| /third_party/node/test/fixtures/wpt/common/security-features/resources/ |
| D | common.sub.js | 2 * @fileoverview Utilities for mixed-content in web-platform-tests.
17 // See also common/security-features/Types.md for high-level description.
32 "rel-noref"
33 [A] <link rel="noreferrer"> (referrer-policy only).
35 "http-rp"
47 https://w3c.github.io/webappsec-referrer-policy/
49 https://w3c.github.io/webappsec-referrer-policy/#referrer-policy
54 - (for [A]) Associated with an individual subresource request and
59 - (for [B]) Associated with an nested environmental settings object and
61 e.g. HTTP referrer-policy response headers of HTML/worker scripts.
[all …]
|
| /third_party/selinux/libselinux/man/man3/ |
| D | avc_add_callback.3 | 1 .\" Hey Emacs! This file is -*- nroff -*- source.
6 avc_add_callback \- additional event notification for SELinux userspace object managers
26 .BI "uint32_t " events ", security_id_t " ssid ,
35 is used to register callback functions on security events. The purpose of this functionality is to…
37 .I events
39 .RI bitwise- or
40 of security events on which to register the callback; see
41 .B SECURITY EVENTS
60 argument indicates the security event which occurred; the remaining arguments
62 of the callback should be zero on success, \-1 on error with
[all …]
|
| D | selinux_status_open.3 | 5 selinux_status_deny_unknown \- reference the SELinux kernel status
27 entry. It enables userspace applications to mmap this page with read-only
31 access control; such as row-level security in databases, it will face
35 These functions provides applications a way to know some kernel events
36 without system-call invocation or worker thread for monitoring.
44 it in read-only mode. The file-descriptor and pointer to the page shall
60 processes status update events. There are two kinds of status updates.
62 events will change the effective enforcing state used within the AVC, and
64 events will result in a cache flush.
67 1 if there have been updates since the last call, or \-1 on error.
[all …]
|
| /third_party/selinux/libselinux/include/selinux/ |
| D | avc.h | 30 * avc_sid_to_context - get copy of context corresponding to SID.
34 * Return a copy of the security context corresponding to the input
36 * free the context with freecon(). Return %0 on success, -%1 on
44 * avc_context_to_sid - get SID for context.
45 * @ctx: input security context
48 * Look up security context @ctx in SID table, making
52 * returning %0 on success or -%1 on error with @errno set.
58 * sidget - increment SID reference counter.
74 * sidput - decrement SID reference counter.
81 * be called to obtain a new SID for the security context.
[all …]
|
| /third_party/libwebsockets/READMEs/ |
| D | README.content-security-policy.md | 1 ## Using Content Security Policy (CSP)
7 new headers describing the security policy for the content, then
24 …-security-policy": "default-src 'none'; img-src 'self' data:; script-src 'self'; font-src 'self'; …
25 "x-content-type-options": "nosniff",
26 "x-xss-protection": "1; mode=block",
27 "x-frame-options": "deny",
28 "referrer-policy": "no-referrer"
38 provide a very significant increase in client security.
43 with `default-src 'none'` which disables everything, and then allow the
55 <meta charset=utf-8 http-equiv="Content-Language" content="en"/>
[all …]
|
| /third_party/selinux/libselinux/src/ |
| D | avc.c | 45 uint32_t events; member
66 & (AVC_CACHE_SLOTS - 1); in avc_hash()
87 return -1; in avc_context_to_sid()
101 *ctx = strdup(sid->ctx); /* caller must free via freecon */ in avc_sid_to_context_raw()
102 rc = *ctx ? 0 : -1; in avc_sid_to_context_raw()
160 strncpy(avc_prefix, prefix, AVC_PREFIX_SIZE - 1); in avc_init_internal()
188 rc = -1; in avc_init_internal()
201 new->next = avc_node_freelist; in avc_init_internal()
232 while (nopts--) in avc_open()
285 node = node->next; in avc_av_stats()
[all …]
|
| /third_party/wpa_supplicant/wpa_supplicant-2.9_standard/wpa_supplicant/ |
| D | ChangeLog | 3 2022-01-16 - v2.10
5 - improved protection against side channel attacks
6 [https://w1.fi/security/2022-1/]
7 - added support for the hash-to-element mechanism (sae_pwe=1 or
10 - fixed PMKSA caching with OKC
11 - added support for SAE-PK
12 * EAP-pwd changes
13 - improved protection against side channel attacks
14 [https://w1.fi/security/2022-1/]
17 [https://w1.fi/security/2021-1/]
[all …]
|
| D | README | 4 Copyright (c) 2003-2022, Jouni Malinen <j@w1.fi> and contributors
16 -------
32 3. Neither the name(s) of the above-listed copyright holder(s) nor the
51 --------
54 - WPA-PSK ("WPA-Personal")
55 - WPA with EAP (e.g., with RADIUS authentication server) ("WPA-Enterprise")
58 * EAP-TLS
59 * EAP-PEAP/MSCHAPv2 (both PEAPv0 and PEAPv1)
60 * EAP-PEAP/TLS (both PEAPv0 and PEAPv1)
61 * EAP-PEAP/GTC (both PEAPv0 and PEAPv1)
[all …]
|
| /third_party/wpa_supplicant/wpa_supplicant-2.9/wpa_supplicant/ |
| D | ChangeLog | 3 2019-08-07 - v2.9
5 - disable use of groups using Brainpool curves
6 - improved protection against side channel attacks
7 [https://w1.fi/security/2019-6/]
8 * EAP-pwd changes
9 - disable use of groups using Brainpool curves
10 - allow the set of groups to be configured (eap_pwd_groups)
11 - improved protection against side channel attacks
12 [https://w1.fi/security/2019-6/]
13 * fixed FT-EAP initial mobility domain association using PMKSA caching
[all …]
|
| D | README | 4 Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi> and contributors
16 -------
32 3. Neither the name(s) of the above-listed copyright holder(s) nor the
51 --------
54 - WPA-PSK ("WPA-Personal")
55 - WPA with EAP (e.g., with RADIUS authentication server) ("WPA-Enterprise")
58 * EAP-TLS
59 * EAP-PEAP/MSCHAPv2 (both PEAPv0 and PEAPv1)
60 * EAP-PEAP/TLS (both PEAPv0 and PEAPv1)
61 * EAP-PEAP/GTC (both PEAPv0 and PEAPv1)
[all …]
|
| /third_party/node/deps/undici/src/node_modules/@fastify/busboy/ |
| D | README.md | 7 [![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat…
8 …Security Responsible Disclosure](https://img.shields.io/badge/Security-Responsible%20Disclosure-ye…
25 aimed at addressing long-standing issues with it.
30 |-----------------------|---------|-------------------------------------------|
82 <form method="POST" enctype="multipart/form-data">
93 // Example output, using http://nodejs.org/images/ryan-speaker.jpg as the file:
96 // File [filefield]: filename: ryan-speaker.jpg, encoding: binary
98 // Field [textfield]: value: 'testing! :-)'
185 // Field [textfield]: value: 'testing! :-)'
197 Busboy (special) events
[all …]
|
| /third_party/wpa_supplicant/wpa_supplicant-2.9_standard/hostapd/ |
| D | ChangeLog | 3 2022-01-16 - v2.10
5 - improved protection against side channel attacks
6 [https://w1.fi/security/2022-1/]
7 - added option send SAE Confirm immediately (sae_config_immediate=1)
9 - added support for the hash-to-element mechanism (sae_pwe=1 or
11 - fixed PMKSA caching with OKC
12 - added support for SAE-PK
13 * EAP-pwd changes
14 - improved protection against side channel attacks
15 [https://w1.fi/security/2022-1/]
[all …]
|
| /third_party/libcoap/include/coap3/ |
| D | coap_event.h | 2 * coap_event.h -- libcoap Event API
5 * Copyright (C) 2021-2023 Jon Shallow <supjps-libcoap@jpshallow.com>
7 * SPDX-License-Identifier: BSD-2-Clause
25 * @defgroup events Event Handling
26 * API for event delivery from lower-layer library functions.
31 * Scalar type to represent different events, e.g. DTLS events or
36 * (D)TLS events for COAP_PROTO_DTLS and COAP_PROTO_TLS
48 * TCP events for COAP_PROTO_TCP and COAP_PROTO_TLS
58 * CSM exchange events for reliable protocols only
68 * (Q-)Block errors
[all …]
|
| /third_party/vulkan-loader/.github/workflows/ |
| D | codeql.yml | 7 # http://www.apache.org/licenses/LICENSE-2.0
26 - cron: '26 7 * * 1'
34 # - https://gh.io/recommended-hardware-resources-for-running-codeql
35 # - https://gh.io/supported-runners-and-hardware-resources
36 # - https://gh.io/using-larger-runners
38 runs-on: 'ubuntu-latest'
39 timeout-minutes: 360
43 security-events: write
46 fail-fast: false
51 - name: Checkout repository
[all …]
|
| /third_party/pcre2/pcre2/.github/workflows/ |
| D | scorecards.yml | 1 name: Scorecards supply-chain security
6 - cron: '23 17 * * 1'
11 permissions: read-all
16 runs-on: ubuntu-latest
18 # Needed to upload the results to code-scanning dashboard.
19 security-events: write
24 - name: "Checkout code"
27 persist-credentials: false
29 - name: "Run analysis"
30 uses: ossf/scorecard-action@c1aec4ac820532bab364f02a81873c555a0ba3a1 # v1.0.4
[all …]
|
| D | codeql.yml | 21 - cron: '27 6 * * 4'
24 permissions: read-all
29 runs-on: ubuntu-latest
33 security-events: write
36 fail-fast: false
40 # Learn more about CodeQL language support at https://git.io/codeql-language-support
43 - name: Checkout repository
47 - name: Initialize CodeQL
48 uses: github/codeql-action/init@v2
54 # queries: ./path/to/local/query, your-org/your-repo/queries@main
[all …]
|
| /third_party/wpa_supplicant/wpa_supplicant-2.9/hostapd/ |
| D | ChangeLog | 3 2019-08-07 - v2.9
5 - disable use of groups using Brainpool curves
6 - improved protection against side channel attacks
7 [https://w1.fi/security/2019-6/]
8 * EAP-pwd changes
9 - disable use of groups using Brainpool curves
10 - improved protection against side channel attacks
11 [https://w1.fi/security/2019-6/]
12 * fixed FT-EAP initial mobility domain association using PMKSA caching
18 * added experimental support for EAP-TEAP server (RFC 7170)
[all …]
|
| /third_party/python/Doc/library/ |
| D | xml.dom.pulldom.rst | 1 :mod:`xml.dom.pulldom` --- Support for building partial DOM trees
5 :synopsis: Support for building partial DOM trees from SAX events.
11 --------------
14 asked to produce DOM-accessible fragments of the document where necessary. The
15 basic concept involves pulling "events" from a stream of incoming XML and
16 processing them. In contrast to SAX which also employs an event-driven
18 responsible for explicitly pulling events from the stream, looping over those
19 events until either processing is finished or an error condition occurs.
26 unauthenticated data see :ref:`xml-vulnerabilities`.
31 increase security by default. To enable processing of external entities,
[all …]
|
| D | xml.sax.rst | 1 :mod:`xml.sax` --- Support for SAX2 parsers
13 --------------
25 :ref:`xml-vulnerabilities`.
30 to increase security. Before, the parser created network connections
66 :term:`bytes-like object`.
74 produces a sequence of events. The events then get distributed to the handler
79 the handler objects are called based on structural and syntactic events from the
107 exception --- it is also useful as a container for information.
109 When instantiated, *msg* should be a human-readable description of the error.
151 Definitions of the interfaces for application-provided objects.
[all …]
|
| /third_party/node/doc/changelogs/ |
| D | CHANGELOG_V010.md | 3 <!--lint disable maximum-line-length no-literal-urls prohibited-strings-->
92 ## 2016-10-18, Version 0.10.48 (Maintenance), @rvagg
94 … a security release. All Node.js users should consult the security release summary at <https://nod…
98 * c-ares: fix for single-byte buffer overwrite, CVE-2016-5180, more information at <https://c-ares.…
102 * \[[`a14a6a3a11`](https://github.com/nodejs/node/commit/a14a6a3a11)] - deps: c-ares, avoid single-…
103 * \[[`b798f598af`](https://github.com/nodejs/node/commit/b798f598af)] - tls: fix minor jslint failu…
104 * \[[`92b232ba01`](https://github.com/nodejs/node/commit/92b232ba01)] - win,build: try multiple tim…
108 ## 2016-09-27, Version 0.10.47 (Maintenance), @rvagg
110 …a security release. All Node.js users should consult the security release summary at <https://node…
114 * buffer: Zero-fill excess bytes in new `Buffer` objects created with `Buffer.concat()` while provi…
[all …]
|
| /third_party/skia/third_party/externals/opengl-registry/extensions/EXT/ |
| D | EXT_robustness.txt | 43 systems have created new requirements for robustness and security
62 is particularly useful for multi-threaded usage of OpenGL contexts
68 out-of-bounds vertex buffer object fetches occur. Modern graphics
69 hardware is capable well-defined behavior in the case of out-of-
71 extra checks to enforce well-defined (and termination free)
88 * Provide an enable to guarantee that out-of-bounds buffer object
136 Certain events can result in a reset of the GL context. Such a reset
137 causes all context state to be lost. Recovery from such events
165 events, and GetGraphicsResetStatusEXT will always return
168 not allow loss of context state no matter what events occur.
[all …]
|
| /third_party/openGLES/extensions/EXT/ |
| D | EXT_robustness.txt | 43 systems have created new requirements for robustness and security
62 is particularly useful for multi-threaded usage of OpenGL contexts
68 out-of-bounds vertex buffer object fetches occur. Modern graphics
69 hardware is capable well-defined behavior in the case of out-of-
71 extra checks to enforce well-defined (and termination free)
88 * Provide an enable to guarantee that out-of-bounds buffer object
136 Certain events can result in a reset of the GL context. Such a reset
137 causes all context state to be lost. Recovery from such events
165 events, and GetGraphicsResetStatusEXT will always return
168 not allow loss of context state no matter what events occur.
[all …]
|
| /third_party/libfuse/include/ |
| D | fuse_kernel.h | 1 /* SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-2-Clause) */
4 Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu>
9 This -- and only this -- header file may also be distributed under
12 Copyright (C) 2001-2007 Miklos Szeredi. All rights reserved.
42 * - add the following messages:
48 * - add padding to messages to accommodate 32-bit servers on 64-bit kernels
51 * - add FOPEN_DIRECT_IO and FOPEN_KEEP_CACHE flags
52 * - add FUSE_FSYNCDIR message
55 * - add FUSE_ACCESS message
56 * - add FUSE_CREATE message
[all …]
|
| /third_party/node/doc/api/ |
| D | inspector.md | 3 <!--introduced_in=v8.0.0-->
5 > Stability: 2 - Stable
7 <!-- source_link=lib/inspector.js -->
20 <!-- YAML
23 - version: v18.10.0
24 pr-url: https://github.com/nodejs/node/pull/44489
26 -->
55 `node --inspect=[[host:]port]`, but can be done programmatically after node has
61 See the [security warning][] regarding the `host`
71 $ node --inspect -p 'inspector.url()'
[all …]
|
| /third_party/wpa_supplicant/wpa_supplicant-2.9_standard/wpa_supplicant/doc/docbook/ |
| D | wpa_cli.sgml | 1 <!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN">
21 <arg>-p <replaceable>path to ctrl sockets</replaceable></arg>
22 <arg>-g <replaceable>path to global ctrl_interface socket</replaceable></arg>
23 <arg>-i <replaceable>ifname</replaceable></arg>
24 <arg>-hvB</arg>
25 <arg>-a <replaceable>action file</replaceable></arg>
26 <arg>-P <replaceable>pid file</replaceable></arg>
27 <arg>-G <replaceable>ping interval</replaceable></arg>
35 <para>wpa_cli is a text-based frontend program for interacting
37 configuration, trigger events, and request interactive user
[all …]
|