.de", true }, { "tit.systems", true }, @@ -34068,7 +34773,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tiwag.at", true }, { "tixeconsulting.com", true }, { "tjampoer.com", true }, - { "tjandpals.com", true }, { "tjenestetorvet.dk", true }, { "tjkcastles.uk", true }, { "tjl.rocks", true }, @@ -34085,6 +34789,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tkn.tokyo", true }, { "tkusano.jp", true }, { "tkw01536.de", false }, + { "tl.gg", true }, { "tlca.org", true }, { "tlcnet.info", true }, { "tlehseasyads.com", true }, @@ -34099,13 +34804,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tlthings.net", true }, { "tlumaczenie.com", true }, { "tlys.de", true }, + { "tmakiguchi.org", true }, { "tmberg.cf", true }, { "tmberg.ga", true }, { "tmberg.gq", true }, { "tmberg.ml", true }, { "tmberg.tk", true }, { "tmc.com.mt", true }, - { "tmconnects.com", true }, { "tmcpromotions.co.uk", true }, { "tmcreationweb.com", true }, { "tmdb.biz", true }, @@ -34126,10 +34831,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tnl.cloud", true }, { "tntmobi.com", true }, { "tny.link", true }, - { "to2mbn.org", true }, + { "toabsentfamily.com", true }, { "toad.ga", true }, { "toast.al", false }, + { "tob-rulez.de", true }, { "tobacco.gov", true }, + { "tobaccolocker.com", true }, { "tobedo.net", true }, { "tober-cpag.de", true }, { "tobi-mayer.de", true }, @@ -34146,9 +34853,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tobiasconradi.com", true }, { "tobiashorvath.com", true }, { "tobiashorvath.de", true }, + { "tobiaskorf.de", true }, { "tobiaspahlings.de", true }, { "tobiassachs.de", true }, { "tobiassattler.com", true }, + { "tobiaswiese.com", true }, { "tobiemilford.com", true }, { "tobis-rundfluege.de", true }, { "tobis-webservice.de", true }, @@ -34184,16 +34893,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tofu.cf", true }, { "togech.jp", true }, { "togetter.com", true }, - { "toheb.de", true }, + { "toheb.de", false }, { "tohokinemakan.tk", true }, - { "tohokufd.com", true }, { "tokaido-kun.jp", true }, { "tokaido.com", true }, { "tokainafb.net", true }, { "tokainakurasi.net", true }, { "tokbijouxs.com.br", true }, + { "tokenmarket.net", true }, { "tokens.net", true }, - { "tokfun.com", true }, { "tokic.hr", true }, { "tokinoha.net", true }, { "tokio.fi", true }, @@ -34219,8 +34927,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tom-kunze.de", true }, { "tom-maxwell.com", true }, { "tom.horse", true }, + { "tom.je", true }, { "tomabrafix.de", true }, - { "tomandshirley.com", true }, + { "tomahawk.ca", true }, + { "tomandmara.com", true }, { "tomarns.nl", true }, { "tomasjacik.cz", true }, { "tomaskavalek.cz", true }, @@ -34251,13 +34961,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tomjonsson.se", true }, { "tomkunze.de", true }, { "tomkwok.com", true }, - { "tomli.blog", true }, { "tomlowenthal.com", true }, { "tomm.yt", true }, { "tommic.eu", true }, { "tomnatt.com", true }, { "tomo.gr", false }, - { "tomochun.net", true }, { "tomosm.net", true }, { "tomoyaf.com", true }, { "tomravinmd.com", true }, @@ -34266,6 +34974,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "toms.ovh", true }, { "tomschlick.com", true }, { "tomsdevsn.me", true }, + { "tomspdblog.com", true }, { "tomssl.com", true }, { "tomticket.com", true }, { "tomudding.com", true }, @@ -34275,7 +34984,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tomwassenberg.nl", true }, { "tomwiggers.nl", false }, { "tomwilson.io", true }, - { "tomy.icu", true }, { "tomyork.net", true }, { "tonabor.ru", true }, { "tonage.de", true }, @@ -34304,7 +35012,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tonkinson.com", true }, { "tonkinwilsonvillenissanparts.com", true }, { "tonnycat.com", true }, - { "tono.us", true }, { "tonsit.com", true }, { "tonsit.org", true }, { "tontonnews.net", true }, @@ -34328,14 +35035,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "toool.nl", true }, { "toool.org", true }, { "tooolroc.org", false }, + { "toot.center", true }, { "toothdoc.ca", true }, { "tooti.biz", true }, { "top-esb.com", true }, { "top-obaly.cz", true }, { "top-opakowania.pl", true }, + { "top-solar-info.de", true }, { "top9.fr", true }, { "topaxi.ch", true }, { "topaxi.codes", true }, + { "topbigdeals.com", true }, { "topbounce.com", true }, { "topbouncycastles.co.uk", true }, { "topbrakes.com", true }, @@ -34351,28 +35061,28 @@ static const nsSTSPreload kSTSPreloadList[] = { { "topicit.net", true }, { "topirishcasinos.com", true }, { "topjobs.ch", true }, + { "toplist.cz", true }, { "toplist.eu", true }, { "topnotepad.com", true }, { "topodin.com", true }, { "toponlinecasinosites.co.uk", true }, { "topprice.ua", true }, + { "topsailtechnologies.com", true }, { "topservercccam.tv", true }, { "topshelfcommercial.com", true }, - { "topshoptools.com", true }, { "topsteaks-daun.de", true }, { "toptec.net.br", true }, { "toptexture.com", true }, { "toptheto.com", true }, { "topvertimai.lt", true }, - { "topwin.la", true }, { "topwindowcleaners.co.uk", true }, { "topworktops.co.uk", true }, { "toracon.org", true }, { "torahanytime.com", true }, - { "torbe.es", true }, { "torchantifa.org", true }, { "toreni.us", true }, { "toretame.jp", true }, + { "torg-room.ru", true }, { "torkware.com", true }, { "tormakristof.eu", true }, { "tormentedradio.com", false }, @@ -34397,7 +35107,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tortoises-turtles.com", true }, { "tortugan.com.br", true }, { "tosainu.com.br", true }, - { "toscer.me", false }, { "toschool.com.br", true }, { "toshen.com", true }, { "toshkov.com", true }, @@ -34425,7 +35134,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "touch.facebook.com", false }, { "touch.mail.ru", true }, { "touchoflife.in", true }, - { "touchscreentills.com", true }, { "touchtable.nl", true }, { "touchweb.fr", true }, { "touchwoodtrees.com.au", true }, @@ -34456,13 +35164,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tovare.com", true }, { "toverland-tickets.nl", true }, { "tovp.org", true }, + { "towandalibrary.org", true }, { "townandcountryus.com", true }, { "townhousedevelopments.com.au", true }, { "townhouseregister.com.au", true }, { "townofbridgewater.ca", true }, { "towsonroofers.com", true }, { "towywebdesigns.uk", true }, - { "tox.im", true }, { "tox21.gov", false }, { "toymagazine.com.br", true }, { "toyota-kinenkan.com", true }, @@ -34471,6 +35179,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tp-kabushiki.com", true }, { "tp-kyouyufudousan.com", true }, { "tp-law.jp", true }, + { "tpansino.com", true }, { "tpbproxy.co", true }, { "tpci.biz", true }, { "tpidg.us", true }, @@ -34482,7 +35191,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tr.search.yahoo.com", false }, { "tr0n.net", true }, { "traas.org", true }, - { "trabajarenperu.com", true }, { "trabajarenremoto.com", true }, { "trabbel.org", true }, { "tracalada.cl", true }, @@ -34494,14 +35202,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "traceroute.link", true }, { "traceroute.network", true }, { "traces.ml", true }, - { "tracewind.top", true }, { "tracfinancialservices.com", true }, { "tracinsurance.com", true }, { "trackchair.com", true }, { "trackdomains.com", true }, { "trackersimulator.org", true }, { "trackeye.dk", true }, - { "trackmeet.io", true }, + { "trackingstream.com", true }, { "trackrecordpro.co.uk", true }, { "tracksa.com.ar", true }, { "trackyourlogs.com", true }, @@ -34521,7 +35228,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "traditions.nl", true }, { "traditionskapperscollege.nl", true }, { "traditionsvivantesenimages.ch", true }, - { "tradiz.org", false }, { "trafarm.ro", true }, { "trafas.nl", true }, { "traffic.az", true }, @@ -34536,28 +35242,25 @@ static const nsSTSPreload kSTSPreloadList[] = { { "trailforks.com", true }, { "trainex.org", true }, { "trainhornforums.com", true }, - { "trainhorns.us", true }, { "trainiac.com.au", true }, { "trainings-handschuhe-test.de", true }, - { "trainline.at", true }, - { "trainline.cn", true }, - { "trainline.com.br", true }, - { "trainline.com.pt", true }, - { "trainline.cz", true }, { "trainline.de", true }, - { "trainline.dk", true }, { "trainline.es", true }, { "trainline.eu", true }, { "trainline.fr", true }, { "trainline.it", true }, - { "trainline.nl", true }, - { "trainline.no", true }, - { "trainline.pl", true }, - { "trainline.se", true }, + { "trainmagazine.be", true }, + { "trainmagazine.de", true }, + { "trainmagazine.nl", true }, + { "trainplaza.be", true }, + { "trainplaza.net", true }, + { "trainplaza.nl", true }, { "trainsgoodplanesbad.com", true }, { "traista.ru", true }, { "traiteurpapillonevents.be", true }, { "trajano.net", true }, + { "trajectfoto.nl", true }, + { "trajectvideo.nl", true }, { "tran.pw", true }, { "trance-heal.com", true }, { "trance-heal.de", true }, @@ -34569,6 +35272,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "trangcongnghe.com", true }, { "trangell.com", true }, { "tranglenull.xyz", true }, + { "tranhsondau.net", false }, { "transacid.de", true }, { "transappealrights.com", true }, { "transcend.org", true }, @@ -34586,7 +35290,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "transformations-magazin.com", true }, { "transgendergedenkdag.nl", true }, { "transgenderinfo.nl", true }, - { "transgendernetwerk.nl", true }, { "transgendernetwerk.org", true }, { "transglobaltravel.com", true }, { "transhumanism.co.uk", true }, @@ -34595,6 +35298,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "transhumanist.net", true }, { "transhumanist.org", true }, { "transhumanist.uk", true }, + { "transitmoe.io", true }, { "transitownplaza.com", true }, { "transitpoint.us", true }, { "translate-polish.com", true }, @@ -34606,18 +35310,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "transmarttouring.com", true }, { "transmisjeonline.pl", true }, { "transnexus.com", true }, + { "transoil.co.uk", true }, { "transparentcorp.com", true }, { "transport.eu", true }, { "transporta.it", true }, { "transporterlock.com", true }, { "transverify.com", true }, + { "trappednerve.org", true }, { "trashnothing.com", true }, { "trashwagon.club", true }, { "traslocare.roma.it", true }, { "traslochi-trasporti-facchinaggio.it", true }, { "trasloco.milano.it", true }, - { "tratamentoparacelulite.biz", true }, - { "tratamentoparacelulite.net", true }, { "trattamenti.biz", true }, { "trattamento-cotto.it", true }, { "trauer-beileid.de", true }, @@ -34630,8 +35334,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "travel365.it", true }, { "travelarmenia.org", true }, { "traveling-thailand.info", true }, + { "travelinsurance.co.nz", true }, { "travellers.dating", true }, - { "travelling.expert", true }, { "travellovers.fr", true }, { "travelmyth.ie", true }, { "travelogue.jp", true }, @@ -34657,6 +35361,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "trefcon.cz", true }, { "trefpuntdemeent.nl", true }, { "treinaweb.com.br", false }, + { "treinmagazine.be", true }, + { "treinmagazine.nl", true }, { "treinonerd.com", true }, { "trek-planet.ru", true }, { "trekfriend.com", true }, @@ -34666,12 +35372,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "trendkraft.de", true }, { "trendykids.cz", true }, { "trenta.io", true }, - { "trentmaydew.com", true }, { "tresorit.com", true }, { "tresorsecurity.com", true }, { "tretail.net", true }, - { "tretkowski.de", true }, - { "trewe.eu", true }, + { "trevsanders.co.uk", true }, { "trezy.me", true }, { "trezy.net", true }, { "trhastane.com", true }, @@ -34685,6 +35389,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "trianon.xyz", true }, { "tribac.de", true }, { "tribaldos.com", true }, + { "tribe.rs", true }, + { "tribetrails.com", true }, { "tribly.de", true }, { "tribut.de", true }, { "tributh.cf", true }, @@ -34731,7 +35437,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "trollingeffects.org", true }, { "trollmoa.se", true }, { "trollope-apollo.com", true }, - { "trollscave.xyz", true }, { "trommelwirbel.com", true }, { "tronatic-studio.com", true }, { "trondelan.no", true }, @@ -34744,6 +35449,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "trouweninoverijssel.nl", true }, { "trovaprezzi.it", true }, { "troyfawkes.com", true }, + { "troyhunt.com", true }, { "troyhuntsucks.com", true }, { "troykelly.com", true }, { "trpg.wiki", true }, @@ -34751,10 +35457,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "trtltravel.com", true }, { "trtruijens.com", true }, { "tru.ltd", true }, + { "trucchibellezza.com", true }, { "trucchibellezza.it", true }, { "truckersmp.com", true }, { "truckerswereld.nl", false }, - { "truckgpsreviews.com", true }, { "truckstop-magazin.de", false }, { "true-itk.de", true }, { "trueblueessentials.com", true }, @@ -34773,7 +35479,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "trulance.com", true }, { "truly-madly-happiness.de", true }, { "trumanlibrary.org", true }, - { "trumeet.top", true }, + { "truncus-encephali.co.uk", true }, { "trunk-show.net", true }, { "truong.fi", true }, { "truqu.com", true }, @@ -34788,7 +35494,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "truvisory.com", true }, { "trw-reseller.com", true }, { "try2admin.pw", true }, - { "try2services.cm", true }, { "trybabyschoice.com", true }, { "trybooking.com", true }, { "tryfabulousskincream.com", true }, @@ -34799,15 +35504,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tryndraze.com", true }, { "trynta.com", true }, { "trynta.net", true }, - { "tryretool.com", true }, + { "tryretool.com", false }, { "tryupdates.com", true }, { "trywesayyes.com", true }, { "trzepak.pl", true }, { "ts-publishers.com", true }, { "ts3-dns.com", true }, { "ts3-dns.net", false }, + { "ts3-legenda.tech", true }, { "tsa-sucks.com", true }, { "tsab.moe", true }, + { "tsai.com.de", true }, { "tsatestprep.com", true }, { "tschuermans.be", true }, { "tscqmalawi.info", true }, @@ -34819,7 +35526,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tsng.co.jp", true }, { "tss.am", true }, { "tstrubberstamp.com", false }, - { "tsu-ku-ro.com", true }, { "tsugi.fr", true }, { "tsukhani.com", true }, { "tsuki.moe", true }, @@ -34836,8 +35542,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ttcaarberg.ch", true }, { "ttcf.ca", true }, { "ttchan.org", true }, + { "ttclub.fr", true }, { "ttdsevaonline.com", true }, { "ttll.de", true }, + { "ttrade.ga", true }, { "ttsoft.pl", true }, { "ttspttsp.com", true }, { "ttsweb.org", true }, @@ -34863,16 +35571,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tudiennhakhoa.com", true }, { "tudorproject.org", true }, { "tufashionista.com", true }, - { "tufilo.com", true }, - { "tugers.com", true }, + { "tuffclassified.com", true }, + { "tuffsruffs.se", true }, { "tuincentersnaet.be", true }, + { "tuingereedschappen.net", false }, { "tuitle.com", true }, - { "tulenceria.es", true }, { "tumagiri.net", true }, { "tumblenfun.com", true }, { "tumedico.es", true }, { "tumelum.de", true }, { "tumutanzi.com", true }, + { "tunai.id", true }, { "tunaut.com", true }, { "tune-web.de", true }, { "tunefish-entertainment.de", true }, @@ -34886,6 +35595,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tunnelwatch.com", true }, { "tuntitili.fi", true }, { "tuotteet.org", true }, + { "tuou.xyz", true }, { "tupa-germania.ru", true }, { "tupeuxpastest.ch", true }, { "tuppenceworth.ie", true }, @@ -34893,7 +35603,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "turdnagel.com", true }, { "turigum.com", true }, { "turkish.dating", true }, - { "turkrock.com", true }, + { "turl.pl", true }, { "turnaroundforum.de", true }, { "turncircles.com", true }, { "turnoffthelights.com", true }, @@ -34905,10 +35615,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "turtlepwr.com", true }, { "turunculevye.com", true }, { "tuscanyleather.it", true }, + { "tusi.co", true }, { "tusksol.com", true }, { "tutanota.com", true }, - { "tutiendaroja.com", true }, - { "tutiendarosa.com", true }, { "tuto-craft.com", true }, { "tutoragency.org", true }, { "tutorat-tect.org", true }, @@ -34936,7 +35645,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tvcal.net", true }, { "tvcmarketing.com", true }, { "tver-msk.ru", true }, - { "tverdohleb.com", true }, { "tverskaya-outlet.ru", true }, { "tvhshop.be", true }, { "tvipper.com", true }, @@ -34956,19 +35664,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tweakers.net", true }, { "tweakersbadge.nl", true }, { "tweaktown.com", true }, - { "twelve.rocks", true }, + { "tweetfinity.com", true }, + { "tweetfinityapp.com", true }, { "twem.ddns.net", true }, { "twenty71.com", true }, { "twentymilliseconds.com", true }, { "twilleys.com", true }, { "twincitynissantxparts.com", true }, + { "twinkseason.com", true }, { "twinztech.com", true }, { "twisata.com", true }, { "twistapp.com", true }, { "twistdevelopment.co.uk", true }, - { "twisted-brains.org", true }, { "twistedwave.com", true }, { "twisto.cz", true }, + { "twisto.pl", true }, + { "twistopay.com", true }, { "twit-guide.com", true }, { "twitchplaysleaderboard.info", true }, { "twittelzie.nl", true }, @@ -34982,7 +35693,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "twohuo.com", true }, { "twojfaktum.pl", true }, { "twolanedesign.com", true }, - { "twoo.com", true }, { "twopif.net", true }, { "tworaz.net", true }, { "twun.io", true }, @@ -35000,21 +35710,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tyler.rs", true }, { "tylerdavies.net", true }, { "tylerfreedman.com", true }, + { "tylerharcourt.net", true }, { "tyleromeara.com", true }, { "tylerschmidtke.com", true }, { "typcn.com", true }, - { "type1joe.com", true }, - { "type1joe.net", true }, - { "type1joe.org", true }, { "typeblog.net", true }, { "typecodes.com", true }, { "typehub.net", true }, { "typeof.pw", true }, - { "typeonejoe.com", true }, - { "typeonejoe.net", true }, - { "typeonejoe.org", true }, { "typeria.net", true }, { "typewolf.com", true }, + { "typewritten.net", true }, { "typing.com", true }, { "typist.tech", true }, { "typo3.com", true }, @@ -35025,9 +35731,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tyroremotes.nl", true }, { "tyroremotes.no", true }, { "tysox.de", true }, - { "tyuo-keibi.co.jp", true }, + { "tz56789.com", true }, + { "tzermias.gr", true }, { "tzifas.com", true }, { "u-metals.com", true }, + { "u-tokyo.club", true }, { "u.nu", true }, { "u0010.com", true }, { "u0020.com", true }, @@ -35051,6 +35759,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "uangteman.com", true }, { "uasmi.com", true }, { "uat-activesg.com", true }, + { "uatgootax.ru", false }, { "ub3rk1tten.com", false }, { "ubanquity.com", true }, { "uberbkk.com", true }, @@ -35068,41 +35777,39 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ublaboo.org", true }, { "uborcare.com", true }, { "ubun.net", true }, - { "uc.ac.id", true }, { "ucac.nz", false }, { "ucangiller.com", true }, { "ucch.be", true }, { "ucfirst.nl", true }, { "uchargeapp.com", true }, - { "uclanmasterplan.co.uk", true }, + { "uclf.de", true }, { "uclip.club", true }, { "ucppe.org", true }, { "ucrdatatool.gov", true }, { "uctarna.online", true }, - { "udbhav.me", true }, + { "udancy.com", true }, { "uddi.ng", true }, { "udo-luetkemeier.de", true }, { "udomain.net", true }, { "udp.sh", false }, + { "udruga-point.hr", true }, { "udvoukocek.eu", true }, { "ueberdosis.io", true }, { "ueberwachungspaket.at", true }, { "uedaviolin.com", true }, { "uel-thompson-okanagan.ca", true }, { "ueni.com", true }, - { "uerdingen.info", true }, { "uex.im", true }, { "ufanisi.mx", true }, { "ufindme.at", true }, - { "ufo.moe", true }, { "ufplanets.com", true }, { "uggedal.com", true }, { "ugx-mods.com", true }, { "uhappy30.com", true }, { "uhasseltodin.be", true }, { "uhc.gg", true }, - { "uhlhosting.ch", true }, { "uhrenlux.de", true }, + { "uhssl.com", true }, { "uhurl.net", true }, { "ui8.net", true }, { "uiberlay.cz", true }, @@ -35133,6 +35840,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ulabox.com", true }, { "uldsh.de", true }, { "ulen.me", true }, + { "ulgc.cz", true }, { "uli-eckhardt.de", true }, { "ullah.se", true }, { "ulmer-schneesport.de", true }, @@ -35149,17 +35857,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ultratech.software", true }, { "ultratechlp.com", true }, { "umanityracing.com", true }, - { "umassfive.coop", true }, { "umbricht.li", true }, { "umbriel.fr", true }, { "umenlisam.com", true }, { "umisonoda.com", true }, { "umkmjogja.com", true }, + { "umsapi.com", true }, { "umsolugar.com.br", true }, { "umwandeln-online.de", true }, { "un-framed.co.za", true }, { "un-zero-un.fr", true }, { "un.fo", true }, + { "unapolegetic.co", true }, { "unapp.me", true }, { "unatco.noip.me", true }, { "unausa.com.br", true }, @@ -35178,9 +35887,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "unblocked.pl", true }, { "unblocked.pro", true }, { "unblocked.pub", true }, - { "unblocked.sh", true }, { "unblocked.uno", true }, - { "unblocked.vc", true }, { "unblocked.vet", true }, { "unblocked.vip", true }, { "unblockweb.co", true }, @@ -35190,15 +35897,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "unccelearn.org", true }, { "uncensoreddns.dk", true }, { "uncensoreddns.org", true }, - { "undeadbrains.de", true }, { "undecidable.de", true }, { "undeductive.media", true }, { "underbridgeleisure.co.uk", true }, { "undercovercondoms.co.uk", true }, - { "undercovercondoms.com", true }, { "underfloorheating-uk.co.uk", true }, { "underlined.fr", true }, { "undernet.uy", false }, + { "underskatten.tk", true }, { "underwearoffer.com", true }, { "undo.co.il", true }, { "undone.me", true }, @@ -35226,6 +35932,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "unicefkepeslapok.hu", true }, { "unicefvoscilnice.si", true }, { "unicolabo.jp", true }, + { "unicorn-systems.net", true }, { "unicorn.melbourne", true }, { "unicorntooling.eu", true }, { "unicredit.ba", true }, @@ -35240,12 +35947,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "uniform-agri.com", true }, { "uniformebateriasheliar.com.br", true }, { "unikoingold.com", true }, - { "unikrn.com", true }, { "unila.edu.br", true }, { "uninet.cf", true }, { "uniojeda.ml", true }, { "unionplat.ru", true }, - { "unipig.de", true }, + { "uniontestprep.com", true }, { "uniprimebr.com.br", false }, { "uniq.site", true }, { "unique-bouncy-castles.co.uk", true }, @@ -35265,12 +35971,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "unitel2000.de", true }, { "unityconsciousnessbooks.com", true }, { "univercite.ch", true }, - { "univeril.com", true }, + { "univeril.com", false }, { "universal-happiness.com", true }, + { "universal.at", true }, { "universalcarremote.com", true }, { "universalpaymentgateway.com", true }, { "universeinform.com", true }, - { "universogay.com", true }, { "univitale.fr", true }, { "unix.se", true }, { "unixadm.org", true }, @@ -35279,6 +35985,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "unixforum.org", true }, { "unixfox.eu", true }, { "unixtime.date", true }, + { "unknownbreakup.com", true }, { "unkrn.com", true }, { "unlax.com", true }, { "unleash.pw", true }, @@ -35286,8 +35993,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "unlocken.nl", true }, { "unlocktalent.gov", true }, { "unlogis.ch", true }, - { "unmanaged.space", true }, { "unmarkdocs.co", true }, + { "unmonito.red", true }, { "unn-edu.info", true }, { "uno-pizza.ru", true }, { "uno.fi", true }, @@ -35324,14 +36031,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "unworthy.ml", true }, { "unx.dk", true }, { "unxicdellum.cat", true }, + { "upaknship.com", true }, { "upandclear.org", true }, { "upay.ru", true }, + { "upbad.com", true }, { "upbeatrobot.com", true }, { "upbeatrobot.eu", true }, { "upd.jp", true }, { "upgamerengine.com", true }, { "upgamerengine.com.br", true }, { "upgamerengine.net", true }, + { "upgauged.com", true }, + { "upholsterydesign.com.au", true }, { "upitnik.rs", true }, { "uplaqui.com.br", true }, { "uplinklabs.net", true }, @@ -35348,6 +36059,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "uprouteyou.com", true }, { "upsettunnel.com", true }, { "upsiteseo.com", true }, + { "uptakedigital.com.au", true }, { "uptimed.com", true }, { "uptimenotguaranteed.com", true }, { "uptodateinteriors.com", true }, @@ -35357,17 +36069,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "uptrends.com", true }, { "uptrends.de", true }, { "uptrex.co.uk", true }, + { "upturn.org", true }, { "upundit.com", true }, + { "upwardtraining.co.uk", true }, { "upwork.com", true }, + { "upyourfinances.com", true }, { "ur.nl", true }, { "ur2.pw", true }, { "uradisam.rs", true }, + { "uraimo.com", true }, { "urbackups.com", true }, { "urbalex.ch", true }, { "urban-culture.fr", true }, { "urban-karuizawa.co.jp", true }, { "urban.melbourne", true }, { "urbancreators.dk", true }, + { "urbandance.club", true }, { "urbanesecurity.com", true }, { "urbanfi.sh", true }, { "urbanguerillas.de", true }, @@ -35375,8 +36092,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "urbanietz-immobilien.de", true }, { "urbanmelbourne.info", true }, { "urbannewsservice.com", true }, - { "urbansparrow.in", true }, - { "urbanstylestaging.com", true }, { "urbansurvival.com", true }, { "urbanwaters.gov", false }, { "urbanwildlifealliance.org", false }, @@ -35385,6 +36100,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "urcentral.net", true }, { "urcentral.nl", true }, { "ureka.org", true }, + { "urep.us", true }, { "urgences-valais.ch", true }, { "urinedrugtesthq.com", true }, { "uripura.de", true }, @@ -35440,13 +36156,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "usimmigration.us", true }, { "usipvd.ch", true }, { "usitcolours.bg", true }, + { "uskaria.com", true }, { "usleep.net", true }, { "usmint.gov", true }, { "usninosnikrcni.eu", true }, { "usnti.com", true }, - { "usparklodging.com", true }, { "uspsoig.gov", true }, - { "ussm.gov", true }, + { "ussm.gov", false }, { "ussuka.com", true }, { "ust.space", true }, { "ustensiles-cuisine.boutique", true }, @@ -35454,13 +36170,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "usualbeings.com", true }, { "usuan.net", true }, { "usuluddin.ga", true }, + { "usweme.info", true }, { "uswitch.com", true }, { "ut-addicted.com", true }, { "utahfireinfo.gov", true }, { "utahlocal.net", true }, { "utazas-nyaralas.info", true }, { "utcast-mate.com", true }, - { "utdscanner.com", true }, { "utdsgda.com", true }, { "uteam.it", true }, { "utepils.de", true }, @@ -35474,12 +36190,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "utilitarismo.com", true }, { "utilitronium.com", true }, { "utilityapi.com", true }, - { "utilityreport.eu", true }, { "utitreatment.com", true }, { "utonia.ch", true }, - { "utopialgb.org.uk", true }, { "utopicestudios.com", true }, { "utox.io", true }, + { "utterberry.io", true }, { "utugnn.ru", true }, { "utw.me", true }, { "utwente.io", true }, @@ -35488,15 +36203,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "uvenuse.cz", true }, { "uvocorp.com", true }, { "uvolejniku.cz", true }, + { "uw1008.com", true }, { "uw2333.com", true }, { "uwac.co.uk", false }, { "uwekoetter.com", true }, { "uwelilienthal.de", true }, + { "uwimonacs.org.jm", true }, { "uwvloereruit.nl", true }, + { "uxp-it.nl", true }, + { "uxteam.com", true }, { "uxtechnologist.com", true }, { "uy.search.yahoo.com", false }, { "uz.search.yahoo.com", false }, { "uzaymedya.com.tr", true }, + { "uziregister.nl", true }, { "uzsvm.cz", true }, { "v-d-p.net", true }, { "v-spin.cz", true }, @@ -35508,7 +36228,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "v2cn.win", true }, { "v2ex.com", true }, { "va-reitartikel.com", true }, - { "va.gov", true }, + { "va.gov", false }, { "vacationsbyvip.com", true }, { "vaccines.gov", true }, { "vacuumpump.co.id", true }, @@ -35530,14 +36250,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vakantiedetective.nl", true }, { "vakantienet.nl", true }, { "vakuutuskanava.fi", true }, - { "val-sec.com", true }, { "valasi.eu", true }, { "valbonne-consulting.com", true }, { "valcano-krd.ru", true }, { "valcano.ru", true }, + { "valcardiesel.com", true }, { "valenciadevops.me", true }, { "valentin-ochs.de", true }, { "valentin-sundermann.de", true }, + { "valentin.ml", true }, { "valentinberclaz.com", true }, { "valentineapparel.com", true }, { "valentineforpresident.com", true }, @@ -35559,6 +36280,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "valleyautofair.com", true }, { "valleyautoloan.com", true }, { "valleycode.net", true }, + { "valleydalecottage.com.au", true }, { "valleyshop.ca", true }, { "vallutaja.eu", true }, { "valokuva-albumi.fi", true }, @@ -35570,6 +36292,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "valsk.is", false }, { "valskis.lt", true }, { "valtlai.fi", true }, + { "valtoaho.com", true }, { "valudo.st", true }, { "valueng.com", true }, { "valueseed.net", true }, @@ -35587,9 +36310,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vandermeer.frl", true }, { "vanderrijt.nl", false }, { "vanderziel.org", true }, + { "vandorenscholars.org", true }, + { "vandyhacks.org", true }, { "vaneigenkweek.be", true }, - { "vanetv.com", true }, - { "vangeluwedeberlaere.be", true }, + { "vangoghcoaching.nl", true }, { "vanhaos.com", true }, { "vanhoudt-usedcars.be", true }, { "vanhoutte.be", false }, @@ -35598,7 +36322,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vannaos.com", true }, { "vannaos.net", true }, { "vanohaker.ru", true }, + { "vanouwerkerk.net", true }, { "vantagepointpreneed.com", true }, + { "vantaio.com", true }, { "vante.me", true }, { "vantien.com", true }, { "vantru.is", true }, @@ -35613,24 +36339,26 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vaphone.co", true }, { "vapor.cloud", false }, { "vapordepot.jp", true }, + { "varalwamp.com", true }, { "varcare.jp", true }, { "varden.info", true }, { "vareillefoundation.fr", true }, { "vareillefoundation.org", true }, { "varghese.de", true }, - { "variable.agency", true }, + { "variable.agency", false }, { "variag-group.ru", true }, { "variag-montazh.ru", true }, { "varicoseveinssolution.com", true }, { "varimedoma.com", true }, { "varshathacker.com", true }, + { "varunagw.com", true }, { "varunpriolkar.com", true }, { "varvy.com", true }, { "varztupasaulis.com", true }, { "varztupasaulis.eu", true }, { "varztupasaulis.lt", true }, { "varztupasaulis.net", true }, - { "vase-eroticke-povidky.cz", true }, + { "vascomm.co.id", true }, { "vasel.de", true }, { "vasel.eu", true }, { "vashel.us", true }, @@ -35643,7 +36371,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vat-eu.com", true }, { "vat.direct", true }, { "vatelecom.dk", true }, - { "vati.pw", true }, { "vats.im", true }, { "vatsalyagoel.com", true }, { "vatsim-uk.co.uk", true }, @@ -35671,7 +36398,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vc.gg", true }, { "vcam.org", true }, { "vccmurah.net", true }, - { "vcdn.xyz", true }, { "vcelin-na-doliku.cz", true }, { "vcf.gov", true }, { "vcientertainment.com", false }, @@ -35690,7 +36416,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vdesc.com", true }, { "vdisk24.de", true }, { "vdmeij.com", true }, - { "vdownloader.com", true }, { "vdzwan.net", true }, { "ve.search.yahoo.com", false }, { "ve3oat.ca", true }, @@ -35703,13 +36428,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vectorwish.com", true }, { "vedma-praktik.com", true }, { "veg-leiden.nl", true }, + { "vega-rumia.com.pl", true }, { "vegalitarian.org", true }, { "vegane-proteine.com", true }, { "veganforum.org", true }, { "vegangaymer.blog", true }, { "veganism.co.uk", true }, { "veganism.com", true }, - { "vegasdocs.com", true }, { "vegepa.com", true }, { "vegetariantokyo.net", true }, { "veggie-treff.de", true }, @@ -35721,12 +36446,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "velen.io", true }, { "venalytics.com", true }, { "venclave.com", true }, + { "vendermicasarapido.com.mx", true }, { "vendigital.com", true }, { "vendorconnect.nyc", true }, { "vendserve.eu", true }, { "venenum.org", true }, { "venev.name", true }, - { "venirextra.com", true }, { "venje.pro", true }, { "ventajasdesventajas.com", true }, { "ventesprivees-fr.com", true }, @@ -35740,6 +36465,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "venturum.de", true }, { "venturum.eu", true }, { "venturum.net", true }, + { "ventzke.com", true }, { "ver.ma", true }, { "vera.bg", true }, { "veramagazine.jp", true }, @@ -35755,8 +36481,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "verfassungsklage.at", true }, { "vergeaccessories.com", true }, { "vergelijksimonly.nl", true }, + { "vergessen.cn", true }, { "verhovs.ky", true }, { "verifalia.com", true }, + { "verifiedjoseph.com", true }, + { "verifiny.com", true }, { "verifyos.com", true }, { "verifyyourip.com", true }, { "veriny.tf", true }, @@ -35767,7 +36496,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "verizonguidelines.com", true }, { "verliebt-in-bw.de", true }, { "verliebt-in-niedersachsen.de", true }, - { "verliefde-jongens.nl", true }, { "vermeerdealers.com", true }, { "vermiliontaxiservice.com", true }, { "vermogeninkaart.nl", true }, @@ -35809,6 +36537,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "veslosada.com", true }, { "vespacascadia.com", true }, { "vestingbar.nl", true }, + { "vetbits.com", true }, { "veterinario.roma.it", true }, { "veterinarioaltea.com", true }, { "vetforum.co", true }, @@ -35825,16 +36554,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vgropp.de", true }, { "vh.net", true }, { "vhummel.nl", true }, - { "vi.photo", true }, { "via-shire-krug.ru", true }, { "viacdn.org", true }, { "viafinance.cz", false }, { "viaggio-in-cina.it", true }, - { "viagra-kaufen.biz", true }, { "viagraonlinebestellen.org", true }, + { "viagusto.pl", true }, { "viajandoporelmundo.com.ar", true }, { "viaje-a-china.com", true }, - { "vialibido.com.br", true }, { "vialorran.com", true }, { "viaprinto.de", true }, { "viato.fr", true }, @@ -35845,6 +36572,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vicicode.com", true }, { "viciousflora.com", true }, { "vicjuwelen-annelore.be", true }, + { "victora.com", true }, { "victorcanera.com", true }, { "victordiaz.me", true }, { "victoreriksson.ch", true }, @@ -35885,13 +36613,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "videosqr.com", true }, { "videov.tk", true }, { "vidister.de", true }, - { "vidkovaomara.si", true }, { "vieaw.com", true }, { "vieclam24h.vn", false }, { "viekelis.lt", false }, { "viemeister.com", true }, { "viemontante.be", true }, - { "vientos.coop", true }, + { "vientos.coop", false }, { "viepixel.at", true }, { "vierdaagsehotel.nl", true }, { "vierna.ga", true }, @@ -35921,6 +36648,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vijverbenodigdheden.nl", true }, { "vik.im", true }, { "vikalbino.com.br", true }, + { "vikalpgupta.com", true }, { "vikapaula.com", true }, { "vikashkumar.me", true }, { "viking-style.ru", true }, @@ -35930,12 +36658,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vilabiamodas.com.br", true }, { "viljatori.fi", true }, { "villa-anna-cilento.de", true }, - { "villa-bellarte.de", true }, { "villa-gockel.de", true }, + { "villa-romantica-zillertal.at", true }, { "villafiore.com.br", true }, { "villageunique.com.br", true }, { "villagockel.de", true }, - { "villalaskowa.pl", true }, { "villamariaamalfi.it", true }, { "villasfinistere.fr", true }, { "villasforsale-bali.com", true }, @@ -35955,12 +36682,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vincentpancol.com", true }, { "vincitraining.com", true }, { "vineright.com", true }, + { "vinetech.co.nz", true }, { "vinilosdecorativos.net", true }, { "vinner.com.au", true }, { "vinnie.gq", true }, - { "vinogradovka.com", true }, { "vinolli.de", true }, { "vinovum.net", true }, + { "vinsation.com", true }, { "vinsetchampagne.fr", true }, { "vintagebandfestival.org", true }, { "vintagecaskandbarrel.com", true }, @@ -35977,27 +36705,29 @@ static const nsSTSPreload kSTSPreloadList[] = { { "violin4fun.nl", true }, { "vionicbeach.com", true }, { "vionicshoes.com", true }, - { "vioye.com", true }, + { "vip-9649.com", true }, { "vip4553.com", true }, { "vip8522.com", true }, + { "vip9649.com", true }, { "vipesball.cc", true }, { "vipesball.info", true }, { "vipesball.me", true }, - { "vipesball.net", true }, { "vipi.es", true }, { "viptamin.eu", true }, { "viptamol.com", true }, + { "viqo.pl", true }, { "vir-tec.eu", true }, { "vir2.me", true }, { "viral32111.com", true }, { "viralboombox.xyz", true }, { "viralpop.it", true }, { "viralsouls.in", true }, + { "viralsv.com", true }, { "virgopolymer.com", true }, - { "virial.de", true }, { "viridis-milites.cz", true }, { "virtit.fr", true }, { "virtualcloud.ddns.net", true }, + { "virtualcommodities.org", true }, { "virtuality4d.com", true }, { "virtuallifestyle.nl", true }, { "virtualmt2.pl", true }, @@ -36007,6 +36737,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "virtusaero.com", true }, { "virvum.ch", true }, { "visaexpert.co.za", true }, + { "visalist.io", true }, { "visalogy.com", true }, { "visaop.com", true }, { "visapourailleurs.fr", true }, @@ -36020,6 +36751,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "visioflux-premium.com", true }, { "visionarymedia.nl", true }, { "visiondigitalsog.com", true }, + { "visiondirectionaldrilling.com", true }, { "visionexpress.com", true }, { "visionexpress.ie", true }, { "visionexpresscareers.com", true }, @@ -36052,7 +36784,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vitalthrills.com", true }, { "vitalware.com", true }, { "vitalyzhukphoto.com", true }, - { "vitamaxxi.com.br", true }, { "vitamineproteine.com", true }, { "vitaminler.com", true }, { "vitastic.nl", true }, @@ -36061,6 +36792,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vitkutny.cz", true }, { "vitoye.com", true }, { "vitpeyr.com", true }, + { "vitra-showrooms.co.uk", true }, { "vitra-vcare.co.uk", true }, { "vitrado.de", true }, { "vitsoft.by", true }, @@ -36078,7 +36810,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vivirenelmundo.com", true }, { "vivo.sx", true }, { "vivoitaliankitchen.com", true }, - { "vivoseg.com", true }, { "vixrapedia.org", true }, { "viyf.org", true }, { "viza.io", true }, @@ -36119,21 +36850,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vmc.co.id", true }, { "vmem.jp", false }, { "vmgirls.com", true }, - { "vmhydro.ru", false }, { "vmis.nl", true }, { "vmoagents.com", false }, { "vmoe.info", true }, { "vmug.pl", true }, - { "vmzone.de", true }, { "vn.search.yahoo.com", false }, { "vncg.org", true }, { "vnd.cloud", true }, - { "vndb.org", true }, { "vnfs-team.com", true }, + { "vnpem.org", true }, { "vnvisa.center", true }, { "vnvisa.ru", true }, { "vocaloid.my", true }, - { "vocalsynth.space", true }, { "vocalviews.com", true }, { "vocus.aero", true }, { "vocustest.aero", true }, @@ -36144,7 +36872,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vodpay.org", true }, { "vogler.name", true }, { "voicu.ch", true }, - { "void-it.nl", true }, { "void-zero.com", true }, { "voidcore.org", true }, { "voidpay.com", true }, @@ -36152,7 +36879,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "voidpay.org", true }, { "voidptr.eu", true }, { "voids.org", true }, - { "voidshift.com", true }, { "voidzehn.com", true }, { "voipsun.com", true }, { "vojtechpavelka.cz", true }, @@ -36173,13 +36899,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "volkerwesselstransfer.nl", false }, { "volkerwesselswave.nl", false }, { "volksvorschlagpmar.ch", true }, - { "volkswurst.de", true }, { "vollans.id.au", true }, { "voloevents.com", true }, { "volta.io", true }, { "volto.io", true }, { "volunteeringmatters.org.uk", true }, - { "volvipress.gr", true }, { "vomitb.in", true }, { "von-lien-aluprofile.de", true }, { "von-lien-dachrinnen.de", true }, @@ -36197,7 +36921,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vorlagen-geburtstagsgruesse.de", true }, { "vorlicek.de", true }, { "vorlif.org", true }, - { "vorm2.com", true }, { "vorodevops.com", true }, { "vos-fleurs.ch", true }, { "vos-fleurs.com", true }, @@ -36209,7 +36932,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vosser.de", true }, { "vostronet.com", true }, { "voter-info.uk", true }, - { "votercircle.com", true }, { "votesandymurman.com", true }, { "votocek.cz", true }, { "votockova.cz", true }, @@ -36225,7 +36947,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "voyagesaufildespages.be", true }, { "voyageschine.com", true }, { "voyagesdetective.fr", true }, - { "vozami.com", true }, { "vpc-display.com", true }, { "vpn.black", true }, { "vpn.ht", true }, @@ -36240,20 +36961,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vreaulafacultate.ro", true }, { "vreeman.com", true }, { "vriesdonkow.be", true }, + { "vrij-links.nl", true }, { "vrijgezellen-feest.com", true }, { "vrijgezellenfeestzwolle.com", true }, - { "vrlaid.com", false }, + { "vrjetpackgame.com", true }, { "vroedvrouwella.be", true }, { "vrsgames.com.mx", true }, { "vrsystem.com.br", true }, - { "vrtak-cz.net", true }, { "vrtouring.org", true }, - { "vsamsonov.com", true }, { "vscale.io", true }, { "vsean.net", true }, { "vserver-preis-vergleich.de", true }, { "vsesrazu-raiffeisen.ru", true }, - { "vsestiralnie.com", true }, + { "vsestoki.com", true }, { "vsl-defi.ch", true }, { "vssnederland.nl", true }, { "vstehn.ru", true }, @@ -36269,28 +36989,30 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vullriede-multimedia.de", true }, { "vulndetect.com", true }, { "vulndetect.org", true }, - { "vulnerabilities.io", true }, { "vulnerability.ch", true }, { "vulners.com", true }, { "vulns.sexy", true }, { "vulnscan.org", true }, { "vulpine.club", true }, { "vumetric.com", true }, + { "vuojolahti.com", true }, { "vuojolahti.fi", true }, { "vuotila.eu", true }, { "vuvanhon.com", true }, { "vux.li", true }, { "vuzi.fr", true }, + { "vv1234.cn", true }, { "vvactivia.nl", true }, { "vvdbronckhorst.nl", true }, { "vvoip.org.uk", true }, { "vvw-8522.com", true }, { "vw-touranclub.cz", true }, { "vwbusje.com", true }, + { "vwfsrentacar.co.uk", true }, { "vwhcare.com", true }, { "vwittich.de", true }, + { "vwo.com", true }, { "vwsoft.de", true }, - { "vwt-event.nl", true }, { "vww-8522.com", true }, { "vx.hn", true }, { "vxst.org", true }, @@ -36311,10 +37033,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "w-spotlight.appspot.com", true }, { "w-w-auto.de", true }, { "w.wiki", true }, + { "w1221.com", true }, { "w2n.me", true }, { "w3ctag.org", true }, { "w3n.org", true }, - { "w4b.in", true }, { "w4eg.de", true }, { "w4nvu.org", true }, { "w50.co.uk", true }, @@ -36330,7 +37052,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wadsworth.gallery", true }, { "wadvisor.com", true }, { "waelisch.de", true }, - { "waelti.xxx", true }, { "waf.ninja", true }, { "waf.sexy", true }, { "wafa4hw.com", true }, @@ -36339,11 +37060,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "waffle.at", false }, { "wafuton.com", true }, { "wagyu-bader.de", true }, + { "wahhoi.net", true }, { "wahidhasan.com", true }, { "wahlman.org", true }, { "wahrnehmungswelt.de", true }, { "wahrnehmungswelten.de", true }, - { "wai-in.com", true }, { "wai-in.net", true }, { "waidfrau.de", true }, { "waidu.de", true }, @@ -36352,11 +37073,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "waigel.org", true }, { "waikatowebdesigners.com", true }, { "wail.net", true }, - { "wains.be", true }, + { "wains.be", false }, { "wait.jp", true }, { "waiterwheels.com", true }, { "waits.io", true }, - { "waixingrenfuli.vip", true }, { "wak.io", true }, { "waka-mono.com", true }, { "waka168.com", true }, @@ -36368,14 +37088,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wakatime.com", true }, { "wakiminblog.com", true }, { "wala-floor.de", true }, + { "waldkinder-ilmenau.de", true }, { "waldvogel.family", true }, { "walent.in", true }, { "walentin.co", true }, + { "waligorska.pl", true }, { "walk.onl", true }, { "walkera-fans.de", true }, { "walkhighlandsandislands.com", true }, { "walkingrehabilitation.com", true }, { "walksedona.com", true }, + { "walksfourpaws.co.uk", true }, { "wallabet.fr", true }, { "wallabies.org", true }, { "wallace-group.net", true }, @@ -36386,7 +37109,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "walletnames.com", true }, { "wallinger-online.at", true }, { "wallingford.cc", true }, - { "wallpapers.pub", true }, { "wallpaperup.com", true }, { "walls.de", true }, { "walls.io", true }, @@ -36409,7 +37131,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wandercue.com", true }, { "wandervoll.ch", true }, { "wanderzoom.co", true }, + { "wandystan.eu", true }, { "wane.co", true }, + { "wangbangyu.cf", true }, + { "wangbangyu.ga", true }, + { "wangbangyu.gq", true }, + { "wangbangyu.ml", true }, + { "wangbangyu.tk", true }, { "wangjun.me", true }, { "wangqiliang.cn", false }, { "wangqiliang.com", false }, @@ -36417,12 +37145,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wangql.net", true }, { "wangqr.tk", true }, { "wangtanzhang.com", true }, + { "wangyubao.cn", true }, { "wangyue.blog", true }, { "wangzuan168.cc", true }, + { "wanlieyan.com", true }, { "wannaridecostarica.com", true }, - { "wanquanojbk.com", false }, - { "wanybug.cn", true }, - { "wanybug.com", true }, + { "wanybug.cf", true }, + { "wanybug.ga", true }, + { "wanybug.gq", true }, + { "wanybug.tk", true }, { "waonui.io", true }, { "wapgu.cc", true }, { "wardow.com", true }, @@ -36440,7 +37171,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "warp-radio.net", true }, { "warp-radio.tv", true }, { "warr.ath.cx", true }, - { "warren.sh", true }, { "warringtonkidsbouncycastles.co.uk", true }, { "warschild.org", true }, { "warsh.moe", true }, @@ -36468,6 +37198,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "watchpci.com", true }, { "watchstyle.com", true }, { "water-addict.com", true }, + { "waterbrook.com.au", true }, + { "waterdogsmokedfish.com", true }, { "waterdrop.tk", true }, { "waterfedpole.com", true }, { "waterleeftinbeek.nl", true }, @@ -36486,11 +37218,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "waukeect.com", true }, { "wave-ola.es", true }, { "wave.is", true }, + { "waverlysecuritycameras.com", true }, { "wavesboardshop.com", true }, { "wavesoftime.com", true }, { "waveum.com", true }, { "wawak.pl", true }, { "waxdramatic.com", true }, + { "waycraze.com", true }, { "wayfair.de", true }, { "wayohoo.com", true }, { "wayohoo.net", true }, @@ -36498,6 +37232,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "waze.com", true }, { "wbci.us", false }, { "wbg-vs.de", true }, + { "wblinks.com", true }, { "wbt-solutions.ch", true }, { "wbt-solutions.net", true }, { "wbudd.com", true }, @@ -36505,18 +37240,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wbvb.nl", true }, { "wbx.support", true }, { "wby.gd", true }, + { "wby.tw", true }, { "wcbook.ru", false }, { "wcn.life", false }, + { "wcwcg.net", true }, { "wd627.com", true }, { "wd976.com", true }, { "wdbflowersevents.co.uk", true }, { "wdbgroup.co.uk", true }, { "wdic.org", true }, - { "wdmg.com.ua", true }, { "wdodelta.nl", true }, { "wdol.gov", true }, { "wdrl.info", true }, { "wdt.cz", false }, + { "we-bb.com", true }, { "we-run-linux.de", true }, { "we-use-linux.de", true }, { "weacceptbitcoin.gr", true }, @@ -36532,16 +37269,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wearepapermill.co", true }, { "wearesouthafricans.com", true }, { "wearvr.com", true }, + { "weaspireusa.com", true }, { "weather-and-climate.com", false }, { "weathermyway.rocks", true }, - { "web-adminy.co.uk", true }, { "web-advisor.co.uk", true }, { "web-art.cz", true }, { "web-design.co.il", true }, { "web-dl.cc", true }, { "web-hotel.gr", true }, { "web-kouza.com", true }, + { "web-mail.info", true }, + { "web-odyssey.com", true }, { "web-redacteuren.nl", true }, + { "web-siena.it", true }, + { "web-smart.com", true }, { "web-wave.jp", true }, { "web.bzh", true }, { "web.cc", false }, @@ -36550,6 +37291,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "web2ldap.de", true }, { "web2screen.tv", true }, { "web404.net", true }, + { "webadiccion.net", true }, + { "webadicta.net", true }, + { "webadicto.net", true }, { "webaeon.org", true }, { "webaholic.co.in", true }, { "webais.ru", true }, @@ -36558,6 +37302,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "webandmore.de", false }, { "webappky.cz", true }, { "webartex.ru", true }, + { "webauthority.co.uk", true }, { "webbiz.co.uk", true }, { "webbson.net", false }, { "webbx.se", true }, @@ -36569,7 +37314,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "webcontentspinning.com", true }, { "webcookies.org", true }, { "webcrm.com", true }, + { "webcurtaincall.com", true }, { "webdeflect.com", true }, + { "webdemaestrias.com", true }, { "webdesign-st.de", true }, { "webdesigneauclaire.com", true }, { "webdesignerinwarwickshire.co.uk", true }, @@ -36580,6 +37327,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "webdevops.io", true }, { "webdevxp.com", true }, { "webdl.org", true }, + { "webdollarvpn.io", true }, { "webduck.nl", false }, { "webeast.eu", true }, { "webeau.com", true }, @@ -36588,6 +37336,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "webev.ru", true }, { "webexample.win", true }, { "webexp.biz", true }, + { "webexpertsdirect.com.au", true }, { "webfilings-eu-mirror.appspot.com", true }, { "webfilings-eu.appspot.com", true }, { "webfilings-mirror-hrd.appspot.com", true }, @@ -36607,7 +37356,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "webkeks.org", true }, { "weblagring.se", true }, { "weblate.org", true }, - { "webless.com", true }, { "webliberty.ru", true }, { "webline.ch", true }, { "weblogic.pl", true }, @@ -36625,6 +37373,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "webministeriet.net", true }, { "webmotelli.fi", true }, { "webnames.ca", true }, + { "webnexty.com", true }, { "webnoob.net", true }, { "webogram.org", false }, { "webpinoytambayan.net", true }, @@ -36636,14 +37385,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "webproxy.pw", true }, { "webpubsub.com", true }, { "webqualitat.com.br", true }, - { "webqueens.com", true }, { "webrebels.org", false }, { "webrentcars.com", true }, { "webreport.fr", true }, - { "webreslist.com", true }, { "webscale.nl", false }, { "websec.nl", true }, - { "websectools.com", true }, { "websecurity.is", true }, { "webseitendesigner.com", false }, { "webseitenserver.com", true }, @@ -36660,6 +37406,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "websitesdallas.com", true }, { "websiteservice.pro", true }, { "webslake.com", true }, + { "websouthdesign.com", true }, { "webspiral.jp", true }, { "webspire.tech", true }, { "webstijlen.nl", true }, @@ -36688,7 +37435,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wechatify.com", true }, { "wecleanbins.com", true }, { "wecobble.com", true }, - { "wedding-m.jp", true }, { "weddingalbumsdesign.com", true }, { "weddingfantasy.ru", true }, { "weddingsbynoon.co.uk", true }, @@ -36740,10 +37486,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wein.cc", true }, { "wein.co.kr", true }, { "weinbergerlawgroup.com", true }, - { "weinhandel-preissler.de", true }, { "weinundsein.com", true }, { "weirdesigns.com", true }, - { "weirdserver.com", true }, { "weisse-liste.de", true }, { "weissman.agency", true }, { "weiterbildung-vdz.de", true }, @@ -36765,13 +37509,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wellensteyn.ru", true }, { "weller.pm", true }, { "wellist.com", true }, - { "wellmarts.com", true }, { "wellness-gutschein.de", true }, { "wellnesscheck.net", true }, - { "wellsplasticsurgery.com", true }, - { "wellspringcamps.com", true }, + { "wellsolveit.com", false }, { "welovecatsandkittens.com", true }, - { "welovemail.com", true }, { "welpo.me", true }, { "welsh.com.br", true }, { "welshccf.org.uk", true }, @@ -36792,7 +37533,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wener.me", false }, { "wenger-shop.ch", true }, { "wenjs.me", true }, - { "wensing-und-koenig.de", true }, { "wepay.com", false }, { "wepay.in.th", true }, { "wepay.vn", true }, @@ -36843,6 +37583,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wessner.org", true }, { "west-contemporary.com", true }, { "west-trans.com.au", true }, + { "west-wind.net", true }, { "westcanal.net", true }, { "westcarrollton.org", true }, { "westcentenaryscouts.org.au", true }, @@ -36872,14 +37613,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "westwood.no", true }, { "wetofu.top", true }, { "wevenues.com", true }, - { "wevg.org", true }, { "wewitro.de", true }, { "wewitro.net", true }, { "wexfordbouncycastles.ie", true }, { "wexilapp.com", true }, { "weyland-yutani.org", true }, { "weyland.tech", true }, - { "wezl.net", true }, + { "weynaphotography.com", true }, { "wf-bigsky-master.appspot.com", true }, { "wf-demo-eu.appspot.com", true }, { "wf-demo-hrd.appspot.com", true }, @@ -36897,7 +37637,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wg3k.us", false }, { "wgom.org", true }, { "wgplatform.co.uk", true }, - { "wgraphics.ru", true }, { "wgsi-friesland.nl", true }, { "wh-guide.de", true }, { "whanau.org", true }, @@ -36924,6 +37663,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "whatsupgold.com.tw", true }, { "whatsupoutdoor.com", true }, { "whatthingsweigh.com", true }, + { "whatusb.com", true }, { "whatwebcando.today", true }, { "whatwg.org", true }, { "whd-guide.de", true }, @@ -36933,10 +37673,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wheelwide.co.uk", true }, { "wheelwork.org", true }, { "wheelwright.org", true }, + { "wheezie.be", true }, { "when.fm", false }, { "where2trip.com", true }, { "whereiszakir.com", true }, - { "whexit.nl", true }, { "whey-protein.ch", true }, { "whiletrue.run", true }, { "whimtrip.fr", false }, @@ -36970,10 +37710,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "whitepharmacy.co.uk", true }, { "whiteready.it", true }, { "whiterose.goip.de", true }, - { "whiteshadowimperium.com", true }, { "whitewebhosting.co.za", true }, { "whitewebhosting.com", true }, { "whitewinterwolf.com", true }, + { "whitkirk.com", true }, { "whitkirkartsguild.com", true }, { "whitkirkchurch.org.uk", true }, { "whittome.com", true }, @@ -36988,12 +37728,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "whocalled.us", true }, { "whocybered.me", true }, { "whoimg.com", true }, - { "whoisamitsingh.com", true }, + { "whoiscuter.ml", true }, + { "whoiscutest.ml", true }, { "whoisthenightking.com", true }, { "whoiswp.com", true }, { "wholelotofbounce.co.uk", false }, { "wholesalecbd.com", true }, - { "whonix.org", true }, + { "wholesomeharvestbread.com", false }, { "whosyourdaddy.ml", true }, { "whoturgled.com", true }, { "whqtravel.org", false }, @@ -37002,6 +37743,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "whub.io", true }, { "why-brexit.uk", true }, { "whychoosebob.net.au", true }, + { "whynohttps.com", true }, { "whyopencomputing.ch", true }, { "whyopencomputing.com", true }, { "whytls.com", true }, @@ -37042,7 +37784,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wijnbesteld.nl", true }, { "wijnservices.nl", false }, { "wijzijnwolf.nl", true }, - { "wiki-play.ru", true }, { "wiki.python.org", true }, { "wikibooks.org", true }, { "wikibulz.com", true }, @@ -37072,6 +37813,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wildnisfamilie.net", true }, { "wildtrip.blog", true }, { "wildwildtravel.com", true }, + { "wildwind.world", true }, { "wildzoopark.co.uk", true }, { "wildzoopark.com", true }, { "wili.li", true }, @@ -37085,7 +37827,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "willfarrell.ca", true }, { "willi-graf-gymnasium.de", true }, { "willi-graf-os.de", true }, - { "william.gg", true }, { "williamboulton.co.uk", true }, { "williamfeely.info", true }, { "williamjohngauthier.net", true }, @@ -37113,6 +37854,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "winbignow.click", true }, { "winbuzzer.com", true }, { "wincasinowin.click", true }, + { "winch-center.de", true }, { "wind.moe", true }, { "winddan.nz", true }, { "windelnkaufen24.de", true }, @@ -37128,10 +37870,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "windsorspi.com", true }, { "windycitydubfest.com", true }, { "wine-tapa.com", true }, - { "winebid.com", true }, { "wineonthewall.com", true }, { "winepress.org", true }, - { "wineworksonline.com", true }, { "winghill.com", true }, { "wingify.com", true }, { "wingmin.net", true }, @@ -37153,17 +37893,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wintermeyer.de", true }, { "winterschoen.nl", true }, { "wintodoor.com", true }, + { "winwitharval.co.uk", true }, { "wipswiss.ch", true }, { "wir-bewegen.sh", true }, { "wircon-int.net", true }, { "wire.com", true }, - { "wiredcut.com", true }, { "wireframesoftware.com", true }, { "wireheading.com", true }, { "wirelesswatch.com.au", true }, { "wireshark.org", true }, { "wiretime.de", true }, - { "wiretrip.io", false }, { "wirhabenspass.de", true }, { "wirkstoffreich.de", true }, { "wirralbouncycastles.co.uk", true }, @@ -37172,6 +37911,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wis.no", true }, { "wisak.me", true }, { "wisal.org", true }, + { "wischu.com", true }, + { "wisedog.eu", true }, { "wiseflat.com", true }, { "wispapp.com", false }, { "wisper.net.au", true }, @@ -37199,10 +37940,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wizzr.nl", true }, { "wj0666.com", true }, { "wjbolles.com", true }, + { "wjcainc.com", true }, { "wjci.com", true }, { "wje-online.de", true }, { "wjg.ca", true }, { "wjg.dk", true }, + { "wjglerum.nl", true }, { "wjm2038.me", true }, { "wjr.io", true }, { "wjwieland.dvrdns.org", false }, @@ -37218,7 +37961,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wlwlwx.com", true }, { "wm-access.com", true }, { "wm-access.de", true }, - { "wm-talk.net", true }, { "wmaccess.com", true }, { "wmaccess.de", true }, { "wmfusercontent.org", true }, @@ -37245,7 +37987,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wohnsitz-ausland.com", true }, { "woi.vision", true }, { "wokinghammotorhomes.com", true }, - { "woktoss.com", true }, { "wolfachtal-alpaka.de", true }, { "wolfarth.info", true }, { "wolfermann.org", true }, @@ -37260,7 +38001,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wolfsden.cz", true }, { "wolfwings.us", true }, { "wolfy1339.com", false }, - { "wolkenspeicher.org", true }, { "wolkoopjes.nl", true }, { "wollgredel.de", true }, { "wollongongbaptist.hopto.org", true }, @@ -37270,10 +38010,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "womb.city", true }, { "wombatalla.com.au", true }, { "wombats.net", true }, + { "womcom.nl", true }, { "women-only.net", true }, { "womensalespros.com", true }, { "womenshairlossproject.com", true }, { "wonabo.com", true }, + { "wonder.com.mx", false }, { "wonderbill.com", true }, { "wonderfuleducation.eu", true }, { "wonderfuleducation.nl", true }, @@ -37288,7 +38030,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "woodcoin.org", true }, { "woodev.us", true }, { "woodlandhillselectrical.com", true }, - { "woodlandsmetro.church", true }, + { "woodlandsmetro.church", false }, { "woodlandsvale.uk", true }, { "woodlandwindows.com", true }, { "woodomat.com", true }, @@ -37296,7 +38038,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "woof.gq", true }, { "woofsbakery.com", true }, { "woohooyeah.nl", true }, - { "woomai.net", true }, { "woonboulevardvolendam.nl", true }, { "woontegelwinkel.nl", true }, { "wooplagaming.com", true }, @@ -37310,6 +38051,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wordcounter.net", true }, { "wordher.com", true }, { "wordlessecho.com", true }, + { "wordpress-test.site", true }, { "wordpress.com", false }, { "wordsmart.it", true }, { "wordspy.com", true }, @@ -37329,13 +38071,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "workoptions.com", true }, { "workplaces.online", true }, { "workraw.com", true }, + { "workray.com", true }, { "works-ginan.jp", true }, { "workshopszwolle.nl", true }, { "workshopzwolle.com", true }, { "worksitevr.com", true }, { "world-in-my-eyes.com", true }, + { "world-lolo.com", true }, { "worldcareers.dk", true }, - { "worldchess.london", true }, { "worldcigars.com.br", true }, { "worldcrafts.org", true }, { "worldcubeassociation.org", true }, @@ -37362,12 +38105,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wot-tudasbazis.hu", true }, { "wotra-register.com", true }, { "woudenberg.nl", true }, + { "woudenbergsedrukkerij.nl", true }, { "woufbox.com", true }, { "woutergeraedts.nl", true }, { "wouterslop.com", true }, { "wouterslop.eu", true }, { "wouterslop.nl", true }, - { "wow-foederation.de", true }, { "wow-screenshots.net", true }, { "wow202y5.com", true }, { "wowaffixes.info", true }, @@ -37389,6 +38132,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wpac.de", true }, { "wpandup.org", true }, { "wpcanban.com", true }, + { "wpcdn.bid", true }, { "wpcharged.nz", true }, { "wpdirecto.com", true }, { "wpdublin.com", true }, @@ -37420,6 +38164,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wq.ro", true }, { "wr.su", true }, { "wrara.org", true }, + { "wrathofgeek.com", true }, { "wrc-results.com", true }, { "wrdcfiles.ca", true }, { "wrdx.io", true }, @@ -37439,7 +38184,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "writepride.com", true }, { "writepro.net", true }, { "writereditor.com", true }, - { "writing-expert.com", true }, { "writing-job-online.com", true }, { "writingcities.net", true }, { "writingtoserve.net", true }, @@ -37482,7 +38226,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wug.news", true }, { "wuifan.com", true }, { "wuji.cz", true }, - { "wumai.cloud", true }, + { "wumai-p.cn", true }, { "wumbo.cf", true }, { "wumbo.co.nz", true }, { "wumbo.ga", true }, @@ -37510,15 +38254,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wweforums.net", true }, { "wweichen.com.cn", true }, { "wwgc2011.se", true }, + { "wwjd.dynu.net", true }, { "wwv-8522.com", true }, { "wwv-8722.com", true }, { "www-33445.com", true }, { "www-49889.com", true }, + { "www-66136.com", true }, + { "www-7570.com", true }, + { "www-80036.com", true }, { "www-8522.am", true }, { "www-8522.com", true }, { "www-86499.com", true }, { "www-8722.com", true }, + { "www-9649.com", true }, { "www-9822.com", true }, + { "www-pj009.com", true }, { "www.aclu.org", false }, { "www.airbnb.com", true }, { "www.amazon.cn", true }, @@ -37567,6 +38317,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "www.rememberthemilk.com", true }, { "www.sb", true }, { "www.simple.com", false }, + { "www.techrepublic.com", true }, { "www.theguardian.com", true }, { "www.therapynotes.com", true }, { "www.tinfoilsecurity.com", false }, @@ -37578,19 +38329,24 @@ static const nsSTSPreload kSTSPreloadList[] = { { "www.vino75.com", false }, { "www.wepay.com", false }, { "www.wordpress.com", false }, + { "www.zdnet.com", true }, { "www68277.com", true }, { "wxcafe.net", true }, + { "wxdisco.com", true }, + { "wxforums.com", true }, { "wxh.jp", true }, { "wxster.com", true }, - { "wxyz.buzz", true }, { "wyam.io", true }, { "wybar.uk", true }, + { "wycrow.com", true }, { "wyday.com", true }, { "wygibanki.pl", true }, { "wygodnie.pl", true }, + { "wylog.ph", true }, { "wynterhill.co.uk", true }, { "wyo.cam", true }, { "wypemagazine.se", true }, + { "wyrickstaxidermy.com", true }, { "wyrihaximus.net", true }, { "wyrimaps.net", true }, { "wyssmuller.ch", true }, @@ -37598,7 +38354,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wzfou.com", true }, { "wzrd.in", true }, { "wzyboy.org", true }, - { "x-iweb.ru", true }, { "x-lan.be", true }, { "x-one.co.jp", true }, { "x.io", true }, @@ -37606,15 +38361,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "x0r.be", true }, { "x13.com", true }, { "x1616.tk", true }, - { "x1be.win", true }, { "x2d2.de", true }, { "x378.ch", true }, { "x509.io", true }, - { "x69.biz", true }, - { "x69x.net", true }, + { "x64architecture.com", true }, { "x7plus.com", true }, { "xa.search.yahoo.com", false }, + { "xa1.uk", true }, { "xanadu-taxi.cz", true }, + { "xanax.pro", false }, { "xants.de", true }, { "xatr0z.org", false }, { "xavier.is", true }, @@ -37632,19 +38387,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xbtce.com", true }, { "xbtmusic.org", false }, { "xcentricmold.com", true }, + { "xcler8.com", true }, { "xclirion-support.de", true }, { "xcorpsolutions.com", true }, { "xcvb.xyz", true }, { "xd.cm", true }, - { "xd.fi", true }, { "xdavidhu.me", true }, { "xdawn.cn", true }, { "xdeftor.com", true }, - { "xecure.zone", true }, - { "xecureit.com", true }, + { "xdos.io", true }, { "xeedbeam.me", true }, { "xega.org", true }, { "xehost.com", true }, + { "xeiropraktiki.gr", true }, { "xelesante.jp", true }, { "xendo.net", true }, { "xenomedia.nl", true }, @@ -37656,6 +38411,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xentox.com", true }, { "xerblade.com", true }, { "xerhost.de", true }, + { "xerownia.eu", true }, { "xetown.com", true }, { "xf-liam.com", true }, { "xfce.space", true }, @@ -37681,6 +38437,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xiaofengsky.com", true }, { "xiaoguo.net", false }, { "xiaolanglang.net", true }, + { "xiaolong.link", true }, + { "xiaomao.tk", true }, { "xiaomi.eu", true }, { "xiaoniaoyou.com", true }, { "xiaoyu.net", true }, @@ -37693,14 +38451,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xif.at", true }, { "xight.org", true }, { "xilef.org", true }, - { "xilegames.com", true }, { "xilkoi.net", true }, { "xilou.org", true }, { "ximbo.net", true }, { "xin-in.com", true }, { "xin-in.net", true }, - { "xinex.cz", true }, { "xing-in.net", true }, + { "xinj.com", true }, { "xinnixdeuren-shop.be", true }, { "xinuspeed.com", true }, { "xinuspeedtest.com", true }, @@ -37708,8 +38465,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xiongx.cn", true }, { "xj8876.com", true }, { "xjd.vision", true }, + { "xjf6.com", true }, { "xjjeeps.com", true }, - { "xjoin.de", true }, { "xjpvictor.info", true }, { "xkblog.xyz", true }, { "xkcd.pw", true }, @@ -37738,7 +38495,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xn--0kq33cz5c8wmwrqqw1d.com", true }, { "xn--24-6kch4bfqee.xn--p1ai", true }, { "xn--24-glcia8dc.xn--p1ai", true }, - { "xn--3lqp21gwna.cn", true }, + { "xn--48jwg508p.net", true }, + { "xn--4kro7fswi.xn--6qq986b3xl", true }, { "xn--4pv80kkz8auzf.jp", true }, { "xn--5dbkjqb0d.com", true }, { "xn--5dbkjqb0d.net", true }, @@ -37747,10 +38505,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xn--79q87uvkclvgd56ahq5a.net", true }, { "xn--7ca.co", true }, { "xn--7xa.google.com", true }, - { "xn--80aaagmgvmvmcuoq7r.xn--p1ai", true }, { "xn--80adb4aeode.xn--p1ai", true }, + { "xn--80adbevek3air0ee9b8d.com", true }, { "xn--80aejljbfwxn.xn--p1ai", true }, - { "xn--80anogxed.xn--p1ai", true }, { "xn--80azelb.xn--p1ai", true }, { "xn--8dry00a7se89ay98epsgxxq.com", true }, { "xn--90accgba6bldkcbb7a.xn--p1acf", true }, @@ -37779,11 +38536,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xn--e1aoahhqgn.xn--p1ai", true }, { "xn--ecki0cd0bu9a4nsjb.com", true }, { "xn--eckle6c0exa0b0modc7054g7h8ajw6f.com", true }, + { "xn--ehq13kgw4e.ml", true }, { "xn--elsignificadodesoar-c4b.com", true }, { "xn--erklderbarenben-slbh.dk", true }, { "xn--f9jh4f4b4993b66s.tokyo", true }, { "xn--familie-pppinghaus-l3b.de", true }, { "xn--feuerlscher-arten-4zb.de", true }, + { "xn--fiqwix98h.jp", true }, { "xn--fischereiverein-mnsterhausen-i7c.de", true }, { "xn--fp8h58f.ws", true }, { "xn--frankierknig-djb.de", true }, @@ -37801,7 +38560,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xn--jp8hx8f.ws", true }, { "xn--kckd0bd4a8tp27yee2e.com", true }, { "xn--kda.tk", true }, + { "xn--keditr-0xa.biz", true }, + { "xn--klmek-0sa.com", true }, { "xn--knstler-n2a.tips", false }, + { "xn--krpto-lva.de", true }, { "xn--ktha-kamrater-pfba.se", true }, { "xn--lckwg.net", true }, { "xn--love-un4c7e0d4a.com", true }, @@ -37811,7 +38573,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xn--martnvillalba-zib.com", true }, { "xn--martnvillalba-zib.net", true }, { "xn--mein-kchenhelfer-ozb.de", true }, - { "xn--mensenges-o1a8c.gq", true }, { "xn--mensengesss-t8a.gq", true }, { "xn--mentaltraining-fr-musiker-uwc.ch", true }, { "xn--mgbbh2a9fub.xn--ngbc5azd", false }, @@ -37827,16 +38588,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xn--nf1a578axkh.xn--fiqs8s", true }, { "xn--nrrdetval-v2ab.se", true }, { "xn--o38h.tk", true }, + { "xn--p8j9a0d9c9a.xn--q9jyb4c", true }, { "xn--pbt947am3ab71g.com", true }, { "xn--pe-bka.ee", true }, { "xn--pq1a637b.xn--6qq986b3xl", true }, { "xn--q9jb1h5dvcspke3218b9mn4p0c.com", true }, + { "xn--q9ji3c6d.xn--q9jyb4c", true }, { "xn--qckss0j.tk", true }, { "xn--qfun83b.ga", true }, { "xn--r8jzaf7977b09e.com", true }, { "xn--rdiger-kuhlmann-zvb.de", true }, { "xn--reisebro-herrsching-bbc.de", true }, - { "xn--rlcus7b3d.xn--xkc2dl3a5ee0h", true }, { "xn--roselire-60a.ch", true }, { "xn--roselire-60a.com", true }, { "xn--rt-cja.ie", true }, @@ -37876,19 +38638,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xnu.kr", true }, { "xo.tc", true }, { "xo7.ovh", true }, - { "xoda.pw", true }, { "xolphin.nl", true }, { "xombitgames.com", true }, { "xombitmusic.com", true }, { "xone.cz", true }, { "xonn.de", true }, - { "xotika.tv", true }, + { "xoonth.net", true }, { "xp2.de", true }, { "xpbytes.com", true }, { "xpd.se", true }, - { "xpenology-fr.net", true }, { "xperidia.com", true }, - { "xpj.bet", true }, { "xpjcunkuan.com", true }, { "xpletus.nl", true }, { "xplore-dna.net", true }, @@ -37896,23 +38655,26 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xposedornot.com", true }, { "xps2pdf.co.uk", true }, { "xps2pdf.info", true }, - { "xq55.com", true }, { "xqk7.com", true }, { "xr.cx", true }, + { "xrg.cz", true }, { "xrippedhd.com", true }, { "xrockx.de", true }, { "xroot.org", false }, { "xrwracing-france.com", true }, { "xs2a.no", true }, - { "xscancun.com", true }, { "xsec.me", true }, + { "xserownia.com.pl", true }, + { "xserownia.eu", true }, { "xserownia.net", true }, + { "xserownia.pl", true }, { "xsmobile.de", true }, { "xss.ht", true }, { "xss.sk", true }, { "xsz.jp", true }, { "xtarget.ru", true }, { "xtips.us", true }, + { "xtom.africa", true }, { "xtom.chat", true }, { "xtom.com", true }, { "xtom.com.hk", true }, @@ -37929,33 +38691,31 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xuan-li88.com", true }, { "xuan-li88.net", true }, { "xuanmeishe.net", true }, + { "xuanmeishe.top", true }, { "xubo666.com", true }, { "xuc.me", true }, { "xuedianshang.com", true }, - { "xujan.com", true }, { "xuming.studio", true }, { "xunn.io", true }, { "xuntier.ch", true }, { "xviimusic.com", true }, { "xvt-blog.tk", true }, { "xwaretech.info", true }, + { "xx0r.eu", true }, { "xxffo.com", true }, { "xxiz.com", true }, - { "xxx3dbdsm.com", true }, - { "xxxladyboysporn.com", true }, { "xxxlbox.com", true }, - { "xyfun.net", true }, + { "xyenon.bid", true }, + { "xyfun.net", false }, { "xyngular-health.com", true }, { "xywing.com", true }, { "xyyp.mn", true }, { "xyzulu.hosting", true }, { "xza.fr", true }, { "xzclip.cn", true }, - { "xzoneadventure.com", true }, { "xzy.es", true }, { "xzy.one", true }, { "y11n.net", true }, - { "yabrt.cn", true }, { "yabuisha.jp", true }, { "yachigoya.com", true }, { "yacineboumaza.fr", true }, @@ -37998,12 +38758,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yao-in.net", true }, { "yapbreak.fr", true }, { "yarcom.ru", false }, - { "yarogneva.ru", true }, { "yarravilletownhouses.com.au", true }, { "yaru.one", true }, { "yassine-ayari.com", true }, { "yatesun.com", true }, { "yatorie.net", true }, + { "yatstudios.com", true }, { "yatsuenpoon.com", true }, { "yaup.tk", true }, { "yawen.me", true }, @@ -38020,11 +38780,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ychon.com", true }, { "ychong.com", true }, { "yclan.net", true }, + { "ycnrg.org", true }, { "yd.io", true }, { "yeapdata.com", true }, { "yeesker.com", true }, { "yell.ml", true }, + { "yellowfly.co.uk", true }, { "yellowpages.ee", true }, + { "yellowtree.co.za", true }, { "yelon.hu", true }, { "yelp.at", true }, { "yelp.be", true }, @@ -38060,11 +38823,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yelp.se", true }, { "yemektarifleri.com", true }, { "yenibilgi.net", true }, - { "yennhi.co", true }, + { "yenpape.com", true }, { "yep-pro.ch", true }, { "yephy.com", true }, - { "yeshu.org", true }, { "yesiammaisey.me", true }, + { "yeswecan.co.bw", true }, { "yeswehack.com", true }, { "yetanalytics.io", true }, { "yetii.net", true }, @@ -38072,13 +38835,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yeu.io", true }, { "yex.nz", true }, { "yex.trade", true }, + { "yeyi.site", true }, { "yfengs.moe", true }, { "ygobbs.com", true }, - { "yh35.net", true }, { "yh599.cc", true }, { "yhaupenthal.org", true }, { "yhb.io", true }, { "yhe.me", true }, + { "yhfou.com", true }, { "yhndnzj.com", true }, { "yhong.me", true }, { "yhrd.org", true }, @@ -38087,6 +38851,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yiffy.tips", false }, { "yiffy.zone", false }, { "yigujin.cn", true }, + { "yiheng.moe", true }, { "yii2.cc", true }, { "yikeyong.com", true }, { "yimgo.fr", true }, @@ -38102,7 +38867,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yjsw.sh.cn", true }, { "yksityisyydensuoja.fi", true }, { "ylde.de", true }, - { "ylilauta.org", true }, { "ylinternal.com", true }, { "ymarion.de", true }, { "ymblaw.com", true }, @@ -38110,7 +38874,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ynnovasport.be", true }, { "yobai-grouprec.jp", true }, { "yobai28.com", true }, - { "yobbelwobbel.de", true }, + { "yobbelwobbel.de", false }, { "yobify.com", true }, { "yocchan1513.net", true }, { "yoga-alliance-teacher-training.com", true }, @@ -38121,6 +38885,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yoga-zentrum-narayani.de", true }, { "yogabhawnamission.com", true }, { "yogacentric.co.uk", true }, + { "yogahealsinc.org", true }, { "yogananda-roma.org", true }, { "yogaschoolrishikesh.com", true }, { "yoibyoin.info", true }, @@ -38129,7 +38894,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yokohama-legaloffice.jp", true }, { "yolo.jetzt", true }, { "yolobert.de", true }, - { "yoloboatrentals.com", false }, + { "yoloboatrentals.com", true }, { "yolops.net", true }, { "yombo.net", true }, { "yongbin.org", true }, @@ -38141,39 +38906,35 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yorcool.nl", true }, { "yorkshiredalesinflatables.co.uk", true }, { "yorkshireinflatables.co.uk", true }, - { "yorname.ml", true }, { "yosbeda.com", true }, { "yosemo.de", true }, { "yosheenetwork.fr", true }, { "yoshibaworks.com", true }, { "yoshitsugu.net", true }, { "yospos.org", true }, + { "yoticonnections.com", true }, { "yotilab.com", true }, { "yotta-zetta.com", true }, { "yotubaiotona.net", true }, { "you.com.br", true }, { "youareme.ca", true }, { "youc.ir", true }, - { "youcanmakeit.at", true }, { "youcruit.com", true }, - { "youdowell.com", true }, { "youdungoofd.com", true }, { "youftp.tk", true }, { "yougee.ml", true }, + { "yougot.pw", true }, { "youhacked.me", true }, { "youhavewords.com", true }, { "youhua.ru", true }, - { "youjizz.bz", true }, { "youkaryote.com", true }, { "youkaryote.org", true }, { "youked.com", true }, { "youkok2.com", true }, - { "youlend.com", true }, { "youlovehers.com", true }, { "youmonit.me", true }, { "youms.de", true }, { "young-sheldon.com", true }, - { "youngdogs.org", true }, { "youngfree.cn", true }, { "youngpeopleunited.co.uk", true }, { "youngsook.com", true }, @@ -38181,40 +38942,42 @@ static const nsSTSPreload kSTSPreloadList[] = { { "youpark.no", true }, { "your-erotic-stories.com", true }, { "your-out.com", true }, + { "youracnepro.com", true }, { "youran.me", true }, { "yourbonus.click", true }, { "yourciso.com", true }, + { "yourcomputer.expert", true }, { "yourcopywriter.it", true }, { "yourforex.org", true }, { "yourfriendlytech.com", true }, { "yourfuturestrategy.com.au", true }, { "yourgames.tv", true }, { "yourhair.net", true }, - { "yourname.xyz", true }, + { "yourmemorykeeper.co.uk", true }, { "yourneighborhub.com", true }, { "yourskin.nl", true }, { "yourticketbooking.com", true }, { "yousei.ne.jp", true }, { "yout.com", true }, { "youth.gov", true }, + { "youthovation.org", true }, { "youtous.me", true }, { "youtsuu-raku.com", true }, { "youtube.com", true }, { "youtubedownloader.com", true }, { "youtuberis.lt", true }, - { "youwatchporn.com", true }, + { "youyoulemon.com", true }, { "yoxall.me.uk", true }, { "yoyoost.duckdns.org", true }, { "ypart.eu", true }, { "ypid.de", true }, { "ypiresia.fr", false }, { "yplanapp.com", true }, - { "yqjf68.com", true }, { "yr166166.com", true }, + { "yrjanheikki.com", true }, { "ys-shop.biz", true }, - { "ysicing.net", true }, { "ysicorp.com", true }, - { "yslbeauty.com", true }, + { "yspeo.biz", true }, { "ysun.xyz", true }, { "ysx.me.uk", true }, { "ytb.zone", true }, @@ -38225,11 +38988,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ytpak.pk", true }, { "ytreza.fr", true }, { "ytuquelees.net", true }, + { "ytx588.com", true }, { "yu.gg", false }, { "yu.vc", true }, { "yuan.ga", true }, { "yuanben.io", true }, - { "yuanbenlian.com", true }, + { "yuanjiazhao.com", true }, { "yuanjiazhao.tk", true }, { "yubi.co", true }, { "yubicloud.io", true }, @@ -38286,10 +39050,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yubikeyservices.eu", true }, { "yubiking.com", true }, { "yue.la", true }, - { "yuema.net.cn", true }, + { "yugasun.com", true }, { "yuka.one", true }, { "yukari.cafe", true }, + { "yukari.cloud", true }, { "yuki-nagato.com", true }, + { "yuki-portfolio.com", true }, { "yuki.xyz", true }, { "yukimochi.com", true }, { "yukimochi.io", true }, @@ -38298,8 +39064,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yukonlip.com", true }, { "yukontec.com", true }, { "yumeconcert.com", true }, - { "yumli.net", true }, - { "yummylooks.com", true }, { "yunity.org", true }, { "yunjishou.pro", true }, { "yunzhu.li", true }, @@ -38310,13 +39074,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yurisviridov.com", true }, { "yusa.me", true }, { "yushi.moe", true }, + { "yusu.org", true }, { "yutakato.net", true }, + { "yutang.vn", true }, { "yutangyun.com", true }, + { "yutaron.tokyo", true }, { "yutuo.net", true }, { "yuwei.org", true }, { "yuweiyang.xyz", true }, { "yuxingxin.com", true }, { "yuxuan.org", true }, + { "yuyo.com", true }, { "yuyu.io", true }, { "yuzei.tk", true }, { "yveshield.com", true }, @@ -38331,17 +39099,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yya.me", true }, { "yya.men", true }, { "yyc.city", true }, + { "yyrss.com", false }, { "yyyy.xyz", true }, { "yzal.io", true }, + { "yzcloud.me", true }, { "yzer.club", true }, { "yzimroni.net", true }, { "z-konzept-nutrition.ru", true }, { "z-latko.info", true }, + { "z-to-a.com", true }, { "z-vector.com", true }, { "z.ai", true }, { "z1h.de", true }, - { "z33.ch", true }, - { "z33.co", true }, { "z4k.de", true }, { "z99944x.xyz", true }, { "za.search.yahoo.com", false }, @@ -38353,15 +39122,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zacadam.com", true }, { "zacarias.com.ar", true }, { "zacavi.com.br", true }, + { "zacchaeus.co.uk", true }, { "zach.codes", true }, { "zacharopoulos.eu", true }, { "zacharopoulos.org", false }, { "zacharydubois.me", true }, { "zacharyschneider.com", true }, + { "zacharyseguin.ca", true }, { "zachaysan.com", true }, { "zachborboa.com", true }, - { "zachgibbens.org", true }, - { "zachpeters.org", true }, { "zachschneider.ca", true }, { "zaclys.com", false }, { "zadroweb.com", true }, @@ -38370,10 +39139,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zahe.me", true }, { "zahnaerzte-bohne.de", true }, { "zahnarzt-duempten.de", true }, - { "zahnarzt-hofer.de", true }, { "zahnarzt-kramer.ch", true }, - { "zahnarzt-muenich.de", true }, { "zajazd.biz", true }, + { "zakariya.blog", true }, { "zakcutner.uk", true }, { "zakladam.cz", true }, { "zakmccrac.de", true }, @@ -38382,6 +39150,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zakspartiesandevents.com", true }, { "zalamea.ph", true }, { "zaloghaz.ro", true }, + { "zalvus.com", true }, { "zamalektoday.com", true }, { "zamocosmeticos.com.br", true }, { "zamow.co", true }, @@ -38390,8 +39159,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zanellidesigns.co.uk", true }, { "zanthra.com", true }, { "zanzabar.it", true }, - { "zapatoshechoamano.pe", true }, { "zapier.com", true }, + { "zapmaster14.com", true }, { "zappbuildapps.com", false }, { "zappos.com", true }, { "zaptan.info", false }, @@ -38413,16 +39182,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zberger.com", true }, { "zbetcheck.in", true }, { "zbrane-doplnky.cz", true }, + { "zbut.bg", true }, { "zbyga.cz", true }, { "zbyte.it", true }, { "zcarot.com", true }, { "zcarrot.com", true }, { "zcgram.com", true }, { "zcon.nl", true }, + { "zcore.org", true }, { "zcr.ca", true }, { "zdbl.de", true }, { "zdenekspacek.cz", true }, { "zdorovayasimya.com", true }, + { "zdrave-konzultace.cz", true }, + { "zdravekonzultace.cz", true }, { "zdravesteny.cz", true }, { "zdrojak.cz", true }, { "ze3kr.com", true }, @@ -38430,7 +39203,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zealworks.jp", true }, { "zebbra.ro", true }, { "zebedeescastles.co.uk", true }, - { "zebibyte.cn", true }, { "zebulon.fr", true }, { "zeds-official.com", true }, { "zeebrieshoekvanholland.nl", true }, @@ -38450,33 +39222,37 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zemlova.cz", true }, { "zen-diez.de", true }, { "zen-ume.com", true }, + { "zena.cx", false }, { "zenchain.com", true }, { "zenevents.ro", true }, { "zenfusion.fr", true }, - { "zengdong.ren", true }, { "zenics.co.uk", true }, { "zenithmedia.ca", true }, { "zenk-security.com", true }, { "zenlogic.com", true }, { "zenmate.com.tr", true }, + { "zennzimie.be", true }, + { "zennzimie.com", true }, { "zenofa.co.id", true }, { "zentask.io", true }, - { "zentiweb.nl", true }, + { "zenti.cloud", true }, { "zenvideocloud.com", true }, + { "zeparadox.com", true }, { "zephyrbk.com", true }, { "zephyrbookkeeping.com", true }, + { "zephyretcoraline.com", true }, { "zeplin.io", true }, { "zer0-day.pw", true }, { "zer0.de", false }, { "zerg.uk", true }, { "zerobounce.net", true }, { "zerofy.de", true }, - { "zerolab.org", true }, { "zeronet.io", true }, { "zeropoint.bg", true }, { "zeropush.com", true }, { "zeroseteatacado.com.br", true }, { "zerossl.com", true }, + { "zerotoone.de", true }, { "zertif.info", true }, { "zertitude.com", true }, { "zeryn.net", true }, @@ -38484,21 +39260,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zestylemon.co.uk", true }, { "zetamode.com", true }, { "zetorzeszow.pl", false }, - { "zetrov.pl", true }, { "zettaplan.ru", true }, { "zettlmeissl.de", true }, { "zevelev.net", true }, { "zfast.com.br", true }, { "zfg.li", true }, { "zfly.me", true }, - { "zfo.gg", true }, { "zfree.co.nz", true }, { "zg-dyw.net", true }, { "zgrep.org", true }, { "zh.search.yahoo.com", false }, { "zhang-hao.com", true }, { "zhang.nz", true }, - { "zhangcheng.org", true }, { "zhangfangzhou.com", true }, { "zhangge.net", true }, { "zhanghao.me", true }, @@ -38511,21 +39284,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zhcexo.com", true }, { "zhen-chen.com", true }, { "zhengjie.com", true }, + { "zhenyan.org", true }, + { "zhi.ci", true }, { "zhiku8.com", true }, { "zhima.io", true }, { "zhitanska.com", true }, { "zhiwei.me", true }, { "zhl123.com", true }, - { "zhome.info", true }, + { "zhongzicili.ws", true }, { "zhoushuo.me", true }, { "zhoutiancai.cn", true }, { "zhovner.com", true }, { "zhthings.com", true }, { "zhuihoude.com", true }, - { "zhuji.com", true }, - { "zhuji.com.cn", true }, - { "zhuji5.com", true }, - { "zhuweiyou.com", true }, { "zi.is", true }, { "ziegler-family.com", true }, { "ziegler-heizung-frankfurt.de", true }, @@ -38537,7 +39308,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zigottos.fr", true }, { "zigzagmart.com", true }, { "zihao.me", false }, - { "zii.bz", true }, { "zijung.me", true }, { "zikinf.com", true }, { "ziktime.com", true }, @@ -38554,11 +39324,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zinniamay.com", true }, { "zinoui.com", true }, { "ziondrive.com.br", true }, + { "zionsvillelocksmiths.com", true }, { "zip.ch", true }, { "zipkey.de", true }, { "ziptie.com", true }, { "zircode.com", true }, { "ziroh.be", true }, + { "zirtek.ie", true }, { "zirtual.com", true }, { "zitrone44.de", true }, { "zitseng.com", true }, @@ -38567,10 +39339,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zivmergers.com", true }, { "zivyruzenec.cz", false }, { "zixiao.wang", true }, - { "zixo.sk", true }, - { "ziz.exchange", true }, + { "zjv.me", true }, { "zk.gd", true }, { "zk9.nl", true }, + { "zkontrolujsiauto.cz", true }, { "zkrypt.cc", true }, { "zkzone.net", true }, { "zlatakus.cz", true }, @@ -38578,7 +39350,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zlaty-tyden.cz", true }, { "zlatytyden.cz", true }, { "zlavomat.sk", true }, - { "zlc1994.com", true }, { "zlima12.com", true }, { "zlypi.com", true }, { "zmala.com", true }, @@ -38594,6 +39365,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zmartagroup.se", true }, { "znation.nl", true }, { "zny.pw", true }, + { "zoarcampsite.uk", true }, { "zobraz.cz", true }, { "zobworks.com", true }, { "zoccarato.ovh", true }, @@ -38606,23 +39378,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zoigl.club", true }, { "zojadravai.com", true }, { "zoki.art", true }, + { "zollihood.ch", true }, { "zolokar.xyz", true }, - { "zombiesecured.com", true }, { "zomerschoen.nl", true }, { "zonadigital.co", true }, { "zone-produkte.de", false }, { "zone39.com", true }, - { "zone403.net", true }, { "zonecb.com", true }, { "zonehomesolutions.com", true }, { "zonemaster.fr", true }, { "zonemaster.net", true }, + { "zonesec.org", true }, { "zonewatcher.com", true }, { "zonglovani.info", true }, { "zonky.cz", true }, { "zonkysetkani.cz", true }, - { "zoo.city", false }, - { "zoofit.com.au", true }, { "zooish.net", true }, { "zook.systems", true }, { "zoola.io", true }, @@ -38637,7 +39407,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zootime.net", true }, { "zootime.org", true }, { "zoowiki.us", true }, - { "zooxdata.com", true }, { "zopy.com.br", true }, { "zopyx.com", true }, { "zor.com", true }, @@ -38647,10 +39416,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zorium.org", true }, { "zorki.nl", true }, { "zorntt.fr", true }, + { "zotero.org", true }, { "zouk.info", true }, { "zouyaoji.top", true }, + { "zozo.com", true }, { "zozzle.co.uk", true }, - { "zqwqz.com", true }, { "zravypapir.cz", true }, { "zrhdwz.cn", true }, { "zrkr.de", true }, @@ -38667,7 +39437,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zsrbcs.com", true }, { "zten.org", true }, { "ztjuh.tk", true }, - { "zuan-in.com", true }, { "zuan-in.net", true }, { "zubel.it", false }, { "zubora.co", true }, @@ -38682,6 +39451,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zula.africa", true }, { "zulu.ro", true }, { "zum-baur.de", true }, + { "zumazar.ru", true }, { "zund-app.com", true }, { "zundapp529.nl", true }, { "zundappachterhoek.nl", true }, @@ -38706,8 +39476,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zwollemag.nl", true }, { "zwollemagazine.nl", true }, { "zwy.ch", true }, - { "zx1168.com", true }, - { "zx2268.com", true }, { "zx6rninja.de", true }, { "zx7r.de", true }, { "zxavier.com", true }, @@ -38726,5 +39494,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zyul.ddns.net", true }, { "zyzardx.com", true }, { "zzekj.net", true }, + { "zzpd.nl", false }, { "zzsec.org", true }, }; diff --git a/security/manager/ssl/tests/unit/test_weak_crypto.js b/security/manager/ssl/tests/unit/test_weak_crypto.js index effedf8e3a..3367e90677 100644 --- a/security/manager/ssl/tests/unit/test_weak_crypto.js +++ b/security/manager/ssl/tests/unit/test_weak_crypto.js @@ -77,7 +77,6 @@ function startServer(cert, rc4only) { onStopListening: function() {} }; - tlsServer.setSessionCache(false); tlsServer.setSessionTickets(false); tlsServer.setRequestClientCertificate(Ci.nsITLSServerSocket.REQUEST_NEVER); if (rc4only) { diff --git a/security/nss/TAG-INFO b/security/nss/TAG-INFO index 1d96321b3c..a004fa449d 100644 --- a/security/nss/TAG-INFO +++ b/security/nss/TAG-INFO @@ -1 +1 @@ -NSS_3_36_4_RTM +NSS_3_38_RTM diff --git a/security/nss/automation/abi-check/expected-report-libnssutil3.so.txt b/security/nss/automation/abi-check/expected-report-libnssutil3.so.txt index e69de29bb2..efc7d6d677 100644 --- a/security/nss/automation/abi-check/expected-report-libnssutil3.so.txt +++ b/security/nss/automation/abi-check/expected-report-libnssutil3.so.txt @@ -0,0 +1,4 @@ + +1 Added function: + + 'function SECStatus SECITEM_MakeItem(PLArenaPool*, SECItem*, unsigned char*, unsigned int)' {SECITEM_MakeItem@@NSSUTIL_3.38} diff --git a/security/nss/automation/abi-check/expected-report-libssl3.so.txt b/security/nss/automation/abi-check/expected-report-libssl3.so.txt index ad818d0aaa..e69de29bb2 100644 --- a/security/nss/automation/abi-check/expected-report-libssl3.so.txt +++ b/security/nss/automation/abi-check/expected-report-libssl3.so.txt @@ -1,28 +0,0 @@ - -1 function with some indirect sub-type change: - - [C]'function SECStatus SSL_GetChannelInfo(PRFileDesc*, SSLChannelInfo*, PRUintn)' at sslinfo.c:12:1 has some indirect sub-type changes: - parameter 2 of type 'SSLChannelInfo*' has sub-type changes: - in pointed to type 'typedef SSLChannelInfo' at sslt.h:318:1: - underlying type 'struct SSLChannelInfoStr' at sslt.h:251:1 changed: - type size hasn't changed - 1 data member change: - type of 'SSLSignatureScheme SSLChannelInfoStr::signatureScheme' changed: - underlying type 'enum __anonymous_enum__' at sslt.h:115:1 changed: - type size hasn't changed - 3 enumerator deletions: - '__anonymous_enum__::ssl_sig_rsa_pss_sha256' value '2052' - '__anonymous_enum__::ssl_sig_rsa_pss_sha384' value '2053' - '__anonymous_enum__::ssl_sig_rsa_pss_sha512' value '2054' - - 6 enumerator insertions: - '__anonymous_enum__::ssl_sig_rsa_pss_rsae_sha256' value '2052' - '__anonymous_enum__::ssl_sig_rsa_pss_rsae_sha384' value '2053' - '__anonymous_enum__::ssl_sig_rsa_pss_rsae_sha512' value '2054' - '__anonymous_enum__::ssl_sig_rsa_pss_pss_sha256' value '2057' - '__anonymous_enum__::ssl_sig_rsa_pss_pss_sha384' value '2058' - '__anonymous_enum__::ssl_sig_rsa_pss_pss_sha512' value '2059' - - - - diff --git a/security/nss/automation/abi-check/previous-nss-release b/security/nss/automation/abi-check/previous-nss-release index c213ca3f88..c52061e7e2 100644 --- a/security/nss/automation/abi-check/previous-nss-release +++ b/security/nss/automation/abi-check/previous-nss-release @@ -1 +1 @@ -NSS_3_35_BRANCH +NSS_3_37_BRANCH diff --git a/security/nss/automation/taskcluster/docker-hacl/Dockerfile b/security/nss/automation/taskcluster/docker-hacl/Dockerfile index 63f9a24e25..50f2be239c 100644 --- a/security/nss/automation/taskcluster/docker-hacl/Dockerfile +++ b/security/nss/automation/taskcluster/docker-hacl/Dockerfile @@ -5,11 +5,11 @@ MAINTAINER Franziskus Kiefer <franziskuskiefer@gmail.com> # the original F* formula with Daniel Fabian # Pinned versions of HACL* (F* and KreMLin are pinned as submodules) -ENV haclrepo https://github.com/franziskuskiefer/hacl-star.git +ENV haclrepo https://github.com/mitls/hacl-star.git # Define versions of dependencies -ENV opamv 4.04.2 -ENV haclversion 668d6cf274c33bbe2e951e3a84b73f2b6442a51f +ENV opamv 4.05.0 +ENV haclversion 1da331f9ef30e13269e45ae73bbe4a4bca679ae6 # Install required packages and set versions ADD setup.sh /tmp/setup.sh diff --git a/security/nss/automation/taskcluster/docker-hacl/setup-user.sh b/security/nss/automation/taskcluster/docker-hacl/setup-user.sh index b8accaf584..e2c0b857bc 100644 --- a/security/nss/automation/taskcluster/docker-hacl/setup-user.sh +++ b/security/nss/automation/taskcluster/docker-hacl/setup-user.sh @@ -16,7 +16,6 @@ git -C hacl-star checkout ${haclversion} # This caches the extracted c code (pins the HACL* version). All we need to do # on CI now is comparing the code in this docker image with the one in NSS. opam config exec -- make -C hacl-star prepare -j$(nproc) -make -C hacl-star verify-nss -j$(nproc) make -C hacl-star -f Makefile.build snapshots/nss -j$(nproc) KOPTS="-funroll-loops 5" make -C hacl-star/code/curve25519 test -j$(nproc) make -C hacl-star/code/salsa-family test -j$(nproc) diff --git a/security/nss/automation/taskcluster/docker-saw/Dockerfile b/security/nss/automation/taskcluster/docker-saw/Dockerfile index a481ba0486..d677870109 100644 --- a/security/nss/automation/taskcluster/docker-saw/Dockerfile +++ b/security/nss/automation/taskcluster/docker-saw/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:latest +FROM ubuntu:16.04 MAINTAINER Tim Taubert <ttaubert@mozilla.com> RUN useradd -d /home/worker -s /bin/bash -m worker diff --git a/security/nss/automation/taskcluster/docker/Dockerfile b/security/nss/automation/taskcluster/docker/Dockerfile index 8a2256d12c..b3c2516baa 100644 --- a/security/nss/automation/taskcluster/docker/Dockerfile +++ b/security/nss/automation/taskcluster/docker/Dockerfile @@ -12,9 +12,6 @@ RUN chmod +x /home/worker/bin/* ADD setup.sh /tmp/setup.sh RUN bash /tmp/setup.sh -# Change user. -USER worker - # Env variables. ENV HOME /home/worker ENV SHELL /bin/bash diff --git a/security/nss/automation/taskcluster/graph/src/extend.js b/security/nss/automation/taskcluster/graph/src/extend.js index ee9ac9b742..5305325c52 100644 --- a/security/nss/automation/taskcluster/graph/src/extend.js +++ b/security/nss/automation/taskcluster/graph/src/extend.js @@ -995,13 +995,13 @@ async function scheduleTools() { })); queue.scheduleTask(merge(base, { - symbol: "scan-build-5.0", - name: "scan-build-5.0", - image: LINUX_IMAGE, + symbol: "scan-build", + name: "scan-build", + image: FUZZ_IMAGE, env: { USE_64: "1", - CC: "clang-5.0", - CCC: "clang++-5.0", + CC: "clang", + CCC: "clang++", }, artifacts: { public: { @@ -1092,5 +1092,17 @@ async function scheduleTools() { ] })); + queue.scheduleTask(merge(base, { + symbol: "Coverage", + name: "Coverage", + image: FUZZ_IMAGE, + features: ["allowPtrace"], + command: [ + "/bin/bash", + "-c", + "bin/checkout.sh && nss/automation/taskcluster/scripts/gen_coverage_report.sh" + ] + })); + return queue.submit(); } diff --git a/security/nss/automation/taskcluster/graph/src/try_syntax.js b/security/nss/automation/taskcluster/graph/src/try_syntax.js index 1c06dde133..214793bd5d 100644 --- a/security/nss/automation/taskcluster/graph/src/try_syntax.js +++ b/security/nss/automation/taskcluster/graph/src/try_syntax.js @@ -51,7 +51,7 @@ function parseOptions(opts) { } // Parse tools. - let allTools = ["clang-format", "scan-build", "hacl", "saw", "abi"]; + let allTools = ["clang-format", "scan-build", "hacl", "saw", "abi", "coverage"]; let tools = intersect(opts.tools.split(/\s*,\s*/), allTools); // If the given value is "all" run all tools. diff --git a/security/nss/automation/taskcluster/scripts/gen_coverage_report.sh b/security/nss/automation/taskcluster/scripts/gen_coverage_report.sh new file mode 100644 index 0000000000..3907c72e89 --- /dev/null +++ b/security/nss/automation/taskcluster/scripts/gen_coverage_report.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash + +source $(dirname "$0")/tools.sh + +# Clone NSPR. +hg_clone https://hg.mozilla.org/projects/nspr ./nspr default + +out=/home/worker/artifacts +mkdir -p $out + +# Generate coverage report. +cd nss && ./mach coverage --outdir=$out ssl_gtests diff --git a/security/nss/automation/taskcluster/scripts/run_hacl.sh b/security/nss/automation/taskcluster/scripts/run_hacl.sh index 281075eef4..6cbda49b4b 100644 --- a/security/nss/automation/taskcluster/scripts/run_hacl.sh +++ b/security/nss/automation/taskcluster/scripts/run_hacl.sh @@ -12,8 +12,8 @@ set -e -x -v # The extracted C code from HACL* is already generated and the HACL* tests were # successfully executed. -# Verify Poly1305 (doesn't work in docker image build) -make verify -C ~/hacl-star/code/poly1305 -j$(nproc) +# Verify HACL*. Taskcluster fails when we do this in the image build. +make -C hacl-star verify-nss -j$(nproc) # Add license header to specs spec_files=($(find ~/hacl-star/specs -type f -name '*.fst')) diff --git a/security/nss/automation/taskcluster/scripts/tools.sh b/security/nss/automation/taskcluster/scripts/tools.sh index 46d567e3a2..534cb32ce6 100644 --- a/security/nss/automation/taskcluster/scripts/tools.sh +++ b/security/nss/automation/taskcluster/scripts/tools.sh @@ -3,11 +3,16 @@ set -v -e -x if [[ $(id -u) -eq 0 ]]; then + # Stupid Docker. It works without sometimes... But not always. + echo "127.0.0.1 localhost.localdomain" >> /etc/hosts + # Drop privileges by re-running this script. # Note: this mangles arguments, better to avoid running scripts as root. exec su worker -c "$0 $*" fi +export PATH="${PATH}:/home/worker/.cargo/bin/:/usr/lib/go-1.6/bin" + # Usage: hg_clone repo dir [revision=@] hg_clone() { repo=$1 diff --git a/security/nss/cmd/bltest/blapitest.c b/security/nss/cmd/bltest/blapitest.c index ca3d6f3144..ef8fdd8021 100644 --- a/security/nss/cmd/bltest/blapitest.c +++ b/security/nss/cmd/bltest/blapitest.c @@ -3724,7 +3724,7 @@ main(int argc, char **argv) /* test the RSA_PopulatePrivateKey function */ if (bltest.commands[cmd_RSAPopulate].activated) { unsigned int keySize = 1024; - unsigned long exponent = 65537; + unsigned long keyExponent = 65537; int rounds = 1; int ret = -1; @@ -3735,12 +3735,12 @@ main(int argc, char **argv) rounds = PORT_Atoi(bltest.options[opt_Rounds].arg); } if (bltest.options[opt_Exponent].activated) { - exponent = PORT_Atoi(bltest.options[opt_Exponent].arg); + keyExponent = PORT_Atoi(bltest.options[opt_Exponent].arg); } for (i = 0; i < rounds; i++) { printf("Running RSA Populate test round %d\n", i); - ret = doRSAPopulateTest(keySize, exponent); + ret = doRSAPopulateTest(keySize, keyExponent); if (ret != 0) { break; } diff --git a/security/nss/cmd/certutil/certutil.c b/security/nss/cmd/certutil/certutil.c index 20722ae782..dbb93c9220 100644 --- a/security/nss/cmd/certutil/certutil.c +++ b/security/nss/cmd/certutil/certutil.c @@ -36,9 +36,11 @@ #include "certdb.h" #include "nss.h" #include "certutil.h" +#include "basicutil.h" +#include "ssl.h" #define MIN_KEY_BITS 512 -/* MAX_KEY_BITS should agree with MAX_RSA_MODULUS in freebl */ +/* MAX_KEY_BITS should agree with RSA_MAX_MODULUS_BITS in freebl */ #define MAX_KEY_BITS 8192 #define DEFAULT_KEY_BITS 2048 @@ -447,7 +449,8 @@ ChangeTrustAttributes(CERTCertDBHandle *handle, PK11SlotInfo *slot, } static SECStatus -DumpChain(CERTCertDBHandle *handle, char *name, PRBool ascii) +DumpChain(CERTCertDBHandle *handle, char *name, PRBool ascii, + PRBool simpleSelfSigned) { CERTCertificate *the_cert; CERTCertificateList *chain; @@ -458,6 +461,14 @@ DumpChain(CERTCertDBHandle *handle, char *name, PRBool ascii) SECU_PrintError(progName, "Could not find: %s\n", name); return SECFailure; } + if (simpleSelfSigned && + SECEqual == SECITEM_CompareItem(&the_cert->derIssuer, + &the_cert->derSubject)) { + printf("\"%s\" [%s]\n\n", the_cert->nickname, the_cert->subjectName); + CERT_DestroyCertificate(the_cert); + return SECSuccess; + } + chain = CERT_CertChainFromCert(the_cert, 0, PR_TRUE); CERT_DestroyCertificate(the_cert); if (!chain) { @@ -782,17 +793,17 @@ ValidateCert(CERTCertDBHandle *handle, char *name, char *date, fprintf(stdout, "%s: certificate is valid\n", progName); GEN_BREAK(SECSuccess) } else { - char *name; + char *nick; CERTVerifyLogNode *node; node = log->head; while (node) { if (node->cert->nickname != NULL) { - name = node->cert->nickname; + nick = node->cert->nickname; } else { - name = node->cert->subjectName; + nick = node->cert->subjectName; } - fprintf(stderr, "%s : %s\n", name, + fprintf(stderr, "%s : %s\n", nick, SECU_Strerror(node->error)); CERT_DestroyCertificate(node->cert); node = node->next; @@ -845,7 +856,7 @@ SECItemToHex(const SECItem *item, char *dst) } static const char *const keyTypeName[] = { - "null", "rsa", "dsa", "fortezza", "dh", "kea", "ec" + "null", "rsa", "dsa", "fortezza", "dh", "kea", "ec", "rsaPss" }; #define MAX_CKA_ID_BIN_LEN 20 @@ -999,7 +1010,7 @@ DeleteKey(char *nickname, secuPWData *pwdata) slot = PK11_GetInternalKeySlot(); if (PK11_NeedLogin(slot)) { - SECStatus rv = PK11_Authenticate(slot, PR_TRUE, pwdata); + rv = PK11_Authenticate(slot, PR_TRUE, pwdata); if (rv != SECSuccess) { SECU_PrintError(progName, "could not authenticate to token %s.", PK11_GetTokenName(slot)); @@ -1066,7 +1077,7 @@ PrintBuildFlags() } static void -PrintSyntax(char *progName) +PrintSyntax() { #define FPS fprintf(stderr, FPS "Type %s -H for more detailed descriptions\n", progName); @@ -1115,7 +1126,9 @@ PrintSyntax(char *progName) FPS "\t%s --build-flags\n", progName); FPS "\t%s -M -n cert-name -t trustargs [-d certdir] [-P dbprefix]\n", progName); - FPS "\t%s -O -n cert-name [-X] [-d certdir] [-a] [-P dbprefix]\n", progName); + FPS "\t%s -O -n cert-name [-X] [-d certdir] [-a] [-P dbprefix]\n" + "\t\t [--simple-self-signed]\n", + progName); FPS "\t%s -R -s subj -o cert-request-file [-d certdir] [-P dbprefix] [-p phone] [-a]\n" "\t\t [-7 emailAddrs] [-k key-type-or-id] [-h token-name] [-f pwfile]\n" "\t\t [-g key-size] [-Z hashAlg]\n", @@ -1542,6 +1555,8 @@ luO(enum usage_level ul, const char *command) " -P dbprefix"); FPS "%-20s force the database to open R/W\n", " -X"); + FPS "%-20s don't search for a chain if issuer name equals subject name\n", + " --simple-self-signed"); FPS "\n"); } @@ -1560,7 +1575,7 @@ luR(enum usage_level ul, const char *command) " -o output-req"); FPS "%-20s Type of key pair to generate (\"dsa\", \"ec\", \"rsa\" (default))\n", " -k key-type-or-id"); - FPS "%-20s or nickname of the cert key to use \n", + FPS "%-20s or nickname of the cert key to use, or key id obtained using -K\n", ""); FPS "%-20s Name of token in which to generate key (default is internal)\n", " -h token-name"); @@ -1838,7 +1853,7 @@ luBuildFlags(enum usage_level ul, const char *command) } static void -LongUsage(char *progName, enum usage_level ul, const char *command) +LongUsage(enum usage_level ul, const char *command) { luA(ul, command); luB(ul, command); @@ -1866,14 +1881,14 @@ LongUsage(char *progName, enum usage_level ul, const char *command) } static void -Usage(char *progName) +Usage() { PR_fprintf(PR_STDERR, "%s - Utility to manipulate NSS certificate databases\n\n" "Usage: %s <command> -d <database-directory> <options>\n\n" "Valid commands:\n", progName, progName); - LongUsage(progName, usage_selected, NULL); + LongUsage(usage_selected, NULL); PR_fprintf(PR_STDERR, "\n" "%s -H <command> : Print available options for the given command\n" "%s -H : Print complete help output of all commands and options\n" @@ -2269,10 +2284,10 @@ flagArray opFlagsArray[] = { NAME_SIZE(verify_recover), CKF_VERIFY_RECOVER }, { NAME_SIZE(wrap), CKF_WRAP }, { NAME_SIZE(unwrap), CKF_UNWRAP }, - { NAME_SIZE(derive), CKF_DERIVE }, + { NAME_SIZE(derive), CKF_DERIVE } }; -int opFlagsCount = sizeof(opFlagsArray) / sizeof(flagArray); +int opFlagsCount = PR_ARRAY_SIZE(opFlagsArray); flagArray attrFlagsArray[] = { @@ -2286,14 +2301,13 @@ flagArray attrFlagsArray[] = { NAME_SIZE(insensitive), PK11_ATTR_INSENSITIVE }, { NAME_SIZE(extractable), PK11_ATTR_EXTRACTABLE }, { NAME_SIZE(unextractable), PK11_ATTR_UNEXTRACTABLE } - }; -int attrFlagsCount = sizeof(attrFlagsArray) / sizeof(flagArray); +int attrFlagsCount = PR_ARRAY_SIZE(attrFlagsArray); #define MAX_STRING 30 CK_ULONG -GetFlags(char *flagsString, flagArray *flagArray, int count) +GetFlags(char *flagsString, flagArray *flags, int count) { CK_ULONG flagsValue = strtol(flagsString, NULL, 0); int i; @@ -2303,10 +2317,10 @@ GetFlags(char *flagsString, flagArray *flagArray, int count) } while (*flagsString) { for (i = 0; i < count; i++) { - if (strncmp(flagsString, flagArray[i].name, flagArray[i].nameSize) == + if (strncmp(flagsString, flags[i].name, flags[i].nameSize) == 0) { - flagsValue |= flagArray[i].value; - flagsString += flagArray[i].nameSize; + flagsValue |= flags[i].value; + flagsString += flags[i].nameSize; if (*flagsString != 0) { flagsString++; } @@ -2499,6 +2513,7 @@ enum certutilOpts { opt_NewNickname, opt_Pss, opt_PssSign, + opt_SimpleSelfSigned, opt_Help }; @@ -2623,6 +2638,8 @@ static const secuCommandFlag options_init[] = "pss" }, { /* opt_PssSign */ 0, PR_FALSE, 0, PR_FALSE, "pss-sign" }, + { /* opt_SimpleSelfSigned */ 0, PR_FALSE, 0, PR_FALSE, + "simple-self-signed" }, }; #define NUM_OPTIONS ((sizeof options_init) / (sizeof options_init[0])) @@ -2691,14 +2708,13 @@ certutil_main(int argc, char **argv, PRBool initialize) rv = SECU_ParseCommandLine(argc, argv, progName, &certutil); if (rv != SECSuccess) - Usage(progName); + Usage(); if (certutil.commands[cmd_PrintSyntax].activated) { - PrintSyntax(progName); + PrintSyntax(); } if (certutil.commands[cmd_PrintHelp].activated) { - int i; char buf[2]; const char *command = NULL; for (i = 0; i < max_cmd; i++) { @@ -2715,7 +2731,7 @@ certutil_main(int argc, char **argv, PRBool initialize) break; } } - LongUsage(progName, (command ? usage_selected : usage_all), command); + LongUsage((command ? usage_selected : usage_all), command); exit(1); } @@ -2823,7 +2839,7 @@ certutil_main(int argc, char **argv, PRBool initialize) if (certutil.options[opt_DBPrefix].arg) { certPrefix = certutil.options[opt_DBPrefix].arg; } else { - Usage(progName); + Usage(); } } @@ -2832,7 +2848,7 @@ certutil_main(int argc, char **argv, PRBool initialize) if (certutil.options[opt_SourcePrefix].arg) { srcCertPrefix = certutil.options[opt_SourcePrefix].arg; } else { - Usage(progName); + Usage(); } } @@ -2916,7 +2932,7 @@ certutil_main(int argc, char **argv, PRBool initialize) return 255; } if (commandsEntered == 0) { - Usage(progName); + Usage(); } if (certutil.commands[cmd_ListCerts].activated || @@ -3124,6 +3140,8 @@ certutil_main(int argc, char **argv, PRBool initialize) } initialized = PR_TRUE; SECU_RegisterDynamicOids(); + /* Ensure the SSL error code table has been registered. Bug 1460284. */ + SSL_OptionSetDefault(-1, 0); } certHandle = CERT_GetDefaultCertDB(); @@ -3350,7 +3368,8 @@ certutil_main(int argc, char **argv, PRBool initialize) } if (certutil.commands[cmd_DumpChain].activated) { rv = DumpChain(certHandle, name, - certutil.options[opt_ASCIIForIO].activated); + certutil.options[opt_ASCIIForIO].activated, + certutil.options[opt_SimpleSelfSigned].activated); goto shutdown; } /* XXX needs work */ @@ -3444,37 +3463,80 @@ certutil_main(int argc, char **argv, PRBool initialize) keycert = CERT_FindCertByNicknameOrEmailAddr(certHandle, keysource); if (!keycert) { keycert = PK11_FindCertFromNickname(keysource, NULL); - if (!keycert) { - SECU_PrintError(progName, - "%s is neither a key-type nor a nickname", keysource); + } + + if (keycert) { + privkey = PK11_FindKeyByDERCert(slot, keycert, &pwdata); + } else { + PLArenaPool *arena = NULL; + SECItem keyidItem = { 0 }; + char *keysourcePtr = keysource; + /* Interpret keysource as CKA_ID */ + if (PK11_NeedLogin(slot)) { + rv = PK11_Authenticate(slot, PR_TRUE, &pwdata); + if (rv != SECSuccess) { + SECU_PrintError(progName, "could not authenticate to token %s.", + PK11_GetTokenName(slot)); + return SECFailure; + } + } + if (0 == PL_strncasecmp("0x", keysource, 2)) { + keysourcePtr = keysource + 2; // skip leading "0x" + } + arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); + if (!arena) { + SECU_PrintError(progName, "unable to allocate arena"); return SECFailure; } + if (SECU_HexString2SECItem(arena, &keyidItem, keysourcePtr)) { + privkey = PK11_FindKeyByKeyID(slot, &keyidItem, &pwdata); + } + PORT_FreeArena(arena, PR_FALSE); + } + + if (!privkey) { + SECU_PrintError( + progName, + "%s is neither a key-type nor a nickname nor a key-id", keysource); + return SECFailure; } - privkey = PK11_FindKeyByDERCert(slot, keycert, &pwdata); - if (privkey) - pubkey = CERT_ExtractPublicKey(keycert); + + pubkey = SECKEY_ConvertToPublicKey(privkey); if (!pubkey) { SECU_PrintError(progName, "Could not get keys from cert %s", keysource); + if (keycert) { + CERT_DestroyCertificate(keycert); + } rv = SECFailure; - CERT_DestroyCertificate(keycert); goto shutdown; } keytype = privkey->keyType; + /* On CertReq for renewal if no subject has been * specified obtain it from the certificate. */ if (certutil.commands[cmd_CertReq].activated && !subject) { - subject = CERT_AsciiToName(keycert->subjectName); - if (!subject) { - SECU_PrintError(progName, - "Could not get subject from certificate %s", keysource); - CERT_DestroyCertificate(keycert); + if (keycert) { + subject = CERT_AsciiToName(keycert->subjectName); + if (!subject) { + SECU_PrintError( + progName, + "Could not get subject from certificate %s", + keysource); + CERT_DestroyCertificate(keycert); + rv = SECFailure; + goto shutdown; + } + } else { + SECU_PrintError(progName, "Subject name not provided"); rv = SECFailure; goto shutdown; } } - CERT_DestroyCertificate(keycert); + if (keycert) { + CERT_DestroyCertificate(keycert); + } } else { privkey = CERTUTIL_GeneratePrivateKey(keytype, slot, keysize, @@ -3537,6 +3599,14 @@ certutil_main(int argc, char **argv, PRBool initialize) } } + if (certutil.options[opt_SimpleSelfSigned].activated && + !certutil.commands[cmd_DumpChain].activated) { + PR_fprintf(PR_STDERR, + "%s -%c: --simple-self-signed only works with -O.\n", + progName, commandToRun); + return 255; + } + /* If we need a list of extensions convert the flags into list format */ if (certutil.commands[cmd_CertReq].activated || certutil.commands[cmd_CreateAndAddCert].activated || diff --git a/security/nss/cmd/crlutil/crlutil.c b/security/nss/cmd/crlutil/crlutil.c index c008ecc01a..c5527fc932 100644 --- a/security/nss/cmd/crlutil/crlutil.c +++ b/security/nss/cmd/crlutil/crlutil.c @@ -770,7 +770,7 @@ loser: } static void -Usage(char *progName) +Usage() { fprintf(stderr, "Usage: %s -L [-n nickname] [-d keydir] [-P dbprefix] [-t crlType]\n" @@ -908,7 +908,7 @@ main(int argc, char **argv) while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { switch (optstate->option) { case '?': - Usage(progName); + Usage(); break; case 'T': @@ -1038,17 +1038,17 @@ main(int argc, char **argv) } if (deleteCRL && !nickName) - Usage(progName); + Usage(); if (importCRL && !inFile) - Usage(progName); + Usage(); if (showFileCRL && !inFile) - Usage(progName); + Usage(); if ((generateCRL && !nickName) || (modifyCRL && !inFile && !nickName)) - Usage(progName); + Usage(); if (!(listCRL || deleteCRL || importCRL || showFileCRL || generateCRL || modifyCRL || test || erase)) - Usage(progName); + Usage(); if (listCRL || showFileCRL) { readonly = PR_TRUE; diff --git a/security/nss/cmd/crmftest/testcrmf.c b/security/nss/cmd/crmftest/testcrmf.c index cbc680b08f..1c1359b1bc 100644 --- a/security/nss/cmd/crmftest/testcrmf.c +++ b/security/nss/cmd/crmftest/testcrmf.c @@ -577,7 +577,6 @@ Decode(void) printf("WARNING: The DER contained %d messages.\n", numMsgs); } for (i = 0; i < numMsgs; i++) { - SECStatus rv; printf("crmftest: Processing cert request %d\n", i); certReqMsg = CRMF_CertReqMessagesGetCertReqMsgAtIndex(certReqMsgs, i); if (certReqMsg == NULL) { diff --git a/security/nss/cmd/dbtest/dbtest.c b/security/nss/cmd/dbtest/dbtest.c index 9a6a034a69..11713c23fb 100644 --- a/security/nss/cmd/dbtest/dbtest.c +++ b/security/nss/cmd/dbtest/dbtest.c @@ -58,7 +58,7 @@ getPassword(PK11SlotInfo *slot, PRBool retry, void *arg) } static void -Usage(const char *progName) +Usage() { printf("Usage: %s [-r] [-f] [-i] [-d dbdir ] \n", progName); @@ -96,7 +96,7 @@ main(int argc, char **argv) switch (optstate->option) { case 'h': default: - Usage(progName); + Usage(); break; case 'r': @@ -122,7 +122,7 @@ main(int argc, char **argv) } PL_DestroyOptState(optstate); if (optstatus == PL_OPT_BAD) - Usage(progName); + Usage(); if (dbDir) { char *tmp = dbDir; @@ -181,7 +181,6 @@ main(int argc, char **argv) ret = SUCCESS; if (doInitTest) { PK11SlotInfo *slot = PK11_GetInternalKeySlot(); - SECStatus rv; int passwordSuccess = 0; int type = CKM_DES3_CBC; SECItem keyid = { 0, NULL, 0 }; diff --git a/security/nss/cmd/httpserv/httpserv.c b/security/nss/cmd/httpserv/httpserv.c index 7cf28c65a0..71e2ab88d9 100644 --- a/security/nss/cmd/httpserv/httpserv.c +++ b/security/nss/cmd/httpserv/httpserv.c @@ -682,6 +682,7 @@ handle_connection( } if (arena) { PORT_FreeArena(arena, PR_FALSE); + arena = NULL; } if (!request || !request->tbsRequest || !request->tbsRequest->requestList || @@ -753,11 +754,11 @@ handle_connection( { PRTime now = PR_Now(); - PLArenaPool *arena = NULL; CERTOCSPSingleResponse *sr; CERTOCSPSingleResponse **singleResponses; SECItem *ocspResponse; + PORT_Assert(!arena); arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (unknown) { @@ -787,8 +788,8 @@ handle_connection( } else { PR_Write(ssl_sock, outOcspHeader, strlen(outOcspHeader)); PR_Write(ssl_sock, ocspResponse->data, ocspResponse->len); - PORT_FreeArena(arena, PR_FALSE); } + PORT_FreeArena(arena, PR_FALSE); } CERT_DestroyOCSPRequest(request); break; @@ -1357,7 +1358,6 @@ main(int argc, char **argv) caRevoIter = &caRevoInfos->link; do { PRFileDesc *inFile; - int rv = SECFailure; SECItem crlDER; crlDER.data = NULL; @@ -1413,11 +1413,9 @@ main(int argc, char **argv) if (provideOcsp) { if (caRevoInfos) { - PRCList *caRevoIter; - caRevoIter = &caRevoInfos->link; do { - caRevoInfo *revoInfo = (caRevoInfo *)caRevoIter; + revoInfo = (caRevoInfo *)caRevoIter; if (revoInfo->nickname) PORT_Free(revoInfo->nickname); if (revoInfo->crlFilename) diff --git a/security/nss/cmd/lib/secutil.c b/security/nss/cmd/lib/secutil.c index 2b33f89633..6be2df432a 100644 --- a/security/nss/cmd/lib/secutil.c +++ b/security/nss/cmd/lib/secutil.c @@ -1528,9 +1528,9 @@ SECU_PrintDumpDerIssuerAndSerial(FILE *out, SECItem *der, char *m, unsigned int i; for (i = 0; i < c->serialNumber.len; ++i) { unsigned char *chardata = (unsigned char *)(c->serialNumber.data); - unsigned char c = *(chardata + i); + unsigned char ch = *(chardata + i); - fprintf(out, "\\x%02x", c); + fprintf(out, "\\x%02x", ch); } fprintf(out, "\" }\n"); } @@ -3137,7 +3137,7 @@ typedef enum { static int secu_PrintSignedDataSigOpt(FILE *out, SECItem *der, const char *m, int level, SECU_PPFunc inner, - SignatureOptionType withSignature) + SignatureOptionType signatureOption) { PLArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); CERTSignedData *sd; @@ -3164,7 +3164,7 @@ secu_PrintSignedDataSigOpt(FILE *out, SECItem *der, const char *m, } rv = (*inner)(out, &sd->data, "Data", level + 1); - if (withSignature) { + if (signatureOption == withSignature) { SECU_PrintAlgorithmID(out, &sd->signatureAlgorithm, "Signature Algorithm", level + 1); DER_ConvertBitString(&sd->signature); diff --git a/security/nss/cmd/listsuites/listsuites.c b/security/nss/cmd/listsuites/listsuites.c index 8eb2c3553e..b49f2d8cf4 100644 --- a/security/nss/cmd/listsuites/listsuites.c +++ b/security/nss/cmd/listsuites/listsuites.c @@ -64,9 +64,7 @@ main(int argc, char **argv) /* disable all the SSL3 cipher suites */ for (i = 0; i < SSL_NumImplementedCiphers; i++) { PRUint16 suite = cipherSuites[i]; - SECStatus rv; PRBool enabled; - PRErrorCode err; SSLCipherSuiteInfo info; rv = SSL_CipherPrefGetDefault(suite, &enabled); diff --git a/security/nss/cmd/lowhashtest/lowhashtest.c b/security/nss/cmd/lowhashtest/lowhashtest.c index 29d6ff4fd1..fcc06a86ee 100644 --- a/security/nss/cmd/lowhashtest/lowhashtest.c +++ b/security/nss/cmd/lowhashtest/lowhashtest.c @@ -390,7 +390,7 @@ testSHA512(NSSLOWInitContext *initCtx) } static void -Usage(char *progName) +Usage() { fprintf(stderr, "Usage: %s [algorithm]\n", progName); @@ -436,7 +436,7 @@ main(int argc, char **argv) rv += testSHA512(initCtx); } else { SECU_PrintError(progName, "Unsupported hash type %s\n", argv[0]); - Usage(progName); + Usage(); } NSSLOW_Shutdown(initCtx); diff --git a/security/nss/cmd/modutil/install-ds.c b/security/nss/cmd/modutil/install-ds.c index 0305687626..576839f8f5 100644 --- a/security/nss/cmd/modutil/install-ds.c +++ b/security/nss/cmd/modutil/install-ds.c @@ -88,11 +88,11 @@ static const char* errString[] = { static char* PR_Strdup(const char* str); -#define PAD(x) \ - { \ - int i; \ - for (i = 0; i < x; i++) \ - printf(" "); \ +#define PAD(x) \ + { \ + int pad_i; \ + for (pad_i = 0; pad_i < (x); pad_i++) \ + printf(" "); \ } #define PADINC 4 diff --git a/security/nss/cmd/mpitests/mpi-test.c b/security/nss/cmd/mpitests/mpi-test.c index 3a1f5d6c2e..b7953b6f66 100644 --- a/security/nss/cmd/mpitests/mpi-test.c +++ b/security/nss/cmd/mpitests/mpi-test.c @@ -375,14 +375,14 @@ void reason(char *fmt, ...); char g_intbuf[4096]; /* buffer for integer comparison */ char a_intbuf[4096]; /* buffer for integer comparison */ int g_verbose = 1; /* print out reasons for failure? */ -int res; - -#define IFOK(x) \ - { \ - if (MP_OKAY > (res = (x))) { \ - reason("test %s failed: error %d\n", #x, res); \ - return 1; \ - } \ + +#define IFOK(x) \ + { \ + int ifok_res = (x); \ + if (MP_OKAY > ifok_res) { \ + reason("test %s failed: error %d\n", #x, ifok_res); \ + return 1; \ + } \ } int diff --git a/security/nss/cmd/ocspclnt/ocspclnt.c b/security/nss/cmd/ocspclnt/ocspclnt.c index afcb7e13fb..0927f8ef63 100644 --- a/security/nss/cmd/ocspclnt/ocspclnt.c +++ b/security/nss/cmd/ocspclnt/ocspclnt.c @@ -38,7 +38,7 @@ char *program_name; static void -synopsis(char *program_name) +synopsis(char *progname) { PRFileDesc *pr_stderr; @@ -46,44 +46,44 @@ synopsis(char *program_name) PR_fprintf(pr_stderr, "Usage:"); PR_fprintf(pr_stderr, "\t%s -p [-d <dir>]\n", - program_name); + progname); PR_fprintf(pr_stderr, "\t%s -P [-d <dir>]\n", - program_name); + progname); PR_fprintf(pr_stderr, "\t%s -r <name> [-a] [-L] [-s <name>] [-d <dir>]\n", - program_name); + progname); PR_fprintf(pr_stderr, "\t%s -R <name> [-a] [-l <location>] [-s <name>] [-d <dir>]\n", - program_name); + progname); PR_fprintf(pr_stderr, "\t%s -S <name> [-a] [-l <location> -t <name>]\n", - program_name); + progname); PR_fprintf(pr_stderr, "\t\t [-s <name>] [-w <time>] [-d <dir>]\n"); PR_fprintf(pr_stderr, "\t%s -V <name> [-a] -u <usage> [-l <location> -t <name>]\n", - program_name); + progname); PR_fprintf(pr_stderr, "\t\t [-s <name>] [-w <time>] [-d <dir>]\n"); } static void -short_usage(char *program_name) +short_usage(char *progname) { PR_fprintf(PR_STDERR, "Type %s -H for more detailed descriptions\n", - program_name); - synopsis(program_name); + progname); + synopsis(progname); } static void -long_usage(char *program_name) +long_usage(char *progname) { PRFileDesc *pr_stderr; pr_stderr = PR_STDERR; - synopsis(program_name); + synopsis(progname); PR_fprintf(pr_stderr, "\nCommands (must specify exactly one):\n"); PR_fprintf(pr_stderr, " %-13s Pretty-print a binary request read from stdin\n", diff --git a/security/nss/cmd/ocspresp/ocspresp.c b/security/nss/cmd/ocspresp/ocspresp.c index 632623c97c..d18d32e18e 100644 --- a/security/nss/cmd/ocspresp/ocspresp.c +++ b/security/nss/cmd/ocspresp/ocspresp.c @@ -194,8 +194,8 @@ main(int argc, char **argv) &obtainedSignerCert, caCert)); #ifdef DEBUG { - SECStatus rv = CERT_GetOCSPStatusForCertID(certHandle, decodedRev, cid, - obtainedSignerCert, now); + rv = CERT_GetOCSPStatusForCertID(certHandle, decodedRev, cid, + obtainedSignerCert, now); PORT_Assert(rv == SECFailure); PORT_Assert(PORT_GetError() == SEC_ERROR_REVOKED_CERTIFICATE); } @@ -211,7 +211,7 @@ main(int argc, char **argv) decodedFail = CERT_DecodeOCSPResponse(encodedFail); #ifdef DEBUG { - SECStatus rv = CERT_GetOCSPResponseStatus(decodedFail); + rv = CERT_GetOCSPResponseStatus(decodedFail); PORT_Assert(rv == SECFailure); PORT_Assert(PORT_GetError() == SEC_ERROR_OCSP_TRY_SERVER_LATER); } diff --git a/security/nss/cmd/pk12util/pk12util.c b/security/nss/cmd/pk12util/pk12util.c index 70454a0d8f..5884713e3c 100644 --- a/security/nss/cmd/pk12util/pk12util.c +++ b/security/nss/cmd/pk12util/pk12util.c @@ -28,7 +28,7 @@ static PRBool pk12uForceUnicode; PRIntn pk12uErrno = 0; static void -Usage(char *progName) +Usage() { #define FPS PR_fprintf(PR_STDERR, FPS "Usage: %s -i importfile [-d certdir] [-P dbprefix] [-h tokenname]\n", @@ -1020,26 +1020,26 @@ main(int argc, char **argv) rv = SECU_ParseCommandLine(argc, argv, progName, &pk12util); if (rv != SECSuccess) - Usage(progName); + Usage(); pk12_debugging = pk12util.options[opt_Debug].activated; if ((pk12util.options[opt_Import].activated + pk12util.options[opt_Export].activated + pk12util.options[opt_List].activated) != 1) { - Usage(progName); + Usage(); } if (pk12util.options[opt_Export].activated && !pk12util.options[opt_Nickname].activated) { - Usage(progName); + Usage(); } rv = NSS_OptionGet(__NSS_PKCS12_DECODE_FORCE_UNICODE, &forceUnicode); if (rv != SECSuccess) { SECU_PrintError(progName, "Failed to get NSS_PKCS12_DECODE_FORCE_UNICODE option"); - Usage(progName); + Usage(); } pk12uForceUnicode = forceUnicode; @@ -1144,7 +1144,7 @@ main(int argc, char **argv) P12U_ListPKCS12File(import_file, slot, &slotPw, &p12FilePw); } else { - Usage(progName); + Usage(); pk12uErrno = PK12UERR_USAGE; } diff --git a/security/nss/cmd/pk1sign/pk1sign.c b/security/nss/cmd/pk1sign/pk1sign.c index 085aa16598..d5524c149b 100644 --- a/security/nss/cmd/pk1sign/pk1sign.c +++ b/security/nss/cmd/pk1sign/pk1sign.c @@ -178,7 +178,7 @@ loser: SECKEY_DestroyPrivateKey(privKey); } if (data) { - PORT_Free(data); + PR_Free(data); } PORT_FreeArena(arena, PR_FALSE); diff --git a/security/nss/cmd/rsaperf/rsaperf.c b/security/nss/cmd/rsaperf/rsaperf.c index 2bb23856e7..7762a465b8 100644 --- a/security/nss/cmd/rsaperf/rsaperf.c +++ b/security/nss/cmd/rsaperf/rsaperf.c @@ -313,7 +313,7 @@ main(int argc, char **argv) char *slotname = NULL; long keybits = 0; RSAOp fn; - void *rsaKey = NULL; + void *rsaKeyPtr = NULL; PLOptState *optstate; PLOptStatus optstatus; long iters = DEFAULT_ITERS; @@ -464,7 +464,7 @@ main(int argc, char **argv) if (doPub) { /* do public key ops */ fn = (RSAOp)PK11_PublicKeyOp; - rsaKey = (void *)pubHighKey; + rsaKeyPtr = (void *)pubHighKey; kh = PK11_ImportPublicKey(cert->slot, pubHighKey, PR_FALSE); if (CK_INVALID_HANDLE == kh) { @@ -489,7 +489,7 @@ main(int argc, char **argv) fn = (RSAOp)PK11_PrivateKeyOp; keys.privKey = privHighKey; keys.pubKey = pubHighKey; - rsaKey = (void *)&keys; + rsaKeyPtr = (void *)&keys; printf("Using PKCS#11 for RSA decryption with token %s.\n", PK11_GetTokenName(privHighKey->pkcs11Slot)); } @@ -537,13 +537,13 @@ main(int argc, char **argv) if (doPub) { /* do public key operations */ fn = (RSAOp)PK11_PublicKeyOp; - rsaKey = (void *)pubHighKey; + rsaKeyPtr = (void *)pubHighKey; } else { /* do private key operations */ fn = (RSAOp)PK11_PrivateKeyOp; keys.privKey = privHighKey; keys.pubKey = pubHighKey; - rsaKey = (void *)&keys; + rsaKeyPtr = (void *)&keys; } } else @@ -574,7 +574,7 @@ main(int argc, char **argv) pe.data = &pubEx[0]; pe.type = siBuffer; - rsaKey = RSA_NewKey(keybits, &pe); + rsaKeyPtr = RSA_NewKey(keybits, &pe); fprintf(stderr, "Keygen completed.\n"); } else { /* use a hardcoded key */ @@ -589,31 +589,31 @@ main(int argc, char **argv) if (doPub) { /* do public key operations */ fn = (RSAOp)RSA_PublicKeyOp; - if (rsaKey) { + if (rsaKeyPtr) { /* convert the RSAPrivateKey to RSAPublicKey */ pubKeyStr.arena = NULL; - pubKeyStr.modulus = ((RSAPrivateKey *)rsaKey)->modulus; + pubKeyStr.modulus = ((RSAPrivateKey *)rsaKeyPtr)->modulus; pubKeyStr.publicExponent = - ((RSAPrivateKey *)rsaKey)->publicExponent; - rsaKey = &pubKeyStr; + ((RSAPrivateKey *)rsaKeyPtr)->publicExponent; + rsaKeyPtr = &pubKeyStr; } else { /* convert NSSLOWKeyPublicKey to RSAPublicKey */ - rsaKey = (void *)(&pubKey->u.rsa); + rsaKeyPtr = (void *)(&pubKey->u.rsa); } - PORT_Assert(rsaKey); + PORT_Assert(rsaKeyPtr); } else { /* do private key operations */ fn = (RSAOp)RSA_PrivateKeyOp; if (privKey) { /* convert NSSLOWKeyPrivateKey to RSAPrivateKey */ - rsaKey = (void *)(&privKey->u.rsa); + rsaKeyPtr = (void *)(&privKey->u.rsa); } - PORT_Assert(rsaKey); + PORT_Assert(rsaKeyPtr); } } memset(buf, 1, sizeof buf); - rv = fn(rsaKey, buf2, buf); + rv = fn(rsaKeyPtr, buf2, buf); if (rv != SECSuccess) { PRErrorCode errNum; const char *errStr = NULL; @@ -638,7 +638,7 @@ main(int argc, char **argv) runDataArr[i]->fn = fn; runDataArr[i]->buf = buf; runDataArr[i]->doIters = &doIters; - runDataArr[i]->rsaKey = rsaKey; + runDataArr[i]->rsaKey = rsaKeyPtr; runDataArr[i]->seconds = seconds; runDataArr[i]->iters = iters; threadsArr[i] = diff --git a/security/nss/cmd/selfserv/selfserv.c b/security/nss/cmd/selfserv/selfserv.c index fac428e101..c372ec9b83 100644 --- a/security/nss/cmd/selfserv/selfserv.c +++ b/security/nss/cmd/selfserv/selfserv.c @@ -57,7 +57,7 @@ int NumSidCacheEntries = 1024; -static int handle_connection(PRFileDesc *, PRFileDesc *, int); +static int handle_connection(PRFileDesc *, PRFileDesc *); static const char envVarName[] = { SSL_ENV_VAR_NAME }; static const char inheritableSockName[] = { "SELFSERV_LISTEN_SOCKET" }; @@ -509,7 +509,6 @@ typedef struct jobStr { PRCList link; PRFileDesc *tcp_sock; PRFileDesc *model_sock; - int requestCert; } JOB; static PZLock *qLock; /* this lock protects all data immediately below */ @@ -541,7 +540,7 @@ setupJobs(int maxJobs) return SECSuccess; } -typedef int startFn(PRFileDesc *a, PRFileDesc *b, int c); +typedef int startFn(PRFileDesc *a, PRFileDesc *b); typedef enum { rs_idle = 0, rs_running = 1, @@ -550,7 +549,6 @@ typedef enum { rs_idle = 0, typedef struct perThreadStr { PRFileDesc *a; PRFileDesc *b; - int c; int rv; startFn *startFunc; PRThread *prThread; @@ -564,7 +562,7 @@ thread_wrapper(void *arg) { perThread *slot = (perThread *)arg; - slot->rv = (*slot->startFunc)(slot->a, slot->b, slot->c); + slot->rv = (*slot->startFunc)(slot->a, slot->b); /* notify the thread exit handler. */ PZ_Lock(qLock); @@ -575,7 +573,7 @@ thread_wrapper(void *arg) } int -jobLoop(PRFileDesc *a, PRFileDesc *b, int c) +jobLoop(PRFileDesc *a, PRFileDesc *b) { PRCList *myLink = 0; JOB *myJob; @@ -595,8 +593,7 @@ jobLoop(PRFileDesc *a, PRFileDesc *b, int c) /* myJob will be null when stopping is true and jobQ is empty */ if (!myJob) break; - handle_connection(myJob->tcp_sock, myJob->model_sock, - myJob->requestCert); + handle_connection(myJob->tcp_sock, myJob->model_sock); PZ_Lock(qLock); PR_APPEND_LINK(myLink, &freeJobs); PZ_NotifyCondVar(freeListNotEmptyCv); @@ -609,7 +606,6 @@ launch_threads( startFn *startFunc, PRFileDesc *a, PRFileDesc *b, - int c, PRBool local) { int i; @@ -645,7 +641,6 @@ launch_threads( slot->state = rs_running; slot->a = a; slot->b = b; - slot->c = c; slot->startFunc = startFunc; slot->prThread = PR_CreateThread(PR_USER_THREAD, thread_wrapper, slot, PR_PRIORITY_NORMAL, @@ -893,8 +888,7 @@ int /* returns count */ int do_writes( PRFileDesc *ssl_sock, - PRFileDesc *model_sock, - int requestCert) + PRFileDesc *model_sock) { int sent = 0; int count = 0; @@ -925,8 +919,7 @@ do_writes( static int handle_fdx_connection( PRFileDesc *tcp_sock, - PRFileDesc *model_sock, - int requestCert) + PRFileDesc *model_sock) { PRFileDesc *ssl_sock = NULL; SECStatus result; @@ -960,8 +953,7 @@ handle_fdx_connection( lockedVars_AddToCount(&lv, 1); /* Attempt to launch the writer thread. */ - result = launch_thread(do_writes, ssl_sock, (PRFileDesc *)&lv, - requestCert); + result = launch_thread(do_writes, ssl_sock, (PRFileDesc *)&lv); if (result == SECSuccess) do { @@ -1093,7 +1085,7 @@ makeCorruptedOCSPResponse(PLArenaPool *arena) } SECItemArray * -makeSignedOCSPResponse(PLArenaPool *arena, ocspStaplingModeType osm, +makeSignedOCSPResponse(PLArenaPool *arena, CERTCertificate *cert, secuPWData *pwdata) { SECItemArray *result = NULL; @@ -1117,7 +1109,7 @@ makeSignedOCSPResponse(PLArenaPool *arena, ocspStaplingModeType osm, nextUpdate = now + (PRTime)60 * 60 * 24 * PR_USEC_PER_SEC; /* plus 1 day */ - switch (osm) { + switch (ocspStaplingMode) { case osm_good: case osm_badsig: sr = CERT_CreateOCSPSingleResponseGood(arena, cid, now, @@ -1150,7 +1142,7 @@ makeSignedOCSPResponse(PLArenaPool *arena, ocspStaplingModeType osm, singleResponses[1] = NULL; ocspResponse = CERT_CreateEncodedOCSPSuccessResponse(arena, - (osm == osm_badsig) + (ocspStaplingMode == osm_badsig) ? NULL : ca, ocspResponderID_byName, now, singleResponses, @@ -1175,7 +1167,7 @@ makeSignedOCSPResponse(PLArenaPool *arena, ocspStaplingModeType osm, } void -setupCertStatus(PLArenaPool *arena, enum ocspStaplingModeEnum ocspStaplingMode, +setupCertStatus(PLArenaPool *arena, CERTCertificate *cert, int index, secuPWData *pwdata) { if (ocspStaplingMode == osm_random) { @@ -1213,7 +1205,7 @@ setupCertStatus(PLArenaPool *arena, enum ocspStaplingModeEnum ocspStaplingMode, case osm_unknown: case osm_badsig: multiOcspResponses = - makeSignedOCSPResponse(arena, ocspStaplingMode, cert, + makeSignedOCSPResponse(arena, cert, pwdata); break; case osm_corrupted: @@ -1236,10 +1228,7 @@ setupCertStatus(PLArenaPool *arena, enum ocspStaplingModeEnum ocspStaplingMode, } int -handle_connection( - PRFileDesc *tcp_sock, - PRFileDesc *model_sock, - int requestCert) +handle_connection(PRFileDesc *tcp_sock, PRFileDesc *model_sock) { PRFileDesc *ssl_sock = NULL; PRFileDesc *local_file_fd = NULL; @@ -1272,7 +1261,6 @@ handle_connection( VLOG(("selfserv: handle_connection: starting\n")); if (useModelSocket && model_sock) { - SECStatus rv; ssl_sock = SSL_ImportFD(model_sock, tcp_sock); if (!ssl_sock) { errWarn("SSL_ImportFD with model"); @@ -1588,8 +1576,7 @@ sigusr1_handler(int sig) SECStatus do_accepts( PRFileDesc *listen_sock, - PRFileDesc *model_sock, - int requestCert) + PRFileDesc *model_sock) { PRNetAddr addr; PRErrorCode perr; @@ -1659,7 +1646,6 @@ do_accepts( JOB *myJob = (JOB *)myLink; myJob->tcp_sock = tcp_sock; myJob->model_sock = model_sock; - myJob->requestCert = requestCert; } PR_APPEND_LINK(myLink, &jobQ); @@ -1818,7 +1804,6 @@ handshakeCallback(PRFileDesc *fd, void *client_data) void server_main( PRFileDesc *listen_sock, - int requestCert, SECKEYPrivateKey **privKey, CERTCertificate **cert, const char *expectedHostNameVal) @@ -2021,7 +2006,7 @@ server_main( /* end of ssl configuration. */ /* Now, do the accepting, here in the main thread. */ - rv = do_accepts(listen_sock, model_sock, requestCert); + rv = do_accepts(listen_sock, model_sock); terminateWorkerThreads(); @@ -2654,9 +2639,8 @@ main(int argc, char **argv) } } if (cipher > 0) { - SECStatus status; - status = SSL_CipherPrefSetDefault(cipher, SSL_ALLOWED); - if (status != SECSuccess) + rv = SSL_CipherPrefSetDefault(cipher, SSL_ALLOWED); + if (rv != SECSuccess) SECU_PrintError(progName, "SSL_CipherPrefSet()"); } else { fprintf(stderr, @@ -2684,7 +2668,7 @@ main(int argc, char **argv) exit(11); } if (privKey[i]->keyType != ecKey) - setupCertStatus(certStatusArena, ocspStaplingMode, cert[i], i, &pwdata); + setupCertStatus(certStatusArena, cert[i], i, &pwdata); } if (configureWeakDHE > 0) { @@ -2697,7 +2681,7 @@ main(int argc, char **argv) } /* allocate the array of thread slots, and launch the worker threads. */ - rv = launch_threads(&jobLoop, 0, 0, requestCert, useLocalThreads); + rv = launch_threads(&jobLoop, 0, 0, useLocalThreads); if (rv == SECSuccess && logStats) { loggerThread = PR_CreateThread(PR_SYSTEM_THREAD, @@ -2712,7 +2696,7 @@ main(int argc, char **argv) } if (rv == SECSuccess) { - server_main(listen_sock, requestCert, privKey, cert, + server_main(listen_sock, privKey, cert, expectedHostNameVal); } @@ -2731,7 +2715,6 @@ cleanup: } { - int i; for (i = 0; i < certNicknameIndex; i++) { if (cert[i]) { CERT_DestroyCertificate(cert[i]); diff --git a/security/nss/cmd/shlibsign/shlibsign.c b/security/nss/cmd/shlibsign/shlibsign.c index d93fc422d5..221d1e67ed 100644 --- a/security/nss/cmd/shlibsign/shlibsign.c +++ b/security/nss/cmd/shlibsign/shlibsign.c @@ -148,7 +148,7 @@ writeItem(PRFileDesc *fd, CK_VOID_PTR pValue, return PR_FAILURE; } bytesWritten = PR_Write(fd, pValue, ulValueLen); - if (bytesWritten != ulValueLen) { + if (bytesWritten < 0 || (CK_ULONG)bytesWritten != ulValueLen) { lperror(file); return PR_FAILURE; } diff --git a/security/nss/cmd/signtool/javascript.c b/security/nss/cmd/signtool/javascript.c index ffff2db592..58869aa619 100644 --- a/security/nss/cmd/signtool/javascript.c +++ b/security/nss/cmd/signtool/javascript.c @@ -1300,7 +1300,6 @@ extract_js(char *filename) * Now we have a stream of tags and text. Go through and deal with each. */ for (curitem = head; curitem; curitem = curitem->next) { - TagItem *tagp = NULL; AVPair *pairp = NULL; char *src = NULL, *id = NULL, *codebase = NULL; PRBool hasEventHandler = PR_FALSE; @@ -1669,11 +1668,14 @@ loser: * Returns PR_SUCCESS if the directory is present, PR_FAILURE otherwise. */ static PRStatus -ensureExists(char *base, char *path) +ensureExists(char *basepath, char *path) { char fn[FNSIZE]; PRDir *dir; - sprintf(fn, "%s/%s", base, path); + int c = snprintf(fn, sizeof(fn), "%s/%s", basepath, path); + if (c >= sizeof(fn)) { + return PR_FAILURE; + } /*PR_fprintf(outputFD, "Trying to open directory %s.\n", fn);*/ diff --git a/security/nss/cmd/signtool/sign.c b/security/nss/cmd/signtool/sign.c index 6f8e439467..5345309472 100644 --- a/security/nss/cmd/signtool/sign.c +++ b/security/nss/cmd/signtool/sign.c @@ -175,16 +175,16 @@ typedef struct { * */ int -SignAllArc(char *jartree, char *keyName, int javascript, char *metafile, - char *install_script, int optimize, PRBool recurse) +SignAllArc(char *jartree, char *keyName, int javascript, char *metafilename, + char *install_script, int optimize_level, PRBool recurse) { SignArcInfo info; info.keyName = keyName; info.javascript = javascript; - info.metafile = metafile; + info.metafile = metafilename; info.install_script = install_script; - info.optimize = optimize; + info.optimize = optimize_level; return foreach (jartree, "", sign_all_arc_fn, recurse, PR_TRUE /*include dirs*/, (void *)&info); @@ -194,7 +194,7 @@ static int sign_all_arc_fn(char *relpath, char *basedir, char *reldir, char *filename, void *arg) { - char *zipfile = NULL; + char *zipfilename = NULL; char *arc = NULL, *archive = NULL; int retval = 0; SignArcInfo *infop = (SignArcInfo *)arg; @@ -212,8 +212,8 @@ sign_all_arc_fn(char *relpath, char *basedir, char *reldir, char *filename, } archive = PR_smprintf("%s/%s", basedir, relpath); - zipfile = PL_strdup(archive); - arc = PORT_Strrchr(zipfile, '.'); + zipfilename = PL_strdup(archive); + arc = PORT_Strrchr(zipfilename, '.'); if (arc == NULL) { PR_fprintf(errorFD, "%s: Internal failure\n", PROGRAM_NAME); @@ -225,17 +225,17 @@ sign_all_arc_fn(char *relpath, char *basedir, char *reldir, char *filename, PL_strcpy(arc, ".jar"); if (verbosity >= 0) { - PR_fprintf(outputFD, "\nsigning: %s\n", zipfile); + PR_fprintf(outputFD, "\nsigning: %s\n", zipfilename); } - retval = SignArchive(archive, infop->keyName, zipfile, + retval = SignArchive(archive, infop->keyName, zipfilename, infop->javascript, infop->metafile, infop->install_script, infop->optimize, PR_TRUE /* recurse */); } finish: if (archive) PR_Free(archive); - if (zipfile) - PR_Free(zipfile); + if (zipfilename) + PR_Free(zipfilename); return retval; } @@ -707,8 +707,8 @@ SignFile(FILE *outFile, FILE *inFile, CERTCertificate *cert) static int generate_SF_file(char *manifile, char *who) { - FILE *sf; - FILE *mf; + FILE *sfFile; + FILE *mfFile; long r1, r2, r3; char whofile[FNSIZE]; char *buf, *name = NULL; @@ -718,12 +718,12 @@ generate_SF_file(char *manifile, char *who) strcpy(whofile, who); - if ((mf = fopen(manifile, "rb")) == NULL) { + if ((mfFile = fopen(manifile, "rb")) == NULL) { perror(manifile); exit(ERRX); } - if ((sf = fopen(whofile, "wb")) == NULL) { + if ((sfFile = fopen(whofile, "wb")) == NULL) { perror(who); exit(ERRX); } @@ -736,11 +736,11 @@ generate_SF_file(char *manifile, char *who) if (buf == NULL || name == NULL) out_of_memory(); - fprintf(sf, "Signature-Version: 1.0\n"); - fprintf(sf, "Created-By: %s\n", CREATOR); - fprintf(sf, "Comments: %s\n", BREAKAGE); + fprintf(sfFile, "Signature-Version: 1.0\n"); + fprintf(sfFile, "Created-By: %s\n", CREATOR); + fprintf(sfFile, "Comments: %s\n", BREAKAGE); - if (fgets(buf, BUFSIZ, mf) == NULL) { + if (fgets(buf, BUFSIZ, mfFile) == NULL) { PR_fprintf(errorFD, "%s: empty manifest file!\n", PROGRAM_NAME); errorCount++; exit(ERRX); @@ -752,15 +752,15 @@ generate_SF_file(char *manifile, char *who) exit(ERRX); } - fseek(mf, 0L, SEEK_SET); + fseek(mfFile, 0L, SEEK_SET); /* Process blocks of headers, and calculate their hashen */ while (1) { /* Beginning range */ - r1 = ftell(mf); + r1 = ftell(mfFile); - if (fgets(name, BUFSIZ, mf) == NULL) + if (fgets(name, BUFSIZ, mfFile) == NULL) break; line++; @@ -774,46 +774,46 @@ generate_SF_file(char *manifile, char *who) } r2 = r1; - while (fgets(buf, BUFSIZ, mf)) { + while (fgets(buf, BUFSIZ, mfFile)) { if (*buf == 0 || *buf == '\n' || *buf == '\r') break; line++; /* Ending range for hashing */ - r2 = ftell(mf); + r2 = ftell(mfFile); } - r3 = ftell(mf); + r3 = ftell(mfFile); if (r1) { - fprintf(sf, "\n"); - fprintf(sf, "%s", name); + fprintf(sfFile, "\n"); + fprintf(sfFile, "%s", name); } - calculate_MD5_range(mf, r1, r2, &dig); + calculate_MD5_range(mfFile, r1, r2, &dig); if (optimize == 0) { - fprintf(sf, "Digest-Algorithms: MD5 SHA1\n"); + fprintf(sfFile, "Digest-Algorithms: MD5 SHA1\n"); md5 = BTOA_DataToAscii(dig.md5, MD5_LENGTH); - fprintf(sf, "MD5-Digest: %s\n", md5); + fprintf(sfFile, "MD5-Digest: %s\n", md5); PORT_Free(md5); } sha1 = BTOA_DataToAscii(dig.sha1, SHA1_LENGTH); - fprintf(sf, "SHA1-Digest: %s\n", sha1); + fprintf(sfFile, "SHA1-Digest: %s\n", sha1); PORT_Free(sha1); /* restore normalcy after changing offset position */ - fseek(mf, r3, SEEK_SET); + fseek(mfFile, r3, SEEK_SET); } PORT_Free(buf); PORT_Free(name); - fclose(sf); - fclose(mf); + fclose(sfFile); + fclose(mfFile); return 0; } diff --git a/security/nss/cmd/signtool/zip.c b/security/nss/cmd/signtool/zip.c index 35d5f5733f..aeb5d6c541 100644 --- a/security/nss/cmd/signtool/zip.c +++ b/security/nss/cmd/signtool/zip.c @@ -129,7 +129,7 @@ handle_zerror(int err, char *msg) * been opened with JzipOpen. */ int -JzipAdd(char *fullname, char *filename, ZIPfile *zipfile, int compression_level) +JzipAdd(char *fullname, char *filename, ZIPfile *zipfile, int lvl) { ZIPentry *entry; PRFileDesc *readfp; @@ -319,7 +319,7 @@ JzipAdd(char *fullname, char *filename, ZIPfile *zipfile, int compression_level) * It causes zlib to leave out its headers and footers, which don't * work in PKZIP files. */ - err = deflateInit2(&zstream, compression_level, Z_DEFLATED, + err = deflateInit2(&zstream, lvl, Z_DEFLATED, -MAX_WBITS, 8 /*default*/, Z_DEFAULT_STRATEGY); if (err != Z_OK) { handle_zerror(err, zstream.msg); diff --git a/security/nss/cmd/smimetools/cmsutil.c b/security/nss/cmd/smimetools/cmsutil.c index fe17f26a48..7106521c12 100644 --- a/security/nss/cmd/smimetools/cmsutil.c +++ b/security/nss/cmd/smimetools/cmsutil.c @@ -68,7 +68,7 @@ DigestFile(PLArenaPool *poolp, SECItem ***digests, SECItem *input, } static void -Usage(char *progName) +Usage(void) { fprintf(stderr, "Usage: %s [-C|-D|-E|-O|-S] [<options>] [-d dbdir] [-u certusage]\n" @@ -280,7 +280,6 @@ decode(FILE *out, SECItem *input, const struct decodeOptionsStr *decodeOptions) ** or might be an invalid message, such as a QA test message ** or a message from an attacker. */ - SECStatus rv; rv = NSS_CMSSignedData_VerifyCertsOnly(sigd, decodeOptions->options->certHandle, decodeOptions->options->certUsage); @@ -1127,7 +1126,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -G only supported with option -S.\n", progName); - Usage(progName); + Usage(); exit(1); } signOptions.signingTime = PR_TRUE; @@ -1137,7 +1136,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -H only supported with option -S.\n", progName); - Usage(progName); + Usage(); exit(1); } decodeOptions.suppressContent = PR_TRUE; @@ -1167,7 +1166,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -N only supported with option -S.\n", progName); - Usage(progName); + Usage(); exit(1); } signOptions.nickname = PORT_Strdup(optstate->value); @@ -1180,7 +1179,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -P only supported with option -S.\n", progName); - Usage(progName); + Usage(); exit(1); } signOptions.smimeProfile = PR_TRUE; @@ -1193,7 +1192,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -T only supported with option -S.\n", progName); - Usage(progName); + Usage(); exit(1); } signOptions.detached = PR_TRUE; @@ -1203,7 +1202,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -Y only supported with option -S.\n", progName); - Usage(progName); + Usage(); exit(1); } signOptions.encryptionKeyPreferenceNick = strdup(optstate->value); @@ -1214,7 +1213,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -b only supported with option -D.\n", progName); - Usage(progName); + Usage(); exit(1); } batch = PR_TRUE; @@ -1225,7 +1224,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -c only supported with option -D.\n", progName); - Usage(progName); + Usage(); exit(1); } contentFile = PR_Open(optstate->value, PR_RDONLY, 006600); @@ -1261,7 +1260,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -h only supported with option -D.\n", progName); - Usage(progName); + Usage(); exit(1); } decodeOptions.headerLevel = atoi(optstate->value); @@ -1288,7 +1287,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -k only supported with option -D.\n", progName); - Usage(progName); + Usage(); exit(1); } decodeOptions.keepCerts = PR_TRUE; @@ -1299,7 +1298,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -n only supported with option -D.\n", progName); - Usage(progName); + Usage(); exit(1); } decodeOptions.suppressContent = PR_TRUE; @@ -1315,7 +1314,7 @@ main(int argc, char **argv) case 'p': if (!optstate->value) { fprintf(stderr, "%s: option -p must have a value.\n", progName); - Usage(progName); + Usage(); exit(1); } @@ -1325,7 +1324,7 @@ main(int argc, char **argv) case 'f': if (!optstate->value) { fprintf(stderr, "%s: option -f must have a value.\n", progName); - Usage(progName); + Usage(); exit(1); } @@ -1335,7 +1334,7 @@ main(int argc, char **argv) case 'r': if (!optstate->value) { fprintf(stderr, "%s: option -r must have a value.\n", progName); - Usage(progName); + Usage(); exit(1); } envelopeOptions.recipients = ptrarray; @@ -1368,11 +1367,11 @@ main(int argc, char **argv) } } if (status == PL_OPT_BAD) - Usage(progName); + Usage(); PL_DestroyOptState(optstate); if (mode == UNKNOWN) - Usage(progName); + Usage(); if (mode != CERTSONLY && !batch) { rv = SECU_FileToItem(&input, inFile); @@ -1529,7 +1528,7 @@ main(int argc, char **argv) break; default: fprintf(stderr, "One of options -D, -S or -E must be set.\n"); - Usage(progName); + Usage(); exitstatus = 1; } diff --git a/security/nss/cmd/strsclnt/strsclnt.c b/security/nss/cmd/strsclnt/strsclnt.c index 7d259bd0aa..bba53efac6 100644 --- a/security/nss/cmd/strsclnt/strsclnt.c +++ b/security/nss/cmd/strsclnt/strsclnt.c @@ -137,7 +137,7 @@ SECItem bigBuf; fprintf static void -Usage(const char *progName) +Usage(void) { fprintf(stderr, "Usage: %s [-n nickname] [-p port] [-d dbdir] [-c connections]\n" @@ -260,7 +260,6 @@ void printSecurityInfo(PRFileDesc *fd) { CERTCertificate *cert = NULL; - SSL3Statistics *ssl3stats = SSL_GetStatistics(); SECStatus result; SSLChannelInfo channel; SSLCipherSuiteInfo suite; @@ -1095,7 +1094,6 @@ client_main( while (0 != (ndx = *cipherString)) { const char *startCipher = cipherString++; int cipher = 0; - SECStatus rv; if (ndx == ':') { cipher = hexchar_to_int(*cipherString++); @@ -1353,7 +1351,7 @@ main(int argc, char **argv) enabledVersions, &enabledVersions) != SECSuccess) { fprintf(stderr, "Bad version specified.\n"); - Usage(progName); + Usage(); } break; @@ -1431,27 +1429,27 @@ main(int argc, char **argv) case 0: /* positional parameter */ if (hostName) { - Usage(progName); + Usage(); } hostName = PL_strdup(optstate->value); break; default: case '?': - Usage(progName); + Usage(); break; } } PL_DestroyOptState(optstate); if (!hostName || status == PL_OPT_BAD) - Usage(progName); + Usage(); if (fullhs != NO_FULLHS_PERCENTAGE && (fullhs < 0 || fullhs > 100 || NoReuse)) - Usage(progName); + Usage(); if (port == 0) - Usage(progName); + Usage(); if (fileName) readBigFile(fileName); diff --git a/security/nss/cmd/symkeyutil/symkeyutil.c b/security/nss/cmd/symkeyutil/symkeyutil.c index 4444568083..31ab4dda4c 100644 --- a/security/nss/cmd/symkeyutil/symkeyutil.c +++ b/security/nss/cmd/symkeyutil/symkeyutil.c @@ -1034,10 +1034,10 @@ main(int argc, char **argv) char *targetName = symKeyUtil.options[opt_TargetToken].arg; PK11SymKey *newKey; PK11SymKey *symKey = FindKey(slot, name, &keyID, &pwdata); - char *keyName = PK11_GetSymKeyNickname(symKey); + char *keyName; if (!symKey) { - char *keyName = keyID.data ? BufToHex(&keyID) : PORT_Strdup(name); + keyName = keyID.data ? BufToHex(&keyID) : PORT_Strdup(name); PR_fprintf(PR_STDERR, "%s: Couldn't find key %s on %s\n", progName, keyName, PK11_GetTokenName(slot)); PORT_Free(keyName); @@ -1061,6 +1061,7 @@ main(int argc, char **argv) PR_fprintf(PR_STDERR, "%s: Couldn't move the key \n", progName); goto shutdown; } + keyName = PK11_GetSymKeyNickname(symKey); if (keyName) { rv = PK11_SetSymKeyNickname(newKey, keyName); if (rv != SECSuccess) { diff --git a/security/nss/cmd/tstclnt/tstclnt.c b/security/nss/cmd/tstclnt/tstclnt.c index 1ad99502bb..6f5a43146a 100644 --- a/security/nss/cmd/tstclnt/tstclnt.c +++ b/security/nss/cmd/tstclnt/tstclnt.c @@ -51,6 +51,7 @@ #define MAX_WAIT_FOR_SERVER 600 #define WAIT_INTERVAL 100 +#define ZERO_RTT_MAX (2 << 16) #define EXIT_CODE_HANDSHAKE_FAILED 254 @@ -99,6 +100,7 @@ int renegotiationsDone = 0; PRBool initializedServerSessionCache = PR_FALSE; static char *progName; +static const char *requestFile; secuPWData pwdata = { PW_NONE, 0 }; @@ -172,7 +174,7 @@ printSecurityInfo(PRFileDesc *fd) } static void -PrintUsageHeader(const char *progName) +PrintUsageHeader() { fprintf(stderr, "Usage: %s -h host [-a 1st_hs_name ] [-a 2nd_hs_name ] [-p port]\n" @@ -186,7 +188,7 @@ PrintUsageHeader(const char *progName) } static void -PrintParameterUsage(void) +PrintParameterUsage() { fprintf(stderr, "%-20s Send different SNI name. 1st_hs_name - at first\n" "%-20s handshake, 2nd_hs_name - at second handshake.\n" @@ -259,17 +261,17 @@ PrintParameterUsage(void) } static void -Usage(const char *progName) +Usage() { - PrintUsageHeader(progName); + PrintUsageHeader(); PrintParameterUsage(); exit(1); } static void -PrintCipherUsage(const char *progName) +PrintCipherUsage() { - PrintUsageHeader(progName); + PrintUsageHeader(); fprintf(stderr, "%-20s Letter(s) chosen from the following list\n", "-c ciphers"); fprintf(stderr, @@ -303,7 +305,7 @@ milliPause(PRUint32 milli) } void -disableAllSSLCiphers(void) +disableAllSSLCiphers() { const PRUint16 *cipherSuites = SSL_GetImplementedCiphers(); int i = SSL_GetNumImplementedCiphers(); @@ -711,12 +713,18 @@ void thread_main(void *arg) { PRFileDesc *ps = (PRFileDesc *)arg; - PRFileDesc *std_in = PR_GetSpecialFD(PR_StandardInput); + PRFileDesc *std_in; int wc, rc; char buf[256]; + if (requestFile) { + std_in = PR_Open(requestFile, PR_RDONLY, 0); + } else { + std_in = PR_GetSpecialFD(PR_StandardInput); + } + #ifdef WIN32 - { + if (!requestFile) { /* Put stdin into O_BINARY mode ** or else incoming \r\n's will become \n's. */ @@ -737,6 +745,9 @@ thread_main(void *arg) wc = PR_Send(ps, buf, rc, 0, maxInterval); } while (wc == rc); PR_Close(ps); + if (requestFile) { + PR_Close(std_in); + } } #endif @@ -844,7 +855,7 @@ separateReqHeader(const PRFileDesc *outFd, const char *buf, const int nb, } else if (((c) >= 'A') && ((c) <= 'F')) { \ i = (c) - 'A' + 10; \ } else { \ - Usage(progName); \ + Usage(); \ } static SECStatus @@ -915,22 +926,22 @@ char *hs1SniHostName = NULL; char *hs2SniHostName = NULL; PRUint16 portno = 443; int override = 0; -char *requestString = NULL; -PRInt32 requestStringLen = 0; -PRBool requestSent = PR_FALSE; PRBool enableZeroRtt = PR_FALSE; +PRUint8 *zeroRttData; +unsigned int zeroRttLen = 0; PRBool enableAltServerHello = PR_FALSE; PRBool useDTLS = PR_FALSE; PRBool actAsServer = PR_FALSE; PRBool stopAfterHandshake = PR_FALSE; PRBool requestToExit = PR_FALSE; char *versionString = NULL; +PRBool handshakeComplete = PR_FALSE; static int -writeBytesToServer(PRFileDesc *s, const char *buf, int nb) +writeBytesToServer(PRFileDesc *s, const PRUint8 *buf, int nb) { SECStatus rv; - const char *bufp = buf; + const PRUint8 *bufp = buf; PRPollDesc pollDesc; pollDesc.in_flags = PR_POLL_WRITE | PR_POLL_EXCEPT; @@ -944,12 +955,20 @@ writeBytesToServer(PRFileDesc *s, const char *buf, int nb) if (cc < 0) { PRErrorCode err = PR_GetError(); if (err != PR_WOULD_BLOCK_ERROR) { - SECU_PrintError(progName, - "write to SSL socket failed"); + SECU_PrintError(progName, "write to SSL socket failed"); return 254; } cc = 0; } + FPRINTF(stderr, "%s: %d bytes written\n", progName, cc); + if (enableZeroRtt && !handshakeComplete) { + if (zeroRttLen + cc > ZERO_RTT_MAX) { + SECU_PrintError(progName, "too much early data to save"); + return -1; + } + PORT_Memcpy(zeroRttData + zeroRttLen, bufp, cc); + zeroRttLen += cc; + } bufp += cc; nb -= cc; if (nb <= 0) @@ -969,8 +988,7 @@ writeBytesToServer(PRFileDesc *s, const char *buf, int nb) progName); cc = PR_Poll(&pollDesc, 1, PR_INTERVAL_NO_TIMEOUT); if (cc < 0) { - SECU_PrintError(progName, - "PR_Poll failed"); + SECU_PrintError(progName, "PR_Poll failed"); return -1; } FPRINTF(stderr, @@ -993,7 +1011,7 @@ handshakeCallback(PRFileDesc *fd, void *client_data) SSL_ReHandshake(fd, (renegotiationsToDo < 2)); ++renegotiationsDone; } - if (requestString && requestSent) { + if (zeroRttLen) { /* This data was sent in 0-RTT. */ SSLChannelInfo info; SECStatus rv; @@ -1003,29 +1021,30 @@ handshakeCallback(PRFileDesc *fd, void *client_data) return; if (!info.earlyDataAccepted) { - FPRINTF(stderr, "Early data rejected. Re-sending\n"); - writeBytesToServer(fd, requestString, requestStringLen); + FPRINTF(stderr, "Early data rejected. Re-sending %d bytes\n", + zeroRttLen); + writeBytesToServer(fd, zeroRttData, zeroRttLen); + zeroRttLen = 0; } } if (stopAfterHandshake) { requestToExit = PR_TRUE; } + handshakeComplete = PR_TRUE; } -#define REQUEST_WAITING (requestString && !requestSent) - static SECStatus -installServerCertificate(PRFileDesc *s, char *nickname) +installServerCertificate(PRFileDesc *s, char *nick) { CERTCertificate *cert; SECKEYPrivateKey *privKey = NULL; - if (!nickname) { + if (!nick) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } - cert = PK11_FindCertFromNickname(nickname, &pwdata); + cert = PK11_FindCertFromNickname(nick, &pwdata); if (cert == NULL) { return SECFailure; } @@ -1129,20 +1148,19 @@ connectToServer(PRFileDesc *s, PRPollDesc *pollset) } static int -run(void) +run() { int headerSeparatorPtrnId = 0; int error = 0; SECStatus rv; PRStatus status; PRInt32 filesReady; - int npds; PRFileDesc *s = NULL; PRFileDesc *std_out; - PRPollDesc pollset[2]; + PRPollDesc pollset[2] = { { 0 }, { 0 } }; PRBool wrStarted = PR_FALSE; - requestSent = PR_FALSE; + handshakeComplete = PR_FALSE; /* Create socket */ if (useDTLS) { @@ -1225,19 +1243,18 @@ run(void) cipherString++; } else { if (!isalpha(ndx)) - Usage(progName); + Usage(); ndx = tolower(ndx) - 'a'; if (ndx < PR_ARRAY_SIZE(ssl3CipherSuites)) { cipher = ssl3CipherSuites[ndx]; } } if (cipher > 0) { - SECStatus status; - status = SSL_CipherPrefSet(s, cipher, SSL_ALLOWED); - if (status != SECSuccess) + rv = SSL_CipherPrefSet(s, cipher, SSL_ALLOWED); + if (rv != SECSuccess) SECU_PrintError(progName, "SSL_CipherPrefSet()"); } else { - Usage(progName); + Usage(); } } PORT_Free(cstringSaved); @@ -1394,7 +1411,6 @@ run(void) /* Try to connect to the server */ rv = connectToServer(s, pollset); if (rv != SECSuccess) { - ; error = 1; goto done; } @@ -1406,13 +1422,18 @@ run(void) pollset[SSOCK_FD].in_flags |= (clientSpeaksFirst ? 0 : PR_POLL_READ); else pollset[SSOCK_FD].in_flags |= PR_POLL_READ; - pollset[STDIN_FD].fd = PR_GetSpecialFD(PR_StandardInput); - if (!REQUEST_WAITING) { - pollset[STDIN_FD].in_flags = PR_POLL_READ; - npds = 2; + if (requestFile) { + pollset[STDIN_FD].fd = PR_Open(requestFile, PR_RDONLY, 0); + if (!pollset[STDIN_FD].fd) { + fprintf(stderr, "%s: unable to open input file: %s\n", + progName, requestFile); + error = 1; + goto done; + } } else { - npds = 1; + pollset[STDIN_FD].fd = PR_GetSpecialFD(PR_StandardInput); } + pollset[STDIN_FD].in_flags = PR_POLL_READ; std_out = PR_GetSpecialFD(PR_StandardOutput); #if defined(WIN32) || defined(OS2) @@ -1458,10 +1479,9 @@ run(void) requestToExit = PR_FALSE; FPRINTF(stderr, "%s: ready...\n", progName); while (!requestToExit && - ((pollset[SSOCK_FD].in_flags | pollset[STDIN_FD].in_flags) || - REQUEST_WAITING)) { - char buf[4000]; /* buffer for stdin */ - int nb; /* num bytes read from stdin. */ + (pollset[SSOCK_FD].in_flags || pollset[STDIN_FD].in_flags)) { + PRUint8 buf[4000]; /* buffer for stdin */ + int nb; /* num bytes read from stdin. */ rv = restartHandshakeAfterServerCertIfNeeded(s, &serverCertAuth, override); @@ -1475,7 +1495,8 @@ run(void) pollset[STDIN_FD].out_flags = 0; FPRINTF(stderr, "%s: about to call PR_Poll !\n", progName); - filesReady = PR_Poll(pollset, npds, PR_INTERVAL_NO_TIMEOUT); + filesReady = PR_Poll(pollset, PR_ARRAY_SIZE(pollset), + PR_INTERVAL_NO_TIMEOUT); if (filesReady < 0) { SECU_PrintError(progName, "select failed"); error = 1; @@ -1497,14 +1518,6 @@ run(void) "%s: PR_Poll returned 0x%02x for socket out_flags.\n", progName, pollset[SSOCK_FD].out_flags); } - if (REQUEST_WAITING) { - error = writeBytesToServer(s, requestString, requestStringLen); - if (error) { - goto done; - } - requestSent = PR_TRUE; - pollset[SSOCK_FD].in_flags = PR_POLL_READ; - } if (pollset[STDIN_FD].out_flags & PR_POLL_READ) { /* Read from stdin and write to socket */ nb = PR_Read(pollset[STDIN_FD].fd, buf, sizeof(buf)); @@ -1518,6 +1531,8 @@ run(void) } else if (nb == 0) { /* EOF on stdin, stop polling stdin for read. */ pollset[STDIN_FD].in_flags = 0; + if (actAsServer) + requestToExit = PR_TRUE; } else { error = writeBytesToServer(s, buf, nb); if (error) { @@ -1532,12 +1547,12 @@ run(void) "%s: PR_Poll returned 0x%02x for socket out_flags.\n", progName, pollset[SSOCK_FD].out_flags); } - if ((pollset[SSOCK_FD].out_flags & PR_POLL_READ) || - (pollset[SSOCK_FD].out_flags & PR_POLL_ERR) #ifdef PR_POLL_HUP - || (pollset[SSOCK_FD].out_flags & PR_POLL_HUP) +#define POLL_RECV_FLAGS (PR_POLL_READ | PR_POLL_ERR | PR_POLL_HUP) +#else +#define POLL_RECV_FLAGS (PR_POLL_READ | PR_POLL_ERR) #endif - ) { + if (pollset[SSOCK_FD].out_flags & POLL_RECV_FLAGS) { /* Read from socket and write to stdout */ nb = PR_Recv(pollset[SSOCK_FD].fd, buf, sizeof buf, 0, maxInterval); FPRINTF(stderr, "%s: Read from server %d bytes\n", progName, nb); @@ -1554,7 +1569,7 @@ run(void) if (skipProtoHeader != PR_TRUE || wrStarted == PR_TRUE) { PR_Write(std_out, buf, nb); } else { - separateReqHeader(std_out, buf, nb, &wrStarted, + separateReqHeader(std_out, (char *)buf, nb, &wrStarted, &headerSeparatorPtrnId); } if (verbose) @@ -1568,42 +1583,10 @@ done: if (s) { PR_Close(s); } - - return error; -} - -PRInt32 -ReadFile(const char *filename, char **data) -{ - char *ret = NULL; - char buf[8192]; - unsigned int len = 0; - PRStatus rv; - - PRFileDesc *fd = PR_Open(filename, PR_RDONLY, 0); - if (!fd) - return -1; - - for (;;) { - rv = PR_Read(fd, buf, sizeof(buf)); - if (rv < 0) { - PR_Free(ret); - return rv; - } - - if (!rv) - break; - - ret = PR_Realloc(ret, len + rv); - if (!ret) { - return -1; - } - PORT_Memcpy(ret + len, buf, rv); - len += rv; + if (requestFile && pollset[STDIN_FD].fd) { + PR_Close(pollset[STDIN_FD].fd); } - - *data = ret; - return len; + return error; } int @@ -1653,26 +1636,22 @@ main(int argc, char **argv) switch (optstate->option) { case '?': default: - Usage(progName); + Usage(); break; case '4': allowIPv6 = PR_FALSE; if (!allowIPv4) - Usage(progName); + Usage(); break; case '6': allowIPv4 = PR_FALSE; if (!allowIPv6) - Usage(progName); + Usage(); break; case 'A': - requestStringLen = ReadFile(optstate->value, &requestString); - if (requestStringLen < 0) { - fprintf(stderr, "Couldn't read file %s\n", optstate->value); - exit(1); - } + requestFile = PORT_Strdup(optstate->value); break; case 'C': @@ -1735,7 +1714,7 @@ main(int argc, char **argv) actAsServer = 1; } else { if (strcmp(optstate->value, "client")) { - Usage(progName); + Usage(); } } break; @@ -1768,16 +1747,21 @@ main(int argc, char **argv) if (!strcmp(optstate->value, "alt-server-hello")) { enableAltServerHello = PR_TRUE; } else { - Usage(progName); + Usage(); } break; case 'Y': - PrintCipherUsage(progName); + PrintCipherUsage(); exit(0); break; case 'Z': enableZeroRtt = PR_TRUE; + zeroRttData = PORT_ZAlloc(ZERO_RTT_MAX); + if (!zeroRttData) { + fprintf(stderr, "Unable to allocate buffer for 0-RTT\n"); + exit(1); + } break; case 'a': @@ -1786,7 +1770,7 @@ main(int argc, char **argv) } else if (!hs2SniHostName) { hs2SniHostName = PORT_Strdup(optstate->value); } else { - Usage(progName); + Usage(); } break; @@ -1875,7 +1859,7 @@ main(int argc, char **argv) if (rv != SECSuccess) { PL_DestroyOptState(optstate); fprintf(stderr, "Bad group specified.\n"); - Usage(progName); + Usage(); } break; } @@ -1889,18 +1873,18 @@ main(int argc, char **argv) enabledVersions, &enabledVersions) != SECSuccess) { fprintf(stderr, "Bad version specified.\n"); - Usage(progName); + Usage(); } PORT_Free(versionString); } if (optstatus == PL_OPT_BAD) { - Usage(progName); + Usage(); } if (!host || !portno) { fprintf(stderr, "%s: parameters -h and -p are mandatory\n", progName); - Usage(progName); + Usage(); } if (serverCertAuth.testFreshStatusFromSideChannel && @@ -2060,20 +2044,13 @@ done: PR_Close(s); } - if (hs1SniHostName) { - PORT_Free(hs1SniHostName); - } - if (hs2SniHostName) { - PORT_Free(hs2SniHostName); - } - if (nickname) { - PORT_Free(nickname); - } - if (pwdata.data) { - PORT_Free(pwdata.data); - } + PORT_Free((void *)requestFile); + PORT_Free(hs1SniHostName); + PORT_Free(hs2SniHostName); + PORT_Free(nickname); + PORT_Free(pwdata.data); PORT_Free(host); - PORT_Free(requestString); + PORT_Free(zeroRttData); if (enabledGroups) { PORT_Free(enabledGroups); diff --git a/security/nss/cmd/vfyserv/vfyserv.c b/security/nss/cmd/vfyserv/vfyserv.c index aa648ad8c2..4234ecd09d 100644 --- a/security/nss/cmd/vfyserv/vfyserv.c +++ b/security/nss/cmd/vfyserv/vfyserv.c @@ -327,9 +327,7 @@ do_connects(void *a, int connection) } void -client_main(unsigned short port, - int connections, - const char *hostName) +client_main(int connections) { int i; SECStatus secStatus; @@ -553,7 +551,7 @@ main(int argc, char **argv) } } - client_main(port, connections, hostName); + client_main(connections); cleanup: if (doOcspCheck) { diff --git a/security/nss/cmd/vfyserv/vfyutil.c b/security/nss/cmd/vfyserv/vfyutil.c index 2f1b532620..d3d8a206e7 100644 --- a/security/nss/cmd/vfyserv/vfyutil.c +++ b/security/nss/cmd/vfyserv/vfyutil.c @@ -310,13 +310,13 @@ myHandshakeCallback(PRFileDesc *socket, void *arg) void disableAllSSLCiphers(void) { - const PRUint16 *cipherSuites = SSL_ImplementedCiphers; + const PRUint16 *allSuites = SSL_ImplementedCiphers; int i = SSL_NumImplementedCiphers; SECStatus rv; /* disable all the SSL3 cipher suites */ while (--i >= 0) { - PRUint16 suite = cipherSuites[i]; + PRUint16 suite = allSuites[i]; rv = SSL_CipherPrefSetDefault(suite, PR_FALSE); if (rv != SECSuccess) { fprintf(stderr, diff --git a/security/nss/coreconf/Werror.mk b/security/nss/coreconf/Werror.mk index 69155eb145..a569a497ce 100644 --- a/security/nss/coreconf/Werror.mk +++ b/security/nss/coreconf/Werror.mk @@ -48,9 +48,11 @@ ifndef WARNING_CFLAGS else # This tests to see if enabling the warning is possible before # setting an option to disable it. - disable_warning = $(shell $(CC) -x c -E -Werror -W$(1) /dev/null >/dev/null 2>&1 && echo -Wno-$(1)) + set_warning = $(shell $(CC) -x c -E -Werror -W$(1) /dev/null >/dev/null 2>&1 && echo -W$(2)$(1)) + enable_warning = $(call set_warning,$(1),) + disable_warning = $(call set_warning,$(1),no-) - WARNING_CFLAGS = -Wall + WARNING_CFLAGS = -Wall $(call enable_warning,shadow) ifdef CC_IS_CLANG # -Qunused-arguments : clang objects to arguments that it doesn't understand # and fixing this would require rearchitecture diff --git a/security/nss/coreconf/config.mk b/security/nss/coreconf/config.mk index 55d95c30ea..b62f6cef42 100644 --- a/security/nss/coreconf/config.mk +++ b/security/nss/coreconf/config.mk @@ -181,6 +181,10 @@ ifndef NSS_FORCE_FIPS DEFINES += -DNSS_NO_INIT_SUPPORT endif +ifdef NSS_SEED_ONLY_DEV_URANDOM +DEFINES += -DSEED_ONLY_DEV_URANDOM +endif + # Avoid building object leak test code for optimized library ifndef BUILD_OPT ifdef PKIX_OBJECT_LEAK_TEST diff --git a/security/nss/coreconf/coreconf.dep b/security/nss/coreconf/coreconf.dep index 5182f75552..590d1bfaee 100644 --- a/security/nss/coreconf/coreconf.dep +++ b/security/nss/coreconf/coreconf.dep @@ -10,3 +10,4 @@ */ #error "Do not include this header file." + diff --git a/security/nss/coreconf/nsinstall/pathsub.c b/security/nss/coreconf/nsinstall/pathsub.c index a42a9f30a5..c31a946f0d 100644 --- a/security/nss/coreconf/nsinstall/pathsub.c +++ b/security/nss/coreconf/nsinstall/pathsub.c @@ -212,7 +212,7 @@ reversepath(char *inpath, char *name, int len, char *outpath) xchdir(".."); } else { cp -= 3; - strncpy(cp, "../", 3); + memcpy(cp, "../", 3); xchdir(buf); } } diff --git a/security/nss/coreconf/werror.py b/security/nss/coreconf/werror.py index c469c40029..0e2d41c63c 100644 --- a/security/nss/coreconf/werror.py +++ b/security/nss/coreconf/werror.py @@ -54,7 +54,7 @@ def main(): set_warning(w, 'no-') print('-Qunused-arguments') - # set_warning('shadow') # Bug 1309068 + set_warning('shadow') if __name__ == '__main__': main() diff --git a/security/nss/cpputil/databuffer.cc b/security/nss/cpputil/databuffer.cc index d60ebccb34..1420d76b45 100644 --- a/security/nss/cpputil/databuffer.cc +++ b/security/nss/cpputil/databuffer.cc @@ -18,12 +18,12 @@ namespace nss_test { -void DataBuffer::Assign(const uint8_t* data, size_t len) { - if (data) { - Allocate(len); - memcpy(static_cast<void*>(data_), static_cast<const void*>(data), len); +void DataBuffer::Assign(const uint8_t* d, size_t l) { + if (d) { + Allocate(l); + memcpy(static_cast<void*>(data_), static_cast<const void*>(d), l); } else { - assert(len == 0); + assert(l == 0); data_ = nullptr; len_ = 0; } diff --git a/security/nss/cpputil/databuffer.h b/security/nss/cpputil/databuffer.h index 58e07efe19..5ec0350986 100644 --- a/security/nss/cpputil/databuffer.h +++ b/security/nss/cpputil/databuffer.h @@ -17,8 +17,8 @@ namespace nss_test { class DataBuffer { public: DataBuffer() : data_(nullptr), len_(0) {} - DataBuffer(const uint8_t* data, size_t len) : data_(nullptr), len_(0) { - Assign(data, len); + DataBuffer(const uint8_t* d, size_t l) : data_(nullptr), len_(0) { + Assign(d, l); } DataBuffer(const DataBuffer& other) : data_(nullptr), len_(0) { Assign(other); @@ -32,17 +32,17 @@ class DataBuffer { return *this; } - void Allocate(size_t len) { + void Allocate(size_t l) { delete[] data_; - data_ = new uint8_t[len ? len : 1]; // Don't depend on new [0]. - len_ = len; + data_ = new uint8_t[l ? l : 1]; // Don't depend on new [0]. + len_ = l; } - void Truncate(size_t len) { len_ = (std::min)(len_, len); } + void Truncate(size_t l) { len_ = (std::min)(len_, l); } void Assign(const DataBuffer& other) { Assign(other.data(), other.len()); } - void Assign(const uint8_t* data, size_t len); + void Assign(const uint8_t* d, size_t l); // Write will do a new allocation and expand the size of the buffer if needed. // Returns the offset of the end of the write. diff --git a/security/nss/cpputil/scoped_ptrs.h b/security/nss/cpputil/scoped_ptrs.h index 8a0b4f5abe..6ffef4dd3f 100644 --- a/security/nss/cpputil/scoped_ptrs.h +++ b/security/nss/cpputil/scoped_ptrs.h @@ -45,6 +45,7 @@ struct ScopedDelete { void operator()(SEC_PKCS12DecoderContext* dcx) { SEC_PKCS12DecoderFinish(dcx); } + void operator()(CERTDistNames* names) { CERT_FreeDistNames(names); } }; template <class T> @@ -78,6 +79,7 @@ SCOPED(PK11Context); SCOPED(PK11GenericObject); SCOPED(SSLResumptionTokenInfo); SCOPED(SEC_PKCS12DecoderContext); +SCOPED(CERTDistNames); #undef SCOPED diff --git a/security/nss/cpputil/tls_parser.cc b/security/nss/cpputil/tls_parser.cc index e4c06aa910..efedd7a658 100644 --- a/security/nss/cpputil/tls_parser.cc +++ b/security/nss/cpputil/tls_parser.cc @@ -46,6 +46,21 @@ bool TlsParser::Read(DataBuffer* val, size_t len) { return true; } +bool TlsParser::ReadFromMark(DataBuffer* val, size_t len, size_t mark) { + auto saved = offset_; + offset_ = mark; + + if (remaining() < len) { + offset_ = saved; + return false; + } + + val->Assign(ptr(), len); + + offset_ = saved; + return true; +} + bool TlsParser::ReadVariable(DataBuffer* val, size_t len_size) { uint32_t len; if (!Read(&len, len_size)) { diff --git a/security/nss/cpputil/tls_parser.h b/security/nss/cpputil/tls_parser.h index 436c11e765..56f562e073 100644 --- a/security/nss/cpputil/tls_parser.h +++ b/security/nss/cpputil/tls_parser.h @@ -123,6 +123,7 @@ class TlsParser { bool Read(uint32_t* val, size_t size); // Reads len bytes into dest buffer, overwriting it. bool Read(DataBuffer* dest, size_t len); + bool ReadFromMark(DataBuffer* val, size_t len, size_t mark); // Reads bytes into dest buffer, overwriting it. The number of bytes is // determined by reading from len_size bytes from the stream first. bool ReadVariable(DataBuffer* dest, size_t len_size); diff --git a/security/nss/fuzz/fuzz.gyp b/security/nss/fuzz/fuzz.gyp index ed1f53d585..69e1783190 100644 --- a/security/nss/fuzz/fuzz.gyp +++ b/security/nss/fuzz/fuzz.gyp @@ -44,6 +44,9 @@ # This is a static build of pk11wrap, softoken, and freebl. '<(DEPTH)/lib/pk11wrap/pk11wrap.gyp:pk11wrap_static', ], + 'cflags_cc': [ + '-Wno-error=shadow', + ], 'conditions': [ ['fuzz_oss==0', { 'sources': [ diff --git a/security/nss/fuzz/tls_client_target.cc b/security/nss/fuzz/tls_client_target.cc index e595509845..a5b2a2c5ff 100644 --- a/security/nss/fuzz/tls_client_target.cc +++ b/security/nss/fuzz/tls_client_target.cc @@ -87,15 +87,12 @@ static void SetupCallbacks(PRFileDesc* fd, ClientConfig* config) { } extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t len) { - static std::unique_ptr<NSSDatabase> db(new NSSDatabase()); + std::unique_ptr<NSSDatabase> db(new NSSDatabase()); assert(db != nullptr); EnableAllProtocolVersions(); std::unique_ptr<ClientConfig> config(new ClientConfig(data, len)); - // Clear the cache. We never want to resume as we couldn't reproduce that. - SSL_ClearSessionCache(); - // Reset the RNG state. assert(RNG_RandomUpdate(NULL, 0) == SECSuccess); @@ -114,6 +111,9 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t len) { SetupCallbacks(ssl_fd, config.get()); DoHandshake(ssl_fd, false); + // Release all SIDs. + SSL_ClearSessionCache(); + return 0; } diff --git a/security/nss/gtests/freebl_gtest/blake2b_unittest.cc b/security/nss/gtests/freebl_gtest/blake2b_unittest.cc index e6b0c11576..ac9cca83fd 100644 --- a/security/nss/gtests/freebl_gtest/blake2b_unittest.cc +++ b/security/nss/gtests/freebl_gtest/blake2b_unittest.cc @@ -50,7 +50,7 @@ TEST_P(Blake2BKATUnkeyed, Unkeyed) { TEST_P(Blake2BKATKeyed, Keyed) { std::vector<uint8_t> values(BLAKE2B512_LENGTH); SECStatus rv = BLAKE2B_MAC_HashBuf(values.data(), kat_data.data(), - std::get<0>(GetParam()), key.data(), + std::get<0>(GetParam()), kat_key.data(), BLAKE2B_KEY_SIZE); ASSERT_EQ(SECSuccess, rv); EXPECT_EQ(values, std::get<1>(GetParam())); @@ -139,7 +139,7 @@ TEST_F(Blake2BTests, NullTest) { EXPECT_EQ(std::get<1>(TestcasesUnkeyed[0]), digest); digest = std::vector<uint8_t>(BLAKE2B512_LENGTH); - rv = BLAKE2B_MAC_HashBuf(digest.data(), nullptr, 0, key.data(), + rv = BLAKE2B_MAC_HashBuf(digest.data(), nullptr, 0, kat_key.data(), BLAKE2B_KEY_SIZE); ASSERT_EQ(SECSuccess, rv); EXPECT_EQ(std::get<1>(TestcasesKeyed[0]), digest); diff --git a/security/nss/gtests/freebl_gtest/kat/blake2b_kat.h b/security/nss/gtests/freebl_gtest/kat/blake2b_kat.h index 28921cc945..2d73a4ab55 100644 --- a/security/nss/gtests/freebl_gtest/kat/blake2b_kat.h +++ b/security/nss/gtests/freebl_gtest/kat/blake2b_kat.h @@ -7,7 +7,7 @@ #include <vector> #include <stdint.h> -const std::vector<uint8_t> key = { +const std::vector<uint8_t> kat_key = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, diff --git a/security/nss/gtests/nss_bogo_shim/config.cc b/security/nss/gtests/nss_bogo_shim/config.cc index 2e6f7f7752..603bb60296 100644 --- a/security/nss/gtests/nss_bogo_shim/config.cc +++ b/security/nss/gtests/nss_bogo_shim/config.cc @@ -9,26 +9,37 @@ #include <queue> #include <string> -bool ConfigEntryBase::ParseInternal(std::queue<const char *> *args, - std::string *out) { - if (args->empty()) return false; - *out = args->front(); - args->pop(); +bool ConfigEntryBase::ParseInternal(std::queue<const char *> &args, + std::vector<int> &out) { + if (args.empty()) return false; + + char *endptr; + out.push_back(strtol(args.front(), &endptr, 10)); + args.pop(); + + return !*endptr; +} + +bool ConfigEntryBase::ParseInternal(std::queue<const char *> &args, + std::string &out) { + if (args.empty()) return false; + out = args.front(); + args.pop(); return true; } -bool ConfigEntryBase::ParseInternal(std::queue<const char *> *args, int *out) { - if (args->empty()) return false; +bool ConfigEntryBase::ParseInternal(std::queue<const char *> &args, int &out) { + if (args.empty()) return false; char *endptr; - *out = strtol(args->front(), &endptr, 10); - args->pop(); + out = strtol(args.front(), &endptr, 10); + args.pop(); return !*endptr; } -bool ConfigEntryBase::ParseInternal(std::queue<const char *> *args, bool *out) { - *out = true; +bool ConfigEntryBase::ParseInternal(std::queue<const char *> &args, bool &out) { + out = true; return true; } @@ -51,7 +62,7 @@ Config::Status Config::ParseArgs(int argc, char **argv) { if (e == entries_.end()) { return kUnknownFlag; } - if (!e->second->Parse(&args)) return kMalformedArgument; + if (!e->second->Parse(args)) return kMalformedArgument; } return kOK; diff --git a/security/nss/gtests/nss_bogo_shim/config.h b/security/nss/gtests/nss_bogo_shim/config.h index 822df65b3a..0e7fb5ed58 100644 --- a/security/nss/gtests/nss_bogo_shim/config.h +++ b/security/nss/gtests/nss_bogo_shim/config.h @@ -23,18 +23,19 @@ // Abstract base class for a given config flag. class ConfigEntryBase { public: - ConfigEntryBase(const std::string& name, const std::string& type) - : name_(name), type_(type) {} + ConfigEntryBase(const std::string& nm, const std::string& typ) + : name_(nm), type_(typ) {} virtual ~ConfigEntryBase() {} const std::string& type() const { return type_; } - virtual bool Parse(std::queue<const char*>* args) = 0; + virtual bool Parse(std::queue<const char*>& args) = 0; protected: - bool ParseInternal(std::queue<const char*>* args, std::string* out); - bool ParseInternal(std::queue<const char*>* args, int* out); - bool ParseInternal(std::queue<const char*>* args, bool* out); + bool ParseInternal(std::queue<const char*>& args, std::vector<int>& out); + bool ParseInternal(std::queue<const char*>& args, std::string& out); + bool ParseInternal(std::queue<const char*>& args, int& out); + bool ParseInternal(std::queue<const char*>& args, bool& out); const std::string name_; const std::string type_; @@ -48,8 +49,8 @@ class ConfigEntry : public ConfigEntryBase { : ConfigEntryBase(name, typeid(T).name()), value_(init) {} T get() const { return value_; } - bool Parse(std::queue<const char*>* args) { - return ParseInternal(args, &value_); + bool Parse(std::queue<const char*>& args) { + return ParseInternal(args, value_); } private: diff --git a/security/nss/gtests/nss_bogo_shim/config.json b/security/nss/gtests/nss_bogo_shim/config.json index 03f8754662..6dc155befa 100644 --- a/security/nss/gtests/nss_bogo_shim/config.json +++ b/security/nss/gtests/nss_bogo_shim/config.json @@ -1,69 +1,16 @@ { "DisabledTests": { "### These tests break whenever we rev versions, so just leave them here for easy uncommenting":"", - "SendWarningAlerts-Pass":"BoringSSL updated", - "SendBogusAlertType":"BoringSSL updated", - "SendEmptyRecords-Pass":"BoringSSL updated", - "ExtraCompressionMethods-TLS12":"BoringSSL updated", - "SendSNIWarningAlert":"BoringSSL updated", - "NoNullCompression-TLS12":"BoringSSL updated", - "InvalidCompressionMethod":"BoringSSL updated", - "SupportTicketsWithSessionID":"BoringSSL updated", - "NoSharedCipher":"BoringSSL updated", - "ServerHelloBogusCipher":"BoringSSL updated", - "ClientHelloVersionTooHigh":"BoringSSL updated", - "ServerAuth-SignatureType":"BoringSSL updated", - "ECDSACurveMismatch-Verify-TLS12":"BoringSSL updated", - "UnknownExtension-Client":"BoringSSL updated", - "UnofferedExtension-Client":"BoringSSL updated", - "SendClientVersion-RSA":"BoringSSL updated", - "SupportedCurves-ServerHello-TLS12":"BoringSSL updated", - "Basic-Client*Sync":"BoringSSL updated", - "Resume-Client-CipherMismatch":"BoringSSL updated", - "ClientAuth-SignatureType":"BoringSSL updated", - "Agree-Digest-Default":"BoringSSL updated", - "Basic-Server*Sync":"BoringSSL updated", - "ClientAuth-*-Sync":"BoringSSL updated", - "RSA-PSS-Default*":"BoringSSL updated", - "Renegotiate-Server-NoExt*":"BoringSSL updated", - "Downgrade-TLS12*":"BoringSSL updated", - "MaxCBCPadding":"BoringSSL updated", - "UnknownCipher":"BoringSSL updated", - "LargeMessage":"BoringSSL updated", - "NoCommonCurves":"BoringSSL updated", - "UnknownCurve":"BoringSSL updated", - "SessionTicketsDisabled*":"BoringSSL updated", - "BadFinished-*":"BoringSSL updated", - "ServerSkipCertificateVerify":"BoringSSL updated", - "*VersionTolerance":"BoringSSL updated", - "ConflictingVersionNegotiation*":"BoringSSL updated", - "Ed25519DefaultDisable*":"BoringSSL updated", - "*SHA1-Fallback*":"BoringSSL updated", - "ExtendedMasterSecret-NoToNo*":"BoringSSL updated", - "ServerNameExtensionClientMissing*":"BoringSSL updated", - "NoClientCertificate*":"BoringSSL updated", - "ServerCipherFilter*":"BoringSSL updated", - "*FallbackSCSV*":"BoringSSL updated", - "LooseInitialRecordVersion*":"BoringSSL updated", - "ALPNClient*":"BoringSSL updated", - "MinimumVersion*":"BoringSSL updated", - "VersionNegotiation*":"BoringSSL updated", - "*Client-ClientAuth*":"BoringSSL updated", - "*Server-ClientAuth*":"BoringSSL updated", - "NoExtendedMasterSecret*":"BoringSSL updated", - "PointFormat*":"BoringSSL updated", - "*Sync-SplitHandshakeRecords*":"BoringSSL updated", - "*Sync-PackHandshakeFlight*":"BoringSSL updated", - "TicketSessionIDLength*":"BoringSSL updated", - "*LargeRecord*":"BoringSSL updated", - "WrongMessageType-NewSessionTicket":"BoringSSL updated", - "WrongMessageType*Certificate*":"BoringSSL updated", - "WrongMessageType*Client*":"BoringSSL updated", - "WrongMessageType*Server*":"BoringSSL updated", - "WrongMessageType*DTLS":"BoringSSL updated", - "GarbageCertificate*":"BoringSSL updated", - "EmptyExtensions*":"BoringSSL updated", - "*OmitExtensions*":"BoringSSL updated", + "ServerBogusVersion":"Check that SH.legacy_version=TLS12 when the server picks TLS 1.3 (Bug 1443761)", + "DummyPQPadding-Server*":"Boring is testing a dummy PQ padding extension", + "VerifyPreferences-Enforced":"NSS sends alerts in response to errors in protected handshake messages in the clear", + "Draft-Downgrade-Server":"Boring implements a draft downgrade sentinel used for measurements.", + "FilterExtraAlgorithms":"NSS doesn't allow sending unsupported signature algorithms", + "SendBogusAlertType":"Unexpected TLS alerts should abort connections (Bug 1438263)", + "VerifyPreferences-Ed25519":"Add Ed25519 support (Bug 1325335)", + "Ed25519DefaultDisable*":"Add Ed25519 support (Bug 1325335)", + "ServerCipherFilter*":"Add Ed25519 support (Bug 1325335)", + "GarbageCertificate*":"Send bad_certificate alert when certificate parsing fails (Bug 1441565)", "SupportedVersionSelection-TLS12":"Should maybe reject TLS 1.2 in SH.supported_versions (Bug 1438266)", "*TLS13*":"(NSS=19, BoGo=18)", "*HelloRetryRequest*":"(NSS=19, BoGo=18)", @@ -108,7 +55,6 @@ "WrongMessageType-TLS13-ServerCertificateVerify":"nss updated/broken", "WrongMessageType-TLS13-ServerCertificate":"nss updated/broken", "WrongMessageType-TLS13-ServerFinished":"nss updated/broken", - "EncryptedExtensionsWithKeyShare":"nss updated/broken", "EmptyEncryptedExtensions":"nss updated/broken", "TrailingMessageData-*": "Bug 1304575", "DuplicateKeyShares":"Bug 1304578", diff --git a/security/nss/gtests/nss_bogo_shim/nss_bogo_shim.cc b/security/nss/gtests/nss_bogo_shim/nss_bogo_shim.cc index e12714e8d1..72dbd57711 100644 --- a/security/nss/gtests/nss_bogo_shim/nss_bogo_shim.cc +++ b/security/nss/gtests/nss_bogo_shim/nss_bogo_shim.cc @@ -5,6 +5,7 @@ * You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "config.h" +#include <algorithm> #include <cstdlib> #include <iostream> #include <memory> @@ -90,9 +91,14 @@ class TestAgent { PRStatus prv; PRNetAddr addr; - prv = PR_StringToNetAddr("127.0.0.1", &addr); + // Try IPv6 first. + prv = PR_StringToNetAddr("::1", &addr); if (prv != PR_SUCCESS) { - return false; + // If that fails, try IPv4. + prv = PR_StringToNetAddr("127.0.0.1", &addr); + if (prv != PR_SUCCESS) { + return false; + } } addr.inet.port = PR_htons(cfg_.get<int>("port")); @@ -256,7 +262,11 @@ class TestAgent { } bool SetupOptions() { - SECStatus rv = SSL_OptionSet(ssl_fd_, SSL_ENABLE_SESSION_TICKETS, PR_TRUE); + SECStatus rv = + SSL_OptionSet(ssl_fd_, SSL_ENABLE_TLS13_COMPAT_MODE, PR_TRUE); + if (rv != SECSuccess) return false; + + rv = SSL_OptionSet(ssl_fd_, SSL_ENABLE_SESSION_TICKETS, PR_TRUE); if (rv != SECSuccess) return false; SSLVersionRange vrange; @@ -287,6 +297,26 @@ class TestAgent { if (rv != SECSuccess) return false; } + // Set supported signature schemes. + auto sign_prefs = cfg_.get<std::vector<int>>("signing-prefs"); + auto verify_prefs = cfg_.get<std::vector<int>>("verify-prefs"); + if (sign_prefs.empty()) { + sign_prefs = verify_prefs; + } else if (!verify_prefs.empty()) { + return false; // Both shouldn't be set. + } + if (!sign_prefs.empty()) { + std::vector<SSLSignatureScheme> sig_schemes; + std::transform( + sign_prefs.begin(), sign_prefs.end(), std::back_inserter(sig_schemes), + [](int scheme) { return static_cast<SSLSignatureScheme>(scheme); }); + + rv = SSL_SignatureSchemePrefSet( + ssl_fd_, sig_schemes.data(), + static_cast<unsigned int>(sig_schemes.size())); + if (rv != SECSuccess) return false; + } + if (cfg_.get<bool>("fallback-scsv")) { rv = SSL_OptionSet(ssl_fd_, SSL_ENABLE_FALLBACK_SCSV, PR_TRUE); if (rv != SECSuccess) return false; @@ -410,7 +440,7 @@ class TestAgent { size_t left = sizeof(block); while (left) { - int32_t rv = PR_Read(ssl_fd_, block, left); + rv = PR_Read(ssl_fd_, block, left); if (rv < 0) { std::cerr << "Failure reading\n"; return SECFailure; @@ -481,6 +511,24 @@ class TestAgent { } } + auto sig_alg = cfg_.get<int>("expect-peer-signature-algorithm"); + if (sig_alg) { + SSLChannelInfo info; + rv = SSL_GetChannelInfo(ssl_fd_, &info, sizeof(info)); + if (rv != SECSuccess) { + PRErrorCode err = PR_GetError(); + std::cerr << "SSL_GetChannelInfo failed with error=" << FormatError(err) + << std::endl; + return SECFailure; + } + + auto expected = static_cast<SSLSignatureScheme>(sig_alg); + if (info.signatureScheme != expected) { + std::cerr << "Unexpected signature scheme" << std::endl; + return SECFailure; + } + } + return SECSuccess; } @@ -513,6 +561,9 @@ std::unique_ptr<const Config> ReadConfig(int argc, char** argv) { cfg->AddEntry<bool>("verify-peer", false); cfg->AddEntry<std::string>("advertise-alpn", ""); cfg->AddEntry<std::string>("expect-alpn", ""); + cfg->AddEntry<std::vector<int>>("signing-prefs", std::vector<int>()); + cfg->AddEntry<std::vector<int>>("verify-prefs", std::vector<int>()); + cfg->AddEntry<int>("expect-peer-signature-algorithm", 0); auto rv = cfg->ParseArgs(argc, argv); switch (rv) { diff --git a/security/nss/gtests/pk11_gtest/pk11_signature_test.h b/security/nss/gtests/pk11_gtest/pk11_signature_test.h index b141043716..8a12171a0a 100644 --- a/security/nss/gtests/pk11_gtest/pk11_signature_test.h +++ b/security/nss/gtests/pk11_gtest/pk11_signature_test.h @@ -25,8 +25,8 @@ struct Pkcs11SignatureTestParams { class Pk11SignatureTest : public ::testing::Test { protected: - Pk11SignatureTest(CK_MECHANISM_TYPE mechanism, SECOidTag hash_oid) - : mechanism_(mechanism), hash_oid_(hash_oid) {} + Pk11SignatureTest(CK_MECHANISM_TYPE mech, SECOidTag hash_oid) + : mechanism_(mech), hash_oid_(hash_oid) {} virtual const SECItem* parameters() const { return nullptr; } CK_MECHANISM_TYPE mechanism() const { return mechanism_; } diff --git a/security/nss/gtests/ssl_gtest/libssl_internals.c b/security/nss/gtests/ssl_gtest/libssl_internals.c index 17b4ffe49a..e43113de42 100644 --- a/security/nss/gtests/ssl_gtest/libssl_internals.c +++ b/security/nss/gtests/ssl_gtest/libssl_internals.c @@ -237,22 +237,23 @@ SECStatus SSLInt_AdvanceReadSeqNum(PRFileDesc *fd, PRUint64 to) { if (!ss) { return SECFailure; } - if (to >= RECORD_SEQ_MAX) { + if (to > RECORD_SEQ_MAX) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } ssl_GetSpecWriteLock(ss); spec = ss->ssl3.crSpec; - spec->seqNum = to; + spec->nextSeqNum = to; /* For DTLS, we need to fix the record sequence number. For this, we can just * scrub the entire structure on the assumption that the new sequence number * is far enough past the last received sequence number. */ - if (spec->seqNum <= spec->recvdRecords.right + DTLS_RECVD_RECORDS_WINDOW) { + if (spec->nextSeqNum <= + spec->recvdRecords.right + DTLS_RECVD_RECORDS_WINDOW) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } - dtls_RecordSetRecvd(&spec->recvdRecords, spec->seqNum); + dtls_RecordSetRecvd(&spec->recvdRecords, spec->nextSeqNum - 1); ssl_ReleaseSpecWriteLock(ss); return SECSuccess; @@ -270,7 +271,7 @@ SECStatus SSLInt_AdvanceWriteSeqNum(PRFileDesc *fd, PRUint64 to) { return SECFailure; } ssl_GetSpecWriteLock(ss); - ss->ssl3.cwSpec->seqNum = to; + ss->ssl3.cwSpec->nextSeqNum = to; ssl_ReleaseSpecWriteLock(ss); return SECSuccess; } @@ -284,7 +285,7 @@ SECStatus SSLInt_AdvanceWriteSeqByAWindow(PRFileDesc *fd, PRInt32 extra) { return SECFailure; } ssl_GetSpecReadLock(ss); - to = ss->ssl3.cwSpec->seqNum + DTLS_RECVD_RECORDS_WINDOW + extra; + to = ss->ssl3.cwSpec->nextSeqNum + DTLS_RECVD_RECORDS_WINDOW + extra; ssl_ReleaseSpecReadLock(ss); return SSLInt_AdvanceWriteSeqNum(fd, to); } diff --git a/security/nss/gtests/ssl_gtest/manifest.mn b/security/nss/gtests/ssl_gtest/manifest.mn index 5d893bab35..8547e56d1d 100644 --- a/security/nss/gtests/ssl_gtest/manifest.mn +++ b/security/nss/gtests/ssl_gtest/manifest.mn @@ -36,6 +36,7 @@ CPPSRCS = \ ssl_loopback_unittest.cc \ ssl_misc_unittest.cc \ ssl_record_unittest.cc \ + ssl_recordsize_unittest.cc \ ssl_resumption_unittest.cc \ ssl_renegotiation_unittest.cc \ ssl_skip_unittest.cc \ diff --git a/security/nss/gtests/ssl_gtest/rsa8193.h b/security/nss/gtests/ssl_gtest/rsa8193.h new file mode 100644 index 0000000000..6265163896 --- /dev/null +++ b/security/nss/gtests/ssl_gtest/rsa8193.h @@ -0,0 +1,209 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// openssl req -nodes -x509 -newkey rsa:8193 -out cert.pem -days 365 +static const uint8_t rsa8193[] = { + 0x30, 0x82, 0x09, 0x61, 0x30, 0x82, 0x05, 0x48, 0xa0, 0x03, 0x02, 0x01, + 0x02, 0x02, 0x09, 0x00, 0xaf, 0xff, 0x37, 0x91, 0x3e, 0x44, 0xae, 0x57, + 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, + 0x0b, 0x05, 0x00, 0x30, 0x45, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, + 0x04, 0x06, 0x13, 0x02, 0x41, 0x55, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, + 0x55, 0x04, 0x08, 0x0c, 0x0a, 0x53, 0x6f, 0x6d, 0x65, 0x2d, 0x53, 0x74, + 0x61, 0x74, 0x65, 0x31, 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04, 0x0a, + 0x0c, 0x18, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x20, 0x57, + 0x69, 0x64, 0x67, 0x69, 0x74, 0x73, 0x20, 0x50, 0x74, 0x79, 0x20, 0x4c, + 0x74, 0x64, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x38, 0x30, 0x35, 0x31, 0x37, + 0x30, 0x39, 0x34, 0x32, 0x32, 0x39, 0x5a, 0x17, 0x0d, 0x31, 0x39, 0x30, + 0x35, 0x31, 0x37, 0x30, 0x39, 0x34, 0x32, 0x32, 0x39, 0x5a, 0x30, 0x45, + 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x41, + 0x55, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, + 0x53, 0x6f, 0x6d, 0x65, 0x2d, 0x53, 0x74, 0x61, 0x74, 0x65, 0x31, 0x21, + 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x18, 0x49, 0x6e, 0x74, + 0x65, 0x72, 0x6e, 0x65, 0x74, 0x20, 0x57, 0x69, 0x64, 0x67, 0x69, 0x74, + 0x73, 0x20, 0x50, 0x74, 0x79, 0x20, 0x4c, 0x74, 0x64, 0x30, 0x82, 0x04, + 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, + 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x04, 0x0f, 0x00, 0x30, 0x82, 0x04, + 0x0a, 0x02, 0x82, 0x04, 0x01, 0x01, 0x77, 0xd6, 0xa9, 0x93, 0x4e, 0x15, + 0xb5, 0x67, 0x70, 0x8e, 0xc3, 0x77, 0x4f, 0xc9, 0x8a, 0x06, 0xd9, 0xb9, + 0xa6, 0x41, 0xb8, 0xfa, 0x4a, 0x13, 0x26, 0xdc, 0x2b, 0xc5, 0x82, 0xa0, + 0x74, 0x8c, 0x1e, 0xe9, 0xc0, 0x70, 0x15, 0x56, 0xec, 0x1f, 0x7e, 0x91, + 0x6e, 0x31, 0x42, 0x8b, 0xd5, 0xe2, 0x0e, 0x9c, 0xeb, 0xff, 0xbc, 0xf9, + 0x42, 0xd3, 0xb9, 0x1c, 0x5e, 0x46, 0x80, 0x90, 0x5f, 0xe1, 0x59, 0x22, + 0x13, 0x71, 0xd3, 0xd6, 0x66, 0x7a, 0xe0, 0x56, 0x04, 0x10, 0x59, 0x01, + 0xb3, 0xb6, 0xd2, 0xc7, 0xa7, 0x3b, 0xbc, 0xe6, 0x38, 0x44, 0xd5, 0x71, + 0x66, 0x1d, 0xb2, 0x63, 0x2f, 0xa9, 0x5e, 0x80, 0x92, 0x3c, 0x21, 0x0e, + 0xe1, 0xda, 0xd6, 0x1d, 0xcb, 0xce, 0xac, 0xe1, 0x5f, 0x97, 0x45, 0x8f, + 0xc1, 0x64, 0x16, 0xa6, 0x88, 0x2a, 0x36, 0x4a, 0x76, 0x64, 0x8f, 0x83, + 0x7a, 0x1d, 0xd8, 0x91, 0x90, 0x7b, 0x58, 0xb8, 0x1c, 0x7f, 0x56, 0x57, + 0x35, 0xfb, 0xf3, 0x1a, 0xcb, 0x7c, 0x66, 0x66, 0x04, 0x95, 0xee, 0x3a, + 0x80, 0xf0, 0xd4, 0x12, 0x3a, 0x7e, 0x7e, 0x5e, 0xb8, 0x55, 0x29, 0x23, + 0x06, 0xd3, 0x85, 0x0c, 0x99, 0x91, 0x42, 0xee, 0x5a, 0x30, 0x7f, 0x52, + 0x20, 0xb3, 0xe2, 0xe7, 0x39, 0x69, 0xb6, 0xfc, 0x42, 0x1e, 0x98, 0xd3, + 0x31, 0xa2, 0xfa, 0x81, 0x52, 0x69, 0x6d, 0x23, 0xf8, 0xc4, 0xc3, 0x3c, + 0x9b, 0x48, 0x75, 0xa8, 0xc7, 0xe7, 0x61, 0x81, 0x1f, 0xf7, 0xce, 0x10, + 0xaa, 0x13, 0xcb, 0x6e, 0x19, 0xc0, 0x4f, 0x6f, 0x90, 0xa8, 0x41, 0xea, + 0x49, 0xdf, 0xe4, 0xef, 0x84, 0x54, 0xb5, 0x37, 0xaf, 0x12, 0x75, 0x1a, + 0x11, 0x4b, 0x58, 0x7f, 0x63, 0x22, 0x33, 0xb1, 0xc8, 0x4d, 0xf2, 0x41, + 0x10, 0xbc, 0x37, 0xb5, 0xd5, 0xb2, 0x21, 0x32, 0x35, 0x9d, 0xf3, 0x8d, + 0xab, 0x66, 0x9d, 0x19, 0x12, 0x71, 0x45, 0xb3, 0x82, 0x5a, 0x5c, 0xff, + 0x2d, 0xcf, 0xf4, 0x5b, 0x56, 0xb8, 0x08, 0xb3, 0xd2, 0x43, 0x8c, 0xac, + 0xd2, 0xf8, 0xcc, 0x6d, 0x90, 0x97, 0xff, 0x12, 0x74, 0x97, 0xf8, 0xa4, + 0xe3, 0x95, 0xae, 0x92, 0xdc, 0x7e, 0x9d, 0x2b, 0xb4, 0x94, 0xc3, 0x8d, + 0x80, 0xe7, 0x77, 0x5c, 0x5b, 0xbb, 0x43, 0xdc, 0xa6, 0xe9, 0xbe, 0x20, + 0xcc, 0x9d, 0x8e, 0xa4, 0x2b, 0xf2, 0x72, 0xdc, 0x44, 0x61, 0x0f, 0xad, + 0x1a, 0x5e, 0xa5, 0x48, 0xe4, 0x42, 0xc5, 0xe4, 0xf1, 0x6d, 0x33, 0xdb, + 0xb2, 0x1b, 0x9f, 0xb2, 0xff, 0x18, 0x0e, 0x62, 0x35, 0x99, 0xed, 0x22, + 0x19, 0x4a, 0x5e, 0xb3, 0x3c, 0x07, 0x8f, 0x6e, 0x22, 0x5b, 0x16, 0x4a, + 0x9f, 0xef, 0xf3, 0xe7, 0xd6, 0x48, 0xe1, 0xb4, 0x3b, 0xab, 0x1b, 0x9e, + 0x53, 0xd7, 0x1b, 0xd9, 0x2d, 0x51, 0x8f, 0xe4, 0x1c, 0xab, 0xdd, 0xb9, + 0xe2, 0xee, 0xe4, 0xdd, 0x60, 0x04, 0x86, 0x6b, 0x4e, 0x7a, 0xc8, 0x09, + 0x51, 0xd1, 0x9b, 0x36, 0x9a, 0x36, 0x7f, 0xe8, 0x6b, 0x09, 0x6c, 0xee, + 0xad, 0x3a, 0x2f, 0xa8, 0x63, 0x92, 0x23, 0x2f, 0x7e, 0x00, 0xe2, 0xd1, + 0xbb, 0xd9, 0x5b, 0x5b, 0xfa, 0x4b, 0x83, 0x00, 0x19, 0x28, 0xfb, 0x7e, + 0xfe, 0x58, 0xab, 0xb7, 0x33, 0x45, 0x8f, 0x75, 0x9a, 0x54, 0x3d, 0x77, + 0x06, 0x75, 0x61, 0x4f, 0x5c, 0x93, 0xa0, 0xf9, 0xe8, 0xcf, 0xf6, 0x04, + 0x14, 0xda, 0x1b, 0x2e, 0x79, 0x35, 0xb8, 0xb4, 0xfa, 0x08, 0x27, 0x9a, + 0x03, 0x70, 0x78, 0x97, 0x8f, 0xae, 0x2e, 0xd5, 0x1c, 0xe0, 0x4d, 0x91, + 0x3a, 0xfe, 0x1a, 0x64, 0xd8, 0x49, 0xdf, 0x6c, 0x66, 0xac, 0xc9, 0x57, + 0x06, 0x72, 0xc0, 0xc0, 0x09, 0x71, 0x6a, 0xd0, 0xb0, 0x7d, 0x35, 0x3f, + 0x53, 0x17, 0x49, 0x38, 0x92, 0x22, 0x55, 0xf6, 0x58, 0x56, 0xa2, 0x42, + 0x77, 0x94, 0xb7, 0x28, 0x0a, 0xa0, 0xd2, 0xda, 0x25, 0xc1, 0xcc, 0x52, + 0x51, 0xd6, 0xba, 0x18, 0x0f, 0x0d, 0xe3, 0x7d, 0xd1, 0xda, 0xd9, 0x0c, + 0x5e, 0x3a, 0xca, 0xe9, 0xf1, 0xf5, 0x65, 0xfc, 0xc3, 0x99, 0x72, 0x25, + 0xf2, 0xc0, 0xa1, 0x8c, 0x43, 0x9d, 0xb2, 0xc9, 0xb1, 0x1a, 0x24, 0x34, + 0x57, 0xd8, 0xa7, 0x52, 0xa3, 0x39, 0x6e, 0x0b, 0xec, 0xbd, 0x5e, 0xc9, + 0x1f, 0x74, 0xed, 0xae, 0xe6, 0x4e, 0x49, 0xe8, 0x87, 0x3e, 0x46, 0x0d, + 0x40, 0x30, 0xda, 0x9d, 0xcf, 0xf5, 0x03, 0x1f, 0x38, 0x29, 0x3b, 0x66, + 0xe5, 0xc0, 0x89, 0x4c, 0xfc, 0x09, 0x62, 0x37, 0x01, 0xf9, 0x01, 0xab, + 0x8d, 0x53, 0x9c, 0x36, 0x5d, 0x36, 0x66, 0x8d, 0x87, 0xf4, 0xab, 0x37, + 0xb7, 0xf7, 0xe3, 0xdf, 0xc1, 0x52, 0xc0, 0x1d, 0x09, 0x92, 0x21, 0x47, + 0x49, 0x9a, 0x19, 0x38, 0x05, 0x62, 0xf3, 0x47, 0x80, 0x89, 0x1e, 0x70, + 0xa1, 0x57, 0xb7, 0x72, 0xd0, 0x41, 0x7a, 0x5c, 0x6a, 0x13, 0x8b, 0x6c, + 0xda, 0xdf, 0x6b, 0x01, 0x15, 0x20, 0xfa, 0xc8, 0x67, 0xee, 0xb2, 0x13, + 0xd8, 0x5f, 0x84, 0x30, 0x44, 0x8e, 0xf9, 0x2a, 0xae, 0x17, 0x53, 0x49, + 0xaa, 0x34, 0x31, 0x12, 0x31, 0xec, 0xf3, 0x25, 0x27, 0x53, 0x6b, 0xb5, + 0x63, 0xa6, 0xbc, 0xf1, 0x77, 0xd4, 0xb4, 0x77, 0xd1, 0xee, 0xad, 0x62, + 0x9d, 0x2c, 0x2e, 0x11, 0x0a, 0xd1, 0x87, 0xfe, 0xef, 0x77, 0x0e, 0xd1, + 0x38, 0xfe, 0xcc, 0x88, 0xaa, 0x1c, 0x06, 0x93, 0x25, 0x56, 0xfe, 0x0c, + 0x52, 0xe9, 0x7f, 0x4c, 0x3b, 0x2a, 0xfb, 0x40, 0x62, 0x29, 0x0a, 0x1d, + 0x58, 0x78, 0x8b, 0x09, 0x25, 0xaa, 0xc6, 0x8f, 0x66, 0x8f, 0xd1, 0x93, + 0x5a, 0xd6, 0x68, 0x35, 0x69, 0x13, 0x5d, 0x42, 0x35, 0x95, 0xcb, 0xc4, + 0xec, 0x17, 0x92, 0x96, 0xcb, 0x4a, 0xb9, 0x8f, 0xe5, 0xc4, 0x4a, 0xe7, + 0x54, 0x52, 0x4c, 0x64, 0x06, 0xac, 0x2f, 0x13, 0x32, 0x02, 0x47, 0x13, + 0x5c, 0xa2, 0x66, 0xdc, 0x36, 0x0c, 0x4f, 0xbb, 0x89, 0x58, 0x85, 0x16, + 0xf1, 0xf1, 0xff, 0xd2, 0x86, 0x54, 0x29, 0xb3, 0x7e, 0x2a, 0xbd, 0xf9, + 0x53, 0x8c, 0xa0, 0x60, 0x60, 0xb2, 0x90, 0x7f, 0x3a, 0x11, 0x5f, 0x2a, + 0x50, 0x74, 0x2a, 0xd1, 0x68, 0x78, 0xdb, 0x31, 0x1b, 0x8b, 0xee, 0xee, + 0x18, 0x97, 0xf3, 0x50, 0x84, 0xc1, 0x8f, 0xe1, 0xc6, 0x01, 0xb4, 0x16, + 0x65, 0x25, 0x0c, 0x03, 0xab, 0xed, 0x4f, 0xd6, 0xe6, 0x16, 0x23, 0xcc, + 0x42, 0x93, 0xff, 0xfa, 0x92, 0x63, 0x33, 0x9e, 0x36, 0xb0, 0xdc, 0x9a, + 0xb6, 0xaa, 0xd7, 0x48, 0xfe, 0x27, 0x01, 0xcf, 0x67, 0xc0, 0x75, 0xa0, + 0x86, 0x9a, 0xec, 0xa7, 0x2e, 0xb8, 0x7b, 0x00, 0x7f, 0xd4, 0xe3, 0xb3, + 0xfc, 0x48, 0xab, 0x50, 0x20, 0xd4, 0x0d, 0x58, 0x26, 0xc0, 0x3c, 0x09, + 0x0b, 0x80, 0x9e, 0xaf, 0x14, 0x3c, 0x0c, 0x6e, 0x69, 0xbc, 0x6c, 0x4e, + 0x50, 0x33, 0xb0, 0x07, 0x64, 0x6e, 0x77, 0x96, 0xc2, 0xe6, 0x3b, 0xd7, + 0xfe, 0xdc, 0xa4, 0x2f, 0x18, 0x5b, 0x53, 0xe5, 0xdd, 0xb6, 0xce, 0xeb, + 0x16, 0xb4, 0x25, 0xc6, 0xcb, 0xf2, 0x65, 0x3c, 0x4f, 0x94, 0xa5, 0x11, + 0x18, 0xeb, 0x7b, 0x62, 0x1d, 0xd5, 0x02, 0x35, 0x76, 0xf6, 0xb5, 0x20, + 0x27, 0x21, 0x9b, 0xab, 0xf4, 0xb6, 0x8f, 0x1a, 0x70, 0x1d, 0x12, 0xe3, + 0xb9, 0x8e, 0x29, 0x52, 0x25, 0xf4, 0xba, 0xb4, 0x25, 0x2c, 0x91, 0x11, + 0xf2, 0xae, 0x7b, 0xbe, 0xb6, 0x67, 0xd6, 0x08, 0xf8, 0x6f, 0xe7, 0xb0, + 0x16, 0xc5, 0xf6, 0xd5, 0xfb, 0x07, 0x71, 0x5b, 0x0e, 0xe1, 0x02, 0x03, + 0x01, 0x00, 0x01, 0xa3, 0x53, 0x30, 0x51, 0x30, 0x1d, 0x06, 0x03, 0x55, + 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xaa, 0xe7, 0x7f, 0xcf, 0xf8, 0xb4, + 0xe0, 0x8d, 0x39, 0x9a, 0x1d, 0x4f, 0x86, 0xa2, 0xac, 0x56, 0x32, 0xd9, + 0x58, 0xe3, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, + 0x16, 0x80, 0x14, 0xaa, 0xe7, 0x7f, 0xcf, 0xf8, 0xb4, 0xe0, 0x8d, 0x39, + 0x9a, 0x1d, 0x4f, 0x86, 0xa2, 0xac, 0x56, 0x32, 0xd9, 0x58, 0xe3, 0x30, + 0x0f, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x05, 0x30, + 0x03, 0x01, 0x01, 0xff, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, + 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x04, 0x02, 0x00, + 0x00, 0x0a, 0x0a, 0x81, 0xb5, 0x2e, 0xac, 0x52, 0xab, 0x0f, 0xeb, 0xad, + 0x96, 0xd6, 0xd6, 0x59, 0x8f, 0x55, 0x15, 0x56, 0x70, 0xda, 0xd5, 0x75, + 0x47, 0x12, 0x9a, 0x0e, 0xd1, 0x65, 0x68, 0xe0, 0x51, 0x89, 0x59, 0xcc, + 0xe3, 0x5a, 0x1b, 0x85, 0x14, 0xa3, 0x1d, 0x9b, 0x3f, 0xd1, 0xa4, 0x42, + 0xb0, 0x89, 0x12, 0x93, 0xd3, 0x54, 0x19, 0x04, 0xa2, 0xaf, 0xaa, 0x60, + 0xca, 0x03, 0xc2, 0xae, 0x62, 0x8c, 0xb6, 0x31, 0x03, 0xd6, 0xa5, 0xf3, + 0x5e, 0x8d, 0x5c, 0x69, 0x4c, 0x7d, 0x81, 0x49, 0x20, 0x25, 0x41, 0xa4, + 0x2a, 0x95, 0x87, 0x36, 0xa3, 0x9b, 0x9e, 0x9f, 0xed, 0x85, 0xf3, 0xb1, + 0xf1, 0xe9, 0x1b, 0xbb, 0xe3, 0xbc, 0x3b, 0x11, 0x36, 0xca, 0xb9, 0x5f, + 0xee, 0x64, 0xde, 0x2a, 0x99, 0x27, 0x91, 0xc0, 0x54, 0x9e, 0x7a, 0xd4, + 0x89, 0x8c, 0xa0, 0xe3, 0xfd, 0x44, 0x6f, 0x02, 0x38, 0x3c, 0xee, 0x52, + 0x48, 0x1b, 0xd4, 0x25, 0x2b, 0xcb, 0x8e, 0xa8, 0x1b, 0x09, 0xd6, 0x30, + 0x51, 0x15, 0x6c, 0x5c, 0x03, 0x76, 0xad, 0x64, 0x45, 0x50, 0xa2, 0xe1, + 0x3c, 0x5a, 0x67, 0x87, 0xff, 0x8c, 0xed, 0x9a, 0x8d, 0x04, 0xc1, 0xac, + 0xf9, 0xca, 0xf5, 0x2a, 0x05, 0x9c, 0xdd, 0x78, 0xce, 0x99, 0x78, 0x7b, + 0xcd, 0x43, 0x10, 0x40, 0xf7, 0xb5, 0x27, 0x12, 0xec, 0xe9, 0xb2, 0x3f, + 0xf4, 0x5d, 0xd9, 0xbb, 0xf8, 0xc4, 0xc9, 0xa4, 0x46, 0x20, 0x41, 0x7f, + 0xeb, 0x79, 0xb0, 0x51, 0x8c, 0xf7, 0xc3, 0x2c, 0x16, 0xfe, 0x42, 0x59, + 0x77, 0xfe, 0x53, 0xfe, 0x19, 0x57, 0x58, 0x44, 0x6d, 0x12, 0xe2, 0x95, + 0xd0, 0xd3, 0x5a, 0xb5, 0x2d, 0xe5, 0x7e, 0xb4, 0xb3, 0xa9, 0xcc, 0x7d, + 0x53, 0x77, 0x81, 0x01, 0x0f, 0x0a, 0xf6, 0x86, 0x3c, 0x7d, 0xb5, 0x2c, + 0xbf, 0x62, 0xc3, 0xf5, 0x38, 0x89, 0x13, 0x84, 0x1f, 0x44, 0x2d, 0x87, + 0x5c, 0x23, 0x9e, 0x05, 0x62, 0x56, 0x3d, 0x71, 0x4d, 0xd0, 0xe3, 0x15, + 0xe9, 0x09, 0x9c, 0x1a, 0xc0, 0x9a, 0x19, 0x8b, 0x9c, 0xe9, 0xae, 0xde, + 0x62, 0x05, 0x23, 0xe2, 0xd0, 0x3f, 0xf5, 0xef, 0x04, 0x96, 0x4c, 0x87, + 0x34, 0x2f, 0xd5, 0x90, 0xde, 0xbf, 0x4b, 0x56, 0x12, 0x5f, 0xc6, 0xdc, + 0xa4, 0x1c, 0xc4, 0x53, 0x0c, 0xf9, 0xb4, 0xe4, 0x2c, 0xe7, 0x48, 0xbd, + 0xb1, 0xac, 0xf1, 0xc1, 0x8d, 0x53, 0x47, 0x84, 0xc0, 0x78, 0x0a, 0x5e, + 0xc2, 0x16, 0xff, 0xef, 0x97, 0x5b, 0x33, 0x85, 0x92, 0xcd, 0xd4, 0xbb, + 0x64, 0xee, 0xed, 0x17, 0x18, 0x43, 0x32, 0x99, 0x32, 0x36, 0x25, 0xf4, + 0x21, 0x3c, 0x2f, 0x55, 0xdc, 0x16, 0x06, 0x4d, 0x86, 0xa3, 0xa9, 0x34, + 0x22, 0xd5, 0xc3, 0xc8, 0x64, 0x3c, 0x4e, 0x3a, 0x69, 0xbd, 0xcf, 0xd7, + 0xee, 0x3f, 0x0d, 0x15, 0xeb, 0xfb, 0xbd, 0x91, 0x7f, 0xef, 0x48, 0xec, + 0x86, 0xb2, 0x78, 0xf7, 0x53, 0x90, 0x38, 0xb5, 0x04, 0x9c, 0xb7, 0xd7, + 0x9e, 0xaa, 0x15, 0xf7, 0xcd, 0xc2, 0x17, 0xd5, 0x8f, 0x82, 0x98, 0xa3, + 0xaf, 0x59, 0xf1, 0x71, 0xda, 0x6e, 0xaf, 0x97, 0x6d, 0x77, 0x72, 0xfd, + 0xa8, 0x80, 0x25, 0xce, 0x46, 0x04, 0x6e, 0x40, 0x15, 0x24, 0xc0, 0xf9, + 0xbf, 0x13, 0x16, 0x72, 0xcb, 0xb7, 0x10, 0xc7, 0x0a, 0xd6, 0x66, 0x96, + 0x5b, 0x27, 0x4d, 0x66, 0xc4, 0x2f, 0x21, 0x90, 0x9f, 0x8c, 0x24, 0xa0, + 0x0e, 0xa2, 0x89, 0x92, 0xd2, 0x44, 0x63, 0x06, 0xb2, 0xab, 0x07, 0x26, + 0xde, 0x03, 0x1d, 0xdb, 0x2a, 0x42, 0x5b, 0x4c, 0xf6, 0xfe, 0x53, 0xfa, + 0x80, 0x45, 0x8d, 0x75, 0xf6, 0x0e, 0x1d, 0xcc, 0x4c, 0x3b, 0xb0, 0x80, + 0x6d, 0x4c, 0xed, 0x7c, 0xe0, 0xd2, 0xe7, 0x62, 0x59, 0xb1, 0x5a, 0x5d, + 0x3a, 0xec, 0x86, 0x04, 0xfe, 0x26, 0xd1, 0x18, 0xed, 0x56, 0x7d, 0x67, + 0x56, 0x24, 0x6d, 0x7c, 0x6e, 0x8f, 0xc8, 0xa0, 0xba, 0x42, 0x0a, 0x33, + 0x38, 0x7a, 0x09, 0x03, 0xc2, 0xbf, 0x9b, 0x01, 0xdd, 0x03, 0x5a, 0xba, + 0x76, 0x04, 0xb1, 0xc3, 0x40, 0x23, 0x53, 0xbd, 0x64, 0x4e, 0x0f, 0xe7, + 0xc3, 0x4e, 0x48, 0xea, 0x19, 0x2b, 0x1c, 0xe4, 0x3d, 0x93, 0xd8, 0xf6, + 0xfb, 0xda, 0x3d, 0xeb, 0xed, 0xc2, 0xbd, 0x14, 0x57, 0x40, 0xde, 0xd1, + 0x74, 0x54, 0x1b, 0xa8, 0x39, 0xda, 0x73, 0x56, 0xd4, 0xbe, 0xab, 0xec, + 0xc7, 0x17, 0x4f, 0x91, 0xb6, 0xf6, 0xcb, 0x24, 0xc6, 0x1c, 0x07, 0xc4, + 0xf3, 0xd0, 0x5e, 0x8d, 0xfa, 0x44, 0x98, 0x5c, 0x87, 0x36, 0x75, 0xb6, + 0xa5, 0x31, 0xaa, 0xab, 0x7d, 0x38, 0x66, 0xb3, 0x18, 0x58, 0x65, 0x97, + 0x06, 0xfd, 0x61, 0x81, 0x71, 0xc5, 0x17, 0x8b, 0x19, 0x03, 0xc8, 0x58, + 0xec, 0x05, 0xca, 0x7b, 0x0f, 0xec, 0x9d, 0xb4, 0xbc, 0xa3, 0x20, 0x2e, + 0xf8, 0xe4, 0xb1, 0x82, 0xdc, 0x5a, 0xd2, 0x92, 0x9c, 0x43, 0x5d, 0x16, + 0x5b, 0x90, 0x80, 0xe4, 0xfb, 0x6e, 0x24, 0x6b, 0x8c, 0x1a, 0x35, 0xab, + 0xbd, 0x77, 0x7f, 0xf9, 0x61, 0x80, 0xa5, 0xab, 0xa3, 0x39, 0xc2, 0xc9, + 0x69, 0x3c, 0xfc, 0xb3, 0x9a, 0x05, 0x45, 0x03, 0x88, 0x8f, 0x8e, 0x23, + 0xf2, 0x0c, 0x4c, 0x54, 0xb9, 0x40, 0x3a, 0x31, 0x1a, 0x22, 0x67, 0x43, + 0x4a, 0x3e, 0xa0, 0x8c, 0x2d, 0x4d, 0x4f, 0xfc, 0xb5, 0x9b, 0x1f, 0xe1, + 0xef, 0x02, 0x54, 0xab, 0x8d, 0x75, 0x4d, 0x93, 0xba, 0x76, 0xe1, 0xbc, + 0x42, 0x7f, 0x6c, 0xcb, 0xf5, 0x47, 0xd6, 0x8a, 0xac, 0x5d, 0xe9, 0xbb, + 0x3a, 0x65, 0x2c, 0x81, 0xe5, 0xff, 0x27, 0x7e, 0x60, 0x64, 0x80, 0x42, + 0x8d, 0x36, 0x6b, 0x07, 0x76, 0x6a, 0xf1, 0xdf, 0x96, 0x17, 0x93, 0x21, + 0x5d, 0xe4, 0x6c, 0xce, 0x1c, 0xb9, 0x82, 0x45, 0x05, 0x61, 0xe2, 0x41, + 0x96, 0x03, 0x7d, 0x10, 0x8b, 0x3e, 0xc7, 0xe5, 0xcf, 0x08, 0xeb, 0x81, + 0xd3, 0x82, 0x1b, 0x04, 0x96, 0x93, 0x5a, 0xe2, 0x8c, 0x8e, 0x50, 0x33, + 0xf6, 0xf9, 0xf0, 0xfb, 0xb1, 0xd7, 0xc6, 0x97, 0xaa, 0xef, 0x0b, 0x87, + 0xe1, 0x34, 0x97, 0x78, 0x2e, 0x7c, 0x46, 0x11, 0xd5, 0x3c, 0xec, 0x38, + 0x70, 0x59, 0x14, 0x65, 0x4d, 0x0e, 0xd1, 0xeb, 0x49, 0xb3, 0x99, 0x6f, + 0x87, 0xf1, 0x79, 0x21, 0xd9, 0x5c, 0x37, 0xb2, 0xfe, 0xc4, 0x7a, 0xc1, + 0x67, 0xbd, 0x02, 0xfc, 0x02, 0xab, 0x2f, 0xf5, 0x0f, 0xa7, 0xae, 0x90, + 0xc2, 0xaf, 0xdb, 0xd1, 0x96, 0xb2, 0x92, 0x5a, 0xfb, 0xca, 0x28, 0x74, + 0x17, 0xed, 0xda, 0x2c, 0x9f, 0xb4, 0x2d, 0xf5, 0x71, 0x20, 0x64, 0x2d, + 0x44, 0xe5, 0xa3, 0xa0, 0x94, 0x6f, 0x20, 0xb3, 0x73, 0x96, 0x40, 0x06, + 0x9b, 0x25, 0x47, 0x4b, 0xe0, 0x63, 0x91, 0xd9, 0xda, 0xf3, 0xc3, 0xe5, + 0x3a, 0x3c, 0xb7, 0x5f, 0xab, 0x1e, 0x51, 0x17, 0x4f, 0xec, 0xc1, 0x6d, + 0x82, 0x79, 0x8e, 0xba, 0x7c, 0x47, 0x8e, 0x99, 0x00, 0x17, 0x9e, 0xda, + 0x10, 0x42, 0x70, 0x25, 0x42, 0x84, 0xc8, 0xb1, 0x95, 0x56, 0xb2, 0x08, + 0xa0, 0x4f, 0xdc, 0xcd, 0x9e, 0x31, 0x4b, 0x0c, 0x0b, 0x03, 0x5d, 0x2c, + 0x26, 0xbc, 0xa9, 0x4b, 0x19, 0xdf, 0x90, 0x01, 0x9a, 0xe0, 0x06, 0x05, + 0x13, 0x34, 0x9d, 0x34, 0xb8, 0xef, 0x13, 0x3a, 0x20, 0xf5, 0x74, 0x02, + 0x70, 0x3b, 0x41, 0x60, 0x1f, 0x5e, 0x76, 0x0a, 0xb1, 0x17, 0xd5, 0xcf, + 0x79, 0xef, 0xf7, 0xab, 0xe7, 0xd6, 0x0f, 0xad, 0x85, 0x2c, 0x52, 0x67, + 0xb5, 0xa0, 0x4a, 0xfd, 0xaf};
\ No newline at end of file diff --git a/security/nss/gtests/ssl_gtest/ssl_0rtt_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_0rtt_unittest.cc index 08781af711..28fdc66318 100644 --- a/security/nss/gtests/ssl_gtest/ssl_0rtt_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_0rtt_unittest.cc @@ -345,8 +345,8 @@ TEST_P(TlsConnectTls13, TestTls13ZeroRttNoAlpnClient) { TEST_P(TlsConnectTls13, TestTls13ZeroRttAlpnChangeBoth) { EnableAlpn(); SetupForZeroRtt(); - static const uint8_t alpn[] = {0x01, 0x62}; // "b" - EnableAlpn(alpn, sizeof(alpn)); + static const std::vector<uint8_t> alpn({0x01, 0x62}); // "b" + EnableAlpn(alpn); client_->Set0RttEnabled(true); server_->Set0RttEnabled(true); ExpectResumption(RESUME_TICKET); diff --git a/security/nss/gtests/ssl_gtest/ssl_agent_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_agent_unittest.cc index f0c57e8b10..6be3b61f8d 100644 --- a/security/nss/gtests/ssl_gtest/ssl_agent_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_agent_unittest.cc @@ -8,9 +8,6 @@ #include "sslerr.h" #include "sslproto.h" -// This is an internal header, used to get TLS_1_3_DRAFT_VERSION. -#include "ssl3prot.h" - #include <memory> #include "databuffer.h" @@ -21,7 +18,6 @@ namespace nss_test { -static const uint8_t kD13 = TLS_1_3_DRAFT_VERSION; // This is a 1-RTT ClientHello with ECDHE. const static uint8_t kCannedTls13ClientHello[] = { 0x01, 0x00, 0x00, 0xcf, 0x03, 0x03, 0x6c, 0xb3, 0x46, 0x81, 0xc8, 0x1a, @@ -42,16 +38,7 @@ const static uint8_t kCannedTls13ClientHello[] = { 0x1e, 0x04, 0x03, 0x05, 0x03, 0x06, 0x03, 0x02, 0x03, 0x08, 0x04, 0x08, 0x05, 0x08, 0x06, 0x04, 0x01, 0x05, 0x01, 0x06, 0x01, 0x02, 0x01, 0x04, 0x02, 0x05, 0x02, 0x06, 0x02, 0x02, 0x02}; - -const static uint8_t kCannedTls13ServerHello[] = { - 0x03, 0x03, 0x9c, 0xbc, 0x14, 0x9b, 0x0e, 0x2e, 0xfa, 0x0d, 0xf3, - 0xf0, 0x5c, 0x70, 0x7a, 0xe0, 0xd1, 0x9b, 0x3e, 0x5a, 0x44, 0x6b, - 0xdf, 0xe5, 0xc2, 0x28, 0x64, 0xf7, 0x00, 0xc1, 0x9c, 0x08, 0x76, - 0x08, 0x00, 0x13, 0x01, 0x00, 0x00, 0x2e, 0x00, 0x33, 0x00, 0x24, - 0x00, 0x1d, 0x00, 0x20, 0xc2, 0xcf, 0x23, 0x17, 0x64, 0x23, 0x03, - 0xf0, 0xfb, 0x45, 0x98, 0x26, 0xd1, 0x65, 0x24, 0xa1, 0x6c, 0xa9, - 0x80, 0x8f, 0x2c, 0xac, 0x0a, 0xea, 0x53, 0x3a, 0xcb, 0xe3, 0x08, - 0x84, 0xae, 0x19, 0x00, 0x2b, 0x00, 0x02, 0x7f, kD13}; +static const size_t kFirstFragmentSize = 20; static const char *k0RttData = "ABCDEF"; TEST_P(TlsAgentTest, EarlyFinished) { @@ -74,8 +61,9 @@ TEST_P(TlsAgentTestClient13, CannedHello) { DataBuffer buffer; EnsureInit(); DataBuffer server_hello; - MakeHandshakeMessage(kTlsHandshakeServerHello, kCannedTls13ServerHello, - sizeof(kCannedTls13ServerHello), &server_hello); + auto sh = MakeCannedTls13ServerHello(); + MakeHandshakeMessage(kTlsHandshakeServerHello, sh.data(), sh.len(), + &server_hello); MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3, server_hello.data(), server_hello.len(), &buffer); ProcessMessage(buffer, TlsAgent::STATE_CONNECTING); @@ -83,8 +71,9 @@ TEST_P(TlsAgentTestClient13, CannedHello) { TEST_P(TlsAgentTestClient13, EncryptedExtensionsInClear) { DataBuffer server_hello; - MakeHandshakeMessage(kTlsHandshakeServerHello, kCannedTls13ServerHello, - sizeof(kCannedTls13ServerHello), &server_hello); + auto sh = MakeCannedTls13ServerHello(); + MakeHandshakeMessage(kTlsHandshakeServerHello, sh.data(), sh.len(), + &server_hello); DataBuffer encrypted_extensions; MakeHandshakeMessage(kTlsHandshakeEncryptedExtensions, nullptr, 0, &encrypted_extensions, 1); @@ -100,19 +89,21 @@ TEST_P(TlsAgentTestClient13, EncryptedExtensionsInClear) { TEST_F(TlsAgentStreamTestClient, EncryptedExtensionsInClearTwoPieces) { DataBuffer server_hello; - MakeHandshakeMessage(kTlsHandshakeServerHello, kCannedTls13ServerHello, - sizeof(kCannedTls13ServerHello), &server_hello); + auto sh = MakeCannedTls13ServerHello(); + MakeHandshakeMessage(kTlsHandshakeServerHello, sh.data(), sh.len(), + &server_hello); DataBuffer encrypted_extensions; MakeHandshakeMessage(kTlsHandshakeEncryptedExtensions, nullptr, 0, &encrypted_extensions, 1); server_hello.Append(encrypted_extensions); DataBuffer buffer; MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3, - server_hello.data(), 20, &buffer); + server_hello.data(), kFirstFragmentSize, &buffer); DataBuffer buffer2; MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3, - server_hello.data() + 20, server_hello.len() - 20, &buffer2); + server_hello.data() + kFirstFragmentSize, + server_hello.len() - kFirstFragmentSize, &buffer2); EnsureInit(); agent_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_3, @@ -124,15 +115,15 @@ TEST_F(TlsAgentStreamTestClient, EncryptedExtensionsInClearTwoPieces) { } TEST_F(TlsAgentDgramTestClient, EncryptedExtensionsInClearTwoPieces) { + auto sh = MakeCannedTls13ServerHello(); DataBuffer server_hello_frag1; - MakeHandshakeMessageFragment( - kTlsHandshakeServerHello, kCannedTls13ServerHello, - sizeof(kCannedTls13ServerHello), &server_hello_frag1, 0, 0, 20); + MakeHandshakeMessageFragment(kTlsHandshakeServerHello, sh.data(), sh.len(), + &server_hello_frag1, 0, 0, kFirstFragmentSize); DataBuffer server_hello_frag2; - MakeHandshakeMessageFragment( - kTlsHandshakeServerHello, kCannedTls13ServerHello + 20, - sizeof(kCannedTls13ServerHello), &server_hello_frag2, 0, 20, - sizeof(kCannedTls13ServerHello) - 20); + MakeHandshakeMessageFragment(kTlsHandshakeServerHello, + sh.data() + kFirstFragmentSize, sh.len(), + &server_hello_frag2, 0, kFirstFragmentSize, + sh.len() - kFirstFragmentSize); DataBuffer encrypted_extensions; MakeHandshakeMessage(kTlsHandshakeEncryptedExtensions, nullptr, 0, &encrypted_extensions, 1); @@ -154,6 +145,35 @@ TEST_F(TlsAgentDgramTestClient, EncryptedExtensionsInClearTwoPieces) { SSL_ERROR_RX_UNEXPECTED_HANDSHAKE); } +TEST_F(TlsAgentDgramTestClient, AckWithBogusLengthField) { + EnsureInit(); + // Length doesn't match + const uint8_t ackBuf[] = {0x00, 0x08, 0x00}; + DataBuffer record; + MakeRecord(variant_, kTlsAckType, SSL_LIBRARY_VERSION_TLS_1_2, ackBuf, + sizeof(ackBuf), &record, 0); + agent_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_3, + SSL_LIBRARY_VERSION_TLS_1_3); + ExpectAlert(kTlsAlertDecodeError); + ProcessMessage(record, TlsAgent::STATE_ERROR, + SSL_ERROR_RX_MALFORMED_DTLS_ACK); +} + +TEST_F(TlsAgentDgramTestClient, AckWithNonEvenLength) { + EnsureInit(); + // Length isn't a multiple of 8 + const uint8_t ackBuf[] = {0x00, 0x01, 0x00}; + DataBuffer record; + MakeRecord(variant_, kTlsAckType, SSL_LIBRARY_VERSION_TLS_1_2, ackBuf, + sizeof(ackBuf), &record, 0); + agent_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_3, + SSL_LIBRARY_VERSION_TLS_1_3); + // Because we haven't negotiated the version, + // ssl3_DecodeError() sends an older (pre-TLS error). + ExpectAlert(kTlsAlertIllegalParameter); + ProcessMessage(record, TlsAgent::STATE_ERROR, SSL_ERROR_BAD_SERVER); +} + TEST_F(TlsAgentStreamTestClient, Set0RttOptionThenWrite) { EnsureInit(); agent_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_1, diff --git a/security/nss/gtests/ssl_gtest/ssl_auth_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_auth_unittest.cc index 7f2b2840d5..e2a30e6bcb 100644 --- a/security/nss/gtests/ssl_gtest/ssl_auth_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_auth_unittest.cc @@ -155,8 +155,8 @@ TEST_P(TlsConnectTls12, ClientAuthBigRsaCheckSigAlg) { class TlsZeroCertificateRequestSigAlgsFilter : public TlsHandshakeFilter { public: - TlsZeroCertificateRequestSigAlgsFilter(const std::shared_ptr<TlsAgent>& agent) - : TlsHandshakeFilter(agent, {kTlsHandshakeCertificateRequest}) {} + TlsZeroCertificateRequestSigAlgsFilter(const std::shared_ptr<TlsAgent>& a) + : TlsHandshakeFilter(a, {kTlsHandshakeCertificateRequest}) {} virtual PacketFilter::Action FilterHandshake( const TlsHandshakeFilter::HandshakeHeader& header, const DataBuffer& input, DataBuffer* output) { @@ -366,6 +366,50 @@ TEST_P(TlsConnectTls12, SignatureAlgorithmDrop) { server_->CheckErrorCode(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE); } +// Replaces the signature scheme in a TLS 1.3 CertificateVerify message. +class TlsReplaceSignatureSchemeFilter : public TlsHandshakeFilter { + public: + TlsReplaceSignatureSchemeFilter(const std::shared_ptr<TlsAgent>& a, + SSLSignatureScheme scheme) + : TlsHandshakeFilter(a, {kTlsHandshakeCertificateVerify}), + scheme_(scheme) { + EnableDecryption(); + } + + protected: + virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header, + const DataBuffer& input, + DataBuffer* output) { + *output = input; + output->Write(0, scheme_, 2); + return CHANGE; + } + + private: + SSLSignatureScheme scheme_; +}; + +TEST_P(TlsConnectTls13, UnsupportedSignatureSchemeAlert) { + EnsureTlsSetup(); + MakeTlsFilter<TlsReplaceSignatureSchemeFilter>(server_, ssl_sig_none); + + ConnectExpectAlert(client_, kTlsAlertIllegalParameter); + server_->CheckErrorCode(SSL_ERROR_ILLEGAL_PARAMETER_ALERT); + client_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_CERT_VERIFY); +} + +TEST_P(TlsConnectTls13, InconsistentSignatureSchemeAlert) { + EnsureTlsSetup(); + + // This won't work because we use an RSA cert by default. + MakeTlsFilter<TlsReplaceSignatureSchemeFilter>( + server_, ssl_sig_ecdsa_secp256r1_sha256); + + ConnectExpectAlert(client_, kTlsAlertIllegalParameter); + server_->CheckErrorCode(SSL_ERROR_ILLEGAL_PARAMETER_ALERT); + client_->CheckErrorCode(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM); +} + TEST_P(TlsConnectTls12Plus, RequestClientAuthWithSha384) { server_->SetSignatureSchemes(SignatureSchemeRsaSha384, PR_ARRAY_SIZE(SignatureSchemeRsaSha384)); diff --git a/security/nss/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc index fa2238be7d..ec289bdd69 100644 --- a/security/nss/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc @@ -166,8 +166,8 @@ class TlsCipherSuiteTestBase : public TlsConnectTestBase { case ssl_calg_seed: break; } - EXPECT_TRUE(false) << "No limit for " << csinfo_.cipherSuiteName; - return 1ULL < 48; + ADD_FAILURE() << "No limit for " << csinfo_.cipherSuiteName; + return 0; } uint64_t last_safe_write() const { @@ -246,12 +246,13 @@ TEST_P(TlsCipherSuiteTest, ReadLimit) { client_->SendData(10, 10); server_->ReadBytes(); // This should be OK. + server_->ReadBytes(); // Read twice to flush any 1,N-1 record splitting. } else { // In TLS 1.3, reading or writing triggers a KeyUpdate. That would mean // that the sequence numbers would reset and we wouldn't hit the limit. So - // we move the sequence number to one less than the limit directly and don't - // test sending and receiving just before the limit. - uint64_t last = record_limit() - 1; + // move the sequence number to the limit directly and don't test sending and + // receiving just before the limit. + uint64_t last = record_limit(); EXPECT_EQ(SECSuccess, SSLInt_AdvanceReadSeqNum(server_->ssl_fd(), last)); } diff --git a/security/nss/gtests/ssl_gtest/ssl_custext_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_custext_unittest.cc index c2f582a93a..5be62e5065 100644 --- a/security/nss/gtests/ssl_gtest/ssl_custext_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_custext_unittest.cc @@ -68,6 +68,7 @@ static const uint16_t kManyExtensions[] = { ssl_next_proto_nego_xtn, ssl_renegotiation_info_xtn, ssl_tls13_short_header_xtn, + ssl_record_size_limit_xtn, 1, 0xffff}; // The list here includes all extensions we expect to use (SSL_MAX_EXTENSIONS), diff --git a/security/nss/gtests/ssl_gtest/ssl_dhe_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_dhe_unittest.cc index cdafa7a84f..b99461632c 100644 --- a/security/nss/gtests/ssl_gtest/ssl_dhe_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_dhe_unittest.cc @@ -103,8 +103,8 @@ TEST_P(TlsConnectGenericPre13, ConnectFfdheServer) { class TlsDheServerKeyExchangeDamager : public TlsHandshakeFilter { public: - TlsDheServerKeyExchangeDamager(const std::shared_ptr<TlsAgent>& agent) - : TlsHandshakeFilter(agent, {kTlsHandshakeServerKeyExchange}) {} + TlsDheServerKeyExchangeDamager(const std::shared_ptr<TlsAgent>& a) + : TlsHandshakeFilter(a, {kTlsHandshakeServerKeyExchange}) {} virtual PacketFilter::Action FilterHandshake( const TlsHandshakeFilter::HandshakeHeader& header, const DataBuffer& input, DataBuffer* output) { @@ -141,9 +141,9 @@ class TlsDheSkeChangeY : public TlsHandshakeFilter { kYZeroPad }; - TlsDheSkeChangeY(const std::shared_ptr<TlsAgent>& agent, - uint8_t handshake_type, ChangeYTo change) - : TlsHandshakeFilter(agent, {handshake_type}), change_Y_(change) {} + TlsDheSkeChangeY(const std::shared_ptr<TlsAgent>& a, uint8_t handshake_type, + ChangeYTo change) + : TlsHandshakeFilter(a, {handshake_type}), change_Y_(change) {} protected: void ChangeY(const DataBuffer& input, DataBuffer* output, size_t offset, @@ -208,9 +208,9 @@ class TlsDheSkeChangeY : public TlsHandshakeFilter { class TlsDheSkeChangeYServer : public TlsDheSkeChangeY { public: - TlsDheSkeChangeYServer(const std::shared_ptr<TlsAgent>& agent, - ChangeYTo change, bool modify) - : TlsDheSkeChangeY(agent, kTlsHandshakeServerKeyExchange, change), + TlsDheSkeChangeYServer(const std::shared_ptr<TlsAgent>& a, ChangeYTo change, + bool modify) + : TlsDheSkeChangeY(a, kTlsHandshakeServerKeyExchange, change), modify_(modify), p_() {} @@ -247,9 +247,9 @@ class TlsDheSkeChangeYServer : public TlsDheSkeChangeY { class TlsDheSkeChangeYClient : public TlsDheSkeChangeY { public: TlsDheSkeChangeYClient( - const std::shared_ptr<TlsAgent>& agent, ChangeYTo change, + const std::shared_ptr<TlsAgent>& a, ChangeYTo change, std::shared_ptr<const TlsDheSkeChangeYServer> server_filter) - : TlsDheSkeChangeY(agent, kTlsHandshakeClientKeyExchange, change), + : TlsDheSkeChangeY(a, kTlsHandshakeClientKeyExchange, change), server_filter_(server_filter) {} protected: @@ -357,8 +357,8 @@ INSTANTIATE_TEST_CASE_P( class TlsDheSkeMakePEven : public TlsHandshakeFilter { public: - TlsDheSkeMakePEven(const std::shared_ptr<TlsAgent>& agent) - : TlsHandshakeFilter(agent, {kTlsHandshakeServerKeyExchange}) {} + TlsDheSkeMakePEven(const std::shared_ptr<TlsAgent>& a) + : TlsHandshakeFilter(a, {kTlsHandshakeServerKeyExchange}) {} virtual PacketFilter::Action FilterHandshake( const TlsHandshakeFilter::HandshakeHeader& header, @@ -390,8 +390,8 @@ TEST_P(TlsConnectGenericPre13, MakeDhePEven) { class TlsDheSkeZeroPadP : public TlsHandshakeFilter { public: - TlsDheSkeZeroPadP(const std::shared_ptr<TlsAgent>& agent) - : TlsHandshakeFilter(agent, {kTlsHandshakeServerKeyExchange}) {} + TlsDheSkeZeroPadP(const std::shared_ptr<TlsAgent>& a) + : TlsHandshakeFilter(a, {kTlsHandshakeServerKeyExchange}) {} virtual PacketFilter::Action FilterHandshake( const TlsHandshakeFilter::HandshakeHeader& header, @@ -475,6 +475,45 @@ TEST_P(TlsConnectTls13, NamedGroupMismatch13) { client_->CheckErrorCode(SSL_ERROR_NO_CYPHER_OVERLAP); } +// Replace the key share in the server key exchange message with one that's +// larger than 8192 bits. +class TooLongDHEServerKEXFilter : public TlsHandshakeFilter { + public: + TooLongDHEServerKEXFilter(const std::shared_ptr<TlsAgent>& server) + : TlsHandshakeFilter(server, {kTlsHandshakeServerKeyExchange}) {} + + protected: + virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header, + const DataBuffer& input, + DataBuffer* output) { + // Replace the server key exchange message very large DH shares that are + // not supported by NSS. + const uint32_t share_len = 0x401; + const uint8_t zero_share[share_len] = {0x80}; + size_t offset = 0; + // Write dh_p. + offset = output->Write(offset, share_len, 2); + offset = output->Write(offset, zero_share, share_len); + // Write dh_g. + offset = output->Write(offset, share_len, 2); + offset = output->Write(offset, zero_share, share_len); + // Write dh_Y. + offset = output->Write(offset, share_len, 2); + offset = output->Write(offset, zero_share, share_len); + + return CHANGE; + } +}; + +TEST_P(TlsConnectGenericPre13, TooBigDHGroup) { + EnableOnlyDheCiphers(); + MakeTlsFilter<TooLongDHEServerKEXFilter>(server_); + client_->SetOption(SSL_REQUIRE_DH_NAMED_GROUPS, PR_FALSE); + ConnectExpectAlert(client_, kTlsAlertIllegalParameter); + server_->CheckErrorCode(SSL_ERROR_ILLEGAL_PARAMETER_ALERT); + client_->CheckErrorCode(SSL_ERROR_DH_KEY_TOO_LONG); +} + // Even though the client doesn't have DHE groups enabled the server assumes it // does. The client requires named groups and thus does not accept FF3072 as // custom group in contrast to the previous test. @@ -546,9 +585,9 @@ TEST_P(TlsConnectTls13, ResumeFfdhe) { class TlsDheSkeChangeSignature : public TlsHandshakeFilter { public: - TlsDheSkeChangeSignature(const std::shared_ptr<TlsAgent>& agent, - uint16_t version, const uint8_t* data, size_t len) - : TlsHandshakeFilter(agent, {kTlsHandshakeServerKeyExchange}), + TlsDheSkeChangeSignature(const std::shared_ptr<TlsAgent>& a, uint16_t version, + const uint8_t* data, size_t len) + : TlsHandshakeFilter(a, {kTlsHandshakeServerKeyExchange}), version_(version), data_(data), len_(len) {} diff --git a/security/nss/gtests/ssl_gtest/ssl_drop_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_drop_unittest.cc index ee8906deb5..e5b52ff06b 100644 --- a/security/nss/gtests/ssl_gtest/ssl_drop_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_drop_unittest.cc @@ -66,7 +66,8 @@ TEST_P(TlsConnectDatagramPre13, DropServerSecondFlightThrice) { Connect(); } -class TlsDropDatagram13 : public TlsConnectDatagram13 { +class TlsDropDatagram13 : public TlsConnectDatagram13, + public ::testing::WithParamInterface<bool> { public: TlsDropDatagram13() : client_filters_(), @@ -77,6 +78,9 @@ class TlsDropDatagram13 : public TlsConnectDatagram13 { void SetUp() override { TlsConnectDatagram13::SetUp(); ConfigureSessionCache(RESUME_NONE, RESUME_NONE); + int short_header = GetParam() ? PR_TRUE : PR_FALSE; + client_->SetOption(SSL_ENABLE_DTLS_SHORT_HEADER, short_header); + server_->SetOption(SSL_ENABLE_DTLS_SHORT_HEADER, short_header); SetFilters(); } @@ -138,10 +142,13 @@ class TlsDropDatagram13 : public TlsConnectDatagram13 { void CheckAcks(const DropAckChain& chain, size_t index, std::vector<uint64_t> acks) { const DataBuffer& buf = chain.ack_->record(index).buffer; - size_t offset = 0; + size_t offset = 2; + uint64_t len; - EXPECT_EQ(acks.size() * 8, buf.len()); - if ((acks.size() * 8) != buf.len()) { + EXPECT_EQ(2 + acks.size() * 8, buf.len()); + ASSERT_TRUE(buf.Read(0, 2, &len)); + ASSERT_EQ(static_cast<size_t>(len + 2), buf.len()); + if ((2 + acks.size() * 8) != buf.len()) { while (offset < buf.len()) { uint64_t ack; ASSERT_TRUE(buf.Read(offset, 8, &ack)); @@ -186,7 +193,7 @@ class TlsDropDatagram13 : public TlsConnectDatagram13 { // to the client upon receiving the client Finished. // Dropping complete first and second flights does not produce // ACKs -TEST_F(TlsDropDatagram13, DropClientFirstFlightOnce) { +TEST_P(TlsDropDatagram13, DropClientFirstFlightOnce) { client_filters_.drop_->Reset({0}); StartConnect(); client_->Handshake(); @@ -195,7 +202,7 @@ TEST_F(TlsDropDatagram13, DropClientFirstFlightOnce) { CheckAcks(server_filters_, 0, {0x0002000000000000ULL}); } -TEST_F(TlsDropDatagram13, DropServerFirstFlightOnce) { +TEST_P(TlsDropDatagram13, DropServerFirstFlightOnce) { server_filters_.drop_->Reset(0xff); StartConnect(); client_->Handshake(); @@ -209,7 +216,7 @@ TEST_F(TlsDropDatagram13, DropServerFirstFlightOnce) { // Dropping the server's first record also does not produce // an ACK because the next record is ignored. // TODO(ekr@rtfm.com): We should generate an empty ACK. -TEST_F(TlsDropDatagram13, DropServerFirstRecordOnce) { +TEST_P(TlsDropDatagram13, DropServerFirstRecordOnce) { server_filters_.drop_->Reset({0}); StartConnect(); client_->Handshake(); @@ -221,7 +228,7 @@ TEST_F(TlsDropDatagram13, DropServerFirstRecordOnce) { // Dropping the second packet of the server's flight should // produce an ACK. -TEST_F(TlsDropDatagram13, DropServerSecondRecordOnce) { +TEST_P(TlsDropDatagram13, DropServerSecondRecordOnce) { server_filters_.drop_->Reset({1}); StartConnect(); client_->Handshake(); @@ -235,7 +242,7 @@ TEST_F(TlsDropDatagram13, DropServerSecondRecordOnce) { // Drop the server ACK and verify that the client retransmits // the ClientHello. -TEST_F(TlsDropDatagram13, DropServerAckOnce) { +TEST_P(TlsDropDatagram13, DropServerAckOnce) { StartConnect(); client_->Handshake(); server_->Handshake(); @@ -263,7 +270,7 @@ TEST_F(TlsDropDatagram13, DropServerAckOnce) { } // Drop the client certificate verify. -TEST_F(TlsDropDatagram13, DropClientCertVerify) { +TEST_P(TlsDropDatagram13, DropClientCertVerify) { StartConnect(); client_->SetupClientAuth(); server_->RequestClientAuth(true); @@ -284,7 +291,7 @@ TEST_F(TlsDropDatagram13, DropClientCertVerify) { } // Shrink the MTU down so that certs get split and drop the first piece. -TEST_F(TlsDropDatagram13, DropFirstHalfOfServerCertificate) { +TEST_P(TlsDropDatagram13, DropFirstHalfOfServerCertificate) { server_filters_.drop_->Reset({2}); StartConnect(); ShrinkPostServerHelloMtu(); @@ -311,7 +318,7 @@ TEST_F(TlsDropDatagram13, DropFirstHalfOfServerCertificate) { } // Shrink the MTU down so that certs get split and drop the second piece. -TEST_F(TlsDropDatagram13, DropSecondHalfOfServerCertificate) { +TEST_P(TlsDropDatagram13, DropSecondHalfOfServerCertificate) { server_filters_.drop_->Reset({3}); StartConnect(); ShrinkPostServerHelloMtu(); @@ -524,11 +531,11 @@ class TlsFragmentationAndRecoveryTest : public TlsDropDatagram13 { size_t cert_len_; }; -TEST_F(TlsFragmentationAndRecoveryTest, DropFirstHalf) { RunTest(0); } +TEST_P(TlsFragmentationAndRecoveryTest, DropFirstHalf) { RunTest(0); } -TEST_F(TlsFragmentationAndRecoveryTest, DropSecondHalf) { RunTest(1); } +TEST_P(TlsFragmentationAndRecoveryTest, DropSecondHalf) { RunTest(1); } -TEST_F(TlsDropDatagram13, NoDropsDuringZeroRtt) { +TEST_P(TlsDropDatagram13, NoDropsDuringZeroRtt) { SetupForZeroRtt(); SetFilters(); std::cerr << "Starting second handshake" << std::endl; @@ -546,7 +553,7 @@ TEST_F(TlsDropDatagram13, NoDropsDuringZeroRtt) { 0x0002000000000000ULL}); // Finished } -TEST_F(TlsDropDatagram13, DropEEDuringZeroRtt) { +TEST_P(TlsDropDatagram13, DropEEDuringZeroRtt) { SetupForZeroRtt(); SetFilters(); std::cerr << "Starting second handshake" << std::endl; @@ -591,7 +598,7 @@ class TlsReorderDatagram13 : public TlsDropDatagram13 { // Reorder the server records so that EE comes at the end // of the flight and will still produce an ACK. -TEST_F(TlsDropDatagram13, ReorderServerEE) { +TEST_P(TlsDropDatagram13, ReorderServerEE) { server_filters_.drop_->Reset({1}); StartConnect(); client_->Handshake(); @@ -647,7 +654,7 @@ class TlsSendCipherSpecCapturer { std::vector<std::shared_ptr<TlsCipherSpec>> send_cipher_specs_; }; -TEST_F(TlsDropDatagram13, SendOutOfOrderAppWithHandshakeKey) { +TEST_P(TlsDropDatagram13, SendOutOfOrderAppWithHandshakeKey) { StartConnect(); TlsSendCipherSpecCapturer capturer(client_); client_->Handshake(); @@ -662,9 +669,9 @@ TEST_F(TlsDropDatagram13, SendOutOfOrderAppWithHandshakeKey) { auto spec = capturer.spec(0); ASSERT_NE(nullptr, spec.get()); ASSERT_EQ(2, spec->epoch()); - ASSERT_TRUE(client_->SendEncryptedRecord( - spec, SSL_LIBRARY_VERSION_DTLS_1_2_WIRE, 0x0002000000000002, - kTlsApplicationDataType, DataBuffer(buf, sizeof(buf)))); + ASSERT_TRUE(client_->SendEncryptedRecord(spec, 0x0002000000000002, + kTlsApplicationDataType, + DataBuffer(buf, sizeof(buf)))); // Now have the server consume the bogus message. server_->ExpectSendAlert(illegal_parameter, kTlsAlertFatal); @@ -673,7 +680,7 @@ TEST_F(TlsDropDatagram13, SendOutOfOrderAppWithHandshakeKey) { EXPECT_EQ(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE, PORT_GetError()); } -TEST_F(TlsDropDatagram13, SendOutOfOrderHsNonsenseWithHandshakeKey) { +TEST_P(TlsDropDatagram13, SendOutOfOrderHsNonsenseWithHandshakeKey) { StartConnect(); TlsSendCipherSpecCapturer capturer(client_); client_->Handshake(); @@ -688,9 +695,9 @@ TEST_F(TlsDropDatagram13, SendOutOfOrderHsNonsenseWithHandshakeKey) { auto spec = capturer.spec(0); ASSERT_NE(nullptr, spec.get()); ASSERT_EQ(2, spec->epoch()); - ASSERT_TRUE(client_->SendEncryptedRecord( - spec, SSL_LIBRARY_VERSION_DTLS_1_2_WIRE, 0x0002000000000002, - kTlsHandshakeType, DataBuffer(buf, sizeof(buf)))); + ASSERT_TRUE(client_->SendEncryptedRecord(spec, 0x0002000000000002, + kTlsHandshakeType, + DataBuffer(buf, sizeof(buf)))); server_->Handshake(); EXPECT_EQ(2UL, server_filters_.ack_->count()); // The server acknowledges client Finished twice. @@ -700,7 +707,7 @@ TEST_F(TlsDropDatagram13, SendOutOfOrderHsNonsenseWithHandshakeKey) { // Shrink the MTU down so that certs get split and then swap the first and // second pieces of the server certificate. -TEST_F(TlsReorderDatagram13, ReorderServerCertificate) { +TEST_P(TlsReorderDatagram13, ReorderServerCertificate) { StartConnect(); ShrinkPostServerHelloMtu(); client_->Handshake(); @@ -722,7 +729,7 @@ TEST_F(TlsReorderDatagram13, ReorderServerCertificate) { CheckAcks(server_filters_, 0, {0x0002000000000000ULL}); } -TEST_F(TlsReorderDatagram13, DataAfterEOEDDuringZeroRtt) { +TEST_P(TlsReorderDatagram13, DataAfterEOEDDuringZeroRtt) { SetupForZeroRtt(); SetFilters(); std::cerr << "Starting second handshake" << std::endl; @@ -761,7 +768,7 @@ TEST_F(TlsReorderDatagram13, DataAfterEOEDDuringZeroRtt) { EXPECT_EQ(PR_WOULD_BLOCK_ERROR, PORT_GetError()); } -TEST_F(TlsReorderDatagram13, DataAfterFinDuringZeroRtt) { +TEST_P(TlsReorderDatagram13, DataAfterFinDuringZeroRtt) { SetupForZeroRtt(); SetFilters(); std::cerr << "Starting second handshake" << std::endl; @@ -812,12 +819,17 @@ static void GetCipherAndLimit(uint16_t version, uint16_t* cipher, *cipher = TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256; *limit = (1ULL << 48) - 1; } else { + // This test probably isn't especially useful for TLS 1.3, which has a much + // shorter sequence number encoding. That space can probably be searched in + // a reasonable amount of time. *cipher = TLS_CHACHA20_POLY1305_SHA256; - *limit = (1ULL << 48) - 1; + // Assume that we are starting with an expected sequence number of 0. + *limit = (1ULL << 29) - 1; } } // This simulates a huge number of drops on one side. +// See Bug 12965514 where a large gap was handled very inefficiently. TEST_P(TlsConnectDatagram, MissLotsOfPackets) { uint16_t cipher; uint64_t limit; @@ -834,6 +846,17 @@ TEST_P(TlsConnectDatagram, MissLotsOfPackets) { SendReceive(); } +// Send a sequence number of 0xfffffffd and it should be interpreted as that +// (and not -3 or UINT64_MAX - 2). +TEST_F(TlsConnectDatagram13, UnderflowSequenceNumber) { + Connect(); + // This is only valid if short headers are disabled. + client_->SetOption(SSL_ENABLE_DTLS_SHORT_HEADER, PR_FALSE); + EXPECT_EQ(SECSuccess, + SSLInt_AdvanceWriteSeqNum(client_->ssl_fd(), (1ULL << 30) - 3)); + SendReceive(); +} + class TlsConnectDatagram12Plus : public TlsConnectDatagram { public: TlsConnectDatagram12Plus() : TlsConnectDatagram() {} @@ -861,9 +884,54 @@ TEST_P(TlsConnectDatagram12Plus, MissAWindowAndOne) { SendReceive(); } +// This filter replaces the first record it sees with junk application data. +class TlsReplaceFirstRecordWithJunk : public TlsRecordFilter { + public: + TlsReplaceFirstRecordWithJunk(const std::shared_ptr<TlsAgent>& a) + : TlsRecordFilter(a), replaced_(false) {} + + protected: + PacketFilter::Action FilterRecord(const TlsRecordHeader& header, + const DataBuffer& record, size_t* offset, + DataBuffer* output) override { + if (replaced_) { + return KEEP; + } + replaced_ = true; + TlsRecordHeader out_header(header.variant(), header.version(), + kTlsApplicationDataType, + header.sequence_number()); + + static const uint8_t junk[] = {1, 2, 3, 4}; + *offset = out_header.Write(output, *offset, DataBuffer(junk, sizeof(junk))); + return CHANGE; + } + + private: + bool replaced_; +}; + +// DTLS needs to discard application_data that it receives prior to handshake +// completion, not generate an error. +TEST_P(TlsConnectDatagram, ReplaceFirstServerRecordWithApplicationData) { + MakeTlsFilter<TlsReplaceFirstRecordWithJunk>(server_); + Connect(); +} + +TEST_P(TlsConnectDatagram, ReplaceFirstClientRecordWithApplicationData) { + MakeTlsFilter<TlsReplaceFirstRecordWithJunk>(client_); + Connect(); +} + INSTANTIATE_TEST_CASE_P(Datagram12Plus, TlsConnectDatagram12Plus, TlsConnectTestBase::kTlsV12Plus); INSTANTIATE_TEST_CASE_P(DatagramPre13, TlsConnectDatagramPre13, TlsConnectTestBase::kTlsV11V12); +INSTANTIATE_TEST_CASE_P(DatagramDrop13, TlsDropDatagram13, + ::testing::Values(true, false)); +INSTANTIATE_TEST_CASE_P(DatagramReorder13, TlsReorderDatagram13, + ::testing::Values(true, false)); +INSTANTIATE_TEST_CASE_P(DatagramFragment13, TlsFragmentationAndRecoveryTest, + ::testing::Values(true, false)); } // namespace nss_test diff --git a/security/nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc index 3c7cd2ecfa..12c6e8516c 100644 --- a/security/nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc @@ -192,8 +192,8 @@ TEST_P(TlsConnectGenericPre13, P384PriorityFromModelSocket) { class TlsKeyExchangeGroupCapture : public TlsHandshakeFilter { public: - TlsKeyExchangeGroupCapture(const std::shared_ptr<TlsAgent> &agent) - : TlsHandshakeFilter(agent, {kTlsHandshakeServerKeyExchange}), + TlsKeyExchangeGroupCapture(const std::shared_ptr<TlsAgent> &a) + : TlsHandshakeFilter(a, {kTlsHandshakeServerKeyExchange}), group_(ssl_grp_none) {} SSLNamedGroup group() const { return group_; } @@ -559,6 +559,113 @@ TEST_P(TlsConnectGenericPre13, ConnectECDHEmptyClientPoint) { server_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH); } +// Damage ECParams/ECPoint of a SKE. +class ECCServerKEXDamager : public TlsHandshakeFilter { + public: + ECCServerKEXDamager(const std::shared_ptr<TlsAgent> &server, ECType ec_type, + SSLNamedGroup named_curve) + : TlsHandshakeFilter(server, {kTlsHandshakeServerKeyExchange}), + ec_type_(ec_type), + named_curve_(named_curve) {} + + protected: + virtual PacketFilter::Action FilterHandshake(const HandshakeHeader &header, + const DataBuffer &input, + DataBuffer *output) { + size_t offset = 0; + output->Allocate(5); + offset = output->Write(offset, ec_type_, 1); + offset = output->Write(offset, named_curve_, 2); + // Write a point with fmt != EC_POINT_FORM_UNCOMPRESSED. + offset = output->Write(offset, 1U, 1); + (void)output->Write(offset, 0x02, 1); // EC_POINT_FORM_COMPRESSED_Y0 + return CHANGE; + } + + private: + ECType ec_type_; + SSLNamedGroup named_curve_; +}; + +TEST_P(TlsConnectGenericPre13, ConnectUnsupportedCurveType) { + EnsureTlsSetup(); + client_->DisableAllCiphers(); + client_->EnableCiphersByKeyExchange(ssl_kea_ecdh); + + MakeTlsFilter<ECCServerKEXDamager>(server_, ec_type_explicitPrime, + ssl_grp_none); + ConnectExpectAlert(client_, kTlsAlertHandshakeFailure); + client_->CheckErrorCode(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); +} + +TEST_P(TlsConnectGenericPre13, ConnectUnsupportedCurve) { + EnsureTlsSetup(); + client_->DisableAllCiphers(); + client_->EnableCiphersByKeyExchange(ssl_kea_ecdh); + + MakeTlsFilter<ECCServerKEXDamager>(server_, ec_type_named, + ssl_grp_ffdhe_2048); + ConnectExpectAlert(client_, kTlsAlertHandshakeFailure); + client_->CheckErrorCode(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); +} + +TEST_P(TlsConnectGenericPre13, ConnectUnsupportedPointFormat) { + EnsureTlsSetup(); + client_->DisableAllCiphers(); + client_->EnableCiphersByKeyExchange(ssl_kea_ecdh); + + MakeTlsFilter<ECCServerKEXDamager>(server_, ec_type_named, + ssl_grp_ec_secp256r1); + ConnectExpectAlert(client_, kTlsAlertHandshakeFailure); + client_->CheckErrorCode(SEC_ERROR_UNSUPPORTED_EC_POINT_FORM); +} + +// Replace SignatureAndHashAlgorithm of a SKE. +class ECCServerKEXSigAlgReplacer : public TlsHandshakeFilter { + public: + ECCServerKEXSigAlgReplacer(const std::shared_ptr<TlsAgent> &server, + SSLSignatureScheme sig_scheme) + : TlsHandshakeFilter(server, {kTlsHandshakeServerKeyExchange}), + sig_scheme_(sig_scheme) {} + + protected: + virtual PacketFilter::Action FilterHandshake(const HandshakeHeader &header, + const DataBuffer &input, + DataBuffer *output) { + *output = input; + + uint32_t point_len; + EXPECT_TRUE(output->Read(3, 1, &point_len)); + output->Write(4 + point_len, sig_scheme_, 2); + + return CHANGE; + } + + private: + SSLSignatureScheme sig_scheme_; +}; + +TEST_P(TlsConnectTls12, ConnectUnsupportedSigAlg) { + EnsureTlsSetup(); + client_->DisableAllCiphers(); + client_->EnableCiphersByKeyExchange(ssl_kea_ecdh); + + MakeTlsFilter<ECCServerKEXSigAlgReplacer>(server_, ssl_sig_none); + ConnectExpectAlert(client_, kTlsAlertIllegalParameter); + client_->CheckErrorCode(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM); +} + +TEST_P(TlsConnectTls12, ConnectIncorrectSigAlg) { + EnsureTlsSetup(); + client_->DisableAllCiphers(); + client_->EnableCiphersByKeyExchange(ssl_kea_ecdh); + + MakeTlsFilter<ECCServerKEXSigAlgReplacer>(server_, + ssl_sig_ecdsa_secp256r1_sha256); + ConnectExpectAlert(client_, kTlsAlertIllegalParameter); + client_->CheckErrorCode(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM); +} + INSTANTIATE_TEST_CASE_P(KeyExchangeTest, TlsKeyExchangeTest, ::testing::Combine(TlsConnectTestBase::kTlsVariantsAll, TlsConnectTestBase::kTlsV11Plus)); diff --git a/security/nss/gtests/ssl_gtest/ssl_extension_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_extension_unittest.cc index 0453dabdb6..6965e9ca75 100644 --- a/security/nss/gtests/ssl_gtest/ssl_extension_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_extension_unittest.cc @@ -19,9 +19,9 @@ namespace nss_test { class TlsExtensionTruncator : public TlsExtensionFilter { public: - TlsExtensionTruncator(const std::shared_ptr<TlsAgent>& agent, - uint16_t extension, size_t length) - : TlsExtensionFilter(agent), extension_(extension), length_(length) {} + TlsExtensionTruncator(const std::shared_ptr<TlsAgent>& a, uint16_t extension, + size_t length) + : TlsExtensionFilter(a), extension_(extension), length_(length) {} virtual PacketFilter::Action FilterExtension(uint16_t extension_type, const DataBuffer& input, DataBuffer* output) { @@ -43,9 +43,9 @@ class TlsExtensionTruncator : public TlsExtensionFilter { class TlsExtensionDamager : public TlsExtensionFilter { public: - TlsExtensionDamager(const std::shared_ptr<TlsAgent>& agent, - uint16_t extension, size_t index) - : TlsExtensionFilter(agent), extension_(extension), index_(index) {} + TlsExtensionDamager(const std::shared_ptr<TlsAgent>& a, uint16_t extension, + size_t index) + : TlsExtensionFilter(a), extension_(extension), index_(index) {} virtual PacketFilter::Action FilterExtension(uint16_t extension_type, const DataBuffer& input, DataBuffer* output) { @@ -65,11 +65,9 @@ class TlsExtensionDamager : public TlsExtensionFilter { class TlsExtensionAppender : public TlsHandshakeFilter { public: - TlsExtensionAppender(const std::shared_ptr<TlsAgent>& agent, + TlsExtensionAppender(const std::shared_ptr<TlsAgent>& a, uint8_t handshake_type, uint16_t ext, DataBuffer& data) - : TlsHandshakeFilter(agent, {handshake_type}), - extension_(ext), - data_(data) {} + : TlsHandshakeFilter(a, {handshake_type}), extension_(ext), data_(data) {} virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header, const DataBuffer& input, @@ -323,7 +321,15 @@ TEST_P(TlsExtensionTestGeneric, AlpnMissingValue) { TEST_P(TlsExtensionTestGeneric, AlpnZeroLength) { EnableAlpn(); - const uint8_t val[] = {0x01, 0x61, 0x00}; + const uint8_t val[] = {0x00, 0x03, 0x01, 0x61, 0x00}; + DataBuffer extension(val, sizeof(val)); + ClientHelloErrorTest(std::make_shared<TlsExtensionReplacer>( + client_, ssl_app_layer_protocol_xtn, extension)); +} + +TEST_P(TlsExtensionTestGeneric, AlpnLengthOverflow) { + EnableAlpn(); + const uint8_t val[] = {0x00, 0x03, 0x01, 0x61, 0x01}; DataBuffer extension(val, sizeof(val)); ClientHelloErrorTest(std::make_shared<TlsExtensionReplacer>( client_, ssl_app_layer_protocol_xtn, extension)); @@ -628,12 +634,9 @@ typedef std::function<void(TlsPreSharedKeyReplacer*)> class TlsPreSharedKeyReplacer : public TlsExtensionFilter { public: - TlsPreSharedKeyReplacer(const std::shared_ptr<TlsAgent>& agent, + TlsPreSharedKeyReplacer(const std::shared_ptr<TlsAgent>& a, TlsPreSharedKeyReplacerFunc function) - : TlsExtensionFilter(agent), - identities_(), - binders_(), - function_(function) {} + : TlsExtensionFilter(a), identities_(), binders_(), function_(function) {} static size_t CopyAndMaybeReplace(TlsParser* parser, size_t size, const std::unique_ptr<DataBuffer>& replace, diff --git a/security/nss/gtests/ssl_gtest/ssl_fragment_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_fragment_unittest.cc index f4940bf282..92947c2c70 100644 --- a/security/nss/gtests/ssl_gtest/ssl_fragment_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_fragment_unittest.cc @@ -20,14 +20,16 @@ namespace nss_test { // This class cuts every unencrypted handshake record into two parts. class RecordFragmenter : public PacketFilter { public: - RecordFragmenter() : sequence_number_(0), splitting_(true) {} + RecordFragmenter(bool is_dtls13) + : is_dtls13_(is_dtls13), sequence_number_(0), splitting_(true) {} private: class HandshakeSplitter { public: - HandshakeSplitter(const DataBuffer& input, DataBuffer* output, - uint64_t* sequence_number) - : input_(input), + HandshakeSplitter(bool is_dtls13, const DataBuffer& input, + DataBuffer* output, uint64_t* sequence_number) + : is_dtls13_(is_dtls13), + input_(input), output_(output), cursor_(0), sequence_number_(sequence_number) {} @@ -35,9 +37,9 @@ class RecordFragmenter : public PacketFilter { private: void WriteRecord(TlsRecordHeader& record_header, DataBuffer& record_fragment) { - TlsRecordHeader fragment_header(record_header.version(), - record_header.content_type(), - *sequence_number_); + TlsRecordHeader fragment_header( + record_header.variant(), record_header.version(), + record_header.content_type(), *sequence_number_); ++*sequence_number_; if (::g_ssl_gtest_verbose) { std::cerr << "Fragment: " << fragment_header << ' ' << record_fragment @@ -88,7 +90,7 @@ class RecordFragmenter : public PacketFilter { while (parser.remaining()) { TlsRecordHeader header; DataBuffer record; - if (!header.Parse(0, &parser, &record)) { + if (!header.Parse(is_dtls13_, 0, &parser, &record)) { ADD_FAILURE() << "bad record header"; return false; } @@ -118,6 +120,7 @@ class RecordFragmenter : public PacketFilter { } private: + bool is_dtls13_; const DataBuffer& input_; DataBuffer* output_; size_t cursor_; @@ -132,7 +135,7 @@ class RecordFragmenter : public PacketFilter { } output->Allocate(input.len()); - HandshakeSplitter splitter(input, output, &sequence_number_); + HandshakeSplitter splitter(is_dtls13_, input, output, &sequence_number_); if (!splitter.Split()) { // If splitting fails, we obviously reached encrypted packets. // Stop splitting from that point onward. @@ -144,18 +147,21 @@ class RecordFragmenter : public PacketFilter { } private: + bool is_dtls13_; uint64_t sequence_number_; bool splitting_; }; TEST_P(TlsConnectDatagram, FragmentClientPackets) { - client_->SetFilter(std::make_shared<RecordFragmenter>()); + bool is_dtls13 = version_ >= SSL_LIBRARY_VERSION_TLS_1_3; + client_->SetFilter(std::make_shared<RecordFragmenter>(is_dtls13)); Connect(); SendReceive(); } TEST_P(TlsConnectDatagram, FragmentServerPackets) { - server_->SetFilter(std::make_shared<RecordFragmenter>()); + bool is_dtls13 = version_ >= SSL_LIBRARY_VERSION_TLS_1_3; + server_->SetFilter(std::make_shared<RecordFragmenter>(is_dtls13)); Connect(); SendReceive(); } diff --git a/security/nss/gtests/ssl_gtest/ssl_fuzz_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_fuzz_unittest.cc index 99448321c5..f0afc9118a 100644 --- a/security/nss/gtests/ssl_gtest/ssl_fuzz_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_fuzz_unittest.cc @@ -27,8 +27,8 @@ class TlsFuzzTest : public ::testing::Test {}; // Record the application data stream. class TlsApplicationDataRecorder : public TlsRecordFilter { public: - TlsApplicationDataRecorder(const std::shared_ptr<TlsAgent>& agent) - : TlsRecordFilter(agent), buffer_() {} + TlsApplicationDataRecorder(const std::shared_ptr<TlsAgent>& a) + : TlsRecordFilter(a), buffer_() {} virtual PacketFilter::Action FilterRecord(const TlsRecordHeader& header, const DataBuffer& input, diff --git a/security/nss/gtests/ssl_gtest/ssl_gtest.gyp b/security/nss/gtests/ssl_gtest/ssl_gtest.gyp index e2a8d830ac..17677713d6 100644 --- a/security/nss/gtests/ssl_gtest/ssl_gtest.gyp +++ b/security/nss/gtests/ssl_gtest/ssl_gtest.gyp @@ -37,6 +37,7 @@ 'ssl_loopback_unittest.cc', 'ssl_misc_unittest.cc', 'ssl_record_unittest.cc', + 'ssl_recordsize_unittest.cc', 'ssl_resumption_unittest.cc', 'ssl_renegotiation_unittest.cc', 'ssl_skip_unittest.cc', diff --git a/security/nss/gtests/ssl_gtest/ssl_hrr_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_hrr_unittest.cc index 05ae870348..77b335e86b 100644 --- a/security/nss/gtests/ssl_gtest/ssl_hrr_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_hrr_unittest.cc @@ -69,8 +69,8 @@ TEST_P(TlsConnectTls13, HelloRetryRequestAbortsZeroRtt) { // handshake packets, this will break. class CorrectMessageSeqAfterHrrFilter : public TlsRecordFilter { public: - CorrectMessageSeqAfterHrrFilter(const std::shared_ptr<TlsAgent>& agent) - : TlsRecordFilter(agent) {} + CorrectMessageSeqAfterHrrFilter(const std::shared_ptr<TlsAgent>& a) + : TlsRecordFilter(a) {} protected: PacketFilter::Action FilterRecord(const TlsRecordHeader& header, @@ -81,8 +81,9 @@ class CorrectMessageSeqAfterHrrFilter : public TlsRecordFilter { } DataBuffer buffer(record); - TlsRecordHeader new_header = {header.version(), header.content_type(), - header.sequence_number() + 1}; + TlsRecordHeader new_header(header.variant(), header.version(), + header.content_type(), + header.sequence_number() + 1); // Correct message_seq. buffer.Write(4, 1U, 2); @@ -151,8 +152,8 @@ TEST_P(TlsConnectTls13, SecondClientHelloRejectEarlyDataXtn) { class KeyShareReplayer : public TlsExtensionFilter { public: - KeyShareReplayer(const std::shared_ptr<TlsAgent>& agent) - : TlsExtensionFilter(agent) {} + KeyShareReplayer(const std::shared_ptr<TlsAgent>& a) + : TlsExtensionFilter(a) {} virtual PacketFilter::Action FilterExtension(uint16_t extension_type, const DataBuffer& input, @@ -567,6 +568,28 @@ void TriggerHelloRetryRequest(std::shared_ptr<TlsAgent>& client, client->Handshake(); server->Handshake(); EXPECT_EQ(1U, cb_called); + // Stop the callback from being called in future handshakes. + EXPECT_EQ(SECSuccess, + SSL_HelloRetryRequestCallback(server->ssl_fd(), nullptr, nullptr)); +} + +TEST_P(TlsConnectTls13, VersionNumbersAfterRetry) { + ConfigureSelfEncrypt(); + EnsureTlsSetup(); + auto r = MakeTlsFilter<TlsRecordRecorder>(client_); + TriggerHelloRetryRequest(client_, server_); + Handshake(); + ASSERT_GT(r->count(), 1UL); + auto ch1 = r->record(0); + if (ch1.header.is_dtls()) { + ASSERT_EQ(SSL_LIBRARY_VERSION_TLS_1_1, ch1.header.version()); + } else { + ASSERT_EQ(SSL_LIBRARY_VERSION_TLS_1_0, ch1.header.version()); + } + auto ch2 = r->record(1); + ASSERT_EQ(SSL_LIBRARY_VERSION_TLS_1_2, ch2.header.version()); + + CheckConnected(); } TEST_P(TlsConnectTls13, RetryStateless) { @@ -577,6 +600,7 @@ TEST_P(TlsConnectTls13, RetryStateless) { MakeNewServer(); Handshake(); + CheckConnected(); SendReceive(); } @@ -593,6 +617,68 @@ TEST_P(TlsConnectTls13, RetryStatefulDropCookie) { server_->CheckErrorCode(SSL_ERROR_MISSING_COOKIE_EXTENSION); } +class TruncateHrrCookie : public TlsExtensionFilter { + public: + TruncateHrrCookie(const std::shared_ptr<TlsAgent>& a) + : TlsExtensionFilter(a) {} + virtual PacketFilter::Action FilterExtension(uint16_t extension_type, + const DataBuffer& input, + DataBuffer* output) { + if (extension_type != ssl_tls13_cookie_xtn) { + return KEEP; + } + + // Claim a zero-length cookie. + output->Allocate(2); + output->Write(0, static_cast<uint32_t>(0), 2); + return CHANGE; + } +}; + +TEST_P(TlsConnectTls13, RetryCookieEmpty) { + ConfigureSelfEncrypt(); + EnsureTlsSetup(); + + TriggerHelloRetryRequest(client_, server_); + MakeTlsFilter<TruncateHrrCookie>(client_); + + ExpectAlert(server_, kTlsAlertHandshakeFailure); + Handshake(); + client_->CheckErrorCode(SSL_ERROR_NO_CYPHER_OVERLAP); + server_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO); +} + +class AddJunkToCookie : public TlsExtensionFilter { + public: + AddJunkToCookie(const std::shared_ptr<TlsAgent>& a) : TlsExtensionFilter(a) {} + virtual PacketFilter::Action FilterExtension(uint16_t extension_type, + const DataBuffer& input, + DataBuffer* output) { + if (extension_type != ssl_tls13_cookie_xtn) { + return KEEP; + } + + *output = input; + // Add junk after the cookie. + static const uint8_t junk[2] = {1, 2}; + output->Append(DataBuffer(junk, sizeof(junk))); + return CHANGE; + } +}; + +TEST_P(TlsConnectTls13, RetryCookieWithExtras) { + ConfigureSelfEncrypt(); + EnsureTlsSetup(); + + TriggerHelloRetryRequest(client_, server_); + MakeTlsFilter<AddJunkToCookie>(client_); + + ExpectAlert(server_, kTlsAlertHandshakeFailure); + Handshake(); + client_->CheckErrorCode(SSL_ERROR_NO_CYPHER_OVERLAP); + server_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO); +} + // Stream only because DTLS drops bad packets. TEST_F(TlsConnectStreamTls13, RetryStatelessDamageFirstClientHello) { ConfigureSelfEncrypt(); @@ -907,7 +993,10 @@ class HelloRetryRequestAgentTest : public TlsAgentTestClient { hrr_data.Allocate(len + 6); size_t i = 0; - i = hrr_data.Write(i, 0x0303, 2); + i = hrr_data.Write(i, variant_ == ssl_variant_datagram + ? SSL_LIBRARY_VERSION_DTLS_1_2_WIRE + : SSL_LIBRARY_VERSION_TLS_1_2, + 2); i = hrr_data.Write(i, ssl_hello_retry_random, sizeof(ssl_hello_retry_random)); i = hrr_data.Write(i, static_cast<uint32_t>(0), 1); // session_id @@ -973,6 +1062,39 @@ TEST_P(HelloRetryRequestAgentTest, HandleNoopHelloRetryRequest) { SSL_ERROR_RX_MALFORMED_HELLO_RETRY_REQUEST); } +class ReplaceRandom : public TlsHandshakeFilter { + public: + ReplaceRandom(const std::shared_ptr<TlsAgent>& a, const DataBuffer& r) + : TlsHandshakeFilter(a, {kTlsHandshakeServerHello}), random_(r) {} + + PacketFilter::Action FilterHandshake(const HandshakeHeader& header, + const DataBuffer& input, + DataBuffer* output) override { + output->Assign(input); + output->Write(2, random_); + return CHANGE; + } + + private: + DataBuffer random_; +}; + +// Make sure that the TLS 1.3 special value for the ServerHello.random +// is rejected by earlier versions. +TEST_P(TlsConnectStreamPre13, HrrRandomOnTls10) { + static const uint8_t hrr_random[] = { + 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11, 0xBE, 0x1D, 0x8C, + 0x02, 0x1E, 0x65, 0xB8, 0x91, 0xC2, 0xA2, 0x11, 0x16, 0x7A, 0xBB, + 0x8C, 0x5E, 0x07, 0x9E, 0x09, 0xE2, 0xC8, 0xA8, 0x33, 0x9C}; + + EnsureTlsSetup(); + MakeTlsFilter<ReplaceRandom>(server_, + DataBuffer(hrr_random, sizeof(hrr_random))); + ConnectExpectAlert(client_, kTlsAlertIllegalParameter); + client_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_SERVER_HELLO); + server_->CheckErrorCode(SSL_ERROR_ILLEGAL_PARAMETER_ALERT); +} + INSTANTIATE_TEST_CASE_P(HelloRetryRequestAgentTests, HelloRetryRequestAgentTest, ::testing::Combine(TlsConnectTestBase::kTlsVariantsAll, TlsConnectTestBase::kTlsV13)); diff --git a/security/nss/gtests/ssl_gtest/ssl_loopback_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_loopback_unittest.cc index f1b78f52fd..5adbd9dc71 100644 --- a/security/nss/gtests/ssl_gtest/ssl_loopback_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_loopback_unittest.cc @@ -56,8 +56,8 @@ TEST_P(TlsConnectGeneric, CipherSuiteMismatch) { class TlsAlertRecorder : public TlsRecordFilter { public: - TlsAlertRecorder(const std::shared_ptr<TlsAgent>& agent) - : TlsRecordFilter(agent), level_(255), description_(255) {} + TlsAlertRecorder(const std::shared_ptr<TlsAgent>& a) + : TlsRecordFilter(a), level_(255), description_(255) {} PacketFilter::Action FilterRecord(const TlsRecordHeader& header, const DataBuffer& input, @@ -87,9 +87,9 @@ class TlsAlertRecorder : public TlsRecordFilter { class HelloTruncator : public TlsHandshakeFilter { public: - HelloTruncator(const std::shared_ptr<TlsAgent>& agent) + HelloTruncator(const std::shared_ptr<TlsAgent>& a) : TlsHandshakeFilter( - agent, {kTlsHandshakeClientHello, kTlsHandshakeServerHello}) {} + a, {kTlsHandshakeClientHello, kTlsHandshakeServerHello}) {} PacketFilter::Action FilterHandshake(const HandshakeHeader& header, const DataBuffer& input, DataBuffer* output) override { @@ -149,6 +149,27 @@ TEST_P(TlsConnectGeneric, ConnectAlpn) { CheckAlpn("a"); } +TEST_P(TlsConnectGeneric, ConnectAlpnPriorityA) { + // "alpn" "npn" + // alpn is the fallback here. npn has the highest priority and should be + // picked. + const std::vector<uint8_t> alpn = {0x04, 0x61, 0x6c, 0x70, 0x6e, + 0x03, 0x6e, 0x70, 0x6e}; + EnableAlpn(alpn); + Connect(); + CheckAlpn("npn"); +} + +TEST_P(TlsConnectGeneric, ConnectAlpnPriorityB) { + // "alpn" "npn" "http" + // npn has the highest priority and should be picked. + const std::vector<uint8_t> alpn = {0x04, 0x61, 0x6c, 0x70, 0x6e, 0x03, 0x6e, + 0x70, 0x6e, 0x04, 0x68, 0x74, 0x74, 0x70}; + EnableAlpn(alpn); + Connect(); + CheckAlpn("npn"); +} + TEST_P(TlsConnectGeneric, ConnectAlpnClone) { EnsureModelSockets(); client_model_->EnableAlpn(alpn_dummy_val_, sizeof(alpn_dummy_val_)); @@ -157,6 +178,33 @@ TEST_P(TlsConnectGeneric, ConnectAlpnClone) { CheckAlpn("a"); } +TEST_P(TlsConnectGeneric, ConnectAlpnWithCustomCallbackA) { + // "ab" "alpn" + const std::vector<uint8_t> client_alpn = {0x02, 0x61, 0x62, 0x04, + 0x61, 0x6c, 0x70, 0x6e}; + EnableAlpnWithCallback(client_alpn, "alpn"); + Connect(); + CheckAlpn("alpn"); +} + +TEST_P(TlsConnectGeneric, ConnectAlpnWithCustomCallbackB) { + // "ab" "alpn" + const std::vector<uint8_t> client_alpn = {0x02, 0x61, 0x62, 0x04, + 0x61, 0x6c, 0x70, 0x6e}; + EnableAlpnWithCallback(client_alpn, "ab"); + Connect(); + CheckAlpn("ab"); +} + +TEST_P(TlsConnectGeneric, ConnectAlpnWithCustomCallbackC) { + // "cd" "npn" "alpn" + const std::vector<uint8_t> client_alpn = {0x02, 0x63, 0x64, 0x03, 0x6e, 0x70, + 0x6e, 0x04, 0x61, 0x6c, 0x70, 0x6e}; + EnableAlpnWithCallback(client_alpn, "npn"); + Connect(); + CheckAlpn("npn"); +} + TEST_P(TlsConnectDatagram, ConnectSrtp) { EnableSrtp(); Connect(); @@ -171,8 +219,8 @@ TEST_P(TlsConnectGeneric, ConnectSendReceive) { class SaveTlsRecord : public TlsRecordFilter { public: - SaveTlsRecord(const std::shared_ptr<TlsAgent>& agent, size_t index) - : TlsRecordFilter(agent), index_(index), count_(0), contents_() {} + SaveTlsRecord(const std::shared_ptr<TlsAgent>& a, size_t index) + : TlsRecordFilter(a), index_(index), count_(0), contents_() {} const DataBuffer& contents() const { return contents_; } @@ -227,8 +275,8 @@ TEST_F(TlsConnectStreamTls13, DecryptRecordServer) { class DropTlsRecord : public TlsRecordFilter { public: - DropTlsRecord(const std::shared_ptr<TlsAgent>& agent, size_t index) - : TlsRecordFilter(agent), index_(index), count_(0) {} + DropTlsRecord(const std::shared_ptr<TlsAgent>& a, size_t index) + : TlsRecordFilter(a), index_(index), count_(0) {} protected: PacketFilter::Action FilterRecord(const TlsRecordHeader& header, @@ -373,8 +421,8 @@ TEST_P(TlsHolddownTest, TestDtlsHolddownExpiryResumption) { class TlsPreCCSHeaderInjector : public TlsRecordFilter { public: - TlsPreCCSHeaderInjector(const std::shared_ptr<TlsAgent>& agent) - : TlsRecordFilter(agent) {} + TlsPreCCSHeaderInjector(const std::shared_ptr<TlsAgent>& a) + : TlsRecordFilter(a) {} virtual PacketFilter::Action FilterRecord( const TlsRecordHeader& record_header, const DataBuffer& input, size_t* offset, DataBuffer* output) override { @@ -383,7 +431,8 @@ class TlsPreCCSHeaderInjector : public TlsRecordFilter { std::cerr << "Injecting Finished header before CCS\n"; const uint8_t hhdr[] = {kTlsHandshakeFinished, 0x00, 0x00, 0x0c}; DataBuffer hhdr_buf(hhdr, sizeof(hhdr)); - TlsRecordHeader nhdr(record_header.version(), kTlsHandshakeType, 0); + TlsRecordHeader nhdr(record_header.variant(), record_header.version(), + kTlsHandshakeType, 0); *offset = nhdr.Write(output, *offset, hhdr_buf); *offset = record_header.Write(output, *offset, input); return CHANGE; diff --git a/security/nss/gtests/ssl_gtest/ssl_record_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_record_unittest.cc index 3b87278501..53b11c61a5 100644 --- a/security/nss/gtests/ssl_gtest/ssl_record_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_record_unittest.cc @@ -103,16 +103,14 @@ TEST_P(TlsPaddingTest, LastByteOfPadWrong) { class RecordReplacer : public TlsRecordFilter { public: - RecordReplacer(const std::shared_ptr<TlsAgent>& agent, size_t size) - : TlsRecordFilter(agent), enabled_(false), size_(size) {} + RecordReplacer(const std::shared_ptr<TlsAgent>& a, size_t size) + : TlsRecordFilter(a), size_(size) { + Disable(); + } PacketFilter::Action FilterRecord(const TlsRecordHeader& header, const DataBuffer& data, DataBuffer* changed) override { - if (!enabled_) { - return KEEP; - } - EXPECT_EQ(kTlsApplicationDataType, header.content_type()); changed->Allocate(size_); @@ -120,17 +118,33 @@ class RecordReplacer : public TlsRecordFilter { changed->data()[i] = i & 0xff; } - enabled_ = false; + Disable(); return CHANGE; } - void Enable() { enabled_ = true; } - private: - bool enabled_; size_t size_; }; +TEST_P(TlsConnectStream, BadRecordMac) { + EnsureTlsSetup(); + Connect(); + client_->SetFilter(std::make_shared<TlsRecordLastByteDamager>(client_)); + ExpectAlert(server_, kTlsAlertBadRecordMac); + client_->SendData(10); + + // Read from the client, get error. + uint8_t buf[10]; + PRInt32 rv = PR_Read(server_->ssl_fd(), buf, sizeof(buf)); + EXPECT_GT(0, rv); + EXPECT_EQ(SSL_ERROR_BAD_MAC_READ, PORT_GetError()); + + // Read the server alert. + rv = PR_Read(client_->ssl_fd(), buf, sizeof(buf)); + EXPECT_GT(0, rv); + EXPECT_EQ(SSL_ERROR_BAD_MAC_ALERT, PORT_GetError()); +} + TEST_F(TlsConnectStreamTls13, LargeRecord) { EnsureTlsSetup(); @@ -168,6 +182,29 @@ TEST_F(TlsConnectStreamTls13, TooLargeRecord) { EXPECT_EQ(SSL_ERROR_RECORD_OVERFLOW_ALERT, PORT_GetError()); } +class ShortHeaderChecker : public PacketFilter { + public: + PacketFilter::Action Filter(const DataBuffer& input, DataBuffer* output) { + // The first octet should be 0b001xxxxx. + EXPECT_EQ(1, input.data()[0] >> 5); + return KEEP; + } +}; + +TEST_F(TlsConnectDatagram13, ShortHeadersClient) { + Connect(); + client_->SetOption(SSL_ENABLE_DTLS_SHORT_HEADER, PR_TRUE); + client_->SetFilter(std::make_shared<ShortHeaderChecker>()); + SendReceive(); +} + +TEST_F(TlsConnectDatagram13, ShortHeadersServer) { + Connect(); + server_->SetOption(SSL_ENABLE_DTLS_SHORT_HEADER, PR_TRUE); + server_->SetFilter(std::make_shared<ShortHeaderChecker>()); + SendReceive(); +} + const static size_t kContentSizesArr[] = { 1, kMacSize - 1, kMacSize, 30, 31, 32, 36, 256, 257, 287, 288}; diff --git a/security/nss/gtests/ssl_gtest/ssl_recordsize_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_recordsize_unittest.cc new file mode 100644 index 0000000000..00651aec5f --- /dev/null +++ b/security/nss/gtests/ssl_gtest/ssl_recordsize_unittest.cc @@ -0,0 +1,431 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "secerr.h" +#include "ssl.h" +#include "sslerr.h" +#include "sslproto.h" + +#include "gtest_utils.h" +#include "scoped_ptrs.h" +#include "tls_connect.h" +#include "tls_filter.h" +#include "tls_parser.h" + +namespace nss_test { + +// This class tracks the maximum size of record that was sent, both cleartext +// and plain. It only tracks records that have an outer type of +// application_data. In TLS 1.3, this includes handshake messages. +class TlsRecordMaximum : public TlsRecordFilter { + public: + TlsRecordMaximum(const std::shared_ptr<TlsAgent>& a) + : TlsRecordFilter(a), max_ciphertext_(0), max_plaintext_(0) {} + + size_t max_ciphertext() const { return max_ciphertext_; } + size_t max_plaintext() const { return max_plaintext_; } + + protected: + PacketFilter::Action FilterRecord(const TlsRecordHeader& header, + const DataBuffer& record, size_t* offset, + DataBuffer* output) override { + std::cerr << "max: " << record << std::endl; + // Ignore unprotected packets. + if (header.content_type() != kTlsApplicationDataType) { + return KEEP; + } + + max_ciphertext_ = (std::max)(max_ciphertext_, record.len()); + return TlsRecordFilter::FilterRecord(header, record, offset, output); + } + + PacketFilter::Action FilterRecord(const TlsRecordHeader& header, + const DataBuffer& data, + DataBuffer* changed) override { + max_plaintext_ = (std::max)(max_plaintext_, data.len()); + return KEEP; + } + + private: + size_t max_ciphertext_; + size_t max_plaintext_; +}; + +void CheckRecordSizes(const std::shared_ptr<TlsAgent>& agent, + const std::shared_ptr<TlsRecordMaximum>& record_max, + size_t config) { + uint16_t cipher_suite; + ASSERT_TRUE(agent->cipher_suite(&cipher_suite)); + + size_t expansion; + size_t iv; + switch (cipher_suite) { + case TLS_AES_128_GCM_SHA256: + case TLS_AES_256_GCM_SHA384: + case TLS_CHACHA20_POLY1305_SHA256: + expansion = 16; + iv = 0; + break; + + case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: + expansion = 16; + iv = 8; + break; + + case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: + // Expansion is 20 for the MAC. Maximum block padding is 16. Maximum + // padding is added when the input plus the MAC is an exact multiple of + // the block size. + expansion = 20 + 16 - ((config + 20) % 16); + iv = 16; + break; + + default: + ADD_FAILURE() << "No expansion set for ciphersuite " + << agent->cipher_suite_name(); + return; + } + + switch (agent->version()) { + case SSL_LIBRARY_VERSION_TLS_1_3: + EXPECT_EQ(0U, iv) << "No IV for TLS 1.3"; + // We only have decryption in TLS 1.3. + EXPECT_EQ(config - 1, record_max->max_plaintext()) + << "bad plaintext length for " << agent->role_str(); + break; + + case SSL_LIBRARY_VERSION_TLS_1_2: + case SSL_LIBRARY_VERSION_TLS_1_1: + expansion += iv; + break; + + case SSL_LIBRARY_VERSION_TLS_1_0: + break; + + default: + ADD_FAILURE() << "Unexpected version " << agent->version(); + return; + } + + EXPECT_EQ(config + expansion, record_max->max_ciphertext()) + << "bad ciphertext length for " << agent->role_str(); +} + +TEST_P(TlsConnectGeneric, RecordSizeMaximum) { + uint16_t max_record_size = + (version_ >= SSL_LIBRARY_VERSION_TLS_1_3) ? 16385 : 16384; + size_t send_size = (version_ >= SSL_LIBRARY_VERSION_TLS_1_3) + ? max_record_size + : max_record_size + 1; + + EnsureTlsSetup(); + auto client_max = MakeTlsFilter<TlsRecordMaximum>(client_); + client_max->EnableDecryption(); + auto server_max = MakeTlsFilter<TlsRecordMaximum>(server_); + server_max->EnableDecryption(); + + Connect(); + client_->SendData(send_size, send_size); + server_->SendData(send_size, send_size); + server_->ReadBytes(send_size); + client_->ReadBytes(send_size); + + CheckRecordSizes(client_, client_max, max_record_size); + CheckRecordSizes(server_, server_max, max_record_size); +} + +TEST_P(TlsConnectGeneric, RecordSizeMinimumClient) { + EnsureTlsSetup(); + auto server_max = MakeTlsFilter<TlsRecordMaximum>(server_); + server_max->EnableDecryption(); + + client_->SetOption(SSL_RECORD_SIZE_LIMIT, 64); + Connect(); + SendReceive(127); // Big enough for one record, allowing for 1+N splitting. + + CheckRecordSizes(server_, server_max, 64); +} + +TEST_P(TlsConnectGeneric, RecordSizeMinimumServer) { + EnsureTlsSetup(); + auto client_max = MakeTlsFilter<TlsRecordMaximum>(client_); + client_max->EnableDecryption(); + + server_->SetOption(SSL_RECORD_SIZE_LIMIT, 64); + Connect(); + SendReceive(127); + + CheckRecordSizes(client_, client_max, 64); +} + +TEST_P(TlsConnectGeneric, RecordSizeAsymmetric) { + EnsureTlsSetup(); + auto client_max = MakeTlsFilter<TlsRecordMaximum>(client_); + client_max->EnableDecryption(); + auto server_max = MakeTlsFilter<TlsRecordMaximum>(server_); + server_max->EnableDecryption(); + + client_->SetOption(SSL_RECORD_SIZE_LIMIT, 64); + server_->SetOption(SSL_RECORD_SIZE_LIMIT, 100); + Connect(); + SendReceive(127); + + CheckRecordSizes(client_, client_max, 100); + CheckRecordSizes(server_, server_max, 64); +} + +// This just modifies the encrypted payload so to include a few extra zeros. +class TlsRecordExpander : public TlsRecordFilter { + public: + TlsRecordExpander(const std::shared_ptr<TlsAgent>& a, size_t expansion) + : TlsRecordFilter(a), expansion_(expansion) {} + + protected: + virtual PacketFilter::Action FilterRecord(const TlsRecordHeader& header, + const DataBuffer& data, + DataBuffer* changed) { + if (header.content_type() != kTlsApplicationDataType) { + return KEEP; + } + changed->Allocate(data.len() + expansion_); + changed->Write(0, data.data(), data.len()); + return CHANGE; + } + + private: + size_t expansion_; +}; + +// Tweak the plaintext of server records so that they exceed the client's limit. +TEST_P(TlsConnectTls13, RecordSizePlaintextExceed) { + EnsureTlsSetup(); + auto server_expand = MakeTlsFilter<TlsRecordExpander>(server_, 1); + server_expand->EnableDecryption(); + + client_->SetOption(SSL_RECORD_SIZE_LIMIT, 64); + Connect(); + + server_->SendData(100); + + client_->ExpectReadWriteError(); + ExpectAlert(client_, kTlsAlertRecordOverflow); + client_->ReadBytes(100); + EXPECT_EQ(SSL_ERROR_RX_RECORD_TOO_LONG, client_->error_code()); + + // Consume the alert at the server. + server_->Handshake(); + server_->CheckErrorCode(SSL_ERROR_RECORD_OVERFLOW_ALERT); +} + +// Tweak the ciphertext of server records so that they greatly exceed the limit. +// This requires a much larger expansion than for plaintext to trigger the +// guard, which runs before decryption (current allowance is 304 octets). +TEST_P(TlsConnectTls13, RecordSizeCiphertextExceed) { + EnsureTlsSetup(); + + client_->SetOption(SSL_RECORD_SIZE_LIMIT, 64); + Connect(); + + auto server_expand = MakeTlsFilter<TlsRecordExpander>(server_, 320); + server_->SendData(100); + + client_->ExpectReadWriteError(); + ExpectAlert(client_, kTlsAlertRecordOverflow); + client_->ReadBytes(100); + EXPECT_EQ(SSL_ERROR_RX_RECORD_TOO_LONG, client_->error_code()); + + // Consume the alert at the server. + server_->Handshake(); + server_->CheckErrorCode(SSL_ERROR_RECORD_OVERFLOW_ALERT); +} + +// This indiscriminately adds padding to application data records. +class TlsRecordPadder : public TlsRecordFilter { + public: + TlsRecordPadder(const std::shared_ptr<TlsAgent>& a, size_t padding) + : TlsRecordFilter(a), padding_(padding) {} + + protected: + PacketFilter::Action FilterRecord(const TlsRecordHeader& header, + const DataBuffer& record, size_t* offset, + DataBuffer* output) override { + if (header.content_type() != kTlsApplicationDataType) { + return KEEP; + } + + uint8_t inner_content_type; + DataBuffer plaintext; + if (!Unprotect(header, record, &inner_content_type, &plaintext)) { + return KEEP; + } + + if (inner_content_type != kTlsApplicationDataType) { + return KEEP; + } + + DataBuffer ciphertext; + bool ok = + Protect(header, inner_content_type, plaintext, &ciphertext, padding_); + EXPECT_TRUE(ok); + if (!ok) { + return KEEP; + } + *offset = header.Write(output, *offset, ciphertext); + return CHANGE; + } + + private: + size_t padding_; +}; + +TEST_P(TlsConnectTls13, RecordSizeExceedPad) { + EnsureTlsSetup(); + auto server_max = std::make_shared<TlsRecordMaximum>(server_); + auto server_expand = std::make_shared<TlsRecordPadder>(server_, 1); + server_->SetFilter(std::make_shared<ChainedPacketFilter>( + ChainedPacketFilterInit({server_max, server_expand}))); + server_expand->EnableDecryption(); + + client_->SetOption(SSL_RECORD_SIZE_LIMIT, 64); + Connect(); + + server_->SendData(100); + + client_->ExpectReadWriteError(); + ExpectAlert(client_, kTlsAlertRecordOverflow); + client_->ReadBytes(100); + EXPECT_EQ(SSL_ERROR_RX_RECORD_TOO_LONG, client_->error_code()); + + // Consume the alert at the server. + server_->Handshake(); + server_->CheckErrorCode(SSL_ERROR_RECORD_OVERFLOW_ALERT); +} + +TEST_P(TlsConnectGeneric, RecordSizeBadValues) { + EnsureTlsSetup(); + EXPECT_EQ(SECFailure, + SSL_OptionSet(client_->ssl_fd(), SSL_RECORD_SIZE_LIMIT, 63)); + EXPECT_EQ(SECFailure, + SSL_OptionSet(client_->ssl_fd(), SSL_RECORD_SIZE_LIMIT, -1)); + EXPECT_EQ(SECFailure, + SSL_OptionSet(server_->ssl_fd(), SSL_RECORD_SIZE_LIMIT, 16386)); + Connect(); +} + +TEST_P(TlsConnectGeneric, RecordSizeGetValues) { + EnsureTlsSetup(); + int v; + EXPECT_EQ(SECSuccess, + SSL_OptionGet(client_->ssl_fd(), SSL_RECORD_SIZE_LIMIT, &v)); + EXPECT_EQ(16385, v); + client_->SetOption(SSL_RECORD_SIZE_LIMIT, 300); + EXPECT_EQ(SECSuccess, + SSL_OptionGet(client_->ssl_fd(), SSL_RECORD_SIZE_LIMIT, &v)); + EXPECT_EQ(300, v); + Connect(); +} + +// The value of the extension is capped by the maximum version of the client. +TEST_P(TlsConnectGeneric, RecordSizeCapExtensionClient) { + EnsureTlsSetup(); + client_->SetOption(SSL_RECORD_SIZE_LIMIT, 16385); + auto capture = + MakeTlsFilter<TlsExtensionCapture>(client_, ssl_record_size_limit_xtn); + capture->EnableDecryption(); + Connect(); + + uint64_t val = 0; + EXPECT_TRUE(capture->extension().Read(0, 2, &val)); + if (version_ < SSL_LIBRARY_VERSION_TLS_1_3) { + EXPECT_EQ(16384U, val) << "Extension should be capped"; + } else { + EXPECT_EQ(16385U, val); + } +} + +// The value of the extension is capped by the maximum version of the server. +TEST_P(TlsConnectGeneric, RecordSizeCapExtensionServer) { + EnsureTlsSetup(); + server_->SetOption(SSL_RECORD_SIZE_LIMIT, 16385); + auto capture = + MakeTlsFilter<TlsExtensionCapture>(server_, ssl_record_size_limit_xtn); + capture->EnableDecryption(); + Connect(); + + uint64_t val = 0; + EXPECT_TRUE(capture->extension().Read(0, 2, &val)); + if (version_ < SSL_LIBRARY_VERSION_TLS_1_3) { + EXPECT_EQ(16384U, val) << "Extension should be capped"; + } else { + EXPECT_EQ(16385U, val); + } +} + +// Damage the client extension and the handshake fails, but the server +// doesn't generate a validation error. +TEST_P(TlsConnectGenericPre13, RecordSizeClientExtensionInvalid) { + EnsureTlsSetup(); + client_->SetOption(SSL_RECORD_SIZE_LIMIT, 1000); + static const uint8_t v[] = {0xf4, 0x1f}; + MakeTlsFilter<TlsExtensionReplacer>(client_, ssl_record_size_limit_xtn, + DataBuffer(v, sizeof(v))); + ConnectExpectAlert(server_, kTlsAlertDecryptError); +} + +// Special handling for TLS 1.3, where the alert isn't read. +TEST_F(TlsConnectStreamTls13, RecordSizeClientExtensionInvalid) { + EnsureTlsSetup(); + client_->SetOption(SSL_RECORD_SIZE_LIMIT, 1000); + static const uint8_t v[] = {0xf4, 0x1f}; + MakeTlsFilter<TlsExtensionReplacer>(client_, ssl_record_size_limit_xtn, + DataBuffer(v, sizeof(v))); + client_->ExpectSendAlert(kTlsAlertBadRecordMac); + server_->ExpectSendAlert(kTlsAlertBadRecordMac); + ConnectExpectFail(); +} + +TEST_P(TlsConnectGeneric, RecordSizeServerExtensionInvalid) { + EnsureTlsSetup(); + server_->SetOption(SSL_RECORD_SIZE_LIMIT, 1000); + static const uint8_t v[] = {0xf4, 0x1f}; + auto replace = MakeTlsFilter<TlsExtensionReplacer>( + server_, ssl_record_size_limit_xtn, DataBuffer(v, sizeof(v))); + replace->EnableDecryption(); + ConnectExpectAlert(client_, kTlsAlertIllegalParameter); +} + +class RecordSizeDefaultsTest : public ::testing::Test { + public: + void SetUp() { + EXPECT_EQ(SECSuccess, + SSL_OptionGetDefault(SSL_RECORD_SIZE_LIMIT, &default_)); + } + void TearDown() { + // Make sure to restore the default value at the end. + EXPECT_EQ(SECSuccess, + SSL_OptionSetDefault(SSL_RECORD_SIZE_LIMIT, default_)); + } + + private: + PRIntn default_ = 0; +}; + +TEST_F(RecordSizeDefaultsTest, RecordSizeBadValues) { + EXPECT_EQ(SECFailure, SSL_OptionSetDefault(SSL_RECORD_SIZE_LIMIT, 63)); + EXPECT_EQ(SECFailure, SSL_OptionSetDefault(SSL_RECORD_SIZE_LIMIT, -1)); + EXPECT_EQ(SECFailure, SSL_OptionSetDefault(SSL_RECORD_SIZE_LIMIT, 16386)); +} + +TEST_F(RecordSizeDefaultsTest, RecordSizeGetValue) { + int v; + EXPECT_EQ(SECSuccess, SSL_OptionGetDefault(SSL_RECORD_SIZE_LIMIT, &v)); + EXPECT_EQ(16385, v); + EXPECT_EQ(SECSuccess, SSL_OptionSetDefault(SSL_RECORD_SIZE_LIMIT, 3000)); + EXPECT_EQ(SECSuccess, SSL_OptionGetDefault(SSL_RECORD_SIZE_LIMIT, &v)); + EXPECT_EQ(3000, v); +} + +} // namespace nss_test diff --git a/security/nss/gtests/ssl_gtest/ssl_resumption_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_resumption_unittest.cc index eb78c05851..2cc98a3278 100644 --- a/security/nss/gtests/ssl_gtest/ssl_resumption_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_resumption_unittest.cc @@ -484,10 +484,8 @@ TEST_P(TlsConnectStream, TestResumptionOverrideCipher) { class SelectedVersionReplacer : public TlsHandshakeFilter { public: - SelectedVersionReplacer(const std::shared_ptr<TlsAgent>& agent, - uint16_t version) - : TlsHandshakeFilter(agent, {kTlsHandshakeServerHello}), - version_(version) {} + SelectedVersionReplacer(const std::shared_ptr<TlsAgent>& a, uint16_t version) + : TlsHandshakeFilter(a, {kTlsHandshakeServerHello}), version_(version) {} protected: PacketFilter::Action FilterHandshake(const HandshakeHeader& header, diff --git a/security/nss/gtests/ssl_gtest/ssl_skip_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_skip_unittest.cc index e4a9e5aed7..9ef19653bc 100644 --- a/security/nss/gtests/ssl_gtest/ssl_skip_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_skip_unittest.cc @@ -22,11 +22,9 @@ namespace nss_test { class TlsHandshakeSkipFilter : public TlsRecordFilter { public: // A TLS record filter that skips handshake messages of the identified type. - TlsHandshakeSkipFilter(const std::shared_ptr<TlsAgent>& agent, + TlsHandshakeSkipFilter(const std::shared_ptr<TlsAgent>& a, uint8_t handshake_type) - : TlsRecordFilter(agent), - handshake_type_(handshake_type), - skipped_(false) {} + : TlsRecordFilter(a), handshake_type_(handshake_type), skipped_(false) {} protected: // Takes a record; if it is a handshake record, it removes the first handshake diff --git a/security/nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc index e5fccc12b6..ff4091b9a3 100644 --- a/security/nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc @@ -21,6 +21,7 @@ extern "C" { #include "tls_connect.h" #include "tls_filter.h" #include "tls_parser.h" +#include "rsa8193.h" namespace nss_test { @@ -100,4 +101,39 @@ TEST_P(TlsConnectStreamPre13, Connect(); } +// Replace the server certificate with one that uses 8193-bit RSA. +class TooLargeRSACertFilter : public TlsHandshakeFilter { + public: + TooLargeRSACertFilter(const std::shared_ptr<TlsAgent> &server) + : TlsHandshakeFilter(server, {kTlsHandshakeCertificate}) {} + + protected: + virtual PacketFilter::Action FilterHandshake(const HandshakeHeader &header, + const DataBuffer &input, + DataBuffer *output) { + const uint32_t cert_len = sizeof(rsa8193); + const uint32_t outer_len = cert_len + 3; + size_t offset = 0; + offset = output->Write(offset, outer_len, 3); + offset = output->Write(offset, cert_len, 3); + offset = output->Write(offset, rsa8193, cert_len); + + return CHANGE; + } +}; + +TEST_P(TlsConnectGenericPre13, TooLargeRSAKeyInCert) { + EnableOnlyStaticRsaCiphers(); + MakeTlsFilter<TooLargeRSACertFilter>(server_); + ConnectExpectAlert(client_, kTlsAlertIllegalParameter); + client_->CheckErrorCode(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE); + server_->CheckErrorCode(SSL_ERROR_ILLEGAL_PARAMETER_ALERT); +} + +TEST_P(TlsConnectGeneric, ServerAuthBiggestRsa) { + Reset(TlsAgent::kRsa8192); + Connect(); + CheckKeys(); +} + } // namespace nss_test diff --git a/security/nss/gtests/ssl_gtest/ssl_tls13compat_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_tls13compat_unittest.cc index f5ccf096b8..42f1065f6e 100644 --- a/security/nss/gtests/ssl_gtest/ssl_tls13compat_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_tls13compat_unittest.cc @@ -214,6 +214,98 @@ TEST_F(Tls13CompatTest, EnabledHrrZeroRtt) { CheckForCompatHandshake(); } +class TlsSessionIDEchoFilter : public TlsHandshakeFilter { + public: + TlsSessionIDEchoFilter(const std::shared_ptr<TlsAgent>& a) + : TlsHandshakeFilter( + a, {kTlsHandshakeClientHello, kTlsHandshakeServerHello}) {} + + protected: + virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header, + const DataBuffer& input, + DataBuffer* output) { + TlsParser parser(input); + + // Skip version + random. + EXPECT_TRUE(parser.Skip(2 + 32)); + + // Capture CH.legacy_session_id. + if (header.handshake_type() == kTlsHandshakeClientHello) { + EXPECT_TRUE(parser.ReadVariable(&sid_, 1)); + return KEEP; + } + + // Check that server sends one too. + uint32_t sid_len = 0; + EXPECT_TRUE(parser.Read(&sid_len, 1)); + EXPECT_EQ(sid_len, sid_.len()); + + // Echo the one we captured. + *output = input; + output->Write(parser.consumed(), sid_.data(), sid_.len()); + + return CHANGE; + } + + private: + DataBuffer sid_; +}; + +TEST_F(TlsConnectTest, EchoTLS13CompatibilitySessionID) { + ConfigureSessionCache(RESUME_SESSIONID, RESUME_SESSIONID); + + client_->SetOption(SSL_ENABLE_TLS13_COMPAT_MODE, PR_TRUE); + + client_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_2, + SSL_LIBRARY_VERSION_TLS_1_3); + + server_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_2, + SSL_LIBRARY_VERSION_TLS_1_2); + + server_->SetFilter(MakeTlsFilter<TlsSessionIDEchoFilter>(client_)); + ConnectExpectAlert(client_, kTlsAlertIllegalParameter); + + client_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_SERVER_HELLO); + server_->CheckErrorCode(SSL_ERROR_ILLEGAL_PARAMETER_ALERT); +} + +class TlsSessionIDInjectFilter : public TlsHandshakeFilter { + public: + TlsSessionIDInjectFilter(const std::shared_ptr<TlsAgent>& a) + : TlsHandshakeFilter(a, {kTlsHandshakeServerHello}) {} + + protected: + virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header, + const DataBuffer& input, + DataBuffer* output) { + TlsParser parser(input); + + // Skip version + random. + EXPECT_TRUE(parser.Skip(2 + 32)); + + *output = input; + + // Inject a Session ID. + const uint8_t fake_sid[SSL3_SESSIONID_BYTES] = {0xff}; + output->Write(parser.consumed(), sizeof(fake_sid), 1); + output->Splice(fake_sid, sizeof(fake_sid), parser.consumed() + 1, 0); + + return CHANGE; + } +}; + +TEST_F(TlsConnectTest, TLS13NonCompatModeSessionID) { + ConfigureVersion(SSL_LIBRARY_VERSION_TLS_1_3); + + MakeTlsFilter<TlsSessionIDInjectFilter>(server_); + client_->ExpectSendAlert(kTlsAlertIllegalParameter); + server_->ExpectSendAlert(kTlsAlertBadRecordMac); + ConnectExpectFail(); + + client_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_SERVER_HELLO); + server_->CheckErrorCode(SSL_ERROR_BAD_MAC_READ); +} + static const uint8_t kCannedCcs[] = { kTlsChangeCipherSpecType, SSL_LIBRARY_VERSION_TLS_1_2 >> 8, diff --git a/security/nss/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc index 7f3c4a8964..09d7801e9a 100644 --- a/security/nss/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc @@ -50,12 +50,12 @@ inline std::ostream& operator<<(std::ostream& stream, class VersionRangeWithLabel { public: - VersionRangeWithLabel(const std::string& label, const SSLVersionRange& vr) - : label_(label), vr_(vr) {} - VersionRangeWithLabel(const std::string& label, uint16_t min, uint16_t max) - : label_(label) { - vr_.min = min; - vr_.max = max; + VersionRangeWithLabel(const std::string& txt, const SSLVersionRange& vr) + : label_(txt), vr_(vr) {} + VersionRangeWithLabel(const std::string& txt, uint16_t start, uint16_t end) + : label_(txt) { + vr_.min = start; + vr_.max = end; } VersionRangeWithLabel(const std::string& label) : label_(label) { vr_.min = vr_.max = SSL_LIBRARY_VERSION_NONE; diff --git a/security/nss/gtests/ssl_gtest/test_io.cc b/security/nss/gtests/ssl_gtest/test_io.cc index 7282178515..d76b3526c6 100644 --- a/security/nss/gtests/ssl_gtest/test_io.cc +++ b/security/nss/gtests/ssl_gtest/test_io.cc @@ -99,8 +99,8 @@ int32_t DummyPrSocket::Write(PRFileDesc *f, const void *buf, int32_t length) { return -1; } - auto peer = peer_.lock(); - if (!peer) { + auto dst = peer_.lock(); + if (!dst) { PR_SetError(PR_IO_ERROR, 0); return -1; } @@ -116,14 +116,14 @@ int32_t DummyPrSocket::Write(PRFileDesc *f, const void *buf, int32_t length) { case PacketFilter::CHANGE: LOG("Original packet: " << packet); LOG("Filtered packet: " << filtered); - peer->PacketReceived(filtered); + dst->PacketReceived(filtered); break; case PacketFilter::DROP: LOG("Droppped packet: " << packet); break; case PacketFilter::KEEP: LOGV("Packet: " << packet); - peer->PacketReceived(packet); + dst->PacketReceived(packet); break; } // libssl can't handle it if this reports something other than the length diff --git a/security/nss/gtests/ssl_gtest/test_io.h b/security/nss/gtests/ssl_gtest/test_io.h index dbeb6b9d4c..8327373ce5 100644 --- a/security/nss/gtests/ssl_gtest/test_io.h +++ b/security/nss/gtests/ssl_gtest/test_io.h @@ -59,9 +59,9 @@ class PacketFilter { class DummyPrSocket : public DummyIOLayerMethods { public: - DummyPrSocket(const std::string& name, SSLProtocolVariant variant) + DummyPrSocket(const std::string& name, SSLProtocolVariant var) : name_(name), - variant_(variant), + variant_(var), peer_(), input_(), filter_(nullptr), @@ -73,7 +73,7 @@ class DummyPrSocket : public DummyIOLayerMethods { ScopedPRFileDesc CreateFD(); std::weak_ptr<DummyPrSocket>& peer() { return peer_; } - void SetPeer(const std::shared_ptr<DummyPrSocket>& peer) { peer_ = peer; } + void SetPeer(const std::shared_ptr<DummyPrSocket>& p) { peer_ = p; } void SetPacketFilter(const std::shared_ptr<PacketFilter>& filter) { filter_ = filter; } diff --git a/security/nss/gtests/ssl_gtest/tls_agent.cc b/security/nss/gtests/ssl_gtest/tls_agent.cc index 2f71caedb0..9bed1ce1b7 100644 --- a/security/nss/gtests/ssl_gtest/tls_agent.cc +++ b/security/nss/gtests/ssl_gtest/tls_agent.cc @@ -33,6 +33,7 @@ const char* TlsAgent::states[] = {"INIT", "CONNECTING", "CONNECTED", "ERROR"}; const std::string TlsAgent::kClient = "client"; // both sign and encrypt const std::string TlsAgent::kRsa2048 = "rsa2048"; // bigger +const std::string TlsAgent::kRsa8192 = "rsa8192"; // biggest allowed const std::string TlsAgent::kServerRsa = "rsa"; // both sign and encrypt const std::string TlsAgent::kServerRsaSign = "rsa_sign"; const std::string TlsAgent::kServerRsaPss = "rsa_pss"; @@ -44,13 +45,22 @@ const std::string TlsAgent::kServerEcdhRsa = "ecdh_rsa"; const std::string TlsAgent::kServerEcdhEcdsa = "ecdh_ecdsa"; const std::string TlsAgent::kServerDsa = "dsa"; -TlsAgent::TlsAgent(const std::string& name, Role role, - SSLProtocolVariant variant) - : name_(name), - variant_(variant), - role_(role), +static const uint8_t kCannedTls13ServerHello[] = { + 0x03, 0x03, 0x9c, 0xbc, 0x14, 0x9b, 0x0e, 0x2e, 0xfa, 0x0d, 0xf3, + 0xf0, 0x5c, 0x70, 0x7a, 0xe0, 0xd1, 0x9b, 0x3e, 0x5a, 0x44, 0x6b, + 0xdf, 0xe5, 0xc2, 0x28, 0x64, 0xf7, 0x00, 0xc1, 0x9c, 0x08, 0x76, + 0x08, 0x00, 0x13, 0x01, 0x00, 0x00, 0x2e, 0x00, 0x33, 0x00, 0x24, + 0x00, 0x1d, 0x00, 0x20, 0xc2, 0xcf, 0x23, 0x17, 0x64, 0x23, 0x03, + 0xf0, 0xfb, 0x45, 0x98, 0x26, 0xd1, 0x65, 0x24, 0xa1, 0x6c, 0xa9, + 0x80, 0x8f, 0x2c, 0xac, 0x0a, 0xea, 0x53, 0x3a, 0xcb, 0xe3, 0x08, + 0x84, 0xae, 0x19, 0x00, 0x2b, 0x00, 0x02, 0x7f, kD13}; + +TlsAgent::TlsAgent(const std::string& nm, Role rl, SSLProtocolVariant var) + : name_(nm), + variant_(var), + role_(rl), server_key_bits_(0), - adapter_(new DummyPrSocket(role_str(), variant)), + adapter_(new DummyPrSocket(role_str(), var)), ssl_fd_(nullptr), state_(STATE_INIT), timer_handle_(nullptr), @@ -103,11 +113,11 @@ TlsAgent::~TlsAgent() { } } -void TlsAgent::SetState(State state) { - if (state_ == state) return; +void TlsAgent::SetState(State s) { + if (state_ == s) return; - LOG("Changing state from " << state_ << " to " << state); - state_ = state; + LOG("Changing state from " << state_ << " to " << s); + state_ = s; } /*static*/ bool TlsAgent::LoadCertificate(const std::string& name, @@ -124,11 +134,11 @@ void TlsAgent::SetState(State state) { return true; } -bool TlsAgent::ConfigServerCert(const std::string& name, bool updateKeyBits, +bool TlsAgent::ConfigServerCert(const std::string& id, bool updateKeyBits, const SSLExtraServerCertData* serverCertData) { ScopedCERTCertificate cert; ScopedSECKEYPrivateKey priv; - if (!TlsAgent::LoadCertificate(name, &cert, &priv)) { + if (!TlsAgent::LoadCertificate(id, &cert, &priv)) { return false; } @@ -175,6 +185,10 @@ bool TlsAgent::EnsureTlsSetup(PRFileDesc* modelSocket) { if (rv != SECSuccess) return false; } + ScopedCERTCertList anchors(CERT_NewCertList()); + rv = SSL_SetTrustAnchors(ssl_fd(), anchors.get()); + if (rv != SECSuccess) return false; + if (role_ == SERVER) { EXPECT_TRUE(ConfigServerCert(name_, true)); @@ -182,10 +196,6 @@ bool TlsAgent::EnsureTlsSetup(PRFileDesc* modelSocket) { EXPECT_EQ(SECSuccess, rv); if (rv != SECSuccess) return false; - ScopedCERTCertList anchors(CERT_NewCertList()); - rv = SSL_SetTrustAnchors(ssl_fd(), anchors.get()); - if (rv != SECSuccess) return false; - rv = SSL_SetMaxEarlyDataSize(ssl_fd(), 1024); EXPECT_EQ(SECSuccess, rv); if (rv != SECSuccess) return false; @@ -246,6 +256,17 @@ void TlsAgent::SetupClientAuth() { reinterpret_cast<void*>(this))); } +void CheckCertReqAgainstDefaultCAs(const CERTDistNames* caNames) { + ScopedCERTDistNames expected(CERT_GetSSLCACerts(nullptr)); + + ASSERT_EQ(expected->nnames, caNames->nnames); + + for (size_t i = 0; i < static_cast<size_t>(expected->nnames); ++i) { + EXPECT_EQ(SECEqual, + SECITEM_CompareItem(&(expected->names[i]), &(caNames->names[i]))); + } +} + SECStatus TlsAgent::GetClientAuthDataHook(void* self, PRFileDesc* fd, CERTDistNames* caNames, CERTCertificate** clientCert, @@ -254,6 +275,9 @@ SECStatus TlsAgent::GetClientAuthDataHook(void* self, PRFileDesc* fd, ScopedCERTCertificate peerCert(SSL_PeerCertificate(agent->ssl_fd())); EXPECT_TRUE(peerCert) << "Client should be able to see the server cert"; + // See bug 1457716 + // CheckCertReqAgainstDefaultCAs(caNames); + ScopedCERTCertificate cert; ScopedSECKEYPrivateKey priv; if (!TlsAgent::LoadCertificate(agent->name(), &cert, &priv)) { @@ -282,8 +306,8 @@ bool TlsAgent::GetPeerChainLength(size_t* count) { return true; } -void TlsAgent::CheckCipherSuite(uint16_t cipher_suite) { - EXPECT_EQ(csinfo_.cipherSuite, cipher_suite); +void TlsAgent::CheckCipherSuite(uint16_t suite) { + EXPECT_EQ(csinfo_.cipherSuite, suite); } void TlsAgent::RequestClientAuth(bool requireAuth) { @@ -442,9 +466,7 @@ void TlsAgent::GetVersionRange(uint16_t* minver, uint16_t* maxver) { *maxver = vrange_.max; } -void TlsAgent::SetExpectedVersion(uint16_t version) { - expected_version_ = version; -} +void TlsAgent::SetExpectedVersion(uint16_t ver) { expected_version_ = ver; } void TlsAgent::SetServerKeyBits(uint16_t bits) { server_key_bits_ = bits; } @@ -491,10 +513,10 @@ void TlsAgent::SetSignatureSchemes(const SSLSignatureScheme* schemes, EXPECT_EQ(i, configuredCount) << "schemes in use were all set"; } -void TlsAgent::CheckKEA(SSLKEAType kea_type, SSLNamedGroup kea_group, +void TlsAgent::CheckKEA(SSLKEAType kea, SSLNamedGroup kea_group, size_t kea_size) const { EXPECT_EQ(STATE_CONNECTED, state_); - EXPECT_EQ(kea_type, info_.keaType); + EXPECT_EQ(kea, info_.keaType); if (kea_size == 0) { switch (kea_group) { case ssl_grp_ec_curve25519: @@ -515,7 +537,7 @@ void TlsAgent::CheckKEA(SSLKEAType kea_type, SSLNamedGroup kea_group, case ssl_grp_ffdhe_custom: break; default: - if (kea_type == ssl_kea_rsa) { + if (kea == ssl_kea_rsa) { kea_size = server_key_bits_; } else { EXPECT_TRUE(false) << "need to update group sizes"; @@ -534,13 +556,13 @@ void TlsAgent::CheckOriginalKEA(SSLNamedGroup kea_group) const { } } -void TlsAgent::CheckAuthType(SSLAuthType auth_type, +void TlsAgent::CheckAuthType(SSLAuthType auth, SSLSignatureScheme sig_scheme) const { EXPECT_EQ(STATE_CONNECTED, state_); - EXPECT_EQ(auth_type, info_.authType); + EXPECT_EQ(auth, info_.authType); EXPECT_EQ(server_key_bits_, info_.authKeyBits); if (expected_version_ < SSL_LIBRARY_VERSION_TLS_1_2) { - switch (auth_type) { + switch (auth) { case ssl_auth_rsa_sign: sig_scheme = ssl_sig_rsa_pkcs1_sha1md5; break; @@ -558,9 +580,8 @@ void TlsAgent::CheckAuthType(SSLAuthType auth_type, } // Check authAlgorithm, which is the old value for authType. This is a second - // switch - // statement because default label is different. - switch (auth_type) { + // switch statement because default label is different. + switch (auth) { case ssl_auth_rsa_sign: EXPECT_EQ(ssl_auth_rsa_decrypt, csinfo_.authAlgorithm) << "authAlgorithm for RSA is always decrypt"; @@ -574,7 +595,7 @@ void TlsAgent::CheckAuthType(SSLAuthType auth_type, << "authAlgorithm for ECDH_ECDSA is ECDSA (i.e., wrong)"; break; default: - EXPECT_EQ(auth_type, csinfo_.authAlgorithm) + EXPECT_EQ(auth, csinfo_.authAlgorithm) << "authAlgorithm is (usually) the same as authType"; break; } @@ -593,22 +614,20 @@ void TlsAgent::ExpectResumption() { expect_resumption_ = true; } void TlsAgent::EnableAlpn(const uint8_t* val, size_t len) { EXPECT_TRUE(EnsureTlsSetup()); - - SetOption(SSL_ENABLE_ALPN, PR_TRUE); EXPECT_EQ(SECSuccess, SSL_SetNextProtoNego(ssl_fd(), val, len)); } void TlsAgent::CheckAlpn(SSLNextProtoState expected_state, const std::string& expected) const { - SSLNextProtoState state; + SSLNextProtoState alpn_state; char chosen[10]; unsigned int chosen_len; - SECStatus rv = SSL_GetNextProto(ssl_fd(), &state, + SECStatus rv = SSL_GetNextProto(ssl_fd(), &alpn_state, reinterpret_cast<unsigned char*>(chosen), &chosen_len, sizeof(chosen)); EXPECT_EQ(SECSuccess, rv); - EXPECT_EQ(expected_state, state); - if (state == SSL_NEXT_PROTO_NO_SUPPORT) { + EXPECT_EQ(expected_state, alpn_state); + if (alpn_state == SSL_NEXT_PROTO_NO_SUPPORT) { EXPECT_EQ("", expected); } else { EXPECT_NE("", expected); @@ -840,10 +859,10 @@ void TlsAgent::CheckSecretsDestroyed() { ASSERT_EQ(PR_TRUE, SSLInt_CheckSecretsDestroyed(ssl_fd())); } -void TlsAgent::SetDowngradeCheckVersion(uint16_t version) { +void TlsAgent::SetDowngradeCheckVersion(uint16_t ver) { ASSERT_TRUE(EnsureTlsSetup()); - SECStatus rv = SSL_SetDowngradeCheckVersion(ssl_fd(), version); + SECStatus rv = SSL_SetDowngradeCheckVersion(ssl_fd(), ver); ASSERT_EQ(SECSuccess, rv); } @@ -920,9 +939,9 @@ static bool ErrorIsNonFatal(PRErrorCode code) { } void TlsAgent::SendData(size_t bytes, size_t blocksize) { - uint8_t block[4096]; + uint8_t block[16385]; // One larger than the maximum record size. - ASSERT_LT(blocksize, sizeof(block)); + ASSERT_LE(blocksize, sizeof(block)); while (bytes) { size_t tosend = std::min(blocksize, bytes); @@ -951,12 +970,13 @@ void TlsAgent::SendBuffer(const DataBuffer& buf) { } bool TlsAgent::SendEncryptedRecord(const std::shared_ptr<TlsCipherSpec>& spec, - uint16_t wireVersion, uint64_t seq, - uint8_t ct, const DataBuffer& buf) { - LOGV("Writing " << buf.len() << " bytes"); - // Ensure we are a TLS 1.3 cipher agent. + uint64_t seq, uint8_t ct, + const DataBuffer& buf) { + LOGV("Encrypting " << buf.len() << " bytes"); + // Ensure that we are doing TLS 1.3. EXPECT_GE(expected_version_, SSL_LIBRARY_VERSION_TLS_1_3); - TlsRecordHeader header(wireVersion, kTlsApplicationDataType, seq); + TlsRecordHeader header(variant_, expected_version_, kTlsApplicationDataType, + seq); DataBuffer padded = buf; padded.Write(padded.len(), ct, 1); DataBuffer ciphertext; @@ -1078,15 +1098,20 @@ void TlsAgentTestBase::ProcessMessage(const DataBuffer& buffer, void TlsAgentTestBase::MakeRecord(SSLProtocolVariant variant, uint8_t type, uint16_t version, const uint8_t* buf, size_t len, DataBuffer* out, - uint64_t seq_num) { + uint64_t sequence_number) { size_t index = 0; index = out->Write(index, type, 1); if (variant == ssl_variant_stream) { index = out->Write(index, version, 2); + } else if (version >= SSL_LIBRARY_VERSION_TLS_1_3 && + type == kTlsApplicationDataType) { + uint32_t epoch = (sequence_number >> 48) & 0x3; + uint32_t seqno = sequence_number & ((1ULL << 30) - 1); + index = out->Write(index, (epoch << 30) | seqno, 4); } else { index = out->Write(index, TlsVersionToDtlsVersion(version), 2); - index = out->Write(index, seq_num >> 32, 4); - index = out->Write(index, seq_num & PR_UINT32_MAX, 4); + index = out->Write(index, sequence_number >> 32, 4); + index = out->Write(index, sequence_number & PR_UINT32_MAX, 4); } index = out->Write(index, len, 2); out->Write(index, buf, len); @@ -1144,4 +1169,12 @@ void TlsAgentTestBase::MakeTrivialHandshakeRecord(uint8_t hs_type, } } +DataBuffer TlsAgentTestBase::MakeCannedTls13ServerHello() { + DataBuffer sh(kCannedTls13ServerHello, sizeof(kCannedTls13ServerHello)); + if (variant_ == ssl_variant_datagram) { + sh.Write(0, SSL_LIBRARY_VERSION_DTLS_1_2_WIRE, 2); + } + return sh; +} + } // namespace nss_test diff --git a/security/nss/gtests/ssl_gtest/tls_agent.h b/security/nss/gtests/ssl_gtest/tls_agent.h index 6cd6d5073b..a93d0c6ee5 100644 --- a/security/nss/gtests/ssl_gtest/tls_agent.h +++ b/security/nss/gtests/ssl_gtest/tls_agent.h @@ -10,6 +10,9 @@ #include "prio.h" #include "ssl.h" +// This is an internal header, used to get TLS_1_3_DRAFT_VERSION. +#include "ssl3prot.h" + #include <functional> #include <iostream> @@ -57,6 +60,8 @@ typedef std::function<int32_t(TlsAgent* agent, const SECItem* srvNameArr, PRUint32 srvNameArrSize)> SniCallbackFunction; +static const uint8_t kD13 = TLS_1_3_DRAFT_VERSION; + class TlsAgent : public PollTarget { public: enum Role { CLIENT, SERVER }; @@ -64,6 +69,7 @@ class TlsAgent : public PollTarget { static const std::string kClient; // the client key is sign only static const std::string kRsa2048; // bigger sign and encrypt for either + static const std::string kRsa8192; // biggest sign and encrypt for either static const std::string kServerRsa; // both sign and encrypt static const std::string kServerRsaSign; static const std::string kServerRsaPss; @@ -143,8 +149,7 @@ class TlsAgent : public PollTarget { void SendData(size_t bytes, size_t blocksize = 1024); void SendBuffer(const DataBuffer& buf); bool SendEncryptedRecord(const std::shared_ptr<TlsCipherSpec>& spec, - uint16_t wireVersion, uint64_t seq, uint8_t ct, - const DataBuffer& buf); + uint64_t seq, uint8_t ct, const DataBuffer& buf); // Send data directly to the underlying socket, skipping the TLS layer. void SendDirect(const DataBuffer& buf); void SendRecordDirect(const TlsRecord& record); @@ -209,10 +214,10 @@ class TlsAgent : public PollTarget { return info_.protocolVersion; } - bool cipher_suite(uint16_t* cipher_suite) const { + bool cipher_suite(uint16_t* suite) const { if (state_ != STATE_CONNECTED) return false; - *cipher_suite = info_.cipherSuite; + *suite = info_.cipherSuite; return true; } @@ -227,17 +232,17 @@ class TlsAgent : public PollTarget { info_.sessionID + info_.sessionIDLength); } - bool auth_type(SSLAuthType* auth_type) const { + bool auth_type(SSLAuthType* a) const { if (state_ != STATE_CONNECTED) return false; - *auth_type = info_.authType; + *a = info_.authType; return true; } - bool kea_type(SSLKEAType* kea_type) const { + bool kea_type(SSLKEAType* k) const { if (state_ != STATE_CONNECTED) return false; - *kea_type = info_.keaType; + *k = info_.keaType; return true; } @@ -264,6 +269,8 @@ class TlsAgent : public PollTarget { void ExpectReceiveAlert(uint8_t alert, uint8_t level = 0); void ExpectSendAlert(uint8_t alert, uint8_t level = 0); + std::string alpn_value_to_use_ = ""; + private: const static char* states[]; @@ -443,6 +450,7 @@ class TlsAgentTestBase : public ::testing::Test { size_t hs_len, DataBuffer* out, uint64_t seq_num, uint32_t fragment_offset, uint32_t fragment_length) const; + DataBuffer MakeCannedTls13ServerHello(); static void MakeTrivialHandshakeRecord(uint8_t hs_type, size_t hs_len, DataBuffer* out); static inline TlsAgent::Role ToRole(const std::string& str) { diff --git a/security/nss/gtests/ssl_gtest/tls_connect.cc b/security/nss/gtests/ssl_gtest/tls_connect.cc index 8567b392fd..68f6d21e9c 100644 --- a/security/nss/gtests/ssl_gtest/tls_connect.cc +++ b/security/nss/gtests/ssl_gtest/tls_connect.cc @@ -571,14 +571,57 @@ void TlsConnectTestBase::CheckResumption(SessionResumptionMode expected) { } } +static SECStatus NextProtoCallbackServer(void* arg, PRFileDesc* fd, + const unsigned char* protos, + unsigned int protos_len, + unsigned char* protoOut, + unsigned int* protoOutLen, + unsigned int protoMaxLen) { + EXPECT_EQ(protoMaxLen, 255U); + TlsAgent* agent = reinterpret_cast<TlsAgent*>(arg); + // Check that agent->alpn_value_to_use_ is in protos. + if (protos_len < 1) { + return SECFailure; + } + for (size_t i = 0; i < protos_len;) { + size_t l = protos[i]; + EXPECT_LT(i + l, protos_len); + if (i + l >= protos_len) { + return SECFailure; + } + std::string protos_s(reinterpret_cast<const char*>(protos + i + 1), l); + if (protos_s == agent->alpn_value_to_use_) { + size_t s_len = agent->alpn_value_to_use_.size(); + EXPECT_LE(s_len, 255U); + memcpy(protoOut, &agent->alpn_value_to_use_[0], s_len); + *protoOutLen = s_len; + return SECSuccess; + } + i += l + 1; + } + return SECFailure; +} + void TlsConnectTestBase::EnableAlpn() { client_->EnableAlpn(alpn_dummy_val_, sizeof(alpn_dummy_val_)); server_->EnableAlpn(alpn_dummy_val_, sizeof(alpn_dummy_val_)); } -void TlsConnectTestBase::EnableAlpn(const uint8_t* val, size_t len) { - client_->EnableAlpn(val, len); - server_->EnableAlpn(val, len); +void TlsConnectTestBase::EnableAlpnWithCallback( + const std::vector<uint8_t>& client_vals, std::string server_choice) { + EnsureTlsSetup(); + server_->alpn_value_to_use_ = server_choice; + EXPECT_EQ(SECSuccess, + SSL_SetNextProtoNego(client_->ssl_fd(), client_vals.data(), + client_vals.size())); + SECStatus rv = SSL_SetNextProtoCallback( + server_->ssl_fd(), NextProtoCallbackServer, server_.get()); + EXPECT_EQ(SECSuccess, rv); +} + +void TlsConnectTestBase::EnableAlpn(const std::vector<uint8_t>& vals) { + client_->EnableAlpn(vals.data(), vals.size()); + server_->EnableAlpn(vals.data(), vals.size()); } void TlsConnectTestBase::EnsureModelSockets() { diff --git a/security/nss/gtests/ssl_gtest/tls_connect.h b/security/nss/gtests/ssl_gtest/tls_connect.h index 7dffe7f8aa..0004945011 100644 --- a/security/nss/gtests/ssl_gtest/tls_connect.h +++ b/security/nss/gtests/ssl_gtest/tls_connect.h @@ -110,7 +110,9 @@ class TlsConnectTestBase : public ::testing::Test { void ConfigureSessionCache(SessionResumptionMode client, SessionResumptionMode server); void EnableAlpn(); - void EnableAlpn(const uint8_t* val, size_t len); + void EnableAlpnWithCallback(const std::vector<uint8_t>& client, + std::string server_choice); + void EnableAlpn(const std::vector<uint8_t>& vals); void EnsureModelSockets(); void CheckAlpn(const std::string& val); void EnableSrtp(); diff --git a/security/nss/gtests/ssl_gtest/tls_filter.cc b/security/nss/gtests/ssl_gtest/tls_filter.cc index d34b13bcb5..aa03cba70b 100644 --- a/security/nss/gtests/ssl_gtest/tls_filter.cc +++ b/security/nss/gtests/ssl_gtest/tls_filter.cc @@ -30,11 +30,9 @@ void TlsVersioned::WriteStream(std::ostream& stream) const { case SSL_LIBRARY_VERSION_TLS_1_0: stream << "1.0"; break; - case SSL_LIBRARY_VERSION_DTLS_1_0_WIRE: case SSL_LIBRARY_VERSION_TLS_1_1: stream << (is_dtls() ? "1.0" : "1.1"); break; - case SSL_LIBRARY_VERSION_DTLS_1_2_WIRE: case SSL_LIBRARY_VERSION_TLS_1_2: stream << "1.2"; break; @@ -67,8 +65,14 @@ void TlsRecordFilter::CipherSpecChanged(void* arg, PRBool sending, return; } - self->in_sequence_number_ = 0; - self->out_sequence_number_ = 0; + uint64_t seq_no; + if (self->agent()->variant() == ssl_variant_datagram) { + seq_no = static_cast<uint64_t>(SSLInt_CipherSpecToEpoch(newSpec)) << 48; + } else { + seq_no = 0; + } + self->in_sequence_number_ = seq_no; + self->out_sequence_number_ = seq_no; self->dropped_record_ = false; self->cipher_spec_.reset(new TlsCipherSpec()); bool ret = self->cipher_spec_->Init( @@ -77,33 +81,59 @@ void TlsRecordFilter::CipherSpecChanged(void* arg, PRBool sending, EXPECT_EQ(true, ret); } +bool TlsRecordFilter::is_dtls13() const { + if (agent()->variant() != ssl_variant_datagram) { + return false; + } + if (agent()->state() == TlsAgent::STATE_CONNECTED) { + return agent()->version() >= SSL_LIBRARY_VERSION_TLS_1_3; + } + SSLPreliminaryChannelInfo info; + EXPECT_EQ(SECSuccess, SSL_GetPreliminaryChannelInfo(agent()->ssl_fd(), &info, + sizeof(info))); + return (info.protocolVersion >= SSL_LIBRARY_VERSION_TLS_1_3) || + info.canSendEarlyData; +} + PacketFilter::Action TlsRecordFilter::Filter(const DataBuffer& input, DataBuffer* output) { + // Disable during shutdown. + if (!agent()) { + return KEEP; + } + bool changed = false; size_t offset = 0U; - output->Allocate(input.len()); + output->Allocate(input.len()); TlsParser parser(input); while (parser.remaining()) { TlsRecordHeader header; DataBuffer record; - if (!header.Parse(in_sequence_number_, &parser, &record)) { + if (!header.Parse(is_dtls13(), in_sequence_number_, &parser, &record)) { ADD_FAILURE() << "not a valid record"; return KEEP; } - // Track the sequence number, which is necessary for stream mode (the - // sequence number is in the header for datagram). + // Track the sequence number, which is necessary for stream mode when + // decrypting and for TLS 1.3 datagram to recover the sequence number. + // + // We reset the counter when the cipher spec changes, but that notification + // appears before a record is sent. If multiple records are sent with + // different cipher specs, this would fail. This filters out cleartext + // records, so we don't get confused by handshake messages that are sent at + // the same time as encrypted records. Sequence numbers are therefore + // likely to be incorrect for cleartext records. // - // This isn't perfectly robust. If there is a change from an active cipher + // This isn't perfectly robust: if there is a change from an active cipher // spec to another active cipher spec (KeyUpdate for instance) AND writes - // are consolidated across that change AND packets were dropped from the - // older epoch, we will not correctly re-encrypt records in the old epoch to - // update their sequence numbers. - if (cipher_spec_ && header.content_type() == kTlsApplicationDataType) { - ++in_sequence_number_; + // are consolidated across that change, this code could use the wrong + // sequence numbers when re-encrypting records with the old keys. + if (header.content_type() == kTlsApplicationDataType) { + in_sequence_number_ = + (std::max)(in_sequence_number_, header.sequence_number() + 1); } if (FilterRecord(header, record, &offset, output) != KEEP) { @@ -131,11 +161,14 @@ PacketFilter::Action TlsRecordFilter::FilterRecord( DataBuffer plaintext; if (!Unprotect(header, record, &inner_content_type, &plaintext)) { + if (g_ssl_gtest_verbose) { + std::cerr << "unprotect failed: " << header << ":" << record << std::endl; + } return KEEP; } - TlsRecordHeader real_header = {header.version(), inner_content_type, - header.sequence_number()}; + TlsRecordHeader real_header(header.variant(), header.version(), + inner_content_type, header.sequence_number()); PacketFilter::Action action = FilterRecord(real_header, plaintext, &filtered); // In stream mode, even if something doesn't change we need to re-encrypt if @@ -166,8 +199,8 @@ PacketFilter::Action TlsRecordFilter::FilterRecord( } else { seq_num = out_sequence_number_++; } - TlsRecordHeader out_header = {header.version(), header.content_type(), - seq_num}; + TlsRecordHeader out_header(header.variant(), header.version(), + header.content_type(), seq_num); DataBuffer ciphertext; bool rv = Protect(out_header, inner_content_type, filtered, &ciphertext); @@ -179,20 +212,119 @@ PacketFilter::Action TlsRecordFilter::FilterRecord( return CHANGE; } -bool TlsRecordHeader::Parse(uint64_t sequence_number, TlsParser* parser, +size_t TlsRecordHeader::header_length() const { + // If we have a header, return it's length. + if (header_.len()) { + return header_.len(); + } + + // Otherwise make a dummy header and return the length. + DataBuffer buf; + return WriteHeader(&buf, 0, 0); +} + +uint64_t TlsRecordHeader::RecoverSequenceNumber(uint64_t expected, + uint32_t partial, + size_t partial_bits) { + EXPECT_GE(32U, partial_bits); + uint64_t mask = (1 << partial_bits) - 1; + // First we determine the highest possible value. This is half the + // expressible range above the expected value. + uint64_t cap = expected + (1ULL << (partial_bits - 1)); + // Add the partial piece in. e.g., xxxx789a and 1234 becomes xxxx1234. + uint64_t seq_no = (cap & ~mask) | partial; + // If the partial value is higher than the same partial piece from the cap, + // then the real value has to be lower. e.g., xxxx1234 can't become xxxx5678. + if (partial > (cap & mask)) { + seq_no -= 1ULL << partial_bits; + } + return seq_no; +} + +// Determine the full epoch and sequence number from an expected and raw value. +// The expected and output values are packed as they are in DTLS 1.2 and +// earlier: with 16 bits of epoch and 48 bits of sequence number. +uint64_t TlsRecordHeader::ParseSequenceNumber(uint64_t expected, uint32_t raw, + size_t seq_no_bits, + size_t epoch_bits) { + uint64_t epoch_mask = (1ULL << epoch_bits) - 1; + uint64_t epoch = RecoverSequenceNumber( + expected >> 48, (raw >> seq_no_bits) & epoch_mask, epoch_bits); + if (epoch > (expected >> 48)) { + // If the epoch has changed, reset the expected sequence number. + expected = 0; + } else { + // Otherwise, retain just the sequence number part. + expected &= (1ULL << 48) - 1; + } + uint64_t seq_no_mask = (1ULL << seq_no_bits) - 1; + uint64_t seq_no = + RecoverSequenceNumber(expected, raw & seq_no_mask, seq_no_bits); + return (epoch << 48) | seq_no; +} + +bool TlsRecordHeader::Parse(bool is_dtls13, uint64_t seqno, TlsParser* parser, DataBuffer* body) { + auto mark = parser->consumed(); + if (!parser->Read(&content_type_)) { return false; } - uint32_t version; - if (!parser->Read(&version, 2)) { + if (is_dtls13) { + variant_ = ssl_variant_datagram; + version_ = SSL_LIBRARY_VERSION_TLS_1_3; + +#ifndef UNSAFE_FUZZER_MODE + // Deal with the 7 octet header. + if (content_type_ == kTlsApplicationDataType) { + uint32_t tmp; + if (!parser->Read(&tmp, 4)) { + return false; + } + sequence_number_ = ParseSequenceNumber(seqno, tmp, 30, 2); + if (!parser->ReadFromMark(&header_, parser->consumed() + 2 - mark, + mark)) { + return false; + } + return parser->ReadVariable(body, 2); + } + + // The short, 2 octet header. + if ((content_type_ & 0xe0) == 0x20) { + uint32_t tmp; + if (!parser->Read(&tmp, 1)) { + return false; + } + // Need to use the low 5 bits of the first octet too. + tmp |= (content_type_ & 0x1f) << 8; + content_type_ = kTlsApplicationDataType; + sequence_number_ = ParseSequenceNumber(seqno, tmp, 12, 1); + + if (!parser->ReadFromMark(&header_, parser->consumed() - mark, mark)) { + return false; + } + return parser->Read(body, parser->remaining()); + } + + // The full 13 octet header can only be used for a few types. + EXPECT_TRUE(content_type_ == kTlsAlertType || + content_type_ == kTlsHandshakeType || + content_type_ == kTlsAckType); +#endif + } + + uint32_t ver; + if (!parser->Read(&ver, 2)) { return false; } - version_ = version; + if (!is_dtls13) { + variant_ = IsDtls(ver) ? ssl_variant_datagram : ssl_variant_stream; + } + version_ = NormalizeTlsVersion(ver); - // If this is DTLS, overwrite the sequence number. - if (IsDtls(version)) { + if (is_dtls()) { + // If this is DTLS, read the sequence number. uint32_t tmp; if (!parser->Read(&tmp, 4)) { return false; @@ -203,21 +335,40 @@ bool TlsRecordHeader::Parse(uint64_t sequence_number, TlsParser* parser, } sequence_number_ |= static_cast<uint64_t>(tmp); } else { - sequence_number_ = sequence_number; + sequence_number_ = seqno; + } + if (!parser->ReadFromMark(&header_, parser->consumed() + 2 - mark, mark)) { + return false; } return parser->ReadVariable(body, 2); } -size_t TlsRecordHeader::Write(DataBuffer* buffer, size_t offset, - const DataBuffer& body) const { +size_t TlsRecordHeader::WriteHeader(DataBuffer* buffer, size_t offset, + size_t body_len) const { offset = buffer->Write(offset, content_type_, 1); - offset = buffer->Write(offset, version_, 2); - if (is_dtls()) { - // write epoch (2 octet), and seqnum (6 octet) - offset = buffer->Write(offset, sequence_number_ >> 32, 4); - offset = buffer->Write(offset, sequence_number_ & 0xffffffff, 4); + if (is_dtls() && version_ >= SSL_LIBRARY_VERSION_TLS_1_3 && + content_type() == kTlsApplicationDataType) { + // application_data records in TLS 1.3 have a different header format. + // Always use the long header here for simplicity. + uint32_t e = (sequence_number_ >> 48) & 0x3; + uint32_t seqno = sequence_number_ & ((1ULL << 30) - 1); + offset = buffer->Write(offset, (e << 30) | seqno, 4); + } else { + uint16_t v = is_dtls() ? TlsVersionToDtlsVersion(version_) : version_; + offset = buffer->Write(offset, v, 2); + if (is_dtls()) { + // write epoch (2 octet), and seqnum (6 octet) + offset = buffer->Write(offset, sequence_number_ >> 32, 4); + offset = buffer->Write(offset, sequence_number_ & 0xffffffff, 4); + } } - offset = buffer->Write(offset, body.len(), 2); + offset = buffer->Write(offset, body_len, 2); + return offset; +} + +size_t TlsRecordHeader::Write(DataBuffer* buffer, size_t offset, + const DataBuffer& body) const { + offset = WriteHeader(buffer, offset, body.len()); offset = buffer->Write(offset, body); return offset; } @@ -259,7 +410,7 @@ bool TlsRecordFilter::Unprotect(const TlsRecordHeader& header, bool TlsRecordFilter::Protect(const TlsRecordHeader& header, uint8_t inner_content_type, const DataBuffer& plaintext, - DataBuffer* ciphertext) { + DataBuffer* ciphertext, size_t padding) { if (!cipher_spec_ || header.content_type() != kTlsApplicationDataType) { *ciphertext = plaintext; return true; @@ -267,8 +418,10 @@ bool TlsRecordFilter::Protect(const TlsRecordHeader& header, if (g_ssl_gtest_verbose) { std::cerr << "protect: " << header.sequence_number() << std::endl; } - DataBuffer padded = plaintext; - padded.Write(padded.len(), inner_content_type, 1); + DataBuffer padded; + padded.Allocate(plaintext.len() + 1 + padding); + size_t offset = padded.Write(0, plaintext.data(), plaintext.len()); + padded.Write(offset, inner_content_type, 1); return cipher_spec_->Protect(header, padded, ciphertext); } @@ -406,6 +559,7 @@ bool TlsHandshakeFilter::HandshakeHeader::Parse( const DataBuffer& preceding_fragment, DataBuffer* body, bool* complete) { *complete = false; + variant_ = record_header.variant(); version_ = record_header.version(); if (!parser->Read(&handshake_type_)) { return false; // malformed @@ -487,10 +641,10 @@ PacketFilter::Action TlsConversationRecorder::FilterRecord( return KEEP; } -PacketFilter::Action TlsHeaderRecorder::FilterRecord( - const TlsRecordHeader& header, const DataBuffer& input, - DataBuffer* output) { - headers_.push_back(header); +PacketFilter::Action TlsHeaderRecorder::FilterRecord(const TlsRecordHeader& hdr, + const DataBuffer& input, + DataBuffer* output) { + headers_.push_back(hdr); return KEEP; } diff --git a/security/nss/gtests/ssl_gtest/tls_filter.h b/security/nss/gtests/ssl_gtest/tls_filter.h index 1bbe190abe..effda4aa06 100644 --- a/security/nss/gtests/ssl_gtest/tls_filter.h +++ b/security/nss/gtests/ssl_gtest/tls_filter.h @@ -11,7 +11,7 @@ #include <memory> #include <set> #include <vector> - +#include "sslt.h" #include "test_io.h" #include "tls_agent.h" #include "tls_parser.h" @@ -27,43 +27,57 @@ class TlsCipherSpec; class TlsVersioned { public: - TlsVersioned() : version_(0) {} - explicit TlsVersioned(uint16_t version) : version_(version) {} + TlsVersioned() : variant_(ssl_variant_stream), version_(0) {} + TlsVersioned(SSLProtocolVariant var, uint16_t ver) + : variant_(var), version_(ver) {} - bool is_dtls() const { return IsDtls(version_); } + bool is_dtls() const { return variant_ == ssl_variant_datagram; } + SSLProtocolVariant variant() const { return variant_; } uint16_t version() const { return version_; } void WriteStream(std::ostream& stream) const; protected: + SSLProtocolVariant variant_; uint16_t version_; }; class TlsRecordHeader : public TlsVersioned { public: - TlsRecordHeader() : TlsVersioned(), content_type_(0), sequence_number_(0) {} - TlsRecordHeader(uint16_t version, uint8_t content_type, - uint64_t sequence_number) - : TlsVersioned(version), - content_type_(content_type), - sequence_number_(sequence_number) {} + TlsRecordHeader() + : TlsVersioned(), content_type_(0), sequence_number_(0), header_() {} + TlsRecordHeader(SSLProtocolVariant var, uint16_t ver, uint8_t ct, + uint64_t seqno) + : TlsVersioned(var, ver), + content_type_(ct), + sequence_number_(seqno), + header_() {} uint8_t content_type() const { return content_type_; } uint64_t sequence_number() const { return sequence_number_; } uint16_t epoch() const { return static_cast<uint16_t>(sequence_number_ >> 48); } - size_t header_length() const { return is_dtls() ? 13 : 5; } + size_t header_length() const; + const DataBuffer& header() const { return header_; } // Parse the header; return true if successful; body in an outparam if OK. - bool Parse(uint64_t sequence_number, TlsParser* parser, DataBuffer* body); + bool Parse(bool is_dtls13, uint64_t sequence_number, TlsParser* parser, + DataBuffer* body); // Write the header and body to a buffer at the given offset. // Return the offset of the end of the write. size_t Write(DataBuffer* buffer, size_t offset, const DataBuffer& body) const; + size_t WriteHeader(DataBuffer* buffer, size_t offset, size_t body_len) const; private: + static uint64_t RecoverSequenceNumber(uint64_t expected, uint32_t partial, + size_t partial_bits); + static uint64_t ParseSequenceNumber(uint64_t expected, uint32_t raw, + size_t seq_no_bits, size_t epoch_bits); + uint8_t content_type_; uint64_t sequence_number_; + DataBuffer header_; }; struct TlsRecord { @@ -83,8 +97,8 @@ inline std::shared_ptr<T> MakeTlsFilter(const std::shared_ptr<TlsAgent>& agent, // Abstract filter that operates on entire (D)TLS records. class TlsRecordFilter : public PacketFilter { public: - TlsRecordFilter(const std::shared_ptr<TlsAgent>& agent) - : agent_(agent), + TlsRecordFilter(const std::shared_ptr<TlsAgent>& a) + : agent_(a), count_(0), cipher_spec_(), dropped_record_(false), @@ -106,7 +120,8 @@ class TlsRecordFilter : public PacketFilter { bool Unprotect(const TlsRecordHeader& header, const DataBuffer& cipherText, uint8_t* inner_content_type, DataBuffer* plaintext); bool Protect(const TlsRecordHeader& header, uint8_t inner_content_type, - const DataBuffer& plaintext, DataBuffer* ciphertext); + const DataBuffer& plaintext, DataBuffer* ciphertext, + size_t padding = 0); protected: // There are two filter functions which can be overriden. Both are @@ -130,6 +145,8 @@ class TlsRecordFilter : public PacketFilter { return KEEP; } + bool is_dtls13() const; + private: static void CipherSpecChanged(void* arg, PRBool sending, ssl3CipherSpec* newSpec); @@ -183,13 +200,11 @@ inline std::ostream& operator<<(std::ostream& stream, // records and that they don't span records or anything crazy like that. class TlsHandshakeFilter : public TlsRecordFilter { public: - TlsHandshakeFilter(const std::shared_ptr<TlsAgent>& agent) - : TlsRecordFilter(agent), handshake_types_(), preceding_fragment_() {} - TlsHandshakeFilter(const std::shared_ptr<TlsAgent>& agent, + TlsHandshakeFilter(const std::shared_ptr<TlsAgent>& a) + : TlsRecordFilter(a), handshake_types_(), preceding_fragment_() {} + TlsHandshakeFilter(const std::shared_ptr<TlsAgent>& a, const std::set<uint8_t>& types) - : TlsRecordFilter(agent), - handshake_types_(types), - preceding_fragment_() {} + : TlsRecordFilter(a), handshake_types_(types), preceding_fragment_() {} // This filter can be set to be selective based on handshake message type. If // this function isn't used (or the set is empty), then all handshake messages @@ -243,12 +258,12 @@ class TlsHandshakeFilter : public TlsRecordFilter { // Make a copy of the first instance of a handshake message. class TlsHandshakeRecorder : public TlsHandshakeFilter { public: - TlsHandshakeRecorder(const std::shared_ptr<TlsAgent>& agent, + TlsHandshakeRecorder(const std::shared_ptr<TlsAgent>& a, uint8_t handshake_type) - : TlsHandshakeFilter(agent, {handshake_type}), buffer_() {} - TlsHandshakeRecorder(const std::shared_ptr<TlsAgent>& agent, + : TlsHandshakeFilter(a, {handshake_type}), buffer_() {} + TlsHandshakeRecorder(const std::shared_ptr<TlsAgent>& a, const std::set<uint8_t>& handshake_types) - : TlsHandshakeFilter(agent, handshake_types), buffer_() {} + : TlsHandshakeFilter(a, handshake_types), buffer_() {} virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header, const DataBuffer& input, @@ -265,10 +280,10 @@ class TlsHandshakeRecorder : public TlsHandshakeFilter { // Replace all instances of a handshake message. class TlsInspectorReplaceHandshakeMessage : public TlsHandshakeFilter { public: - TlsInspectorReplaceHandshakeMessage(const std::shared_ptr<TlsAgent>& agent, + TlsInspectorReplaceHandshakeMessage(const std::shared_ptr<TlsAgent>& a, uint8_t handshake_type, const DataBuffer& replacement) - : TlsHandshakeFilter(agent, {handshake_type}), buffer_(replacement) {} + : TlsHandshakeFilter(a, {handshake_type}), buffer_(replacement) {} virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header, const DataBuffer& input, @@ -281,10 +296,10 @@ class TlsInspectorReplaceHandshakeMessage : public TlsHandshakeFilter { // Make a copy of each record of a given type. class TlsRecordRecorder : public TlsRecordFilter { public: - TlsRecordRecorder(const std::shared_ptr<TlsAgent>& agent, uint8_t ct) - : TlsRecordFilter(agent), filter_(true), ct_(ct), records_() {} - TlsRecordRecorder(const std::shared_ptr<TlsAgent>& agent) - : TlsRecordFilter(agent), + TlsRecordRecorder(const std::shared_ptr<TlsAgent>& a, uint8_t ct) + : TlsRecordFilter(a), filter_(true), ct_(ct), records_() {} + TlsRecordRecorder(const std::shared_ptr<TlsAgent>& a) + : TlsRecordFilter(a), filter_(false), ct_(content_handshake), // dummy (<optional> is C++14) records_() {} @@ -306,9 +321,9 @@ class TlsRecordRecorder : public TlsRecordFilter { // Make a copy of the complete conversation. class TlsConversationRecorder : public TlsRecordFilter { public: - TlsConversationRecorder(const std::shared_ptr<TlsAgent>& agent, + TlsConversationRecorder(const std::shared_ptr<TlsAgent>& a, DataBuffer& buffer) - : TlsRecordFilter(agent), buffer_(buffer) {} + : TlsRecordFilter(a), buffer_(buffer) {} virtual PacketFilter::Action FilterRecord(const TlsRecordHeader& header, const DataBuffer& input, @@ -321,8 +336,7 @@ class TlsConversationRecorder : public TlsRecordFilter { // Make a copy of the records class TlsHeaderRecorder : public TlsRecordFilter { public: - TlsHeaderRecorder(const std::shared_ptr<TlsAgent>& agent) - : TlsRecordFilter(agent) {} + TlsHeaderRecorder(const std::shared_ptr<TlsAgent>& a) : TlsRecordFilter(a) {} virtual PacketFilter::Action FilterRecord(const TlsRecordHeader& header, const DataBuffer& input, DataBuffer* output); @@ -359,15 +373,15 @@ typedef std::function<bool(TlsParser* parser, const TlsVersioned& header)> class TlsExtensionFilter : public TlsHandshakeFilter { public: - TlsExtensionFilter(const std::shared_ptr<TlsAgent>& agent) - : TlsHandshakeFilter(agent, + TlsExtensionFilter(const std::shared_ptr<TlsAgent>& a) + : TlsHandshakeFilter(a, {kTlsHandshakeClientHello, kTlsHandshakeServerHello, kTlsHandshakeHelloRetryRequest, kTlsHandshakeEncryptedExtensions}) {} - TlsExtensionFilter(const std::shared_ptr<TlsAgent>& agent, + TlsExtensionFilter(const std::shared_ptr<TlsAgent>& a, const std::set<uint8_t>& types) - : TlsHandshakeFilter(agent, types) {} + : TlsHandshakeFilter(a, types) {} static bool FindExtensions(TlsParser* parser, const HandshakeHeader& header); @@ -388,9 +402,9 @@ class TlsExtensionFilter : public TlsHandshakeFilter { class TlsExtensionCapture : public TlsExtensionFilter { public: - TlsExtensionCapture(const std::shared_ptr<TlsAgent>& agent, uint16_t ext, + TlsExtensionCapture(const std::shared_ptr<TlsAgent>& a, uint16_t ext, bool last = false) - : TlsExtensionFilter(agent), + : TlsExtensionFilter(a), extension_(ext), captured_(false), last_(last), @@ -413,9 +427,9 @@ class TlsExtensionCapture : public TlsExtensionFilter { class TlsExtensionReplacer : public TlsExtensionFilter { public: - TlsExtensionReplacer(const std::shared_ptr<TlsAgent>& agent, - uint16_t extension, const DataBuffer& data) - : TlsExtensionFilter(agent), extension_(extension), data_(data) {} + TlsExtensionReplacer(const std::shared_ptr<TlsAgent>& a, uint16_t extension, + const DataBuffer& data) + : TlsExtensionFilter(a), extension_(extension), data_(data) {} PacketFilter::Action FilterExtension(uint16_t extension_type, const DataBuffer& input, DataBuffer* output) override; @@ -427,9 +441,8 @@ class TlsExtensionReplacer : public TlsExtensionFilter { class TlsExtensionDropper : public TlsExtensionFilter { public: - TlsExtensionDropper(const std::shared_ptr<TlsAgent>& agent, - uint16_t extension) - : TlsExtensionFilter(agent), extension_(extension) {} + TlsExtensionDropper(const std::shared_ptr<TlsAgent>& a, uint16_t extension) + : TlsExtensionFilter(a), extension_(extension) {} PacketFilter::Action FilterExtension(uint16_t extension_type, const DataBuffer&, DataBuffer*) override; @@ -439,9 +452,9 @@ class TlsExtensionDropper : public TlsExtensionFilter { class TlsExtensionInjector : public TlsHandshakeFilter { public: - TlsExtensionInjector(const std::shared_ptr<TlsAgent>& agent, uint16_t ext, + TlsExtensionInjector(const std::shared_ptr<TlsAgent>& a, uint16_t ext, const DataBuffer& data) - : TlsHandshakeFilter(agent), extension_(ext), data_(data) {} + : TlsHandshakeFilter(a), extension_(ext), data_(data) {} protected: PacketFilter::Action FilterHandshake(const HandshakeHeader& header, @@ -453,7 +466,6 @@ class TlsExtensionInjector : public TlsHandshakeFilter { const DataBuffer data_; }; -class TlsAgent; typedef std::function<void(void)> VoidFunction; class AfterRecordN : public TlsRecordFilter { @@ -495,6 +507,22 @@ class TlsClientHelloVersionChanger : public TlsHandshakeFilter { std::weak_ptr<TlsAgent> server_; }; +// Damage a record. +class TlsRecordLastByteDamager : public TlsRecordFilter { + public: + TlsRecordLastByteDamager(const std::shared_ptr<TlsAgent>& a) + : TlsRecordFilter(a) {} + + protected: + PacketFilter::Action FilterRecord(const TlsRecordHeader& header, + const DataBuffer& data, + DataBuffer* changed) override { + *changed = data; + changed->data()[changed->len() - 1]++; + return CHANGE; + } +}; + // This class selectively drops complete writes. This relies on the fact that // writes in libssl are on record boundaries. class SelectiveDropFilter : public PacketFilter { @@ -515,16 +543,16 @@ class SelectiveDropFilter : public PacketFilter { // datagram, we just drop one. class SelectiveRecordDropFilter : public TlsRecordFilter { public: - SelectiveRecordDropFilter(const std::shared_ptr<TlsAgent>& agent, + SelectiveRecordDropFilter(const std::shared_ptr<TlsAgent>& a, uint32_t pattern, bool enabled = true) - : TlsRecordFilter(agent), pattern_(pattern), counter_(0) { + : TlsRecordFilter(a), pattern_(pattern), counter_(0) { if (!enabled) { Disable(); } } - SelectiveRecordDropFilter(const std::shared_ptr<TlsAgent>& agent, + SelectiveRecordDropFilter(const std::shared_ptr<TlsAgent>& a, std::initializer_list<size_t> records) - : SelectiveRecordDropFilter(agent, ToPattern(records), true) {} + : SelectiveRecordDropFilter(a, ToPattern(records), true) {} void Reset(uint32_t pattern) { counter_ = 0; @@ -551,10 +579,9 @@ class SelectiveRecordDropFilter : public TlsRecordFilter { // Set the version number in the ClientHello. class TlsClientHelloVersionSetter : public TlsHandshakeFilter { public: - TlsClientHelloVersionSetter(const std::shared_ptr<TlsAgent>& agent, + TlsClientHelloVersionSetter(const std::shared_ptr<TlsAgent>& a, uint16_t version) - : TlsHandshakeFilter(agent, {kTlsHandshakeClientHello}), - version_(version) {} + : TlsHandshakeFilter(a, {kTlsHandshakeClientHello}), version_(version) {} virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header, const DataBuffer& input, @@ -567,8 +594,8 @@ class TlsClientHelloVersionSetter : public TlsHandshakeFilter { // Damages the last byte of a handshake message. class TlsLastByteDamager : public TlsHandshakeFilter { public: - TlsLastByteDamager(const std::shared_ptr<TlsAgent>& agent, uint8_t type) - : TlsHandshakeFilter(agent), type_(type) {} + TlsLastByteDamager(const std::shared_ptr<TlsAgent>& a, uint8_t type) + : TlsHandshakeFilter(a), type_(type) {} PacketFilter::Action FilterHandshake( const TlsHandshakeFilter::HandshakeHeader& header, const DataBuffer& input, DataBuffer* output) override { @@ -588,9 +615,9 @@ class TlsLastByteDamager : public TlsHandshakeFilter { class SelectedCipherSuiteReplacer : public TlsHandshakeFilter { public: - SelectedCipherSuiteReplacer(const std::shared_ptr<TlsAgent>& agent, + SelectedCipherSuiteReplacer(const std::shared_ptr<TlsAgent>& a, uint16_t suite) - : TlsHandshakeFilter(agent, {kTlsHandshakeServerHello}), + : TlsHandshakeFilter(a, {kTlsHandshakeServerHello}), cipher_suite_(suite) {} protected: diff --git a/security/nss/gtests/ssl_gtest/tls_protect.cc b/security/nss/gtests/ssl_gtest/tls_protect.cc index 6c945f66eb..c715a36a6b 100644 --- a/security/nss/gtests/ssl_gtest/tls_protect.cc +++ b/security/nss/gtests/ssl_gtest/tls_protect.cc @@ -54,17 +54,17 @@ bool AeadCipher::AeadInner(bool decrypt, void *params, size_t param_length, return rv == SECSuccess; } -bool AeadCipherAesGcm::Aead(bool decrypt, uint64_t seq, const uint8_t *in, - size_t inlen, uint8_t *out, size_t *outlen, - size_t maxlen) { +bool AeadCipherAesGcm::Aead(bool decrypt, const uint8_t *hdr, size_t hdr_len, + uint64_t seq, const uint8_t *in, size_t inlen, + uint8_t *out, size_t *outlen, size_t maxlen) { CK_GCM_PARAMS aeadParams; unsigned char nonce[12]; memset(&aeadParams, 0, sizeof(aeadParams)); aeadParams.pIv = nonce; aeadParams.ulIvLen = sizeof(nonce); - aeadParams.pAAD = NULL; - aeadParams.ulAADLen = 0; + aeadParams.pAAD = const_cast<uint8_t *>(hdr); + aeadParams.ulAADLen = hdr_len; aeadParams.ulTagBits = 128; FormatNonce(seq, nonce); @@ -72,7 +72,8 @@ bool AeadCipherAesGcm::Aead(bool decrypt, uint64_t seq, const uint8_t *in, in, inlen, out, outlen, maxlen); } -bool AeadCipherChacha20Poly1305::Aead(bool decrypt, uint64_t seq, +bool AeadCipherChacha20Poly1305::Aead(bool decrypt, const uint8_t *hdr, + size_t hdr_len, uint64_t seq, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen, size_t maxlen) { @@ -82,8 +83,8 @@ bool AeadCipherChacha20Poly1305::Aead(bool decrypt, uint64_t seq, memset(&aeadParams, 0, sizeof(aeadParams)); aeadParams.pNonce = nonce; aeadParams.ulNonceLen = sizeof(nonce); - aeadParams.pAAD = NULL; - aeadParams.ulAADLen = 0; + aeadParams.pAAD = const_cast<uint8_t *>(hdr); + aeadParams.ulAADLen = hdr_len; aeadParams.ulTagLen = 16; FormatNonce(seq, nonce); @@ -91,9 +92,9 @@ bool AeadCipherChacha20Poly1305::Aead(bool decrypt, uint64_t seq, in, inlen, out, outlen, maxlen); } -bool TlsCipherSpec::Init(uint16_t epoch, SSLCipherAlgorithm cipher, +bool TlsCipherSpec::Init(uint16_t epoc, SSLCipherAlgorithm cipher, PK11SymKey *key, const uint8_t *iv) { - epoch_ = epoch; + epoch_ = epoc; switch (cipher) { case ssl_calg_aes_gcm: aead_.reset(new AeadCipherAesGcm()); @@ -114,10 +115,12 @@ bool TlsCipherSpec::Unprotect(const TlsRecordHeader &header, // Make space. plaintext->Allocate(ciphertext.len()); + auto header_bytes = header.header(); size_t len; bool ret = - aead_->Aead(true, header.sequence_number(), ciphertext.data(), - ciphertext.len(), plaintext->data(), &len, plaintext->len()); + aead_->Aead(true, header_bytes.data(), header_bytes.len(), + header.sequence_number(), ciphertext.data(), ciphertext.len(), + plaintext->data(), &len, plaintext->len()); if (!ret) return false; plaintext->Truncate(len); @@ -133,9 +136,13 @@ bool TlsCipherSpec::Protect(const TlsRecordHeader &header, ciphertext->Allocate(plaintext.len() + 32); // Room for any plausible auth tag size_t len; + + DataBuffer header_bytes; + (void)header.WriteHeader(&header_bytes, 0, plaintext.len() + 16); bool ret = - aead_->Aead(false, header.sequence_number(), plaintext.data(), - plaintext.len(), ciphertext->data(), &len, ciphertext->len()); + aead_->Aead(false, header_bytes.data(), header_bytes.len(), + header.sequence_number(), plaintext.data(), plaintext.len(), + ciphertext->data(), &len, ciphertext->len()); if (!ret) return false; ciphertext->Truncate(len); diff --git a/security/nss/gtests/ssl_gtest/tls_protect.h b/security/nss/gtests/ssl_gtest/tls_protect.h index 93ffd63227..6f129a4eb6 100644 --- a/security/nss/gtests/ssl_gtest/tls_protect.h +++ b/security/nss/gtests/ssl_gtest/tls_protect.h @@ -23,8 +23,9 @@ class AeadCipher { virtual ~AeadCipher(); bool Init(PK11SymKey *key, const uint8_t *iv); - virtual bool Aead(bool decrypt, uint64_t seq, const uint8_t *in, size_t inlen, - uint8_t *out, size_t *outlen, size_t maxlen) = 0; + virtual bool Aead(bool decrypt, const uint8_t *hdr, size_t hdr_len, + uint64_t seq, const uint8_t *in, size_t inlen, uint8_t *out, + size_t *outlen, size_t maxlen) = 0; protected: void FormatNonce(uint64_t seq, uint8_t *nonce); @@ -42,8 +43,9 @@ class AeadCipherChacha20Poly1305 : public AeadCipher { AeadCipherChacha20Poly1305() : AeadCipher(CKM_NSS_CHACHA20_POLY1305) {} protected: - bool Aead(bool decrypt, uint64_t seq, const uint8_t *in, size_t inlen, - uint8_t *out, size_t *outlen, size_t maxlen); + bool Aead(bool decrypt, const uint8_t *hdr, size_t hdr_len, uint64_t seq, + const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen, + size_t maxlen); }; class AeadCipherAesGcm : public AeadCipher { @@ -51,8 +53,9 @@ class AeadCipherAesGcm : public AeadCipher { AeadCipherAesGcm() : AeadCipher(CKM_AES_GCM) {} protected: - bool Aead(bool decrypt, uint64_t seq, const uint8_t *in, size_t inlen, - uint8_t *out, size_t *outlen, size_t maxlen); + bool Aead(bool decrypt, const uint8_t *hdr, size_t hdr_len, uint64_t seq, + const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen, + size_t maxlen); }; // Our analog of ssl3CipherSpec diff --git a/security/nss/lib/certdb/crl.c b/security/nss/lib/certdb/crl.c index d1c48dfba6..63adcad46d 100644 --- a/security/nss/lib/certdb/crl.c +++ b/security/nss/lib/certdb/crl.c @@ -898,13 +898,13 @@ static PLHashAllocOps preAllocOps = { PreAllocTable, PreFreeTable, /* destructor for PreAllocator object */ void -PreAllocator_Destroy(PreAllocator* PreAllocator) +PreAllocator_Destroy(PreAllocator* allocator) { - if (!PreAllocator) { + if (!allocator) { return; } - if (PreAllocator->arena) { - PORT_FreeArena(PreAllocator->arena, PR_TRUE); + if (allocator->arena) { + PORT_FreeArena(allocator->arena, PR_TRUE); } } diff --git a/security/nss/lib/ckfw/Makefile b/security/nss/lib/ckfw/Makefile index 484dbb511a..2902bef48b 100644 --- a/security/nss/lib/ckfw/Makefile +++ b/security/nss/lib/ckfw/Makefile @@ -33,7 +33,3 @@ ifdef NSS_BUILD_CAPI DIRS += capi endif endif - -#ifeq ($(OS_ARCH), Darwin) -#DIRS += nssmkey -#endif diff --git a/security/nss/lib/ckfw/builtins/certdata.txt b/security/nss/lib/ckfw/builtins/certdata.txt index 5d2baf3a56..d291f28a5d 100644 --- a/security/nss/lib/ckfw/builtins/certdata.txt +++ b/security/nss/lib/ckfw/builtins/certdata.txt @@ -7241,163 +7241,6 @@ CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE # -# Certificate "TC TrustCenter Class 3 CA II" -# -# Issuer: CN=TC TrustCenter Class 3 CA II,OU=TC TrustCenter Class 3 CA,O=TC TrustCenter GmbH,C=DE -# Serial Number:4a:47:00:01:00:02:e5:a0:5d:d6:3f:00:51:bf -# Subject: CN=TC TrustCenter Class 3 CA II,OU=TC TrustCenter Class 3 CA,O=TC TrustCenter GmbH,C=DE -# Not Valid Before: Thu Jan 12 14:41:57 2006 -# Not Valid After : Wed Dec 31 22:59:59 2025 -# Fingerprint (MD5): 56:5F:AA:80:61:12:17:F6:67:21:E6:2B:6D:61:56:8E -# Fingerprint (SHA1): 80:25:EF:F4:6E:70:C8:D4:72:24:65:84:FE:40:3B:8A:8D:6A:DB:F5 -CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE -CKA_TOKEN CK_BBOOL CK_TRUE -CKA_PRIVATE CK_BBOOL CK_FALSE -CKA_MODIFIABLE CK_BBOOL CK_FALSE -CKA_LABEL UTF8 "TC TrustCenter Class 3 CA II" -CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 -CKA_SUBJECT MULTILINE_OCTAL -\060\166\061\013\060\011\006\003\125\004\006\023\002\104\105\061 -\034\060\032\006\003\125\004\012\023\023\124\103\040\124\162\165 -\163\164\103\145\156\164\145\162\040\107\155\142\110\061\042\060 -\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163\164 -\103\145\156\164\145\162\040\103\154\141\163\163\040\063\040\103 -\101\061\045\060\043\006\003\125\004\003\023\034\124\103\040\124 -\162\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163 -\040\063\040\103\101\040\111\111 -END -CKA_ID UTF8 "0" -CKA_ISSUER MULTILINE_OCTAL -\060\166\061\013\060\011\006\003\125\004\006\023\002\104\105\061 -\034\060\032\006\003\125\004\012\023\023\124\103\040\124\162\165 -\163\164\103\145\156\164\145\162\040\107\155\142\110\061\042\060 -\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163\164 -\103\145\156\164\145\162\040\103\154\141\163\163\040\063\040\103 -\101\061\045\060\043\006\003\125\004\003\023\034\124\103\040\124 -\162\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163 -\040\063\040\103\101\040\111\111 -END -CKA_SERIAL_NUMBER MULTILINE_OCTAL -\002\016\112\107\000\001\000\002\345\240\135\326\077\000\121\277 -END -CKA_VALUE MULTILINE_OCTAL -\060\202\004\252\060\202\003\222\240\003\002\001\002\002\016\112 -\107\000\001\000\002\345\240\135\326\077\000\121\277\060\015\006 -\011\052\206\110\206\367\015\001\001\005\005\000\060\166\061\013 -\060\011\006\003\125\004\006\023\002\104\105\061\034\060\032\006 -\003\125\004\012\023\023\124\103\040\124\162\165\163\164\103\145 -\156\164\145\162\040\107\155\142\110\061\042\060\040\006\003\125 -\004\013\023\031\124\103\040\124\162\165\163\164\103\145\156\164 -\145\162\040\103\154\141\163\163\040\063\040\103\101\061\045\060 -\043\006\003\125\004\003\023\034\124\103\040\124\162\165\163\164 -\103\145\156\164\145\162\040\103\154\141\163\163\040\063\040\103 -\101\040\111\111\060\036\027\015\060\066\060\061\061\062\061\064 -\064\061\065\067\132\027\015\062\065\061\062\063\061\062\062\065 -\071\065\071\132\060\166\061\013\060\011\006\003\125\004\006\023 -\002\104\105\061\034\060\032\006\003\125\004\012\023\023\124\103 -\040\124\162\165\163\164\103\145\156\164\145\162\040\107\155\142 -\110\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124 -\162\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163 -\040\063\040\103\101\061\045\060\043\006\003\125\004\003\023\034 -\124\103\040\124\162\165\163\164\103\145\156\164\145\162\040\103 -\154\141\163\163\040\063\040\103\101\040\111\111\060\202\001\042 -\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003 -\202\001\017\000\060\202\001\012\002\202\001\001\000\264\340\273 -\121\273\071\134\213\004\305\114\171\034\043\206\061\020\143\103 -\125\047\077\306\105\307\244\075\354\011\015\032\036\040\302\126 -\036\336\033\067\007\060\042\057\157\361\006\361\253\255\326\310 -\253\141\243\057\103\304\260\262\055\374\303\226\151\173\176\212 -\344\314\300\071\022\220\102\140\311\314\065\150\356\332\137\220 -\126\137\315\034\115\133\130\111\353\016\001\117\144\372\054\074 -\211\130\330\057\056\342\260\150\351\042\073\165\211\326\104\032 -\145\362\033\227\046\035\050\155\254\350\275\131\035\053\044\366 -\326\204\003\146\210\044\000\170\140\361\370\253\376\002\262\153 -\373\042\373\065\346\026\321\255\366\056\022\344\372\065\152\345 -\031\271\135\333\073\036\032\373\323\377\025\024\010\330\011\152 -\272\105\235\024\171\140\175\257\100\212\007\163\263\223\226\323 -\164\064\215\072\067\051\336\134\354\365\356\056\061\302\040\334 -\276\361\117\177\043\122\331\133\342\144\331\234\252\007\010\265 -\105\275\321\320\061\301\253\124\237\251\322\303\142\140\003\361 -\273\071\112\222\112\075\012\271\235\305\240\376\067\002\003\001 -\000\001\243\202\001\064\060\202\001\060\060\017\006\003\125\035 -\023\001\001\377\004\005\060\003\001\001\377\060\016\006\003\125 -\035\017\001\001\377\004\004\003\002\001\006\060\035\006\003\125 -\035\016\004\026\004\024\324\242\374\237\263\303\330\003\323\127 -\134\007\244\320\044\247\300\362\000\324\060\201\355\006\003\125 -\035\037\004\201\345\060\201\342\060\201\337\240\201\334\240\201 -\331\206\065\150\164\164\160\072\057\057\167\167\167\056\164\162 -\165\163\164\143\145\156\164\145\162\056\144\145\057\143\162\154 -\057\166\062\057\164\143\137\143\154\141\163\163\137\063\137\143 -\141\137\111\111\056\143\162\154\206\201\237\154\144\141\160\072 -\057\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145 -\162\056\144\145\057\103\116\075\124\103\045\062\060\124\162\165 -\163\164\103\145\156\164\145\162\045\062\060\103\154\141\163\163 -\045\062\060\063\045\062\060\103\101\045\062\060\111\111\054\117 -\075\124\103\045\062\060\124\162\165\163\164\103\145\156\164\145 -\162\045\062\060\107\155\142\110\054\117\125\075\162\157\157\164 -\143\145\162\164\163\054\104\103\075\164\162\165\163\164\143\145 -\156\164\145\162\054\104\103\075\144\145\077\143\145\162\164\151 -\146\151\143\141\164\145\122\145\166\157\143\141\164\151\157\156 -\114\151\163\164\077\142\141\163\145\077\060\015\006\011\052\206 -\110\206\367\015\001\001\005\005\000\003\202\001\001\000\066\140 -\344\160\367\006\040\103\331\043\032\102\362\370\243\262\271\115 -\212\264\363\302\232\125\061\174\304\073\147\232\264\337\115\016 -\212\223\112\027\213\033\215\312\211\341\317\072\036\254\035\361 -\234\062\264\216\131\166\242\101\205\045\067\240\023\320\365\174 -\116\325\352\226\342\156\162\301\273\052\376\154\156\370\221\230 -\106\374\311\033\127\133\352\310\032\073\077\260\121\230\074\007 -\332\054\131\001\332\213\104\350\341\164\375\247\150\335\124\272 -\203\106\354\310\106\265\370\257\227\300\073\011\034\217\316\162 -\226\075\063\126\160\274\226\313\330\325\175\040\232\203\237\032 -\334\071\361\305\162\243\021\003\375\073\102\122\051\333\350\001 -\367\233\136\214\326\215\206\116\031\372\274\034\276\305\041\245 -\207\236\170\056\066\333\011\161\243\162\064\370\154\343\006\011 -\362\136\126\245\323\335\230\372\324\346\006\364\360\266\040\143 -\113\352\051\275\252\202\146\036\373\201\252\247\067\255\023\030 -\346\222\303\201\301\063\273\210\036\241\347\342\264\275\061\154 -\016\121\075\157\373\226\126\200\342\066\027\321\334\344 -END -CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE - -# Trust for Certificate "TC TrustCenter Class 3 CA II" -# Issuer: CN=TC TrustCenter Class 3 CA II,OU=TC TrustCenter Class 3 CA,O=TC TrustCenter GmbH,C=DE -# Serial Number:4a:47:00:01:00:02:e5:a0:5d:d6:3f:00:51:bf -# Subject: CN=TC TrustCenter Class 3 CA II,OU=TC TrustCenter Class 3 CA,O=TC TrustCenter GmbH,C=DE -# Not Valid Before: Thu Jan 12 14:41:57 2006 -# Not Valid After : Wed Dec 31 22:59:59 2025 -# Fingerprint (MD5): 56:5F:AA:80:61:12:17:F6:67:21:E6:2B:6D:61:56:8E -# Fingerprint (SHA1): 80:25:EF:F4:6E:70:C8:D4:72:24:65:84:FE:40:3B:8A:8D:6A:DB:F5 -CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST -CKA_TOKEN CK_BBOOL CK_TRUE -CKA_PRIVATE CK_BBOOL CK_FALSE -CKA_MODIFIABLE CK_BBOOL CK_FALSE -CKA_LABEL UTF8 "TC TrustCenter Class 3 CA II" -CKA_CERT_SHA1_HASH MULTILINE_OCTAL -\200\045\357\364\156\160\310\324\162\044\145\204\376\100\073\212 -\215\152\333\365 -END -CKA_CERT_MD5_HASH MULTILINE_OCTAL -\126\137\252\200\141\022\027\366\147\041\346\053\155\141\126\216 -END -CKA_ISSUER MULTILINE_OCTAL -\060\166\061\013\060\011\006\003\125\004\006\023\002\104\105\061 -\034\060\032\006\003\125\004\012\023\023\124\103\040\124\162\165 -\163\164\103\145\156\164\145\162\040\107\155\142\110\061\042\060 -\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163\164 -\103\145\156\164\145\162\040\103\154\141\163\163\040\063\040\103 -\101\061\045\060\043\006\003\125\004\003\023\034\124\103\040\124 -\162\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163 -\040\063\040\103\101\040\111\111 -END -CKA_SERIAL_NUMBER MULTILINE_OCTAL -\002\016\112\107\000\001\000\002\345\240\135\326\077\000\121\277 -END -CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST -CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR -CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST -CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE - -# # Certificate "Deutsche Telekom Root CA 2" # # Issuer: CN=Deutsche Telekom Root CA 2,OU=T-TeleSec Trust Center,O=Deutsche Telekom AG,C=DE @@ -17883,155 +17726,6 @@ CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE # -# Certificate "S-TRUST Universal Root CA" -# -# Issuer: CN=S-TRUST Universal Root CA,OU=S-TRUST Certification Services,O=Deutscher Sparkassen Verlag GmbH,C=DE -# Serial Number:60:56:c5:4b:23:40:5b:64:d4:ed:25:da:d9:d6:1e:1e -# Subject: CN=S-TRUST Universal Root CA,OU=S-TRUST Certification Services,O=Deutscher Sparkassen Verlag GmbH,C=DE -# Not Valid Before: Tue Oct 22 00:00:00 2013 -# Not Valid After : Thu Oct 21 23:59:59 2038 -# Fingerprint (SHA-256): D8:0F:EF:91:0A:E3:F1:04:72:3B:04:5C:EC:2D:01:9F:44:1C:E6:21:3A:DF:15:67:91:E7:0C:17:90:11:0A:31 -# Fingerprint (SHA1): 1B:3D:11:14:EA:7A:0F:95:58:54:41:95:BF:6B:25:82:AB:40:CE:9A -CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE -CKA_TOKEN CK_BBOOL CK_TRUE -CKA_PRIVATE CK_BBOOL CK_FALSE -CKA_MODIFIABLE CK_BBOOL CK_FALSE -CKA_LABEL UTF8 "S-TRUST Universal Root CA" -CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 -CKA_SUBJECT MULTILINE_OCTAL -\060\201\205\061\013\060\011\006\003\125\004\006\023\002\104\105 -\061\051\060\047\006\003\125\004\012\023\040\104\145\165\164\163 -\143\150\145\162\040\123\160\141\162\153\141\163\163\145\156\040 -\126\145\162\154\141\147\040\107\155\142\110\061\047\060\045\006 -\003\125\004\013\023\036\123\055\124\122\125\123\124\040\103\145 -\162\164\151\146\151\143\141\164\151\157\156\040\123\145\162\166 -\151\143\145\163\061\042\060\040\006\003\125\004\003\023\031\123 -\055\124\122\125\123\124\040\125\156\151\166\145\162\163\141\154 -\040\122\157\157\164\040\103\101 -END -CKA_ID UTF8 "0" -CKA_ISSUER MULTILINE_OCTAL -\060\201\205\061\013\060\011\006\003\125\004\006\023\002\104\105 -\061\051\060\047\006\003\125\004\012\023\040\104\145\165\164\163 -\143\150\145\162\040\123\160\141\162\153\141\163\163\145\156\040 -\126\145\162\154\141\147\040\107\155\142\110\061\047\060\045\006 -\003\125\004\013\023\036\123\055\124\122\125\123\124\040\103\145 -\162\164\151\146\151\143\141\164\151\157\156\040\123\145\162\166 -\151\143\145\163\061\042\060\040\006\003\125\004\003\023\031\123 -\055\124\122\125\123\124\040\125\156\151\166\145\162\163\141\154 -\040\122\157\157\164\040\103\101 -END -CKA_SERIAL_NUMBER MULTILINE_OCTAL -\002\020\140\126\305\113\043\100\133\144\324\355\045\332\331\326 -\036\036 -END -CKA_VALUE MULTILINE_OCTAL -\060\202\003\330\060\202\002\300\240\003\002\001\002\002\020\140 -\126\305\113\043\100\133\144\324\355\045\332\331\326\036\036\060 -\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\201 -\205\061\013\060\011\006\003\125\004\006\023\002\104\105\061\051 -\060\047\006\003\125\004\012\023\040\104\145\165\164\163\143\150 -\145\162\040\123\160\141\162\153\141\163\163\145\156\040\126\145 -\162\154\141\147\040\107\155\142\110\061\047\060\045\006\003\125 -\004\013\023\036\123\055\124\122\125\123\124\040\103\145\162\164 -\151\146\151\143\141\164\151\157\156\040\123\145\162\166\151\143 -\145\163\061\042\060\040\006\003\125\004\003\023\031\123\055\124 -\122\125\123\124\040\125\156\151\166\145\162\163\141\154\040\122 -\157\157\164\040\103\101\060\036\027\015\061\063\061\060\062\062 -\060\060\060\060\060\060\132\027\015\063\070\061\060\062\061\062 -\063\065\071\065\071\132\060\201\205\061\013\060\011\006\003\125 -\004\006\023\002\104\105\061\051\060\047\006\003\125\004\012\023 -\040\104\145\165\164\163\143\150\145\162\040\123\160\141\162\153 -\141\163\163\145\156\040\126\145\162\154\141\147\040\107\155\142 -\110\061\047\060\045\006\003\125\004\013\023\036\123\055\124\122 -\125\123\124\040\103\145\162\164\151\146\151\143\141\164\151\157 -\156\040\123\145\162\166\151\143\145\163\061\042\060\040\006\003 -\125\004\003\023\031\123\055\124\122\125\123\124\040\125\156\151 -\166\145\162\163\141\154\040\122\157\157\164\040\103\101\060\202 -\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005 -\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000\250 -\343\013\337\021\067\205\202\232\265\154\146\174\141\077\300\107 -\032\035\106\343\260\125\144\345\270\202\071\050\007\176\027\377 -\364\233\212\360\221\201\352\070\077\041\170\154\110\354\153\057 -\242\323\212\162\262\247\327\331\352\177\264\300\111\153\060\045 -\211\214\353\267\325\100\141\230\342\334\074\040\222\315\145\112 -\162\237\032\216\214\372\045\025\277\363\041\203\050\015\213\257 -\131\021\202\103\134\233\115\045\121\177\130\030\143\140\073\263 -\265\212\213\130\143\067\110\110\220\104\302\100\335\135\367\103 -\151\051\230\134\022\145\136\253\220\222\113\146\337\325\165\022 -\123\124\030\246\336\212\326\273\127\003\071\131\231\030\005\014 -\371\375\025\306\220\144\106\027\202\327\302\112\101\075\375\000 -\276\127\162\030\224\167\033\123\132\211\001\366\063\162\016\223 -\072\334\350\036\375\005\005\326\274\163\340\210\334\253\117\354 -\265\030\206\117\171\204\016\110\052\146\052\335\062\310\170\145 -\310\013\235\130\001\005\161\355\201\365\150\027\156\313\015\264 -\113\330\241\354\256\070\353\034\130\057\241\145\003\064\057\002 -\003\001\000\001\243\102\060\100\060\017\006\003\125\035\023\001 -\001\377\004\005\060\003\001\001\377\060\016\006\003\125\035\017 -\001\001\377\004\004\003\002\001\006\060\035\006\003\125\035\016 -\004\026\004\024\232\175\327\353\353\177\124\230\105\051\264\040 -\253\155\013\226\043\031\244\302\060\015\006\011\052\206\110\206 -\367\015\001\001\013\005\000\003\202\001\001\000\116\226\022\333 -\176\167\136\222\047\236\041\027\030\202\166\330\077\274\245\011 -\004\146\210\211\255\333\125\263\063\152\306\145\304\217\115\363 -\062\066\334\171\004\226\251\167\062\321\227\365\030\153\214\272 -\355\316\021\320\104\307\222\361\264\104\216\355\210\122\110\236 -\325\375\131\370\243\036\121\373\001\122\345\137\345\172\335\252 -\044\117\042\213\335\166\106\366\245\240\017\065\330\312\017\230 -\271\060\135\040\157\302\201\036\275\275\300\376\025\323\070\052 -\011\223\230\047\033\223\173\320\053\064\136\150\245\025\117\321 -\122\303\240\312\240\203\105\035\365\365\267\131\163\135\131\001 -\217\252\302\107\057\024\161\325\051\343\020\265\107\223\045\314 -\043\051\332\267\162\330\221\324\354\033\110\212\042\344\301\052 -\367\072\150\223\237\105\031\156\103\267\314\376\270\221\232\141 -\032\066\151\143\144\222\050\363\157\141\222\205\023\237\311\007 -\054\213\127\334\353\236\171\325\302\336\010\325\124\262\127\116 -\052\062\215\241\342\072\321\020\040\042\071\175\064\105\157\161 -\073\303\035\374\377\262\117\250\342\366\060\036 -END -CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE - -# Trust for "S-TRUST Universal Root CA" -# Issuer: CN=S-TRUST Universal Root CA,OU=S-TRUST Certification Services,O=Deutscher Sparkassen Verlag GmbH,C=DE -# Serial Number:60:56:c5:4b:23:40:5b:64:d4:ed:25:da:d9:d6:1e:1e -# Subject: CN=S-TRUST Universal Root CA,OU=S-TRUST Certification Services,O=Deutscher Sparkassen Verlag GmbH,C=DE -# Not Valid Before: Tue Oct 22 00:00:00 2013 -# Not Valid After : Thu Oct 21 23:59:59 2038 -# Fingerprint (SHA-256): D8:0F:EF:91:0A:E3:F1:04:72:3B:04:5C:EC:2D:01:9F:44:1C:E6:21:3A:DF:15:67:91:E7:0C:17:90:11:0A:31 -# Fingerprint (SHA1): 1B:3D:11:14:EA:7A:0F:95:58:54:41:95:BF:6B:25:82:AB:40:CE:9A -CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST -CKA_TOKEN CK_BBOOL CK_TRUE -CKA_PRIVATE CK_BBOOL CK_FALSE -CKA_MODIFIABLE CK_BBOOL CK_FALSE -CKA_LABEL UTF8 "S-TRUST Universal Root CA" -CKA_CERT_SHA1_HASH MULTILINE_OCTAL -\033\075\021\024\352\172\017\225\130\124\101\225\277\153\045\202 -\253\100\316\232 -END -CKA_CERT_MD5_HASH MULTILINE_OCTAL -\130\366\101\001\256\365\133\121\231\116\134\041\350\117\324\146 -END -CKA_ISSUER MULTILINE_OCTAL -\060\201\205\061\013\060\011\006\003\125\004\006\023\002\104\105 -\061\051\060\047\006\003\125\004\012\023\040\104\145\165\164\163 -\143\150\145\162\040\123\160\141\162\153\141\163\163\145\156\040 -\126\145\162\154\141\147\040\107\155\142\110\061\047\060\045\006 -\003\125\004\013\023\036\123\055\124\122\125\123\124\040\103\145 -\162\164\151\146\151\143\141\164\151\157\156\040\123\145\162\166 -\151\143\145\163\061\042\060\040\006\003\125\004\003\023\031\123 -\055\124\122\125\123\124\040\125\156\151\166\145\162\163\141\154 -\040\122\157\157\164\040\103\101 -END -CKA_SERIAL_NUMBER MULTILINE_OCTAL -\002\020\140\126\305\113\043\100\133\144\324\355\045\332\331\326 -\036\036 -END -CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST -CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR -CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST -CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE - -# # Certificate "Entrust Root Certification Authority - G2" # # Issuer: CN=Entrust Root Certification Authority - G2,OU="(c) 2009 Entrust, Inc. - for authorized use only",OU=See www.entrust.net/legal-terms,O="Entrust, Inc.",C=US @@ -18509,167 +18203,6 @@ CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE # -# Certificate "TÃœRKTRUST Elektronik Sertifika Hizmet SaÄŸlayıcısı H5" -# -# Issuer: CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s.. H5,O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A....,L=Ankara,C=TR -# Serial Number:00:8e:17:fe:24:20:81 -# Subject: CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s.. H5,O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A....,L=Ankara,C=TR -# Not Valid Before: Tue Apr 30 08:07:01 2013 -# Not Valid After : Fri Apr 28 08:07:01 2023 -# Fingerprint (SHA-256): 49:35:1B:90:34:44:C1:85:CC:DC:5C:69:3D:24:D8:55:5C:B2:08:D6:A8:14:13:07:69:9F:4A:F0:63:19:9D:78 -# Fingerprint (SHA1): C4:18:F6:4D:46:D1:DF:00:3D:27:30:13:72:43:A9:12:11:C6:75:FB -CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE -CKA_TOKEN CK_BBOOL CK_TRUE -CKA_PRIVATE CK_BBOOL CK_FALSE -CKA_MODIFIABLE CK_BBOOL CK_FALSE -CKA_LABEL UTF8 "TÃœRKTRUST Elektronik Sertifika Hizmet SaÄŸlayıcısı H5" -CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 -CKA_SUBJECT MULTILINE_OCTAL -\060\201\261\061\013\060\011\006\003\125\004\006\023\002\124\122 -\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141\162 -\141\061\115\060\113\006\003\125\004\012\014\104\124\303\234\122 -\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260\154 -\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151\305 -\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151\040 -\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236\056 -\061\102\060\100\006\003\125\004\003\014\071\124\303\234\122\113 -\124\122\125\123\124\040\105\154\145\153\164\162\157\156\151\153 -\040\123\145\162\164\151\146\151\153\141\040\110\151\172\155\145 -\164\040\123\141\304\237\154\141\171\304\261\143\304\261\163\304 -\261\040\110\065 -END -CKA_ID UTF8 "0" -CKA_ISSUER MULTILINE_OCTAL -\060\201\261\061\013\060\011\006\003\125\004\006\023\002\124\122 -\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141\162 -\141\061\115\060\113\006\003\125\004\012\014\104\124\303\234\122 -\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260\154 -\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151\305 -\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151\040 -\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236\056 -\061\102\060\100\006\003\125\004\003\014\071\124\303\234\122\113 -\124\122\125\123\124\040\105\154\145\153\164\162\157\156\151\153 -\040\123\145\162\164\151\146\151\153\141\040\110\151\172\155\145 -\164\040\123\141\304\237\154\141\171\304\261\143\304\261\163\304 -\261\040\110\065 -END -CKA_SERIAL_NUMBER MULTILINE_OCTAL -\002\007\000\216\027\376\044\040\201 -END -CKA_VALUE MULTILINE_OCTAL -\060\202\004\047\060\202\003\017\240\003\002\001\002\002\007\000 -\216\027\376\044\040\201\060\015\006\011\052\206\110\206\367\015 -\001\001\013\005\000\060\201\261\061\013\060\011\006\003\125\004 -\006\023\002\124\122\061\017\060\015\006\003\125\004\007\014\006 -\101\156\153\141\162\141\061\115\060\113\006\003\125\004\012\014 -\104\124\303\234\122\113\124\122\125\123\124\040\102\151\154\147 -\151\040\304\260\154\145\164\151\305\237\151\155\040\166\145\040 -\102\151\154\151\305\237\151\155\040\107\303\274\166\145\156\154 -\151\304\237\151\040\110\151\172\155\145\164\154\145\162\151\040 -\101\056\305\236\056\061\102\060\100\006\003\125\004\003\014\071 -\124\303\234\122\113\124\122\125\123\124\040\105\154\145\153\164 -\162\157\156\151\153\040\123\145\162\164\151\146\151\153\141\040 -\110\151\172\155\145\164\040\123\141\304\237\154\141\171\304\261 -\143\304\261\163\304\261\040\110\065\060\036\027\015\061\063\060 -\064\063\060\060\070\060\067\060\061\132\027\015\062\063\060\064 -\062\070\060\070\060\067\060\061\132\060\201\261\061\013\060\011 -\006\003\125\004\006\023\002\124\122\061\017\060\015\006\003\125 -\004\007\014\006\101\156\153\141\162\141\061\115\060\113\006\003 -\125\004\012\014\104\124\303\234\122\113\124\122\125\123\124\040 -\102\151\154\147\151\040\304\260\154\145\164\151\305\237\151\155 -\040\166\145\040\102\151\154\151\305\237\151\155\040\107\303\274 -\166\145\156\154\151\304\237\151\040\110\151\172\155\145\164\154 -\145\162\151\040\101\056\305\236\056\061\102\060\100\006\003\125 -\004\003\014\071\124\303\234\122\113\124\122\125\123\124\040\105 -\154\145\153\164\162\157\156\151\153\040\123\145\162\164\151\146 -\151\153\141\040\110\151\172\155\145\164\040\123\141\304\237\154 -\141\171\304\261\143\304\261\163\304\261\040\110\065\060\202\001 -\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000 -\003\202\001\017\000\060\202\001\012\002\202\001\001\000\244\045 -\031\341\145\236\353\110\041\120\112\010\345\021\360\132\272\046 -\377\203\131\316\104\052\057\376\341\316\140\003\374\215\003\245 -\355\377\153\250\272\314\064\006\237\131\065\366\354\054\273\235 -\373\215\122\151\343\234\047\020\123\363\244\002\305\247\371\021 -\032\151\165\156\303\035\213\321\230\215\223\207\247\161\227\015 -\041\307\231\371\122\323\054\143\135\125\274\350\037\001\110\271 -\140\376\102\112\366\310\200\256\315\146\172\236\105\212\150\167 -\342\110\150\237\242\332\361\341\301\020\237\353\074\051\201\247 -\341\062\010\324\240\005\261\214\373\215\226\000\016\076\045\337 -\123\206\042\073\374\364\275\363\011\176\167\354\206\353\017\063 -\345\103\117\364\124\165\155\051\231\056\146\132\103\337\313\134 -\312\310\345\070\361\176\073\065\235\017\364\305\132\241\314\363 -\040\200\044\323\127\354\025\272\165\045\233\350\144\113\263\064 -\204\357\004\270\366\311\154\252\002\076\266\125\342\062\067\137 -\374\146\227\137\315\326\236\307\040\277\115\306\254\077\165\137 -\034\355\062\234\174\151\000\151\221\343\043\030\123\351\002\003 -\001\000\001\243\102\060\100\060\035\006\003\125\035\016\004\026 -\004\024\126\231\007\036\323\254\014\151\144\264\014\120\107\336 -\103\054\276\040\300\373\060\016\006\003\125\035\017\001\001\377 -\004\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377 -\004\005\060\003\001\001\377\060\015\006\011\052\206\110\206\367 -\015\001\001\013\005\000\003\202\001\001\000\236\105\166\173\027 -\110\062\362\070\213\051\275\356\226\112\116\201\030\261\121\107 -\040\315\320\144\261\016\311\331\001\331\011\316\310\231\334\150 -\045\023\324\134\362\243\350\004\376\162\011\307\013\252\035\045 -\125\176\226\232\127\267\272\305\021\172\031\346\247\176\075\205 -\016\365\371\056\051\057\347\371\154\130\026\127\120\045\366\076 -\056\076\252\355\167\161\252\252\231\226\106\012\256\216\354\052 -\121\026\260\136\315\352\147\004\034\130\060\365\140\212\275\246 -\275\115\345\226\264\374\102\211\001\153\366\160\310\120\071\014 -\055\325\146\331\310\322\263\062\267\033\031\155\313\063\371\337 -\245\346\025\204\067\360\302\362\145\226\222\220\167\360\255\364 -\220\351\021\170\327\223\211\300\075\013\272\051\364\350\231\235 -\162\216\355\235\057\356\222\175\241\361\377\135\272\063\140\205 -\142\376\007\002\241\204\126\106\276\226\012\232\023\327\041\114 -\267\174\007\237\116\116\077\221\164\373\047\235\021\314\335\346 -\261\312\161\115\023\027\071\046\305\051\041\053\223\051\152\226 -\372\253\101\341\113\266\065\013\300\233\025 -END -CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE - -# Trust for "TÃœRKTRUST Elektronik Sertifika Hizmet SaÄŸlayıcısı H5" -# Issuer: CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s.. H5,O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A....,L=Ankara,C=TR -# Serial Number:00:8e:17:fe:24:20:81 -# Subject: CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s.. H5,O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A....,L=Ankara,C=TR -# Not Valid Before: Tue Apr 30 08:07:01 2013 -# Not Valid After : Fri Apr 28 08:07:01 2023 -# Fingerprint (SHA-256): 49:35:1B:90:34:44:C1:85:CC:DC:5C:69:3D:24:D8:55:5C:B2:08:D6:A8:14:13:07:69:9F:4A:F0:63:19:9D:78 -# Fingerprint (SHA1): C4:18:F6:4D:46:D1:DF:00:3D:27:30:13:72:43:A9:12:11:C6:75:FB -CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST -CKA_TOKEN CK_BBOOL CK_TRUE -CKA_PRIVATE CK_BBOOL CK_FALSE -CKA_MODIFIABLE CK_BBOOL CK_FALSE -CKA_LABEL UTF8 "TÃœRKTRUST Elektronik Sertifika Hizmet SaÄŸlayıcısı H5" -CKA_CERT_SHA1_HASH MULTILINE_OCTAL -\304\030\366\115\106\321\337\000\075\047\060\023\162\103\251\022 -\021\306\165\373 -END -CKA_CERT_MD5_HASH MULTILINE_OCTAL -\332\160\216\360\042\337\223\046\366\137\237\323\025\006\122\116 -END -CKA_ISSUER MULTILINE_OCTAL -\060\201\261\061\013\060\011\006\003\125\004\006\023\002\124\122 -\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141\162 -\141\061\115\060\113\006\003\125\004\012\014\104\124\303\234\122 -\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260\154 -\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151\305 -\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151\040 -\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236\056 -\061\102\060\100\006\003\125\004\003\014\071\124\303\234\122\113 -\124\122\125\123\124\040\105\154\145\153\164\162\157\156\151\153 -\040\123\145\162\164\151\146\151\153\141\040\110\151\172\155\145 -\164\040\123\141\304\237\154\141\171\304\261\143\304\261\163\304 -\261\040\110\065 -END -CKA_SERIAL_NUMBER MULTILINE_OCTAL -\002\007\000\216\027\376\044\040\201 -END -CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR -CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST -CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST -CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE - -# # Certificate "Certinomis - Root CA" # # Issuer: CN=Certinomis - Root CA,OU=0002 433998903,O=Certinomis,C=FR diff --git a/security/nss/lib/ckfw/builtins/nssckbi.h b/security/nss/lib/ckfw/builtins/nssckbi.h index 0189369b1b..d40c8080eb 100644 --- a/security/nss/lib/ckfw/builtins/nssckbi.h +++ b/security/nss/lib/ckfw/builtins/nssckbi.h @@ -32,7 +32,7 @@ * - whenever possible, if older branches require a modification to the * list, these changes should be made on the main line of development (trunk), * and the older branches should update to the most recent list. - * + * * - ODD minor version numbers are reserved to indicate a snapshot that has * deviated from the main line of development, e.g. if it was necessary * to modify the list on a stable branch. @@ -46,8 +46,8 @@ * It's recommend to switch back to 0 after having reached version 98/99. */ #define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 2 -#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 22 -#define NSS_BUILTINS_LIBRARY_VERSION "2.22" +#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 24 +#define NSS_BUILTINS_LIBRARY_VERSION "2.24" /* These version numbers detail the semantic changes to the ckfw engine. */ #define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1 diff --git a/security/nss/lib/ckfw/nssmkey/Makefile b/security/nss/lib/ckfw/nssmkey/Makefile deleted file mode 100644 index e630e84b0f..0000000000 --- a/security/nss/lib/ckfw/nssmkey/Makefile +++ /dev/null @@ -1,72 +0,0 @@ -# -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -include manifest.mn -include $(CORE_DEPTH)/coreconf/config.mk -include config.mk - -EXTRA_LIBS = \ - $(DIST)/lib/$(LIB_PREFIX)nssckfw.$(LIB_SUFFIX) \ - $(DIST)/lib/$(LIB_PREFIX)secutil.$(LIB_SUFFIX) \ - $(DIST)/lib/$(LIB_PREFIX)nssb.$(LIB_SUFFIX) \ - $(NULL) - -# can't do this in manifest.mn because OS_TARGET isn't defined there. -ifeq (,$(filter-out WIN%,$(OS_TARGET))) - -ifdef NS_USE_GCC -EXTRA_LIBS += \ - -L$(NSPR_LIB_DIR) \ - -lplc4 \ - -lplds4 \ - -lnspr4 \ - $(NULL) -else -EXTRA_SHARED_LIBS += \ - $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plc4.lib \ - $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plds4.lib \ - $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)nspr4.lib \ - $(NULL) -endif # NS_USE_GCC -else - -EXTRA_LIBS += \ - -L$(NSPR_LIB_DIR) \ - -lplc4 \ - -lplds4 \ - -lnspr4 \ - -framework Security \ - -framework CoreServices \ - $(NULL) -endif - - -include $(CORE_DEPTH)/coreconf/rules.mk - -# Generate certdata.c. -generate: - perl certdata.perl < certdata.txt - -# This'll need some help from a build person. - - -ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.1) -DSO_LDOPTS = -bM:SRE -bh:4 -bnoentry -EXTRA_DSO_LDOPTS = -lc -MKSHLIB = xlC $(DSO_LDOPTS) - -$(SHARED_LIBRARY): $(OBJS) - @$(MAKE_OBJDIR) - rm -f $@ - $(MKSHLIB) -o $@ $(OBJS) $(EXTRA_LIBS) $(EXTRA_DSO_LDOPTS) - chmod +x $@ - -endif - -ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.2) -LD += -G -endif - - diff --git a/security/nss/lib/ckfw/nssmkey/README b/security/nss/lib/ckfw/nssmkey/README deleted file mode 100644 index c060d9c3c0..0000000000 --- a/security/nss/lib/ckfw/nssmkey/README +++ /dev/null @@ -1,21 +0,0 @@ -This Cryptoki module provides acces to certs and keys stored in -Macintosh key Ring. - -- It does not yet export PKCS #12 keys. To get this to work should be - implemented using exporting the key object in PKCS #8 wrapped format. - PSM work needs to happen before this can be completed. -- It does not import or export CA Root trust from the mac keychain. -- It does not handle S/MIME objects (pkcs #7 in mac keychain terms?). -- The AuthRoots don't show up on the default list. -- Only RSA keys are supported currently. - -There are a number of things that have not been tested that other PKCS #11 -apps may need: -- reading Modulus and Public Exponents from private keys and public keys. -- storing public keys. -- setting attributes other than CKA_ID and CKA_LABEL. - -Other TODOs: -- Check for and plug memory leaks. -- Need to map mac errors into something more intellegible than - CKR_GENERAL_ERROR. diff --git a/security/nss/lib/ckfw/nssmkey/ckmk.h b/security/nss/lib/ckfw/nssmkey/ckmk.h deleted file mode 100644 index 4f3ab82d72..0000000000 --- a/security/nss/lib/ckfw/nssmkey/ckmk.h +++ /dev/null @@ -1,182 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#ifndef CKMK_H -#define CKMK_H 1 - -#include <Security/SecKeychainSearch.h> -#include <Security/SecKeychainItem.h> -#include <Security/SecKeychain.h> -#include <Security/cssmtype.h> -#include <Security/cssmapi.h> -#include <Security/SecKey.h> -#include <Security/SecCertificate.h> - -#define NTO - -#include "nssckmdt.h" -#include "nssckfw.h" -/* - * I'm including this for access to the arena functions. - * Looks like we should publish that API. - */ -#ifndef BASE_H -#include "base.h" -#endif /* BASE_H */ -/* - * This is where the Netscape extensions live, at least for now. - */ -#ifndef CKT_H -#include "ckt.h" -#endif /* CKT_H */ - -/* - * statically defined raw objects. Allows us to data description objects - * to this PKCS #11 module. - */ -struct ckmkRawObjectStr { - CK_ULONG n; - const CK_ATTRIBUTE_TYPE *types; - const NSSItem *items; -}; -typedef struct ckmkRawObjectStr ckmkRawObject; - -/* - * Key/Cert Items - */ -struct ckmkItemObjectStr { - SecKeychainItemRef itemRef; - SecItemClass itemClass; - PRBool hasID; - NSSItem modify; - NSSItem private; - NSSItem encrypt; - NSSItem decrypt; - NSSItem derive; - NSSItem sign; - NSSItem signRecover; - NSSItem verify; - NSSItem verifyRecover; - NSSItem wrap; - NSSItem unwrap; - NSSItem label; - NSSItem subject; - NSSItem issuer; - NSSItem serial; - NSSItem derCert; - NSSItem id; - NSSItem modulus; - NSSItem exponent; - NSSItem privateExponent; - NSSItem prime1; - NSSItem prime2; - NSSItem exponent1; - NSSItem exponent2; - NSSItem coefficient; -}; -typedef struct ckmkItemObjectStr ckmkItemObject; - -typedef enum { - ckmkRaw, - ckmkItem, -} ckmkObjectType; - -/* - * all the various types of objects are abstracted away in cobject and - * cfind as ckmkInternalObjects. - */ -struct ckmkInternalObjectStr { - ckmkObjectType type; - union { - ckmkRawObject raw; - ckmkItemObject item; - } u; - CK_OBJECT_CLASS objClass; - NSSItem hashKey; - unsigned char hashKeyData[128]; - NSSCKMDObject mdObject; -}; -typedef struct ckmkInternalObjectStr ckmkInternalObject; - -/* our raw object data array */ -NSS_EXTERN_DATA ckmkInternalObject nss_ckmk_data[]; -NSS_EXTERN_DATA const PRUint32 nss_ckmk_nObjects; - -NSS_EXTERN_DATA const CK_VERSION nss_ckmk_CryptokiVersion; -NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_ManufacturerID; -NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_LibraryDescription; -NSS_EXTERN_DATA const CK_VERSION nss_ckmk_LibraryVersion; -NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_SlotDescription; -NSS_EXTERN_DATA const CK_VERSION nss_ckmk_HardwareVersion; -NSS_EXTERN_DATA const CK_VERSION nss_ckmk_FirmwareVersion; -NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_TokenLabel; -NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_TokenModel; -NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_TokenSerialNumber; - -NSS_EXTERN_DATA const NSSCKMDInstance nss_ckmk_mdInstance; -NSS_EXTERN_DATA const NSSCKMDSlot nss_ckmk_mdSlot; -NSS_EXTERN_DATA const NSSCKMDToken nss_ckmk_mdToken; -NSS_EXTERN_DATA const NSSCKMDMechanism nss_ckmk_mdMechanismRSA; - -NSS_EXTERN NSSCKMDSession * -nss_ckmk_CreateSession( - NSSCKFWSession *fwSession, - CK_RV *pError); - -NSS_EXTERN NSSCKMDFindObjects * -nss_ckmk_FindObjectsInit( - NSSCKFWSession *fwSession, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_RV *pError); - -/* - * Object Utilities - */ -NSS_EXTERN NSSCKMDObject * -nss_ckmk_CreateMDObject( - NSSArena *arena, - ckmkInternalObject *io, - CK_RV *pError); - -NSS_EXTERN NSSCKMDObject * -nss_ckmk_CreateObject( - NSSCKFWSession *fwSession, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_RV *pError); - -NSS_EXTERN const NSSItem * -nss_ckmk_FetchAttribute( - ckmkInternalObject *io, - CK_ATTRIBUTE_TYPE type, - CK_RV *pError); - -NSS_EXTERN void -nss_ckmk_DestroyInternalObject( - ckmkInternalObject *io); - -unsigned char * -nss_ckmk_DERUnwrap( - unsigned char *src, - int size, - int *outSize, - unsigned char **next); - -CK_ULONG -nss_ckmk_GetULongAttribute( - CK_ATTRIBUTE_TYPE type, - CK_ATTRIBUTE *template, - CK_ULONG templateSize, - CK_RV *pError); - -#define NSS_CKMK_ARRAY_SIZE(x) ((sizeof(x)) / (sizeof((x)[0]))) - -#ifdef DEBUG -#define CKMK_MACERR(str, err) cssmPerror(str, err) -#else -#define CKMK_MACERR(str, err) -#endif - -#endif diff --git a/security/nss/lib/ckfw/nssmkey/ckmkver.c b/security/nss/lib/ckfw/nssmkey/ckmkver.c deleted file mode 100644 index 2b99f1e228..0000000000 --- a/security/nss/lib/ckfw/nssmkey/ckmkver.c +++ /dev/null @@ -1,17 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* Library identity and versioning */ - -#include "nssmkey.h" - -#if defined(DEBUG) -#define _DEBUG_STRING " (debug)" -#else -#define _DEBUG_STRING "" -#endif - -/* - * Version information - */ -const char __nss_ckmk_version[] = "Version: NSS Access to the MAC OS X Key Ring " NSS_CKMK_LIBRARY_VERSION _DEBUG_STRING; diff --git a/security/nss/lib/ckfw/nssmkey/config.mk b/security/nss/lib/ckfw/nssmkey/config.mk deleted file mode 100644 index 7096910679..0000000000 --- a/security/nss/lib/ckfw/nssmkey/config.mk +++ /dev/null @@ -1,24 +0,0 @@ -# -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -ifdef BUILD_IDG -DEFINES += -DNSSDEBUG -endif - -ifdef NS_USE_CKFW_TRACE -DEFINES += -DTRACE -endif - -# -# Override TARGETS variable so that only static libraries -# are specifed as dependencies within rules.mk. -# - -TARGETS = $(LIBRARY) -SHARED_LIBRARY = -IMPORT_LIBRARY = -PROGRAM = - - diff --git a/security/nss/lib/ckfw/nssmkey/manchor.c b/security/nss/lib/ckfw/nssmkey/manchor.c deleted file mode 100644 index 3b8bc2dbbe..0000000000 --- a/security/nss/lib/ckfw/nssmkey/manchor.c +++ /dev/null @@ -1,17 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -/* - * nssmkey/manchor.c - * - * This file "anchors" the actual cryptoki entry points in this module's - * shared library, which is required for dynamic loading. See the - * comments in nssck.api for more information. - */ - -#include "ckmk.h" - -#define MODULE_NAME ckmk -#define INSTANCE_NAME (NSSCKMDInstance *)&nss_ckmk_mdInstance -#include "nssck.api" diff --git a/security/nss/lib/ckfw/nssmkey/manifest.mn b/security/nss/lib/ckfw/nssmkey/manifest.mn deleted file mode 100644 index 036d9bc3f4..0000000000 --- a/security/nss/lib/ckfw/nssmkey/manifest.mn +++ /dev/null @@ -1,33 +0,0 @@ -# -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -CORE_DEPTH = ../../../.. - -MODULE = nss -MAPFILE = $(OBJDIR)/nssmkey.def - -EXPORTS = \ - nssmkey.h \ - $(NULL) - -CSRCS = \ - manchor.c \ - mconstants.c \ - mfind.c \ - minst.c \ - mobject.c \ - mrsa.c \ - msession.c \ - mslot.c \ - mtoken.c \ - ckmkver.c \ - staticobj.c \ - $(NULL) - -REQUIRES = nspr - -LIBRARY_NAME = nssmkey - -#EXTRA_SHARED_LIBS = -L$(DIST)/lib -lnssckfw -lnssb -lplc4 -lplds4 diff --git a/security/nss/lib/ckfw/nssmkey/mconstants.c b/security/nss/lib/ckfw/nssmkey/mconstants.c deleted file mode 100644 index c26298ada3..0000000000 --- a/security/nss/lib/ckfw/nssmkey/mconstants.c +++ /dev/null @@ -1,61 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -/* - * nssmkey/constants.c - * - * Identification and other constants, all collected here in one place. - */ - -#ifndef NSSBASET_H -#include "nssbaset.h" -#endif /* NSSBASET_H */ - -#ifndef NSSCKT_H -#include "nssckt.h" -#endif /* NSSCKT_H */ - -#include "nssmkey.h" - -NSS_IMPLEMENT_DATA const CK_VERSION - nss_ckmk_CryptokiVersion = { - NSS_CKMK_CRYPTOKI_VERSION_MAJOR, - NSS_CKMK_CRYPTOKI_VERSION_MINOR - }; - -NSS_IMPLEMENT_DATA const NSSUTF8 * - nss_ckmk_ManufacturerID = (NSSUTF8 *)"Mozilla Foundation"; - -NSS_IMPLEMENT_DATA const NSSUTF8 * - nss_ckmk_LibraryDescription = (NSSUTF8 *)"NSS Access to Mac OS X Key Ring"; - -NSS_IMPLEMENT_DATA const CK_VERSION - nss_ckmk_LibraryVersion = { - NSS_CKMK_LIBRARY_VERSION_MAJOR, - NSS_CKMK_LIBRARY_VERSION_MINOR - }; - -NSS_IMPLEMENT_DATA const NSSUTF8 * - nss_ckmk_SlotDescription = (NSSUTF8 *)"Mac OS X Key Ring"; - -NSS_IMPLEMENT_DATA const CK_VERSION - nss_ckmk_HardwareVersion = { - NSS_CKMK_HARDWARE_VERSION_MAJOR, - NSS_CKMK_HARDWARE_VERSION_MINOR - }; - -NSS_IMPLEMENT_DATA const CK_VERSION - nss_ckmk_FirmwareVersion = { - NSS_CKMK_FIRMWARE_VERSION_MAJOR, - NSS_CKMK_FIRMWARE_VERSION_MINOR - }; - -NSS_IMPLEMENT_DATA const NSSUTF8 * - nss_ckmk_TokenLabel = (NSSUTF8 *)"Mac OS X Key Ring"; - -NSS_IMPLEMENT_DATA const NSSUTF8 * - nss_ckmk_TokenModel = (NSSUTF8 *)"1"; - -NSS_IMPLEMENT_DATA const NSSUTF8 * - nss_ckmk_TokenSerialNumber = (NSSUTF8 *)"1"; diff --git a/security/nss/lib/ckfw/nssmkey/mfind.c b/security/nss/lib/ckfw/nssmkey/mfind.c deleted file mode 100644 index d193a8de70..0000000000 --- a/security/nss/lib/ckfw/nssmkey/mfind.c +++ /dev/null @@ -1,352 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#ifndef CKMK_H -#include "ckmk.h" -#endif /* CKMK_H */ - -/* - * nssmkey/mfind.c - * - * This file implements the NSSCKMDFindObjects object for the - * "nssmkey" cryptoki module. - */ - -struct ckmkFOStr { - NSSArena *arena; - CK_ULONG n; - CK_ULONG i; - ckmkInternalObject **objs; -}; - -static void -ckmk_mdFindObjects_Final( - NSSCKMDFindObjects *mdFindObjects, - NSSCKFWFindObjects *fwFindObjects, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - struct ckmkFOStr *fo = (struct ckmkFOStr *)mdFindObjects->etc; - NSSArena *arena = fo->arena; - PRUint32 i; - - /* walk down an free the unused 'objs' */ - for (i = fo->i; i < fo->n; i++) { - nss_ckmk_DestroyInternalObject(fo->objs[i]); - } - - nss_ZFreeIf(fo->objs); - nss_ZFreeIf(fo); - nss_ZFreeIf(mdFindObjects); - if ((NSSArena *)NULL != arena) { - NSSArena_Destroy(arena); - } - - return; -} - -static NSSCKMDObject * -ckmk_mdFindObjects_Next( - NSSCKMDFindObjects *mdFindObjects, - NSSCKFWFindObjects *fwFindObjects, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - NSSArena *arena, - CK_RV *pError) -{ - struct ckmkFOStr *fo = (struct ckmkFOStr *)mdFindObjects->etc; - ckmkInternalObject *io; - - if (fo->i == fo->n) { - *pError = CKR_OK; - return (NSSCKMDObject *)NULL; - } - - io = fo->objs[fo->i]; - fo->i++; - - return nss_ckmk_CreateMDObject(arena, io, pError); -} - -static CK_BBOOL -ckmk_attrmatch( - CK_ATTRIBUTE_PTR a, - ckmkInternalObject *o) -{ - PRBool prb; - const NSSItem *b; - CK_RV error; - - b = nss_ckmk_FetchAttribute(o, a->type, &error); - if (b == NULL) { - return CK_FALSE; - } - - if (a->ulValueLen != b->size) { - /* match a decoded serial number */ - if ((a->type == CKA_SERIAL_NUMBER) && (a->ulValueLen < b->size)) { - int len; - unsigned char *data; - - data = nss_ckmk_DERUnwrap(b->data, b->size, &len, NULL); - if ((len == a->ulValueLen) && - nsslibc_memequal(a->pValue, data, len, (PRStatus *)NULL)) { - return CK_TRUE; - } - } - return CK_FALSE; - } - - prb = nsslibc_memequal(a->pValue, b->data, b->size, (PRStatus *)NULL); - - if (PR_TRUE == prb) { - return CK_TRUE; - } else { - return CK_FALSE; - } -} - -static CK_BBOOL -ckmk_match( - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - ckmkInternalObject *o) -{ - CK_ULONG i; - - for (i = 0; i < ulAttributeCount; i++) { - if (CK_FALSE == ckmk_attrmatch(&pTemplate[i], o)) { - return CK_FALSE; - } - } - - /* Every attribute passed */ - return CK_TRUE; -} - -#define CKMK_ITEM_CHUNK 20 - -#define PUT_OBJECT(obj, err, size, count, list) \ - { \ - if (count >= size) { \ - (list) = (list) ? nss_ZREALLOCARRAY(list, ckmkInternalObject *, \ - ((size) + \ - CKMK_ITEM_CHUNK)) \ - : nss_ZNEWARRAY(NULL, ckmkInternalObject *, \ - ((size) + \ - CKMK_ITEM_CHUNK)); \ - if ((ckmkInternalObject **)NULL == list) { \ - err = CKR_HOST_MEMORY; \ - goto loser; \ - } \ - (size) += CKMK_ITEM_CHUNK; \ - } \ - (list)[count] = (obj); \ - count++; \ - } - -/* find all the certs that represent the appropriate object (cert, priv key, or - * pub key) in the cert store. - */ -static PRUint32 -collect_class( - CK_OBJECT_CLASS objClass, - SecItemClass itemClass, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - ckmkInternalObject ***listp, - PRUint32 *sizep, - PRUint32 count, - CK_RV *pError) -{ - ckmkInternalObject *next = NULL; - SecKeychainSearchRef searchRef = 0; - SecKeychainItemRef itemRef = 0; - OSStatus error; - - /* future, build the attribute list based on the template - * so we can refine the search */ - error = SecKeychainSearchCreateFromAttributes( - NULL, itemClass, NULL, &searchRef); - - while (noErr == SecKeychainSearchCopyNext(searchRef, &itemRef)) { - /* if we don't have an internal object structure, get one */ - if ((ckmkInternalObject *)NULL == next) { - next = nss_ZNEW(NULL, ckmkInternalObject); - if ((ckmkInternalObject *)NULL == next) { - *pError = CKR_HOST_MEMORY; - goto loser; - } - } - /* fill in the relevant object data */ - next->type = ckmkItem; - next->objClass = objClass; - next->u.item.itemRef = itemRef; - next->u.item.itemClass = itemClass; - - /* see if this is one of the objects we are looking for */ - if (CK_TRUE == ckmk_match(pTemplate, ulAttributeCount, next)) { - /* yes, put it on the list */ - PUT_OBJECT(next, *pError, *sizep, count, *listp); - next = NULL; /* this one is on the list, need to allocate a new one now */ - } else { - /* no , release the current item and clear out the structure for reuse */ - CFRelease(itemRef); - /* don't cache the values we just loaded */ - nsslibc_memset(next, 0, sizeof(*next)); - } - } -loser: - if (searchRef) { - CFRelease(searchRef); - } - nss_ZFreeIf(next); - return count; -} - -static PRUint32 -collect_objects( - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - ckmkInternalObject ***listp, - CK_RV *pError) -{ - PRUint32 i; - PRUint32 count = 0; - PRUint32 size = 0; - CK_OBJECT_CLASS objClass; - - /* - * first handle the static build in objects (if any) - */ - for (i = 0; i < nss_ckmk_nObjects; i++) { - ckmkInternalObject *o = (ckmkInternalObject *)&nss_ckmk_data[i]; - - if (CK_TRUE == ckmk_match(pTemplate, ulAttributeCount, o)) { - PUT_OBJECT(o, *pError, size, count, *listp); - } - } - - /* - * now handle the various object types - */ - objClass = nss_ckmk_GetULongAttribute(CKA_CLASS, - pTemplate, ulAttributeCount, pError); - if (CKR_OK != *pError) { - objClass = CK_INVALID_HANDLE; - } - *pError = CKR_OK; - switch (objClass) { - case CKO_CERTIFICATE: - count = collect_class(objClass, kSecCertificateItemClass, - pTemplate, ulAttributeCount, listp, - &size, count, pError); - break; - case CKO_PUBLIC_KEY: - count = collect_class(objClass, CSSM_DL_DB_RECORD_PUBLIC_KEY, - pTemplate, ulAttributeCount, listp, - &size, count, pError); - break; - case CKO_PRIVATE_KEY: - count = collect_class(objClass, CSSM_DL_DB_RECORD_PRIVATE_KEY, - pTemplate, ulAttributeCount, listp, - &size, count, pError); - break; - /* all of them */ - case CK_INVALID_HANDLE: - count = collect_class(CKO_CERTIFICATE, kSecCertificateItemClass, - pTemplate, ulAttributeCount, listp, - &size, count, pError); - count = collect_class(CKO_PUBLIC_KEY, CSSM_DL_DB_RECORD_PUBLIC_KEY, - pTemplate, ulAttributeCount, listp, - &size, count, pError); - count = collect_class(CKO_PUBLIC_KEY, CSSM_DL_DB_RECORD_PRIVATE_KEY, - pTemplate, ulAttributeCount, listp, - &size, count, pError); - break; - default: - break; - } - if (CKR_OK != *pError) { - goto loser; - } - - return count; -loser: - nss_ZFreeIf(*listp); - return 0; -} - -NSS_IMPLEMENT NSSCKMDFindObjects * -nss_ckmk_FindObjectsInit( - NSSCKFWSession *fwSession, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_RV *pError) -{ - /* This could be made more efficient. I'm rather rushed. */ - NSSArena *arena; - NSSCKMDFindObjects *rv = (NSSCKMDFindObjects *)NULL; - struct ckmkFOStr *fo = (struct ckmkFOStr *)NULL; - ckmkInternalObject **temp = (ckmkInternalObject **)NULL; - - arena = NSSArena_Create(); - if ((NSSArena *)NULL == arena) { - goto loser; - } - - rv = nss_ZNEW(arena, NSSCKMDFindObjects); - if ((NSSCKMDFindObjects *)NULL == rv) { - *pError = CKR_HOST_MEMORY; - goto loser; - } - - fo = nss_ZNEW(arena, struct ckmkFOStr); - if ((struct ckmkFOStr *)NULL == fo) { - *pError = CKR_HOST_MEMORY; - goto loser; - } - - fo->arena = arena; - /* fo->n and fo->i are already zero */ - - rv->etc = (void *)fo; - rv->Final = ckmk_mdFindObjects_Final; - rv->Next = ckmk_mdFindObjects_Next; - rv->null = (void *)NULL; - - fo->n = collect_objects(pTemplate, ulAttributeCount, &temp, pError); - if (*pError != CKR_OK) { - goto loser; - } - - fo->objs = nss_ZNEWARRAY(arena, ckmkInternalObject *, fo->n); - if ((ckmkInternalObject **)NULL == fo->objs) { - *pError = CKR_HOST_MEMORY; - goto loser; - } - - (void)nsslibc_memcpy(fo->objs, temp, sizeof(ckmkInternalObject *) * fo->n); - nss_ZFreeIf(temp); - temp = (ckmkInternalObject **)NULL; - - return rv; - -loser: - nss_ZFreeIf(temp); - nss_ZFreeIf(fo); - nss_ZFreeIf(rv); - if ((NSSArena *)NULL != arena) { - NSSArena_Destroy(arena); - } - return (NSSCKMDFindObjects *)NULL; -} diff --git a/security/nss/lib/ckfw/nssmkey/minst.c b/security/nss/lib/ckfw/nssmkey/minst.c deleted file mode 100644 index fcb96c6527..0000000000 --- a/security/nss/lib/ckfw/nssmkey/minst.c +++ /dev/null @@ -1,97 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "ckmk.h" - -/* - * nssmkey/minstance.c - * - * This file implements the NSSCKMDInstance object for the - * "nssmkey" cryptoki module. - */ - -/* - * NSSCKMDInstance methods - */ - -static CK_ULONG -ckmk_mdInstance_GetNSlots( - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return (CK_ULONG)1; -} - -static CK_VERSION -ckmk_mdInstance_GetCryptokiVersion( - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - return nss_ckmk_CryptokiVersion; -} - -static NSSUTF8 * -ckmk_mdInstance_GetManufacturerID( - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return (NSSUTF8 *)nss_ckmk_ManufacturerID; -} - -static NSSUTF8 * -ckmk_mdInstance_GetLibraryDescription( - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return (NSSUTF8 *)nss_ckmk_LibraryDescription; -} - -static CK_VERSION -ckmk_mdInstance_GetLibraryVersion( - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - return nss_ckmk_LibraryVersion; -} - -static CK_RV -ckmk_mdInstance_GetSlots( - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - NSSCKMDSlot *slots[]) -{ - slots[0] = (NSSCKMDSlot *)&nss_ckmk_mdSlot; - return CKR_OK; -} - -static CK_BBOOL -ckmk_mdInstance_ModuleHandlesSessionObjects( - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - /* we don't want to allow any session object creation, at least - * until we can investigate whether or not we can use those objects - */ - return CK_TRUE; -} - -NSS_IMPLEMENT_DATA const NSSCKMDInstance - nss_ckmk_mdInstance = { - (void *)NULL, /* etc */ - NULL, /* Initialize */ - NULL, /* Finalize */ - ckmk_mdInstance_GetNSlots, - ckmk_mdInstance_GetCryptokiVersion, - ckmk_mdInstance_GetManufacturerID, - ckmk_mdInstance_GetLibraryDescription, - ckmk_mdInstance_GetLibraryVersion, - ckmk_mdInstance_ModuleHandlesSessionObjects, - /*NULL, /* HandleSessionObjects */ - ckmk_mdInstance_GetSlots, - NULL, /* WaitForSlotEvent */ - (void *)NULL /* null terminator */ - }; diff --git a/security/nss/lib/ckfw/nssmkey/mobject.c b/security/nss/lib/ckfw/nssmkey/mobject.c deleted file mode 100644 index b19a8fdbde..0000000000 --- a/security/nss/lib/ckfw/nssmkey/mobject.c +++ /dev/null @@ -1,1861 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "ckmk.h" -#include "nssbase.h" - -#include "secdert.h" /* for DER_INTEGER */ -#include "string.h" - -/* asn1 encoder (to build pkcs#8 blobs) */ -#include <seccomon.h> -#include <secitem.h> -#include <blapit.h> -#include <secoid.h> -#include <secasn1.h> - -/* for importing the keys */ -#include <CoreFoundation/CoreFoundation.h> -#include <security/SecImportExport.h> - -/* - * nssmkey/mobject.c - * - * This file implements the NSSCKMDObject object for the - * "nssmkey" cryptoki module. - */ - -const CK_ATTRIBUTE_TYPE certAttrs[] = { - CKA_CLASS, - CKA_TOKEN, - CKA_PRIVATE, - CKA_MODIFIABLE, - CKA_LABEL, - CKA_CERTIFICATE_TYPE, - CKA_SUBJECT, - CKA_ISSUER, - CKA_SERIAL_NUMBER, - CKA_VALUE -}; -const PRUint32 certAttrsCount = NSS_CKMK_ARRAY_SIZE(certAttrs); - -/* private keys, for now only support RSA */ -const CK_ATTRIBUTE_TYPE privKeyAttrs[] = { - CKA_CLASS, - CKA_TOKEN, - CKA_PRIVATE, - CKA_MODIFIABLE, - CKA_LABEL, - CKA_KEY_TYPE, - CKA_DERIVE, - CKA_LOCAL, - CKA_SUBJECT, - CKA_SENSITIVE, - CKA_DECRYPT, - CKA_SIGN, - CKA_SIGN_RECOVER, - CKA_UNWRAP, - CKA_EXTRACTABLE, - CKA_ALWAYS_SENSITIVE, - CKA_NEVER_EXTRACTABLE, - CKA_MODULUS, - CKA_PUBLIC_EXPONENT, -}; -const PRUint32 privKeyAttrsCount = NSS_CKMK_ARRAY_SIZE(privKeyAttrs); - -/* public keys, for now only support RSA */ -const CK_ATTRIBUTE_TYPE pubKeyAttrs[] = { - CKA_CLASS, - CKA_TOKEN, - CKA_PRIVATE, - CKA_MODIFIABLE, - CKA_LABEL, - CKA_KEY_TYPE, - CKA_DERIVE, - CKA_LOCAL, - CKA_SUBJECT, - CKA_ENCRYPT, - CKA_VERIFY, - CKA_VERIFY_RECOVER, - CKA_WRAP, - CKA_MODULUS, - CKA_PUBLIC_EXPONENT, -}; -const PRUint32 pubKeyAttrsCount = NSS_CKMK_ARRAY_SIZE(pubKeyAttrs); -static const CK_BBOOL ck_true = CK_TRUE; -static const CK_BBOOL ck_false = CK_FALSE; -static const CK_CERTIFICATE_TYPE ckc_x509 = CKC_X_509; -static const CK_KEY_TYPE ckk_rsa = CKK_RSA; -static const CK_OBJECT_CLASS cko_certificate = CKO_CERTIFICATE; -static const CK_OBJECT_CLASS cko_private_key = CKO_PRIVATE_KEY; -static const CK_OBJECT_CLASS cko_public_key = CKO_PUBLIC_KEY; -static const NSSItem ckmk_trueItem = { - (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) -}; -static const NSSItem ckmk_falseItem = { - (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) -}; -static const NSSItem ckmk_x509Item = { - (void *)&ckc_x509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) -}; -static const NSSItem ckmk_rsaItem = { - (void *)&ckk_rsa, (PRUint32)sizeof(CK_KEY_TYPE) -}; -static const NSSItem ckmk_certClassItem = { - (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) -}; -static const NSSItem ckmk_privKeyClassItem = { - (void *)&cko_private_key, (PRUint32)sizeof(CK_OBJECT_CLASS) -}; -static const NSSItem ckmk_pubKeyClassItem = { - (void *)&cko_public_key, (PRUint32)sizeof(CK_OBJECT_CLASS) -}; -static const NSSItem ckmk_emptyItem = { - (void *)&ck_true, 0 -}; - -/* - * these are utilities. The chould be moved to a new utilities file. - */ -#ifdef DEBUG -static void -itemdump(char *str, void *data, int size, CK_RV error) -{ - unsigned char *ptr = (unsigned char *)data; - int i; - fprintf(stderr, str); - for (i = 0; i < size; i++) { - fprintf(stderr, "%02x ", (unsigned int)ptr[i]); - } - fprintf(stderr, " (error = %d)\n", (int)error); -} -#endif - -/* - * unwrap a single DER value - * now that we have util linked in, we should probably use - * the ANS1_Decoder for this work... - */ -unsigned char * -nss_ckmk_DERUnwrap( - unsigned char *src, - int size, - int *outSize, - unsigned char **next) -{ - unsigned char *start = src; - unsigned int len = 0; - - /* initialize error condition return values */ - *outSize = 0; - if (next) { - *next = src; - } - - if (size < 2) { - return start; - } - src++; /* skip the tag -- should check it against an expected value! */ - len = (unsigned)*src++; - if (len & 0x80) { - int count = len & 0x7f; - len = 0; - - if (count + 2 > size) { - return start; - } - while (count-- > 0) { - len = (len << 8) | (unsigned)*src++; - } - } - if (len + (src - start) > (unsigned int)size) { - return start; - } - if (next) { - *next = src + len; - } - *outSize = len; - - return src; -} - -/* - * get an attribute from a template. Value is returned in NSS item. - * data for the item is owned by the template. - */ -CK_RV -nss_ckmk_GetAttribute( - CK_ATTRIBUTE_TYPE type, - CK_ATTRIBUTE *template, - CK_ULONG templateSize, - NSSItem *item) -{ - CK_ULONG i; - - for (i = 0; i < templateSize; i++) { - if (template[i].type == type) { - item->data = template[i].pValue; - item->size = template[i].ulValueLen; - return CKR_OK; - } - } - return CKR_TEMPLATE_INCOMPLETE; -} - -/* - * get an attribute which is type CK_ULONG. - */ -CK_ULONG -nss_ckmk_GetULongAttribute( - CK_ATTRIBUTE_TYPE type, - CK_ATTRIBUTE *template, - CK_ULONG templateSize, - CK_RV *pError) -{ - NSSItem item; - - *pError = nss_ckmk_GetAttribute(type, template, templateSize, &item); - if (CKR_OK != *pError) { - return (CK_ULONG)0; - } - if (item.size != sizeof(CK_ULONG)) { - *pError = CKR_ATTRIBUTE_VALUE_INVALID; - return (CK_ULONG)0; - } - return *(CK_ULONG *)item.data; -} - -/* - * get an attribute which is type CK_BBOOL. - */ -CK_BBOOL -nss_ckmk_GetBoolAttribute( - CK_ATTRIBUTE_TYPE type, - CK_ATTRIBUTE *template, - CK_ULONG templateSize, - CK_BBOOL defaultBool) -{ - NSSItem item; - CK_RV error; - - error = nss_ckmk_GetAttribute(type, template, templateSize, &item); - if (CKR_OK != error) { - return defaultBool; - } - if (item.size != sizeof(CK_BBOOL)) { - return defaultBool; - } - return *(CK_BBOOL *)item.data; -} - -/* - * get an attribute as a NULL terminated string. Caller is responsible to - * free the string. - */ -char * -nss_ckmk_GetStringAttribute( - CK_ATTRIBUTE_TYPE type, - CK_ATTRIBUTE *template, - CK_ULONG templateSize, - CK_RV *pError) -{ - NSSItem item; - char *str; - - /* get the attribute */ - *pError = nss_ckmk_GetAttribute(type, template, templateSize, &item); - if (CKR_OK != *pError) { - return (char *)NULL; - } - /* make sure it is null terminated */ - str = nss_ZNEWARRAY(NULL, char, item.size + 1); - if ((char *)NULL == str) { - *pError = CKR_HOST_MEMORY; - return (char *)NULL; - } - - nsslibc_memcpy(str, item.data, item.size); - str[item.size] = 0; - - return str; -} - -/* - * Apple doesn't seem to have a public interface to the DER encoder, - * wip out a quick one for integers only (anything more complicated, - * we should use one of the 3 in lib/util). -- especially since we - * now link with it. - */ -static CK_RV -ckmk_encodeInt(NSSItem *dest, void *src, int srcLen) -{ - int dataLen = srcLen; - int lenLen = 1; - int encLen; - int isSigned = 0; - int offset = 0; - unsigned char *data = NULL; - int i; - - if (*(unsigned char *)src & 0x80) { - dataLen++; - isSigned = 1; - } - - /* calculate the length of the length specifier */ - /* (NOTE: destroys dataLen value) */ - if (dataLen > 0x7f) { - do { - lenLen++; - dataLen >>= 8; - } while (dataLen); - } - - /* calculate our total length */ - dataLen = isSigned + srcLen; - encLen = 1 + lenLen + dataLen; - data = nss_ZNEWARRAY(NULL, unsigned char, encLen); - if ((unsigned char *)NULL == data) { - return CKR_HOST_MEMORY; - } - data[0] = DER_INTEGER; - if (1 == lenLen) { - data[1] = dataLen; - } else { - data[1] = 0x80 + lenLen; - for (i = 0; i < lenLen; i++) { - data[i + 1] = ((dataLen >> ((lenLen - - i - 1) * - 8)) & - 0xff); - } - } - offset = lenLen + 1; - - if (isSigned) { - data[offset++] = 0; - } - nsslibc_memcpy(&data[offset], src, srcLen); - dest->data = data; - dest->size = encLen; - return CKR_OK; -} - -/* - * Get a Keyring attribute. If content is set to true, then we get the - * content, not the attribute. - */ -static CK_RV -ckmk_GetCommonAttribute( - ckmkInternalObject *io, - SecItemAttr itemAttr, - PRBool content, - NSSItem *item, - char *dbString) -{ - SecKeychainAttributeList *attrList = NULL; - SecKeychainAttributeInfo attrInfo; - PRUint32 len = 0; - PRUint32 dataLen = 0; - PRUint32 attrFormat = 0; - void *dataVal = 0; - void *out = NULL; - CK_RV error = CKR_OK; - OSStatus macErr; - - attrInfo.count = 1; - attrInfo.tag = &itemAttr; - attrInfo.format = &attrFormat; - - macErr = SecKeychainItemCopyAttributesAndData(io->u.item.itemRef, - &attrInfo, NULL, &attrList, &len, &out); - if (noErr != macErr) { - CKMK_MACERR(dbString, macErr); - return CKR_ATTRIBUTE_TYPE_INVALID; - } - dataLen = content ? len : attrList->attr->length; - dataVal = content ? out : attrList->attr->data; - - /* Apple's documentation says this value is DER Encoded, but it clearly isn't - * der encode it before we ship it back off to NSS - */ - if (kSecSerialNumberItemAttr == itemAttr) { - error = ckmk_encodeInt(item, dataVal, dataLen); - goto loser; /* logically 'done' if error == CKR_OK */ - } - item->data = nss_ZNEWARRAY(NULL, char, dataLen); - if (NULL == item->data) { - error = CKR_HOST_MEMORY; - goto loser; - } - nsslibc_memcpy(item->data, dataVal, dataLen); - item->size = dataLen; - -loser: - SecKeychainItemFreeAttributesAndData(attrList, out); - return error; -} - -/* - * change an attribute (does not operate on the content). - */ -static CK_RV -ckmk_updateAttribute( - SecKeychainItemRef itemRef, - SecItemAttr itemAttr, - void *data, - PRUint32 len, - char *dbString) -{ - SecKeychainAttributeList attrList; - SecKeychainAttribute attrAttr; - OSStatus macErr; - CK_RV error = CKR_OK; - - attrList.count = 1; - attrList.attr = &attrAttr; - attrAttr.tag = itemAttr; - attrAttr.data = data; - attrAttr.length = len; - macErr = SecKeychainItemModifyAttributesAndData(itemRef, &attrList, 0, NULL); - if (noErr != macErr) { - CKMK_MACERR(dbString, macErr); - error = CKR_ATTRIBUTE_TYPE_INVALID; - } - return error; -} - -/* - * get an attribute (does not operate on the content) - */ -static CK_RV -ckmk_GetDataAttribute( - ckmkInternalObject *io, - SecItemAttr itemAttr, - NSSItem *item, - char *dbString) -{ - return ckmk_GetCommonAttribute(io, itemAttr, PR_FALSE, item, dbString); -} - -/* - * get an attribute we know is a BOOL. - */ -static CK_RV -ckmk_GetBoolAttribute( - ckmkInternalObject *io, - SecItemAttr itemAttr, - NSSItem *item, - char *dbString) -{ - SecKeychainAttribute attr; - SecKeychainAttributeList attrList; - CK_BBOOL *boolp = NULL; - PRUint32 len = 0; - ; - void *out = NULL; - CK_RV error = CKR_OK; - OSStatus macErr; - - attr.tag = itemAttr; - attr.length = 0; - attr.data = NULL; - attrList.count = 1; - attrList.attr = &attr; - - boolp = nss_ZNEW(NULL, CK_BBOOL); - if ((CK_BBOOL *)NULL == boolp) { - error = CKR_HOST_MEMORY; - goto loser; - } - - macErr = SecKeychainItemCopyContent(io->u.item.itemRef, NULL, - &attrList, &len, &out); - if (noErr != macErr) { - CKMK_MACERR(dbString, macErr); - error = CKR_ATTRIBUTE_TYPE_INVALID; - goto loser; - } - if (sizeof(PRUint32) != attr.length) { - error = CKR_ATTRIBUTE_TYPE_INVALID; - goto loser; - } - *boolp = *(PRUint32 *)attr.data ? 1 : 0; - item->data = boolp; - boolp = NULL; - item->size = sizeof(CK_BBOOL); - -loser: - nss_ZFreeIf(boolp); - SecKeychainItemFreeContent(&attrList, out); - return error; -} - -/* - * macros for fetching attributes into a cache and returning the - * appropriate value. These operate inside switch statements - */ -#define CKMK_HANDLE_ITEM(func, io, type, loc, item, error, str) \ - if (0 == (item)->loc.size) { \ - error = func(io, type, &(item)->loc, str); \ - } \ - return (CKR_OK == (error)) ? &(item)->loc : NULL; - -#define CKMK_HANDLE_OPT_ITEM(func, io, type, loc, item, error, str) \ - if (0 == (item)->loc.size) { \ - (void)func(io, type, &(item)->loc, str); \ - } \ - return &(item)->loc; - -#define CKMK_HANDLE_BOOL_ITEM(io, type, loc, item, error, str) \ - CKMK_HANDLE_ITEM(ckmk_GetBoolAttribute, io, type, loc, item, error, str) -#define CKMK_HANDLE_DATA_ITEM(io, type, loc, item, error, str) \ - CKMK_HANDLE_ITEM(ckmk_GetDataAttribute, io, type, loc, item, error, str) -#define CKMK_HANDLE_OPT_DATA_ITEM(io, type, loc, item, error, str) \ - CKMK_HANDLE_OPT_ITEM(ckmk_GetDataAttribute, io, type, loc, item, error, str) - -/* - * fetch the unique identifier for each object type. - */ -static void -ckmk_FetchHashKey( - ckmkInternalObject *io) -{ - NSSItem *key = &io->hashKey; - - if (io->objClass == CKO_CERTIFICATE) { - ckmk_GetCommonAttribute(io, kSecCertEncodingItemAttr, - PR_TRUE, key, "Fetching HashKey (cert)"); - } else { - ckmk_GetCommonAttribute(io, kSecKeyLabel, - PR_FALSE, key, "Fetching HashKey (key)"); - } -} - -/* - * Apple mucks with the actual subject and issuer, so go fetch - * the real ones ourselves. - */ -static void -ckmk_fetchCert( - ckmkInternalObject *io) -{ - CK_RV error; - unsigned char *cert, *next; - int certSize, thisEntrySize; - - error = ckmk_GetCommonAttribute(io, kSecCertEncodingItemAttr, PR_TRUE, - &io->u.item.derCert, "Fetching Value (cert)"); - if (CKR_OK != error) { - return; - } - /* unwrap the cert bundle */ - cert = nss_ckmk_DERUnwrap((unsigned char *)io->u.item.derCert.data, - io->u.item.derCert.size, - &certSize, NULL); - /* unwrap the cert itself */ - /* cert == certdata */ - cert = nss_ckmk_DERUnwrap(cert, certSize, &certSize, NULL); - - /* skip the optional version */ - if ((cert[0] & 0xa0) == 0xa0) { - nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next); - certSize -= next - cert; - cert = next; - } - /* skip the serial number */ - nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next); - certSize -= next - cert; - cert = next; - - /* skip the OID */ - nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next); - certSize -= next - cert; - cert = next; - - /* save the (wrapped) issuer */ - io->u.item.issuer.data = cert; - nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next); - io->u.item.issuer.size = next - cert; - certSize -= io->u.item.issuer.size; - cert = next; - - /* skip the OID */ - nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next); - certSize -= next - cert; - cert = next; - - /* save the (wrapped) subject */ - io->u.item.subject.data = cert; - nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next); - io->u.item.subject.size = next - cert; - certSize -= io->u.item.subject.size; - cert = next; -} - -static void -ckmk_fetchModulus( - ckmkInternalObject *io) -{ - NSSItem item; - PRInt32 modLen; - CK_RV error; - - /* we can't reliably get the modulus for private keys through CSSM (sigh). - * For NSS this is OK because we really only use this to get the modulus - * length (unless we are trying to get a public key from a private keys, - * something CSSM ALSO does not do!). - */ - error = ckmk_GetDataAttribute(io, kSecKeyKeySizeInBits, &item, - "Key Fetch Modulus"); - if (CKR_OK != error) { - return; - } - - modLen = *(PRInt32 *)item.data; - modLen = modLen / 8; /* convert from bits to bytes */ - - nss_ZFreeIf(item.data); - io->u.item.modulus.data = nss_ZNEWARRAY(NULL, char, modLen); - if (NULL == io->u.item.modulus.data) { - return; - } - *(char *)io->u.item.modulus.data = 0x80; /* fake NSS out or it will - * drop the first byte */ - io->u.item.modulus.size = modLen; - return; -} - -const NSSItem * -ckmk_FetchCertAttribute( - ckmkInternalObject *io, - CK_ATTRIBUTE_TYPE type, - CK_RV *pError) -{ - ckmkItemObject *item = &io->u.item; - *pError = CKR_OK; - switch (type) { - case CKA_CLASS: - return &ckmk_certClassItem; - case CKA_TOKEN: - case CKA_MODIFIABLE: - return &ckmk_trueItem; - case CKA_PRIVATE: - return &ckmk_falseItem; - case CKA_CERTIFICATE_TYPE: - return &ckmk_x509Item; - case CKA_LABEL: - CKMK_HANDLE_OPT_DATA_ITEM(io, kSecLabelItemAttr, label, item, *pError, - "Cert:Label attr") - case CKA_SUBJECT: - /* OK, well apple does provide an subject and issuer attribute, but they - * decided to cannonicalize that value. Probably a good move for them, - * but makes it useless for most users of PKCS #11.. Get the real subject - * from the certificate */ - if (0 == item->derCert.size) { - ckmk_fetchCert(io); - } - return &item->subject; - case CKA_ISSUER: - if (0 == item->derCert.size) { - ckmk_fetchCert(io); - } - return &item->issuer; - case CKA_SERIAL_NUMBER: - CKMK_HANDLE_DATA_ITEM(io, kSecSerialNumberItemAttr, serial, item, *pError, - "Cert:Serial Number attr") - case CKA_VALUE: - if (0 == item->derCert.size) { - ckmk_fetchCert(io); - } - return &item->derCert; - case CKA_ID: - CKMK_HANDLE_OPT_DATA_ITEM(io, kSecPublicKeyHashItemAttr, id, item, *pError, - "Cert:ID attr") - default: - *pError = CKR_ATTRIBUTE_TYPE_INVALID; - break; - } - return NULL; -} - -const NSSItem * -ckmk_FetchPubKeyAttribute( - ckmkInternalObject *io, - CK_ATTRIBUTE_TYPE type, - CK_RV *pError) -{ - ckmkItemObject *item = &io->u.item; - *pError = CKR_OK; - - switch (type) { - case CKA_CLASS: - return &ckmk_pubKeyClassItem; - case CKA_TOKEN: - case CKA_LOCAL: - return &ckmk_trueItem; - case CKA_KEY_TYPE: - return &ckmk_rsaItem; - case CKA_LABEL: - CKMK_HANDLE_OPT_DATA_ITEM(io, kSecKeyPrintName, label, item, *pError, - "PubKey:Label attr") - case CKA_ENCRYPT: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyEncrypt, encrypt, item, *pError, - "PubKey:Encrypt attr") - case CKA_VERIFY: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyVerify, verify, item, *pError, - "PubKey:Verify attr") - case CKA_VERIFY_RECOVER: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyVerifyRecover, verifyRecover, - item, *pError, "PubKey:VerifyRecover attr") - case CKA_PRIVATE: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyPrivate, private, item, *pError, - "PubKey:Private attr") - case CKA_MODIFIABLE: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyModifiable, modify, item, *pError, - "PubKey:Modify attr") - case CKA_DERIVE: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyDerive, derive, item, *pError, - "PubKey:Derive attr") - case CKA_WRAP: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyWrap, wrap, item, *pError, - "PubKey:Wrap attr") - case CKA_SUBJECT: - CKMK_HANDLE_OPT_DATA_ITEM(io, kSecSubjectItemAttr, subject, item, *pError, - "PubKey:Subect attr") - case CKA_MODULUS: - return &ckmk_emptyItem; - case CKA_PUBLIC_EXPONENT: - return &ckmk_emptyItem; - case CKA_ID: - CKMK_HANDLE_OPT_DATA_ITEM(io, kSecKeyLabel, id, item, *pError, - "PubKey:ID attr") - default: - *pError = CKR_ATTRIBUTE_TYPE_INVALID; - break; - } - return NULL; -} - -const NSSItem * -ckmk_FetchPrivKeyAttribute( - ckmkInternalObject *io, - CK_ATTRIBUTE_TYPE type, - CK_RV *pError) -{ - ckmkItemObject *item = &io->u.item; - *pError = CKR_OK; - - switch (type) { - case CKA_CLASS: - return &ckmk_privKeyClassItem; - case CKA_TOKEN: - case CKA_LOCAL: - return &ckmk_trueItem; - case CKA_SENSITIVE: - case CKA_EXTRACTABLE: /* will probably move in the future */ - case CKA_ALWAYS_SENSITIVE: - case CKA_NEVER_EXTRACTABLE: - return &ckmk_falseItem; - case CKA_KEY_TYPE: - return &ckmk_rsaItem; - case CKA_LABEL: - CKMK_HANDLE_OPT_DATA_ITEM(io, kSecKeyPrintName, label, item, *pError, - "PrivateKey:Label attr") - case CKA_DECRYPT: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyDecrypt, decrypt, item, *pError, - "PrivateKey:Decrypt attr") - case CKA_SIGN: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeySign, sign, item, *pError, - "PrivateKey:Sign attr") - case CKA_SIGN_RECOVER: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeySignRecover, signRecover, item, *pError, - "PrivateKey:Sign Recover attr") - case CKA_PRIVATE: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyPrivate, private, item, *pError, - "PrivateKey:Private attr") - case CKA_MODIFIABLE: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyModifiable, modify, item, *pError, - "PrivateKey:Modify attr") - case CKA_DERIVE: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyDerive, derive, item, *pError, - "PrivateKey:Derive attr") - case CKA_UNWRAP: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyUnwrap, unwrap, item, *pError, - "PrivateKey:Unwrap attr") - case CKA_SUBJECT: - CKMK_HANDLE_OPT_DATA_ITEM(io, kSecSubjectItemAttr, subject, item, *pError, - "PrivateKey:Subject attr") - case CKA_MODULUS: - if (0 == item->modulus.size) { - ckmk_fetchModulus(io); - } - return &item->modulus; - case CKA_PUBLIC_EXPONENT: - return &ckmk_emptyItem; -#ifdef notdef - /* the following are sensitive attributes. We could implement them for - * sensitive keys using the key export function, but it's better to - * just support wrap through this token. That will more reliably allow us - * to export any private key that is truly exportable. - */ - case CKA_PRIVATE_EXPONENT: - CKMK_HANDLE_DATA_ITEM(io, kSecPrivateExponentItemAttr, privateExponent, - item, *pError) - case CKA_PRIME_1: - CKMK_HANDLE_DATA_ITEM(io, kSecPrime1ItemAttr, prime1, item, *pError) - case CKA_PRIME_2: - CKMK_HANDLE_DATA_ITEM(io, kSecPrime2ItemAttr, prime2, item, *pError) - case CKA_EXPONENT_1: - CKMK_HANDLE_DATA_ITEM(io, kSecExponent1ItemAttr, exponent1, item, *pError) - case CKA_EXPONENT_2: - CKMK_HANDLE_DATA_ITEM(io, kSecExponent2ItemAttr, exponent2, item, *pError) - case CKA_COEFFICIENT: - CKMK_HANDLE_DATA_ITEM(io, kSecCoefficientItemAttr, coefficient, - item, *pError) -#endif - case CKA_ID: - CKMK_HANDLE_OPT_DATA_ITEM(io, kSecKeyLabel, id, item, *pError, - "PrivateKey:ID attr") - default: - *pError = CKR_ATTRIBUTE_TYPE_INVALID; - return NULL; - } -} - -const NSSItem * -nss_ckmk_FetchAttribute( - ckmkInternalObject *io, - CK_ATTRIBUTE_TYPE type, - CK_RV *pError) -{ - CK_ULONG i; - const NSSItem *value = NULL; - - if (io->type == ckmkRaw) { - for (i = 0; i < io->u.raw.n; i++) { - if (type == io->u.raw.types[i]) { - return &io->u.raw.items[i]; - } - } - *pError = CKR_ATTRIBUTE_TYPE_INVALID; - return NULL; - } - /* deal with the common attributes */ - switch (io->objClass) { - case CKO_CERTIFICATE: - value = ckmk_FetchCertAttribute(io, type, pError); - break; - case CKO_PRIVATE_KEY: - value = ckmk_FetchPrivKeyAttribute(io, type, pError); - break; - case CKO_PUBLIC_KEY: - value = ckmk_FetchPubKeyAttribute(io, type, pError); - break; - default: - *pError = CKR_OBJECT_HANDLE_INVALID; - return NULL; - } - -#ifdef DEBUG - if (CKA_ID == type) { - itemdump("id: ", value->data, value->size, *pError); - } -#endif - return value; -} - -static void -ckmk_removeObjectFromHash( - ckmkInternalObject *io); - -/* - * - * These are the MSObject functions we need to implement - * - * Finalize - unneeded (actually we should clean up the hashtables) - * Destroy - * IsTokenObject - CK_TRUE - * GetAttributeCount - * GetAttributeTypes - * GetAttributeSize - * GetAttribute - * SetAttribute - * GetObjectSize - */ - -static CK_RV -ckmk_mdObject_Destroy( - NSSCKMDObject *mdObject, - NSSCKFWObject *fwObject, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc; - OSStatus macErr; - - if (ckmkRaw == io->type) { - /* there is not 'object write protected' error, use the next best thing */ - return CKR_TOKEN_WRITE_PROTECTED; - } - - /* This API is done well. The following 4 lines are the complete apple - * specific part of this implementation */ - macErr = SecKeychainItemDelete(io->u.item.itemRef); - if (noErr != macErr) { - CKMK_MACERR("Delete object", macErr); - } - - /* remove it from the hash */ - ckmk_removeObjectFromHash(io); - - /* free the puppy.. */ - nss_ckmk_DestroyInternalObject(io); - - return CKR_OK; -} - -static CK_BBOOL -ckmk_mdObject_IsTokenObject( - NSSCKMDObject *mdObject, - NSSCKFWObject *fwObject, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - return CK_TRUE; -} - -static CK_ULONG -ckmk_mdObject_GetAttributeCount( - NSSCKMDObject *mdObject, - NSSCKFWObject *fwObject, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc; - - if (ckmkRaw == io->type) { - return io->u.raw.n; - } - switch (io->objClass) { - case CKO_CERTIFICATE: - return certAttrsCount; - case CKO_PUBLIC_KEY: - return pubKeyAttrsCount; - case CKO_PRIVATE_KEY: - return privKeyAttrsCount; - default: - break; - } - return 0; -} - -static CK_RV -ckmk_mdObject_GetAttributeTypes( - NSSCKMDObject *mdObject, - NSSCKFWObject *fwObject, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_ATTRIBUTE_TYPE_PTR typeArray, - CK_ULONG ulCount) -{ - ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc; - CK_ULONG i; - CK_RV error = CKR_OK; - const CK_ATTRIBUTE_TYPE *attrs = NULL; - CK_ULONG size = ckmk_mdObject_GetAttributeCount( - mdObject, fwObject, mdSession, fwSession, - mdToken, fwToken, mdInstance, fwInstance, &error); - - if (size != ulCount) { - return CKR_BUFFER_TOO_SMALL; - } - if (io->type == ckmkRaw) { - attrs = io->u.raw.types; - } else - switch (io->objClass) { - case CKO_CERTIFICATE: - attrs = - certAttrs; - break; - case CKO_PUBLIC_KEY: - attrs = - pubKeyAttrs; - break; - case CKO_PRIVATE_KEY: - attrs = - privKeyAttrs; - break; - default: - return CKR_OK; - } - - for (i = 0; i < size; i++) { - typeArray[i] = attrs[i]; - } - - return CKR_OK; -} - -static CK_ULONG -ckmk_mdObject_GetAttributeSize( - NSSCKMDObject *mdObject, - NSSCKFWObject *fwObject, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_ATTRIBUTE_TYPE attribute, - CK_RV *pError) -{ - ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc; - - const NSSItem *b; - - b = nss_ckmk_FetchAttribute(io, attribute, pError); - - if ((const NSSItem *)NULL == b) { - return 0; - } - return b->size; -} - -static CK_RV -ckmk_mdObject_SetAttribute( - NSSCKMDObject *mdObject, - NSSCKFWObject *fwObject, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_ATTRIBUTE_TYPE attribute, - NSSItem *value) -{ - ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc; - SecKeychainItemRef itemRef; - - if (io->type == ckmkRaw) { - return CKR_TOKEN_WRITE_PROTECTED; - } - itemRef = io->u.item.itemRef; - - switch (io->objClass) { - case CKO_PRIVATE_KEY: - case CKO_PUBLIC_KEY: - switch (attribute) { - case CKA_ID: - ckmk_updateAttribute(itemRef, kSecKeyLabel, - value->data, value->size, "Set Attr Key ID"); -#ifdef DEBUG - itemdump("key id: ", value->data, value->size, CKR_OK); -#endif - break; - case CKA_LABEL: - ckmk_updateAttribute(itemRef, kSecKeyPrintName, value->data, - value->size, "Set Attr Key Label"); - break; - default: - break; - } - break; - - case CKO_CERTIFICATE: - switch (attribute) { - case CKA_ID: - ckmk_updateAttribute(itemRef, kSecPublicKeyHashItemAttr, - value->data, value->size, "Set Attr Cert ID"); - break; - case CKA_LABEL: - ckmk_updateAttribute(itemRef, kSecLabelItemAttr, value->data, - value->size, "Set Attr Cert Label"); - break; - default: - break; - } - break; - - default: - break; - } - return CKR_OK; -} - -static NSSCKFWItem -ckmk_mdObject_GetAttribute( - NSSCKMDObject *mdObject, - NSSCKFWObject *fwObject, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_ATTRIBUTE_TYPE attribute, - CK_RV *pError) -{ - NSSCKFWItem mdItem; - ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc; - - mdItem.needsFreeing = PR_FALSE; - mdItem.item = (NSSItem *)nss_ckmk_FetchAttribute(io, attribute, pError); - - return mdItem; -} - -static CK_ULONG -ckmk_mdObject_GetObjectSize( - NSSCKMDObject *mdObject, - NSSCKFWObject *fwObject, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - CK_ULONG rv = 1; - - /* size is irrelevant to this token */ - return rv; -} - -static const NSSCKMDObject - ckmk_prototype_mdObject = { - (void *)NULL, /* etc */ - NULL, /* Finalize */ - ckmk_mdObject_Destroy, - ckmk_mdObject_IsTokenObject, - ckmk_mdObject_GetAttributeCount, - ckmk_mdObject_GetAttributeTypes, - ckmk_mdObject_GetAttributeSize, - ckmk_mdObject_GetAttribute, - NULL, /* FreeAttribute */ - ckmk_mdObject_SetAttribute, - ckmk_mdObject_GetObjectSize, - (void *)NULL /* null terminator */ - }; - -static nssHash *ckmkInternalObjectHash = NULL; - -NSS_IMPLEMENT NSSCKMDObject * -nss_ckmk_CreateMDObject( - NSSArena *arena, - ckmkInternalObject *io, - CK_RV *pError) -{ - if ((nssHash *)NULL == ckmkInternalObjectHash) { - ckmkInternalObjectHash = nssHash_CreateItem(NULL, 10); - } - if (ckmkItem == io->type) { - /* the hash key, not a cryptographic key */ - NSSItem *key = &io->hashKey; - ckmkInternalObject *old_o = NULL; - - if (key->size == 0) { - ckmk_FetchHashKey(io); - } - old_o = (ckmkInternalObject *) - nssHash_Lookup(ckmkInternalObjectHash, key); - if (!old_o) { - nssHash_Add(ckmkInternalObjectHash, key, io); - } else if (old_o != io) { - nss_ckmk_DestroyInternalObject(io); - io = old_o; - } - } - - if ((void *)NULL == io->mdObject.etc) { - (void)nsslibc_memcpy(&io->mdObject, &ckmk_prototype_mdObject, - sizeof(ckmk_prototype_mdObject)); - io->mdObject.etc = (void *)io; - } - return &io->mdObject; -} - -static void -ckmk_removeObjectFromHash( - ckmkInternalObject *io) -{ - NSSItem *key = &io->hashKey; - - if ((nssHash *)NULL == ckmkInternalObjectHash) { - return; - } - if (key->size == 0) { - ckmk_FetchHashKey(io); - } - nssHash_Remove(ckmkInternalObjectHash, key); - return; -} - -void -nss_ckmk_DestroyInternalObject( - ckmkInternalObject *io) -{ - switch (io->type) { - case ckmkRaw: - return; - case ckmkItem: - nss_ZFreeIf(io->u.item.modify.data); - nss_ZFreeIf(io->u.item.private.data); - nss_ZFreeIf(io->u.item.encrypt.data); - nss_ZFreeIf(io->u.item.decrypt.data); - nss_ZFreeIf(io->u.item.derive.data); - nss_ZFreeIf(io->u.item.sign.data); - nss_ZFreeIf(io->u.item.signRecover.data); - nss_ZFreeIf(io->u.item.verify.data); - nss_ZFreeIf(io->u.item.verifyRecover.data); - nss_ZFreeIf(io->u.item.wrap.data); - nss_ZFreeIf(io->u.item.unwrap.data); - nss_ZFreeIf(io->u.item.label.data); - /*nss_ZFreeIf(io->u.item.subject.data); */ - /*nss_ZFreeIf(io->u.item.issuer.data); */ - nss_ZFreeIf(io->u.item.serial.data); - nss_ZFreeIf(io->u.item.modulus.data); - nss_ZFreeIf(io->u.item.exponent.data); - nss_ZFreeIf(io->u.item.privateExponent.data); - nss_ZFreeIf(io->u.item.prime1.data); - nss_ZFreeIf(io->u.item.prime2.data); - nss_ZFreeIf(io->u.item.exponent1.data); - nss_ZFreeIf(io->u.item.exponent2.data); - nss_ZFreeIf(io->u.item.coefficient.data); - break; - } - nss_ZFreeIf(io); - return; -} - -static ckmkInternalObject * -nss_ckmk_NewInternalObject( - CK_OBJECT_CLASS objClass, - SecKeychainItemRef itemRef, - SecItemClass itemClass, - CK_RV *pError) -{ - ckmkInternalObject *io = nss_ZNEW(NULL, ckmkInternalObject); - - if ((ckmkInternalObject *)NULL == io) { - *pError = CKR_HOST_MEMORY; - return io; - } - io->type = ckmkItem; - io->objClass = objClass; - io->u.item.itemRef = itemRef; - io->u.item.itemClass = itemClass; - return io; -} - -/* - * Apple doesn't alway have a default keyChain set by the OS, use the - * SearchList to try to find one. - */ -static CK_RV -ckmk_GetSafeDefaultKeychain( - SecKeychainRef *keychainRef) -{ - OSStatus macErr; - CFArrayRef searchList = 0; - CK_RV error = CKR_OK; - - macErr = SecKeychainCopyDefault(keychainRef); - if (noErr != macErr) { - int searchCount = 0; - if (errSecNoDefaultKeychain != macErr) { - CKMK_MACERR("Getting default key chain", macErr); - error = CKR_GENERAL_ERROR; - goto loser; - } - /* ok, we don't have a default key chain, find one */ - macErr = SecKeychainCopySearchList(&searchList); - if (noErr != macErr) { - CKMK_MACERR("failed to find a keyring searchList", macErr); - error = CKR_DEVICE_REMOVED; - goto loser; - } - searchCount = CFArrayGetCount(searchList); - if (searchCount < 1) { - error = CKR_DEVICE_REMOVED; - goto loser; - } - *keychainRef = - (SecKeychainRef)CFRetain(CFArrayGetValueAtIndex(searchList, 0)); - if (0 == *keychainRef) { - error = CKR_DEVICE_REMOVED; - goto loser; - } - /* should we set it as default? */ - } -loser: - if (0 != searchList) { - CFRelease(searchList); - } - return error; -} -static ckmkInternalObject * -nss_ckmk_CreateCertificate( - NSSCKFWSession *fwSession, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_RV *pError) -{ - NSSItem value; - ckmkInternalObject *io = NULL; - OSStatus macErr; - SecCertificateRef certRef; - SecKeychainItemRef itemRef; - SecKeychainRef keychainRef; - CSSM_DATA certData; - - *pError = nss_ckmk_GetAttribute(CKA_VALUE, pTemplate, - ulAttributeCount, &value); - if (CKR_OK != *pError) { - goto loser; - } - - certData.Data = value.data; - certData.Length = value.size; - macErr = SecCertificateCreateFromData(&certData, CSSM_CERT_X_509v3, - CSSM_CERT_ENCODING_BER, &certRef); - if (noErr != macErr) { - CKMK_MACERR("Create cert from data Failed", macErr); - *pError = CKR_GENERAL_ERROR; /* need to map macErr */ - goto loser; - } - - *pError = ckmk_GetSafeDefaultKeychain(&keychainRef); - if (CKR_OK != *pError) { - goto loser; - } - - macErr = SecCertificateAddToKeychain(certRef, keychainRef); - itemRef = (SecKeychainItemRef)certRef; - if (errSecDuplicateItem != macErr) { - NSSItem keyID = { NULL, 0 }; - char *nickname = NULL; - CK_RV dummy; - - if (noErr != macErr) { - CKMK_MACERR("Add cert to keychain Failed", macErr); - *pError = CKR_GENERAL_ERROR; /* need to map macErr */ - goto loser; - } - /* these two are optional */ - nickname = nss_ckmk_GetStringAttribute(CKA_LABEL, pTemplate, - ulAttributeCount, &dummy); - /* we've added a new one, update the attributes in the key ring */ - if (nickname) { - ckmk_updateAttribute(itemRef, kSecLabelItemAttr, nickname, - strlen(nickname) + 1, "Modify Cert Label"); - nss_ZFreeIf(nickname); - } - dummy = nss_ckmk_GetAttribute(CKA_ID, pTemplate, - ulAttributeCount, &keyID); - if (CKR_OK == dummy) { - dummy = ckmk_updateAttribute(itemRef, kSecPublicKeyHashItemAttr, - keyID.data, keyID.size, "Modify Cert ID"); - } - } - - io = nss_ckmk_NewInternalObject(CKO_CERTIFICATE, itemRef, - kSecCertificateItemClass, pError); - if ((ckmkInternalObject *)NULL != io) { - itemRef = 0; - } - -loser: - if (0 != itemRef) { - CFRelease(itemRef); - } - if (0 != keychainRef) { - CFRelease(keychainRef); - } - - return io; -} - -/* - * PKCS #8 attributes - */ -struct ckmk_AttributeStr { - SECItem attrType; - SECItem *attrValue; -}; -typedef struct ckmk_AttributeStr ckmk_Attribute; - -/* - ** A PKCS#8 private key info object - */ -struct PrivateKeyInfoStr { - PLArenaPool *arena; - SECItem version; - SECAlgorithmID algorithm; - SECItem privateKey; - ckmk_Attribute **attributes; -}; -typedef struct PrivateKeyInfoStr PrivateKeyInfo; - -const SEC_ASN1Template ckmk_RSAPrivateKeyTemplate[] = { - { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(RSAPrivateKey) }, - { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, version) }, - { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, modulus) }, - { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, publicExponent) }, - { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, privateExponent) }, - { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, prime1) }, - { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, prime2) }, - { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, exponent1) }, - { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, exponent2) }, - { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, coefficient) }, - { 0 } -}; - -const SEC_ASN1Template ckmk_AttributeTemplate[] = { - { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(ckmk_Attribute) }, - { SEC_ASN1_OBJECT_ID, offsetof(ckmk_Attribute, attrType) }, - { SEC_ASN1_SET_OF, offsetof(ckmk_Attribute, attrValue), - SEC_AnyTemplate }, - { 0 } -}; - -const SEC_ASN1Template ckmk_SetOfAttributeTemplate[] = { - { SEC_ASN1_SET_OF, 0, ckmk_AttributeTemplate }, -}; - -SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate) - -/* ASN1 Templates for new decoder/encoder */ -const SEC_ASN1Template ckmk_PrivateKeyInfoTemplate[] = { - { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(PrivateKeyInfo) }, - { SEC_ASN1_INTEGER, offsetof(PrivateKeyInfo, version) }, - { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(PrivateKeyInfo, algorithm), - SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, - { SEC_ASN1_OCTET_STRING, offsetof(PrivateKeyInfo, privateKey) }, - { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0, - offsetof(PrivateKeyInfo, attributes), ckmk_SetOfAttributeTemplate }, - { 0 } -}; - -#define CKMK_PRIVATE_KEY_INFO_VERSION 0 -static CK_RV -ckmk_CreateRSAKeyBlob( - RSAPrivateKey *lk, - NSSItem *keyBlob) -{ - PrivateKeyInfo *pki = NULL; - PLArenaPool *arena = NULL; - SECOidTag algorithm = SEC_OID_UNKNOWN; - void *dummy; - SECStatus rv; - SECItem *encodedKey = NULL; - CK_RV error = CKR_OK; - - arena = PORT_NewArena(2048); /* XXX different size? */ - if (!arena) { - error = CKR_HOST_MEMORY; - goto loser; - } - - pki = (PrivateKeyInfo *)PORT_ArenaZAlloc(arena, sizeof(PrivateKeyInfo)); - if (!pki) { - error = CKR_HOST_MEMORY; - goto loser; - } - pki->arena = arena; - - dummy = SEC_ASN1EncodeItem(arena, &pki->privateKey, lk, - ckmk_RSAPrivateKeyTemplate); - algorithm = SEC_OID_PKCS1_RSA_ENCRYPTION; - - if (!dummy) { - error = CKR_DEVICE_ERROR; /* should map NSS SECError */ - goto loser; - } - - rv = SECOID_SetAlgorithmID(arena, &pki->algorithm, algorithm, - (SECItem *)NULL); - if (rv != SECSuccess) { - error = CKR_DEVICE_ERROR; /* should map NSS SECError */ - goto loser; - } - - dummy = SEC_ASN1EncodeInteger(arena, &pki->version, - CKMK_PRIVATE_KEY_INFO_VERSION); - if (!dummy) { - error = CKR_DEVICE_ERROR; /* should map NSS SECError */ - goto loser; - } - - encodedKey = SEC_ASN1EncodeItem(NULL, NULL, pki, - ckmk_PrivateKeyInfoTemplate); - if (!encodedKey) { - error = CKR_DEVICE_ERROR; - goto loser; - } - - keyBlob->data = nss_ZNEWARRAY(NULL, char, encodedKey->len); - if (NULL == keyBlob->data) { - error = CKR_HOST_MEMORY; - goto loser; - } - nsslibc_memcpy(keyBlob->data, encodedKey->data, encodedKey->len); - keyBlob->size = encodedKey->len; - -loser: - if (arena) { - PORT_FreeArena(arena, PR_TRUE); - } - if (encodedKey) { - SECITEM_FreeItem(encodedKey, PR_TRUE); - } - - return error; -} -/* - * There MUST be a better way to do this. For now, find the key based on the - * default name Apple gives it once we import. - */ -#define IMPORTED_NAME "Imported Private Key" -static CK_RV -ckmk_FindImportedKey( - SecKeychainRef keychainRef, - SecItemClass itemClass, - SecKeychainItemRef *outItemRef) -{ - OSStatus macErr; - SecKeychainSearchRef searchRef = 0; - SecKeychainItemRef newItemRef; - - macErr = SecKeychainSearchCreateFromAttributes(keychainRef, itemClass, - NULL, &searchRef); - if (noErr != macErr) { - CKMK_MACERR("Can't search for Key", macErr); - return CKR_GENERAL_ERROR; - } - while (noErr == SecKeychainSearchCopyNext(searchRef, &newItemRef)) { - SecKeychainAttributeList *attrList = NULL; - SecKeychainAttributeInfo attrInfo; - SecItemAttr itemAttr = kSecKeyPrintName; - PRUint32 attrFormat = 0; - OSStatus macErr; - - attrInfo.count = 1; - attrInfo.tag = &itemAttr; - attrInfo.format = &attrFormat; - - macErr = SecKeychainItemCopyAttributesAndData(newItemRef, - &attrInfo, NULL, &attrList, NULL, NULL); - if (noErr == macErr) { - if (nsslibc_memcmp(attrList->attr->data, IMPORTED_NAME, - attrList->attr->length, NULL) == 0) { - *outItemRef = newItemRef; - CFRelease(searchRef); - SecKeychainItemFreeAttributesAndData(attrList, NULL); - return CKR_OK; - } - SecKeychainItemFreeAttributesAndData(attrList, NULL); - } - CFRelease(newItemRef); - } - CFRelease(searchRef); - return CKR_GENERAL_ERROR; /* we can come up with something better! */ -} - -static ckmkInternalObject * -nss_ckmk_CreatePrivateKey( - NSSCKFWSession *fwSession, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_RV *pError) -{ - NSSItem attribute; - RSAPrivateKey lk; - NSSItem keyID; - char *nickname = NULL; - ckmkInternalObject *io = NULL; - CK_KEY_TYPE keyType; - OSStatus macErr; - SecKeychainItemRef itemRef = 0; - NSSItem keyBlob = { NULL, 0 }; - CFDataRef dataRef = 0; - SecExternalFormat inputFormat = kSecFormatBSAFE; - /*SecExternalFormat inputFormat = kSecFormatOpenSSL; */ - SecExternalItemType itemType = kSecItemTypePrivateKey; - SecKeyImportExportParameters keyParams; - SecKeychainRef targetKeychain = 0; - unsigned char zero = 0; - CK_RV error; - - keyParams.version = SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION; - keyParams.flags = 0; - keyParams.passphrase = 0; - keyParams.alertTitle = 0; - keyParams.alertPrompt = 0; - keyParams.accessRef = 0; /* default */ - keyParams.keyUsage = 0; /* will get filled in */ - keyParams.keyAttributes = CSSM_KEYATTR_PERMANENT; /* will get filled in */ - keyType = nss_ckmk_GetULongAttribute(CKA_KEY_TYPE, pTemplate, ulAttributeCount, pError); - if (CKR_OK != *pError) { - return (ckmkInternalObject *)NULL; - } - if (CKK_RSA != keyType) { - *pError = CKR_ATTRIBUTE_VALUE_INVALID; - return (ckmkInternalObject *)NULL; - } - if (nss_ckmk_GetBoolAttribute(CKA_DECRYPT, - pTemplate, ulAttributeCount, CK_TRUE)) { - keyParams.keyUsage |= CSSM_KEYUSE_DECRYPT; - } - if (nss_ckmk_GetBoolAttribute(CKA_UNWRAP, - pTemplate, ulAttributeCount, CK_TRUE)) { - keyParams.keyUsage |= CSSM_KEYUSE_UNWRAP; - } - if (nss_ckmk_GetBoolAttribute(CKA_SIGN, - pTemplate, ulAttributeCount, CK_TRUE)) { - keyParams.keyUsage |= CSSM_KEYUSE_SIGN; - } - if (nss_ckmk_GetBoolAttribute(CKA_DERIVE, - pTemplate, ulAttributeCount, CK_FALSE)) { - keyParams.keyUsage |= CSSM_KEYUSE_DERIVE; - } - if (nss_ckmk_GetBoolAttribute(CKA_SENSITIVE, - pTemplate, ulAttributeCount, CK_TRUE)) { - keyParams.keyAttributes |= CSSM_KEYATTR_SENSITIVE; - } - if (nss_ckmk_GetBoolAttribute(CKA_EXTRACTABLE, - pTemplate, ulAttributeCount, CK_TRUE)) { - keyParams.keyAttributes |= CSSM_KEYATTR_EXTRACTABLE; - } - - lk.version.type = siUnsignedInteger; - lk.version.data = &zero; - lk.version.len = 1; - - *pError = nss_ckmk_GetAttribute(CKA_MODULUS, pTemplate, - ulAttributeCount, &attribute); - if (CKR_OK != *pError) { - return (ckmkInternalObject *)NULL; - } - lk.modulus.type = siUnsignedInteger; - lk.modulus.data = attribute.data; - lk.modulus.len = attribute.size; - - *pError = nss_ckmk_GetAttribute(CKA_PUBLIC_EXPONENT, pTemplate, - ulAttributeCount, &attribute); - if (CKR_OK != *pError) { - return (ckmkInternalObject *)NULL; - } - lk.publicExponent.type = siUnsignedInteger; - lk.publicExponent.data = attribute.data; - lk.publicExponent.len = attribute.size; - - *pError = nss_ckmk_GetAttribute(CKA_PRIVATE_EXPONENT, pTemplate, - ulAttributeCount, &attribute); - if (CKR_OK != *pError) { - return (ckmkInternalObject *)NULL; - } - lk.privateExponent.type = siUnsignedInteger; - lk.privateExponent.data = attribute.data; - lk.privateExponent.len = attribute.size; - - *pError = nss_ckmk_GetAttribute(CKA_PRIME_1, pTemplate, - ulAttributeCount, &attribute); - if (CKR_OK != *pError) { - return (ckmkInternalObject *)NULL; - } - lk.prime1.type = siUnsignedInteger; - lk.prime1.data = attribute.data; - lk.prime1.len = attribute.size; - - *pError = nss_ckmk_GetAttribute(CKA_PRIME_2, pTemplate, - ulAttributeCount, &attribute); - if (CKR_OK != *pError) { - return (ckmkInternalObject *)NULL; - } - lk.prime2.type = siUnsignedInteger; - lk.prime2.data = attribute.data; - lk.prime2.len = attribute.size; - - *pError = nss_ckmk_GetAttribute(CKA_EXPONENT_1, pTemplate, - ulAttributeCount, &attribute); - if (CKR_OK != *pError) { - return (ckmkInternalObject *)NULL; - } - lk.exponent1.type = siUnsignedInteger; - lk.exponent1.data = attribute.data; - lk.exponent1.len = attribute.size; - - *pError = nss_ckmk_GetAttribute(CKA_EXPONENT_2, pTemplate, - ulAttributeCount, &attribute); - if (CKR_OK != *pError) { - return (ckmkInternalObject *)NULL; - } - lk.exponent2.type = siUnsignedInteger; - lk.exponent2.data = attribute.data; - lk.exponent2.len = attribute.size; - - *pError = nss_ckmk_GetAttribute(CKA_COEFFICIENT, pTemplate, - ulAttributeCount, &attribute); - if (CKR_OK != *pError) { - return (ckmkInternalObject *)NULL; - } - lk.coefficient.type = siUnsignedInteger; - lk.coefficient.data = attribute.data; - lk.coefficient.len = attribute.size; - - /* ASN1 Encode the pkcs8 structure... look at softoken to see how this - * is done... */ - error = ckmk_CreateRSAKeyBlob(&lk, &keyBlob); - if (CKR_OK != error) { - goto loser; - } - - dataRef = CFDataCreate(NULL, (UInt8 *)keyBlob.data, keyBlob.size); - if (0 == dataRef) { - *pError = CKR_HOST_MEMORY; - goto loser; - } - - *pError == ckmk_GetSafeDefaultKeychain(&targetKeychain); - if (CKR_OK != *pError) { - goto loser; - } - - /* the itemArray that is returned is useless. the item does not - * is 'not on the key chain' so none of the modify calls work on it. - * It also has a key that isn't the same key as the one in the actual - * key chain. In short it isn't the item we want, and it gives us zero - * information about the item we want, so don't even bother with it... - */ - macErr = SecKeychainItemImport(dataRef, NULL, &inputFormat, &itemType, 0, - &keyParams, targetKeychain, NULL); - if (noErr != macErr) { - CKMK_MACERR("Import Private Key", macErr); - *pError = CKR_GENERAL_ERROR; - goto loser; - } - - *pError = ckmk_FindImportedKey(targetKeychain, - CSSM_DL_DB_RECORD_PRIVATE_KEY, - &itemRef); - if (CKR_OK != *pError) { -#ifdef DEBUG - fprintf(stderr, "couldn't find key in keychain \n"); -#endif - goto loser; - } - - /* set the CKA_ID and the CKA_LABEL */ - error = nss_ckmk_GetAttribute(CKA_ID, pTemplate, - ulAttributeCount, &keyID); - if (CKR_OK == error) { - error = ckmk_updateAttribute(itemRef, kSecKeyLabel, - keyID.data, keyID.size, "Modify Key ID"); -#ifdef DEBUG - itemdump("key id: ", keyID.data, keyID.size, error); -#endif - } - nickname = nss_ckmk_GetStringAttribute(CKA_LABEL, pTemplate, - ulAttributeCount, &error); - if (nickname) { - ckmk_updateAttribute(itemRef, kSecKeyPrintName, nickname, - strlen(nickname) + 1, "Modify Key Label"); - } else { -#define DEFAULT_NICKNAME "NSS Imported Key" - ckmk_updateAttribute(itemRef, kSecKeyPrintName, DEFAULT_NICKNAME, - sizeof(DEFAULT_NICKNAME), "Modify Key Label"); - } - - io = nss_ckmk_NewInternalObject(CKO_PRIVATE_KEY, itemRef, - CSSM_DL_DB_RECORD_PRIVATE_KEY, pError); - if ((ckmkInternalObject *)NULL == io) { - CFRelease(itemRef); - } - - return io; - -loser: - /* free the key blob */ - if (keyBlob.data) { - nss_ZFreeIf(keyBlob.data); - } - if (0 != targetKeychain) { - CFRelease(targetKeychain); - } - if (0 != dataRef) { - CFRelease(dataRef); - } - return io; -} - -NSS_EXTERN NSSCKMDObject * -nss_ckmk_CreateObject( - NSSCKFWSession *fwSession, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_RV *pError) -{ - CK_OBJECT_CLASS objClass; - ckmkInternalObject *io = NULL; - CK_BBOOL isToken; - - /* - * only create token objects - */ - isToken = nss_ckmk_GetBoolAttribute(CKA_TOKEN, pTemplate, - ulAttributeCount, CK_FALSE); - if (!isToken) { - *pError = CKR_ATTRIBUTE_VALUE_INVALID; - return (NSSCKMDObject *)NULL; - } - - /* - * only create keys and certs. - */ - objClass = nss_ckmk_GetULongAttribute(CKA_CLASS, pTemplate, - ulAttributeCount, pError); - if (CKR_OK != *pError) { - return (NSSCKMDObject *)NULL; - } -#ifdef notdef - if (objClass == CKO_PUBLIC_KEY) { - return CKR_OK; /* fake public key creation, happens as a side effect of - * private key creation */ - } -#endif - if (objClass == CKO_CERTIFICATE) { - io = nss_ckmk_CreateCertificate(fwSession, pTemplate, - ulAttributeCount, pError); - } else if (objClass == CKO_PRIVATE_KEY) { - io = nss_ckmk_CreatePrivateKey(fwSession, pTemplate, - ulAttributeCount, pError); - } else { - *pError = CKR_ATTRIBUTE_VALUE_INVALID; - } - - if ((ckmkInternalObject *)NULL == io) { - return (NSSCKMDObject *)NULL; - } - return nss_ckmk_CreateMDObject(NULL, io, pError); -} diff --git a/security/nss/lib/ckfw/nssmkey/mrsa.c b/security/nss/lib/ckfw/nssmkey/mrsa.c deleted file mode 100644 index 00175b47a8..0000000000 --- a/security/nss/lib/ckfw/nssmkey/mrsa.c +++ /dev/null @@ -1,479 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "ckmk.h" - -/* Sigh, For all the talk about 'ease of use', apple has hidden the interfaces - * needed to be able to truly use CSSM. These came from their modification - * to NSS's S/MIME code. The following two functions currently are not - * part of the SecKey.h interface. - */ -OSStatus -SecKeyGetCredentials( - SecKeyRef keyRef, - CSSM_ACL_AUTHORIZATION_TAG authTag, - int type, - const CSSM_ACCESS_CREDENTIALS **creds); - -/* this function could be implemented using 'SecKeychainItemCopyKeychain' and - * 'SecKeychainGetCSPHandle' */ -OSStatus -SecKeyGetCSPHandle( - SecKeyRef keyRef, - CSSM_CSP_HANDLE *cspHandle); - -typedef struct ckmkInternalCryptoOperationRSAPrivStr - ckmkInternalCryptoOperationRSAPriv; -struct ckmkInternalCryptoOperationRSAPrivStr { - NSSCKMDCryptoOperation mdOperation; - NSSCKMDMechanism *mdMechanism; - ckmkInternalObject *iKey; - NSSItem *buffer; - CSSM_CC_HANDLE cssmContext; -}; - -typedef enum { - CKMK_DECRYPT, - CKMK_SIGN -} ckmkRSAOpType; - -/* - * ckmk_mdCryptoOperationRSAPriv_Create - */ -static NSSCKMDCryptoOperation * -ckmk_mdCryptoOperationRSAPriv_Create( - const NSSCKMDCryptoOperation *proto, - NSSCKMDMechanism *mdMechanism, - NSSCKMDObject *mdKey, - ckmkRSAOpType type, - CK_RV *pError) -{ - ckmkInternalObject *iKey = (ckmkInternalObject *)mdKey->etc; - const NSSItem *classItem = nss_ckmk_FetchAttribute(iKey, CKA_CLASS, pError); - const NSSItem *keyType = nss_ckmk_FetchAttribute(iKey, CKA_KEY_TYPE, pError); - ckmkInternalCryptoOperationRSAPriv *iOperation; - SecKeyRef privateKey; - OSStatus macErr; - CSSM_RETURN cssmErr; - const CSSM_KEY *cssmKey; - CSSM_CSP_HANDLE cspHandle; - const CSSM_ACCESS_CREDENTIALS *creds = NULL; - CSSM_CC_HANDLE cssmContext; - CSSM_ACL_AUTHORIZATION_TAG authType; - - /* make sure we have the right objects */ - if (((const NSSItem *)NULL == classItem) || - (sizeof(CK_OBJECT_CLASS) != classItem->size) || - (CKO_PRIVATE_KEY != *(CK_OBJECT_CLASS *)classItem->data) || - ((const NSSItem *)NULL == keyType) || - (sizeof(CK_KEY_TYPE) != keyType->size) || - (CKK_RSA != *(CK_KEY_TYPE *)keyType->data)) { - *pError = CKR_KEY_TYPE_INCONSISTENT; - return (NSSCKMDCryptoOperation *)NULL; - } - - privateKey = (SecKeyRef)iKey->u.item.itemRef; - macErr = SecKeyGetCSSMKey(privateKey, &cssmKey); - if (noErr != macErr) { - CKMK_MACERR("Getting CSSM Key", macErr); - *pError = CKR_KEY_HANDLE_INVALID; - return (NSSCKMDCryptoOperation *)NULL; - } - macErr = SecKeyGetCSPHandle(privateKey, &cspHandle); - if (noErr != macErr) { - CKMK_MACERR("Getting CSP for Key", macErr); - *pError = CKR_KEY_HANDLE_INVALID; - return (NSSCKMDCryptoOperation *)NULL; - } - switch (type) { - case CKMK_DECRYPT: - authType = CSSM_ACL_AUTHORIZATION_DECRYPT; - break; - case CKMK_SIGN: - authType = CSSM_ACL_AUTHORIZATION_SIGN; - break; - default: - *pError = CKR_GENERAL_ERROR; -#ifdef DEBUG - fprintf(stderr, "RSAPriv_Create: bad type = %d\n", type); -#endif - return (NSSCKMDCryptoOperation *)NULL; - } - - macErr = SecKeyGetCredentials(privateKey, authType, 0, &creds); - if (noErr != macErr) { - CKMK_MACERR("Getting Credentials for Key", macErr); - *pError = CKR_KEY_HANDLE_INVALID; - return (NSSCKMDCryptoOperation *)NULL; - } - - switch (type) { - case CKMK_DECRYPT: - cssmErr = CSSM_CSP_CreateAsymmetricContext(cspHandle, CSSM_ALGID_RSA, - creds, cssmKey, CSSM_PADDING_PKCS1, &cssmContext); - break; - case CKMK_SIGN: - cssmErr = CSSM_CSP_CreateSignatureContext(cspHandle, CSSM_ALGID_RSA, - creds, cssmKey, &cssmContext); - break; - default: - *pError = CKR_GENERAL_ERROR; -#ifdef DEBUG - fprintf(stderr, "RSAPriv_Create: bad type = %d\n", type); -#endif - return (NSSCKMDCryptoOperation *)NULL; - } - if (noErr != cssmErr) { - CKMK_MACERR("Getting Context for Key", cssmErr); - *pError = CKR_GENERAL_ERROR; - return (NSSCKMDCryptoOperation *)NULL; - } - - iOperation = nss_ZNEW(NULL, ckmkInternalCryptoOperationRSAPriv); - if ((ckmkInternalCryptoOperationRSAPriv *)NULL == iOperation) { - *pError = CKR_HOST_MEMORY; - return (NSSCKMDCryptoOperation *)NULL; - } - iOperation->mdMechanism = mdMechanism; - iOperation->iKey = iKey; - iOperation->cssmContext = cssmContext; - - nsslibc_memcpy(&iOperation->mdOperation, - proto, sizeof(NSSCKMDCryptoOperation)); - iOperation->mdOperation.etc = iOperation; - - return &iOperation->mdOperation; -} - -static void -ckmk_mdCryptoOperationRSAPriv_Destroy( - NSSCKMDCryptoOperation *mdOperation, - NSSCKFWCryptoOperation *fwOperation, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - ckmkInternalCryptoOperationRSAPriv *iOperation = - (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc; - - if (iOperation->buffer) { - nssItem_Destroy(iOperation->buffer); - } - if (iOperation->cssmContext) { - CSSM_DeleteContext(iOperation->cssmContext); - } - nss_ZFreeIf(iOperation); - return; -} - -static CK_ULONG -ckmk_mdCryptoOperationRSA_GetFinalLength( - NSSCKMDCryptoOperation *mdOperation, - NSSCKFWCryptoOperation *fwOperation, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - ckmkInternalCryptoOperationRSAPriv *iOperation = - (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc; - const NSSItem *modulus = - nss_ckmk_FetchAttribute(iOperation->iKey, CKA_MODULUS, pError); - - return modulus->size; -} - -/* - * ckmk_mdCryptoOperationRSADecrypt_GetOperationLength - * we won't know the length until we actually decrypt the - * input block. Since we go to all the work to decrypt the - * the block, we'll save if for when the block is asked for - */ -static CK_ULONG -ckmk_mdCryptoOperationRSADecrypt_GetOperationLength( - NSSCKMDCryptoOperation *mdOperation, - NSSCKFWCryptoOperation *fwOperation, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - const NSSItem *input, - CK_RV *pError) -{ - ckmkInternalCryptoOperationRSAPriv *iOperation = - (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc; - CSSM_DATA cssmInput; - CSSM_DATA cssmOutput = { 0, NULL }; - PRUint32 bytesDecrypted; - CSSM_DATA remainder = { 0, NULL }; - NSSItem output; - CSSM_RETURN cssmErr; - - if (iOperation->buffer) { - return iOperation->buffer->size; - } - - cssmInput.Data = input->data; - cssmInput.Length = input->size; - - cssmErr = CSSM_DecryptData(iOperation->cssmContext, - &cssmInput, 1, &cssmOutput, 1, - &bytesDecrypted, &remainder); - if (CSSM_OK != cssmErr) { - CKMK_MACERR("Decrypt Failed", cssmErr); - *pError = CKR_DATA_INVALID; - return 0; - } - /* we didn't suppy any buffers, so it should all be in remainder */ - output.data = nss_ZNEWARRAY(NULL, char, bytesDecrypted + remainder.Length); - if (NULL == output.data) { - free(cssmOutput.Data); - free(remainder.Data); - *pError = CKR_HOST_MEMORY; - return 0; - } - output.size = bytesDecrypted + remainder.Length; - - if (0 != bytesDecrypted) { - nsslibc_memcpy(output.data, cssmOutput.Data, bytesDecrypted); - free(cssmOutput.Data); - } - if (0 != remainder.Length) { - nsslibc_memcpy(((char *)output.data) + bytesDecrypted, - remainder.Data, remainder.Length); - free(remainder.Data); - } - - iOperation->buffer = nssItem_Duplicate(&output, NULL, NULL); - nss_ZFreeIf(output.data); - if ((NSSItem *)NULL == iOperation->buffer) { - *pError = CKR_HOST_MEMORY; - return 0; - } - - return iOperation->buffer->size; -} - -/* - * ckmk_mdCryptoOperationRSADecrypt_UpdateFinal - * - * NOTE: ckmk_mdCryptoOperationRSADecrypt_GetOperationLength is presumed to - * have been called previously. - */ -static CK_RV -ckmk_mdCryptoOperationRSADecrypt_UpdateFinal( - NSSCKMDCryptoOperation *mdOperation, - NSSCKFWCryptoOperation *fwOperation, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - const NSSItem *input, - NSSItem *output) -{ - ckmkInternalCryptoOperationRSAPriv *iOperation = - (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc; - NSSItem *buffer = iOperation->buffer; - - if ((NSSItem *)NULL == buffer) { - return CKR_GENERAL_ERROR; - } - nsslibc_memcpy(output->data, buffer->data, buffer->size); - output->size = buffer->size; - return CKR_OK; -} - -/* - * ckmk_mdCryptoOperationRSASign_UpdateFinal - * - */ -static CK_RV -ckmk_mdCryptoOperationRSASign_UpdateFinal( - NSSCKMDCryptoOperation *mdOperation, - NSSCKFWCryptoOperation *fwOperation, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - const NSSItem *input, - NSSItem *output) -{ - ckmkInternalCryptoOperationRSAPriv *iOperation = - (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc; - CSSM_DATA cssmInput; - CSSM_DATA cssmOutput = { 0, NULL }; - CSSM_RETURN cssmErr; - - cssmInput.Data = input->data; - cssmInput.Length = input->size; - - cssmErr = CSSM_SignData(iOperation->cssmContext, &cssmInput, 1, - CSSM_ALGID_NONE, &cssmOutput); - if (CSSM_OK != cssmErr) { - CKMK_MACERR("Signed Failed", cssmErr); - return CKR_FUNCTION_FAILED; - } - if (cssmOutput.Length > output->size) { - free(cssmOutput.Data); - return CKR_BUFFER_TOO_SMALL; - } - nsslibc_memcpy(output->data, cssmOutput.Data, cssmOutput.Length); - free(cssmOutput.Data); - output->size = cssmOutput.Length; - - return CKR_OK; -} - -NSS_IMPLEMENT_DATA const NSSCKMDCryptoOperation - ckmk_mdCryptoOperationRSADecrypt_proto = { - NULL, /* etc */ - ckmk_mdCryptoOperationRSAPriv_Destroy, - NULL, /* GetFinalLengh - not needed for one shot Decrypt/Encrypt */ - ckmk_mdCryptoOperationRSADecrypt_GetOperationLength, - NULL, /* Final - not needed for one shot operation */ - NULL, /* Update - not needed for one shot operation */ - NULL, /* DigetUpdate - not needed for one shot operation */ - ckmk_mdCryptoOperationRSADecrypt_UpdateFinal, - NULL, /* UpdateCombo - not needed for one shot operation */ - NULL, /* DigetKey - not needed for one shot operation */ - (void *)NULL /* null terminator */ - }; - -NSS_IMPLEMENT_DATA const NSSCKMDCryptoOperation - ckmk_mdCryptoOperationRSASign_proto = { - NULL, /* etc */ - ckmk_mdCryptoOperationRSAPriv_Destroy, - ckmk_mdCryptoOperationRSA_GetFinalLength, - NULL, /* GetOperationLengh - not needed for one shot Sign/Verify */ - NULL, /* Final - not needed for one shot operation */ - NULL, /* Update - not needed for one shot operation */ - NULL, /* DigetUpdate - not needed for one shot operation */ - ckmk_mdCryptoOperationRSASign_UpdateFinal, - NULL, /* UpdateCombo - not needed for one shot operation */ - NULL, /* DigetKey - not needed for one shot operation */ - (void *)NULL /* null terminator */ - }; - -/********** NSSCKMDMechansim functions ***********************/ -/* - * ckmk_mdMechanismRSA_Destroy - */ -static void -ckmk_mdMechanismRSA_Destroy( - NSSCKMDMechanism *mdMechanism, - NSSCKFWMechanism *fwMechanism, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - nss_ZFreeIf(fwMechanism); -} - -/* - * ckmk_mdMechanismRSA_GetMinKeySize - */ -static CK_ULONG -ckmk_mdMechanismRSA_GetMinKeySize( - NSSCKMDMechanism *mdMechanism, - NSSCKFWMechanism *fwMechanism, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return 384; -} - -/* - * ckmk_mdMechanismRSA_GetMaxKeySize - */ -static CK_ULONG -ckmk_mdMechanismRSA_GetMaxKeySize( - NSSCKMDMechanism *mdMechanism, - NSSCKFWMechanism *fwMechanism, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return 16384; -} - -/* - * ckmk_mdMechanismRSA_DecryptInit - */ -static NSSCKMDCryptoOperation * -ckmk_mdMechanismRSA_DecryptInit( - NSSCKMDMechanism *mdMechanism, - NSSCKFWMechanism *fwMechanism, - CK_MECHANISM *pMechanism, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - NSSCKMDObject *mdKey, - NSSCKFWObject *fwKey, - CK_RV *pError) -{ - return ckmk_mdCryptoOperationRSAPriv_Create( - &ckmk_mdCryptoOperationRSADecrypt_proto, - mdMechanism, mdKey, CKMK_DECRYPT, pError); -} - -/* - * ckmk_mdMechanismRSA_SignInit - */ -static NSSCKMDCryptoOperation * -ckmk_mdMechanismRSA_SignInit( - NSSCKMDMechanism *mdMechanism, - NSSCKFWMechanism *fwMechanism, - CK_MECHANISM *pMechanism, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - NSSCKMDObject *mdKey, - NSSCKFWObject *fwKey, - CK_RV *pError) -{ - return ckmk_mdCryptoOperationRSAPriv_Create( - &ckmk_mdCryptoOperationRSASign_proto, - mdMechanism, mdKey, CKMK_SIGN, pError); -} - -NSS_IMPLEMENT_DATA const NSSCKMDMechanism - nss_ckmk_mdMechanismRSA = { - (void *)NULL, /* etc */ - ckmk_mdMechanismRSA_Destroy, - ckmk_mdMechanismRSA_GetMinKeySize, - ckmk_mdMechanismRSA_GetMaxKeySize, - NULL, /* GetInHardware - default false */ - NULL, /* EncryptInit - default errs */ - ckmk_mdMechanismRSA_DecryptInit, - NULL, /* DigestInit - default errs*/ - ckmk_mdMechanismRSA_SignInit, - NULL, /* VerifyInit - default errs */ - ckmk_mdMechanismRSA_SignInit, /* SignRecoverInit */ - NULL, /* VerifyRecoverInit - default errs */ - NULL, /* GenerateKey - default errs */ - NULL, /* GenerateKeyPair - default errs */ - NULL, /* GetWrapKeyLength - default errs */ - NULL, /* WrapKey - default errs */ - NULL, /* UnwrapKey - default errs */ - NULL, /* DeriveKey - default errs */ - (void *)NULL /* null terminator */ - }; diff --git a/security/nss/lib/ckfw/nssmkey/msession.c b/security/nss/lib/ckfw/nssmkey/msession.c deleted file mode 100644 index e6a29244a1..0000000000 --- a/security/nss/lib/ckfw/nssmkey/msession.c +++ /dev/null @@ -1,87 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "ckmk.h" - -/* - * nssmkey/msession.c - * - * This file implements the NSSCKMDSession object for the - * "nssmkey" cryptoki module. - */ - -static NSSCKMDFindObjects * -ckmk_mdSession_FindObjectsInit( - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_RV *pError) -{ - return nss_ckmk_FindObjectsInit(fwSession, pTemplate, ulAttributeCount, pError); -} - -static NSSCKMDObject * -ckmk_mdSession_CreateObject( - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - NSSArena *arena, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_RV *pError) -{ - return nss_ckmk_CreateObject(fwSession, pTemplate, ulAttributeCount, pError); -} - -NSS_IMPLEMENT NSSCKMDSession * -nss_ckmk_CreateSession( - NSSCKFWSession *fwSession, - CK_RV *pError) -{ - NSSArena *arena; - NSSCKMDSession *rv; - - arena = NSSCKFWSession_GetArena(fwSession, pError); - if ((NSSArena *)NULL == arena) { - return (NSSCKMDSession *)NULL; - } - - rv = nss_ZNEW(arena, NSSCKMDSession); - if ((NSSCKMDSession *)NULL == rv) { - *pError = CKR_HOST_MEMORY; - return (NSSCKMDSession *)NULL; - } - - /* - * rv was zeroed when allocated, so we only - * need to set the non-zero members. - */ - - rv->etc = (void *)fwSession; - /* rv->Close */ - /* rv->GetDeviceError */ - /* rv->Login */ - /* rv->Logout */ - /* rv->InitPIN */ - /* rv->SetPIN */ - /* rv->GetOperationStateLen */ - /* rv->GetOperationState */ - /* rv->SetOperationState */ - rv->CreateObject = ckmk_mdSession_CreateObject; - /* rv->CopyObject */ - rv->FindObjectsInit = ckmk_mdSession_FindObjectsInit; - /* rv->SeedRandom */ - /* rv->GetRandom */ - /* rv->null */ - - return rv; -} diff --git a/security/nss/lib/ckfw/nssmkey/mslot.c b/security/nss/lib/ckfw/nssmkey/mslot.c deleted file mode 100644 index b2747ff7b2..0000000000 --- a/security/nss/lib/ckfw/nssmkey/mslot.c +++ /dev/null @@ -1,81 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "ckmk.h" - -/* - * nssmkey/mslot.c - * - * This file implements the NSSCKMDSlot object for the - * "nssmkey" cryptoki module. - */ - -static NSSUTF8 * -ckmk_mdSlot_GetSlotDescription( - NSSCKMDSlot *mdSlot, - NSSCKFWSlot *fwSlot, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return (NSSUTF8 *)nss_ckmk_SlotDescription; -} - -static NSSUTF8 * -ckmk_mdSlot_GetManufacturerID( - NSSCKMDSlot *mdSlot, - NSSCKFWSlot *fwSlot, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return (NSSUTF8 *)nss_ckmk_ManufacturerID; -} - -static CK_VERSION -ckmk_mdSlot_GetHardwareVersion( - NSSCKMDSlot *mdSlot, - NSSCKFWSlot *fwSlot, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - return nss_ckmk_HardwareVersion; -} - -static CK_VERSION -ckmk_mdSlot_GetFirmwareVersion( - NSSCKMDSlot *mdSlot, - NSSCKFWSlot *fwSlot, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - return nss_ckmk_FirmwareVersion; -} - -static NSSCKMDToken * -ckmk_mdSlot_GetToken( - NSSCKMDSlot *mdSlot, - NSSCKFWSlot *fwSlot, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return (NSSCKMDToken *)&nss_ckmk_mdToken; -} - -NSS_IMPLEMENT_DATA const NSSCKMDSlot - nss_ckmk_mdSlot = { - (void *)NULL, /* etc */ - NULL, /* Initialize */ - NULL, /* Destroy */ - ckmk_mdSlot_GetSlotDescription, - ckmk_mdSlot_GetManufacturerID, - NULL, /* GetTokenPresent -- defaults to true */ - NULL, /* GetRemovableDevice -- defaults to false */ - NULL, /* GetHardwareSlot -- defaults to false */ - ckmk_mdSlot_GetHardwareVersion, - ckmk_mdSlot_GetFirmwareVersion, - ckmk_mdSlot_GetToken, - (void *)NULL /* null terminator */ - }; diff --git a/security/nss/lib/ckfw/nssmkey/mtoken.c b/security/nss/lib/ckfw/nssmkey/mtoken.c deleted file mode 100644 index e18d612405..0000000000 --- a/security/nss/lib/ckfw/nssmkey/mtoken.c +++ /dev/null @@ -1,184 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "ckmk.h" - -/* - * nssmkey/mtoken.c - * - * This file implements the NSSCKMDToken object for the - * "nssmkey" cryptoki module. - */ - -static NSSUTF8 * -ckmk_mdToken_GetLabel( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return (NSSUTF8 *)nss_ckmk_TokenLabel; -} - -static NSSUTF8 * -ckmk_mdToken_GetManufacturerID( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return (NSSUTF8 *)nss_ckmk_ManufacturerID; -} - -static NSSUTF8 * -ckmk_mdToken_GetModel( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return (NSSUTF8 *)nss_ckmk_TokenModel; -} - -static NSSUTF8 * -ckmk_mdToken_GetSerialNumber( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return (NSSUTF8 *)nss_ckmk_TokenSerialNumber; -} - -static CK_BBOOL -ckmk_mdToken_GetIsWriteProtected( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - return CK_FALSE; -} - -/* fake out Mozilla so we don't try to initialize the token */ -static CK_BBOOL -ckmk_mdToken_GetUserPinInitialized( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - return CK_TRUE; -} - -static CK_VERSION -ckmk_mdToken_GetHardwareVersion( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - return nss_ckmk_HardwareVersion; -} - -static CK_VERSION -ckmk_mdToken_GetFirmwareVersion( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - return nss_ckmk_FirmwareVersion; -} - -static NSSCKMDSession * -ckmk_mdToken_OpenSession( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - NSSCKFWSession *fwSession, - CK_BBOOL rw, - CK_RV *pError) -{ - return nss_ckmk_CreateSession(fwSession, pError); -} - -static CK_ULONG -ckmk_mdToken_GetMechanismCount( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - return (CK_ULONG)1; -} - -static CK_RV -ckmk_mdToken_GetMechanismTypes( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_MECHANISM_TYPE types[]) -{ - types[0] = CKM_RSA_PKCS; - return CKR_OK; -} - -static NSSCKMDMechanism * -ckmk_mdToken_GetMechanism( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_MECHANISM_TYPE which, - CK_RV *pError) -{ - if (which != CKM_RSA_PKCS) { - *pError = CKR_MECHANISM_INVALID; - return (NSSCKMDMechanism *)NULL; - } - return (NSSCKMDMechanism *)&nss_ckmk_mdMechanismRSA; -} - -NSS_IMPLEMENT_DATA const NSSCKMDToken - nss_ckmk_mdToken = { - (void *)NULL, /* etc */ - NULL, /* Setup */ - NULL, /* Invalidate */ - NULL, /* InitToken -- default errs */ - ckmk_mdToken_GetLabel, - ckmk_mdToken_GetManufacturerID, - ckmk_mdToken_GetModel, - ckmk_mdToken_GetSerialNumber, - NULL, /* GetHasRNG -- default is false */ - ckmk_mdToken_GetIsWriteProtected, - NULL, /* GetLoginRequired -- default is false */ - ckmk_mdToken_GetUserPinInitialized, - NULL, /* GetRestoreKeyNotNeeded -- irrelevant */ - NULL, /* GetHasClockOnToken -- default is false */ - NULL, /* GetHasProtectedAuthenticationPath -- default is false */ - NULL, /* GetSupportsDualCryptoOperations -- default is false */ - NULL, /* GetMaxSessionCount -- default is CK_UNAVAILABLE_INFORMATION */ - NULL, /* GetMaxRwSessionCount -- default is CK_UNAVAILABLE_INFORMATION */ - NULL, /* GetMaxPinLen -- irrelevant */ - NULL, /* GetMinPinLen -- irrelevant */ - NULL, /* GetTotalPublicMemory -- default is CK_UNAVAILABLE_INFORMATION */ - NULL, /* GetFreePublicMemory -- default is CK_UNAVAILABLE_INFORMATION */ - NULL, /* GetTotalPrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */ - NULL, /* GetFreePrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */ - ckmk_mdToken_GetHardwareVersion, - ckmk_mdToken_GetFirmwareVersion, - NULL, /* GetUTCTime -- no clock */ - ckmk_mdToken_OpenSession, - ckmk_mdToken_GetMechanismCount, - ckmk_mdToken_GetMechanismTypes, - ckmk_mdToken_GetMechanism, - (void *)NULL /* null terminator */ - }; diff --git a/security/nss/lib/ckfw/nssmkey/nssmkey.def b/security/nss/lib/ckfw/nssmkey/nssmkey.def deleted file mode 100644 index 45d307ff01..0000000000 --- a/security/nss/lib/ckfw/nssmkey/nssmkey.def +++ /dev/null @@ -1,26 +0,0 @@ -;+# -;+# This Source Code Form is subject to the terms of the Mozilla Public -;+# License, v. 2.0. If a copy of the MPL was not distributed with this -;+# file, You can obtain one at http://mozilla.org/MPL/2.0/. -;+# -;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS -;+# 1. For all unix platforms, the string ";-" means "remove this line" -;+# 2. For all unix platforms, the string " DATA " will be removed from any -;+# line on which it occurs. -;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX. -;+# On AIX, lines containing ";+" will be removed. -;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed. -;+# 5. For all unix platforms, after the above processing has taken place, -;+# all characters after the first ";" on the line will be removed. -;+# And for AIX, the first ";" will also be removed. -;+# This file is passed directly to windows. Since ';' is a comment, all UNIX -;+# directives are hidden behind ";", ";+", and ";-" -;+ -;+NSSMKEY_3.0 { # First release of nssmkey -;+ global: -LIBRARY nssmkey ;- -EXPORTS ;- -C_GetFunctionList; -;+ local: -;+*; -;+}; diff --git a/security/nss/lib/ckfw/nssmkey/nssmkey.h b/security/nss/lib/ckfw/nssmkey/nssmkey.h deleted file mode 100644 index ba58233e62..0000000000 --- a/security/nss/lib/ckfw/nssmkey/nssmkey.h +++ /dev/null @@ -1,41 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#ifndef NSSMKEY_H -#define NSSMKEY_H - -/* - * NSS CKMK Version numbers. - * - * These are the version numbers for the nssmkey module packaged with - * this release on NSS. To determine the version numbers of the builtin - * module you are using, use the appropriate PKCS #11 calls. - * - * These version numbers detail changes to the PKCS #11 interface. They map - * to the PKCS #11 spec versions. - */ -#define NSS_CKMK_CRYPTOKI_VERSION_MAJOR 2 -#define NSS_CKMK_CRYPTOKI_VERSION_MINOR 20 - -/* These version numbers detail the changes - * to the list of trusted certificates. - * - * NSS_CKMK_LIBRARY_VERSION_MINOR is a CK_BYTE. It's not clear - * whether we may use its full range (0-255) or only 0-99 because - * of the comment in the CK_VERSION type definition. - */ -#define NSS_CKMK_LIBRARY_VERSION_MAJOR 1 -#define NSS_CKMK_LIBRARY_VERSION_MINOR 1 -#define NSS_CKMK_LIBRARY_VERSION "1.1" - -/* These version numbers detail the semantic changes to the ckfw engine. */ -#define NSS_CKMK_HARDWARE_VERSION_MAJOR 1 -#define NSS_CKMK_HARDWARE_VERSION_MINOR 0 - -/* These version numbers detail the semantic changes to ckbi itself - * (new PKCS #11 objects), etc. */ -#define NSS_CKMK_FIRMWARE_VERSION_MAJOR 1 -#define NSS_CKMK_FIRMWARE_VERSION_MINOR 0 - -#endif /* NSSMKEY_H */ diff --git a/security/nss/lib/ckfw/nssmkey/staticobj.c b/security/nss/lib/ckfw/nssmkey/staticobj.c deleted file mode 100644 index 5f3bb7c720..0000000000 --- a/security/nss/lib/ckfw/nssmkey/staticobj.c +++ /dev/null @@ -1,36 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#ifndef CKMK_H -#include "ckmk.h" -#endif /* CKMK_H */ - -static const CK_TRUST ckt_netscape_valid = CKT_NETSCAPE_VALID; -static const CK_OBJECT_CLASS cko_certificate = CKO_CERTIFICATE; -static const CK_TRUST ckt_netscape_trusted_delegator = CKT_NETSCAPE_TRUSTED_DELEGATOR; -static const CK_OBJECT_CLASS cko_netscape_trust = CKO_NETSCAPE_TRUST; -static const CK_BBOOL ck_true = CK_TRUE; -static const CK_OBJECT_CLASS cko_data = CKO_DATA; -static const CK_CERTIFICATE_TYPE ckc_x_509 = CKC_X_509; -static const CK_BBOOL ck_false = CK_FALSE; -static const CK_OBJECT_CLASS cko_netscape_builtin_root_list = CKO_NETSCAPE_BUILTIN_ROOT_LIST; - -/* example of a static object */ -static const CK_ATTRIBUTE_TYPE nss_ckmk_types_1[] = { - CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL -}; - -static const NSSItem nss_ckmk_items_1[] = { - { (void *)&cko_data, (PRUint32)sizeof(CK_OBJECT_CLASS) }, - { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)"Mozilla Mac Key Ring Access", (PRUint32)28 } -}; - -ckmkInternalObject nss_ckmk_data[] = { - { ckmkRaw, { { 5, nss_ckmk_types_1, nss_ckmk_items_1 } }, CKO_DATA, { NULL } }, -}; - -const PRUint32 nss_ckmk_nObjects = 1; diff --git a/security/nss/lib/ckfw/session.c b/security/nss/lib/ckfw/session.c index a3119345ca..7efedf4035 100644 --- a/security/nss/lib/ckfw/session.c +++ b/security/nss/lib/ckfw/session.c @@ -1419,9 +1419,8 @@ nssCKFWSession_CopyObject( /* use create object */ NSSArena *tmpArena; CK_ATTRIBUTE_PTR newTemplate; - CK_ULONG i, j, n, newLength, k; + CK_ULONG j, n, newLength, k; CK_ATTRIBUTE_TYPE_PTR oldTypes; - NSSCKFWObject *rv; n = nssCKFWObject_GetAttributeCount(fwObject, pError); if ((0 == n) && (CKR_OK != *pError)) { diff --git a/security/nss/lib/dev/devtoken.c b/security/nss/lib/dev/devtoken.c index 0d4c3b5a72..41ffe86da5 100644 --- a/security/nss/lib/dev/devtoken.c +++ b/security/nss/lib/dev/devtoken.c @@ -528,7 +528,9 @@ nssToken_ImportCertificate( */ NSS_CK_TEMPLATE_START(cert_tmpl, attr, ctsize); NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID, id); - NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_LABEL, nickname); + if (!rvObject->label && nickname) { + NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_LABEL, nickname); + } NSS_CK_TEMPLATE_FINISH(cert_tmpl, attr, ctsize); /* reset the mutable attributes on the token */ nssCKObject_SetAttributes(rvObject->handle, diff --git a/security/nss/lib/freebl/Makefile b/security/nss/lib/freebl/Makefile index a4b1a86aec..bff11c7c8e 100644 --- a/security/nss/lib/freebl/Makefile +++ b/security/nss/lib/freebl/Makefile @@ -517,13 +517,13 @@ ifndef NSS_DISABLE_CHACHAPOLY ifdef HAVE_INT128_SUPPORT EXTRA_SRCS += Hacl_Poly1305_64.c else - EXTRA_SRCS += poly1305.c + EXTRA_SRCS += Hacl_Poly1305_32.c endif else ifeq ($(CPU_ARCH),aarch64) EXTRA_SRCS += Hacl_Poly1305_64.c else - EXTRA_SRCS += poly1305.c + EXTRA_SRCS += Hacl_Poly1305_32.c endif endif # x86_64 @@ -535,12 +535,16 @@ ifeq (,$(filter-out i386 x386 x86 x86_64 aarch64,$(CPU_ARCH))) # All intel architectures get the 64 bit version # With custom uint128 if necessary (faster than generic 32 bit version). ECL_SRCS += curve25519_64.c - VERIFIED_SRCS += Hacl_Curve25519.c FStar.c + VERIFIED_SRCS += Hacl_Curve25519.c else # All non intel architectures get the generic 32 bit implementation (slow!) ECL_SRCS += curve25519_32.c endif +ifndef HAVE_INT128_SUPPORT + VERIFIED_SRCS += FStar.c +endif + ####################################################################### # (5) Execute "global" rules. (OPTIONAL) # ####################################################################### diff --git a/security/nss/lib/freebl/blake2b.c b/security/nss/lib/freebl/blake2b.c index 4099c67e01..b4a0442c95 100644 --- a/security/nss/lib/freebl/blake2b.c +++ b/security/nss/lib/freebl/blake2b.c @@ -180,7 +180,7 @@ blake2b_Begin(BLAKE2BContext* ctx, uint8_t outlen, const uint8_t* key, return SECSuccess; failure: - PORT_Memset(&ctx, 0, sizeof(ctx)); + PORT_Memset(ctx, 0, sizeof(*ctx)); PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } diff --git a/security/nss/lib/freebl/chacha20poly1305.c b/security/nss/lib/freebl/chacha20poly1305.c index 859d05316e..302f0db9e7 100644 --- a/security/nss/lib/freebl/chacha20poly1305.c +++ b/security/nss/lib/freebl/chacha20poly1305.c @@ -24,36 +24,60 @@ extern void Hacl_Chacha20_Vec128_chacha20(uint8_t *output, uint8_t *plain, extern void Hacl_Chacha20_chacha20(uint8_t *output, uint8_t *plain, uint32_t len, uint8_t *k, uint8_t *n1, uint32_t ctr); -/* Poly1305Do writes the Poly1305 authenticator of the given additional data - * and ciphertext to |out|. */ #if defined(HAVE_INT128_SUPPORT) && (defined(NSS_X86_OR_X64) || defined(__aarch64__)) /* Use HACL* Poly1305 on 64-bit Intel and ARM */ #include "verified/Hacl_Poly1305_64.h" +#define NSS_POLY1305_64 1 +#define Hacl_Poly1305_update Hacl_Poly1305_64_update +#define Hacl_Poly1305_mk_state Hacl_Poly1305_64_mk_state +#define Hacl_Poly1305_init Hacl_Poly1305_64_init +#define Hacl_Poly1305_finish Hacl_Poly1305_64_finish +typedef Hacl_Impl_Poly1305_64_State_poly1305_state Hacl_Impl_Poly1305_State_poly1305_state; +#else +/* All other platforms get the 32-bit poly1305 HACL* implementation. */ +#include "verified/Hacl_Poly1305_32.h" +#define NSS_POLY1305_32 1 +#define Hacl_Poly1305_update Hacl_Poly1305_32_update +#define Hacl_Poly1305_mk_state Hacl_Poly1305_32_mk_state +#define Hacl_Poly1305_init Hacl_Poly1305_32_init +#define Hacl_Poly1305_finish Hacl_Poly1305_32_finish +typedef Hacl_Impl_Poly1305_32_State_poly1305_state Hacl_Impl_Poly1305_State_poly1305_state; +#endif /* HAVE_INT128_SUPPORT */ static void -Poly1305PadUpdate(Hacl_Impl_Poly1305_64_State_poly1305_state state, +Poly1305PadUpdate(Hacl_Impl_Poly1305_State_poly1305_state state, unsigned char *block, const unsigned char *p, const unsigned int pLen) { unsigned int pRemLen = pLen % 16; - Hacl_Poly1305_64_update(state, (uint8_t *)p, (pLen / 16)); + Hacl_Poly1305_update(state, (uint8_t *)p, (pLen / 16)); if (pRemLen > 0) { memcpy(block, p + (pLen - pRemLen), pRemLen); - Hacl_Poly1305_64_update(state, block, 1); + Hacl_Poly1305_update(state, block, 1); } } +/* Poly1305Do writes the Poly1305 authenticator of the given additional data + * and ciphertext to |out|. */ static void Poly1305Do(unsigned char *out, const unsigned char *ad, unsigned int adLen, const unsigned char *ciphertext, unsigned int ciphertextLen, const unsigned char key[32]) { - uint64_t tmp1[6U] = { 0U }; - Hacl_Impl_Poly1305_64_State_poly1305_state state = - Hacl_Poly1305_64_mk_state(tmp1, tmp1 + 3); +#ifdef NSS_POLY1305_64 + uint64_t stateStack[6U] = { 0U }; + size_t offset = 3; +#elif defined NSS_POLY1305_32 + uint32_t stateStack[10U] = { 0U }; + size_t offset = 5; +#else +#error "This can't happen." +#endif + Hacl_Impl_Poly1305_State_poly1305_state state = + Hacl_Poly1305_mk_state(stateStack, stateStack + offset); unsigned char block[16] = { 0 }; - Hacl_Poly1305_64_init(state, (uint8_t *)key); + Hacl_Poly1305_init(state, (uint8_t *)key); Poly1305PadUpdate(state, block, ad, adLen); memset(block, 0, 16); @@ -68,49 +92,11 @@ Poly1305Do(unsigned char *out, const unsigned char *ad, unsigned int adLen, block[i] = j; } - Hacl_Poly1305_64_update(state, block, 1); - Hacl_Poly1305_64_finish(state, out, (uint8_t *)(key + 16)); + Hacl_Poly1305_update(state, block, 1); + Hacl_Poly1305_finish(state, out, (uint8_t *)(key + 16)); +#undef NSS_POLY1305_64 +#undef NSS_POLY1305_32 } -#else -/* All other platforms get the 32-bit poly1305 reference implementation. */ -#include "poly1305.h" - -static void -Poly1305Do(unsigned char *out, const unsigned char *ad, unsigned int adLen, - const unsigned char *ciphertext, unsigned int ciphertextLen, - const unsigned char key[32]) -{ - poly1305_state state; - unsigned int j; - unsigned char lengthBytes[8]; - static const unsigned char zeros[15]; - unsigned int i; - - Poly1305Init(&state, key); - Poly1305Update(&state, ad, adLen); - if (adLen % 16 > 0) { - Poly1305Update(&state, zeros, 16 - adLen % 16); - } - Poly1305Update(&state, ciphertext, ciphertextLen); - if (ciphertextLen % 16 > 0) { - Poly1305Update(&state, zeros, 16 - ciphertextLen % 16); - } - j = adLen; - for (i = 0; i < sizeof(lengthBytes); i++) { - lengthBytes[i] = j; - j >>= 8; - } - Poly1305Update(&state, lengthBytes, sizeof(lengthBytes)); - j = ciphertextLen; - for (i = 0; i < sizeof(lengthBytes); i++) { - lengthBytes[i] = j; - j >>= 8; - } - Poly1305Update(&state, lengthBytes, sizeof(lengthBytes)); - Poly1305Finish(&state, out); -} - -#endif /* HAVE_INT128_SUPPORT */ #endif /* NSS_DISABLE_CHACHAPOLY */ SECStatus diff --git a/security/nss/lib/freebl/dsa.c b/security/nss/lib/freebl/dsa.c index 9324d306b1..aef353967d 100644 --- a/security/nss/lib/freebl/dsa.c +++ b/security/nss/lib/freebl/dsa.c @@ -16,14 +16,11 @@ #include "blapi.h" #include "nssilock.h" #include "secitem.h" -#include "blapi.h" +#include "blapit.h" #include "mpi.h" #include "secmpi.h" #include "pqg.h" -/* XXX to be replaced by define in blapit.h */ -#define NSS_FREEBL_DSA_DEFAULT_CHUNKSIZE 2048 - /* * FIPS 186-2 requires result from random output to be reduced mod q when * generating random numbers for DSA. @@ -168,7 +165,7 @@ dsa_NewKeyExtended(const PQGParams *params, const SECItem *seed, return SECFailure; } /* Initialize an arena for the DSA key. */ - arena = PORT_NewArena(NSS_FREEBL_DSA_DEFAULT_CHUNKSIZE); + arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE); if (!arena) { PORT_SetError(SEC_ERROR_NO_MEMORY); return SECFailure; @@ -213,8 +210,9 @@ cleanup: mp_clear(&g); mp_clear(&x); mp_clear(&y); - if (key) + if (key) { PORT_FreeArena(key->params.arena, PR_TRUE); + } if (err) { translate_mpi_error(err); return SECFailure; @@ -321,6 +319,7 @@ dsa_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest, mp_int x, k; /* private key & pseudo-random integer */ mp_int r, s; /* tuple (r, s) is signature) */ mp_int t; /* holding tmp values */ + mp_int ar; /* holding blinding values */ mp_err err = MP_OKAY; SECStatus rv = SECSuccess; unsigned int dsa_subprime_len, dsa_signature_len, offset; @@ -364,6 +363,7 @@ dsa_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest, MP_DIGITS(&r) = 0; MP_DIGITS(&s) = 0; MP_DIGITS(&t) = 0; + MP_DIGITS(&ar) = 0; CHECK_MPI_OK(mp_init(&p)); CHECK_MPI_OK(mp_init(&q)); CHECK_MPI_OK(mp_init(&g)); @@ -372,6 +372,7 @@ dsa_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest, CHECK_MPI_OK(mp_init(&r)); CHECK_MPI_OK(mp_init(&s)); CHECK_MPI_OK(mp_init(&t)); + CHECK_MPI_OK(mp_init(&ar)); /* ** Convert stored PQG and private key into MPI integers. */ @@ -397,14 +398,28 @@ dsa_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest, rv = SECFailure; goto cleanup; } - SECITEM_TO_MPINT(t2, &t); /* t <-$ Zq */ + SECITEM_TO_MPINT(t2, &t); /* t <-$ Zq */ + SECITEM_FreeItem(&t2, PR_FALSE); + if (DSA_NewRandom(NULL, &key->params.subPrime, &t2) != SECSuccess) { + PORT_SetError(SEC_ERROR_NEED_RANDOM); + rv = SECFailure; + goto cleanup; + } + SECITEM_TO_MPINT(t2, &ar); /* ar <-$ Zq */ + SECITEM_FreeItem(&t2, PR_FALSE); + + /* Using mp_invmod on k directly would leak bits from k. */ + CHECK_MPI_OK(mp_mul(&k, &ar, &k)); /* k = k * ar */ CHECK_MPI_OK(mp_mulmod(&k, &t, &q, &k)); /* k = k * t mod q */ CHECK_MPI_OK(mp_invmod(&k, &q, &k)); /* k = k**-1 mod q */ CHECK_MPI_OK(mp_mulmod(&k, &t, &q, &k)); /* k = k * t mod q */ SECITEM_TO_MPINT(localDigest, &s); /* s = HASH(M) */ - CHECK_MPI_OK(mp_mulmod(&x, &r, &q, &x)); /* x = x * r mod q */ - CHECK_MPI_OK(mp_addmod(&s, &x, &q, &s)); /* s = s + x mod q */ - CHECK_MPI_OK(mp_mulmod(&s, &k, &q, &s)); /* s = s * k mod q */ + /* To avoid leaking secret bits here the addition is blinded. */ + CHECK_MPI_OK(mp_mul(&x, &ar, &x)); /* x = x * ar */ + CHECK_MPI_OK(mp_mulmod(&x, &r, &q, &x)); /* x = x * r mod q */ + CHECK_MPI_OK(mp_mulmod(&s, &ar, &q, &t)); /* t = s * ar mod q */ + CHECK_MPI_OK(mp_add(&t, &x, &s)); /* s = t + x */ + CHECK_MPI_OK(mp_mulmod(&s, &k, &q, &s)); /* s = s * k mod q */ /* ** verify r != 0 and s != 0 ** mentioned as optional in FIPS 186-1. @@ -438,7 +453,7 @@ cleanup: mp_clear(&r); mp_clear(&s); mp_clear(&t); - SECITEM_FreeItem(&t2, PR_FALSE); + mp_clear(&ar); if (err) { translate_mpi_error(err); rv = SECFailure; diff --git a/security/nss/lib/freebl/ec.c b/security/nss/lib/freebl/ec.c index b28815ade9..6468a10d63 100644 --- a/security/nss/lib/freebl/ec.c +++ b/security/nss/lib/freebl/ec.c @@ -653,6 +653,7 @@ ECDSA_SignDigestWithSeed(ECPrivateKey *key, SECItem *signature, mp_int r, s; /* tuple (r, s) is the signature */ mp_int t; /* holding tmp values */ mp_int n; + mp_int ar; /* blinding value */ mp_err err = MP_OKAY; ECParams *ecParams = NULL; SECItem kGpoint = { siBuffer, NULL, 0 }; @@ -674,6 +675,7 @@ ECDSA_SignDigestWithSeed(ECPrivateKey *key, SECItem *signature, MP_DIGITS(&s) = 0; MP_DIGITS(&n) = 0; MP_DIGITS(&t) = 0; + MP_DIGITS(&ar) = 0; /* Check args */ if (!key || !signature || !digest || !kb || (kblen < 0)) { @@ -700,6 +702,7 @@ ECDSA_SignDigestWithSeed(ECPrivateKey *key, SECItem *signature, CHECK_MPI_OK(mp_init(&s)); CHECK_MPI_OK(mp_init(&n)); CHECK_MPI_OK(mp_init(&t)); + CHECK_MPI_OK(mp_init(&ar)); SECITEM_TO_MPINT(ecParams->order, &n); SECITEM_TO_MPINT(key->privateValue, &d); @@ -815,12 +818,25 @@ ECDSA_SignDigestWithSeed(ECPrivateKey *key, SECItem *signature, goto cleanup; } CHECK_MPI_OK(mp_read_unsigned_octets(&t, t2, 2 * ecParams->order.len)); /* t <-$ Zn */ - CHECK_MPI_OK(mp_mulmod(&k, &t, &n, &k)); /* k = k * t mod n */ - CHECK_MPI_OK(mp_invmod(&k, &n, &k)); /* k = k**-1 mod n */ - CHECK_MPI_OK(mp_mulmod(&k, &t, &n, &k)); /* k = k * t mod n */ - CHECK_MPI_OK(mp_mulmod(&d, &r, &n, &d)); /* d = d * r mod n */ - CHECK_MPI_OK(mp_addmod(&s, &d, &n, &s)); /* s = s + d mod n */ - CHECK_MPI_OK(mp_mulmod(&s, &k, &n, &s)); /* s = s * k mod n */ + PORT_Memset(t2, 0, 2 * ecParams->order.len); + if (RNG_GenerateGlobalRandomBytes(t2, 2 * ecParams->order.len) != SECSuccess) { + PORT_SetError(SEC_ERROR_NEED_RANDOM); + rv = SECFailure; + goto cleanup; + } + CHECK_MPI_OK(mp_read_unsigned_octets(&ar, t2, 2 * ecParams->order.len)); /* ar <-$ Zn */ + + /* Using mp_invmod on k directly would leak bits from k. */ + CHECK_MPI_OK(mp_mul(&k, &ar, &k)); /* k = k * ar */ + CHECK_MPI_OK(mp_mulmod(&k, &t, &n, &k)); /* k = k * t mod n */ + CHECK_MPI_OK(mp_invmod(&k, &n, &k)); /* k = k**-1 mod n */ + CHECK_MPI_OK(mp_mulmod(&k, &t, &n, &k)); /* k = k * t mod n */ + /* To avoid leaking secret bits here the addition is blinded. */ + CHECK_MPI_OK(mp_mul(&d, &ar, &t)); /* t = d * ar */ + CHECK_MPI_OK(mp_mulmod(&t, &r, &n, &d)); /* d = t * r mod n */ + CHECK_MPI_OK(mp_mulmod(&s, &ar, &n, &t)); /* t = s * ar mod n */ + CHECK_MPI_OK(mp_add(&t, &d, &s)); /* s = t + d */ + CHECK_MPI_OK(mp_mulmod(&s, &k, &n, &s)); /* s = s * k mod n */ #if EC_DEBUG mp_todecimal(&s, mpstr); @@ -858,6 +874,7 @@ cleanup: mp_clear(&s); mp_clear(&n); mp_clear(&t); + mp_clear(&ar); if (t2) { PORT_Free(t2); diff --git a/security/nss/lib/freebl/freebl.gyp b/security/nss/lib/freebl/freebl.gyp index fae56f709e..004807483e 100644 --- a/security/nss/lib/freebl/freebl.gyp +++ b/security/nss/lib/freebl/freebl.gyp @@ -272,28 +272,15 @@ }, }], [ 'cc_use_gnu_ld==1 and OS=="win" and target_arch=="x64"', { + # mingw x64 'defines': [ 'MP_IS_LITTLE_ENDIAN', - 'NSS_BEVAND_ARCFOUR', - 'MPI_AMD64', - 'MP_ASSEMBLY_MULTIPLY', - 'NSS_USE_COMBA', - 'USE_HW_AES', - 'INTEL_GCM', ], }], - [ 'OS!="win"', { - 'conditions': [ - [ 'target_arch=="x64" or target_arch=="arm64" or target_arch=="aarch64"', { - 'defines': [ - # The Makefile does version-tests on GCC, but we're not doing that here. - 'HAVE_INT128_SUPPORT', - ], - }, { - 'defines': [ - 'KRML_NOUINT128', - ], - }], + [ 'have_int128_support==1', { + 'defines': [ + # The Makefile does version-tests on GCC, but we're not doing that here. + 'HAVE_INT128_SUPPORT', ], }, { 'defines': [ @@ -355,5 +342,18 @@ }, 'variables': { 'module': 'nss', + 'conditions': [ + [ 'OS!="win"', { + 'conditions': [ + [ 'target_arch=="x64" or target_arch=="arm64" or target_arch=="aarch64"', { + 'have_int128_support%': 1, + }, { + 'have_int128_support%': 0, + }], + ], + }, { + 'have_int128_support%': 0, + }], + ], } } diff --git a/security/nss/lib/freebl/freebl_base.gypi b/security/nss/lib/freebl/freebl_base.gypi index ebd1018d81..1372994f4c 100644 --- a/security/nss/lib/freebl/freebl_base.gypi +++ b/security/nss/lib/freebl/freebl_base.gypi @@ -59,7 +59,7 @@ 'sha_fast.c', 'shvfy.c', 'sysrand.c', - 'tlsprfalg.c' + 'tlsprfalg.c', ], 'conditions': [ [ 'OS=="linux" or OS=="android"', { @@ -122,6 +122,11 @@ 'intel-gcm-x86-masm.asm', ], }], + [ 'cc_use_gnu_ld==1', { + # mingw + 'sources': [ + ], + }], [ 'cc_is_clang!=1', { # MSVC 'sources': [ @@ -135,7 +140,6 @@ # All intel and 64-bit ARM architectures get the 64 bit version. 'ecl/curve25519_64.c', 'verified/Hacl_Curve25519.c', - 'verified/FStar.c', ], }, { 'sources': [ @@ -167,7 +171,7 @@ }, { # !Windows & !x64 & !arm64 & !aarch64 'sources': [ - 'poly1305.c', + 'verified/Hacl_Poly1305_32.c', ], }], ], @@ -176,7 +180,7 @@ }, { # Windows 'sources': [ - 'poly1305.c', + 'verified/Hacl_Poly1305_32.c', ], }], ], @@ -215,6 +219,9 @@ }], ], }], + [ 'have_int128_support==0', { + 'sources': [ 'verified/FStar.c' ], + }], ], 'ldflags': [ '-Wl,-Bsymbolic' diff --git a/security/nss/lib/freebl/loader.c b/security/nss/lib/freebl/loader.c index fe5e0a6680..6d200e6dd1 100644 --- a/security/nss/lib/freebl/loader.c +++ b/security/nss/lib/freebl/loader.c @@ -2164,12 +2164,12 @@ BLAKE2B_NewContext(void) } void -BLAKE2B_DestroyContext(BLAKE2BContext *BLAKE2BContext, PRBool freeit) +BLAKE2B_DestroyContext(BLAKE2BContext *ctx, PRBool freeit) { if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) { return; } - (vector->p_BLAKE2B_DestroyContext)(BLAKE2BContext, freeit); + (vector->p_BLAKE2B_DestroyContext)(ctx, freeit); } SECStatus diff --git a/security/nss/lib/freebl/mpi/mpi.c b/security/nss/lib/freebl/mpi/mpi.c index ae404019d8..8c893fb5fa 100644 --- a/security/nss/lib/freebl/mpi/mpi.c +++ b/security/nss/lib/freebl/mpi/mpi.c @@ -2657,10 +2657,10 @@ mp_toradix(mp_int *mp, char *str, int radix) /* Reverse the digits and sign indicator */ ix = 0; while (ix < pos) { - char tmp = str[ix]; + char tmpc = str[ix]; str[ix] = str[pos]; - str[pos] = tmp; + str[pos] = tmpc; ++ix; --pos; } @@ -3313,13 +3313,14 @@ s_mp_div_d(mp_int *mp, mp_digit d, mp_digit *r) /* could check for power of 2 here, but mp_div_d does that. */ if (MP_USED(mp) == 1) { mp_digit n = MP_DIGIT(mp, 0); - mp_digit rem; + mp_digit remdig; q = n / d; - rem = n % d; + remdig = n % d; MP_DIGIT(mp, 0) = q; - if (r) - *r = rem; + if (r) { + *r = remdig; + } return MP_OKAY; } diff --git a/security/nss/lib/freebl/poly1305-donna-x64-sse2-incremental-source.c b/security/nss/lib/freebl/poly1305-donna-x64-sse2-incremental-source.c deleted file mode 100644 index 3c803c167d..0000000000 --- a/security/nss/lib/freebl/poly1305-donna-x64-sse2-incremental-source.c +++ /dev/null @@ -1,881 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -/* This implementation of poly1305 is by Andrew Moon - * (https://github.com/floodyberry/poly1305-donna) and released as public - * domain. It implements SIMD vectorization based on the algorithm described in - * http://cr.yp.to/papers.html#neoncrypto. Unrolled to 2 powers, i.e. 64 byte - * block size. */ - -#include <emmintrin.h> -#include <stdint.h> - -#include "poly1305.h" -#include "blapii.h" - -#define ALIGN(x) __attribute__((aligned(x))) -#define INLINE inline -#define U8TO64_LE(m) (*(uint64_t *)(m)) -#define U8TO32_LE(m) (*(uint32_t *)(m)) -#define U64TO8_LE(m, v) (*(uint64_t *)(m)) = v - -typedef __m128i xmmi; -typedef unsigned __int128 uint128_t; - -static const uint32_t ALIGN(16) poly1305_x64_sse2_message_mask[4] = { (1 << 26) - 1, 0, (1 << 26) - 1, 0 }; -static const uint32_t ALIGN(16) poly1305_x64_sse2_5[4] = { 5, 0, 5, 0 }; -static const uint32_t ALIGN(16) poly1305_x64_sse2_1shl128[4] = { (1 << 24), 0, (1 << 24), 0 }; - -static uint128_t INLINE -add128(uint128_t a, uint128_t b) -{ - return a + b; -} - -static uint128_t INLINE -add128_64(uint128_t a, uint64_t b) -{ - return a + b; -} - -static uint128_t INLINE -mul64x64_128(uint64_t a, uint64_t b) -{ - return (uint128_t)a * b; -} - -static uint64_t INLINE -lo128(uint128_t a) -{ - return (uint64_t)a; -} - -static uint64_t INLINE -shr128(uint128_t v, const int shift) -{ - return (uint64_t)(v >> shift); -} - -static uint64_t INLINE -shr128_pair(uint64_t hi, uint64_t lo, const int shift) -{ - return (uint64_t)((((uint128_t)hi << 64) | lo) >> shift); -} - -typedef struct poly1305_power_t { - union { - xmmi v; - uint64_t u[2]; - uint32_t d[4]; - } R20, R21, R22, R23, R24, S21, S22, S23, S24; -} poly1305_power; - -typedef struct poly1305_state_internal_t { - poly1305_power P[2]; /* 288 bytes, top 32 bit halves unused = 144 bytes of free storage */ - union { - xmmi H[5]; /* 80 bytes */ - uint64_t HH[10]; - }; - /* uint64_t r0,r1,r2; [24 bytes] */ - /* uint64_t pad0,pad1; [16 bytes] */ - uint64_t started; /* 8 bytes */ - uint64_t leftover; /* 8 bytes */ - uint8_t buffer[64]; /* 64 bytes */ -} poly1305_state_internal; /* 448 bytes total + 63 bytes for alignment = 511 bytes raw */ - -static poly1305_state_internal INLINE - * - poly1305_aligned_state(poly1305_state *state) -{ - return (poly1305_state_internal *)(((uint64_t)state + 63) & ~63); -} - -/* copy 0-63 bytes */ -static void INLINE NO_SANITIZE_ALIGNMENT -poly1305_block_copy(uint8_t *dst, const uint8_t *src, size_t bytes) -{ - size_t offset = src - dst; - if (bytes & 32) { - _mm_storeu_si128((xmmi *)(dst + 0), _mm_loadu_si128((xmmi *)(dst + offset + 0))); - _mm_storeu_si128((xmmi *)(dst + 16), _mm_loadu_si128((xmmi *)(dst + offset + 16))); - dst += 32; - } - if (bytes & 16) { - _mm_storeu_si128((xmmi *)dst, _mm_loadu_si128((xmmi *)(dst + offset))); - dst += 16; - } - if (bytes & 8) { - *(uint64_t *)dst = *(uint64_t *)(dst + offset); - dst += 8; - } - if (bytes & 4) { - *(uint32_t *)dst = *(uint32_t *)(dst + offset); - dst += 4; - } - if (bytes & 2) { - *(uint16_t *)dst = *(uint16_t *)(dst + offset); - dst += 2; - } - if (bytes & 1) { - *(uint8_t *)dst = *(uint8_t *)(dst + offset); - } -} - -/* zero 0-15 bytes */ -static void INLINE -poly1305_block_zero(uint8_t *dst, size_t bytes) -{ - if (bytes & 8) { - *(uint64_t *)dst = 0; - dst += 8; - } - if (bytes & 4) { - *(uint32_t *)dst = 0; - dst += 4; - } - if (bytes & 2) { - *(uint16_t *)dst = 0; - dst += 2; - } - if (bytes & 1) { - *(uint8_t *)dst = 0; - } -} - -static size_t INLINE -poly1305_min(size_t a, size_t b) -{ - return (a < b) ? a : b; -} - -void -Poly1305Init(poly1305_state *state, const unsigned char key[32]) -{ - poly1305_state_internal *st = poly1305_aligned_state(state); - poly1305_power *p; - uint64_t r0, r1, r2; - uint64_t t0, t1; - - /* clamp key */ - t0 = U8TO64_LE(key + 0); - t1 = U8TO64_LE(key + 8); - r0 = t0 & 0xffc0fffffff; - t0 >>= 44; - t0 |= t1 << 20; - r1 = t0 & 0xfffffc0ffff; - t1 >>= 24; - r2 = t1 & 0x00ffffffc0f; - - /* store r in un-used space of st->P[1] */ - p = &st->P[1]; - p->R20.d[1] = (uint32_t)(r0); - p->R20.d[3] = (uint32_t)(r0 >> 32); - p->R21.d[1] = (uint32_t)(r1); - p->R21.d[3] = (uint32_t)(r1 >> 32); - p->R22.d[1] = (uint32_t)(r2); - p->R22.d[3] = (uint32_t)(r2 >> 32); - - /* store pad */ - p->R23.d[1] = U8TO32_LE(key + 16); - p->R23.d[3] = U8TO32_LE(key + 20); - p->R24.d[1] = U8TO32_LE(key + 24); - p->R24.d[3] = U8TO32_LE(key + 28); - - /* H = 0 */ - st->H[0] = _mm_setzero_si128(); - st->H[1] = _mm_setzero_si128(); - st->H[2] = _mm_setzero_si128(); - st->H[3] = _mm_setzero_si128(); - st->H[4] = _mm_setzero_si128(); - - st->started = 0; - st->leftover = 0; -} - -static void -poly1305_first_block(poly1305_state_internal *st, const uint8_t *m) -{ - const xmmi MMASK = _mm_load_si128((xmmi *)poly1305_x64_sse2_message_mask); - const xmmi FIVE = _mm_load_si128((xmmi *)poly1305_x64_sse2_5); - const xmmi HIBIT = _mm_load_si128((xmmi *)poly1305_x64_sse2_1shl128); - xmmi T5, T6; - poly1305_power *p; - uint128_t d[3]; - uint64_t r0, r1, r2; - uint64_t r20, r21, r22, s22; - uint64_t pad0, pad1; - uint64_t c; - uint64_t i; - - /* pull out stored info */ - p = &st->P[1]; - - r0 = ((uint64_t)p->R20.d[3] << 32) | (uint64_t)p->R20.d[1]; - r1 = ((uint64_t)p->R21.d[3] << 32) | (uint64_t)p->R21.d[1]; - r2 = ((uint64_t)p->R22.d[3] << 32) | (uint64_t)p->R22.d[1]; - pad0 = ((uint64_t)p->R23.d[3] << 32) | (uint64_t)p->R23.d[1]; - pad1 = ((uint64_t)p->R24.d[3] << 32) | (uint64_t)p->R24.d[1]; - - /* compute powers r^2,r^4 */ - r20 = r0; - r21 = r1; - r22 = r2; - for (i = 0; i < 2; i++) { - s22 = r22 * (5 << 2); - - d[0] = add128(mul64x64_128(r20, r20), mul64x64_128(r21 * 2, s22)); - d[1] = add128(mul64x64_128(r22, s22), mul64x64_128(r20 * 2, r21)); - d[2] = add128(mul64x64_128(r21, r21), mul64x64_128(r22 * 2, r20)); - - r20 = lo128(d[0]) & 0xfffffffffff; - c = shr128(d[0], 44); - d[1] = add128_64(d[1], c); - r21 = lo128(d[1]) & 0xfffffffffff; - c = shr128(d[1], 44); - d[2] = add128_64(d[2], c); - r22 = lo128(d[2]) & 0x3ffffffffff; - c = shr128(d[2], 42); - r20 += c * 5; - c = (r20 >> 44); - r20 = r20 & 0xfffffffffff; - r21 += c; - - p->R20.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)(r20)&0x3ffffff), _MM_SHUFFLE(1, 0, 1, 0)); - p->R21.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)((r20 >> 26) | (r21 << 18)) & 0x3ffffff), _MM_SHUFFLE(1, 0, 1, 0)); - p->R22.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)((r21 >> 8)) & 0x3ffffff), _MM_SHUFFLE(1, 0, 1, 0)); - p->R23.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)((r21 >> 34) | (r22 << 10)) & 0x3ffffff), _MM_SHUFFLE(1, 0, 1, 0)); - p->R24.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)((r22 >> 16))), _MM_SHUFFLE(1, 0, 1, 0)); - p->S21.v = _mm_mul_epu32(p->R21.v, FIVE); - p->S22.v = _mm_mul_epu32(p->R22.v, FIVE); - p->S23.v = _mm_mul_epu32(p->R23.v, FIVE); - p->S24.v = _mm_mul_epu32(p->R24.v, FIVE); - p--; - } - - /* put saved info back */ - p = &st->P[1]; - p->R20.d[1] = (uint32_t)(r0); - p->R20.d[3] = (uint32_t)(r0 >> 32); - p->R21.d[1] = (uint32_t)(r1); - p->R21.d[3] = (uint32_t)(r1 >> 32); - p->R22.d[1] = (uint32_t)(r2); - p->R22.d[3] = (uint32_t)(r2 >> 32); - p->R23.d[1] = (uint32_t)(pad0); - p->R23.d[3] = (uint32_t)(pad0 >> 32); - p->R24.d[1] = (uint32_t)(pad1); - p->R24.d[3] = (uint32_t)(pad1 >> 32); - - /* H = [Mx,My] */ - T5 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 0)), _mm_loadl_epi64((xmmi *)(m + 16))); - T6 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 8)), _mm_loadl_epi64((xmmi *)(m + 24))); - st->H[0] = _mm_and_si128(MMASK, T5); - st->H[1] = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26)); - T5 = _mm_or_si128(_mm_srli_epi64(T5, 52), _mm_slli_epi64(T6, 12)); - st->H[2] = _mm_and_si128(MMASK, T5); - st->H[3] = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26)); - st->H[4] = _mm_or_si128(_mm_srli_epi64(T6, 40), HIBIT); -} - -static void -poly1305_blocks(poly1305_state_internal *st, const uint8_t *m, size_t bytes) -{ - const xmmi MMASK = _mm_load_si128((xmmi *)poly1305_x64_sse2_message_mask); - const xmmi FIVE = _mm_load_si128((xmmi *)poly1305_x64_sse2_5); - const xmmi HIBIT = _mm_load_si128((xmmi *)poly1305_x64_sse2_1shl128); - - poly1305_power *p; - xmmi H0, H1, H2, H3, H4; - xmmi T0, T1, T2, T3, T4, T5, T6; - xmmi M0, M1, M2, M3, M4; - xmmi C1, C2; - - H0 = st->H[0]; - H1 = st->H[1]; - H2 = st->H[2]; - H3 = st->H[3]; - H4 = st->H[4]; - - while (bytes >= 64) { - /* H *= [r^4,r^4] */ - p = &st->P[0]; - T0 = _mm_mul_epu32(H0, p->R20.v); - T1 = _mm_mul_epu32(H0, p->R21.v); - T2 = _mm_mul_epu32(H0, p->R22.v); - T3 = _mm_mul_epu32(H0, p->R23.v); - T4 = _mm_mul_epu32(H0, p->R24.v); - T5 = _mm_mul_epu32(H1, p->S24.v); - T6 = _mm_mul_epu32(H1, p->R20.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H2, p->S23.v); - T6 = _mm_mul_epu32(H2, p->S24.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H3, p->S22.v); - T6 = _mm_mul_epu32(H3, p->S23.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H4, p->S21.v); - T6 = _mm_mul_epu32(H4, p->S22.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H1, p->R21.v); - T6 = _mm_mul_epu32(H1, p->R22.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H2, p->R20.v); - T6 = _mm_mul_epu32(H2, p->R21.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H3, p->S24.v); - T6 = _mm_mul_epu32(H3, p->R20.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H4, p->S23.v); - T6 = _mm_mul_epu32(H4, p->S24.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H1, p->R23.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(H2, p->R22.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(H3, p->R21.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(H4, p->R20.v); - T4 = _mm_add_epi64(T4, T5); - - /* H += [Mx,My]*[r^2,r^2] */ - T5 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 0)), _mm_loadl_epi64((xmmi *)(m + 16))); - T6 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 8)), _mm_loadl_epi64((xmmi *)(m + 24))); - M0 = _mm_and_si128(MMASK, T5); - M1 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26)); - T5 = _mm_or_si128(_mm_srli_epi64(T5, 52), _mm_slli_epi64(T6, 12)); - M2 = _mm_and_si128(MMASK, T5); - M3 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26)); - M4 = _mm_or_si128(_mm_srli_epi64(T6, 40), HIBIT); - - p = &st->P[1]; - T5 = _mm_mul_epu32(M0, p->R20.v); - T6 = _mm_mul_epu32(M0, p->R21.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(M1, p->S24.v); - T6 = _mm_mul_epu32(M1, p->R20.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(M2, p->S23.v); - T6 = _mm_mul_epu32(M2, p->S24.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(M3, p->S22.v); - T6 = _mm_mul_epu32(M3, p->S23.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(M4, p->S21.v); - T6 = _mm_mul_epu32(M4, p->S22.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(M0, p->R22.v); - T6 = _mm_mul_epu32(M0, p->R23.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(M1, p->R21.v); - T6 = _mm_mul_epu32(M1, p->R22.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(M2, p->R20.v); - T6 = _mm_mul_epu32(M2, p->R21.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(M3, p->S24.v); - T6 = _mm_mul_epu32(M3, p->R20.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(M4, p->S23.v); - T6 = _mm_mul_epu32(M4, p->S24.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(M0, p->R24.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(M1, p->R23.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(M2, p->R22.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(M3, p->R21.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(M4, p->R20.v); - T4 = _mm_add_epi64(T4, T5); - - /* H += [Mx,My] */ - T5 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 32)), _mm_loadl_epi64((xmmi *)(m + 48))); - T6 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 40)), _mm_loadl_epi64((xmmi *)(m + 56))); - M0 = _mm_and_si128(MMASK, T5); - M1 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26)); - T5 = _mm_or_si128(_mm_srli_epi64(T5, 52), _mm_slli_epi64(T6, 12)); - M2 = _mm_and_si128(MMASK, T5); - M3 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26)); - M4 = _mm_or_si128(_mm_srli_epi64(T6, 40), HIBIT); - - T0 = _mm_add_epi64(T0, M0); - T1 = _mm_add_epi64(T1, M1); - T2 = _mm_add_epi64(T2, M2); - T3 = _mm_add_epi64(T3, M3); - T4 = _mm_add_epi64(T4, M4); - - /* reduce */ - C1 = _mm_srli_epi64(T0, 26); - C2 = _mm_srli_epi64(T3, 26); - T0 = _mm_and_si128(T0, MMASK); - T3 = _mm_and_si128(T3, MMASK); - T1 = _mm_add_epi64(T1, C1); - T4 = _mm_add_epi64(T4, C2); - C1 = _mm_srli_epi64(T1, 26); - C2 = _mm_srli_epi64(T4, 26); - T1 = _mm_and_si128(T1, MMASK); - T4 = _mm_and_si128(T4, MMASK); - T2 = _mm_add_epi64(T2, C1); - T0 = _mm_add_epi64(T0, _mm_mul_epu32(C2, FIVE)); - C1 = _mm_srli_epi64(T2, 26); - C2 = _mm_srli_epi64(T0, 26); - T2 = _mm_and_si128(T2, MMASK); - T0 = _mm_and_si128(T0, MMASK); - T3 = _mm_add_epi64(T3, C1); - T1 = _mm_add_epi64(T1, C2); - C1 = _mm_srli_epi64(T3, 26); - T3 = _mm_and_si128(T3, MMASK); - T4 = _mm_add_epi64(T4, C1); - - /* H = (H*[r^4,r^4] + [Mx,My]*[r^2,r^2] + [Mx,My]) */ - H0 = T0; - H1 = T1; - H2 = T2; - H3 = T3; - H4 = T4; - - m += 64; - bytes -= 64; - } - - st->H[0] = H0; - st->H[1] = H1; - st->H[2] = H2; - st->H[3] = H3; - st->H[4] = H4; -} - -static size_t -poly1305_combine(poly1305_state_internal *st, const uint8_t *m, size_t bytes) -{ - const xmmi MMASK = _mm_load_si128((xmmi *)poly1305_x64_sse2_message_mask); - const xmmi HIBIT = _mm_load_si128((xmmi *)poly1305_x64_sse2_1shl128); - const xmmi FIVE = _mm_load_si128((xmmi *)poly1305_x64_sse2_5); - - poly1305_power *p; - xmmi H0, H1, H2, H3, H4; - xmmi M0, M1, M2, M3, M4; - xmmi T0, T1, T2, T3, T4, T5, T6; - xmmi C1, C2; - - uint64_t r0, r1, r2; - uint64_t t0, t1, t2, t3, t4; - uint64_t c; - size_t consumed = 0; - - H0 = st->H[0]; - H1 = st->H[1]; - H2 = st->H[2]; - H3 = st->H[3]; - H4 = st->H[4]; - - /* p = [r^2,r^2] */ - p = &st->P[1]; - - if (bytes >= 32) { - /* H *= [r^2,r^2] */ - T0 = _mm_mul_epu32(H0, p->R20.v); - T1 = _mm_mul_epu32(H0, p->R21.v); - T2 = _mm_mul_epu32(H0, p->R22.v); - T3 = _mm_mul_epu32(H0, p->R23.v); - T4 = _mm_mul_epu32(H0, p->R24.v); - T5 = _mm_mul_epu32(H1, p->S24.v); - T6 = _mm_mul_epu32(H1, p->R20.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H2, p->S23.v); - T6 = _mm_mul_epu32(H2, p->S24.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H3, p->S22.v); - T6 = _mm_mul_epu32(H3, p->S23.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H4, p->S21.v); - T6 = _mm_mul_epu32(H4, p->S22.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H1, p->R21.v); - T6 = _mm_mul_epu32(H1, p->R22.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H2, p->R20.v); - T6 = _mm_mul_epu32(H2, p->R21.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H3, p->S24.v); - T6 = _mm_mul_epu32(H3, p->R20.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H4, p->S23.v); - T6 = _mm_mul_epu32(H4, p->S24.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H1, p->R23.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(H2, p->R22.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(H3, p->R21.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(H4, p->R20.v); - T4 = _mm_add_epi64(T4, T5); - - /* H += [Mx,My] */ - T5 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 0)), _mm_loadl_epi64((xmmi *)(m + 16))); - T6 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 8)), _mm_loadl_epi64((xmmi *)(m + 24))); - M0 = _mm_and_si128(MMASK, T5); - M1 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26)); - T5 = _mm_or_si128(_mm_srli_epi64(T5, 52), _mm_slli_epi64(T6, 12)); - M2 = _mm_and_si128(MMASK, T5); - M3 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26)); - M4 = _mm_or_si128(_mm_srli_epi64(T6, 40), HIBIT); - - T0 = _mm_add_epi64(T0, M0); - T1 = _mm_add_epi64(T1, M1); - T2 = _mm_add_epi64(T2, M2); - T3 = _mm_add_epi64(T3, M3); - T4 = _mm_add_epi64(T4, M4); - - /* reduce */ - C1 = _mm_srli_epi64(T0, 26); - C2 = _mm_srli_epi64(T3, 26); - T0 = _mm_and_si128(T0, MMASK); - T3 = _mm_and_si128(T3, MMASK); - T1 = _mm_add_epi64(T1, C1); - T4 = _mm_add_epi64(T4, C2); - C1 = _mm_srli_epi64(T1, 26); - C2 = _mm_srli_epi64(T4, 26); - T1 = _mm_and_si128(T1, MMASK); - T4 = _mm_and_si128(T4, MMASK); - T2 = _mm_add_epi64(T2, C1); - T0 = _mm_add_epi64(T0, _mm_mul_epu32(C2, FIVE)); - C1 = _mm_srli_epi64(T2, 26); - C2 = _mm_srli_epi64(T0, 26); - T2 = _mm_and_si128(T2, MMASK); - T0 = _mm_and_si128(T0, MMASK); - T3 = _mm_add_epi64(T3, C1); - T1 = _mm_add_epi64(T1, C2); - C1 = _mm_srli_epi64(T3, 26); - T3 = _mm_and_si128(T3, MMASK); - T4 = _mm_add_epi64(T4, C1); - - /* H = (H*[r^2,r^2] + [Mx,My]) */ - H0 = T0; - H1 = T1; - H2 = T2; - H3 = T3; - H4 = T4; - - consumed = 32; - } - - /* finalize, H *= [r^2,r] */ - r0 = ((uint64_t)p->R20.d[3] << 32) | (uint64_t)p->R20.d[1]; - r1 = ((uint64_t)p->R21.d[3] << 32) | (uint64_t)p->R21.d[1]; - r2 = ((uint64_t)p->R22.d[3] << 32) | (uint64_t)p->R22.d[1]; - - p->R20.d[2] = (uint32_t)(r0)&0x3ffffff; - p->R21.d[2] = (uint32_t)((r0 >> 26) | (r1 << 18)) & 0x3ffffff; - p->R22.d[2] = (uint32_t)((r1 >> 8)) & 0x3ffffff; - p->R23.d[2] = (uint32_t)((r1 >> 34) | (r2 << 10)) & 0x3ffffff; - p->R24.d[2] = (uint32_t)((r2 >> 16)); - p->S21.d[2] = p->R21.d[2] * 5; - p->S22.d[2] = p->R22.d[2] * 5; - p->S23.d[2] = p->R23.d[2] * 5; - p->S24.d[2] = p->R24.d[2] * 5; - - /* H *= [r^2,r] */ - T0 = _mm_mul_epu32(H0, p->R20.v); - T1 = _mm_mul_epu32(H0, p->R21.v); - T2 = _mm_mul_epu32(H0, p->R22.v); - T3 = _mm_mul_epu32(H0, p->R23.v); - T4 = _mm_mul_epu32(H0, p->R24.v); - T5 = _mm_mul_epu32(H1, p->S24.v); - T6 = _mm_mul_epu32(H1, p->R20.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H2, p->S23.v); - T6 = _mm_mul_epu32(H2, p->S24.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H3, p->S22.v); - T6 = _mm_mul_epu32(H3, p->S23.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H4, p->S21.v); - T6 = _mm_mul_epu32(H4, p->S22.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H1, p->R21.v); - T6 = _mm_mul_epu32(H1, p->R22.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H2, p->R20.v); - T6 = _mm_mul_epu32(H2, p->R21.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H3, p->S24.v); - T6 = _mm_mul_epu32(H3, p->R20.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H4, p->S23.v); - T6 = _mm_mul_epu32(H4, p->S24.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H1, p->R23.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(H2, p->R22.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(H3, p->R21.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(H4, p->R20.v); - T4 = _mm_add_epi64(T4, T5); - - C1 = _mm_srli_epi64(T0, 26); - C2 = _mm_srli_epi64(T3, 26); - T0 = _mm_and_si128(T0, MMASK); - T3 = _mm_and_si128(T3, MMASK); - T1 = _mm_add_epi64(T1, C1); - T4 = _mm_add_epi64(T4, C2); - C1 = _mm_srli_epi64(T1, 26); - C2 = _mm_srli_epi64(T4, 26); - T1 = _mm_and_si128(T1, MMASK); - T4 = _mm_and_si128(T4, MMASK); - T2 = _mm_add_epi64(T2, C1); - T0 = _mm_add_epi64(T0, _mm_mul_epu32(C2, FIVE)); - C1 = _mm_srli_epi64(T2, 26); - C2 = _mm_srli_epi64(T0, 26); - T2 = _mm_and_si128(T2, MMASK); - T0 = _mm_and_si128(T0, MMASK); - T3 = _mm_add_epi64(T3, C1); - T1 = _mm_add_epi64(T1, C2); - C1 = _mm_srli_epi64(T3, 26); - T3 = _mm_and_si128(T3, MMASK); - T4 = _mm_add_epi64(T4, C1); - - /* H = H[0]+H[1] */ - H0 = _mm_add_epi64(T0, _mm_srli_si128(T0, 8)); - H1 = _mm_add_epi64(T1, _mm_srli_si128(T1, 8)); - H2 = _mm_add_epi64(T2, _mm_srli_si128(T2, 8)); - H3 = _mm_add_epi64(T3, _mm_srli_si128(T3, 8)); - H4 = _mm_add_epi64(T4, _mm_srli_si128(T4, 8)); - - t0 = _mm_cvtsi128_si32(H0); - c = (t0 >> 26); - t0 &= 0x3ffffff; - t1 = _mm_cvtsi128_si32(H1) + c; - c = (t1 >> 26); - t1 &= 0x3ffffff; - t2 = _mm_cvtsi128_si32(H2) + c; - c = (t2 >> 26); - t2 &= 0x3ffffff; - t3 = _mm_cvtsi128_si32(H3) + c; - c = (t3 >> 26); - t3 &= 0x3ffffff; - t4 = _mm_cvtsi128_si32(H4) + c; - c = (t4 >> 26); - t4 &= 0x3ffffff; - t0 = t0 + (c * 5); - c = (t0 >> 26); - t0 &= 0x3ffffff; - t1 = t1 + c; - - st->HH[0] = ((t0) | (t1 << 26)) & 0xfffffffffffull; - st->HH[1] = ((t1 >> 18) | (t2 << 8) | (t3 << 34)) & 0xfffffffffffull; - st->HH[2] = ((t3 >> 10) | (t4 << 16)) & 0x3ffffffffffull; - - return consumed; -} - -void -Poly1305Update(poly1305_state *state, const unsigned char *m, size_t bytes) -{ - poly1305_state_internal *st = poly1305_aligned_state(state); - size_t want; - - /* need at least 32 initial bytes to start the accelerated branch */ - if (!st->started) { - if ((st->leftover == 0) && (bytes > 32)) { - poly1305_first_block(st, m); - m += 32; - bytes -= 32; - } else { - want = poly1305_min(32 - st->leftover, bytes); - poly1305_block_copy(st->buffer + st->leftover, m, want); - bytes -= want; - m += want; - st->leftover += want; - if ((st->leftover < 32) || (bytes == 0)) - return; - poly1305_first_block(st, st->buffer); - st->leftover = 0; - } - st->started = 1; - } - - /* handle leftover */ - if (st->leftover) { - want = poly1305_min(64 - st->leftover, bytes); - poly1305_block_copy(st->buffer + st->leftover, m, want); - bytes -= want; - m += want; - st->leftover += want; - if (st->leftover < 64) - return; - poly1305_blocks(st, st->buffer, 64); - st->leftover = 0; - } - - /* process 64 byte blocks */ - if (bytes >= 64) { - want = (bytes & ~63); - poly1305_blocks(st, m, want); - m += want; - bytes -= want; - } - - if (bytes) { - poly1305_block_copy(st->buffer + st->leftover, m, bytes); - st->leftover += bytes; - } -} - -void -Poly1305Finish(poly1305_state *state, unsigned char mac[16]) -{ - poly1305_state_internal *st = poly1305_aligned_state(state); - size_t leftover = st->leftover; - uint8_t *m = st->buffer; - uint128_t d[3]; - uint64_t h0, h1, h2; - uint64_t t0, t1; - uint64_t g0, g1, g2, c, nc; - uint64_t r0, r1, r2, s1, s2; - poly1305_power *p; - - if (st->started) { - size_t consumed = poly1305_combine(st, m, leftover); - leftover -= consumed; - m += consumed; - } - - /* st->HH will either be 0 or have the combined result */ - h0 = st->HH[0]; - h1 = st->HH[1]; - h2 = st->HH[2]; - - p = &st->P[1]; - r0 = ((uint64_t)p->R20.d[3] << 32) | (uint64_t)p->R20.d[1]; - r1 = ((uint64_t)p->R21.d[3] << 32) | (uint64_t)p->R21.d[1]; - r2 = ((uint64_t)p->R22.d[3] << 32) | (uint64_t)p->R22.d[1]; - s1 = r1 * (5 << 2); - s2 = r2 * (5 << 2); - - if (leftover < 16) - goto poly1305_donna_atmost15bytes; - -poly1305_donna_atleast16bytes: - t0 = U8TO64_LE(m + 0); - t1 = U8TO64_LE(m + 8); - h0 += t0 & 0xfffffffffff; - t0 = shr128_pair(t1, t0, 44); - h1 += t0 & 0xfffffffffff; - h2 += (t1 >> 24) | ((uint64_t)1 << 40); - -poly1305_donna_mul: - d[0] = add128(add128(mul64x64_128(h0, r0), mul64x64_128(h1, s2)), mul64x64_128(h2, s1)); - d[1] = add128(add128(mul64x64_128(h0, r1), mul64x64_128(h1, r0)), mul64x64_128(h2, s2)); - d[2] = add128(add128(mul64x64_128(h0, r2), mul64x64_128(h1, r1)), mul64x64_128(h2, r0)); - h0 = lo128(d[0]) & 0xfffffffffff; - c = shr128(d[0], 44); - d[1] = add128_64(d[1], c); - h1 = lo128(d[1]) & 0xfffffffffff; - c = shr128(d[1], 44); - d[2] = add128_64(d[2], c); - h2 = lo128(d[2]) & 0x3ffffffffff; - c = shr128(d[2], 42); - h0 += c * 5; - - m += 16; - leftover -= 16; - if (leftover >= 16) - goto poly1305_donna_atleast16bytes; - -/* final bytes */ -poly1305_donna_atmost15bytes: - if (!leftover) - goto poly1305_donna_finish; - - m[leftover++] = 1; - poly1305_block_zero(m + leftover, 16 - leftover); - leftover = 16; - - t0 = U8TO64_LE(m + 0); - t1 = U8TO64_LE(m + 8); - h0 += t0 & 0xfffffffffff; - t0 = shr128_pair(t1, t0, 44); - h1 += t0 & 0xfffffffffff; - h2 += (t1 >> 24); - - goto poly1305_donna_mul; - -poly1305_donna_finish: - c = (h0 >> 44); - h0 &= 0xfffffffffff; - h1 += c; - c = (h1 >> 44); - h1 &= 0xfffffffffff; - h2 += c; - c = (h2 >> 42); - h2 &= 0x3ffffffffff; - h0 += c * 5; - - g0 = h0 + 5; - c = (g0 >> 44); - g0 &= 0xfffffffffff; - g1 = h1 + c; - c = (g1 >> 44); - g1 &= 0xfffffffffff; - g2 = h2 + c - ((uint64_t)1 << 42); - - c = (g2 >> 63) - 1; - nc = ~c; - h0 = (h0 & nc) | (g0 & c); - h1 = (h1 & nc) | (g1 & c); - h2 = (h2 & nc) | (g2 & c); - - /* pad */ - t0 = ((uint64_t)p->R23.d[3] << 32) | (uint64_t)p->R23.d[1]; - t1 = ((uint64_t)p->R24.d[3] << 32) | (uint64_t)p->R24.d[1]; - h0 += (t0 & 0xfffffffffff); - c = (h0 >> 44); - h0 &= 0xfffffffffff; - t0 = shr128_pair(t1, t0, 44); - h1 += (t0 & 0xfffffffffff) + c; - c = (h1 >> 44); - h1 &= 0xfffffffffff; - t1 = (t1 >> 24); - h2 += (t1) + c; - - U64TO8_LE(mac + 0, ((h0) | (h1 << 44))); - U64TO8_LE(mac + 8, ((h1 >> 20) | (h2 << 24))); -} diff --git a/security/nss/lib/freebl/poly1305.c b/security/nss/lib/freebl/poly1305.c deleted file mode 100644 index eb3e3cd55c..0000000000 --- a/security/nss/lib/freebl/poly1305.c +++ /dev/null @@ -1,314 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -/* This implementation of poly1305 is by Andrew Moon - * (https://github.com/floodyberry/poly1305-donna) and released as public - * domain. */ - -#include <string.h> - -#include "poly1305.h" - -#if defined(_MSC_VER) && _MSC_VER < 1600 -#include "prtypes.h" -typedef PRUint32 uint32_t; -typedef PRUint64 uint64_t; -#else -#include <stdint.h> -#endif - -#if defined(NSS_X86) || defined(NSS_X64) -/* We can assume little-endian. */ -static uint32_t -U8TO32_LE(const unsigned char *m) -{ - uint32_t r; - memcpy(&r, m, sizeof(r)); - return r; -} - -static void -U32TO8_LE(unsigned char *m, uint32_t v) -{ - memcpy(m, &v, sizeof(v)); -} -#else -static uint32_t -U8TO32_LE(const unsigned char *m) -{ - return (uint32_t)m[0] | - (uint32_t)m[1] << 8 | - (uint32_t)m[2] << 16 | - (uint32_t)m[3] << 24; -} - -static void -U32TO8_LE(unsigned char *m, uint32_t v) -{ - m[0] = v; - m[1] = v >> 8; - m[2] = v >> 16; - m[3] = v >> 24; -} -#endif - -static uint64_t -mul32x32_64(uint32_t a, uint32_t b) -{ - return (uint64_t)a * b; -} - -struct poly1305_state_st { - uint32_t r0, r1, r2, r3, r4; - uint32_t s1, s2, s3, s4; - uint32_t h0, h1, h2, h3, h4; - unsigned char buf[16]; - unsigned int buf_used; - unsigned char key[16]; -}; - -/* update updates |state| given some amount of input data. This function may - * only be called with a |len| that is not a multiple of 16 at the end of the - * data. Otherwise the input must be buffered into 16 byte blocks. */ -static void -update(struct poly1305_state_st *state, const unsigned char *in, - size_t len) -{ - uint32_t t0, t1, t2, t3; - uint64_t t[5]; - uint32_t b; - uint64_t c; - size_t j; - unsigned char mp[16]; - - if (len < 16) - goto poly1305_donna_atmost15bytes; - -poly1305_donna_16bytes: - t0 = U8TO32_LE(in); - t1 = U8TO32_LE(in + 4); - t2 = U8TO32_LE(in + 8); - t3 = U8TO32_LE(in + 12); - - in += 16; - len -= 16; - - state->h0 += t0 & 0x3ffffff; - state->h1 += ((((uint64_t)t1 << 32) | t0) >> 26) & 0x3ffffff; - state->h2 += ((((uint64_t)t2 << 32) | t1) >> 20) & 0x3ffffff; - state->h3 += ((((uint64_t)t3 << 32) | t2) >> 14) & 0x3ffffff; - state->h4 += (t3 >> 8) | (1 << 24); - -poly1305_donna_mul: - t[0] = mul32x32_64(state->h0, state->r0) + - mul32x32_64(state->h1, state->s4) + - mul32x32_64(state->h2, state->s3) + - mul32x32_64(state->h3, state->s2) + - mul32x32_64(state->h4, state->s1); - t[1] = mul32x32_64(state->h0, state->r1) + - mul32x32_64(state->h1, state->r0) + - mul32x32_64(state->h2, state->s4) + - mul32x32_64(state->h3, state->s3) + - mul32x32_64(state->h4, state->s2); - t[2] = mul32x32_64(state->h0, state->r2) + - mul32x32_64(state->h1, state->r1) + - mul32x32_64(state->h2, state->r0) + - mul32x32_64(state->h3, state->s4) + - mul32x32_64(state->h4, state->s3); - t[3] = mul32x32_64(state->h0, state->r3) + - mul32x32_64(state->h1, state->r2) + - mul32x32_64(state->h2, state->r1) + - mul32x32_64(state->h3, state->r0) + - mul32x32_64(state->h4, state->s4); - t[4] = mul32x32_64(state->h0, state->r4) + - mul32x32_64(state->h1, state->r3) + - mul32x32_64(state->h2, state->r2) + - mul32x32_64(state->h3, state->r1) + - mul32x32_64(state->h4, state->r0); - - state->h0 = (uint32_t)t[0] & 0x3ffffff; - c = (t[0] >> 26); - t[1] += c; - state->h1 = (uint32_t)t[1] & 0x3ffffff; - b = (uint32_t)(t[1] >> 26); - t[2] += b; - state->h2 = (uint32_t)t[2] & 0x3ffffff; - b = (uint32_t)(t[2] >> 26); - t[3] += b; - state->h3 = (uint32_t)t[3] & 0x3ffffff; - b = (uint32_t)(t[3] >> 26); - t[4] += b; - state->h4 = (uint32_t)t[4] & 0x3ffffff; - b = (uint32_t)(t[4] >> 26); - state->h0 += b * 5; - - if (len >= 16) - goto poly1305_donna_16bytes; - -/* final bytes */ -poly1305_donna_atmost15bytes: - if (!len) - return; - - for (j = 0; j < len; j++) - mp[j] = in[j]; - mp[j++] = 1; - for (; j < 16; j++) - mp[j] = 0; - len = 0; - - t0 = U8TO32_LE(mp + 0); - t1 = U8TO32_LE(mp + 4); - t2 = U8TO32_LE(mp + 8); - t3 = U8TO32_LE(mp + 12); - - state->h0 += t0 & 0x3ffffff; - state->h1 += ((((uint64_t)t1 << 32) | t0) >> 26) & 0x3ffffff; - state->h2 += ((((uint64_t)t2 << 32) | t1) >> 20) & 0x3ffffff; - state->h3 += ((((uint64_t)t3 << 32) | t2) >> 14) & 0x3ffffff; - state->h4 += (t3 >> 8); - - goto poly1305_donna_mul; -} - -void -Poly1305Init(poly1305_state *statep, const unsigned char key[32]) -{ - struct poly1305_state_st *state = (struct poly1305_state_st *)statep; - uint32_t t0, t1, t2, t3; - - t0 = U8TO32_LE(key + 0); - t1 = U8TO32_LE(key + 4); - t2 = U8TO32_LE(key + 8); - t3 = U8TO32_LE(key + 12); - - /* precompute multipliers */ - state->r0 = t0 & 0x3ffffff; - t0 >>= 26; - t0 |= t1 << 6; - state->r1 = t0 & 0x3ffff03; - t1 >>= 20; - t1 |= t2 << 12; - state->r2 = t1 & 0x3ffc0ff; - t2 >>= 14; - t2 |= t3 << 18; - state->r3 = t2 & 0x3f03fff; - t3 >>= 8; - state->r4 = t3 & 0x00fffff; - - state->s1 = state->r1 * 5; - state->s2 = state->r2 * 5; - state->s3 = state->r3 * 5; - state->s4 = state->r4 * 5; - - /* init state */ - state->h0 = 0; - state->h1 = 0; - state->h2 = 0; - state->h3 = 0; - state->h4 = 0; - - state->buf_used = 0; - memcpy(state->key, key + 16, sizeof(state->key)); -} - -void -Poly1305Update(poly1305_state *statep, const unsigned char *in, - size_t in_len) -{ - unsigned int i; - struct poly1305_state_st *state = (struct poly1305_state_st *)statep; - - if (state->buf_used) { - unsigned int todo = 16 - state->buf_used; - if (todo > in_len) - todo = in_len; - for (i = 0; i < todo; i++) - state->buf[state->buf_used + i] = in[i]; - state->buf_used += todo; - in_len -= todo; - in += todo; - - if (state->buf_used == 16) { - update(state, state->buf, 16); - state->buf_used = 0; - } - } - - if (in_len >= 16) { - size_t todo = in_len & ~0xf; - update(state, in, todo); - in += todo; - in_len &= 0xf; - } - - if (in_len) { - for (i = 0; i < in_len; i++) - state->buf[i] = in[i]; - state->buf_used = in_len; - } -} - -void -Poly1305Finish(poly1305_state *statep, unsigned char mac[16]) -{ - struct poly1305_state_st *state = (struct poly1305_state_st *)statep; - uint64_t f0, f1, f2, f3; - uint32_t g0, g1, g2, g3, g4; - uint32_t b, nb; - - if (state->buf_used) - update(state, state->buf, state->buf_used); - - b = state->h0 >> 26; - state->h0 = state->h0 & 0x3ffffff; - state->h1 += b; - b = state->h1 >> 26; - state->h1 = state->h1 & 0x3ffffff; - state->h2 += b; - b = state->h2 >> 26; - state->h2 = state->h2 & 0x3ffffff; - state->h3 += b; - b = state->h3 >> 26; - state->h3 = state->h3 & 0x3ffffff; - state->h4 += b; - b = state->h4 >> 26; - state->h4 = state->h4 & 0x3ffffff; - state->h0 += b * 5; - - g0 = state->h0 + 5; - b = g0 >> 26; - g0 &= 0x3ffffff; - g1 = state->h1 + b; - b = g1 >> 26; - g1 &= 0x3ffffff; - g2 = state->h2 + b; - b = g2 >> 26; - g2 &= 0x3ffffff; - g3 = state->h3 + b; - b = g3 >> 26; - g3 &= 0x3ffffff; - g4 = state->h4 + b - (1 << 26); - - b = (g4 >> 31) - 1; - nb = ~b; - state->h0 = (state->h0 & nb) | (g0 & b); - state->h1 = (state->h1 & nb) | (g1 & b); - state->h2 = (state->h2 & nb) | (g2 & b); - state->h3 = (state->h3 & nb) | (g3 & b); - state->h4 = (state->h4 & nb) | (g4 & b); - - f0 = ((state->h0) | (state->h1 << 26)) + (uint64_t)U8TO32_LE(&state->key[0]); - f1 = ((state->h1 >> 6) | (state->h2 << 20)) + (uint64_t)U8TO32_LE(&state->key[4]); - f2 = ((state->h2 >> 12) | (state->h3 << 14)) + (uint64_t)U8TO32_LE(&state->key[8]); - f3 = ((state->h3 >> 18) | (state->h4 << 8)) + (uint64_t)U8TO32_LE(&state->key[12]); - - U32TO8_LE(&mac[0], (uint32_t)f0); - f1 += (f0 >> 32); - U32TO8_LE(&mac[4], (uint32_t)f1); - f2 += (f1 >> 32); - U32TO8_LE(&mac[8], (uint32_t)f2); - f3 += (f2 >> 32); - U32TO8_LE(&mac[12], (uint32_t)f3); -} diff --git a/security/nss/lib/freebl/poly1305.h b/security/nss/lib/freebl/poly1305.h deleted file mode 100644 index 125f49b3ba..0000000000 --- a/security/nss/lib/freebl/poly1305.h +++ /dev/null @@ -1,30 +0,0 @@ -/* - * poly1305.h - header file for Poly1305 implementation. - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#ifndef FREEBL_POLY1305_H_ -#define FREEBL_POLY1305_H_ - -#include "stddef.h" - -typedef unsigned char poly1305_state[512]; - -/* Poly1305Init sets up |state| so that it can be used to calculate an - * authentication tag with the one-time key |key|. Note that |key| is a - * one-time key and therefore there is no `reset' method because that would - * enable several messages to be authenticated with the same key. */ -extern void Poly1305Init(poly1305_state* state, const unsigned char key[32]); - -/* Poly1305Update processes |in_len| bytes from |in|. It can be called zero or - * more times after poly1305_init. */ -extern void Poly1305Update(poly1305_state* state, const unsigned char* in, - size_t inLen); - -/* Poly1305Finish completes the poly1305 calculation and writes a 16 byte - * authentication tag to |mac|. */ -extern void Poly1305Finish(poly1305_state* state, unsigned char mac[16]); - -#endif /* FREEBL_POLY1305_H_ */ diff --git a/security/nss/lib/freebl/unix_urandom.c b/security/nss/lib/freebl/unix_urandom.c index 25e6ad91cf..869a5ed8cc 100644 --- a/security/nss/lib/freebl/unix_urandom.c +++ b/security/nss/lib/freebl/unix_urandom.c @@ -4,10 +4,14 @@ #include <fcntl.h> #include <unistd.h> +#include <errno.h> #include "secerr.h" #include "secrng.h" #include "prprf.h" +/* syscall getentropy() is limited to retrieving 256 bytes */ +#define GETENTROPY_MAX_BYTES 256 + void RNG_SystemInfoForRNG(void) { @@ -28,6 +32,35 @@ RNG_SystemRNG(void *dest, size_t maxLen) size_t fileBytes = 0; unsigned char *buffer = dest; +#if defined(__OpenBSD__) || (defined(LINUX) && defined(__GLIBC__) && ((__GLIBC__ > 2) || ((__GLIBC__ == 2) && (__GLIBC_MINOR__ >= 25)))) + int result; + + while (fileBytes < maxLen) { + size_t getBytes = maxLen - fileBytes; + if (getBytes > GETENTROPY_MAX_BYTES) { + getBytes = GETENTROPY_MAX_BYTES; + } + result = getentropy(buffer, getBytes); + if (result == 0) { /* success */ + fileBytes += getBytes; + buffer += getBytes; + } else { + break; + } + } + if (fileBytes == maxLen) { /* success */ + return maxLen; + } + /* If we failed with an error other than ENOSYS, it means the destination + * buffer is not writeable. We don't need to try writing to it again. */ + if (errno != ENOSYS) { + PORT_SetError(SEC_ERROR_NEED_RANDOM); + return 0; + } + /* ENOSYS means the kernel doesn't support getentropy()/getrandom(). + * Reset the number of bytes to get and fall back to /dev/urandom. */ + fileBytes = 0; +#endif fd = open("/dev/urandom", O_RDONLY); if (fd < 0) { PORT_SetError(SEC_ERROR_NEED_RANDOM); diff --git a/security/nss/lib/freebl/verified/Hacl_Poly1305_32.c b/security/nss/lib/freebl/verified/Hacl_Poly1305_32.c new file mode 100644 index 0000000000..246a41af39 --- /dev/null +++ b/security/nss/lib/freebl/verified/Hacl_Poly1305_32.c @@ -0,0 +1,578 @@ +/* Copyright 2016-2017 INRIA and Microsoft Corporation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "Hacl_Poly1305_32.h" + +inline static void +Hacl_Bignum_Modulo_reduce(uint32_t *b) +{ + uint32_t b0 = b[0U]; + b[0U] = (b0 << (uint32_t)2U) + b0; +} + +inline static void +Hacl_Bignum_Modulo_carry_top(uint32_t *b) +{ + uint32_t b4 = b[4U]; + uint32_t b0 = b[0U]; + uint32_t b4_26 = b4 >> (uint32_t)26U; + b[4U] = b4 & (uint32_t)0x3ffffffU; + b[0U] = (b4_26 << (uint32_t)2U) + b4_26 + b0; +} + +inline static void +Hacl_Bignum_Modulo_carry_top_wide(uint64_t *b) +{ + uint64_t b4 = b[4U]; + uint64_t b0 = b[0U]; + uint64_t b4_ = b4 & (uint64_t)(uint32_t)0x3ffffffU; + uint32_t b4_26 = (uint32_t)(b4 >> (uint32_t)26U); + uint64_t b0_ = b0 + (uint64_t)((b4_26 << (uint32_t)2U) + b4_26); + b[4U] = b4_; + b[0U] = b0_; +} + +inline static void +Hacl_Bignum_Fproduct_copy_from_wide_(uint32_t *output, uint64_t *input) +{ + for (uint32_t i = (uint32_t)0U; i < (uint32_t)5U; i = i + (uint32_t)1U) { + uint64_t xi = input[i]; + output[i] = (uint32_t)xi; + } +} + +inline static void +Hacl_Bignum_Fproduct_sum_scalar_multiplication_(uint64_t *output, uint32_t *input, uint32_t s) +{ + for (uint32_t i = (uint32_t)0U; i < (uint32_t)5U; i = i + (uint32_t)1U) { + uint64_t xi = output[i]; + uint32_t yi = input[i]; + uint64_t x_wide = (uint64_t)yi; + uint64_t y_wide = (uint64_t)s; + output[i] = xi + x_wide * y_wide; + } +} + +inline static void +Hacl_Bignum_Fproduct_carry_wide_(uint64_t *tmp) +{ + for (uint32_t i = (uint32_t)0U; i < (uint32_t)4U; i = i + (uint32_t)1U) { + uint32_t ctr = i; + uint64_t tctr = tmp[ctr]; + uint64_t tctrp1 = tmp[ctr + (uint32_t)1U]; + uint32_t r0 = (uint32_t)tctr & (uint32_t)0x3ffffffU; + uint64_t c = tctr >> (uint32_t)26U; + tmp[ctr] = (uint64_t)r0; + tmp[ctr + (uint32_t)1U] = tctrp1 + c; + } +} + +inline static void +Hacl_Bignum_Fproduct_carry_limb_(uint32_t *tmp) +{ + for (uint32_t i = (uint32_t)0U; i < (uint32_t)4U; i = i + (uint32_t)1U) { + uint32_t ctr = i; + uint32_t tctr = tmp[ctr]; + uint32_t tctrp1 = tmp[ctr + (uint32_t)1U]; + uint32_t r0 = tctr & (uint32_t)0x3ffffffU; + uint32_t c = tctr >> (uint32_t)26U; + tmp[ctr] = r0; + tmp[ctr + (uint32_t)1U] = tctrp1 + c; + } +} + +inline static void +Hacl_Bignum_Fmul_shift_reduce(uint32_t *output) +{ + uint32_t tmp = output[4U]; + for (uint32_t i = (uint32_t)0U; i < (uint32_t)4U; i = i + (uint32_t)1U) { + uint32_t ctr = (uint32_t)5U - i - (uint32_t)1U; + uint32_t z = output[ctr - (uint32_t)1U]; + output[ctr] = z; + } + output[0U] = tmp; + Hacl_Bignum_Modulo_reduce(output); +} + +static void +Hacl_Bignum_Fmul_mul_shift_reduce_(uint64_t *output, uint32_t *input, uint32_t *input2) +{ + for (uint32_t i = (uint32_t)0U; i < (uint32_t)4U; i = i + (uint32_t)1U) { + uint32_t input2i = input2[i]; + Hacl_Bignum_Fproduct_sum_scalar_multiplication_(output, input, input2i); + Hacl_Bignum_Fmul_shift_reduce(input); + } + uint32_t i = (uint32_t)4U; + uint32_t input2i = input2[i]; + Hacl_Bignum_Fproduct_sum_scalar_multiplication_(output, input, input2i); +} + +inline static void +Hacl_Bignum_Fmul_fmul(uint32_t *output, uint32_t *input, uint32_t *input2) +{ + uint32_t tmp[5U] = { 0U }; + memcpy(tmp, input, (uint32_t)5U * sizeof input[0U]); + uint64_t t[5U] = { 0U }; + Hacl_Bignum_Fmul_mul_shift_reduce_(t, tmp, input2); + Hacl_Bignum_Fproduct_carry_wide_(t); + Hacl_Bignum_Modulo_carry_top_wide(t); + Hacl_Bignum_Fproduct_copy_from_wide_(output, t); + uint32_t i0 = output[0U]; + uint32_t i1 = output[1U]; + uint32_t i0_ = i0 & (uint32_t)0x3ffffffU; + uint32_t i1_ = i1 + (i0 >> (uint32_t)26U); + output[0U] = i0_; + output[1U] = i1_; +} + +inline static void +Hacl_Bignum_AddAndMultiply_add_and_multiply(uint32_t *acc, uint32_t *block, uint32_t *r) +{ + for (uint32_t i = (uint32_t)0U; i < (uint32_t)5U; i = i + (uint32_t)1U) { + uint32_t xi = acc[i]; + uint32_t yi = block[i]; + acc[i] = xi + yi; + } + Hacl_Bignum_Fmul_fmul(acc, acc, r); +} + +inline static void +Hacl_Impl_Poly1305_32_poly1305_update( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *m) +{ + Hacl_Impl_Poly1305_32_State_poly1305_state scrut0 = st; + uint32_t *h = scrut0.h; + uint32_t *acc = h; + Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st; + uint32_t *r = scrut.r; + uint32_t *r5 = r; + uint32_t tmp[5U] = { 0U }; + uint8_t *s0 = m; + uint8_t *s1 = m + (uint32_t)3U; + uint8_t *s2 = m + (uint32_t)6U; + uint8_t *s3 = m + (uint32_t)9U; + uint8_t *s4 = m + (uint32_t)12U; + uint32_t i0 = load32_le(s0); + uint32_t i1 = load32_le(s1); + uint32_t i2 = load32_le(s2); + uint32_t i3 = load32_le(s3); + uint32_t i4 = load32_le(s4); + uint32_t r0 = i0 & (uint32_t)0x3ffffffU; + uint32_t r1 = i1 >> (uint32_t)2U & (uint32_t)0x3ffffffU; + uint32_t r2 = i2 >> (uint32_t)4U & (uint32_t)0x3ffffffU; + uint32_t r3 = i3 >> (uint32_t)6U & (uint32_t)0x3ffffffU; + uint32_t r4 = i4 >> (uint32_t)8U; + tmp[0U] = r0; + tmp[1U] = r1; + tmp[2U] = r2; + tmp[3U] = r3; + tmp[4U] = r4; + uint32_t b4 = tmp[4U]; + uint32_t b4_ = (uint32_t)0x1000000U | b4; + tmp[4U] = b4_; + Hacl_Bignum_AddAndMultiply_add_and_multiply(acc, tmp, r5); +} + +inline static void +Hacl_Impl_Poly1305_32_poly1305_process_last_block_( + uint8_t *block, + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *m, + uint64_t rem_) +{ + uint32_t tmp[5U] = { 0U }; + uint8_t *s0 = block; + uint8_t *s1 = block + (uint32_t)3U; + uint8_t *s2 = block + (uint32_t)6U; + uint8_t *s3 = block + (uint32_t)9U; + uint8_t *s4 = block + (uint32_t)12U; + uint32_t i0 = load32_le(s0); + uint32_t i1 = load32_le(s1); + uint32_t i2 = load32_le(s2); + uint32_t i3 = load32_le(s3); + uint32_t i4 = load32_le(s4); + uint32_t r0 = i0 & (uint32_t)0x3ffffffU; + uint32_t r1 = i1 >> (uint32_t)2U & (uint32_t)0x3ffffffU; + uint32_t r2 = i2 >> (uint32_t)4U & (uint32_t)0x3ffffffU; + uint32_t r3 = i3 >> (uint32_t)6U & (uint32_t)0x3ffffffU; + uint32_t r4 = i4 >> (uint32_t)8U; + tmp[0U] = r0; + tmp[1U] = r1; + tmp[2U] = r2; + tmp[3U] = r3; + tmp[4U] = r4; + Hacl_Impl_Poly1305_32_State_poly1305_state scrut0 = st; + uint32_t *h = scrut0.h; + Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st; + uint32_t *r = scrut.r; + Hacl_Bignum_AddAndMultiply_add_and_multiply(h, tmp, r); +} + +inline static void +Hacl_Impl_Poly1305_32_poly1305_process_last_block( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *m, + uint64_t rem_) +{ + uint8_t zero1 = (uint8_t)0U; + KRML_CHECK_SIZE(zero1, (uint32_t)16U); + uint8_t block[16U]; + for (uint32_t _i = 0U; _i < (uint32_t)16U; ++_i) + block[_i] = zero1; + uint32_t i0 = (uint32_t)rem_; + uint32_t i = (uint32_t)rem_; + memcpy(block, m, i * sizeof m[0U]); + block[i0] = (uint8_t)1U; + Hacl_Impl_Poly1305_32_poly1305_process_last_block_(block, st, m, rem_); +} + +static void +Hacl_Impl_Poly1305_32_poly1305_last_pass(uint32_t *acc) +{ + Hacl_Bignum_Fproduct_carry_limb_(acc); + Hacl_Bignum_Modulo_carry_top(acc); + uint32_t t0 = acc[0U]; + uint32_t t10 = acc[1U]; + uint32_t t20 = acc[2U]; + uint32_t t30 = acc[3U]; + uint32_t t40 = acc[4U]; + uint32_t t1_ = t10 + (t0 >> (uint32_t)26U); + uint32_t mask_261 = (uint32_t)0x3ffffffU; + uint32_t t0_ = t0 & mask_261; + uint32_t t2_ = t20 + (t1_ >> (uint32_t)26U); + uint32_t t1__ = t1_ & mask_261; + uint32_t t3_ = t30 + (t2_ >> (uint32_t)26U); + uint32_t t2__ = t2_ & mask_261; + uint32_t t4_ = t40 + (t3_ >> (uint32_t)26U); + uint32_t t3__ = t3_ & mask_261; + acc[0U] = t0_; + acc[1U] = t1__; + acc[2U] = t2__; + acc[3U] = t3__; + acc[4U] = t4_; + Hacl_Bignum_Modulo_carry_top(acc); + uint32_t t00 = acc[0U]; + uint32_t t1 = acc[1U]; + uint32_t t2 = acc[2U]; + uint32_t t3 = acc[3U]; + uint32_t t4 = acc[4U]; + uint32_t t1_0 = t1 + (t00 >> (uint32_t)26U); + uint32_t t0_0 = t00 & (uint32_t)0x3ffffffU; + uint32_t t2_0 = t2 + (t1_0 >> (uint32_t)26U); + uint32_t t1__0 = t1_0 & (uint32_t)0x3ffffffU; + uint32_t t3_0 = t3 + (t2_0 >> (uint32_t)26U); + uint32_t t2__0 = t2_0 & (uint32_t)0x3ffffffU; + uint32_t t4_0 = t4 + (t3_0 >> (uint32_t)26U); + uint32_t t3__0 = t3_0 & (uint32_t)0x3ffffffU; + acc[0U] = t0_0; + acc[1U] = t1__0; + acc[2U] = t2__0; + acc[3U] = t3__0; + acc[4U] = t4_0; + Hacl_Bignum_Modulo_carry_top(acc); + uint32_t i0 = acc[0U]; + uint32_t i1 = acc[1U]; + uint32_t i0_ = i0 & (uint32_t)0x3ffffffU; + uint32_t i1_ = i1 + (i0 >> (uint32_t)26U); + acc[0U] = i0_; + acc[1U] = i1_; + uint32_t a0 = acc[0U]; + uint32_t a1 = acc[1U]; + uint32_t a2 = acc[2U]; + uint32_t a3 = acc[3U]; + uint32_t a4 = acc[4U]; + uint32_t mask0 = FStar_UInt32_gte_mask(a0, (uint32_t)0x3fffffbU); + uint32_t mask1 = FStar_UInt32_eq_mask(a1, (uint32_t)0x3ffffffU); + uint32_t mask2 = FStar_UInt32_eq_mask(a2, (uint32_t)0x3ffffffU); + uint32_t mask3 = FStar_UInt32_eq_mask(a3, (uint32_t)0x3ffffffU); + uint32_t mask4 = FStar_UInt32_eq_mask(a4, (uint32_t)0x3ffffffU); + uint32_t mask = (((mask0 & mask1) & mask2) & mask3) & mask4; + uint32_t a0_ = a0 - ((uint32_t)0x3fffffbU & mask); + uint32_t a1_ = a1 - ((uint32_t)0x3ffffffU & mask); + uint32_t a2_ = a2 - ((uint32_t)0x3ffffffU & mask); + uint32_t a3_ = a3 - ((uint32_t)0x3ffffffU & mask); + uint32_t a4_ = a4 - ((uint32_t)0x3ffffffU & mask); + acc[0U] = a0_; + acc[1U] = a1_; + acc[2U] = a2_; + acc[3U] = a3_; + acc[4U] = a4_; +} + +static Hacl_Impl_Poly1305_32_State_poly1305_state +Hacl_Impl_Poly1305_32_mk_state(uint32_t *r, uint32_t *h) +{ + return ((Hacl_Impl_Poly1305_32_State_poly1305_state){.r = r, .h = h }); +} + +static void +Hacl_Standalone_Poly1305_32_poly1305_blocks( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *m, + uint64_t len1) +{ + if (!(len1 == (uint64_t)0U)) { + uint8_t *block = m; + uint8_t *tail1 = m + (uint32_t)16U; + Hacl_Impl_Poly1305_32_poly1305_update(st, block); + uint64_t len2 = len1 - (uint64_t)1U; + Hacl_Standalone_Poly1305_32_poly1305_blocks(st, tail1, len2); + } +} + +static void +Hacl_Standalone_Poly1305_32_poly1305_partial( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *input, + uint64_t len1, + uint8_t *kr) +{ + Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st; + uint32_t *r = scrut.r; + uint32_t *x0 = r; + FStar_UInt128_t k1 = load128_le(kr); + FStar_UInt128_t + k_clamped = + FStar_UInt128_logand(k1, + FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)0x0ffffffc0ffffffcU), + (uint32_t)64U), + FStar_UInt128_uint64_to_uint128((uint64_t)0x0ffffffc0fffffffU))); + uint32_t r0 = (uint32_t)FStar_UInt128_uint128_to_uint64(k_clamped) & (uint32_t)0x3ffffffU; + uint32_t + r1 = + (uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)26U)) & (uint32_t)0x3ffffffU; + uint32_t + r2 = + (uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)52U)) & (uint32_t)0x3ffffffU; + uint32_t + r3 = + (uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)78U)) & (uint32_t)0x3ffffffU; + uint32_t + r4 = + (uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)104U)) & (uint32_t)0x3ffffffU; + x0[0U] = r0; + x0[1U] = r1; + x0[2U] = r2; + x0[3U] = r3; + x0[4U] = r4; + Hacl_Impl_Poly1305_32_State_poly1305_state scrut0 = st; + uint32_t *h = scrut0.h; + uint32_t *x00 = h; + x00[0U] = (uint32_t)0U; + x00[1U] = (uint32_t)0U; + x00[2U] = (uint32_t)0U; + x00[3U] = (uint32_t)0U; + x00[4U] = (uint32_t)0U; + Hacl_Standalone_Poly1305_32_poly1305_blocks(st, input, len1); +} + +static void +Hacl_Standalone_Poly1305_32_poly1305_complete( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *m, + uint64_t len1, + uint8_t *k1) +{ + uint8_t *kr = k1; + uint64_t len16 = len1 >> (uint32_t)4U; + uint64_t rem16 = len1 & (uint64_t)0xfU; + uint8_t *part_input = m; + uint8_t *last_block = m + (uint32_t)((uint64_t)16U * len16); + Hacl_Standalone_Poly1305_32_poly1305_partial(st, part_input, len16, kr); + if (!(rem16 == (uint64_t)0U)) + Hacl_Impl_Poly1305_32_poly1305_process_last_block(st, last_block, rem16); + Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st; + uint32_t *h = scrut.h; + uint32_t *acc = h; + Hacl_Impl_Poly1305_32_poly1305_last_pass(acc); +} + +static void +Hacl_Standalone_Poly1305_32_crypto_onetimeauth_( + uint8_t *output, + uint8_t *input, + uint64_t len1, + uint8_t *k1) +{ + uint32_t buf[10U] = { 0U }; + uint32_t *r = buf; + uint32_t *h = buf + (uint32_t)5U; + Hacl_Impl_Poly1305_32_State_poly1305_state st = Hacl_Impl_Poly1305_32_mk_state(r, h); + uint8_t *key_s = k1 + (uint32_t)16U; + Hacl_Standalone_Poly1305_32_poly1305_complete(st, input, len1, k1); + Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st; + uint32_t *h5 = scrut.h; + uint32_t *acc = h5; + FStar_UInt128_t k_ = load128_le(key_s); + uint32_t h0 = acc[0U]; + uint32_t h1 = acc[1U]; + uint32_t h2 = acc[2U]; + uint32_t h3 = acc[3U]; + uint32_t h4 = acc[4U]; + FStar_UInt128_t + acc_ = + FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h4), + (uint32_t)104U), + FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h3), + (uint32_t)78U), + FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h2), + (uint32_t)52U), + FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h1), + (uint32_t)26U), + FStar_UInt128_uint64_to_uint128((uint64_t)h0))))); + FStar_UInt128_t mac_ = FStar_UInt128_add_mod(acc_, k_); + store128_le(output, mac_); +} + +static void +Hacl_Standalone_Poly1305_32_crypto_onetimeauth( + uint8_t *output, + uint8_t *input, + uint64_t len1, + uint8_t *k1) +{ + Hacl_Standalone_Poly1305_32_crypto_onetimeauth_(output, input, len1, k1); +} + +void * +Hacl_Poly1305_32_op_String_Access(FStar_Monotonic_HyperStack_mem h, uint8_t *b) +{ + return (void *)(uint8_t)0U; +} + +Hacl_Impl_Poly1305_32_State_poly1305_state +Hacl_Poly1305_32_mk_state(uint32_t *r, uint32_t *acc) +{ + return Hacl_Impl_Poly1305_32_mk_state(r, acc); +} + +void +Hacl_Poly1305_32_init(Hacl_Impl_Poly1305_32_State_poly1305_state st, uint8_t *k1) +{ + Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st; + uint32_t *r = scrut.r; + uint32_t *x0 = r; + FStar_UInt128_t k10 = load128_le(k1); + FStar_UInt128_t + k_clamped = + FStar_UInt128_logand(k10, + FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)0x0ffffffc0ffffffcU), + (uint32_t)64U), + FStar_UInt128_uint64_to_uint128((uint64_t)0x0ffffffc0fffffffU))); + uint32_t r0 = (uint32_t)FStar_UInt128_uint128_to_uint64(k_clamped) & (uint32_t)0x3ffffffU; + uint32_t + r1 = + (uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)26U)) & (uint32_t)0x3ffffffU; + uint32_t + r2 = + (uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)52U)) & (uint32_t)0x3ffffffU; + uint32_t + r3 = + (uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)78U)) & (uint32_t)0x3ffffffU; + uint32_t + r4 = + (uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)104U)) & (uint32_t)0x3ffffffU; + x0[0U] = r0; + x0[1U] = r1; + x0[2U] = r2; + x0[3U] = r3; + x0[4U] = r4; + Hacl_Impl_Poly1305_32_State_poly1305_state scrut0 = st; + uint32_t *h = scrut0.h; + uint32_t *x00 = h; + x00[0U] = (uint32_t)0U; + x00[1U] = (uint32_t)0U; + x00[2U] = (uint32_t)0U; + x00[3U] = (uint32_t)0U; + x00[4U] = (uint32_t)0U; +} + +void *Hacl_Poly1305_32_empty_log = (void *)(uint8_t)0U; + +void +Hacl_Poly1305_32_update_block(Hacl_Impl_Poly1305_32_State_poly1305_state st, uint8_t *m) +{ + Hacl_Impl_Poly1305_32_poly1305_update(st, m); +} + +void +Hacl_Poly1305_32_update( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *m, + uint32_t len1) +{ + if (!(len1 == (uint32_t)0U)) { + uint8_t *block = m; + uint8_t *m_ = m + (uint32_t)16U; + uint32_t len2 = len1 - (uint32_t)1U; + Hacl_Poly1305_32_update_block(st, block); + Hacl_Poly1305_32_update(st, m_, len2); + } +} + +void +Hacl_Poly1305_32_update_last( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *m, + uint32_t len1) +{ + if (!((uint64_t)len1 == (uint64_t)0U)) + Hacl_Impl_Poly1305_32_poly1305_process_last_block(st, m, (uint64_t)len1); + Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st; + uint32_t *h = scrut.h; + uint32_t *acc = h; + Hacl_Impl_Poly1305_32_poly1305_last_pass(acc); +} + +void +Hacl_Poly1305_32_finish( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *mac, + uint8_t *k1) +{ + Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st; + uint32_t *h = scrut.h; + uint32_t *acc = h; + FStar_UInt128_t k_ = load128_le(k1); + uint32_t h0 = acc[0U]; + uint32_t h1 = acc[1U]; + uint32_t h2 = acc[2U]; + uint32_t h3 = acc[3U]; + uint32_t h4 = acc[4U]; + FStar_UInt128_t + acc_ = + FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h4), + (uint32_t)104U), + FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h3), + (uint32_t)78U), + FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h2), + (uint32_t)52U), + FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h1), + (uint32_t)26U), + FStar_UInt128_uint64_to_uint128((uint64_t)h0))))); + FStar_UInt128_t mac_ = FStar_UInt128_add_mod(acc_, k_); + store128_le(mac, mac_); +} + +void +Hacl_Poly1305_32_crypto_onetimeauth( + uint8_t *output, + uint8_t *input, + uint64_t len1, + uint8_t *k1) +{ + Hacl_Standalone_Poly1305_32_crypto_onetimeauth(output, input, len1, k1); +} diff --git a/security/nss/lib/freebl/verified/Hacl_Poly1305_32.h b/security/nss/lib/freebl/verified/Hacl_Poly1305_32.h new file mode 100644 index 0000000000..4dd0700267 --- /dev/null +++ b/security/nss/lib/freebl/verified/Hacl_Poly1305_32.h @@ -0,0 +1,103 @@ +/* Copyright 2016-2017 INRIA and Microsoft Corporation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "kremlib.h" +#ifndef __Hacl_Poly1305_32_H +#define __Hacl_Poly1305_32_H + +typedef uint32_t Hacl_Bignum_Constants_limb; + +typedef uint64_t Hacl_Bignum_Constants_wide; + +typedef uint64_t Hacl_Bignum_Wide_t; + +typedef uint32_t Hacl_Bignum_Limb_t; + +typedef void *Hacl_Impl_Poly1305_32_State_log_t; + +typedef uint8_t *Hacl_Impl_Poly1305_32_State_uint8_p; + +typedef uint32_t *Hacl_Impl_Poly1305_32_State_bigint; + +typedef void *Hacl_Impl_Poly1305_32_State_seqelem; + +typedef uint32_t *Hacl_Impl_Poly1305_32_State_elemB; + +typedef uint8_t *Hacl_Impl_Poly1305_32_State_wordB; + +typedef uint8_t *Hacl_Impl_Poly1305_32_State_wordB_16; + +typedef struct +{ + uint32_t *r; + uint32_t *h; +} Hacl_Impl_Poly1305_32_State_poly1305_state; + +typedef void *Hacl_Impl_Poly1305_32_log_t; + +typedef uint32_t *Hacl_Impl_Poly1305_32_bigint; + +typedef uint8_t *Hacl_Impl_Poly1305_32_uint8_p; + +typedef uint32_t *Hacl_Impl_Poly1305_32_elemB; + +typedef uint8_t *Hacl_Impl_Poly1305_32_wordB; + +typedef uint8_t *Hacl_Impl_Poly1305_32_wordB_16; + +typedef uint8_t *Hacl_Poly1305_32_uint8_p; + +typedef uint64_t Hacl_Poly1305_32_uint64_t; + +void *Hacl_Poly1305_32_op_String_Access(FStar_Monotonic_HyperStack_mem h, uint8_t *b); + +typedef uint8_t *Hacl_Poly1305_32_key; + +typedef Hacl_Impl_Poly1305_32_State_poly1305_state Hacl_Poly1305_32_state; + +Hacl_Impl_Poly1305_32_State_poly1305_state +Hacl_Poly1305_32_mk_state(uint32_t *r, uint32_t *acc); + +void Hacl_Poly1305_32_init(Hacl_Impl_Poly1305_32_State_poly1305_state st, uint8_t *k1); + +extern void *Hacl_Poly1305_32_empty_log; + +void Hacl_Poly1305_32_update_block(Hacl_Impl_Poly1305_32_State_poly1305_state st, uint8_t *m); + +void +Hacl_Poly1305_32_update( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *m, + uint32_t len1); + +void +Hacl_Poly1305_32_update_last( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *m, + uint32_t len1); + +void +Hacl_Poly1305_32_finish( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *mac, + uint8_t *k1); + +void +Hacl_Poly1305_32_crypto_onetimeauth( + uint8_t *output, + uint8_t *input, + uint64_t len1, + uint8_t *k1); +#endif diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpdefaultclient.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpdefaultclient.c index 9954f0ca68..f73b95f686 100644 --- a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpdefaultclient.c +++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpdefaultclient.c @@ -70,7 +70,7 @@ static const PKIX_UInt32 httpprotocolLen = 5; /* strlen(httpprotocol) */ * The address at which the Boolean state machine flag is stored to * indicate whether processing can continue without further input. * Must be non-NULL. - * "plContext" + * "plCtx" * Platform-specific context pointer. * THREAD SAFETY: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) @@ -85,7 +85,7 @@ pkix_pl_HttpDefaultClient_HdrCheckComplete( PKIX_PL_HttpDefaultClient *client, PKIX_UInt32 bytesRead, PKIX_Boolean *pKeepGoing, - void *plContext) + void *plCtx) { PKIX_UInt32 alreadyScanned = 0; PKIX_UInt32 comp = 0; @@ -142,7 +142,7 @@ pkix_pl_HttpDefaultClient_HdrCheckComplete( headerLength = (eoh - client->rcvBuf); /* allocate space to copy header (and for the NULL terminator) */ - PKIX_CHECK(PKIX_PL_Malloc(headerLength + 1, (void **)©, plContext), + PKIX_CHECK(PKIX_PL_Malloc(headerLength + 1, (void **)©, plCtx), PKIX_MALLOCFAILED); /* copy header data before we corrupt it (by storing NULLs) */ @@ -301,7 +301,7 @@ pkix_pl_HttpDefaultClient_HdrCheckComplete( if (contentLength > 0) { /* allocate a buffer of size contentLength for the content */ - PKIX_CHECK(PKIX_PL_Malloc(contentLength, (void **)&body, plContext), + PKIX_CHECK(PKIX_PL_Malloc(contentLength, (void **)&body, plCtx), PKIX_MALLOCFAILED); /* copy any remaining bytes in current buffer into new buffer */ @@ -311,7 +311,7 @@ pkix_pl_HttpDefaultClient_HdrCheckComplete( } } - PKIX_CHECK(PKIX_PL_Free(client->rcvBuf, plContext), + PKIX_CHECK(PKIX_PL_Free(client->rcvBuf, plCtx), PKIX_FREEFAILED); client->rcvBuf = body; @@ -340,7 +340,7 @@ cleanup: * "pClient" * The address at which the created HttpDefaultClient is to be stored. * Must be non-NULL. - * "plContext" + * "plCtx" * Platform-specific context pointer. * THREAD SAFETY: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) @@ -355,7 +355,7 @@ pkix_pl_HttpDefaultClient_Create( const char *host, PRUint16 portnum, PKIX_PL_HttpDefaultClient **pClient, - void *plContext) + void *plCtx) { PKIX_PL_HttpDefaultClient *client = NULL; @@ -367,7 +367,7 @@ pkix_pl_HttpDefaultClient_Create( (PKIX_HTTPDEFAULTCLIENT_TYPE, sizeof (PKIX_PL_HttpDefaultClient), (PKIX_PL_Object **)&client, - plContext), + plCtx), PKIX_COULDNOTCREATEHTTPDEFAULTCLIENTOBJECT); /* Client timeout is overwritten in HttpDefaultClient_RequestCreate @@ -408,10 +408,10 @@ pkix_pl_HttpDefaultClient_Create( client->socket = NULL; /* - * The HttpClient API does not include a plContext argument in its + * The HttpClient API does not include a plCtx argument in its * function calls. Save it here. */ - client->plContext = plContext; + client->plContext = plCtx; *pClient = client; @@ -430,7 +430,7 @@ cleanup: static PKIX_Error * pkix_pl_HttpDefaultClient_Destroy( PKIX_PL_Object *object, - void *plContext) + void *plCtx) { PKIX_PL_HttpDefaultClient *client = NULL; @@ -438,13 +438,13 @@ pkix_pl_HttpDefaultClient_Destroy( PKIX_NULLCHECK_ONE(object); PKIX_CHECK(pkix_CheckType - (object, PKIX_HTTPDEFAULTCLIENT_TYPE, plContext), + (object, PKIX_HTTPDEFAULTCLIENT_TYPE, plCtx), PKIX_OBJECTNOTANHTTPDEFAULTCLIENT); client = (PKIX_PL_HttpDefaultClient *)object; if (client->rcvHeaders) { - PKIX_PL_Free(client->rcvHeaders, plContext); + PKIX_PL_Free(client->rcvHeaders, plCtx); client->rcvHeaders = NULL; } if (client->rcvContentType) { @@ -456,11 +456,11 @@ pkix_pl_HttpDefaultClient_Destroy( client->GETBuf = NULL; } if (client->POSTBuf != NULL) { - PKIX_PL_Free(client->POSTBuf, plContext); + PKIX_PL_Free(client->POSTBuf, plCtx); client->POSTBuf = NULL; } if (client->rcvBuf != NULL) { - PKIX_PL_Free(client->rcvBuf, plContext); + PKIX_PL_Free(client->rcvBuf, plCtx); client->rcvBuf = NULL; } if (client->host) { @@ -493,7 +493,7 @@ cleanup: * thread-safe. */ PKIX_Error * -pkix_pl_HttpDefaultClient_RegisterSelf(void *plContext) +pkix_pl_HttpDefaultClient_RegisterSelf(void *plCtx) { extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES]; pkix_ClassTable_Entry *entry = @@ -529,7 +529,7 @@ pkix_pl_HttpDefaultClient_RegisterSelf(void *plContext) * The address at which the Boolean state machine flag is stored to * indicate whether processing can continue without further input. * Must be non-NULL. - * "plContext" + * "plCtx" * Platform-specific context pointer. * THREAD SAFETY: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) @@ -543,7 +543,7 @@ static PKIX_Error * pkix_pl_HttpDefaultClient_ConnectContinue( PKIX_PL_HttpDefaultClient *client, PKIX_Boolean *pKeepGoing, - void *plContext) + void *plCtx) { PRErrorCode status; PKIX_Boolean keepGoing = PKIX_FALSE; @@ -557,7 +557,7 @@ pkix_pl_HttpDefaultClient_ConnectContinue( callbackList = (PKIX_PL_Socket_Callback *)client->callbackList; PKIX_CHECK(callbackList->connectcontinueCallback - (client->socket, &status, plContext), + (client->socket, &status, plCtx), PKIX_SOCKETCONNECTCONTINUEFAILED); if (status == 0) { @@ -595,7 +595,7 @@ cleanup: * "pBytesTransferred" * The address at which the number of bytes sent is stored. Must be * non-NULL. - * "plContext" + * "plCtx" * Platform-specific context pointer. * THREAD SAFETY: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) @@ -610,7 +610,7 @@ pkix_pl_HttpDefaultClient_Send( PKIX_PL_HttpDefaultClient *client, PKIX_Boolean *pKeepGoing, PKIX_UInt32 *pBytesTransferred, - void *plContext) + void *plCtx) { PKIX_Int32 bytesWritten = 0; PKIX_Int32 lenToWrite = 0; @@ -640,7 +640,7 @@ pkix_pl_HttpDefaultClient_Send( dataToWrite, lenToWrite, &bytesWritten, - plContext), + plCtx), PKIX_SOCKETSENDFAILED); client->rcvBuf = NULL; @@ -690,7 +690,7 @@ cleanup: * "pBytesTransferred" * The address at which the number of bytes sent is stored. Must be * non-NULL. - * "plContext" + * "plCtx" * Platform-specific context pointer. * THREAD SAFETY: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) @@ -705,7 +705,7 @@ pkix_pl_HttpDefaultClient_SendContinue( PKIX_PL_HttpDefaultClient *client, PKIX_Boolean *pKeepGoing, PKIX_UInt32 *pBytesTransferred, - void *plContext) + void *plCtx) { PKIX_Int32 bytesWritten = 0; PKIX_PL_Socket_Callback *callbackList = NULL; @@ -718,7 +718,7 @@ pkix_pl_HttpDefaultClient_SendContinue( callbackList = (PKIX_PL_Socket_Callback *)client->callbackList; PKIX_CHECK(callbackList->pollCallback - (client->socket, &bytesWritten, NULL, plContext), + (client->socket, &bytesWritten, NULL, plCtx), PKIX_SOCKETPOLLFAILED); /* @@ -752,7 +752,7 @@ cleanup: * The address at which the Boolean state machine flag is stored to * indicate whether processing can continue without further input. * Must be non-NULL. - * "plContext" + * "plCtx" * Platform-specific context pointer. * THREAD SAFETY: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) @@ -766,7 +766,7 @@ static PKIX_Error * pkix_pl_HttpDefaultClient_RecvHdr( PKIX_PL_HttpDefaultClient *client, PKIX_Boolean *pKeepGoing, - void *plContext) + void *plCtx) { PKIX_UInt32 bytesToRead = 0; PKIX_Int32 bytesRead = 0; @@ -787,7 +787,7 @@ pkix_pl_HttpDefaultClient_RecvHdr( (client->rcvBuf, client->capacity, (void **)&(client->rcvBuf), - plContext), + plCtx), PKIX_REALLOCFAILED); bytesToRead = client->capacity - client->filledupBytes; @@ -799,7 +799,7 @@ pkix_pl_HttpDefaultClient_RecvHdr( (void *)&(client->rcvBuf[client->filledupBytes]), bytesToRead, &bytesRead, - plContext), + plCtx), PKIX_SOCKETRECVFAILED); if (bytesRead > 0) { @@ -808,7 +808,7 @@ pkix_pl_HttpDefaultClient_RecvHdr( PKIX_CHECK( pkix_pl_HttpDefaultClient_HdrCheckComplete(client, bytesRead, pKeepGoing, - plContext), + plCtx), PKIX_HTTPDEFAULTCLIENTHDRCHECKCOMPLETEFAILED); } else { client->connectStatus = HTTP_RECV_HDR_PENDING; @@ -834,7 +834,7 @@ cleanup: * The address at which the Boolean state machine flag is stored to * indicate whether processing can continue without further input. * Must be non-NULL. - * "plContext" + * "plCtx" * Platform-specific context pointer. * THREAD SAFETY: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) @@ -848,7 +848,7 @@ static PKIX_Error * pkix_pl_HttpDefaultClient_RecvHdrContinue( PKIX_PL_HttpDefaultClient *client, PKIX_Boolean *pKeepGoing, - void *plContext) + void *plCtx) { PKIX_Int32 bytesRead = 0; PKIX_PL_Socket_Callback *callbackList = NULL; @@ -861,14 +861,14 @@ pkix_pl_HttpDefaultClient_RecvHdrContinue( callbackList = (PKIX_PL_Socket_Callback *)client->callbackList; PKIX_CHECK(callbackList->pollCallback - (client->socket, NULL, &bytesRead, plContext), + (client->socket, NULL, &bytesRead, plCtx), PKIX_SOCKETPOLLFAILED); if (bytesRead > 0) { client->filledupBytes += bytesRead; PKIX_CHECK(pkix_pl_HttpDefaultClient_HdrCheckComplete - (client, bytesRead, pKeepGoing, plContext), + (client, bytesRead, pKeepGoing, plCtx), PKIX_HTTPDEFAULTCLIENTHDRCHECKCOMPLETEFAILED); } else { @@ -897,7 +897,7 @@ cleanup: * The address at which the Boolean state machine flag is stored to * indicate whether processing can continue without further input. * Must be non-NULL. - * "plContext" + * "plCtx" * Platform-specific context pointer. * THREAD SAFETY: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) @@ -911,7 +911,7 @@ static PKIX_Error * pkix_pl_HttpDefaultClient_RecvBody( PKIX_PL_HttpDefaultClient *client, PKIX_Boolean *pKeepGoing, - void *plContext) + void *plCtx) { PKIX_Int32 bytesRead = 0; PKIX_Int32 bytesToRead = 0; @@ -952,7 +952,7 @@ pkix_pl_HttpDefaultClient_RecvBody( client->capacity = newLength; PKIX_CHECK( PKIX_PL_Realloc(client->rcvBuf, newLength, - (void**)&client->rcvBuf, plContext), + (void**)&client->rcvBuf, plCtx), PKIX_REALLOCFAILED); freeBuffSize = client->capacity - client->filledupBytes; @@ -964,7 +964,7 @@ pkix_pl_HttpDefaultClient_RecvBody( /* Use poll callback if waiting on non-blocking IO */ if (client->connectStatus == HTTP_RECV_BODY_PENDING) { PKIX_CHECK(callbackList->pollCallback - (client->socket, NULL, &bytesRead, plContext), + (client->socket, NULL, &bytesRead, plCtx), PKIX_SOCKETPOLLFAILED); } else { PKIX_CHECK(callbackList->recvCallback @@ -972,7 +972,7 @@ pkix_pl_HttpDefaultClient_RecvBody( (void *)&(client->rcvBuf[client->filledupBytes]), bytesToRead, &bytesRead, - plContext), + plCtx), PKIX_SOCKETRECVFAILED); } @@ -1026,7 +1026,7 @@ cleanup: * PARAMETERS: * "client" * The address of the HttpDefaultClient object. Must be non-NULL. - * "plContext" + * "plCtx" * Platform-specific context pointer. * THREAD SAFETY: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) @@ -1039,7 +1039,7 @@ cleanup: static PKIX_Error * pkix_pl_HttpDefaultClient_Dispatch( PKIX_PL_HttpDefaultClient *client, - void *plContext) + void *plCtx) { PKIX_UInt32 bytesTransferred = 0; PKIX_Boolean keepGoing = PKIX_TRUE; @@ -1051,33 +1051,33 @@ pkix_pl_HttpDefaultClient_Dispatch( switch (client->connectStatus) { case HTTP_CONNECT_PENDING: PKIX_CHECK(pkix_pl_HttpDefaultClient_ConnectContinue - (client, &keepGoing, plContext), + (client, &keepGoing, plCtx), PKIX_HTTPDEFAULTCLIENTCONNECTCONTINUEFAILED); break; case HTTP_CONNECTED: PKIX_CHECK(pkix_pl_HttpDefaultClient_Send - (client, &keepGoing, &bytesTransferred, plContext), + (client, &keepGoing, &bytesTransferred, plCtx), PKIX_HTTPDEFAULTCLIENTSENDFAILED); break; case HTTP_SEND_PENDING: PKIX_CHECK(pkix_pl_HttpDefaultClient_SendContinue - (client, &keepGoing, &bytesTransferred, plContext), + (client, &keepGoing, &bytesTransferred, plCtx), PKIX_HTTPDEFAULTCLIENTSENDCONTINUEFAILED); break; case HTTP_RECV_HDR: PKIX_CHECK(pkix_pl_HttpDefaultClient_RecvHdr - (client, &keepGoing, plContext), + (client, &keepGoing, plCtx), PKIX_HTTPDEFAULTCLIENTRECVHDRFAILED); break; case HTTP_RECV_HDR_PENDING: PKIX_CHECK(pkix_pl_HttpDefaultClient_RecvHdrContinue - (client, &keepGoing, plContext), + (client, &keepGoing, plCtx), PKIX_HTTPDEFAULTCLIENTRECVHDRCONTINUEFAILED); break; case HTTP_RECV_BODY: case HTTP_RECV_BODY_PENDING: PKIX_CHECK(pkix_pl_HttpDefaultClient_RecvBody - (client, &keepGoing, plContext), + (client, &keepGoing, plCtx), PKIX_HTTPDEFAULTCLIENTRECVBODYFAILED); break; case HTTP_ERROR: @@ -1106,7 +1106,7 @@ pkix_pl_HttpDefaultClient_CreateSession( const char *host, PRUint16 portnum, SEC_HTTP_SERVER_SESSION *pSession, - void *plContext) + void *plCtx) { PKIX_PL_HttpDefaultClient *client = NULL; @@ -1115,7 +1115,7 @@ pkix_pl_HttpDefaultClient_CreateSession( PKIX_NULLCHECK_TWO(host, pSession); PKIX_CHECK(pkix_pl_HttpDefaultClient_Create - (host, portnum, &client, plContext), + (host, portnum, &client, plCtx), PKIX_HTTPDEFAULTCLIENTCREATEFAILED); *pSession = (SEC_HTTP_SERVER_SESSION)client; @@ -1130,7 +1130,7 @@ PKIX_Error * pkix_pl_HttpDefaultClient_KeepAliveSession( SEC_HTTP_SERVER_SESSION session, PRPollDesc **pPollDesc, - void *plContext) + void *plCtx) { PKIX_ENTER (HTTPDEFAULTCLIENT, @@ -1140,7 +1140,7 @@ pkix_pl_HttpDefaultClient_KeepAliveSession( PKIX_CHECK(pkix_CheckType ((PKIX_PL_Object *)session, PKIX_HTTPDEFAULTCLIENT_TYPE, - plContext), + plCtx), PKIX_SESSIONNOTANHTTPDEFAULTCLIENT); /* XXX Not implemented */ @@ -1159,7 +1159,7 @@ pkix_pl_HttpDefaultClient_RequestCreate( const char *http_request_method, const PRIntervalTime timeout, SEC_HTTP_REQUEST_SESSION *pRequest, - void *plContext) + void *plCtx) { PKIX_PL_HttpDefaultClient *client = NULL; PKIX_PL_Socket *socket = NULL; @@ -1174,7 +1174,7 @@ pkix_pl_HttpDefaultClient_RequestCreate( PKIX_CHECK(pkix_CheckType ((PKIX_PL_Object *)session, PKIX_HTTPDEFAULTCLIENT_TYPE, - plContext), + plCtx), PKIX_SESSIONNOTANHTTPDEFAULTCLIENT); client = (PKIX_PL_HttpDefaultClient *)session; @@ -1212,7 +1212,7 @@ pkix_pl_HttpDefaultClient_RequestCreate( 2001, /* client->portnum, */ &status, &socket, - plContext), + plCtx), PKIX_HTTPCERTSTOREFINDSOCKETCONNECTIONFAILED); #else PKIX_CHECK(pkix_HttpCertStore_FindSocketConnection @@ -1221,20 +1221,20 @@ pkix_pl_HttpDefaultClient_RequestCreate( client->portnum, &status, &socket, - plContext), + plCtx), PKIX_HTTPCERTSTOREFINDSOCKETCONNECTIONFAILED); #endif client->socket = socket; PKIX_CHECK(pkix_pl_Socket_GetCallbackList - (socket, &callbackList, plContext), + (socket, &callbackList, plCtx), PKIX_SOCKETGETCALLBACKLISTFAILED); client->callbackList = (void *)callbackList; PKIX_CHECK(pkix_pl_Socket_GetPRFileDesc - (socket, &fileDesc, plContext), + (socket, &fileDesc, plCtx), PKIX_SOCKETGETPRFILEDESCFAILED); client->pollDesc.fd = fileDesc; @@ -1264,7 +1264,7 @@ pkix_pl_HttpDefaultClient_SetPostData( const char *http_data, const PRUint32 http_data_len, const char *http_content_type, - void *plContext) + void *plCtx) { PKIX_PL_HttpDefaultClient *client = NULL; @@ -1276,7 +1276,7 @@ pkix_pl_HttpDefaultClient_SetPostData( PKIX_CHECK(pkix_CheckType ((PKIX_PL_Object *)request, PKIX_HTTPDEFAULTCLIENT_TYPE, - plContext), + plCtx), PKIX_REQUESTNOTANHTTPDEFAULTCLIENT); client = (PKIX_PL_HttpDefaultClient *)request; @@ -1307,7 +1307,7 @@ pkix_pl_HttpDefaultClient_TrySendAndReceive( PRUint32 *http_response_data_len, PRPollDesc **pPollDesc, SECStatus *pSECReturn, - void *plContext) + void *plCtx) { PKIX_PL_HttpDefaultClient *client = NULL; PKIX_UInt32 postLen = 0; @@ -1324,7 +1324,7 @@ pkix_pl_HttpDefaultClient_TrySendAndReceive( PKIX_CHECK(pkix_CheckType ((PKIX_PL_Object *)request, PKIX_HTTPDEFAULTCLIENT_TYPE, - plContext), + plCtx), PKIX_REQUESTNOTANHTTPDEFAULTCLIENT); client = (PKIX_PL_HttpDefaultClient *)request; @@ -1380,7 +1380,7 @@ pkix_pl_HttpDefaultClient_TrySendAndReceive( PKIX_CHECK(PKIX_PL_Malloc (client->POSTLen, (void **)&(client->POSTBuf), - plContext), + plCtx), PKIX_MALLOCFAILED); /* copy header into postBuffer */ @@ -1407,7 +1407,7 @@ pkix_pl_HttpDefaultClient_TrySendAndReceive( } /* continue according to state */ - PKIX_CHECK(pkix_pl_HttpDefaultClient_Dispatch(client, plContext), + PKIX_CHECK(pkix_pl_HttpDefaultClient_Dispatch(client, plCtx), PKIX_HTTPDEFAULTCLIENTDISPATCHFAILED); switch (client->connectStatus) { @@ -1478,7 +1478,7 @@ cleanup: PKIX_Error * pkix_pl_HttpDefaultClient_Cancel( SEC_HTTP_REQUEST_SESSION request, - void *plContext) + void *plCtx) { PKIX_ENTER(HTTPDEFAULTCLIENT, "pkix_pl_HttpDefaultClient_Cancel"); PKIX_NULLCHECK_ONE(request); @@ -1486,7 +1486,7 @@ pkix_pl_HttpDefaultClient_Cancel( PKIX_CHECK(pkix_CheckType ((PKIX_PL_Object *)request, PKIX_HTTPDEFAULTCLIENT_TYPE, - plContext), + plCtx), PKIX_REQUESTNOTANHTTPDEFAULTCLIENT); /* XXX Not implemented */ diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.c index 9fa8e92608..09b54a2be3 100644 --- a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.c +++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.c @@ -23,8 +23,8 @@ * PARAMETERS * "method" * The UInt32 value to be stored as the method field of the InfoAccess. - * "generalName" - * The GeneralName to be stored as the generalName field of the InfoAccess. + * "gName" + * The GeneralName to be stored as the gName field of the InfoAccess. * Must be non-NULL. * "pInfoAccess" * Address where the result is stored. Must be non-NULL. @@ -39,7 +39,7 @@ static PKIX_Error * pkix_pl_InfoAccess_Create( PKIX_UInt32 method, - PKIX_PL_GeneralName *generalName, + PKIX_PL_GeneralName *gName, PKIX_PL_InfoAccess **pInfoAccess, void *plContext) { @@ -47,7 +47,7 @@ pkix_pl_InfoAccess_Create( PKIX_PL_InfoAccess *infoAccess = NULL; PKIX_ENTER(INFOACCESS, "pkix_pl_InfoAccess_Create"); - PKIX_NULLCHECK_TWO(generalName, pInfoAccess); + PKIX_NULLCHECK_TWO(gName, pInfoAccess); PKIX_CHECK(PKIX_PL_Object_Alloc (PKIX_INFOACCESS_TYPE, @@ -58,8 +58,8 @@ pkix_pl_InfoAccess_Create( infoAccess->method = method; - PKIX_INCREF(generalName); - infoAccess->location = generalName; + PKIX_INCREF(gName); + infoAccess->location = gName; *pInfoAccess = infoAccess; infoAccess = NULL; @@ -678,7 +678,7 @@ pkix_pl_UnescapeURL( * [binary|<other-type>]]* * * PARAMETERS - * "generalName" + * "gName" * Address of the GeneralName whose LDAPLocation is to be parsed. Must be * non-NULL. * "arena" @@ -700,7 +700,7 @@ pkix_pl_UnescapeURL( */ PKIX_Error * pkix_pl_InfoAccess_ParseLocation( - PKIX_PL_GeneralName *generalName, + PKIX_PL_GeneralName *gName, PLArenaPool *arena, LDAPRequestParams *request, char **pDomainName, @@ -722,9 +722,9 @@ pkix_pl_InfoAccess_ParseLocation( LDAPNameComponent *nameComponent = NULL; PKIX_ENTER(INFOACCESS, "pkix_pl_InfoAccess_ParseLocation"); - PKIX_NULLCHECK_FOUR(generalName, arena, request, pDomainName); + PKIX_NULLCHECK_FOUR(gName, arena, request, pDomainName); - PKIX_TOSTRING(generalName, &locationString, plContext, + PKIX_TOSTRING(gName, &locationString, plContext, PKIX_GENERALNAMETOSTRINGFAILED); PKIX_CHECK(PKIX_PL_String_GetEncoded diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h index d62f4957b2..efb0827c51 100644 --- a/security/nss/lib/nss/nss.h +++ b/security/nss/lib/nss/nss.h @@ -22,10 +22,10 @@ * The format of the version string should be * "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]" */ -#define NSS_VERSION "3.36.4" _NSS_CUSTOMIZED +#define NSS_VERSION "3.38" _NSS_CUSTOMIZED #define NSS_VMAJOR 3 -#define NSS_VMINOR 36 -#define NSS_VPATCH 4 +#define NSS_VMINOR 38 +#define NSS_VPATCH 0 #define NSS_VBUILD 0 #define NSS_BETA PR_FALSE diff --git a/security/nss/lib/pk11wrap/pk11akey.c b/security/nss/lib/pk11wrap/pk11akey.c index c45901ec39..346e473a96 100644 --- a/security/nss/lib/pk11wrap/pk11akey.c +++ b/security/nss/lib/pk11wrap/pk11akey.c @@ -804,12 +804,30 @@ PK11_MakePrivKey(PK11SlotInfo *slot, KeyType keyType, /* don't know? look it up */ if (keyType == nullKey) { CK_KEY_TYPE pk11Type = CKK_RSA; + SECItem info; pk11Type = PK11_ReadULongAttribute(slot, privID, CKA_KEY_TYPE); isTemp = (PRBool)!PK11_HasAttributeSet(slot, privID, CKA_TOKEN, PR_FALSE); switch (pk11Type) { case CKK_RSA: keyType = rsaKey; + /* determine RSA key type from the CKA_PUBLIC_KEY_INFO if present */ + rv = PK11_ReadAttribute(slot, privID, CKA_PUBLIC_KEY_INFO, NULL, &info); + if (rv == SECSuccess) { + CERTSubjectPublicKeyInfo *spki; + + spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&info); + if (spki) { + SECOidTag tag; + + tag = SECOID_GetAlgorithmTag(&spki->algorithm); + if (tag == SEC_OID_PKCS1_RSA_PSS_SIGNATURE) + keyType = rsaPssKey; + SECKEY_DestroySubjectPublicKeyInfo(spki); + } + SECITEM_FreeItem(&info, PR_FALSE); + } + break; case CKK_DSA: keyType = dsaKey; diff --git a/security/nss/lib/pk11wrap/pk11pars.c b/security/nss/lib/pk11wrap/pk11pars.c index fc30222b3d..c165e1ef24 100644 --- a/security/nss/lib/pk11wrap/pk11pars.c +++ b/security/nss/lib/pk11wrap/pk11pars.c @@ -547,16 +547,16 @@ secmod_applyCryptoPolicy(const char *policyString, for (i = 0; i < PR_ARRAY_SIZE(algOptList); i++) { const oidValDef *algOpt = &algOptList[i]; unsigned name_size = algOpt->name_size; - PRBool newValue = PR_FALSE; + PRBool newOption = PR_FALSE; if ((length >= name_size) && (cipher[name_size] == '/')) { - newValue = PR_TRUE; + newOption = PR_TRUE; } - if ((newValue || algOpt->name_size == length) && + if ((newOption || algOpt->name_size == length) && PORT_Strncasecmp(algOpt->name, cipher, name_size) == 0) { PRUint32 value = algOpt->val; PRUint32 enable, disable; - if (newValue) { + if (newOption) { value = secmod_parsePolicyValue(&cipher[name_size] + 1, length - name_size - 1); } diff --git a/security/nss/lib/pkcs12/p12e.c b/security/nss/lib/pkcs12/p12e.c index 4a21d8955d..c42c4d2e2e 100644 --- a/security/nss/lib/pkcs12/p12e.c +++ b/security/nss/lib/pkcs12/p12e.c @@ -884,7 +884,9 @@ sec_PKCS12AddAttributeToBag(SEC_PKCS12ExportContext *p12ctxt, unsigned int nItems = 0; SECStatus rv; - if (!safeBag || !p12ctxt) { + PORT_Assert(p12ctxt->arena == safeBag->arena); + if (!safeBag || !p12ctxt || p12ctxt->arena != safeBag->arena) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } @@ -1589,6 +1591,7 @@ sec_pkcs12_encoder_start_context(SEC_PKCS12ExportContext *p12exp) params = PK11_CreatePBEParams(salt, &pwd, NSS_PBE_DEFAULT_ITERATION_COUNT); SECITEM_ZfreeItem(salt, PR_TRUE); + salt = NULL; SECITEM_ZfreeItem(&pwd, PR_FALSE); /* get the PBA Mechanism to generate the key */ diff --git a/security/nss/lib/pkcs7/p7decode.c b/security/nss/lib/pkcs7/p7decode.c index 4f17b8e842..ba51955abf 100644 --- a/security/nss/lib/pkcs7/p7decode.c +++ b/security/nss/lib/pkcs7/p7decode.c @@ -1596,7 +1596,6 @@ sec_pkcs7_verify_signature(SEC_PKCS7ContentInfo *cinfo, } else { SECItem *sig; SECItem holder; - SECStatus rv; /* * No authenticated attributes. diff --git a/security/nss/lib/pki/pki3hack.c b/security/nss/lib/pki/pki3hack.c index fb3110a233..fab3a7a027 100644 --- a/security/nss/lib/pki/pki3hack.c +++ b/security/nss/lib/pki/pki3hack.c @@ -1143,8 +1143,8 @@ STAN_ChangeCertTrust(CERTCertificate *cc, CERTCertTrust *trust) (PRBool)(trust->sslFlags & CERTDB_GOVT_APPROVED_CA); if (c->object.cryptoContext != NULL) { /* The cert is in a context, set the trust there */ - NSSCryptoContext *cc = c->object.cryptoContext; - nssrv = nssCryptoContext_ImportTrust(cc, nssTrust); + NSSCryptoContext *cctx = c->object.cryptoContext; + nssrv = nssCryptoContext_ImportTrust(cctx, nssTrust); if (nssrv != PR_SUCCESS) { goto done; } diff --git a/security/nss/lib/smime/cmsrecinfo.c b/security/nss/lib/smime/cmsrecinfo.c index 2efb6b1f22..8cab288d2e 100644 --- a/security/nss/lib/smime/cmsrecinfo.c +++ b/security/nss/lib/smime/cmsrecinfo.c @@ -82,7 +82,7 @@ nss_cmsrecipientinfo_create(NSSCMSMessage *cmsg, if (DERinput) { /* decode everything from DER */ SECItem newinput; - SECStatus rv = SECITEM_CopyItem(poolp, &newinput, DERinput); + rv = SECITEM_CopyItem(poolp, &newinput, DERinput); if (SECSuccess != rv) goto loser; rv = SEC_QuickDERDecodeItem(poolp, ri, NSSCMSRecipientInfoTemplate, &newinput); diff --git a/security/nss/lib/softoken/legacydb/pcertdb.c b/security/nss/lib/softoken/legacydb/pcertdb.c index 2e8b650ee9..47778190db 100644 --- a/security/nss/lib/softoken/legacydb/pcertdb.c +++ b/security/nss/lib/softoken/legacydb/pcertdb.c @@ -2577,14 +2577,13 @@ ReadDBSubjectEntry(NSSLOWCERTCertDBHandle *handle, SECItem *derSubject) SECItem dbentry; SECStatus rv; + PORT_InitCheapArena(&tmpArena, DER_DEFAULT_CHUNKSIZE); arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (arena == NULL) { PORT_SetError(SEC_ERROR_NO_MEMORY); goto loser; } - PORT_InitCheapArena(&tmpArena, DER_DEFAULT_CHUNKSIZE); - entry = (certDBEntrySubject *)PORT_ArenaAlloc(arena, sizeof(certDBEntrySubject)); if (entry == NULL) { diff --git a/security/nss/lib/softoken/lowkey.c b/security/nss/lib/softoken/lowkey.c index 295d55f40b..a28a3a55ee 100644 --- a/security/nss/lib/softoken/lowkey.c +++ b/security/nss/lib/softoken/lowkey.c @@ -45,6 +45,23 @@ const SEC_ASN1Template nsslowkey_PrivateKeyInfoTemplate[] = { { 0 } }; +const SEC_ASN1Template nsslowkey_SubjectPublicKeyInfoTemplate[] = { + { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYSubjectPublicKeyInfo) }, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN, + offsetof(NSSLOWKEYSubjectPublicKeyInfo, algorithm), + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, + { SEC_ASN1_BIT_STRING, + offsetof(NSSLOWKEYSubjectPublicKeyInfo, subjectPublicKey) }, + { 0 } +}; + +const SEC_ASN1Template nsslowkey_RSAPublicKeyTemplate[] = { + { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPublicKey) }, + { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey, u.rsa.modulus) }, + { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey, u.rsa.publicExponent) }, + { 0 } +}; + const SEC_ASN1Template nsslowkey_PQGParamsTemplate[] = { { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(PQGParams) }, { SEC_ASN1_INTEGER, offsetof(PQGParams, prime) }, @@ -135,6 +152,13 @@ prepare_low_rsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key) } void +prepare_low_rsa_pub_key_for_asn1(NSSLOWKEYPublicKey *key) +{ + key->u.rsa.modulus.type = siUnsignedInteger; + key->u.rsa.publicExponent.type = siUnsignedInteger; +} + +void prepare_low_pqg_params_for_asn1(PQGParams *params) { params->prime.type = siUnsignedInteger; diff --git a/security/nss/lib/softoken/lowkeyi.h b/security/nss/lib/softoken/lowkeyi.h index f9ba3a75f3..e599f01fa0 100644 --- a/security/nss/lib/softoken/lowkeyi.h +++ b/security/nss/lib/softoken/lowkeyi.h @@ -27,6 +27,7 @@ extern void prepare_low_dsa_priv_key_export_for_asn1(NSSLOWKEYPrivateKey *key); extern void prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key); extern void prepare_low_ec_priv_key_for_asn1(NSSLOWKEYPrivateKey *key); extern void prepare_low_ecparams_for_asn1(ECParams *params); +extern void prepare_low_rsa_pub_key_for_asn1(NSSLOWKEYPublicKey *key); /* ** Destroy a private key object. diff --git a/security/nss/lib/softoken/lowkeyti.h b/security/nss/lib/softoken/lowkeyti.h index c048b33e74..7e77592c53 100644 --- a/security/nss/lib/softoken/lowkeyti.h +++ b/security/nss/lib/softoken/lowkeyti.h @@ -25,6 +25,8 @@ extern const SEC_ASN1Template nsslowkey_ECPrivateKeyTemplate[]; extern const SEC_ASN1Template nsslowkey_PrivateKeyInfoTemplate[]; extern const SEC_ASN1Template nsslowkey_EncryptedPrivateKeyInfoTemplate[]; +extern const SEC_ASN1Template nsslowkey_SubjectPublicKeyInfoTemplate[]; +extern const SEC_ASN1Template nsslowkey_RSAPublicKeyTemplate[]; /* * PKCS #8 attributes @@ -48,6 +50,13 @@ struct NSSLOWKEYPrivateKeyInfoStr { typedef struct NSSLOWKEYPrivateKeyInfoStr NSSLOWKEYPrivateKeyInfo; #define NSSLOWKEY_PRIVATE_KEY_INFO_VERSION 0 /* what we *create* */ +struct NSSLOWKEYSubjectPublicKeyInfoStr { + PLArenaPool *arena; + SECAlgorithmID algorithm; + SECItem subjectPublicKey; +}; +typedef struct NSSLOWKEYSubjectPublicKeyInfoStr NSSLOWKEYSubjectPublicKeyInfo; + typedef enum { NSSLOWKEYNullKey = 0, NSSLOWKEYRSAKey = 1, diff --git a/security/nss/lib/softoken/lowpbe.c b/security/nss/lib/softoken/lowpbe.c index 0a47804bf1..4a101c68c4 100644 --- a/security/nss/lib/softoken/lowpbe.c +++ b/security/nss/lib/softoken/lowpbe.c @@ -1073,15 +1073,15 @@ sec_pkcs5_rc2(SECItem *key, SECItem *iv, SECItem *src, PRBool dummy, } if (encrypt != PR_FALSE) { - void *dummy; + void *v; - dummy = CBC_PadBuffer(NULL, dup_src->data, - dup_src->len, &dup_src->len, 8 /* RC2_BLOCK_SIZE */); - if (dummy == NULL) { + v = CBC_PadBuffer(NULL, dup_src->data, + dup_src->len, &dup_src->len, 8 /* RC2_BLOCK_SIZE */); + if (v == NULL) { SECITEM_FreeItem(dup_src, PR_TRUE); return NULL; } - dup_src->data = (unsigned char *)dummy; + dup_src->data = (unsigned char *)v; } dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem)); diff --git a/security/nss/lib/softoken/pkcs11.c b/security/nss/lib/softoken/pkcs11.c index 77882a274e..34f25a9d06 100644 --- a/security/nss/lib/softoken/pkcs11.c +++ b/security/nss/lib/softoken/pkcs11.c @@ -1343,7 +1343,6 @@ sftk_handleSecretKeyObject(SFTKSession *session, SFTKObject *object, if (sftk_isTrue(object, CKA_TOKEN)) { SFTKSlot *slot = session->slot; SFTKDBHandle *keyHandle = sftk_getKeyDB(slot); - CK_RV crv; if (keyHandle == NULL) { return CKR_TOKEN_WRITE_PROTECTED; @@ -3807,12 +3806,12 @@ NSC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin, PZ_Unlock(slot->slotLock); /* Reset login flags. */ if (ulNewLen == 0) { - PRBool tokenRemoved = PR_FALSE; PZ_Lock(slot->slotLock); slot->isLoggedIn = PR_FALSE; slot->ssoLoggedIn = PR_FALSE; PZ_Unlock(slot->slotLock); + tokenRemoved = PR_FALSE; rv = sftkdb_CheckPassword(handle, "", &tokenRemoved); if (tokenRemoved) { sftk_CloseAllSessions(slot, PR_FALSE); @@ -4422,6 +4421,44 @@ NSC_GetObjectSize(CK_SESSION_HANDLE hSession, return CKR_OK; } +static CK_RV +nsc_GetTokenAttributeValue(SFTKSession *session, CK_OBJECT_HANDLE hObject, + CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) +{ + SFTKSlot *slot = sftk_SlotFromSession(session); + SFTKDBHandle *dbHandle = sftk_getDBForTokenObject(slot, hObject); + SFTKDBHandle *keydb = NULL; + CK_RV crv; + + if (dbHandle == NULL) { + return CKR_OBJECT_HANDLE_INVALID; + } + + crv = sftkdb_GetAttributeValue(dbHandle, hObject, pTemplate, ulCount); + + /* make sure we don't export any sensitive information */ + keydb = sftk_getKeyDB(slot); + if (dbHandle == keydb) { + CK_ULONG i; + for (i = 0; i < ulCount; i++) { + if (sftk_isSensitive(pTemplate[i].type, CKO_PRIVATE_KEY)) { + crv = CKR_ATTRIBUTE_SENSITIVE; + if (pTemplate[i].pValue && (pTemplate[i].ulValueLen != -1)) { + PORT_Memset(pTemplate[i].pValue, 0, + pTemplate[i].ulValueLen); + } + pTemplate[i].ulValueLen = -1; + } + } + } + + sftk_freeDB(dbHandle); + if (keydb) { + sftk_freeDB(keydb); + } + return crv; +} + /* NSC_GetAttributeValue obtains the value of one or more object attributes. */ CK_RV NSC_GetAttributeValue(CK_SESSION_HANDLE hSession, @@ -4450,37 +4487,8 @@ NSC_GetAttributeValue(CK_SESSION_HANDLE hSession, /* short circuit everything for token objects */ if (sftk_isToken(hObject)) { - SFTKSlot *slot = sftk_SlotFromSession(session); - SFTKDBHandle *dbHandle = sftk_getDBForTokenObject(slot, hObject); - SFTKDBHandle *keydb = NULL; - - if (dbHandle == NULL) { - sftk_FreeSession(session); - return CKR_OBJECT_HANDLE_INVALID; - } - - crv = sftkdb_GetAttributeValue(dbHandle, hObject, pTemplate, ulCount); - - /* make sure we don't export any sensitive information */ - keydb = sftk_getKeyDB(slot); - if (dbHandle == keydb) { - for (i = 0; i < (int)ulCount; i++) { - if (sftk_isSensitive(pTemplate[i].type, CKO_PRIVATE_KEY)) { - crv = CKR_ATTRIBUTE_SENSITIVE; - if (pTemplate[i].pValue && (pTemplate[i].ulValueLen != -1)) { - PORT_Memset(pTemplate[i].pValue, 0, - pTemplate[i].ulValueLen); - } - pTemplate[i].ulValueLen = -1; - } - } - } - + crv = nsc_GetTokenAttributeValue(session, hObject, pTemplate, ulCount); sftk_FreeSession(session); - sftk_freeDB(dbHandle); - if (keydb) { - sftk_freeDB(keydb); - } return crv; } diff --git a/security/nss/lib/softoken/pkcs11c.c b/security/nss/lib/softoken/pkcs11c.c index d675d73315..385d3c1444 100644 --- a/security/nss/lib/softoken/pkcs11c.c +++ b/security/nss/lib/softoken/pkcs11c.c @@ -5324,7 +5324,52 @@ sftk_PackagePrivateKey(SFTKObject *key, CK_RV *crvp) prepare_low_rsa_priv_key_for_asn1(lk); dummy = SEC_ASN1EncodeItem(arena, &pki->privateKey, lk, nsslowkey_RSAPrivateKeyTemplate); - algorithm = SEC_OID_PKCS1_RSA_ENCRYPTION; + + /* determine RSA key type from the CKA_PUBLIC_KEY_INFO if present */ + attribute = sftk_FindAttribute(key, CKA_PUBLIC_KEY_INFO); + if (attribute) { + NSSLOWKEYSubjectPublicKeyInfo *publicKeyInfo; + SECItem spki; + + spki.data = attribute->attrib.pValue; + spki.len = attribute->attrib.ulValueLen; + + publicKeyInfo = PORT_ArenaZAlloc(arena, + sizeof(NSSLOWKEYSubjectPublicKeyInfo)); + if (!publicKeyInfo) { + sftk_FreeAttribute(attribute); + *crvp = CKR_HOST_MEMORY; + rv = SECFailure; + goto loser; + } + rv = SEC_QuickDERDecodeItem(arena, publicKeyInfo, + nsslowkey_SubjectPublicKeyInfoTemplate, + &spki); + if (rv != SECSuccess) { + sftk_FreeAttribute(attribute); + *crvp = CKR_KEY_TYPE_INCONSISTENT; + goto loser; + } + algorithm = SECOID_GetAlgorithmTag(&publicKeyInfo->algorithm); + if (algorithm != SEC_OID_PKCS1_RSA_ENCRYPTION && + algorithm != SEC_OID_PKCS1_RSA_PSS_SIGNATURE) { + sftk_FreeAttribute(attribute); + rv = SECFailure; + *crvp = CKR_KEY_TYPE_INCONSISTENT; + goto loser; + } + param = SECITEM_DupItem(&publicKeyInfo->algorithm.parameters); + if (!param) { + sftk_FreeAttribute(attribute); + rv = SECFailure; + *crvp = CKR_HOST_MEMORY; + goto loser; + } + sftk_FreeAttribute(attribute); + } else { + /* default to PKCS #1 */ + algorithm = SEC_OID_PKCS1_RSA_ENCRYPTION; + } break; case NSSLOWKEYDSAKey: prepare_low_dsa_priv_key_export_for_asn1(lk); @@ -5803,6 +5848,53 @@ sftk_unwrapPrivateKey(SFTKObject *key, SECItem *bpki) break; } + if (crv != CKR_OK) { + goto loser; + } + + /* For RSA-PSS, record the original algorithm parameters so + * they can be encrypted altoghether when wrapping */ + if (SECOID_GetAlgorithmTag(&pki->algorithm) == SEC_OID_PKCS1_RSA_PSS_SIGNATURE) { + NSSLOWKEYSubjectPublicKeyInfo spki; + NSSLOWKEYPublicKey pubk; + SECItem *publicKeyInfo; + + memset(&spki, 0, sizeof(NSSLOWKEYSubjectPublicKeyInfo)); + rv = SECOID_CopyAlgorithmID(arena, &spki.algorithm, &pki->algorithm); + if (rv != SECSuccess) { + crv = CKR_HOST_MEMORY; + goto loser; + } + + prepare_low_rsa_pub_key_for_asn1(&pubk); + + rv = SECITEM_CopyItem(arena, &pubk.u.rsa.modulus, &lpk->u.rsa.modulus); + if (rv != SECSuccess) { + crv = CKR_HOST_MEMORY; + goto loser; + } + rv = SECITEM_CopyItem(arena, &pubk.u.rsa.publicExponent, &lpk->u.rsa.publicExponent); + if (rv != SECSuccess) { + crv = CKR_HOST_MEMORY; + goto loser; + } + + if (SEC_ASN1EncodeItem(arena, &spki.subjectPublicKey, + &pubk, nsslowkey_RSAPublicKeyTemplate) == NULL) { + crv = CKR_HOST_MEMORY; + goto loser; + } + + publicKeyInfo = SEC_ASN1EncodeItem(arena, NULL, + &spki, nsslowkey_SubjectPublicKeyInfoTemplate); + if (!publicKeyInfo) { + crv = CKR_HOST_MEMORY; + goto loser; + } + crv = sftk_AddAttributeType(key, CKA_PUBLIC_KEY_INFO, + sftk_item_expand(publicKeyInfo)); + } + loser: if (lpk) { nsslowkey_DestroyPrivateKey(lpk); @@ -7575,13 +7667,13 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession, (const CK_NSS_HKDFParams *)pMechanism->pParameter; const SECHashObject *rawHash; unsigned hashLen; - CK_BYTE buf[HASH_LENGTH_MAX]; + CK_BYTE hashbuf[HASH_LENGTH_MAX]; CK_BYTE *prk; /* psuedo-random key */ CK_ULONG prkLen; CK_BYTE *okm; /* output keying material */ rawHash = HASH_GetRawHashObject(hashType); - if (rawHash == NULL || rawHash->length > sizeof buf) { + if (rawHash == NULL || rawHash->length > sizeof(hashbuf)) { crv = CKR_FUNCTION_FAILED; break; } @@ -7615,7 +7707,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession, saltLen = params->ulSaltLen; if (salt == NULL) { saltLen = hashLen; - salt = buf; + salt = hashbuf; memset(salt, 0, saltLen); } hmac = HMAC_Create(rawHash, salt, saltLen, isFIPS); @@ -7626,10 +7718,10 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession, HMAC_Begin(hmac); HMAC_Update(hmac, (const unsigned char *)att->attrib.pValue, att->attrib.ulValueLen); - HMAC_Finish(hmac, buf, &bufLen, sizeof(buf)); + HMAC_Finish(hmac, hashbuf, &bufLen, sizeof(hashbuf)); HMAC_Destroy(hmac, PR_TRUE); PORT_Assert(bufLen == rawHash->length); - prk = buf; + prk = hashbuf; prkLen = bufLen; } else { /* PRK = base key value */ @@ -7646,24 +7738,24 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession, * key material = T(1) | ... | T(n) */ HMACContext *hmac; - CK_BYTE i; + CK_BYTE bi; unsigned iterations = PR_ROUNDUP(keySize, hashLen) / hashLen; hmac = HMAC_Create(rawHash, prk, prkLen, isFIPS); if (hmac == NULL) { crv = CKR_HOST_MEMORY; break; } - for (i = 1; i <= iterations; ++i) { + for (bi = 1; bi <= iterations; ++bi) { unsigned len; HMAC_Begin(hmac); - if (i > 1) { - HMAC_Update(hmac, key_block + ((i - 2) * hashLen), hashLen); + if (bi > 1) { + HMAC_Update(hmac, key_block + ((bi - 2) * hashLen), hashLen); } if (params->ulInfoLen != 0) { HMAC_Update(hmac, params->pInfo, params->ulInfoLen); } - HMAC_Update(hmac, &i, 1); - HMAC_Finish(hmac, key_block + ((i - 1) * hashLen), &len, + HMAC_Update(hmac, &bi, 1); + HMAC_Finish(hmac, key_block + ((bi - 1) * hashLen), &len, hashLen); PORT_Assert(len == hashLen); } diff --git a/security/nss/lib/softoken/pkcs11u.c b/security/nss/lib/softoken/pkcs11u.c index 27e411759e..7b5fe732f3 100644 --- a/security/nss/lib/softoken/pkcs11u.c +++ b/security/nss/lib/softoken/pkcs11u.c @@ -1193,7 +1193,7 @@ sftk_DeleteObject(SFTKSession *session, SFTKObject *object) /* Handle Token case */ if (so && so->session) { - SFTKSession *session = so->session; + session = so->session; PZ_Lock(session->objectLock); sftkqueue_delete(&so->sessionList, 0, session->objects, 0); PZ_Unlock(session->objectLock); @@ -1269,7 +1269,7 @@ static const CK_ULONG ecPubKeyAttrsCount = static const CK_ATTRIBUTE_TYPE commonPrivKeyAttrs[] = { CKA_DECRYPT, CKA_SIGN, CKA_SIGN_RECOVER, CKA_UNWRAP, CKA_SUBJECT, - CKA_SENSITIVE, CKA_EXTRACTABLE, CKA_NETSCAPE_DB + CKA_SENSITIVE, CKA_EXTRACTABLE, CKA_NETSCAPE_DB, CKA_PUBLIC_KEY_INFO }; static const CK_ULONG commonPrivKeyAttrsCount = sizeof(commonPrivKeyAttrs) / sizeof(commonPrivKeyAttrs[0]); diff --git a/security/nss/lib/softoken/sdb.c b/security/nss/lib/softoken/sdb.c index 96717cb268..fb897d68cc 100644 --- a/security/nss/lib/softoken/sdb.c +++ b/security/nss/lib/softoken/sdb.c @@ -37,6 +37,10 @@ #elif defined(XP_UNIX) #include <unistd.h> #endif +#if defined(LINUX) && !defined(ANDROID) +#include <linux/magic.h> +#include <sys/vfs.h> +#endif #include "utilpars.h" #ifdef SQLITE_UNSAFE_THREADS @@ -154,7 +158,8 @@ static const CK_ATTRIBUTE_TYPE known_attributes[] = { CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_IPSEC_END_SYSTEM, CKA_TRUST_IPSEC_TUNNEL, CKA_TRUST_IPSEC_USER, CKA_TRUST_TIME_STAMPING, CKA_TRUST_STEP_UP_APPROVED, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, - CKA_NETSCAPE_DB, CKA_NETSCAPE_TRUST, CKA_NSS_OVERRIDE_EXTENSIONS + CKA_NETSCAPE_DB, CKA_NETSCAPE_TRUST, CKA_NSS_OVERRIDE_EXTENSIONS, + CKA_PUBLIC_KEY_INFO }; static int known_attributes_size = sizeof(known_attributes) / @@ -643,13 +648,18 @@ static int sdb_openDB(const char *name, sqlite3 **sqlDB, int flags) { int sqlerr; - /* - * in sqlite3 3.5.0, there is a new open call that allows us - * to specify read only. Most new OS's are still on 3.3.x (including - * NSS's internal version and the version shipped with Firefox). - */ + int openFlags; + *sqlDB = NULL; - sqlerr = sqlite3_open(name, sqlDB); + + if (flags & SDB_RDONLY) { + openFlags = SQLITE_OPEN_READONLY; + } else { + openFlags = SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE; + } + + /* Requires SQLite 3.5.0 or newer. */ + sqlerr = sqlite3_open_v2(name, sqlDB, openFlags, NULL); if (sqlerr != SQLITE_OK) { return sqlerr; } @@ -1757,6 +1767,8 @@ sdb_init(char *dbname, char *table, sdbDataType type, int *inUpdate, PRIntervalTime now = 0; char *env; PRBool enableCache = PR_FALSE; + PRBool checkFSType = PR_FALSE; + PRBool measureSpeed = PR_FALSE; PRBool create; int flags = inFlags & 0x7; @@ -1917,11 +1929,48 @@ sdb_init(char *dbname, char *table, sdbDataType type, int *inUpdate, env = PR_GetEnvSecure("NSS_SDB_USE_CACHE"); - if (!env || PORT_Strcasecmp(env, "no") == 0) { - enableCache = PR_FALSE; + /* Variables enableCache, checkFSType, measureSpeed are PR_FALSE by default, + * which is the expected behavior for NSS_SDB_USE_CACHE="no". + * We don't need to check for "no" here. */ + if (!env) { + /* By default, with no variable set, we avoid expensive measuring for + * most FS types. We start with inexpensive FS type checking, and + * might perform measuring for some types. */ + checkFSType = PR_TRUE; } else if (PORT_Strcasecmp(env, "yes") == 0) { enableCache = PR_TRUE; - } else { + } else if (PORT_Strcasecmp(env, "no") != 0) { /* not "no" => "auto" */ + measureSpeed = PR_TRUE; + } + + if (checkFSType) { +#if defined(LINUX) && !defined(ANDROID) + struct statfs statfs_s; + if (statfs(dbname, &statfs_s) == 0) { + switch (statfs_s.f_type) { + case SMB_SUPER_MAGIC: + case 0xff534d42: /* CIFS_MAGIC_NUMBER */ + case NFS_SUPER_MAGIC: + /* We assume these are slow. */ + enableCache = PR_TRUE; + break; + case CODA_SUPER_MAGIC: + case 0x65735546: /* FUSE_SUPER_MAGIC */ + case NCP_SUPER_MAGIC: + /* It's uncertain if this FS is fast or slow. + * It seems reasonable to perform slow measuring for users + * with questionable FS speed. */ + measureSpeed = PR_TRUE; + break; + case AFS_SUPER_MAGIC: /* Already implements caching. */ + default: + break; + } + } +#endif + } + + if (measureSpeed) { char *tempDir = NULL; PRUint32 tempOps = 0; /* diff --git a/security/nss/lib/softoken/sftkdb.c b/security/nss/lib/softoken/sftkdb.c index 2ae0840682..409c910f46 100644 --- a/security/nss/lib/softoken/sftkdb.c +++ b/security/nss/lib/softoken/sftkdb.c @@ -1591,7 +1591,8 @@ static const CK_ATTRIBUTE_TYPE known_attributes[] = { CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_IPSEC_END_SYSTEM, CKA_TRUST_IPSEC_TUNNEL, CKA_TRUST_IPSEC_USER, CKA_TRUST_TIME_STAMPING, CKA_TRUST_STEP_UP_APPROVED, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, - CKA_NETSCAPE_DB, CKA_NETSCAPE_TRUST, CKA_NSS_OVERRIDE_EXTENSIONS + CKA_NETSCAPE_DB, CKA_NETSCAPE_TRUST, CKA_NSS_OVERRIDE_EXTENSIONS, + CKA_PUBLIC_KEY_INFO }; static unsigned int known_attributes_size = sizeof(known_attributes) / diff --git a/security/nss/lib/softoken/sftkpars.c b/security/nss/lib/softoken/sftkpars.c index e972fe8541..5e96a1c040 100644 --- a/security/nss/lib/softoken/sftkpars.c +++ b/security/nss/lib/softoken/sftkpars.c @@ -162,7 +162,7 @@ sftk_parseParameters(char *param, sftk_parameters *parsed, PRBool isFIPS) } if (parsed->tokens == NULL) { int count = isFIPS ? 1 : 2; - int index = count - 1; + int i = count - 1; sftk_token_parameters *tokens = NULL; tokens = (sftk_token_parameters *) @@ -172,30 +172,30 @@ sftk_parseParameters(char *param, sftk_parameters *parsed, PRBool isFIPS) } parsed->tokens = tokens; parsed->token_count = count; - tokens[index].slotID = isFIPS ? FIPS_SLOT_ID : PRIVATE_KEY_SLOT_ID; - tokens[index].certPrefix = certPrefix; - tokens[index].keyPrefix = keyPrefix; - tokens[index].minPW = minPW ? atoi(minPW) : 0; - tokens[index].readOnly = parsed->readOnly; - tokens[index].noCertDB = parsed->noCertDB; - tokens[index].noKeyDB = parsed->noCertDB; - tokens[index].forceOpen = parsed->forceOpen; - tokens[index].pwRequired = parsed->pwRequired; - tokens[index].optimizeSpace = parsed->optimizeSpace; + tokens[i].slotID = isFIPS ? FIPS_SLOT_ID : PRIVATE_KEY_SLOT_ID; + tokens[i].certPrefix = certPrefix; + tokens[i].keyPrefix = keyPrefix; + tokens[i].minPW = minPW ? atoi(minPW) : 0; + tokens[i].readOnly = parsed->readOnly; + tokens[i].noCertDB = parsed->noCertDB; + tokens[i].noKeyDB = parsed->noCertDB; + tokens[i].forceOpen = parsed->forceOpen; + tokens[i].pwRequired = parsed->pwRequired; + tokens[i].optimizeSpace = parsed->optimizeSpace; tokens[0].optimizeSpace = parsed->optimizeSpace; certPrefix = NULL; keyPrefix = NULL; if (isFIPS) { - tokens[index].tokdes = ftokdes; - tokens[index].updtokdes = pupdtokdes; - tokens[index].slotdes = fslotdes; + tokens[i].tokdes = ftokdes; + tokens[i].updtokdes = pupdtokdes; + tokens[i].slotdes = fslotdes; fslotdes = NULL; ftokdes = NULL; pupdtokdes = NULL; } else { - tokens[index].tokdes = ptokdes; - tokens[index].updtokdes = pupdtokdes; - tokens[index].slotdes = pslotdes; + tokens[i].tokdes = ptokdes; + tokens[i].updtokdes = pupdtokdes; + tokens[i].slotdes = pslotdes; tokens[0].slotID = NETSCAPE_SLOT_ID; tokens[0].tokdes = tokdes; tokens[0].slotdes = slotdes; diff --git a/security/nss/lib/softoken/sftkpwd.c b/security/nss/lib/softoken/sftkpwd.c index e0d2df9ab4..9834d3ba01 100644 --- a/security/nss/lib/softoken/sftkpwd.c +++ b/security/nss/lib/softoken/sftkpwd.c @@ -138,12 +138,14 @@ sftkdb_decodeCipherText(SECItem *cipherText, sftkCipherValue *cipherValue) SFTKDBEncryptedDataInfo edi; SECStatus rv; + PORT_Assert(cipherValue); + cipherValue->arena = NULL; + cipherValue->param = NULL; + arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (arena == NULL) { return SECFailure; } - cipherValue->arena = NULL; - cipherValue->param = NULL; rv = SEC_QuickDERDecodeItem(arena, &edi, sftkdb_EncryptedDataInfoTemplate, cipherText); diff --git a/security/nss/lib/softoken/softkver.h b/security/nss/lib/softoken/softkver.h index f760ba21d8..827bf2e221 100644 --- a/security/nss/lib/softoken/softkver.h +++ b/security/nss/lib/softoken/softkver.h @@ -17,10 +17,10 @@ * The format of the version string should be * "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]" */ -#define SOFTOKEN_VERSION "3.36.4" SOFTOKEN_ECC_STRING +#define SOFTOKEN_VERSION "3.38" SOFTOKEN_ECC_STRING #define SOFTOKEN_VMAJOR 3 -#define SOFTOKEN_VMINOR 36 -#define SOFTOKEN_VPATCH 4 +#define SOFTOKEN_VMINOR 38 +#define SOFTOKEN_VPATCH 0 #define SOFTOKEN_VBUILD 0 #define SOFTOKEN_BETA PR_FALSE diff --git a/security/nss/lib/ssl/SSLerrs.h b/security/nss/lib/ssl/SSLerrs.h index d3f0875442..f01d165833 100644 --- a/security/nss/lib/ssl/SSLerrs.h +++ b/security/nss/lib/ssl/SSLerrs.h @@ -374,7 +374,7 @@ ER3(SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY, (SSL_ERROR_BASE + 115), "SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message.") ER3(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID, (SSL_ERROR_BASE + 116), - "SSL received invalid NPN extension data.") + "SSL received invalid ALPN extension data.") ER3(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2, (SSL_ERROR_BASE + 117), "SSL feature not supported for SSL 2.0 connections.") @@ -543,3 +543,12 @@ ER3(SSL_ERROR_TOO_MANY_KEY_UPDATES, (SSL_ERROR_BASE + 171), ER3(SSL_ERROR_HANDSHAKE_FAILED, (SSL_ERROR_BASE + 172), "SSL handshake has already failed. No more operations possible.") + +ER3(SSL_ERROR_BAD_RESUMPTION_TOKEN_ERROR, (SSL_ERROR_BASE + 173), + "SSL received an invalid resumption token.") + +ER3(SSL_ERROR_RX_MALFORMED_DTLS_ACK, (SSL_ERROR_BASE + 174), + "SSL received a malformed DTLS ACK") + +ER3(SSL_ERROR_DH_KEY_TOO_LONG, (SSL_ERROR_BASE + 175), + "SSL received a DH key share that's too long (>8192 bit).") diff --git a/security/nss/lib/ssl/dtls13con.c b/security/nss/lib/ssl/dtls13con.c index aba0f62ab8..de6cb47ca2 100644 --- a/security/nss/lib/ssl/dtls13con.c +++ b/security/nss/lib/ssl/dtls13con.c @@ -11,6 +11,43 @@ #include "sslimpl.h" #include "sslproto.h" +SECStatus +dtls13_InsertCipherTextHeader(const sslSocket *ss, ssl3CipherSpec *cwSpec, + sslBuffer *wrBuf, PRBool *needsLength) +{ + PRUint32 seq; + SECStatus rv; + + /* Avoid using short records for the handshake. We pack multiple records + * into the one datagram for the handshake. */ + if (ss->opt.enableDtlsShortHeader && + cwSpec->epoch != TrafficKeyHandshake) { + *needsLength = PR_FALSE; + /* The short header is comprised of two octets in the form + * 0b001essssssssssss where 'e' is the low bit of the epoch and 's' is + * the low 12 bits of the sequence number. */ + seq = 0x2000 | + (((uint64_t)cwSpec->epoch & 1) << 12) | + (cwSpec->nextSeqNum & 0xfff); + return sslBuffer_AppendNumber(wrBuf, seq, 2); + } + + rv = sslBuffer_AppendNumber(wrBuf, content_application_data, 1); + if (rv != SECSuccess) { + return SECFailure; + } + + /* The epoch and sequence number are encoded on 4 octets, with the epoch + * consuming the first two bits. */ + seq = (((uint64_t)cwSpec->epoch & 3) << 30) | (cwSpec->nextSeqNum & 0x3fffffff); + rv = sslBuffer_AppendNumber(wrBuf, seq, 4); + if (rv != SECSuccess) { + return SECFailure; + } + *needsLength = PR_TRUE; + return SECSuccess; +} + /* DTLS 1.3 Record map for ACK processing. * This represents a single fragment, so a record which includes * multiple fragments will have one entry for each fragment on the @@ -82,10 +119,15 @@ dtls13_SendAck(sslSocket *ss) SECStatus rv = SECSuccess; PRCList *cursor; PRInt32 sent; + unsigned int offset; SSL_TRC(10, ("%d: SSL3[%d]: Sending ACK", SSL_GETPID(), ss->fd)); + rv = sslBuffer_Skip(&buf, 2, &offset); + if (rv != SECSuccess) { + goto loser; + } for (cursor = PR_LIST_HEAD(&ss->ssl3.hs.dtlsRcvdHandshake); cursor != &ss->ssl3.hs.dtlsRcvdHandshake; cursor = PR_NEXT_LINK(cursor)) { @@ -99,6 +141,11 @@ dtls13_SendAck(sslSocket *ss) } } + rv = sslBuffer_InsertLength(&buf, offset, 2); + if (rv != SECSuccess) { + goto loser; + } + ssl_GetXmitBufLock(ss); sent = ssl3_SendRecord(ss, NULL, content_ack, buf.buf, buf.len, 0); @@ -364,6 +411,7 @@ dtls13_HandleAck(sslSocket *ss, sslBuffer *databuf) { PRUint8 *b = databuf->buf; PRUint32 l = databuf->len; + unsigned int length; SECStatus rv; /* Ensure we don't loop. */ @@ -372,10 +420,19 @@ dtls13_HandleAck(sslSocket *ss, sslBuffer *databuf) PORT_Assert(IS_DTLS(ss)); if (!tls13_MaybeTls13(ss)) { tls13_FatalError(ss, SSL_ERROR_RX_UNKNOWN_RECORD_TYPE, illegal_parameter); - return SECSuccess; + return SECFailure; } SSL_TRC(10, ("%d: SSL3[%d]: Handling ACK", SSL_GETPID(), ss->fd)); + rv = ssl3_ConsumeHandshakeNumber(ss, &length, 2, &b, &l); + if (rv != SECSuccess) { + return SECFailure; + } + if (length != l) { + tls13_FatalError(ss, SSL_ERROR_RX_MALFORMED_DTLS_ACK, decode_error); + return SECFailure; + } + while (l > 0) { PRUint64 seq; PRCList *cursor; diff --git a/security/nss/lib/ssl/dtls13con.h b/security/nss/lib/ssl/dtls13con.h index bf14d3bd2e..ca48ef3638 100644 --- a/security/nss/lib/ssl/dtls13con.h +++ b/security/nss/lib/ssl/dtls13con.h @@ -9,6 +9,10 @@ #ifndef __dtls13con_h_ #define __dtls13con_h_ +SECStatus dtls13_InsertCipherTextHeader(const sslSocket *ss, + ssl3CipherSpec *cwSpec, + sslBuffer *wrBuf, + PRBool *needsLength); SECStatus dtls13_RememberFragment(sslSocket *ss, PRCList *list, PRUint32 sequence, PRUint32 offset, PRUint32 length, DTLSEpoch epoch, diff --git a/security/nss/lib/ssl/dtlscon.c b/security/nss/lib/ssl/dtlscon.c index 2f335f9247..a82295c668 100644 --- a/security/nss/lib/ssl/dtlscon.c +++ b/security/nss/lib/ssl/dtlscon.c @@ -724,13 +724,16 @@ dtls_FragmentHandshake(sslSocket *ss, DTLSQueuedMessage *msg) PORT_Assert(end <= contentLen); fragmentLen = PR_MIN(end, contentLen) - fragmentOffset; - /* Reduce to the space remaining in the MTU. Allow for any existing - * messages, record expansion, and the handshake header. */ + /* Limit further by the record size limit. Account for the header. */ + fragmentLen = PR_MIN(fragmentLen, + msg->cwSpec->recordSizeLimit - DTLS_HS_HDR_LEN); + + /* Reduce to the space remaining in the MTU. */ fragmentLen = PR_MIN(fragmentLen, ss->ssl3.mtu - /* MTU estimate. */ - ss->pendingBuf.len - /* Less unsent records. */ + ss->pendingBuf.len - /* Less any unsent records. */ DTLS_MAX_EXPANSION - /* Allow for expansion. */ - DTLS_HS_HDR_LEN); /* + handshake header. */ + DTLS_HS_HDR_LEN); /* And the handshake header. */ PORT_Assert(fragmentLen > 0 || fragmentOffset == 0); /* Make totally sure that we will fit in the buffer. This should be @@ -776,7 +779,7 @@ dtls_FragmentHandshake(sslSocket *ss, DTLSQueuedMessage *msg) rv = dtls13_RememberFragment(ss, &ss->ssl3.hs.dtlsSentHandshake, msgSeq, fragmentOffset, fragmentLen, msg->cwSpec->epoch, - msg->cwSpec->seqNum); + msg->cwSpec->nextSeqNum); if (rv != SECSuccess) { return SECFailure; } @@ -1319,6 +1322,107 @@ DTLS_GetHandshakeTimeout(PRFileDesc *socket, PRIntervalTime *timeout) return SECSuccess; } +PRBool +dtls_IsLongHeader(SSL3ProtocolVersion version, PRUint8 firstOctet) +{ +#ifndef UNSAFE_FUZZER_MODE + return version < SSL_LIBRARY_VERSION_TLS_1_3 || + firstOctet == content_handshake || + firstOctet == content_ack || + firstOctet == content_alert; +#else + return PR_TRUE; +#endif +} + +DTLSEpoch +dtls_ReadEpoch(const ssl3CipherSpec *crSpec, const PRUint8 *hdr) +{ + DTLSEpoch epoch; + DTLSEpoch maxEpoch; + DTLSEpoch partial; + + if (dtls_IsLongHeader(crSpec->version, hdr[0])) { + return ((DTLSEpoch)hdr[3] << 8) | hdr[4]; + } + + /* A lot of how we recover the epoch here will depend on how we plan to + * manage KeyUpdate. In the case that we decide to install a new read spec + * as a KeyUpdate is handled, crSpec will always be the highest epoch we can + * possibly receive. That makes this easier to manage. */ + if ((hdr[0] & 0xe0) == 0x20) { + /* Use crSpec->epoch, or crSpec->epoch - 1 if the last bit differs. */ + if (((hdr[0] >> 4) & 1) == (crSpec->epoch & 1)) { + return crSpec->epoch; + } + return crSpec->epoch - 1; + } + + /* dtls_GatherData should ensure that this works. */ + PORT_Assert(hdr[0] == content_application_data); + + /* This uses the same method as is used to recover the sequence number in + * dtls_ReadSequenceNumber, except that the maximum value is set to the + * current epoch. */ + partial = hdr[1] >> 6; + maxEpoch = PR_MAX(crSpec->epoch, 3); + epoch = (maxEpoch & 0xfffc) | partial; + if (partial > (maxEpoch & 0x03)) { + epoch -= 4; + } + return epoch; +} + +static sslSequenceNumber +dtls_ReadSequenceNumber(const ssl3CipherSpec *spec, const PRUint8 *hdr) +{ + sslSequenceNumber cap; + sslSequenceNumber partial; + sslSequenceNumber seqNum; + sslSequenceNumber mask; + + if (dtls_IsLongHeader(spec->version, hdr[0])) { + static const unsigned int seqNumOffset = 5; /* type, version, epoch */ + static const unsigned int seqNumLength = 6; + sslReader r = SSL_READER(hdr + seqNumOffset, seqNumLength); + (void)sslRead_ReadNumber(&r, seqNumLength, &seqNum); + return seqNum; + } + + /* Only the least significant bits of the sequence number is available here. + * This recovers the value based on the next expected sequence number. + * + * This works by determining the maximum possible sequence number, which is + * half the range of possible values above the expected next value (the + * expected next value is in |spec->seqNum|). Then, the last part of the + * sequence number is replaced. If that causes the value to exceed the + * maximum, subtract an entire range. + */ + if ((hdr[0] & 0xe0) == 0x20) { + /* A 12-bit sequence number. */ + cap = spec->nextSeqNum + (1ULL << 11); + partial = (((sslSequenceNumber)hdr[0] & 0xf) << 8) | + (sslSequenceNumber)hdr[1]; + mask = (1ULL << 12) - 1; + } else { + /* A 30-bit sequence number. */ + cap = spec->nextSeqNum + (1ULL << 29); + partial = (((sslSequenceNumber)hdr[1] & 0x3f) << 24) | + ((sslSequenceNumber)hdr[2] << 16) | + ((sslSequenceNumber)hdr[3] << 8) | + (sslSequenceNumber)hdr[4]; + mask = (1ULL << 30) - 1; + } + seqNum = (cap & ~mask) | partial; + /* The second check prevents the value from underflowing if we get a large + * gap at the start of a connection, where this subtraction would cause the + * sequence number to wrap to near UINT64_MAX. */ + if ((partial > (cap & mask)) && (seqNum > mask)) { + seqNum -= mask + 1; + } + return seqNum; +} + /* * DTLS relevance checks: * Note that this code currently ignores all out-of-epoch packets, @@ -1336,7 +1440,7 @@ dtls_IsRelevant(sslSocket *ss, const ssl3CipherSpec *spec, const SSL3Ciphertext *cText, sslSequenceNumber *seqNumOut) { - sslSequenceNumber seqNum = cText->seq_num & RECORD_SEQ_MASK; + sslSequenceNumber seqNum = dtls_ReadSequenceNumber(spec, cText->hdr); if (dtls_RecordGetRecvd(&spec->recvdRecords, seqNum) != 0) { SSL_TRC(10, ("%d: SSL3[%d]: dtls_IsRelevant, rejecting " "potentially replayed packet", diff --git a/security/nss/lib/ssl/dtlscon.h b/security/nss/lib/ssl/dtlscon.h index d094380f8c..45fc069b97 100644 --- a/security/nss/lib/ssl/dtlscon.h +++ b/security/nss/lib/ssl/dtlscon.h @@ -41,8 +41,10 @@ extern SSL3ProtocolVersion dtls_TLSVersionToDTLSVersion(SSL3ProtocolVersion tlsv); extern SSL3ProtocolVersion dtls_DTLSVersionToTLSVersion(SSL3ProtocolVersion dtlsv); +DTLSEpoch dtls_ReadEpoch(const ssl3CipherSpec *crSpec, const PRUint8 *hdr); extern PRBool dtls_IsRelevant(sslSocket *ss, const ssl3CipherSpec *spec, const SSL3Ciphertext *cText, sslSequenceNumber *seqNum); void dtls_ReceivedFirstMessageInFlight(sslSocket *ss); +PRBool dtls_IsLongHeader(SSL3ProtocolVersion version, PRUint8 firstOctet); #endif diff --git a/security/nss/lib/ssl/ssl.h b/security/nss/lib/ssl/ssl.h index 25aabbaa21..ecc4f95066 100644 --- a/security/nss/lib/ssl/ssl.h +++ b/security/nss/lib/ssl/ssl.h @@ -158,23 +158,18 @@ SSL_IMPORT PRFileDesc *DTLS_ImportFD(PRFileDesc *model, PRFileDesc *fd); #define SSL_CBC_RANDOM_IV 23 #define SSL_ENABLE_OCSP_STAPLING 24 /* Request OCSP stapling (client) */ -/* SSL_ENABLE_NPN controls whether the NPN extension is enabled for the initial - * handshake when application layer protocol negotiation is used. - * SSL_SetNextProtoCallback or SSL_SetNextProtoNego must be used to control the - * application layer protocol negotiation; otherwise, the NPN extension will - * not be negotiated. SSL_ENABLE_NPN is currently enabled by default but this - * may change in future versions. - */ +/* SSL_ENABLE_NPN is defunct and defaults to false. + * Using this option will not have any effect but won't produce an error. */ #define SSL_ENABLE_NPN 25 /* SSL_ENABLE_ALPN controls whether the ALPN extension is enabled for the * initial handshake when application layer protocol negotiation is used. - * SSL_SetNextProtoNego (not SSL_SetNextProtoCallback) must be used to control - * the application layer protocol negotiation; otherwise, the ALPN extension - * will not be negotiated. ALPN is not negotiated for renegotiation handshakes, - * even though the ALPN specification defines a way to use ALPN during - * renegotiations. SSL_ENABLE_ALPN is currently disabled by default, but this - * may change in future versions. + * SSL_SetNextProtoNego or SSL_SetNextProtoCallback can be used to control + * the application layer protocol negotiation; + * ALPN is not negotiated for renegotiation handshakes, even though the ALPN + * specification defines a way to use ALPN during renegotiations. + * SSL_ENABLE_ALPN is currently enabled by default, but this may change in + * future versions. */ #define SSL_ENABLE_ALPN 26 @@ -248,12 +243,45 @@ SSL_IMPORT PRFileDesc *DTLS_ImportFD(PRFileDesc *model, PRFileDesc *fd); */ #define SSL_ENABLE_0RTT_DATA 33 +/* Sets a limit to the size of encrypted records (see + * draft-ietf-tls-record-limit). This is the value that is advertised to peers, + * not a limit on the size of records that will be created. Setting this value + * reduces the size of records that will be received (not sent). + * + * This limit applies to the plaintext, but the records that appear on the wire + * will be bigger. This doesn't include record headers, IVs, block cipher + * padding, and authentication tags or MACs. + * + * NSS always advertises the record size limit extension. If this option is not + * set, the extension will contain the maximum allowed size for the selected TLS + * version (currently this is 16384 or 2^14 for TLS 1.2 and lower and 16385 for + * TLS 1.3). + * + * By default, NSS creates records that are the maximum size possible, using all + * the data that was written by the application. Writes larger than the maximum + * are split into maximum sized records, and any remainder (unless + * SSL_CBC_RANDOM_IV is enabled and active). If a peer advertises a record size + * limit then that value is used instead. + */ +#define SSL_RECORD_SIZE_LIMIT 34 + /* Enables TLS 1.3 compatibility mode. In this mode, the client includes a fake * session ID in the handshake and sends a ChangeCipherSpec. A server will * always use the setting chosen by the client, so the value of this option has * no effect for a server. This setting is ignored for DTLS. */ #define SSL_ENABLE_TLS13_COMPAT_MODE 35 +/* Enables the sending of DTLS records using the short (two octet) record + * header. Only do this if there are 2^10 or fewer packets in flight at a time; + * using this with a larger number of packets in flight could mean that packets + * are dropped if there is reordering. + * + * This applies to TLS 1.3 only. This is not a parameter that is negotiated + * during the TLS handshake. Unlike other socket options, this option can be + * changed after a handshake is complete. + */ +#define SSL_ENABLE_DTLS_SHORT_HEADER 36 + #ifdef SSL_DEPRECATED_FUNCTION /* Old deprecated function names */ SSL_IMPORT SECStatus SSL_Enable(PRFileDesc *fd, int option, PRIntn on); @@ -272,10 +300,10 @@ SSL_IMPORT SECStatus SSL_OptionSetDefault(PRInt32 option, PRIntn val); SSL_IMPORT SECStatus SSL_OptionGetDefault(PRInt32 option, PRIntn *val); SSL_IMPORT SECStatus SSL_CertDBHandleSet(PRFileDesc *fd, CERTCertDBHandle *dbHandle); -/* SSLNextProtoCallback is called during the handshake for the client, when a - * Next Protocol Negotiation (NPN) extension has been received from the server. - * |protos| and |protosLen| define a buffer which contains the server's - * advertisement. This data is guaranteed to be well formed per the NPN spec. +/* SSLNextProtoCallback is called during the handshake for the server, when an + * Application-Layer Protocol Negotiation (ALPN) extension has been received + * from the client. |protos| and |protosLen| define a buffer which contains the + * client's advertisement. * |protoOut| is a buffer provided by the caller, of length 255 (the maximum * allowed by the protocol). On successful return, the protocol to be announced * to the server will be in |protoOut| and its length in |*protoOutLen|. @@ -291,27 +319,24 @@ typedef SECStatus(PR_CALLBACK *SSLNextProtoCallback)( unsigned int *protoOutLen, unsigned int protoMaxOut); -/* SSL_SetNextProtoCallback sets a callback function to handle Next Protocol - * Negotiation. It causes a client to advertise NPN. */ +/* SSL_SetNextProtoCallback sets a callback function to handle ALPN Negotiation. + * It causes a client to advertise ALPN. */ SSL_IMPORT SECStatus SSL_SetNextProtoCallback(PRFileDesc *fd, SSLNextProtoCallback callback, void *arg); /* SSL_SetNextProtoNego can be used as an alternative to - * SSL_SetNextProtoCallback. It also causes a client to advertise NPN and - * installs a default callback function which selects the first supported - * protocol in server-preference order. If no matching protocol is found it - * selects the first supported protocol. + * SSL_SetNextProtoCallback. * - * Using this function also allows the client to transparently support ALPN. + * Using this function allows client and server to transparently support ALPN. * The same set of protocols will be advertised via ALPN and, if the server * uses ALPN to select a protocol, SSL_GetNextProto will return * SSL_NEXT_PROTO_SELECTED as the state. * - * Since NPN uses the first protocol as the fallback protocol, when sending an - * ALPN extension, the first protocol is moved to the end of the list. This - * indicates that the fallback protocol is the least preferred. The other - * protocols should be in preference order. + * Because the predecessor to ALPN, NPN, used the first protocol as the fallback + * protocol, when sending an ALPN extension, the first protocol is moved to the + * end of the list. This indicates that the fallback protocol is the least + * preferred. The other protocols should be in preference order. * * The supported protocols are specified in |data| in wire-format (8-bit * length-prefixed). For example: "\010http/1.1\006spdy/2". */ diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c index 2593bbaccb..466fc296ff 100644 --- a/security/nss/lib/ssl/ssl3con.c +++ b/security/nss/lib/ssl/ssl3con.c @@ -990,27 +990,22 @@ ssl_ClientReadVersion(sslSocket *ss, PRUint8 **b, unsigned int *len, if (rv != SECSuccess) { return SECFailure; /* alert has been sent */ } - -#ifdef TLS_1_3_DRAFT_VERSION - if (temp == SSL_LIBRARY_VERSION_TLS_1_3) { - (void)SSL3_SendAlert(ss, alert_fatal, protocol_version); - PORT_SetError(SSL_ERROR_UNSUPPORTED_VERSION); - return SECFailure; - } - if (temp == tls13_EncodeDraftVersion(SSL_LIBRARY_VERSION_TLS_1_3)) { - v = SSL_LIBRARY_VERSION_TLS_1_3; - } else { - v = (SSL3ProtocolVersion)temp; - } -#else v = (SSL3ProtocolVersion)temp; -#endif if (IS_DTLS(ss)) { - /* If this fails, we get 0 back and the next check to fails. */ v = dtls_DTLSVersionToTLSVersion(v); + /* Check for failure. */ + if (!v || v > SSL_LIBRARY_VERSION_MAX_SUPPORTED) { + SSL3_SendAlert(ss, alert_fatal, illegal_parameter); + return SECFailure; + } } + /* You can't negotiate TLS 1.3 this way. */ + if (v >= SSL_LIBRARY_VERSION_TLS_1_3) { + SSL3_SendAlert(ss, alert_fatal, illegal_parameter); + return SECFailure; + } *version = v; return SECSuccess; } @@ -1415,7 +1410,7 @@ ssl3_SetupPendingCipherSpec(sslSocket *ss, CipherSpecDirection direction, spec->macDef = ssl_GetMacDef(ss, suiteDef); spec->epoch = prev->epoch + 1; - spec->seqNum = 0; + spec->nextSeqNum = 0; if (IS_DTLS(ss) && direction == CipherSpecRead) { dtls_InitRecvdRecords(&spec->recvdRecords); } @@ -1481,6 +1476,13 @@ ssl3_SetupBothPendingCipherSpecs(sslSocket *ss) goto loser; } + if (ssl3_ExtensionNegotiated(ss, ssl_record_size_limit_xtn)) { + ss->ssl3.prSpec->recordSizeLimit = PR_MIN(MAX_FRAGMENT_LENGTH, + ss->opt.recordSizeLimit); + ss->ssl3.pwSpec->recordSizeLimit = PR_MIN(MAX_FRAGMENT_LENGTH, + ss->xtnData.recordSizeLimit); + } + ssl_ReleaseSpecWriteLock(ss); /*******************************/ return SECSuccess; @@ -2004,6 +2006,7 @@ ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec, unsigned int ivLen = 0; unsigned char pseudoHeaderBuf[13]; sslBuffer pseudoHeader = SSL_BUFFER(pseudoHeaderBuf); + int len; if (cwSpec->cipherDef->type == type_block && cwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_1) { @@ -2013,29 +2016,32 @@ ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec, * record. */ ivLen = cwSpec->cipherDef->iv_size; - if (ivLen > wrBuf->space) { + if (ivLen > SSL_BUFFER_SPACE(wrBuf)) { PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); return SECFailure; } - rv = PK11_GenerateRandom(wrBuf->buf, ivLen); + rv = PK11_GenerateRandom(SSL_BUFFER_NEXT(wrBuf), ivLen); if (rv != SECSuccess) { ssl_MapLowLevelError(SSL_ERROR_GENERATE_RANDOM_FAILURE); return rv; } rv = cwSpec->cipher(cwSpec->cipherContext, - wrBuf->buf, /* output */ - (int *)&wrBuf->len, /* outlen */ - ivLen, /* max outlen */ - wrBuf->buf, /* input */ - ivLen); /* input len */ - if (rv != SECSuccess || wrBuf->len != ivLen) { + SSL_BUFFER_NEXT(wrBuf), /* output */ + &len, /* outlen */ + ivLen, /* max outlen */ + SSL_BUFFER_NEXT(wrBuf), /* input */ + ivLen); /* input len */ + if (rv != SECSuccess || len != ivLen) { PORT_SetError(SSL_ERROR_ENCRYPTION_FAILURE); return SECFailure; } + + rv = sslBuffer_Skip(wrBuf, len, NULL); + PORT_Assert(rv == SECSuccess); /* Can't fail. */ } rv = ssl3_BuildRecordPseudoHeader( - cwSpec->epoch, cwSpec->seqNum, type, + cwSpec->epoch, cwSpec->nextSeqNum, type, cwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_0, cwSpec->recordVersion, isDTLS, contentLen, &pseudoHeader); PORT_Assert(rv == SECSuccess); @@ -2043,23 +2049,26 @@ ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec, const int nonceLen = cwSpec->cipherDef->explicit_nonce_size; const int tagLen = cwSpec->cipherDef->tag_size; - if (nonceLen + contentLen + tagLen > wrBuf->space) { + if (nonceLen + contentLen + tagLen > SSL_BUFFER_SPACE(wrBuf)) { PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); return SECFailure; } rv = cwSpec->aead( &cwSpec->keyMaterial, - PR_FALSE, /* do encrypt */ - wrBuf->buf, /* output */ - (int *)&wrBuf->len, /* out len */ - wrBuf->space, /* max out */ - pIn, contentLen, /* input */ + PR_FALSE, /* do encrypt */ + SSL_BUFFER_NEXT(wrBuf), /* output */ + &len, /* out len */ + SSL_BUFFER_SPACE(wrBuf), /* max out */ + pIn, contentLen, /* input */ SSL_BUFFER_BASE(&pseudoHeader), SSL_BUFFER_LEN(&pseudoHeader)); if (rv != SECSuccess) { PORT_SetError(SSL_ERROR_ENCRYPTION_FAILURE); return SECFailure; } + + rv = sslBuffer_Skip(wrBuf, len, NULL); + PORT_Assert(rv == SECSuccess); /* Can't fail. */ } else { int blockSize = cwSpec->cipherDef->block_size; @@ -2069,7 +2078,7 @@ ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec, rv = ssl3_ComputeRecordMAC(cwSpec, SSL_BUFFER_BASE(&pseudoHeader), SSL_BUFFER_LEN(&pseudoHeader), pIn, contentLen, - wrBuf->buf + ivLen + contentLen, &macLen); + SSL_BUFFER_NEXT(wrBuf) + contentLen, &macLen); if (rv != SECSuccess) { ssl_MapLowLevelError(SSL_ERROR_MAC_COMPUTATION_FAILURE); return SECFailure; @@ -2095,7 +2104,7 @@ ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec, PORT_Assert((fragLen % blockSize) == 0); /* Pad according to TLS rules (also acceptable to SSL3). */ - pBuf = &wrBuf->buf[ivLen + fragLen - 1]; + pBuf = SSL_BUFFER_NEXT(wrBuf) + fragLen - 1; for (i = padding_length + 1; i > 0; --i) { *pBuf-- = padding_length; } @@ -2112,14 +2121,14 @@ ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec, p2Len += oddLen; PORT_Assert((blockSize < 2) || (p2Len % blockSize) == 0); - memmove(wrBuf->buf + ivLen + p1Len, pIn + p1Len, oddLen); + memmove(SSL_BUFFER_NEXT(wrBuf) + p1Len, pIn + p1Len, oddLen); } if (p1Len > 0) { int cipherBytesPart1 = -1; rv = cwSpec->cipher(cwSpec->cipherContext, - wrBuf->buf + ivLen, /* output */ - &cipherBytesPart1, /* actual outlen */ - p1Len, /* max outlen */ + SSL_BUFFER_NEXT(wrBuf), /* output */ + &cipherBytesPart1, /* actual outlen */ + p1Len, /* max outlen */ pIn, p1Len); /* input, and inputlen */ PORT_Assert(rv == SECSuccess && cipherBytesPart1 == (int)p1Len); @@ -2127,22 +2136,24 @@ ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec, PORT_SetError(SSL_ERROR_ENCRYPTION_FAILURE); return SECFailure; } - wrBuf->len += cipherBytesPart1; + rv = sslBuffer_Skip(wrBuf, p1Len, NULL); + PORT_Assert(rv == SECSuccess); } if (p2Len > 0) { int cipherBytesPart2 = -1; rv = cwSpec->cipher(cwSpec->cipherContext, - wrBuf->buf + ivLen + p1Len, + SSL_BUFFER_NEXT(wrBuf), &cipherBytesPart2, /* output and actual outLen */ p2Len, /* max outlen */ - wrBuf->buf + ivLen + p1Len, + SSL_BUFFER_NEXT(wrBuf), p2Len); /* input and inputLen*/ PORT_Assert(rv == SECSuccess && cipherBytesPart2 == (int)p2Len); if (rv != SECSuccess || cipherBytesPart2 != (int)p2Len) { PORT_SetError(SSL_ERROR_ENCRYPTION_FAILURE); return SECFailure; } - wrBuf->len += cipherBytesPart2; + rv = sslBuffer_Skip(wrBuf, p2Len, NULL); + PORT_Assert(rv == SECSuccess); } } @@ -2150,16 +2161,20 @@ ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec, } /* Note: though this can report failure, it shouldn't. */ -static SECStatus +SECStatus ssl_InsertRecordHeader(const sslSocket *ss, ssl3CipherSpec *cwSpec, - SSL3ContentType contentType, unsigned int len, - sslBuffer *wrBuf) + SSL3ContentType contentType, sslBuffer *wrBuf, + PRBool *needsLength) { SECStatus rv; #ifndef UNSAFE_FUZZER_MODE if (cwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_3 && - cwSpec->cipherDef->calg != ssl_calg_null) { + cwSpec->epoch > TrafficKeyClearText) { + if (IS_DTLS(ss)) { + return dtls13_InsertCipherTextHeader(ss, cwSpec, wrBuf, + needsLength); + } contentType = content_application_data; } #endif @@ -2177,16 +2192,12 @@ ssl_InsertRecordHeader(const sslSocket *ss, ssl3CipherSpec *cwSpec, if (rv != SECSuccess) { return SECFailure; } - rv = sslBuffer_AppendNumber(wrBuf, cwSpec->seqNum, 6); + rv = sslBuffer_AppendNumber(wrBuf, cwSpec->nextSeqNum, 6); if (rv != SECSuccess) { return SECFailure; } } - rv = sslBuffer_AppendNumber(wrBuf, len, 2); - if (rv != SECSuccess) { - return SECFailure; - } - + *needsLength = PR_TRUE; return SECSuccess; } @@ -2194,66 +2205,67 @@ SECStatus ssl_ProtectRecord(sslSocket *ss, ssl3CipherSpec *cwSpec, SSL3ContentType type, const PRUint8 *pIn, PRUint32 contentLen, sslBuffer *wrBuf) { - unsigned int headerLen = IS_DTLS(ss) ? DTLS_RECORD_HEADER_LENGTH - : SSL3_RECORD_HEADER_LENGTH; - sslBuffer protBuf = SSL_BUFFER_FIXED(SSL_BUFFER_BASE(wrBuf) + headerLen, - SSL_BUFFER_SPACE(wrBuf) - headerLen); - PRBool isTLS13; + PRBool needsLength; + unsigned int lenOffset; SECStatus rv; PORT_Assert(cwSpec->direction == CipherSpecWrite); PORT_Assert(SSL_BUFFER_LEN(wrBuf) == 0); PORT_Assert(cwSpec->cipherDef->max_records <= RECORD_SEQ_MAX); - if (cwSpec->seqNum >= cwSpec->cipherDef->max_records) { + + if (cwSpec->nextSeqNum >= cwSpec->cipherDef->max_records) { /* We should have automatically updated before here in TLS 1.3. */ PORT_Assert(cwSpec->version < SSL_LIBRARY_VERSION_TLS_1_3); SSL_TRC(3, ("%d: SSL[-]: write sequence number at limit 0x%0llx", - SSL_GETPID(), cwSpec->seqNum)); + SSL_GETPID(), cwSpec->nextSeqNum)); PORT_SetError(SSL_ERROR_TOO_MANY_RECORDS); return SECFailure; } - isTLS13 = (PRBool)(cwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_3); + rv = ssl_InsertRecordHeader(ss, cwSpec, type, wrBuf, &needsLength); + if (rv != SECSuccess) { + return SECFailure; + } + if (needsLength) { + rv = sslBuffer_Skip(wrBuf, 2, &lenOffset); + if (rv != SECSuccess) { + return SECFailure; + } + } #ifdef UNSAFE_FUZZER_MODE { int len; - rv = Null_Cipher(NULL, SSL_BUFFER_BASE(&protBuf), &len, - SSL_BUFFER_SPACE(&protBuf), pIn, contentLen); + rv = Null_Cipher(NULL, SSL_BUFFER_NEXT(wrBuf), &len, + SSL_BUFFER_SPACE(wrBuf), pIn, contentLen); if (rv != SECSuccess) { return SECFailure; /* error was set */ } - rv = sslBuffer_Skip(&protBuf, len, NULL); + rv = sslBuffer_Skip(wrBuf, len, NULL); PORT_Assert(rv == SECSuccess); /* Can't fail. */ } #else - if (isTLS13) { - rv = tls13_ProtectRecord(ss, cwSpec, type, pIn, contentLen, &protBuf); + if (cwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_3) { + rv = tls13_ProtectRecord(ss, cwSpec, type, pIn, contentLen, wrBuf); } else { rv = ssl3_MACEncryptRecord(cwSpec, ss->sec.isServer, IS_DTLS(ss), type, - pIn, contentLen, &protBuf); + pIn, contentLen, wrBuf); } #endif if (rv != SECSuccess) { return SECFailure; /* error was set */ } - PORT_Assert(protBuf.len <= MAX_FRAGMENT_LENGTH + (isTLS13 ? 256 : 1024)); - - rv = ssl_InsertRecordHeader(ss, cwSpec, type, SSL_BUFFER_LEN(&protBuf), - wrBuf); - if (rv != SECSuccess) { - return SECFailure; - } - - PORT_Assert(SSL_BUFFER_LEN(wrBuf) == headerLen); - rv = sslBuffer_Skip(wrBuf, SSL_BUFFER_LEN(&protBuf), NULL); - if (rv != SECSuccess) { - PORT_Assert(0); /* Can't fail. */ - return SECFailure; + if (needsLength) { + /* Insert the length. */ + rv = sslBuffer_InsertLength(wrBuf, lenOffset, 2); + if (rv != SECSuccess) { + PORT_Assert(0); /* Can't fail. */ + return SECFailure; + } } - ++cwSpec->seqNum; + ++cwSpec->nextSeqNum; return SECSuccess; } @@ -2267,7 +2279,7 @@ ssl_ProtectNextRecord(sslSocket *ss, ssl3CipherSpec *spec, SSL3ContentType type, unsigned int spaceNeeded; SECStatus rv; - contentLen = PR_MIN(nIn, MAX_FRAGMENT_LENGTH); + contentLen = PR_MIN(nIn, spec->recordSizeLimit); spaceNeeded = contentLen + SSL3_BUFFER_FUDGE; if (spec->version >= SSL_LIBRARY_VERSION_TLS_1_1 && spec->cipherDef->type == type_block) { @@ -2291,6 +2303,7 @@ ssl_ProtectNextRecord(sslSocket *ss, ssl3CipherSpec *spec, SSL3ContentType type, *written = contentLen; return SECSuccess; } + /* Process the plain text before sending it. * Returns the number of bytes of plaintext that were successfully sent * plus the number of bytes of plaintext that were copied into the @@ -2368,7 +2381,7 @@ ssl3_SendRecord(sslSocket *ss, rv = ssl_ProtectNextRecord(ss, spec, type, pIn, nIn, &written); ssl_ReleaseSpecReadLock(ss); if (rv != SECSuccess) { - return SECFailure; + goto loser; } PORT_Assert(written > 0); @@ -3034,7 +3047,6 @@ ssl3_SendChangeCipherSpecsInt(sslSocket *ss) return SECFailure; /* error code set by ssl3_SendRecord */ } } else { - SECStatus rv; rv = dtls_QueueMessage(ss, content_change_cipher_spec, &change, 1); if (rv != SECSuccess) { return SECFailure; @@ -5567,13 +5579,20 @@ ssl3_SendRSAClientKeyExchange(sslSocket *ss, SECKEYPublicKey *svrPubKey) } /* Get the wrapped (encrypted) pre-master secret, enc_pms */ - enc_pms.len = SECKEY_PublicKeyStrength(svrPubKey); + unsigned int svrPubKeyBits = SECKEY_PublicKeyStrengthInBits(svrPubKey); + enc_pms.len = (svrPubKeyBits + 7) / 8; + /* Check that the RSA key isn't larger than 8k bit. */ + if (svrPubKeyBits > SSL_MAX_RSA_KEY_BITS) { + (void)SSL3_SendAlert(ss, alert_fatal, illegal_parameter); + ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE); + goto loser; + } enc_pms.data = (unsigned char *)PORT_Alloc(enc_pms.len); if (enc_pms.data == NULL) { goto loser; /* err set by PORT_Alloc */ } - /* wrap pre-master secret in server's public key. */ + /* Wrap pre-master secret in server's public key. */ rv = PK11_PubWrapSymKey(CKM_RSA_PKCS, svrPubKey, pms, &enc_pms); if (rv != SECSuccess) { ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE); @@ -5676,7 +5695,7 @@ ssl3_SendDHClientKeyExchange(sslSocket *ss, SECKEYPublicKey *svrPubKey) }; sslEphemeralKeyPair *keyPair = NULL; SECKEYPublicKey *pubKey; - PRUint8 dhData[1026]; /* Enough for the 8192-bit group. */ + PRUint8 dhData[SSL_MAX_DH_KEY_BITS / 8 + 2]; sslBuffer dhBuf = SSL_BUFFER(dhData); PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss)); @@ -6208,7 +6227,6 @@ ssl3_HandleServerHello(sslSocket *ss, PRUint8 *b, PRUint32 length) SECItem sidBytes = { siBuffer, NULL, 0 }; PRBool isHelloRetry; SSL3AlertDescription desc = illegal_parameter; - TLSExtension *versionExtension; const PRUint8 *savedMsg = b; const PRUint32 savedLength = length; #ifndef TLS_1_3_DRAFT_VERSION @@ -6299,16 +6317,10 @@ ssl3_HandleServerHello(sslSocket *ss, PRUint8 *b, PRUint32 length) } } - /* Update the version based on the extension, as necessary. */ - versionExtension = ssl3_FindExtension(ss, ssl_tls13_supported_versions_xtn); - if (versionExtension) { - rv = ssl_ClientReadVersion(ss, &versionExtension->data.data, - &versionExtension->data.len, - &ss->version); - if (rv != SECSuccess) { - errCode = PORT_GetError(); - goto loser; /* An alert is sent by ssl_ClientReadVersion */ - } + /* Read supported_versions if present. */ + rv = tls13_ClientReadSupportedVersion(ss); + if (rv != SECSuccess) { + goto loser; } PORT_Assert(!SSL_ALL_VERSIONS_DISABLED(&ss->vrange)); @@ -6332,7 +6344,7 @@ ssl3_HandleServerHello(sslSocket *ss, PRUint8 *b, PRUint32 length) /* The server didn't pick 1.3 although we either received a * HelloRetryRequest, or we prepared to send early app data. */ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) { - if (ss->ssl3.hs.helloRetry) { + if (isHelloRetry || ss->ssl3.hs.helloRetry) { /* SSL3_SendAlert() will uncache the SID. */ desc = illegal_parameter; errCode = SSL_ERROR_RX_MALFORMED_SERVER_HELLO; @@ -6393,8 +6405,9 @@ ssl3_HandleServerHello(sslSocket *ss, PRUint8 *b, PRUint32 length) /* Finally, now all the version-related checks have passed. */ ss->ssl3.hs.preliminaryInfo |= ssl_preinfo_version; /* Update the write cipher spec to match the version. But not after - * HelloRetryRequest, because cwSpec might be a 0-RTT cipher spec. */ - if (!ss->firstHsDone && !ss->ssl3.hs.helloRetry) { + * HelloRetryRequest, because cwSpec might be a 0-RTT cipher spec, + * in which case this is a no-op. */ + if (!ss->firstHsDone && !isHelloRetry) { ssl_GetSpecWriteLock(ss); ssl_SetSpecVersions(ss, ss->ssl3.cwSpec); ssl_ReleaseSpecWriteLock(ss); @@ -6729,6 +6742,10 @@ ssl_HandleDHServerKeyExchange(sslSocket *ss, PRUint8 *b, PRUint32 length) errCode = SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY; goto alert_loser; } + if (dh_p_bits > SSL_MAX_DH_KEY_BITS) { + errCode = SSL_ERROR_DH_KEY_TOO_LONG; + goto alert_loser; + } rv = ssl3_ConsumeHandshakeVariable(ss, &dh_g, 2, &b, &length); if (rv != SECSuccess) { goto loser; /* malformed. */ @@ -6938,8 +6955,10 @@ ssl3_ParseCertificateRequestCAs(sslSocket *ss, PRUint8 **b, PRUint32 *length, goto alert_loser; /* malformed */ remaining -= 2; + if (SECITEM_MakeItem(ca_list->arena, &node->name, *b, len) != SECSuccess) { + goto no_mem; + } node->name.len = len; - node->name.data = *b; *b += len; *length -= len; remaining -= len; @@ -6967,7 +6986,6 @@ ssl3_ParseCertificateRequestCAs(sslSocket *ss, PRUint8 **b, PRUint32 *length, return SECSuccess; no_mem: - PORT_SetError(SEC_ERROR_NO_MEMORY); return SECFailure; alert_loser: @@ -7332,10 +7350,6 @@ ssl3_SendClientSecondRound(sslSocket *ss) * certificate to an attacker that does not have a valid cert for the * domain we are connecting to. * - * XXX: We should do the same for the NPN extension, but for that we - * need an option to give the application the ability to leak the NPN - * information to get better performance. - * * During the initial handshake on a connection, we never send/receive * application data until we have authenticated the server's certificate; * i.e. we have fully authenticated the handshake before using the cipher @@ -7409,14 +7423,6 @@ ssl3_SendClientSecondRound(sslSocket *ss) ss->enoughFirstHsDone = PR_TRUE; if (!ss->firstHsDone) { - /* XXX: If the server's certificate hasn't been authenticated by this - * point, then we may be leaking this NPN message to an attacker. - */ - rv = ssl3_SendNextProto(ss); - if (rv != SECSuccess) { - goto loser; /* err code was set. */ - } - if (ss->opt.enableFalseStart) { if (!ss->ssl3.hs.authCertificatePending) { /* When we fix bug 589047, we will need to know whether we are @@ -8879,12 +8885,10 @@ ssl_ConstructServerHello(sslSocket *ss, PRBool helloRetry, SSL3ProtocolVersion version; sslSessionID *sid = ss->sec.ci.sid; - if (IS_DTLS(ss) && ss->version < SSL_LIBRARY_VERSION_TLS_1_3) { - version = dtls_TLSVersionToDTLSVersion(ss->version); - } else { - version = PR_MIN(ss->version, SSL_LIBRARY_VERSION_TLS_1_2); + version = PR_MIN(ss->version, SSL_LIBRARY_VERSION_TLS_1_2); + if (IS_DTLS(ss)) { + version = dtls_TLSVersionToDTLSVersion(version); } - rv = sslBuffer_AppendNumber(messageBuf, version, 2); if (rv != SECSuccess) { return SECFailure; @@ -11404,6 +11408,10 @@ ssl3_HandleHandshakeMessage(sslSocket *ss, PRUint8 *b, PRUint32 length, /* Increment the expected sequence number */ ss->ssl3.hs.recvMessageSeq++; } + + /* Taint the message so that it's easier to detect UAFs. */ + PORT_Memset(b, 'N', length); + return rv; } @@ -11738,7 +11746,7 @@ ssl_RemoveTLSCBCPadding(sslBuffer *plaintext, unsigned int macSize) } for (i = 0; i < toCheck; i++) { - unsigned int t = paddingLength - i; + t = paddingLength - i; /* If i <= paddingLength then the MSB of t is zero and mask is * 0xff. Otherwise, mask is 0. */ unsigned char mask = DUPLICATE_MSB_TO_ALL(~t); @@ -11878,6 +11886,7 @@ ssl3_UnprotectRecord(sslSocket *ss, unsigned int good; unsigned int ivLen = 0; SSL3ContentType rType; + SSL3ProtocolVersion rVersion; unsigned int minLength; unsigned int originalLen = 0; PRUint8 headerBuf[13]; @@ -11950,7 +11959,9 @@ ssl3_UnprotectRecord(sslSocket *ss, return SECFailure; } - rType = cText->type; + rType = (SSL3ContentType)cText->hdr[0]; + rVersion = ((SSL3ProtocolVersion)cText->hdr[1] << 8) | + (SSL3ProtocolVersion)cText->hdr[2]; if (cipher_def->type == type_aead) { /* XXX For many AEAD ciphers, the plaintext is shorter than the * ciphertext by a fixed byte count, but it is not true in general. @@ -11960,8 +11971,8 @@ ssl3_UnprotectRecord(sslSocket *ss, cText->buf->len - cipher_def->explicit_nonce_size - cipher_def->tag_size; rv = ssl3_BuildRecordPseudoHeader( - spec->epoch, IS_DTLS(ss) ? cText->seq_num : spec->seqNum, - rType, isTLS, cText->version, IS_DTLS(ss), decryptedLen, &header); + spec->epoch, cText->seqNum, + rType, isTLS, rVersion, IS_DTLS(ss), decryptedLen, &header); PORT_Assert(rv == SECSuccess); rv = spec->aead(&spec->keyMaterial, PR_TRUE, /* do decrypt */ @@ -12008,8 +12019,8 @@ ssl3_UnprotectRecord(sslSocket *ss, /* compute the MAC */ rv = ssl3_BuildRecordPseudoHeader( - spec->epoch, IS_DTLS(ss) ? cText->seq_num : spec->seqNum, - rType, isTLS, cText->version, IS_DTLS(ss), + spec->epoch, cText->seqNum, + rType, isTLS, rVersion, IS_DTLS(ss), plaintext->len - spec->macDef->mac_size, &header); PORT_Assert(rv == SECSuccess); if (cipher_def->type == type_block) { @@ -12059,13 +12070,19 @@ ssl3_UnprotectRecord(sslSocket *ss, return SECSuccess; } -static SECStatus +SECStatus ssl3_HandleNonApplicationData(sslSocket *ss, SSL3ContentType rType, DTLSEpoch epoch, sslSequenceNumber seqNum, sslBuffer *databuf) { SECStatus rv; + /* check for Token Presence */ + if (!ssl3_ClientAuthTokenPresent(ss->sec.ci.sid)) { + PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL); + return SECFailure; + } + ssl_GetSSL3HandshakeLock(ss); /* All the functions called in this switch MUST set error code if @@ -12111,15 +12128,16 @@ ssl3_HandleNonApplicationData(sslSocket *ss, SSL3ContentType rType, * Returns NULL if no appropriate cipher spec is found. */ static ssl3CipherSpec * -ssl3_GetCipherSpec(sslSocket *ss, sslSequenceNumber seq) +ssl3_GetCipherSpec(sslSocket *ss, SSL3Ciphertext *cText) { ssl3CipherSpec *crSpec = ss->ssl3.crSpec; ssl3CipherSpec *newSpec = NULL; - DTLSEpoch epoch = seq >> 48; + DTLSEpoch epoch; if (!IS_DTLS(ss)) { return crSpec; } + epoch = dtls_ReadEpoch(crSpec, cText->hdr); if (crSpec->epoch == epoch) { return crSpec; } @@ -12136,6 +12154,11 @@ ssl3_GetCipherSpec(sslSocket *ss, sslSequenceNumber seq) return NULL; } +/* MAX_EXPANSION is the amount by which a record might plausibly be expanded + * when protected. It's the worst case estimate, so the sum of block cipher + * padding (up to 256 octets) and HMAC (48 octets for SHA-384). */ +#define MAX_EXPANSION (256 + 48) + /* if cText is non-null, then decipher and check the MAC of the * SSL record from cText->buf (typically gs->inbuf) * into databuf (typically gs->buf), and any previous contents of databuf @@ -12159,16 +12182,16 @@ ssl3_GetCipherSpec(sslSocket *ss, sslSequenceNumber seq) * Application Data records. */ SECStatus -ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText, sslBuffer *databuf) +ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText) { SECStatus rv; PRBool isTLS; DTLSEpoch epoch; - sslSequenceNumber seqNum = 0; ssl3CipherSpec *spec = NULL; + PRUint16 recordSizeLimit; PRBool outOfOrderSpec = PR_FALSE; SSL3ContentType rType; - sslBuffer *plaintext; + sslBuffer *plaintext = &ss->gs.buf; SSL3AlertDescription alert = internal_error; PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss)); @@ -12178,27 +12201,23 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText, sslBuffer *databuf) return SECFailure; } - /* cText is NULL when we're called from ssl3_RestartHandshakeAfterXXX(). - * This implies that databuf holds a previously deciphered SSL Handshake - * message. - */ - if (cText == NULL) { - SSL_DBG(("%d: SSL3[%d]: HandleRecord, resuming handshake", - SSL_GETPID(), ss->fd)); - /* Note that this doesn't pass the epoch and sequence number of the - * record through, which DTLS 1.3 depends on. DTLS doesn't support - * asynchronous certificate validation, so that should be OK. */ - PORT_Assert(!IS_DTLS(ss)); - return ssl3_HandleNonApplicationData(ss, content_handshake, - 0, 0, databuf); + /* Clear out the buffer in case this exits early. Any data then won't be + * processed twice. */ + plaintext->len = 0; + + /* We're waiting for another ClientHello, which will appear unencrypted. + * Use the content type to tell whether this should be discarded. */ + if (ss->ssl3.hs.zeroRttIgnore == ssl_0rtt_ignore_hrr && + cText->hdr[0] == content_application_data) { + PORT_Assert(ss->ssl3.hs.ws == wait_client_hello); + return SECSuccess; } ssl_GetSpecReadLock(ss); /******************************************/ - spec = ssl3_GetCipherSpec(ss, cText->seq_num); + spec = ssl3_GetCipherSpec(ss, cText); if (!spec) { PORT_Assert(IS_DTLS(ss)); ssl_ReleaseSpecReadLock(ss); /*****************************/ - databuf->len = 0; /* Needed to ensure data not left around */ return SECSuccess; } if (spec != ss->ssl3.crSpec) { @@ -12209,66 +12228,68 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText, sslBuffer *databuf) } isTLS = (PRBool)(spec->version > SSL_LIBRARY_VERSION_3_0); if (IS_DTLS(ss)) { - if (!dtls_IsRelevant(ss, spec, cText, &seqNum)) { + if (!dtls_IsRelevant(ss, spec, cText, &cText->seqNum)) { ssl_ReleaseSpecReadLock(ss); /*****************************/ - databuf->len = 0; /* Needed to ensure data not left around */ - return SECSuccess; } } else { - seqNum = spec->seqNum + 1; + cText->seqNum = spec->nextSeqNum; } - if (seqNum >= spec->cipherDef->max_records) { + if (cText->seqNum >= spec->cipherDef->max_records) { ssl_ReleaseSpecReadLock(ss); /*****************************/ SSL_TRC(3, ("%d: SSL[%d]: read sequence number at limit 0x%0llx", - SSL_GETPID(), ss->fd, seqNum)); + SSL_GETPID(), ss->fd, cText->seqNum)); PORT_SetError(SSL_ERROR_TOO_MANY_RECORDS); return SECFailure; } - plaintext = databuf; - plaintext->len = 0; /* filled in by Unprotect call below. */ - - /* We're waiting for another ClientHello, which will appear unencrypted. - * Use the content type to tell whether this is should be discarded. - * - * XXX If we decide to remove the content type from encrypted records, this - * will become much more difficult to manage. */ - if (ss->ssl3.hs.zeroRttIgnore == ssl_0rtt_ignore_hrr && - cText->type == content_application_data) { + recordSizeLimit = spec->recordSizeLimit; + if (cText->buf->len > recordSizeLimit + MAX_EXPANSION) { ssl_ReleaseSpecReadLock(ss); /*****************************/ - PORT_Assert(ss->ssl3.hs.ws == wait_client_hello); - databuf->len = 0; - return SECSuccess; + SSL3_SendAlert(ss, alert_fatal, record_overflow); + PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG); + return SECFailure; } - if (plaintext->space < MAX_FRAGMENT_LENGTH) { - rv = sslBuffer_Grow(plaintext, MAX_FRAGMENT_LENGTH + 2048); + if (plaintext->space < recordSizeLimit + MAX_EXPANSION) { + rv = sslBuffer_Grow(plaintext, recordSizeLimit + MAX_EXPANSION); if (rv != SECSuccess) { ssl_ReleaseSpecReadLock(ss); /*************************/ SSL_DBG(("%d: SSL3[%d]: HandleRecord, tried to get %d bytes", - SSL_GETPID(), ss->fd, MAX_FRAGMENT_LENGTH + 2048)); + SSL_GETPID(), ss->fd, recordSizeLimit + MAX_EXPANSION)); /* sslBuffer_Grow has set a memory error code. */ /* Perhaps we should send an alert. (but we have no memory!) */ return SECFailure; } } + /* Most record types aside from protected TLS 1.3 records carry the content + * type in the first octet. TLS 1.3 will override this value later. */ + rType = cText->hdr[0]; + /* Encrypted application data records could arrive before the handshake + * completes in DTLS 1.3. These can look like valid TLS 1.2 application_data + * records in epoch 0, which is never valid. Pretend they didn't decrypt. */ + if (spec->epoch == 0 && rType == content_application_data) { + PORT_SetError(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA); + alert = unexpected_message; + rv = SECFailure; + } else { #ifdef UNSAFE_FUZZER_MODE - rv = Null_Cipher(NULL, plaintext->buf, (int *)&plaintext->len, - plaintext->space, cText->buf->buf, cText->buf->len); + rv = Null_Cipher(NULL, plaintext->buf, (int *)&plaintext->len, + plaintext->space, cText->buf->buf, cText->buf->len); #else - /* IMPORTANT: Unprotect functions MUST NOT send alerts - * because we still hold the spec read lock. Instead, if they - * return SECFailure, they set *alert to the alert to be sent. */ - if (spec->version < SSL_LIBRARY_VERSION_TLS_1_3 || - spec->cipherDef->calg == ssl_calg_null) { - /* Unencrypted TLS 1.3 records use the pre-TLS 1.3 format. */ - rv = ssl3_UnprotectRecord(ss, spec, cText, plaintext, &alert); - } else { - rv = tls13_UnprotectRecord(ss, spec, cText, plaintext, &alert); - } + /* IMPORTANT: Unprotect functions MUST NOT send alerts + * because we still hold the spec read lock. Instead, if they + * return SECFailure, they set *alert to the alert to be sent. */ + if (spec->version < SSL_LIBRARY_VERSION_TLS_1_3 || + spec->epoch == 0) { + rv = ssl3_UnprotectRecord(ss, spec, cText, plaintext, &alert); + } else { + rv = tls13_UnprotectRecord(ss, spec, cText, plaintext, &rType, + &alert); + } #endif + } if (rv != SECSuccess) { ssl_ReleaseSpecReadLock(ss); /***************************/ @@ -12276,39 +12297,45 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText, sslBuffer *databuf) SSL_DBG(("%d: SSL3[%d]: decryption failed", SSL_GETPID(), ss->fd)); /* Ensure that we don't process this data again. */ - databuf->len = 0; + plaintext->len = 0; - /* Ignore a CCS if the alternative handshake is negotiated. Note that - * this will fail if the server fails to negotiate the alternative - * handshake type in a 0-RTT session that is resumed from a session that - * did negotiate it. We don't care about that corner case right now. */ + /* Ignore a CCS if compatibility mode is negotiated. Note that this + * will fail if the server fails to negotiate compatibility mode in a + * 0-RTT session that is resumed from a session that did negotiate it. + * We don't care about that corner case right now. */ if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 && - cText->type == content_change_cipher_spec && + cText->hdr[0] == content_change_cipher_spec && ss->ssl3.hs.ws != idle_handshake && cText->buf->len == 1 && cText->buf->buf[0] == change_cipher_spec_choice) { /* Ignore the CCS. */ return SECSuccess; } + if (IS_DTLS(ss) || (ss->sec.isServer && ss->ssl3.hs.zeroRttIgnore == ssl_0rtt_ignore_trial)) { - /* Silently drop the packet */ + /* Silently drop the packet unless we sent a fatal alert. */ + if (ss->ssl3.fatalAlertSent) { + return SECFailure; + } return SECSuccess; - } else { - int errCode = PORT_GetError(); - SSL3_SendAlert(ss, alert_fatal, alert); - /* Reset the error code in case SSL3_SendAlert called - * PORT_SetError(). */ - PORT_SetError(errCode); - return SECFailure; } + + int errCode = PORT_GetError(); + SSL3_SendAlert(ss, alert_fatal, alert); + /* Reset the error code in case SSL3_SendAlert called + * PORT_SetError(). */ + PORT_SetError(errCode); + return SECFailure; } /* SECSuccess */ - spec->seqNum = PR_MAX(spec->seqNum, seqNum); if (IS_DTLS(ss)) { - dtls_RecordSetRecvd(&spec->recvdRecords, seqNum); + dtls_RecordSetRecvd(&spec->recvdRecords, cText->seqNum); + spec->nextSeqNum = PR_MAX(spec->nextSeqNum, cText->seqNum + 1); + } else { + ++spec->nextSeqNum; } epoch = spec->epoch; @@ -12317,19 +12344,18 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText, sslBuffer *databuf) /* * The decrypted data is now in plaintext. */ - rType = cText->type; /* This must go after decryption because TLS 1.3 - * has encrypted content types. */ /* IMPORTANT: We are in DTLS 1.3 mode and we have processed something * from the wrong epoch. Divert to a divert processing function to make * sure we don't accidentally use the data unsafely. */ if (outOfOrderSpec) { PORT_Assert(IS_DTLS(ss) && ss->version >= SSL_LIBRARY_VERSION_TLS_1_3); - return dtls13_HandleOutOfEpochRecord(ss, spec, rType, databuf); + return dtls13_HandleOutOfEpochRecord(ss, spec, rType, plaintext); } /* Check the length of the plaintext. */ - if (isTLS && databuf->len > MAX_FRAGMENT_LENGTH) { + if (isTLS && plaintext->len > recordSizeLimit) { + plaintext->len = 0; SSL3_SendAlert(ss, alert_fatal, record_overflow); PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG); return SECFailure; @@ -12344,14 +12370,16 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText, sslBuffer *databuf) if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 && ss->sec.isServer && ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted) { - return tls13_HandleEarlyApplicationData(ss, databuf); + return tls13_HandleEarlyApplicationData(ss, plaintext); } + plaintext->len = 0; (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message); PORT_SetError(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA); return SECFailure; } - return ssl3_HandleNonApplicationData(ss, rType, epoch, seqNum, databuf); + return ssl3_HandleNonApplicationData(ss, rType, epoch, cText->seqNum, + plaintext); } /* diff --git a/security/nss/lib/ssl/ssl3ecc.c b/security/nss/lib/ssl/ssl3ecc.c index 913a14f637..f8b9a94000 100644 --- a/security/nss/lib/ssl/ssl3ecc.c +++ b/security/nss/lib/ssl/ssl3ecc.c @@ -548,12 +548,14 @@ ssl3_HandleECDHServerKeyExchange(sslSocket *ss, PRUint8 *b, PRUint32 length) if (ss->ssl3.prSpec->version == SSL_LIBRARY_VERSION_TLS_1_2) { rv = ssl_ConsumeSignatureScheme(ss, &b, &length, &sigScheme); if (rv != SECSuccess) { - goto loser; /* malformed or unsupported. */ + errCode = PORT_GetError(); + goto alert_loser; /* malformed or unsupported. */ } rv = ssl_CheckSignatureSchemeConsistency(ss, sigScheme, ss->sec.peerCert); if (rv != SECSuccess) { - goto loser; + errCode = PORT_GetError(); + goto alert_loser; } hashAlg = ssl_SignatureSchemeToHashType(sigScheme); } else { diff --git a/security/nss/lib/ssl/ssl3ext.c b/security/nss/lib/ssl/ssl3ext.c index 5a50779989..9b6c719f88 100644 --- a/security/nss/lib/ssl/ssl3ext.c +++ b/security/nss/lib/ssl/ssl3ext.c @@ -39,7 +39,6 @@ static const ssl3ExtensionHandler clientHelloHandlers[] = { { ssl_ec_point_formats_xtn, &ssl3_HandleSupportedPointFormatsXtn }, { ssl_session_ticket_xtn, &ssl3_ServerHandleSessionTicketXtn }, { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, - { ssl_next_proto_nego_xtn, &ssl3_ServerHandleNextProtoNegoXtn }, { ssl_app_layer_protocol_xtn, &ssl3_ServerHandleAppProtoXtn }, { ssl_use_srtp_xtn, &ssl3_ServerHandleUseSRTPXtn }, { ssl_cert_status_xtn, &ssl3_ServerHandleStatusRequestXtn }, @@ -51,6 +50,7 @@ static const ssl3ExtensionHandler clientHelloHandlers[] = { { ssl_tls13_early_data_xtn, &tls13_ServerHandleEarlyDataXtn }, { ssl_tls13_psk_key_exchange_modes_xtn, &tls13_ServerHandlePskModesXtn }, { ssl_tls13_cookie_xtn, &tls13_ServerHandleCookieXtn }, + { ssl_record_size_limit_xtn, &ssl_HandleRecordSizeLimitXtn }, { 0, NULL } }; @@ -61,7 +61,6 @@ static const ssl3ExtensionHandler serverHelloHandlersTLS[] = { /* TODO: add a handler for ssl_ec_point_formats_xtn */ { ssl_session_ticket_xtn, &ssl3_ClientHandleSessionTicketXtn }, { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, - { ssl_next_proto_nego_xtn, &ssl3_ClientHandleNextProtoNegoXtn }, { ssl_app_layer_protocol_xtn, &ssl3_ClientHandleAppProtoXtn }, { ssl_use_srtp_xtn, &ssl3_ClientHandleUseSRTPXtn }, { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn }, @@ -70,6 +69,7 @@ static const ssl3ExtensionHandler serverHelloHandlersTLS[] = { { ssl_tls13_key_share_xtn, &tls13_ClientHandleKeyShareXtn }, { ssl_tls13_pre_shared_key_xtn, &tls13_ClientHandlePreSharedKeyXtn }, { ssl_tls13_early_data_xtn, &tls13_ClientHandleEarlyDataXtn }, + { ssl_record_size_limit_xtn, &ssl_HandleRecordSizeLimitXtn }, { 0, NULL } }; @@ -122,7 +122,6 @@ static const sslExtensionBuilder clientHelloSendersTLS[] = { ssl_supported_groups_xtn, &ssl_SendSupportedGroupsXtn }, { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn }, { ssl_session_ticket_xtn, &ssl3_ClientSendSessionTicketXtn }, - { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn }, { ssl_app_layer_protocol_xtn, &ssl3_ClientSendAppProtoXtn }, { ssl_use_srtp_xtn, &ssl3_ClientSendUseSRTPXtn }, { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, @@ -137,6 +136,7 @@ static const sslExtensionBuilder clientHelloSendersTLS[] = { ssl_signature_algorithms_xtn, &ssl3_SendSigAlgsXtn }, { ssl_tls13_cookie_xtn, &tls13_ClientSendHrrCookieXtn }, { ssl_tls13_psk_key_exchange_modes_xtn, &tls13_ClientSendPskModesXtn }, + { ssl_record_size_limit_xtn, &ssl_SendRecordSizeLimitXtn }, /* The pre_shared_key extension MUST be last. */ { ssl_tls13_pre_shared_key_xtn, &tls13_ClientSendPreSharedKeyXtn }, { 0, NULL } @@ -183,7 +183,6 @@ static const struct { { ssl_tls13_psk_key_exchange_modes_xtn, ssl_ext_native_only }, { ssl_tls13_ticket_early_data_info_xtn, ssl_ext_native_only }, { ssl_tls13_certificate_authorities_xtn, ssl_ext_native }, - { ssl_next_proto_nego_xtn, ssl_ext_none }, { ssl_renegotiation_info_xtn, ssl_ext_native } }; @@ -681,7 +680,11 @@ ssl_CallCustomExtensionSenders(sslSocket *ss, sslBuffer *buf, } } - sslBuffer_Append(buf, tail.buf, tail.len); + rv = sslBuffer_Append(buf, tail.buf, tail.len); + if (rv != SECSuccess) { + goto loser; /* Code already set. */ + } + sslBuffer_Clear(&tail); return SECSuccess; diff --git a/security/nss/lib/ssl/ssl3ext.h b/security/nss/lib/ssl/ssl3ext.h index d0f75a599a..6d77c7459e 100644 --- a/security/nss/lib/ssl/ssl3ext.h +++ b/security/nss/lib/ssl/ssl3ext.h @@ -98,6 +98,9 @@ struct TLSExtensionDataStr { /* The application token contains a value that was passed to the client via * a session ticket, or the cookie in a HelloRetryRequest. */ SECItem applicationToken; + + /* The record size limit set by the peer. Our value is kept in ss->opt. */ + PRUint16 recordSizeLimit; }; typedef struct TLSExtensionStr { diff --git a/security/nss/lib/ssl/ssl3exthandle.c b/security/nss/lib/ssl/ssl3exthandle.c index e6388945e1..d1f286dc3c 100644 --- a/security/nss/lib/ssl/ssl3exthandle.c +++ b/security/nss/lib/ssl/ssl3exthandle.c @@ -242,33 +242,11 @@ ssl_AlpnTagAllowed(const sslSocket *ss, const SECItem *tag) return PR_FALSE; } -/* handle an incoming Next Protocol Negotiation extension. */ -SECStatus -ssl3_ServerHandleNextProtoNegoXtn(const sslSocket *ss, TLSExtensionData *xtnData, - SECItem *data) -{ - PORT_Assert(ss->version < SSL_LIBRARY_VERSION_TLS_1_3); - - if (ss->firstHsDone || data->len != 0) { - /* Clients MUST send an empty NPN extension, if any. */ - PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID); - return SECFailure; - } - - xtnData->negotiated[xtnData->numNegotiated++] = ssl_next_proto_nego_xtn; - - /* TODO: server side NPN support would require calling - * ssl3_RegisterServerHelloExtensionSender here in order to echo the - * extension back to the client. */ - - return SECSuccess; -} - -/* ssl3_ValidateNextProtoNego checks that the given block of data is valid: none +/* ssl3_ValidateAppProtocol checks that the given block of data is valid: none * of the lengths may be 0 and the sum of the lengths must equal the length of * the block. */ SECStatus -ssl3_ValidateNextProtoNego(const unsigned char *data, unsigned int length) +ssl3_ValidateAppProtocol(const unsigned char *data, unsigned int length) { unsigned int offset = 0; @@ -286,7 +264,7 @@ ssl3_ValidateNextProtoNego(const unsigned char *data, unsigned int length) return SECSuccess; } -/* protocol selection handler for ALPN (server side) and NPN (client side) */ +/* Protocol selection handler for ALPN. */ static SECStatus ssl3_SelectAppProtocol(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 extension, SECItem *data) @@ -295,7 +273,7 @@ ssl3_SelectAppProtocol(const sslSocket *ss, TLSExtensionData *xtnData, unsigned char resultBuffer[255]; SECItem result = { siBuffer, resultBuffer, 0 }; - rv = ssl3_ValidateNextProtoNego(data->data, data->len); + rv = ssl3_ValidateAppProtocol(data->data, data->len); if (rv != SECSuccess) { ssl3_ExtSendAlert(ss, alert_fatal, decode_error); PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID); @@ -303,11 +281,13 @@ ssl3_SelectAppProtocol(const sslSocket *ss, TLSExtensionData *xtnData, } PORT_Assert(ss->nextProtoCallback); - /* For ALPN, the cipher suite isn't selected yet. Note that extensions + /* The cipher suite isn't selected yet. Note that extensions * sometimes affect what cipher suite is selected, e.g., for ECC. */ PORT_Assert((ss->ssl3.hs.preliminaryInfo & ssl_preinfo_all & ~ssl_preinfo_cipher_suite) == (ssl_preinfo_all & ~ssl_preinfo_cipher_suite)); + /* The callback has to make sure that either rv != SECSuccess or that result + * is not set if there is no common protocol. */ rv = ss->nextProtoCallback(ss->nextProtoArg, ss->fd, data->data, data->len, result.data, &result.len, sizeof(resultBuffer)); if (rv != SECSuccess) { @@ -320,21 +300,20 @@ ssl3_SelectAppProtocol(const sslSocket *ss, TLSExtensionData *xtnData, * stack. */ if (result.len > sizeof(resultBuffer)) { PORT_SetError(SEC_ERROR_OUTPUT_LEN); - /* TODO: crash */ + PORT_Assert(PR_FALSE); return SECFailure; } SECITEM_FreeItem(&xtnData->nextProto, PR_FALSE); - if (extension == ssl_app_layer_protocol_xtn && - xtnData->nextProtoState != SSL_NEXT_PROTO_NEGOTIATED) { - /* The callback might say OK, but then it picks a default value - one - * that was not listed. That's OK for NPN, but not ALPN. */ + if (result.len < 1 || !result.data) { + /* Check that we actually got a result. */ ssl3_ExtSendAlert(ss, alert_fatal, no_application_protocol); PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_NO_PROTOCOL); return SECFailure; } + xtnData->nextProtoState = SSL_NEXT_PROTO_NEGOTIATED; xtnData->negotiated[xtnData->numNegotiated++] = extension; return SECITEM_CopyItem(NULL, &xtnData->nextProto, &result); } @@ -356,7 +335,7 @@ ssl3_ServerHandleAppProtoXtn(const sslSocket *ss, TLSExtensionData *xtnData, return SECFailure; } - /* Unlike NPN, ALPN has extra redundant length information so that + /* ALPN has extra redundant length information so that * the extension is the same in both ClientHello and ServerHello. */ rv = ssl3_ExtConsumeHandshakeNumber(ss, &count, 2, &data->data, &data->len); if (rv != SECSuccess || count != data->len) { @@ -389,39 +368,6 @@ ssl3_ServerHandleAppProtoXtn(const sslSocket *ss, TLSExtensionData *xtnData, } SECStatus -ssl3_ClientHandleNextProtoNegoXtn(const sslSocket *ss, TLSExtensionData *xtnData, - SECItem *data) -{ - PORT_Assert(ss->version < SSL_LIBRARY_VERSION_TLS_1_3); - PORT_Assert(!ss->firstHsDone); - - if (ssl3_ExtensionNegotiated(ss, ssl_app_layer_protocol_xtn)) { - /* If the server negotiated ALPN then it has already told us what - * protocol to use, so it doesn't make sense for us to try to negotiate - * a different one by sending the NPN handshake message. However, if - * we've negotiated NPN then we're required to send the NPN handshake - * message. Thus, these two extensions cannot both be negotiated on the - * same connection. */ - ssl3_ExtSendAlert(ss, alert_fatal, illegal_parameter); - PORT_SetError(SSL_ERROR_BAD_SERVER); - return SECFailure; - } - - /* We should only get this call if we sent the extension, so - * ss->nextProtoCallback needs to be non-NULL. However, it is possible - * that an application erroneously cleared the callback between the time - * we sent the ClientHello and now. */ - if (!ss->nextProtoCallback) { - PORT_Assert(0); - ssl3_ExtSendAlert(ss, alert_fatal, internal_error); - PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_NO_CALLBACK); - return SECFailure; - } - - return ssl3_SelectAppProtocol(ss, xtnData, ssl_next_proto_nego_xtn, data); -} - -SECStatus ssl3_ClientHandleAppProtoXtn(const sslSocket *ss, TLSExtensionData *xtnData, SECItem *data) { @@ -475,19 +421,6 @@ ssl3_ClientHandleAppProtoXtn(const sslSocket *ss, TLSExtensionData *xtnData, } SECStatus -ssl3_ClientSendNextProtoNegoXtn(const sslSocket *ss, TLSExtensionData *xtnData, - sslBuffer *buf, PRBool *added) -{ - /* Renegotiations do not send this extension. */ - if (!ss->opt.enableNPN || !ss->nextProtoCallback || ss->firstHsDone) { - return SECSuccess; - } - - *added = PR_TRUE; - return SECSuccess; -} - -SECStatus ssl3_ClientSendAppProtoXtn(const sslSocket *ss, TLSExtensionData *xtnData, sslBuffer *buf, PRBool *added) { @@ -499,35 +432,15 @@ ssl3_ClientSendAppProtoXtn(const sslSocket *ss, TLSExtensionData *xtnData, return SECSuccess; } - /* NPN requires that the client's fallback protocol is first in the - * list. However, ALPN sends protocols in preference order. So move the - * first protocol to the end of the list. */ - if (len > 0) { /* Each protocol string is prefixed with a single byte length. */ - unsigned int i; - rv = sslBuffer_AppendNumber(buf, len, 2); if (rv != SECSuccess) { return SECFailure; } - - i = ss->opt.nextProtoNego.data[0] + 1; - if (i <= len) { - rv = sslBuffer_Append(buf, &ss->opt.nextProtoNego.data[i], len - i); - if (rv != SECSuccess) { - return SECFailure; - } - rv = sslBuffer_Append(buf, ss->opt.nextProtoNego.data, i); - if (rv != SECSuccess) { - return SECFailure; - } - } else { - /* This seems to be invalid data so we'll send as-is. */ - rv = sslBuffer_Append(buf, ss->opt.nextProtoNego.data, len); - if (rv != SECSuccess) { - return SECFailure; - } + rv = sslBuffer_Append(buf, ss->opt.nextProtoNego.data, len); + if (rv != SECSuccess) { + return SECFailure; } } @@ -1955,3 +1868,67 @@ ssl_HandleSupportedGroupsXtn(const sslSocket *ss, TLSExtensionData *xtnData, return SECSuccess; } + +SECStatus +ssl_HandleRecordSizeLimitXtn(const sslSocket *ss, TLSExtensionData *xtnData, + SECItem *data) +{ + SECStatus rv; + PRUint32 limit; + PRUint32 maxLimit = (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) + ? (MAX_FRAGMENT_LENGTH + 1) + : MAX_FRAGMENT_LENGTH; + + rv = ssl3_ExtConsumeHandshakeNumber(ss, &limit, 2, &data->data, &data->len); + if (rv != SECSuccess) { + return SECFailure; + } + if (data->len != 0 || limit < 64) { + ssl3_ExtSendAlert(ss, alert_fatal, illegal_parameter); + PORT_SetError(SSL_ERROR_RX_MALFORMED_HANDSHAKE); + return SECFailure; + } + + if (ss->sec.isServer) { + rv = ssl3_RegisterExtensionSender(ss, xtnData, ssl_record_size_limit_xtn, + &ssl_SendRecordSizeLimitXtn); + if (rv != SECSuccess) { + return SECFailure; /* error already set. */ + } + } else if (limit > maxLimit) { + /* The client can sensibly check the maximum. */ + ssl3_ExtSendAlert(ss, alert_fatal, illegal_parameter); + PORT_SetError(SSL_ERROR_RX_MALFORMED_HANDSHAKE); + return SECFailure; + } + + /* We can't enforce the maximum on a server. But we do need to ensure + * that we don't apply a limit that is too large. */ + xtnData->recordSizeLimit = PR_MIN(maxLimit, limit); + xtnData->negotiated[xtnData->numNegotiated++] = ssl_record_size_limit_xtn; + return SECSuccess; +} + +SECStatus +ssl_SendRecordSizeLimitXtn(const sslSocket *ss, TLSExtensionData *xtnData, + sslBuffer *buf, PRBool *added) +{ + PRUint32 maxLimit; + if (ss->sec.isServer) { + maxLimit = (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) + ? (MAX_FRAGMENT_LENGTH + 1) + : MAX_FRAGMENT_LENGTH; + } else { + maxLimit = (ss->vrange.max >= SSL_LIBRARY_VERSION_TLS_1_3) + ? (MAX_FRAGMENT_LENGTH + 1) + : MAX_FRAGMENT_LENGTH; + } + PRUint32 limit = PR_MIN(ss->opt.recordSizeLimit, maxLimit); + SECStatus rv = sslBuffer_AppendNumber(buf, limit, 2); + if (rv != SECSuccess) { + return SECFailure; + } + + *added = PR_TRUE; + return SECSuccess; +} diff --git a/security/nss/lib/ssl/ssl3exthandle.h b/security/nss/lib/ssl/ssl3exthandle.h index b84bd074c0..eaf7f0081c 100644 --- a/security/nss/lib/ssl/ssl3exthandle.h +++ b/security/nss/lib/ssl/ssl3exthandle.h @@ -119,4 +119,11 @@ SECStatus ssl_SendSupportedGroupsXtn(const sslSocket *ss, SECStatus ssl3_SendSupportedPointFormatsXtn(const sslSocket *ss, TLSExtensionData *xtnData, sslBuffer *buf, PRBool *added); +SECStatus ssl_HandleRecordSizeLimitXtn(const sslSocket *ss, + TLSExtensionData *xtnData, + SECItem *data); +SECStatus ssl_SendRecordSizeLimitXtn(const sslSocket *ss, + TLSExtensionData *xtnData, + sslBuffer *buf, PRBool *added); + #endif diff --git a/security/nss/lib/ssl/ssl3gthr.c b/security/nss/lib/ssl/ssl3gthr.c index 8b323bb054..5ea7cc249e 100644 --- a/security/nss/lib/ssl/ssl3gthr.c +++ b/security/nss/lib/ssl/ssl3gthr.c @@ -158,6 +158,7 @@ ssl3_GatherData(sslSocket *ss, sslGather *gs, int flags, ssl2Gather *ssl2gs) * the length of the following encrypted data, and then * read in the rest of the record into gs->inbuf. */ gs->remainder = (gs->hdr[3] << 8) | gs->hdr[4]; + gs->hdrLen = SSL3_RECORD_HEADER_LENGTH; } else { /* Probably an SSLv2 record header. No need to handle any * security escapes (gs->hdr[0] & 0x40) as we wouldn't get @@ -264,8 +265,9 @@ static int dtls_GatherData(sslSocket *ss, sslGather *gs, int flags) { int nb; - int err; - int rv = 1; + PRUint8 contentType; + unsigned int headerLen; + SECStatus rv; SSL_TRC(30, ("dtls_GatherData")); @@ -285,81 +287,97 @@ dtls_GatherData(sslSocket *ss, sslGather *gs, int flags) ** to 13 (the size of the record header). */ if (gs->dtlsPacket.space < MAX_FRAGMENT_LENGTH + 2048 + 13) { - err = sslBuffer_Grow(&gs->dtlsPacket, - MAX_FRAGMENT_LENGTH + 2048 + 13); - if (err) { /* realloc has set error code to no mem. */ - return err; + rv = sslBuffer_Grow(&gs->dtlsPacket, + MAX_FRAGMENT_LENGTH + 2048 + 13); + if (rv != SECSuccess) { + return -1; /* Code already set. */ } } /* recv() needs to read a full datagram at a time */ nb = ssl_DefRecv(ss, gs->dtlsPacket.buf, gs->dtlsPacket.space, flags); - if (nb > 0) { PRINT_BUF(60, (ss, "raw gather data:", gs->dtlsPacket.buf, nb)); } else if (nb == 0) { /* EOF */ SSL_TRC(30, ("%d: SSL3[%d]: EOF", SSL_GETPID(), ss->fd)); - rv = 0; - return rv; + return 0; } else /* if (nb < 0) */ { SSL_DBG(("%d: SSL3[%d]: recv error %d", SSL_GETPID(), ss->fd, PR_GetError())); - rv = SECFailure; - return rv; + return -1; } gs->dtlsPacket.len = nb; } + contentType = gs->dtlsPacket.buf[gs->dtlsPacketOffset]; + if (dtls_IsLongHeader(ss->version, contentType)) { + headerLen = 13; + } else if (contentType == content_application_data) { + headerLen = 7; + } else if ((contentType & 0xe0) == 0x20) { + headerLen = 2; + } else { + SSL_DBG(("%d: SSL3[%d]: invalid first octet (%d) for DTLS", + SSL_GETPID(), ss->fd, contentType)); + PORT_SetError(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE); + gs->dtlsPacketOffset = 0; + gs->dtlsPacket.len = 0; + return -1; + } + /* At this point we should have >=1 complete records lined up in * dtlsPacket. Read off the header. */ - if ((gs->dtlsPacket.len - gs->dtlsPacketOffset) < 13) { + if ((gs->dtlsPacket.len - gs->dtlsPacketOffset) < headerLen) { SSL_DBG(("%d: SSL3[%d]: rest of DTLS packet " "too short to contain header", SSL_GETPID(), ss->fd)); - PR_SetError(PR_WOULD_BLOCK_ERROR, 0); + PORT_SetError(PR_WOULD_BLOCK_ERROR); gs->dtlsPacketOffset = 0; gs->dtlsPacket.len = 0; - rv = SECFailure; - return rv; + return -1; } - memcpy(gs->hdr, gs->dtlsPacket.buf + gs->dtlsPacketOffset, 13); - gs->dtlsPacketOffset += 13; + memcpy(gs->hdr, SSL_BUFFER_BASE(&gs->dtlsPacket) + gs->dtlsPacketOffset, + headerLen); + gs->hdrLen = headerLen; + gs->dtlsPacketOffset += headerLen; /* Have received SSL3 record header in gs->hdr. */ - gs->remainder = (gs->hdr[11] << 8) | gs->hdr[12]; + if (headerLen == 13) { + gs->remainder = (gs->hdr[11] << 8) | gs->hdr[12]; + } else if (headerLen == 7) { + gs->remainder = (gs->hdr[5] << 8) | gs->hdr[6]; + } else { + PORT_Assert(headerLen == 2); + gs->remainder = gs->dtlsPacket.len - gs->dtlsPacketOffset; + } if ((gs->dtlsPacket.len - gs->dtlsPacketOffset) < gs->remainder) { SSL_DBG(("%d: SSL3[%d]: rest of DTLS packet too short " "to contain rest of body", SSL_GETPID(), ss->fd)); - PR_SetError(PR_WOULD_BLOCK_ERROR, 0); + PORT_SetError(PR_WOULD_BLOCK_ERROR); gs->dtlsPacketOffset = 0; gs->dtlsPacket.len = 0; - rv = SECFailure; - return rv; + return -1; } /* OK, we have at least one complete packet, copy into inbuf */ - if (gs->remainder > gs->inbuf.space) { - err = sslBuffer_Grow(&gs->inbuf, gs->remainder); - if (err) { /* realloc has set error code to no mem. */ - return err; - } + gs->inbuf.len = 0; + rv = sslBuffer_Append(&gs->inbuf, + SSL_BUFFER_BASE(&gs->dtlsPacket) + gs->dtlsPacketOffset, + gs->remainder); + if (rv != SECSuccess) { + return -1; /* code already set. */ } - - SSL_TRC(20, ("%d: SSL3[%d]: dtls gathered record type=%d len=%d", - SSL_GETPID(), ss->fd, gs->hdr[0], gs->inbuf.len)); - - memcpy(gs->inbuf.buf, gs->dtlsPacket.buf + gs->dtlsPacketOffset, - gs->remainder); - gs->inbuf.len = gs->remainder; gs->offset = gs->remainder; gs->dtlsPacketOffset += gs->remainder; gs->state = GS_INIT; + SSL_TRC(20, ("%d: SSL3[%d]: dtls gathered record type=%d len=%d", + SSL_GETPID(), ss->fd, contentType, gs->inbuf.len)); return 1; } @@ -442,7 +460,11 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags) * We need to process it now before we overwrite it with the next * handshake record. */ - rv = ssl3_HandleRecord(ss, NULL, &ss->gs.buf); + SSL_DBG(("%d: SSL3[%d]: resuming handshake", + SSL_GETPID(), ss->fd)); + PORT_Assert(!IS_DTLS(ss)); + rv = ssl3_HandleNonApplicationData(ss, content_handshake, + 0, 0, &ss->gs.buf); } else { /* State for SSLv2 client hello support. */ ssl2Gather ssl2gs = { PR_FALSE, 0 }; @@ -495,20 +517,14 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags) * If it's application data, ss->gs.buf will not be empty upon return. * If it's a change cipher spec, alert, or handshake message, * ss->gs.buf.len will be 0 when ssl3_HandleRecord returns SECSuccess. + * + * cText only needs to be valid for this next function call, so + * it can borrow gs.hdr. */ - cText.type = (SSL3ContentType)ss->gs.hdr[0]; - cText.version = (ss->gs.hdr[1] << 8) | ss->gs.hdr[2]; - - if (IS_DTLS(ss)) { - sslSequenceNumber seq_num; - - /* DTLS sequence number */ - PORT_Memcpy(&seq_num, &ss->gs.hdr[3], sizeof(seq_num)); - cText.seq_num = PR_ntohll(seq_num); - } - + cText.hdr = ss->gs.hdr; + cText.hdrLen = ss->gs.hdrLen; cText.buf = &ss->gs.inbuf; - rv = ssl3_HandleRecord(ss, &cText, &ss->gs.buf); + rv = ssl3_HandleRecord(ss, &cText); } } if (rv < 0) { @@ -520,7 +536,6 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags) * completing any renegotiation handshake we may be doing. */ PORT_Assert(ss->firstHsDone); - PORT_Assert(cText.type == content_application_data); break; } diff --git a/security/nss/lib/ssl/ssl3prot.h b/security/nss/lib/ssl/ssl3prot.h index d1f46db971..8e6cf27456 100644 --- a/security/nss/lib/ssl/ssl3prot.h +++ b/security/nss/lib/ssl/ssl3prot.h @@ -16,7 +16,7 @@ typedef PRUint16 SSL3ProtocolVersion; /* The TLS 1.3 draft version. Used to avoid negotiating * between incompatible pre-standard TLS 1.3 drafts. * TODO(ekr@rtfm.com): Remove when TLS 1.3 is published. */ -#define TLS_1_3_DRAFT_VERSION 23 +#define TLS_1_3_DRAFT_VERSION 28 typedef PRUint16 ssl3CipherSuite; /* The cipher suites are defined in sslproto.h */ diff --git a/security/nss/lib/ssl/sslcert.c b/security/nss/lib/ssl/sslcert.c index 6cd02e4025..1c3ddb0e75 100644 --- a/security/nss/lib/ssl/sslcert.c +++ b/security/nss/lib/ssl/sslcert.c @@ -256,7 +256,8 @@ ssl_PopulateKeyPair(sslServerCert *sc, sslKeyPair *keyPair) /* Get the size of the cert's public key, and remember it. */ sc->serverKeyBits = SECKEY_PublicKeyStrengthInBits(keyPair->pubKey); - if (sc->serverKeyBits == 0) { + if (sc->serverKeyBits == 0 || + (keyType == rsaKey && sc->serverKeyBits > SSL_MAX_RSA_KEY_BITS)) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } diff --git a/security/nss/lib/ssl/sslerr.h b/security/nss/lib/ssl/sslerr.h index b94d0cc62e..518a2b8875 100644 --- a/security/nss/lib/ssl/sslerr.h +++ b/security/nss/lib/ssl/sslerr.h @@ -262,6 +262,8 @@ typedef enum { SSL_ERROR_TOO_MANY_KEY_UPDATES = (SSL_ERROR_BASE + 171), SSL_ERROR_HANDSHAKE_FAILED = (SSL_ERROR_BASE + 172), SSL_ERROR_BAD_RESUMPTION_TOKEN_ERROR = (SSL_ERROR_BASE + 173), + SSL_ERROR_RX_MALFORMED_DTLS_ACK = (SSL_ERROR_BASE + 174), + SSL_ERROR_DH_KEY_TOO_LONG = (SSL_ERROR_BASE + 175), SSL_ERROR_END_OF_LIST /* let the c compiler determine the value of this. */ } SSLErrorCodes; #endif /* NO_SECURITY_ERROR_ENUM */ diff --git a/security/nss/lib/ssl/sslimpl.h b/security/nss/lib/ssl/sslimpl.h index 10d0333d9e..a2209e90a1 100644 --- a/security/nss/lib/ssl/sslimpl.h +++ b/security/nss/lib/ssl/sslimpl.h @@ -121,6 +121,10 @@ typedef enum { SSLAppOpRead = 0, /* default number of entries in namedGroupPreferences */ #define SSL_NAMED_GROUP_COUNT 31 +/* The maximum DH and RSA bit-length supported. */ +#define SSL_MAX_DH_KEY_BITS 8192 +#define SSL_MAX_RSA_KEY_BITS 8192 + /* Types and names of elliptic curves used in TLS */ typedef enum { ec_type_explicitPrime = 1, /* not supported */ @@ -232,6 +236,7 @@ typedef struct sslOptionsStr { /* If SSL_SetNextProtoNego has been called, then this contains the * list of supported protocols. */ SECItem nextProtoNego; + PRUint16 recordSizeLimit; PRUint32 maxEarlyDataSize; unsigned int useSecurity : 1; @@ -251,7 +256,6 @@ typedef struct sslOptionsStr { unsigned int enableFalseStart : 1; unsigned int cbcRandomIV : 1; unsigned int enableOCSPStapling : 1; - unsigned int enableNPN : 1; unsigned int enableALPN : 1; unsigned int reuseServerECDHEKey : 1; unsigned int enableFallbackSCSV : 1; @@ -261,6 +265,7 @@ typedef struct sslOptionsStr { unsigned int requireDHENamedGroups : 1; unsigned int enable0RttData : 1; unsigned int enableTls13CompatMode : 1; + unsigned int enableDtlsShortHeader : 1; } sslOptions; typedef enum { sslHandshakingUndetermined = 0, @@ -325,9 +330,11 @@ struct sslGatherStr { ** than into buf or inbuf, while in the GS_HEADER state. ** The portion of the SSL record header put here always comes off the wire ** as plaintext, never ciphertext. - ** For SSL3/TLS, the plaintext portion is 5 bytes long. For DTLS it is 13. + ** For SSL3/TLS, the plaintext portion is 5 bytes long. For DTLS it + ** varies based on version and header type. */ unsigned char hdr[13]; + unsigned int hdrLen; /* Buffer for DTLS data read off the wire as a single datagram */ sslBuffer dtlsPacket; @@ -440,7 +447,7 @@ struct sslSessionIDStr { */ SECItem signedCertTimestamps; - /* The NPN/ALPN value negotiated in the original connection. + /* The ALPN value negotiated in the original connection. * Used for TLS 1.3. */ SECItem alpnSelection; @@ -780,9 +787,13 @@ struct ssl3StateStr { #define IS_DTLS(ss) (ss->protocolVariant == ssl_variant_datagram) typedef struct { - SSL3ContentType type; - SSL3ProtocolVersion version; - sslSequenceNumber seq_num; /* DTLS only */ + /* |seqNum| eventually contains the reconstructed sequence number. */ + sslSequenceNumber seqNum; + /* The header of the cipherText. */ + const PRUint8 *hdr; + unsigned int hdrLen; + + /* |buf| is the payload of the ciphertext. */ sslBuffer *buf; } SSL3Ciphertext; @@ -805,7 +816,7 @@ struct ssl3DHParamsStr { }; typedef struct SSLWrappedSymWrappingKeyStr { - PRUint8 wrappedSymmetricWrappingkey[512]; + PRUint8 wrappedSymmetricWrappingkey[SSL_MAX_RSA_KEY_BITS / 8]; CK_MECHANISM_TYPE symWrapMechanism; /* unwrapped symmetric wrapping key uses this mechanism */ CK_MECHANISM_TYPE asymWrapMechanism; @@ -1375,8 +1386,11 @@ SECStatus ssl3_SendClientHello(sslSocket *ss, sslClientHelloType type); /* * input into the SSL3 machinery from the actualy network reading code */ -SECStatus ssl3_HandleRecord( - sslSocket *ss, SSL3Ciphertext *cipher, sslBuffer *out); +SECStatus ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cipher); +SECStatus ssl3_HandleNonApplicationData(sslSocket *ss, SSL3ContentType rType, + DTLSEpoch epoch, + sslSequenceNumber seqNum, + sslBuffer *databuf); SECStatus ssl_RemoveTLSCBCPadding(sslBuffer *plaintext, unsigned int macSize); int ssl3_GatherAppDataRecord(sslSocket *ss, int flags); @@ -1537,8 +1551,8 @@ SECStatus ssl_GetSelfEncryptKeys(sslSocket *ss, unsigned char *keyName, PK11SymKey **encKey, PK11SymKey **macKey); void ssl_ResetSelfEncryptKeys(); -extern SECStatus ssl3_ValidateNextProtoNego(const unsigned char *data, - unsigned int length); +extern SECStatus ssl3_ValidateAppProtocol(const unsigned char *data, + unsigned int length); /* Construct a new NSPR socket for the app to use */ extern PRFileDesc *ssl_NewPRSocket(sslSocket *ss, PRFileDesc *fd); @@ -1636,6 +1650,9 @@ SSLHashType ssl_SignatureSchemeToHashType(SSLSignatureScheme scheme); KeyType ssl_SignatureSchemeToKeyType(SSLSignatureScheme scheme); SECStatus ssl3_SetupCipherSuite(sslSocket *ss, PRBool initHashes); +SECStatus ssl_InsertRecordHeader(const sslSocket *ss, ssl3CipherSpec *cwSpec, + SSL3ContentType contentType, sslBuffer *wrBuf, + PRBool *needsLength); /* Pull in DTLS functions */ #include "dtlscon.h" diff --git a/security/nss/lib/ssl/sslsecur.c b/security/nss/lib/ssl/sslsecur.c index f09ec067ce..a1d3892145 100644 --- a/security/nss/lib/ssl/sslsecur.c +++ b/security/nss/lib/ssl/sslsecur.c @@ -791,7 +791,7 @@ tls13_CheckKeyUpdate(sslSocket *ss, CipherSpecDirection dir) spec = ss->ssl3.cwSpec; margin = spec->cipherDef->max_records / 4; } - seqNum = spec->seqNum; + seqNum = spec->nextSeqNum; keyUpdate = seqNum > spec->cipherDef->max_records - margin; ssl_ReleaseSpecReadLock(ss); if (!keyUpdate) { @@ -922,21 +922,30 @@ ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags) */ if (!ss->firstHsDone) { PRBool allowEarlySend = PR_FALSE; + PRBool firstClientWrite = PR_FALSE; ssl_Get1stHandshakeLock(ss); - if (ss->opt.enableFalseStart || - (ss->opt.enable0RttData && !ss->sec.isServer)) { + /* The client can sometimes send before the handshake is fully + * complete. In TLS 1.2: false start; in TLS 1.3: 0-RTT. */ + if (!ss->sec.isServer && + (ss->opt.enableFalseStart || ss->opt.enable0RttData)) { ssl_GetSSL3HandshakeLock(ss); - /* The client can sometimes send before the handshake is fully - * complete. In TLS 1.2: false start; in TLS 1.3: 0-RTT. */ zeroRtt = ss->ssl3.hs.zeroRttState == ssl_0rtt_sent || ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted; allowEarlySend = ss->ssl3.hs.canFalseStart || zeroRtt; + firstClientWrite = ss->ssl3.hs.ws == idle_handshake; ssl_ReleaseSSL3HandshakeLock(ss); } if (!allowEarlySend && ss->handshake) { rv = ssl_Do1stHandshake(ss); } + if (firstClientWrite) { + /* Wait until after sending ClientHello and double-check 0-RTT. */ + ssl_GetSSL3HandshakeLock(ss); + zeroRtt = ss->ssl3.hs.zeroRttState == ssl_0rtt_sent || + ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted; + ssl_ReleaseSSL3HandshakeLock(ss); + } ssl_Release1stHandshakeLock(ss); } diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c index e08d5e2326..33595ffae9 100644 --- a/security/nss/lib/ssl/sslsock.c +++ b/security/nss/lib/ssl/sslsock.c @@ -55,6 +55,7 @@ static const sslSocketOps ssl_secure_ops = { /* SSL. */ static sslOptions ssl_defaults = { .nextProtoNego = { siBuffer, NULL, 0 }, .maxEarlyDataSize = 1 << 16, + .recordSizeLimit = MAX_FRAGMENT_LENGTH + 1, .useSecurity = PR_TRUE, .useSocks = PR_FALSE, .requestCertificate = PR_FALSE, @@ -72,7 +73,6 @@ static sslOptions ssl_defaults = { .enableFalseStart = PR_FALSE, .cbcRandomIV = PR_TRUE, .enableOCSPStapling = PR_FALSE, - .enableNPN = PR_FALSE, .enableALPN = PR_TRUE, .reuseServerECDHEKey = PR_TRUE, .enableFallbackSCSV = PR_FALSE, @@ -81,7 +81,8 @@ static sslOptions ssl_defaults = { .enableSignedCertTimestamps = PR_FALSE, .requireDHENamedGroups = PR_FALSE, .enable0RttData = PR_FALSE, - .enableTls13CompatMode = PR_FALSE + .enableTls13CompatMode = PR_FALSE, + .enableDtlsShortHeader = PR_FALSE }; /* @@ -803,10 +804,23 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 which, PRIntn val) ss->opt.enable0RttData = val; break; + case SSL_RECORD_SIZE_LIMIT: + if (val < 64 || val > (MAX_FRAGMENT_LENGTH + 1)) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + rv = SECFailure; + } else { + ss->opt.recordSizeLimit = val; + } + break; + case SSL_ENABLE_TLS13_COMPAT_MODE: ss->opt.enableTls13CompatMode = val; break; + case SSL_ENABLE_DTLS_SHORT_HEADER: + ss->opt.enableDtlsShortHeader = val; + break; + default: PORT_SetError(SEC_ERROR_INVALID_ARGS); rv = SECFailure; @@ -914,7 +928,7 @@ SSL_OptionGet(PRFileDesc *fd, PRInt32 which, PRIntn *pVal) val = ss->opt.enableOCSPStapling; break; case SSL_ENABLE_NPN: - val = ss->opt.enableNPN; + val = PR_FALSE; break; case SSL_ENABLE_ALPN: val = ss->opt.enableALPN; @@ -940,9 +954,15 @@ SSL_OptionGet(PRFileDesc *fd, PRInt32 which, PRIntn *pVal) case SSL_ENABLE_0RTT_DATA: val = ss->opt.enable0RttData; break; + case SSL_RECORD_SIZE_LIMIT: + val = ss->opt.recordSizeLimit; + break; case SSL_ENABLE_TLS13_COMPAT_MODE: val = ss->opt.enableTls13CompatMode; break; + case SSL_ENABLE_DTLS_SHORT_HEADER: + val = ss->opt.enableDtlsShortHeader; + break; default: PORT_SetError(SEC_ERROR_INVALID_ARGS); rv = SECFailure; @@ -1037,7 +1057,7 @@ SSL_OptionGetDefault(PRInt32 which, PRIntn *pVal) val = ssl_defaults.enableOCSPStapling; break; case SSL_ENABLE_NPN: - val = ssl_defaults.enableNPN; + val = PR_FALSE; break; case SSL_ENABLE_ALPN: val = ssl_defaults.enableALPN; @@ -1060,9 +1080,15 @@ SSL_OptionGetDefault(PRInt32 which, PRIntn *pVal) case SSL_ENABLE_0RTT_DATA: val = ssl_defaults.enable0RttData; break; + case SSL_RECORD_SIZE_LIMIT: + val = ssl_defaults.recordSizeLimit; + break; case SSL_ENABLE_TLS13_COMPAT_MODE: val = ssl_defaults.enableTls13CompatMode; break; + case SSL_ENABLE_DTLS_SHORT_HEADER: + val = ssl_defaults.enableDtlsShortHeader; + break; default: PORT_SetError(SEC_ERROR_INVALID_ARGS); rv = SECFailure; @@ -1242,10 +1268,22 @@ SSL_OptionSetDefault(PRInt32 which, PRIntn val) ssl_defaults.enable0RttData = val; break; + case SSL_RECORD_SIZE_LIMIT: + if (val < 64 || val > (MAX_FRAGMENT_LENGTH + 1)) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + ssl_defaults.recordSizeLimit = val; + break; + case SSL_ENABLE_TLS13_COMPAT_MODE: ssl_defaults.enableTls13CompatMode = val; break; + case SSL_ENABLE_DTLS_SHORT_HEADER: + ssl_defaults.enableDtlsShortHeader = val; + break; + default: PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; @@ -1895,10 +1933,7 @@ DTLS_ImportFD(PRFileDesc *model, PRFileDesc *fd) } /* SSL_SetNextProtoCallback is used to select an application protocol - * for ALPN and NPN. For ALPN, this runs on the server; for NPN it - * runs on the client. */ -/* Note: The ALPN version doesn't allow for the use of a default, setting a - * status of SSL_NEXT_PROTO_NO_OVERLAP is treated as a failure. */ + * for ALPN. */ SECStatus SSL_SetNextProtoCallback(PRFileDesc *fd, SSLNextProtoCallback callback, void *arg) @@ -1919,7 +1954,7 @@ SSL_SetNextProtoCallback(PRFileDesc *fd, SSLNextProtoCallback callback, return SECSuccess; } -/* ssl_NextProtoNegoCallback is set as an ALPN/NPN callback when +/* ssl_NextProtoNegoCallback is set as an ALPN callback when * SSL_SetNextProtoNego is used. */ static SECStatus @@ -1929,7 +1964,6 @@ ssl_NextProtoNegoCallback(void *arg, PRFileDesc *fd, unsigned int protoMaxLen) { unsigned int i, j; - const unsigned char *result; sslSocket *ss = ssl_FindSocket(fd); if (!ss) { @@ -1937,37 +1971,29 @@ ssl_NextProtoNegoCallback(void *arg, PRFileDesc *fd, SSL_GETPID(), fd)); return SECFailure; } + PORT_Assert(protoMaxLen <= 255); + if (protoMaxLen > 255) { + PORT_SetError(SEC_ERROR_OUTPUT_LEN); + return SECFailure; + } - /* For each protocol in server preference, see if we support it. */ - for (i = 0; i < protos_len;) { - for (j = 0; j < ss->opt.nextProtoNego.len;) { + /* For each protocol in client preference, see if we support it. */ + for (j = 0; j < ss->opt.nextProtoNego.len;) { + for (i = 0; i < protos_len;) { if (protos[i] == ss->opt.nextProtoNego.data[j] && PORT_Memcmp(&protos[i + 1], &ss->opt.nextProtoNego.data[j + 1], protos[i]) == 0) { /* We found a match. */ - ss->xtnData.nextProtoState = SSL_NEXT_PROTO_NEGOTIATED; - result = &protos[i]; - goto found; + const unsigned char *result = &protos[i]; + memcpy(protoOut, result + 1, result[0]); + *protoOutLen = result[0]; + return SECSuccess; } - j += 1 + (unsigned int)ss->opt.nextProtoNego.data[j]; + i += 1 + (unsigned int)protos[i]; } - i += 1 + (unsigned int)protos[i]; + j += 1 + (unsigned int)ss->opt.nextProtoNego.data[j]; } - /* The other side supports the extension, and either doesn't have any - * protocols configured, or none of its options match ours. In this case we - * request our favoured protocol. */ - /* This will be treated as a failure for ALPN. */ - ss->xtnData.nextProtoState = SSL_NEXT_PROTO_NO_OVERLAP; - result = ss->opt.nextProtoNego.data; - -found: - if (protoMaxLen < result[0]) { - PORT_SetError(SEC_ERROR_OUTPUT_LEN); - return SECFailure; - } - memcpy(protoOut, result + 1, result[0]); - *protoOutLen = result[0]; return SECSuccess; } @@ -1976,8 +2002,6 @@ SSL_SetNextProtoNego(PRFileDesc *fd, const unsigned char *data, unsigned int length) { sslSocket *ss; - SECStatus rv; - SECItem dataItem = { siBuffer, (unsigned char *)data, length }; ss = ssl_FindSocket(fd); if (!ss) { @@ -1986,17 +2010,22 @@ SSL_SetNextProtoNego(PRFileDesc *fd, const unsigned char *data, return SECFailure; } - if (ssl3_ValidateNextProtoNego(data, length) != SECSuccess) + if (ssl3_ValidateAppProtocol(data, length) != SECSuccess) { return SECFailure; + } + /* NPN required that the client's fallback protocol is first in the + * list. However, ALPN sends protocols in preference order. So move the + * first protocol to the end of the list. */ ssl_GetSSL3HandshakeLock(ss); SECITEM_FreeItem(&ss->opt.nextProtoNego, PR_FALSE); - rv = SECITEM_CopyItem(NULL, &ss->opt.nextProtoNego, &dataItem); + SECITEM_AllocItem(NULL, &ss->opt.nextProtoNego, length); + size_t firstLen = data[0] + 1; + /* firstLen <= length is ensured by ssl3_ValidateAppProtocol. */ + PORT_Memcpy(ss->opt.nextProtoNego.data + (length - firstLen), data, firstLen); + PORT_Memcpy(ss->opt.nextProtoNego.data, data + firstLen, length - firstLen); ssl_ReleaseSSL3HandshakeLock(ss); - if (rv != SECSuccess) - return rv; - return SSL_SetNextProtoCallback(fd, ssl_NextProtoNegoCallback, NULL); } @@ -3034,26 +3063,27 @@ ssl_Poll(PRFileDesc *fd, PRInt16 how_flags, PRInt16 *p_out_flags) } else { /* handshaking as server */ new_flags |= PR_POLL_READ; } - } else + } else if (ss->lastWriteBlocked) { /* First handshake is in progress */ - if (ss->lastWriteBlocked) { if (new_flags & PR_POLL_READ) { /* The caller is waiting for data to be received, ** but the initial handshake is blocked on write, or the ** client's first handshake record has not been written. ** The code should select on write, not read. */ - new_flags ^= PR_POLL_READ; /* don't select on read. */ + new_flags &= ~PR_POLL_READ; /* don't select on read. */ new_flags |= PR_POLL_WRITE; /* do select on write. */ } } else if (new_flags & PR_POLL_WRITE) { /* The caller is trying to write, but the handshake is ** blocked waiting for data to read, and the first ** handshake has been sent. So do NOT to poll on write - ** unless we did false start. + ** unless we did false start or we are doing 0-RTT. */ - if (!ss->ssl3.hs.canFalseStart) { - new_flags ^= PR_POLL_WRITE; /* don't select on write. */ + if (!(ss->ssl3.hs.canFalseStart || + ss->ssl3.hs.zeroRttState == ssl_0rtt_sent || + ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted)) { + new_flags &= ~PR_POLL_WRITE; /* don't select on write. */ } new_flags |= PR_POLL_READ; /* do select on read. */ } @@ -3093,6 +3123,9 @@ ssl_Poll(PRFileDesc *fd, PRInt16 how_flags, PRInt16 *p_out_flags) } } + SSL_TRC(20, ("%d: SSL[%d]: ssl_Poll flags %x -> %x", + SSL_GETPID(), fd, how_flags, new_flags)); + if (new_flags && (fd->lower->methods->poll != NULL)) { PRInt16 lower_out_flags = 0; PRInt16 lower_new_flags; diff --git a/security/nss/lib/ssl/sslspec.c b/security/nss/lib/ssl/sslspec.c index 26c3eb5462..7833eeab69 100644 --- a/security/nss/lib/ssl/sslspec.c +++ b/security/nss/lib/ssl/sslspec.c @@ -143,6 +143,7 @@ ssl_CreateCipherSpec(sslSocket *ss, CipherSpecDirection direction) spec->refCt = 1; spec->version = ss->version; spec->direction = direction; + spec->recordSizeLimit = MAX_FRAGMENT_LENGTH; SSL_TRC(10, ("%d: SSL[%d]: new %s spec %d ct=%d", SSL_GETPID(), ss->fd, SPEC_DIR(spec), spec, spec->refCt)); diff --git a/security/nss/lib/ssl/sslspec.h b/security/nss/lib/ssl/sslspec.h index 729ac1006f..b256017553 100644 --- a/security/nss/lib/ssl/sslspec.h +++ b/security/nss/lib/ssl/sslspec.h @@ -162,12 +162,18 @@ struct ssl3CipherSpecStr { DTLSEpoch epoch; const char *phase; - sslSequenceNumber seqNum; + + /* The next sequence number to be sent or received. */ + sslSequenceNumber nextSeqNum; DTLSRecvdRecords recvdRecords; /* The number of 0-RTT bytes that can be sent or received in TLS 1.3. This * will be zero for everything but 0-RTT. */ PRUint32 earlyDataRemaining; + /* The maximum plaintext length. This differs from the configured or + * negotiated value for TLS 1.3; it is reduced by one to account for the + * content type octet. */ + PRUint16 recordSizeLimit; }; typedef void (*sslCipherSpecChangedFunc)(void *arg, diff --git a/security/nss/lib/ssl/sslt.h b/security/nss/lib/ssl/sslt.h index e2b80fb436..bb1bec7a3d 100644 --- a/security/nss/lib/ssl/sslt.h +++ b/security/nss/lib/ssl/sslt.h @@ -432,6 +432,7 @@ typedef enum { ssl_signed_cert_timestamp_xtn = 18, ssl_padding_xtn = 21, ssl_extended_master_secret_xtn = 23, + ssl_record_size_limit_xtn = 28, ssl_session_ticket_xtn = 35, /* 40 was used in draft versions of TLS 1.3; it is now reserved. */ ssl_tls13_pre_shared_key_xtn = 41, @@ -454,7 +455,7 @@ typedef enum { /* SSL_MAX_EXTENSIONS includes the maximum number of extensions that are * supported for any single message type. That is, a ClientHello; ServerHello * and TLS 1.3 NewSessionTicket and HelloRetryRequest extensions have fewer. */ -#define SSL_MAX_EXTENSIONS 20 +#define SSL_MAX_EXTENSIONS 21 /* Deprecated */ typedef enum { diff --git a/security/nss/lib/ssl/tls13con.c b/security/nss/lib/ssl/tls13con.c index c06acc83a9..4d9170fb01 100644 --- a/security/nss/lib/ssl/tls13con.c +++ b/security/nss/lib/ssl/tls13con.c @@ -792,7 +792,7 @@ tls13_HandleKeyUpdate(sslSocket *ss, PRUint8 *b, unsigned int length) /* Only send an update if we have sent with the current spec. This * prevents us from being forced to crank forward pointlessly. */ ssl_GetSpecReadLock(ss); - sendUpdate = ss->ssl3.cwSpec->seqNum > 0; + sendUpdate = ss->ssl3.cwSpec->nextSeqNum > 0; ssl_ReleaseSpecReadLock(ss); } else { sendUpdate = PR_TRUE; @@ -1620,7 +1620,7 @@ tls13_HandleClientHelloPart2(sslSocket *ss, ssl_GetSpecWriteLock(ss); /* Increase the write sequence number. The read sequence number * will be reset after this to early data or handshake. */ - ss->ssl3.cwSpec->seqNum = 1; + ss->ssl3.cwSpec->nextSeqNum = 1; ssl_ReleaseSpecWriteLock(ss); } @@ -2007,7 +2007,7 @@ tls13_SendHelloRetryRequest(sslSocket *ss, /* We depend on this being exactly one record and one message. */ PORT_Assert(!IS_DTLS(ss) || (ss->ssl3.hs.sendMessageSeq == 1 && - ss->ssl3.cwSpec->seqNum == 1)); + ss->ssl3.cwSpec->nextSeqNum == 1)); ssl_ReleaseXmitBufLock(ss); ss->ssl3.hs.helloRetry = PR_TRUE; @@ -2209,6 +2209,8 @@ tls13_HandleHelloRetryRequest(sslSocket *ss, const PRUint8 *savedMsg, } else { PORT_Assert(ss->ssl3.hs.zeroRttState == ssl_0rtt_none); } + /* Set the spec version, because we want to send CH now with 0303 */ + tls13_SetSpecRecordVersion(ss, ss->ssl3.cwSpec); /* Extensions must contain more than just supported_versions. This will * ensure that a HelloRetryRequest isn't a no-op: we must have at least two @@ -2248,6 +2250,7 @@ tls13_HandleHelloRetryRequest(sslSocket *ss, const PRUint8 *savedMsg, goto loser; } } + rv = ssl3_SendClientHello(ss, client_hello_retry); if (rv != SECSuccess) { goto loser; @@ -3251,6 +3254,17 @@ tls13_SetupPendingCipherSpec(sslSocket *ss, ssl3CipherSpec *spec) } tls13_SetSpecRecordVersion(ss, spec); + + /* The record size limit is reduced by one so that the remainder of the + * record handling code can use the same checks for all versions. */ + if (ssl3_ExtensionNegotiated(ss, ssl_record_size_limit_xtn)) { + spec->recordSizeLimit = ((spec->direction == CipherSpecRead) + ? ss->opt.recordSizeLimit + : ss->xtnData.recordSizeLimit) - + 1; + } else { + spec->recordSizeLimit = MAX_FRAGMENT_LENGTH; + } return SECSuccess; } @@ -3316,7 +3330,7 @@ tls13_SetCipherSpec(sslSocket *ss, PRUint16 epoch, return SECFailure; } spec->epoch = epoch; - spec->seqNum = 0; + spec->nextSeqNum = 0; if (IS_DTLS(ss)) { dtls_InitRecvdRecords(&spec->recvdRecords); } @@ -3536,14 +3550,15 @@ tls13_AESGCM(ssl3KeyMaterial *keys, CK_GCM_PARAMS gcmParams; unsigned char nonce[12]; + PORT_Assert(additionalDataLen > 8); memset(&gcmParams, 0, sizeof(gcmParams)); gcmParams.pIv = nonce; gcmParams.ulIvLen = sizeof(nonce); - gcmParams.pAAD = NULL; - gcmParams.ulAADLen = 0; + gcmParams.pAAD = (PRUint8 *)(additionalData + 8); + gcmParams.ulAADLen = additionalDataLen - 8; gcmParams.ulTagBits = 128; /* GCM measures tag length in bits. */ - tls13_WriteNonce(keys, additionalData, additionalDataLen, + tls13_WriteNonce(keys, additionalData, 8, nonce, sizeof(nonce)); return tls13_AEAD(keys, doDecrypt, out, outlen, maxout, in, inlen, CKM_AES_GCM, @@ -3560,14 +3575,15 @@ tls13_ChaCha20Poly1305(ssl3KeyMaterial *keys, PRBool doDecrypt, CK_NSS_AEAD_PARAMS aeadParams; unsigned char nonce[12]; + PORT_Assert(additionalDataLen > 8); memset(&aeadParams, 0, sizeof(aeadParams)); aeadParams.pNonce = nonce; aeadParams.ulNonceLen = sizeof(nonce); - aeadParams.pAAD = NULL; /* No AAD in TLS 1.3. */ - aeadParams.ulAADLen = 0; + aeadParams.pAAD = (PRUint8 *)(additionalData + 8); + aeadParams.ulAADLen = additionalDataLen - 8; aeadParams.ulTagLen = 16; /* The Poly1305 tag is 16 octets. */ - tls13_WriteNonce(keys, additionalData, additionalDataLen, + tls13_WriteNonce(keys, additionalData, 8, nonce, sizeof(nonce)); return tls13_AEAD(keys, doDecrypt, out, outlen, maxout, in, inlen, CKM_NSS_CHACHA20_POLY1305, @@ -3579,7 +3595,7 @@ tls13_HandleEncryptedExtensions(sslSocket *ss, PRUint8 *b, PRUint32 length) { SECStatus rv; PRUint32 innerLength; - SECItem oldNpn = { siBuffer, NULL, 0 }; + SECItem oldAlpn = { siBuffer, NULL, 0 }; PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss)); PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss)); @@ -3603,11 +3619,11 @@ tls13_HandleEncryptedExtensions(sslSocket *ss, PRUint8 *b, PRUint32 length) return SECFailure; } - /* If we are doing 0-RTT, then we already have an NPN value. Stash + /* If we are doing 0-RTT, then we already have an ALPN value. Stash * it for comparison. */ if (ss->ssl3.hs.zeroRttState == ssl_0rtt_sent && ss->xtnData.nextProtoState == SSL_NEXT_PROTO_EARLY_VALUE) { - oldNpn = ss->xtnData.nextProto; + oldAlpn = ss->xtnData.nextProto; ss->xtnData.nextProto.data = NULL; ss->xtnData.nextProtoState = SSL_NEXT_PROTO_NO_SUPPORT; } @@ -3627,8 +3643,8 @@ tls13_HandleEncryptedExtensions(sslSocket *ss, PRUint8 *b, PRUint32 length) ss->ssl3.hs.zeroRttState = ssl_0rtt_accepted; /* Check that the server negotiated the same ALPN (if any). */ - if (SECITEM_CompareItem(&oldNpn, &ss->xtnData.nextProto)) { - SECITEM_FreeItem(&oldNpn, PR_FALSE); + if (SECITEM_CompareItem(&oldAlpn, &ss->xtnData.nextProto)) { + SECITEM_FreeItem(&oldAlpn, PR_FALSE); FATAL_ERROR(ss, SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID, illegal_parameter); return SECFailure; @@ -3650,7 +3666,7 @@ tls13_HandleEncryptedExtensions(sslSocket *ss, PRUint8 *b, PRUint32 length) ss->ssl3.hs.zeroRttState == ssl_0rtt_ignored)); } - SECITEM_FreeItem(&oldNpn, PR_FALSE); + SECITEM_FreeItem(&oldAlpn, PR_FALSE); if (ss->ssl3.hs.kea_def->authKeyType == ssl_auth_psk) { TLS13_SET_HS_STATE(ss, wait_finished); } else { @@ -3815,13 +3831,14 @@ tls13_HandleCertificateVerify(sslSocket *ss, PRUint8 *b, PRUint32 length) rv = ssl_ConsumeSignatureScheme(ss, &b, &length, &sigScheme); if (rv != SECSuccess) { - PORT_SetError(SSL_ERROR_RX_MALFORMED_CERT_VERIFY); + FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_CERT_VERIFY, illegal_parameter); return SECFailure; } rv = ssl_CheckSignatureSchemeConsistency(ss, sigScheme, ss->sec.peerCert); if (rv != SECSuccess) { /* Error set already */ + FATAL_ERROR(ss, PORT_GetError(), illegal_parameter); return SECFailure; } hashAlg = ssl_SignatureSchemeToHashType(sigScheme); @@ -4740,7 +4757,8 @@ static const struct { { ssl_tls13_cookie_xtn, _M2(client_hello, hello_retry_request) }, { ssl_tls13_certificate_authorities_xtn, _M1(certificate_request) }, { ssl_tls13_supported_versions_xtn, _M3(client_hello, server_hello, - hello_retry_request) } + hello_retry_request) }, + { ssl_record_size_limit_xtn, _M2(client_hello, encrypted_extensions) } }; tls13ExtensionStatus @@ -4780,19 +4798,20 @@ tls13_ExtensionStatus(PRUint16 extension, SSLHandshakeType message) #undef _M2 #undef _M3 -/* TLS 1.3 doesn't actually have additional data but the aead function - * signature overloads additional data to carry the record sequence - * number and that's what we put here. The TLS 1.3 AEAD functions - * just use this input as the sequence number and not as additional - * data. */ +/* We cheat a bit on additional data because the AEAD interface + * which doesn't have room for the record number. The AAD we + * format is serialized record number followed by the true AD + * (i.e., the record header) plus the serialized record number. */ static SECStatus -tls13_FormatAdditionalData(sslSocket *ss, PRUint8 *aad, unsigned int length, - DTLSEpoch epoch, sslSequenceNumber seqNum) +tls13_FormatAdditionalData( + sslSocket *ss, + const PRUint8 *header, unsigned int headerLen, + DTLSEpoch epoch, sslSequenceNumber seqNum, + PRUint8 *aad, unsigned int *aadLength, unsigned int maxLength) { SECStatus rv; - sslBuffer buf = SSL_BUFFER_FIXED(aad, length); + sslBuffer buf = SSL_BUFFER_FIXED(aad, maxLength); - PORT_Assert(length == 8); if (IS_DTLS(ss)) { rv = sslBuffer_AppendNumber(&buf, epoch, 2); if (rv != SECSuccess) { @@ -4803,6 +4822,14 @@ tls13_FormatAdditionalData(sslSocket *ss, PRUint8 *aad, unsigned int length, if (rv != SECSuccess) { return SECFailure; } + + rv = sslBuffer_Append(&buf, header, headerLen); + if (rv != SECSuccess) { + return SECFailure; + } + + *aadLength = buf.len; + return SECSuccess; } @@ -4843,43 +4870,68 @@ tls13_ProtectRecord(sslSocket *ss, PORT_Assert(cwSpec->direction == CipherSpecWrite); SSL_TRC(3, ("%d: TLS13[%d]: spec=%d epoch=%d (%s) protect 0x%0llx len=%u", SSL_GETPID(), ss->fd, cwSpec, cwSpec->epoch, cwSpec->phase, - cwSpec->seqNum, contentLen)); + cwSpec->nextSeqNum, contentLen)); - if (contentLen + 1 + tagLen > wrBuf->space) { + if (contentLen + 1 + tagLen > SSL_BUFFER_SPACE(wrBuf)) { PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); return SECFailure; } /* Copy the data into the wrBuf. We're going to encrypt in-place * in the AEAD branch anyway */ - PORT_Memcpy(wrBuf->buf, pIn, contentLen); + PORT_Memcpy(SSL_BUFFER_NEXT(wrBuf), pIn, contentLen); if (cipher_def->calg == ssl_calg_null) { /* Shortcut for plaintext */ - wrBuf->len = contentLen; + rv = sslBuffer_Skip(wrBuf, contentLen, NULL); + PORT_Assert(rv == SECSuccess); } else { - PRUint8 aad[8]; + PRUint8 hdr[13]; + sslBuffer buf = SSL_BUFFER_FIXED(hdr, sizeof(hdr)); + PRBool needsLength; + PRUint8 aad[21]; + unsigned int aadLen; + int len; + PORT_Assert(cipher_def->type == type_aead); /* Add the content type at the end. */ - wrBuf->buf[contentLen] = type; + *(SSL_BUFFER_NEXT(wrBuf) + contentLen) = type; - rv = tls13_FormatAdditionalData(ss, aad, sizeof(aad), cwSpec->epoch, - cwSpec->seqNum); + /* Create the header (ugly that we have to do it twice). */ + rv = ssl_InsertRecordHeader(ss, cwSpec, content_application_data, + &buf, &needsLength); + if (rv != SECSuccess) { + return SECFailure; + } + if (needsLength) { + rv = sslBuffer_AppendNumber(&buf, contentLen + 1 + + cwSpec->cipherDef->tag_size, + 2); + if (rv != SECSuccess) { + return SECFailure; + } + } + rv = tls13_FormatAdditionalData(ss, SSL_BUFFER_BASE(&buf), SSL_BUFFER_LEN(&buf), + cwSpec->epoch, cwSpec->nextSeqNum, + aad, &aadLen, sizeof(aad)); if (rv != SECSuccess) { return SECFailure; } rv = cwSpec->aead(&cwSpec->keyMaterial, - PR_FALSE, /* do encrypt */ - wrBuf->buf, /* output */ - (int *)&wrBuf->len, /* out len */ - wrBuf->space, /* max out */ - wrBuf->buf, contentLen + 1, /* input */ - aad, sizeof(aad)); + PR_FALSE, /* do encrypt */ + SSL_BUFFER_NEXT(wrBuf), /* output */ + &len, /* out len */ + SSL_BUFFER_SPACE(wrBuf), /* max out */ + SSL_BUFFER_NEXT(wrBuf), /* input */ + contentLen + 1, /* input len */ + aad, aadLen); if (rv != SECSuccess) { PORT_SetError(SSL_ERROR_ENCRYPTION_FAILURE); return SECFailure; } + rv = sslBuffer_Skip(wrBuf, len, NULL); + PORT_Assert(rv == SECSuccess); } return SECSuccess; @@ -4897,25 +4949,22 @@ tls13_ProtectRecord(sslSocket *ss, SECStatus tls13_UnprotectRecord(sslSocket *ss, ssl3CipherSpec *spec, - SSL3Ciphertext *cText, sslBuffer *plaintext, + SSL3Ciphertext *cText, + sslBuffer *plaintext, + SSL3ContentType *innerType, SSL3AlertDescription *alert) { const ssl3BulkCipherDef *cipher_def = spec->cipherDef; - sslSequenceNumber seqNum; - PRUint8 aad[8]; + PRUint8 aad[21]; + unsigned int aadLen; SECStatus rv; *alert = bad_record_mac; /* Default alert for most issues. */ PORT_Assert(spec->direction == CipherSpecRead); - if (IS_DTLS(ss)) { - seqNum = cText->seq_num & RECORD_SEQ_MASK; - } else { - seqNum = spec->seqNum; - } SSL_TRC(3, ("%d: TLS13[%d]: spec=%d epoch=%d (%s) unprotect 0x%0llx len=%u", - SSL_GETPID(), ss->fd, spec, spec->epoch, spec->phase, seqNum, - cText->buf->len)); + SSL_GETPID(), ss->fd, spec, spec->epoch, spec->phase, + cText->seqNum, cText->buf->len)); /* We can perform this test in variable time because the record's total * length and the ciphersuite are both public knowledge. */ @@ -4927,28 +4976,38 @@ tls13_UnprotectRecord(sslSocket *ss, return SECFailure; } - /* Verify that the content type is right, even though we overwrite it. */ - if (cText->type != content_application_data) { + /* Verify that the content type is right, even though we overwrite it. + * Also allow the DTLS short header in TLS 1.3. */ + if (!(cText->hdr[0] == content_application_data || + (IS_DTLS(ss) && + ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 && + (cText->hdr[0] & 0xe0) == 0x20))) { SSL_TRC(3, - ("%d: TLS13[%d]: record has invalid exterior content type=%d", - SSL_GETPID(), ss->fd, cText->type)); + ("%d: TLS13[%d]: record has invalid exterior type=%2.2x", + SSL_GETPID(), ss->fd, cText->hdr[0])); /* Do we need a better error here? */ PORT_SetError(SSL_ERROR_BAD_MAC_READ); return SECFailure; } - /* Check the version number in the record. */ - if (cText->version != spec->recordVersion) { - /* Do we need a better error here? */ - SSL_TRC(3, - ("%d: TLS13[%d]: record has bogus version", - SSL_GETPID(), ss->fd)); - return SECFailure; + /* Check the version number in the record. Stream only. */ + if (!IS_DTLS(ss)) { + SSL3ProtocolVersion version = + ((SSL3ProtocolVersion)cText->hdr[1] << 8) | + (SSL3ProtocolVersion)cText->hdr[2]; + if (version != spec->recordVersion) { + /* Do we need a better error here? */ + SSL_TRC(3, ("%d: TLS13[%d]: record has bogus version", + SSL_GETPID(), ss->fd)); + return SECFailure; + } } /* Decrypt */ PORT_Assert(cipher_def->type == type_aead); - rv = tls13_FormatAdditionalData(ss, aad, sizeof(aad), spec->epoch, seqNum); + rv = tls13_FormatAdditionalData(ss, cText->hdr, cText->hdrLen, + spec->epoch, cText->seqNum, + aad, &aadLen, sizeof(aad)); if (rv != SECSuccess) { return SECFailure; } @@ -4959,7 +5018,7 @@ tls13_UnprotectRecord(sslSocket *ss, plaintext->space, /* maxout */ cText->buf->buf, /* in */ cText->buf->len, /* inlen */ - aad, sizeof(aad)); + aad, aadLen); if (rv != SECSuccess) { SSL_TRC(3, ("%d: TLS13[%d]: record has bogus MAC", @@ -4968,6 +5027,16 @@ tls13_UnprotectRecord(sslSocket *ss, return SECFailure; } + /* There is a similar test in ssl3_HandleRecord, but this test is needed to + * account for padding. It's safe to do this here (including the alert), + * because it only confirms that the record exceeded the size limit, which + * is apparent from the size of the ciphertext. */ + if (plaintext->len > spec->recordSizeLimit + 1) { + SSL3_SendAlert(ss, alert_fatal, record_overflow); + PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG); + return SECFailure; + } + /* The record is right-padded with 0s, followed by the true * content type, so read from the right until we receive a * nonzero byte. */ @@ -4977,9 +5046,7 @@ tls13_UnprotectRecord(sslSocket *ss, /* Bogus padding. */ if (plaintext->len < 1) { - SSL_TRC(3, - ("%d: TLS13[%d]: empty record", - SSL_GETPID(), ss->fd, cText->type)); + SSL_TRC(3, ("%d: TLS13[%d]: empty record", SSL_GETPID(), ss->fd)); /* It's safe to report this specifically because it happened * after the MAC has been verified. */ PORT_SetError(SSL_ERROR_BAD_BLOCK_PADDING); @@ -4987,12 +5054,12 @@ tls13_UnprotectRecord(sslSocket *ss, } /* Record the type. */ - cText->type = plaintext->buf[plaintext->len - 1]; + *innerType = (SSL3ContentType)plaintext->buf[plaintext->len - 1]; --plaintext->len; /* Check that we haven't received too much 0-RTT data. */ if (spec->epoch == TrafficKeyEarlyApplicationData && - cText->type == content_application_data) { + *innerType == content_application_data) { if (plaintext->len > spec->earlyDataRemaining) { *alert = unexpected_message; PORT_SetError(SSL_ERROR_TOO_MUCH_EARLY_DATA); @@ -5002,9 +5069,8 @@ tls13_UnprotectRecord(sslSocket *ss, } SSL_TRC(10, - ("%d: TLS13[%d]: %s received record of length=%d type=%d", - SSL_GETPID(), ss->fd, SSL_ROLE(ss), - plaintext->len, cText->type)); + ("%d: TLS13[%d]: %s received record of length=%d, type=%d", + SSL_GETPID(), ss->fd, SSL_ROLE(ss), plaintext->len, *innerType)); return SECSuccess; } @@ -5227,6 +5293,58 @@ tls13_EncodeDraftVersion(SSL3ProtocolVersion version) return (PRUint16)version; } +SECStatus +tls13_ClientReadSupportedVersion(sslSocket *ss) +{ + PRUint32 temp; + SSL3ProtocolVersion v; + TLSExtension *versionExtension; + SECItem it; + SECStatus rv; + + /* Update the version based on the extension, as necessary. */ + versionExtension = ssl3_FindExtension(ss, ssl_tls13_supported_versions_xtn); + if (!versionExtension) { + return SECSuccess; + } + + /* Struct copy so we don't damage the extension. */ + it = versionExtension->data; + + rv = ssl3_ConsumeHandshakeNumber(ss, &temp, 2, &it.data, &it.len); + if (rv != SECSuccess) { + return SECFailure; + } + if (it.len) { + FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_SERVER_HELLO, illegal_parameter); + return SECFailure; + } + v = (SSL3ProtocolVersion)temp; + + /* You cannot negotiate < TLS 1.3 with supported_versions. */ + if (v < SSL_LIBRARY_VERSION_TLS_1_3) { + FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_SERVER_HELLO, illegal_parameter); + return SECFailure; + } + +#ifdef TLS_1_3_DRAFT_VERSION + if (temp == SSL_LIBRARY_VERSION_TLS_1_3) { + FATAL_ERROR(ss, SSL_ERROR_UNSUPPORTED_VERSION, protocol_version); + return SECFailure; + } + if (temp == tls13_EncodeDraftVersion(SSL_LIBRARY_VERSION_TLS_1_3)) { + v = SSL_LIBRARY_VERSION_TLS_1_3; + } else { + v = (SSL3ProtocolVersion)temp; + } +#else + v = (SSL3ProtocolVersion)temp; +#endif + + ss->version = v; + return SECSuccess; +} + /* Pick the highest version we support that is also advertised. */ SECStatus tls13_NegotiateVersion(sslSocket *ss, const TLSExtension *supportedVersions) diff --git a/security/nss/lib/ssl/tls13con.h b/security/nss/lib/ssl/tls13con.h index 1aaffb651d..f35b20023d 100644 --- a/security/nss/lib/ssl/tls13con.h +++ b/security/nss/lib/ssl/tls13con.h @@ -28,6 +28,7 @@ typedef enum { SECStatus tls13_UnprotectRecord( sslSocket *ss, ssl3CipherSpec *spec, SSL3Ciphertext *cText, sslBuffer *plaintext, + SSL3ContentType *innerType, SSL3AlertDescription *alert); #if defined(WIN32) @@ -101,6 +102,7 @@ PRInt32 tls13_Read0RttData(sslSocket *ss, void *buf, PRInt32 len); SECStatus tls13_HandleEarlyApplicationData(sslSocket *ss, sslBuffer *origBuf); PRBool tls13_ClientAllow0Rtt(const sslSocket *ss, const sslSessionID *sid); PRUint16 tls13_EncodeDraftVersion(SSL3ProtocolVersion version); +SECStatus tls13_ClientReadSupportedVersion(sslSocket *ss); SECStatus tls13_NegotiateVersion(sslSocket *ss, const TLSExtension *supported_versions); diff --git a/security/nss/lib/ssl/tls13exthandle.c b/security/nss/lib/ssl/tls13exthandle.c index 899f238276..1ab8a8e597 100644 --- a/security/nss/lib/ssl/tls13exthandle.c +++ b/security/nss/lib/ssl/tls13exthandle.c @@ -860,12 +860,12 @@ tls13_ServerHandleCookieXtn(const sslSocket *ss, TLSExtensionData *xtnData, } if (xtnData->cookie.len == 0) { - PORT_SetError(SSL_ERROR_RX_MALFORMED_SERVER_HELLO); + PORT_SetError(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO); return SECFailure; } if (data->len) { - PORT_SetError(SSL_ERROR_RX_MALFORMED_SERVER_HELLO); + PORT_SetError(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO); return SECFailure; } diff --git a/security/nss/lib/util/nssutil.def b/security/nss/lib/util/nssutil.def index 936455f6e7..26e438ba6a 100644 --- a/security/nss/lib/util/nssutil.def +++ b/security/nss/lib/util/nssutil.def @@ -322,4 +322,9 @@ _NSSUTIL_UTF8ToWide;- _NSSUTIL_Access;- ;- local: ;- *; -;-}; +;+NSSUTIL_3.38 { # NSS Utilities 3.38 release +;+ global: +SECITEM_MakeItem; +;+ local: +;+ *; +;+}; diff --git a/security/nss/lib/util/nssutil.h b/security/nss/lib/util/nssutil.h index b65d4a0c9f..2749abaa16 100644 --- a/security/nss/lib/util/nssutil.h +++ b/security/nss/lib/util/nssutil.h @@ -19,10 +19,10 @@ * The format of the version string should be * "<major version>.<minor version>[.<patch level>[.<build number>]][ <Beta>]" */ -#define NSSUTIL_VERSION "3.36.4" +#define NSSUTIL_VERSION "3.38" #define NSSUTIL_VMAJOR 3 -#define NSSUTIL_VMINOR 36 -#define NSSUTIL_VPATCH 4 +#define NSSUTIL_VMINOR 38 +#define NSSUTIL_VPATCH 0 #define NSSUTIL_VBUILD 0 #define NSSUTIL_BETA PR_FALSE diff --git a/security/nss/lib/util/pkcs11t.h b/security/nss/lib/util/pkcs11t.h index c945f314e2..01ff8a5725 100644 --- a/security/nss/lib/util/pkcs11t.h +++ b/security/nss/lib/util/pkcs11t.h @@ -466,6 +466,8 @@ typedef CK_ULONG CK_ATTRIBUTE_TYPE; #define CKA_EXPONENT_1 0x00000126 #define CKA_EXPONENT_2 0x00000127 #define CKA_COEFFICIENT 0x00000128 +/* CKA_PUBLIC_KEY_INFO is new for v2.40 */ +#define CKA_PUBLIC_KEY_INFO 0x00000129 #define CKA_PRIME 0x00000130 #define CKA_SUBPRIME 0x00000131 #define CKA_BASE 0x00000132 diff --git a/security/nss/lib/util/secasn1d.c b/security/nss/lib/util/secasn1d.c index ccd97481d6..ed237ed72c 100644 --- a/security/nss/lib/util/secasn1d.c +++ b/security/nss/lib/util/secasn1d.c @@ -2987,7 +2987,9 @@ SEC_ASN1DecoderFinish(SEC_ASN1DecoderContext *cx) * XXX anything else that needs to be finished? */ - PORT_FreeArena(cx->our_pool, PR_TRUE); + if (cx) { + PORT_FreeArena(cx->our_pool, PR_TRUE); + } return rv; } diff --git a/security/nss/lib/util/secitem.c b/security/nss/lib/util/secitem.c index 22c5b1f6e6..1e505a9af1 100644 --- a/security/nss/lib/util/secitem.c +++ b/security/nss/lib/util/secitem.c @@ -76,6 +76,15 @@ loser: } SECStatus +SECITEM_MakeItem(PLArenaPool *arena, SECItem *dest, unsigned char *data, + unsigned int len) +{ + SECItem it = { siBuffer, data, len }; + + return SECITEM_CopyItem(arena, dest, &it); +} + +SECStatus SECITEM_ReallocItem(PLArenaPool *arena, SECItem *item, unsigned int oldlen, unsigned int newlen) { diff --git a/security/nss/lib/util/secitem.h b/security/nss/lib/util/secitem.h index 5b9d0e1748..4fb1239382 100644 --- a/security/nss/lib/util/secitem.h +++ b/security/nss/lib/util/secitem.h @@ -35,6 +35,14 @@ SEC_BEGIN_PROTOS extern SECItem *SECITEM_AllocItem(PLArenaPool *arena, SECItem *item, unsigned int len); +/* Allocate and make an item with the requested contents. + * + * We seem to have mostly given up on SECItemType, so the result is + * always siBuffer. + */ +extern SECStatus SECITEM_MakeItem(PLArenaPool *arena, SECItem *dest, + unsigned char *data, unsigned int len); + /* ** This is a legacy function containing bugs. It doesn't update item->len, ** and it has other issues as described in bug 298649 and bug 298938. diff --git a/security/nss/nss-tool/enc/enctool.cc b/security/nss/nss-tool/enc/enctool.cc index b3c0d1dbe6..e37e4593a7 100644 --- a/security/nss/nss-tool/enc/enctool.cc +++ b/security/nss/nss-tool/enc/enctool.cc @@ -271,7 +271,6 @@ bool EncTool::DoCipher(std::string file_name, std::string out_file, if (file_name.empty()) { std::vector<uint8_t> data = ReadInputData(""); std::vector<uint8_t> out(data.size() + 16); - SECStatus rv; if (encrypt) { rv = PK11_Encrypt(symKey.get(), cipher_mech_, params.get(), out.data(), &outLen, data.size() + 16, data.data(), data.size()); diff --git a/security/nss/tests/all.sh b/security/nss/tests/all.sh index 3a02debef2..f8a777fb3b 100755 --- a/security/nss/tests/all.sh +++ b/security/nss/tests/all.sh @@ -309,7 +309,7 @@ TESTS=${NSS_TESTS:-$tests} ALL_TESTS=${TESTS} -nss_ssl_tests="crl iopr policy" +nss_ssl_tests="crl iopr policy normal_normal" if [ $NO_INIT_SUPPORT -eq 0 ]; then nss_ssl_tests="$nss_ssl_tests fips_normal normal_fips" fi diff --git a/security/nss/tests/bogo/bogo.sh b/security/nss/tests/bogo/bogo.sh index d1a93bf9b7..4fccb845b4 100755 --- a/security/nss/tests/bogo/bogo.sh +++ b/security/nss/tests/bogo/bogo.sh @@ -25,7 +25,7 @@ bogo_init() BORING=${BORING:=boringssl} if [ ! -d "$BORING" ]; then git clone -q https://boringssl.googlesource.com/boringssl "$BORING" - git -C "$BORING" checkout -q a513e86c1ebb1383930c9e504bdabcc302a85f30 + git -C "$BORING" checkout -q ec55dc15d3a39e5f1a58bfd79148729f38f6acb4 fi SCRIPTNAME="bogo.sh" @@ -39,11 +39,12 @@ bogo_cleanup() . common/cleanup.sh } -cd "$(dirname "$0")" -SOURCE_DIR="$PWD"/../.. +cd ../ +cwd=$(cd $(dirname $0); pwd -P) +SOURCE_DIR="$cwd"/.. bogo_init (cd "$BORING"/ssl/test/runner; - GOPATH="$PWD" go test -pipe -shim-path "${BINDIR}"/nss_bogo_shim \ + GOPATH="$cwd" go test -pipe -shim-path "${BINDIR}"/nss_bogo_shim \ -loose-errors -allow-unimplemented \ -shim-config "${SOURCE_DIR}/gtests/nss_bogo_shim/config.json") \ 2>bogo.errors | tee bogo.log diff --git a/security/nss/tests/cert/cert.sh b/security/nss/tests/cert/cert.sh index d1a9148a97..34006efd19 100755 --- a/security/nss/tests/cert/cert.sh +++ b/security/nss/tests/cert/cert.sh @@ -1060,6 +1060,25 @@ cert_extended_ssl() # -d "${PROFILEDIR}" -i "${CLIENT_CADIR}/clientCA-ecmixed.ca.cert" \ # 2>&1 + # Check that a repeated import with a different nickname doesn't change the + # nickname of the existing cert (bug 1458518). + # We want to search for the results using grep, to avoid subset matches, + # we'll use one of the longer nicknames for testing. + # (Because "grep -w hostname" matches "grep -w hostname-dsamixed") + MYDBPASS="-d ${PROFILEDIR} -f ${R_PWFILE}" + TESTNAME="Ensure there's exactly one match for ${CERTNAME}-dsamixed" + cert_check_nickname_exists "$MYDBPASS" "${CERTNAME}-dsamixed" 0 1 "${TESTNAME}" + + CU_ACTION="Repeated import of $CERTNAME's mixed DSA Cert with different nickname" + certu -A -n "${CERTNAME}-repeated-dsamixed" -t "u,u,u" -d "${PROFILEDIR}" \ + -f "${R_PWFILE}" -i "${CERTNAME}-dsamixed.cert" 2>&1 + + TESTNAME="Ensure there's still exactly one match for ${CERTNAME}-dsamixed" + cert_check_nickname_exists "$MYDBPASS" "${CERTNAME}-dsamixed" 0 1 "${TESTNAME}" + + TESTNAME="Ensure there's zero matches for ${CERTNAME}-repeated-dsamixed" + cert_check_nickname_exists "$MYDBPASS" "${CERTNAME}-repeated-dsamixed" 0 0 "${TESTNAME}" + echo "Importing all the server's own CA chain into the servers DB" for CA in `find ${SERVER_CADIR} -name "?*.ca.cert"` ; do @@ -1532,6 +1551,37 @@ cert_make_with_param() return 0 } +cert_check_nickname_exists() +{ + MYDIRPASS="$1" + MYCERTNAME="$2" + EXPECT="$3" + EXPECTCOUNT="$4" + MYTESTNAME="$5" + + echo certutil ${MYDIRPASS} -L + ${BINDIR}/certutil ${MYDIRPASS} -L + + RET=$? + if [ "${RET}" -ne "${EXPECT}" ]; then + CERTFAILED=1 + html_failed "${MYTESTNAME} - list" + cert_log "ERROR: ${MYTESTNAME} - list" + return 1 + fi + + LISTCOUNT=`${BINDIR}/certutil ${MYDIRPASS} -L | grep -wc ${MYCERTNAME}` + if [ "${LISTCOUNT}" -ne "${EXPECTCOUNT}" ]; then + CERTFAILED=1 + html_failed "${MYTESTNAME} - list and count" + cert_log "ERROR: ${MYTESTNAME} - list and count failed" + return 1 + fi + + html_passed "${MYTESTNAME}" + return 0 +} + cert_list_and_count_dns() { DIRPASS="$1" @@ -2425,6 +2475,31 @@ EOF RETEXPECTED=0 } +cert_test_orphan_key_reuse() +{ + CU_ACTION="Create orphan key in serverdir" + certu -G -f "${R_PWFILE}" -z ${R_NOISE_FILE} -d ${PROFILEDIR} + # Let's get the key ID of the first orphan key. + # The output of certutil -K (list keys) isn't well formatted. + # The initial <key-number> part may or may not contain white space, which + # makes the use of awk to filter the column unreliable. + # To fix that, we remove the initial <number> field using sed, then select the + # column that contains the key ID. + ORPHAN=`${BINDIR}/certutil -d ${PROFILEDIR} -K -f ${R_PWFILE} | \ + sed 's/^<.*>//g' | grep -w orphan | head -1 | awk '{print $2}'` + CU_ACTION="Create cert request for orphan key" + certu -R -f "${R_PWFILE}" -k ${ORPHAN} -s "CN=orphan" -d ${PROFILEDIR} \ + -o ${SERVERDIR}/orphan.req + # Ensure that creating the request really works by listing it, and check + # if listing was successful. + ${BINDIR}/pp -t certificate-request -i ${SERVERDIR}/orphan.req + RET=$? + if [ "$RET" -ne 0 ]; then + html_failed "Listing cert request for orphan key ($RET)" + cert_log "ERROR: Listing cert request for orphan key failed $RET" + fi +} + ############################## cert_cleanup ############################ # local shell function to finish this script (no exit since it might be # sourced) @@ -2444,6 +2519,7 @@ cert_all_CA cert_test_implicit_db_init cert_extended_ssl cert_ssl +cert_test_orphan_key_reuse cert_smime_client IS_FIPS_DISABLED=`certutil --build-flags |grep -cw NSS_FIPS_DISABLED` if [ $IS_FIPS_DISABLED -ne 0 ]; then diff --git a/security/nss/tests/common/init.sh b/security/nss/tests/common/init.sh index 933551e834..6aa22af8d8 100644 --- a/security/nss/tests/common/init.sh +++ b/security/nss/tests/common/init.sh @@ -543,8 +543,8 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then D_DISTRUST="Distrust.$version" D_RSAPSS="RSAPSS.$version" - # we need relative pathnames of these files abd directories, since our - # tools can't handle the unix style absolut pathnames on cygnus + # we need relative pathnames of these files and directories, since our + # tools can't handle the unix style absolute pathnames on cygnus R_CADIR=../CA R_SERVERDIR=../server @@ -565,6 +565,7 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then R_NOLOGINDIR=../nologin R_SSLGTESTDIR=../ssl_gtests R_GTESTDIR=../gtests + R_RSAPSSDIR=../rsapss # # profiles are either paths or domains depending on the setting of @@ -581,6 +582,7 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then P_R_EXT_SERVERDIR=${R_EXT_SERVERDIR} P_R_EXT_CLIENTDIR=${R_EXT_CLIENTDIR} P_R_IMPLICIT_INIT_DIR=${R_IMPLICIT_INIT_DIR} + P_R_RSAPSSDIR=${R_RSAPSSDIR} if [ -n "${MULTIACCESS_DBM}" ]; then P_R_CADIR="multiaccess:${D_CA}" P_R_ALICEDIR="multiaccess:${D_ALICE}" @@ -593,6 +595,7 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then P_R_EXT_SERVERDIR="multiaccess:${D_EXT_SERVER}" P_R_EXT_CLIENTDIR="multiaccess:${D_EXT_CLIENT}" P_R_IMPLICIT_INIT_DIR="multiaccess:${D_IMPLICIT_INIT}" + P_R_RSAPSSDIR="multiaccess:${D_RSAPSS}" fi R_PWFILE=../tests.pw diff --git a/security/nss/tests/interop/interop.sh b/security/nss/tests/interop/interop.sh index 97c82e0ca0..50c8bb3c18 100644 --- a/security/nss/tests/interop/interop.sh +++ b/security/nss/tests/interop/interop.sh @@ -25,7 +25,7 @@ interop_init() INTEROP=${INTEROP:=tls_interop} if [ ! -d "$INTEROP" ]; then git clone -q https://github.com/ttaubert/tls-interop "$INTEROP" - git -C "$INTEROP" checkout -q 07930b791827c1bdb6f4c19ca0aa63850fd59e22 + git -C "$INTEROP" checkout -q d07b28ac32b390dea1c9bcca5c56716247d23e5e fi INTEROP=$(cd "$INTEROP";pwd -P) diff --git a/security/nss/tests/ssl/ssl.sh b/security/nss/tests/ssl/ssl.sh index de867a4bda..9a63bd9971 100755 --- a/security/nss/tests/ssl/ssl.sh +++ b/security/nss/tests/ssl/ssl.sh @@ -283,34 +283,30 @@ ssl_cov() echo "${testname}" | grep "EXPORT" > /dev/null EXP=$? - if [ "$ectype" = "ECC" ] ; then - echo "$SCRIPTNAME: skipping $testname (ECC only)" - else - echo "$SCRIPTNAME: running $testname ----------------------------" - VMAX="ssl3" - if [ "$testmax" = "TLS10" ]; then - VMAX="tls1.0" - fi - if [ "$testmax" = "TLS11" ]; then - VMAX="tls1.1" - fi - if [ "$testmax" = "TLS12" ]; then - VMAX="tls1.2" - fi - - echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} \\" - echo " -f -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE}" - - rm ${TMP}/$HOST.tmp.$$ 2>/dev/null - ${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} -f \ - -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE} \ - >${TMP}/$HOST.tmp.$$ 2>&1 - ret=$? - cat ${TMP}/$HOST.tmp.$$ - rm ${TMP}/$HOST.tmp.$$ 2>/dev/null - html_msg $ret 0 "${testname}" \ - "produced a returncode of $ret, expected is 0" + echo "$SCRIPTNAME: running $testname ----------------------------" + VMAX="ssl3" + if [ "$testmax" = "TLS10" ]; then + VMAX="tls1.0" + fi + if [ "$testmax" = "TLS11" ]; then + VMAX="tls1.1" fi + if [ "$testmax" = "TLS12" ]; then + VMAX="tls1.2" + fi + + echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} \\" + echo " -f -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE}" + + rm ${TMP}/$HOST.tmp.$$ 2>/dev/null + ${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} -f \ + -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE} \ + >${TMP}/$HOST.tmp.$$ 2>&1 + ret=$? + cat ${TMP}/$HOST.tmp.$$ + rm ${TMP}/$HOST.tmp.$$ 2>/dev/null + html_msg $ret 0 "${testname}" \ + "produced a returncode of $ret, expected is 0" done kill_selfserv @@ -335,8 +331,6 @@ ssl_auth() echo "$SCRIPTNAME: skipping $testname (non-FIPS only)" elif [ "$ectype" = "SNI" -a "$NORM_EXT" = "Extended Test" ] ; then echo "$SCRIPTNAME: skipping $testname for $NORM_EXT" - elif [ "$ectype" = "ECC" ] ; then - echo "$SCRIPTNAME: skipping $testname (ECC only)" else cparam=`echo $cparam | sed -e 's;_; ;g' -e "s/TestUser/$USER_NICKNAME/g" ` if [ "$ectype" = "SNI" ]; then @@ -550,8 +544,6 @@ ssl_stress() if [ "$ectype" = "SNI" -a "$NORM_EXT" = "Extended Test" ] ; then echo "$SCRIPTNAME: skipping $testname for $NORM_EXT" - elif [ "$ectype" = "ECC" ] ; then - echo "$SCRIPTNAME: skipping $testname (ECC only)" elif [ "${CLIENT_MODE}" = "fips" -a "${CAUTH}" -ne 0 ] ; then echo "$SCRIPTNAME: skipping $testname (non-FIPS only)" elif [ "${NOLOGIN}" -eq 0 ] && \ @@ -615,9 +607,7 @@ ssl_crl_ssl() ignore_blank_lines ${SSLAUTH} | \ while read ectype value sparam cparam testname do - if [ "$ectype" = "ECC" ] ; then - echo "$SCRIPTNAME: skipping $testname (ECC only)" - elif [ "$ectype" = "SNI" ]; then + if [ "$ectype" = "SNI" ]; then continue else servarg=`echo $sparam | awk '{r=split($0,a,"-r") - 1;print r;}'` @@ -729,43 +719,39 @@ ssl_policy() do VMIN="ssl3" - if [ "$ectype" = "ECC" ] ; then - echo "$SCRIPTNAME: skipping $testname (ECC only)" - else - echo "$SCRIPTNAME: running $testname ----------------------------" - VMAX="ssl3" - if [ "$testmax" = "TLS10" ]; then - VMAX="tls1.0" - fi - if [ "$testmax" = "TLS11" ]; then - VMAX="tls1.1" - fi - if [ "$testmax" = "TLS12" ]; then - VMAX="tls1.2" - fi + echo "$SCRIPTNAME: running $testname ----------------------------" + VMAX="ssl3" + if [ "$testmax" = "TLS10" ]; then + VMAX="tls1.0" + fi + if [ "$testmax" = "TLS11" ]; then + VMAX="tls1.1" + fi + if [ "$testmax" = "TLS12" ]; then + VMAX="tls1.2" + fi - # load the policy - policy=`echo ${policy} | sed -e 's;_; ;g'` - setup_policy "$policy" ${P_R_CLIENTDIR} + # load the policy + policy=`echo ${policy} | sed -e 's;_; ;g'` + setup_policy "$policy" ${P_R_CLIENTDIR} - echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} \\" - echo " -f -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE}" + echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} \\" + echo " -f -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE}" - rm ${TMP}/$HOST.tmp.$$ 2>/dev/null - ${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} -f \ - -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE} \ - >${TMP}/$HOST.tmp.$$ 2>&1 - ret=$? - cat ${TMP}/$HOST.tmp.$$ - rm ${TMP}/$HOST.tmp.$$ 2>/dev/null + rm ${TMP}/$HOST.tmp.$$ 2>/dev/null + ${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} -f \ + -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE} \ + >${TMP}/$HOST.tmp.$$ 2>&1 + ret=$? + cat ${TMP}/$HOST.tmp.$$ + rm ${TMP}/$HOST.tmp.$$ 2>/dev/null - #workaround for bug #402058 - [ $ret -ne 0 ] && ret=1 - [ ${value} -ne 0 ] && value=1 + #workaround for bug #402058 + [ $ret -ne 0 ] && ret=1 + [ ${value} -ne 0 ] && value=1 - html_msg $ret ${value} "${testname}" \ - "produced a returncode of $ret, expected is ${value}" - fi + html_msg $ret ${value} "${testname}" \ + "produced a returncode of $ret, expected is ${value}" done cp ${P_R_CLIENTDIR}/pkcs11.txt.sav ${P_R_CLIENTDIR}/pkcs11.txt @@ -1004,9 +990,7 @@ ssl_crl_cache() while read ectype value sparam cparam testname do [ "$ectype" = "" ] && continue - if [ "$ectype" = "ECC" ] ; then - echo "$SCRIPTNAME: skipping $testname (ECC only)" - elif [ "$ectype" = "SNI" ]; then + if [ "$ectype" = "SNI" ]; then continue else servarg=`echo $sparam | awk '{r=split($0,a,"-r") - 1;print r;}'` diff --git a/security/nss/tests/ssl_gtests/ssl_gtests.sh b/security/nss/tests/ssl_gtests/ssl_gtests.sh index fd678bf594..eef77f16f3 100755 --- a/security/nss/tests/ssl_gtests/ssl_gtests.sh +++ b/security/nss/tests/ssl_gtests/ssl_gtests.sh @@ -47,6 +47,7 @@ make_cert() { dsa) type_args='-g 1024' ;; rsa) type_args='-g 1024' ;; rsa2048) type_args='-g 2048';type=rsa ;; + rsa8192) type_args='-g 8192';type=rsa ;; rsapss) type_args='-g 1024 --pss';type=rsa ;; p256) type_args='-q nistp256';type=ec ;; p384) type_args='-q secp384r1';type=ec ;; @@ -83,6 +84,7 @@ ssl_gtest_certs() { make_cert client rsa sign make_cert rsa rsa sign kex make_cert rsa2048 rsa2048 sign kex + make_cert rsa8192 rsa8192 sign kex make_cert rsa_sign rsa sign make_cert rsa_pss rsapss sign make_cert rsa_decrypt rsa kex diff --git a/security/nss/tests/tools/TestRSAPSS.p12 b/security/nss/tests/tools/TestRSAPSS.p12 Binary files differnew file mode 100644 index 0000000000..91473891c8 --- /dev/null +++ b/security/nss/tests/tools/TestRSAPSS.p12 diff --git a/security/nss/tests/tools/tools.sh b/security/nss/tests/tools/tools.sh index 11be23e051..7cf1ef73f8 100644 --- a/security/nss/tests/tools/tools.sh +++ b/security/nss/tests/tools/tools.sh @@ -105,6 +105,7 @@ tools_init() mkdir -p ${TOOLSDIR}/data cp ${QADIR}/tools/TestOldCA.p12 ${TOOLSDIR}/data cp ${QADIR}/tools/TestOldAES128CA.p12 ${TOOLSDIR}/data + cp ${QADIR}/tools/TestRSAPSS.p12 ${TOOLSDIR}/data cd ${TOOLSDIR} } @@ -436,6 +437,23 @@ tools_p12_import_old_files() check_tmpfile } +tools_p12_import_rsa_pss_private_key() +{ + echo "$SCRIPTNAME: Importing RSA-PSS private key from PKCS#12 file --------------" + ${BINDIR}/pk12util -i ${TOOLSDIR}/data/TestRSAPSS.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -W '' 2>&1 + ret=$? + html_msg $ret 0 "Importing RSA-PSS private key from PKCS#12 file" + check_tmpfile + + # Check if RSA-PSS identifier is included in the key listing + ${BINDIR}/certutil -d ${P_R_COPYDIR} -K -f ${R_PWFILE} | grep '^<[0-9 ]*> *rsaPss' + ret=$? + html_msg $ret 0 "Listing RSA-PSS private key imported from PKCS#12 file" + check_tmpfile + + return $ret +} + ############################## tools_p12 ############################### # local shell function to test basic functionality of pk12util ######################################################################## @@ -448,6 +466,9 @@ tools_p12() tools_p12_export_with_none_ciphers tools_p12_export_with_invalid_ciphers tools_p12_import_old_files + if [ "${TEST_MODE}" = "SHARED_DB" ] ; then + tools_p12_import_rsa_pss_private_key + fi } ############################## tools_sign ############################## diff --git a/services/sync/Weave.js b/services/sync/Weave.js index a414fa0831..de131d08a9 100644 --- a/services/sync/Weave.js +++ b/services/sync/Weave.js @@ -72,13 +72,6 @@ WeaveService.prototype = { Ci.nsISupportsWeakReference]), ensureLoaded: function () { -#ifndef MC_PALEMOON - // If we are loaded and not using FxA, load the migration module. - if (!this.fxAccountsEnabled) { - Cu.import("resource://services-sync/FxaMigrator.jsm"); - } -#endif - Components.utils.import("resource://services-sync/main.js"); // Side-effect of accessing the service is that it is instantiated. diff --git a/services/sync/modules/FxaMigrator.jsm b/services/sync/modules/FxaMigrator.jsm deleted file mode 100644 index 735b601444..0000000000 --- a/services/sync/modules/FxaMigrator.jsm +++ /dev/null @@ -1,99 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -"use strict;" - -// Note that this module used to supervise the step-by-step migration from -// a legacy Sync account to a FxA-based Sync account. In bug 1205928, this -// changed to automatically disconnect the legacy Sync account. - -const {classes: Cc, interfaces: Ci, results: Cr, utils: Cu} = Components; - -Cu.import("resource://gre/modules/XPCOMUtils.jsm"); -Cu.import("resource://gre/modules/Log.jsm"); -Cu.import("resource://gre/modules/Services.jsm"); - -XPCOMUtils.defineLazyGetter(this, "WeaveService", function() { - return Cc["@mozilla.org/weave/service;1"] - .getService(Components.interfaces.nsISupports) - .wrappedJSObject; -}); - -XPCOMUtils.defineLazyModuleGetter(this, "Weave", - "resource://services-sync/main.js"); - -// We send this notification when we perform the disconnection. The browser -// window will show a one-off notification bar. -const OBSERVER_STATE_CHANGE_TOPIC = "fxa-migration:state-changed"; - -const OBSERVER_TOPICS = [ - "xpcom-shutdown", - "weave:eol", -]; - -function Migrator() { - // Leave the log-level as Debug - Sync will setup log appenders such that - // these messages generally will not be seen unless other log related - // prefs are set. - this.log.level = Log.Level.Debug; - - for (let topic of OBSERVER_TOPICS) { - Services.obs.addObserver(this, topic, false); - } -} - -Migrator.prototype = { - log: Log.repository.getLogger("Sync.SyncMigration"), - - finalize() { - for (let topic of OBSERVER_TOPICS) { - Services.obs.removeObserver(this, topic); - } - }, - - observe(subject, topic, data) { - this.log.debug("observed " + topic); - switch (topic) { - case "xpcom-shutdown": - this.finalize(); - break; - - default: - // this notification when configured with legacy Sync means we want to - // disconnect - if (!WeaveService.fxAccountsEnabled) { - this.log.info("Disconnecting from legacy Sync"); - // Set up an observer for when the disconnection is complete. - let observe; - Services.obs.addObserver(observe = () => { - this.log.info("observed that startOver is complete"); - Services.obs.removeObserver(observe, "weave:service:start-over:finish"); - // Send the notification for the UI. - Services.obs.notifyObservers(null, OBSERVER_STATE_CHANGE_TOPIC, null); - }, "weave:service:start-over:finish", false); - - // Do the disconnection. - Weave.Service.startOver(); - } - } - }, - - get learnMoreLink() { - try { - var url = Services.prefs.getCharPref("app.support.baseURL"); - } catch (err) { - return null; - } - url += "sync-upgrade"; - let sb = Services.strings.createBundle("chrome://weave/locale/services/sync.properties"); - return { - text: sb.GetStringFromName("sync.eol.learnMore.label"), - href: Services.urlFormatter.formatURL(url), - }; - }, -}; - -// We expose a singleton -this.EXPORTED_SYMBOLS = ["fxaMigrator"]; -var fxaMigrator = new Migrator(); diff --git a/services/sync/moz.build b/services/sync/moz.build index 83c39274ac..5e5de10b73 100644 --- a/services/sync/moz.build +++ b/services/sync/moz.build @@ -26,7 +26,6 @@ EXTRA_JS_MODULES['services-sync'] += [ 'modules/browserid_identity.js', 'modules/collection_validator.js', 'modules/engines.js', - 'modules/FxaMigrator.jsm', 'modules/identity.js', 'modules/jpakeclient.js', 'modules/keys.js', diff --git a/services/sync/tests/unit/test_fxa_migration.js b/services/sync/tests/unit/test_fxa_migration.js deleted file mode 100644 index 0ca770e284..0000000000 --- a/services/sync/tests/unit/test_fxa_migration.js +++ /dev/null @@ -1,117 +0,0 @@ -// We change this pref before anything else initializes -Services.prefs.setCharPref("identity.fxaccounts.auth.uri", "http://localhost"); - -// Test the FxAMigration module -Cu.import("resource://services-sync/FxaMigrator.jsm"); -Cu.import("resource://gre/modules/Promise.jsm"); - -// Set our username pref early so sync initializes with the legacy provider. -Services.prefs.setCharPref("services.sync.username", "foo"); -// And ensure all debug messages end up being printed. -Services.prefs.setCharPref("services.sync.log.appender.dump", "Debug"); - -// Now import sync -Cu.import("resource://services-sync/service.js"); -Cu.import("resource://services-sync/record.js"); -Cu.import("resource://services-sync/util.js"); - -// And reset the username. -Services.prefs.clearUserPref("services.sync.username"); - -Cu.import("resource://testing-common/services/sync/utils.js"); -Cu.import("resource://testing-common/services/common/logging.js"); -Cu.import("resource://testing-common/services/sync/rotaryengine.js"); - -const FXA_USERNAME = "someone@somewhere"; - -// Utilities -function promiseOneObserver(topic) { - return new Promise((resolve, reject) => { - let observer = function(subject, topic, data) { - Services.obs.removeObserver(observer, topic); - resolve({ subject: subject, data: data }); - } - Services.obs.addObserver(observer, topic, false); - }); -} - -function promiseStopServer(server) { - return new Promise((resolve, reject) => { - server.stop(resolve); - }); -} - - -// Helpers -function configureLegacySync() { - let engine = new RotaryEngine(Service); - engine.enabled = true; - Svc.Prefs.set("registerEngines", engine.name); - Svc.Prefs.set("log.logger.engine.rotary", "Trace"); - - let contents = { - meta: {global: {engines: {rotary: {version: engine.version, - syncID: engine.syncID}}}}, - crypto: {}, - rotary: {} - }; - - const USER = "foo"; - const PASSPHRASE = "abcdeabcdeabcdeabcdeabcdea"; - - setBasicCredentials(USER, "password", PASSPHRASE); - - let onRequest = function(request, response) { - // ideally we'd only do this while a legacy user is configured, but WTH. - response.setHeader("x-weave-alert", JSON.stringify({code: "soft-eol"})); - } - let server = new SyncServer({onRequest: onRequest}); - server.registerUser(USER, "password"); - server.createContents(USER, contents); - server.start(); - - Service.serverURL = server.baseURI; - Service.clusterURL = server.baseURI; - Service.identity.username = USER; - Service._updateCachedURLs(); - - Service.engineManager._engines[engine.name] = engine; - - return [engine, server]; -} - -add_task(function *testMigrationUnlinks() { - - // when we do a .startOver we want the new provider. - let oldValue = Services.prefs.getBoolPref("services.sync-testing.startOverKeepIdentity"); - Services.prefs.setBoolPref("services.sync-testing.startOverKeepIdentity", false); - - do_register_cleanup(() => { - Services.prefs.setBoolPref("services.sync-testing.startOverKeepIdentity", oldValue) - }); - - // Arrange for a legacy sync user. - let [engine, server] = configureLegacySync(); - - // Start a sync - this will cause an EOL notification which the migrator's - // observer will notice. - let promiseMigration = promiseOneObserver("fxa-migration:state-changed"); - let promiseStartOver = promiseOneObserver("weave:service:start-over:finish"); - _("Starting sync"); - Service.sync(); - _("Finished sync"); - - yield promiseStartOver; - yield promiseMigration; - // We should have seen the observer and Sync should no longer be configured. - Assert.ok(!Services.prefs.prefHasUserValue("services.sync.username")); -}); - -function run_test() { - initTestLogging(); - do_register_cleanup(() => { - fxaMigrator.finalize(); - Svc.Prefs.resetBranch(""); - }); - run_next_test(); -} diff --git a/services/sync/tests/unit/xpcshell.ini b/services/sync/tests/unit/xpcshell.ini index 609003ce9f..4c0f0e7b7d 100644 --- a/services/sync/tests/unit/xpcshell.ini +++ b/services/sync/tests/unit/xpcshell.ini @@ -190,9 +190,6 @@ support-files = prefs_test_prefs_store.js [test_warn_on_truncated_response.js] [test_postqueue.js] -# FxA migration -[test_fxa_migration.js] - # Synced tabs. [test_syncedtabs.js] diff --git a/startupcache/StartupCache.cpp b/startupcache/StartupCache.cpp index 371f4795c0..d4102efa16 100644 --- a/startupcache/StartupCache.cpp +++ b/startupcache/StartupCache.cpp @@ -242,31 +242,6 @@ StartupCache::LoadArchive(enum TelemetrifyAge flag) mArchive = new nsZipArchive(); rv = mArchive->OpenArchive(mFile); - if (NS_FAILED(rv) || flag == IGNORE_AGE) - return rv; - - nsCString comment; - if (!mArchive->GetComment(comment)) { - return rv; - } - - const char *data; - size_t len = NS_CStringGetData(comment, &data); - PRTime creationStamp; - // We might not have a comment if the startup cache file was created - // before we started recording creation times in the comment. - if (len == sizeof(creationStamp)) { - memcpy(&creationStamp, data, len); - PRTime current = PR_Now(); - int64_t diff = current - creationStamp; - - // We can't use AccumulateTimeDelta here because we have no way of - // reifying a TimeStamp from creationStamp. - int64_t usec_per_hour = PR_USEC_PER_SEC * int64_t(3600); - int64_t hour_diff = (diff + usec_per_hour - 1) / usec_per_hour; - mozilla::Telemetry::Accumulate(Telemetry::STARTUP_CACHE_AGE_HOURS, - hour_diff); - } return rv; } @@ -497,7 +472,6 @@ StartupCache::InvalidateCache() if (NS_FAILED(rv) && rv != NS_ERROR_FILE_TARGET_DOES_NOT_EXIST && rv != NS_ERROR_FILE_NOT_FOUND) { gIgnoreDiskCache = true; - mozilla::Telemetry::Accumulate(Telemetry::STARTUP_CACHE_INVALID, true); return; } gIgnoreDiskCache = false; diff --git a/storage/TelemetryVFS.cpp b/storage/TelemetryVFS.cpp index 5a025e29e2..eb102a0461 100644 --- a/storage/TelemetryVFS.cpp +++ b/storage/TelemetryVFS.cpp @@ -101,12 +101,6 @@ public: ~IOThreadAutoTimer() { - TimeStamp end(TimeStamp::Now()); - uint32_t mainThread = NS_IsMainThread() ? 1 : 0; - if (id != Telemetry::HistogramCount) { - Telemetry::AccumulateTimeDelta(static_cast<Telemetry::ID>(id + mainThread), - start, end); - } // We don't report SQLite I/O on Windows because we have a comprehensive // mechanism for intercepting I/O on that platform that captures a superset // of the data captured here. @@ -361,8 +355,6 @@ xRead(sqlite3_file *pFile, void *zBuf, int iAmt, sqlite_int64 iOfst) int rc; rc = p->pReal->pMethods->xRead(p->pReal, zBuf, iAmt, iOfst); // sqlite likes to read from empty files, this is normal, ignore it. - if (rc != SQLITE_IOERR_SHORT_READ) - Telemetry::Accumulate(p->histograms->readB, rc == SQLITE_OK ? iAmt : 0); return rc; } @@ -395,7 +387,6 @@ xWrite(sqlite3_file *pFile, const void *zBuf, int iAmt, sqlite_int64 iOfst) } } rc = p->pReal->pMethods->xWrite(p->pReal, zBuf, iAmt, iOfst); - Telemetry::Accumulate(p->histograms->writeB, rc == SQLITE_OK ? iAmt : 0); if (p->quotaObject && rc != SQLITE_OK) { NS_WARNING("xWrite failed on a quota-controlled file, attempting to " "update its current size..."); @@ -416,7 +407,6 @@ xTruncate(sqlite3_file *pFile, sqlite_int64 size) IOThreadAutoTimer ioTimer(Telemetry::MOZ_SQLITE_TRUNCATE_MS); telemetry_file *p = (telemetry_file *)pFile; int rc; - Telemetry::AutoTimer<Telemetry::MOZ_SQLITE_TRUNCATE_MS> timer; if (p->quotaObject) { if (p->fileChunkSize > 0) { // Round up to the smallest multiple of the chunk size that will hold all @@ -618,7 +608,6 @@ xOpen(sqlite3_vfs* vfs, const char *zName, sqlite3_file* pFile, { IOThreadAutoTimer ioTimer(Telemetry::MOZ_SQLITE_OPEN_MS, IOInterposeObserver::OpCreateOrOpen); - Telemetry::AutoTimer<Telemetry::MOZ_SQLITE_OPEN_MS> timer; sqlite3_vfs *orig_vfs = static_cast<sqlite3_vfs*>(vfs->pAppData); int rc; telemetry_file *p = (telemetry_file *)pFile; diff --git a/storage/mozStorageAsyncStatementExecution.cpp b/storage/mozStorageAsyncStatementExecution.cpp index e1d344aca6..00f584f032 100644 --- a/storage/mozStorageAsyncStatementExecution.cpp +++ b/storage/mozStorageAsyncStatementExecution.cpp @@ -226,7 +226,6 @@ bool AsyncExecuteStatements::executeStatement(sqlite3_stmt *aStatement) { mMutex.AssertNotCurrentThreadOwns(); - Telemetry::AutoTimer<Telemetry::MOZ_STORAGE_ASYNC_REQUESTS_MS> finallySendExecutionDuration(mRequestStartDate); while (true) { // lock the sqlite mutex so sqlite3_errmsg cannot change SQLiteMutexAutoLock lockedScope(mDBMutex); @@ -235,14 +234,12 @@ AsyncExecuteStatements::executeStatement(sqlite3_stmt *aStatement) // Stop if we have no more results. if (rc == SQLITE_DONE) { - Telemetry::Accumulate(Telemetry::MOZ_STORAGE_ASYNC_REQUESTS_SUCCESS, true); return false; } // If we got results, we can return now. if (rc == SQLITE_ROW) { - Telemetry::Accumulate(Telemetry::MOZ_STORAGE_ASYNC_REQUESTS_SUCCESS, true); return true; } @@ -258,7 +255,6 @@ AsyncExecuteStatements::executeStatement(sqlite3_stmt *aStatement) // Set an error state. mState = ERROR; - Telemetry::Accumulate(Telemetry::MOZ_STORAGE_ASYNC_REQUESTS_SUCCESS, false); // Construct the error message before giving up the mutex (which we cannot // hold during the call to notifyError). diff --git a/testing/web-platform/meta/html/dom/interfaces.html.ini b/testing/web-platform/meta/html/dom/interfaces.html.ini index 8dbbe4969c..59e445a3e7 100644 --- a/testing/web-platform/meta/html/dom/interfaces.html.ini +++ b/testing/web-platform/meta/html/dom/interfaces.html.ini @@ -1594,9 +1594,6 @@ [Path2D interface: operation addPathByStrokingText(DOMString,CanvasDrawingStyles,SVGMatrix,Path2D,unrestricted double)] expected: FAIL - [DataTransfer interface object length] - expected: FAIL - [Window interface: operation showModalDialog(DOMString,any)] disabled: if e10s: https://bugzilla.mozilla.org/show_bug.cgi?id=981796 diff --git a/toolkit/components/alerts/nsAlertsService.cpp b/toolkit/components/alerts/nsAlertsService.cpp index dd67ad9831..73dbb265c9 100644 --- a/toolkit/components/alerts/nsAlertsService.cpp +++ b/toolkit/components/alerts/nsAlertsService.cpp @@ -6,7 +6,6 @@ #include "mozilla/dom/ContentChild.h" #include "mozilla/dom/PermissionMessageUtils.h" #include "mozilla/Preferences.h" -#include "mozilla/Telemetry.h" #include "nsXULAppAPI.h" #include "nsAlertsService.h" @@ -292,9 +291,6 @@ NS_IMETHODIMP nsAlertsService::SetManualDoNotDisturb(bool aDoNotDisturb) NS_ENSURE_TRUE(alertsDND, NS_ERROR_NOT_IMPLEMENTED); nsresult rv = alertsDND->SetManualDoNotDisturb(aDoNotDisturb); - if (NS_SUCCEEDED(rv)) { - Telemetry::Accumulate(Telemetry::ALERTS_SERVICE_DND_ENABLED, 1); - } return rv; #endif } diff --git a/toolkit/components/downloads/ApplicationReputation.cpp b/toolkit/components/downloads/ApplicationReputation.cpp index 7bd219dbf2..a369ca8841 100644 --- a/toolkit/components/downloads/ApplicationReputation.cpp +++ b/toolkit/components/downloads/ApplicationReputation.cpp @@ -34,7 +34,6 @@ #include "mozilla/LoadContext.h" #include "mozilla/Preferences.h" #include "mozilla/Services.h" -#include "mozilla/Telemetry.h" #include "mozilla/TimeStamp.h" #include "nsAutoPtr.h" @@ -59,7 +58,6 @@ using mozilla::DocShellOriginAttributes; using mozilla::PrincipalOriginAttributes; using mozilla::Preferences; using mozilla::TimeStamp; -using mozilla::Telemetry::Accumulate; using safe_browsing::ClientDownloadRequest; using safe_browsing::ClientDownloadRequest_CertificateChain; using safe_browsing::ClientDownloadRequest_Resource; @@ -356,7 +354,6 @@ PendingDBLookup::HandleEvent(const nsACString& tables) Preferences::GetCString(PREF_DOWNLOAD_BLOCK_TABLE, &blockList); if (!mAllowlistOnly && FindInReadable(blockList, tables)) { mPendingLookup->mBlocklistCount++; - Accumulate(mozilla::Telemetry::APPLICATION_REPUTATION_LOCAL, BLOCK_LIST); LOG(("Found principal %s on blocklist [this = %p]", mSpec.get(), this)); return mPendingLookup->OnComplete(true, NS_OK, nsIApplicationReputationService::VERDICT_DANGEROUS); @@ -366,13 +363,11 @@ PendingDBLookup::HandleEvent(const nsACString& tables) Preferences::GetCString(PREF_DOWNLOAD_ALLOW_TABLE, &allowList); if (FindInReadable(allowList, tables)) { mPendingLookup->mAllowlistCount++; - Accumulate(mozilla::Telemetry::APPLICATION_REPUTATION_LOCAL, ALLOW_LIST); LOG(("Found principal %s on allowlist [this = %p]", mSpec.get(), this)); // Don't call onComplete, since blocklisting trumps allowlisting } else { LOG(("Didn't find principal %s on any list [this = %p]", mSpec.get(), this)); - Accumulate(mozilla::Telemetry::APPLICATION_REPUTATION_LOCAL, NO_LIST); } return mPendingLookup->LookupNext(); } @@ -1000,7 +995,7 @@ PendingLookup::GetSpecHash(nsACString& aSpec, nsACString& hexEncodedHash) static const char* const hex = "0123456789ABCDEF"; hexEncodedHash.SetCapacity(2 * binaryHash.Length()); for (size_t i = 0; i < binaryHash.Length(); ++i) { - auto c = static_cast<const unsigned char>(binaryHash[i]); + auto c = static_cast<unsigned char>(binaryHash[i]); hexEncodedHash.Append(hex[(c >> 4) & 0x0F]); hexEncodedHash.Append(hex[c & 0x0F]); } @@ -1144,8 +1139,6 @@ PendingLookup::OnComplete(bool shouldBlock, nsresult rv, uint32_t verdict) mTimeoutTimer = nullptr; } - Accumulate(mozilla::Telemetry::APPLICATION_REPUTATION_SHOULD_BLOCK, - shouldBlock); double t = (TimeStamp::Now() - mStartTime).ToMilliseconds(); LOG(("Application Reputation verdict is %lu, obtained in %f ms [this = %p]", verdict, t, this)); @@ -1393,8 +1386,6 @@ PendingLookup::Notify(nsITimer* aTimer) { LOG(("Remote lookup timed out [this = %p]", this)); MOZ_ASSERT(aTimer == mTimeoutTimer); - Accumulate(mozilla::Telemetry::APPLICATION_REPUTATION_REMOTE_LOOKUP_TIMEOUT, - true); mChannel->Cancel(NS_ERROR_NET_TIMEOUT); mTimeoutTimer->Cancel(); return NS_OK; @@ -1457,8 +1448,6 @@ PendingLookup::OnStopRequest(nsIRequest *aRequest, bool shouldBlock = false; uint32_t verdict = nsIApplicationReputationService::VERDICT_SAFE; - Accumulate(mozilla::Telemetry::APPLICATION_REPUTATION_REMOTE_LOOKUP_TIMEOUT, - false); nsresult rv = OnStopRequestInternal(aRequest, aContext, aResult, &shouldBlock, &verdict); @@ -1473,8 +1462,6 @@ PendingLookup::OnStopRequestInternal(nsIRequest *aRequest, bool* aShouldBlock, uint32_t* aVerdict) { if (NS_FAILED(aResult)) { - Accumulate(mozilla::Telemetry::APPLICATION_REPUTATION_SERVER, - SERVER_RESPONSE_FAILED); return aResult; } @@ -1483,22 +1470,16 @@ PendingLookup::OnStopRequestInternal(nsIRequest *aRequest, nsresult rv; nsCOMPtr<nsIHttpChannel> channel = do_QueryInterface(aRequest, &rv); if (NS_FAILED(rv)) { - Accumulate(mozilla::Telemetry::APPLICATION_REPUTATION_SERVER, - SERVER_RESPONSE_FAILED); return rv; } uint32_t status = 0; rv = channel->GetResponseStatus(&status); if (NS_FAILED(rv)) { - Accumulate(mozilla::Telemetry::APPLICATION_REPUTATION_SERVER, - SERVER_RESPONSE_FAILED); return rv; } if (status != 200) { - Accumulate(mozilla::Telemetry::APPLICATION_REPUTATION_SERVER, - SERVER_RESPONSE_FAILED); return NS_ERROR_NOT_AVAILABLE; } @@ -1506,16 +1487,9 @@ PendingLookup::OnStopRequestInternal(nsIRequest *aRequest, safe_browsing::ClientDownloadResponse response; if (!response.ParseFromString(buf)) { LOG(("Invalid protocol buffer response [this = %p]: %s", this, buf.c_str())); - Accumulate(mozilla::Telemetry::APPLICATION_REPUTATION_SERVER, - SERVER_RESPONSE_INVALID); return NS_ERROR_CANNOT_CONVERT_DATA; } - Accumulate(mozilla::Telemetry::APPLICATION_REPUTATION_SERVER, - SERVER_RESPONSE_VALID); - // Clamp responses 0-7, we only know about 0-4 for now. - Accumulate(mozilla::Telemetry::APPLICATION_REPUTATION_SERVER_VERDICT, - std::min<uint32_t>(response.verdict(), 7)); switch(response.verdict()) { case safe_browsing::ClientDownloadResponse::DANGEROUS: *aShouldBlock = Preferences::GetBool(PREF_BLOCK_DANGEROUS, true); @@ -1583,11 +1557,8 @@ ApplicationReputationService::QueryReputation( NS_ENSURE_ARG_POINTER(aQuery); NS_ENSURE_ARG_POINTER(aCallback); - Accumulate(mozilla::Telemetry::APPLICATION_REPUTATION_COUNT, true); nsresult rv = QueryReputationInternal(aQuery, aCallback); if (NS_FAILED(rv)) { - Accumulate(mozilla::Telemetry::APPLICATION_REPUTATION_SHOULD_BLOCK, - false); aCallback->OnComplete(false, rv, nsIApplicationReputationService::VERDICT_SAFE); } diff --git a/toolkit/components/osfile/modules/osfile_async_front.jsm b/toolkit/components/osfile/modules/osfile_async_front.jsm index 964e530847..93c7e66d6c 100644 --- a/toolkit/components/osfile/modules/osfile_async_front.jsm +++ b/toolkit/components/osfile/modules/osfile_async_front.jsm @@ -56,7 +56,6 @@ Cu.import("resource://gre/modules/Task.jsm", this); // The implementation of communications Cu.import("resource://gre/modules/PromiseWorker.jsm", this); Cu.import("resource://gre/modules/Services.jsm", this); -Cu.import("resource://gre/modules/TelemetryStopwatch.jsm", this); Cu.import("resource://gre/modules/AsyncShutdown.jsm", this); var Native = Cu.import("resource://gre/modules/osfile/osfile_native.jsm", {}); @@ -1171,13 +1170,10 @@ File.writeAtomic = function writeAtomic(path, buffer, options = {}) { if (isTypedArray(buffer) && (!("bytes" in options))) { options.bytes = buffer.byteLength; }; - let refObj = {}; - TelemetryStopwatch.start("OSFILE_WRITEATOMIC_JANK_MS", refObj); let promise = Scheduler.post("writeAtomic", [Type.path.toMsg(path), Type.void_t.in_ptr.toMsg(buffer), options], [options, buffer, path]); - TelemetryStopwatch.finish("OSFILE_WRITEATOMIC_JANK_MS", refObj); return promise; }; diff --git a/toolkit/components/perfmonitoring/nsPerformanceStats.cpp b/toolkit/components/perfmonitoring/nsPerformanceStats.cpp index eb924de46e..33aeaf7c26 100644 --- a/toolkit/components/perfmonitoring/nsPerformanceStats.cpp +++ b/toolkit/components/perfmonitoring/nsPerformanceStats.cpp @@ -27,7 +27,6 @@ #include "mozilla/ArrayUtils.h" #include "mozilla/EventStateManager.h" #include "mozilla/Services.h" -#include "mozilla/Telemetry.h" #if defined(XP_WIN) #include <processthreadsapi.h> @@ -957,22 +956,7 @@ nsPerformanceStatsService::SetJankAlertBufferingDelay(uint32_t value) { nsresult nsPerformanceStatsService::UpdateTelemetry() { - // Promote everything to floating-point explicitly before dividing. - const double processStayed = mProcessStayed; - const double processMoved = mProcessMoved; - - if (processStayed <= 0 || processMoved <= 0 || processStayed + processMoved <= 0) { - // Overflow/underflow/nothing to report - return NS_OK; - } - - const double proportion = (100 * processStayed) / (processStayed + processMoved); - if (proportion < 0 || proportion > 100) { - // Overflow/underflow - return NS_OK; - } - - mozilla::Telemetry::Accumulate(mozilla::Telemetry::PERF_MONITORING_TEST_CPU_RESCHEDULING_PROPORTION_MOVED, (uint32_t)proportion); + /* STUB */ return NS_OK; } diff --git a/toolkit/components/places/Database.cpp b/toolkit/components/places/Database.cpp index 37502e2a14..a87c14b37a 100644 --- a/toolkit/components/places/Database.cpp +++ b/toolkit/components/places/Database.cpp @@ -615,9 +615,6 @@ Database::BackupAndReplaceDatabaseFile(nsCOMPtr<mozIStorageService>& aStorage) // Set up a pref to try replacing the database at the next startup. Preferences::SetBool(PREF_FORCE_DATABASE_REPLACEMENT, true); } - // Report the corruption through telemetry. - Telemetry::Accumulate(Telemetry::PLACES_DATABASE_CORRUPTION_HANDLING_STAGE, - static_cast<int8_t>(stage)); }); // Close database connection if open. diff --git a/toolkit/components/places/FaviconHelpers.cpp b/toolkit/components/places/FaviconHelpers.cpp index 69c2023380..ca08cdff4a 100644 --- a/toolkit/components/places/FaviconHelpers.cpp +++ b/toolkit/components/places/FaviconHelpers.cpp @@ -14,7 +14,6 @@ #include "nsNavHistory.h" #include "nsFaviconService.h" #include "mozilla/storage.h" -#include "mozilla/Telemetry.h" #include "nsNetUtil.h" #include "nsPrintfCString.h" #include "nsStreamUtils.h" @@ -581,33 +580,6 @@ AsyncFetchAndSetIconForPage::OnStopRequest(nsIRequest* aRequest, mIcon.expiration = GetExpirationTimeFromChannel(channel); - // Telemetry probes to measure the favicon file sizes for each different file type. - // This allow us to measure common file sizes while also observing each type popularity. - if (mIcon.mimeType.EqualsLiteral("image/png")) { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::PLACES_FAVICON_PNG_SIZES, mIcon.data.Length()); - } - else if (mIcon.mimeType.EqualsLiteral("image/x-icon") || - mIcon.mimeType.EqualsLiteral("image/vnd.microsoft.icon")) { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::PLACES_FAVICON_ICO_SIZES, mIcon.data.Length()); - } - else if (mIcon.mimeType.EqualsLiteral("image/jpeg") || - mIcon.mimeType.EqualsLiteral("image/pjpeg")) { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::PLACES_FAVICON_JPEG_SIZES, mIcon.data.Length()); - } - else if (mIcon.mimeType.EqualsLiteral("image/gif")) { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::PLACES_FAVICON_GIF_SIZES, mIcon.data.Length()); - } - else if (mIcon.mimeType.EqualsLiteral("image/bmp") || - mIcon.mimeType.EqualsLiteral("image/x-windows-bmp")) { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::PLACES_FAVICON_BMP_SIZES, mIcon.data.Length()); - } - else if (mIcon.mimeType.EqualsLiteral("image/svg+xml")) { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::PLACES_FAVICON_SVG_SIZES, mIcon.data.Length()); - } - else { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::PLACES_FAVICON_OTHER_SIZES, mIcon.data.Length()); - } - rv = OptimizeIconSize(mIcon, favicons); NS_ENSURE_SUCCESS(rv, rv); diff --git a/toolkit/components/places/Helpers.cpp b/toolkit/components/places/Helpers.cpp index 66c4e79a9b..dda1621979 100644 --- a/toolkit/components/places/Helpers.cpp +++ b/toolkit/components/places/Helpers.cpp @@ -385,9 +385,7 @@ AsyncStatementCallbackNotifier::HandleCompletion(uint16_t aReason) NS_IMETHODIMP AsyncStatementTelemetryTimer::HandleCompletion(uint16_t aReason) { - if (aReason == mozIStorageStatementCallback::REASON_FINISHED) { - Telemetry::AccumulateTimeDelta(mHistogramId, mStart); - } + /* STUB */ return NS_OK; } diff --git a/toolkit/components/places/UnifiedComplete.js b/toolkit/components/places/UnifiedComplete.js index acd358b116..2efae9cbea 100644 --- a/toolkit/components/places/UnifiedComplete.js +++ b/toolkit/components/places/UnifiedComplete.js @@ -262,8 +262,6 @@ Cu.import("resource://gre/modules/Services.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "PlacesUtils", "resource://gre/modules/PlacesUtils.jsm"); -XPCOMUtils.defineLazyModuleGetter(this, "TelemetryStopwatch", - "resource://gre/modules/TelemetryStopwatch.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "NetUtil", "resource://gre/modules/NetUtil.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "Preferences", @@ -887,10 +885,6 @@ Search.prototype = { if (!this.pending) return; - TelemetryStopwatch.start(TELEMETRY_1ST_RESULT, this); - if (this._searchString) - TelemetryStopwatch.start(TELEMETRY_6_FIRST_RESULTS, this); - // Since we call the synchronous parseSubmissionURL function later, we must // wait for the initialization of PlacesSearchAutocompleteProvider first. yield PlacesSearchAutocompleteProvider.ensureInitialized(); @@ -1468,9 +1462,6 @@ Search.prototype = { }, _onResultRow: function (row) { - if (this._localMatchesCount == 0) { - TelemetryStopwatch.finish(TELEMETRY_1ST_RESULT, this); - } let queryType = row.getResultByIndex(QUERYINDEX_QUERYTYPE); let match; switch (queryType) { @@ -1566,9 +1557,6 @@ Search.prototype = { match.style, match.finalCompleteValue); - if (this._result.matchCount == 6) - TelemetryStopwatch.finish(TELEMETRY_6_FIRST_RESULTS, this); - this.notifyResults(true); }, @@ -2088,8 +2076,6 @@ UnifiedComplete.prototype = { * results or not. */ finishSearch: function (notify=false) { - TelemetryStopwatch.cancel(TELEMETRY_1ST_RESULT, this); - TelemetryStopwatch.cancel(TELEMETRY_6_FIRST_RESULTS, this); // Clear state now to avoid race conditions, see below. let search = this._currentSearch; if (!search) diff --git a/toolkit/components/places/nsPlacesAutoComplete.js b/toolkit/components/places/nsPlacesAutoComplete.js index 29bdae4c1a..9c6452ecd6 100644 --- a/toolkit/components/places/nsPlacesAutoComplete.js +++ b/toolkit/components/places/nsPlacesAutoComplete.js @@ -8,8 +8,6 @@ Components.utils.import("resource://gre/modules/XPCOMUtils.jsm"); Components.utils.import("resource://gre/modules/Services.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "PlacesUtils", "resource://gre/modules/PlacesUtils.jsm"); -XPCOMUtils.defineLazyModuleGetter(this, "TelemetryStopwatch", - "resource://gre/modules/TelemetryStopwatch.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "NetUtil", "resource://gre/modules/NetUtil.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "Task", @@ -1510,8 +1508,6 @@ urlInlineComplete.prototype = { // Do a synchronous search on the table of hosts. let query = this._hostQuery; query.params.search_string = this._currentSearchString.toLowerCase(); - // This is just to measure the delay to reach the UI, not the query time. - TelemetryStopwatch.start(DOMAIN_QUERY_TELEMETRY); let wrapper = new AutoCompleteStatementCallbackWrapper(this, { handleResult: aResultSet => { if (this._pendingSearch != pendingSearch) @@ -1541,7 +1537,6 @@ urlInlineComplete.prototype = { handleCompletion: aReason => { if (this._pendingSearch != pendingSearch) return; - TelemetryStopwatch.finish(DOMAIN_QUERY_TELEMETRY); this._finishSearch(); } }, this._db); diff --git a/toolkit/components/search/SearchStaticData.jsm b/toolkit/components/search/current/SearchStaticData.jsm index de2be695c3..de2be695c3 100644 --- a/toolkit/components/search/SearchStaticData.jsm +++ b/toolkit/components/search/current/SearchStaticData.jsm diff --git a/toolkit/components/search/SearchSuggestionController.jsm b/toolkit/components/search/current/SearchSuggestionController.jsm index 952838c0c5..952838c0c5 100644 --- a/toolkit/components/search/SearchSuggestionController.jsm +++ b/toolkit/components/search/current/SearchSuggestionController.jsm diff --git a/toolkit/components/search/current/moz.build b/toolkit/components/search/current/moz.build new file mode 100644 index 0000000000..4ca6790872 --- /dev/null +++ b/toolkit/components/search/current/moz.build @@ -0,0 +1,31 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +EXTRA_COMPONENTS += [ + 'nsSearchSuggestions.js', +] + +EXTRA_PP_COMPONENTS += [ + 'nsSearchService.js', +] + +if CONFIG['MOZ_PHOENIX'] or CONFIG['MOZ_FENNEC'] or CONFIG['MOZ_XULRUNNER']:
+ DEFINES['HAVE_SIDEBAR'] = True
+ EXTRA_COMPONENTS += [ + 'nsSidebar.js', + ] + +EXTRA_JS_MODULES += [ + 'SearchSuggestionController.jsm', +] + +EXTRA_PP_COMPONENTS += [ + 'toolkitsearch.manifest', +] + +EXTRA_JS_MODULES += [ + 'SearchStaticData.jsm', +] diff --git a/toolkit/components/search/nsSearchService.js b/toolkit/components/search/current/nsSearchService.js index 9f9003516d..99e73b50b3 100644 --- a/toolkit/components/search/nsSearchService.js +++ b/toolkit/components/search/current/nsSearchService.js @@ -21,8 +21,6 @@ XPCOMUtils.defineLazyModuleGetter(this, "OS", "resource://gre/modules/osfile.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "Task", "resource://gre/modules/Task.jsm"); -XPCOMUtils.defineLazyModuleGetter(this, "TelemetryStopwatch", - "resource://gre/modules/TelemetryStopwatch.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "SearchStaticData", "resource://gre/modules/SearchStaticData.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "setTimeout", @@ -3873,21 +3871,17 @@ SearchService.prototype = { LOG("SearchService.init"); let self = this; if (!this._initStarted) { - TelemetryStopwatch.start("SEARCH_SERVICE_INIT_MS"); this._initStarted = true; Task.spawn(function* task() { try { // Complete initialization by calling asynchronous initializer. yield self._asyncInit(); - TelemetryStopwatch.finish("SEARCH_SERVICE_INIT_MS"); } catch (ex) { if (ex.result == Cr.NS_ERROR_ALREADY_INITIALIZED) { // No need to pursue asynchronous because synchronous fallback was // called and has finished. - TelemetryStopwatch.finish("SEARCH_SERVICE_INIT_MS"); } else { self._initObservers.reject(ex); - TelemetryStopwatch.cancel("SEARCH_SERVICE_INIT_MS"); } } }); diff --git a/toolkit/components/search/nsSearchSuggestions.js b/toolkit/components/search/current/nsSearchSuggestions.js index a05d8b4b45..a05d8b4b45 100644 --- a/toolkit/components/search/nsSearchSuggestions.js +++ b/toolkit/components/search/current/nsSearchSuggestions.js diff --git a/toolkit/components/search/nsSidebar.js b/toolkit/components/search/current/nsSidebar.js index 63976cba70..63976cba70 100644 --- a/toolkit/components/search/nsSidebar.js +++ b/toolkit/components/search/current/nsSidebar.js diff --git a/toolkit/components/search/toolkitsearch.manifest b/toolkit/components/search/current/toolkitsearch.manifest index b7c55da0e9..b7c55da0e9 100644 --- a/toolkit/components/search/toolkitsearch.manifest +++ b/toolkit/components/search/current/toolkitsearch.manifest diff --git a/toolkit/components/search/moz.build b/toolkit/components/search/moz.build index 0a2695152b..4cc86ff9ed 100644 --- a/toolkit/components/search/moz.build +++ b/toolkit/components/search/moz.build @@ -6,31 +6,10 @@ XPCSHELL_TESTS_MANIFESTS += ['tests/xpcshell/xpcshell.ini'] -EXTRA_COMPONENTS += [ - 'nsSearchSuggestions.js', -] - -EXTRA_PP_COMPONENTS += [ - 'nsSearchService.js', -] - -if CONFIG['MOZ_PHOENIX'] or CONFIG['MOZ_FENNEC'] or CONFIG['MOZ_XULRUNNER']:
- DEFINES['HAVE_SIDEBAR'] = True
- EXTRA_COMPONENTS += [ - 'nsSidebar.js', - ] - -EXTRA_JS_MODULES += [ - 'SearchSuggestionController.jsm', -] - -EXTRA_PP_COMPONENTS += [ - 'toolkitsearch.manifest', -] - -EXTRA_JS_MODULES += [ - 'SearchStaticData.jsm', -] +if CONFIG['MC_PALEMOON']: + DIRS += ['orginal'] +else: + DIRS += ['current'] with Files('**'): BUG_COMPONENT = ('Firefox', 'Search') diff --git a/toolkit/components/search/orginal/SearchStaticData.jsm b/toolkit/components/search/orginal/SearchStaticData.jsm new file mode 100644 index 0000000000..de2be695c3 --- /dev/null +++ b/toolkit/components/search/orginal/SearchStaticData.jsm @@ -0,0 +1,43 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/* + * This module contains additional data about default search engines that is the + * same across all languages. This information is defined outside of the actual + * search engine definition files, so that localizers don't need to update them + * when a change is made. + * + * This separate module is also easily overridable, in case a hotfix is needed. + * No high-level processing logic is applied here. + */ + +"use strict"; + +this.EXPORTED_SYMBOLS = [ + "SearchStaticData", +]; + +const { classes: Cc, interfaces: Ci, utils: Cu, results: Cr } = Components; + +// To update this list of known alternate domains, just cut-and-paste from +// https://www.google.com/supported_domains +const gGoogleDomainsSource = ".google.com .google.ad .google.ae .google.com.af .google.com.ag .google.com.ai .google.al .google.am .google.co.ao .google.com.ar .google.as .google.at .google.com.au .google.az .google.ba .google.com.bd .google.be .google.bf .google.bg .google.com.bh .google.bi .google.bj .google.com.bn .google.com.bo .google.com.br .google.bs .google.bt .google.co.bw .google.by .google.com.bz .google.ca .google.cd .google.cf .google.cg .google.ch .google.ci .google.co.ck .google.cl .google.cm .google.cn .google.com.co .google.co.cr .google.com.cu .google.cv .google.com.cy .google.cz .google.de .google.dj .google.dk .google.dm .google.com.do .google.dz .google.com.ec .google.ee .google.com.eg .google.es .google.com.et .google.fi .google.com.fj .google.fm .google.fr .google.ga .google.ge .google.gg .google.com.gh .google.com.gi .google.gl .google.gm .google.gp .google.gr .google.com.gt .google.gy .google.com.hk .google.hn .google.hr .google.ht .google.hu .google.co.id .google.ie .google.co.il .google.im .google.co.in .google.iq .google.is .google.it .google.je .google.com.jm .google.jo .google.co.jp .google.co.ke .google.com.kh .google.ki .google.kg .google.co.kr .google.com.kw .google.kz .google.la .google.com.lb .google.li .google.lk .google.co.ls .google.lt .google.lu .google.lv .google.com.ly .google.co.ma .google.md .google.me .google.mg .google.mk .google.ml .google.com.mm .google.mn .google.ms .google.com.mt .google.mu .google.mv .google.mw .google.com.mx .google.com.my .google.co.mz .google.com.na .google.com.nf .google.com.ng .google.com.ni .google.ne .google.nl .google.no .google.com.np .google.nr .google.nu .google.co.nz .google.com.om .google.com.pa .google.com.pe .google.com.pg .google.com.ph .google.com.pk .google.pl .google.pn .google.com.pr .google.ps .google.pt .google.com.py .google.com.qa .google.ro .google.ru .google.rw .google.com.sa .google.com.sb .google.sc .google.se .google.com.sg .google.sh .google.si .google.sk .google.com.sl .google.sn .google.so .google.sm .google.sr .google.st .google.com.sv .google.td .google.tg .google.co.th .google.com.tj .google.tk .google.tl .google.tm .google.tn .google.to .google.com.tr .google.tt .google.com.tw .google.co.tz .google.com.ua .google.co.ug .google.co.uk .google.com.uy .google.co.uz .google.com.vc .google.co.ve .google.vg .google.co.vi .google.com.vn .google.vu .google.ws .google.rs .google.co.za .google.co.zm .google.co.zw .google.cat"; +const gGoogleDomains = gGoogleDomainsSource.split(" ").map(d => "www" + d); + +this.SearchStaticData = { + /** + * Returns a list of alternate domains for a given search engine domain. + * + * @param aDomain + * Lowercase host name to look up. For example, if this argument is + * "www.google.com" or "www.google.co.uk", the function returns the + * full list of supported Google domains. + * + * @return Array containing one entry for each alternate host name, or empty + * array if none is known. The returned array should not be modified. + */ + getAlternateDomains: function (aDomain) { + return gGoogleDomains.indexOf(aDomain) == -1 ? [] : gGoogleDomains; + }, +}; diff --git a/toolkit/components/search/orginal/SearchSuggestionController.jsm b/toolkit/components/search/orginal/SearchSuggestionController.jsm new file mode 100644 index 0000000000..0858974bfa --- /dev/null +++ b/toolkit/components/search/orginal/SearchSuggestionController.jsm @@ -0,0 +1,396 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +"use strict"; + +this.EXPORTED_SYMBOLS = ["SearchSuggestionController"]; + +const { classes: Cc, interfaces: Ci, utils: Cu } = Components; + +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); +Cu.import("resource://gre/modules/Services.jsm"); +Cu.import("resource://gre/modules/Promise.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "NS_ASSERT", "resource://gre/modules/debug.js"); + +const SEARCH_RESPONSE_SUGGESTION_JSON = "application/x-suggestions+json"; +const DEFAULT_FORM_HISTORY_PARAM = "searchbar-history"; +const HTTP_OK = 200; +const REMOTE_TIMEOUT = 500; // maximum time (ms) to wait before giving up on a remote suggestions +const BROWSER_SUGGEST_PREF = "browser.search.suggest.enabled"; + +/** + * Remote search suggestions will be shown if gRemoteSuggestionsEnabled + * is true. Global because only one pref observer is needed for all instances. + */ +var gRemoteSuggestionsEnabled = Services.prefs.getBoolPref(BROWSER_SUGGEST_PREF); +Services.prefs.addObserver(BROWSER_SUGGEST_PREF, function(aSubject, aTopic, aData) { + gRemoteSuggestionsEnabled = Services.prefs.getBoolPref(BROWSER_SUGGEST_PREF); +}, false); + +/** + * SearchSuggestionController.jsm exists as a helper module to allow multiple consumers to request and display + * search suggestions from a given engine, regardless of the base implementation. Much of this + * code was originally in nsSearchSuggestions.js until it was refactored to separate it from the + * nsIAutoCompleteSearch dependency. + * One instance of SearchSuggestionController should be used per field since form history results are cached. + */ + +/** + * @param {function} [callback] - Callback for search suggestion results. You can use the promise + * returned by the search method instead if you prefer. + * @constructor + */ +this.SearchSuggestionController = function SearchSuggestionController(callback = null) { + this._callback = callback; +}; + +this.SearchSuggestionController.prototype = { + /** + * The maximum number of local form history results to return. This limit is + * only enforced if remote results are also returned. + */ + maxLocalResults: 5, + + /** + * The maximum number of remote search engine results to return. + * We'll actually only display at most + * maxRemoteResults - <displayed local results count> remote results. + */ + maxRemoteResults: 10, + + /** + * The maximum time (ms) to wait before giving up on a remote suggestions. + */ + remoteTimeout: REMOTE_TIMEOUT, + + /** + * The additional parameter used when searching form history. + */ + formHistoryParam: DEFAULT_FORM_HISTORY_PARAM, + + // Private properties + /** + * The last form history result used to improve the performance of subsequent searches. + * This shouldn't be used for any other purpose as it is never cleared and therefore could be stale. + */ + _formHistoryResult: null, + + /** + * The remote server timeout timer, if applicable. The timer starts when form history + * search is completed. + */ + _remoteResultTimer: null, + + /** + * The deferred for the remote results before its promise is resolved. + */ + _deferredRemoteResult: null, + + /** + * The optional result callback registered from the constructor. + */ + _callback: null, + + /** + * The XMLHttpRequest object for remote results. + */ + _request: null, + + // Public methods + + /** + * Fetch search suggestions from all of the providers. Fetches in progress will be stopped and + * results from them will not be provided. + * + * @param {string} searchTerm - the term to provide suggestions for + * @param {bool} privateMode - whether the request is being made in the context of private browsing + * @param {nsISearchEngine} engine - search engine for the suggestions. + * + * @return {Promise} resolving to an object containing results or null. + */ + fetch: function(searchTerm, privateMode, engine) { + // There is no smart filtering from previous results here (as there is when looking through + // history/form data) because the result set returned by the server is different for every typed + // value - e.g. "ocean breathes" does not return a subset of the results returned for "ocean". + + this.stop(); + + if (!Services.search.isInitialized) { + throw new Error("Search not initialized yet (how did you get here?)"); + } + if (typeof privateMode === "undefined") { + throw new Error("The privateMode argument is required to avoid unintentional privacy leaks"); + } + if (!(engine instanceof Ci.nsISearchEngine)) { + throw new Error("Invalid search engine"); + } + if (!this.maxLocalResults && !this.maxRemoteResults) { + throw new Error("Zero results expected, what are you trying to do?"); + } + if (this.maxLocalResults < 0 || this.maxRemoteResults < 0) { + throw new Error("Number of requested results must be positive"); + } + + // Array of promises to resolve before returning results. + let promises = []; + this._searchString = searchTerm; + + // Remote results + if (searchTerm && gRemoteSuggestionsEnabled && this.maxRemoteResults && + engine.supportsResponseType(SEARCH_RESPONSE_SUGGESTION_JSON)) { + this._deferredRemoteResult = this._fetchRemote(searchTerm, engine, privateMode); + promises.push(this._deferredRemoteResult.promise); + } + + // Local results from form history + if (this.maxLocalResults) { + let deferredHistoryResult = this._fetchFormHistory(searchTerm); + promises.push(deferredHistoryResult.promise); + } + + function handleRejection(reason) { + if (reason == "HTTP request aborted") { + // Do nothing since this is normal. + return null; + } + Cu.reportError("SearchSuggestionController rejection: " + reason); + return null; + } + return Promise.all(promises).then(this._dedupeAndReturnResults.bind(this), handleRejection); + }, + + /** + * Stop pending fetches so no results are returned from them. + * + * Note: If there was no remote results fetched, the fetching cannot be stopped and local results + * will still be returned because stopping relies on aborting the XMLHTTPRequest to reject the + * promise for Promise.all. + */ + stop: function() { + if (this._request) { + this._request.abort(); + } else if (!this.maxRemoteResults) { + Cu.reportError("SearchSuggestionController: Cannot stop fetching if remote results were not "+ + "requested"); + } + this._reset(); + }, + + // Private methods + + _fetchFormHistory: function(searchTerm) { + let deferredFormHistory = Promise.defer(); + + let acSearchObserver = { + // Implements nsIAutoCompleteSearch + onSearchResult: (search, result) => { + this._formHistoryResult = result; + + if (this._request) { + this._remoteResultTimer = Cc["@mozilla.org/timer;1"]. + createInstance(Ci.nsITimer); + this._remoteResultTimer.initWithCallback(this._onRemoteTimeout.bind(this), + this.remoteTimeout || REMOTE_TIMEOUT, + Ci.nsITimer.TYPE_ONE_SHOT); + } + + switch (result.searchResult) { + case Ci.nsIAutoCompleteResult.RESULT_SUCCESS: + case Ci.nsIAutoCompleteResult.RESULT_NOMATCH: + if (result.searchString !== this._searchString) { + deferredFormHistory.resolve("Unexpected response, this._searchString does not match form history response"); + return; + } + let fhEntries = []; + for (let i = 0; i < result.matchCount; ++i) { + fhEntries.push(result.getValueAt(i)); + } + deferredFormHistory.resolve({ + result: fhEntries, + formHistoryResult: result, + }); + break; + case Ci.nsIAutoCompleteResult.RESULT_FAILURE: + case Ci.nsIAutoCompleteResult.RESULT_IGNORED: + deferredFormHistory.resolve("Form History returned RESULT_FAILURE or RESULT_IGNORED"); + break; + } + }, + }; + + let formHistory = Cc["@mozilla.org/autocomplete/search;1?name=form-history"]. + createInstance(Ci.nsIAutoCompleteSearch); + formHistory.startSearch(searchTerm, this.formHistoryParam || DEFAULT_FORM_HISTORY_PARAM, + this._formHistoryResult, + acSearchObserver); + return deferredFormHistory; + }, + + /** + * Fetch suggestions from the search engine over the network. + */ + _fetchRemote: function(searchTerm, engine, privateMode) { + let deferredResponse = Promise.defer(); + this._request = Cc["@mozilla.org/xmlextras/xmlhttprequest;1"]. + createInstance(Ci.nsIXMLHttpRequest); + let submission = engine.getSubmission(searchTerm, + SEARCH_RESPONSE_SUGGESTION_JSON); + let method = (submission.postData ? "POST" : "GET"); + this._request.open(method, submission.uri.spec, true); + if (this._request.channel instanceof Ci.nsIPrivateBrowsingChannel) { + this._request.channel.setPrivate(privateMode); + } + this._request.mozBackgroundRequest = true; // suppress dialogs and fail silently + + this._request.addEventListener("load", this._onRemoteLoaded.bind(this, deferredResponse)); + this._request.addEventListener("error", (evt) => deferredResponse.resolve("HTTP error")); + // Reject for an abort assuming it's always from .stop() in which case we shouldn't return local + // or remote results for existing searches. + this._request.addEventListener("abort", (evt) => deferredResponse.reject("HTTP request aborted")); + + this._request.send(submission.postData); + + return deferredResponse; + }, + + /** + * Called when the request completed successfully (thought the HTTP status could be anything) + * so we can handle the response data. + * @private + */ + _onRemoteLoaded: function(deferredResponse) { + if (!this._request) { + deferredResponse.resolve("Got HTTP response after the request was cancelled"); + return; + } + + let status, serverResults; + try { + status = this._request.status; + } catch (e) { + // The XMLHttpRequest can throw NS_ERROR_NOT_AVAILABLE. + deferredResponse.resolve("Unknown HTTP status: " + e); + return; + } + + if (status != HTTP_OK || this._request.responseText == "") { + deferredResponse.resolve("Non-200 status or empty HTTP response: " + status); + return; + } + + try { + serverResults = JSON.parse(this._request.responseText); + } catch(ex) { + deferredResponse.resolve("Failed to parse suggestion JSON: " + ex); + return; + } + + if (!serverResults[0] || + this._searchString.localeCompare(serverResults[0], undefined, + { sensitivity: "base" })) { + // something is wrong here so drop remote results + deferredResponse.resolve("Unexpected response, this._searchString does not match remote response"); + return; + } + let results = serverResults[1] || []; + deferredResponse.resolve({ result: results }); + }, + + /** + * Called when this._remoteResultTimer fires indicating the remote request took too long. + */ + _onRemoteTimeout: function () { + this._request = null; + + // FIXME: bug 387341 + // Need to break the cycle between us and the timer. + this._remoteResultTimer = null; + + // The XMLHTTPRequest for suggest results is taking too long + // so send out the form history results and cancel the request. + if (this._deferredRemoteResult) { + this._deferredRemoteResult.resolve("HTTP Timeout"); + this._deferredRemoteResult = null; + } + }, + + /** + * @param {Array} suggestResults - an array of result objects from different sources (local or remote) + * @return {Object} + */ + _dedupeAndReturnResults: function(suggestResults) { + if (this._searchString === null) { + // _searchString can be null if stop() was called and remote suggestions + // were disabled (stopping if we are fetching remote suggestions will + // cause a promise rejection before we reach _dedupeAndReturnResults). + return null; + } + + let results = { + term: this._searchString, + remote: [], + local: [], + formHistoryResult: null, + }; + + for (let result of suggestResults) { + if (typeof result === "string") { // Failure message + Cu.reportError("SearchSuggestionController: " + result); + } else if (result.formHistoryResult) { // Local results have a formHistoryResult property. + results.formHistoryResult = result.formHistoryResult; + results.local = result.result || []; + } else { // Remote result + results.remote = result.result || []; + } + } + + // If we have remote results, cap the number of local results + if (results.remote.length) { + results.local = results.local.slice(0, this.maxLocalResults); + } + + // We don't want things to appear in both history and suggestions so remove entries from + // remote results that are already in local. + if (results.remote.length && results.local.length) { + for (let i = 0; i < results.local.length; ++i) { + let term = results.local[i]; + let dupIndex = results.remote.indexOf(term); + if (dupIndex != -1) { + results.remote.splice(dupIndex, 1); + } + } + } + + // Trim the number of results to the maximum requested (now that we've pruned dupes). + results.remote = + results.remote.slice(0, this.maxRemoteResults - results.local.length); + + if (this._callback) { + this._callback(results); + } + this._reset(); + + return results; + }, + + _reset: function() { + this._request = null; + if (this._remoteResultTimer) { + this._remoteResultTimer.cancel(); + this._remoteResultTimer = null; + } + this._deferredRemoteResult = null; + this._searchString = null; + }, +}; + +/** + * Determines whether the given engine offers search suggestions. + * + * @param {nsISearchEngine} engine - The search engine + * @return {boolean} True if the engine offers suggestions and false otherwise. + */ +this.SearchSuggestionController.engineOffersSuggestions = function(engine) { + return engine.supportsResponseType(SEARCH_RESPONSE_SUGGESTION_JSON); +}; diff --git a/toolkit/components/search/orginal/moz.build b/toolkit/components/search/orginal/moz.build new file mode 100644 index 0000000000..4ca6790872 --- /dev/null +++ b/toolkit/components/search/orginal/moz.build @@ -0,0 +1,31 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +EXTRA_COMPONENTS += [ + 'nsSearchSuggestions.js', +] + +EXTRA_PP_COMPONENTS += [ + 'nsSearchService.js', +] + +if CONFIG['MOZ_PHOENIX'] or CONFIG['MOZ_FENNEC'] or CONFIG['MOZ_XULRUNNER']:
+ DEFINES['HAVE_SIDEBAR'] = True
+ EXTRA_COMPONENTS += [ + 'nsSidebar.js', + ] + +EXTRA_JS_MODULES += [ + 'SearchSuggestionController.jsm', +] + +EXTRA_PP_COMPONENTS += [ + 'toolkitsearch.manifest', +] + +EXTRA_JS_MODULES += [ + 'SearchStaticData.jsm', +] diff --git a/toolkit/components/search/orginal/nsSearchService.js b/toolkit/components/search/orginal/nsSearchService.js new file mode 100644 index 0000000000..56d378b399 --- /dev/null +++ b/toolkit/components/search/orginal/nsSearchService.js @@ -0,0 +1,4971 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +const Ci = Components.interfaces; +const Cc = Components.classes; +const Cr = Components.results; +const Cu = Components.utils; + +Components.utils.import("resource://gre/modules/XPCOMUtils.jsm"); +Components.utils.import("resource://gre/modules/Services.jsm"); +Components.utils.import("resource://gre/modules/Promise.jsm"); + +XPCOMUtils.defineLazyModuleGetter(this, "AsyncShutdown", + "resource://gre/modules/AsyncShutdown.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "DeferredTask", + "resource://gre/modules/DeferredTask.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "OS", + "resource://gre/modules/osfile.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "Task", + "resource://gre/modules/Task.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "Deprecated", + "resource://gre/modules/Deprecated.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "SearchStaticData", + "resource://gre/modules/SearchStaticData.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "setTimeout", + "resource://gre/modules/Timer.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "clearTimeout", + "resource://gre/modules/Timer.jsm"); + +XPCOMUtils.defineLazyServiceGetter(this, "gTextToSubURI", + "@mozilla.org/intl/texttosuburi;1", + "nsITextToSubURI"); + +Cu.importGlobalProperties(["XMLHttpRequest"]); + +// A text encoder to UTF8, used whenever we commit the +// engine metadata to disk. +XPCOMUtils.defineLazyGetter(this, "gEncoder", + function() { + return new TextEncoder(); + }); + +const MODE_RDONLY = 0x01; +const MODE_WRONLY = 0x02; +const MODE_CREATE = 0x08; +const MODE_APPEND = 0x10; +const MODE_TRUNCATE = 0x20; + +// Directory service keys +const NS_APP_SEARCH_DIR_LIST = "SrchPluginsDL"; +const NS_APP_DISTRIBUTION_SEARCH_DIR_LIST = "SrchPluginsDistDL"; +const NS_APP_USER_SEARCH_DIR = "UsrSrchPlugns"; +const NS_APP_SEARCH_DIR = "SrchPlugns"; +const NS_APP_USER_PROFILE_50_DIR = "ProfD"; + +// Loading plugins from NS_APP_SEARCH_DIR is no longer supported. +// Instead, we now load plugins from APP_SEARCH_PREFIX, where a +// list.txt file needs to exist to list available engines. +const APP_SEARCH_PREFIX = "resource://search-plugins/"; + +// Search engine "locations". If this list is changed, be sure to update +// the engine's _isDefault function accordingly. +const SEARCH_APP_DIR = 1; +const SEARCH_PROFILE_DIR = 2; +const SEARCH_IN_EXTENSION = 3; +const SEARCH_JAR = 4; + +// See documentation in nsIBrowserSearchService.idl. +const SEARCH_ENGINE_TOPIC = "browser-search-engine-modified"; +const QUIT_APPLICATION_TOPIC = "quit-application"; + +const SEARCH_ENGINE_REMOVED = "engine-removed"; +const SEARCH_ENGINE_ADDED = "engine-added"; +const SEARCH_ENGINE_CHANGED = "engine-changed"; +const SEARCH_ENGINE_LOADED = "engine-loaded"; +const SEARCH_ENGINE_CURRENT = "engine-current"; +const SEARCH_ENGINE_DEFAULT = "engine-default"; + +// The following constants are left undocumented in nsIBrowserSearchService.idl +// For the moment, they are meant for testing/debugging purposes only. + +/** + * Topic used for events involving the service itself. + */ +const SEARCH_SERVICE_TOPIC = "browser-search-service"; + +/** + * Sent whenever metadata is fully written to disk. + */ +const SEARCH_SERVICE_METADATA_WRITTEN = "write-metadata-to-disk-complete"; + +/** + * Sent whenever the cache is fully written to disk. + */ +const SEARCH_SERVICE_CACHE_WRITTEN = "write-cache-to-disk-complete"; + +// Delay for lazy serialization (ms) +const LAZY_SERIALIZE_DELAY = 100; + +// Delay for batching invalidation of the JSON cache (ms) +const CACHE_INVALIDATION_DELAY = 1000; + +// Current cache version. This should be incremented if the format of the cache +// file is modified. +const CACHE_VERSION = 7; + +const ICON_DATAURL_PREFIX = "data:image/x-icon;base64,"; + +const NEW_LINES = /(\r\n|\r|\n)/; + +// Set an arbitrary cap on the maximum icon size. Without this, large icons can +// cause big delays when loading them at startup. +const MAX_ICON_SIZE = 10000; + +// Default charset to use for sending search parameters. ISO-8859-1 is used to +// match previous nsInternetSearchService behavior. +const DEFAULT_QUERY_CHARSET = "ISO-8859-1"; + +const SEARCH_BUNDLE = "chrome://global/locale/search/search.properties"; +const BRAND_BUNDLE = "chrome://branding/locale/brand.properties"; + +const OPENSEARCH_NS_10 = "http://a9.com/-/spec/opensearch/1.0/"; +const OPENSEARCH_NS_11 = "http://a9.com/-/spec/opensearch/1.1/"; + +// Although the specification at http://opensearch.a9.com/spec/1.1/description/ +// gives the namespace names defined above, many existing OpenSearch engines +// are using the following versions. We therefore allow either. +const OPENSEARCH_NAMESPACES = [ + OPENSEARCH_NS_11, OPENSEARCH_NS_10, + "http://a9.com/-/spec/opensearchdescription/1.1/", + "http://a9.com/-/spec/opensearchdescription/1.0/" +]; + +const OPENSEARCH_LOCALNAME = "OpenSearchDescription"; + +const MOZSEARCH_NS_10 = "http://www.mozilla.org/2006/browser/search/"; +const MOZSEARCH_LOCALNAME = "SearchPlugin"; + +const URLTYPE_SUGGEST_JSON = "application/x-suggestions+json"; +const URLTYPE_SEARCH_HTML = "text/html"; +const URLTYPE_OPENSEARCH = "application/opensearchdescription+xml"; + +// Empty base document used to serialize engines to file. +const EMPTY_DOC = "<?xml version=\"1.0\"?>\n" + + "<" + MOZSEARCH_LOCALNAME + + " xmlns=\"" + MOZSEARCH_NS_10 + "\"" + + " xmlns:os=\"" + OPENSEARCH_NS_11 + "\"" + + "/>"; + +const BROWSER_SEARCH_PREF = "browser.search."; +const LOCALE_PREF = "general.useragent.locale"; + +const USER_DEFINED = "{searchTerms}"; + +// Custom search parameters +#ifdef MOZ_OFFICIAL_BRANDING +const MOZ_OFFICIAL = "official"; +#else +const MOZ_OFFICIAL = "unofficial"; +#endif +#expand const MOZ_DISTRIBUTION_ID = __MOZ_DISTRIBUTION_ID__; + +const MOZ_PARAM_LOCALE = /\{moz:locale\}/g; +const MOZ_PARAM_DIST_ID = /\{moz:distributionID\}/g; +const MOZ_PARAM_OFFICIAL = /\{moz:official\}/g; + +// Supported OpenSearch parameters +// See http://opensearch.a9.com/spec/1.1/querysyntax/#core +const OS_PARAM_USER_DEFINED = /\{searchTerms\??\}/g; +const OS_PARAM_INPUT_ENCODING = /\{inputEncoding\??\}/g; +const OS_PARAM_LANGUAGE = /\{language\??\}/g; +const OS_PARAM_OUTPUT_ENCODING = /\{outputEncoding\??\}/g; + +// Default values +const OS_PARAM_LANGUAGE_DEF = "*"; +const OS_PARAM_OUTPUT_ENCODING_DEF = "UTF-8"; +const OS_PARAM_INPUT_ENCODING_DEF = "UTF-8"; + +// "Unsupported" OpenSearch parameters. For example, we don't support +// page-based results, so if the engine requires that we send the "page index" +// parameter, we'll always send "1". +const OS_PARAM_COUNT = /\{count\??\}/g; +const OS_PARAM_START_INDEX = /\{startIndex\??\}/g; +const OS_PARAM_START_PAGE = /\{startPage\??\}/g; + +// Default values +const OS_PARAM_COUNT_DEF = "20"; // 20 results +const OS_PARAM_START_INDEX_DEF = "1"; // start at 1st result +const OS_PARAM_START_PAGE_DEF = "1"; // 1st page + +// Optional parameter +const OS_PARAM_OPTIONAL = /\{(?:\w+:)?\w+\?\}/g; + +// A array of arrays containing parameters that we don't fully support, and +// their default values. We will only send values for these parameters if +// required, since our values are just really arbitrary "guesses" that should +// give us the output we want. +var OS_UNSUPPORTED_PARAMS = [ + [OS_PARAM_COUNT, OS_PARAM_COUNT_DEF], + [OS_PARAM_START_INDEX, OS_PARAM_START_INDEX_DEF], + [OS_PARAM_START_PAGE, OS_PARAM_START_PAGE_DEF], +]; + +// The default engine update interval, in days. This is only used if an engine +// specifies an updateURL, but not an updateInterval. +const SEARCH_DEFAULT_UPDATE_INTERVAL = 7; + +// The default interval before checking again for the name of the +// default engine for the region, in seconds. Only used if the response +// from the server doesn't specify an interval. +const SEARCH_GEO_DEFAULT_UPDATE_INTERVAL = 2592000; // 30 days. + +this.__defineGetter__("FileUtils", function() { + delete this.FileUtils; + Components.utils.import("resource://gre/modules/FileUtils.jsm"); + return FileUtils; +}); + +this.__defineGetter__("NetUtil", function() { + delete this.NetUtil; + Components.utils.import("resource://gre/modules/NetUtil.jsm"); + return NetUtil; +}); + +this.__defineGetter__("gChromeReg", function() { + delete this.gChromeReg; + return this.gChromeReg = Cc["@mozilla.org/chrome/chrome-registry;1"]. + getService(Ci.nsIChromeRegistry); +}); + +/** + * Prefixed to all search debug output. + */ +const SEARCH_LOG_PREFIX = "*** Search: "; + +/** + * Outputs aText to the JavaScript console as well as to stdout. + */ +function DO_LOG(aText) { + dump(SEARCH_LOG_PREFIX + aText + "\n"); + Services.console.logStringMessage(aText); +} + +#ifdef DEBUG +/** + * In debug builds, use a live, pref-based (browser.search.log) LOG function + * to allow enabling/disabling without a restart. + */ +function PREF_LOG(aText) { + if (getBoolPref(BROWSER_SEARCH_PREF + "log", false)) + DO_LOG(aText); +} +var LOG = PREF_LOG; + +#else + +/** + * Otherwise, don't log at all by default. This can be overridden at startup + * by the pref, see SearchService's _init method. + */ +var LOG = function(){}; + +#endif + +/** + * Presents an assertion dialog in non-release builds and throws. + * @param message + * A message to display + * @param resultCode + * The NS_ERROR_* value to throw. + * @throws resultCode + */ +function ERROR(message, resultCode) { + NS_ASSERT(false, SEARCH_LOG_PREFIX + message); + throw Components.Exception(message, resultCode); +} + +/** + * Logs the failure message (if browser.search.log is enabled) and throws. + * @param message + * A message to display + * @param resultCode + * The NS_ERROR_* value to throw. + * @throws resultCode or NS_ERROR_INVALID_ARG if resultCode isn't specified. + */ +function FAIL(message, resultCode) { + LOG(message); + throw Components.Exception(message, resultCode || Cr.NS_ERROR_INVALID_ARG); +} + +/** + * Truncates big blobs of (data-)URIs to console-friendly sizes + * @param str + * String to tone down + * @param len + * Maximum length of the string to return. Defaults to the length of a tweet. + */ +function limitURILength(str, len) { + len = len || 140; + if (str.length > len) + return str.slice(0, len) + "..."; + return str; +} + +/** + * Ensures an assertion is met before continuing. Should be used to indicate + * fatal errors. + * @param assertion + * An assertion that must be met + * @param message + * A message to display if the assertion is not met + * @param resultCode + * The NS_ERROR_* value to throw if the assertion is not met + * @throws resultCode + */ +function ENSURE_WARN(assertion, message, resultCode) { + NS_ASSERT(assertion, SEARCH_LOG_PREFIX + message); + if (!assertion) + throw Components.Exception(message, resultCode); +} + +function loadListener(aChannel, aEngine, aCallback) { + this._channel = aChannel; + this._bytes = []; + this._engine = aEngine; + this._callback = aCallback; +} +loadListener.prototype = { + _callback: null, + _channel: null, + _countRead: 0, + _engine: null, + _stream: null, + + QueryInterface: function SRCH_loadQI(aIID) { + if (aIID.equals(Ci.nsISupports) || + aIID.equals(Ci.nsIRequestObserver) || + aIID.equals(Ci.nsIStreamListener) || + aIID.equals(Ci.nsIChannelEventSink) || + aIID.equals(Ci.nsIInterfaceRequestor) || + // See FIXME comment below + aIID.equals(Ci.nsIHttpEventSink) || + aIID.equals(Ci.nsIProgressEventSink) || + false) + return this; + + throw Cr.NS_ERROR_NO_INTERFACE; + }, + + // nsIRequestObserver + onStartRequest: function SRCH_loadStartR(aRequest, aContext) { + LOG("loadListener: Starting request: " + aRequest.name); + this._stream = Cc["@mozilla.org/binaryinputstream;1"]. + createInstance(Ci.nsIBinaryInputStream); + }, + + onStopRequest: function SRCH_loadStopR(aRequest, aContext, aStatusCode) { + LOG("loadListener: Stopping request: " + aRequest.name); + + var requestFailed = !Components.isSuccessCode(aStatusCode); + if (!requestFailed && (aRequest instanceof Ci.nsIHttpChannel)) + requestFailed = !aRequest.requestSucceeded; + + if (requestFailed || this._countRead == 0) { + LOG("loadListener: request failed!"); + // send null so the callback can deal with the failure + this._callback(null, this._engine); + } else + this._callback(this._bytes, this._engine); + this._channel = null; + this._engine = null; + }, + + // nsIStreamListener + onDataAvailable: function SRCH_loadDAvailable(aRequest, aContext, + aInputStream, aOffset, + aCount) { + this._stream.setInputStream(aInputStream); + + // Get a byte array of the data + this._bytes = this._bytes.concat(this._stream.readByteArray(aCount)); + this._countRead += aCount; + }, + + // nsIChannelEventSink + asyncOnChannelRedirect: function SRCH_loadCRedirect(aOldChannel, aNewChannel, + aFlags, callback) { + this._channel = aNewChannel; + callback.onRedirectVerifyCallback(Components.results.NS_OK); + }, + + // nsIInterfaceRequestor + getInterface: function SRCH_load_GI(aIID) { + return this.QueryInterface(aIID); + }, + + // FIXME: bug 253127 + // nsIHttpEventSink + onRedirect: function (aChannel, aNewChannel) {}, + // nsIProgressEventSink + onProgress: function (aRequest, aContext, aProgress, aProgressMax) {}, + onStatus: function (aRequest, aContext, aStatus, aStatusArg) {} +} + +function isPartnerBuild() { + try { + let distroID = Services.prefs.getCharPref("distribution.id"); + + // Mozilla-provided builds (i.e. funnelcake) are not partner builds + if (distroID && !distroID.startsWith("mozilla")) { + return true; + } + } catch (e) {} + + return false; +} + +// Method to determine if we should be using geo-specific defaults +function geoSpecificDefaultsEnabled() { + let geoSpecificDefaults = false; + try { + geoSpecificDefaults = Services.prefs.getBoolPref("browser.search.geoSpecificDefaults"); + } catch(e) {} + + return geoSpecificDefaults; +} + +// Some notes on countryCode and region prefs: +// * A "countryCode" pref is set via a geoip lookup. It always reflects the +// result of that geoip request. +// * A "region" pref, once set, is the region actually used for search. In +// most cases it will be identical to the countryCode pref. +// * The value of "region" and "countryCode" will only not agree in one edge +// case - 34/35 users who have previously been configured to use US defaults +// based purely on a timezone check will have "region" forced to US, +// regardless of what countryCode geoip returns. +// * We may want to know if we are in the US before we have *either* +// countryCode or region - in which case we fallback to a timezone check, +// but we don't persist that value anywhere in the expectation we will +// eventually get a countryCode/region. + +// A method that "migrates" prefs if necessary. +function migrateRegionPrefs() { + // If we already have a "region" pref there's nothing to do. + if (Services.prefs.prefHasUserValue("browser.search.region")) { + return; + } + + // If we have 'isUS' but no 'countryCode' then we are almost certainly + // a profile from Fx 34/35 that set 'isUS' based purely on a timezone + // check. If this said they were US, we force region to be US. + // (But if isUS was false, we leave region alone - we will do a geoip request + // and set the region accordingly) + try { + if (Services.prefs.getBoolPref("browser.search.isUS") && + !Services.prefs.prefHasUserValue("browser.search.countryCode")) { + Services.prefs.setCharPref("browser.search.region", "US"); + } + } catch (ex) { + // no isUS pref, nothing to do. + } + // If we have a countryCode pref but no region pref, just force region + // to be the countryCode. + try { + let countryCode = Services.prefs.getCharPref("browser.search.countryCode"); + if (!Services.prefs.prefHasUserValue("browser.search.region")) { + Services.prefs.setCharPref("browser.search.region", countryCode); + } + } catch (ex) { + // no countryCode pref, nothing to do. + } +} + +// A method to determine if we are in the United States (US) for the search +// service. +// It uses a browser.search.region pref (which typically comes from a geoip +// request) or if that doesn't exist, falls back to a hacky timezone check. +function getIsUS() { + // Regardless of the region or countryCode, non en-US builds are not + // considered to be in the US from the POV of the search service. + if (getLocale() != "en-US") { + return false; + } + + // If we've got a region pref, trust it. + try { + return Services.prefs.getCharPref("browser.search.region") == "US"; + } catch(e) {} + + // So we are en-US but have no region pref - fallback to hacky timezone check. + let isNA = isUSTimezone(); + LOG("getIsUS() fell back to a timezone check with the result=" + isNA); + return isNA; +} + +// Helper method to modify preference keys with geo-specific modifiers, if needed. +function getGeoSpecificPrefName(basepref) { + if (!geoSpecificDefaultsEnabled() || isPartnerBuild()) + return basepref; + if (getIsUS()) + return basepref + ".US"; + return basepref; +} + +// A method that tries to determine if this user is in a US geography. +function isUSTimezone() { + // Timezone assumptions! We assume that if the system clock's timezone is + // between Newfoundland and Hawaii, that the user is in North America. + + // This includes all of South America as well, but we have relatively few + // en-US users there, so that's OK. + + // 150 minutes = 2.5 hours (UTC-2.5), which is + // Newfoundland Daylight Time (http://www.timeanddate.com/time/zones/ndt) + + // 600 minutes = 10 hours (UTC-10), which is + // Hawaii-Aleutian Standard Time (http://www.timeanddate.com/time/zones/hast) + + let UTCOffset = (new Date()).getTimezoneOffset(); + return UTCOffset >= 150 && UTCOffset <= 600; +} + +// A less hacky method that tries to determine our country-code via an XHR +// geoip lookup. +// If this succeeds and we are using an en-US locale, we set the pref used by +// the hacky method above, so isUS() can avoid the hacky timezone method. +// If it fails we don't touch that pref so isUS() does its normal thing. +var ensureKnownCountryCode = Task.async(function* () { + // If we have a country-code already stored in our prefs we trust it. + let countryCode; + try { + countryCode = Services.prefs.getCharPref("browser.search.countryCode"); + } catch(e) {} + + if (!countryCode) { + // We don't have it cached, so fetch it. fetchCountryCode() will call + // storeCountryCode if it gets a result (even if that happens after the + // promise resolves) and fetchRegionDefault. + yield fetchCountryCode(); + } else { + // if nothing to do, return early. + if (!geoSpecificDefaultsEnabled()) + return; + + let expir = engineMetadataService.getGlobalAttr("searchDefaultExpir") || 0; + if (expir > Date.now()) { + // The territory default we have already fetched hasn't expired yet. + // If we have a default engine or a list of visible default engines + // saved, the hashes should be valid, verify them now so that we can + // refetch if they have been tampered with. + let defaultEngine = engineMetadataService.getGlobalAttr("searchDefault"); + let visibleDefaultEngines = + engineMetadataService.getGlobalAttr("visibleDefaultEngines"); + if ((!defaultEngine || engineMetadataService.getGlobalAttr("searchDefaultHash") == getVerificationHash(defaultEngine)) && + (!visibleDefaultEngines || + engineMetadataService.getGlobalAttr("visibleDefaultEnginesHash") == getVerificationHash(visibleDefaultEngines))) { + // No geo defaults, or valid hashes; nothing to do. + return; + } + } + + yield new Promise(resolve => { + let timeoutMS = Services.prefs.getIntPref("browser.search.geoip.timeout"); + let timerId = setTimeout(() => { + timerId = null; + resolve(); + }, timeoutMS); + + let callback = () => { + clearTimeout(timerId); + resolve(); + }; + fetchRegionDefault().then(callback).catch(err => { + Components.utils.reportError(err); + callback(); + }); + }); + } +}); + +// Store the result of the geoip request as well as any other values and +// telemetry which depend on it. +function storeCountryCode(cc) { + // Set the country-code itself. + Services.prefs.setCharPref("browser.search.countryCode", cc); + // And set the region pref if we don't already have a value. + if (!Services.prefs.prefHasUserValue("browser.search.region")) { + Services.prefs.setCharPref("browser.search.region", cc); + } + // and telemetry... + let isTimezoneUS = isUSTimezone(); + // telemetry to compare our geoip response with platform-specific country data. + // On Mac and Windows, we can get a country code via sysinfo + let platformCC = Services.sysinfo.get("countryCode"); + if (platformCC) { + let probeUSMismatched, probeNonUSMismatched; + switch (Services.appinfo.OS) { + case "Darwin": + probeUSMismatched = "SEARCH_SERVICE_US_COUNTRY_MISMATCHED_PLATFORM_OSX"; + probeNonUSMismatched = "SEARCH_SERVICE_NONUS_COUNTRY_MISMATCHED_PLATFORM_OSX"; + break; + case "WINNT": + probeUSMismatched = "SEARCH_SERVICE_US_COUNTRY_MISMATCHED_PLATFORM_WIN"; + probeNonUSMismatched = "SEARCH_SERVICE_NONUS_COUNTRY_MISMATCHED_PLATFORM_WIN"; + break; + default: + Cu.reportError("Platform " + Services.appinfo.OS + " has system country code but no search service telemetry probes"); + break; + } + } +} + +// Get the country we are in via a XHR geoip request. +function fetchCountryCode() { + // values for the SEARCH_SERVICE_COUNTRY_FETCH_RESULT 'enum' telemetry probe. + const TELEMETRY_RESULT_ENUM = { + SUCCESS: 0, + SUCCESS_WITHOUT_DATA: 1, + XHRTIMEOUT: 2, + ERROR: 3, + // Note that we expect to add finer-grained error types here later (eg, + // dns error, network error, ssl error, etc) with .ERROR remaining as the + // generic catch-all that doesn't fit into other categories. + }; + let endpoint = Services.urlFormatter.formatURLPref("browser.search.geoip.url"); + LOG("_fetchCountryCode starting with endpoint " + endpoint); + // As an escape hatch, no endpoint means no geoip. + if (!endpoint) { + return Promise.resolve(); + } + let startTime = Date.now(); + return new Promise(resolve => { + // Instead of using a timeout on the xhr object itself, we simulate one + // using a timer and let the XHR request complete. This allows us to + // capture reliable telemetry on what timeout value should actually be + // used to ensure most users don't see one while not making it so large + // that many users end up doing a sync init of the search service and thus + // would see the jank that implies. + // (Note we do actually use a timeout on the XHR, but that's set to be a + // large value just incase the request never completes - we don't want the + // XHR object to live forever) + let timeoutMS = Services.prefs.getIntPref("browser.search.geoip.timeout"); + let geoipTimeoutPossible = true; + let timerId = setTimeout(() => { + LOG("_fetchCountryCode: timeout fetching country information"); + timerId = null; + resolve(); + }, timeoutMS); + + let resolveAndReportSuccess = (result, reason) => { + // Even if we timed out, we want to save the country code and everything + // related so next startup sees the value and doesn't retry this dance. + if (result) { + storeCountryCode(result); + } + + // This notification is just for tests... + Services.obs.notifyObservers(null, SEARCH_SERVICE_TOPIC, "geoip-lookup-xhr-complete"); + + if (timerId) { + geoipTimeoutPossible = false; + } + + let callback = () => { + // If we've already timed out then we've already resolved the promise, + // so there's nothing else to do. + if (timerId == null) { + return; + } + clearTimeout(timerId); + resolve(); + }; + + if (result && geoSpecificDefaultsEnabled()) { + fetchRegionDefault().then(callback).catch(err => { + Components.utils.reportError(err); + callback(); + }); + } else { + callback(); + } + }; + + let request = new XMLHttpRequest(); + // This notification is just for tests... + Services.obs.notifyObservers(request, SEARCH_SERVICE_TOPIC, "geoip-lookup-xhr-starting"); + request.timeout = 100000; // 100 seconds as the last-chance fallback + request.onload = function(event) { + let took = Date.now() - startTime; + let cc = event.target.response && event.target.response.country_code; + LOG("_fetchCountryCode got success response in " + took + "ms: " + cc); + let reason = cc ? TELEMETRY_RESULT_ENUM.SUCCESS : TELEMETRY_RESULT_ENUM.SUCCESS_WITHOUT_DATA; + resolveAndReportSuccess(cc, reason); + }; + request.ontimeout = function(event) { + LOG("_fetchCountryCode: XHR finally timed-out fetching country information"); + resolveAndReportSuccess(null, TELEMETRY_RESULT_ENUM.XHRTIMEOUT); + }; + request.onerror = function(event) { + LOG("_fetchCountryCode: failed to retrieve country information"); + resolveAndReportSuccess(null, TELEMETRY_RESULT_ENUM.ERROR); + }; + request.open("POST", endpoint, true); + request.setRequestHeader("Content-Type", "application/json"); + request.responseType = "json"; + request.send("{}"); + }); +} + +// This will make an HTTP request to a Mozilla server that will return +// JSON data telling us what engine should be set as the default for +// the current region, and how soon we should check again. +// +// The optional cohort value returned by the server is to be kept locally +// and sent to the server the next time we ping it. It lets the server +// identify profiles that have been part of a specific experiment. +// +// This promise may take up to 100s to resolve, it's the caller's +// responsibility to ensure with a timer that we are not going to +// block the async init for too long. +var fetchRegionDefault = () => new Promise(resolve => { + let urlTemplate = Services.prefs.getDefaultBranch(BROWSER_SEARCH_PREF) + .getCharPref("geoSpecificDefaults.url"); + let endpoint = Services.urlFormatter.formatURL(urlTemplate); + + // As an escape hatch, no endpoint means no region specific defaults. + if (!endpoint) { + resolve(); + return; + } + + // Append the optional cohort value. + const cohortPref = "browser.search.cohort"; + let cohort; + try { + cohort = Services.prefs.getCharPref(cohortPref); + } catch(e) {} + if (cohort) + endpoint += "/" + cohort; + + LOG("fetchRegionDefault starting with endpoint " + endpoint); + + let startTime = Date.now(); + let request = new XMLHttpRequest(); + request.timeout = 100000; // 100 seconds as the last-chance fallback + request.onload = function(event) { + let took = Date.now() - startTime; + + let status = event.target.status; + if (status != 200) { + LOG("fetchRegionDefault failed with HTTP code " + status); + let retryAfter = request.getResponseHeader("retry-after"); + if (retryAfter) { + engineMetadataService.setGlobalAttr("searchDefaultExpir", + Date.now() + retryAfter * 1000); + } + resolve(); + return; + } + + let response = event.target.response || {}; + LOG("received " + response.toSource()); + + if (response.cohort) { + Services.prefs.setCharPref(cohortPref, response.cohort); + } else { + Services.prefs.clearUserPref(cohortPref); + } + + if (response.settings && response.settings.searchDefault) { + let defaultEngine = response.settings.searchDefault; + engineMetadataService.setGlobalAttr("searchDefault", defaultEngine); + let hash = getVerificationHash(defaultEngine); + LOG("fetchRegionDefault saved searchDefault: " + defaultEngine + + " with verification hash: " + hash); + engineMetadataService.setGlobalAttr("searchDefaultHash", hash); + } + + if (response.settings && response.settings.visibleDefaultEngines) { + let visibleDefaultEngines = response.settings.visibleDefaultEngines; + let string = visibleDefaultEngines.join(","); + engineMetadataService.setGlobalAttr("visibleDefaultEngines", string); + let hash = getVerificationHash(string); + LOG("fetchRegionDefault saved visibleDefaultEngines: " + string + + " with verification hash: " + hash); + engineMetadataService.setGlobalAttr("visibleDefaultEnginesHash", hash); + } + + let interval = response.interval || SEARCH_GEO_DEFAULT_UPDATE_INTERVAL; + let milliseconds = interval * 1000; // |interval| is in seconds. + engineMetadataService.setGlobalAttr("searchDefaultExpir", + Date.now() + milliseconds); + + LOG("fetchRegionDefault got success response in " + took + "ms"); + resolve(); + }; + request.ontimeout = function(event) { + LOG("fetchRegionDefault: XHR finally timed-out"); + resolve(); + }; + request.onerror = function(event) { + LOG("fetchRegionDefault: failed to retrieve territory default information"); + resolve(); + }; + request.open("GET", endpoint, true); + request.setRequestHeader("Content-Type", "application/json"); + request.responseType = "json"; + request.send(); +}); + +function getVerificationHash(aName) { + let disclaimer = "By modifying this file, I agree that I am doing so " + + "only within $appName itself, using official, user-driven search " + + "engine selection processes, and in a way which does not circumvent " + + "user consent. I acknowledge that any attempt to change this file " + + "from outside of $appName is a malicious act, and will be responded " + + "to accordingly." + + let salt = OS.Path.basename(OS.Constants.Path.profileDir) + aName + + disclaimer.replace(/\$appName/g, Services.appinfo.name); + + let converter = Cc["@mozilla.org/intl/scriptableunicodeconverter"] + .createInstance(Ci.nsIScriptableUnicodeConverter); + converter.charset = "UTF-8"; + + // Data is an array of bytes. + let data = converter.convertToByteArray(salt, {}); + let hasher = Cc["@mozilla.org/security/hash;1"] + .createInstance(Ci.nsICryptoHash); + hasher.init(hasher.SHA256); + hasher.update(data, data.length); + + return hasher.finish(true); +} + +/** + * Safely close a nsISafeOutputStream. + * @param aFOS + * The file output stream to close. + */ +function closeSafeOutputStream(aFOS) { + if (aFOS instanceof Ci.nsISafeOutputStream) { + try { + aFOS.finish(); + return; + } catch (e) { } + } + aFOS.close(); +} + +/** + * Wrapper function for nsIIOService::newURI. + * @param aURLSpec + * The URL string from which to create an nsIURI. + * @returns an nsIURI object, or null if the creation of the URI failed. + */ +function makeURI(aURLSpec, aCharset) { + try { + return NetUtil.newURI(aURLSpec, aCharset); + } catch (ex) { } + + return null; +} + +/** + * Wrapper function for nsIIOService::newChannel2. + * @param url + * The URL string from which to create an nsIChannel. + * @returns an nsIChannel object, or null if the url is invalid. + */ +function makeChannel(url) { + try { + return NetUtil.newChannel({uri: url, loadUsingSystemPrincipal: true}); + } catch (ex) { } + + return null; +} + +/** + * Gets a directory from the directory service. + * @param aKey + * The directory service key indicating the directory to get. + */ +function getDir(aKey, aIFace) { + if (!aKey) + FAIL("getDir requires a directory key!"); + + return Services.dirsvc.get(aKey, aIFace || Ci.nsIFile); +} + +/** + * Gets the current value of the locale. It's possible for this preference to + * be localized, so we have to do a little extra work here. Similar code + * exists in nsHttpHandler.cpp when building the UA string. + */ +function getLocale() { + let locale = getLocalizedPref(LOCALE_PREF); + if (locale) + return locale; + + // Not localized. + return Services.prefs.getCharPref(LOCALE_PREF); +} + +/** + * Wrapper for nsIPrefBranch::getComplexValue. + * @param aPrefName + * The name of the pref to get. + * @returns aDefault if the requested pref doesn't exist. + */ +function getLocalizedPref(aPrefName, aDefault) { + const nsIPLS = Ci.nsIPrefLocalizedString; + try { + return Services.prefs.getComplexValue(aPrefName, nsIPLS).data; + } catch (ex) {} + + return aDefault; +} + +/** + * Wrapper for nsIPrefBranch::setComplexValue. + * @param aPrefName + * The name of the pref to set. + */ +function setLocalizedPref(aPrefName, aValue) { + const nsIPLS = Ci.nsIPrefLocalizedString; + try { + var pls = Components.classes["@mozilla.org/pref-localizedstring;1"] + .createInstance(Ci.nsIPrefLocalizedString); + pls.data = aValue; + Services.prefs.setComplexValue(aPrefName, nsIPLS, pls); + } catch (ex) {} +} + +/** + * Wrapper for nsIPrefBranch::getBoolPref. + * @param aPrefName + * The name of the pref to get. + * @returns aDefault if the requested pref doesn't exist. + */ +function getBoolPref(aName, aDefault) { + if (Services.prefs.getPrefType(aName) != Ci.nsIPrefBranch.PREF_BOOL) + return aDefault; + return Services.prefs.getBoolPref(aName); +} + +/** + * Get a unique nsIFile object with a sanitized name, based on the engine name. + * @param aName + * A name to "sanitize". Can be an empty string, in which case a random + * 8 character filename will be produced. + * @returns A nsIFile object in the user's search engines directory with a + * unique sanitized name. + */ +function getSanitizedFile(aName) { + var fileName = sanitizeName(aName) + ".xml"; + var file = getDir(NS_APP_USER_SEARCH_DIR); + file.append(fileName); + file.createUnique(Ci.nsIFile.NORMAL_FILE_TYPE, FileUtils.PERMS_FILE); + return file; +} + +/** + * @return a sanitized name to be used as a filename, or a random name + * if a sanitized name cannot be obtained (if aName contains + * no valid characters). + */ +function sanitizeName(aName) { + const maxLength = 60; + const minLength = 1; + var name = aName.toLowerCase(); + name = name.replace(/\s+/g, "-"); + name = name.replace(/[^-a-z0-9]/g, ""); + + // Use a random name if our input had no valid characters. + if (name.length < minLength) + name = Math.random().toString(36).replace(/^.*\./, ''); + + // Force max length. + return name.substring(0, maxLength); +} + +/** + * Retrieve a pref from the search param branch. + * + * @param prefName + * The name of the pref. + **/ +function getMozParamPref(prefName) { + return Services.prefs.getCharPref(BROWSER_SEARCH_PREF + "param." + prefName); +} + +/** + * Notifies watchers of SEARCH_ENGINE_TOPIC about changes to an engine or to + * the state of the search service. + * + * @param aEngine + * The nsISearchEngine object to which the change applies. + * @param aVerb + * A verb describing the change. + * + * @see nsIBrowserSearchService.idl + */ +var gInitialized = false; +function notifyAction(aEngine, aVerb) { + if (gInitialized) { + LOG("NOTIFY: Engine: \"" + aEngine.name + "\"; Verb: \"" + aVerb + "\""); + Services.obs.notifyObservers(aEngine, SEARCH_ENGINE_TOPIC, aVerb); + } +} + +function parseJsonFromStream(aInputStream) { + const json = Cc["@mozilla.org/dom/json;1"].createInstance(Ci.nsIJSON); + const data = json.decodeFromStream(aInputStream, aInputStream.available()); + return data; +} + +/** + * Simple object representing a name/value pair. + */ +function QueryParameter(aName, aValue, aPurpose) { + if (!aName || (aValue == null)) + FAIL("missing name or value for QueryParameter!"); + + this.name = aName; + this.value = aValue; + this.purpose = aPurpose; +} + +/** + * Perform OpenSearch parameter substitution on aParamValue. + * + * @param aParamValue + * A string containing OpenSearch search parameters. + * @param aSearchTerms + * The user-provided search terms. This string will inserted into + * aParamValue as the value of the OS_PARAM_USER_DEFINED parameter. + * This value must already be escaped appropriately - it is inserted + * as-is. + * @param aEngine + * The engine which owns the string being acted on. + * + * @see http://opensearch.a9.com/spec/1.1/querysyntax/#core + */ +function ParamSubstitution(aParamValue, aSearchTerms, aEngine) { + var value = aParamValue; + + var distributionID = MOZ_DISTRIBUTION_ID; + try { + distributionID = Services.prefs.getCharPref(BROWSER_SEARCH_PREF + "distributionID"); + } + catch (ex) { } + var official = MOZ_OFFICIAL; + try { + if (Services.prefs.getBoolPref(BROWSER_SEARCH_PREF + "official")) + official = "official"; + else + official = "unofficial"; + } + catch (ex) { } + + // Custom search parameters. These are only available to default search + // engines. + if (aEngine._isDefault) { + value = value.replace(MOZ_PARAM_LOCALE, getLocale()); + value = value.replace(MOZ_PARAM_DIST_ID, distributionID); + value = value.replace(MOZ_PARAM_OFFICIAL, official); + } + + // Insert the OpenSearch parameters we're confident about + value = value.replace(OS_PARAM_USER_DEFINED, aSearchTerms); + value = value.replace(OS_PARAM_INPUT_ENCODING, aEngine.queryCharset); + value = value.replace(OS_PARAM_LANGUAGE, + getLocale() || OS_PARAM_LANGUAGE_DEF); + value = value.replace(OS_PARAM_OUTPUT_ENCODING, + OS_PARAM_OUTPUT_ENCODING_DEF); + + // Replace any optional parameters + value = value.replace(OS_PARAM_OPTIONAL, ""); + + // Insert any remaining required params with our default values + for (var i = 0; i < OS_UNSUPPORTED_PARAMS.length; ++i) { + value = value.replace(OS_UNSUPPORTED_PARAMS[i][0], + OS_UNSUPPORTED_PARAMS[i][1]); + } + + return value; +} + +/** + * Creates an engineURL object, which holds the query URL and all parameters. + * + * @param aType + * A string containing the name of the MIME type of the search results + * returned by this URL. + * @param aMethod + * The HTTP request method. Must be a case insensitive value of either + * "GET" or "POST". + * @param aTemplate + * The URL to which search queries should be sent. For GET requests, + * must contain the string "{searchTerms}", to indicate where the user + * entered search terms should be inserted. + * @param aResultDomain + * The root domain for this URL. Defaults to the template's host. + * + * @see http://opensearch.a9.com/spec/1.1/querysyntax/#urltag + * + * @throws NS_ERROR_NOT_IMPLEMENTED if aType is unsupported. + */ +function EngineURL(aType, aMethod, aTemplate, aResultDomain) { + if (!aType || !aMethod || !aTemplate) + FAIL("missing type, method or template for EngineURL!"); + + var method = aMethod.toUpperCase(); + var type = aType.toLowerCase(); + + if (method != "GET" && method != "POST") + FAIL("method passed to EngineURL must be \"GET\" or \"POST\""); + + this.type = type; + this.method = method; + this.params = []; + this.rels = []; + // Don't serialize expanded mozparams + this.mozparams = {}; + + var templateURI = makeURI(aTemplate); + if (!templateURI) + FAIL("new EngineURL: template is not a valid URI!", Cr.NS_ERROR_FAILURE); + + switch (templateURI.scheme) { + case "http": + case "https": + // Disable these for now, see bug 295018 + // case "file": + // case "resource": + this.template = aTemplate; + break; + default: + FAIL("new EngineURL: template uses invalid scheme!", Cr.NS_ERROR_FAILURE); + } + + // If no resultDomain was specified in the engine definition file, use the + // host from the template. + this.resultDomain = aResultDomain || templateURI.host; + // We never want to return a "www." prefix, so eventually strip it. + if (this.resultDomain.startsWith("www.")) { + this.resultDomain = this.resultDomain.substr(4); + } +} +EngineURL.prototype = { + + addParam: function SRCH_EURL_addParam(aName, aValue, aPurpose) { + this.params.push(new QueryParameter(aName, aValue, aPurpose)); + }, + + // Note: This method requires that aObj has a unique name or the previous MozParams entry with + // that name will be overwritten. + _addMozParam: function SRCH_EURL__addMozParam(aObj) { + aObj.mozparam = true; + this.mozparams[aObj.name] = aObj; + }, + + getSubmission: function SRCH_EURL_getSubmission(aSearchTerms, aEngine, aPurpose) { + var url = ParamSubstitution(this.template, aSearchTerms, aEngine); + // Default to an empty string if the purpose is not provided so that default purpose params + // (purpose="") work consistently rather than having to define "null" and "" purposes. + var purpose = aPurpose || ""; + + // If the 'system' purpose isn't defined in the plugin, fallback to 'searchbar'. + if (purpose == "system" && !this.params.some(p => p.purpose == "system")) + purpose = "searchbar"; + + // Create an application/x-www-form-urlencoded representation of our params + // (name=value&name=value&name=value) + var dataString = ""; + for (var i = 0; i < this.params.length; ++i) { + var param = this.params[i]; + + // If this parameter has a purpose, only add it if the purpose matches + if (param.purpose !== undefined && param.purpose != purpose) + continue; + + var value = ParamSubstitution(param.value, aSearchTerms, aEngine); + + dataString += (i > 0 ? "&" : "") + param.name + "=" + value; + } + + var postData = null; + if (this.method == "GET") { + // GET method requests have no post data, and append the encoded + // query string to the url... + if (url.indexOf("?") == -1 && dataString) + url += "?"; + url += dataString; + } else if (this.method == "POST") { + // POST method requests must wrap the encoded text in a MIME + // stream and supply that as POSTDATA. + var stringStream = Cc["@mozilla.org/io/string-input-stream;1"]. + createInstance(Ci.nsIStringInputStream); + stringStream.data = dataString; + + postData = Cc["@mozilla.org/network/mime-input-stream;1"]. + createInstance(Ci.nsIMIMEInputStream); + postData.addHeader("Content-Type", "application/x-www-form-urlencoded"); + postData.addContentLength = true; + postData.setData(stringStream); + } + + return new Submission(makeURI(url), postData); + }, + + _getTermsParameterName: function SRCH_EURL__getTermsParameterName() { + let queryParam = this.params.find(p => p.value == USER_DEFINED); + return queryParam ? queryParam.name : ""; + }, + + _hasRelation: function SRC_EURL__hasRelation(aRel) { + return this.rels.some(e => e == aRel.toLowerCase()); + }, + + _initWithJSON: function SRC_EURL__initWithJSON(aJson, aEngine) { + if (!aJson.params) + return; + + this.rels = aJson.rels; + + for (let i = 0; i < aJson.params.length; ++i) { + let param = aJson.params[i]; + if (param.mozparam) { + if (param.condition == "pref") { + let value = getMozParamPref(param.pref); + this.addParam(param.name, value); + } + this._addMozParam(param); + } + else + this.addParam(param.name, param.value, param.purpose); + } + }, + + /** + * Creates a JavaScript object that represents this URL. + * @returns An object suitable for serialization as JSON. + **/ + toJSON: function SRCH_EURL_toJSON() { + var json = { + template: this.template, + rels: this.rels, + resultDomain: this.resultDomain + }; + + if (this.type != URLTYPE_SEARCH_HTML) + json.type = this.type; + if (this.method != "GET") + json.method = this.method; + + function collapseMozParams(aParam) { + return this.mozparams[aParam.name] || aParam; + } + json.params = this.params.map(collapseMozParams, this); + + return json; + }, + + /** + * Serializes the engine object to a OpenSearch Url element. + * @param aDoc + * The document to use to create the Url element. + * @param aElement + * The element to which the created Url element is appended. + * + * @see http://opensearch.a9.com/spec/1.1/querysyntax/#urltag + */ + _serializeToElement: function SRCH_EURL_serializeToEl(aDoc, aElement) { + var url = aDoc.createElementNS(OPENSEARCH_NS_11, "Url"); + url.setAttribute("type", this.type); + url.setAttribute("method", this.method); + url.setAttribute("template", this.template); + if (this.rels.length) + url.setAttribute("rel", this.rels.join(" ")); + if (this.resultDomain) + url.setAttribute("resultDomain", this.resultDomain); + + for (var i = 0; i < this.params.length; ++i) { + var param = aDoc.createElementNS(OPENSEARCH_NS_11, "Param"); + param.setAttribute("name", this.params[i].name); + param.setAttribute("value", this.params[i].value); + url.appendChild(aDoc.createTextNode("\n ")); + url.appendChild(param); + } + url.appendChild(aDoc.createTextNode("\n")); + aElement.appendChild(url); + } +}; + +/** + * nsISearchEngine constructor. + * @param aLocation + * A nsILocalFile or nsIURI object representing the location of the + * search engine data file. + * @param aIsReadOnly + * Boolean indicating whether the engine should be treated as read-only. + * Read only engines cannot be serialized to file. + */ +function Engine(aLocation, aIsReadOnly) { + this._readOnly = aIsReadOnly; + this._urls = []; + + if (aLocation.type) { + if (aLocation.type == "filePath") + this._file = aLocation.value; + else if (aLocation.type == "uri") + this._uri = aLocation.value; + } else if (aLocation instanceof Ci.nsILocalFile) { + // we already have a file (e.g. loading engines from disk) + this._file = aLocation; + } else if (aLocation instanceof Ci.nsIURI) { + switch (aLocation.scheme) { + case "https": + case "http": + case "ftp": + case "data": + case "file": + case "resource": + case "chrome": + this._uri = aLocation; + break; + default: + ERROR("Invalid URI passed to the nsISearchEngine constructor", + Cr.NS_ERROR_INVALID_ARG); + } + } else + ERROR("Engine location is neither a File nor a URI object", + Cr.NS_ERROR_INVALID_ARG); +} + +Engine.prototype = { + // The engine's alias (can be null). Initialized to |undefined| to indicate + // not-initialized-from-engineMetadataService. + _alias: undefined, + // A distribution-unique identifier for the engine. Either null or set + // when loaded. See getter. + _identifier: undefined, + // The data describing the engine, in the form of an XML document element. + _data: null, + // Whether or not the engine is readonly. + _readOnly: true, + // The engine's description + _description: "", + // Used to store the engine to replace, if we're an update to an existing + // engine. + _engineToUpdate: null, + // The file from which the plugin was loaded. + __file: null, + get _file() { + if (this.__file && !(this.__file instanceof Ci.nsILocalFile)) { + let file = Cc["@mozilla.org/file/local;1"].createInstance(Ci.nsILocalFile); + file.persistentDescriptor = this.__file; + return this.__file = file; + } + return this.__file; + }, + set _file(aValue) { + this.__file = aValue; + }, + // Set to true if the engine has a preferred icon (an icon that should not be + // overridden by a non-preferred icon). + _hasPreferredIcon: null, + // The engine's name. + _name: null, + // The name of the charset used to submit the search terms. + _queryCharset: null, + // The engine's raw SearchForm value (URL string pointing to a search form). + __searchForm: null, + get _searchForm() { + return this.__searchForm; + }, + set _searchForm(aValue) { + if (/^https?:/i.test(aValue)) + this.__searchForm = aValue; + else + LOG("_searchForm: Invalid URL dropped for " + this._name || + "the current engine"); + }, + // The URI object from which the engine was retrieved. + // This is null for engines loaded from disk, but present for engines loaded + // from chrome:// URIs. + __uri: null, + get _uri() { + if (this.__uri && !(this.__uri instanceof Ci.nsIURI)) + this.__uri = makeURI(this.__uri); + + return this.__uri; + }, + set _uri(aValue) { + this.__uri = aValue; + }, + // Whether to obtain user confirmation before adding the engine. This is only + // used when the engine is first added to the list. + _confirm: false, + // Whether to set this as the current engine as soon as it is loaded. This + // is only used when the engine is first added to the list. + _useNow: false, + // A function to be invoked when this engine object's addition completes (or + // fails). Only used for installation via addEngine. + _installCallback: null, + // Where the engine was loaded from. Can be one of: SEARCH_APP_DIR, + // SEARCH_PROFILE_DIR, SEARCH_IN_EXTENSION. + __installLocation: null, + // The number of days between update checks for new versions + _updateInterval: null, + // The url to check at for a new update + _updateURL: null, + // The url to check for a new icon + _iconUpdateURL: null, + /* Deferred serialization task. */ + _lazySerializeTask: null, + /* The extension ID if added by an extension. */ + _extensionID: null, + + /** + * Retrieves the data from the engine's file. + * The document element is placed in the engine's data field. + */ + _initFromFile: function SRCH_ENG_initFromFile() { + if (!this._file || !this._file.exists()) + FAIL("File must exist before calling initFromFile!", Cr.NS_ERROR_UNEXPECTED); + + var fileInStream = Cc["@mozilla.org/network/file-input-stream;1"]. + createInstance(Ci.nsIFileInputStream); + + fileInStream.init(this._file, MODE_RDONLY, FileUtils.PERMS_FILE, false); + + var domParser = Cc["@mozilla.org/xmlextras/domparser;1"]. + createInstance(Ci.nsIDOMParser); + var doc = domParser.parseFromStream(fileInStream, "UTF-8", + this._file.fileSize, + "text/xml"); + + this._data = doc.documentElement; + fileInStream.close(); + + // Now that the data is loaded, initialize the engine object + this._initFromData(); + }, + + /** + * Retrieves the data from the engine's file asynchronously. + * The document element is placed in the engine's data field. + * + * @returns {Promise} A promise, resolved successfully if initializing from + * data succeeds, rejected if it fails. + */ + _asyncInitFromFile: function SRCH_ENG__asyncInitFromFile() { + return Task.spawn(function() { + if (!this._file || !(yield OS.File.exists(this._file.path))) + FAIL("File must exist before calling initFromFile!", Cr.NS_ERROR_UNEXPECTED); + + let fileURI = NetUtil.ioService.newFileURI(this._file); + yield this._retrieveSearchXMLData(fileURI.spec); + + // Now that the data is loaded, initialize the engine object + this._initFromData(); + }.bind(this)); + }, + + /** + * Retrieves the engine data from a URI. Initializes the engine, flushes to + * disk, and notifies the search service once initialization is complete. + */ + _initFromURIAndLoad: function SRCH_ENG_initFromURIAndLoad() { + ENSURE_WARN(this._uri instanceof Ci.nsIURI, + "Must have URI when calling _initFromURIAndLoad!", + Cr.NS_ERROR_UNEXPECTED); + + LOG("_initFromURIAndLoad: Downloading engine from: \"" + this._uri.spec + "\"."); + + var chan = NetUtil.ioService.newChannelFromURI2(this._uri, + null, // aLoadingNode + Services.scriptSecurityManager.getSystemPrincipal(), + null, // aTriggeringPrincipal + Ci.nsILoadInfo.SEC_NORMAL, + Ci.nsIContentPolicy.TYPE_OTHER); + + if (this._engineToUpdate && (chan instanceof Ci.nsIHttpChannel)) { + var lastModified = engineMetadataService.getAttr(this._engineToUpdate, + "updatelastmodified"); + if (lastModified) + chan.setRequestHeader("If-Modified-Since", lastModified, false); + } + var listener = new loadListener(chan, this, this._onLoad); + chan.notificationCallbacks = listener; + chan.asyncOpen(listener, null); + }, + + /** + * Retrieves the engine data from a URI asynchronously and initializes it. + * + * @returns {Promise} A promise, resolved successfully if retrieveing data + * succeeds. + */ + _asyncInitFromURI: function SRCH_ENG__asyncInitFromURI() { + return Task.spawn(function() { + LOG("_asyncInitFromURI: Loading engine from: \"" + this._uri.spec + "\"."); + yield this._retrieveSearchXMLData(this._uri.spec); + // Now that the data is loaded, initialize the engine object + this._initFromData(); + }.bind(this)); + }, + + /** + * Retrieves the engine data for a given URI asynchronously. + * + * @returns {Promise} A promise, resolved successfully if retrieveing data + * succeeds. + */ + _retrieveSearchXMLData: function SRCH_ENG__retrieveSearchXMLData(aURL) { + let deferred = Promise.defer(); + let request = Cc["@mozilla.org/xmlextras/xmlhttprequest;1"]. + createInstance(Ci.nsIXMLHttpRequest); + request.overrideMimeType("text/xml"); + request.onload = (aEvent) => { + let responseXML = aEvent.target.responseXML; + this._data = responseXML.documentElement; + deferred.resolve(); + }; + request.onerror = function(aEvent) { + deferred.resolve(); + }; + request.open("GET", aURL, true); + request.send(); + + return deferred.promise; + }, + + _initFromURISync: function SRCH_ENG_initFromURISync() { + ENSURE_WARN(this._uri instanceof Ci.nsIURI, + "Must have URI when calling _initFromURISync!", + Cr.NS_ERROR_UNEXPECTED); + + ENSURE_WARN(this._uri.schemeIs("resource"), "_initFromURISync called for non-resource URI", + Cr.NS_ERROR_FAILURE); + + LOG("_initFromURISync: Loading engine from: \"" + this._uri.spec + "\"."); + + var chan = NetUtil.ioService.newChannelFromURI2(this._uri, + null, // aLoadingNode + Services.scriptSecurityManager.getSystemPrincipal(), + null, // aTriggeringPrincipal + Ci.nsILoadInfo.SEC_NORMAL, + Ci.nsIContentPolicy.TYPE_OTHER); + + var stream = chan.open(); + var parser = Cc["@mozilla.org/xmlextras/domparser;1"]. + createInstance(Ci.nsIDOMParser); + var doc = parser.parseFromStream(stream, "UTF-8", stream.available(), "text/xml"); + + this._data = doc.documentElement; + + // Now that the data is loaded, initialize the engine object + this._initFromData(); + }, + + /** + * Attempts to find an EngineURL object in the set of EngineURLs for + * this Engine that has the given type string. (This corresponds to the + * "type" attribute in the "Url" node in the OpenSearch spec.) + * This method will return the first matching URL object found, or null + * if no matching URL is found. + * + * @param aType string to match the EngineURL's type attribute + * @param aRel [optional] only return URLs that with this rel value + */ + _getURLOfType: function SRCH_ENG__getURLOfType(aType, aRel) { + for (var i = 0; i < this._urls.length; ++i) { + if (this._urls[i].type == aType && (!aRel || this._urls[i]._hasRelation(aRel))) + return this._urls[i]; + } + + return null; + }, + + _confirmAddEngine: function SRCH_SVC_confirmAddEngine() { + var stringBundle = Services.strings.createBundle(SEARCH_BUNDLE); + var titleMessage = stringBundle.GetStringFromName("addEngineConfirmTitle"); + + // Display only the hostname portion of the URL. + var dialogMessage = + stringBundle.formatStringFromName("addEngineConfirmation", + [this._name, this._uri.host], 2); + var checkboxMessage = null; + if (!getBoolPref(BROWSER_SEARCH_PREF + "noCurrentEngine", false)) + checkboxMessage = stringBundle.GetStringFromName("addEngineAsCurrentText"); + + var addButtonLabel = + stringBundle.GetStringFromName("addEngineAddButtonLabel"); + + var ps = Services.prompt; + var buttonFlags = (ps.BUTTON_TITLE_IS_STRING * ps.BUTTON_POS_0) + + (ps.BUTTON_TITLE_CANCEL * ps.BUTTON_POS_1) + + ps.BUTTON_POS_0_DEFAULT; + + var checked = {value: false}; + // confirmEx returns the index of the button that was pressed. Since "Add" + // is button 0, we want to return the negation of that value. + var confirm = !ps.confirmEx(null, + titleMessage, + dialogMessage, + buttonFlags, + addButtonLabel, + null, null, // button 1 & 2 names not used + checkboxMessage, + checked); + + return {confirmed: confirm, useNow: checked.value}; + }, + + /** + * Handle the successful download of an engine. Initializes the engine and + * triggers parsing of the data. The engine is then flushed to disk. Notifies + * the search service once initialization is complete. + */ + _onLoad: function SRCH_ENG_onLoad(aBytes, aEngine) { + /** + * Handle an error during the load of an engine by notifying the engine's + * error callback, if any. + */ + function onError(errorCode = Ci.nsISearchInstallCallback.ERROR_UNKNOWN_FAILURE) { + // Notify the callback of the failure + if (aEngine._installCallback) { + aEngine._installCallback(errorCode); + } + } + + function promptError(strings = {}, error = undefined) { + onError(error); + + if (aEngine._engineToUpdate) { + // We're in an update, so just fail quietly + LOG("updating " + aEngine._engineToUpdate.name + " failed"); + return; + } + var brandBundle = Services.strings.createBundle(BRAND_BUNDLE); + var brandName = brandBundle.GetStringFromName("brandShortName"); + + var searchBundle = Services.strings.createBundle(SEARCH_BUNDLE); + var msgStringName = strings.error || "error_loading_engine_msg2"; + var titleStringName = strings.title || "error_loading_engine_title"; + var title = searchBundle.GetStringFromName(titleStringName); + var text = searchBundle.formatStringFromName(msgStringName, + [brandName, aEngine._location], + 2); + + Services.ww.getNewPrompter(null).alert(title, text); + } + + if (!aBytes) { + promptError(); + return; + } + + var engineToUpdate = null; + if (aEngine._engineToUpdate) { + engineToUpdate = aEngine._engineToUpdate.wrappedJSObject; + + // Make this new engine use the old engine's file. + aEngine._file = engineToUpdate._file; + } + + var parser = Cc["@mozilla.org/xmlextras/domparser;1"]. + createInstance(Ci.nsIDOMParser); + var doc = parser.parseFromBuffer(aBytes, aBytes.length, "text/xml"); + aEngine._data = doc.documentElement; + + try { + // Initialize the engine from the obtained data + aEngine._initFromData(); + } catch (ex) { + LOG("_onLoad: Failed to init engine!\n" + ex); + // Report an error to the user + promptError(); + return; + } + + // Check that when adding a new engine (e.g., not updating an + // existing one), a duplicate engine does not already exist. + if (!engineToUpdate) { + if (Services.search.getEngineByName(aEngine.name)) { + // If we're confirming the engine load, then display a "this is a + // duplicate engine" prompt; otherwise, fail silently. + if (aEngine._confirm) { + promptError({ error: "error_duplicate_engine_msg", + title: "error_invalid_engine_title" + }, Ci.nsISearchInstallCallback.ERROR_DUPLICATE_ENGINE); + } else { + onError(Ci.nsISearchInstallCallback.ERROR_DUPLICATE_ENGINE); + } + LOG("_onLoad: duplicate engine found, bailing"); + return; + } + } + + // If requested, confirm the addition now that we have the title. + // This property is only ever true for engines added via + // nsIBrowserSearchService::addEngine. + if (aEngine._confirm) { + var confirmation = aEngine._confirmAddEngine(); + LOG("_onLoad: confirm is " + confirmation.confirmed + + "; useNow is " + confirmation.useNow); + if (!confirmation.confirmed) { + onError(); + return; + } + aEngine._useNow = confirmation.useNow; + } + + // If we don't yet have a file, get one now. The only case where we would + // already have a file is if this is an update and _file was set above. + if (!aEngine._file) + aEngine._file = getSanitizedFile(aEngine.name); + + if (engineToUpdate) { + // Keep track of the last modified date, so that we can make conditional + // requests for future updates. + engineMetadataService.setAttr(aEngine, "updatelastmodified", + (new Date()).toUTCString()); + + // If we're updating an app-shipped engine, ensure that the updateURLs + // are the same. + if (engineToUpdate._isInAppDir) { + let oldUpdateURL = engineToUpdate._updateURL; + let newUpdateURL = aEngine._updateURL; + let oldSelfURL = engineToUpdate._getURLOfType(URLTYPE_OPENSEARCH, "self"); + if (oldSelfURL) { + oldUpdateURL = oldSelfURL.template; + let newSelfURL = aEngine._getURLOfType(URLTYPE_OPENSEARCH, "self"); + if (!newSelfURL) { + LOG("_onLoad: updateURL missing in updated engine for " + + aEngine.name + " aborted"); + onError(); + return; + } + newUpdateURL = newSelfURL.template; + } + + if (oldUpdateURL != newUpdateURL) { + LOG("_onLoad: updateURLs do not match! Update of " + aEngine.name + " aborted"); + onError(); + return; + } + } + + // Set the new engine's icon, if it doesn't yet have one. + if (!aEngine._iconURI && engineToUpdate._iconURI) + aEngine._iconURI = engineToUpdate._iconURI; + } + + // Write the engine to file. For readOnly engines, they'll be stored in the + // cache following the notification below. + if (!aEngine._readOnly) + aEngine._serializeToFile(); + + // Notify the search service of the successful load. It will deal with + // updates by checking aEngine._engineToUpdate. + notifyAction(aEngine, SEARCH_ENGINE_LOADED); + + // Notify the callback if needed + if (aEngine._installCallback) { + aEngine._installCallback(); + } + }, + + /** + * Creates a key by serializing an object that contains the icon's width + * and height. + * + * @param aWidth + * Width of the icon. + * @param aHeight + * Height of the icon. + * @returns key string + */ + _getIconKey: function SRCH_ENG_getIconKey(aWidth, aHeight) { + let keyObj = { + width: aWidth, + height: aHeight + }; + + return JSON.stringify(keyObj); + }, + + /** + * Add an icon to the icon map used by getIconURIBySize() and getIcons(). + * + * @param aWidth + * Width of the icon. + * @param aHeight + * Height of the icon. + * @param aURISpec + * String with the icon's URI. + */ + _addIconToMap: function SRCH_ENG_addIconToMap(aWidth, aHeight, aURISpec) { + // Use an object instead of a Map() because it needs to be serializable. + this._iconMapObj = this._iconMapObj || {}; + let key = this._getIconKey(aWidth, aHeight); + this._iconMapObj[key] = aURISpec; + }, + + /** + * Sets the .iconURI property of the engine. If both aWidth and aHeight are + * provided an entry will be added to _iconMapObj that will enable accessing + * icon's data through getIcons() and getIconURIBySize() APIs. + * + * @param aIconURL + * A URI string pointing to the engine's icon. Must have a http[s], + * ftp, or data scheme. Icons with HTTP[S] or FTP schemes will be + * downloaded and converted to data URIs for storage in the engine + * XML files, if the engine is not readonly. + * @param aIsPreferred + * Whether or not this icon is to be preferred. Preferred icons can + * override non-preferred icons. + * @param aWidth (optional) + * Width of the icon. + * @param aHeight (optional) + * Height of the icon. + */ + _setIcon: function SRCH_ENG_setIcon(aIconURL, aIsPreferred, aWidth, aHeight) { + var uri = makeURI(aIconURL); + + // Ignore bad URIs + if (!uri) + return; + + LOG("_setIcon: Setting icon url \"" + limitURILength(uri.spec) + "\" for engine \"" + + this.name + "\"."); + // Only accept remote icons from http[s] or ftp + switch (uri.scheme) { + case "data": + if (!this._hasPreferredIcon || aIsPreferred) { + this._iconURI = uri; + notifyAction(this, SEARCH_ENGINE_CHANGED); + this._hasPreferredIcon = aIsPreferred; + } + + if (aWidth && aHeight) { + this._addIconToMap(aWidth, aHeight, aIconURL) + } + break; + case "http": + case "https": + case "ftp": + // No use downloading the icon if the engine file is read-only + LOG("_setIcon: Downloading icon: \"" + uri.spec + + "\" for engine: \"" + this.name + "\""); + var chan = NetUtil.ioService.newChannelFromURI2(uri, + null, // aLoadingNode + Services.scriptSecurityManager.getSystemPrincipal(), + null, // aTriggeringPrincipal + Ci.nsILoadInfo.SEC_NORMAL, + Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE); + + let iconLoadCallback = function (aByteArray, aEngine) { + // This callback may run after we've already set a preferred icon, + // so check again. + if (aEngine._hasPreferredIcon && !aIsPreferred) + return; + + if (!aByteArray || aByteArray.length > MAX_ICON_SIZE) { + LOG("iconLoadCallback: load failed, or the icon was too large!"); + return; + } + + var str = btoa(String.fromCharCode.apply(null, aByteArray)); + let dataURL = ICON_DATAURL_PREFIX + str; + aEngine._iconURI = makeURI(dataURL); + + if (aWidth && aHeight) { + aEngine._addIconToMap(aWidth, aHeight, dataURL) + } + + // The engine might not have a file yet, if it's being downloaded, + // because the request for the engine file itself (_onLoad) may not + // yet be complete. In that case, this change will be written to + // file when _onLoad is called. For readonly engines, we'll store + // the changes in the cache once notified below. + if (aEngine._file && !aEngine._readOnly) + aEngine._serializeToFile(); + + notifyAction(aEngine, SEARCH_ENGINE_CHANGED); + aEngine._hasPreferredIcon = aIsPreferred; + } + + // If we're currently acting as an "update engine", then the callback + // should set the icon on the engine we're updating and not us, since + // |this| might be gone by the time the callback runs. + var engineToSet = this._engineToUpdate || this; + + var listener = new loadListener(chan, engineToSet, iconLoadCallback); + chan.notificationCallbacks = listener; + chan.asyncOpen(listener, null); + break; + } + }, + + /** + * Initialize this Engine object from the collected data. + */ + _initFromData: function SRCH_ENG_initFromData() { + ENSURE_WARN(this._data, "Can't init an engine with no data!", + Cr.NS_ERROR_UNEXPECTED); + + // Ensure we have a supported engine type before attempting to parse it. + let element = this._data; + if ((element.localName == MOZSEARCH_LOCALNAME && + element.namespaceURI == MOZSEARCH_NS_10) || + (element.localName == OPENSEARCH_LOCALNAME && + OPENSEARCH_NAMESPACES.indexOf(element.namespaceURI) != -1)) { + LOG("_init: Initing search plugin from " + this._location); + + this._parse(); + + } else + FAIL(this._location + " is not a valid search plugin.", Cr.NS_ERROR_FAILURE); + + // No need to keep a ref to our data (which in some cases can be a document + // element) past this point + this._data = null; + }, + + /** + * Initialize this Engine object from a collection of metadata. + */ + _initFromMetadata: function SRCH_ENG_initMetaData(aName, aIconURL, aAlias, + aDescription, aMethod, + aTemplate, aExtensionID) { + ENSURE_WARN(!this._readOnly, + "Can't call _initFromMetaData on a readonly engine!", + Cr.NS_ERROR_FAILURE); + + this._urls.push(new EngineURL(URLTYPE_SEARCH_HTML, aMethod, aTemplate)); + + this._name = aName; + this.alias = aAlias; + this._description = aDescription; + this._setIcon(aIconURL, true); + this._extensionID = aExtensionID; + + this._serializeToFile(); + }, + + /** + * Extracts data from an OpenSearch URL element and creates an EngineURL + * object which is then added to the engine's list of URLs. + * + * @throws NS_ERROR_FAILURE if a URL object could not be created. + * + * @see http://opensearch.a9.com/spec/1.1/querysyntax/#urltag. + * @see EngineURL() + */ + _parseURL: function SRCH_ENG_parseURL(aElement) { + var type = aElement.getAttribute("type"); + // According to the spec, method is optional, defaulting to "GET" if not + // specified + var method = aElement.getAttribute("method") || "GET"; + var template = aElement.getAttribute("template"); + var resultDomain = aElement.getAttribute("resultdomain"); + + try { + var url = new EngineURL(type, method, template, resultDomain); + } catch (ex) { + FAIL("_parseURL: failed to add " + template + " as a URL", + Cr.NS_ERROR_FAILURE); + } + + if (aElement.hasAttribute("rel")) + url.rels = aElement.getAttribute("rel").toLowerCase().split(/\s+/); + + for (var i = 0; i < aElement.childNodes.length; ++i) { + var param = aElement.childNodes[i]; + if (param.localName == "Param") { + try { + url.addParam(param.getAttribute("name"), param.getAttribute("value")); + } catch (ex) { + // Ignore failure + LOG("_parseURL: Url element has an invalid param"); + } + } else if (param.localName == "MozParam" && + // We only support MozParams for default search engines + this._isDefault) { + var value; + let condition = param.getAttribute("condition"); + + // MozParams must have a condition to be valid + if (!condition) { + let engineLoc = this._location; + let paramName = param.getAttribute("name"); + LOG("_parseURL: MozParam (" + paramName + ") without a condition attribute found parsing engine: " + engineLoc); + continue; + } + + switch (condition) { + case "purpose": + url.addParam(param.getAttribute("name"), + param.getAttribute("value"), + param.getAttribute("purpose")); + // _addMozParam is not needed here since it can be serialized fine without. _addMozParam + // also requires a unique "name" which is not normally the case when @purpose is used. + break; + case "pref": + try { + value = getMozParamPref(param.getAttribute("pref"), value); + url.addParam(param.getAttribute("name"), value); + url._addMozParam({"pref": param.getAttribute("pref"), + "name": param.getAttribute("name"), + "condition": "pref"}); + } catch (e) { } + break; + default: + let engineLoc = this._location; + let paramName = param.getAttribute("name"); + LOG("_parseURL: MozParam (" + paramName + ") has an unknown condition: " + condition + ". Found parsing engine: " + engineLoc); + break; + } + } + } + + this._urls.push(url); + }, + + /** + * Get the icon from an OpenSearch Image element. + * @see http://opensearch.a9.com/spec/1.1/description/#image + */ + _parseImage: function SRCH_ENG_parseImage(aElement) { + LOG("_parseImage: Image textContent: \"" + limitURILength(aElement.textContent) + "\""); + + let width = parseInt(aElement.getAttribute("width"), 10); + let height = parseInt(aElement.getAttribute("height"), 10); + let isPrefered = width == 16 && height == 16; + + if (isNaN(width) || isNaN(height) || width <= 0 || height <=0) { + LOG("OpenSearch image element must have positive width and height."); + return; + } + + this._setIcon(aElement.textContent, isPrefered, width, height); + }, + + /** + * Extract search engine information from the collected data to initialize + * the engine object. + */ + _parse: function SRCH_ENG_parse() { + var doc = this._data; + + // The OpenSearch spec sets a default value for the input encoding. + this._queryCharset = OS_PARAM_INPUT_ENCODING_DEF; + + for (var i = 0; i < doc.childNodes.length; ++i) { + var child = doc.childNodes[i]; + switch (child.localName) { + case "ShortName": + this._name = child.textContent; + break; + case "Description": + this._description = child.textContent; + break; + case "Url": + try { + this._parseURL(child); + } catch (ex) { + // Parsing of the element failed, just skip it. + LOG("_parse: failed to parse URL child: " + ex); + } + break; + case "Image": + this._parseImage(child); + break; + case "InputEncoding": + this._queryCharset = child.textContent.toUpperCase(); + break; + + // Non-OpenSearch elements + case "SearchForm": + this._searchForm = child.textContent; + break; + case "UpdateUrl": + this._updateURL = child.textContent; + break; + case "UpdateInterval": + this._updateInterval = parseInt(child.textContent); + break; + case "IconUpdateUrl": + this._iconUpdateURL = child.textContent; + break; + case "ExtensionID": + this._extensionID = child.textContent; + break; + } + } + if (!this.name || (this._urls.length == 0)) + FAIL("_parse: No name, or missing URL!", Cr.NS_ERROR_FAILURE); + if (!this.supportsResponseType(URLTYPE_SEARCH_HTML)) + FAIL("_parse: No text/html result type!", Cr.NS_ERROR_FAILURE); + }, + + /** + * Init from a JSON record. + **/ + _initWithJSON: function SRCH_ENG__initWithJSON(aJson) { + this.__id = aJson._id; + this._name = aJson._name; + this._description = aJson.description; + if (aJson._hasPreferredIcon == undefined) + this._hasPreferredIcon = true; + else + this._hasPreferredIcon = false; + this._queryCharset = aJson.queryCharset || DEFAULT_QUERY_CHARSET; + this.__searchForm = aJson.__searchForm; + this.__installLocation = aJson._installLocation || SEARCH_APP_DIR; + this._updateInterval = aJson._updateInterval || null; + this._updateURL = aJson._updateURL || null; + this._iconUpdateURL = aJson._iconUpdateURL || null; + if (aJson._readOnly == undefined) + this._readOnly = true; + else + this._readOnly = false; + this._iconURI = makeURI(aJson._iconURL); + this._iconMapObj = aJson._iconMapObj; + if (aJson.extensionID) { + this._extensionID = aJson.extensionID; + } + for (let i = 0; i < aJson._urls.length; ++i) { + let url = aJson._urls[i]; + let engineURL = new EngineURL(url.type || URLTYPE_SEARCH_HTML, + url.method || "GET", url.template, + url.resultDomain); + engineURL._initWithJSON(url, this); + this._urls.push(engineURL); + } + }, + + /** + * Creates a JavaScript object that represents this engine. + * @returns An object suitable for serialization as JSON. + **/ + toJSON: function SRCH_ENG_toJSON() { + var json = { + _id: this._id, + _name: this._name, + description: this.description, + __searchForm: this.__searchForm, + _iconURL: this._iconURL, + _iconMapObj: this._iconMapObj, + _urls: this._urls + }; + + if (this._file instanceof Ci.nsILocalFile) + json.filePath = this._file.persistentDescriptor; + if (this._uri) + json._url = this._uri.spec; + if (this._installLocation != SEARCH_APP_DIR) + json._installLocation = this._installLocation; + if (this._updateInterval) + json._updateInterval = this._updateInterval; + if (this._updateURL) + json._updateURL = this._updateURL; + if (this._iconUpdateURL) + json._iconUpdateURL = this._iconUpdateURL; + if (!this._hasPreferredIcon) + json._hasPreferredIcon = this._hasPreferredIcon; + if (this.queryCharset != DEFAULT_QUERY_CHARSET) + json.queryCharset = this.queryCharset; + if (!this._readOnly) + json._readOnly = this._readOnly; + if (this._extensionID) { + json.extensionID = this._extensionID; + } + + return json; + }, + + /** + * Returns an XML document object containing the search plugin information, + * which can later be used to reload the engine. + */ + _serializeToElement: function SRCH_ENG_serializeToEl() { + function appendTextNode(aNameSpace, aLocalName, aValue) { + if (!aValue) + return null; + var node = doc.createElementNS(aNameSpace, aLocalName); + node.appendChild(doc.createTextNode(aValue)); + docElem.appendChild(node); + docElem.appendChild(doc.createTextNode("\n")); + return node; + } + + var parser = Cc["@mozilla.org/xmlextras/domparser;1"]. + createInstance(Ci.nsIDOMParser); + + var doc = parser.parseFromString(EMPTY_DOC, "text/xml"); + var docElem = doc.documentElement; + + docElem.appendChild(doc.createTextNode("\n")); + + appendTextNode(OPENSEARCH_NS_11, "ShortName", this.name); + appendTextNode(OPENSEARCH_NS_11, "Description", this._description); + appendTextNode(OPENSEARCH_NS_11, "InputEncoding", this._queryCharset); + + if (this._iconURI) { + var imageNode = appendTextNode(OPENSEARCH_NS_11, "Image", + this._iconURI.spec); + if (imageNode) { + imageNode.setAttribute("width", "16"); + imageNode.setAttribute("height", "16"); + } + } + + appendTextNode(MOZSEARCH_NS_10, "UpdateInterval", this._updateInterval); + appendTextNode(MOZSEARCH_NS_10, "UpdateUrl", this._updateURL); + appendTextNode(MOZSEARCH_NS_10, "IconUpdateUrl", this._iconUpdateURL); + appendTextNode(MOZSEARCH_NS_10, "SearchForm", this._searchForm); + + if (this._extensionID) { + appendTextNode(MOZSEARCH_NS_10, "ExtensionID", this._extensionID); + } + + for (var i = 0; i < this._urls.length; ++i) + this._urls[i]._serializeToElement(doc, docElem); + docElem.appendChild(doc.createTextNode("\n")); + + return doc; + }, + + get lazySerializeTask() { + if (!this._lazySerializeTask) { + let task = function taskCallback() { + this._serializeToFile(); + }.bind(this); + this._lazySerializeTask = new DeferredTask(task, LAZY_SERIALIZE_DELAY); + } + + return this._lazySerializeTask; + }, + + /** + * Serializes the engine object to file. + */ + _serializeToFile: function SRCH_ENG_serializeToFile() { + var file = this._file; + ENSURE_WARN(!this._readOnly, "Can't serialize a read only engine!", + Cr.NS_ERROR_FAILURE); + ENSURE_WARN(file && file.exists(), "Can't serialize: file doesn't exist!", + Cr.NS_ERROR_UNEXPECTED); + + var fos = Cc["@mozilla.org/network/safe-file-output-stream;1"]. + createInstance(Ci.nsIFileOutputStream); + + // Serialize the engine first - we don't want to overwrite a good file + // if this somehow fails. + var doc = this._serializeToElement(); + + fos.init(file, (MODE_WRONLY | MODE_TRUNCATE), FileUtils.PERMS_FILE, 0); + + try { + var serializer = Cc["@mozilla.org/xmlextras/xmlserializer;1"]. + createInstance(Ci.nsIDOMSerializer); + serializer.serializeToStream(doc.documentElement, fos, null); + } catch (e) { + LOG("_serializeToFile: Error serializing engine:\n" + e); + } + + closeSafeOutputStream(fos); + + Services.obs.notifyObservers(file.clone(), SEARCH_SERVICE_TOPIC, + "write-engine-to-disk-complete"); + }, + + /** + * Remove the engine's file from disk. The search service calls this once it + * removes the engine from its internal store. This function will throw if + * the file cannot be removed. + */ + _remove: function SRCH_ENG_remove() { + if (this._readOnly) + FAIL("Can't remove read only engine!", Cr.NS_ERROR_FAILURE); + if (!this._file || !this._file.exists()) + FAIL("Can't remove engine: file doesn't exist!", Cr.NS_ERROR_FILE_NOT_FOUND); + + this._file.remove(false); + }, + + // nsISearchEngine + get alias() { + if (this._alias === undefined) + this._alias = engineMetadataService.getAttr(this, "alias"); + + return this._alias; + }, + set alias(val) { + this._alias = val; + engineMetadataService.setAttr(this, "alias", val); + notifyAction(this, SEARCH_ENGINE_CHANGED); + }, + + /** + * Return the built-in identifier of app-provided engines. + * + * Note that this identifier is substantially similar to _id, with the + * following exceptions: + * + * * There is no trailing file extension. + * * There is no [app] prefix. + * + * @return a string identifier, or null. + */ + get identifier() { + if (this._identifier !== undefined) { + return this._identifier; + } + + // No identifier if If the engine isn't app-provided + if (!this._isInAppDir && !this._isInJAR) { + return this._identifier = null; + } + + let leaf = this._getLeafName(); + ENSURE_WARN(leaf, "identifier: app-provided engine has no leafName"); + + // Strip file extension. + let ext = leaf.lastIndexOf("."); + if (ext == -1) { + return this._identifier = leaf; + } + return this._identifier = leaf.substring(0, ext); + }, + + get description() { + return this._description; + }, + + get hidden() { + return engineMetadataService.getAttr(this, "hidden") || false; + }, + set hidden(val) { + var value = !!val; + if (value != this.hidden) { + engineMetadataService.setAttr(this, "hidden", value); + notifyAction(this, SEARCH_ENGINE_CHANGED); + } + }, + + get iconURI() { + if (this._iconURI) + return this._iconURI; + return null; + }, + + get _iconURL() { + if (!this._iconURI) + return ""; + return this._iconURI.spec; + }, + + // Where the engine is being loaded from: will return the URI's spec if the + // engine is being downloaded and does not yet have a file. This is only used + // for logging and error messages. + get _location() { + if (this._file) + return this._file.path; + + if (this._uri) + return this._uri.spec; + + return ""; + }, + + /** + * @return the leaf name of the filename or URI of this plugin, + * or null if no file or URI is known. + */ + _getLeafName: function () { + if (this._file) { + return this._file.leafName; + } + if (this._uri && this._uri instanceof Ci.nsIURL) { + return this._uri.fileName; + } + return null; + }, + + // The file that the plugin is loaded from is a unique identifier for it. We + // use this as the identifier to store data in the sqlite database + __id: null, + get _id() { + if (this.__id) { + return this.__id; + } + + let leafName = this._getLeafName(); + + // Treat engines loaded from JARs the same way we treat app shipped + // engines. + // Theoretically, these could also come from extensions, but there's no + // real way for extensions to register their chrome locations at the + // moment, so let's not deal with that case. + // This means we're vulnerable to conflicts if a file loaded from a JAR + // has the same filename as a file loaded from the app dir, but with a + // different engine name. People using the JAR functionality should be + // careful not to do that! + if (this._isInAppDir || this._isInJAR) { + // App dir and JAR engines should always have leafNames + ENSURE_WARN(leafName, "_id: no leafName for appDir or JAR engine", + Cr.NS_ERROR_UNEXPECTED); + return this.__id = "[app]/" + leafName; + } + + if (this._isInProfile) { + ENSURE_WARN(leafName, "_id: no leafName for profile engine", + Cr.NS_ERROR_UNEXPECTED); + return this.__id = "[profile]/" + leafName; + } + + // If the engine isn't a JAR engine, it should have a file. + ENSURE_WARN(this._file, "_id: no _file for non-JAR engine", + Cr.NS_ERROR_UNEXPECTED); + + // We're not in the profile or appdir, so this must be an extension-shipped + // plugin. Use the full filename. + return this.__id = this._file.path; + }, + + // This indicates where we found the .xml file to load the engine, + // and attempts to hide user-identifiable data (such as username). + get _anonymizedLoadPath() { + /* Examples of expected output: + * jar:[app]/omni.ja!browser/engine.xml + * 'browser' here is the name of the chrome package, not a folder. + * [profile]/searchplugins/engine.xml + * [distribution]/searchplugins/common/engine.xml + * [other]/engine.xml + */ + + let leafName = this._getLeafName(); + if (!leafName) + return "null"; + + let prefix = "", suffix = ""; + let file = this._file; + if (!file) { + let uri = this._uri; + if (uri.schemeIs("resource")) { + uri = makeURI(Services.io.getProtocolHandler("resource") + .QueryInterface(Ci.nsISubstitutingProtocolHandler) + .resolveURI(uri)); + } + if (uri.schemeIs("chrome")) { + let packageName = uri.hostPort; + uri = gChromeReg.convertChromeURL(uri); + if (uri instanceof Ci.nsINestedURI) { + prefix = "jar:"; + suffix = "!" + packageName + "/" + leafName; + uri = uri.innermostURI; + } + uri.QueryInterface(Ci.nsIFileURL) + file = uri.file; + } else { + return "[" + uri.scheme + "]/" + leafName; + } + } + + let id; + let enginePath = file.path; + + const NS_XPCOM_CURRENT_PROCESS_DIR = "XCurProcD"; + const NS_APP_USER_PROFILE_50_DIR = "ProfD"; + const XRE_APP_DISTRIBUTION_DIR = "XREAppDist"; + + const knownDirs = { + app: NS_XPCOM_CURRENT_PROCESS_DIR, + profile: NS_APP_USER_PROFILE_50_DIR, + distribution: XRE_APP_DISTRIBUTION_DIR + }; + + for (let key in knownDirs) { + let path; + try { + path = getDir(knownDirs[key]).path; + } catch(e) { + // Getting XRE_APP_DISTRIBUTION_DIR throws during unit tests. + continue; + } + if (enginePath.startsWith(path)) { + id = "[" + key + "]" + enginePath.slice(path.length).replace(/\\/g, "/"); + break; + } + } + + // If the folder doesn't have a known ancestor, don't record its path to + // avoid leaking user identifiable data. + if (!id) + id = "[other]/" + file.leafName; + + return prefix + id + suffix; + }, + + get _installLocation() { + if (this.__installLocation === null) { + if (!this._file) { + ENSURE_WARN(this._uri, "Engines without files must have URIs", + Cr.NS_ERROR_UNEXPECTED); + this.__installLocation = SEARCH_JAR; + } + else if (this._file.parent.equals(getDir(NS_APP_SEARCH_DIR))) + this.__installLocation = SEARCH_APP_DIR; + else if (this._file.parent.equals(getDir(NS_APP_USER_SEARCH_DIR))) + this.__installLocation = SEARCH_PROFILE_DIR; + else + this.__installLocation = SEARCH_IN_EXTENSION; + } + + return this.__installLocation; + }, + + get _isInJAR() { + return this._installLocation == SEARCH_JAR; + }, + get _isInAppDir() { + return this._installLocation == SEARCH_APP_DIR; + }, + get _isInProfile() { + return this._installLocation == SEARCH_PROFILE_DIR; + }, + + get _isDefault() { + // For now, our concept of a "default engine" is "one that is not in the + // user's profile directory", which is currently equivalent to "is app- or + // extension-shipped". + return !this._isInProfile; + }, + + get _hasUpdates() { + // Whether or not the engine has an update URL + let selfURL = this._getURLOfType(URLTYPE_OPENSEARCH, "self"); + return !!(this._updateURL || this._iconUpdateURL || selfURL); + }, + + get name() { + return this._name; + }, + + get searchForm() { + return this._getSearchFormWithPurpose(); + }, + + _getSearchFormWithPurpose(aPurpose = "") { + // First look for a <Url rel="searchform"> + var searchFormURL = this._getURLOfType(URLTYPE_SEARCH_HTML, "searchform"); + if (searchFormURL) { + let submission = searchFormURL.getSubmission("", this, aPurpose); + + // If the rel=searchform URL is not type="get" (i.e. has postData), + // ignore it, since we can only return a URL. + if (!submission.postData) + return submission.uri.spec; + } + + if (!this._searchForm) { + // No SearchForm specified in the engine definition file, use the prePath + // (e.g. https://foo.com for https://foo.com/search.php?q=bar). + var htmlUrl = this._getURLOfType(URLTYPE_SEARCH_HTML); + ENSURE_WARN(htmlUrl, "Engine has no HTML URL!", Cr.NS_ERROR_UNEXPECTED); + this._searchForm = makeURI(htmlUrl.template).prePath; + } + + return ParamSubstitution(this._searchForm, "", this); + }, + + get queryCharset() { + if (this._queryCharset) + return this._queryCharset; + return this._queryCharset = "windows-1252"; // the default + }, + + // from nsISearchEngine + addParam: function SRCH_ENG_addParam(aName, aValue, aResponseType) { + if (!aName || (aValue == null)) + FAIL("missing name or value for nsISearchEngine::addParam!"); + ENSURE_WARN(!this._readOnly, + "called nsISearchEngine::addParam on a read-only engine!", + Cr.NS_ERROR_FAILURE); + if (!aResponseType) + aResponseType = URLTYPE_SEARCH_HTML; + + var url = this._getURLOfType(aResponseType); + if (!url) + FAIL("Engine object has no URL for response type " + aResponseType, + Cr.NS_ERROR_FAILURE); + + url.addParam(aName, aValue); + + // Serialize the changes to file lazily + this.lazySerializeTask.arm(); + }, + +#ifdef ANDROID + get _defaultMobileResponseType() { + let type = URLTYPE_SEARCH_HTML; + + let sysInfo = Cc["@mozilla.org/system-info;1"].getService(Ci.nsIPropertyBag2); + let isTablet = sysInfo.get("tablet"); + if (isTablet && this.supportsResponseType("application/x-moz-tabletsearch")) { + // Check for a tablet-specific search URL override + type = "application/x-moz-tabletsearch"; + } else if (!isTablet && this.supportsResponseType("application/x-moz-phonesearch")) { + // Check for a phone-specific search URL override + type = "application/x-moz-phonesearch"; + } + + delete this._defaultMobileResponseType; + return this._defaultMobileResponseType = type; + }, +#endif + + // from nsISearchEngine + getSubmission: function SRCH_ENG_getSubmission(aData, aResponseType, aPurpose) { +#ifdef ANDROID + if (!aResponseType) { + aResponseType = this._defaultMobileResponseType; + } +#endif + if (!aResponseType) { + aResponseType = URLTYPE_SEARCH_HTML; + } + + var url = this._getURLOfType(aResponseType); + + if (!url) + return null; + + if (!aData) { + // Return a dummy submission object with our searchForm attribute + return new Submission(makeURI(this._getSearchFormWithPurpose(aPurpose)), null); + } + + LOG("getSubmission: In data: \"" + aData + "\"; Purpose: \"" + aPurpose + "\""); + var data = ""; + try { + data = gTextToSubURI.ConvertAndEscape(this.queryCharset, aData); + } catch (ex) { + LOG("getSubmission: Falling back to default queryCharset!"); + data = gTextToSubURI.ConvertAndEscape(DEFAULT_QUERY_CHARSET, aData); + } + LOG("getSubmission: Out data: \"" + data + "\""); + return url.getSubmission(data, this, aPurpose); + }, + + // from nsISearchEngine + supportsResponseType: function SRCH_ENG_supportsResponseType(type) { + return (this._getURLOfType(type) != null); + }, + + // from nsISearchEngine + getResultDomain: function SRCH_ENG_getResultDomain(aResponseType) { +#ifdef ANDROID + if (!aResponseType) { + aResponseType = this._defaultMobileResponseType; + } +#endif + if (!aResponseType) { + aResponseType = URLTYPE_SEARCH_HTML; + } + + LOG("getResultDomain: responseType: \"" + aResponseType + "\""); + + let url = this._getURLOfType(aResponseType); + if (url) + return url.resultDomain; + return ""; + }, + + /** + * Returns URL parsing properties used by _buildParseSubmissionMap. + */ + getURLParsingInfo: function () { +#ifdef ANDROID + let responseType = this._defaultMobileResponseType; +#else + let responseType = URLTYPE_SEARCH_HTML; +#endif + + LOG("getURLParsingInfo: responseType: \"" + responseType + "\""); + + let url = this._getURLOfType(responseType); + if (!url || url.method != "GET") { + return null; + } + + let termsParameterName = url._getTermsParameterName(); + if (!termsParameterName) { + return null; + } + + let templateUrl = NetUtil.newURI(url.template).QueryInterface(Ci.nsIURL); + return { + mainDomain: templateUrl.host, + path: templateUrl.filePath.toLowerCase(), + termsParameterName: termsParameterName, + }; + }, + + // nsISupports + QueryInterface: function SRCH_ENG_QI(aIID) { + if (aIID.equals(Ci.nsISearchEngine) || + aIID.equals(Ci.nsISupports)) + return this; + throw Cr.NS_ERROR_NO_INTERFACE; + }, + + get wrappedJSObject() { + return this; + }, + + /** + * Returns a string with the URL to an engine's icon matching both width and + * height. Returns null if icon with specified dimensions is not found. + * + * @param width + * Width of the requested icon. + * @param height + * Height of the requested icon. + */ + getIconURLBySize: function SRCH_ENG_getIconURLBySize(aWidth, aHeight) { + if (!this._iconMapObj) + return null; + + let key = this._getIconKey(aWidth, aHeight); + if (key in this._iconMapObj) { + return this._iconMapObj[key]; + } + return null; + }, + + /** + * Gets an array of all available icons. Each entry is an object with + * width, height and url properties. width and height are numeric and + * represent the icon's dimensions. url is a string with the URL for + * the icon. + */ + getIcons: function SRCH_ENG_getIcons() { + let result = []; + + if (!this._iconMapObj) + return result; + + for (let key of Object.keys(this._iconMapObj)) { + let iconSize = JSON.parse(key); + result.push({ + width: iconSize.width, + height: iconSize.height, + url: this._iconMapObj[key] + }); + } + + return result; + }, + + /** + * Opens a speculative connection to the engine's search URI + * (and suggest URI, if different) to reduce request latency + * + * @param options + * An object that must contain the following fields: + * {window} the content window for the window performing the search + * + * @throws NS_ERROR_INVALID_ARG if options is omitted or lacks required + * elemeents + */ + speculativeConnect: function SRCH_ENG_speculativeConnect(options) { + if (!options || !options.window) { + Cu.reportError("invalid options arg passed to nsISearchEngine.speculativeConnect"); + throw Cr.NS_ERROR_INVALID_ARG; + } + let connector = + Services.io.QueryInterface(Components.interfaces.nsISpeculativeConnect); + + let searchURI = this.getSubmission("dummy").uri; + + let callbacks = options.window.QueryInterface(Components.interfaces.nsIInterfaceRequestor) + .getInterface(Components.interfaces.nsIWebNavigation) + .QueryInterface(Components.interfaces.nsILoadContext); + + connector.speculativeConnect(searchURI, callbacks); + + if (this.supportsResponseType(URLTYPE_SUGGEST_JSON)) { + let suggestURI = this.getSubmission("dummy", URLTYPE_SUGGEST_JSON).uri; + if (suggestURI.prePath != searchURI.prePath) + connector.speculativeConnect(suggestURI, callbacks); + } + }, +}; + +// nsISearchSubmission +function Submission(aURI, aPostData = null) { + this._uri = aURI; + this._postData = aPostData; +} +Submission.prototype = { + get uri() { + return this._uri; + }, + get postData() { + return this._postData; + }, + QueryInterface: function SRCH_SUBM_QI(aIID) { + if (aIID.equals(Ci.nsISearchSubmission) || + aIID.equals(Ci.nsISupports)) + return this; + throw Cr.NS_ERROR_NO_INTERFACE; + } +} + +// nsISearchParseSubmissionResult +function ParseSubmissionResult(aEngine, aTerms, aTermsOffset, aTermsLength) { + this._engine = aEngine; + this._terms = aTerms; + this._termsOffset = aTermsOffset; + this._termsLength = aTermsLength; +} +ParseSubmissionResult.prototype = { + get engine() { + return this._engine; + }, + get terms() { + return this._terms; + }, + get termsOffset() { + return this._termsOffset; + }, + get termsLength() { + return this._termsLength; + }, + QueryInterface: XPCOMUtils.generateQI([Ci.nsISearchParseSubmissionResult]), +} + +const gEmptyParseSubmissionResult = + Object.freeze(new ParseSubmissionResult(null, "", -1, 0)); + +function executeSoon(func) { + Services.tm.mainThread.dispatch(func, Ci.nsIThread.DISPATCH_NORMAL); +} + +/** + * Check for sync initialization has completed or not. + * + * @param {aPromise} A promise. + * + * @returns the value returned by the invoked method. + * @throws NS_ERROR_ALREADY_INITIALIZED if sync initialization has completed. + */ +function checkForSyncCompletion(aPromise) { + return aPromise.then(function(aValue) { + if (gInitialized) { + throw Components.Exception("Synchronous fallback was called and has " + + "finished so no need to pursue asynchronous " + + "initialization", + Cr.NS_ERROR_ALREADY_INITIALIZED); + } + return aValue; + }); +} + +// nsIBrowserSearchService +function SearchService() { + // Replace empty LOG function with the useful one if the log pref is set. + if (getBoolPref(BROWSER_SEARCH_PREF + "log", false)) + LOG = DO_LOG; + + this._initObservers = Promise.defer(); +} + +SearchService.prototype = { + classID: Components.ID("{7319788a-fe93-4db3-9f39-818cf08f4256}"), + + // The current status of initialization. Note that it does not determine if + // initialization is complete, only if an error has been encountered so far. + _initRV: Cr.NS_OK, + + // The boolean indicates that the initialization has started or not. + _initStarted: null, + + // If initialization has not been completed yet, perform synchronous + // initialization. + // Throws in case of initialization error. + _ensureInitialized: function SRCH_SVC__ensureInitialized() { + if (gInitialized) { + if (!Components.isSuccessCode(this._initRV)) { + LOG("_ensureInitialized: failure"); + throw this._initRV; + } + return; + } + + let warning = + "Search service falling back to synchronous initialization. " + + "This is generally the consequence of an add-on using a deprecated " + + "search service API."; + Deprecated.warning(warning, "https://developer.mozilla.org/en-US/docs/XPCOM_Interface_Reference/nsIBrowserSearchService#async_warning"); + LOG(warning); + + engineMetadataService.syncInit(); + this._syncInit(); + if (!Components.isSuccessCode(this._initRV)) { + throw this._initRV; + } + }, + + // Synchronous implementation of the initializer. + // Used by |_ensureInitialized| as a fallback if initialization is not + // complete. + _syncInit: function SRCH_SVC__syncInit() { + LOG("_syncInit start"); + this._initStarted = true; + migrateRegionPrefs(); + try { + this._syncLoadEngines(); + } catch (ex) { + this._initRV = Cr.NS_ERROR_FAILURE; + LOG("_syncInit: failure loading engines: " + ex); + } + this._addObservers(); + + gInitialized = true; + + this._initObservers.resolve(this._initRV); + + Services.obs.notifyObservers(null, SEARCH_SERVICE_TOPIC, "init-complete"); + + LOG("_syncInit end"); + }, + + /** + * Asynchronous implementation of the initializer. + * + * @returns {Promise} A promise, resolved successfully if the initialization + * succeeds. + */ + _asyncInit: function SRCH_SVC__asyncInit() { + migrateRegionPrefs(); + return Task.spawn(function() { + LOG("_asyncInit start"); + try { + yield checkForSyncCompletion(ensureKnownCountryCode()); + } catch (ex if ex.result != Cr.NS_ERROR_ALREADY_INITIALIZED) { + LOG("_asyncInit: failure determining country code: " + ex); + } + try { + yield checkForSyncCompletion(this._asyncLoadEngines()); + } catch (ex if ex.result != Cr.NS_ERROR_ALREADY_INITIALIZED) { + this._initRV = Cr.NS_ERROR_FAILURE; + LOG("_asyncInit: failure loading engines: " + ex); + } + this._addObservers(); + gInitialized = true; + this._initObservers.resolve(this._initRV); + Services.obs.notifyObservers(null, SEARCH_SERVICE_TOPIC, "init-complete"); + + LOG("_asyncInit: Completed _asyncInit"); + }.bind(this)); + }, + + + _engines: { }, + __sortedEngines: null, + _visibleDefaultEngines: [], + get _sortedEngines() { + if (!this.__sortedEngines) + return this._buildSortedEngineList(); + return this.__sortedEngines; + }, + + // Get the original Engine object that is the default for this region, + // ignoring changes the user may have subsequently made. + get _originalDefaultEngine() { + let defaultEngine = engineMetadataService.getGlobalAttr("searchDefault"); + if (defaultEngine && + engineMetadataService.getGlobalAttr("searchDefaultHash") != getVerificationHash(defaultEngine)) { + LOG("get _originalDefaultEngine, invalid searchDefaultHash for: " + defaultEngine); + defaultEngine = ""; + } + + if (!defaultEngine) { + let defaultPrefB = Services.prefs.getDefaultBranch(BROWSER_SEARCH_PREF); + let nsIPLS = Ci.nsIPrefLocalizedString; + + let defPref = getGeoSpecificPrefName("defaultenginename"); + try { + defaultEngine = defaultPrefB.getComplexValue(defPref, nsIPLS).data; + } catch (ex) { + // If the default pref is invalid (e.g. an add-on set it to a bogus value) + // getEngineByName will just return null, which is the best we can do. + } + } + + return this.getEngineByName(defaultEngine); + }, + + resetToOriginalDefaultEngine: function SRCH_SVC__resetToOriginalDefaultEngine() { + this.currentEngine = this._originalDefaultEngine; + }, + + _buildCache: function SRCH_SVC__buildCache() { + let cache = {}; + let locale = getLocale(); + let buildID = Services.appinfo.platformBuildID; + + // Allows us to force a cache refresh should the cache format change. + cache.version = CACHE_VERSION; + // We don't want to incur the costs of stat()ing each plugin on every + // startup when the only (supported) time they will change is during + // runtime (where we refresh for changes through the API) and app updates + // (where the buildID is obviously going to change). + // Extension-shipped plugins are the only exception to this, but their + // directories are blown away during updates, so we'll detect their changes. + cache.buildID = buildID; + cache.locale = locale; + + cache.directories = {}; + cache.visibleDefaultEngines = this._visibleDefaultEngines; + + let getParent = engine => { + if (engine._file) + return engine._file.parent; + + let uri = engine._uri; + if (!uri.schemeIs("resource")) { + LOG("getParent: engine URI must be a resource URI if it has no file"); + return null; + } + + // use the underlying JAR file, for resource URIs + let chan = makeChannel(uri.spec); + if (chan) + return this._convertChannelToFile(chan); + + LOG("getParent: couldn't map resource:// URI to a file"); + return null; + }; + + for (let name in this._engines) { + let engine = this._engines[name]; + let parent = getParent(engine); + if (!parent) { + LOG("Error: no parent for engine " + engine._location + ", failing to cache it"); + + continue; + } + + let cacheKey = parent.path; + if (!cache.directories[cacheKey]) { + let cacheEntry = {}; + cacheEntry.lastModifiedTime = parent.lastModifiedTime; + cacheEntry.engines = []; + cache.directories[cacheKey] = cacheEntry; + } + cache.directories[cacheKey].engines.push(engine); + } + + try { + LOG("_buildCache: Writing to cache file."); + let path = OS.Path.join(OS.Constants.Path.profileDir, "search.json"); + let data = gEncoder.encode(JSON.stringify(cache)); + let promise = OS.File.writeAtomic(path, data, { tmpPath: path + ".tmp"}); + + promise.then( + function onSuccess() { + Services.obs.notifyObservers(null, SEARCH_SERVICE_TOPIC, SEARCH_SERVICE_CACHE_WRITTEN); + }, + function onError(e) { + LOG("_buildCache: failure during writeAtomic: " + e); + } + ); + } catch (ex) { + LOG("_buildCache: Could not write to cache file: " + ex); + } + }, + + _syncLoadEngines: function SRCH_SVC__syncLoadEngines() { + LOG("_syncLoadEngines: start"); + // See if we have a cache file so we don't have to parse a bunch of XML. + let cache = {}; + let cacheFile = getDir(NS_APP_USER_PROFILE_50_DIR); + cacheFile.append("search.json"); + if (cacheFile.exists()) + cache = this._readCacheFile(cacheFile); + + let [chromeFiles, chromeURIs] = this._findJAREngines(); + + let distDirs = []; + let locations; + try { + locations = getDir(NS_APP_DISTRIBUTION_SEARCH_DIR_LIST, + Ci.nsISimpleEnumerator); + } catch (e) { + // NS_APP_DISTRIBUTION_SEARCH_DIR_LIST is defined by each app + // so this throws during unit tests (but not xpcshell tests). + locations = {hasMoreElements: () => false}; + } + while (locations.hasMoreElements()) { + let dir = locations.getNext().QueryInterface(Ci.nsIFile); + if (dir.directoryEntries.hasMoreElements()) + distDirs.push(dir); + } + + let otherDirs = []; + locations = getDir(NS_APP_SEARCH_DIR_LIST, Ci.nsISimpleEnumerator); + while (locations.hasMoreElements()) { + let dir = locations.getNext().QueryInterface(Ci.nsIFile); + if (dir.directoryEntries.hasMoreElements()) + otherDirs.push(dir); + } + + let toLoad = chromeFiles.concat(distDirs, otherDirs); + + function modifiedDir(aDir) { + return (!cache.directories || !cache.directories[aDir.path] || + cache.directories[aDir.path].lastModifiedTime != aDir.lastModifiedTime); + } + + function notInCachePath(aPathToLoad) { + return cachePaths.indexOf(aPathToLoad.path) == -1; + } + function notInCacheVisibleEngines(aEngineName) { + return cache.visibleDefaultEngines.indexOf(aEngineName) == -1; + } + + let buildID = Services.appinfo.platformBuildID; + // Gecko44: let cachePaths = [path for (path in cache.directories)]; + let cachePaths = []; + for (path in cache.directories) { + cachePaths.push(path); + } + + + let rebuildCache = !cache.directories || + cache.version != CACHE_VERSION || + cache.locale != getLocale() || + cache.buildID != buildID || + cachePaths.length != toLoad.length || + toLoad.some(notInCachePath) || + cache.visibleDefaultEngines.length != this._visibleDefaultEngines.length || + this._visibleDefaultEngines.some(notInCacheVisibleEngines) || + toLoad.some(modifiedDir); + + if (rebuildCache) { + LOG("_loadEngines: Absent or outdated cache. Loading engines from disk."); + distDirs.forEach(this._loadEnginesFromDir, this); + + this._loadFromChromeURLs(chromeURIs); + + otherDirs.forEach(this._loadEnginesFromDir, this); + + this._buildCache(); + return; + } + + LOG("_loadEngines: loading from cache directories"); + for (let cacheKey in cache.directories) { + let dir = cache.directories[cacheKey]; + this._loadEnginesFromCache(dir); + } + + LOG("_loadEngines: done"); + }, + + /** + * Loads engines asynchronously. + * + * @returns {Promise} A promise, resolved successfully if loading data + * succeeds. + */ + _asyncLoadEngines: function SRCH_SVC__asyncLoadEngines() { + return Task.spawn(function() { + LOG("_asyncLoadEngines: start"); + // See if we have a cache file so we don't have to parse a bunch of XML. + let cache = {}; + let cacheFilePath = OS.Path.join(OS.Constants.Path.profileDir, "search.json"); + cache = yield checkForSyncCompletion(this._asyncReadCacheFile(cacheFilePath)); + + Services.obs.notifyObservers(null, SEARCH_SERVICE_TOPIC, "find-jar-engines"); + let [chromeFiles, chromeURIs] = + yield checkForSyncCompletion(this._asyncFindJAREngines()); + + // Get the non-empty distribution directories into distDirs... + let distDirs = []; + let locations; + try { + locations = getDir(NS_APP_DISTRIBUTION_SEARCH_DIR_LIST, + Ci.nsISimpleEnumerator); + } catch (e) { + // NS_APP_DISTRIBUTION_SEARCH_DIR_LIST is defined by each app + // so this throws during unit tests (but not xpcshell tests). + locations = {hasMoreElements: () => false}; + } + while (locations.hasMoreElements()) { + let dir = locations.getNext().QueryInterface(Ci.nsIFile); + let iterator = new OS.File.DirectoryIterator(dir.path, + { winPattern: "*.xml" }); + try { + // Add dir to distDirs if it contains any files. + yield checkForSyncCompletion(iterator.next()); + distDirs.push(dir); + } catch (ex if ex.result != Cr.NS_ERROR_ALREADY_INITIALIZED) { + // Catch for StopIteration exception. + } finally { + iterator.close(); + } + } + + // Add the non-empty directories of NS_APP_SEARCH_DIR_LIST to + // otherDirs... + let otherDirs = []; + locations = getDir(NS_APP_SEARCH_DIR_LIST, Ci.nsISimpleEnumerator); + while (locations.hasMoreElements()) { + let dir = locations.getNext().QueryInterface(Ci.nsIFile); + let iterator = new OS.File.DirectoryIterator(dir.path, + { winPattern: "*.xml" }); + try { + // Add dir to otherDirs if it contains any files. + yield checkForSyncCompletion(iterator.next()); + otherDirs.push(dir); + } catch (ex if ex.result != Cr.NS_ERROR_ALREADY_INITIALIZED) { + // Catch for StopIteration exception. + } finally { + iterator.close(); + } + } + + let toLoad = chromeFiles.concat(distDirs, otherDirs); + function hasModifiedDir(aList) { + return Task.spawn(function() { + let modifiedDir = false; + + for (let dir of aList) { + if (!cache.directories || !cache.directories[dir.path]) { + modifiedDir = true; + break; + } + + let info = yield OS.File.stat(dir.path); + if (cache.directories[dir.path].lastModifiedTime != + info.lastModificationDate.getTime()) { + modifiedDir = true; + break; + } + } + throw new Task.Result(modifiedDir); + }); + } + + function notInCachePath(aPathToLoad) { + return cachePaths.indexOf(aPathToLoad.path) == -1; + } + function notInCacheVisibleEngines(aEngineName) { + return cache.visibleDefaultEngines.indexOf(aEngineName) == -1; + } + + let buildID = Services.appinfo.platformBuildID; + // Gecko44: let cachePaths = [path for (path in cache.directories)]; + let cachePaths = []; + for (path in cache.directories) { + cachePaths.push(path); + } + + let rebuildCache = !cache.directories || + cache.version != CACHE_VERSION || + cache.locale != getLocale() || + cache.buildID != buildID || + cachePaths.length != toLoad.length || + toLoad.some(notInCachePath) || + cache.visibleDefaultEngines.length != this._visibleDefaultEngines.length || + this._visibleDefaultEngines.some(notInCacheVisibleEngines) || + (yield checkForSyncCompletion(hasModifiedDir(toLoad))); + + if (rebuildCache) { + LOG("_asyncLoadEngines: Absent or outdated cache. Loading engines from disk."); + let engines = []; + for (let loadDir of distDirs) { + let enginesFromDir = + yield checkForSyncCompletion(this._asyncLoadEnginesFromDir(loadDir)); + engines = engines.concat(enginesFromDir); + } + let enginesFromURLs = + yield checkForSyncCompletion(this._asyncLoadFromChromeURLs(chromeURIs)); + engines = engines.concat(enginesFromURLs); + for (let loadDir of otherDirs) { + let enginesFromDir = + yield checkForSyncCompletion(this._asyncLoadEnginesFromDir(loadDir)); + engines = engines.concat(enginesFromDir); + } + + for (let engine of engines) { + this._addEngineToStore(engine); + } + this._buildCache(); + return; + } + + LOG("_asyncLoadEngines: loading from cache directories"); + for (let cacheKey in cache.directories) { + let dir = cache.directories[cacheKey]; + this._loadEnginesFromCache(dir); + } + + LOG("_asyncLoadEngines: done"); + }.bind(this)); + }, + + _asyncReInit: function () { + LOG("_asyncReInit"); + // Start by clearing the initialized state, so we don't abort early. + gInitialized = false; + + // Clear the engines, too, so we don't stick with the stale ones. + this._engines = {}; + this.__sortedEngines = null; + this._currentEngine = null; + this._defaultEngine = null; + this._visibleDefaultEngines = []; + + // Clear the metadata service. + engineMetadataService._initialized = false; + engineMetadataService._initializer = null; + + Task.spawn(function* () { + try { + LOG("Restarting engineMetadataService"); + yield engineMetadataService.init(); + yield ensureKnownCountryCode(); + + // Due to the HTTP requests done by ensureKnownCountryCode, it's possible that + // at this point a synchronous init has been forced by other code. + if (!gInitialized) + yield this._asyncLoadEngines(); + + // Typically we'll re-init as a result of a pref observer, + // so signal to 'callers' that we're done. + Services.obs.notifyObservers(null, SEARCH_SERVICE_TOPIC, "reinit-complete"); + gInitialized = true; + } catch (err) { + LOG("Reinit failed: " + err); + Services.obs.notifyObservers(null, SEARCH_SERVICE_TOPIC, "reinit-failed"); + } + }.bind(this)); + }, + + _readCacheFile: function SRCH_SVC__readCacheFile(aFile) { + let stream = Cc["@mozilla.org/network/file-input-stream;1"]. + createInstance(Ci.nsIFileInputStream); + let json = Cc["@mozilla.org/dom/json;1"].createInstance(Ci.nsIJSON); + + try { + stream.init(aFile, MODE_RDONLY, FileUtils.PERMS_FILE, 0); + return json.decodeFromStream(stream, stream.available()); + } catch (ex) { + LOG("_readCacheFile: Error reading cache file: " + ex); + } finally { + stream.close(); + } + return false; + }, + + /** + * Read from a given cache file asynchronously. + * + * @param aPath the file path. + * + * @returns {Promise} A promise, resolved successfully if retrieveing data + * succeeds. + */ + _asyncReadCacheFile: function SRCH_SVC__asyncReadCacheFile(aPath) { + return Task.spawn(function() { + let json; + try { + let bytes = yield OS.File.read(aPath); + json = JSON.parse(new TextDecoder().decode(bytes)); + } catch (ex) { + LOG("_asyncReadCacheFile: Error reading cache file: " + ex); + json = {}; + } + throw new Task.Result(json); + }); + }, + + _batchTask: null, + get batchTask() { + if (!this._batchTask) { + let task = function taskCallback() { + LOG("batchTask: Invalidating engine cache"); + this._buildCache(); + }.bind(this); + this._batchTask = new DeferredTask(task, CACHE_INVALIDATION_DELAY); + } + return this._batchTask; + }, + + _addEngineToStore: function SRCH_SVC_addEngineToStore(aEngine) { + LOG("_addEngineToStore: Adding engine: \"" + aEngine.name + "\""); + + // See if there is an existing engine with the same name. However, if this + // engine is updating another engine, it's allowed to have the same name. + var hasSameNameAsUpdate = (aEngine._engineToUpdate && + aEngine.name == aEngine._engineToUpdate.name); + if (aEngine.name in this._engines && !hasSameNameAsUpdate) { + LOG("_addEngineToStore: Duplicate engine found, aborting!"); + return; + } + + if (aEngine._engineToUpdate) { + // We need to replace engineToUpdate with the engine that just loaded. + var oldEngine = aEngine._engineToUpdate; + + // Remove the old engine from the hash, since it's keyed by name, and our + // name might change (the update might have a new name). + delete this._engines[oldEngine.name]; + + // Hack: we want to replace the old engine with the new one, but since + // people may be holding refs to the nsISearchEngine objects themselves, + // we'll just copy over all "private" properties (those without a getter + // or setter) from one object to the other. + for (var p in aEngine) { + if (!(aEngine.__lookupGetter__(p) || aEngine.__lookupSetter__(p))) + oldEngine[p] = aEngine[p]; + } + aEngine = oldEngine; + aEngine._engineToUpdate = null; + + // Add the engine back + this._engines[aEngine.name] = aEngine; + notifyAction(aEngine, SEARCH_ENGINE_CHANGED); + } else { + // Not an update, just add the new engine. + this._engines[aEngine.name] = aEngine; + // Only add the engine to the list of sorted engines if the initial list + // has already been built (i.e. if this.__sortedEngines is non-null). If + // it hasn't, we're loading engines from disk and the sorted engine list + // will be built once we need it. + if (this.__sortedEngines) { + this.__sortedEngines.push(aEngine); + this._saveSortedEngineList(); + } + notifyAction(aEngine, SEARCH_ENGINE_ADDED); + } + + if (aEngine._hasUpdates) { + // Schedule the engine's next update, if it isn't already. + if (!engineMetadataService.getAttr(aEngine, "updateexpir")) + engineUpdateService.scheduleNextUpdate(aEngine); + } + }, + + _loadEnginesFromCache: function SRCH_SVC__loadEnginesFromCache(aDir) { + let engines = aDir.engines; + LOG("_loadEnginesFromCache: Loading from cache. " + engines.length + " engines to load."); + for (let i = 0; i < engines.length; i++) { + let json = engines[i]; + + try { + let engine; + if (json.filePath) + engine = new Engine({type: "filePath", value: json.filePath}, + json._readOnly); + else if (json._url) + engine = new Engine({type: "uri", value: json._url}, json._readOnly); + + engine._initWithJSON(json); + this._addEngineToStore(engine); + } catch (ex) { + LOG("Failed to load " + engines[i]._name + " from cache: " + ex); + LOG("Engine JSON: " + engines[i].toSource()); + } + } + }, + + _loadEnginesFromDir: function SRCH_SVC__loadEnginesFromDir(aDir) { + LOG("_loadEnginesFromDir: Searching in " + aDir.path + " for search engines."); + + // Check whether aDir is the user profile dir + var isInProfile = aDir.equals(getDir(NS_APP_USER_SEARCH_DIR)); + + var files = aDir.directoryEntries + .QueryInterface(Ci.nsIDirectoryEnumerator); + + while (files.hasMoreElements()) { + var file = files.nextFile; + + // Ignore hidden and empty files, and directories + if (!file.isFile() || file.fileSize == 0 || file.isHidden()) + continue; + + var fileURL = NetUtil.ioService.newFileURI(file).QueryInterface(Ci.nsIURL); + var fileExtension = fileURL.fileExtension.toLowerCase(); + var isWritable = isInProfile && file.isWritable(); + + if (fileExtension != "xml") { + // Not an engine + continue; + } + + var addedEngine = null; + try { + addedEngine = new Engine(file, !isWritable); + addedEngine._initFromFile(); + } catch (ex) { + LOG("_loadEnginesFromDir: Failed to load " + file.path + "!\n" + ex); + continue; + } + + this._addEngineToStore(addedEngine); + } + }, + + /** + * Loads engines from a given directory asynchronously. + * + * @param aDir the directory. + * + * @returns {Promise} A promise, resolved successfully if retrieveing data + * succeeds. + */ + _asyncLoadEnginesFromDir: function SRCH_SVC__asyncLoadEnginesFromDir(aDir) { + LOG("_asyncLoadEnginesFromDir: Searching in " + aDir.path + " for search engines."); + + // Check whether aDir is the user profile dir + let isInProfile = aDir.equals(getDir(NS_APP_USER_SEARCH_DIR)); + let iterator = new OS.File.DirectoryIterator(aDir.path); + return Task.spawn(function() { + let osfiles = yield iterator.nextBatch(); + iterator.close(); + + let engines = []; + for (let osfile of osfiles) { + if (osfile.isDir || osfile.isSymLink) + continue; + + let fileInfo = yield OS.File.stat(osfile.path); + if (fileInfo.size == 0) + continue; + + let parts = osfile.path.split("."); + if (parts.length <= 1 || (parts.pop()).toLowerCase() != "xml") { + // Not an engine + continue; + } + + let addedEngine = null; + try { + let file = new FileUtils.File(osfile.path); + let isWritable = isInProfile; + addedEngine = new Engine(file, !isWritable); + yield checkForSyncCompletion(addedEngine._asyncInitFromFile()); + } catch (ex if ex.result != Cr.NS_ERROR_ALREADY_INITIALIZED) { + LOG("_asyncLoadEnginesFromDir: Failed to load " + osfile.path + "!\n" + ex); + continue; + } + engines.push(addedEngine); + } + throw new Task.Result(engines); + }.bind(this)); + }, + + _loadFromChromeURLs: function SRCH_SVC_loadFromChromeURLs(aURLs) { + aURLs.forEach(function (url) { + try { + LOG("_loadFromChromeURLs: loading engine from chrome url: " + url); + + let engine = new Engine(makeURI(url), true); + + engine._initFromURISync(); + + this._addEngineToStore(engine); + } catch (ex) { + LOG("_loadFromChromeURLs: failed to load engine: " + ex); + } + }, this); + }, + + /** + * Loads engines from Chrome URLs asynchronously. + * + * @param aURLs a list of URLs. + * + * @returns {Promise} A promise, resolved successfully if loading data + * succeeds. + */ + _asyncLoadFromChromeURLs: function SRCH_SVC__asyncLoadFromChromeURLs(aURLs) { + return Task.spawn(function() { + let engines = []; + for (let url of aURLs) { + try { + LOG("_asyncLoadFromChromeURLs: loading engine from chrome url: " + url); + let engine = new Engine(NetUtil.newURI(url), true); + yield checkForSyncCompletion(engine._asyncInitFromURI()); + engines.push(engine); + } catch (ex if ex.result != Cr.NS_ERROR_ALREADY_INITIALIZED) { + LOG("_asyncLoadFromChromeURLs: failed to load engine: " + ex); + } + } + throw new Task.Result(engines); + }.bind(this)); + }, + + _convertChannelToFile: function(chan) { + let fileURI = chan.URI; + while (fileURI instanceof Ci.nsIJARURI) + fileURI = fileURI.JARFile; + fileURI.QueryInterface(Ci.nsIFileURL); + + return fileURI.file; + }, + + _findJAREngines: function SRCH_SVC_findJAREngines() { + LOG("_findJAREngines: looking for engines in JARs") + + let chan = makeChannel(APP_SEARCH_PREFIX + "list.txt"); + if (!chan) { + LOG("_findJAREngines: " + APP_SEARCH_PREFIX + " isn't registered"); + return [[], []]; + } + + let uris = []; + let chromeFiles = []; + + // Find the underlying JAR file (_loadEngines uses it to determine + // whether it needs to invalidate the cache) + let jarPackaging = false; + if (chan.URI instanceof Ci.nsIJARURI) { + chromeFiles.push(this._convertChannelToFile(chan)); + jarPackaging = true; + } + + let sis = Cc["@mozilla.org/scriptableinputstream;1"]. + createInstance(Ci.nsIScriptableInputStream); + sis.init(chan.open()); + this._parseListTxt(sis.read(sis.available()), jarPackaging, + chromeFiles, uris); + return [chromeFiles, uris]; + }, + + /** + * Loads jar engines asynchronously. + * + * @returns {Promise} A promise, resolved successfully if finding jar engines + * succeeds. + */ + _asyncFindJAREngines: function SRCH_SVC__asyncFindJAREngines() { + return Task.spawn(function() { + LOG("_asyncFindJAREngines: looking for engines in JARs") + + let listURL = APP_SEARCH_PREFIX + "list.txt"; + let chan = makeChannel(listURL); + if (!chan) { + LOG("_asyncFindJAREngines: " + APP_SEARCH_PREFIX + " isn't registered"); + throw new Task.Result([[], []]); + } + + let uris = []; + let chromeFiles = []; + + // Find the underlying JAR file (_loadEngines uses it to determine + // whether it needs to invalidate the cache) + let jarPackaging = false; + if (chan.URI instanceof Ci.nsIJARURI) { + chromeFiles.push(this._convertChannelToFile(chan)); + jarPackaging = true; + } + + // Read list.txt to find the engines we need to load. + let deferred = Promise.defer(); + let request = Cc["@mozilla.org/xmlextras/xmlhttprequest;1"]. + createInstance(Ci.nsIXMLHttpRequest); + request.overrideMimeType("text/plain"); + request.onload = function(aEvent) { + deferred.resolve(aEvent.target.responseText); + }; + request.onerror = function(aEvent) { + LOG("_asyncFindJAREngines: failed to read " + listURL); + deferred.resolve(""); + }; + request.open("GET", NetUtil.newURI(listURL).spec, true); + request.send(); + let list = yield deferred.promise; + + this._parseListTxt(list, jarPackaging, chromeFiles, uris); + throw new Task.Result([chromeFiles, uris]); + }.bind(this)); + }, + + _parseListTxt: function SRCH_SVC_parseListTxt(list, jarPackaging, + chromeFiles, uris) { + let names = list.split("\n").filter(n => !!n); + // This maps the names of our built-in engines to a boolean + // indicating whether it should be hidden by default. + let jarNames = new Map(); + for (let name of names) { + if (name.endsWith(":hidden")) { + name = name.split(":")[0]; + jarNames.set(name, true); + } else { + jarNames.set(name, false); + } + } + + // Check if we have a useable country specific list of visible default engines. + let engineNames; + let visibleDefaultEngines = + engineMetadataService.getGlobalAttr("visibleDefaultEngines"); + if (visibleDefaultEngines && + engineMetadataService.getGlobalAttr("visibleDefaultEnginesHash") == getVerificationHash(visibleDefaultEngines)) { + engineNames = visibleDefaultEngines.split(","); + + for (let engineName of engineNames) { + // If all engineName values are part of jarNames, + // then we can use the country specific list, otherwise ignore it. + // The visibleDefaultEngines string containing the name of an engine we + // don't ship indicates the server is misconfigured to answer requests + // from the specific Firefox version we are running, so ignoring the + // value altogether is safer. + if (!jarNames.has(engineName)) { + LOG("_parseListTxt: ignoring visibleDefaultEngines value because " + + engineName + " is not in the jar engines we have found"); + engineNames = null; + break; + } + } + } + + // Fallback to building a list based on the :hidden suffixes found in list.txt. + if (!engineNames) { + engineNames = []; + for (let [name, hidden] of jarNames) { + if (!hidden) + engineNames.push(name); + } + } + + for (let name of engineNames) { + let uri = APP_SEARCH_PREFIX + name + ".xml"; + uris.push(uri); + if (!jarPackaging) { + // Flat packaging requires that _loadEngines checks the modification + // time of each engine file. + let chan = makeChannel(uri); + if (chan) + chromeFiles.push(this._convertChannelToFile(chan)); + else + LOG("_findJAREngines: couldn't resolve " + uri); + } + } + + // Store this so that it can be used while writing the cache file. + this._visibleDefaultEngines = engineNames; + }, + + + _saveSortedEngineList: function SRCH_SVC_saveSortedEngineList() { + LOG("SRCH_SVC_saveSortedEngineList: starting"); + + // Set the useDB pref to indicate that from now on we should use the order + // information stored in the database. + Services.prefs.setBoolPref(BROWSER_SEARCH_PREF + "useDBForOrder", true); + + var engines = this._getSortedEngines(true); + + let instructions = []; + for (var i = 0; i < engines.length; ++i) { + instructions.push( + {key: "order", + value: i+1, + engine: engines[i] + }); + } + + engineMetadataService.setAttrs(instructions); + LOG("SRCH_SVC_saveSortedEngineList: done"); + }, + + _buildSortedEngineList: function SRCH_SVC_buildSortedEngineList() { + LOG("_buildSortedEngineList: building list"); + var addedEngines = { }; + this.__sortedEngines = []; + var engine; + + // If the user has specified a custom engine order, read the order + // information from the engineMetadataService instead of the default + // prefs. + if (getBoolPref(BROWSER_SEARCH_PREF + "useDBForOrder", false)) { + LOG("_buildSortedEngineList: using db for order"); + + // Flag to keep track of whether or not we need to call _saveSortedEngineList. + let needToSaveEngineList = false; + + for (let name in this._engines) { + let engine = this._engines[name]; + var orderNumber = engineMetadataService.getAttr(engine, "order"); + + // Since the DB isn't regularly cleared, and engine files may disappear + // without us knowing, we may already have an engine in this slot. If + // that happens, we just skip it - it will be added later on as an + // unsorted engine. + if (orderNumber && !this.__sortedEngines[orderNumber-1]) { + this.__sortedEngines[orderNumber-1] = engine; + addedEngines[engine.name] = engine; + } else { + // We need to call _saveSortedEngineList so this gets sorted out. + needToSaveEngineList = true; + } + } + + // Filter out any nulls for engines that may have been removed + var filteredEngines = this.__sortedEngines.filter(function(a) { return !!a; }); + if (this.__sortedEngines.length != filteredEngines.length) + needToSaveEngineList = true; + this.__sortedEngines = filteredEngines; + + if (needToSaveEngineList) + this._saveSortedEngineList(); + } else { + // The DB isn't being used, so just read the engine order from the prefs + var i = 0; + var engineName; + var prefName; + + try { + var extras = + Services.prefs.getChildList(BROWSER_SEARCH_PREF + "order.extra."); + + for (prefName of extras) { + engineName = Services.prefs.getCharPref(prefName); + + engine = this._engines[engineName]; + if (!engine || engine.name in addedEngines) + continue; + + this.__sortedEngines.push(engine); + addedEngines[engine.name] = engine; + } + } + catch (e) { } + + let prefNameBase = getGeoSpecificPrefName(BROWSER_SEARCH_PREF + "order"); + while (true) { + prefName = prefNameBase + "." + (++i); + engineName = getLocalizedPref(prefName); + if (!engineName) + break; + + engine = this._engines[engineName]; + if (!engine || engine.name in addedEngines) + continue; + + this.__sortedEngines.push(engine); + addedEngines[engine.name] = engine; + } + } + + // Array for the remaining engines, alphabetically sorted. + let alphaEngines = []; + + for (let name in this._engines) { + let engine = this._engines[name]; + if (!(engine.name in addedEngines)) + alphaEngines.push(this._engines[engine.name]); + } + + let locale = Cc["@mozilla.org/intl/nslocaleservice;1"] + .getService(Ci.nsILocaleService) + .newLocale(getLocale()); + let collation = Cc["@mozilla.org/intl/collation-factory;1"] + .createInstance(Ci.nsICollationFactory) + .CreateCollation(locale); + const strength = Ci.nsICollation.kCollationCaseInsensitiveAscii; + let comparator = (a, b) => collation.compareString(strength, a.name, b.name); + alphaEngines.sort(comparator); + return this.__sortedEngines = this.__sortedEngines.concat(alphaEngines); + }, + + /** + * Get a sorted array of engines. + * @param aWithHidden + * True if hidden plugins should be included in the result. + */ + _getSortedEngines: function SRCH_SVC_getSorted(aWithHidden) { + if (aWithHidden) + return this._sortedEngines; + + return this._sortedEngines.filter(function (engine) { + return !engine.hidden; + }); + }, + + // nsIBrowserSearchService + init: function SRCH_SVC_init(observer) { + LOG("SearchService.init"); + let self = this; + if (!this._initStarted) { + this._initStarted = true; + Task.spawn(function task() { + try { + yield checkForSyncCompletion(engineMetadataService.init()); + // Complete initialization by calling asynchronous initializer. + yield self._asyncInit(); + } catch (ex if ex.result == Cr.NS_ERROR_ALREADY_INITIALIZED) { + // No need to pursue asynchronous because synchronous fallback was + // called and has finished. + } catch (ex) { + self._initObservers.reject(ex); + } + }); + } + if (observer) { + this._initObservers.promise.then( + function onSuccess() { + try { + observer.onInitComplete(self._initRV); + } catch (e) { + Cu.reportError(e); + } + }, + function onError(aReason) { + Cu.reportError("Internal error while initializing SearchService: " + aReason); + observer.onInitComplete(Components.results.NS_ERROR_UNEXPECTED); + } + ); + } + }, + + get isInitialized() { + return gInitialized; + }, + + getEngines: function SRCH_SVC_getEngines(aCount) { + this._ensureInitialized(); + LOG("getEngines: getting all engines"); + var engines = this._getSortedEngines(true); + aCount.value = engines.length; + return engines; + }, + + getVisibleEngines: function SRCH_SVC_getVisible(aCount) { + this._ensureInitialized(); + LOG("getVisibleEngines: getting all visible engines"); + var engines = this._getSortedEngines(false); + aCount.value = engines.length; + return engines; + }, + + getDefaultEngines: function SRCH_SVC_getDefault(aCount) { + this._ensureInitialized(); + function isDefault(engine) { + return engine._isDefault; + }; + var engines = this._sortedEngines.filter(isDefault); + var engineOrder = {}; + var engineName; + var i = 1; + + // Build a list of engines which we have ordering information for. + // We're rebuilding the list here because _sortedEngines contain the + // current order, but we want the original order. + + // First, look at the "browser.search.order.extra" branch. + try { + var extras = Services.prefs.getChildList(BROWSER_SEARCH_PREF + "order.extra."); + + for (var prefName of extras) { + engineName = Services.prefs.getCharPref(prefName); + + if (!(engineName in engineOrder)) + engineOrder[engineName] = i++; + } + } catch (e) { + LOG("Getting extra order prefs failed: " + e); + } + + // Now look through the "browser.search.order" branch. + let prefNameBase = getGeoSpecificPrefName(BROWSER_SEARCH_PREF + "order"); + for (var j = 1; ; j++) { + let prefName = prefNameBase + "." + j; + engineName = getLocalizedPref(prefName); + if (!engineName) + break; + + if (!(engineName in engineOrder)) + engineOrder[engineName] = i++; + } + + LOG("getDefaultEngines: engineOrder: " + engineOrder.toSource()); + + function compareEngines (a, b) { + var aIdx = engineOrder[a.name]; + var bIdx = engineOrder[b.name]; + + if (aIdx && bIdx) + return aIdx - bIdx; + if (aIdx) + return -1; + if (bIdx) + return 1; + + return a.name.localeCompare(b.name); + } + engines.sort(compareEngines); + + aCount.value = engines.length; + return engines; + }, + + getEngineByName: function SRCH_SVC_getEngineByName(aEngineName) { + this._ensureInitialized(); + return this._engines[aEngineName] || null; + }, + + getEngineByAlias: function SRCH_SVC_getEngineByAlias(aAlias) { + this._ensureInitialized(); + for (var engineName in this._engines) { + var engine = this._engines[engineName]; + if (engine && engine.alias == aAlias) + return engine; + } + return null; + }, + + addEngineWithDetails: function SRCH_SVC_addEWD(aName, aIconURL, aAlias, + aDescription, aMethod, + aTemplate, aExtensionID) { + this._ensureInitialized(); + if (!aName) + FAIL("Invalid name passed to addEngineWithDetails!"); + if (!aMethod) + FAIL("Invalid method passed to addEngineWithDetails!"); + if (!aTemplate) + FAIL("Invalid template passed to addEngineWithDetails!"); + if (this._engines[aName]) + FAIL("An engine with that name already exists!", Cr.NS_ERROR_FILE_ALREADY_EXISTS); + + var engine = new Engine(getSanitizedFile(aName), false); + engine._initFromMetadata(aName, aIconURL, aAlias, aDescription, + aMethod, aTemplate, aExtensionID); + this._addEngineToStore(engine); + }, + + addEngine: function SRCH_SVC_addEngine(aEngineURL, aDataType, aIconURL, + aConfirm, aCallback) { + LOG("addEngine: Adding \"" + aEngineURL + "\"."); + this._ensureInitialized(); + try { + var uri = makeURI(aEngineURL); + var engine = new Engine(uri, false); + if (aCallback) { + engine._installCallback = function (errorCode) { + try { + if (errorCode == null) + aCallback.onSuccess(engine); + else + aCallback.onError(errorCode); + } catch (ex) { + Cu.reportError("Error invoking addEngine install callback: " + ex); + } + // Clear the reference to the callback now that it's been invoked. + engine._installCallback = null; + }; + } + engine._initFromURIAndLoad(); + } catch (ex) { + // Drop the reference to the callback, if set + if (engine) + engine._installCallback = null; + FAIL("addEngine: Error adding engine:\n" + ex, Cr.NS_ERROR_FAILURE); + } + engine._setIcon(aIconURL, false); + engine._confirm = aConfirm; + }, + + removeEngine: function SRCH_SVC_removeEngine(aEngine) { + this._ensureInitialized(); + if (!aEngine) + FAIL("no engine passed to removeEngine!"); + + var engineToRemove = null; + for (var e in this._engines) { + if (aEngine.wrappedJSObject == this._engines[e]) + engineToRemove = this._engines[e]; + } + + if (!engineToRemove) + FAIL("removeEngine: Can't find engine to remove!", Cr.NS_ERROR_FILE_NOT_FOUND); + + if (engineToRemove == this.currentEngine) { + this._currentEngine = null; + } + + if (engineToRemove == this.defaultEngine) { + this._defaultEngine = null; + } + + if (engineToRemove._readOnly) { + // Just hide it (the "hidden" setter will notify) and remove its alias to + // avoid future conflicts with other engines. + engineToRemove.hidden = true; + engineToRemove.alias = null; + } else { + // Cancel the serialized task if it's pending. Since the task is a + // synchronous function, we don't need to wait on the "finalize" method. + if (engineToRemove._lazySerializeTask) { + engineToRemove._lazySerializeTask.disarm(); + engineToRemove._lazySerializeTask = null; + } + + // Remove the engine file from disk (this might throw) + engineToRemove._remove(); + engineToRemove._file = null; + + // Remove the engine from _sortedEngines + var index = this._sortedEngines.indexOf(engineToRemove); + if (index == -1) + FAIL("Can't find engine to remove in _sortedEngines!", Cr.NS_ERROR_FAILURE); + this.__sortedEngines.splice(index, 1); + + // Remove the engine from the internal store + delete this._engines[engineToRemove.name]; + + notifyAction(engineToRemove, SEARCH_ENGINE_REMOVED); + + // Since we removed an engine, we need to update the preferences. + this._saveSortedEngineList(); + } + }, + + moveEngine: function SRCH_SVC_moveEngine(aEngine, aNewIndex) { + this._ensureInitialized(); + if ((aNewIndex > this._sortedEngines.length) || (aNewIndex < 0)) + FAIL("SRCH_SVC_moveEngine: Index out of bounds!"); + if (!(aEngine instanceof Ci.nsISearchEngine)) + FAIL("SRCH_SVC_moveEngine: Invalid engine passed to moveEngine!"); + if (aEngine.hidden) + FAIL("moveEngine: Can't move a hidden engine!", Cr.NS_ERROR_FAILURE); + + var engine = aEngine.wrappedJSObject; + + var currentIndex = this._sortedEngines.indexOf(engine); + if (currentIndex == -1) + FAIL("moveEngine: Can't find engine to move!", Cr.NS_ERROR_UNEXPECTED); + + // Our callers only take into account non-hidden engines when calculating + // aNewIndex, but we need to move it in the array of all engines, so we + // need to adjust aNewIndex accordingly. To do this, we count the number + // of hidden engines in the list before the engine that we're taking the + // place of. We do this by first finding newIndexEngine (the engine that + // we were supposed to replace) and then iterating through the complete + // engine list until we reach it, increasing aNewIndex for each hidden + // engine we find on our way there. + // + // This could be further simplified by having our caller pass in + // newIndexEngine directly instead of aNewIndex. + var newIndexEngine = this._getSortedEngines(false)[aNewIndex]; + if (!newIndexEngine) + FAIL("moveEngine: Can't find engine to replace!", Cr.NS_ERROR_UNEXPECTED); + + for (var i = 0; i < this._sortedEngines.length; ++i) { + if (newIndexEngine == this._sortedEngines[i]) + break; + if (this._sortedEngines[i].hidden) + aNewIndex++; + } + + if (currentIndex == aNewIndex) + return; // nothing to do! + + // Move the engine + var movedEngine = this.__sortedEngines.splice(currentIndex, 1)[0]; + this.__sortedEngines.splice(aNewIndex, 0, movedEngine); + + notifyAction(engine, SEARCH_ENGINE_CHANGED); + + // Since we moved an engine, we need to update the preferences. + this._saveSortedEngineList(); + }, + + restoreDefaultEngines: function SRCH_SVC_resetDefaultEngines() { + this._ensureInitialized(); + for (let name in this._engines) { + let e = this._engines[name]; + // Unhide all default engines + if (e.hidden && e._isDefault) + e.hidden = false; + } + }, + + get defaultEngine() { + this._ensureInitialized(); + if (!this._defaultEngine) { + let defPref = getGeoSpecificPrefName(BROWSER_SEARCH_PREF + "defaultenginename"); + let defaultEngine = this.getEngineByName(getLocalizedPref(defPref, "")) + if (!defaultEngine) + defaultEngine = this._getSortedEngines(false)[0] || null; + this._defaultEngine = defaultEngine; + } + if (this._defaultEngine.hidden) + return this._getSortedEngines(false)[0]; + return this._defaultEngine; + }, + + set defaultEngine(val) { + this._ensureInitialized(); + // Sometimes we get wrapped nsISearchEngine objects (external XPCOM callers), + // and sometimes we get raw Engine JS objects (callers in this file), so + // handle both. + if (!(val instanceof Ci.nsISearchEngine) && !(val instanceof Engine)) + FAIL("Invalid argument passed to defaultEngine setter"); + + let newDefaultEngine = this.getEngineByName(val.name); + if (!newDefaultEngine) + FAIL("Can't find engine in store!", Cr.NS_ERROR_UNEXPECTED); + + if (newDefaultEngine == this._defaultEngine) + return; + + this._defaultEngine = newDefaultEngine; + + let defPref = getGeoSpecificPrefName(BROWSER_SEARCH_PREF + "defaultenginename"); + + // If we change the default engine in the future, that change should impact + // users who have switched away from and then back to the build's "default" + // engine. So clear the user pref when the defaultEngine is set to the + // build's default engine, so that the defaultEngine getter falls back to + // whatever the default is. + if (this._defaultEngine == this._originalDefaultEngine) { + Services.prefs.clearUserPref(defPref); + } + else { + setLocalizedPref(defPref, this._defaultEngine.name); + } + + notifyAction(this._defaultEngine, SEARCH_ENGINE_DEFAULT); + }, + + get currentEngine() { + this._ensureInitialized(); + if (!this._currentEngine) { + let name = engineMetadataService.getGlobalAttr("current"); + if (engineMetadataService.getGlobalAttr("hash") == getVerificationHash(name)) { + this._currentEngine = this.getEngineByName(name); + } + } + + if (!this._currentEngine || this._currentEngine.hidden) + this._currentEngine = this._originalDefaultEngine; + if (!this._currentEngine || this._currentEngine.hidden) + this._currentEngine = this._getSortedEngines(false)[0]; + + if (!this._currentEngine) { + // Last resort fallback: unhide the original default engine. + this._currentEngine = this._originalDefaultEngine; + if (this._currentEngine) + this._currentEngine.hidden = false; + } + + return this._currentEngine; + }, + + set currentEngine(val) { + this._ensureInitialized(); + // Sometimes we get wrapped nsISearchEngine objects (external XPCOM callers), + // and sometimes we get raw Engine JS objects (callers in this file), so + // handle both. + if (!(val instanceof Ci.nsISearchEngine) && !(val instanceof Engine)) + FAIL("Invalid argument passed to currentEngine setter"); + + var newCurrentEngine = this.getEngineByName(val.name); + if (!newCurrentEngine) + FAIL("Can't find engine in store!", Cr.NS_ERROR_UNEXPECTED); + + if (newCurrentEngine == this._currentEngine) + return; + + this._currentEngine = newCurrentEngine; + + // If we change the default engine in the future, that change should impact + // users who have switched away from and then back to the build's "default" + // engine. So clear the user pref when the currentEngine is set to the + // build's default engine, so that the currentEngine getter falls back to + // whatever the default is. + let newName = this._currentEngine.name; + if (this._currentEngine == this._originalDefaultEngine) { + newName = ""; + } + + engineMetadataService.setGlobalAttr("current", newName); + engineMetadataService.setGlobalAttr("hash", getVerificationHash(newName)); + + notifyAction(this._currentEngine, SEARCH_ENGINE_CURRENT); + }, + + getDefaultEngineInfo() { + let result = {}; + + let engine; + try { + engine = this.defaultEngine; + } catch(e) { + // The defaultEngine getter will throw if there's no engine at all, + // which shouldn't happen unless an add-on or a test deleted all of them. + // Our preferences UI doesn't let users do that. + Cu.reportError("getDefaultEngineInfo: No default engine"); + } + + if (!engine) { + result.name = "NONE"; + } else { + if (engine.name) + result.name = engine.name; + + result.loadPath = engine._anonymizedLoadPath; + + // For privacy, we only collect the submission URL for engines + // from the application or distribution folder... + let sendSubmissionURL = + /^(?:jar:)?(?:\[app\]|\[distribution\])/.test(result.loadPath); + + // ... or engines sorted by default near the top of the list. + if (!sendSubmissionURL) { + let extras = + Services.prefs.getChildList(BROWSER_SEARCH_PREF + "order.extra."); + + for (let prefName of extras) { + try { + if (result.name == Services.prefs.getCharPref(prefName)) { + sendSubmissionURL = true; + break; + } + } catch(e) {} + } + + let prefNameBase = getGeoSpecificPrefName(BROWSER_SEARCH_PREF + "order"); + let i = 0; + while (!sendSubmissionURL) { + let prefName = prefNameBase + "." + (++i); + let engineName = getLocalizedPref(prefName); + if (!engineName) + break; + if (result.name == engineName) { + sendSubmissionURL = true; + break; + } + } + } + + if (sendSubmissionURL) { + let uri = engine._getURLOfType("text/html") + .getSubmission("", engine, "searchbar").uri; + uri.userPass = ""; // Avoid reporting a username or password. + result.submissionURL = uri.spec; + } + } + + return result; + }, + + /** + * This map is built lazily after the available search engines change. It + * allows quick parsing of an URL representing a search submission into the + * search engine name and original terms. + * + * The keys are strings containing the domain name and lowercase path of the + * engine submission, for example "www.google.com/search". + * + * The values are objects with these properties: + * { + * engine: The associated nsISearchEngine. + * termsParameterName: Name of the URL parameter containing the search + * terms, for example "q". + * } + */ + _parseSubmissionMap: null, + + _buildParseSubmissionMap: function SRCH_SVC__buildParseSubmissionMap() { + LOG("_buildParseSubmissionMap"); + this._parseSubmissionMap = new Map(); + + // Used only while building the map, indicates which entries do not refer to + // the main domain of the engine but to an alternate domain, for example + // "www.google.fr" for the "www.google.com" search engine. + let keysOfAlternates = new Set(); + + for (let engine of this._sortedEngines) { + LOG("Processing engine: " + engine.name); + + if (engine.hidden) { + LOG("Engine is hidden."); + continue; + } + + let urlParsingInfo = engine.getURLParsingInfo(); + if (!urlParsingInfo) { + LOG("Engine does not support URL parsing."); + continue; + } + + // Store the same object on each matching map key, as an optimization. + let mapValueForEngine = { + engine: engine, + termsParameterName: urlParsingInfo.termsParameterName, + }; + + let processDomain = (domain, isAlternate) => { + let key = domain + urlParsingInfo.path; + + // Apply the logic for which main domains take priority over alternate + // domains, even if they are found later in the ordered engine list. + let existingEntry = this._parseSubmissionMap.get(key); + if (!existingEntry) { + LOG("Adding new entry: " + key); + if (isAlternate) { + keysOfAlternates.add(key); + } + } else if (!isAlternate && keysOfAlternates.has(key)) { + LOG("Overriding alternate entry: " + key + + " (" + existingEntry.engine.name + ")"); + keysOfAlternates.delete(key); + } else { + LOG("Keeping existing entry: " + key + + " (" + existingEntry.engine.name + ")"); + return; + } + + this._parseSubmissionMap.set(key, mapValueForEngine); + }; + + processDomain(urlParsingInfo.mainDomain, false); + SearchStaticData.getAlternateDomains(urlParsingInfo.mainDomain) + .forEach(d => processDomain(d, true)); + } + }, + + parseSubmissionURL: function SRCH_SVC_parseSubmissionURL(aURL) { + this._ensureInitialized(); + LOG("parseSubmissionURL: Parsing \"" + aURL + "\"."); + + if (!this._parseSubmissionMap) { + this._buildParseSubmissionMap(); + } + + // Extract the elements of the provided URL first. + let soughtKey, soughtQuery; + try { + let soughtUrl = NetUtil.newURI(aURL).QueryInterface(Ci.nsIURL); + + // Exclude any URL that is not HTTP or HTTPS from the beginning. + if (soughtUrl.scheme != "http" && soughtUrl.scheme != "https") { + LOG("The URL scheme is not HTTP or HTTPS."); + return gEmptyParseSubmissionResult; + } + + // Reading these URL properties may fail and raise an exception. + soughtKey = soughtUrl.host + soughtUrl.filePath.toLowerCase(); + soughtQuery = soughtUrl.query; + } catch (ex) { + // Errors while parsing the URL or accessing the properties are not fatal. + LOG("The value does not look like a structured URL."); + return gEmptyParseSubmissionResult; + } + + // Look up the domain and path in the map to identify the search engine. + let mapEntry = this._parseSubmissionMap.get(soughtKey); + if (!mapEntry) { + LOG("No engine associated with domain and path: " + soughtKey); + return gEmptyParseSubmissionResult; + } + + // Extract the search terms from the parameter, for example "caff%C3%A8" + // from the URL "https://www.google.com/search?q=caff%C3%A8&client=firefox". + let encodedTerms = null; + for (let param of soughtQuery.split("&")) { + let equalPos = param.indexOf("="); + if (equalPos != -1 && + param.substr(0, equalPos) == mapEntry.termsParameterName) { + // This is the parameter we are looking for. + encodedTerms = param.substr(equalPos + 1); + break; + } + } + if (encodedTerms === null) { + LOG("Missing terms parameter: " + mapEntry.termsParameterName); + return gEmptyParseSubmissionResult; + } + + let length = 0; + let offset = aURL.indexOf("?") + 1; + let query = aURL.slice(offset); + // Iterate a second time over the original input string to determine the + // correct search term offset and length in the original encoding. + for (let param of query.split("&")) { + let equalPos = param.indexOf("="); + if (equalPos != -1 && + param.substr(0, equalPos) == mapEntry.termsParameterName) { + // This is the parameter we are looking for. + offset += equalPos + 1; + length = param.length - equalPos - 1; + break; + } + offset += param.length + 1; + } + + // Decode the terms using the charset defined in the search engine. + let terms; + try { + terms = gTextToSubURI.UnEscapeAndConvert( + mapEntry.engine.queryCharset, + encodedTerms.replace(/\+/g, " ")); + } catch (ex) { + // Decoding errors will cause this match to be ignored. + LOG("Parameter decoding failed. Charset: " + + mapEntry.engine.queryCharset); + return gEmptyParseSubmissionResult; + } + + LOG("Match found. Terms: " + terms); + return new ParseSubmissionResult(mapEntry.engine, terms, offset, length); + }, + + // nsIObserver + observe: function SRCH_SVC_observe(aEngine, aTopic, aVerb) { + switch (aTopic) { + case SEARCH_ENGINE_TOPIC: + switch (aVerb) { + case SEARCH_ENGINE_LOADED: + var engine = aEngine.QueryInterface(Ci.nsISearchEngine); + LOG("nsSearchService::observe: Done installation of " + engine.name + + "."); + this._addEngineToStore(engine.wrappedJSObject); + if (engine.wrappedJSObject._useNow) { + LOG("nsSearchService::observe: setting current"); + this.currentEngine = aEngine; + } + // The addition of the engine to the store always triggers an ADDED + // or a CHANGED notification, that will trigger the task below. + break; + case SEARCH_ENGINE_ADDED: + case SEARCH_ENGINE_CHANGED: + case SEARCH_ENGINE_REMOVED: + this.batchTask.disarm(); + this.batchTask.arm(); + // Invalidate the map used to parse URLs to search engines. + this._parseSubmissionMap = null; + break; + } + break; + + case QUIT_APPLICATION_TOPIC: + this._removeObservers(); + break; + + case "nsPref:changed": + if (aVerb == LOCALE_PREF) { + // Locale changed. Re-init. We rely on observers, because we can't + // return this promise to anyone. + this._asyncReInit(); + break; + } + } + }, + + // nsITimerCallback + notify: function SRCH_SVC_notify(aTimer) { + LOG("_notify: checking for updates"); + + if (!getBoolPref(BROWSER_SEARCH_PREF + "update", true)) + return; + + // Our timer has expired, but unfortunately, we can't get any data from it. + // Therefore, we need to walk our engine-list, looking for expired engines + var currentTime = Date.now(); + LOG("currentTime: " + currentTime); + for (let name in this._engines) { + let engine = this._engines[name].wrappedJSObject; + if (!engine._hasUpdates) + continue; + + LOG("checking " + engine.name); + + var expirTime = engineMetadataService.getAttr(engine, "updateexpir"); + LOG("expirTime: " + expirTime + "\nupdateURL: " + engine._updateURL + + "\niconUpdateURL: " + engine._iconUpdateURL); + + var engineExpired = expirTime <= currentTime; + + if (!expirTime || !engineExpired) { + LOG("skipping engine"); + continue; + } + + LOG(engine.name + " has expired"); + + engineUpdateService.update(engine); + + // Schedule the next update + engineUpdateService.scheduleNextUpdate(engine); + + } // end engine iteration + }, + + _addObservers: function SRCH_SVC_addObservers() { + Services.obs.addObserver(this, SEARCH_ENGINE_TOPIC, false); + Services.obs.addObserver(this, QUIT_APPLICATION_TOPIC, false); + +#ifdef MOZ_FENNEC + Services.prefs.addObserver(LOCALE_PREF, this, false); +#endif + + // The current stage of shutdown. Used to help analyze crash + // signatures in case of shutdown timeout. + let shutdownState = { + step: "Not started", + latestError: { + message: undefined, + stack: undefined + } + }; + OS.File.profileBeforeChange.addBlocker( + "Search service: shutting down", + () => Task.spawn(function* () { + if (this._batchTask) { + shutdownState.step = "Finalizing batched task"; + try { + yield this._batchTask.finalize(); + shutdownState.step = "Batched task finalized"; + } catch (ex) { + shutdownState.step = "Batched task failed to finalize"; + + shutdownState.latestError.message = "" + ex; + if (ex && typeof ex == "object") { + shutdownState.latestError.stack = ex.stack || undefined; + } + + // Ensure that error is reported and that it causes tests + // to fail. + Promise.reject(ex); + } + } + + shutdownState.step = "Finalizing engine metadata service"; + yield engineMetadataService.finalize(); + shutdownState.step = "Engine metadata service finalized"; + + }.bind(this)), + + () => shutdownState + ); + }, + + _removeObservers: function SRCH_SVC_removeObservers() { + Services.obs.removeObserver(this, SEARCH_ENGINE_TOPIC); + Services.obs.removeObserver(this, QUIT_APPLICATION_TOPIC); + +#ifdef MOZ_FENNEC + Services.prefs.removeObserver(LOCALE_PREF, this); +#endif + }, + + QueryInterface: function SRCH_SVC_QI(aIID) { + if (aIID.equals(Ci.nsIBrowserSearchService) || + aIID.equals(Ci.nsIObserver) || + aIID.equals(Ci.nsITimerCallback) || + aIID.equals(Ci.nsISupports)) + return this; + throw Cr.NS_ERROR_NO_INTERFACE; + } +}; + +var engineMetadataService = { + _jsonFile: OS.Path.join(OS.Constants.Path.profileDir, "search-metadata.json"), + + // Boolean flag that is true if initialization was successful. + _initialized: false, + + // A promise fulfilled once initialization is complete + _initializer: null, + + /** + * Asynchronous initializer + * + * Note: In the current implementation, initialization never fails. + */ + init: function epsInit() { + if (!this._initializer) { + // Launch asynchronous initialization + let initializer = this._initializer = Promise.defer(); + Task.spawn((function task_init() { + LOG("metadata init: starting"); + if (this._initialized) { + throw new Error("metadata init: invalid state, _initialized is " + + "true but initialization promise has not been " + + "resolved"); + } + // 1. Load json file if it exists + try { + let contents = yield OS.File.read(this._jsonFile); + if (this._initialized) { + // No need to pursue asynchronous initialization, + // synchronous fallback was called and has finished. + return; + } + this._store = JSON.parse(new TextDecoder().decode(contents)); + } catch (ex) { + if (this._initialized) { + // No need to pursue asynchronous initialization, + // synchronous fallback was called and has finished. + return; + } + // Couldn't load json, use an empty store + LOG("metadata init: could not load JSON file " + ex); + this._store = {}; + } + + this._initialized = true; + LOG("metadata init: complete"); + }).bind(this)).then( + // 3. Inform any observers + function onSuccess() { + initializer.resolve(); + }, + function onError() { + initializer.reject(); + } + ); + } + return this._initializer.promise; + }, + + /** + * Synchronous implementation of initializer + * + * This initializer is able to pick wherever the async initializer + * is waiting. The asynchronous initializer is expected to stop + * if it detects that the synchronous initializer has completed + * initialization. + */ + syncInit: function epsSyncInit() { + LOG("metadata syncInit start"); + if (this._initialized) { + return; + } + let jsonFile = new FileUtils.File(this._jsonFile); + // 1. Load json file if it exists + if (jsonFile.exists()) { + try { + let uri = Services.io.newFileURI(jsonFile); + let stream = Services.io.newChannelFromURI2(uri, + null, // aLoadingNode + Services.scriptSecurityManager.getSystemPrincipal(), + null, // aTriggeringPrincipal + Ci.nsILoadInfo.SEC_NORMAL, + Ci.nsIContentPolicy.TYPE_OTHER).open(); + this._store = parseJsonFromStream(stream); + } catch (x) { + LOG("metadata syncInit: could not load JSON file " + x); + this._store = {}; + } + } else { + LOG("metadata syncInit: using an empty store"); + this._store = {}; + } + + this._initialized = true; + + // 3. Inform any observers + if (this._initializer) { + this._initializer.resolve(); + } else { + this._initializer = Promise.resolve(); + } + LOG("metadata syncInit end"); + }, + + getAttr: function epsGetAttr(engine, name) { + let record = this._store[engine._id]; + if (!record) { + return null; + } + + // attr names must be lower case + let aName = name.toLowerCase(); + if (!record[aName]) + return null; + return record[aName]; + }, + + _globalFakeEngine: {_id: "[global]"}, + getGlobalAttr: function epsGetGlobalAttr(name) { + return this.getAttr(this._globalFakeEngine, name); + }, + + _setAttr: function epsSetAttr(engine, name, value) { + // attr names must be lower case + name = name.toLowerCase(); + let db = this._store; + let record = db[engine._id]; + if (!record) { + record = db[engine._id] = {}; + } + if (!record[name] || (record[name] != value)) { + record[name] = value; + return true; + } + return false; + }, + + /** + * Set one metadata attribute for an engine. + * + * If an actual change has taken place, the attribute is committed + * automatically (and lazily), using this._commit. + * + * @param {nsISearchEngine} engine The engine to update. + * @param {string} key The name of the attribute. Case-insensitive. In + * the current implementation, this _must not_ conflict with properties + * of |Object|. + * @param {*} value A value to store. + */ + setAttr: function epsSetAttr(engine, key, value) { + if (this._setAttr(engine, key, value)) { + this._commit(); + } + }, + + setGlobalAttr: function epsGetGlobalAttr(key, value) { + this.setAttr(this._globalFakeEngine, key, value); + }, + + /** + * Bulk set metadata attributes for a number of engines. + * + * If actual changes have taken place, the store is committed + * automatically (and lazily), using this._commit. + * + * @param {Array.<{engine: nsISearchEngine, key: string, value: *}>} changes + * The list of changes to effect. See |setAttr| for the documentation of + * |engine|, |key|, |value|. + */ + setAttrs: function epsSetAttrs(changes) { + let self = this; + let changed = false; + changes.forEach(function(change) { + changed |= self._setAttr(change.engine, change.key, change.value); + }); + if (changed) { + this._commit(); + } + }, + + /** + * Flush any waiting write. + */ + finalize: function () { + return this._lazyWriter ? this._lazyWriter.finalize() + : Promise.resolve(); + }, + + /** + * Commit changes to disk, asynchronously. + * + * Calls to this function are actually delayed by LAZY_SERIALIZE_DELAY + * (= 100ms). If the function is called again before the expiration of + * the delay, commits are merged and the function is again delayed by + * the same amount of time. + */ + _commit: function epsCommit() { + LOG("metadata _commit: start"); + if (!this._store) { + LOG("metadata _commit: nothing to do"); + return; + } + + if (!this._lazyWriter) { + LOG("metadata _commit: initializing lazy writer"); + let writeCommit = function () { + LOG("metadata writeCommit: start"); + let data = gEncoder.encode(JSON.stringify(engineMetadataService._store)); + let path = engineMetadataService._jsonFile; + LOG("metadata writeCommit: path " + path); + let promise = OS.File.writeAtomic(path, data, { tmpPath: path + ".tmp" }); + promise = promise.then( + function onSuccess() { + Services.obs.notifyObservers(null, + SEARCH_SERVICE_TOPIC, + SEARCH_SERVICE_METADATA_WRITTEN); + LOG("metadata writeCommit: done"); + } + ); + return promise; + } + this._lazyWriter = new DeferredTask(writeCommit, LAZY_SERIALIZE_DELAY); + } + LOG("metadata _commit: (re)setting timer"); + this._lazyWriter.disarm(); + this._lazyWriter.arm(); + }, + _lazyWriter: null +}; + +engineMetadataService._initialized = false; + +const SEARCH_UPDATE_LOG_PREFIX = "*** Search update: "; + +/** + * Outputs aText to the JavaScript console as well as to stdout, if the search + * logging pref (browser.search.update.log) is set to true. + */ +function ULOG(aText) { + if (getBoolPref(BROWSER_SEARCH_PREF + "update.log", false)) { + dump(SEARCH_UPDATE_LOG_PREFIX + aText + "\n"); + Services.console.logStringMessage(aText); + } +} + +var engineUpdateService = { + scheduleNextUpdate: function eus_scheduleNextUpdate(aEngine) { + var interval = aEngine._updateInterval || SEARCH_DEFAULT_UPDATE_INTERVAL; + var milliseconds = interval * 86400000; // |interval| is in days + engineMetadataService.setAttr(aEngine, "updateexpir", + Date.now() + milliseconds); + }, + + update: function eus_Update(aEngine) { + let engine = aEngine.wrappedJSObject; + ULOG("update called for " + aEngine._name); + if (!getBoolPref(BROWSER_SEARCH_PREF + "update", true) || !engine._hasUpdates) + return; + + let testEngine = null; + let updateURL = engine._getURLOfType(URLTYPE_OPENSEARCH); + let updateURI = (updateURL && updateURL._hasRelation("self")) ? + updateURL.getSubmission("", engine).uri : + makeURI(engine._updateURL); + if (updateURI) { + if (engine._isDefault && !updateURI.schemeIs("https")) { + ULOG("Invalid scheme for default engine update"); + return; + } + + ULOG("updating " + engine.name + " from " + updateURI.spec); + testEngine = new Engine(updateURI, false); + testEngine._engineToUpdate = engine; + testEngine._initFromURIAndLoad(); + } else + ULOG("invalid updateURI"); + + if (engine._iconUpdateURL) { + // If we're updating the engine too, use the new engine object, + // otherwise use the existing engine object. + (testEngine || engine)._setIcon(engine._iconUpdateURL, true); + } + } +}; + +this.NSGetFactory = XPCOMUtils.generateNSGetFactory([SearchService]); + +#include ../../../../toolkit/modules/debug.js diff --git a/toolkit/components/search/orginal/nsSearchSuggestions.js b/toolkit/components/search/orginal/nsSearchSuggestions.js new file mode 100644 index 0000000000..a05d8b4b45 --- /dev/null +++ b/toolkit/components/search/orginal/nsSearchSuggestions.js @@ -0,0 +1,197 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +const { classes: Cc, interfaces: Ci, utils: Cu, results: Cr } = Components; + +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); +Cu.import("resource://gre/modules/nsFormAutoCompleteResult.jsm"); +Cu.import("resource://gre/modules/Services.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "SearchSuggestionController", + "resource://gre/modules/SearchSuggestionController.jsm"); + +/** + * SuggestAutoComplete is a base class that implements nsIAutoCompleteSearch + * and can collect results for a given search by using this._suggestionController. + * We do it this way since the AutoCompleteController in Mozilla requires a + * unique XPCOM Service for every search provider, even if the logic for two + * providers is identical. + * @constructor + */ +function SuggestAutoComplete() { + this._init(); +} +SuggestAutoComplete.prototype = { + + _init: function() { + this._suggestionController = new SearchSuggestionController(obj => this.onResultsReturned(obj)); + this._suggestionController.maxLocalResults = this._historyLimit; + }, + + get _suggestionLabel() { + let bundle = Services.strings.createBundle("chrome://global/locale/search/search.properties"); + let label = bundle.GetStringFromName("suggestion_label"); + Object.defineProperty(SuggestAutoComplete.prototype, "_suggestionLabel", {value: label}); + return label; + }, + + /** + * The object implementing nsIAutoCompleteObserver that we notify when + * we have found results + * @private + */ + _listener: null, + + /** + * Maximum number of history items displayed. This is capped at 7 + * because the primary consumer (Firefox search bar) displays 10 rows + * by default, and so we want to leave some space for suggestions + * to be visible. + */ + _historyLimit: 7, + + /** + * Callback for handling results from SearchSuggestionController.jsm + * @private + */ + onResultsReturned: function(results) { + let finalResults = []; + let finalComments = []; + + // If form history has results, add them to the list. + for (let i = 0; i < results.local.length; ++i) { + finalResults.push(results.local[i]); + finalComments.push(""); + } + + // If there are remote matches, add them. + if (results.remote.length) { + // "comments" column values for suggestions starts as empty strings + let comments = new Array(results.remote.length).fill("", 1); + comments[0] = this._suggestionLabel; + // now put the history results above the suggestions + finalResults = finalResults.concat(results.remote); + finalComments = finalComments.concat(comments); + } + + // Notify the FE of our new results + this.onResultsReady(results.term, finalResults, finalComments, results.formHistoryResult); + }, + + /** + * Notifies the front end of new results. + * @param searchString the user's query string + * @param results an array of results to the search + * @param comments an array of metadata corresponding to the results + * @private + */ + onResultsReady: function(searchString, results, comments, formHistoryResult) { + if (this._listener) { + // Create a copy of the results array to use as labels, since + // FormAutoCompleteResult doesn't like being passed the same array + // for both. + let labels = results.slice(); + let result = new FormAutoCompleteResult( + searchString, + Ci.nsIAutoCompleteResult.RESULT_SUCCESS, + 0, + "", + results, + labels, + comments, + formHistoryResult); + + this._listener.onSearchResult(this, result); + + // Null out listener to make sure we don't notify it twice + this._listener = null; + } + }, + + /** + * Initiates the search result gathering process. Part of + * nsIAutoCompleteSearch implementation. + * + * @param searchString the user's query string + * @param searchParam unused, "an extra parameter"; even though + * this parameter and the next are unused, pass + * them through in case the form history + * service wants them + * @param previousResult unused, a client-cached store of the previous + * generated resultset for faster searching. + * @param listener object implementing nsIAutoCompleteObserver which + * we notify when results are ready. + */ + startSearch: function(searchString, searchParam, previousResult, listener) { + // Don't reuse a previous form history result when it no longer applies. + if (!previousResult) + this._formHistoryResult = null; + + var formHistorySearchParam = searchParam.split("|")[0]; + + // Receive the information about the privacy mode of the window to which + // this search box belongs. The front-end's search.xml bindings passes this + // information in the searchParam parameter. The alternative would have + // been to modify nsIAutoCompleteSearch to add an argument to startSearch + // and patch all of autocomplete to be aware of this, but the searchParam + // argument is already an opaque argument, so this solution is hopefully + // less hackish (although still gross.) + var privacyMode = (searchParam.split("|")[1] == "private"); + + // Start search immediately if possible, otherwise once the search + // service is initialized + if (Services.search.isInitialized) { + this._triggerSearch(searchString, formHistorySearchParam, listener, privacyMode); + return; + } + + Services.search.init((function startSearch_cb(aResult) { + if (!Components.isSuccessCode(aResult)) { + Cu.reportError("Could not initialize search service, bailing out: " + aResult); + return; + } + this._triggerSearch(searchString, formHistorySearchParam, listener, privacyMode); + }).bind(this)); + }, + + /** + * Actual implementation of search. + */ + _triggerSearch: function(searchString, searchParam, listener, privacyMode) { + this._listener = listener; + this._suggestionController.fetch(searchString, + privacyMode, + Services.search.currentEngine); + }, + + /** + * Ends the search result gathering process. Part of nsIAutoCompleteSearch + * implementation. + */ + stopSearch: function() { + this._suggestionController.stop(); + }, + + // nsISupports + QueryInterface: XPCOMUtils.generateQI([Ci.nsIAutoCompleteSearch, + Ci.nsIAutoCompleteObserver]) +}; + +/** + * SearchSuggestAutoComplete is a service implementation that handles suggest + * results specific to web searches. + * @constructor + */ +function SearchSuggestAutoComplete() { + // This calls _init() in the parent class (SuggestAutoComplete) via the + // prototype, below. + this._init(); +} +SearchSuggestAutoComplete.prototype = { + classID: Components.ID("{aa892eb4-ffbf-477d-9f9a-06c995ae9f27}"), + __proto__: SuggestAutoComplete.prototype, + serviceURL: "" +}; + +var component = [SearchSuggestAutoComplete]; +this.NSGetFactory = XPCOMUtils.generateNSGetFactory(component); diff --git a/toolkit/components/search/orginal/nsSidebar.js b/toolkit/components/search/orginal/nsSidebar.js new file mode 100644 index 0000000000..deb455734f --- /dev/null +++ b/toolkit/components/search/orginal/nsSidebar.js @@ -0,0 +1,57 @@ +/* -*- indent-tabs-mode: nil; js-indent-level: 4 -*- */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +const { interfaces: Ci, utils: Cu } = Components; + +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); + +// File extension for Sherlock search plugin description files +const SHERLOCK_FILE_EXT_REGEXP = /\.src$/i; + +function nsSidebar() { +} + +nsSidebar.prototype = { + init: function(window) { + this.window = window; + this.mm = window.QueryInterface(Ci.nsIInterfaceRequestor) + .getInterface(Ci.nsIDocShell) + .QueryInterface(Ci.nsIInterfaceRequestor) + .getInterface(Ci.nsIContentFrameMessageManager); + }, + + // Deprecated, only left here to avoid breaking old browser-detection scripts. + addSearchEngine: function(engineURL, iconURL, suggestedTitle, suggestedCategory) { + if (SHERLOCK_FILE_EXT_REGEXP.test(engineURL)) { + Cu.reportError("Installing Sherlock search plugins is no longer supported."); + return; + } + + this.AddSearchProvider(engineURL); + }, + + // This function implements window.external.AddSearchProvider(). + // The capitalization, although nonstandard here, is to match other browsers' + // APIs and is therefore important. + AddSearchProvider: function(engineURL) { + this.mm.sendAsyncMessage("Search:AddEngine", { + pageURL: this.window.document.documentURIObject.spec, + engineURL + }); + }, + + // This function exists to implement window.external.IsSearchProviderInstalled(), + // for compatibility with other browsers. The function has been deprecated + // and so will not be implemented. + IsSearchProviderInstalled: function(engineURL) { + return 0; + }, + + classID: Components.ID("{22117140-9c6e-11d3-aaf1-00805f8a4905}"), + QueryInterface: XPCOMUtils.generateQI([Ci.nsISupports, + Ci.nsIDOMGlobalPropertyInitializer]) +} + +this.NSGetFactory = XPCOMUtils.generateNSGetFactory([nsSidebar]); diff --git a/toolkit/components/search/orginal/toolkitsearch.manifest b/toolkit/components/search/orginal/toolkitsearch.manifest new file mode 100644 index 0000000000..b7c55da0e9 --- /dev/null +++ b/toolkit/components/search/orginal/toolkitsearch.manifest @@ -0,0 +1,10 @@ +component {7319788a-fe93-4db3-9f39-818cf08f4256} nsSearchService.js process=main +contract @mozilla.org/browser/search-service;1 {7319788a-fe93-4db3-9f39-818cf08f4256} process=main +# 21600 == 6 hours +category update-timer nsSearchService @mozilla.org/browser/search-service;1,getService,search-engine-update-timer,browser.search.update.interval,21600 +component {aa892eb4-ffbf-477d-9f9a-06c995ae9f27} nsSearchSuggestions.js +contract @mozilla.org/autocomplete/search;1?name=search-autocomplete {aa892eb4-ffbf-477d-9f9a-06c995ae9f27} +#ifdef HAVE_SIDEBAR +component {22117140-9c6e-11d3-aaf1-00805f8a4905} nsSidebar.js +contract @mozilla.org/sidebar;1 {22117140-9c6e-11d3-aaf1-00805f8a4905} +#endif diff --git a/toolkit/components/startup/nsAppStartup.cpp b/toolkit/components/startup/nsAppStartup.cpp index fde00d1dbc..53f8c56702 100644 --- a/toolkit/components/startup/nsAppStartup.cpp +++ b/toolkit/components/startup/nsAppStartup.cpp @@ -758,11 +758,6 @@ nsAppStartup::GetStartupInfo(JSContext* aCx, JS::MutableHandle<JS::Value> aRetva procTime = TimeStamp::ProcessCreation(error); - if (error) { - Telemetry::Accumulate(Telemetry::STARTUP_MEASUREMENT_ERRORS, - StartupTimeline::PROCESS_CREATION); - } - StartupTimeline::Record(StartupTimeline::PROCESS_CREATION, procTime); } @@ -777,8 +772,6 @@ nsAppStartup::GetStartupInfo(JSContext* aCx, JS::MutableHandle<JS::Value> aRetva // Always define main to aid with bug 689256. stamp = procTime; MOZ_ASSERT(!stamp.IsNull()); - Telemetry::Accumulate(Telemetry::STARTUP_MEASUREMENT_ERRORS, - StartupTimeline::MAIN); } if (!stamp.IsNull()) { @@ -787,8 +780,6 @@ nsAppStartup::GetStartupInfo(JSContext* aCx, JS::MutableHandle<JS::Value> aRetva / PR_USEC_PER_MSEC; JS::Rooted<JSObject*> date(aCx, JS::NewDateObject(aCx, JS::TimeClip(prStamp))); JS_DefineProperty(aCx, obj, StartupTimeline::Describe(ev), date, JSPROP_ENUMERATE); - } else { - Telemetry::Accumulate(Telemetry::STARTUP_MEASUREMENT_ERRORS, ev); } } } @@ -887,9 +878,6 @@ nsAppStartup::TrackStartupCrashBegin(bool *aIsSafeModeNecessary) if (PR_Now() / PR_USEC_PER_SEC <= lastSuccessfulStartup) return NS_ERROR_FAILURE; - // The last startup was a crash so include it in the count regardless of when it happened. - Telemetry::Accumulate(Telemetry::STARTUP_CRASH_DETECTED, true); - if (inSafeMode) { GetAutomaticSafeModeNecessary(aIsSafeModeNecessary); return NS_OK; @@ -1020,8 +1008,13 @@ nsAppStartup::CreateInstanceWithProfile(nsIToolkitProfile* aProfile) return rv; } +#if defined(XP_WIN) + const char *args[] = { "-no-remote", "-P", profileName.get() }; + rv = process->Run(false, args, 3); +#else const char *args[] = { "-P", profileName.get() }; rv = process->Run(false, args, 2); +#endif if (NS_WARN_IF(NS_FAILED(rv))) { return rv; } diff --git a/toolkit/components/telemetry/TelemetryStopwatch.jsm b/toolkit/components/telemetry/TelemetryStopwatch.jsm deleted file mode 100644 index ab6c6eafbb..0000000000 --- a/toolkit/components/telemetry/TelemetryStopwatch.jsm +++ /dev/null @@ -1,335 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this file, - * You can obtain one at http://mozilla.org/MPL/2.0/. */ - -const Cc = Components.classes; -const Ci = Components.interfaces; -const Cu = Components.utils; - -this.EXPORTED_SYMBOLS = ["TelemetryStopwatch"]; - -Cu.import("resource://gre/modules/Log.jsm", this); -var Telemetry = Cc["@mozilla.org/base/telemetry;1"] - .getService(Ci.nsITelemetry); - -// Weak map does not allow using null objects as keys. These objects are used -// as 'null' placeholders. -const NULL_OBJECT = {}; -const NULL_KEY = {}; - -/** - * Timers is a variation of a Map used for storing information about running - * Stopwatches. Timers has the following data structure: - * - * { - * "HISTOGRAM_NAME": WeakMap { - * Object || NULL_OBJECT: Map { - * "KEY" || NULL_KEY: startTime - * ... - * } - * ... - * } - * ... - * } - * - * - * @example - * // Stores current time for a keyed histogram "PLAYING_WITH_CUTE_ANIMALS". - * Timers.put("PLAYING_WITH_CUTE_ANIMALS", null, "CATS", Date.now()); - * - * @example - * // Returns information about a simple Stopwatch. - * let startTime = Timers.get("PLAYING_WITH_CUTE_ANIMALS", null, "CATS"); - */ -let Timers = { - _timers: new Map(), - - _validTypes: function(histogram, obj, key) { - let nonEmptyString = value => { - return typeof value === "string" && value !== "" && value.length > 0; - }; - return nonEmptyString(histogram) && - typeof obj == "object" && - (key === NULL_KEY || nonEmptyString(key)); - }, - - get: function(histogram, obj, key) { - key = key === null ? NULL_KEY : key; - obj = obj || NULL_OBJECT; - - if (!this.has(histogram, obj, key)) { - return null; - } - - return this._timers.get(histogram).get(obj).get(key); - }, - - put: function(histogram, obj, key, startTime) { - key = key === null ? NULL_KEY : key; - obj = obj || NULL_OBJECT; - - if (!this._validTypes(histogram, obj, key)) { - return false; - } - - let objectMap = this._timers.get(histogram) || new WeakMap(); - let keyedInfo = objectMap.get(obj) || new Map(); - keyedInfo.set(key, startTime); - objectMap.set(obj, keyedInfo); - this._timers.set(histogram, objectMap); - return true; - }, - - has: function(histogram, obj, key) { - key = key === null ? NULL_KEY : key; - obj = obj || NULL_OBJECT; - - return this._timers.has(histogram) && - this._timers.get(histogram).has(obj) && - this._timers.get(histogram).get(obj).has(key); - }, - - delete: function(histogram, obj, key) { - key = key === null ? NULL_KEY : key; - obj = obj || NULL_OBJECT; - - if (!this.has(histogram, obj, key)) { - return false; - } - let objectMap = this._timers.get(histogram); - let keyedInfo = objectMap.get(obj); - if (keyedInfo.size > 1) { - keyedInfo.delete(key); - return true; - } - objectMap.delete(obj); - // NOTE: - // We never delete empty objecMaps from this._timers because there is no - // nice solution for tracking the number of objects in a WeakMap. - // WeakMap is not enumerable, so we can't deterministically say when it's - // empty. We accept that trade-off here, given that entries for short-lived - // objects will go away when they are no longer referenced - return true; - } -}; - -this.TelemetryStopwatch = { - /** - * Starts a timer associated with a telemetry histogram. The timer can be - * directly associated with a histogram, or with a pair of a histogram and - * an object. - * - * @param {String} aHistogram - a string which must be a valid histogram name. - * - * @param {Object} aObj - Optional parameter. If specified, the timer is - * associated with this object, meaning that multiple - * timers for the same histogram may be run - * concurrently, as long as they are associated with - * different objects. - * - * @returns {Boolean} True if the timer was successfully started, false - * otherwise. If a timer already exists, it can't be - * started again, and the existing one will be cleared in - * order to avoid measurements errors. - */ - start: function(aHistogram, aObj) { - return TelemetryStopwatchImpl.start(aHistogram, aObj, null); - }, - - /** - * Deletes the timer associated with a telemetry histogram. The timer can be - * directly associated with a histogram, or with a pair of a histogram and - * an object. Important: Only use this method when a legitimate cancellation - * should be done. - * - * @param {String} aHistogram - a string which must be a valid histogram name. - * - * @param {Object} aObj - Optional parameter. If specified, the timer is - * associated with this object, meaning that multiple - * timers or a same histogram may be run concurrently, - * as long as they are associated with different - * objects. - * - * @returns {Boolean} True if the timer exist and it was cleared, False - * otherwise. - */ - cancel: function(aHistogram, aObj) { - return TelemetryStopwatchImpl.cancel(aHistogram, aObj, null); - }, - - /** - * Returns the elapsed time for a particular stopwatch. Primarily for - * debugging purposes. Must be called prior to finish. - * - * @param {String} aHistogram - a string which must be a valid histogram name. - * If an invalid name is given, the function will - * throw. - * - * @param (Object) aObj - Optional parameter which associates the histogram - * timer with the given object. - * - * @returns {Integer} time in milliseconds or -1 if the stopwatch was not - * found. - */ - timeElapsed: function(aHistogram, aObj) { - return TelemetryStopwatchImpl.timeElapsed(aHistogram, aObj, null); - }, - - /** - * Stops the timer associated with the given histogram (and object), - * calculates the time delta between start and finish, and adds the value - * to the histogram. - * - * @param {String} aHistogram - a string which must be a valid histogram name. - * - * @param {Object} aObj - Optional parameter which associates the histogram - * timer with the given object. - * - * @returns {Boolean} True if the timer was succesfully stopped and the data - * was added to the histogram, False otherwise. - */ - finish: function(aHistogram, aObj) { - return TelemetryStopwatchImpl.finish(aHistogram, aObj, null); - }, - - /** - * Starts a timer associated with a keyed telemetry histogram. The timer can - * be directly associated with a histogram and its key. Similarly to - * @see{TelemetryStopwatch.stat} the histogram and its key can be associated - * with an object. Each key may have multiple associated objects and each - * object can be associated with multiple keys. - * - * @param {String} aHistogram - a string which must be a valid histogram name. - * - * @param {String} aKey - a string which must be a valid histgram key. - * - * @param {Object} aObj - Optional parameter. If specified, the timer is - * associated with this object, meaning that multiple - * timers for the same histogram may be run - * concurrently,as long as they are associated with - * different objects. - * - * @returns {Boolean} True if the timer was successfully started, false - * otherwise. If a timer already exists, it can't be - * started again, and the existing one will be cleared in - * order to avoid measurements errors. - */ - startKeyed: function(aHistogram, aKey, aObj) { - return TelemetryStopwatchImpl.start(aHistogram, aObj, aKey); - }, - - /** - * Deletes the timer associated with a keyed histogram. Important: Only use - * this method when a legitimate cancellation should be done. - * - * @param {String} aHistogram - a string which must be a valid histogram name. - * - * @param {String} aKey - a string which must be a valid histgram key. - * - * @param {Object} aObj - Optional parameter. If specified, the timer - * associated with this object is deleted. - * - * @return {Boolean} True if the timer exist and it was cleared, False - * otherwise. - */ - cancelKeyed: function(aHistogram, aKey, aObj) { - return TelemetryStopwatchImpl.cancel(aHistogram, aObj, aKey); - }, - - /** - * Returns the elapsed time for a particular stopwatch. Primarily for - * debugging purposes. Must be called prior to finish. - * - * @param {String} aHistogram - a string which must be a valid histogram name. - * - * @param {String} aKey - a string which must be a valid histgram key. - * - * @param {Object} aObj - Optional parameter. If specified, the timer - * associated with this object is used to calculate - * the elapsed time. - * - * @return {Integer} time in milliseconds or -1 if the stopwatch was not - * found. - */ - timeElapsedKeyed: function(aHistogram, aKey, aObj) { - return TelemetryStopwatchImpl.timeElapsed(aHistogram, aObj, aKey); - }, - - /** - * Stops the timer associated with the given keyed histogram (and object), - * calculates the time delta between start and finish, and adds the value - * to the keyed histogram. - * - * @param {String} aHistogram - a string which must be a valid histogram name. - * - * @param {String} aKey - a string which must be a valid histgram key. - * - * @param {Object} aObj - optional parameter which associates the histogram - * timer with the given object. - * - * @returns {Boolean} True if the timer was succesfully stopped and the data - * was added to the histogram, False otherwise. - */ - finishKeyed: function(aHistogram, aKey, aObj) { - return TelemetryStopwatchImpl.finish(aHistogram, aObj, aKey); - } -}; - -this.TelemetryStopwatchImpl = { - start: function(histogram, object, key) { - if (Timers.has(histogram, object, key)) { - Timers.delete(histogram, object, key); - Cu.reportError(`TelemetryStopwatch: key "${histogram}" was already ` + - "initialized"); - return false; - } - - return Timers.put(histogram, object, key, Components.utils.now()); - }, - - cancel: function (histogram, object, key) { - return Timers.delete(histogram, object, key); - }, - - timeElapsed: function(histogram, object, key) { - let startTime = Timers.get(histogram, object, key); - if (startTime === null) { - Cu.reportError("TelemetryStopwatch: requesting elapsed time for " + - `nonexisting stopwatch. Histogram: "${histogram}", ` + - `key: "${key}"`); - return -1; - } - - try { - let delta = Components.utils.now() - startTime - return Math.round(delta); - } catch (e) { - Cu.reportError("TelemetryStopwatch: failed to calculate elapsed time " + - `for Histogram: "${histogram}", key: "${key}", ` + - `exception: ${Log.exceptionStr(e)}`); - return -1; - } - }, - - finish: function(histogram, object, key) { - let delta = this.timeElapsed(histogram, object, key); - if (delta == -1) { - return false; - } - - try { - if (key) { - Telemetry.getKeyedHistogramById(histogram).add(key, delta); - } else { - Telemetry.getHistogramById(histogram).add(delta); - } - } catch (e) { - Cu.reportError("TelemetryStopwatch: failed to update the Histogram " + - `"${histogram}", using key: "${key}", ` + - `exception: ${Log.exceptionStr(e)}`); - return false; - } - - return Timers.delete(histogram, object, key); - } -} diff --git a/toolkit/components/telemetry/moz.build b/toolkit/components/telemetry/moz.build index 118d61b719..7765c59b43 100644 --- a/toolkit/components/telemetry/moz.build +++ b/toolkit/components/telemetry/moz.build @@ -64,7 +64,6 @@ EXTRA_JS_MODULES += [ 'TelemetryReportingPolicy.jsm', 'TelemetrySend.jsm', 'TelemetrySession.jsm', - 'TelemetryStopwatch.jsm', 'TelemetryStorage.jsm', 'TelemetryTimestamps.jsm', 'TelemetryUtils.jsm', diff --git a/toolkit/components/telemetry/tests/unit/test_TelemetryStopwatch.js b/toolkit/components/telemetry/tests/unit/test_TelemetryStopwatch.js deleted file mode 100644 index d162d9b17b..0000000000 --- a/toolkit/components/telemetry/tests/unit/test_TelemetryStopwatch.js +++ /dev/null @@ -1,156 +0,0 @@ -/* Any copyright is dedicated to the Public Domain. - * http://creativecommons.org/publicdomain/zero/1.0/ */ - -var tmpScope = {}; -Cu.import("resource://gre/modules/TelemetryStopwatch.jsm", tmpScope); -var TelemetryStopwatch = tmpScope.TelemetryStopwatch; - -const HIST_NAME = "TELEMETRY_SEND_SUCCESS"; -const HIST_NAME2 = "RANGE_CHECKSUM_ERRORS"; -const KEYED_HIST = { id: "TELEMETRY_INVALID_PING_TYPE_SUBMITTED", key: "TEST" }; - -var refObj = {}, refObj2 = {}; - -var originalCount1, originalCount2; - -function run_test() { - let histogram = Telemetry.getHistogramById(HIST_NAME); - let snapshot = histogram.snapshot(); - originalCount1 = snapshot.counts.reduce((a, b) => a += b); - - histogram = Telemetry.getHistogramById(HIST_NAME2); - snapshot = histogram.snapshot(); - originalCount2 = snapshot.counts.reduce((a, b) => a += b); - - histogram = Telemetry.getKeyedHistogramById(KEYED_HIST.id); - snapshot = histogram.snapshot(KEYED_HIST.key); - originalCount3 = snapshot.counts.reduce((a, b) => a += b); - - do_check_false(TelemetryStopwatch.start(3)); - do_check_false(TelemetryStopwatch.start({})); - do_check_false(TelemetryStopwatch.start("", 3)); - do_check_false(TelemetryStopwatch.start("", "")); - do_check_false(TelemetryStopwatch.start({}, {})); - - do_check_true(TelemetryStopwatch.start("mark1")); - do_check_true(TelemetryStopwatch.start("mark2")); - - do_check_true(TelemetryStopwatch.start("mark1", refObj)); - do_check_true(TelemetryStopwatch.start("mark2", refObj)); - - // Same timer can't be re-started before being stopped - do_check_false(TelemetryStopwatch.start("mark1")); - do_check_false(TelemetryStopwatch.start("mark1", refObj)); - - // Can't stop a timer that was accidentaly started twice - do_check_false(TelemetryStopwatch.finish("mark1")); - do_check_false(TelemetryStopwatch.finish("mark1", refObj)); - - do_check_true(TelemetryStopwatch.start("NON-EXISTENT_HISTOGRAM")); - do_check_false(TelemetryStopwatch.finish("NON-EXISTENT_HISTOGRAM")); - - do_check_true(TelemetryStopwatch.start("NON-EXISTENT_HISTOGRAM", refObj)); - do_check_false(TelemetryStopwatch.finish("NON-EXISTENT_HISTOGRAM", refObj)); - - do_check_true(TelemetryStopwatch.start(HIST_NAME)); - do_check_true(TelemetryStopwatch.start(HIST_NAME2)); - do_check_true(TelemetryStopwatch.start(HIST_NAME, refObj)); - do_check_true(TelemetryStopwatch.start(HIST_NAME2, refObj)); - do_check_true(TelemetryStopwatch.start(HIST_NAME, refObj2)); - do_check_true(TelemetryStopwatch.start(HIST_NAME2, refObj2)); - - do_check_true(TelemetryStopwatch.finish(HIST_NAME)); - do_check_true(TelemetryStopwatch.finish(HIST_NAME2)); - do_check_true(TelemetryStopwatch.finish(HIST_NAME, refObj)); - do_check_true(TelemetryStopwatch.finish(HIST_NAME2, refObj)); - do_check_true(TelemetryStopwatch.finish(HIST_NAME, refObj2)); - do_check_true(TelemetryStopwatch.finish(HIST_NAME2, refObj2)); - - // Verify that TS.finish deleted the timers - do_check_false(TelemetryStopwatch.finish(HIST_NAME)); - do_check_false(TelemetryStopwatch.finish(HIST_NAME, refObj)); - - // Verify that they can be used again - do_check_true(TelemetryStopwatch.start(HIST_NAME)); - do_check_true(TelemetryStopwatch.start(HIST_NAME, refObj)); - do_check_true(TelemetryStopwatch.finish(HIST_NAME)); - do_check_true(TelemetryStopwatch.finish(HIST_NAME, refObj)); - - do_check_false(TelemetryStopwatch.finish("unknown-mark")); // Unknown marker - do_check_false(TelemetryStopwatch.finish("unknown-mark", {})); // Unknown object - do_check_false(TelemetryStopwatch.finish(HIST_NAME, {})); // Known mark on unknown object - - // Test cancel - do_check_true(TelemetryStopwatch.start(HIST_NAME)); - do_check_true(TelemetryStopwatch.start(HIST_NAME, refObj)); - do_check_true(TelemetryStopwatch.cancel(HIST_NAME)); - do_check_true(TelemetryStopwatch.cancel(HIST_NAME, refObj)); - - // Verify that can not cancel twice - do_check_false(TelemetryStopwatch.cancel(HIST_NAME)); - do_check_false(TelemetryStopwatch.cancel(HIST_NAME, refObj)); - - // Verify that cancel removes the timers - do_check_false(TelemetryStopwatch.finish(HIST_NAME)); - do_check_false(TelemetryStopwatch.finish(HIST_NAME, refObj)); - - // Verify that keyed stopwatch reject invalid keys. - for (let key of [3, {}, ""]) { - do_check_false(TelemetryStopwatch.startKeyed(KEYED_HIST.id, key)); - } - - // Verify that keyed histograms can be started. - do_check_true(TelemetryStopwatch.startKeyed("HISTOGRAM", "KEY1")); - do_check_true(TelemetryStopwatch.startKeyed("HISTOGRAM", "KEY2")); - do_check_true(TelemetryStopwatch.startKeyed("HISTOGRAM", "KEY1", refObj)); - do_check_true(TelemetryStopwatch.startKeyed("HISTOGRAM", "KEY2", refObj)); - - // Restarting keyed histograms should fail. - do_check_false(TelemetryStopwatch.startKeyed("HISTOGRAM", "KEY1")); - do_check_false(TelemetryStopwatch.startKeyed("HISTOGRAM", "KEY1", refObj)); - - // Finishing a stopwatch of a non existing histogram should return false. - do_check_false(TelemetryStopwatch.finishKeyed("HISTOGRAM", "KEY2")); - do_check_false(TelemetryStopwatch.finishKeyed("HISTOGRAM", "KEY2", refObj)); - - // Starting & finishing a keyed stopwatch for an existing histogram should work. - do_check_true(TelemetryStopwatch.startKeyed(KEYED_HIST.id, KEYED_HIST.key)); - do_check_true(TelemetryStopwatch.finishKeyed(KEYED_HIST.id, KEYED_HIST.key)); - // Verify that TS.finish deleted the timers - do_check_false(TelemetryStopwatch.finishKeyed(KEYED_HIST.id, KEYED_HIST.key)); - - // Verify that they can be used again - do_check_true(TelemetryStopwatch.startKeyed(KEYED_HIST.id, KEYED_HIST.key)); - do_check_true(TelemetryStopwatch.finishKeyed(KEYED_HIST.id, KEYED_HIST.key)); - - do_check_false(TelemetryStopwatch.finishKeyed("unknown-mark", "unknown-key")); - do_check_false(TelemetryStopwatch.finishKeyed(KEYED_HIST.id, "unknown-key")); - - // Verify that keyed histograms can only be canceled through "keyed" API. - do_check_true(TelemetryStopwatch.startKeyed(KEYED_HIST.id, KEYED_HIST.key)); - do_check_false(TelemetryStopwatch.cancel(KEYED_HIST.id, KEYED_HIST.key)); - do_check_true(TelemetryStopwatch.cancelKeyed(KEYED_HIST.id, KEYED_HIST.key)); - do_check_false(TelemetryStopwatch.cancelKeyed(KEYED_HIST.id, KEYED_HIST.key)); - - finishTest(); -} - -function finishTest() { - let histogram = Telemetry.getHistogramById(HIST_NAME); - let snapshot = histogram.snapshot(); - let newCount = snapshot.counts.reduce((a, b) => a += b); - - do_check_eq(newCount - originalCount1, 5, "The correct number of histograms were added for histogram 1."); - - histogram = Telemetry.getHistogramById(HIST_NAME2); - snapshot = histogram.snapshot(); - newCount = snapshot.counts.reduce((a, b) => a += b); - - do_check_eq(newCount - originalCount2, 3, "The correct number of histograms were added for histogram 2."); - - histogram = Telemetry.getKeyedHistogramById(KEYED_HIST.id); - snapshot = histogram.snapshot(KEYED_HIST.key); - newCount = snapshot.counts.reduce((a, b) => a += b); - - do_check_eq(newCount - originalCount3, 2, "The correct number of histograms were added for histogram 3."); -} diff --git a/toolkit/components/telemetry/tests/unit/xpcshell.ini b/toolkit/components/telemetry/tests/unit/xpcshell.ini index 42354c4cdd..224516f575 100644 --- a/toolkit/components/telemetry/tests/unit/xpcshell.ini +++ b/toolkit/components/telemetry/tests/unit/xpcshell.ini @@ -41,7 +41,6 @@ tags = addons [test_TelemetryController_idle.js] [test_TelemetryControllerShutdown.js] tags = addons -[test_TelemetryStopwatch.js] [test_TelemetryControllerBuildID.js] [test_TelemetrySendOldPings.js] skip-if = os == "android" # Disabled due to intermittent orange on Android diff --git a/toolkit/components/thumbnails/BackgroundPageThumbs.jsm b/toolkit/components/thumbnails/BackgroundPageThumbs.jsm index bd52e77e92..7b86fa07c8 100644 --- a/toolkit/components/thumbnails/BackgroundPageThumbs.jsm +++ b/toolkit/components/thumbnails/BackgroundPageThumbs.jsm @@ -368,9 +368,12 @@ Capture.prototype = { tel("CAPTURE_QUEUE_TIME_MS", this.startDate - this.creationDate); // timeout timer - let timeout = typeof(this.options.timeout) == "number" ? - this.options.timeout : - DEFAULT_CAPTURE_TIMEOUT; + let timeout; + if (this.options && typeof(this.options.timeout) == "number") { + timeout = this.options.timeout; + } else { + timeout = DEFAULT_CAPTURE_TIMEOUT; + } this._timeoutTimer = Cc["@mozilla.org/timer;1"].createInstance(Ci.nsITimer); this._timeoutTimer.initWithCallback(this, timeout, Ci.nsITimer.TYPE_ONE_SHOT); @@ -468,11 +471,9 @@ Capture.prototype = { }; if (!data) { - // If this background attempt failed, cause a dummy file to be saved, so + // If this background attempt failed, cause a placeholder file to be saved, so // that gets loaded instead of attempting again (and again). - // XXX: Perhaps we can create a placeholder image to use instead of "null" - // here, so it has something to show to the user? - PageThumbs._store(this.url, this.url, null, true) + PageThumbs._store(this.url, this.url, atob(BLANKTHUMB), true) .then(done, done); return; } diff --git a/toolkit/components/thumbnails/PageThumbs.jsm b/toolkit/components/thumbnails/PageThumbs.jsm index 9bd3ae4b3b..5c7754b318 100644 --- a/toolkit/components/thumbnails/PageThumbs.jsm +++ b/toolkit/components/thumbnails/PageThumbs.jsm @@ -28,6 +28,9 @@ const MAX_THUMBNAIL_AGE_SECS = 172800; // 2 days == 60*60*24*2 == 172800 secs. */ const THUMBNAIL_DIRECTORY = "thumbnails"; +// contains base64 version of a placeholder thumbnail +#include blankthumb.inc + Cu.import("resource://gre/modules/XPCOMUtils.jsm", this); Cu.import("resource://gre/modules/PromiseWorker.jsm", this); Cu.import("resource://gre/modules/Promise.jsm", this); @@ -609,7 +612,15 @@ this.PageThumbsStorage = { writeData: function Storage_writeData(aURL, aData, aNoOverwrite) { let path = this.getFilePathForURL(aURL); this.ensurePath(); - aData = new Uint8Array(aData); + + // XXX: We try/catch here since 'null' isn't accepted until we implement + // ES2017's new Uint8Array(); allowance. + try { + aData = new Uint8Array(aData); + } catch(e) { + aData = new Uint8Array(0); + } + let msg = [ path, aData, diff --git a/toolkit/components/thumbnails/blankthumb.inc b/toolkit/components/thumbnails/blankthumb.inc new file mode 100644 index 0000000000..06577c19cd --- /dev/null +++ b/toolkit/components/thumbnails/blankthumb.inc @@ -0,0 +1,87 @@ +const BLANKTHUMB =
+"iVBORw0KGgoAAAANSUhEUgAAASwAAADsCAAAAADricSpAAASn0lEQVR4XuzQQREAAAwCoPWvaolV" +
+"8O1BBC41RrNkyZIlC1myZMmSJQtZsmTJkiULWbJkyZIlC1myZMmSJQtZsmTJkiULWbJkyZIliyfv" +
+"7HYbV5Ik/EUWScl2zwL7svvSc7MXp9uWyKrY2W0iUShI/tmLM6I7SJMpCrrw1xFZCZMNTTyQbNum" +
+"QSlGVEkSD6MHgWVaq81uNAT8eDL4v9eQFCVC6E+HlX6qW22GolkRAr3MBr+sdnPdTJmKQn86LLda" +
+"t4piKaVk6jgFwH+ul2a7uW3bVSVK0R8Mq9W1birLXEpIpHYoCgpgt8W1trqF5n+nv/TPf6Op1mtj" +
+"+pcKOykhCXQqALS3igEDdq3NrWqJ+INgpamulHkuRYAQIQlkxbTjuLZcIQ3QtuZWPZXQnwTL67qq" +
+"zEuEAP0WCChlR8W2CedI0YDfa2aFufwxsLy9Vc3zHBKgkIR2VDOpWsG5u9n7imA3Tf8Gd5X/4u+W" +
+"69ubl/N5DoEiIpJVzBMpooHETlLa0UYBUZG+/2pYrxfmZSoCpJBA+8YsegkALMAIyc2IuWy1eC1F" +
+"3zuGbb20aV5CAikEInlpphetgcEYzL41Y6hbo/E3ZzH4W1V/vXJ6Opc9UDulnRWjYtpDKJFbBIKy" +
+"zJK26m/rLF8vbZ7nAoKQROcqECUYVNNX3daMoW3VUMp3dJZpr798Oi8BoJAAAULS70NjFPub/UYI" +
+"sOY58Lb5G8Ji+3mZzqeiHUCSIktpTFUD0LgRIQRlLlLd/O1gef25zeelKJ0E9BkEQRtZST2t5Eso" +
+"R422tm8Gy5dfXs6zoG9UiC6L3JRET0kAiB33tAiv9VvBam+vLOcpf31BYiKxjcCI/WqyTGxIAkQs" +
+"AVv9RrDa25tOpwLc+rUh0ziKRJRezGuSAGIusG720WElq4tOS5AZpM9fl8ZRBqlzYU8ur2oqZqv6" +
+"HrDa60XnJRiIDMa6ZXQJRmulkqOmCbbNPj4s2uWi0yySjRIZQxWMEiBlyQAXhH7TWquOD8stYll0" +
+"iwLKWvdsLgEasdJHGpiKudbDw7Jj/o9TmuQmqvel0U8MJwxTiee5HfuGhXFjPr1V7ilK8fb/dLkB" +
+"Y4TiyY1mHRmWKpRTq51/RArHXD5hLXNTCsBIisBe23S1dNwYVlsnXVBywqSYTgXAAhx8Rv2SGMvT" +
+"/2oiMBSYDtyz3IClZOc1vdDe9wmDCp+Us9jeLpa2X68XBDGhsA8Ky7i5zFxFCmcSPU+5lpUSfF34" +
+"+vO6vjU2N0MUgoPCMq2hkzpDOU7PT4FHo4U+AT5h09mnvf2q2o+UIOwjwrLc4BQwGwDm5x8v52Ue" +
+"Wz2fBGWMx8tCgNfaMJoUavbxYNGaXSay7c5P8ySb07lgjILPaMQ0EgMQUQBrImgHc1aGcAETYEwR" +
+"BphoACzBF5XDxiizFANEgO2jwaIZpgCIZTk9Pb3MBjDXNxtrmfmcbHIrp2UanQZQFhDAJNn4WEOp" +
+"sYkZLDgLCWEBvjahcpr4lNxtLEo8uK/qOjWMYGpqFOtAsExt1iRSlgUmXKSYi6xPkcpjN9Xm9XyD" +
+"y8X2MkNEc5OO5axmogw8mtr1PJ0gZLA+vQpm8kYlroZpBijVcliHgWUqsLvHwrKs+mp4exGYj9WS" +
+"RdKihkDJzj1TPE0YSqlu0oEafHNzKYAh2azVpAz+iJVtcLLC17eLmeeREwDl/FwAKGE3fBRYphmV" +
+"HgmoXoXjjD+BimrbgI2dwKCu6PS0aAfFLADMcl52qBFy4zjOcjMRol/7qQ1YSmcs30W1OWVssm25" +
+"GmJ5kjFGp8kYOyY1AwCToMrHgGU1Q1LZDy6TmWd6T/n+7L8L9h877WUQCKC1RQDTKTLbVrHbcWK4" +
+"QShJGQDi6fn5SYYuiDY3lFcTVzYuZozt+XySwS2ens/z03lKmqAivB1jNTQbpggsLIzAsqLkuCXy" +
+"nZtyX+Hc8QQGzfLp1QCTi3e8FnvXqmB0CGc1EwLnjgFs08l3kxh79npjYWwc+TnmE1ZhfV27uBtA" +
+"Ac34CA/gtgqlIPVPQCKRLxnuQY91a+p5duPWOXMMhXaa6l91NepQ2VBBgR7eWabZxOAdZ6DSfODU" +
+"0L2is5WdPR4LdwxPLzMgLq+mH/ORcPURGryrkQz97wruNuqvi+22vr5u6YYupWVWUux7vAPb6bd6" +
+"+XVZh6hjMCWvPHSDN24Q2W4RgGUBe+Xt1WHqtUpNBQRGYEAARRcDozMRHYH2q7KBYZGBznuSvZ4O" +
+"4KyahsX2+HD2/mCbJq6vVdDW5GGT2VQxIZPmssGIjK+5VsDE8rT0McRYgkM0+BXHhCQQjA9ng9+u" +
+"6FzeVgTAdPOefNE0xwaGPDjmvhXWBp6eT1OAjeltWCUCPXQMTcMEYISRtWeQbDRVzPy0sDDNWACG" +
+"3g8TVmzCGW80q2PlebpcNAnj3lYAhEx7/BhWg8i4gH8jula3Zq+vG2Z7bblAbsbO2DqxG6boBq6y" +
+"nCdwN05omS0bgw0ZQmOE8YP/pwHz1tAcICRrD+B1s6SXaOuKyIACIp6V+RvFdUOhQhgEHsb67XrG" +
+"AG1nZAO2WSuay2PHkIbVhc7C8luVsN9iy1Syn612WXIqE4OmoshF1ePy6Dh1Q0mfQ4Qx1uPGMDNg" +
+"cA5ZXDdso/Wav1OXUl9fK3bmsE+io8hOuwDYkGFDGMYI2rbAfvSe1Qy9s4DtgrMLkxx3tkD9dYUe" +
+"0q5Ek+ds78nIbrbdv9UABDQ/+OhQK5RIYBJcGuq23AV7xaZy956+xzJZtVrX9fqvbasNkcsi7KSK" +
+"0COPDg2ERU7rWjewchMWRgYQBkAXzQOau8yyO7XXLUNtlangvmvBo8fQDaMuJvhqcss+Ru5g47bZ" +
+"3NOQ0Z0J25awoV1f32oGGxCmPTYs7L7CbNU9K8Bg5+4dADhJdjLuSNF/sO7kbbw/rJXvGhk/NCyT" +
+"axVGGNpqOloMzsp5MrqM9SJBjZ+F3q7G+PViZ1Dh0Z1lgwDWaoPZNkhaNhh7QGU7Jj6Q3X8C23Np" +
+"Nv3GZcu+JaD5sWFhMN4urxuGtifDzrPNXueP4xy2/Q4o08PF2HqacecuDBfDQR5mS+PXK1xW8KV1" +
+"tkqUtntbEU9TQklm3YXBWUnr/H+4csjFrhcAm/TzI48OYHBtgmtVa6IbHACQkfczBuGia4tZ95d8" +
+"d4fcDVNchyBeveRwgg2PC8uNTpVdOynthSx+nxEY1tXIpx3mgEnueI20mC/0rNDa5rBAAI8LK2Ux" +
+"aEfDzko5lBoEDWT7tq+cpAZaYFjWiunnq1qFibI1lceHJSjbAMz0MSSL5GXplrFg8JUM7ry11rRV" +
+"ykCt1dTT48Iy2MhynK5560/5prAMyMLIpN+S6N2G1YUvS4v6lrbq4YJA4Ie+yXo1FERQEYxeEQhl" +
+"SQqZafyA7/V3dkJb29bBVlnZWMsEetAYprNEyHlNQ+dKUyGMMMhc4wQg8N0Y9qjw62oZPCRwrB8W" +
+"lrIR95AgM5mrW56zvsxC+F4Kxzv51NUebDUUB4CFRb0CVmcqelx9c+8iNKC6ay6DYfNe3UB0CFhp" +
+"AStNMTb67O/JCwNeZEAjp5EUxkBb39q92BmwHx6WLUxvllu4cn7vvVVm80EMnUHk+tYMvofqIDG0" +
+"TCdrqHtcdOf5KT6ModNjtGqZD1ipgB4UlkyADfZoqLH2jnZHqNMpLL+b7Cww2O+vfD5Gz8JGhju4" +
+"UJYkMJ0XGindXNzu/13PN0oDioeGVQAsu0eEBXfsJQPlubxnjzGJWOv6PitjC+mhYcnCFlh4oHXz" +
+"lYHyErj3lN9LIYb1tX1oK7AeOoYKLAwK31gK77ySvfOT3+vvea63WY2EKQ8NC6IZW4VttBAMhsrX" +
+"tjHj3MA9x1jXqpHUyNNgBeiRYxhVGBPRLEYLjQwEOJbomXRQfW/eeh9VnqZHdxaWLSgY3+ztY1ae" +
+"Jsuj7XoNeMxSq0aUQ2EePYayCmALmKBVj/Fj5EV7RfOsDGZiQTvgIV7YUQ0fjaQU6ZEfZjPXn4Yp" +
+"AARsDUBG0UimjOJp6XsWbJdqlqebXd6XKx+hcgXOPwI98u37CKA5u0YYcCz/UjKyGdVwu7y+bfnU" +
+"9ma4VvJ+WPe59gGrrCY9es+KCgYsjFTc0FwExesYspQbbK9I5RwAbgIC3+reK518v1QR4pGdpQDc" +
+"vBOzpjItBbPvKWyTatfLBeF92tSCcUQaq7Okt9uuMinTgFJ4aGfJTFdD97yBZrBwa9WkhnavbUMC" +
+"tF3OgM7zddWCRy5GWxtIpQaGJR7+0e5JTmcZgw3G6+r3nvfIhWttgJmeXl6KBxva0K4eWY2+cras" +
+"B+9ZRKkGC/LJZCPbSisNch4Rcg0AU24377Xqzrg6DBgxgx76VpjAK4AEaN9BNCcmfUCbUSbVLtZ7" +
+"rJw+m54lPXIM0/3uH8MCrH5pM+/IY0ztvgb7ZgDHa7MeP4bEfBG2wXlrQiOCdwwWBkAeCfZhpd0A" +
+"i5OViRPo0WGJ+WrRBFhG+PcO1khMd43lWhtYUaJngUqNk8R1Fb7d/GQDU4FHd5bMVDbLFuBEhQEj" +
+"PuRloG21GgDiST0JplBgcQcVxgY4Sw8PCyjThmmF/i4hupM/M/T91bTWQACmXU49DVQwuLTmWzHN" +
+"9j4f4atkjNe/GjDJglwSayWF+IKW+eati9oNbu5PzcDzi6SHH0oFcwFo4O7OqIYl7PPaavrGeTSi" +
+"y11P0kAs0iG+WE1oBSyliRDYYpT4hLxtlnogBup1DOCuBrC8IPHwzkIwT0C/urv5polt86Hstr5t" +
+"wxPe19W+z0rn43xln7RagKA7prW+aDABOHooeDMaW1lvLB0khghtDbAgmWWb4SvEnEVJNgakmNRu" +
+"sbKwfkziKD0LsRqhACUImay/rqIejBVyy9fDyvH0LKGDfC2DWGYwrXUdGSkXs68L9U0rPTayagjK" +
+"WSCOEkMU6w4IlBftfPFFWdOQOaPmm+uFzk+SOAgsEOEtI5m8hJPTF5lNcWPpayOrBjD/IzgQLCHK" +
+"3uPHb6wy4su8zKSBlLH2esjkj1kSB3JWjg+WoMeF7zAS95dDl3LrFn4CpOuG5+cQR4IForRqhAN6" +
+"XPbXM+iYhAcL5eyWrBrA9GNC4kiwBIqtJaU8uPH1EGoKek8lNomBlV5OEseCBUJlNWBEAmzta9O7" +
+"AZUSJBISlAGFFOr+Fc4/ktWRYpgrYk+r8ZUh3iDFFEpwowxCktywYPpHSDrcNzrJcK4XgIaUGRL3" +
+"ZQYpJL37KFa+CAPxo0hwOFgI4qVuAC3E1xWSkH2D6IjKzUjoZZHQAWGBiJe/6u4tEDRjxKeUjSo1" +
+"1j0rAJ3OgIBj9axsW7F265b9hXXQBt0Kp1GaqmfF6YckcUhYCJh2Wk48n+fVjBjl0Vo5jSw/QuKo" +
+"sEAwsXZwrC8A04gYj0Wy2hdCxFFhCcEUqxG2pYHWh9zsGJM4lm4GwfSjSIiDwkpa2kAChNxRkbLk" +
+"kwg9VLYNgvKPSUIcE9ZIiyGEcoQQ+gBZDJhutXYxdawON2elZMFT/GzkCJHOcHqhmbvy3Qumue/t" +
+"cGRYSevMTstW4rKcfd/ipizfS6G8o0I7K8GhY5hJnOpOyyQXZdUQt2SkkdO4CqKnl2R1cGeBLLzE" +
+"zysAuIYYexgGxCC/k8NmwIJ4OufMcHBnpbdiZoM+i5+6eXFn0GoNMEjl+SwF4tiwRlpTVCu90edG" +
+"mDuSelCJaq/F/DTnnyYOH8N+eD/Fr95c+sxDNQIjkzJ2omJZAiHg8M4aeTGpmqFhCewvfd1ygoxl" +
+"joiQ9L1gCRkTkWCUTd1G9+GQ0QV3qIh5Ljur7wQrZRThW44SNyVjAEZSaJpLKCJCgfhGPQuQZQUO" +
+"xVbbyEt+lzAeoqqYQlJm8Ls5K6UIPMzohvei2AZUZZpDUuy0vp2zkEUA2IpWN/c3TGlKYBpvERpl" +
+"rd1VSNLA6uiwRinADYpK25qlZGJQTwiylAyJqpT8a8Xe3PUNYyi0HyWkKIVPSV0V01y0eyoiFOI7" +
+"wkpnsEcIaSrxBVgqZZ6LFFLsuJLV94MlEGiHJYSilAjQR6wUMS+l7F09dmPpb2WF/snfKYNxChtj" +
+"XFuzLTOKvZGrgBAZYoWEBOJbwkpcJlntsPpvrSUloZAU6hKctpQQiG8MC7PjoveWAZMFJB4QjLYS" +
+"Uj9mfM/RAYQRIGyTuMAC32l0CSv3pPitnZXuwtBba98Z5nnte26CzlXf11mju0CMrDzYqo9jnhLV" +
+"93fW+E2+N1BZPa/OTAmZPwXWyAvTH0Zv6Ub1J8FKeeA2agQkgD8V1sjIDNJQ/tGwUuYdiQfQxMNI" +
+"N6CJh9L/tEPHBAAAMAiA1r+qJVbBzwcikBrzLFmykCVLlixZspAlS5YsWbKQJUuWLFmykCVLlixZ" +
+"spAlS5YsWbKQJUuWLFmyeEoXbr5fYDBbAAAAAElFTkSuQmCC";
+
diff --git a/toolkit/components/thumbnails/moz.build b/toolkit/components/thumbnails/moz.build index 9bc218b6a0..d4003c6355 100644 --- a/toolkit/components/thumbnails/moz.build +++ b/toolkit/components/thumbnails/moz.build @@ -14,9 +14,13 @@ EXTRA_COMPONENTS += [ EXTRA_JS_MODULES += [ 'BackgroundPageThumbs.jsm', - 'PageThumbs.jsm', 'PageThumbsWorker.js', 'PageThumbUtils.jsm', ] +EXTRA_PP_JS_MODULES += [ + 'PageThumbs.jsm', +] + + JAR_MANIFESTS += ['jar.mn'] diff --git a/toolkit/components/url-classifier/Classifier.cpp b/toolkit/components/url-classifier/Classifier.cpp index bbaeaf5352..b9d0ace1bd 100644 --- a/toolkit/components/url-classifier/Classifier.cpp +++ b/toolkit/components/url-classifier/Classifier.cpp @@ -15,7 +15,6 @@ #include "nsNetCID.h" #include "nsPrintfCString.h" #include "nsThreadUtils.h" -#include "mozilla/Telemetry.h" #include "mozilla/Logging.h" #include "mozilla/SyncRunnable.h" #include "mozilla/Base64.h" @@ -413,8 +412,6 @@ Classifier::Check(const nsACString& aSpec, uint32_t aFreshnessGuarantee, LookupResultArray& aResults) { - Telemetry::AutoTimer<Telemetry::URLCLASSIFIER_CL_CHECK_TIME> timer; - // Get the set of fragments based on the url. This is necessary because we // only look up at most 5 URLs per aSpec, even if aSpec has more than 5 // components. @@ -498,9 +495,6 @@ Classifier::Check(const nsACString& aSpec, matchingStatistics |= PrefixMatch::eMatchV2Prefix; } } - - Telemetry::Accumulate(Telemetry::URLCLASSIFIER_PREFIX_MATCH, - static_cast<uint8_t>(matchingStatistics)); } return NS_OK; @@ -509,8 +503,6 @@ Classifier::Check(const nsACString& aSpec, nsresult Classifier::ApplyUpdates(nsTArray<TableUpdate*>* aUpdates) { - Telemetry::AutoTimer<Telemetry::URLCLASSIFIER_CL_UPDATE_TIME> timer; - PRIntervalTime clockStart = 0; if (LOG_ENABLED()) { clockStart = PR_IntervalNow(); diff --git a/toolkit/components/url-classifier/Entries.h b/toolkit/components/url-classifier/Entries.h index 969f4f739b..b7fb345161 100644 --- a/toolkit/components/url-classifier/Entries.h +++ b/toolkit/components/url-classifier/Entries.h @@ -100,7 +100,7 @@ struct SafebrowsingHash aStr.SetCapacity(2 * len); for (size_t i = 0; i < len; ++i) { - const char c = static_cast<const char>(buf[i]); + const char c = static_cast<char>(buf[i]); aStr.Append(lut[(c >> 4) & 0x0F]); aStr.Append(lut[c & 15]); } diff --git a/toolkit/components/url-classifier/LookupCache.cpp b/toolkit/components/url-classifier/LookupCache.cpp index 5a3b1e36d0..7c4d7682b3 100644 --- a/toolkit/components/url-classifier/LookupCache.cpp +++ b/toolkit/components/url-classifier/LookupCache.cpp @@ -6,7 +6,6 @@ #include "LookupCache.h" #include "HashStore.h" #include "nsISeekableStream.h" -#include "mozilla/Telemetry.h" #include "mozilla/Logging.h" #include "nsNetUtil.h" #include "prprf.h" @@ -451,9 +450,6 @@ nsresult LookupCacheV2::Build(AddPrefixArray& aAddPrefixes, AddCompleteArray& aAddCompletes) { - Telemetry::Accumulate(Telemetry::URLCLASSIFIER_LC_COMPLETIONS, - static_cast<uint32_t>(aAddCompletes.Length())); - mUpdateCompletions.Clear(); mUpdateCompletions.SetCapacity(aAddCompletes.Length()); for (uint32_t i = 0; i < aAddCompletes.Length(); i++) { @@ -462,9 +458,6 @@ LookupCacheV2::Build(AddPrefixArray& aAddPrefixes, aAddCompletes.Clear(); mUpdateCompletions.Sort(); - Telemetry::Accumulate(Telemetry::URLCLASSIFIER_LC_PREFIXES, - static_cast<uint32_t>(aAddPrefixes.Length())); - nsresult rv = ConstructPrefixSet(aAddPrefixes); NS_ENSURE_SUCCESS(rv, rv); mPrimed = true; @@ -548,8 +541,6 @@ static void EnsureSorted(T* aArray) nsresult LookupCacheV2::ConstructPrefixSet(AddPrefixArray& aAddPrefixes) { - Telemetry::AutoTimer<Telemetry::URLCLASSIFIER_PS_CONSTRUCT_TIME> timer; - nsTArray<uint32_t> array; if (!array.SetCapacity(aAddPrefixes.Length(), fallible)) { return NS_ERROR_OUT_OF_MEMORY; diff --git a/toolkit/components/url-classifier/LookupCacheV4.cpp b/toolkit/components/url-classifier/LookupCacheV4.cpp index 7258ae3583..a96e4931ac 100644 --- a/toolkit/components/url-classifier/LookupCacheV4.cpp +++ b/toolkit/components/url-classifier/LookupCacheV4.cpp @@ -144,9 +144,6 @@ LookupCacheV4::LoadFromFile(nsIFile* aFile) } rv = VerifyChecksum(checksum); - Telemetry::Accumulate(Telemetry::URLCLASSIFIER_VLPS_LOAD_CORRUPT, - rv == NS_ERROR_FILE_CORRUPTED); - return rv; } @@ -231,8 +228,6 @@ LookupCacheV4::ApplyUpdate(TableUpdateV4* aTableUpdate, if (!isOldMapEmpty && !isAddMapEmpty) { if (smallestOldPrefix == smallestAddPrefix) { LOG(("Add prefix should not exist in the original prefix set.")); - Telemetry::Accumulate(Telemetry::URLCLASSIFIER_UPDATE_ERROR_TYPE, - DUPLICATE_PREFIX); return NS_ERROR_FAILURE; } @@ -274,15 +269,11 @@ LookupCacheV4::ApplyUpdate(TableUpdateV4* aTableUpdate, // the number of original prefix plus add prefix. if (index <= 0) { LOG(("There are still prefixes remaining after reaching maximum runs.")); - Telemetry::Accumulate(Telemetry::URLCLASSIFIER_UPDATE_ERROR_TYPE, - INFINITE_LOOP); return NS_ERROR_FAILURE; } if (removalIndex < removalArray.Length()) { LOG(("There are still prefixes to remove after exhausting the old PrefixSet.")); - Telemetry::Accumulate(Telemetry::URLCLASSIFIER_UPDATE_ERROR_TYPE, - WRONG_REMOVAL_INDICES); return NS_ERROR_FAILURE; } @@ -290,8 +281,6 @@ LookupCacheV4::ApplyUpdate(TableUpdateV4* aTableUpdate, crypto->Finish(false, checksum); if (aTableUpdate->Checksum().IsEmpty()) { LOG(("Update checksum missing.")); - Telemetry::Accumulate(Telemetry::URLCLASSIFIER_UPDATE_ERROR_TYPE, - MISSING_CHECKSUM); // Generate our own checksum to tableUpdate to ensure there is always // checksum in .metadata @@ -300,8 +289,6 @@ LookupCacheV4::ApplyUpdate(TableUpdateV4* aTableUpdate, } else if (aTableUpdate->Checksum() != checksum){ LOG(("Checksum mismatch after applying partial update")); - Telemetry::Accumulate(Telemetry::URLCLASSIFIER_UPDATE_ERROR_TYPE, - CHECKSUM_MISMATCH); return NS_ERROR_FAILURE; } diff --git a/toolkit/components/url-classifier/VariableLengthPrefixSet.cpp b/toolkit/components/url-classifier/VariableLengthPrefixSet.cpp index e9d6770d35..a387a698c6 100644 --- a/toolkit/components/url-classifier/VariableLengthPrefixSet.cpp +++ b/toolkit/components/url-classifier/VariableLengthPrefixSet.cpp @@ -209,8 +209,6 @@ VariableLengthPrefixSet::LoadFromFile(nsIFile* aFile) NS_ENSURE_ARG_POINTER(aFile); - Telemetry::AutoTimer<Telemetry::URLCLASSIFIER_VLPS_FILELOAD_TIME> timer; - nsCOMPtr<nsIInputStream> localInFile; nsresult rv = NS_NewLocalFileInputStream(getter_AddRefs(localInFile), aFile, PR_RDONLY | nsIFile::OS_READAHEAD); @@ -255,15 +253,12 @@ VariableLengthPrefixSet::StoreToFile(nsIFile* aFile) uint32_t fileSize = 0; // Preallocate the file storage - { - nsCOMPtr<nsIFileOutputStream> fos(do_QueryInterface(localOutFile)); - Telemetry::AutoTimer<Telemetry::URLCLASSIFIER_VLPS_FALLOCATE_TIME> timer; + nsCOMPtr<nsIFileOutputStream> fos(do_QueryInterface(localOutFile)); - fileSize += mFixedPrefixSet->CalculatePreallocateSize(); - fileSize += CalculatePreallocateSize(); + fileSize += mFixedPrefixSet->CalculatePreallocateSize(); + fileSize += CalculatePreallocateSize(); - Unused << fos->Preallocate(fileSize); - } + Unused << fos->Preallocate(fileSize); // Convert to buffered stream nsCOMPtr<nsIOutputStream> out = diff --git a/toolkit/components/url-classifier/nsUrlClassifierDBService.cpp b/toolkit/components/url-classifier/nsUrlClassifierDBService.cpp index 2ad8b6b515..d3018aa2db 100644 --- a/toolkit/components/url-classifier/nsUrlClassifierDBService.cpp +++ b/toolkit/components/url-classifier/nsUrlClassifierDBService.cpp @@ -37,7 +37,6 @@ #include "mozilla/Mutex.h" #include "mozilla/Preferences.h" #include "mozilla/TimeStamp.h" -#include "mozilla/Telemetry.h" #include "mozilla/Logging.h" #include "prprf.h" #include "prnetdb.h" @@ -320,9 +319,6 @@ nsUrlClassifierDBServiceWorker::HandlePendingLookups() MutexAutoUnlock unlock(mPendingLookupLock); DoLookup(lookup.mKey, lookup.mTables, lookup.mCallback); } - double lookupTime = (TimeStamp::Now() - lookup.mStartTime).ToMilliseconds(); - Telemetry::Accumulate(Telemetry::URLCLASSIFIER_LOOKUP_TIME, - static_cast<uint32_t>(lookupTime)); } return NS_OK; @@ -1818,8 +1814,6 @@ nsUrlClassifierDBService::Shutdown() gShuttingDownThread = true; - Telemetry::AutoTimer<Telemetry::URLCLASSIFIER_SHUTDOWN_TIME> timer; - mCompleters.Clear(); nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID); diff --git a/toolkit/components/url-classifier/nsUrlClassifierPrefixSet.cpp b/toolkit/components/url-classifier/nsUrlClassifierPrefixSet.cpp index 8745654703..3cfdf7a35f 100644 --- a/toolkit/components/url-classifier/nsUrlClassifierPrefixSet.cpp +++ b/toolkit/components/url-classifier/nsUrlClassifierPrefixSet.cpp @@ -315,8 +315,6 @@ nsUrlClassifierPrefixSet::LoadFromFile(nsIFile* aFile) { MutexAutoLock lock(mLock); - Telemetry::AutoTimer<Telemetry::URLCLASSIFIER_PS_FILELOAD_TIME> timer; - nsCOMPtr<nsIInputStream> localInFile; nsresult rv = NS_NewLocalFileInputStream(getter_AddRefs(localInFile), aFile, PR_RDONLY | nsIFile::OS_READAHEAD); @@ -356,17 +354,13 @@ nsUrlClassifierPrefixSet::StoreToFile(nsIFile* aFile) uint32_t fileSize; - // Preallocate the file storage - { - nsCOMPtr<nsIFileOutputStream> fos(do_QueryInterface(localOutFile)); - Telemetry::AutoTimer<Telemetry::URLCLASSIFIER_PS_FALLOCATE_TIME> timer; + nsCOMPtr<nsIFileOutputStream> fos(do_QueryInterface(localOutFile)); - fileSize = CalculatePreallocateSize(); + fileSize = CalculatePreallocateSize(); - // Ignore failure, the preallocation is a hint and we write out the entire - // file later on - Unused << fos->Preallocate(fileSize); - } + // Ignore failure, the preallocation is a hint and we write out the entire + // file later on + Unused << fos->Preallocate(fileSize); // Convert to buffered stream nsCOMPtr<nsIOutputStream> out = diff --git a/toolkit/components/url-classifier/nsUrlClassifierStreamUpdater.cpp b/toolkit/components/url-classifier/nsUrlClassifierStreamUpdater.cpp index 554bff3422..e230f69518 100644 --- a/toolkit/components/url-classifier/nsUrlClassifierStreamUpdater.cpp +++ b/toolkit/components/url-classifier/nsUrlClassifierStreamUpdater.cpp @@ -646,9 +646,6 @@ nsUrlClassifierStreamUpdater::OnStartRequest(nsIRequest *request, if (NS_FAILED(status)) { // Assume we're overloading the server and trigger backoff. downloadError = true; - mozilla::Telemetry::Accumulate(mozilla::Telemetry::URLCLASSIFIER_UPDATE_REMOTE_STATUS, - 15 /* unknown response code */); - } else { bool succeeded = false; rv = httpChannel->GetRequestSucceeded(&succeeded); @@ -657,8 +654,6 @@ nsUrlClassifierStreamUpdater::OnStartRequest(nsIRequest *request, uint32_t requestStatus; rv = httpChannel->GetResponseStatus(&requestStatus); NS_ENSURE_SUCCESS(rv, rv); - mozilla::Telemetry::Accumulate(mozilla::Telemetry::URLCLASSIFIER_UPDATE_REMOTE_STATUS, - HTTPStatusToBucket(requestStatus)); LOG(("nsUrlClassifierStreamUpdater::OnStartRequest %s (%d)", succeeded ? "succeeded" : "failed", requestStatus)); if (!succeeded) { diff --git a/toolkit/content/aboutSupport.js b/toolkit/content/aboutSupport.js index 4e42a56877..b1d7ab5f64 100644 --- a/toolkit/content/aboutSupport.js +++ b/toolkit/content/aboutSupport.js @@ -180,9 +180,12 @@ var snapshotFormatters = { title = key; } } + let td = $.new("td", value); + td.style["white-space"] = "pre-wrap"; + return $.new("tr", [ $.new("th", title, "column"), - $.new("td", value), + td, ]); } @@ -306,8 +309,16 @@ var snapshotFormatters = { apzInfo.length ? apzInfo.join("; ") : localizedMsg(["apzNone"])); - addRowFromKey("features", "webglRenderer"); + addRowFromKey("features", "webgl1WSIInfo"); + addRowFromKey("features", "webgl1Renderer"); + addRowFromKey("features", "webgl1Version"); + addRowFromKey("features", "webgl1DriverExtensions"); + addRowFromKey("features", "webgl1Extensions"); + addRowFromKey("features", "webgl2WSIInfo"); addRowFromKey("features", "webgl2Renderer"); + addRowFromKey("features", "webgl2Version"); + addRowFromKey("features", "webgl2DriverExtensions"); + addRowFromKey("features", "webgl2Extensions"); addRowFromKey("features", "supportsHardwareH264", "hardwareH264"); addRowFromKey("features", "currentAudioBackend", "audioBackend"); addRowFromKey("features", "direct2DEnabled", "#Direct2D"); diff --git a/toolkit/content/tests/chrome/window_browser_drop.xul b/toolkit/content/tests/chrome/window_browser_drop.xul index 8a22ccce90..2d9bcd2a1a 100644 --- a/toolkit/content/tests/chrome/window_browser_drop.xul +++ b/toolkit/content/tests/chrome/window_browser_drop.xul @@ -31,7 +31,7 @@ function dropOnRemoteBrowserAsync(browser, data, shouldExpectStateChange) { }); } - let dataTransfer = new content.DataTransfer("dragstart", false); + let dataTransfer = new content.DataTransfer(); for (let i = 0; i < data.length; i++) { let types = data[i]; for (let j = 0; j < types.length; j++) { @@ -166,18 +166,6 @@ function* dropLinksOnBrowser(browser, type) { data: "http://www.mozilla.org/\nMozilla.org\nhttp://www.example.com/\nExample.com" } ] ], "text/x-moz-url with 2 URLs drop on browser " + type); - // Dropping multiple items should open multiple pages. - yield* expectLink(browser, - [ { url: "http://www.example.com/", - name: "Example.com" }, - { url: "http://www.mozilla.org/", - name: "http://www.mozilla.org/" }], - [ [ { type: "text/x-moz-url", - data: "http://www.example.com/\nExample.com" } ], - [ { type: "text/plain", - data: "http://www.mozilla.org/" } ] ], - "text/x-moz-url and text/plain drop on browser " + type); - // Dropping single item with multiple types should open single page. yield* expectLink(browser, [ { url: "http://www.example.org/", diff --git a/toolkit/content/widgets/tabbox.xml b/toolkit/content/widgets/tabbox.xml index 02adb70b31..60c395c131 100644 --- a/toolkit/content/widgets/tabbox.xml +++ b/toolkit/content/widgets/tabbox.xml @@ -792,19 +792,6 @@ <field name="arrowKeysShouldWrap" readonly="true"> /Mac/.test(navigator.platform) </field> - <property name="TelemetryStopwatch" readonly="true"> - <getter><![CDATA[ - let module = {}; - Cu.import("resource://gre/modules/TelemetryStopwatch.jsm", module); - Object.defineProperty(this, "TelemetryStopwatch", { - configurable: true, - enumerable: true, - writable: true, - value: module.TelemetryStopwatch - }); - return module.TelemetryStopwatch; - ]]></getter> - </property> </implementation> <handlers> @@ -814,11 +801,6 @@ return; if (this != this.parentNode.selectedItem) { // Not selected yet - let stopwatchid = this.parentNode.getAttribute("stopwatchid"); - if (stopwatchid) { - this.TelemetryStopwatch.start(stopwatchid); - } - // Call this before setting the 'ignorefocus' attribute because this // will pass on focus if the formerly selected tab was focused as well. this.parentNode._selectNewTab(this); @@ -836,10 +818,6 @@ this.setAttribute("ignorefocus", "true"); setTimeout(tab => tab.removeAttribute("ignorefocus"), 0, this); } - - if (stopwatchid) { - this.TelemetryStopwatch.finish(stopwatchid); - } } // Otherwise this tab is already selected and we will fall // through to mousedown behavior which sets focus on the current tab, diff --git a/toolkit/locales/Makefile.in b/toolkit/locales/Makefile.in index 189e0b1b0e..198d9aaa87 100644 --- a/toolkit/locales/Makefile.in +++ b/toolkit/locales/Makefile.in @@ -16,7 +16,9 @@ libs-%: @$(MAKE) -C ../../netwerk/locales/ libs AB_CD=$* XPI_NAME=locale-$* @$(MAKE) -C ../../dom/locales/ libs AB_CD=$* XPI_NAME=locale-$* @$(MAKE) -C ../../security/manager/locales/ libs AB_CD=$* XPI_NAME=locale-$* +ifdef MOZ_DEVTOOLS_SERVER @$(MAKE) -C ../../devtools/shared/locales/ libs AB_CD=$* XPI_NAME=locale-$* +endif @$(MAKE) libs AB_CD=$* XPI_NAME=locale-$* # target to be used by multi-locale l10n builds, just add this locale diff --git a/toolkit/locales/en-US/chrome/global/aboutRights.dtd b/toolkit/locales/en-US/chrome/global/aboutRights.dtd index dfd5a1668b..8ccbbb1777 100644 --- a/toolkit/locales/en-US/chrome/global/aboutRights.dtd +++ b/toolkit/locales/en-US/chrome/global/aboutRights.dtd @@ -87,7 +87,7 @@ <!-- points 1-7 text for branded builds --> <!ENTITY rights2.webservices-term1 "&vendorShortName; and its contributors, licensors and partners work to provide the most accurate and up-to-date Services. However, we cannot guarantee that this information is comprehensive and error-free. For example, for the Location Aware Service all locations returned by our service provider are estimates only and neither we nor our service provider guarantee the accuracy of the locations provided."> <!ENTITY rights.webservices-term2 "&vendorShortName; may discontinue or change the Services at its discretion."> -<!ENTITY rights2.webservices-term3 "You are welcome to use these Services with the accompanying version of &brandShortName;, and &vendorShortName; grants you its rights to do so. &vendorShortName; and its licensors reserve all other rights in the Services. These terms are not intended to limit any rights granted under open source licenses applicable to &brandShortName; and to corresponding source code versions of &brandShortName;, however these (optional) services are provided asa convenience to you, and in no way extend your software rights to the Services."> +<!ENTITY rights2.webservices-term3 "You are welcome to use these Services with the accompanying version of &brandShortName;, and &vendorShortName; grants you its rights to do so. &vendorShortName; and its licensors reserve all other rights in the Services. These terms are not intended to limit any rights granted under open source licenses applicable to &brandShortName; and to corresponding source code versions of &brandShortName;, however these (optional) services are provided as a convenience to you, and in no way extend your software rights to the Services."> <!ENTITY rights.webservices-term4 "The Services are provided "as-is" and "as-available". &vendorShortName;, its contributors, licensors and distributors disclaim all warranties, whether express or implied, including without limitation warranties that the Services are merchantable and fit for your particular purposes. You bear the entire risk as to selecting the Services for your purposes and as to the quality and performance of the Services. If your jurisdiction does not allow disclaiming of warranties, then you should not use &brandShortName; or Services."> <!ENTITY rights.webservices-term5 "Except as required by law, &vendorShortName;, its contributors, licensors, and distributors will not be liable for any indirect, special, incidental, consequential, punitive, or exemplary damages arising out of or in any way relating to the use of &brandShortName; and the Services. The collective liability under these terms will not exceed $500 (five hundred dollars). If your jurisdiction does not allow the exclusion or limitation of damages, then you should not use &brandShortName; or Services."> <!ENTITY rights.webservices-term6 "&vendorShortName; may update these terms as necessary from time to time. These terms may not be modified or canceled without &vendorShortName;'s written agreement."> diff --git a/toolkit/locales/en-US/chrome/global/aboutSupport.properties b/toolkit/locales/en-US/chrome/global/aboutSupport.properties index 0bc612b795..564292e3d9 100644 --- a/toolkit/locales/en-US/chrome/global/aboutSupport.properties +++ b/toolkit/locales/en-US/chrome/global/aboutSupport.properties @@ -71,8 +71,16 @@ gpuRAM = RAM gpuDriverVersion = Driver Version gpuDriverDate = Driver Date gpuActive = Active -webglRenderer = WebGL Renderer -webgl2Renderer = WebGL2 Renderer +webgl1WSIInfo = WebGL 1 Driver WSI Info +webgl1Renderer = WebGL 1 Driver Renderer +webgl1Version = WebGL 1 Driver Version +webgl1DriverExtensions = WebGL 1 Driver Extensions +webgl1Extensions = WebGL 1 Extensions +webgl2WSIInfo = WebGL 2 Driver WSI Info +webgl2Renderer = WebGL 2 Driver Renderer +webgl2Version = WebGL 2 Driver Version +webgl2DriverExtensions = WebGL 2 Driver Extensions +webgl2Extensions = WebGL 2 Extensions GPU1 = GPU #1 GPU2 = GPU #2 blocklistedBug = Blocklisted due to known issues diff --git a/toolkit/modules/Troubleshoot.jsm b/toolkit/modules/Troubleshoot.jsm index cea7c8f29d..8d84eec8c3 100644 --- a/toolkit/modules/Troubleshoot.jsm +++ b/toolkit/modules/Troubleshoot.jsm @@ -419,7 +419,13 @@ var dataProviders = { .createInstance(Ci.nsIDOMParser) .parseFromString("<html/>", "text/html"); - function GetWebGLInfo(contextType) { + function GetWebGLInfo(data, keyPrefix, contextType) { + data[keyPrefix + "Renderer"] = "-"; + data[keyPrefix + "Version"] = "-"; + data[keyPrefix + "DriverExtensions"] = "-"; + data[keyPrefix + "Extensions"] = "-"; + data[keyPrefix + "WSIInfo"] = "-"; + let canvas = doc.createElement("canvas"); canvas.width = 1; canvas.height = 1; @@ -446,16 +452,22 @@ var dataProviders = { creationError = e.toString(); } } - if (!gl) - return creationError || "(no info)"; + if (!gl) { + data[keyPrefix + "Renderer"] = creationError || "(no creation error info)"; + return; + } + data[keyPrefix + "Extensions"] = gl.getSupportedExtensions().join(" "); - let infoExt = gl.getExtension("WEBGL_debug_renderer_info"); + let ext = gl.getExtension("MOZ_debug_get"); // This extension is unconditionally available to chrome. No need to check. - let vendor = gl.getParameter(infoExt.UNMASKED_VENDOR_WEBGL); - let renderer = gl.getParameter(infoExt.UNMASKED_RENDERER_WEBGL); + let vendor = ext.getParameter(gl.VENDOR); + let renderer = ext.getParameter(gl.RENDERER); - let contextInfo = vendor + " -- " + renderer; + data[keyPrefix + "Renderer"] = vendor + " -- " + renderer; + data[keyPrefix + "Version"] = ext.getParameter(gl.VERSION); + data[keyPrefix + "DriverExtensions"] = ext.getParameter(ext.EXTENSIONS); + data[keyPrefix + "WSIInfo"] = ext.getParameter(ext.WSI_INFO); // Eagerly free resources. @@ -463,14 +475,11 @@ var dataProviders = { if (loseExt) { loseExt.loseContext(); } - - - return contextInfo; } - data.webglRenderer = GetWebGLInfo("webgl"); - data.webgl2Renderer = GetWebGLInfo("webgl2"); + GetWebGLInfo(data, "webgl1", "webgl"); + GetWebGLInfo(data, "webgl2", "webgl2"); let infoInfo = gfxInfo.getInfo(); diff --git a/toolkit/modules/tests/browser/browser_Troubleshoot.js b/toolkit/modules/tests/browser/browser_Troubleshoot.js index 7f0069dc91..4124be1fb3 100644 --- a/toolkit/modules/tests/browser/browser_Troubleshoot.js +++ b/toolkit/modules/tests/browser/browser_Troubleshoot.js @@ -298,12 +298,36 @@ const SNAPSHOT_SCHEMA = { clearTypeParameters: { type: "string", }, - webglRenderer: { + webgl1Renderer: { + type: "string", + }, + webgl1Version: { + type: "string", + }, + webgl1DriverExtensions: { + type: "string", + }, + webgl1Extensions: { + type: "string", + }, + webgl1WSIInfo: { type: "string", }, webgl2Renderer: { type: "string", }, + webgl2Version: { + type: "string", + }, + webgl2DriverExtensions: { + type: "string", + }, + webgl2Extensions: { + type: "string", + }, + webgl2WSIInfo: { + type: "string", + }, info: { type: "object", }, diff --git a/toolkit/mozapps/downloads/content/downloads.js b/toolkit/mozapps/downloads/content/downloads.js index 92a9f75931..2fdb19a743 100644 --- a/toolkit/mozapps/downloads/content/downloads.js +++ b/toolkit/mozapps/downloads/content/downloads.js @@ -7,7 +7,7 @@ // Globals const PREF_BDM_CLOSEWHENDONE = "browser.download.manager.closeWhenDone"; -const PREF_BDM_ALERTONEXEOPEN = "browser.download.manager.alertOnEXEOpen"; +const PREF_BDM_CONFIRMOPENEXE = "browser.download.confirmOpenExecutable"; const PREF_BDM_SCANWHENDONE = "browser.download.manager.scanWhenDone"; const nsLocalFile = Components.Constructor("@mozilla.org/file/local;1", @@ -78,7 +78,6 @@ var gStr = { downloadsTitleFiles: "downloadsTitleFiles", downloadsTitlePercent: "downloadsTitlePercent", fileExecutableSecurityWarningTitle: "fileExecutableSecurityWarningTitle", - fileExecutableSecurityWarningDontAsk: "fileExecutableSecurityWarningDontAsk" }; // The statement to query for downloads that are active or match the search @@ -251,7 +250,7 @@ function openDownload(aDownload) var pref = Cc["@mozilla.org/preferences-service;1"]. getService(Ci.nsIPrefBranch); try { - dontAsk = !pref.getBoolPref(PREF_BDM_ALERTONEXEOPEN); + dontAsk = !pref.getBoolPref(PREF_BDM_CONFIRMOPENEXE); } catch (e) { } if (AppConstants.platform == "win") { @@ -273,16 +272,13 @@ function openDownload(aDownload) var message = strings.getFormattedString("fileExecutableSecurityWarning", [name, name]); let title = gStr.fileExecutableSecurityWarningTitle; - let dontAsk = gStr.fileExecutableSecurityWarningDontAsk; var promptSvc = Cc["@mozilla.org/embedcomp/prompt-service;1"]. getService(Ci.nsIPromptService); - var checkbox = { value: false }; - var open = promptSvc.confirmCheck(window, title, message, dontAsk, checkbox); + var open = promptSvc.confirm(window, title, message); if (!open) return; - pref.setBoolPref(PREF_BDM_ALERTONEXEOPEN, !checkbox.value); } } try { diff --git a/toolkit/themes/linux/global/jar.mn b/toolkit/themes/linux/global/jar.mn index b161f8cae1..ba665adff1 100644 --- a/toolkit/themes/linux/global/jar.mn +++ b/toolkit/themes/linux/global/jar.mn @@ -32,7 +32,7 @@ toolkit.jar: skin/classic/global/splitter.css skin/classic/global/tabbox.css skin/classic/global/textbox.css - skin/classic/global/toolbar.css +* skin/classic/global/toolbar.css skin/classic/global/toolbarbutton.css skin/classic/global/tree.css skin/classic/global/alerts/alert.css (alerts/alert.css) diff --git a/toolkit/themes/linux/global/toolbar.css b/toolkit/themes/linux/global/toolbar.css index f17fea12f1..1d52aeb8f1 100644 --- a/toolkit/themes/linux/global/toolbar.css +++ b/toolkit/themes/linux/global/toolbar.css @@ -31,11 +31,21 @@ menubar, toolbar[type="menubar"] { padding: 1px 0px; } + +%ifdef MOZ_AUSTRALIS +menubar:-moz-lwtheme, +toolbar:-moz-lwtheme { + -moz-appearance: none; + color: inherit; +} +%else menubar:-moz-lwtheme, toolbar:-moz-lwtheme { -moz-appearance: none; color: inherit; + border-style: none; } +%endif /* in browser.xul, the menubar is inside a toolbar... */ toolbaritem > menubar { diff --git a/toolkit/themes/osx/global/jar.mn b/toolkit/themes/osx/global/jar.mn index 2b7d19641c..9ca73cc6bc 100644 --- a/toolkit/themes/osx/global/jar.mn +++ b/toolkit/themes/osx/global/jar.mn @@ -44,7 +44,7 @@ toolkit.jar: skin/classic/global/tabbox.css skin/classic/global/textbox.css skin/classic/global/datetimepicker.css - skin/classic/global/toolbar.css +* skin/classic/global/toolbar.css skin/classic/global/toolbarbutton.css * skin/classic/global/tree.css * skin/classic/global/viewbuttons.css diff --git a/toolkit/themes/osx/global/toolbar.css b/toolkit/themes/osx/global/toolbar.css index 820436f142..f07332d2f3 100644 --- a/toolkit/themes/osx/global/toolbar.css +++ b/toolkit/themes/osx/global/toolbar.css @@ -16,12 +16,21 @@ toolbar { -moz-appearance: toolbar; } +%ifdef MOZ_AUSTRALIS menubar:-moz-lwtheme, toolbar:-moz-lwtheme { -moz-appearance: none; background: none; border-color: transparent; } +%else +menubar:-moz-lwtheme, +toolbar:-moz-lwtheme { + -moz-appearance: none; + background: none; + border-style: none; +} +%endif menubar { -moz-appearance: dialog; /* For content menubars, "toolbar" is too dark, so we use "dialog". */ diff --git a/toolkit/themes/shared/jar.inc.mn b/toolkit/themes/shared/jar.inc.mn index e361e744f0..3755688279 100644 --- a/toolkit/themes/shared/jar.inc.mn +++ b/toolkit/themes/shared/jar.inc.mn @@ -9,7 +9,6 @@ toolkit.jar: % skin global classic/1.0 %skin/classic/global/ -% skin help classic/1.0 %skin/classic/help/ % skin mozapps classic/1.0 %skin/classic/mozapps/ skin/classic/global/about.css (../../shared/about.css) skin/classic/global/aboutCache.css (../../shared/aboutCache.css) diff --git a/toolkit/themes/windows/global/jar.mn b/toolkit/themes/windows/global/jar.mn index a2cc9e2eae..6f0cf41301 100644 --- a/toolkit/themes/windows/global/jar.mn +++ b/toolkit/themes/windows/global/jar.mn @@ -37,7 +37,7 @@ toolkit.jar: skin/classic/global/printPreview.css skin/classic/global/scrollbox.css skin/classic/global/splitter.css - skin/classic/global/toolbar.css +* skin/classic/global/toolbar.css skin/classic/global/toolbarbutton.css * skin/classic/global/tree.css skin/classic/global/alerts/alert.css (alerts/alert.css) diff --git a/toolkit/themes/windows/global/toolbar.css b/toolkit/themes/windows/global/toolbar.css index dcd8d361f0..38c8a617a5 100644 --- a/toolkit/themes/windows/global/toolbar.css +++ b/toolkit/themes/windows/global/toolbar.css @@ -37,7 +37,8 @@ toolbar:first-child, menubar { } /* ::::: lightweight theme ::::: */ - + +%ifdef MOZ_AUSTRALIS menubar:-moz-lwtheme, toolbox:-moz-lwtheme, toolbar:-moz-lwtheme { @@ -45,6 +46,15 @@ toolbar:-moz-lwtheme { background: none; border-color: transparent; } +%else +menubar:-moz-lwtheme, +toolbox:-moz-lwtheme, +toolbar:-moz-lwtheme { + -moz-appearance: none; + background: none; + border-style: none; +} +%endif /* ::::: toolbar decorations ::::: */ diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index 40f9ead790..59a72c4321 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -4338,11 +4338,6 @@ mozilla::BrowserTabsRemoteAutostart() gBrowserTabsRemoteStatus = status; - mozilla::Telemetry::Accumulate(mozilla::Telemetry::E10S_STATUS, status); - if (prefEnabled) { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::E10S_BLOCKED_FROM_RUNNING, - !gBrowserTabsRemoteAutostart); - } return gBrowserTabsRemoteAutostart; } diff --git a/toolkit/xre/nsXREDirProvider.cpp b/toolkit/xre/nsXREDirProvider.cpp index d904cb83a9..2656524775 100644 --- a/toolkit/xre/nsXREDirProvider.cpp +++ b/toolkit/xre/nsXREDirProvider.cpp @@ -953,27 +953,6 @@ nsXREDirProvider::DoStartup() else mode = 2; } - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SAFE_MODE_USAGE, mode); - - // Telemetry about number of profiles. - nsCOMPtr<nsIToolkitProfileService> profileService = - do_GetService("@mozilla.org/toolkit/profile-service;1"); - if (profileService) { - nsCOMPtr<nsISimpleEnumerator> profiles; - rv = profileService->GetProfiles(getter_AddRefs(profiles)); - if (NS_WARN_IF(NS_FAILED(rv))) { - return rv; - } - - uint32_t count = 0; - nsCOMPtr<nsISupports> profile; - while (NS_SUCCEEDED(profiles->GetNext(getter_AddRefs(profile)))) { - ++count; - } - - mozilla::Telemetry::Accumulate(mozilla::Telemetry::NUMBER_OF_PROFILES, - count); - } obsSvc->NotifyObservers(nullptr, "profile-initial-state", nullptr); } diff --git a/widget/android/fennec/Telemetry.h b/widget/android/fennec/Telemetry.h index c727354969..458889ef06 100644 --- a/widget/android/fennec/Telemetry.h +++ b/widget/android/fennec/Telemetry.h @@ -44,7 +44,6 @@ public: AddHistogram(jni::String::Param aName, int32_t aValue) { MOZ_ASSERT(aName); - mozilla::Telemetry::Accumulate(aName->ToCString().get(), aValue); } static void @@ -52,8 +51,6 @@ public: int32_t aValue) { MOZ_ASSERT(aName && aKey); - mozilla::Telemetry::Accumulate(aName->ToCString().get(), - aKey->ToCString(), aValue); } static void diff --git a/widget/nsIdleService.cpp b/widget/nsIdleService.cpp index 6a28330815..a1a2566dfc 100644 --- a/widget/nsIdleService.cpp +++ b/widget/nsIdleService.cpp @@ -716,9 +716,6 @@ nsIdleService::IdleTimerCallback(void) return; } - // Tell expired listeners they are expired,and find the next timeout - Telemetry::AutoTimer<Telemetry::IDLE_NOTIFY_IDLE_MS> timer; - // We need to initialise the time to the next idle switch. mDeltaToNextIdleSwitchInS = UINT32_MAX; diff --git a/widget/windows/nsLookAndFeel.cpp b/widget/windows/nsLookAndFeel.cpp index 97f81abfdb..a907622d9e 100644 --- a/widget/windows/nsLookAndFeel.cpp +++ b/widget/windows/nsLookAndFeel.cpp @@ -11,7 +11,6 @@ #include "nsUXThemeConstants.h" #include "gfxFont.h" #include "WinUtils.h" -#include "mozilla/Telemetry.h" #include "mozilla/WindowsVersion.h" #include "gfxFontConstants.h" @@ -65,8 +64,6 @@ nsLookAndFeel::nsLookAndFeel() : nsXPLookAndFeel() , mUseAccessibilityTheme(0) { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::TOUCH_ENABLED_DEVICE, - WinUtils::IsTouchDeviceSupportPresent()); } nsLookAndFeel::~nsLookAndFeel() diff --git a/widget/windows/nsNativeThemeWin.cpp b/widget/windows/nsNativeThemeWin.cpp index 8950dcf90f..475ebce945 100644 --- a/widget/windows/nsNativeThemeWin.cpp +++ b/widget/windows/nsNativeThemeWin.cpp @@ -1360,7 +1360,10 @@ nsNativeThemeWin::GetThemePartAndState(nsIFrame* aFrame, uint8_t aWidgetType, static bool AssumeThemePartAndStateAreTransparent(int32_t aPart, int32_t aState) { - if (aPart == MENU_POPUPITEM && aState == MBI_NORMAL) { + // When using a high contrast theme on Windows 8 or later, we can't + // use this optimization. + if (!(IsWin8OrLater() && nsUXThemeData::IsHighContrastOn()) && + aPart == MENU_POPUPITEM && aState == MBI_NORMAL) { return true; } return false; diff --git a/widget/windows/nsWindow.cpp b/widget/windows/nsWindow.cpp index b2bb59bd36..122d186860 100644 --- a/widget/windows/nsWindow.cpp +++ b/widget/windows/nsWindow.cpp @@ -366,6 +366,9 @@ static const int32_t kResizableBorderMinSize = 3; // Cached pointer events enabler value, True if pointer events are enabled. static bool gIsPointerEventsEnabled = false; +// Cached scroll outside menu enabler value, True if scrolling is allowed. +static bool gIsScrollingOutsideEnabled = false; + // We should never really try to accelerate windows bigger than this. In some // cases this might lead to no D3D9 acceleration where we could have had it // but D3D9 does not reliably report when it supports bigger windows. 8192 @@ -665,6 +668,10 @@ nsWindow::nsWindow() Preferences::AddBoolVarCache(&gIsPointerEventsEnabled, "dom.w3c_pointer_events.enabled", gIsPointerEventsEnabled); + Preferences::AddBoolVarCache(&gIsScrollingOutsideEnabled, + "ui.menu.allow_content_scroll", + gIsScrollingOutsideEnabled); + } // !sInstanceCount mIdleService = nullptr; @@ -4225,10 +4232,6 @@ nsWindow::DispatchMouseEvent(EventMessage aEventMessage, WPARAM wParam, } if (WinUtils::GetIsMouseFromTouch(aEventMessage)) { - if (aEventMessage == eMouseDown) { - Telemetry::Accumulate(Telemetry::FX_TOUCH_USED, 1); - } - if (mTouchWindow) { // If mTouchWindow is true, then we must have APZ enabled and be // feeding it raw touch events. In that case we don't need to @@ -6743,8 +6746,6 @@ bool nsWindow::OnGesture(WPARAM wParam, LPARAM lParam) bool endFeedback = true; if (mGesture.PanDeltaToPixelScroll(wheelEvent)) { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::SCROLL_INPUT_METHODS, - (uint32_t) ScrollInputMethod::MainThreadTouch); DispatchEvent(&wheelEvent, status); } @@ -7703,7 +7704,8 @@ nsWindow::DealWithPopups(HWND aWnd, UINT aMessage, break; } } - return consumeRollupEvent; + // Consume event if appropriate unless overridden. + return consumeRollupEvent && !gIsScrollingOutsideEnabled; case WM_ACTIVATEAPP: break; diff --git a/xpcom/base/CycleCollectedJSContext.cpp b/xpcom/base/CycleCollectedJSContext.cpp index 4af8fe4dd0..02fc1aa4ca 100644 --- a/xpcom/base/CycleCollectedJSContext.cpp +++ b/xpcom/base/CycleCollectedJSContext.cpp @@ -1547,9 +1547,6 @@ IncrementalFinalizeRunnable::Run() } } - uint32_t duration = (uint32_t)((TimeStamp::Now() - start).ToMilliseconds()); - Telemetry::Accumulate(Telemetry::DEFERRED_FINALIZE_ASYNC, duration); - return NS_OK; } diff --git a/xpcom/base/nsCycleCollector.cpp b/xpcom/base/nsCycleCollector.cpp index b2c15a1dd4..a349e086d2 100644 --- a/xpcom/base/nsCycleCollector.cpp +++ b/xpcom/base/nsCycleCollector.cpp @@ -528,15 +528,6 @@ public: #define CC_GRAPH_ASSERT(b) #endif -#define CC_TELEMETRY(_name, _value) \ - PR_BEGIN_MACRO \ - if (NS_IsMainThread()) { \ - Telemetry::Accumulate(Telemetry::CYCLE_COLLECTOR##_name, _value); \ - } else { \ - Telemetry::Accumulate(Telemetry::CYCLE_COLLECTOR_WORKER##_name, _value); \ - } \ - PR_END_MACRO - enum NodeColor { black, white, grey }; // This structure should be kept as small as possible; we may expect @@ -2966,7 +2957,6 @@ nsCycleCollector::ScanWeakMaps() if (failed) { MOZ_ASSERT(false, "Ran out of memory in ScanWeakMaps"); - CC_TELEMETRY(_OOM, true); } } @@ -3109,7 +3099,6 @@ nsCycleCollector::ScanIncrementalRoots() if (failed) { NS_ASSERTION(false, "Ran out of memory in ScanIncrementalRoots"); - CC_TELEMETRY(_OOM, true); } } @@ -3171,7 +3160,6 @@ nsCycleCollector::ScanBlackNodes() if (failed) { NS_ASSERTION(false, "Ran out of memory in ScanBlackNodes"); - CC_TELEMETRY(_OOM, true); } } @@ -3501,7 +3489,6 @@ nsCycleCollector::FixGrayBits(bool aForceGC, TimeLog& aTimeLog) bool needGC = !mJSContext->AreGCGrayBitsValid(); // Only do a telemetry ping for non-shutdown CCs. - CC_TELEMETRY(_NEED_GC, needGC); if (!needGC) { return; } @@ -3553,10 +3540,6 @@ nsCycleCollector::CleanupAfterCollection() printf(".\ncc: \n"); #endif - CC_TELEMETRY( , interval); - CC_TELEMETRY(_VISITED_REF_COUNTED, mResults.mVisitedRefCounted); - CC_TELEMETRY(_VISITED_GCED, mResults.mVisitedGCed); - CC_TELEMETRY(_COLLECTED, mWhiteNodeCount); timeLog.Checkpoint("CleanupAfterCollection::telemetry"); if (mJSContext) { diff --git a/xpcom/base/nsMemoryReporterManager.cpp b/xpcom/base/nsMemoryReporterManager.cpp index 2d4f3fa9c8..bfeda063bb 100644 --- a/xpcom/base/nsMemoryReporterManager.cpp +++ b/xpcom/base/nsMemoryReporterManager.cpp @@ -440,7 +440,6 @@ ResidentDistinguishedAmountHelper(int64_t* aN, bool aDoPurge) { #ifdef HAVE_JEMALLOC_STATS if (aDoPurge) { - Telemetry::AutoTimer<Telemetry::MEMORY_FREE_PURGED_PAGES_MS> timer; jemalloc_purge_freed_pages(); } #endif diff --git a/xpcom/build/XPCOMInit.cpp b/xpcom/build/XPCOMInit.cpp index e8ee5828a4..b89f51a98a 100644 --- a/xpcom/build/XPCOMInit.cpp +++ b/xpcom/build/XPCOMInit.cpp @@ -123,6 +123,8 @@ extern nsresult nsStringInputStreamConstructor(nsISupports*, REFNSIID, void**); #include "nsMemoryInfoDumper.h" #include "nsSecurityConsoleMessage.h" #include "nsMessageLoop.h" +#include "nss.h" +#include "ssl.h" #include "nsStatusReporterManager.h" @@ -1043,6 +1045,17 @@ ShutdownXPCOM(nsIServiceManager* aServMgr) sInitializedJS = false; } + // At this point all networking threads should have been joined and the + // component manager is shut down. Any remaining objects that hold NSS + // resources (should!) have been released, so we can safely shut down NSS. + if (NSS_IsInitialized()) { + SSL_ClearSessionCache(); + // XXX: It would be nice if we can enforce this shutdown. + if (NSS_Shutdown() != SECSuccess) { + NS_WARNING("NSS Shutdown failed - some resources are still in use"); + } + } + // Release our own singletons // Do this _after_ shutting down the component manager, because the // JS component loader will use XPConnect to call nsIModule::canUnload, diff --git a/xpcom/glue/nsTHashtable.h b/xpcom/glue/nsTHashtable.h index 705b0294e2..830f52e881 100644 --- a/xpcom/glue/nsTHashtable.h +++ b/xpcom/glue/nsTHashtable.h @@ -372,7 +372,7 @@ template<class EntryType> PLDHashNumber nsTHashtable<EntryType>::s_HashKey(const void* aKey) { - return EntryType::HashKey(static_cast<const KeyTypePointer>(aKey)); + return EntryType::HashKey(static_cast<KeyTypePointer>(aKey)); } template<class EntryType> @@ -381,7 +381,7 @@ nsTHashtable<EntryType>::s_MatchEntry(const PLDHashEntryHdr* aEntry, const void* aKey) { return ((const EntryType*)aEntry)->KeyEquals( - static_cast<const KeyTypePointer>(aKey)); + static_cast<KeyTypePointer>(aKey)); } template<class EntryType> diff --git a/xpcom/string/nsReadableUtilsImpl.h b/xpcom/string/nsReadableUtilsImpl.h index ff1497b514..94f18dffc6 100644 --- a/xpcom/string/nsReadableUtilsImpl.h +++ b/xpcom/string/nsReadableUtilsImpl.h @@ -18,7 +18,7 @@ inline bool IsASCII(char16_t aChar) { inline const char16_t* aligned(const char16_t* aPtr, const uintptr_t aMask) { return reinterpret_cast<const char16_t*>( - reinterpret_cast<const uintptr_t>(aPtr) & ~aMask); + reinterpret_cast<uintptr_t>(aPtr) & ~aMask); } /** diff --git a/xpcom/threads/HangMonitor.cpp b/xpcom/threads/HangMonitor.cpp index 6def6ed617..8003ef515a 100644 --- a/xpcom/threads/HangMonitor.cpp +++ b/xpcom/threads/HangMonitor.cpp @@ -249,8 +249,6 @@ NotifyActivity(ActivityType aActivityType) // If we have UI activity we should reset the timer and report it if (aActivityType == kUIActivity) { - mozilla::Telemetry::Accumulate(mozilla::Telemetry::EVENTLOOP_UI_ACTIVITY_EXP_MS, - cumulativeUILagMS); cumulativeUILagMS = 0; } |
