Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
147,320 Commits 3,986 Branches 0 Tags
Commit Graph

265 Commits

Author SHA1 Message Date
jst%netscape.com
4d29697e83 Fixing bug 111529. Optimizing out unnecessary QI calls from nsScriptSecurityManager::GetObjectPrincipal() and doing some other minor cleanups and speedups. r=nisheeth@netscape.com, sr=jband@netscape.com 
git-svn-id: svn://10.0.0.236/trunk@115054 18797224-902f-48f8-a5cc-f745e15eee43
 2002-02-20 05:51:05 +00:00
cathleen%netscape.com
c93312040a eliminate nsCRT::strlen for char* strings (part 1), bug 124536 r=dp sr=brendan 
git-svn-id: svn://10.0.0.236/trunk@114904 18797224-902f-48f8-a5cc-f745e15eee43
 2002-02-19 07:36:56 +00:00
mcafee%netscape.com
60dc31b4b8 Backing out mstoltz. r=dbaron,jrgm 
git-svn-id: svn://10.0.0.236/trunk@114882 18797224-902f-48f8-a5cc-f745e15eee43
 2002-02-19 04:06:53 +00:00
mstoltz%netscape.com
ebb6dc6f70 Bug 105050 - return null window.opener to scripts if opener is a mail window. 
Bug 32571 - Prompt user before allowing scripts to close windows if opener is null.
both r=heikki, sr=jst.


git-svn-id: svn://10.0.0.236/trunk@114853 18797224-902f-48f8-a5cc-f745e15eee43
 2002-02-19 01:09:45 +00:00
mstoltz%netscape.com
904896ca95 Bug 119646 - Rewrite of the security manager policy database for improved 
performance. r=jst, sr=jband.


git-svn-id: svn://10.0.0.236/trunk@114377 18797224-902f-48f8-a5cc-f745e15eee43
 2002-02-13 04:20:46 +00:00
alecf%netscape.com
f7ee18f044 one more part of fix for bug 107575, including the much coveted whitespace 
remove aIgnoreCase parameter from all nsString and nsCString consumers
sr=jag, r=shaver


git-svn-id: svn://10.0.0.236/trunk@113390 18797224-902f-48f8-a5cc-f745e15eee43
 2002-02-01 01:53:09 +00:00
jaggernaut%netscape.com
436d43f211 Bug 104158: Use NS_LITERAL_STRING instead of XXXWithConversion("..."). r=bryner, rs=alecf 
git-svn-id: svn://10.0.0.236/trunk@110579 18797224-902f-48f8-a5cc-f745e15eee43
 2001-12-16 11:58:03 +00:00
mstoltz%netscape.com
5730624c01 Bug 107387 - rename security.properties to caps.properties. r=nhotta, rs=jst. 
git-svn-id: svn://10.0.0.236/trunk@110361 18797224-902f-48f8-a5cc-f745e15eee43
 2001-12-12 04:43:35 +00:00
mstoltz%netscape.com
51eea64691 Bug 109113 - misplaced #ifdef DEBUG caused fix not to work in opt builds. 
Moved #endif to exclude important call. r/sr=jst.


git-svn-id: svn://10.0.0.236/trunk@108945 18797224-902f-48f8-a5cc-f745e15eee43
 2001-11-27 00:29:20 +00:00
jband%netscape.com
2f06cb4e7d trivial patch to make what is supposed to be a warning really a warning instead of an assert. rs=jband 
git-svn-id: svn://10.0.0.236/trunk@108827 18797224-902f-48f8-a5cc-f745e15eee43
 2001-11-22 23:26:34 +00:00
peterv%netscape.com
efb0947a3c Fixing mac debug bustage. Patch suggested by jst, sr=jst. 
git-svn-id: svn://10.0.0.236/trunk@108292 18797224-902f-48f8-a5cc-f745e15eee43
 2001-11-16 10:50:33 +00:00
mstoltz%netscape.com
f5760e7eb3 Bug 109113, second half of fix. r=jst, sr=brendan. Adding new CheckObjectAccess 
callback to enforce the same-origin policy on function.caller.


git-svn-id: svn://10.0.0.236/trunk@108275 18797224-902f-48f8-a5cc-f745e15eee43
 2001-11-16 06:17:24 +00:00
dbaron%fas.harvard.edu
13b5500ba3 Ensure that string literals are used as |const char*| rather than |char*|. r=jag sr=brendan b=107052 
git-svn-id: svn://10.0.0.236/trunk@107583 18797224-902f-48f8-a5cc-f745e15eee43
 2001-11-07 06:24:10 +00:00
mstoltz%netscape.com
2eb513fdbc bug 106535, adding the ability to enable codebase principals for a single host 
instead of for all hosts. r=vidur, sr=jst.


git-svn-id: svn://10.0.0.236/trunk@106425 18797224-902f-48f8-a5cc-f745e15eee43
 2001-10-26 23:00:48 +00:00
jaggernaut%netscape.com
9dba49d0db Bug 53057: Fixing up users of implicit |CharT*| conversion operators for nsCString to use |.get()| instead, rr=dbaron, rs=scc 
git-svn-id: svn://10.0.0.236/trunk@106250 18797224-902f-48f8-a5cc-f745e15eee43
 2001-10-25 06:13:52 +00:00
bnesse%netscape.com
7f9fa9521d Fix for bug 103883. Add weak ref support for prefs observers to help reduce MLK cycles with preferences. r=ccarlen, darin, gordon, hewitt, mstoltz, srilatha, sspitzer. sr=alecf. 
git-svn-id: svn://10.0.0.236/trunk@105960 18797224-902f-48f8-a5cc-f745e15eee43
 2001-10-22 20:54:48 +00:00
dougt%netscape.com
cf60fc042e nsIObserver and nsIObserverService API freeze. r=rpotts@netscape.com, alecf@netscape.com. bug 99163 
git-svn-id: svn://10.0.0.236/trunk@105800 18797224-902f-48f8-a5cc-f745e15eee43
 2001-10-19 20:52:59 +00:00
bzbarsky%mit.edu
8c09a3a42d Make CAPS correctly observe changes to capability.policy prefs. Needed 
for having UI for these suckers.  Bug 101150, r=mstoltz,sr=jst


git-svn-id: svn://10.0.0.236/trunk@104440 18797224-902f-48f8-a5cc-f745e15eee43
 2001-10-02 21:56:51 +00:00
jaggernaut%netscape.com
51e0dc7a6c Bug 100476: Convert uses of member functions ToNewUnicode, ToNewCString and ToNewUTF8String to their global versions and remove support from nsCString and nsString. r=dbaron, rs=scc 
git-svn-id: svn://10.0.0.236/trunk@104212 18797224-902f-48f8-a5cc-f745e15eee43
 2001-09-29 08:28:41 +00:00
gerv%gerv.net
4c7ac5dfa4 License changes, take 2. Bug 98089. mozilla/config/, mozilla/caps/, mozilla/build/. 
git-svn-id: svn://10.0.0.236/trunk@103674 18797224-902f-48f8-a5cc-f745e15eee43
 2001-09-25 01:03:58 +00:00
gerv%gerv.net
ae1d5501a1 Oops. 
git-svn-id: svn://10.0.0.236/trunk@103236 18797224-902f-48f8-a5cc-f745e15eee43
 2001-09-20 00:02:59 +00:00
scc%mozilla.org
52c8d09e03 bug #98089: ripped new license 
git-svn-id: svn://10.0.0.236/trunk@103219 18797224-902f-48f8-a5cc-f745e15eee43
 2001-09-19 20:09:47 +00:00
jband%netscape.com
63b2a966e4 attempt to fix HP-UX and and some other Unix bustages. r=cls 
git-svn-id: svn://10.0.0.236/trunk@101943 18797224-902f-48f8-a5cc-f745e15eee43
 2001-08-29 07:24:39 +00:00
mstoltz%netscape.com
83cf54c4fb bug 86799, adding support for wildcard security policies of the form 
"capability.policy.group.*.property". Also added additional optimizations
and changed copy-initialization of NSCOMPtrs to direct initialization
throughout the file. r=harishd, sr=jst, a=asa.


git-svn-id: svn://10.0.0.236/trunk@101929 18797224-902f-48f8-a5cc-f745e15eee43
 2001-08-29 02:05:48 +00:00
cls%seawood.org
3b8b92a2e8 Use NS_PTR_TO_INT32 macros to do 64-bit safe pointer conversions. 
Bug #20860 r=Roland.Mainz@informatik.med.uni-giessen.de sr=brendan@mozilla.org


git-svn-id: svn://10.0.0.236/trunk@101008 18797224-902f-48f8-a5cc-f745e15eee43
 2001-08-14 07:59:59 +00:00
mstoltz%netscape.com
fd6c388ade 86984 - make history.length sameOrigin-accessible. Security prefs change. 
91714 - CheckLoadURI should trest 'safe' and 'unsafe' about: URLs as different protocols
56260 - 'Remember This Decision' in signed script grant dialog should default to unchecked
83131 - More descriptive security error messages
93951 - Added null check in GetBaseURIScheme to prevent crash.
All bugs r=jtaylor, sr=jst


git-svn-id: svn://10.0.0.236/trunk@100964 18797224-902f-48f8-a5cc-f745e15eee43
 2001-08-14 00:18:58 +00:00
brendan%mozilla.org
a316b2df4a I'm such a C luddite. 
git-svn-id: svn://10.0.0.236/trunk@100470 18797224-902f-48f8-a5cc-f745e15eee43
 2001-08-07 04:45:27 +00:00
brendan%mozilla.org
50f90d9eeb Restore scriptable nsIClassInfo.classID but add fast/C++-only classIDNoAlloc; define and use nsIClassInfo::EAGER_CLASSINFO in caps (93792, sr=waterson&jst). 
git-svn-id: svn://10.0.0.236/trunk@100464 18797224-902f-48f8-a5cc-f745e15eee43
 2001-08-07 03:59:29 +00:00
mstoltz%netscape.com
cc136b16cc 82495 - Support for the view-source protocol in CheckLoadURI 
87887 - don't call InitPolicies or InitPrincipals if there are no prefs to process
83902 - Use weak reference to pref branch to avoid reference cycle
91619 - was leaking a char* - use nsXPIDLCString instead
86932 - Add support for per-site JS disabling to CanExecuteScripts
all bugs r=jesse, sr=dougt


git-svn-id: svn://10.0.0.236/trunk@100226 18797224-902f-48f8-a5cc-f745e15eee43
 2001-08-02 20:32:48 +00:00
brendan%mozilla.org
f5bc62edea FASTLOAD_20010703_BRANCH landing, r=dbaron, sr=shaver. 
git-svn-id: svn://10.0.0.236/trunk@100030 18797224-902f-48f8-a5cc-f745e15eee43
 2001-07-31 19:05:34 +00:00
jaggernaut%netscape.com
2b3b3b2586 Bug 86734: Remove NS_WITH_SERVICE. r=dbaron, rs=scc, a=asa 
git-svn-id: svn://10.0.0.236/trunk@99906 18797224-902f-48f8-a5cc-f745e15eee43
 2001-07-25 07:54:28 +00:00
dbaron%fas.harvard.edu
9359000a40 Header include dependency cleanup. b=64023 r=jag rs=brendan 
git-svn-id: svn://10.0.0.236/trunk@99299 18797224-902f-48f8-a5cc-f745e15eee43
 2001-07-16 02:40:48 +00:00
jaggernaut%netscape.com
51b17b5bf0 Bug 88413: Remove |GetUnicode()| from nsString (and replace it with |get()|). r=dbaron, rs=scc. 
This removes all call-sites I can currently fix. Tomorrow I'll try to get someone to checkin my changes to security/ and I'll get some help with the Netscape side of things.

nsString::GetUnicode()'s final death-blow will be dealt soon. Please keep this in mind as you add new code :-)


git-svn-id: svn://10.0.0.236/trunk@98363 18797224-902f-48f8-a5cc-f745e15eee43
 2001-06-30 11:02:25 +00:00
mstoltz%netscape.com
300c02cfa2 86019 - Change stack-walking code in caps to keep functions from inheriting privileges 
from their caller. r=jesse@netscape.com, sr=jst@netscape.com, a=asa@mozilla.org, PDT+

86982 - Add same-origin security check to XMLDocument::Load(). r,a=blizzard@mozilla.org,
sr=jst@netscape.com

84191 - Fixing regression in Open URL dialog by not calling CheckLoadURI when it isn't
needed. r=cmanske@netscape.com, sr=sfraser@netscape.com, a=asa@mozilla.org


git-svn-id: svn://10.0.0.236/trunk@97722 18797224-902f-48f8-a5cc-f745e15eee43
 2001-06-22 02:08:10 +00:00
dbaron%fas.harvard.edu
88810ef1eb Fix bad getters on nsIDocument and nsIScriptContext to use out params rather than return |AddRef|ed pointers. b=81289 r=jaggernaut sr=jst a=asa 
git-svn-id: svn://10.0.0.236/trunk@97540 18797224-902f-48f8-a5cc-f745e15eee43
 2001-06-20 03:27:48 +00:00
scc%mozilla.org
90f810b66a bug #85271: sr=waterson, r={beard, jag, dbaron}, a=asa. Eliminate features of |nsXPIDLC?String| that keep it out of the string hierarchy (i.e., using assigment to rebind ownership, static |Copy| members, and |getter_Shares|), fixing some leaks in the process. 
git-svn-id: svn://10.0.0.236/trunk@97289 18797224-902f-48f8-a5cc-f745e15eee43
 2001-06-17 05:23:38 +00:00
mstoltz%netscape.com
b51a5f7784 bug 77485 - exploit inserting a function into another window using targeted 
javascript URL links. Two-part fix: moving the call to GetCurrentDocumentOwner
in nsDocShell::LoadInternal to before the target docshell is called, and
changing nsScriptSecurityManager::GetFunctionObjectPrincipal to only get
the principal from the function object's scope chain if the function object's
principal is the system principal. r=jst, sr=vidur, a=asa.


git-svn-id: svn://10.0.0.236/trunk@96045 18797224-902f-48f8-a5cc-f745e15eee43
 2001-05-30 02:22:22 +00:00
mstoltz%netscape.com
a8b60368de Re-checking-in my fix for 47905, which was backed out last night because of a bug in some other code that was checked in along with it. This checkin was not causing the crasher and is unchanged. See earlier checkin comment - in short, this adds same-origin to XMLHttpRequest and cleans up some function calls in caps, removes some unnecessary parameters. r=vidur, sr=jst. 
git-svn-id: svn://10.0.0.236/trunk@95481 18797224-902f-48f8-a5cc-f745e15eee43
 2001-05-19 00:33:51 +00:00
blizzard%redhat.com
b684f8fcbc Back out mstoltz because of blocker bug #81629. Original bugs were 47905 79775. 
git-svn-id: svn://10.0.0.236/trunk@95401 18797224-902f-48f8-a5cc-f745e15eee43
 2001-05-18 17:41:23 +00:00
mstoltz%netscape.com
55577f536b Bug 47905 - adding security check for XMLHttpRequest.open. 
Added nsIScriptSecurityManager::CheckConnect for this purpose.
Also cleaned up the security check API by removing some unnecessary
parameters. r=vidur@netscape.com, sr=jst@netscape.com

Bug 79775 - Forward button broken in main mail window. Making
WindowWatcher not call GetSubjectPrincipal if the URL to be loaded is
chrome, since the calling principal is superfluous in this case.
No one has been able to find the root cause of this problem, but
this checkin works around it, which is the best we can do for now.
r=ducarroz@netscape.com, sr=jst@netscape.com


git-svn-id: svn://10.0.0.236/trunk@95378 18797224-902f-48f8-a5cc-f745e15eee43
 2001-05-18 06:56:29 +00:00
mstoltz%netscape.com
a617f63914 Fixing bug 78831 - treat chrome and resource URLs the same in the 
URL loading check and give them access to each other. r=pavlov,
 sr=brendan. This allows us to turn on the fix (already reviewed)
for 69070.


git-svn-id: svn://10.0.0.236/trunk@95063 18797224-902f-48f8-a5cc-f745e15eee43
 2001-05-15 22:47:21 +00:00
mstoltz%netscape.com
624a206a26 *** empty log message *** 
git-svn-id: svn://10.0.0.236/trunk@94964 18797224-902f-48f8-a5cc-f745e15eee43
 2001-05-15 06:43:12 +00:00
mstoltz%netscape.com
d356cb5c43 bug 79445, fixing crash with some event handlers (null pointer dereference) 
r/sr=brendan@mozilla.org. Also fixed a typo in prefs that would have reopened
bug 56009.


git-svn-id: svn://10.0.0.236/trunk@94939 18797224-902f-48f8-a5cc-f745e15eee43
 2001-05-15 04:44:54 +00:00
mstoltz%netscape.com
fa58142939 bug 79916 - was using | instead of &, causing a security hole. r=jband, sr=brendan. 
git-svn-id: svn://10.0.0.236/trunk@94548 18797224-902f-48f8-a5cc-f745e15eee43
 2001-05-11 00:53:21 +00:00
mstoltz%netscape.com
28f5530d9c Fixes for bugs 79796, 77203, and 54060. r=jband@netscape.com, 
sr=brendan@mozilla.org


git-svn-id: svn://10.0.0.236/trunk@94546 18797224-902f-48f8-a5cc-f745e15eee43
 2001-05-11 00:43:27 +00:00
jst%netscape.com
9868e754bf Temporary workaround for the composer and other related problems caused by security manager problems, change by mstoltz@netscape.com, r=jst@netscape.com 
git-svn-id: svn://10.0.0.236/trunk@94315 18797224-902f-48f8-a5cc-f745e15eee43
 2001-05-09 02:53:46 +00:00
jst%netscape.com
9d299d36ce Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com. 
git-svn-id: svn://10.0.0.236/trunk@94238 18797224-902f-48f8-a5cc-f745e15eee43
 2001-05-08 16:46:42 +00:00
ccarlen%netscape.com
f720e88745 Bug 78745 - nsIPromptService::ConfirmEx needs to be more flexible. r=valeski, sr=sfraser 
git-svn-id: svn://10.0.0.236/trunk@94087 18797224-902f-48f8-a5cc-f745e15eee43
 2001-05-06 15:03:55 +00:00
mkaply%us.ibm.com
234eb0fbf2 #76913 
r=mstoltz, sr=brendan
Fix some calling convention - PR_ to JS_


git-svn-id: svn://10.0.0.236/trunk@93585 18797224-902f-48f8-a5cc-f745e15eee43
 2001-05-02 00:02:59 +00:00
valeski%netscape.com
8deb3b45a4 mozilla diffs r=tao, sr=alecf, commercial diffs r=syd, sr=syd/shaver. lower-casing JS calls to createBundle. removing un-used nsILocale param from nsIStringBundle::CreateBundle(). 76332 
git-svn-id: svn://10.0.0.236/trunk@93306 18797224-902f-48f8-a5cc-f745e15eee43
 2001-04-27 21:30:24 +00:00